Commit ff83515a authored by paz's avatar paz

Upgrade rails and activeresource to 5.1 (incl dependencies)

parent 82e71d43
source 'https://rubygems.org'
gem 'rake'
gem 'rails', '~> 5.0.0'
gem 'rails', '~> 5.1.0'
gem 'bcrypt', '~> 3.1'
gem 'activeresource', '~> 5.0.0'
gem 'activeresource', '~> 5.1.0'
gem 'haml-rails', '~> 1.0.0'
gem 'sass-rails', '~> 5.0'
gem 'bootstrap-sass', '~> 3.3'
......
GEM
remote: https://rubygems.org/
specs:
actioncable (5.0.7.2)
actionpack (= 5.0.7.2)
nio4r (>= 1.2, < 3.0)
actioncable (5.1.7)
actionpack (= 5.1.7)
nio4r (~> 2.0)
websocket-driver (~> 0.6.1)
actionmailer (5.0.7.2)
actionpack (= 5.0.7.2)
actionview (= 5.0.7.2)
activejob (= 5.0.7.2)
actionmailer (5.1.7)
actionpack (= 5.1.7)
actionview (= 5.1.7)
activejob (= 5.1.7)
mail (~> 2.5, >= 2.5.4)
rails-dom-testing (~> 2.0)
actionpack (5.0.7.2)
actionview (= 5.0.7.2)
activesupport (= 5.0.7.2)
actionpack (5.1.7)
actionview (= 5.1.7)
activesupport (= 5.1.7)
rack (~> 2.0)
rack-test (~> 0.6.3)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.2)
actionview (5.0.7.2)
activesupport (= 5.0.7.2)
actionview (5.1.7)
activesupport (= 5.1.7)
builder (~> 3.1)
erubis (~> 2.7.0)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.0.3)
activejob (5.0.7.2)
activesupport (= 5.0.7.2)
activejob (5.1.7)
activesupport (= 5.1.7)
globalid (>= 0.3.6)
activemodel (5.0.7.2)
activesupport (= 5.0.7.2)
activemodel (5.1.7)
activesupport (= 5.1.7)
activemodel-serializers-xml (1.0.2)
activemodel (> 5.x)
activesupport (> 5.x)
builder (~> 3.1)
activerecord (5.0.7.2)
activemodel (= 5.0.7.2)
activesupport (= 5.0.7.2)
arel (~> 7.0)
activeresource (5.0.0)
activemodel (>= 5.0, < 6)
activerecord (5.1.7)
activemodel (= 5.1.7)
activesupport (= 5.1.7)
arel (~> 8.0)
activeresource (5.1.0)
activemodel (>= 5.0, < 7)
activemodel-serializers-xml (~> 1.0)
activesupport (>= 5.0, < 6)
activesupport (>= 5.0, < 7)
activeresource-response (1.4.0)
activeresource (>= 3, < 6.1)
activesupport (5.0.7.2)
activesupport (5.1.7)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 0.7, < 2)
minitest (~> 5.1)
tzinfo (~> 1.1)
addressable (2.7.0)
public_suffix (>= 2.0.2, < 5.0)
arel (7.1.4)
arel (8.0.0)
autoprefixer-rails (9.7.3)
execjs
bcrypt (3.1.13)
......@@ -74,6 +74,7 @@ GEM
crass (1.0.5)
daemons (1.3.1)
diff-lcs (1.3)
erubi (1.9.0)
erubis (2.7.0)
eventmachine (1.2.7)
execjs (2.7.0)
......@@ -121,28 +122,28 @@ GEM
rack (2.0.7)
rack-protection (2.0.7)
rack
rack-test (0.6.3)
rack (>= 1.0)
rails (5.0.7.2)
actioncable (= 5.0.7.2)
actionmailer (= 5.0.7.2)
actionpack (= 5.0.7.2)
actionview (= 5.0.7.2)
activejob (= 5.0.7.2)
activemodel (= 5.0.7.2)
activerecord (= 5.0.7.2)
activesupport (= 5.0.7.2)
rack-test (1.1.0)
rack (>= 1.0, < 3)
rails (5.1.7)
actioncable (= 5.1.7)
actionmailer (= 5.1.7)
actionpack (= 5.1.7)
actionview (= 5.1.7)
activejob (= 5.1.7)
activemodel (= 5.1.7)
activerecord (= 5.1.7)
activesupport (= 5.1.7)
bundler (>= 1.3.0)
railties (= 5.0.7.2)
railties (= 5.1.7)
sprockets-rails (>= 2.0.0)
rails-dom-testing (2.0.3)
activesupport (>= 4.2.0)
nokogiri (>= 1.6)
rails-html-sanitizer (1.3.0)
loofah (~> 2.3)
railties (5.0.7.2)
actionpack (= 5.0.7.2)
activesupport (= 5.0.7.2)
railties (5.1.7)
actionpack (= 5.1.7)
activesupport (= 5.1.7)
method_source
rake (>= 0.8.7)
thor (>= 0.18.1, < 2.0)
......@@ -229,7 +230,7 @@ PLATFORMS
ruby
DEPENDENCIES
activeresource (~> 5.0.0)
activeresource (~> 5.1.0)
activeresource-response
bcrypt (~> 3.1)
bootstrap-sass (~> 3.3)
......@@ -239,7 +240,7 @@ DEPENDENCIES
factory_bot_rails
haml-rails (~> 1.0.0)
launchy
rails (~> 5.0.0)
rails (~> 5.1.0)
rake
rspec-rails
sass-rails (~> 5.0)
......
class AccountsController < ApplicationController
skip_before_filter :authenticate, only: [:new, :verify, :setup, :create]
skip_before_action :authenticate, only: [:new, :verify, :setup, :create]
skip_load_resource only: [:verify, :setup, :create]
before_filter :validate_turing_answer, only: :verify
before_action :validate_turing_answer, only: :verify
def index
redirect_to root_path
......@@ -42,7 +42,7 @@ class AccountsController < ApplicationController
ac_req = AccountRequest.find_by_token!(params[:token])
if ! ac_req.still_valid?
render text: t(".token_too_old")
render plain: t(".token_too_old")
ac_req.destroy
return
end
......
......@@ -2,8 +2,8 @@ class ApplicationController < ActionController::Base
# Prevent CSRF attacks by raising an exception.
# For APIs, you may want to use :null_session instead.
protect_from_forgery with: :exception
before_filter :authenticate
before_filter :set_locale
before_action :authenticate
before_action :set_locale
load_and_authorize_resource
# ensure authorization is checked.
check_authorization
......
......@@ -2,9 +2,9 @@ class KeysController < ApplicationController
include KeyUpload
skip_load_and_authorize_resource
skip_authorization_check
before_filter :load_list_resource
before_filter :load_subscription_resource, only: [:index, :show, :new]
before_filter :load_key, only: [:show, :destroy]
before_action :load_list_resource
before_action :load_subscription_resource, only: [:index, :show, :new]
before_action :load_key, only: [:show, :destroy]
# TODO: authorize if current_account.subscribed_to?(@list) || current_account.superadmin?
def index
......
class LoginsController < ApplicationController
skip_before_filter :authenticate
skip_before_action :authenticate
skip_load_and_authorize_resource
skip_authorization_check
......
#!/usr/bin/env ruby
APP_PATH = File.expand_path('../../config/application', __FILE__)
APP_PATH = File.expand_path('../config/application', __dir__)
require_relative '../config/boot'
require 'rails/commands'
#!/usr/bin/env ruby
require 'pathname'
require 'fileutils'
include FileUtils
# path to your application root.
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
APP_ROOT = Pathname.new File.expand_path('../../', __FILE__)
Dir.chdir APP_ROOT do
def system!(*args)
system(*args) || abort("\n== Command #{args} failed ==")
end
chdir APP_ROOT do
# This script is a starting point to setup your application.
# Add necessary setup steps to this file:
# Add necessary setup steps to this file.
puts '== Installing dependencies =='
system! 'gem install bundler --conservative'
system('bundle check') || system!('bundle install')
# Install JavaScript dependencies if using Yarn
# system('bin/yarn')
puts "== Installing dependencies =="
system "gem install bundler --conservative"
system "bundle check || bundle install --path vendor/bundle"
# puts "\n== Copying sample files =="
# unless File.exist?("config/database.yml")
# system "cp config/database.yml.sample config/database.yml"
# unless File.exist?('config/database.yml')
# cp 'config/database.yml.sample', 'config/database.yml'
# end
puts "\n== Preparing database =="
system "bin/rake db:setup"
system! 'bin/rails db:setup'
puts "\n== Removing old logs and tempfiles =="
system "rm -f log/*"
system "rm -rf tmp/cache"
system! 'bin/rails log:clear tmp:clear'
puts "\n== Restarting application server =="
system! 'bin/rails restart'
puts "\n== Manual tasks =="
puts "\n* Review the database connection config in config/database.yml"
puts "\n* In config/secrets.yml change secret_key_base"
puts "\n* config/schleuder-web.yml add tls_fingerprint and api_key (get them from the admins that run schleuder-api-daemon)."
end
#!/usr/bin/env ruby
APP_ROOT = File.expand_path('..', __dir__)
Dir.chdir(APP_ROOT) do
begin
exec "yarnpkg", *ARGV
rescue Errno::ENOENT
$stderr.puts "Yarn executable was not detected in the system."
$stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
exit 1
end
end
require File.expand_path('../boot', __FILE__)
require_relative 'boot'
require 'rails/all'
......@@ -8,29 +8,12 @@ Bundler.require(*Rails.groups)
module SchleuderWeb
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
config.load_defaults 5.1
# Settings in config/environments/* take precedence over those specified here.
# Application configuration should go into files in config/initializers
# -- all .rb files in that directory are automatically loaded.
# Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
# Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
# config.time_zone = 'Central Time (US & Canada)'
# The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
# config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
# config.i18n.default_locale = :de
# Do not swallow errors in after_commit/after_rollback callbacks.
config.active_record.raise_in_transactional_callbacks = true
# Will forms each have their own CSRF token that is specific to the action
# and method for that form?
config.action_controller.per_form_csrf_tokens = true
# Check if the HTTP Origin header should be checked against the site's
# origin as an additional CSRF defense.
config.action_controller.forgery_protection_origin_check = true
require 'openssl'
require 'mail'
......
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
require 'bundler/setup' # Set up gems listed in the Gemfile.
# Load the Rails application.
require File.expand_path('../application', __FILE__)
require_relative 'application'
# Initialize the Rails application.
Rails.application.initialize!
......@@ -9,13 +9,28 @@ Rails.application.configure do
# Do not eager load code on boot.
config.eager_load = false
# Show full error reports and disable caching.
config.consider_all_requests_local = true
config.action_controller.perform_caching = false
# Show full error reports.
config.consider_all_requests_local = true
# Enable/disable caching. By default caching is disabled.
if Rails.root.join('tmp/caching-dev.txt').exist?
config.action_controller.perform_caching = true
config.cache_store = :memory_store
config.public_file_server.headers = {
'Cache-Control' => "public, max-age=#{2.days.seconds.to_i}"
}
else
config.action_controller.perform_caching = false
config.cache_store = :null_store
end
# Don't care if the mailer can't send.
config.action_mailer.raise_delivery_errors = false
config.action_mailer.perform_caching = false
# Print deprecation notices to the Rails logger.
config.active_support.deprecation = :log
......@@ -27,17 +42,15 @@ Rails.application.configure do
# number of complex assets.
config.assets.debug = true
# Asset digests allow you to set far-future HTTP expiration dates on all assets,
# yet still be able to expire them through the digest params.
config.assets.digest = true
# Adds additional error checking when serving assets at runtime.
# Checks for improperly declared sprockets dependencies.
# Raises helpful error messages.
config.assets.raise_runtime_errors = true
# Suppress logger output for asset requests.
config.assets.quiet = true
# Raises error for missing translations
# config.action_view.raise_on_missing_translations = true
# Use an evented file watcher to asynchronously detect changes in source code,
# routes, locales, etc. This feature depends on the listen gem.
config.file_watcher = ActiveSupport::EventedFileUpdateChecker
config.log_level = :debug
end
......@@ -14,16 +14,15 @@ Rails.application.configure do
config.consider_all_requests_local = false
config.action_controller.perform_caching = true
# Enable Rack::Cache to put a simple HTTP cache in front of your application
# Add `rack-cache` to your Gemfile before enabling this.
# For large-scale production use, consider using a caching reverse proxy like
# NGINX, varnish or squid.
# config.action_dispatch.rack_cache = true
# Attempt to read encrypted secrets from `config/secrets.yml.enc`.
# Requires an encryption key in `ENV["RAILS_MASTER_KEY"]` or
# `config/secrets.yml.key`.
config.read_encrypted_secrets = false
# Disable serving static files from the `/public` folder by default since
# Apache or NGINX already handles this.
#config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present?
config.serve_static_files = true
#config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
config.public_file_server.enabled = true
# Compress JavaScripts and CSS.
config.assets.js_compressor = :uglifier
......@@ -32,34 +31,37 @@ Rails.application.configure do
# Do not fallback to assets pipeline if a precompiled asset is missed.
config.assets.compile = false
# Asset digests allow you to set far-future HTTP expiration dates on all assets,
# yet still be able to expire them through the digest params.
config.assets.digest = true
# `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = 'http://assets.example.com'
# Specifies the header that your server uses for sending files.
# config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# Mount Action Cable outside main process or domain
# config.action_cable.mount_path = nil
# config.action_cable.url = 'wss://example.com/cable'
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true
# Use the lowest log level to ensure availability of diagnostic information
# when problems arise.
config.log_level = :info
config.log_level = :debug
# Prepend all log lines with the following tags.
# config.log_tags = [ :subdomain, :uuid ]
# Use a different logger for distributed setups.
# config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
config.log_tags = [ :request_id ]
# Use a different cache store in production.
# config.cache_store = :mem_cache_store
# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.action_controller.asset_host = 'http://assets.example.com'
# Use a real queuing backend for Active Job (and separate queues per environment)
# config.active_job.queue_adapter = :resque
# config.active_job.queue_name_prefix = "schleuder_web_#{Rails.env}"
config.action_mailer.perform_caching = false
# Ignore bad email addresses and do not raise email delivery errors.
# Set this to true and configure the email server for immediate delivery to raise delivery errors.
......@@ -67,7 +69,7 @@ Rails.application.configure do
# Enable locale fallbacks for I18n (makes lookups for any locale fall back to
# the I18n.default_locale when a translation cannot be found).
config.i18n.fallbacks = [I18n.default_locale]
config.i18n.fallbacks = true
# Send deprecation notices to registered listeners.
config.active_support.deprecation = :notify
......@@ -75,6 +77,16 @@ Rails.application.configure do
# Use default logging formatter so that PID and timestamp are not suppressed.
config.log_formatter = ::Logger::Formatter.new
# Use a different logger for distributed setups.
# require 'syslog/logger'
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
if ENV["RAILS_LOG_TO_STDOUT"].present?
logger = ActiveSupport::Logger.new(STDOUT)
logger.formatter = config.log_formatter
config.logger = ActiveSupport::TaggedLogging.new(logger)
end
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false
end
......@@ -12,9 +12,11 @@ Rails.application.configure do
# preloads Rails for running tests, you may have to set it to true.
config.eager_load = false
# Configure static file server for tests with Cache-Control for performance.
config.serve_static_files = true
config.static_cache_control = 'public, max-age=3600'
# Configure public file server for tests with Cache-Control for performance.
config.public_file_server.enabled = true
config.public_file_server.headers = {
'Cache-Control' => "public, max-age=#{1.hour.seconds.to_i}"
}
# Show full error reports and disable caching.
config.consider_all_requests_local = true
......@@ -25,15 +27,13 @@ Rails.application.configure do
# Disable request forgery protection in test environment.
config.action_controller.allow_forgery_protection = false
config.action_mailer.perform_caching = false
# Tell Action Mailer not to deliver emails to the real world.
# The :test delivery method accumulates sent emails in the
# ActionMailer::Base.deliveries array.
config.action_mailer.delivery_method = :test
# Randomize the order test cases are executed.
config.active_support.test_order = :random
# Print deprecation notices to the stderr.
config.active_support.deprecation = :stderr
......
......@@ -3,9 +3,12 @@
# Version of your assets, change this if you want to expire all your assets.
Rails.application.config.assets.version = '1.0'
# Add additional assets to the asset load path
# Add additional assets to the asset load path.
# Rails.application.config.assets.paths << Emoji.images_path
# Add Yarn node_modules folder to the asset load path.
Rails.application.config.assets.paths << Rails.root.join('node_modules')
# Precompile additional assets.
# application.js, application.css, and all non-JS/CSS in app/assets folder are already added.
# Rails.application.config.assets.precompile += %w( search.js )
# application.js, application.css, and all non-JS/CSS in the app/assets
# folder are already added.
# Rails.application.config.assets.precompile += %w( admin.js admin.css )
# Be sure to restart your server when you modify this file.
# Specify a serializer for the signed and encrypted cookie jars.
# Valid options are :json, :marshal, and :hybrid.
Rails.application.config.action_dispatch.cookies_serializer = :json
# Be sure to restart your server when you modify this file.
#
# This file contains migration options to ease your Rails 5.1 upgrade.
#
# Once upgraded flip defaults one by one to migrate to the new default.
#
# Read the Guide for Upgrading Ruby on Rails for more info on each option.
# Make `form_with` generate non-remote forms.
Rails.application.config.action_view.form_with_generates_remote_forms = false
# Unknown asset fallback will return the path passed in when the given
# asset is not present in the asset pipeline.
# Rails.application.config.assets.unknown_asset_fallback = false
......@@ -5,10 +5,10 @@
# Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
ActiveSupport.on_load(:action_controller) do
wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
wrap_parameters format: [:json]
end
# To enable root element in JSON for ActiveRecord objects.
# ActiveSupport.on_load(:active_record) do
# self.include_root_in_json = true
# self.include_root_in_json = true
# end
......@@ -16,6 +16,16 @@
#
# This would use the information in config/locales/es.yml.
#
# The following keys must be escaped otherwise they will not be retrieved by
# the default I18n backend:
#
# true, false, on, off, yes, no
#
# Instead, surround them with single quotes.
#
# en:
# 'true': 'foo'
#
# To learn more, please read the Rails Internationalization guide
# available at http://guides.rubyonrails.org/i18n.html.
......
Rails.application.routes.draw do
# For details on the DSL available within this file, see http://guides.rubyonrails.org/routing.html
get 'login/new', to: 'logins#new', as: :new_login
get 'login/cookiesrequired', to: 'logins#cookiesrequired', as: :cookiesrequired_login
post 'login/create', to: 'logins#create', as: :create_login
......@@ -27,58 +28,5 @@ Rails.application.routes.draw do
end
end
# The priority is based upon order of creation: first created -> highest priority.
# See how all your routes lay out with "rake routes".
# You can have the root of your site routed with "root"
root 'accounts#home'
# Example of regular route:
# get 'products/:id' => 'catalog#view'
# Example of named route that can be invoked with purchase_url(id: product.id)
# get 'products/:id/purchase' => 'catalog#purchase', as: :purchase
# Example resource route (maps HTTP verbs to controller actions automatically):
# resources :products
# Example resource route with options:
# resources :products do
# member do
# get 'short'
# post 'toggle'
# end
#
# collection do
# get 'sold'
# end
# end
# Example resource route with sub-resources:
# resources :products do
# resources :comments, :sales
# resource :seller
# end
# Example resource route with more complex sub-resources:
# resources :products do
# resources :comments
# resources :sales do
# get 'recent', on: :collection
# end
# end
# Example resource route with concerns:
# concern :toggleable do
# post 'toggle'
# end
# resources :posts, concerns: :toggleable
# resources :photos, concerns: :toggleable
# Example resource route within a namespace:
# namespace :admin do
# # Directs /admin/products/* to Admin::ProductsController
# # (app/controllers/admin/products_controller.rb)
# resources :products
# end
end
......@@ -5,18 +5,28 @@
# Make sure the secret is at least 30 characters and all random,
# no regular words or you'll be exposed to dictionary attacks.
# You can use `rake secret` to generate a secure secret key.
# You can use `rails secret` to generate a secure secret key.
# Make sure the secrets in this file are kept private
# if you're sharing your code publicly.
# Shared secrets are available across all environments.
# shared:
# api_key: a1B2c3D4e5F6
# Environmental secrets are only available for that specific environment.
development:
secret_key_base: edbf906ddabf1a3a10b7ced6692862ba9a58f38063032f52b8d6abbfd7d8dda41a64462283fb6d297640f2789b0f5865d9904ff0f7419e844d953b346662d3d9
secret_key_base: b5764d09cd53b1a9a278a08453f1a4a7b310a020c4f1de62af92b720ce9e5e041f0ad45d48b5634b5f00b7fceb639ece04fbb6fe3fb90aa4d14715ea7b5da975
test:
secret_key_base: a354a24a817f9aa8ca490fd10ac3eddab27773d68586b1b0e852ec30765495ada0810d80e01ce43cb2feb93c39d5fc8fceb5ff24983b41aa7d74c0c9f2f70995
secret_key_base: d182b9682bc1d21d075b2df36528db46f2669ff957152407cec56f9f0d1fc0551f00eaa9b79d0e2d5b533dc1c4829f98eeec105d148f17ea828997334d46778f
# Do not keep production secrets in the unencrypted secrets file.
# Instead, either read values from the environment.
# Or, use `bin/rails secrets:setup` to configure encrypted secrets
# and move the `production:` environment over there.
# Do not keep production secrets in the repository,
# instead read values from the environment.
production:
secret_key_base: <%= ENV["SECRET_KEY_BASE"] %>
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment