From 7a51dd4944450353b6163f5957f7a764648aee22 Mon Sep 17 00:00:00 2001 From: "James Armes (they/them)" Date: Mon, 3 Jun 2024 23:07:20 -0400 Subject: [PATCH] Upgrade to Rails 7.1. (#2) * Fixed test failures. * Update defaults to rails 7.1. --- Gemfile | 10 +- Gemfile.lock | 220 +++++++++--------- app/models/field.rb | 1 - bin/setup | 2 +- config/application.rb | 2 +- config/environments/development.rb | 10 +- config/environments/production.rb | 64 ++--- config/environments/test.rb | 22 +- .../initializers/content_security_policy.rb | 13 +- config/initializers/devise.rb | 5 +- .../initializers/filter_parameter_logging.rb | 6 +- config/initializers/permissions_policy.rb | 18 +- ..._to_active_storage_blobs.active_storage.rb | 22 ++ ..._storage_variant_records.active_storage.rb | 27 +++ ...e_storage_blobs_checksum.active_storage.rb | 8 + db/schema.rb | 3 +- spec/rails_helper.rb | 3 +- spec/requests/call_types_spec.rb | 1 + spec/requests/dashboard_spec.rb | 5 +- spec/requests/data_sets_spec.rb | 6 +- 20 files changed, 266 insertions(+), 182 deletions(-) create mode 100644 db/migrate/20240604011051_add_service_name_to_active_storage_blobs.active_storage.rb create mode 100644 db/migrate/20240604011052_create_active_storage_variant_records.active_storage.rb create mode 100644 db/migrate/20240604011053_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb diff --git a/Gemfile b/Gemfile index 4c89e91..6b08f5a 100644 --- a/Gemfile +++ b/Gemfile @@ -13,23 +13,23 @@ gem 'bootsnap', '~> 1.12', require: false gem 'chartkick' gem 'chronic', '~> 0.10.2' gem 'csv', '~> 3.2.0' -gem 'devise', github: 'heartcombo/devise', ref: 'f8d1ea90bc3' +gem 'devise', '~> 4.9' gem 'friendly_id', '~> 5.4.0' gem 'health-monitor-rails', '~> 9.3' gem 'importmap-rails', '~> 1.1' gem 'jbuilder', '~> 2.11' gem 'kaminari', '~> 1.2' gem 'mutex_m', '~> 0.2' -gem 'paper_trail', '~> 12.3' +gem 'paper_trail', '~> 15.0' gem 'pg', '~> 1.4' gem 'pg_search', '~> 2.3' gem 'puma', '~> 5.6' gem 'rack', '~> 2.0' -gem 'rails', '~> 7.0.0', '>= 7.0.2.3' +gem 'rails', '~> 7.1.0' gem 'seed_dump', '~> 3.3' gem 'sprockets-rails', '~> 3.4' gem 'stimulus-rails', '~> 1.1' -gem 'tailwindcss-rails', '2.0.12' +gem 'tailwindcss-rails', '~> 2.6' gem 'turbo-rails', '~> 1.1' gem 'tzinfo-data', platforms: %i[mingw mswin x64_mingw jruby] @@ -42,7 +42,7 @@ group :development, :test do gem 'faker', '~> 2.21' gem 'pry', '~> 0.14' gem 'rspec-github', '~> 2.3' - gem 'rspec-rails', '~> 5.1' + gem 'rspec-rails', '~> 6.1' end group :development do diff --git a/Gemfile.lock b/Gemfile.lock index fc96d8d..37594de 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,93 +1,90 @@ -GIT - remote: https://github.com/heartcombo/devise.git - revision: f8d1ea90bc328012f178b8a6616a89b73f2546a4 - ref: f8d1ea90bc3 - specs: - devise (4.8.1) - bcrypt (~> 3.0) - orm_adapter (~> 0.1) - railties (>= 4.1.0) - responders - warden (~> 1.2.3) - GEM remote: https://rubygems.org/ specs: - actioncable (7.0.8.3) - actionpack (= 7.0.8.3) - activesupport (= 7.0.8.3) + actioncable (7.1.3.3) + actionpack (= 7.1.3.3) + activesupport (= 7.1.3.3) nio4r (~> 2.0) websocket-driver (>= 0.6.1) - actionmailbox (7.0.8.3) - actionpack (= 7.0.8.3) - activejob (= 7.0.8.3) - activerecord (= 7.0.8.3) - activestorage (= 7.0.8.3) - activesupport (= 7.0.8.3) + zeitwerk (~> 2.6) + actionmailbox (7.1.3.3) + actionpack (= 7.1.3.3) + activejob (= 7.1.3.3) + activerecord (= 7.1.3.3) + activestorage (= 7.1.3.3) + activesupport (= 7.1.3.3) mail (>= 2.7.1) net-imap net-pop net-smtp - actionmailer (7.0.8.3) - actionpack (= 7.0.8.3) - actionview (= 7.0.8.3) - activejob (= 7.0.8.3) - activesupport (= 7.0.8.3) + actionmailer (7.1.3.3) + actionpack (= 7.1.3.3) + actionview (= 7.1.3.3) + activejob (= 7.1.3.3) + activesupport (= 7.1.3.3) mail (~> 2.5, >= 2.5.4) net-imap net-pop net-smtp - rails-dom-testing (~> 2.0) - actionpack (7.0.8.3) - actionview (= 7.0.8.3) - activesupport (= 7.0.8.3) - rack (~> 2.0, >= 2.2.4) + rails-dom-testing (~> 2.2) + actionpack (7.1.3.3) + actionview (= 7.1.3.3) + activesupport (= 7.1.3.3) + nokogiri (>= 1.8.5) + racc + rack (>= 2.2.4) + rack-session (>= 1.0.1) rack-test (>= 0.6.3) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.0, >= 1.2.0) - actiontext (7.0.8.3) - actionpack (= 7.0.8.3) - activerecord (= 7.0.8.3) - activestorage (= 7.0.8.3) - activesupport (= 7.0.8.3) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) + actiontext (7.1.3.3) + actionpack (= 7.1.3.3) + activerecord (= 7.1.3.3) + activestorage (= 7.1.3.3) + activesupport (= 7.1.3.3) globalid (>= 0.6.0) nokogiri (>= 1.8.5) - actionview (7.0.8.3) - activesupport (= 7.0.8.3) + actionview (7.1.3.3) + activesupport (= 7.1.3.3) builder (~> 3.1) - erubi (~> 1.4) - rails-dom-testing (~> 2.0) - rails-html-sanitizer (~> 1.1, >= 1.2.0) + erubi (~> 1.11) + rails-dom-testing (~> 2.2) + rails-html-sanitizer (~> 1.6) active_storage_validations (0.9.8) activejob (>= 5.2.0) activemodel (>= 5.2.0) activestorage (>= 5.2.0) activesupport (>= 5.2.0) - activejob (7.0.8.3) - activesupport (= 7.0.8.3) + activejob (7.1.3.3) + activesupport (= 7.1.3.3) globalid (>= 0.3.6) - activemodel (7.0.8.3) - activesupport (= 7.0.8.3) - activerecord (7.0.8.3) - activemodel (= 7.0.8.3) - activesupport (= 7.0.8.3) - activestorage (7.0.8.3) - actionpack (= 7.0.8.3) - activejob (= 7.0.8.3) - activerecord (= 7.0.8.3) - activesupport (= 7.0.8.3) + activemodel (7.1.3.3) + activesupport (= 7.1.3.3) + activerecord (7.1.3.3) + activemodel (= 7.1.3.3) + activesupport (= 7.1.3.3) + timeout (>= 0.4.0) + activestorage (7.1.3.3) + actionpack (= 7.1.3.3) + activejob (= 7.1.3.3) + activerecord (= 7.1.3.3) + activesupport (= 7.1.3.3) marcel (~> 1.0) - mini_mime (>= 1.1.0) - activesupport (7.0.8.3) + activesupport (7.1.3.3) + base64 + bigdecimal concurrent-ruby (~> 1.0, >= 1.0.2) + connection_pool (>= 2.2.5) + drb i18n (>= 1.6, < 2) minitest (>= 5.1) + mutex_m tzinfo (~> 2.0) addressable (2.8.6) public_suffix (>= 2.0.2, < 6.0) ast (2.4.2) aws-eventstream (1.3.0) - aws-partitions (1.937.0) + aws-partitions (1.938.0) aws-record (2.13.0) aws-sdk-dynamodb (~> 1, >= 1.85.0) aws-sdk-core (3.196.1) @@ -159,6 +156,7 @@ GEM chronic (0.10.2) coderay (1.1.3) concurrent-ruby (1.3.1) + connection_pool (2.4.1) crack (1.0.0) bigdecimal rexml @@ -172,7 +170,14 @@ GEM debug (1.9.2) irb (~> 1.10) reline (>= 0.3.8) + devise (4.9.4) + bcrypt (~> 3.0) + orm_adapter (~> 0.1) + railties (>= 4.1.0) + responders + warden (~> 1.2.3) diff-lcs (1.5.1) + drb (2.2.1) erubi (1.12.0) factory_bot (6.4.6) activesupport (>= 5.0.0) @@ -259,9 +264,9 @@ GEM nokogiri (1.16.5-x86_64-linux) racc (~> 1.4) orm_adapter (0.5.0) - paper_trail (12.3.0) - activerecord (>= 5.2) - request_store (~> 1.1) + paper_trail (15.1.0) + activerecord (>= 6.1) + request_store (~> 1.4) parallel (1.24.0) parser (3.3.2.0) ast (~> 2.4.1) @@ -284,20 +289,23 @@ GEM rack (< 3) rack-test (2.1.0) rack (>= 1.3) - rails (7.0.8.3) - actioncable (= 7.0.8.3) - actionmailbox (= 7.0.8.3) - actionmailer (= 7.0.8.3) - actionpack (= 7.0.8.3) - actiontext (= 7.0.8.3) - actionview (= 7.0.8.3) - activejob (= 7.0.8.3) - activemodel (= 7.0.8.3) - activerecord (= 7.0.8.3) - activestorage (= 7.0.8.3) - activesupport (= 7.0.8.3) + rackup (1.0.0) + rack (< 3) + webrick + rails (7.1.3.3) + actioncable (= 7.1.3.3) + actionmailbox (= 7.1.3.3) + actionmailer (= 7.1.3.3) + actionpack (= 7.1.3.3) + actiontext (= 7.1.3.3) + actionview (= 7.1.3.3) + activejob (= 7.1.3.3) + activemodel (= 7.1.3.3) + activerecord (= 7.1.3.3) + activestorage (= 7.1.3.3) + activesupport (= 7.1.3.3) bundler (>= 1.15.0) - railties (= 7.0.8.3) + railties (= 7.1.3.3) rails-dom-testing (2.2.0) activesupport (>= 5.0.0) minitest @@ -305,13 +313,14 @@ GEM rails-html-sanitizer (1.6.0) loofah (~> 2.21) nokogiri (~> 1.14) - railties (7.0.8.3) - actionpack (= 7.0.8.3) - activesupport (= 7.0.8.3) - method_source + railties (7.1.3.3) + actionpack (= 7.1.3.3) + activesupport (= 7.1.3.3) + irb + rackup (>= 1.0.0) rake (>= 12.2) - thor (~> 1.0) - zeitwerk (~> 2.5) + thor (~> 1.0, >= 1.2.2) + zeitwerk (~> 2.6) rainbow (3.1.1) rake (13.2.1) rdoc (6.7.0) @@ -336,14 +345,14 @@ GEM rspec-mocks (3.13.1) diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.13.0) - rspec-rails (5.1.2) - actionpack (>= 5.2) - activesupport (>= 5.2) - railties (>= 5.2) - rspec-core (~> 3.10) - rspec-expectations (~> 3.10) - rspec-mocks (~> 3.10) - rspec-support (~> 3.10) + rspec-rails (6.1.2) + actionpack (>= 6.1) + activesupport (>= 6.1) + railties (>= 6.1) + rspec-core (~> 3.13) + rspec-expectations (~> 3.13) + rspec-mocks (~> 3.13) + rspec-support (~> 3.13) rspec-support (3.13.1) rubocop (1.64.1) json (~> 2.3) @@ -370,7 +379,7 @@ GEM rack (>= 1.1) rubocop (>= 1.33.0, < 2.0) rubocop-ast (>= 1.31.1, < 2.0) - rubocop-rspec (2.29.2) + rubocop-rspec (2.30.0) rubocop (~> 1.40) rubocop-capybara (~> 2.17) rubocop-factory_bot (~> 2.22) @@ -397,16 +406,18 @@ GEM railties (>= 6.0.0) stringio (3.1.0) strscan (3.1.0) - tailwindcss-rails (2.0.12) - railties (>= 6.0.0) - tailwindcss-rails (2.0.12-aarch64-linux) - railties (>= 6.0.0) - tailwindcss-rails (2.0.12-arm64-darwin) - railties (>= 6.0.0) - tailwindcss-rails (2.0.12-x86_64-darwin) - railties (>= 6.0.0) - tailwindcss-rails (2.0.12-x86_64-linux) - railties (>= 6.0.0) + tailwindcss-rails (2.6.0) + railties (>= 7.0.0) + tailwindcss-rails (2.6.0-aarch64-linux) + railties (>= 7.0.0) + tailwindcss-rails (2.6.0-arm-linux) + railties (>= 7.0.0) + tailwindcss-rails (2.6.0-arm64-darwin) + railties (>= 7.0.0) + tailwindcss-rails (2.6.0-x86_64-darwin) + railties (>= 7.0.0) + tailwindcss-rails (2.6.0-x86_64-linux) + railties (>= 7.0.0) thor (1.3.1) timeout (0.4.1) turbo-rails (1.5.0) @@ -433,6 +444,7 @@ GEM addressable (>= 2.8.0) crack (>= 0.3.2) hashdiff (>= 0.4.0, < 2.0.0) + webrick (1.8.1) websocket (1.2.10) websocket-driver (0.7.6) websocket-extensions (>= 0.1.0) @@ -465,7 +477,7 @@ DEPENDENCIES csv (~> 3.2.0) database_cleaner-active_record (~> 2.0) debug (~> 1.6) - devise! + devise (~> 4.9) factory_bot_rails (~> 6.2) faker (~> 2.21) friendly_id (~> 5.4.0) @@ -476,15 +488,15 @@ DEPENDENCIES letter_opener (~> 1.8) mutex_m (~> 0.2) nokogiri (~> 1.13) - paper_trail (~> 12.3) + paper_trail (~> 15.0) pg (~> 1.4) pg_search (~> 2.3) pry (~> 0.14) puma (~> 5.6) rack (~> 2.0) - rails (~> 7.0.0, >= 7.0.2.3) + rails (~> 7.1.0) rspec-github (~> 2.3) - rspec-rails (~> 5.1) + rspec-rails (~> 6.1) rubocop (~> 1.32) rubocop-performance (~> 1.14) rubocop-rails (~> 2.15) @@ -493,7 +505,7 @@ DEPENDENCIES selenium-webdriver (~> 4.3) sprockets-rails (~> 3.4) stimulus-rails (~> 1.1) - tailwindcss-rails (= 2.0.12) + tailwindcss-rails (~> 2.6) turbo-rails (~> 1.1) tzinfo-data vcr (~> 6.1) diff --git a/app/models/field.rb b/app/models/field.rb index d41a074..3ba6ff6 100644 --- a/app/models/field.rb +++ b/app/models/field.rb @@ -24,7 +24,6 @@ class Field < ApplicationRecord scope :classified, -> { joins(:classifications).distinct } scope :not_classified, -> { where.missing(:classifications).distinct } scope :mapped, -> { where("fields.common_type IS NOT NULL AND fields.common_type != ''") } - scope :with_values, -> { where(common_type: VALUE_TYPES) } scope :without_values, -> { where.not(common_type: VALUE_TYPES) } def classified? diff --git a/bin/setup b/bin/setup index ec47b79..3cd5a9d 100755 --- a/bin/setup +++ b/bin/setup @@ -5,7 +5,7 @@ require "fileutils" APP_ROOT = File.expand_path("..", __dir__) def system!(*args) - system(*args) || abort("\n== Command #{args} failed ==") + system(*args, exception: true) end FileUtils.chdir APP_ROOT do diff --git a/config/application.rb b/config/application.rb index 0e8990f..1d4affe 100644 --- a/config/application.rb +++ b/config/application.rb @@ -12,7 +12,7 @@ module Classifyr # Application configuration. class Application < Rails::Application # Initialize configuration defaults for originally generated Rails version. - config.load_defaults 7.0 + config.load_defaults 7.1 # Configuration for the application, engines, and railties goes here. # diff --git a/config/environments/development.rb b/config/environments/development.rb index b173829..0797f10 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -6,7 +6,7 @@ # In the development environment your application's code is reloaded any time # it changes. This slows down response time but is perfect for development # since you don't have to restart the web server when you make code changes. - config.cache_classes = false + config.enable_reloading = true # Do not eager load code on boot. config.eager_load = false @@ -25,7 +25,7 @@ config.cache_store = :memory_store config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{2.days.to_i}", + "Cache-Control" => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -59,6 +59,9 @@ # Highlight code that triggered database queries in logs. config.active_record.verbose_query_logs = true + # Highlight code that enqueued background job in logs. + config.active_job.verbose_enqueue_logs = true + # Suppress logger output for asset requests. config.assets.quiet = true @@ -71,6 +74,9 @@ # Uncomment if you wish to allow Action Cable access from any origin. # config.action_cable.disable_request_forgery_protection = true + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true + # Configure mail sending based on the delivery method. config.action_mailer.delivery_method = ENV.fetch('RAILS_DELIVERY_METHOD', 'letter_opener').to_sym diff --git a/config/environments/production.rb b/config/environments/production.rb index 69c29c5..495ed34 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -4,7 +4,7 @@ # Settings specified here will take precedence over those in config/application.rb. # Code is not reloaded between requests. - config.cache_classes = true + config.enable_reloading = false # Eager load code on boot. This eager loads most of Rails and # your application in memory, allowing both threaded web servers @@ -13,21 +13,21 @@ config.eager_load = true # Full error reports are disabled and caching is turned on. - config.consider_all_requests_local = false + config.consider_all_requests_local = false config.action_controller.perform_caching = true - # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"] - # or in config/master.key. This key is used to decrypt credentials (and other encrypted files). + # Ensures that a master key has been made available in ENV["RAILS_MASTER_KEY"], config/master.key, or an environment + # key such as config/credentials/production.key. This key is used to decrypt credentials (and other encrypted files). # config.require_master_key = true - # Disable serving static files from the `/public` folder by default since - # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV.fetch("RAILS_SERVE_STATIC_FILES") { true } + # Disable serving static files from `public/`, relying on NGINX/Apache to do so instead. + # config.public_file_server.enabled = false + config.public_file_server.enabled = ENV.fetch('RAILS_SERVE_STATIC_FILES', true) # Compress CSS using a preprocessor. # config.assets.css_compressor = :sass - # Do not fallback to assets pipeline if a precompiled asset is missed. + # Do not fall back to assets pipeline if a precompiled asset is missed. config.assets.compile = false # Enable serving of images, stylesheets, and JavaScripts from an asset server. @@ -45,23 +45,34 @@ # config.action_cable.url = "wss://example.com/cable" # config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ] + # Assume all access to the app is happening through a SSL-terminating reverse proxy. + # Can be used together with config.force_ssl for Strict-Transport-Security and secure cookies. + # config.assume_ssl = true + # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies. - # We don't currently enable this as SSL is terminated at the load balancer in - # production. - # config.force_ssl = true + config.force_ssl = true - # Include generic and useful information about system operation, but avoid logging too much - # information to avoid inadvertent exposure of personally identifiable information (PII). - config.log_level = :info + # Log to STDOUT by default + config.logger = ActiveSupport::Logger.new(STDOUT) + .tap { |logger| logger.formatter = ::Logger::Formatter.new } + .then { |logger| ActiveSupport::TaggedLogging.new(logger) } # Prepend all log lines with the following tags. - config.log_tags = [:request_id] + config.log_tags = [ :request_id ] + + # "info" includes generic and useful information about system operation, but avoids logging too much + # information to avoid inadvertent exposure of personally identifiable information (PII). If you + # want to log everything, set the level to "debug". + config.log_level = ENV.fetch('RAILS_LOG_LEVEL', 'info') + + # Use default logging formatter so that PID and timestamp are not suppressed. + config.log_formatter = ::Logger::Formatter.new # Use a different cache store in production. # config.cache_store = :mem_cache_store # Use a real queuing backend for Active Job (and separate queues per environment). - # config.active_job.queue_adapter = :resque + # config.active_job.queue_adapter = :resque # config.active_job.queue_name_prefix = "classifyr_production" config.action_mailer.perform_caching = false @@ -82,19 +93,14 @@ # Don't log any deprecations. config.active_support.report_deprecations = false - # Use default logging formatter so that PID and timestamp are not suppressed. - config.log_formatter = ::Logger::Formatter.new - - # Use a different logger for distributed setups. - # require "syslog/logger" - # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name") - - if ENV["RAILS_LOG_TO_STDOUT"].present? - logger = ActiveSupport::Logger.new(STDOUT) - logger.formatter = config.log_formatter - config.logger = ActiveSupport::TaggedLogging.new(logger) - end - # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false + + # Enable DNS rebinding protection and other `Host` header attacks. + # config.hosts = [ + # "example.com", # Allow requests from example.com + # /.*\.example\.com/ # Allow requests from subdomains like `www.example.com` + # ] + # Skip DNS rebinding protection for the default health check endpoint. + # config.host_authorization = { exclude: ->(request) { request.path == "/up" } } end diff --git a/config/environments/test.rb b/config/environments/test.rb index eaeeda0..6d7b558 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -8,27 +8,28 @@ Rails.application.configure do # Settings specified here will take precedence over those in config/application.rb. - # Turn false under Spring and add config.action_view.cache_template_loading = true. - config.cache_classes = true + # While tests run files are not watched, reloading is not necessary. + config.enable_reloading = false - # Eager loading loads your whole application. When running a single test locally, - # this probably isn't necessary. It's a good idea to do in a continuous integration - # system, or in some way before deploying your code. + # Eager loading loads your entire application. When running a single test locally, + # this is usually not necessary, and can slow down your test suite. However, it's + # recommended that you enable it in continuous integration systems to ensure eager + # loading is working properly before deploying your code. config.eager_load = ENV["CI"].present? # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{1.hour.to_i}", + "Cache-Control" => "public, max-age=#{1.hour.to_i}" } # Show full error reports and disable caching. - config.consider_all_requests_local = true + config.consider_all_requests_local = true config.action_controller.perform_caching = false config.cache_store = :null_store - # Raise exceptions instead of rendering exception templates. - config.action_dispatch.show_exceptions = false + # Render exception templates for rescuable exceptions and raise for other exceptions. + config.action_dispatch.show_exceptions = :none # Disable request forgery protection in test environment. config.action_controller.allow_forgery_protection = false @@ -58,5 +59,8 @@ # Annotate rendered view with file names. # config.action_view.annotate_rendered_view_with_filenames = true + # Raise error when a before_action's only/except options reference missing actions + config.action_controller.raise_on_missing_callback_actions = true + config.action_mailer.default_url_options = { host: "localhost", port: 3000 } end diff --git a/config/initializers/content_security_policy.rb b/config/initializers/content_security_policy.rb index f37ed8d..af395e4 100644 --- a/config/initializers/content_security_policy.rb +++ b/config/initializers/content_security_policy.rb @@ -1,9 +1,9 @@ # frozen_string_literal: true # Be sure to restart your server when you modify this file. -# Define an application-wide content security policy -# For further information see the following documentation -# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy +# Define an application-wide content security policy. +# See the Securing Rails Applications Guide for more information: +# https://guides.rubyonrails.org/security.html#content-security-policy-header # Rails.application.configure do # config.content_security_policy do |policy| @@ -17,11 +17,10 @@ # # policy.report_uri "/csp-violation-report-endpoint" # end # -# # Generate session nonces for permitted importmap and inline scripts +# # Generate session nonces for permitted importmap, inline scripts, and inline styles. # config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s } -# config.content_security_policy_nonce_directives = %w(script-src) +# config.content_security_policy_nonce_directives = %w(script-src style-src) # -# # Report CSP violations to a specified URI. See: -# # https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only +# # Report violations without enforcing the policy. # # config.content_security_policy_report_only = true # end diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 75cb747..43b3658 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -14,7 +14,10 @@ # confirmation, reset password and unlock tokens in the database. # Devise will use the `secret_key_base` as its `secret_key` # by default. You can change it below and use your own secret key. - # config.secret_key = '' + # + # Explicitly set the secret key to suppress the `Rails.application.secrets` + # deprecation warning. + config.secret_key = Rails.application.secret_key_base # ==> Controller configuration # Configure the parent class to the devise controllers. diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb index 3df77c5..c416e6a 100644 --- a/config/initializers/filter_parameter_logging.rb +++ b/config/initializers/filter_parameter_logging.rb @@ -2,9 +2,9 @@ # Be sure to restart your server when you modify this file. -# Configure parameters to be filtered from the log file. Use this to limit dissemination of -# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported -# notations and behaviors. +# Configure parameters to be partially matched (e.g. passw matches password) and filtered from the log file. +# Use this to limit dissemination of sensitive information. +# See the ActiveSupport::ParameterFilter documentation for supported notations and behaviors. Rails.application.config.filter_parameters += %i[ passw secret token _key crypt salt certificate otp ssn ] diff --git a/config/initializers/permissions_policy.rb b/config/initializers/permissions_policy.rb index 50bcf4e..94637b4 100644 --- a/config/initializers/permissions_policy.rb +++ b/config/initializers/permissions_policy.rb @@ -1,12 +1,12 @@ # frozen_string_literal: true # Define an application-wide HTTP permissions policy. For further -# information see https://developers.google.com/web/updates/2018/06/feature-policy -# -# Rails.application.config.permissions_policy do |f| -# f.camera :none -# f.gyroscope :none -# f.microphone :none -# f.usb :none -# f.fullscreen :self -# f.payment :self, "https://secure.example.com" +# information see: https://developers.google.com/web/updates/2018/06/feature-policy + +# Rails.application.config.permissions_policy do |policy| +# policy.camera :none +# policy.gyroscope :none +# policy.microphone :none +# policy.usb :none +# policy.fullscreen :self +# policy.payment :self, "https://secure.example.com" # end diff --git a/db/migrate/20240604011051_add_service_name_to_active_storage_blobs.active_storage.rb b/db/migrate/20240604011051_add_service_name_to_active_storage_blobs.active_storage.rb new file mode 100644 index 0000000..a15c6ce --- /dev/null +++ b/db/migrate/20240604011051_add_service_name_to_active_storage_blobs.active_storage.rb @@ -0,0 +1,22 @@ +# This migration comes from active_storage (originally 20190112182829) +class AddServiceNameToActiveStorageBlobs < ActiveRecord::Migration[6.0] + def up + return unless table_exists?(:active_storage_blobs) + + unless column_exists?(:active_storage_blobs, :service_name) + add_column :active_storage_blobs, :service_name, :string + + if configured_service = ActiveStorage::Blob.service.name + ActiveStorage::Blob.unscoped.update_all(service_name: configured_service) + end + + change_column :active_storage_blobs, :service_name, :string, null: false + end + end + + def down + return unless table_exists?(:active_storage_blobs) + + remove_column :active_storage_blobs, :service_name + end +end diff --git a/db/migrate/20240604011052_create_active_storage_variant_records.active_storage.rb b/db/migrate/20240604011052_create_active_storage_variant_records.active_storage.rb new file mode 100644 index 0000000..94ac83a --- /dev/null +++ b/db/migrate/20240604011052_create_active_storage_variant_records.active_storage.rb @@ -0,0 +1,27 @@ +# This migration comes from active_storage (originally 20191206030411) +class CreateActiveStorageVariantRecords < ActiveRecord::Migration[6.0] + def change + return unless table_exists?(:active_storage_blobs) + + # Use Active Record's configured type for primary key + create_table :active_storage_variant_records, id: primary_key_type, if_not_exists: true do |t| + t.belongs_to :blob, null: false, index: false, type: blobs_primary_key_type + t.string :variation_digest, null: false + + t.index %i[ blob_id variation_digest ], name: "index_active_storage_variant_records_uniqueness", unique: true + t.foreign_key :active_storage_blobs, column: :blob_id + end + end + + private + def primary_key_type + config = Rails.configuration.generators + config.options[config.orm][:primary_key_type] || :primary_key + end + + def blobs_primary_key_type + pkey_name = connection.primary_key(:active_storage_blobs) + pkey_column = connection.columns(:active_storage_blobs).find { |c| c.name == pkey_name } + pkey_column.bigint? ? :bigint : pkey_column.type + end +end diff --git a/db/migrate/20240604011053_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb b/db/migrate/20240604011053_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb new file mode 100644 index 0000000..93c8b85 --- /dev/null +++ b/db/migrate/20240604011053_remove_not_null_on_active_storage_blobs_checksum.active_storage.rb @@ -0,0 +1,8 @@ +# This migration comes from active_storage (originally 20211119233751) +class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0] + def change + return unless table_exists?(:active_storage_blobs) + + change_column_null(:active_storage_blobs, :checksum, true) + end +end diff --git a/db/schema.rb b/db/schema.rb index 21eb12d..8473b7b 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema[7.0].define(version: 2022_09_09_233712) do +ActiveRecord::Schema[7.1].define(version: 2024_06_04_011053) do # These are extensions that must be enabled in order to support this database enable_extension "pg_trgm" enable_extension "plpgsql" @@ -74,7 +74,6 @@ t.string "humanized_code" t.string "humanized_description" t.text "humanized_notes" - t.index "to_tsvector('simple'::regconfig, COALESCE((code)::text, ''::text))", name: "index_common_incident_types_on_code", using: :gin t.index ["standard", "code_version", "code"], name: "index_common_incident_types_on_standard_and_version_and_code" end diff --git a/spec/rails_helper.rb b/spec/rails_helper.rb index d6b35b5..e455e58 100644 --- a/spec/rails_helper.rb +++ b/spec/rails_helper.rb @@ -42,7 +42,8 @@ end RSpec.configure do |config| # Remove this line if you're not using ActiveRecord or ActiveRecord fixtures - config.fixture_path = "#{::Rails.root}/spec/fixtures" + config.fixture_paths ||= [] + config.fixture_paths << "#{::Rails.root}/spec/fixtures" # If you're not using ActiveRecord, or you'd prefer not to run each of your # examples within a transaction, remove the following line or assign false diff --git a/spec/requests/call_types_spec.rb b/spec/requests/call_types_spec.rb index 69fce47..7c1abff 100644 --- a/spec/requests/call_types_spec.rb +++ b/spec/requests/call_types_spec.rb @@ -31,6 +31,7 @@ it 'shows the classification page' do get(path) + get(response.headers['Location']) expect(response.body).to include(data_set.title) expect(response.body).to include(unique_value.value) diff --git a/spec/requests/dashboard_spec.rb b/spec/requests/dashboard_spec.rb index 6254bd2..ffce322 100644 --- a/spec/requests/dashboard_spec.rb +++ b/spec/requests/dashboard_spec.rb @@ -3,9 +3,9 @@ require 'rails_helper' RSpec.describe 'Dashboards', type: :request do - describe '#index' do - let(:path) { '/dashboards' } + let(:path) { '/dashboards' } + describe '#index' do include_examples 'unauthenticated', :get context 'when authenticated' do @@ -41,7 +41,6 @@ it "does include the 'Users' menu item" do get(path) - get(response.headers['Location']) html = Nokogiri::HTML(response.body.to_s) users_link = html.css('//a[@href="/admin/users"]') diff --git a/spec/requests/data_sets_spec.rb b/spec/requests/data_sets_spec.rb index 159061d..280801d 100644 --- a/spec/requests/data_sets_spec.rb +++ b/spec/requests/data_sets_spec.rb @@ -73,10 +73,8 @@ data_set.update(title: 'Chicago Data 2022') expect(old_slug).not_to eq(data_set.slug) - get "/data_sets/#{old_slug}" - expect(response.body).to include( - 'You are being redirected.' - ) + get("/data_sets/#{old_slug}") + expect(response.headers['Location']).to eq('http://www.example.com/data_sets/chicago-data-2022') end end end