From d75632401be015b58359ee7811740d7ce0d3eae1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jonne=20Ha=C3=9F?= Date: Sat, 31 Aug 2013 01:17:10 +0200 Subject: [PATCH] make everything boot again --- Changelog.md | 13 ++++++++++++ config/application.rb | 13 ++---------- config/boot.rb | 2 -- config/environments/development.rb | 13 +++++------- config/environments/integration.rb | 2 -- config/environments/production.rb | 21 ++++++++----------- config/environments/test.rb | 11 +++++----- .../initializers/filter_parameter_logging.rb | 4 ++++ config/initializers/load_libraries.rb | 1 - config/initializers/session_store.rb | 11 +--------- config/routes.rb | 20 +++++++++--------- lib/configuration_methods.rb | 2 +- lib/tasks/generate_session_secret.rake | 13 ++++++------ 13 files changed, 57 insertions(+), 69 deletions(-) create mode 100644 config/initializers/filter_parameter_logging.rb diff --git a/Changelog.md b/Changelog.md index 9dc39b2bc96..3857127e3c8 100644 --- a/Changelog.md +++ b/Changelog.md @@ -1,5 +1,18 @@ # Head +## Rails 4 - Manual action required +Please edit `config/initializers/secret_token.rb`, replacing `secret_token` with +`secret_key_base`. + +```ruby +# Old +Rails.application.config.secret_token = '***********...' + +# New +Diaspora::Application.config.secret_key_base = '*************...' +``` + + ## Refactor * Port help pages to Bootstrap [#5050](https://github.com/diaspora/diaspora/pull/5050) * Refactor Notification#notify [#4945](https://github.com/diaspora/diaspora/pull/4945) diff --git a/config/application.rb b/config/application.rb index a33413f0d12..a54bdeb326a 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,7 +1,7 @@ require_relative 'boot' require 'rails/all' -Bundler.require(*Rails.groups(:assets => %w(development test))) if defined?(Bundler) +Bundler.require(:default, Rails.env) # Load asset_sync early require_relative 'asset_sync' @@ -34,9 +34,6 @@ class Application < Rails::Application # Configure the default encoding used in templates for Ruby 1.9. config.encoding = "utf-8" - # Configure sensitive parameters which will be filtered from the log file. - config.filter_parameters += [:password, :xml,:message, :text, :bio] - # Enable escaping HTML in JSON. config.active_support.escape_html_entities_in_json = true @@ -45,12 +42,6 @@ class Application < Rails::Application # like if you have constraints or database-specific column types # config.active_record.schema_format = :sql - # Enforce whitelist mode for mass assignment. - # This will create an empty whitelist of attributes available for mass-assignment for all models - # in your app. As such, your models will need to explicitly whitelist or blacklist accessible - # parameters by using an attr_accessible or attr_protected declaration. - #config.active_record.whitelist_attributes = false - # Enable the asset pipeline config.assets.enabled = true @@ -59,7 +50,7 @@ class Application < Rails::Application # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added) config.assets.precompile += %w{ - aspect-contacts.js + aspect-contacts.js contact-list.js home.js ie.js diff --git a/config/boot.rb b/config/boot.rb index 0eee595af3b..6e3d234276d 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,5 +1,3 @@ -require 'rubygems' - # Set up gems listed in the Gemfile. ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__) require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE']) diff --git a/config/environments/development.rb b/config/environments/development.rb index 309cbce28dc..138c8ccd533 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -6,8 +6,8 @@ # since you don't have to restart the web server when you make code changes. config.cache_classes = false - # Log error messages when you accidentally call methods on nil. - config.whiny_nils = true + # Do not eager load code on boot. + config.eager_load = false # Show full error reports and disable caching config.consider_all_requests_local = true @@ -16,18 +16,15 @@ # Don't care if the mailer can't send config.action_mailer.raise_delivery_errors = false + # Raise an error on page load if there are pending migrations + config.active_record.migration_error = :page_load + # Print deprecation notices to the Rails logger config.active_support.deprecation = :log # Only use best-standards-support built into browsers config.action_dispatch.best_standards_support = :builtin - # Raise exception on mass assignment protection for Active Record models - #config.active_record.mass_assignment_sanitizer = :strict - - # Log the query plan for queries taking more than this (works - # with SQLite, MySQL, and PostgreSQL) - # config.active_record.auto_explain_threshold_in_seconds = 0.5 # Do not compress assets config.assets.compress = false diff --git a/config/environments/integration.rb b/config/environments/integration.rb index 0a1b06f8052..0fc42e916a6 100644 --- a/config/environments/integration.rb +++ b/config/environments/integration.rb @@ -1,6 +1,4 @@ require Rails.root.join('config', 'environment', 'development') Diaspora::Application.configure do - # Enable threaded mode - config.threadsafe! end diff --git a/config/environments/production.rb b/config/environments/production.rb index 666622309c0..2d54ebf5f84 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -4,6 +4,12 @@ # Code is not reloaded between requests config.cache_classes = true + # Eager load code on boot. This eager loads most of Rails and + # your application in memory, allowing both thread web servers + # and those relying on copy on write to perform better. + # Rake tasks automatically ignore this option for performance. + config.eager_load = true + # Full error reports are disabled and caching is turned on config.consider_all_requests_local = false config.action_controller.perform_caching = true @@ -11,8 +17,9 @@ # Disable Rails's static asset server (Apache or nginx will already do this) config.serve_static_assets = false - # Compress JavaScripts and CSS - config.assets.compress = true + # Compress JavaScripts and CSS. + config.assets.js_compressor = :uglifier + # config.assets.css_compressor = :sass # Don't fallback to assets pipeline if a precompiled asset is missed config.assets.compile = false @@ -20,9 +27,6 @@ # Generate digests for assets URLs config.assets.digest = true - # Defaults to nil and saved in location specified by config.assets.prefix - # config.assets.manifest = YOUR_PATH - # Specifies the header that your server uses for sending files # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx @@ -51,9 +55,6 @@ # Disable delivery errors, bad email addresses will be ignored # config.action_mailer.raise_delivery_errors = false - # Enable threaded mode - config.threadsafe! - # Enable autoload for rake tasks config.dependency_loading = true if $rails_rake_task @@ -64,10 +65,6 @@ # Send deprecation notices to registered listeners config.active_support.deprecation = :notify - # Log the query plan for queries taking more than this (works - # with SQLite, MySQL, and PostgreSQL) - # config.active_record.auto_explain_threshold_in_seconds = 0.5 - # For nginx: config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' diff --git a/config/environments/test.rb b/config/environments/test.rb index 074be4ccacb..60bef030531 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -7,13 +7,15 @@ # and recreated between test runs. Don't rely on the data there! config.cache_classes = true + # Do not eager load code on boot. This avoids loading your whole application + # just for the purpose of running a single test. If you are using a tool that + # preloads Rails for running tests, you may have to set it to true. + config.eager_load = false + # Configure static asset server for tests with Cache-Control for performance config.serve_static_assets = true config.static_cache_control = "public, max-age=3600" - # Log error messages when you accidentally call methods on nil - config.whiny_nils = true - # Show full error reports and disable caching config.consider_all_requests_local = true config.action_controller.perform_caching = false @@ -29,9 +31,6 @@ # ActionMailer::Base.deliveries array. config.action_mailer.delivery_method = :test - # Raise exception on mass assignment protection for Active Record models - #config.active_record.mass_assignment_sanitizer = :strict - # Print deprecation notices to the stderr config.active_support.deprecation = :stderr end diff --git a/config/initializers/filter_parameter_logging.rb b/config/initializers/filter_parameter_logging.rb new file mode 100644 index 00000000000..cd871780d62 --- /dev/null +++ b/config/initializers/filter_parameter_logging.rb @@ -0,0 +1,4 @@ +# Be sure to restart your server when you modify this file. + +# Configure sensitive parameters which will be filtered from the log file. +Rails.application.config.filter_parameters += [:password, :xml,:message, :text, :bio] diff --git a/config/initializers/load_libraries.rb b/config/initializers/load_libraries.rb index 29ddab02220..87f46ccad4b 100644 --- a/config/initializers/load_libraries.rb +++ b/config/initializers/load_libraries.rb @@ -3,7 +3,6 @@ require 'uri' # Not auto required gems -require 'active_support/base64' require 'builder/xchar' require 'carrierwave/orm/activerecord' require 'erb' diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb index e46823d170c..d2e9c4e292f 100644 --- a/config/initializers/session_store.rb +++ b/config/initializers/session_store.rb @@ -1,12 +1,3 @@ -# Copyright (c) 2010-2011, Diaspora Inc. This file is -# licensed under the Affero General Public License version 3 or later. See -# the COPYRIGHT file. - # Be sure to restart your server when you modify this file. -Rails.application.config.session_store :cookie_store, key: '_diaspora_session', httponly: false - -# Use the database for sessions instead of the cookie-based default, -# which shouldn't be used to store highly confidential information -# (create the session table with "rake db:sessions:create") -# Rails.application.config.session_store :active_record_store +Diaspora::Application.config.session_store :cookie_store, key: '_diaspora_session', httponly: false diff --git a/config/routes.rb b/config/routes.rb index 519a731f4ad..6bc3b026516 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -49,8 +49,8 @@ end # Streams - get "participate" => "streams#activity", :as => "activity_stream" # legacy - get "explore" => "streams#multi", :as => "stream" # legacy + get "participate" => "streams#activity" # legacy + get "explore" => "streams#multi" # legacy get "activity" => "streams#activity", :as => "activity_stream" get "stream" => "streams#multi", :as => "stream" @@ -104,15 +104,15 @@ controller :users do get 'public/:username' => :public, :as => 'users_public' - match 'getting_started' => :getting_started, :as => 'getting_started' - match 'privacy' => :privacy_settings, :as => 'privacy_settings' + get 'getting_started' => :getting_started, :as => 'getting_started' + get 'privacy' => :privacy_settings, :as => 'privacy_settings' get 'getting_started_completed' => :getting_started_completed get 'confirm_email/:token' => :confirm_email, :as => 'confirm_email' end # This is a hack to overide a route created by devise. # I couldn't find anything in devise to skip that route, see Bug #961 - match 'users/edit' => redirect('/user/edit') + get 'users/edit' => redirect('/user/edit') devise_for :users, :controllers => {:registrations => "registrations", :passwords => "passwords", @@ -122,14 +122,14 @@ get 'users/invitation/accept' => 'invitations#edit' get 'invitations/email' => 'invitations#email', :as => 'invite_email' get 'users/invitations' => 'invitations#new', :as => 'new_user_invitation' - post 'users/invitations' => 'invitations#create', :as => 'new_user_invitation' + post 'users/invitations' => 'invitations#create', :as => 'user_invitation' get 'login' => redirect('/users/sign_in') # Admin backend routes scope 'admins', :controller => :admins do - match :user_search + match :user_search, via: [:get, :post] get :admin_inviter get :weekly_user_stats get :correlations @@ -193,8 +193,8 @@ resources :services, :only => [:index, :destroy] controller :services do scope "/auth", :as => "auth" do - match ':provider/callback' => :create - match :failure + get ':provider/callback' => :create + get :failure end end @@ -214,7 +214,7 @@ get 'mobile/toggle', :to => 'home#toggle_mobile', :as => 'toggle_mobile' - # help + # Help get 'help' => 'help#faq', :as => 'help' #Protocol Url diff --git a/lib/configuration_methods.rb b/lib/configuration_methods.rb index 5fcf4246e63..19b852a42d7 100644 --- a/lib/configuration_methods.rb +++ b/lib/configuration_methods.rb @@ -47,7 +47,7 @@ def secret_token `bundle exec rake generate:secret_token` end require token_file - Rails.application.config.secret_token + Diaspora::Application.config.secret_key_base end end diff --git a/lib/tasks/generate_session_secret.rake b/lib/tasks/generate_session_secret.rake index 0d819ce676e..cab226177ac 100644 --- a/lib/tasks/generate_session_secret.rake +++ b/lib/tasks/generate_session_secret.rake @@ -6,17 +6,18 @@ namespace :generate do secret = SecureRandom.hex(40) File.open(path, 'w') do |f| f.write <<"EOF" -# Copyright (c) 2010-2011, Diaspora Inc. This file is -# licensed under the Affero General Public License version 3 or later. See -# the COPYRIGHT file. - # Be sure to restart your server when you modify this file. -# Your secret key for verifying the integrity of signed cookies. +# Your secret key is used for verifying the integrity of signed cookies. # If you change this key, all old signed cookies will become invalid! + # Make sure the secret is at least 30 characters and all random, # no regular words or you'll be exposed to dictionary attacks. -Rails.application.config.secret_token = '#{secret}' +# You can use `rake secret` to generate a secure secret key. + +# Make sure your secret_key_base is kept private +# if you're sharing your code publicly. +Diaspora::Application.config.secret_key_base = '#{secret}' EOF end