diff --git a/Dockerfile b/Dockerfile index 538e93c66..3ae924e71 100644 --- a/Dockerfile +++ b/Dockerfile @@ -31,7 +31,7 @@ COPY . . RUN bundle install # Build a discardable master.key and credentials.yml.enc file for docker deployment -RUN EDITOR=nano rails credentials:edit +RUN EDITOR=nano bundle exec rails credentials:edit ENV SSM_SKIP_RESOLUTION=Y RUN bundle exec rails assets:precompile && \ diff --git a/Gemfile b/Gemfile index b9644b100..9972d1025 100644 --- a/Gemfile +++ b/Gemfile @@ -4,7 +4,7 @@ gem 'activeresource' gem 'json' gem 'multi_json' gem 'mysql2' -gem 'rails', '~> 6.0' +gem 'rails', '~> 7.2' gem 'aws-sdk-ec2' gem 'aws-sdk-ssm' @@ -29,6 +29,7 @@ gem 'puma' gem 'rack-cache' gem 'rest-client' gem 'sprockets' +gem 'sprockets-rails' gem 'thin' gem 'uc3-ssm', git: 'https://github.com/CDLUC3/uc3-ssm.git', tag: '1.0.3' gem 'uglifier' diff --git a/Gemfile.lock b/Gemfile.lock index 96d521023..de064e26d 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -8,73 +8,85 @@ GIT GEM remote: http://rubygems.org/ specs: - actioncable (6.1.7.9) - actionpack (= 6.1.7.9) - activesupport (= 6.1.7.9) + actioncable (7.2.2) + actionpack (= 7.2.2) + activesupport (= 7.2.2) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.9) - actionpack (= 6.1.7.9) - activejob (= 6.1.7.9) - activerecord (= 6.1.7.9) - activestorage (= 6.1.7.9) - activesupport (= 6.1.7.9) - mail (>= 2.7.1) - actionmailer (6.1.7.9) - actionpack (= 6.1.7.9) - actionview (= 6.1.7.9) - activejob (= 6.1.7.9) - activesupport (= 6.1.7.9) - mail (~> 2.5, >= 2.5.4) - rails-dom-testing (~> 2.0) - actionpack (6.1.7.9) - actionview (= 6.1.7.9) - activesupport (= 6.1.7.9) - rack (~> 2.0, >= 2.0.9) + zeitwerk (~> 2.6) + actionmailbox (7.2.2) + actionpack (= 7.2.2) + activejob (= 7.2.2) + activerecord (= 7.2.2) + activestorage (= 7.2.2) + activesupport (= 7.2.2) + mail (>= 2.8.0) + actionmailer (7.2.2) + actionpack (= 7.2.2) + actionview (= 7.2.2) + activejob (= 7.2.2) + activesupport (= 7.2.2) + mail (>= 2.8.0) + rails-dom-testing (~> 2.2) + actionpack (7.2.2) + actionview (= 7.2.2) + activesupport (= 7.2.2) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4, < 3.2) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.9) - actionpack (= 6.1.7.9) - activerecord (= 6.1.7.9) - activestorage (= 6.1.7.9) - activesupport (= 6.1.7.9) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + useragent (~> 0.16) + actiontext (7.2.2) + actionpack (= 7.2.2) + activerecord (= 7.2.2) + activestorage (= 7.2.2) + activesupport (= 7.2.2) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.1.7.9) - activesupport (= 6.1.7.9) + actionview (7.2.2) + activesupport (= 7.2.2) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) - activejob (6.1.7.9) - activesupport (= 6.1.7.9) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + activejob (7.2.2) + activesupport (= 7.2.2) globalid (>= 0.3.6) - activemodel (6.1.7.9) - activesupport (= 6.1.7.9) + activemodel (7.2.2) + activesupport (= 7.2.2) activemodel-serializers-xml (1.0.3) activemodel (>= 5.0.0.a) activesupport (>= 5.0.0.a) builder (~> 3.1) - activerecord (6.1.7.9) - activemodel (= 6.1.7.9) - activesupport (= 6.1.7.9) - activeresource (6.1.3) + activerecord (7.2.2) + activemodel (= 7.2.2) + activesupport (= 7.2.2) + timeout (>= 0.4.0) + activeresource (6.1.4) activemodel (>= 6.0) activemodel-serializers-xml (~> 1.0) activesupport (>= 6.0) - activestorage (6.1.7.9) - actionpack (= 6.1.7.9) - activejob (= 6.1.7.9) - activerecord (= 6.1.7.9) - activesupport (= 6.1.7.9) + activestorage (7.2.2) + actionpack (= 7.2.2) + activejob (= 7.2.2) + activerecord (= 7.2.2) + activesupport (= 7.2.2) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (6.1.7.9) - concurrent-ruby (~> 1.0, >= 1.0.2) + activesupport (7.2.2) + base64 + benchmark (>= 0.3) + bigdecimal + concurrent-ruby (~> 1.0, >= 1.3.1) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - tzinfo (~> 2.0) - zeitwerk (~> 2.3) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) airbrussh (1.5.3) @@ -82,23 +94,23 @@ GEM ansi (1.5.0) ast (2.4.2) aws-eventstream (1.3.0) - aws-partitions (1.992.0) - aws-sdk-core (3.211.0) + aws-partitions (1.1005.0) + aws-sdk-core (3.212.0) aws-eventstream (~> 1, >= 1.3.0) aws-partitions (~> 1, >= 1.992.0) aws-sigv4 (~> 1.9) jmespath (~> 1, >= 1.6.1) - aws-sdk-ec2 (1.483.0) + aws-sdk-ec2 (1.487.0) aws-sdk-core (~> 3, >= 3.210.0) aws-sigv4 (~> 1.5) - aws-sdk-ssm (1.183.0) + aws-sdk-ssm (1.184.0) aws-sdk-core (~> 3, >= 3.210.0) aws-sigv4 (~> 1.5) aws-sigv4 (1.10.1) aws-eventstream (~> 1, >= 1.0.2) base64 (0.2.0) bcrypt_pbkdf (1.1.1) - bcrypt_pbkdf (1.1.1-arm64-darwin) + benchmark (0.4.0) bigdecimal (3.1.8) bindex (0.8.1) bootsnap (1.18.4) @@ -136,18 +148,19 @@ GEM coderay (1.1.3) colorize (1.1.0) concurrent-ruby (1.3.4) + connection_pool (2.4.1) crack (1.0.0) bigdecimal rexml crass (1.0.6) daemons (1.4.1) - database_cleaner (2.0.2) + database_cleaner (2.1.0) database_cleaner-active_record (>= 2, < 3) database_cleaner-active_record (2.2.0) activerecord (>= 5.a) database_cleaner-core (~> 2.0.0) database_cleaner-core (2.0.1) - date (3.3.4) + date (3.4.0) debase (0.2.5.beta2) debase-ruby_core_source (>= 0.10.12) debase-ruby_core_source (3.3.6) @@ -155,6 +168,7 @@ GEM diffy (3.4.3) docile (1.4.1) domain_name (0.6.20240107) + drb (2.2.1) ed25519 (1.3.0) equivalent-xml (0.6.0) nokogiri (>= 1.4.3) @@ -163,16 +177,16 @@ GEM exception_notification (4.5.0) actionmailer (>= 5.2, < 8) activesupport (>= 5.2, < 8) - execjs (2.9.1) + execjs (2.10.0) factory_bot (6.5.0) activesupport (>= 5.0.0) - factory_bot_rails (6.4.3) - factory_bot (~> 6.4) + factory_bot_rails (6.4.4) + factory_bot (~> 6.5) railties (>= 5.0.0) - ffi (1.17.0) + ffi (1.17.0-x86_64-linux-gnu) globalid (1.2.1) activesupport (>= 6.1) - hashdiff (1.1.1) + hashdiff (1.1.2) http-accept (1.7.0) http-cookie (1.0.7) domain_name (~> 0.5) @@ -188,7 +202,7 @@ GEM rails-dom-testing (>= 1, < 3) railties (>= 4.2.0) thor (>= 0.14, < 2.0) - json (2.7.2) + json (2.8.1) language_server-protocol (3.17.0.3) launchy (3.0.1) addressable (~> 2.8) @@ -203,7 +217,7 @@ GEM railties (>= 4) request_store (~> 1.0) logstash-event (1.2.02) - loofah (2.22.0) + loofah (2.23.1) crass (~> 1.0.2) nokogiri (>= 1.12.0) mail (2.8.1) @@ -217,13 +231,13 @@ GEM mime-types (3.6.0) logger mime-types-data (~> 3.2015) - mime-types-data (3.2024.1001) + mime-types-data (3.2024.1105) mini_mime (1.1.5) minitest (5.25.1) - msgpack (1.7.3) + msgpack (1.7.5) multi_json (1.15.0) mysql2 (0.5.6) - net-imap (0.4.17) + net-imap (0.4.18) date net-protocol net-ldap (0.19.0) @@ -239,15 +253,13 @@ GEM net-protocol net-ssh (7.3.0) netrc (0.11.0) - nio4r (2.7.3) - nokogiri (1.16.7-arm64-darwin) - racc (~> 1.4) + nio4r (2.7.4) nokogiri (1.16.7-x86_64-linux) racc (~> 1.4) orchard (0.2) - ostruct (0.6.0) + ostruct (0.6.1) parallel (1.26.3) - parser (3.3.5.0) + parser (3.3.6.0) ast (~> 2.4.1) racc pry (0.14.2) @@ -258,7 +270,7 @@ GEM pry-remote (0.1.8) pry (~> 0.9) slop (~> 3.0) - psych (5.1.2) + psych (5.2.0) stringio public_suffix (6.0.1) puma (6.4.3) @@ -269,23 +281,27 @@ GEM rack (>= 0.4) rack-proxy (0.7.7) rack + rack-session (1.0.2) + rack (< 3) rack-test (2.1.0) rack (>= 1.3) - rails (6.1.7.9) - actioncable (= 6.1.7.9) - actionmailbox (= 6.1.7.9) - actionmailer (= 6.1.7.9) - actionpack (= 6.1.7.9) - actiontext (= 6.1.7.9) - actionview (= 6.1.7.9) - activejob (= 6.1.7.9) - activemodel (= 6.1.7.9) - activerecord (= 6.1.7.9) - activestorage (= 6.1.7.9) - activesupport (= 6.1.7.9) + rackup (1.0.1) + rack (< 3) + webrick + rails (7.2.2) + actioncable (= 7.2.2) + actionmailbox (= 7.2.2) + actionmailer (= 7.2.2) + actionpack (= 7.2.2) + actiontext (= 7.2.2) + actionview (= 7.2.2) + activejob (= 7.2.2) + activemodel (= 7.2.2) + activerecord (= 7.2.2) + activestorage (= 7.2.2) + activesupport (= 7.2.2) bundler (>= 1.15.0) - railties (= 6.1.7.9) - sprockets-rails (>= 2.0.0) + railties (= 7.2.2) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest @@ -293,12 +309,14 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (6.1.7.9) - actionpack (= 6.1.7.9) - activesupport (= 6.1.7.9) - method_source + railties (7.2.2) + actionpack (= 7.2.2) + activesupport (= 7.2.2) + irb (~> 1.13) + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.2.1) rb-fsevent (0.11.2) @@ -307,7 +325,7 @@ GEM rdoc (6.7.0) psych (>= 4.0.0) regexp_parser (2.9.2) - reline (0.5.10) + reline (0.5.11) io-console (~> 0.5) request_store (1.7.0) rack (>= 1.4) @@ -316,7 +334,7 @@ GEM http-cookie (>= 1.0.2, < 2.0) mime-types (>= 1.16, < 4.0) netrc (~> 0.8) - rexml (3.3.8) + rexml (3.3.9) rspec-core (3.13.2) rspec-support (~> 3.13.0) rspec-expectations (3.13.3) @@ -325,16 +343,16 @@ GEM rspec-mocks (3.13.2) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-rails (6.1.5) - actionpack (>= 6.1) - activesupport (>= 6.1) - railties (>= 6.1) + rspec-rails (7.1.0) + actionpack (>= 7.0) + activesupport (>= 7.0) + railties (>= 7.0) rspec-core (~> 3.13) rspec-expectations (~> 3.13) rspec-mocks (~> 3.13) rspec-support (~> 3.13) rspec-support (3.13.1) - rubocop (1.67.0) + rubocop (1.68.0) json (~> 2.3) language_server-protocol (>= 3.17.0) parallel (~> 1.10) @@ -344,12 +362,13 @@ GEM rubocop-ast (>= 1.32.2, < 2.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 2.4.0, < 3.0) - rubocop-ast (1.32.3) + rubocop-ast (1.36.1) parser (>= 3.3.1.0) ruby-prof (1.7.1) ruby-progressbar (1.13.0) rubyzip (2.3.2) - selenium-webdriver (4.25.0) + securerandom (0.3.2) + selenium-webdriver (4.26.0) base64 (~> 0.2) logger (~> 1.4) rexml (~> 3.2, >= 3.2.5) @@ -379,7 +398,7 @@ GEM net-sftp (>= 2.1.2) net-ssh (>= 2.8.0) ostruct - stringio (3.1.1) + stringio (3.1.2) terminal-table (3.0.2) unicode-display_width (>= 1.1.1, < 3) thin (1.8.2) @@ -387,13 +406,14 @@ GEM eventmachine (~> 1.0, >= 1.0.4) rack (>= 1, < 3) thor (1.3.2) - timeout (0.4.1) + timeout (0.4.2) tzinfo (2.0.6) concurrent-ruby (~> 1.0) uglifier (4.2.1) execjs (>= 0.3.0, < 3) unicode (0.4.4.5) unicode-display_width (2.6.0) + useragent (0.16.10) uuidtools (2.2.0) web-console (4.2.1) actionview (>= 6.0.0) @@ -404,7 +424,7 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) - webrick (1.8.2) + webrick (1.9.0) websocket (1.2.11) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) @@ -415,7 +435,6 @@ GEM zeitwerk (2.6.18) PLATFORMS - arm64-darwin-23 x86_64-linux DEPENDENCIES @@ -457,7 +476,7 @@ DEPENDENCIES pry-remote puma rack-cache - rails (~> 6.0) + rails (~> 7.2) rest-client rspec-rails rubocop @@ -466,6 +485,7 @@ DEPENDENCIES simplecov simplecov-console sprockets + sprockets-rails thin uc3-ssm! uglifier @@ -476,4 +496,4 @@ DEPENDENCIES will_paginate BUNDLED WITH - 2.2.33 + 2.3.25 diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 9178f8c2b..82ebd4e2a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -14,7 +14,7 @@ class ApplicationController < ActionController::Base include PaginationMixin include HttpMixin include MerrittRetryMixin - require 'streamer' + require_relative '../lib/streamer' helper_method( :available_groups, @@ -38,7 +38,7 @@ def check_ark_redirects(group) url = APP_CONFIG.fetch('redirects', {}).fetch(group.submission_profile, '') return if url.empty? - redirect_to url and return true + redirect_to(url, allow_other_host: true) and return true end def render_unavailable @@ -251,7 +251,7 @@ def require_user store_location flash[:notice] = 'You must be logged in to access the page you requested' ret = url_for_with_proto({ controller: 'user_sessions', action: 'guest_login' }) - redirect_to(ret) && return + redirect_to(ret, allow_other_host: true) && return end def require_named_user_or_401 @@ -277,7 +277,7 @@ def store_location def redirect_back_or_default(default) if session - redirect_to(session[:return_to] || default) + redirect_to(session[:return_to] || default, allow_other_host: true) else # :nocov: redirect_to(default) diff --git a/app/lib/group_ldap.rb b/app/lib/group_ldap.rb index 84f7cd7f3..3bbfd06d6 100644 --- a/app/lib/group_ldap.rb +++ b/app/lib/group_ldap.rb @@ -1,7 +1,6 @@ require 'rubygems' require 'net/ldap' -require 'noid' -require 'ldap_mixin' +# require 'ldap_mixin' module GroupLdap @@ -34,7 +33,7 @@ def add(groupid, description, permissions = %w[read write], extra_classes = ['me group_attributes = { objectclass: ['organizationalUnit'] + extra_classes, description: description, - arkId: "ark:/13030/#{@minter.mint}" + arkId: 'ark:/13030/12345' } true_or_exception(admin_ldap.add(dn: ns_dn(groupid), attributes: group_attributes)) diff --git a/app/lib/ldap_mixin.rb b/app/lib/ldap_mixin.rb index 22639c815..2f6477d31 100644 --- a/app/lib/ldap_mixin.rb +++ b/app/lib/ldap_mixin.rb @@ -2,8 +2,6 @@ # mixed in modules must define ns_dn(id) and obj_filter(id) methods which differ # for each (like a Java abstract class) as well as any specific methods for each -# require 'lib/noid' - module LdapMixin class LdapException < RuntimeError; end @@ -22,7 +20,7 @@ def initialize(host:, port:, base:, admin_user:, admin_password:, minter:, conne # minter: 'http://noid.cdlib.org/nd/noidu_g9' # connect_timeout: 60 - @minter = Noid::Minter.new(minter) + puts "minter #{minter} ignored" @base = base @ldap_connect = { host: host, diff --git a/app/lib/merritt_retry_mixin.rb b/app/lib/merritt_retry_mixin.rb index 1068a3bc1..1323530d4 100644 --- a/app/lib/merritt_retry_mixin.rb +++ b/app/lib/merritt_retry_mixin.rb @@ -18,7 +18,7 @@ def merritt_retry_block if retries > RETRY_LIMIT Rails.logger.error('Retries exhausted. Clearing all active connections.') # ActiveRecord::Base.clear_active_connections! - ActiveRecord::Base.clear_all_connections! + ActiveRecord::Base.connection_handler.clear_all_connections! # yet to try: flush_idle_connections raise RetryException, e end diff --git a/app/lib/user_ldap.rb b/app/lib/user_ldap.rb index f7e3e5eb3..becaa096e 100644 --- a/app/lib/user_ldap.rb +++ b/app/lib/user_ldap.rb @@ -1,6 +1,6 @@ require 'rubygems' require 'net/ldap' -# require 'lib/ldap_mixin' +# require 'ldap_mixin' module UserLdap class Server @@ -29,7 +29,7 @@ def add(userid, password, firstname, lastname, email) cn: "#{firstname} #{lastname}", displayName: "#{firstname} #{lastname}", userPassword: password, - arkId: "ark:/13030/#{@minter.mint}", + arkId: 'ark:/13030/12345', mail: email } true_or_exception(admin_ldap.add(dn: ns_dn(userid), attributes: attr)) diff --git a/bin/rails b/bin/rails index 6fb4e4051..efc037749 100755 --- a/bin/rails +++ b/bin/rails @@ -1,4 +1,4 @@ #!/usr/bin/env ruby -APP_PATH = File.expand_path('../config/application', __dir__) +APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/bin/rubocop b/bin/rubocop new file mode 100755 index 000000000..40330c0ff --- /dev/null +++ b/bin/rubocop @@ -0,0 +1,8 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +# explicit rubocop config increases performance slightly while avoiding config confusion. +ARGV.unshift("--config", File.expand_path("../.rubocop.yml", __dir__)) + +load Gem.bin_path("rubocop", "rubocop") diff --git a/bin/setup b/bin/setup index 90700ac4f..6ee7e9032 100755 --- a/bin/setup +++ b/bin/setup @@ -1,11 +1,11 @@ #!/usr/bin/env ruby require "fileutils" -# path to your application root. -APP_ROOT = File.expand_path('..', __dir__) +APP_ROOT = File.expand_path("..", __dir__) +APP_NAME = "mrt-dashboard" def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do @@ -13,24 +13,25 @@ FileUtils.chdir APP_ROOT do # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. - puts '== Installing dependencies ==' - system! 'gem install bundler --conservative' - system('bundle check') || system!('bundle install') - - # Install JavaScript dependencies - system! 'bin/yarn' + puts "== Installing dependencies ==" + system! "gem install bundler --conservative" + system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # FileUtils.cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end puts "\n== Preparing database ==" - system! 'bin/rails db:prepare' + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" - system! 'bin/rails log:clear tmp:clear' + system! "bin/rails log:clear tmp:clear" puts "\n== Restarting application server ==" - system! 'bin/rails restart' + system! "bin/rails restart" + + # puts "\n== Configuring puma-dev ==" + # system "ln -nfs #{APP_ROOT} ~/.puma-dev/#{APP_NAME}" + # system "curl -Is https://#{APP_NAME}.test/up | head -n 1" end diff --git a/config/application.rb b/config/application.rb index 624b38d50..367e915c7 100644 --- a/config/application.rb +++ b/config/application.rb @@ -2,6 +2,7 @@ require 'rails/all' require 'uc3-ssm' +require 'sprockets/railtie' # Require the gems listed in Gemfile, including any gems # you've limited to :test, :development, or :production. @@ -10,7 +11,13 @@ module MrtDashboard class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 6.1 + config.load_defaults 7.2 + + # Please, add to the `ignore` list any other `lib` subdirectories that do + # not contain `.rb` files, or that should not be reloaded or eager loaded. + # Common ones are `templates`, `generators`, or `middleware`, for example. + config.autoload_lib(ignore: %w[assets tasks]) + config.global_id.app = 'mrt-dashboard' # Configuration for the application, engines, and railties goes here. # diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc index e2c0348b0..af3550423 100644 --- a/config/credentials.yml.enc +++ b/config/credentials.yml.enc @@ -1 +1 @@ -+reX7Lef3AtfL7IqdwEqulMr2lttk7tbUocEMKyFFmkMY/riGYNN1JqHGtdJv0z4RtiLqmXQxWN48u+DrF9eeDpl0f0hGXU0ROXKUyAp4/H8wGaePyKLD/vvv62BrevuXm3SOSTEoxos11XsI6Ebm/DKz8iJ6DGJpfBde7Q9ynYcogLPIHTPMZPSVG1qGxQ8erC0Nj+ufHT50a2v+tluXmiWGjK8RLaZePWVXRsT+ai5z01vBlkjqBu9hQM+iWU7XuMxjVNRG53BOrfR8lAr5Kdvf5LoRiXg/A3hcdp/zuzfQqr3tiaAPvqQDhmZ7S66W71w+IoyJxcdb75hm/P6OPx2avhzmdU5iyyF2W0Vxr7GIx7hduApSZXrMhOTQxVRZ3mbUzGt4P+2zBGnBwCQwzarP1g8THX+F+8z--CCwZz0WACsU7lXAd--QGShylJsWbeyxU9lfcyAIw== \ No newline at end of file +6fPXWfisFvsjpcqotqfQfYX0RMoivRlLqU3MokLLb/CtOigDmiqU/eVo6KyK8XK781gD9vb0IEDomT1Cp2VnSJjdehSD0hj1Z6pfBgl/nKwGZ/880MgiyxStSoDhxLxkysHuhiNoHniT+LFALodieSiMka/EMaGUcZ4rlX0V0L9+hfjnF15Z7Y+mBwdOpIyJR5lwj4tXRwDcAbl5CFmSFx4/yRDOsOa1yv/iZIv5r5OdtD0ty4T5SPO7owQB2faslhQOoVrgNkyc973Hu+1EqSdvqWCae2Y/g37gRP00gHiwaqvYr4Ls1Y+hGiRnOemdr2zDBexTIUXOphYoTFFcRCnQ8RthVVDHtkrqMElf1ydCueknr0GypIX0Af3+kHJqMdcv4DrV9TBjU41ITEI5sf+vKTKIKxuR84RO--qi8+A5aW0B/LN65T--VACWk2hQAlwNgJtrgJO2JA== \ No newline at end of file diff --git a/config/environments/development.rb b/config/environments/development.rb index 26e87acdd..27e499e62 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -1,13 +1,12 @@ require 'active_support/core_ext/integer/time' Rails.application.configure do - config.hosts.clear # Settings specified here will take precedence over those in config/application.rb. # In the development environment your application's code is reloaded any time # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -15,16 +14,17 @@ # Show full error reports. config.consider_all_requests_local = true + # Enable server timing. + config.server_timing = true + # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. - if Rails.root.join('tmp', 'caching-dev.txt').exist? + if Rails.root.join('tmp/caching-dev.txt').exist? config.action_controller.perform_caching = true config.action_controller.enable_fragment_cache_logging = true config.cache_store = :memory_store - config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{2.days.to_i}" - } + config.public_file_server.headers = { 'Cache-Control' => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -37,8 +37,12 @@ # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false + config.action_mailer.default_url_options = { host: 'localhost', port: 3000 } + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log @@ -54,10 +58,8 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true # Suppress logger output for asset requests. config.assets.quiet = true @@ -66,16 +68,14 @@ # config.i18n.raise_on_missing_translations = true # Annotate rendered view with file names. - # config.action_view.annotate_rendered_view_with_filenames = true - - # Use an evented file watcher to asynchronously detect changes in source code, - # routes, locales, etc. This feature depends on the listen gem. - config.file_watcher = ActiveSupport::EventedFileUpdateChecker + config.action_view.annotate_rendered_view_with_filenames = true # Uncomment if you wish to allow Action Cable access from any origin. # config.action_cable.disable_request_forgery_protection = true - # Prepend all log lines with the following tags. - config.log_tags = [:request_id] + # Raise error when a before_action's only/except options reference missing actions. + config.action_controller.raise_on_missing_callback_actions = false + # Apply autocorrection by RuboCop to files generated by `bin/rails generate`. + # config.generators.apply_rubocop_autocorrect_after_generate! end diff --git a/config/environments/docker.rb b/config/environments/docker.rb index 933eac22f..9e71b929f 100644 --- a/config/environments/docker.rb +++ b/config/environments/docker.rb @@ -7,28 +7,13 @@ config.i18n.fallbacks = true config.serve_static_files = true - # To turn off pipeline, set to false - config.assets.enabled = true - - # Compress JavaScripts and CSS. - config.assets.js_compressor = :uglifier - # config.assets.css_compressor = :sass - - # Do not fallback to assets pipeline if a precompiled asset is missed. - config.assets.compile = false - - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true - # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers # and those relying on copy on write to perform better. # Rake tasks automatically ignore this option for performance. - config.eager_load = true + config.eager_load = false config.active_support.deprecation = :log - config.cache_store = :memory_store, { size: 64.megabytes } # Prepend all log lines with the following tags. config.log_tags = [:request_id] diff --git a/config/environments/local.rb b/config/environments/local.rb index dcf0ec42d..07b86632e 100644 --- a/config/environments/local.rb +++ b/config/environments/local.rb @@ -11,9 +11,6 @@ # config.action_view.debug_rjs = true config.whiny_nils = true - config.assets.enabled = false - config.assets.debug = false - # Log the query plan for queries taking more than this (works # with SQLite, MySQL, and PostgreSQL) config.active_record.auto_explain_threshold_in_seconds = 0.5 diff --git a/config/environments/production.rb b/config/environments/production.rb index 933eac22f..7f57c7438 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -1,25 +1,10 @@ -require 'active_record/errors' -MrtDashboard::Application.configure do - config.action_controller.perform_caching = true - config.autoload_paths += %W[#{config.root}/lib] - config.cache_classes = true - config.consider_all_requests_local = false - config.i18n.fallbacks = true - config.serve_static_files = true - - # To turn off pipeline, set to false - config.assets.enabled = true - - # Compress JavaScripts and CSS. - config.assets.js_compressor = :uglifier - # config.assets.css_compressor = :sass +require 'active_support/core_ext/integer/time' - # Do not fallback to assets pipeline if a precompiled asset is missed. - config.assets.compile = false +Rails.application.configure do + # Settings specified here will take precedence over those in config/application.rb. - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true + # Code is not reloaded between requests. + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -27,10 +12,94 @@ # Rake tasks automatically ignore this option for performance. config.eager_load = true - config.active_support.deprecation = :log - config.cache_store = :memory_store, { size: 64.megabytes } + # Full error reports are disabled and caching is turned on. + config.consider_all_requests_local = false + config.action_controller.perform_caching = true + + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true + + # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. + # config.public_file_server.enabled = false + + # Compress CSS using a preprocessor. + # config.assets.css_compressor = :sass + + # Do not fall back to assets pipeline if a precompiled asset is missed. + config.assets.compile = false + + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = "http://assets.example.com" + + # Specifies the header that your server uses for sending files. + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX + + # Store uploaded files on the local file system (see config/storage.yml for options). + config.active_storage.service = :local + + # Mount Action Cable outside main process or domain. + # config.action_cable.mount_path = nil + # config.action_cable.url = "wss://example.com/cable" + # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] + + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. + # config.assume_ssl = true + + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. + config.force_ssl = true + + # Skip http-to-https redirect for the default health check endpoint. + # config.ssl_options = { redirect: { exclude: ->(request) { request.path == "/up" } } } + + # Log to STDOUT by default + config.logger = ActiveSupport::Logger.new($stdout) + .tap { |logger| logger.formatter = Logger::Formatter.new } + .then { |logger| ActiveSupport::TaggedLogging.new(logger) } # Prepend all log lines with the following tags. config.log_tags = [:request_id] + # "info" includes generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info') + + # Use a different cache store in production. + # config.cache_store = :mem_cache_store + + # Use a real queuing backend for Active Job (and separate queues per environment). + # config.active_job.queue_adapter = :resque + # config.active_job.queue_name_prefix = "mrt_dashboard_production" + + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. + config.action_mailer.perform_caching = false + + # Ignore bad email addresses and do not raise email delivery errors. + # Set this to true and configure the email server for immediate delivery to raise delivery errors. + # config.action_mailer.raise_delivery_errors = false + + # Enable locale fallbacks for I18n (makes lookups for any locale fall back to + # the I18n.default_locale when a translation cannot be found). + config.i18n.fallbacks = true + + # Don't log any deprecations. + config.active_support.report_deprecations = false + + # Do not dump schema after migrations. + config.active_record.dump_schema_after_migration = false + + # Only use :id for inspections in production. + config.active_record.attributes_for_inspect = [:id] + + # Enable DNS rebinding protection and other `Host` header attacks. + # config.hosts = [ + # "example.com", # Allow requests from example.com + # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` + # ] + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end diff --git a/config/environments/stage.rb b/config/environments/stage.rb index 933eac22f..812e6cdc0 100644 --- a/config/environments/stage.rb +++ b/config/environments/stage.rb @@ -7,20 +7,6 @@ config.i18n.fallbacks = true config.serve_static_files = true - # To turn off pipeline, set to false - config.assets.enabled = true - - # Compress JavaScripts and CSS. - config.assets.js_compressor = :uglifier - # config.assets.css_compressor = :sass - - # Do not fallback to assets pipeline if a precompiled asset is missed. - config.assets.compile = false - - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true - # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers # and those relying on copy on write to perform better. @@ -28,7 +14,6 @@ config.eager_load = true config.active_support.deprecation = :log - config.cache_store = :memory_store, { size: 64.megabytes } # Prepend all log lines with the following tags. config.log_tags = [:request_id] diff --git a/config/environments/test.rb b/config/environments/test.rb index 366951110..132e96898 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -8,26 +8,25 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - config.cache_classes = true + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. + config.eager_load = ENV['CI'].present? # Configure public file server for tests with Cache-Control for performance. - config.public_file_server.enabled = true - config.public_file_server.headers = { - 'Cache-Control' => "public, max-age=#{1.hour.to_i}" - } + config.public_file_server.headers = { 'Cache-Control' => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false config.cache_store = :null_store - # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + # Render exception templates for rescuable exceptions and raise for other exceptions. + config.action_dispatch.show_exceptions = :rescuable # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false @@ -35,6 +34,8 @@ # Store uploaded files on the local file system in a temporary directory. config.active_storage.service = :test + # Disable caching for Action Mailer templates even if Action Controller + # caching is enabled. config.action_mailer.perform_caching = false # Tell Action Mailer not to deliver emails to the real world. @@ -42,6 +43,10 @@ # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test + # Unlike controllers, the mailer instance doesn't have any context about the + # incoming request so you'll need to provide the :host parameter yourself. + config.action_mailer.default_url_options = { host: 'www.example.com' } + # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr @@ -56,4 +61,7 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true + + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = false end diff --git a/config/initializers/assets.rb b/config/initializers/assets.rb index 4b828e80c..91d066379 100644 --- a/config/initializers/assets.rb +++ b/config/initializers/assets.rb @@ -5,10 +5,8 @@ # Add additional assets to the asset load path. # Rails.application.config.assets.paths << Emoji.images_path -# Add Yarn node_modules folder to the asset load path. -Rails.application.config.assets.paths << Rails.root.join('node_modules') # Precompile additional assets. # application.js, application.css, and all non-JS/CSS in the app/assets # folder are already added. -# Rails.application.config.assets.precompile += %w( admin.js admin.css ) +# Rails.application.config.assets.precompile += %w[ admin.js admin.css ] diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index 35d0f26fc..b3076b38f 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -1,30 +1,25 @@ # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy -# For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header -# Rails.application.config.content_security_policy do |policy| -# policy.default_src :self, :https -# policy.font_src :self, :https, :data -# policy.img_src :self, :https, :data -# policy.object_src :none -# policy.script_src :self, :https -# policy.style_src :self, :https -# # If you are using webpack-dev-server then specify webpack-dev-server host -# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development? - -# # Specify URI for violation reports -# # policy.report_uri "/csp-violation-report-endpoint" +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap, inline scripts, and inline styles. +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src style-src) +# +# # Report violations without enforcing the policy. +# # config.content_security_policy_report_only = true # end - -# If you are using UJS then enable automatic nonce generation -# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) } - -# Set the nonce only to specific directives -# Rails.application.config.content_security_policy_nonce_directives = %w(script-src) - -# Report CSP violations to a specified URI -# For further information see the following documentation: -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only -# Rails.application.config.content_security_policy_report_only = true diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 3e6969490..58277c14b 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -1,6 +1,8 @@ # Be sure to restart your server when you modify this file. -# Configure sensitive parameters which will be filtered from the log file. +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += %i[ - passw secret token _key crypt salt certificate otp ssn + passw email secret token _key crypt salt certificate otp ssn ] diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb index ac033bf9d..3860f659e 100644 --- a/config/initializers/inflections.rb +++ b/config/initializers/inflections.rb @@ -4,13 +4,13 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end # These inflection rules are supported but not enabled by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.acronym 'RESTful' +# inflect.acronym "RESTful" # end diff --git a/config/initializers/new_framework_defaults_7_0.rb b/config/initializers/new_framework_defaults_7_0.rb new file mode 100644 index 000000000..a579326e2 --- /dev/null +++ b/config/initializers/new_framework_defaults_7_0.rb @@ -0,0 +1,117 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +# `button_to` view helper will render `