make everything boot again

Changelog.md

@@ -1,5 +1,18 @@
 # Head
 
+## Rails 4 - Manual action required
+Please edit `config/initializers/secret_token.rb`, replacing `secret_token` with
+`secret_key_base`.
+
+```ruby
+# Old
+Rails.application.config.secret_token = '***********...'
+
+# New
+Diaspora::Application.config.secret_key_base = '*************...'
+```
+
+
 ## Refactor
 * Port help pages to Bootstrap [#5050](https://github.com/diaspora/diaspora/pull/5050)
 * Refactor Notification#notify [#4945](https://github.com/diaspora/diaspora/pull/4945)

config/application.rb

@@ -1,7 +1,7 @@
 require_relative 'boot'
 
 require 'rails/all'
-Bundler.require(*Rails.groups(:assets => %w(development test))) if defined?(Bundler)
+Bundler.require(:default, Rails.env)
 
 # Load asset_sync early
 require_relative 'asset_sync'
@@ -34,9 +34,6 @@ class Application < Rails::Application
     # Configure the default encoding used in templates for Ruby 1.9.
     config.encoding = "utf-8"
 
-    # Configure sensitive parameters which will be filtered from the log file.
-    config.filter_parameters += [:password, :xml,:message, :text, :bio]
-
     # Enable escaping HTML in JSON.
     config.active_support.escape_html_entities_in_json = true
 
@@ -45,12 +42,6 @@ class Application < Rails::Application
     # like if you have constraints or database-specific column types
     # config.active_record.schema_format = :sql
 
-    # Enforce whitelist mode for mass assignment.
-    # This will create an empty whitelist of attributes available for mass-assignment for all models
-    # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
-    # parameters by using an attr_accessible or attr_protected declaration.
-    #config.active_record.whitelist_attributes = false
-
     # Enable the asset pipeline
     config.assets.enabled = true
 
@@ -59,7 +50,7 @@ class Application < Rails::Application
 
     # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
     config.assets.precompile += %w{
-      aspect-contacts.js 
+      aspect-contacts.js
       contact-list.js
       home.js
       ie.js

config/boot.rb

@@ -1,5 +1,3 @@
-require 'rubygems'
-
 # Set up gems listed in the Gemfile.
 ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
 require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])

config/environments/development.rb

@@ -6,8 +6,8 @@
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
-  # Log error messages when you accidentally call methods on nil.
-  config.whiny_nils = true
+  # Do not eager load code on boot.
+  config.eager_load = false
 
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true
@@ -16,18 +16,15 @@
   # Don't care if the mailer can't send
   config.action_mailer.raise_delivery_errors = false
 
+  # Raise an error on page load if there are pending migrations
+  config.active_record.migration_error = :page_load
+
   # Print deprecation notices to the Rails logger
   config.active_support.deprecation = :log
 
   # Only use best-standards-support built into browsers
   config.action_dispatch.best_standards_support = :builtin
 
-  # Raise exception on mass assignment protection for Active Record models
-  #config.active_record.mass_assignment_sanitizer = :strict
-
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
 
   # Do not compress assets
   config.assets.compress = false

config/environments/integration.rb

@@ -1,6 +1,4 @@
 require Rails.root.join('config', 'environment', 'development')
 
 Diaspora::Application.configure do
-  # Enable threaded mode
-  config.threadsafe!
 end

config/environments/production.rb

@@ -4,25 +4,29 @@
   # Code is not reloaded between requests
   config.cache_classes = true
 
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both thread web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
   # Full error reports are disabled and caching is turned on
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
   # Disable Rails's static asset server (Apache or nginx will already do this)
   config.serve_static_assets = false
 
-  # Compress JavaScripts and CSS
-  config.assets.compress = true
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  # config.assets.css_compressor = :sass
 
   # Don't fallback to assets pipeline if a precompiled asset is missed
   config.assets.compile = false
 
   # Generate digests for assets URLs
   config.assets.digest = true
 
-  # Defaults to nil and saved in location specified by config.assets.prefix
-  # config.assets.manifest = YOUR_PATH
-
   # Specifies the header that your server uses for sending files
   # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
@@ -51,9 +55,6 @@
   # Disable delivery errors, bad email addresses will be ignored
   # config.action_mailer.raise_delivery_errors = false
 
-  # Enable threaded mode
-  config.threadsafe!
-
   # Enable autoload for rake tasks
   config.dependency_loading = true if $rails_rake_task
 
@@ -64,10 +65,6 @@
   # Send deprecation notices to registered listeners
   config.active_support.deprecation = :notify
 
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
-
   # For nginx:
    config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect'
 

config/environments/test.rb

@@ -7,13 +7,15 @@
   # and recreated between test runs. Don't rely on the data there!
   config.cache_classes = true
 
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
   # Configure static asset server for tests with Cache-Control for performance
   config.serve_static_assets = true
   config.static_cache_control = "public, max-age=3600"
 
-  # Log error messages when you accidentally call methods on nil
-  config.whiny_nils = true
-
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
@@ -29,9 +31,6 @@
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  # Raise exception on mass assignment protection for Active Record models
-  #config.active_record.mass_assignment_sanitizer = :strict
-
   # Print deprecation notices to the stderr
   config.active_support.deprecation = :stderr
 end

config/initializers/filter_parameter_logging.rb

@@ -0,0 +1,4 @@
+# Be sure to restart your server when you modify this file.
+
+# Configure sensitive parameters which will be filtered from the log file.
+Rails.application.config.filter_parameters += [:password, :xml,:message, :text, :bio]

config/initializers/load_libraries.rb

@@ -3,7 +3,6 @@
 require 'uri'
 
 # Not auto required gems
-require 'active_support/base64'
 require 'builder/xchar'
 require 'carrierwave/orm/activerecord'
 require 'erb'

config/initializers/session_store.rb

@@ -1,12 +1,3 @@
-#   Copyright (c) 2010-2011, Diaspora Inc.  This file is
-#   licensed under the Affero General Public License version 3 or later.  See
-#   the COPYRIGHT file.
-
 # Be sure to restart your server when you modify this file.
 
-Rails.application.config.session_store :cookie_store, key: '_diaspora_session', httponly: false
-
-# Use the database for sessions instead of the cookie-based default,
-# which shouldn't be used to store highly confidential information
-# (create the session table with "rake db:sessions:create")
-# Rails.application.config.session_store :active_record_store
+Diaspora::Application.config.session_store :cookie_store, key: '_diaspora_session', httponly: false

config/routes.rb

@@ -49,8 +49,8 @@
   end
 
   # Streams
-  get "participate" => "streams#activity", :as => "activity_stream" # legacy
-  get "explore" => "streams#multi", :as => "stream"                 # legacy
+  get "participate" => "streams#activity" # legacy
+  get "explore" => "streams#multi"        # legacy
 
   get "activity" => "streams#activity", :as => "activity_stream"
   get "stream" => "streams#multi", :as => "stream"
@@ -104,15 +104,15 @@
 
   controller :users do
     get 'public/:username'          => :public,           :as => 'users_public'
-    match 'getting_started'         => :getting_started,  :as => 'getting_started'
-    match 'privacy'                 => :privacy_settings, :as => 'privacy_settings'
+    get 'getting_started'           => :getting_started,  :as => 'getting_started'
+    get 'privacy'                   => :privacy_settings, :as => 'privacy_settings'
     get 'getting_started_completed' => :getting_started_completed
     get 'confirm_email/:token'      => :confirm_email,    :as => 'confirm_email'
   end
 
   # This is a hack to overide a route created by devise.
   # I couldn't find anything in devise to skip that route, see Bug #961
-  match 'users/edit' => redirect('/user/edit')
+  get 'users/edit' => redirect('/user/edit')
 
   devise_for :users, :controllers => {:registrations => "registrations",
                                       :passwords     => "passwords",
@@ -122,14 +122,14 @@
   get 'users/invitation/accept' => 'invitations#edit'
   get 'invitations/email' => 'invitations#email', :as => 'invite_email'
   get 'users/invitations' => 'invitations#new', :as => 'new_user_invitation'
-  post 'users/invitations' => 'invitations#create', :as => 'new_user_invitation'
+  post 'users/invitations' => 'invitations#create', :as => 'user_invitation'
 
   get 'login' => redirect('/users/sign_in')
 
   # Admin backend routes
 
   scope 'admins', :controller => :admins do
-    match :user_search
+    match :user_search, via: [:get, :post]
     get   :admin_inviter
     get   :weekly_user_stats
     get   :correlations
@@ -193,8 +193,8 @@
   resources :services, :only => [:index, :destroy]
   controller :services do
     scope "/auth", :as => "auth" do
-      match ':provider/callback' => :create
-      match :failure
+      get ':provider/callback' => :create
+      get :failure
     end
   end
 
@@ -214,7 +214,7 @@
 
   get 'mobile/toggle', :to => 'home#toggle_mobile', :as => 'toggle_mobile'
 
-  # help
+  # Help
   get 'help' => 'help#faq', :as => 'help'
 
   #Protocol Url

lib/configuration_methods.rb

@@ -47,7 +47,7 @@ def secret_token
           `bundle exec rake generate:secret_token`
         end
         require token_file
-        Rails.application.config.secret_token
+        Diaspora::Application.config.secret_key_base
       end
     end
 

lib/tasks/generate_session_secret.rake

@@ -6,17 +6,18 @@ namespace :generate do
   secret = SecureRandom.hex(40)
   File.open(path, 'w') do |f|
     f.write <<"EOF"
-#   Copyright (c) 2010-2011, Diaspora Inc.  This file is
-#   licensed under the Affero General Public License version 3 or later.  See
-#   the COPYRIGHT file.
-
 # Be sure to restart your server when you modify this file.
 
-# Your secret key for verifying the integrity of signed cookies.
+# Your secret key is used for verifying the integrity of signed cookies.
 # If you change this key, all old signed cookies will become invalid!
+
 # Make sure the secret is at least 30 characters and all random,
 # no regular words or you'll be exposed to dictionary attacks.
-Rails.application.config.secret_token = '#{secret}'
+# You can use `rake secret` to generate a secure secret key.
+
+# Make sure your secret_key_base is kept private
+# if you're sharing your code publicly.
+Diaspora::Application.config.secret_key_base = '#{secret}'
 EOF
 
 end