diff --git a/Gemfile b/Gemfile index b803586d23..df98d885db 100644 --- a/Gemfile +++ b/Gemfile @@ -3,7 +3,7 @@ source "https://rubygems.org" ruby "3.2.2" -gem "rails", "7.1.3.4" +gem "rails", "7.2.1" gem "after_party" # post-deployment tasks gem "amazing_print" # easier console reading diff --git a/Gemfile.lock b/Gemfile.lock index 334d9c7890..92b2c3dd85 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,84 +1,80 @@ GEM remote: https://rubygems.org/ specs: - actioncable (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) + actioncable (7.2.1) + actionpack (= 7.2.1) + activesupport (= 7.2.1) nio4r (~> 2.0) websocket-driver (>= 0.6.1) zeitwerk (~> 2.6) - actionmailbox (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (>= 2.7.1) - net-imap - net-pop - net-smtp - actionmailer (7.1.3.4) - actionpack (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activesupport (= 7.1.3.4) - mail (~> 2.5, >= 2.5.4) - net-imap - net-pop - net-smtp + actionmailbox (7.2.1) + actionpack (= 7.2.1) + activejob (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) + mail (>= 2.8.0) + actionmailer (7.2.1) + actionpack (= 7.2.1) + actionview (= 7.2.1) + activejob (= 7.2.1) + activesupport (= 7.2.1) + mail (>= 2.8.0) rails-dom-testing (~> 2.2) - actionpack (7.1.3.4) - actionview (= 7.1.3.4) - activesupport (= 7.1.3.4) + actionpack (7.2.1) + actionview (= 7.2.1) + activesupport (= 7.2.1) nokogiri (>= 1.8.5) racc - rack (>= 2.2.4) + rack (>= 2.2.4, < 3.2) rack-session (>= 1.0.1) rack-test (>= 0.6.3) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - actiontext (7.1.3.4) - actionpack (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + useragent (~> 0.16) + actiontext (7.2.1) + actionpack (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.1.3.4) - activesupport (= 7.1.3.4) + actionview (7.2.1) + activesupport (= 7.2.1) builder (~> 3.1) erubi (~> 1.11) rails-dom-testing (~> 2.2) rails-html-sanitizer (~> 1.6) - activejob (7.1.3.4) - activesupport (= 7.1.3.4) + activejob (7.2.1) + activesupport (= 7.2.1) globalid (>= 0.3.6) - activemodel (7.1.3.4) - activesupport (= 7.1.3.4) + activemodel (7.2.1) + activesupport (= 7.2.1) activemodel-serializers-xml (1.0.2) activemodel (> 5.x) activesupport (> 5.x) builder (~> 3.1) - activerecord (7.1.3.4) - activemodel (= 7.1.3.4) - activesupport (= 7.1.3.4) + activerecord (7.2.1) + activemodel (= 7.2.1) + activesupport (= 7.2.1) timeout (>= 0.4.0) - activestorage (7.1.3.4) - actionpack (= 7.1.3.4) - activejob (= 7.1.3.4) - activerecord (= 7.1.3.4) - activesupport (= 7.1.3.4) + activestorage (7.2.1) + actionpack (= 7.2.1) + activejob (= 7.2.1) + activerecord (= 7.2.1) + activesupport (= 7.2.1) marcel (~> 1.0) - activesupport (7.1.3.4) + activesupport (7.2.1) base64 bigdecimal - concurrent-ruby (~> 1.0, >= 1.0.2) + concurrent-ruby (~> 1.0, >= 1.3.1) connection_pool (>= 2.2.5) drb i18n (>= 1.6, < 2) + logger (>= 1.4.2) minitest (>= 5.1) - mutex_m - tzinfo (~> 2.0) + securerandom (>= 0.3) + tzinfo (~> 2.0, >= 2.0.5) addressable (2.8.7) public_suffix (>= 2.0.2, < 7.0) after_party (1.11.2) @@ -313,7 +309,6 @@ GEM multi_xml (0.7.1) bigdecimal (~> 3.1) multipart-post (2.4.1) - mutex_m (0.2.0) net-http-persistent (4.0.1) connection_pool (~> 2.2) net-imap (0.4.16) @@ -386,20 +381,20 @@ GEM rackup (1.0.0) rack (< 3) webrick - rails (7.1.3.4) - actioncable (= 7.1.3.4) - actionmailbox (= 7.1.3.4) - actionmailer (= 7.1.3.4) - actionpack (= 7.1.3.4) - actiontext (= 7.1.3.4) - actionview (= 7.1.3.4) - activejob (= 7.1.3.4) - activemodel (= 7.1.3.4) - activerecord (= 7.1.3.4) - activestorage (= 7.1.3.4) - activesupport (= 7.1.3.4) + rails (7.2.1) + actioncable (= 7.2.1) + actionmailbox (= 7.2.1) + actionmailer (= 7.2.1) + actionpack (= 7.2.1) + actiontext (= 7.2.1) + actionview (= 7.2.1) + activejob (= 7.2.1) + activemodel (= 7.2.1) + activerecord (= 7.2.1) + activestorage (= 7.2.1) + activesupport (= 7.2.1) bundler (>= 1.15.0) - railties (= 7.1.3.4) + railties (= 7.2.1) rails-controller-testing (1.0.5) actionpack (>= 5.0.1.rc1) actionview (>= 5.0.1.rc1) @@ -411,10 +406,10 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (7.1.3.4) - actionpack (= 7.1.3.4) - activesupport (= 7.1.3.4) - irb + railties (7.2.1) + actionpack (= 7.2.1) + activesupport (= 7.2.1) + irb (~> 1.13) rackup (>= 1.0.0) rake (>= 12.2) thor (~> 1.0, >= 1.2.2) @@ -452,17 +447,17 @@ GEM rspec-support (3.13.1) rspec_junit_formatter (0.6.0) rspec-core (>= 2, < 4, != 2.12.0) - rswag-api (2.13.0) - activesupport (>= 3.1, < 7.2) - railties (>= 3.1, < 7.2) + rswag-api (2.14.0) + activesupport (>= 5.2, < 8.0) + railties (>= 5.2, < 8.0) rswag-specs (2.14.0) activesupport (>= 5.2, < 8.0) json-schema (>= 2.2, < 5.0) railties (>= 5.2, < 8.0) rspec-core (>= 2.14) - rswag-ui (2.13.0) - actionpack (>= 3.1, < 7.2) - railties (>= 3.1, < 7.2) + rswag-ui (2.14.0) + actionpack (>= 5.2, < 8.0) + railties (>= 5.2, < 8.0) rubocop (1.65.1) json (~> 2.3) language_server-protocol (>= 3.17.0) @@ -494,6 +489,12 @@ GEM nokogiri (>= 1.12.0) scout_apm (5.3.8) parser + securerandom (0.3.1) + base64 (~> 0.2) + logger (~> 1.4) + rexml (~> 3.2, >= 3.2.5) + rubyzip (>= 1.2.2, < 3.0) + websocket (~> 1.0) selenium-webdriver (4.25.0) base64 (~> 0.2) logger (~> 1.4) @@ -553,6 +554,7 @@ GEM concurrent-ruby (~> 1.0) unicode-display_width (2.5.0) uniform_notifier (1.16.0) + useragent (0.16.10) view_component (3.13.0) activesupport (>= 5.2.0, < 8.0) concurrent-ruby (~> 1.0) @@ -643,7 +645,7 @@ DEPENDENCIES pundit rack-attack rack-cors - rails (= 7.1.3.4) + rails (= 7.2.1) rails-controller-testing rake request_store diff --git a/app/controllers/fund_requests_controller.rb b/app/controllers/fund_requests_controller.rb index f2a1aa9bf2..99eca6a4d5 100644 --- a/app/controllers/fund_requests_controller.rb +++ b/app/controllers/fund_requests_controller.rb @@ -29,7 +29,7 @@ def verify_casa_case end def parsed_params - params.permit( + params.require(:fund_request).permit( :submitter_email, :youth_name, :payment_amount, diff --git a/app/datatables/application_datatable.rb b/app/datatables/application_datatable.rb index 6cb5d48111..a1e5ddcd51 100644 --- a/app/datatables/application_datatable.rb +++ b/app/datatables/application_datatable.rb @@ -1,4 +1,6 @@ class ApplicationDatatable + prepend ActiveSupport::ToJsonWithActiveSupportEncoder + attr_reader :base_relation, :params DEFAULT_PER_PAGE = 10 diff --git a/app/models/all_casa_admin.rb b/app/models/all_casa_admin.rb index 8b27b00021..8d65effc2a 100644 --- a/app/models/all_casa_admin.rb +++ b/app/models/all_casa_admin.rb @@ -1,4 +1,5 @@ class AllCasaAdmin < ApplicationRecord + prepend ActiveSupport::ToJsonWithActiveSupportEncoder include Roles # Include default devise modules. Others available are: diff --git a/app/models/casa_admin.rb b/app/models/casa_admin.rb index b1c217bcfd..bcb6a2c252 100644 --- a/app/models/casa_admin.rb +++ b/app/models/casa_admin.rb @@ -1,4 +1,6 @@ class CasaAdmin < User + prepend ActiveSupport::ToJsonWithActiveSupportEncoder + devise :invitable, invite_for: 2.weeks default_scope { order(email: :asc) } diff --git a/app/models/casa_case.rb b/app/models/casa_case.rb index 6ad4ea93af..e4a76520fd 100644 --- a/app/models/casa_case.rb +++ b/app/models/casa_case.rb @@ -1,4 +1,5 @@ class CasaCase < ApplicationRecord + prepend ActiveSupport::ToJsonWithActiveSupportEncoder include ByOrganizationScope include DateHelper include CasaCase::Validations @@ -53,7 +54,7 @@ class CasaCase < ApplicationRecord has_many :case_court_orders, -> { order "id asc" }, dependent: :destroy accepts_nested_attributes_for :case_court_orders, reject_if: :all_blank, allow_destroy: true - enum court_report_status: {not_submitted: 0, submitted: 1, in_review: 2, completed: 3}, _prefix: :court_report + enum :court_report_status, {not_submitted: 0, submitted: 1, in_review: 2, completed: 3}, prefix: :court_report scope :ordered, -> { order(updated_at: :desc) } scope :actively_assigned_to, ->(volunteer) { diff --git a/app/models/casa_org.rb b/app/models/casa_org.rb index 7aed3f2ab1..42e833647d 100644 --- a/app/models/casa_org.rb +++ b/app/models/casa_org.rb @@ -1,4 +1,5 @@ class CasaOrg < ApplicationRecord + prepend ActiveSupport::ToJsonWithActiveSupportEncoder # NOTE: location of the default report template CASA_DEFAULT_COURT_REPORT = File.new(Rails.root.join("app", "documents", "templates", "default_report_template.docx"), "r") CASA_DEFAULT_LOGO = Rails.root.join("public", "logo.jpeg") diff --git a/app/models/case_court_order.rb b/app/models/case_court_order.rb index 7e41ee9cdc..be656d3055 100644 --- a/app/models/case_court_order.rb +++ b/app/models/case_court_order.rb @@ -31,7 +31,7 @@ class CaseCourtOrder < ApplicationRecord validates :text, presence: true - enum implementation_status: IMPLEMENTATION_STATUSES + enum :implementation_status, IMPLEMENTATION_STATUSES def self.court_order_options STANDARD_COURT_ORDERS.map { |o| [o, o] } diff --git a/app/models/followup.rb b/app/models/followup.rb index ef09a5ed8f..3fd0376946 100644 --- a/app/models/followup.rb +++ b/app/models/followup.rb @@ -3,7 +3,7 @@ class Followup < ApplicationRecord belongs_to :case_contact has_one :casa_org, through: :case_contact belongs_to :creator, class_name: "User" - enum status: {requested: 0, resolved: 1} + enum :status, {requested: 0, resolved: 1} validate :uniqueness_of_requested diff --git a/app/views/fund_requests/new.html.erb b/app/views/fund_requests/new.html.erb index 9f6b6cc6a9..bb076fa117 100644 --- a/app/views/fund_requests/new.html.erb +++ b/app/views/fund_requests/new.html.erb @@ -10,61 +10,62 @@
- <%= form_with(model: @form_request, local: true, url: casa_case_fund_request_path(@casa_case), method: :post) do |form| %> + <%= form_with(model: @fund_request, local: true, url: casa_case_fund_request_path(@casa_case), method: :post) do |form| %>
- <%= form.label "Your email", for: :submitter_email %> + <%= form.label :submitter_email, "Your email" %> <%= form.text_field :submitter_email, class: "form-control", required: true, value: current_user.email %>
- <%= form.label "Name or case number of youth", for: :youth_name %> + <%= form.label :youth_name, "Name or case number of youth" %> <%= form.text_field :youth_name, class: "form-control", required: false, value: @casa_case&.case_number %>
- <%= form.label "Amount of payment*", for: :payment_amount %> + <%= form.label :payment_amount, "Amount of payment*" %> <%= form.text_field :payment_amount, class: "form-control", required: false %>
- <%= form.label "Deadline / date needed", for: :deadline %> + <%= form.label :deadline, "Deadline / date needed" %> <%= form.text_field :deadline, class: "form-control", required: false %>
- <%= form.label "Request is for...", for: :request_purpose %> + <%= form.label :request_purpose, "Request is for..." %> <%= form.text_area :request_purpose, class: "form-control", required: false %>
- <%= form.label "Name of payee**", for: :payee_name %> + <%= form.label :payee_name, "Name of payee**" %> <%= form.text_field :payee_name, class: "form-control", required: false %>
- <%= form.label "Requested by & relationship to youth", for: :requested_by_and_relationship %> + <%= form.label :requested_by_and_relationship, "Requested by & relationship to youth" %> <%= form.text_field :requested_by_and_relationship, class: "form-control", required: false, value: "#{current_user.display_name} CASA Volunteer" %>
- <%= form.label "Other source of funding available/sought please include status of these -requests, if applicable.", for: :other_funding_source_sought %> + <%= form.label :other_funding_source_sought, + "Other source of funding available/sought please include status of these requests, if applicable." %> <%= form.text_area :other_funding_source_sought, class: "form-control", required: false %>
- <%= form.label "How will this funding positively impact the personal goals or aspirations of + <%= form.label :impact, "How will this funding positively impact the personal goals or aspirations of the youth? If this is for emergency funding, please share any support that is or can be in place to maintain stability or alleviate the emergency moving forward. If funding is for a program or a service, please describe how this will -support the youth in the short or long-term.", for: :impact %> +support the youth in the short or long-term." %> <%= form.text_area :impact, class: "form-control", required: false %>
- <%= form.label "Please use this space if it is necessary/helpful to provide additional information -that will assist us in understanding the need and making a decision.", for: :extra_information %> + <%= form.label :extra_information, + "Please use this space if it is necessary/helpful to provide additional + information that will assist us in understanding the need and making a decision." %> <%= form.text_area :extra_information, class: "form-control", required: false %>
diff --git a/bin/brakeman b/bin/brakeman new file mode 100755 index 0000000000..ace1c9ba08 --- /dev/null +++ b/bin/brakeman @@ -0,0 +1,7 @@ +#!/usr/bin/env ruby +require "rubygems" +require "bundler/setup" + +ARGV.unshift("--ensure-latest") + +load Gem.bin_path("brakeman", "brakeman") diff --git a/config/application.rb b/config/application.rb index ab18c6577b..a14df46829 100644 --- a/config/application.rb +++ b/config/application.rb @@ -9,7 +9,7 @@ module Casa class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.1 + config.load_defaults 7.2 # Please, add to the `ignore` list any other `lib` subdirectories that do # not contain `.rb` files, or that should not be reloaded or eager loaded. diff --git a/config/environments/test.rb b/config/environments/test.rb index ac1618269c..3111e9657b 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -79,4 +79,6 @@ # https://github.com/rails/rails/issues/48468 config.active_job.queue_adapter = :test + + config.secret_key_base = ENV["SECRET_KEY_BASE"] || "dummy_test_secret_key" end diff --git a/config/initializers/new_framework_defaults_7_1.rb b/config/initializers/new_framework_defaults_7_1.rb deleted file mode 100644 index 11f69077fc..0000000000 --- a/config/initializers/new_framework_defaults_7_1.rb +++ /dev/null @@ -1,223 +0,0 @@ -# Be sure to restart your server when you modify this file. -# -# This file eases your Rails 7.1 framework defaults upgrade. -# -# Uncomment each configuration one by one to switch to the new default. -# Once your application is ready to run with all new defaults, you can remove -# this file and set the `config.load_defaults` to `7.1`. -# -# Read the Guide for Upgrading Ruby on Rails for more info on each option. -# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html - -# No longer add autoloaded paths into `$LOAD_PATH`. This means that you won't be able -# to manually require files that are managed by the autoloader, which you shouldn't do anyway. -# This will reduce the size of the load path, making `require` faster if you don't use bootsnap, or reduce the size -# of the bootsnap cache if you use it. -Rails.application.config.add_autoload_paths_to_load_path = false - -# Remove the default X-Download-Options headers since it is used only by Internet Explorer. -# If you need to support Internet Explorer, add back `"X-Download-Options" => "noopen"`. -Rails.application.config.action_dispatch.default_headers = { - "X-Frame-Options" => "SAMEORIGIN", - "X-XSS-Protection" => "0", - "X-Content-Type-Options" => "nosniff", - "X-Permitted-Cross-Domain-Policies" => "none", - "Referrer-Policy" => "strict-origin-when-cross-origin" -} - -# Do not treat an `ActionController::Parameters` instance -# as equal to an equivalent `Hash` by default. -Rails.application.config.action_controller.allow_deprecated_parameters_hash_equality = false - -# Active Record Encryption now uses SHA-256 as its hash digest algorithm. Important: If you have -# data encrypted with previous Rails versions, there are two scenarios to consider: -# -# 1. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA1 (the default -# before Rails 7.0), you need to configure SHA-1 for Active Record Encryption too: -# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA1 -# 2. If you have +config.active_support.key_generator_hash_digest_class+ configured as SHA256 (the new default -# in 7.0), then you need to configure SHA-256 for Active Record Encryption: -# Rails.application.config.active_record.encryption.hash_digest_class = OpenSSL::Digest::SHA256 -# -# If you don't currently have data encrypted with Active Record encryption, you can disable this setting to -# configure the default behavior starting 7.1+: -Rails.application.config.active_record.encryption.support_sha1_for_non_deterministic_encryption = false - -# No longer run after_commit callbacks on the first of multiple Active Record -# instances to save changes to the same database row within a transaction. -# Instead, run these callbacks on the instance most likely to have internal -# state which matches what was committed to the database, typically the last -# instance to save. -Rails.application.config.active_record.run_commit_callbacks_on_first_saved_instances_in_transaction = false - -# Configures SQLite with a strict strings mode, which disables double-quoted string literals. -# -# SQLite has some quirks around double-quoted string literals. -# It first tries to consider double-quoted strings as identifier names, but if they don't exist -# it then considers them as string literals. Because of this, typos can silently go unnoticed. -# For example, it is possible to create an index for a non existing column. -# See https://www.sqlite.org/quirks.html#double_quoted_string_literals_are_accepted for more details. -Rails.application.config.active_record.sqlite3_adapter_strict_strings_by_default = true - -# Disable deprecated singular associations names -Rails.application.config.active_record.allow_deprecated_singular_associations_name = false - -# Enable the Active Job `BigDecimal` argument serializer, which guarantees -# roundtripping. Without this serializer, some queue adapters may serialize -# `BigDecimal` arguments as simple (non-roundtrippable) strings. -# -# When deploying an application with multiple replicas, old (pre-Rails 7.1) -# replicas will not be able to deserialize `BigDecimal` arguments from this -# serializer. Therefore, this setting should only be enabled after all replicas -# have been successfully upgraded to Rails 7.1. -Rails.application.config.active_job.use_big_decimal_serializer = true - -# Specify if an `ArgumentError` should be raised if `Rails.cache` `fetch` or -# `write` are given an invalid `expires_at` or `expires_in` time. -# Options are `true`, and `false`. If `false`, the exception will be reported -# as `handled` and logged instead. -Rails.application.config.active_support.raise_on_invalid_cache_expiration_time = true - -# Specify whether Query Logs will format tags using the SQLCommenter format -# (https://open-telemetry.github.io/opentelemetry-sqlcommenter/), or using the legacy format. -# Options are `:legacy` and `:sqlcommenter`. -Rails.application.config.active_record.query_log_tags_format = :sqlcommenter - -# Specify the default serializer used by `MessageEncryptor` and `MessageVerifier` -# instances. -# -# The legacy default is `:marshal`, which is a potential vector for -# deserialization attacks in cases where a message signing secret has been -# leaked. -# -# In Rails 7.1, the new default is `:json_allow_marshal` which serializes and -# deserializes with `ActiveSupport::JSON`, but can fall back to deserializing -# with `Marshal` so that legacy messages can still be read. -# -# In Rails 7.2, the default will become `:json` which serializes and -# deserializes with `ActiveSupport::JSON` only. -# -# Alternatively, you can choose `:message_pack` or `:message_pack_allow_marshal`, -# which serialize with `ActiveSupport::MessagePack`. `ActiveSupport::MessagePack` -# can roundtrip some Ruby types that are not supported by JSON, and may provide -# improved performance, but it requires the `msgpack` gem. -# -# For more information, see -# https://guides.rubyonrails.org/v7.1/configuring.html#config-active-support-message-serializer -# -# If you are performing a rolling deploy of a Rails 7.1 upgrade, wherein servers -# that have not yet been upgraded must be able to read messages from upgraded -# servers, first deploy without changing the serializer, then set the serializer -# in a subsequent deploy. -Rails.application.config.active_support.message_serializer = :json_allow_marshal - -# Enable a performance optimization that serializes message data and metadata -# together. This changes the message format, so messages serialized this way -# cannot be read by older versions of Rails. However, messages that use the old -# format can still be read, regardless of whether this optimization is enabled. -# -# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have -# not yet been upgraded must be able to read messages from upgraded servers, -# leave this optimization off on the first deploy, then enable it on a -# subsequent deploy. -Rails.application.config.active_support.use_message_serializer_for_metadata = true - -# Set the maximum size for Rails log files. -# -# `config.load_defaults 7.1` does not set this value for environments other than -# development and test. -# -if Rails.env.local? - Rails.application.config.log_file_size = 100 * 1024 * 1024 -end - -# Enable raising on assignment to attr_readonly attributes. The previous -# behavior would allow assignment but silently not persist changes to the -# database. -Rails.application.config.active_record.raise_on_assign_to_attr_readonly = true - -# Enable validating only parent-related columns for presence when the parent is mandatory. -# The previous behavior was to validate the presence of the parent record, which performed an extra query -# to get the parent every time the child record was updated, even when parent has not changed. -Rails.application.config.active_record.belongs_to_required_validates_foreign_key = false - -# Enable precompilation of `config.filter_parameters`. Precompilation can -# improve filtering performance, depending on the quantity and types of filters. -Rails.application.config.precompile_filter_parameters = true - -# Enable before_committed! callbacks on all enrolled records in a transaction. -# The previous behavior was to only run the callbacks on the first copy of a record -# if there were multiple copies of the same record enrolled in the transaction. -Rails.application.config.active_record.before_committed_on_all_records = true - -# Disable automatic column serialization into YAML. -# To keep the historic behavior, you can set it to `YAML`, however it is -# recommended to explicitly define the serialization method for each column -# rather than to rely on a global default. -Rails.application.config.active_record.default_column_serializer = nil - -# Enable a performance optimization that serializes Active Record models -# in a faster and more compact way. -# -# To perform a rolling deploy of a Rails 7.1 upgrade, wherein servers that have -# not yet been upgraded must be able to read caches from upgraded servers, -# leave this optimization off on the first deploy, then enable it on a -# subsequent deploy. -Rails.application.config.active_record.marshalling_format_version = 7.1 - -# Run `after_commit` and `after_*_commit` callbacks in the order they are defined in a model. -# This matches the behaviour of all other callbacks. -# In previous versions of Rails, they ran in the inverse order. -Rails.application.config.active_record.run_after_transaction_callbacks_in_order_defined = true - -# Whether a `transaction` block is committed or rolled back when exited via `return`, `break` or `throw`. -# -Rails.application.config.active_record.commit_transaction_on_non_local_return = true - -# Controls when to generate a value for has_secure_token declarations. -# -Rails.application.config.active_record.generate_secure_token_on = :initialize - -# ** Please read carefully, this must be configured in config/application.rb ** -# Change the format of the cache entry. -# Changing this default means that all new cache entries added to the cache -# will have a different format that is not supported by Rails 7.0 -# applications. -# Only change this value after your application is fully deployed to Rails 7.1 -# and you have no plans to rollback. -# When you're ready to change format, add this to `config/application.rb` (NOT -# this file): -# config.active_support.cache_format_version = 7.1 - -# Configure Action View to use HTML5 standards-compliant sanitizers when they are supported on your -# platform. -# -# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action View to use HTML5-compliant -# sanitizers if they are supported, else fall back to HTML4 sanitizers. -# -# In previous versions of Rails, Action View always used `Rails::HTML4::Sanitizer` as its vendor. -# -Rails.application.config.action_view.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor - -# Configure Action Text to use an HTML5 standards-compliant sanitizer when it is supported on your -# platform. -# -# `Rails::HTML::Sanitizer.best_supported_vendor` will cause Action Text to use HTML5-compliant -# sanitizers if they are supported, else fall back to HTML4 sanitizers. -# -# In previous versions of Rails, Action Text always used `Rails::HTML4::Sanitizer` as its vendor. -# -Rails.application.config.action_text.sanitizer_vendor = Rails::HTML::Sanitizer.best_supported_vendor - -# Configure the log level used by the DebugExceptions middleware when logging -# uncaught exceptions during requests -Rails.application.config.action_dispatch.debug_exception_log_level = :error - -# Configure the test helpers in Action View, Action Dispatch, and rails-dom-testing to use HTML5 -# parsers. -# -# Nokogiri::HTML5 isn't supported on JRuby, so JRuby applications must set this to :html4. -# -# In previous versions of Rails, these test helpers always used an HTML4 parser. -# -Rails.application.config.dom_testing_default_html_version = :html5 diff --git a/config/puma.rb b/config/puma.rb index b297a253d3..03c166f4cf 100644 --- a/config/puma.rb +++ b/config/puma.rb @@ -1,43 +1,34 @@ -# Puma can serve each request in a thread from an internal thread pool. -# The `threads` method setting takes two numbers: a minimum and maximum. -# Any libraries that use thread pools should be configured to match -# the maximum value specified for Puma. Default is set to 5 threads for minimum -# and maximum; this matches the default thread size of Active Record. -# -max_threads_count = ENV.fetch("RAILS_MAX_THREADS", 5) -min_threads_count = ENV.fetch("RAILS_MIN_THREADS", max_threads_count) -threads min_threads_count, max_threads_count +# This configuration file will be evaluated by Puma. The top-level methods that +# are invoked here are part of Puma's configuration DSL. For more information +# about methods provided by the DSL, see https://puma.io/puma/Puma/DSL.html. -# Specifies the `worker_timeout` threshold that Puma will use to wait before -# terminating a worker in development environments. +# Puma starts a configurable number of processes (workers) and each process +# serves each request in a thread from an internal thread pool. # -worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development" - -# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +# The ideal number of threads per worker depends both on how much time the +# application spends waiting for IO operations and on how much you wish to +# to prioritize throughput over latency. # -port ENV.fetch("PORT", 3000) - -# Specifies the `environment` that Puma will run in. +# As a rule of thumb, increasing the number of threads will increase how much +# traffic a given process can handle (throughput), but due to CRuby's +# Global VM Lock (GVL) it has diminishing returns and will degrade the +# response time (latency) of the application. # -environment ENV.fetch("RAILS_ENV", "development") - -# Specifies the `pidfile` that Puma will use. -pidfile ENV.fetch("PIDFILE", "tmp/pids/server.pid") - -# Specifies the number of `workers` to boot in clustered mode. -# Workers are forked web server processes. If using threads and workers together -# the concurrency of the application would be max `threads` * `workers`. -# Workers do not work on JRuby or Windows (both of which do not support -# processes). +# The default is set to 3 threads as it's deemed a decent compromise between +# throughput and latency for the average Rails application. # -# workers ENV.fetch("WEB_CONCURRENCY") { 2 } +# Any libraries that use a connection pool or another resource pool should +# be configured to provide at least as many connections as the number of +# threads. This includes Active Record's `pool` parameter in `database.yml`. +threads_count = ENV.fetch("RAILS_MAX_THREADS", 3) +threads threads_count, threads_count -# Use the `preload_app!` method when specifying a `workers` number. -# This directive tells Puma to first boot the application and load code -# before forking the application. This takes advantage of Copy On Write -# process behavior so workers use less memory. -# -# preload_app! +# Specifies the `port` that Puma will listen on to receive requests; default is 3000. +port ENV.fetch("PORT", 3000) -# Allow puma to be restarted by `rails restart` command. +# Allow puma to be restarted by `bin/rails restart` command. plugin :tmp_restart + +# Specify the PID file. Defaults to tmp/pids/server.pid in development. +# In other environments, only set the PID file if requested. +pidfile ENV["PIDFILE"] if ENV["PIDFILE"] diff --git a/public/406-unsupported-browser.html b/public/406-unsupported-browser.html new file mode 100644 index 0000000000..7cf1e168e6 --- /dev/null +++ b/public/406-unsupported-browser.html @@ -0,0 +1,66 @@ + + + + Your browser is not supported (406) + + + + + + +
+
+

Your browser is not supported.

+

Please upgrade your browser to continue.

+
+
+ + diff --git a/public/icon.png b/public/icon.png new file mode 100644 index 0000000000..f3b5abcbde Binary files /dev/null and b/public/icon.png differ diff --git a/public/icon.svg b/public/icon.svg new file mode 100644 index 0000000000..78307ccd4b --- /dev/null +++ b/public/icon.svg @@ -0,0 +1,3 @@ + + + diff --git a/spec/controllers/concerns/accessible_spec.rb b/spec/controllers/concerns/accessible_spec.rb index ed44c968c3..d99d4b1976 100644 --- a/spec/controllers/concerns/accessible_spec.rb +++ b/spec/controllers/concerns/accessible_spec.rb @@ -17,13 +17,19 @@ def no_session_action let(:volunteer) { create(:volunteer) } context "Authenticated user" do - before :each do - Rails.application.reload_routes! - Rails.application.routes.disable_clear_and_finalize = true + around do |example| Rails.application.routes.draw do get :action, to: "mock#action" get :no_session_action, to: "mock#no_session_action" + + # required routes to make Accessible concern work + get :mock_admin, to: "admin#mock", as: :authenticated_all_casa_admin_root + get :mock_user, to: "user#mock", as: :authenticated_user_root end + + example.run + + Rails.application.reload_routes! end it "should redirect to authenticated casa admin root path" do diff --git a/spec/requests/fund_requests_spec.rb b/spec/requests/fund_requests_spec.rb index 343603d0bc..039048a961 100644 --- a/spec/requests/fund_requests_spec.rb +++ b/spec/requests/fund_requests_spec.rb @@ -84,6 +84,23 @@ end describe "POST /casa_cases/:casa_id/fund_request" do + let(:params) do + { + fund_request: { + submitter_email: "submitter@example.com", + youth_name: "CINA-123", + payment_amount: "$10.00", + deadline: "2022-12-31", + request_purpose: "something noble", + payee_name: "Minnie Mouse", + requested_by_and_relationship: "Favorite Volunteer", + other_funding_source_sought: "Some other agency", + impact: "Great", + extra_information: "foo bar" + } + } + end + context "when volunteer" do context "when casa_case is within organization" do context "with valid params" do @@ -95,55 +112,48 @@ sign_in volunteer expect { - post casa_case_fund_request_path(casa_case), params: { - submitter_email: "submitter@example.com", - youth_name: "CINA-123", - payment_amount: "$10.00", - deadline: "2022-12-31", - request_purpose: "something noble", - payee_name: "Minnie Mouse", - requested_by_and_relationship: "Favorite Volunteer", - other_funding_source_sought: "Some other agency", - impact: "Great", - extra_information: "foo bar" - } + post casa_case_fund_request_path(casa_case), params: params }.to change(FundRequest, :count).by(1) .and change(ActionMailer::Base.deliveries, :count).by(1) fr = FundRequest.last - expect(fr.submitter_email).to eq "submitter@example.com" - expect(fr.youth_name).to eq "CINA-123" - expect(fr.payment_amount).to eq "$10.00" - expect(fr.deadline).to eq "2022-12-31" - expect(fr.request_purpose).to eq "something noble" - expect(fr.payee_name).to eq "Minnie Mouse" - expect(fr.requested_by_and_relationship).to eq "Favorite Volunteer" - expect(fr.other_funding_source_sought).to eq "Some other agency" - expect(fr.impact).to eq "Great" - expect(fr.extra_information).to eq "foo bar" - expect(response).to redirect_to casa_case + aggregate_failures do + expect(fr.submitter_email).to eq "submitter@example.com" + expect(fr.youth_name).to eq "CINA-123" + expect(fr.payment_amount).to eq "$10.00" + expect(fr.deadline).to eq "2022-12-31" + expect(fr.request_purpose).to eq "something noble" + expect(fr.payee_name).to eq "Minnie Mouse" + expect(fr.requested_by_and_relationship).to eq "Favorite Volunteer" + expect(fr.other_funding_source_sought).to eq "Some other agency" + expect(fr.impact).to eq "Great" + expect(fr.extra_information).to eq "foo bar" + expect(response).to redirect_to casa_case + end mail = ActionMailer::Base.deliveries.last - expect(mail.subject).to eq("Fund request from submitter@example.com") - expect(mail.to).to match_array(["recipient@example.com", "submitter@example.com"]) - expect(mail.body.encoded).to include("Youth name") - expect(mail.body.encoded).to include("CINA-123") - expect(mail.body.encoded).to include("Payment amount") - expect(mail.body.encoded).to include("$10.00") - expect(mail.body.encoded).to include("Deadline") - expect(mail.body.encoded).to include("2022-12-31") - expect(mail.body.encoded).to include("Request purpose") - expect(mail.body.encoded).to include("something noble") - expect(mail.body.encoded).to include("Payee name") - expect(mail.body.encoded).to include("Minnie Mouse") - expect(mail.body.encoded).to include("Requested by and relationship") - expect(mail.body.encoded).to include("Favorite Volunteer") - expect(mail.body.encoded).to include("Other funding source sought") - expect(mail.body.encoded).to include("Some other agency") - expect(mail.body.encoded).to include("Impact") - expect(mail.body.encoded).to include("Great") - expect(mail.body.encoded).to include("Extra information") - expect(mail.body.encoded).to include("foo bar") + aggregate_failures do + expect(mail.subject).to eq("Fund request from submitter@example.com") + expect(mail.to).to match_array(["recipient@example.com", "submitter@example.com"]) + expect(mail.body.encoded).to include("Youth name") + expect(mail.body.encoded).to include("CINA-123") + expect(mail.body.encoded).to include("Payment amount") + expect(mail.body.encoded).to include("$10.00") + expect(mail.body.encoded).to include("Deadline") + expect(mail.body.encoded).to include("2022-12-31") + expect(mail.body.encoded).to include("Request purpose") + expect(mail.body.encoded).to include("something noble") + expect(mail.body.encoded).to include("Payee name") + expect(mail.body.encoded).to include("Minnie Mouse") + expect(mail.body.encoded).to include("Requested by and relationship") + expect(mail.body.encoded).to include("Favorite Volunteer") + expect(mail.body.encoded).to include("Other funding source sought") + expect(mail.body.encoded).to include("Some other agency") + expect(mail.body.encoded).to include("Impact") + expect(mail.body.encoded).to include("Great") + expect(mail.body.encoded).to include("Extra information") + expect(mail.body.encoded).to include("foo bar") + end end end @@ -156,18 +166,7 @@ sign_in volunteer expect(FundRequestMailer).to_not receive(:send_request) expect { - post casa_case_fund_request_path(casa_case), params: { - submitter_email: "foo@example.com", - youth_name: "CINA-123", - payment_amount: "$10.00", - deadline: "2022-12-31", - request_purpose: "something noble", - payee_name: "Minnie Mouse", - requested_by_and_relationship: "Favorite Volunteer", - other_funding_source_sought: "Some other agency", - impact: "Great", - extra_information: "foo bar" - } + post casa_case_fund_request_path(casa_case), params: params }.to_not change(FundRequest, :count) expect(response).to have_http_status(:unprocessable_entity) @@ -183,18 +182,7 @@ sign_in volunteer expect(FundRequestMailer).to_not receive(:send_request) expect { - post casa_case_fund_request_path(casa_case), params: { - submitter_email: "foo@example.com", - youth_name: "CINA-123", - payment_amount: "$10.00", - deadline: "2022-12-31", - request_purpose: "something noble", - payee_name: "Minnie Mouse", - requested_by_and_relationship: "Favorite Volunteer", - other_funding_source_sought: "Some other agency", - impact: "Great", - extra_information: "foo bar" - } + post casa_case_fund_request_path(casa_case), params: params }.to_not change(FundRequest, :count) expect(response).to redirect_to root_path @@ -213,18 +201,7 @@ expect(FundRequestMailer).to receive(:send_request).with(nil, instance_of(FundRequest)).and_return(mailer_mock) expect(mailer_mock).to receive(:deliver) expect { - post casa_case_fund_request_path(casa_case), params: { - submitter_email: "foo@example.com", - youth_name: "CINA-123", - payment_amount: "$10.00", - deadline: "2022-12-31", - request_purpose: "something noble", - payee_name: "Minnie Mouse", - requested_by_and_relationship: "Favorite Volunteer", - other_funding_source_sought: "Some other agency", - impact: "Great", - extra_information: "foo bar" - } + post casa_case_fund_request_path(casa_case), params: params }.to change(FundRequest, :count).by(1) expect(response).to redirect_to casa_case @@ -242,18 +219,7 @@ expect(FundRequestMailer).to receive(:send_request).with(nil, instance_of(FundRequest)).and_return(mailer_mock) expect(mailer_mock).to receive(:deliver) expect { - post casa_case_fund_request_path(casa_case), params: { - submitter_email: "foo@example.com", - youth_name: "CINA-123", - payment_amount: "$10.00", - deadline: "2022-12-31", - request_purpose: "something noble", - payee_name: "Minnie Mouse", - requested_by_and_relationship: "Favorite Volunteer", - other_funding_source_sought: "Some other agency", - impact: "Great", - extra_information: "foo bar" - } + post casa_case_fund_request_path(casa_case), params: params }.to change(FundRequest, :count).by(1) expect(response).to redirect_to casa_case diff --git a/spec/requests/volunteers_spec.rb b/spec/requests/volunteers_spec.rb index 88f4a1321f..66bfee20bc 100644 --- a/spec/requests/volunteers_spec.rb +++ b/spec/requests/volunteers_spec.rb @@ -38,7 +38,7 @@ let(:data) { {recordsTotal: 51, recordsFiltered: 10, data: 10.times.map { {} }} } before do - allow(VolunteerDatatable).to receive(:new).and_return double "datatable", as_json: data + allow(VolunteerDatatable).to receive(:new).and_return double "datatable", to_json: data.to_json end it "is successful" do diff --git a/spec/system/casa_cases/fund_requests/new_spec.rb b/spec/system/casa_cases/fund_requests/new_spec.rb index 9d59138345..21a00c9d99 100644 --- a/spec/system/casa_cases/fund_requests/new_spec.rb +++ b/spec/system/casa_cases/fund_requests/new_spec.rb @@ -9,9 +9,11 @@ sign_in volunteer visit new_casa_case_fund_request_path(casa_case) - expect(page).to have_field "Your email", with: volunteer.email - expect(page).to have_field "Name or case number of youth", with: casa_case.case_number - expect(page).to have_field "Requested by & relationship to youth", with: "#{volunteer.display_name} CASA Volunteer" + aggregate_failures do + expect(page).to have_field "Your email", with: volunteer.email + expect(page).to have_field "Name or case number of youth", with: casa_case.case_number + expect(page).to have_field "Requested by & relationship to youth", with: "#{volunteer.display_name} CASA Volunteer" + end fill_in "Amount of payment", with: "100" fill_in "Deadline", with: "2022-12-31" @@ -28,15 +30,17 @@ expect(page).to have_text "Fund Request was sent for case #{casa_case.case_number}" fr = FundRequest.last - expect(fr.deadline).to eq "2022-12-31" - expect(fr.extra_information).to eq "foo bar" - expect(fr.impact).to eq "provide support" - expect(fr.other_funding_source_sought).to eq "some other agency" - expect(fr.payee_name).to eq "Minnie Mouse" - expect(fr.payment_amount).to eq "100" - expect(fr.request_purpose).to eq "Fun outing" - expect(fr.requested_by_and_relationship).to eq "#{volunteer.display_name} CASA Volunteer" - expect(fr.submitter_email).to eq volunteer.email - expect(fr.youth_name).to eq casa_case.case_number + aggregate_failures do + expect(fr.deadline).to eq "2022-12-31" + expect(fr.extra_information).to eq "foo bar" + expect(fr.impact).to eq "provide support" + expect(fr.other_funding_source_sought).to eq "some other agency" + expect(fr.payee_name).to eq "Minnie Mouse" + expect(fr.payment_amount).to eq "100" + expect(fr.request_purpose).to eq "Fun outing" + expect(fr.requested_by_and_relationship).to eq "#{volunteer.display_name} CASA Volunteer" + expect(fr.submitter_email).to eq volunteer.email + expect(fr.youth_name).to eq casa_case.case_number + end end end