diff --git a/.ruby-version b/.ruby-version index ae6d5b9..3e3c2f1 100644 --- a/.ruby-version +++ b/.ruby-version @@ -1 +1 @@ -1.9.3-p392 +2.1.1 diff --git a/Gemfile b/Gemfile index e36863c..3fe6145 100644 --- a/Gemfile +++ b/Gemfile @@ -1,7 +1,7 @@ source 'http://rubygems.org' -ruby '1.9.3' +ruby '2.1.1' -gem 'rails', '~> 3.2.0' +gem 'rails', '~> 4.0.0' # Bundle edge Rails instead: # gem 'rails', :git => 'git://github.com/rails/rails.git' @@ -9,8 +9,8 @@ gem 'rails', '~> 3.2.0' # Gems used only for assets and not required # in production environments by default. group :assets do - gem 'sass-rails', " ~> 3.2.0" - gem 'coffee-rails', "~> 3.2.0" + gem 'sass-rails', " ~> 4.0.0" + gem 'coffee-rails', "~> 4.0.0" gem 'uglifier' end @@ -64,7 +64,6 @@ end gem "newrelic_rpm" -gem 'sass-rails', "~> 3.2.0" gem "exception_notification", :git => "git://github.com/rails/exception_notification", :require => 'exception_notifier' gem 'pg' gem 'devise' @@ -74,7 +73,7 @@ gem 'squeel' gem 'will_paginate' gem 'rdiscount' gem 'paperclip' -gem 'acts_as_markup' +#gem 'acts_as_markup' gem 'haml' gem 'slugtastic' diff --git a/Gemfile.lock b/Gemfile.lock index 28ba62c..a3472cb 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -1,11 +1,12 @@ GIT remote: git://github.com/jonleighton/poltergeist.git - revision: 7dee7758a03d4636c2a74b04a8b7bf8495319217 + revision: 330fe1d01eb9c7e25ba4154bfc7dc84aac58ed29 specs: - poltergeist (1.3.0) - capybara (~> 2.1.0) - faye-websocket (>= 0.4.4, < 0.5.0) - http_parser.rb (~> 0.5.3) + poltergeist (1.5.0) + capybara (~> 2.1) + cliver (~> 0.3.1) + multi_json (~> 1.0) + websocket-driver (>= 0.2.0) GIT remote: git://github.com/rails/exception_notification @@ -16,220 +17,206 @@ GIT GEM remote: http://rubygems.org/ specs: - RedCloth (4.2.9) - actionmailer (3.2.13) - actionpack (= 3.2.13) - mail (~> 2.5.3) - actionpack (3.2.13) - activemodel (= 3.2.13) - activesupport (= 3.2.13) - builder (~> 3.0.0) + actionmailer (4.0.3) + actionpack (= 4.0.3) + mail (~> 2.5.4) + actionpack (4.0.3) + activesupport (= 4.0.3) + builder (~> 3.1.0) erubis (~> 2.7.0) - journey (~> 1.0.4) - rack (~> 1.4.5) - rack-cache (~> 1.2) - rack-test (~> 0.6.1) - sprockets (~> 2.2.1) - activemodel (3.2.13) - activesupport (= 3.2.13) - builder (~> 3.0.0) - activerecord (3.2.13) - activemodel (= 3.2.13) - activesupport (= 3.2.13) - arel (~> 3.0.2) - tzinfo (~> 0.3.29) - activeresource (3.2.13) - activemodel (= 3.2.13) - activesupport (= 3.2.13) - activesupport (3.2.13) - i18n (= 0.6.1) - multi_json (~> 1.0) - acts_as_markup (1.4.2) - RedCloth - RedCloth (~> 4.2) - activerecord - activerecord (>= 2.3.2) - activesupport - activesupport (>= 2.3.2) - rdiscount - rdiscount (~> 1.3) - wikicloth - wikitext (~> 2.0) - addressable (2.3.4) - arel (3.0.2) - aws-sdk (1.8.1.1) + rack (~> 1.5.2) + rack-test (~> 0.6.2) + activemodel (4.0.3) + activesupport (= 4.0.3) + builder (~> 3.1.0) + activerecord (4.0.3) + activemodel (= 4.0.3) + activerecord-deprecated_finders (~> 1.0.2) + activesupport (= 4.0.3) + arel (~> 4.0.0) + activerecord-deprecated_finders (1.0.3) + activesupport (4.0.3) + i18n (~> 0.6, >= 0.6.4) + minitest (~> 4.2) + multi_json (~> 1.3) + thread_safe (~> 0.1) + tzinfo (~> 0.3.37) + addressable (2.3.5) + arel (4.0.2) + atomic (1.1.15) + aws-sdk (1.35.0) json (~> 1.4) nokogiri (>= 1.4.4) uuidtools (~> 2.1) - bcrypt-ruby (3.0.1) - better_errors (0.6.0) + bcrypt (3.1.7) + bcrypt-ruby (3.1.5) + bcrypt (>= 3.1.3) + better_errors (1.1.0) coderay (>= 1.0.0) erubis (>= 2.6.6) - binding_of_caller (0.7.1) + binding_of_caller (0.7.2) debug_inspector (>= 0.0.1) - builder (3.0.4) - capybara (2.1.0) + builder (3.1.4) + capybara (2.2.1) mime-types (>= 1.16) nokogiri (>= 1.3.3) rack (>= 1.0.0) rack-test (>= 0.5.4) xpath (~> 2.0) - capybara-screenshot (0.3.6) + capybara-screenshot (0.3.17) capybara (>= 1.0, < 3) - cocaine (0.4.2) - coderay (1.0.8) - coffee-rails (3.2.2) + launchy + climate_control (0.0.3) + activesupport (>= 3.0) + cliver (0.3.2) + cocaine (0.5.3) + climate_control (>= 0.0.3, < 1.0) + coderay (1.1.0) + coffee-rails (4.0.1) coffee-script (>= 2.2.0) - railties (~> 3.2.0) + railties (>= 4.0.0, < 5.0) coffee-script (2.2.0) coffee-script-source execjs - coffee-script-source (1.4.0) + coffee-script-source (1.7.0) daemons (1.1.9) debug_inspector (0.0.2) - devise (2.2.3) + devise (3.2.3) bcrypt-ruby (~> 3.0) orm_adapter (~> 0.1) - railties (~> 3.1) - warden (~> 1.2.1) - diff-lcs (1.1.3) + railties (>= 3.2.6, < 5) + thread_safe (~> 0.1) + warden (~> 1.2.3) + diff-lcs (1.2.5) erubis (2.7.0) eventmachine (1.0.3) - execjs (1.4.0) - multi_json (~> 1.0) - expression_parser (0.9.0) - factory_girl (4.2.0) + execjs (2.0.2) + factory_girl (4.4.0) activesupport (>= 3.0.0) - factory_girl_rails (4.2.1) - factory_girl (~> 4.2.0) + factory_girl_rails (4.4.1) + factory_girl (~> 4.4.0) railties (>= 3.0.0) - faye-websocket (0.4.7) - eventmachine (>= 0.12.0) fivemat (1.2.1) formtastic (2.2.1) actionpack (>= 3.0) - haml (3.1.7) - hike (1.2.1) + haml (4.0.5) + tilt + hike (1.2.3) hpricot (0.8.6) - http_parser.rb (0.5.3) - i18n (0.6.1) - journey (1.0.4) - jquery-rails (2.2.0) + i18n (0.6.9) + jquery-rails (3.1.0) railties (>= 3.0, < 5.0) thor (>= 0.14, < 2.0) - json (1.7.7) - launchy (2.3.0) + json (1.8.1) + launchy (2.4.2) addressable (~> 2.3) - letter_opener (1.1.1) + letter_opener (1.2.0) launchy (~> 2.2) - mail (2.5.3) - i18n (>= 0.4.0) + mail (2.5.4) mime-types (~> 1.16) treetop (~> 1.4.8) - method_source (0.8.1) - mime-types (1.22) - multi_json (1.7.2) - newrelic_rpm (3.5.6.55) - nokogiri (1.5.6) - orm_adapter (0.4.0) - paperclip (3.4.0) + method_source (0.8.2) + mime-types (1.25.1) + mini_portile (0.5.2) + minitest (4.7.5) + multi_json (1.9.0) + newrelic_rpm (3.7.2.195) + nokogiri (1.6.1) + mini_portile (~> 0.5.0) + orm_adapter (0.5.0) + paperclip (4.1.1) activemodel (>= 3.0.0) - activerecord (>= 3.0.0) activesupport (>= 3.0.0) - cocaine (~> 0.4.0) + cocaine (~> 0.5.3) mime-types - pg (0.14.1) - polyamorous (0.5.0) - activerecord (~> 3.0) - polyglot (0.3.3) - powder (0.1.8) + pg (0.17.1) + polyamorous (0.6.4) + activerecord (>= 3.0) + polyglot (0.3.4) + powder (0.2.1) thor (>= 0.11.5) - pry (0.9.12) - coderay (~> 1.0.5) + pry (0.9.12.6) + coderay (~> 1.0) method_source (~> 0.8) slop (~> 3.4) - rack (1.4.5) - rack-cache (1.2) - rack (>= 0.4) - rack-ssl (1.3.3) - rack + rack (1.5.2) rack-test (0.6.2) rack (>= 1.0) - rails (3.2.13) - actionmailer (= 3.2.13) - actionpack (= 3.2.13) - activerecord (= 3.2.13) - activeresource (= 3.2.13) - activesupport (= 3.2.13) - bundler (~> 1.0) - railties (= 3.2.13) - railties (3.2.13) - actionpack (= 3.2.13) - activesupport (= 3.2.13) - rack-ssl (~> 1.3.2) + rails (4.0.3) + actionmailer (= 4.0.3) + actionpack (= 4.0.3) + activerecord (= 4.0.3) + activesupport (= 4.0.3) + bundler (>= 1.3.0, < 2.0) + railties (= 4.0.3) + sprockets-rails (~> 2.0.0) + railties (4.0.3) + actionpack (= 4.0.3) + activesupport (= 4.0.3) rake (>= 0.8.7) - rdoc (~> 3.4) - thor (>= 0.14.6, < 2.0) - rake (10.0.4) - rdiscount (1.6.8) - rdoc (3.12.2) - json (~> 1.4) - rspec-core (2.12.2) - rspec-expectations (2.12.1) - diff-lcs (~> 1.1.3) - rspec-mocks (2.12.2) - rspec-rails (2.12.2) + thor (>= 0.18.1, < 2.0) + rake (10.1.1) + rdiscount (2.1.7) + rspec-core (2.14.8) + rspec-expectations (2.14.5) + diff-lcs (>= 1.1.3, < 2.0) + rspec-mocks (2.14.6) + rspec-rails (2.14.1) actionpack (>= 3.0) + activemodel (>= 3.0) activesupport (>= 3.0) railties (>= 3.0) - rspec-core (~> 2.12.0) - rspec-expectations (~> 2.12.0) - rspec-mocks (~> 2.12.0) - ruby_parser (3.1.1) + rspec-core (~> 2.14.0) + rspec-expectations (~> 2.14.0) + rspec-mocks (~> 2.14.0) + ruby_parser (3.4.1) sexp_processor (~> 4.1) - sass (3.2.5) - sass-rails (3.2.6) - railties (~> 3.2.0) + sass (3.2.14) + sass-rails (4.0.1) + railties (>= 4.0.0, < 5.0) sass (>= 3.1.10) - tilt (~> 1.3) - sexp_processor (4.1.4) - shoulda-matchers (2.1.0) + sprockets-rails (~> 2.0.0) + sexp_processor (4.4.1) + shoulda-matchers (2.5.0) activesupport (>= 3.0.0) - slop (3.4.3) + slop (3.4.7) slugtastic (1.2.1) - sprockets (2.2.2) + sprockets (2.11.0) hike (~> 1.2) multi_json (~> 1.0) rack (~> 1.0) tilt (~> 1.1, != 1.3.0) - sqlite3 (1.3.7) + sprockets-rails (2.0.1) + actionpack (>= 3.0) + activesupport (>= 3.0) + sprockets (~> 2.8) + sqlite3 (1.3.9) sqlite3-ruby (1.3.3) sqlite3 (>= 1.3.3) - squeel (1.0.15) - activerecord (~> 3.0) - activesupport (~> 3.0) - polyamorous (~> 0.5.0) - thin (1.5.1) + squeel (1.1.1) + activerecord (>= 3.0) + activesupport (>= 3.0) + polyamorous (~> 0.6.0) + thin (1.6.2) daemons (>= 1.0.9) - eventmachine (>= 0.12.6) + eventmachine (>= 1.0.0) rack (>= 1.0.0) thor (0.18.1) - tilt (1.3.6) - treetop (1.4.12) + thread_safe (0.2.0) + atomic (>= 1.1.7, < 2) + tilt (1.4.1) + treetop (1.4.15) polyglot polyglot (>= 0.3.1) - tzinfo (0.3.37) - uglifier (1.3.0) + tzinfo (0.3.38) + uglifier (2.4.0) execjs (>= 0.3.0) - multi_json (~> 1.0, >= 1.0.2) - uuidtools (2.1.3) - warden (1.2.1) + json (>= 1.8.0) + uuidtools (2.1.4) + warden (1.2.3) rack (>= 1.0) - wikicloth (0.8.0) - builder - expression_parser - wikitext (2.1.1) - will_paginate (3.0.4) + websocket-driver (0.3.2) + will_paginate (3.0.5) xpath (2.0.0) nokogiri (~> 1.3) yaml_db (0.2.3) @@ -238,12 +225,11 @@ PLATFORMS ruby DEPENDENCIES - acts_as_markup aws-sdk better_errors binding_of_caller capybara-screenshot - coffee-rails (~> 3.2.0) + coffee-rails (~> 4.0.0) devise exception_notification! factory_girl_rails @@ -259,11 +245,11 @@ DEPENDENCIES poltergeist! powder pry - rails (~> 3.2.0) + rails (~> 4.0.0) rdiscount rspec-rails ruby_parser - sass-rails (~> 3.2.0) + sass-rails (~> 4.0.0) shoulda-matchers slugtastic sqlite3-ruby diff --git a/app/controllers/admin/admin_users_controller.rb b/app/controllers/admin/admin_users_controller.rb index b2f1376..839fb11 100644 --- a/app/controllers/admin/admin_users_controller.rb +++ b/app/controllers/admin/admin_users_controller.rb @@ -16,7 +16,7 @@ class Admin::AdminUsersController < Admin::AdminController @admin_user = AdminUser.find(params[:id]) respond_to do |format| - if @admin_user.update_attributes(params[:admin_user]) + if @admin_user.update_attributes(permitted_params) format.html { redirect_to(admin_admin_users_path, :notice => 'Admin User was successfully updated.') } format.xml { head :ok } else @@ -27,7 +27,7 @@ class Admin::AdminUsersController < Admin::AdminController end def create - @admin_user = AdminUser.new(params[:admin_user]) + @admin_user = AdminUser.new(permitted_params) respond_to do |format| if @admin_user.save @@ -58,7 +58,7 @@ class Admin::AdminUsersController < Admin::AdminController def update_password @admin_user = current_admin_user - if @admin_user.update_with_password(params[:admin_user]) + if @admin_user.update_with_password(permitted_params) sign_in(@admin_user, :bypass => true) redirect_to admin_dashboard_path, :notice => "Password updated!" else @@ -66,4 +66,10 @@ class Admin::AdminUsersController < Admin::AdminController end end + private + + def permitted_params + params.require(:admin_user).permit(:email, :password, :password_confirmable, :remember_me) + end + end diff --git a/app/controllers/contacts_controller.rb b/app/controllers/contacts_controller.rb index ba724c7..ff114c1 100644 --- a/app/controllers/contacts_controller.rb +++ b/app/controllers/contacts_controller.rb @@ -5,7 +5,7 @@ class ContactsController < ApplicationController end def create - @contact = Contact.new(params[:contact]) + @contact = Contact.new(permitted_params) if @contact.save redirect_to(:new_contact, :notice => t("contact.thanks")) else @@ -13,4 +13,10 @@ class ContactsController < ApplicationController render :new end end + + private + + def permitted_params + params.require(:contact).permit(:id, :email, :subject, :name, :message) + end end diff --git a/app/models/admin_user.rb b/app/models/admin_user.rb index c74bec2..d552bab 100644 --- a/app/models/admin_user.rb +++ b/app/models/admin_user.rb @@ -4,9 +4,6 @@ class AdminUser < ActiveRecord::Base devise :database_authenticatable, :confirmable, :recoverable, :rememberable, :trackable, :validatable, :lockable - # Setup accessible (or protected) attributes for your model - attr_accessible :email, :password, :password_confirmation, :remember_me - # new function to set the password without knowing the current password used in our confirmation controller. def attempt_set_password(params) p = {} diff --git a/app/models/contact.rb b/app/models/contact.rb index 20f762f..f87a397 100644 --- a/app/models/contact.rb +++ b/app/models/contact.rb @@ -5,8 +5,6 @@ class Contact validates :email, :email => true - attr_accessor :id, :email, :subject, :name, :message - def initialize(attributes = {}) attributes.each do |key, value| self.send("#{key}=", value) diff --git a/config/environments/development.rb b/config/environments/development.rb index fab8c47..4d3a283 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -6,8 +6,8 @@ DanBarberPhoto::Application.configure do # since you don't have to restart the web server when you make code changes. config.cache_classes = false - # Log error messages when you accidentally call methods on nil. - config.whiny_nils = true + # Do not eager load code on boot. + config.eager_load = false # Show full error reports and disable caching config.consider_all_requests_local = true diff --git a/config/environments/production.rb b/config/environments/production.rb index b0f5837..1d1fb0b 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -4,6 +4,12 @@ DanBarberPhoto::Application.configure do # Code is not reloaded between requests config.cache_classes = true + # Eager load code on boot. This eager loads most of Rails and + # your application in memory, allowing both thread web servers + # and those relying on copy on write to perform better. + # Rake tasks automatically ignore this option for performance. + config.eager_load = true + # Full error reports are disabled and caching is turned on config.consider_all_requests_local = false config.action_controller.perform_caching = true diff --git a/config/environments/test.rb b/config/environments/test.rb index 59d2952..87b1492 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -7,13 +7,15 @@ DanBarberPhoto::Application.configure do # and recreated between test runs. Don't rely on the data there! config.cache_classes = true + # Do not eager load code on boot. This avoids loading your whole application + # just for the purpose of running a single test. If you are using a tool that + # preloads Rails for running tests, you may have to set it to true. + config.eager_load = false + # Configure static asset server for tests with Cache-Control for performance config.serve_static_assets = true config.static_cache_control = "public, max-age=3600" - # Log error messages when you accidentally call methods on nil - config.whiny_nils = true - # Show full error reports and disable caching config.consider_all_requests_local = true config.action_controller.perform_caching = false diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb index 3cf3c1e..5c5d42e 100644 --- a/config/initializers/devise.rb +++ b/config/initializers/devise.rb @@ -1,6 +1,11 @@ # Use this hook to configure devise mailer, warden hooks and so forth. The first # four configuration values can also be set straight in your models. Devise.setup do |config| + # The secret key used by Devise. Devise uses this key to generate + # random tokens. Changing this key will render invalid all existing + # confirmation, reset password and unlock tokens in the database.# + config.secret_key = '61c6eff811df1ecd36c7fc2365c73f535546bf47ef542cce436cbb43cb6e7fbcd9d89f07d01cd65413b3ba16b850934c8f7e56d85f8aece02444b2487389efb8' + # ==> Mailer Configuration # Configure the e-mail address which will be shown in Devise::Mailer, # note that it will be overwritten if you use your own mailer class with default "from" parameter.