andreslucena
commented
1 year ago @greenwoodt a couple pointers regarding this one:
I think this is related with decidim/decidim#10903, as it's allowing to vote because the Election is ongoing, but in the case of decidim-elections there's an external system (Bulletin Board). We should take into account this condition: it must be possible to vote only if the Election was sent to the BB, so it must be blocked. I don't know if its enough with changing this line https://github.com/decidim/decidim/blob/43a2c9cf6b9e3a9e72c0b16a06e9218b2fa42ccc/decidim-elections/app/permissions/decidim/elections/permissions.rb#L38 with something like
election.published? && election.ongoing? && election.blocked?Another thing that could be wrong is this check in the cell view:
It should probably be
<% if model.ongoing? && model.blocked? %>(This cell I found it out by reading the view: https://github.com/decidim/decidim/blob/43a2c9cf6b9e3a9e72c0b16a06e9218b2fa42ccc/decidim-elections/app/views/decidim/elections/elections/show.html.erb#LL50C9-L50C9)
greenwoodt
Describe the bug
Given that I'm a registered user and there is an Election created and this election is configured with an start_date of yesterday and an end_date of tomorrow, then I can enter to the voting booth even though this Election isn't setup (sent to the BB). It should check if the Election is at least blocked.
The same happens if the election is configured with an end_date of yesterday.
To Reproduce
See that there's a somewhat cryptic modal error that it couldn't find the election
Expected behavior
It should not show the button It should not allow entering by the URL
Screenshots
Stacktrace
In the console there's this error:
Extra data
Additional context
No response