Revert "AO3-6686 AO3-6687 Update configs to Rails 7.0 defaults" (#4924)

Revert "AO3-6686 AO3-6687 Update configs to Rails 7.0 defaults (#4860)"

This reverts commit 6ffe102.

app/controllers/pseuds_controller.rb

@@ -91,7 +91,7 @@ def create
           # if setting this one as default, unset the attribute of the current default pseud
           old_default.update_attribute(:is_default, false)
         end
-        redirect_to polymorphic_path([@user, @pseud])
+        redirect_to([@user, @pseud])
       else
         render action: "new"
       end

config/application.rb

@@ -17,7 +17,7 @@ class Application < Rails::Application
     # These settings can be overridden in specific environments using the files
     # in config/environments, which are processed later.
 
-    config.load_defaults 7.0
+    config.load_defaults 6.1
 
     # TODO: Remove in Rails 7.1, where it's false by default.
     config.add_autoload_paths_to_load_path = false

config/initializers/cookie_rotator.rb

@@ -0,0 +1,24 @@
+# frozen_string_literal: true
+
+# As part of the Rails 7 upgrade, we need to convert legacy (SHA1) cookies to SHA256.
+# This can be removed after it has been in production for a little bit.
+# Ref: https://guides.rubyonrails.org/upgrading_ruby_on_rails.html#key-generator-digest-class-change-requires-a-cookie-rotator
+Rails.application.config.after_initialize do
+  Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
+    authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
+    signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt
+
+    secret_key_base = Rails.application.secret_key_base
+
+    key_generator = ActiveSupport::KeyGenerator.new(
+      secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
+    )
+    key_len = ActiveSupport::MessageEncryptor.key_len
+
+    old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len)
+    old_signed_secret = key_generator.generate_key(signed_cookie_salt)
+
+    cookies.rotate :encrypted, old_encrypted_secret
+    cookies.rotate :signed, old_signed_secret
+  end
+end

config/initializers/new_framework_defaults_7_0.rb

@@ -0,0 +1,110 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file eases your Rails 7.0 framework defaults upgrade.
+#
+# Uncomment each configuration one by one to switch to the new default.
+# Once your application is ready to run with all new defaults, you can remove
+# this file and set the `config.load_defaults` to `7.0`.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html
+
+# `button_to` view helper will render `<button>` element, regardless of whether
+# or not the content is passed as the first argument or as a block.
+# Rails.application.config.action_view.button_to_generates_button_tag = true
+
+# `stylesheet_link_tag` view helper will not render the media attribute by default.
+Rails.application.config.action_view.apply_stylesheet_media_default = false
+
+# Change the digest class for the key generators to `OpenSSL::Digest::SHA256`.
+# Changing this default means invalidate all encrypted messages generated by
+# your application and, all the encrypted cookies. Only change this after you
+# rotated all the messages using the key rotator.
+#
+# See upgrading guide for more information on how to build a rotator.
+# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html
+# Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256
+
+# Change the digest class for ActiveSupport::Digest.
+# Changing this default means that for example Etags change and
+# various cache keys leading to cache invalidation.
+Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256
+
+# Don't override ActiveSupport::TimeWithZone.name and use the default Ruby
+# implementation.
+Rails.application.config.active_support.remove_deprecated_time_with_zone_name = true
+
+# Calls `Rails.application.executor.wrap` around test cases.
+# This makes test cases behave closer to an actual request or job.
+# Several features that are normally disabled in test, such as Active Record query cache
+# and asynchronous queries will then be enabled.
+Rails.application.config.active_support.executor_around_test_case = true
+
+# Set both the `:open_timeout` and `:read_timeout` values for `:smtp` delivery method.
+Rails.application.config.action_mailer.smtp_timeout = 5
+
+# The ActiveStorage video previewer will now use scene change detection to generate
+# better preview images (rather than the previous default of using the first frame
+# of the video).
+Rails.application.config.active_storage.video_preview_arguments = "-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2"
+
+# Automatically infer `inverse_of` for associations with a scope.
+Rails.application.config.active_record.automatic_scope_inversing = true
+
+# Raise when running tests if fixtures contained foreign key violations
+Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true
+
+# Disable partial inserts.
+# This default means that all columns will be referenced in INSERT queries
+# regardless of whether they have a default or not.
+Rails.application.config.active_record.partial_inserts = false
+
+# Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`.
+# Rails.application.config.action_controller.raise_on_open_redirects = true
+
+# Change the variant processor for Active Storage.
+# Changing this default means updating all places in your code that
+# generate variants to use image processing macros and ruby-vips
+# operations. See the upgrading guide for detail on the changes required.
+# The `:mini_magick` option is not deprecated; it's fine to keep using it.
+Rails.application.config.active_storage.variant_processor = :vips
+
+# Enable parameter wrapping for JSON.
+# Previously this was set in an initializer. It's fine to keep using that initializer if you've customized it.
+# To disable parameter wrapping entirely, set this config to `false`.
+Rails.application.config.action_controller.wrap_parameters_by_default = true
+
+# Specifies whether generated namespaced UUIDs follow the RFC 4122 standard for namespace IDs provided as a
+# `String` to `Digest::UUID.uuid_v3` or `Digest::UUID.uuid_v5` method calls.
+#
+# See https://guides.rubyonrails.org/configuring.html#config-active-support-use-rfc4122-namespaced-uuids for
+# more information.
+Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true
+
+# ** Please read carefully, this must be configured in config/application.rb **
+# Change the format of the cache entry.
+# Changing this default means that all new cache entries added to the cache
+# will have a different format that is not supported by Rails 6.1 applications.
+# Only change this value after your application is fully deployed to Rails 7.0
+# and you have no plans to rollback.
+# When you're ready to change format, add this to `config/application.rb` (NOT this file):
+#  config.active_support.cache_format_version = 7.0
+
+# Cookie serializer: 2 options
+#
+# If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer
+# is `:marshal`. The default for new apps is `:json`.
+#
+# Rails.application.config.action_dispatch.cookies_serializer = :json
+#
+#
+# NOTE: as of https://github.com/otwcode/otwarchive/pull/4651, we are using :hybrid, which is the first step to migrate.
+# After some time, we can update to use :json instead.
+
+# Change the return value of `ActionDispatch::Request#content_type` to the Content-Type header without modification.
+Rails.application.config.action_dispatch.return_only_request_media_type_on_content_type = false
+
+# Active Storage `has_many_attached` relationships will default to replacing the current collection instead of appending to it.
+# Thus, to support submitting an empty collection, the `file_field` helper will render an hidden field `include_hidden` by default when `multiple_file_field_include_hidden` is set to `true`.
+# See https://guides.rubyonrails.org/configuring.html#config-active-storage-multiple-file-field-include-hidden for more information.
+Rails.application.config.active_storage.multiple_file_field_include_hidden = true

features/collections/collection_participants.feature

@@ -18,9 +18,9 @@
     And I press "Submit"
   Then I should see "New members invited: sam"
   When I select "Owner" from "sam_role"
-     And I submit with the 4th button
+     And I submit with the 5th button
   Then I should see "Updated sam."
-  When I click the 2nd button
+  When I submit with the 6th button
   Then I should see "Removed sam from collection."
 
   Scenario: Owner can't invite a nonexistent user to the collection
@@ -60,7 +60,7 @@
     And I press "Submit"
   Then I should see "New members invited: sam"
   When I select "Invited" from "sam_role"
-    And I submit with the 4th button
+    And I submit with the 5th button
   Then I should see "Updated sam."
   When I am in sam's browser
     And I follow "Join"

features/other_a/pseud_delete.feature

@@ -186,7 +186,7 @@ Feature: Delete pseud.
       And I press "Submit"
     Then I should see "New members invited: other_pseud (myself)"
     When I select "Moderator" from "myself_role"
-      And I submit with the 4th button
+      And I submit with the 5th button
     Then I should see "Updated other_pseud."
     When I go to the collections page
     Then I should see "My Collection Thing"

features/step_definitions/generic_steps.rb

@@ -213,16 +213,10 @@ def assure_xpath_not_present(tag, attribute, value, selector)
 # "I submit with the 2nd button", but in those cases you probably want to make sure that
 # the different forms have different button text anyway, and submit them using
 # When I press "Button Text"
-When /^I submit with the (\d+)(?:st|nd|rd|th) button$/ do |index| # rubocop:disable Cucumber/RegexStepName
+When /^I submit with the (\d+)(?:st|nd|rd|th) button$/ do |index|
   page.all("input[type='submit']")[(index.to_i - 1)].click
 end
 
-# This is for buttons generated with the button_to helper method. They use a different HTML element,
-# <button> instead of <input type="submit">.
-When /^I click the (\d+)(?:st|nd|rd|th) button$/ do |index| # rubocop:disable Cucumber/RegexStepName
-  page.all("button")[index.to_i - 1].click
-end
-
 # This will submit the first submit button inside a <p class="submit"> by default
 # That wrapping paragraph tag will be generated automatically if you use
 # the submit_button or submit_fieldset helpers in application_helper.rb

lib/skin_wizard.rb

@@ -20,10 +20,8 @@ def header_styles(color)
         #header .user a:focus,
         #dashboard a:hover,
         .actions a:hover,
-        .actions button:hover,
         .actions input:hover,
         .actions a:focus,
-        .actions button:focus,
         .actions input:focus,
         label.action:hover,
         .action:hover,

public/stylesheets/masters/low_vision_default/low_vision_default_site_screen_.css

@@ -49,9 +49,6 @@ media .listbox {
 .actions input,
 .actions input:hover,
 .actions input:focus,
-.actions button,
-.actions button:hover,
-.actions button:focus,
 .flash,
 fieldset,
 #header ul.primary li.search,

public/stylesheets/masters/reversi/reversi_site_screen_.css

@@ -184,7 +184,6 @@ a.tag:hover,
 #header p,
 #dashboard a:hover,
 .actions a:hover,
-.actions button:hover,
 .actions input:hover,
 .delete a,
 span.delete,
@@ -257,7 +256,6 @@ span.series .divider {
 .actions a:link,
 .action,
 .action:link,
-.actions button,
 .actions input,
 input[type="submit"],
 button,
@@ -272,11 +270,9 @@ button,
 }
 
 .actions a:hover,
-.actions button:hover,
 .actions input:hover,
 #dashboard a:hover,
 .actions a:focus,
-.actions button:focus,
 .actions input:focus,
 #dashboard a:focus,
 .actions .disabled select {

public/stylesheets/masters/snow/snow_site_screen_.css

@@ -5,7 +5,6 @@ col.name,
 fieldset fieldset,
 fieldset dl dl,
 form blockquote.userstuff,
-button:focus,
 input:focus,
 select:focus,
 textarea:focus,

public/stylesheets/masters/snow_blue/snow_blue_site_screen_.css

@@ -16,7 +16,6 @@ a.tag:hover {
 #header p,
 #dashboard a:hover,
 .actions a:hover,
-.actions button:hover,
 .actions input:hover,
 .delete a,
 span.delete,

public/stylesheets/site/2.0/08-actions.css

@@ -20,7 +20,7 @@ ul.actions {
   padding-top: 0;
 }
 
-.actions a, .actions a:link, .action, .action:link, .actions button, .actions input, input[type="submit"], button, .current, .actions label {
+.actions a, .actions a:link, .action, .action:link, .actions input, input[type="submit"], button, .current, .actions label {
   background: #eee;
   color: #444;
   width: auto;
@@ -87,7 +87,7 @@ ol.pagination, div.pagination, ol.year {
   color: #111;
 }
 
-.actions a:hover, .actions button:hover, .actions input:hover, .actions a:focus, .actions button:focus, .actions input:focus, label.action:hover, .action:hover, .action:focus {
+.actions a:hover, .actions input:hover, .actions a:focus, .actions input:focus, label.action:hover, .action:hover, .action:focus {
   color: #900;
   border-top: 1px solid #999;
   border-left: 1px solid #999;
@@ -111,7 +111,7 @@ ol.pagination, div.pagination, ol.year {
    border-color: #aaa;
  }
 
-.actions li a, .actions li button, .actions li input, .actions li input[type="submit"], .actions li .current, .actions li label {
+.actions li a, .actions li input, .actions li input[type="submit"], .actions li .current, .actions li label {
   margin: 0.375em auto;
 }