diff --git a/.ruby-version b/.ruby-version index b347b11e..06eda28a 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -3.2.3 +3.2.3 \ No newline at end of file diff --git a/Makefile b/Makefile index e1e31385..01939932 100644 --- a/Makefile +++ b/Makefile @@ -13,6 +13,9 @@ stopNative: ## Stop the react native project build: ## Build the project docker compose build backend +shell: ## Open a shell in the backend container + docker compose run --rm backend /bin/bash --login + specs: ## Run the specs docker compose --profile dev run --rm backend rspec spec spec diff --git a/README.md b/README.md index 6157c733..99c705d1 100644 --- a/README.md +++ b/README.md @@ -13,7 +13,7 @@ Help would be appreciated! Please join us in [slack #flaredown](https://rubyforg * PostgreSQL 12.8 * MongoDB 4.4.9 * Redis 6.2.3 -* Ruby 3.1.3 +* Ruby 3.2.3 * Node 12.22.6 ## Installation diff --git a/backend/Dockerfile b/backend/Dockerfile index 2941591a..276ca765 100644 --- a/backend/Dockerfile +++ b/backend/Dockerfile @@ -1,4 +1,4 @@ -FROM ruby:3.1.3 +FROM ruby:3.2.3 # set working directory WORKDIR /app diff --git a/backend/Gemfile b/backend/Gemfile index 95ef82e6..310e6ee5 100644 --- a/backend/Gemfile +++ b/backend/Gemfile @@ -1,19 +1,20 @@ source "https://rubygems.org" -ruby file: ".ruby-version" +ruby "3.2.3" # Configuration management. keep on top of Gemfile gem "dotenv-rails", groups: %i[development test] # Bundle edge Rails instead: gem 'rails', github: 'rails/rails' -gem "rails", "~> 6.1.7.7" +gem "rails", "7.0.1" + gem "rake" # JSON serializer gem "active_model_serializers", "0.9.8" # Use postgresql and mongo as the database for Active Record -gem "mongoid", "7.3.3" +gem "mongoid", "8.1.1" gem "pg" # Use Puma as the app server @@ -22,10 +23,10 @@ gem "puma", "5.6.8" # Authentication libraries gem "cancancan", "~> 3.5.0" gem "cancancan-mongoid", "2.0.0" -gem "devise", "4.8.0" +gem "devise", "4.9.2" gem "devise_invitable", "2.0.9" gem "omniauth", "1.8.1" -gem "omniauth-facebook", "3.0.0" +gem "omniauth-facebook", "9.0.0" # Colored output to console gem "colored" @@ -65,7 +66,6 @@ gem "simplecov", require: false, group: :test group :development, :test do # Call 'byebug' anywhere in the code to stop execution and get a debugger console - gem "bullet" gem "byebug" gem "database_cleaner" gem "database_cleaner-mongoid" diff --git a/backend/Gemfile.lock b/backend/Gemfile.lock index 018d4ad6..6884363e 100644 --- a/backend/Gemfile.lock +++ b/backend/Gemfile.lock @@ -1,40 +1,47 @@ GEM remote: https://rubygems.org/ specs: - actioncable (6.1.7.7) - actionpack (= 6.1.7.7) - activesupport (= 6.1.7.7) + actioncable (7.0.1) + actionpack (= 7.0.1) + activesupport (= 7.0.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (6.1.7.7) - actionpack (= 6.1.7.7) - activejob (= 6.1.7.7) - activerecord (= 6.1.7.7) - activestorage (= 6.1.7.7) - activesupport (= 6.1.7.7) + actionmailbox (7.0.1) + actionpack (= 7.0.1) + activejob (= 7.0.1) + activerecord (= 7.0.1) + activestorage (= 7.0.1) + activesupport (= 7.0.1) mail (>= 2.7.1) - actionmailer (6.1.7.7) - actionpack (= 6.1.7.7) - actionview (= 6.1.7.7) - activejob (= 6.1.7.7) - activesupport (= 6.1.7.7) + net-imap + net-pop + net-smtp + actionmailer (7.0.1) + actionpack (= 7.0.1) + actionview (= 7.0.1) + activejob (= 7.0.1) + activesupport (= 7.0.1) mail (~> 2.5, >= 2.5.4) + net-imap + net-pop + net-smtp rails-dom-testing (~> 2.0) - actionpack (6.1.7.7) - actionview (= 6.1.7.7) - activesupport (= 6.1.7.7) - rack (~> 2.0, >= 2.0.9) + actionpack (7.0.1) + actionview (= 7.0.1) + activesupport (= 7.0.1) + rack (~> 2.0, >= 2.2.0) rack-test (>= 0.6.3) rails-dom-testing (~> 2.0) rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (6.1.7.7) - actionpack (= 6.1.7.7) - activerecord (= 6.1.7.7) - activestorage (= 6.1.7.7) - activesupport (= 6.1.7.7) + actiontext (7.0.1) + actionpack (= 7.0.1) + activerecord (= 7.0.1) + activestorage (= 7.0.1) + activesupport (= 7.0.1) + globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (6.1.7.7) - activesupport (= 6.1.7.7) + actionview (7.0.1) + activesupport (= 7.0.1) builder (~> 3.1) erubi (~> 1.4) rails-dom-testing (~> 2.0) @@ -42,27 +49,26 @@ GEM active_model_serializers (0.9.8) activemodel (>= 3.2) concurrent-ruby (~> 1.0) - activejob (6.1.7.7) - activesupport (= 6.1.7.7) + activejob (7.0.1) + activesupport (= 7.0.1) globalid (>= 0.3.6) - activemodel (6.1.7.7) - activesupport (= 6.1.7.7) - activerecord (6.1.7.7) - activemodel (= 6.1.7.7) - activesupport (= 6.1.7.7) - activestorage (6.1.7.7) - actionpack (= 6.1.7.7) - activejob (= 6.1.7.7) - activerecord (= 6.1.7.7) - activesupport (= 6.1.7.7) + activemodel (7.0.1) + activesupport (= 7.0.1) + activerecord (7.0.1) + activemodel (= 7.0.1) + activesupport (= 7.0.1) + activestorage (7.0.1) + actionpack (= 7.0.1) + activejob (= 7.0.1) + activerecord (= 7.0.1) + activesupport (= 7.0.1) marcel (~> 1.0) mini_mime (>= 1.1.0) - activesupport (6.1.7.7) + activesupport (7.0.1) concurrent-ruby (~> 1.0, >= 1.0.2) i18n (>= 1.6, < 2) minitest (>= 5.1) tzinfo (~> 2.0) - zeitwerk (~> 2.3) addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) andand (1.3.3) @@ -71,6 +77,7 @@ GEM rake (>= 10.4, < 14.0) ast (2.4.2) awesome_print (1.9.2) + base64 (0.2.0) bcrypt (3.1.20) better_errors (2.10.1) erubi (>= 1.0.0) @@ -86,13 +93,10 @@ GEM bigdecimal (3.1.7) brakeman (6.1.2) racc - bson (4.15.0) - bugsnag (6.26.0) + bson (5.0.0) + bugsnag (6.26.4) concurrent-ruby (~> 1.0) builder (3.2.4) - bullet (7.1.6) - activesupport (>= 3.0.0) - uniform_notifier (~> 1.11) byebug (11.1.3) cancancan (3.5.0) cancancan-mongoid (2.0.0) @@ -106,15 +110,15 @@ GEM rack-test (>= 0.6.3) regexp_parser (>= 1.5, < 3.0) xpath (~> 3.2) + childprocess (5.0.0) coderay (1.1.3) coercible (1.0.0) descendants_tracker (~> 0.0.1) colored (1.2) concurrent-ruby (1.2.3) connection_pool (2.4.1) - countries (4.0.1) - i18n_data (~> 0.13.0) - sixarm_ruby_unaccent (~> 1.1) + countries (6.0.0) + unaccent (~> 0.3) crack (1.0.0) bigdecimal rexml @@ -134,7 +138,7 @@ GEM date (3.3.4) descendants_tracker (0.0.4) thread_safe (~> 0.3, >= 0.3.1) - devise (4.8.0) + devise (4.9.2) bcrypt (~> 3.0) orm_adapter (~> 0.1) railties (>= 4.1.0) @@ -162,60 +166,46 @@ GEM factory_bot_rails (6.4.3) factory_bot (~> 6.4) railties (>= 5.0.0) - faraday (1.8.0) - faraday-em_http (~> 1.0) - faraday-em_synchrony (~> 1.0) - faraday-excon (~> 1.1) - faraday-httpclient (~> 1.0.1) - faraday-net_http (~> 1.0) - faraday-net_http_persistent (~> 1.1) - faraday-patron (~> 1.0) - faraday-rack (~> 1.0) - multipart-post (>= 1.2, < 3) - ruby2_keywords (>= 0.0.4) - faraday-em_http (1.0.0) - faraday-em_synchrony (1.0.0) - faraday-excon (1.1.0) - faraday-httpclient (1.0.1) - faraday-net_http (1.0.1) - faraday-net_http_persistent (1.2.0) - faraday-patron (1.0.0) - faraday-rack (1.0.0) + faraday (2.9.0) + faraday-net_http (>= 2.0, < 3.2) + faraday-net_http (3.1.0) + net-http ferrum (0.14) addressable (~> 2.5) concurrent-ruby (~> 1.1) webrick (~> 1.7) websocket-driver (>= 0.6, < 0.8) ffaker (2.23.0) - foreman (0.87.2) + foreman (0.88.1) geocoder (1.8.2) globalid (1.2.1) activesupport (>= 6.1) - globalize (6.0.1) - activemodel (>= 4.2, < 7.0) - activerecord (>= 4.2, < 7.0) + globalize (6.3.0) + activemodel (>= 4.2, < 7.2) + activerecord (>= 4.2, < 7.2) request_store (~> 1.0) hashdiff (1.1.0) hashie (3.5.7) httpclient (2.8.3) i18n (1.14.4) concurrent-ruby (~> 1.0) - i18n_data (0.13.0) - json (2.7.1) - jwt (2.3.0) - kaminari-actionview (1.2.1) + json (2.7.2) + jwt (2.8.1) + base64 + kaminari-actionview (1.2.2) actionview - kaminari-core (= 1.2.1) - kaminari-core (1.2.1) - kaminari-mongoid (1.0.1) + kaminari-core (= 1.2.2) + kaminari-core (1.2.2) + kaminari-mongoid (1.0.2) kaminari-core (~> 1.0) mongoid kdtree (0.4) language_server-protocol (3.17.0.3) - launchy (2.5.2) + launchy (3.0.0) addressable (~> 2.8) - letter_opener (1.9.0) - launchy (>= 2.2, < 3) + childprocess (~> 5.0) + letter_opener (1.10.0) + launchy (>= 2.2, < 4) lint_roller (1.1.0) loofah (2.22.0) crass (~> 1.0.2) @@ -227,15 +217,15 @@ GEM net-smtp marcel (1.0.4) matrix (0.4.2) - method_source (1.0.0) + method_source (1.1.0) mini_mime (1.1.5) - mini_portile2 (2.8.5) minitest (5.22.3) - mongo (2.19.3) - bson (>= 4.14.1, < 5.0.0) - mongoid (7.3.3) - activemodel (>= 5.1, < 6.2) - mongo (>= 2.10.5, < 3.0.0) + mongo (2.20.0) + bson (>= 4.14.1, < 6.0.0) + mongoid (8.1.1) + activemodel (>= 5.1, < 7.1, != 7.0.0) + concurrent-ruby (>= 1.0.5, < 2.0) + mongo (>= 2.18.0, < 3.0.0) ruby2_keywords (~> 0.0.5) mongoid-compatibility (0.6.0) activesupport @@ -249,11 +239,12 @@ GEM rspec-mocks (~> 3.3) multi_json (1.15.0) multi_xml (0.6.0) - multipart-post (2.1.1) nearest_time_zone (0.0.4) andand kdtree require_all + net-http (0.4.1) + uri net-imap (0.4.10) date net-protocol @@ -264,19 +255,28 @@ GEM net-smtp (0.5.0) net-protocol nio4r (2.7.1) - nokogiri (1.16.3) - mini_portile2 (~> 2.8.2) + nokogiri (1.16.4-aarch64-linux) racc (~> 1.4) - oauth2 (1.4.7) - faraday (>= 0.8, < 2.0) + nokogiri (1.16.4-arm-linux) + racc (~> 1.4) + nokogiri (1.16.4-arm64-darwin) + racc (~> 1.4) + nokogiri (1.16.4-x86-linux) + racc (~> 1.4) + nokogiri (1.16.4-x86_64-darwin) + racc (~> 1.4) + nokogiri (1.16.4-x86_64-linux) + racc (~> 1.4) + oauth2 (1.4.11) + faraday (>= 0.17.3, < 3.0) jwt (>= 1.0, < 3.0) multi_json (~> 1.3) multi_xml (~> 0.5) - rack (>= 1.2, < 3) + rack (>= 1.2, < 4) omniauth (1.8.1) hashie (>= 3.4.6, < 3.6.0) rack (>= 1.6.2, < 3) - omniauth-facebook (3.0.0) + omniauth-facebook (9.0.0) omniauth-oauth2 (~> 1.2) omniauth-oauth2 (1.5.0) oauth2 (~> 1.1) @@ -298,10 +298,10 @@ GEM yard (~> 0.9.11) pry-rails (0.3.9) pry (>= 0.10.4) - public_suffix (5.0.4) + public_suffix (5.0.5) puma (5.6.8) nio4r (~> 2.0) - pusher (2.0.2) + pusher (2.0.3) httpclient (~> 2.8) multi_json (~> 1.15) pusher-signature (~> 0.1.8) @@ -313,21 +313,20 @@ GEM rack-test (2.1.0) rack (>= 1.3) rack-timeout (0.6.3) - rails (6.1.7.7) - actioncable (= 6.1.7.7) - actionmailbox (= 6.1.7.7) - actionmailer (= 6.1.7.7) - actionpack (= 6.1.7.7) - actiontext (= 6.1.7.7) - actionview (= 6.1.7.7) - activejob (= 6.1.7.7) - activemodel (= 6.1.7.7) - activerecord (= 6.1.7.7) - activestorage (= 6.1.7.7) - activesupport (= 6.1.7.7) + rails (7.0.1) + actioncable (= 7.0.1) + actionmailbox (= 7.0.1) + actionmailer (= 7.0.1) + actionpack (= 7.0.1) + actiontext (= 7.0.1) + actionview (= 7.0.1) + activejob (= 7.0.1) + activemodel (= 7.0.1) + activerecord (= 7.0.1) + activestorage (= 7.0.1) + activesupport (= 7.0.1) bundler (>= 1.15.0) - railties (= 6.1.7.7) - sprockets-rails (>= 2.0.0) + railties (= 7.0.1) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest @@ -340,18 +339,19 @@ GEM rails_stdout_logging rails_serve_static_assets (0.0.5) rails_stdout_logging (0.0.5) - railties (6.1.7.7) - actionpack (= 6.1.7.7) - activesupport (= 6.1.7.7) + railties (7.0.1) + actionpack (= 7.0.1) + activesupport (= 7.0.1) method_source rake (>= 12.2) thor (~> 1.0) + zeitwerk (~> 2.5) rainbow (3.1.1) - rake (13.1.0) - redis-client (0.21.1) + rake (13.2.1) + redis-client (0.22.1) connection_pool regexp_parser (2.9.0) - request_store (1.5.0) + request_store (1.6.0) rack (>= 1.4) require_all (3.0.0) responders (3.1.1) @@ -409,15 +409,7 @@ GEM simplecov_json_formatter (~> 0.1) simplecov-html (0.12.3) simplecov_json_formatter (0.1.4) - sixarm_ruby_unaccent (1.2.0) smart_properties (1.17.0) - sprockets (4.2.1) - concurrent-ruby (~> 1.0) - rack (>= 2.2.4, < 4) - sprockets-rails (3.4.2) - actionpack (>= 5.2) - activesupport (>= 5.2) - sprockets (>= 3.0.0) standard (1.35.1) language_server-protocol (~> 3.17.0.2) lint_roller (~> 1.0) @@ -440,8 +432,9 @@ GEM tomorrowio_rb (0.0.3) tzinfo (2.0.6) concurrent-ruby (~> 1.0) + unaccent (0.4.0) unicode-display_width (2.5.0) - uniform_notifier (1.16.0) + uri (0.13.0) vcr (6.2.0) warden (1.2.9) rack (>= 2.0.9) @@ -459,7 +452,12 @@ GEM zeitwerk (2.6.13) PLATFORMS - ruby + aarch64-linux + arm-linux + arm64-darwin + x86-linux + x86_64-darwin + x86_64-linux DEPENDENCIES active_model_serializers (= 0.9.8) @@ -468,7 +466,6 @@ DEPENDENCIES better_errors brakeman bugsnag - bullet byebug cancancan (~> 3.5.0) cancancan-mongoid (= 2.0.0) @@ -478,7 +475,7 @@ DEPENDENCIES cuprite database_cleaner database_cleaner-mongoid - devise (= 4.8.0) + devise (= 4.9.2) devise_invitable (= 2.0.9) dotenv-rails erb_lint @@ -490,11 +487,11 @@ DEPENDENCIES kaminari-actionview kaminari-mongoid letter_opener - mongoid (= 7.3.3) + mongoid (= 8.1.1) mongoid-rspec nearest_time_zone omniauth (= 1.8.1) - omniauth-facebook (= 3.0.0) + omniauth-facebook (= 9.0.0) pg pry-byebug pry-doc @@ -503,7 +500,7 @@ DEPENDENCIES pusher rack-cors (= 2.0.1) rack-timeout - rails (~> 6.1.7.7) + rails (= 7.0.1) rails_12factor rake rspec-rails diff --git a/backend/app/models/application_record.rb b/backend/app/models/application_record.rb index 10a4cba8..b63caeb8 100644 --- a/backend/app/models/application_record.rb +++ b/backend/app/models/application_record.rb @@ -1,3 +1,3 @@ class ApplicationRecord < ActiveRecord::Base - self.abstract_class = true + primary_abstract_class end diff --git a/backend/app/serializers/api/v1/comment_serializer.rb b/backend/app/serializers/api/v1/comment_serializer.rb index d1c9f221..871d5561 100644 --- a/backend/app/serializers/api/v1/comment_serializer.rb +++ b/backend/app/serializers/api/v1/comment_serializer.rb @@ -1,8 +1,14 @@ module Api module V1 class CommentSerializer < ApplicationSerializer - include Concerns::Notificatable - include Concerns::ReactionRelatable + require_dependency "api/v1/concerns/notificatable" + require_dependency "api/v1/concerns/reaction_relatable" + # before rails 7, these didn't need require_dependency, + # and were included without explicit scoping + # in PostsSerializer ReactionRelatable isn't working but it seems to be working here + # or else is totally untested? TBD + include Api::V1::Concerns::Notificatable + include Api::V1::Concerns::ReactionRelatable attributes :post_id, :body, :user_name, :postable_id, :type diff --git a/backend/app/serializers/api/v1/post_serializer.rb b/backend/app/serializers/api/v1/post_serializer.rb index fc70ffce..3c2c0a8e 100644 --- a/backend/app/serializers/api/v1/post_serializer.rb +++ b/backend/app/serializers/api/v1/post_serializer.rb @@ -1,9 +1,15 @@ module Api module V1 class PostSerializer < ApplicationSerializer - include Concerns::Notificatable - include Concerns::TopicSerializable - include Concerns::ReactionRelatable + require_dependency "api/v1/concerns/notificatable" + include Api::V1::Concerns::Notificatable + # before rails 7, these additional concerns were included, + # but they don't seem to work anymore? TBD + + # require_dependency 'api/v1/concerns/topic_serializable' + # require_dependency 'api/v1/concerns/reaction_relatable' + # include Api::V1::Concerns::TopicSerializable + # include Api::V1::Concerns::ReactionRelatable attributes :id, :body, :title, :type, :user_name, :comments_count, :postable_id, :priority diff --git a/backend/bin/rails b/backend/bin/rails index fa9738b3..efc03774 100755 --- a/backend/bin/rails +++ b/backend/bin/rails @@ -1,9 +1,4 @@ #!/usr/bin/env ruby -if ENV["RAILS_ENV"] == "test" - require "simplecov" - SimpleCov.start "rails" - puts "required simplecov" -end -APP_PATH = File.expand_path("../../config/application", __FILE__) +APP_PATH = File.expand_path("../config/application", __dir__) require_relative "../config/boot" require "rails/commands" diff --git a/backend/bin/rspec b/backend/bin/rspec old mode 100755 new mode 100644 diff --git a/backend/bin/setup b/backend/bin/setup index d220dfa5..ec47b79b 100755 --- a/backend/bin/setup +++ b/backend/bin/setup @@ -1,30 +1,29 @@ #!/usr/bin/env ruby -require "pathname" require "fileutils" -include FileUtils # path to your application root. -APP_ROOT = Pathname.new File.expand_path("../../", __FILE__) +APP_ROOT = File.expand_path("..", __dir__) def system!(*args) system(*args) || abort("\n== Command #{args} failed ==") end -chdir APP_ROOT do - # This script is a starting point to setup your application. +FileUtils.chdir APP_ROOT do + # This script is a way to set up or update your development environment automatically. + # This script is idempotent, so that you can run it at any time and get an expectable outcome. # Add necessary setup steps to this file. puts "== Installing dependencies ==" system! "gem install bundler --conservative" - system("bundle check") or system!("bundle install") + system("bundle check") || system!("bundle install") # puts "\n== Copying sample files ==" - # unless File.exist?('config/database.yml') - # cp 'config/database.yml.sample', 'config/database.yml' + # unless File.exist?("config/database.yml") + # FileUtils.cp "config/database.yml.sample", "config/database.yml" # end puts "\n== Preparing database ==" - system! "bin/rails db:setup" + system! "bin/rails db:prepare" puts "\n== Removing old logs and tempfiles ==" system! "bin/rails log:clear tmp:clear" diff --git a/backend/config/application.rb b/backend/config/application.rb index 55c80691..48e71f31 100644 --- a/backend/config/application.rb +++ b/backend/config/application.rb @@ -1,17 +1,18 @@ -require File.expand_path("../boot", __FILE__) +require_relative "boot" require "rails" # Pick the frameworks you want: require "active_model/railtie" require "active_job/railtie" require "active_record/railtie" +# require "active_storage/engine" require "action_controller/railtie" require "action_mailer/railtie" +# require "action_mailbox/engine" +# require "action_text/engine" require "action_view/railtie" -require "sprockets/railtie" # require "action_cable/engine" -# require "sprockets/railtie" -# require "rails/test_unit/railtie" +require "rails/test_unit/railtie" # Require the gems listed in Gemfile, including any gems # you've limited to :test, :development, or :production. @@ -19,35 +20,21 @@ module Flaredown class Application < Rails::Application - # https://medium.com/@Nicholson85/handling-cors-issues-in-your-rails-api-120dfbcb8a24 - # fix CORS issues in staging? - config.middleware.insert_before 0, Rack::Cors do - allow do - origins "*" - resource "*", headers: :any, methods: [:get, :post, :put, :patch, :delete, :options, :head] - end - end - # Settings in config/environments/* take precedence over those specified here. - # Application configuration should go into files in config/initializers - # -- all .rb files in that directory are automatically loaded. + # Initialize configuration defaults for originally generated Rails version. + config.load_defaults 5.0 + config.autoload_paths << Rails.root.join("lib") config.autoload_paths << Rails.root.join("lib/*") config.autoload_paths << Rails.root.join("lib/**/*") config.autoload_paths << Rails.root.join("app/serializers/concerns") config.autoload_paths << Rails.root.join("app/serializers/api/v1/concerns") - # Only loads a smaller set of middleware suitable for API only apps. - # Middleware like session, flash, cookies can be added back manually. - # Skip views, helpers and assets when generating a new resource. - config.api_only = false - - config.generators.orm :active_record - - config.active_record.schema_format = :sql - - # Be sure to have the adapter's gem in your Gemfile - # and follow the adapter's specific installation - # and deployment instructions. - config.active_job.queue_adapter = :sidekiq + # Configuration for the application, engines, and railties goes here. + # + # These settings can be overridden in specific environments using the files + # in config/environments, which are processed later. + # + # config.time_zone = "Central Time (US & Canada)" + # config.eager_load_paths << Rails.root.join("extras") end end diff --git a/backend/config/boot.rb b/backend/config/boot.rb index fb24cf2e..28201161 100644 --- a/backend/config/boot.rb +++ b/backend/config/boot.rb @@ -1,3 +1,3 @@ -ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile", __FILE__) +ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) require "bundler/setup" # Set up gems listed in the Gemfile. diff --git a/backend/config/environment.rb b/backend/config/environment.rb index 17119856..cac53157 100644 --- a/backend/config/environment.rb +++ b/backend/config/environment.rb @@ -1,5 +1,5 @@ # Load the Rails application. -require File.expand_path("../application", __FILE__) +require_relative "application" # Initialize the Rails application. Rails.application.initialize! diff --git a/backend/config/environments/development.rb b/backend/config/environments/development.rb index 56b13c4e..87ec21eb 100644 --- a/backend/config/environments/development.rb +++ b/backend/config/environments/development.rb @@ -1,62 +1,65 @@ -Rails.application.configure do - config.after_initialize do - Bullet.enable = true - Bullet.alert = true - Bullet.bullet_logger = true - Bullet.console = true - # Bullet.growl = true - Bullet.rails_logger = true - Bullet.add_footer = true - end +require "active_support/core_ext/integer/time" +Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # In the development environment your application's code is reloaded on - # every request. This slows down response time but is perfect for development + # In the development environment your application's code is reloaded any time + # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. config.cache_classes = false # Do not eager load code on boot. config.eager_load = false - # Show full error reports and disable caching. + # Show full error reports. config.consider_all_requests_local = true - config.action_controller.perform_caching = false + + # Enable server timing + config.server_timing = true + + # Enable/disable caching. By default caching is disabled. + # Run rails dev:cache to toggle caching. + if Rails.root.join("tmp/caching-dev.txt").exist? + config.action_controller.perform_caching = true + config.action_controller.enable_fragment_cache_logging = true + + config.cache_store = :memory_store + config.public_file_server.headers = { + "Cache-Control" => "public, max-age=#{2.days.to_i}" + } + else + config.action_controller.perform_caching = false + + config.cache_store = :null_store + end # Don't care if the mailer can't send. config.action_mailer.raise_delivery_errors = false + config.action_mailer.perform_caching = false + # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load - # Debug mode disables concatenation and preprocessing of assets. - # This option may cause significant delays in view rendering with a large - # number of complex assets. - config.assets.debug = true - - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true + # Highlight code that triggered database queries in logs. + config.active_record.verbose_query_logs = true - # Adds additional error checking when serving assets at runtime. - # Checks for improperly declared sprockets dependencies. - # Raises helpful error messages. - config.assets.raise_runtime_errors = true - # Raises error for missing translations - # config.action_view.raise_on_missing_translations = true + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true - # Delivery with letter opener - config.action_mailer.delivery_method = :letter_opener + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true - config.after_initialize do - Bullet.enable = true - Bullet.alert = true - Bullet.bullet_logger = true - Bullet.console = true - Bullet.rails_logger = true - end + # Uncomment if you wish to allow Action Cable access from any origin. + # config.action_cable.disable_request_forgery_protection = true end diff --git a/backend/config/environments/production.rb b/backend/config/environments/production.rb index 45a9cc0c..326f22af 100644 --- a/backend/config/environments/production.rb +++ b/backend/config/environments/production.rb @@ -1,3 +1,5 @@ +require "active_support/core_ext/integer/time" + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. @@ -11,56 +13,42 @@ config.eager_load = true # Full error reports are disabled and caching is turned on. - config.consider_all_requests_local = false + config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Enable Rack::Cache to put a simple HTTP cache in front of your application - # Add `rack-cache` to your Gemfile before enabling this. - # For large-scale production use, consider using a caching reverse proxy like - # NGINX, varnish or squid. - # config.action_dispatch.rack_cache = true + # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] + # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # config.require_master_key = true # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? - # config.serve_static_files = ENV['RAILS_SERVE_STATIC_FILES'].present? - - # Compress JavaScripts and CSS. - # config.assets.js_compressor = :uglifier - # config.assets.css_compressor = :sass - - # Do not fallback to assets pipeline if a precompiled asset is missed. - config.assets.compile = false - - # Asset digests allow you to set far-future HTTP expiration dates on all assets, - # yet still be able to expire them through the digest params. - config.assets.digest = true - - # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb + # Enable serving of images, stylesheets, and JavaScripts from an asset server. + # config.asset_host = "http://assets.example.com" # Specifies the header that your server uses for sending files. - # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache - # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX + # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for Apache + # config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - config.force_ssl = true + # config.force_ssl = true - # Use the lowest log level to ensure availability of diagnostic information - # when problems arise. - config.log_level = :debug + # Include generic and useful information about system operation, but avoid logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). + config.log_level = :info # Prepend all log lines with the following tags. - # config.log_tags = [ :subdomain, :uuid ] - - # Use a different logger for distributed setups. - # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new) + config.log_tags = [ :request_id ] # Use a different cache store in production. # config.cache_store = :mem_cache_store - # Enable serving of images, stylesheets, and JavaScripts from an asset server. - # config.action_controller.asset_host = 'http://assets.example.com' + # Use a real queuing backend for Active Job (and separate queues per environment). + # config.active_job.queue_adapter = :resque + # config.active_job.queue_name_prefix = "flaredown_production" + + config.action_mailer.perform_caching = false # Ignore bad email addresses and do not raise email delivery errors. # Set this to true and configure the email server for immediate delivery to raise delivery errors. @@ -70,12 +58,22 @@ # the I18n.default_locale when a translation cannot be found). config.i18n.fallbacks = true - # Send deprecation notices to registered listeners. - config.active_support.deprecation = :notify + # Don't log any deprecations. + config.active_support.report_deprecations = false # Use default logging formatter so that PID and timestamp are not suppressed. config.log_formatter = ::Logger::Formatter.new + # Use a different logger for distributed setups. + # require "syslog/logger" + # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") + + if ENV["RAILS_LOG_TO_STDOUT"].present? + logger = ActiveSupport::Logger.new(STDOUT) + logger.formatter = config.log_formatter + config.logger = ActiveSupport::TaggedLogging.new(logger) + end + # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false end diff --git a/backend/config/environments/test.rb b/backend/config/environments/test.rb index f2d57420..e57c0364 100644 --- a/backend/config/environments/test.rb +++ b/backend/config/environments/test.rb @@ -1,24 +1,31 @@ +require "active_support/core_ext/integer/time" + +# The test environment is used exclusively to run your application's +# test suite. You never need to work with it otherwise. Remember that +# your test database is "scratch space" for the test suite and is wiped +# and recreated between test runs. Don't rely on the data there! + Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # The test environment is used exclusively to run your application's - # test suite. You never need to work with it otherwise. Remember that - # your test database is "scratch space" for the test suite and is wiped - # and recreated between test runs. Don't rely on the data there! + # Turn false under Spring and add config.action_view.cache_template_loading = true. config.cache_classes = true - # Do not eager load code on boot. This avoids loading your whole application - # just for the purpose of running a single test. If you are using a tool that - # preloads Rails for running tests, you may have to set it to true. - config.eager_load = false + # Eager loading loads your whole application. When running a single test locally, + # this probably isn't necessary. It's a good idea to do in a continuous integration + # system, or in some way before deploying your code. + config.eager_load = ENV["CI"].present? - # Configure static file server for tests with Cache-Control for performance. + # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true - config.public_file_server.headers = {"Cache-Control" => "public, max-age=3600"} + config.public_file_server.headers = { + "Cache-Control" => "public, max-age=#{1.hour.to_i}" + } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false + config.cache_store = :null_store # Raise exceptions instead of rendering exception templates. config.action_dispatch.show_exceptions = false @@ -26,23 +33,25 @@ # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false + config.action_mailer.perform_caching = false + # Tell Action Mailer not to deliver emails to the real world. # The :test delivery method accumulates sent emails in the # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # Randomize the order test cases are executed. - config.active_support.test_order = :random - # Print deprecation notices to the stderr. config.active_support.deprecation = :stderr - # Raises error for missing translations - # config.action_view.raise_on_missing_translations = true + # Raise exceptions for disallowed deprecations. + config.active_support.disallowed_deprecation = :raise + + # Tell Active Support which deprecation messages to disallow. + config.active_support.disallowed_deprecation_warnings = [] + + # Raises error for missing translations. + # config.i18n.raise_on_missing_translations = true - config.after_initialize do - Bullet.enable = true - Bullet.bullet_logger = true - Bullet.raise = true # raise an error if n+1 query occurs - end + # Annotate rendered view with file names. + # config.action_view.annotate_rendered_view_with_filenames = true end diff --git a/backend/config/initializers/content_security_policy.rb b/backend/config/initializers/content_security_policy.rb new file mode 100644 index 00000000..3621f97f --- /dev/null +++ b/backend/config/initializers/content_security_policy.rb @@ -0,0 +1,26 @@ +# Be sure to restart your server when you modify this file. + +# Define an application-wide content security policy +# For further information see the following documentation +# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy + +# Rails.application.configure do +# config.content_security_policy do |policy| +# policy.default_src :self, :https +# policy.font_src :self, :https, :data +# policy.img_src :self, :https, :data +# policy.object_src :none +# policy.script_src :self, :https +# policy.style_src :self, :https +# # Specify URI for violation reports +# # policy.report_uri "/csp-violation-report-endpoint" +# end +# +# # Generate session nonces for permitted importmap and inline scripts +# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } +# config.content_security_policy_nonce_directives = %w(script-src) +# +# # Report CSP violations to a specified URI. See: +# # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only +# # config.content_security_policy_report_only = true +# end diff --git a/backend/config/initializers/filter_parameter_logging.rb b/backend/config/initializers/filter_parameter_logging.rb index 4a994e1e..4b34a036 100644 --- a/backend/config/initializers/filter_parameter_logging.rb +++ b/backend/config/initializers/filter_parameter_logging.rb @@ -1,4 +1,6 @@ # Be sure to restart your server when you modify this file. # Configure sensitive parameters which will be filtered from the log file. -Rails.application.config.filter_parameters += [:password] +Rails.application.config.filter_parameters += [ + :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn +] diff --git a/backend/config/initializers/inflections.rb b/backend/config/initializers/inflections.rb index ac033bf9..3860f659 100644 --- a/backend/config/initializers/inflections.rb +++ b/backend/config/initializers/inflections.rb @@ -4,13 +4,13 @@ # are locale specific, and you may define rules for as many different # locales as you wish. All of these examples are active by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.plural /^(ox)$/i, '\1en' -# inflect.singular /^(ox)en/i, '\1' -# inflect.irregular 'person', 'people' +# inflect.plural /^(ox)$/i, "\\1en" +# inflect.singular /^(ox)en/i, "\\1" +# inflect.irregular "person", "people" # inflect.uncountable %w( fish sheep ) # end # These inflection rules are supported but not enabled by default: # ActiveSupport::Inflector.inflections(:en) do |inflect| -# inflect.acronym 'RESTful' +# inflect.acronym "RESTful" # end diff --git a/backend/config/initializers/new_framework_defaults_7_0.rb b/backend/config/initializers/new_framework_defaults_7_0.rb new file mode 100644 index 00000000..a579326e --- /dev/null +++ b/backend/config/initializers/new_framework_defaults_7_0.rb @@ -0,0 +1,117 @@ +# Be sure to restart your server when you modify this file. +# +# This file eases your Rails 7.0 framework defaults upgrade. +# +# Uncomment each configuration one by one to switch to the new default. +# Once your application is ready to run with all new defaults, you can remove +# this file and set the `config.load_defaults` to `7.0`. +# +# Read the Guide for Upgrading Ruby on Rails for more info on each option. +# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html + +# `button_to` view helper will render `