Merge branch 'dc-master'

# Conflicts:
#	app/views/admin/signup.html.erb
#	app/views/admin/tools.html.erb
#	app/views/common/new/_footer.html.erb
#	app/views/common/new/_header.html.erb
#	app/views/documents/_iframe_embed_code.html.erb
#	app/views/donate/thanks.html.erb
#	app/views/help/eng/index.markdown
#	app/views/help/spa/index.markdown
#	app/views/home/about.html.erb
#	config/document_cloud.yml
#	public/400.html
#	public/403.html
#	public/404.html
#	public/409.html
#	public/500.html
#	public/501.html
#	public/502.html
#	public/503.html
#	public/javascripts/translations/eng.js
#	public/note_embed/note_embed.js
#	test/controllers/admin_controller_test.rb

app/controllers/annotations_controller.rb

@@ -43,7 +43,7 @@ def show
           @exclude_analytics = true
           render template: 'annotations/show_embedded', layout: 'new'
         else
-          make_oembeddable(current_annotation)
+          make_oembeddable(current_annotation) unless current_annotation.section_note?
           set_minimal_nav text:    'Read the full document',
                           xs_text: 'Full document',
                           link:    current_annotation.contextual_url

app/controllers/authentication_controller.rb

@@ -149,21 +149,7 @@ def iframe_success
   # Where third-party logins come back to once they have
   # completed successfully.
   def callback
-    if logged_in?
-      # if logged in, then they are adding a new account identity
-      current_account.record_identity_attributes( identity_hash ).save!
-      @account = current_account
-    else
-      @account = Account.from_identity( identity_hash )
-    end
-    if @account.errors.empty?
-      @account.authenticate(session, cookies)
-      @next_url = session[ :omniauth_popup_next ] || request.env['omniauth.origin'] || '/'
-      render :action=>:request_additional_information
-    else
-      flash[:error] = @account.errors.full_messages.to_sentence
-      render :action=>:login
-    end
+    false
   end
 
   def record_user_information

app/models/account.rb

@@ -25,7 +25,6 @@ class Account < ActiveRecord::Base
     :format     =>{ :with => DC::Validators::EMAIL },
     :if         => Proc.new{ |user| user.has_memberships? || user.email.present? }
 
-  validate :validate_identity_is_unique
   validates :language, :inclusion=>{ :in => DC::Language::USER,
             :message => "must be one of: (#{DC::Language::USER.join(', ')})" }
   validates :document_language,  :inclusion=>{ :in => DC::Language::SUPPORTED,
@@ -43,9 +42,6 @@ class Account < ActiveRecord::Base
   scope :active,  -> { with_memberships.where( ["memberships.role is NULL or memberships.role != ?", DISABLED] ) }
   scope :real,    -> { with_memberships.where( ["memberships.role in (?)", REAL_ROLES] ) }
   scope :reviewer,-> { with_memberships.where( ["memberships.role = ?",    REVIEWER] ) }
-  scope :with_identity, lambda { | provider, id |
-     where("identities @> hstore(:provider, :id)", :provider=>provider.to_s,:id=>id.to_s )
-  }
 
   # Populates the organization#members accessor with all the organizaton's accounts
   def organizations_with_accounts
@@ -316,7 +312,7 @@ def hashed_email
 
   # Has this account been assigned, but never logged into, with no password set?
   def pending?
-    !hashed_password && !reviewer? && identities.blank?
+    !hashed_password && !reviewer?
   end
 
   # It's slo-o-o-w to compare passwords. Which is a mixed bag, but mostly good.
@@ -331,17 +327,6 @@ def password=(new_password)
     self.hashed_password = @password
   end
 
-  def validate_identity_is_unique
-    return if self.identities.blank?
-    condition = self.identities.map{ | provider, id | "identities @> hstore(?,?)" }.join(' or ')
-    condition << " and id<>#{self.id}" unless new_record?
-    values = self.identities.map{|k,v| [k.to_s,v.to_s] }.flatten
-    if account = Account.where( [ condition, *values ] ).first
-      duplicated = account.identities.to_set.intersection( self.identities ).map{|k,v| k}.join(',')
-      errors.add(:identities, "An account exists with the same id for #{account.id} #{account.identities.to_json} #{duplicated}")
-    end
-  end
-
   # Set the default membership.  Will mark the given membership as the default
   # and the other memberships (if any) as non-default
   def set_default_membership(default_membership)

app/models/annotation.rb

@@ -149,8 +149,12 @@ def cacheable?
     public? && document.cacheable?
   end
 
+  def section_note?
+    location.nil?
+  end
+
   def coordinates
-    return nil unless location
+    return nil if section_note?
     coords = location.split(',').map { |loc| loc.to_i }
     transform_coordinates_to_legacy({
       top:    coords[0],

app/models/document.rb

@@ -270,7 +270,7 @@ def self.upload_statistics(type, id)
     rows = self.connection.execute(query).map do |row|
       tuple_array = row.map do |key,string_value|
         # and coerce string values returned by ActiveRecord into dates or integers.
-        value = key == "month" ? DateTime.parse(string_value) : string_value.to_i
+        value = (key == "month" ? DateTime.parse(string_value) : string_value.to_i)
         [key, value]
       end
       Hash[tuple_array]

app/models/membership.rb

@@ -8,13 +8,22 @@ class Membership < ActiveRecord::Base
   belongs_to :organization
   belongs_to :account
 
-  scope :real,    ->{ where( ["memberships.role in (?)", REAL_ROLES] ) }
-  scope :default, ->{ where(:default=>true) }
+  scope :with_account, -> { references(:account).includes(:account) }
+  scope :real,         -> { where( ["memberships.role in (?)", REAL_ROLES] ) }
+  scope :default,      -> { where(:default=>true) }
 
   def real?
     REAL_ROLES.include?(role)
   end
 
+  def active?
+    role && role != DISABLED
+  end
+
+  def role_name
+    ROLE_NAMES[role].to_s
+  end
+
   def canonical( options = {} )
     attrs = self.attributes
     attrs['account']           = account.canonical(options)      if options[:include_account]

app/models/organization.rb

@@ -62,8 +62,7 @@ def self.populate_members_info( organizations, except_account=nil)
       memberships.organization_id, memberships.role,
       accounts.id,                 accounts.email,
       accounts.first_name,         accounts.last_name,
-      accounts.hashed_password,    accounts.identities,
-      accounts.language
+      accounts.hashed_password,    accounts.language
     from memberships
       inner join accounts on accounts.id = memberships.account_id
     where
@@ -74,16 +73,15 @@ def self.populate_members_info( organizations, except_account=nil)
       sql << "and memberships.account_id not in (#{except_account.id})"
     end
     rows = self.connection.select_all( sql )
-    hidden_fields=%w{ organization_id hashed_password identities }
+    hidden_fields=%w{ organization_id hashed_password }
     accounts_map = rows.group_by{|row| row['organization_id'].to_i }
     organizations.each do | organization |
       account_details = accounts_map[organization.id]
       if account_details # if except_account is set, this could be nil
         organization.members = account_details.map do |account|
           account['slug'] = Account.make_slug( account )
           account['pending'] = account['hashed_password'].blank? && # algorithm from Account#pending?
-                               Membership::REVIEWER != account['role'].to_i &&
-                               DC::Hstore.from_sql( account['identities'] ).empty?
+                               Membership::REVIEWER != account['role'].to_i
           account['hashed_email']=Digest::MD5.hexdigest( account['email'].downcase.gsub(/\s/, '') ) if account['email']
 
           account.delete_if{|field,value| hidden_fields.include?(field) }

app/views/accounts/mailboxes.html.erb

@@ -12,18 +12,18 @@
       <ul id="upload-mailbox-list" class="list-unstyled">
         <% @mailboxes.each do |mailbox| %>
         <li class="mailbox row">
-          <div class="mailbox-addresses col-sm-7 col-xs-12">
+          <div class="mailbox-addresses col-sm-7 col-12">
             <%= mail_to mailbox.recipient_address, mailbox.recipient_address, class: 'mailbox-to-address' %>
             <span class="mailbox-from-address">&uarr; send from <%= mailbox.sender %></span>
           </div>
-          <div class="col-sm-3 col-xs-6">
+          <div class="col-sm-3 col-6">
             <% if mailbox.upload_count > 0 %>
               <%= link_to "#{mailbox.upload_count} #{'upload'.pluralize(mailbox.upload_count)}", '/search/', {class: 'btn btn-sm btn-secondary disabled', disabled: true} %>
             <% else %>
               <%= link_to 'No uploads yet', '#', {class: 'btn btn-sm btn-secondary disabled', disabled: true} %>
             <% end %>
           </div>
-          <div class="col-sm-2 col-xs-6">
+          <div class="col-sm-2 col-6">
             <%= button_to 'Revoke', revoke_mailbox_url(mailbox), method: 'delete', class: 'btn btn-sm btn-link btn-danger mailbox-revoke' %>
           </div>
         </li>

app/views/admin/add_organization.html.erb

@@ -0,0 +1,68 @@
+<div class="content">
+  <div class="container-sm">
+
+    <%= form_tag admin_add_organization_path, method: 'post' do %>
+      <%= token_tag %>
+      <div class="form-group row">
+        <label for="organization_name" class="col-sm-4 col-form-label">Organization Name</label>
+        <div class="col-sm-8">
+          <input type="text" class="form-control" name="organization[name]" id="organization_name" placeholder="The Daily Planet" value="<%= @params[:organization][:name] %>">
+        </div>
+      </div>
+      <div class="form-group row">
+        <label for="organization_slug" class="col-sm-4 col-form-label">Short Name (Slug)</label>
+        <div class="col-sm-8">
+          <input type="text" class="form-control" name="organization[slug]" id="organization_slug" placeholder="daily-planet" value="<%= @params[:organization][:slug] %>">
+        </div>
+      </div>
+      <div class="form-group row">
+        <label for="organization_language" class="col-sm-4 col-form-label">Interface Language</label>
+        <div class="col-sm-8">
+          <select name="organization[language]" class="form-control" id="organization_language">
+            <% DC::Language::USER.each do |lang| %>
+            <option value="<%= lang %>" <%= 'selected' if lang == @params[:organization][:language] %>><%= DC::Language::NAMES[lang] %></option>
+            <% end %>
+          </select>
+          <div class="form-text small text-muted">What language the workspace interface will use.</div>
+        </div>
+      </div>
+      <div class="form-group row">
+        <label for="organization_document_language" class="col-sm-4 col-form-label">Document Language</label>
+        <div class="col-sm-8">
+          <select name="organization[document_language]" class="form-control" id="organization_document_language">
+            <% DC::Language::SUPPORTED.each do |lang| %>
+            <option value="<%= lang %>" <%= 'selected' if lang == @params[:organization][:document_language] %>><%= DC::Language::NAMES[lang] %></option>
+            <% end %>
+          </select>
+          <div class="form-text small text-muted">What language documents will default to for processing when uploaded.</div>
+        </div>
+      </div>
+      <div class="form-group row">
+        <label for="account_email" class="col-sm-4 col-form-label">Admin Email Address</label>
+        <div class="col-sm-8">
+          <input type="email" class="form-control" name="account[email]" id="account_email" value="<%= @params[:account][:email] %>" placeholder="c.kent@dailyplanet.foo">
+        </div>
+      </div>
+      <div class="form-group row">
+        <label for="account_first_name" class="col-sm-4 col-form-label">Admin Name</label>
+        <div class="col-sm-4">
+          <input type="text" class="form-control" name="account[first_name]" id="account_first_name" placeholder="Clark" value="<%= @params[:account][:first_name] %>">
+        </div>
+        <div class="col-sm-4">
+          <input type="text" class="form-control" name="account[last_name]" id="account_last_name" placeholder="Kent" value="<%= @params[:account][:last_name] %>">
+        </div>
+      </div>
+      <div class="row">
+        <div class="col-sm-8 offset-sm-4">
+          <label class="custom-control custom-checkbox">
+            <input type="checkbox" class="custom-control-input" name="authorize" value="y" <%= 'checked' if @params[:authorize] == 'y' %>>
+            <span class="custom-control-indicator"></span>
+            <span class="custom-control-description small">If the admin already exists, should we make this organization its <b>default membership</b>?</span>
+          </label>
+        </div>
+      </div>
+      <p class="my-5"><button type="submit" class="btn btn-success">Add organization</button></p>
+    <% end %>
+    <p class="text-center note mb-0">This form is intended as an admin tool. All users, especially those who plan to upload documents to DocumentCloud, should review our <%= link_to 'terms of service', terms_path %>.</p>
+  </div>
+</div>

app/views/admin/edit_organization.html.erb

@@ -0,0 +1,14 @@
+<div class="container-md content paper">
+  <%= bootstrap_form_for @organization, url: admin_update_organization_url(id: @organization), html: {class: 'mt-4'} do |f| %>
+    <div class="form-header">
+      <%= link_to 'Cancel', admin_organization_path(slug: @organization.slug), class: 'btn btn-sm btn-link btn-danger float-right ml-1 mb-1' %>
+      <h1>Editing <%= @organization.name %></h1>
+    </div>
+    <%= f.text_field :name %>
+    <%= f.text_field :slug %>
+    <%= f.check_box :demo, label: 'This is a <b>demo account</b>'.html_safe %>
+    <p class="mt-4">
+      <%= f.submit class: 'btn btn-success' %>
+    </p>
+  <% end %>
+</div>