From 65e9093d7c3c85cb8856e9211ea0d52d724fcf82 Mon Sep 17 00:00:00 2001 From: "dependabot-preview[bot]" <27856297+dependabot-preview[bot]@users.noreply.github.com> Date: Fri, 17 Jul 2020 18:14:39 +0000 Subject: [PATCH 01/46] Bump rack-mini-profiler from 2.0.1 to 2.0.2 Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 2.0.1 to 2.0.2. - [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases) - [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md) - [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.0.1...v2.0.2) Signed-off-by: dependabot-preview[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index e9900d3e..da696034 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -154,7 +154,7 @@ GEM puma (4.3.5) nio4r (~> 2.0) rack (2.2.3) - rack-mini-profiler (2.0.1) + rack-mini-profiler (2.0.2) rack (>= 1.2.0) rack-test (1.1.0) rack (>= 1.0, < 3) From 183dd487812a3a4ace2eb4653fe3eb91e736750d Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Fri, 17 Jul 2020 21:28:42 +0300 Subject: [PATCH 02/46] Update aasm to v4. --- Gemfile | 2 +- Gemfile.lock | 5 +++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index 39d70ddd..f093c1f8 100644 --- a/Gemfile +++ b/Gemfile @@ -29,7 +29,7 @@ gem "RedCloth" gem "sanitize", "~> 5.2" gem "will_paginate" gem "acts_as_list" -gem "aasm", '~> 3.4.0' +gem "aasm", '~> 4.12.3' gem "htmlentities" gem "rails_autolink" gem 'puma', '~> 4.3' diff --git a/Gemfile.lock b/Gemfile.lock index e9900d3e..95af30db 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -9,7 +9,8 @@ GEM remote: https://rubygems.org/ specs: RedCloth (4.3.2) - aasm (3.4.0) + aasm (4.12.3) + concurrent-ruby (~> 1.0) actioncable (5.2.4.3) actionpack (= 5.2.4.3) nio4r (~> 2.0) @@ -293,7 +294,7 @@ PLATFORMS DEPENDENCIES RedCloth - aasm (~> 3.4.0) + aasm (~> 4.12.3) actionpack-xml_parser (~> 2.0) activemodel-serializers-xml (~> 1.0.1) acts_as_list From 3f22c8a03610bf7a293664375ada4b7319f1c24b Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 16:12:57 +0300 Subject: [PATCH 03/46] Better Docker config: Use entrypoint to setup the environment, run in production mode by default, defaults for all config values --- Dockerfile | 8 +++-- config/database.docker.yml | 60 +++++++++++++------------------------- config/site.docker.yml | 6 ---- config/site.yml.tmpl | 6 ---- docker-entrypoint.sh | 17 +++++++++++ docker-startserver.sh | 4 --- 6 files changed, 42 insertions(+), 59 deletions(-) create mode 100755 docker-entrypoint.sh delete mode 100755 docker-startserver.sh diff --git a/Dockerfile b/Dockerfile index f1f36a06..08e473f1 100644 --- a/Dockerfile +++ b/Dockerfile @@ -17,9 +17,11 @@ COPY . /app/ COPY config/database.docker.yml /app/config/database.yml COPY config/site.docker.yml /app/config/site.yml -COPY docker-startserver.sh / +RUN RAILS_ENV=production bundle exec rake assets:precompile + +COPY docker-entrypoint.sh / +ENTRYPOINT ["./docker-entrypoint.sh"] EXPOSE 3000 -#CMD ["rails", "server", "-e", "production", "-b", "0.0.0.0"] -CMD ["./docker-startserver.sh"] +CMD ["rails", "server", "-b", "0.0.0.0"] diff --git a/config/database.docker.yml b/config/database.docker.yml index 790d8f77..cabb221f 100644 --- a/config/database.docker.yml +++ b/config/database.docker.yml @@ -1,44 +1,24 @@ -#development: -# adapter: mysql2 -# database: tracks_dev -# # set this if you are storing utf8 in your mysql database to handle strings -# # like "Réné". Not needed for sqlite. For PostgreSQL use encoding: unicode -# # encoding: utf8 -# host: docker -# port: 3307 -# username: tracks_dev -# password: FqUKMWPz5mh8UPhypZvq - -#development: -# adapter: postgresql -# database: tracks_dev -# # set this if you are storing utf8 in your mysql database to handle strings -# # like "Réné". Not needed for sqlite. For PostgreSQL use encoding: unicode -# # encoding: utf8 -# host: docker -# port: 5432 -# username: tracks_dev -# password: password - -#development: -# adapter: sqlite3 -# database: db.sqlite - -#test: -# adapter: mysql2 -# database: tracks_test -# # set this if you are storing utf8 in your mysql database to handle strings -# # like "Réné". Not needed for sqlite. For PostgreSQL use encoding: unicode -# # encoding: utf8 -# host: docker -# port: 3307 -# username: tracks_tst -# password: 9rMNV4y6RVcqmJTo2QoR - -# Production config is disabled by default -# -development: +test: adapter: <%= ENV.fetch('DATABASE_TYPE') %> + encoding: <%= ENV.fetch('DATABASE_ENCODING') %> + database: <%= ENV.fetch('DATABASE_NAME') %> + host: <%= ENV.fetch('DATABASE_HOST') %> + port: <%= ENV.fetch('DATABASE_PORT') %> + username: <%= ENV.fetch('DATABASE_USERNAME') %> + password: <%= ENV.fetch('DATABASE_PASSWORD') %> + +development: + adapter: <%= ENV.fetch('DATABASE_TYPE') %> + encoding: <%= ENV.fetch('DATABASE_ENCODING') %> + database: <%= ENV.fetch('DATABASE_NAME') %> + host: <%= ENV.fetch('DATABASE_HOST') %> + port: <%= ENV.fetch('DATABASE_PORT') %> + username: <%= ENV.fetch('DATABASE_USERNAME') %> + password: <%= ENV.fetch('DATABASE_PASSWORD') %> + +production: + adapter: <%= ENV.fetch('DATABASE_TYPE') %> + encoding: <%= ENV.fetch('DATABASE_ENCODING') %> database: <%= ENV.fetch('DATABASE_NAME') %> host: <%= ENV.fetch('DATABASE_HOST') %> port: <%= ENV.fetch('DATABASE_PORT') %> diff --git a/config/site.docker.yml b/config/site.docker.yml index 02c8b373..0b1a04d3 100644 --- a/config/site.docker.yml +++ b/config/site.docker.yml @@ -25,12 +25,6 @@ secret_token: "secret" # Set to true when your application is running with https force_ssl: false -# Configure how static assets (images, stylesheets, etc.) will be served. -# The best practice is to have a proxying web server such as Apache or Nginx -# serve static assets (images, stylesheets, javascript) for you. Change -# this to 'true' if you want Rails to be responsible for serving the static assets -# serve_static_assets: false - # Uncomment if you want to dispatch todos that come from email based on the To: # address rather than the From: address. # email_dispatch: 'to' diff --git a/config/site.yml.tmpl b/config/site.yml.tmpl index 362c8ef6..29c53704 100644 --- a/config/site.yml.tmpl +++ b/config/site.yml.tmpl @@ -28,12 +28,6 @@ secret_token: "change-me" # Set to true when your application is running with https force_ssl: false -# Configure how static assets (images, stylesheets, etc.) will be served. -# The best practice is to have a proxying web server such as Apache or Nginx -# serve static assets (images, stylesheets, javascript) for you. Change -# this to 'true' if you want Rails to be responsible for serving the static assets -# serve_static_assets: false - # Uncomment if you want to dispatch todos that come from email based on the To: # address rather than the From: address. # email_dispatch: 'to' diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh new file mode 100755 index 00000000..68931845 --- /dev/null +++ b/docker-entrypoint.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +export RAILS_ENV=${RAILS_ENV:-production} +export DATABASE_NAME=${DATABASE_NAME:-tracks} +export DATABASE_HOST=${DATABASE_HOST:-db} +export DATABASE_PORT=${DATABASE_PORT:-3306} +export DATABASE_USERNAME=${DATABASE_USERNAME:-tracks} +export DATABASE_PASSWORD=${DATABASE_PASSWORD:-password} +export DATABASE_TYPE=${DATABASE_TYPE:-mysql2} +export DATABASE_ENCODING=${DATABASE_ENCODING:-utf8} + +export RAILS_SERVE_STATIC_FILES=TRUE +export RAILS_LOG_TO_STDOUT=TRUE + +rails db:migrate + +exec "$@" diff --git a/docker-startserver.sh b/docker-startserver.sh deleted file mode 100755 index dfe1e6e5..00000000 --- a/docker-startserver.sh +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/sh - -rails db:migrate -rails server -b 0.0.0.0 From 4d65a8f761fc44defc27ea316a35267a8d88536e Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 17:20:35 +0300 Subject: [PATCH 04/46] Overhaul the environment system in bin/ to make the defaults easier to understand. Update the installation instructions. Fixes #2170, #2372, #2329, #2368 --- bin/bundle | 4 ++-- bin/rails | 4 ++-- bin/rake | 4 ++-- bin/spring | 4 ++-- doc/installation.md | 29 +++++++++++++++++++---------- doc/upgrading.md | 9 +++++++++ script/docker-environment | 8 +------- 7 files changed, 37 insertions(+), 25 deletions(-) diff --git a/bin/bundle b/bin/bundle index d63e647b..e3b1daa1 100755 --- a/bin/bundle +++ b/bin/bundle @@ -1,6 +1,6 @@ #!/usr/bin/env ruby -unless ENV["RAILS_ENV"] == "production" || File.exist?("#{__dir__}/../.skip-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") +if File.exist?("#{__dir__}/../.use-docker") + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) end ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) load Gem.bin_path('bundler', 'bundle') diff --git a/bin/rails b/bin/rails index e8199c68..4ed2026f 100755 --- a/bin/rails +++ b/bin/rails @@ -1,6 +1,6 @@ #!/usr/bin/env ruby -unless ENV["RAILS_ENV"] == "production" || File.exist?("#{__dir__}/../.skip-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") +if File.exist?("#{__dir__}/../.use-docker") + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) end APP_PATH = File.expand_path('../config/application', __dir__) diff --git a/bin/rake b/bin/rake index f0ccc9e2..e68ed28a 100755 --- a/bin/rake +++ b/bin/rake @@ -1,6 +1,6 @@ #!/usr/bin/env ruby -unless ENV["RAILS_ENV"] == "production" || File.exist?("#{__dir__}/../.skip-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") +if File.exist?("#{__dir__}/../.use-docker") + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) end require_relative '../config/boot' require 'rake' diff --git a/bin/spring b/bin/spring index 1e047727..a036d6b4 100755 --- a/bin/spring +++ b/bin/spring @@ -1,6 +1,6 @@ #!/usr/bin/env ruby -unless ENV["RAILS_ENV"] == "production" || File.exist?("#{__dir__}/../.skip-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") +if File.exist?("#{__dir__}/../.use-docker") + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) end # This file loads spring without using Bundler, in order to be fast diff --git a/doc/installation.md b/doc/installation.md index 23204be2..d8a2a863 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -1,18 +1,18 @@ # Installing Tracks -The following instructions will guide you through the installation of Tracks from source. +Tracks can be installed several ways: You can run it through Docker, which is recommended because all requirements have already been taken care of for you, or you can install it on a custom server from source. + +Instructions for the Docker-based installation as well as other options are available in the Tracks wiki: https://github.com/TracksApp/tracks/wiki/Installation. The wiki also has tips and instructions for specific environments. These instructions are only for installation from source in a custom environment. This description is intended for people installing Tracks from scratch. If you would like to upgrade an existing installation, please see the [upgrade documentation](upgrading.md). -For alternative installation options and tips for specific environments, please see [Installation](https://github.com/TracksApp/tracks/wiki/Installation) on the wiki. - ## Prerequisites Tracks has a few software requirements that must be satisfied before installation: 1. **Ruby**. Tracks requires Ruby 2.4 or greater, but is not tested with 2.7. 2. **Bundler**. Tracks requires a recent version of [Bundler](http://bundler.io) to handle the installation of dependencies. Bundler is typically installed by running `gem install bundler`. -3. **Database**. Tracks is tested on [MySQL](http://www.mysql.com/) and [SQLite](http://www.sqlite.org/), but [PostgreSQL](http://www.postgresql.org/) can also be used. Of the three, SQLite requires the least configuration. Whatever your choice, the appropriate database software must be installed. +3. **Database**. Tracks is tested on [MySQL](http://www.mysql.com/) and [SQLite](http://www.sqlite.org/), but [PostgreSQL](http://www.postgresql.org/) can also be used. Of the three, SQLite requires the least configuration but is also the least performant and may make it difficult to operate in the future. We recommend either MySQL or PostgreSQL. Whatever your choice, the appropriate database software must be installed. ## Get Tracks @@ -29,15 +29,23 @@ There are two methods of downloading Tracks: ## Set up the database -*This section only applies if you will be using Tracks with a MySQL database.* +*This section doesn't apply if using SQLite.* -You need to create a database and database-user to use with Tracks. For this, you can use MySQL Administrator or go into a terminal and issue the following commands: +You need to create a database and database-user to use with Tracks. For this, you can use an GUI tool or go into a terminal and issue the following commands: - mysql -u root -p +### MySQL + + $ mysql -u root -p mysql> CREATE DATABASE tracks; mysql> GRANT ALL PRIVILEGES ON tracks.* TO yourmysqluser@localhost \ IDENTIFIED BY 'password-goes-here' WITH GRANT OPTION; +### PostgreSQL + + $ sudo -u postgres psql + postgres=# CREATE USER tracks WITH ENCRYPTED PASSWORD 'password-goes-here'; + postgres=# CREATE DATABASE tracks OWNER=tracks; + ## Install dependencies Tracks is built upon a number of Ruby libraries (known as ‘gems’). The Bundler tool makes it easy to install all the gems that Tracks needs, and ensures that they are all the correct versions. @@ -64,8 +72,7 @@ Tracks is built upon a number of Ruby libraries (known as ‘gems’). The Bundl 2. Open the file `config/database.yml` and edit the `production:` section with the details of your database. If you are using MySQL the `adapter:` line should read `adapter: mysql2`, `host: localhost` (in the majority of cases), and your username and password should match those you assigned when you created the database. If you are using SQLite3, you should have only two lines under the production section: `adapter: sqlite3` and `database: db/tracks.db`. 3. Open the file `config/site.yml`, and read through the settings to make sure that they suit your setup. In most cases, all you need to change are the `secret_token`, the administrator email address (`admin_email`), and the time zone setting. For the time zone setting you can use the command `bundle exec rake time:zones:local` to see all available timezones on your machine 4. If you are using Windows, you may need to check the ‘shebang’ lines (`#!/usr/bin/env ruby`) of the `/public/dispatch.*` files and all the files in the `/script` directory. They are set to `#!/usr/bin/env ruby` by default. This should work for all Unix based setups (Linux or Mac OS X), but Windows users will probably have to change it to something like `#c:/ruby/bin/ruby` to point to the Ruby binary on your system. -5. If you intend to deploy Tracks using its included web server, you’ll need to uncomment and change the `serve_static_assets` configuration option to `true` in `config/site.yml` in order for the images, stylesheets, and javascript files to be served correctly. -6. If you intend to use Tracks behind a web server or reverse proxy with https enabled, ensure to set `force_ssl` option to `true`. +5. If you intend to use Tracks behind a web server or reverse proxy with https enabled, ensure to set `force_ssl` option to `true`. ## Populate your database with the Tracks schema @@ -85,10 +92,12 @@ Static assets (images, stylesheets, and javascript) need to be compiled in order While still in the Terminal inside the Tracks root directory, issue the following command: - bundle exec rails server -e production + RAILS_SERVE_STATIC_FILES=TRUE bundle exec rails server -e production If all goes well, you should see some text informing you that the server is running: `=> Rails application starting in production on http://localhost:3000`. If you are already running other services on port 3000, you need to select a different port when running the server, using the `-p` option. +Optimally you should serve static files using Nginx or Apache, especially in larger production instances. If you do this, you can omit the RAILS_SERVE_STATIC_FILES=TRUE from the start of the command. + ## Visit Tracks in a browser Visit `http://localhost:3000/signup` in a browser (or whatever URL and port was reported when you started the server in the step above) and chose a user name and password for admin user. Once logged in as admin, you can add other (ordinary level) users. If you need to access Tracks from a mobile/cellular phone browser, visit `http://yourdomain.com/mobile/`. This mobile version is a special, lightweight version of Tracks, designed to use on a mobile browser. diff --git a/doc/upgrading.md b/doc/upgrading.md index b0d86911..8e481ddf 100644 --- a/doc/upgrading.md +++ b/doc/upgrading.md @@ -1,4 +1,13 @@ # Upgrading Tracks +## Upgrading from Tracks 2.4.2 to 2.5 + +* If you're using the Docker Compose environment and want to run the commands in + the bin/ directory inside the container from the host system, add a .use-docker + file to the root directory. This replaces the old .skip-docker file requirement + to favor the more common setup and avoid placing unexpected requirements. + +* The Docker environment has been changed quite a bit. However, it should work + at least as before for the usual needs. ## Upgrading from Tracks 2.3 to 2.4.2 diff --git a/script/docker-environment b/script/docker-environment index 423122d6..cfdb447c 100755 --- a/script/docker-environment +++ b/script/docker-environment @@ -1,14 +1,8 @@ #!/bin/sh -# Run a command in the app's environment set -e -# Find our app dir and just run the command in we're in the container since the -# container is built with an /etc/app-env file inside of it. -appdir=$(cd $(dirname "$0")/.. && pwd) -[ -f /etc/app-env ] && exec "$@" - -# Otherwise, run docker compose to run our command in the container +# Check if we've been told to run the command in Docker Composer. cmd="$@"; [ "$#" -eq 0 ] && cmd=bash export VOLUME="$appdir:/app" image=${DOCKER_IMAGE:=web} From 2e408791235b58e22c8f53913d954974629056cf Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 17:34:11 +0300 Subject: [PATCH 05/46] Fix the Docker Compose configuration and remove the database config from VCS Fixes #2248. --- Dockerfile | 2 -- config/database.yml | 32 -------------------------------- docker-compose.yml | 2 ++ 3 files changed, 2 insertions(+), 34 deletions(-) delete mode 100644 config/database.yml diff --git a/Dockerfile b/Dockerfile index 08e473f1..d0062ab3 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,8 +5,6 @@ RUN bundle config --global frozen 1 WORKDIR /app -RUN touch /etc/app-env - COPY Gemfile* /app/ RUN gem install bundler RUN bundle install --jobs 4 diff --git a/config/database.yml b/config/database.yml deleted file mode 100644 index 757be5fe..00000000 --- a/config/database.yml +++ /dev/null @@ -1,32 +0,0 @@ -development: - adapter: mysql2 - database: tracks - # set this if you are storing utf8 in your mysql database to handle strings - # like "Réné". Not needed for sqlite. For PostgreSQL use encoding: unicode - # encoding: utf8 - host: db - username: root - password: - -test: - adapter: mysql2 - database: tracks_test - # set this if you are storing utf8 in your mysql database to handle strings - # like "Réné". Not needed for sqlite. For PostgreSQL use encoding: unicode - # encoding: utf8 - host: db - username: root - password: - -# Production config is disabled by default -# -# production: -# adapter: mysql2 -# database: tracks -# # set this if you are storing utf8 in your mysql database to handle strings -# # like "Réné".Not needed for sqlite. For PostgreSQL use encoding: unicode -# # encoding: utf8 -# host: localhost -# username: root -# password: - diff --git a/docker-compose.yml b/docker-compose.yml index dc2b55cf..55a832ec 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -9,6 +9,8 @@ services: - db-data:/var/lib/mysql web: build: . + environment: + DATABASE_USERNAME: root volumes: - ${VOLUME:-.:/app} ports: From 53c7c94306192b7cadeaf36728ff833a220d0a3d Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 18:07:23 +0300 Subject: [PATCH 06/46] A few more fixes in hope of fixing the Docker Compose --- Dockerfile | 2 +- script/docker-environment | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index d0062ab3..77983a17 100644 --- a/Dockerfile +++ b/Dockerfile @@ -18,7 +18,7 @@ COPY config/site.docker.yml /app/config/site.yml RUN RAILS_ENV=production bundle exec rake assets:precompile COPY docker-entrypoint.sh / -ENTRYPOINT ["./docker-entrypoint.sh"] +ENTRYPOINT ["/docker-entrypoint.sh"] EXPOSE 3000 diff --git a/script/docker-environment b/script/docker-environment index cfdb447c..8df83c1b 100755 --- a/script/docker-environment +++ b/script/docker-environment @@ -2,6 +2,9 @@ set -e +# Find our app dir +appdir=$(cd $(dirname "$0")/.. && pwd) + # Check if we've been told to run the command in Docker Composer. cmd="$@"; [ "$#" -eq 0 ] && cmd=bash export VOLUME="$appdir:/app" From 85e104006c2829a4d9049e6abadc036f4f5eadba Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 21:30:24 +0300 Subject: [PATCH 07/46] Handle empty database password properly, don't try to run docker-compose inside the container --- Dockerfile | 5 +++-- bin/bundle | 2 +- bin/rails | 2 +- bin/rake | 2 +- bin/spring | 2 +- docker-compose.yml | 3 ++- docker-entrypoint.sh | 7 ++++++- 7 files changed, 15 insertions(+), 8 deletions(-) diff --git a/Dockerfile b/Dockerfile index 77983a17..b1bcce07 100644 --- a/Dockerfile +++ b/Dockerfile @@ -5,6 +5,8 @@ RUN bundle config --global frozen 1 WORKDIR /app +RUN touch /etc/app-env + COPY Gemfile* /app/ RUN gem install bundler RUN bundle install --jobs 4 @@ -17,8 +19,7 @@ COPY config/site.docker.yml /app/config/site.yml RUN RAILS_ENV=production bundle exec rake assets:precompile -COPY docker-entrypoint.sh / -ENTRYPOINT ["/docker-entrypoint.sh"] +ENTRYPOINT ["/app/docker-entrypoint.sh"] EXPOSE 3000 diff --git a/bin/bundle b/bin/bundle index e3b1daa1..f7b07eed 100755 --- a/bin/bundle +++ b/bin/bundle @@ -1,6 +1,6 @@ #!/usr/bin/env ruby if File.exist?("#{__dir__}/../.use-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") end ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) load Gem.bin_path('bundler', 'bundle') diff --git a/bin/rails b/bin/rails index 4ed2026f..e2afa025 100755 --- a/bin/rails +++ b/bin/rails @@ -1,6 +1,6 @@ #!/usr/bin/env ruby if File.exist?("#{__dir__}/../.use-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") end APP_PATH = File.expand_path('../config/application', __dir__) diff --git a/bin/rake b/bin/rake index e68ed28a..c9e1ee4c 100755 --- a/bin/rake +++ b/bin/rake @@ -1,6 +1,6 @@ #!/usr/bin/env ruby if File.exist?("#{__dir__}/../.use-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") end require_relative '../config/boot' require 'rake' diff --git a/bin/spring b/bin/spring index a036d6b4..4feabfe4 100755 --- a/bin/spring +++ b/bin/spring @@ -1,6 +1,6 @@ #!/usr/bin/env ruby if File.exist?("#{__dir__}/../.use-docker") - exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) + exec("#{__dir__}/../script/docker-environment", $PROGRAM_NAME, *ARGV) unless File.exist?("/etc/app-env") end # This file loads spring without using Bundler, in order to be fast diff --git a/docker-compose.yml b/docker-compose.yml index 55a832ec..c2b45a1f 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -11,8 +11,9 @@ services: build: . environment: DATABASE_USERNAME: root + DATABASE_PASSWORD_EMPTY: 1 volumes: - - ${VOLUME:-.:/app} + - ${VOLUME:-.:/app}:Z ports: - 3000:3000 depends_on: diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 68931845..12fe9243 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -5,7 +5,12 @@ export DATABASE_NAME=${DATABASE_NAME:-tracks} export DATABASE_HOST=${DATABASE_HOST:-db} export DATABASE_PORT=${DATABASE_PORT:-3306} export DATABASE_USERNAME=${DATABASE_USERNAME:-tracks} -export DATABASE_PASSWORD=${DATABASE_PASSWORD:-password} +if [ "$DATABASE_PASSWORD_EMPTY" != 1 ]; +then + export DATABASE_PASSWORD=${DATABASE_PASSWORD:-password} +else + export DATABASE_PASSWORD="" +fi export DATABASE_TYPE=${DATABASE_TYPE:-mysql2} export DATABASE_ENCODING=${DATABASE_ENCODING:-utf8} From 869bf2a9fdd7b08bc9c4a1b9f86396c65ccedaf0 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 21:44:43 +0300 Subject: [PATCH 08/46] Mount the mandatory config files separately in docker-compose, since it's including the whole /app from host and therefore the copies made in Dockerfile aren't available. --- docker-compose.yml | 4 +++- script/docker-environment | 4 +++- 2 files changed, 6 insertions(+), 2 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index c2b45a1f..e6c33269 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -13,7 +13,9 @@ services: DATABASE_USERNAME: root DATABASE_PASSWORD_EMPTY: 1 volumes: - - ${VOLUME:-.:/app}:Z + - ${VOLUME:-.}:/app:Z + - ${VOLUME:-.}/config/database.docker.yml:/app/config/database.yml:Z + - ${VOLUME:-.}/config/site.docker.yml:/app/config/site.yml:Z ports: - 3000:3000 depends_on: diff --git a/script/docker-environment b/script/docker-environment index 8df83c1b..71e34f19 100755 --- a/script/docker-environment +++ b/script/docker-environment @@ -2,12 +2,14 @@ set -e +echo "Doing it here" + # Find our app dir appdir=$(cd $(dirname "$0")/.. && pwd) # Check if we've been told to run the command in Docker Composer. cmd="$@"; [ "$#" -eq 0 ] && cmd=bash -export VOLUME="$appdir:/app" +export VOLUME="$appdir" image=${DOCKER_IMAGE:=web} port_publish=""; [ "${BIND_DOCKER_SERVICE_PORTS:-}" = 1 ] && port_publish="--service-ports" From b2ede09fe6c71da135c8e888e1939d5d2f48f8a5 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 21:50:35 +0300 Subject: [PATCH 09/46] Remove unnecessary debug output --- script/docker-environment | 2 -- 1 file changed, 2 deletions(-) diff --git a/script/docker-environment b/script/docker-environment index 71e34f19..d5319e06 100755 --- a/script/docker-environment +++ b/script/docker-environment @@ -2,8 +2,6 @@ set -e -echo "Doing it here" - # Find our app dir appdir=$(cd $(dirname "$0")/.. && pwd) From 5bb723329bdf7c7c02044503658cdc7692caf131 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 22:04:45 +0300 Subject: [PATCH 10/46] Few more settings in order for the CI test automation --- docker-compose.yml | 3 +++ script/cibuild | 6 +----- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docker-compose.yml b/docker-compose.yml index e6c33269..00872463 100644 --- a/docker-compose.yml +++ b/docker-compose.yml @@ -10,6 +10,9 @@ services: web: build: . environment: + # These are set in script/ci-build, so we need to pass-thru them. + RAILS_ENV: $RAILS_ENV + DATABASE_NAME: $DATABASE_NAME DATABASE_USERNAME: root DATABASE_PASSWORD_EMPTY: 1 volumes: diff --git a/script/cibuild b/script/cibuild index af04b27a..52a870d6 100755 --- a/script/cibuild +++ b/script/cibuild @@ -12,14 +12,10 @@ function die() { exit 1 } - trap cleanup EXIT export RAILS_ENV=test -export TRACKS_DB=tracks_test - -# Put a config/site.yml file in place since it's needed for operation -cp config/site.yml.tmpl config/site.yml +export DATABASE_NAME=tracks_test $docker_compose build $docker_compose up -d From d145640ead57d2bc913b72fb4d4fff4cdd3beb47 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 23:06:26 +0300 Subject: [PATCH 11/46] =?UTF-8?q?Add=20Docker=20documentation=20to=20the?= =?UTF-8?q?=20installation=20docs;=20update=20and=20create=20the=20?= =?UTF-8?q?=E2=80=9DScripts=20To=20Rule=20Them=20All=E2=80=9D=20scripts=20?= =?UTF-8?q?for=20easy=20use=20of=20the=20Docker=20Composer=20environment.?= =?UTF-8?q?=20Fixes=20#2425.?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- doc/installation.md | 91 +++++++++++++++++++++++++++++++++------ script/bootstrap | 11 +++++ script/cibuild | 1 + script/console | 3 -- script/docker-environment | 4 +- script/setup | 18 ++++++++ script/test | 47 ++++++++++++++++++++ script/update | 13 ++++++ 8 files changed, 172 insertions(+), 16 deletions(-) create mode 100755 script/bootstrap create mode 100755 script/setup create mode 100755 script/test create mode 100755 script/update diff --git a/doc/installation.md b/doc/installation.md index d8a2a863..8310d265 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -2,11 +2,78 @@ Tracks can be installed several ways: You can run it through Docker, which is recommended because all requirements have already been taken care of for you, or you can install it on a custom server from source. -Instructions for the Docker-based installation as well as other options are available in the Tracks wiki: https://github.com/TracksApp/tracks/wiki/Installation. The wiki also has tips and instructions for specific environments. These instructions are only for installation from source in a custom environment. +Community-provided instructions for other options and tips for specific environments are available in the Tracks wiki: https://github.com/TracksApp/tracks/wiki/Installation. + +## Docker installation using Docker Compose + +You can easily run Tracks using Docker Compose. This option mounts the repository directly inside the Docker container, making it an optimal solution for developing Tracks. It does, however, also work for normal users. + +1. Make sure you have Docker Compose and Docker properly installed. +2. Get the Tracks code base by either downloading the archive file for the latest releast or cloning it from GitHub. +3. On the installation run the following command: + $ ./script/setup +4. Run the server using the following command: + $ ./script/server +5. You should now be able to access Tracks in http://localhost:3000 + +## Docker installation using a separate container + +You can also install Tracks without Docker Compose. This allows you to use the official Docker containers and you can use your existing database server instead of having a separate one for Tracks. + +*Note*: For now, you have to first build the image manually before starting the +Tracks container. In future there should be an official image in Docker Hub. You can build the image by: + +1. Get the Tracks code base by either downloading the archive file for the latest releast or cloning it from GitHub. +2. Run the following command in the Tracks directory to build the image: + $ docker build -t="tracks" . + +1. Make sure you have Docker properly installed. +2. Start a database container with either MySQL or PostgreSQL: + $ docker run -p 5432:5432 --name postgres -e POSTGRES_PASSWORD=password -d postgres + $ docker run -p 3306:3306 --name mariadb -e MYSQL_ROOT_PASSWORD=password -d mariadb +3. Create a database and a user for Tracks in the database: + # MySQL + $ mysql -u root -p + mysql> CREATE DATABASE tracks; + mysql> GRANT ALL PRIVILEGES ON tracks.* TO yourmysqluser@localhost IDENTIFIED BY 'password-goes-here' WITH GRANT OPTION; + + # PostgreSQL + $ sudo -u postgres psql + postgres=# CREATE USER tracks WITH ENCRYPTED PASSWORD 'password-goes-here'; + postgres=# CREATE DATABASE tracks OWNER=tracks; +4. Start the Tracks container: + $ docker run -p 3000:3000 --name tracks --link mariadb:db -t tracks + $ docker run -p 3000:3000 --name tracks --link postgres:db -t tracks +5. You should now be able to access Tracks in http://localhost:3000 + +## Environmental variables in the Docker image + +You can override database connection details by defining the environment variables in the run command, for example ”-e DATABASE_USERNAME=tracks_dev” or docker-compose.yml, if using Docker Compose. + +|Name |Default |For PostgreSQL | +|------------------|-----------|---------------| +|DATABASE_NAME |tracks | | +|DATABASE_HOST |db | | +|DATABASE_PORT |3306 |5432 | +|DATABASE_USERNAME |tracks | | +|DATABASE_PASSWORD |password | | +|DATABASE_TYPE |mysql2 |postgresql | +|DATABASE_ENCODING |utf8 |unicode | +|RAILS_ENV |production | + +### Override files + +You can override files in the Docker image by using the --volume argument or docker-compose.yml, if using Docker Compose. + +|File |Argument |Replace for production?| +|-------------------|---------------------------------------------------------|-----------------------| +|config/site.yml |--volume /app/config/site.yml:/home/user/site.yml |Yes | + +## Custom server installation This description is intended for people installing Tracks from scratch. If you would like to upgrade an existing installation, please see the [upgrade documentation](upgrading.md). -## Prerequisites +### Prerequisites Tracks has a few software requirements that must be satisfied before installation: @@ -14,7 +81,7 @@ Tracks has a few software requirements that must be satisfied before installatio 2. **Bundler**. Tracks requires a recent version of [Bundler](http://bundler.io) to handle the installation of dependencies. Bundler is typically installed by running `gem install bundler`. 3. **Database**. Tracks is tested on [MySQL](http://www.mysql.com/) and [SQLite](http://www.sqlite.org/), but [PostgreSQL](http://www.postgresql.org/) can also be used. Of the three, SQLite requires the least configuration but is also the least performant and may make it difficult to operate in the future. We recommend either MySQL or PostgreSQL. Whatever your choice, the appropriate database software must be installed. -## Get Tracks +### Get Tracks There are two methods of downloading Tracks: @@ -27,26 +94,26 @@ There are two methods of downloading Tracks: git clone https://github.com/TracksApp/tracks.git cd tracks -## Set up the database +### Set up the database *This section doesn't apply if using SQLite.* You need to create a database and database-user to use with Tracks. For this, you can use an GUI tool or go into a terminal and issue the following commands: -### MySQL +#### MySQL $ mysql -u root -p mysql> CREATE DATABASE tracks; mysql> GRANT ALL PRIVILEGES ON tracks.* TO yourmysqluser@localhost \ IDENTIFIED BY 'password-goes-here' WITH GRANT OPTION; -### PostgreSQL +#### PostgreSQL $ sudo -u postgres psql postgres=# CREATE USER tracks WITH ENCRYPTED PASSWORD 'password-goes-here'; postgres=# CREATE DATABASE tracks OWNER=tracks; -## Install dependencies +### Install dependencies Tracks is built upon a number of Ruby libraries (known as ‘gems’). The Bundler tool makes it easy to install all the gems that Tracks needs, and ensures that they are all the correct versions. @@ -74,7 +141,7 @@ Tracks is built upon a number of Ruby libraries (known as ‘gems’). The Bundl 4. If you are using Windows, you may need to check the ‘shebang’ lines (`#!/usr/bin/env ruby`) of the `/public/dispatch.*` files and all the files in the `/script` directory. They are set to `#!/usr/bin/env ruby` by default. This should work for all Unix based setups (Linux or Mac OS X), but Windows users will probably have to change it to something like `#c:/ruby/bin/ruby` to point to the Ruby binary on your system. 5. If you intend to use Tracks behind a web server or reverse proxy with https enabled, ensure to set `force_ssl` option to `true`. -## Populate your database with the Tracks schema +### Populate your database with the Tracks schema Open a terminal and change into the root of your Tracks directory. Enter the following command: @@ -82,13 +149,13 @@ Open a terminal and change into the root of your Tracks directory. Enter the fol This will set up your database with the required structure to hold Tracks’ data. -## Precompile assets +### Precompile assets Static assets (images, stylesheets, and javascript) need to be compiled in order for them to work correctly with the new asset pipeline feature in Rails. Precompiling your assets is as simple as running the following command while inside the Tracks root directory: bundle exec rake assets:precompile RAILS_ENV=production -## Start the server +### Start the server While still in the Terminal inside the Tracks root directory, issue the following command: @@ -98,10 +165,10 @@ If all goes well, you should see some text informing you that the server is runn Optimally you should serve static files using Nginx or Apache, especially in larger production instances. If you do this, you can omit the RAILS_SERVE_STATIC_FILES=TRUE from the start of the command. -## Visit Tracks in a browser +### Visit Tracks in a browser Visit `http://localhost:3000/signup` in a browser (or whatever URL and port was reported when you started the server in the step above) and chose a user name and password for admin user. Once logged in as admin, you can add other (ordinary level) users. If you need to access Tracks from a mobile/cellular phone browser, visit `http://yourdomain.com/mobile/`. This mobile version is a special, lightweight version of Tracks, designed to use on a mobile browser. -## Customise Tracks +### Customise Tracks Once logged in, add some Contexts and Projects, and then go ahead and add your actions. You might also want to visit the Preferences page to edit various settings to your liking. Have fun! diff --git a/script/bootstrap b/script/bootstrap new file mode 100755 index 00000000..6d90255a --- /dev/null +++ b/script/bootstrap @@ -0,0 +1,11 @@ +#!/bin/sh + +# script/bootstrap: Resolve all dependencies that the application requires to +# run. + +set -e + +docker_compose="docker-compose --file docker-compose.yml" + +echo "==> Building Docker image…" +$docker_compose build diff --git a/script/cibuild b/script/cibuild index 52a870d6..783a1833 100755 --- a/script/cibuild +++ b/script/cibuild @@ -1,4 +1,5 @@ #!/bin/bash + set -e docker_compose="docker-compose --file docker-compose.yml" diff --git a/script/console b/script/console index ff671891..69f8d3ab 100755 --- a/script/console +++ b/script/console @@ -1,7 +1,4 @@ #!/bin/sh -appdir=$(cd $(dirname "$0")/.. && pwd) -[ -f /etc/app-env ] || exec "$appdir/script/docker-environment" $0 $@ - export RAILS_ENV='development' bin/rails console diff --git a/script/docker-environment b/script/docker-environment index d5319e06..1d51c8b1 100755 --- a/script/docker-environment +++ b/script/docker-environment @@ -2,6 +2,8 @@ set -e +docker_compose="docker-compose --file docker-compose.yml" + # Find our app dir appdir=$(cd $(dirname "$0")/.. && pwd) @@ -11,4 +13,4 @@ export VOLUME="$appdir" image=${DOCKER_IMAGE:=web} port_publish=""; [ "${BIND_DOCKER_SERVICE_PORTS:-}" = 1 ] && port_publish="--service-ports" -exec docker-compose run $port_publish --rm $image $cmd +exec $docker_compose run $port_publish --rm $image $cmd diff --git a/script/setup b/script/setup new file mode 100755 index 00000000..b9422290 --- /dev/null +++ b/script/setup @@ -0,0 +1,18 @@ +#!/bin/sh + +# script/setup: Set up application for the first time after cloning, or set it +# back to the initial first unused state. + +set -e + +docker_compose="docker-compose --file docker-compose.yml" + +script/bootstrap + +script/poll-for-db + +echo "==> Setting up DB…" +# reset database to a fresh state. +bin/rake db:create db:reset + +echo "==> App is now ready to go!" diff --git a/script/test b/script/test new file mode 100755 index 00000000..b7dc31af --- /dev/null +++ b/script/test @@ -0,0 +1,47 @@ +#!/bin/bash + +# script/test: Run test suite for application. Optionally pass in a path to an +# individual test file to run a single test. + +set -e + +docker_compose="docker-compose --file docker-compose.yml" + +function cleanup() { + $docker_compose down +} + +function die() { + echo $@ + exit 1 +} + +trap cleanup EXIT + +script/poll-for-db + +if [ "$RAILS_ENV" = "test" ] || [ "$RACK_ENV" = "test" ]; then + # if executed and the environment is already set to `test`, then we want a + # clean from scratch application. This almost always means a ci environment, + # since we set the environment to `test` directly in `script/cibuild`. + script/setup +else + # if the environment isn't set to `test`, set it to `test` and update the + # application to ensure all dependencies are met as well as any other things + # that need to be up to date, like db migrations. The environment not having + # already been set to `test` almost always means this is being called on its + # own from a `development` environment. + export RAILS_ENV="test" RACK_ENV="test" + + script/update +fi + +echo "==> Running tests…" + +if [ -n "$1" ]; then + # pass arguments to test call. This is useful for calling a single test. + $docker_compose run web bin/rake test "$1" +else + $docker_compose run web bin/rake test +fi + diff --git a/script/update b/script/update new file mode 100755 index 00000000..56dc4429 --- /dev/null +++ b/script/update @@ -0,0 +1,13 @@ +#!/bin/sh + +# script/update: Update application to run for its current checkout. + +set -e + +docker_compose="docker-compose --file docker-compose.yml" + +script/bootstrap + +echo "==> Updating db…" +# run all database migrations to ensure everything is up to date. +$docker_compose run web bin/rake db:migrate From 3bdbd7bcf576fb44773762e5b75bd9e7a29ebf08 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 23:19:00 +0300 Subject: [PATCH 12/46] Add mention of the .use-docker file. --- doc/installation.md | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/doc/installation.md b/doc/installation.md index 8310d265..ce51f8e5 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -10,11 +10,13 @@ You can easily run Tracks using Docker Compose. This option mounts the repositor 1. Make sure you have Docker Compose and Docker properly installed. 2. Get the Tracks code base by either downloading the archive file for the latest releast or cloning it from GitHub. -3. On the installation run the following command: +3. Create a file to enable the Docker Compose support in Tracks. *Note*: This is not needed or useful for the separate container, only Docker Composer! + $ touch .use-docker +4. On the installation run the following command: $ ./script/setup -4. Run the server using the following command: +5. Run the server using the following command: $ ./script/server -5. You should now be able to access Tracks in http://localhost:3000 +6. You should now be able to access Tracks in http://localhost:3000 ## Docker installation using a separate container From bec0884bacd15320f2fbadfe0d28fbff9a2f0ca4 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Sun, 19 Jul 2020 23:23:15 +0300 Subject: [PATCH 13/46] Fix installation doc formatting --- doc/installation.md | 46 +++++++++++++++++++++++++++++---------------- 1 file changed, 30 insertions(+), 16 deletions(-) diff --git a/doc/installation.md b/doc/installation.md index ce51f8e5..158f7723 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -11,11 +11,17 @@ You can easily run Tracks using Docker Compose. This option mounts the repositor 1. Make sure you have Docker Compose and Docker properly installed. 2. Get the Tracks code base by either downloading the archive file for the latest releast or cloning it from GitHub. 3. Create a file to enable the Docker Compose support in Tracks. *Note*: This is not needed or useful for the separate container, only Docker Composer! - $ touch .use-docker +``` + $ touch .use-docker +``` 4. On the installation run the following command: - $ ./script/setup +``` + $ ./script/setup +``` 5. Run the server using the following command: - $ ./script/server +``` + $ ./script/server +``` 6. You should now be able to access Tracks in http://localhost:3000 ## Docker installation using a separate container @@ -27,25 +33,33 @@ Tracks container. In future there should be an official image in Docker Hub. You 1. Get the Tracks code base by either downloading the archive file for the latest releast or cloning it from GitHub. 2. Run the following command in the Tracks directory to build the image: - $ docker build -t="tracks" . +``` + $ docker build -t="tracks" . +``` 1. Make sure you have Docker properly installed. 2. Start a database container with either MySQL or PostgreSQL: - $ docker run -p 5432:5432 --name postgres -e POSTGRES_PASSWORD=password -d postgres - $ docker run -p 3306:3306 --name mariadb -e MYSQL_ROOT_PASSWORD=password -d mariadb +``` + $ docker run -p 5432:5432 --name postgres -e POSTGRES_PASSWORD=password -d postgres + $ docker run -p 3306:3306 --name mariadb -e MYSQL_ROOT_PASSWORD=password -d mariadb +``` 3. Create a database and a user for Tracks in the database: - # MySQL - $ mysql -u root -p - mysql> CREATE DATABASE tracks; - mysql> GRANT ALL PRIVILEGES ON tracks.* TO yourmysqluser@localhost IDENTIFIED BY 'password-goes-here' WITH GRANT OPTION; +``` + # MySQL + $ mysql -u root -p + mysql> CREATE DATABASE tracks; + mysql> GRANT ALL PRIVILEGES ON tracks.* TO yourmysqluser@localhost IDENTIFIED BY 'password-goes-here' WITH GRANT OPTION; - # PostgreSQL - $ sudo -u postgres psql - postgres=# CREATE USER tracks WITH ENCRYPTED PASSWORD 'password-goes-here'; - postgres=# CREATE DATABASE tracks OWNER=tracks; + # PostgreSQL + $ sudo -u postgres psql + postgres=# CREATE USER tracks WITH ENCRYPTED PASSWORD 'password-goes-here'; + postgres=# CREATE DATABASE tracks OWNER=tracks; +``` 4. Start the Tracks container: - $ docker run -p 3000:3000 --name tracks --link mariadb:db -t tracks - $ docker run -p 3000:3000 --name tracks --link postgres:db -t tracks +``` + $ docker run -p 3000:3000 --name tracks --link mariadb:db -t tracks + $ docker run -p 3000:3000 --name tracks --link postgres:db -t tracks +``` 5. You should now be able to access Tracks in http://localhost:3000 ## Environmental variables in the Docker image From 4dd52e591df41e8a96f82c932e614507befd9549 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 00:58:45 +0300 Subject: [PATCH 14/46] Hopefully the final fixes based on fresh installs with both Docker install methods --- .gitignore | 3 ++- doc/installation.md | 9 +++++++-- docker-entrypoint.sh | 2 -- script/bootstrap | 3 +++ script/setup | 2 +- 5 files changed, 13 insertions(+), 6 deletions(-) diff --git a/.gitignore b/.gitignore index a6ef4ba1..0291b16c 100644 --- a/.gitignore +++ b/.gitignore @@ -21,8 +21,9 @@ /tmp config/deploy.rb config/site.yml +config/database.yml db/data.yml nbproject rerun.txt tags -.skip-docker +.use-docker diff --git a/doc/installation.md b/doc/installation.md index 158f7723..f47db6a7 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -55,12 +55,17 @@ Tracks container. In future there should be an official image in Docker Hub. You postgres=# CREATE USER tracks WITH ENCRYPTED PASSWORD 'password-goes-here'; postgres=# CREATE DATABASE tracks OWNER=tracks; ``` -4. Start the Tracks container: +4. Install the schema +``` + $ docker run --link mariadb:db --rm -t tracks bin/rake db:reset + $ docker run --link postgres:db --rm -t tracks bin/rake db:reset +``` +5. Start the Tracks server: ``` $ docker run -p 3000:3000 --name tracks --link mariadb:db -t tracks $ docker run -p 3000:3000 --name tracks --link postgres:db -t tracks ``` -5. You should now be able to access Tracks in http://localhost:3000 +6. You should now be able to access Tracks in http://localhost:3000 ## Environmental variables in the Docker image diff --git a/docker-entrypoint.sh b/docker-entrypoint.sh index 12fe9243..bc38d35b 100755 --- a/docker-entrypoint.sh +++ b/docker-entrypoint.sh @@ -17,6 +17,4 @@ export DATABASE_ENCODING=${DATABASE_ENCODING:-utf8} export RAILS_SERVE_STATIC_FILES=TRUE export RAILS_LOG_TO_STDOUT=TRUE -rails db:migrate - exec "$@" diff --git a/script/bootstrap b/script/bootstrap index 6d90255a..ef8fc435 100755 --- a/script/bootstrap +++ b/script/bootstrap @@ -9,3 +9,6 @@ docker_compose="docker-compose --file docker-compose.yml" echo "==> Building Docker image…" $docker_compose build + +echo "==> Building assets…" +bin/rake assets:precompile diff --git a/script/setup b/script/setup index b9422290..c4bc29a9 100755 --- a/script/setup +++ b/script/setup @@ -13,6 +13,6 @@ script/poll-for-db echo "==> Setting up DB…" # reset database to a fresh state. -bin/rake db:create db:reset +bin/rake db:reset echo "==> App is now ready to go!" From a5942dc1b550c60cb3d8d7a585f80a373c80b5ad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 20 Jul 2020 06:19:17 +0000 Subject: [PATCH 15/46] Bump solargraph from 0.39.11 to 0.39.12 Bumps [solargraph](https://github.com/castwide/solargraph) from 0.39.11 to 0.39.12. - [Release notes](https://github.com/castwide/solargraph/releases) - [Commits](https://github.com/castwide/solargraph/compare/v0.39.11...v0.39.12) Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 26b95ffd..298bea3f 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -212,7 +212,7 @@ GEM rubocop-ast (>= 0.1.0, < 1.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 2.0) - rubocop-ast (0.1.0) + rubocop-ast (0.2.0) parser (>= 2.7.0.1) ruby-progressbar (1.10.1) rubyzip (2.0.0) @@ -242,7 +242,7 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov-html (0.12.2) - solargraph (0.39.11) + solargraph (0.39.12) backport (~> 1.1) benchmark bundler (>= 1.17.2) From 27813954056ea59661df34be6a5c1a8e9e92d294 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 17:19:26 +0300 Subject: [PATCH 16/46] Use the login form styles for the signup form too --- app/assets/stylesheets/login.scss | 2 +- app/views/users/new.html.erb | 61 ++++++++++++++++++------------- 2 files changed, 37 insertions(+), 26 deletions(-) diff --git a/app/assets/stylesheets/login.scss b/app/assets/stylesheets/login.scss index 72a242f6..da1d0737 100644 --- a/app/assets/stylesheets/login.scss +++ b/app/assets/stylesheets/login.scss @@ -34,7 +34,7 @@ body { padding: 1em 0; } -.login-form { +.login-form, .signup-form { @include make-xs-column(12); @include make-sm-column(8); @include make-sm-column-offset(2) diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb index 98b018eb..a4ff035d 100644 --- a/app/views/users/new.html.erb +++ b/app/views/users/new.html.erb @@ -1,31 +1,42 @@ -
-<%= form_tag :action=> "create" do %> +
+
+ +
+ - From 5a3727dc5f22af46205899a13bff4092e4d30621 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 18:16:15 +0300 Subject: [PATCH 17/46] Add functionality for requiring TOS approval on signup --- app/assets/stylesheets/login.scss | 8 +++++++- app/controllers/users_controller.rb | 11 ++++++++++- app/views/users/new.html.erb | 15 ++++++++++++--- config/locales/en.yml | 2 ++ config/site.docker.yml | 3 +++ config/site.yml.tmpl | 2 ++ 6 files changed, 36 insertions(+), 5 deletions(-) diff --git a/app/assets/stylesheets/login.scss b/app/assets/stylesheets/login.scss index da1d0737..dcab57c2 100644 --- a/app/assets/stylesheets/login.scss +++ b/app/assets/stylesheets/login.scss @@ -19,11 +19,17 @@ body { @include make-sm-column-offset(3); margin: 2em auto 1em; background-color: rgba(0, 0, 0, 0.75); - color: #eaeaea; padding: 0 0 1em 0; box-shadow: 0 2px 6px rgba(0, 0, 0, 0.5), 0 2px 3px rgba(0, 0, 0, 0.3); + color: #eaeaea; + + a { + color: #eaeaea; + text-decoration: underline; + } } + @media(min-width: $screen-sm-min) { .login-box { border-radius: 5px; diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index df04d9da..12c37c5e 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -76,10 +76,14 @@ class UsersController < ApplicationController return end + unless params['approve_tos'] == 'on' || SITE_CONFIG['tos_link'].blank? + render_failure "You have to accept the terms of service to sign up!" + return + end + user = User.new(user_params) unless user.valid? - session['new_user'] = user redirect_to signup_path return end @@ -106,6 +110,11 @@ class UsersController < ApplicationController render_failure "Expected post format is valid xml like so: usernameabc123.", 400 return end + unless user_params['approve_tos'] == 'on' || SITE_CONFIG['tos_link'].blank? + render_failure "You have to accept the terms of service to sign up!" + return + end + user = User.new(user_params) user.password_confirmation = user_params[:password] saved = user.save diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb index a4ff035d..4450011e 100644 --- a/app/views/users/new.html.erb +++ b/app/views/users/new.html.erb @@ -20,16 +20,25 @@
<%= label_tag "user_login", t('users.desired_login') %> - <%= text_field_tag "user_login", nil, class: "form-control" %> + <%= text_field "user", "login", class: "form-control" %>
<%= label_tag "user_password", t('users.choose_password') %> - <%= password_field_tag "user_password", nil, class: "form-control" %> + <%= password_field "user", "password", class: "form-control" %>
<%= label_tag "user_password_confirmation", t('users.confirm_password') %> - <%= password_field_tag "user_password_confirmation", nil, class: "form-control" %> + <%= password_field "user", "password_confirmation", class: "form-control" %>
+ <% unless SITE_CONFIG['tos_link'].blank? -%> +
+
+ + + (<%= t('users.tos_link') %>) +
+
+ <% end -%> <%= submit_tag t("users.signup"), class: "btn btn-default" %> <% end %>
diff --git a/config/locales/en.yml b/config/locales/en.yml index 1a545da1..97626fd2 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -978,6 +978,8 @@ en: change_authentication_type: Change authentication type total_notes: Total notes select_authentication_type: Select your new authentication type and click 'Change authentication type' to replace your current settings. + approve_tos: I approve the Terms of Service + tos_link: read the Terms of Service feedlist: choose_context: Choose the context you want a feed of actions_due_today: Actions due today or earlier diff --git a/config/site.docker.yml b/config/site.docker.yml index 0b1a04d3..4b9b2eb5 100644 --- a/config/site.docker.yml +++ b/config/site.docker.yml @@ -42,6 +42,9 @@ force_ssl: false # Set to true to allow anyone to sign up for a username. open_signups: false +# Set to require TOS approval on signup. +#tos_link: "https://www.example.com" + # When integrating your tracks instance with http://cloudmailin.com/ by using # the /integrations/cloudmailin URL, this value is the cloudmailin-secret for # verifying the authenticity of the request. diff --git a/config/site.yml.tmpl b/config/site.yml.tmpl index 29c53704..1d837be0 100644 --- a/config/site.yml.tmpl +++ b/config/site.yml.tmpl @@ -48,6 +48,8 @@ force_ssl: false # Set to true to allow anyone to sign up for a username. open_signups: false +# Set to require TOS approval on signup. +#tos_link: "https://www.example.com" # When integrating your tracks instance with http://cloudmailin.com/ by using # the /integrations/cloudmailin URL, this value is the cloudmailin-secret for From dbaa9a85cbc5b17cdf64bcc8ce99c3e9bcf51ccc Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 18:41:10 +0300 Subject: [PATCH 18/46] Add a field for user email address --- app/controllers/preferences_controller.rb | 2 +- app/controllers/users_controller.rb | 2 +- app/models/user.rb | 1 + app/views/preferences/_profile.html.erb | 3 +++ app/views/users/new.html.erb | 4 ++++ config/locales/en.yml | 4 +++- db/migrate/20200720151220_add_email_to_user.rb | 5 +++++ 7 files changed, 18 insertions(+), 3 deletions(-) create mode 100644 db/migrate/20200720151220_add_email_to_user.rb diff --git a/app/controllers/preferences_controller.rb b/app/controllers/preferences_controller.rb index 4781f121..3becc7d0 100644 --- a/app/controllers/preferences_controller.rb +++ b/app/controllers/preferences_controller.rb @@ -44,7 +44,7 @@ private end def user_params - params.require(:user).permit(:login, :first_name, :last_name, :password_confirmation, :password, :auth_type, :open_id_url) + params.require(:user).permit(:login, :first_name, :last_name, :email, :password_confirmation, :password, :auth_type, :open_id_url) end # Display notification if preferences are successful updated diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 12c37c5e..059a1f74 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -187,7 +187,7 @@ class UsersController < ApplicationController private def user_params - params.require(:user).permit(:login, :first_name, :last_name, :password_confirmation, :password, :auth_type, :open_id_url) + params.require(:user).permit(:login, :first_name, :last_name, :email, :password_confirmation, :password, :auth_type, :open_id_url) end def get_new_user diff --git a/app/models/user.rb b/app/models/user.rb index 736db95e..ad38279c 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -107,6 +107,7 @@ class User < ApplicationRecord validates_length_of :login, within: 3..80 validates_uniqueness_of :login, on: :create validate :validate_auth_type + validates :email, format: { with: URI::MailTo::EMAIL_REGEXP } before_create :crypt_password, :generate_token before_update :crypt_password diff --git a/app/views/preferences/_profile.html.erb b/app/views/preferences/_profile.html.erb index b2f67ace..447eeb57 100644 --- a/app/views/preferences/_profile.html.erb +++ b/app/views/preferences/_profile.html.erb @@ -4,6 +4,9 @@
<%= pref_with_text_field 'user', 'last_name' %>
+
+ <%= pref_with_text_field 'user', 'email' %> +
<%= pref_with_select_field('prefs', 'locale', I18n.available_locales.map {|l| l.to_s}) %>
diff --git a/app/views/users/new.html.erb b/app/views/users/new.html.erb index 4450011e..a46b87af 100644 --- a/app/views/users/new.html.erb +++ b/app/views/users/new.html.erb @@ -22,6 +22,10 @@ <%= label_tag "user_login", t('users.desired_login') %> <%= text_field "user", "login", class: "form-control" %>
+
+ <%= label_tag "user_email", t('users.email_address') %> + <%= text_field "user", "email", class: "form-control" %> +
<%= label_tag "user_password", t('users.choose_password') %> <%= password_field "user", "password", class: "form-control" %> diff --git a/config/locales/en.yml b/config/locales/en.yml index 97626fd2..5ef1aa96 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -51,6 +51,7 @@ en: user: auth_type: Auth type display_name: Display name + email: Email address first_name: First name last_name: Last name login: Login @@ -87,7 +88,7 @@ en: confirmation: doesn't match confirmation less_than_or_equal_to: must be less than or equal to %{count} blank: can't be blank - invalid: "cannot contain the comma (',') character" + invalid: "is not valid" exclusion: is reserved odd: must be odd even: must be even @@ -961,6 +962,7 @@ en: change_password_prompt: Enter your new password in the fields below and click 'Change password' to replace your current password with your new one. password_confirmation_label: Confirm password destroy_error: There was an error deleting the user %{login} + email_address: Email address choose_password: Choose password register_with_cas: With your CAS username label_auth_type: Authentication type diff --git a/db/migrate/20200720151220_add_email_to_user.rb b/db/migrate/20200720151220_add_email_to_user.rb new file mode 100644 index 00000000..0f5627ee --- /dev/null +++ b/db/migrate/20200720151220_add_email_to_user.rb @@ -0,0 +1,5 @@ +class AddEmailToUser < ActiveRecord::Migration[5.2] + def change + add_column :users, :email, :string + end +end From 7560206d962b60ed79b930f83959626ddc2faab6 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 19:11:16 +0300 Subject: [PATCH 19/46] Fix the footer on login and signup pages --- app/assets/stylesheets/login.scss | 3 +++ 1 file changed, 3 insertions(+) diff --git a/app/assets/stylesheets/login.scss b/app/assets/stylesheets/login.scss index dcab57c2..e2c35a7c 100644 --- a/app/assets/stylesheets/login.scss +++ b/app/assets/stylesheets/login.scss @@ -11,6 +11,9 @@ body { .login-wrapper { @include make-row(); + .footer { + z-index: 1; + } } .login-box { From f9f7e6b9eac39501d1f7fca031b5d75f92f5e22e Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 19:38:15 +0300 Subject: [PATCH 20/46] Updated schema --- db/schema.rb | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/db/schema.rb b/db/schema.rb index 539e80c0..4995cd50 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_01_09_231555) do +ActiveRecord::Schema.define(version: 2020_07_20_151220) do create_table "attachments", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t| t.integer "todo_id" @@ -220,6 +220,7 @@ ActiveRecord::Schema.define(version: 2020_01_09_231555) do t.string "open_id_url" t.string "remember_token" t.datetime "remember_token_expires_at" + t.string "email" t.index ["login"], name: "index_users_on_login" end From efee4976b016a69a230a9424b545a0bb2a3ae824 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 20:08:18 +0300 Subject: [PATCH 21/46] Make email address voluntary in preferences; update tests to handle the added email field better --- app/models/user.rb | 2 +- test/fixtures/users.yml | 11 ++++++ test/integration/stories_test.rb | 16 ++++----- test/integration/users_xml_api_test.rb | 50 +++++++++++++++++++------- test/models/user_test.rb | 13 +++++++ 5 files changed, 71 insertions(+), 21 deletions(-) diff --git a/app/models/user.rb b/app/models/user.rb index ad38279c..d68cf40f 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -107,7 +107,7 @@ class User < ApplicationRecord validates_length_of :login, within: 3..80 validates_uniqueness_of :login, on: :create validate :validate_auth_type - validates :email, format: { with: URI::MailTo::EMAIL_REGEXP } + validates :email, :allow_blank => true, format: { with: URI::MailTo::EMAIL_REGEXP } before_create :crypt_password, :generate_token before_update :crypt_password diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index f43b9602..fd50e0ea 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -19,6 +19,17 @@ other_user: last_name: Doe auth_type: database +other_user_email: + id: 3 + login: joe + crypted_password: <%= BCrypt::Password.create("open") %> + token: <%= Digest::SHA1.hexdigest("joeSun Feb 19 14:42:45 GMT 20060.408173979260027") %> + is_admin: false + first_name: Jane + last_name: Doe + email: joe@example.org + auth_type: database + ldap_user: id: 3 login: john diff --git a/test/integration/stories_test.rb b/test/integration/stories_test.rb index 8e0f56a4..512a9b38 100644 --- a/test/integration/stories_test.rb +++ b/test/integration/stories_test.rb @@ -3,7 +3,7 @@ require 'support/stub_site_config_helper' class StoriesTest < ActionDispatch::IntegrationTest include StubSiteConfigHelper - + # #################################################### # Testing login and signup by different kinds of users # #################################################### @@ -11,10 +11,11 @@ class StoriesTest < ActionDispatch::IntegrationTest admin = new_session_as(:admin_user,"abracadabra") admin.goes_to_signup admin.signs_up_with(:user => {:login => "newbie", + :email => "test.person@example.org", :password => "newbiepass", :password_confirmation => "newbiepass"}) end - + def test_signup_new_user_by_nonadmin stub_site_config do SITE_CONFIG['open_signups'] = false @@ -22,7 +23,7 @@ class StoriesTest < ActionDispatch::IntegrationTest other_user.goes_to_signup_as_nonadmin end end - + def test_open_signup_new_user stub_site_config do SITE_CONFIG['open_signups'] = true @@ -30,6 +31,7 @@ class StoriesTest < ActionDispatch::IntegrationTest assert_response :success assert_template "users/new" post "/users", params: { :user => {:login => "newbie", + :email => "test.person@example.org", :password => "newbiepass", :password_confirmation => "newbiepass"} } assert_response :redirect @@ -37,8 +39,8 @@ class StoriesTest < ActionDispatch::IntegrationTest assert_response :success assert_template "todos/index" end - end - + end + private module CustomAssertions @@ -67,7 +69,7 @@ class StoriesTest < ActionDispatch::IntegrationTest assert_response :success assert_template "users/new" end - + def goes_to_signup_as_nonadmin get "/signup" assert_response :success @@ -81,7 +83,6 @@ class StoriesTest < ActionDispatch::IntegrationTest assert_response :success assert_template "todos/index" end - end def new_session_as(user,plainpass) @@ -92,5 +93,4 @@ class StoriesTest < ActionDispatch::IntegrationTest yield sess if block_given? end end - end diff --git a/test/integration/users_xml_api_test.rb b/test/integration/users_xml_api_test.rb index cca726d9..103e3c82 100644 --- a/test/integration/users_xml_api_test.rb +++ b/test/integration/users_xml_api_test.rb @@ -1,20 +1,22 @@ require 'test_helper' class UsersXmlApiTest < ActionDispatch::IntegrationTest - + @@foobar_postdata = "foobar" + @@barfoo_postdata = "barbarfoo@example.orgfoo" @@johnny_postdata = "johnnybarracuda" - + @@barracuda_postdata = "barracudabarracuda@example.orgjohnny" + def test_fails_with_401_if_not_authorized_user authenticated_post_xml_to_user_create @@foobar_postdata, 'nobody', 'nohow' assert_401_unauthorized_admin end - + def test_fails_with_401_if_not_admin_user authenticated_post_xml_to_user_create @@foobar_postdata, users(:other_user).login, 'sesame' assert_401_unauthorized_admin end - + def test_content_type_must_be_xml authenticated_post_xml_to_user_create @@foobar_postdata, users(:admin_user).login, 'abracadabra', {'CONTENT_TYPE' => "application/x-www-form-urlencoded"} assert_response 400, "Expected response 400" @@ -25,12 +27,12 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest # authenticated_post_xml_to_user_create "" # assert_equal 500, @integration_session.status # end - + def test_fails_with_invalid_xml_format2 authenticated_post_xml_to_user_create "foo" assert_response_and_body 400, "Expected post format is valid xml like so: usernameabc123." end - + def test_xml_simple_param_parsing authenticated_post_xml_to_user_create assert @controller.params.has_key?(:user) @@ -39,18 +41,18 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest assert_equal 'foo', @controller.params['user'][:login] assert_equal 'bar', @controller.params['user'][:password] end - + def test_fails_with_too_short_password authenticated_post_xml_to_user_create assert_responses_with_error "Password is too short (minimum is 5 characters" end - + def test_fails_with_nonunique_login existing_login = users(:other_user).login authenticated_post_xml_to_user_create "#{existing_login}barracuda" assert_responses_with_error "Login has already been taken" end - + def test_creates_new_user assert_difference 'User.count' do authenticated_post_xml_to_user_create @@johnny_postdata @@ -61,11 +63,22 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest johnny2 = User.authenticate('johnny','barracuda') assert_not_nil johnny2, "expected user johnny to be authenticated" end - + + def test_creates_new_user + assert_difference 'User.count' do + authenticated_post_xml_to_user_create @@barracuda_postdata + assert_response_and_body 200, "User created." + end + barracuda1 = User.where(:login => 'barracuda').first + assert_not_nil barracuda1, "expected user barracuda to be created" + johnny2 = User.authenticate('barracuda','johnny') + assert_not_nil barracuda2, "expected user barracuda to be authenticated" + end + def test_fails_with_get_verb authenticated_get_xml "/users.xml", users(:admin_user).login, 'abracadabra', {} end - + def test_get_users_as_xml get '/users.xml', params: {}, headers: basic_auth_headers() assert_response :success @@ -79,9 +92,18 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest get "/users/#{users(:other_user).id}.xml", params: {}, headers: basic_auth_headers() assert_response :success assert_select 'user' + assert_select 'email', false assert_select 'password', false end - + + def test_get_email_user_as_xml + get "/users/#{users(:other_user_email).id}.xml", params: {}, headers: basic_auth_headers() + assert_response :success + assert_select 'user' + assert_select 'email' + assert_select 'password', false + end + private def basic_auth_headers(username = users(:admin_user).login, password = 'abracadabra') @@ -91,4 +113,8 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest def authenticated_post_xml_to_user_create(postdata = @@foobar_postdata, user = users(:admin_user).login, password = 'abracadabra', headers = {}) authenticated_post_xml "/users.xml", user, password, postdata, headers end + + def authenticated_post_xml_to_user_create_with_email(postdata = @@barfoo_postdata, user = users(:admin_user).login, password = 'abracadabra', headers = {}) + authenticated_post_xml "/users.xml", user, password, postdata, headers + end end diff --git a/test/models/user_test.rb b/test/models/user_test.rb index 6e20d6a4..b582938e 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -89,6 +89,19 @@ class UserTest < ActiveSupport::TestCase end end + def test_validate_correct_email + assert_difference 'User.count' do + create_user :email=> 'testi@example.org' + end + end + + def test_validate_email_format + assert_no_difference 'User.count' do + u = create_user :email=> 'test' + assert_equal "is not valid", u.errors[:email] + end + end + def test_display_name_with_first_and_last_name_set @other_user.first_name = "Jane" @other_user.last_name = "Doe" From 149dbe7e27c22da98e30d9a2cea4bd66fd4b609d Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 20:25:35 +0300 Subject: [PATCH 22/46] More fixed tests --- test/controllers/users_controller_test.rb | 2 +- test/fixtures/users.yml | 23 ++++++++++++----------- test/integration/users_xml_api_test.rb | 4 ++-- test/models/user_test.rb | 2 +- 4 files changed, 16 insertions(+), 15 deletions(-) diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb index 04c6a99e..c3dde992 100644 --- a/test/controllers/users_controller_test.rb +++ b/test/controllers/users_controller_test.rb @@ -18,7 +18,7 @@ class UsersControllerTest < ActionController::TestCase get :index assert_response :success assert_equal "TRACKS::Manage Users", assigns['page_title'] - assert_equal 4, assigns['total_users'] + assert_equal 5, assigns['total_users'] assert_equal users_url, session['return-to'] end diff --git a/test/fixtures/users.yml b/test/fixtures/users.yml index fd50e0ea..8df180d6 100644 --- a/test/fixtures/users.yml +++ b/test/fixtures/users.yml @@ -19,17 +19,6 @@ other_user: last_name: Doe auth_type: database -other_user_email: - id: 3 - login: joe - crypted_password: <%= BCrypt::Password.create("open") %> - token: <%= Digest::SHA1.hexdigest("joeSun Feb 19 14:42:45 GMT 20060.408173979260027") %> - is_admin: false - first_name: Jane - last_name: Doe - email: joe@example.org - auth_type: database - ldap_user: id: 3 login: john @@ -59,3 +48,15 @@ ldap_user: first_name: International last_name: Harvester auth_type: CAS + +other_user_email: + id: 6 + login: joe + crypted_password: <%= BCrypt::Password.create("open") %> + token: <%= Digest::SHA1.hexdigest("joeSun Feb 19 14:42:45 GMT 20060.408173979260027") %> + is_admin: false + first_name: Jane + last_name: Doe + email: joe@example.org + auth_type: database + diff --git a/test/integration/users_xml_api_test.rb b/test/integration/users_xml_api_test.rb index 103e3c82..4a485734 100644 --- a/test/integration/users_xml_api_test.rb +++ b/test/integration/users_xml_api_test.rb @@ -71,7 +71,7 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest end barracuda1 = User.where(:login => 'barracuda').first assert_not_nil barracuda1, "expected user barracuda to be created" - johnny2 = User.authenticate('barracuda','johnny') + barracuda2 = User.authenticate('barracuda','johnny') assert_not_nil barracuda2, "expected user barracuda to be authenticated" end @@ -83,7 +83,7 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest get '/users.xml', params: {}, headers: basic_auth_headers() assert_response :success assert_select 'users' do - assert_select 'user', count: 4 + assert_select 'user', count: 5 end assert_select 'password', false end diff --git a/test/models/user_test.rb b/test/models/user_test.rb index b582938e..66d5c801 100644 --- a/test/models/user_test.rb +++ b/test/models/user_test.rb @@ -98,7 +98,7 @@ class UserTest < ActiveSupport::TestCase def test_validate_email_format assert_no_difference 'User.count' do u = create_user :email=> 'test' - assert_equal "is not valid", u.errors[:email] + assert_equal ["is not valid"], u.errors[:email] end end From 84429bdb8e1cb3788208eb0fe078c54b35a67afe Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 20 Jul 2020 20:54:50 +0300 Subject: [PATCH 23/46] Fixed the last test --- test/integration/users_xml_api_test.rb | 1 - 1 file changed, 1 deletion(-) diff --git a/test/integration/users_xml_api_test.rb b/test/integration/users_xml_api_test.rb index 4a485734..f3d2125d 100644 --- a/test/integration/users_xml_api_test.rb +++ b/test/integration/users_xml_api_test.rb @@ -92,7 +92,6 @@ class UsersXmlApiTest < ActionDispatch::IntegrationTest get "/users/#{users(:other_user).id}.xml", params: {}, headers: basic_auth_headers() assert_response :success assert_select 'user' - assert_select 'email', false assert_select 'password', false end From 5c5dfec30d87908121d9d15afeb7791bf3b9b456 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Jul 2020 06:22:31 +0000 Subject: [PATCH 24/46] Bump bcrypt from 3.1.13 to 3.1.15 Bumps [bcrypt](https://github.com/codahale/bcrypt-ruby) from 3.1.13 to 3.1.15. - [Release notes](https://github.com/codahale/bcrypt-ruby/releases) - [Changelog](https://github.com/codahale/bcrypt-ruby/blob/master/CHANGELOG) - [Commits](https://github.com/codahale/bcrypt-ruby/compare/v3.1.13...v3.1.15) Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile b/Gemfile index f093c1f8..58554868 100644 --- a/Gemfile +++ b/Gemfile @@ -36,7 +36,7 @@ gem 'puma', '~> 4.3' gem 'paperclip' # To use ActiveModel has_secure_password -gem 'bcrypt', '~> 3.1.13' +gem 'bcrypt', '~> 3.1.15' gem 'chartjs-ror', :git => 'git://github.com/ZeiP/chartjs-ror.git' diff --git a/Gemfile.lock b/Gemfile.lock index 298bea3f..10d382f0 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -66,7 +66,7 @@ GEM autoprefixer-rails (9.4.7) execjs backport (1.1.2) - bcrypt (3.1.13) + bcrypt (3.1.15) benchmark (0.1.0) bootstrap-sass (3.4.1) autoprefixer-rails (>= 5.2.1) @@ -298,7 +298,7 @@ DEPENDENCIES actionpack-xml_parser (~> 2.0) activemodel-serializers-xml (~> 1.0.1) acts_as_list - bcrypt (~> 3.1.13) + bcrypt (~> 3.1.15) bootstrap-sass (= 3.4.1) bullet byebug From c19ccbaeee3518f7937c1c12b818650cf7461408 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 23 Jul 2020 05:59:09 +0000 Subject: [PATCH 25/46] Bump tolk from 3.2.1 to 4.0.0 Bumps [tolk](https://github.com/tolk/tolk) from 3.2.1 to 4.0.0. - [Release notes](https://github.com/tolk/tolk/releases) - [Changelog](https://github.com/tolk/tolk/blob/master/CHANGELOG.md) - [Commits](https://github.com/tolk/tolk/compare/v3.2.1...v4.0.0) Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 12 ++++++------ 2 files changed, 7 insertions(+), 7 deletions(-) diff --git a/Gemfile b/Gemfile index 58554868..320fa122 100644 --- a/Gemfile +++ b/Gemfile @@ -53,7 +53,7 @@ group :development do gem "spring" gem "yard" - gem 'tolk', '~> 3.2.1' + gem 'tolk', '~> 4.0.0' gem "bullet" gem "rack-mini-profiler" diff --git a/Gemfile.lock b/Gemfile.lock index 10d382f0..828a868e 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -106,7 +106,7 @@ GEM globalid (0.4.2) activesupport (>= 4.2.0) htmlentities (4.3.4) - i18n (1.8.3) + i18n (1.8.4) concurrent-ruby (~> 1.0) jaro_winkler (1.5.4) jquery-rails (4.4.0) @@ -191,7 +191,7 @@ GEM thor (>= 0.19.0, < 2.0) rainbow (3.0.0) rake (13.0.1) - rb-fsevent (0.10.3) + rb-fsevent (0.10.4) rb-inotify (0.10.1) ffi (~> 1.0) ref (2.0.0) @@ -273,17 +273,17 @@ GEM thor (1.0.1) thread_safe (0.3.6) tilt (2.0.10) - tolk (3.2.1) + tolk (4.0.0) rails (>= 5.0) safe_yaml (>= 0.8.6) - sass + sassc tzinfo (1.2.7) thread_safe (~> 0.1) uglifier (4.2.0) execjs (>= 0.3.0, < 3) unicode-display_width (1.7.0) uniform_notifier (1.13.0) - websocket-driver (0.7.2) + websocket-driver (0.7.3) websocket-extensions (>= 0.1.0) websocket-extensions (0.1.5) will_paginate (3.3.0) @@ -332,7 +332,7 @@ DEPENDENCIES spring sqlite3 therubyracer - tolk (~> 3.2.1) + tolk (~> 4.0.0) uglifier (>= 1.3.0) will_paginate yard From f86285b7b37581d133d10a35313f9eba3805567a Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Thu, 23 Jul 2020 20:48:38 +0300 Subject: [PATCH 26/46] Show a signup link under the login form if open signup is enabled --- app/assets/stylesheets/login.scss | 4 ++++ app/views/login/login.html.erb | 5 +++++ config/locales/en.yml | 1 + 3 files changed, 10 insertions(+) diff --git a/app/assets/stylesheets/login.scss b/app/assets/stylesheets/login.scss index e2c35a7c..ee2fa703 100644 --- a/app/assets/stylesheets/login.scss +++ b/app/assets/stylesheets/login.scss @@ -30,6 +30,10 @@ body { color: #eaeaea; text-decoration: underline; } + + .signup-prompt { + text-align: right; + } } diff --git a/app/views/login/login.html.erb b/app/views/login/login.html.erb index dbf8822e..6fa6a929 100644 --- a/app/views/login/login.html.erb +++ b/app/views/login/login.html.erb @@ -29,6 +29,11 @@
<%= submit_tag t("login.sign_in"), class: "btn btn-default" %> <% end %> + <% if SITE_CONFIG['open_signups'] -%> + + <% end -%> diff --git a/config/locales/en.yml b/config/locales/en.yml index 5ef1aa96..624b41a7 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -1009,6 +1009,7 @@ en: login: login_cas: go to the CAS sign_in: Sign in + signup_prompt: Want to create an account? openid_identity_url_not_found: "Sorry, no user by that identity URL exists (%{identity_url})" user_no_expiry: Stay logged in cas_no_user_found: "Hello, %{username}! You do not have an account on Tracks." From 0841ddda09e8c3a75c4965fb28e727f1c43285e4 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Thu, 23 Jul 2020 21:58:16 +0300 Subject: [PATCH 27/46] Show user email in user list --- app/views/users/index.html.erb | 2 ++ 1 file changed, 2 insertions(+) diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb index faf653b0..488edac3 100644 --- a/app/views/users/index.html.erb +++ b/app/views/users/index.html.erb @@ -6,6 +6,7 @@ <%= User.human_attribute_name('login') %> <%= User.human_attribute_name('display_name') %> + <%= User.human_attribute_name('email') %> <%= User.human_attribute_name('auth_type') %> <%= User.human_attribute_name('open_id_url') %> <%= t('users.total_actions') %> @@ -18,6 +19,7 @@ id="user-<%= user.id %>"> <%=h user.login %> <%=h user.display_name %> + <%=h user.email %> <%= h user.auth_type %> <%= h user.open_id_url || '-' %> <%= h user.todos.size %> From cf5751cdce0cb72177b66df552a2ef5ae3951fdb Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Thu, 23 Jul 2020 22:20:28 +0300 Subject: [PATCH 28/46] Add a help page with link to the user manual and other sources --- app/controllers/integrations_controller.rb | 4 ++++ app/views/integrations/help.html.erb | 13 +++++++++++++ app/views/shared/_navbar.html.erb | 1 + config/locales/en.yml | 1 + config/routes.rb | 1 + 5 files changed, 20 insertions(+) create mode 100644 app/views/integrations/help.html.erb diff --git a/app/controllers/integrations_controller.rb b/app/controllers/integrations_controller.rb index dcab4e9d..a4fa3c67 100644 --- a/app/controllers/integrations_controller.rb +++ b/app/controllers/integrations_controller.rb @@ -12,6 +12,10 @@ class IntegrationsController < ApplicationController @page_title = 'TRACKS::REST API Documentation' end + def help + @page_title = 'TRACKS::Help' + end + def search_plugin @icon_data = [File.open(File.join(Rails.root, 'app', 'assets', 'images', 'done.png')).read]. pack('m').gsub(/\n/, '') diff --git a/app/views/integrations/help.html.erb b/app/views/integrations/help.html.erb new file mode 100644 index 00000000..5cd0fca6 --- /dev/null +++ b/app/views/integrations/help.html.erb @@ -0,0 +1,13 @@ +

Help

+ +

You can find information on the usage in the User manual in the project GitHub wiki.

+ +

If you encounter a bug or have a feature request, please report it in the issue queue.

+ +

We gladly welcome all contributions to Tracks. Check the project website for further information. You can also come discuss with the community:

+ + diff --git a/app/views/shared/_navbar.html.erb b/app/views/shared/_navbar.html.erb index a5661f8e..709670c5 100644 --- a/app/views/shared/_navbar.html.erb +++ b/app/views/shared/_navbar.html.erb @@ -51,6 +51,7 @@ <%= t('layouts.navigation.help') %>
    +
  • <%= link_to t('layouts.navigation.help_page'), help_path %>
  • <%= link_to t('layouts.navigation.integrations_'), integrations_path %>
  • <%= link_to t('layouts.navigation.api_docs'), rest_api_docs_path %>
diff --git a/config/locales/en.yml b/config/locales/en.yml index 624b41a7..a953c51a 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -401,6 +401,7 @@ en: import_title: Import data preferences: Preferences integrations_: Integrate Tracks + help_page: Help feeds_title: See a list of available feeds calendar_title: Calendar of due actions completed_tasks: Done diff --git a/config/routes.rb b/config/routes.rb index c35f7991..79d5d5c6 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -25,6 +25,7 @@ Rails.application.routes.draw do get 'data/xml_export' => 'data#xml_export' get 'data/csv_actions' => 'data#csv_actions' + get 'help' => "integrations#help" get 'integrations' => "integrations#index" get 'integrations/rest_api' => "integrations#rest_api", :as => 'rest_api_docs' post 'integrations/cloudmailin' => 'integrations#cloudmailin' From ca6382832e1a686f355ffa4958e539c3546a0bf0 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Fri, 24 Jul 2020 17:37:37 +0300 Subject: [PATCH 29/46] Redo the datepicker z-index fix that didn't work because it has been applied only to the div.legacy, but as datepicker is appended to the end of the document it's outside the element. Also making the number a lot bigger to account for a large amount of tasks, which cause higher z-indexes. Fixes #2245. --- app/assets/stylesheets/application.scss | 4 ++++ app/assets/stylesheets/legacy.scss | 4 ---- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/assets/stylesheets/application.scss b/app/assets/stylesheets/application.scss index f8bb446b..32baec8f 100644 --- a/app/assets/stylesheets/application.scss +++ b/app/assets/stylesheets/application.scss @@ -53,3 +53,7 @@ body { color: $text-color; background-color: $body-bg; } + +.ui-datepicker { + z-index: 999999 !important; +} diff --git a/app/assets/stylesheets/legacy.scss b/app/assets/stylesheets/legacy.scss index cc5f1916..9b043021 100644 --- a/app/assets/stylesheets/legacy.scss +++ b/app/assets/stylesheets/legacy.scss @@ -1349,10 +1349,6 @@ div.auto_complete { } } -.ui-datepicker { - z-index: 1000 !important; -} - .ui-autocomplete-loading { background: white image-url('ui-anim_basic_16x16.gif') right center no-repeat; } From 8b982f342b9b8a2eea43fe1aec729c640ae94b5c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 29 Jul 2020 06:13:56 +0000 Subject: [PATCH 30/46] Bump rack-mini-profiler from 2.0.2 to 2.0.3 Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 2.0.2 to 2.0.3. - [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases) - [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md) - [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.0.2...v2.0.3) Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 828a868e..8f2b7c63 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -155,7 +155,7 @@ GEM puma (4.3.5) nio4r (~> 2.0) rack (2.2.3) - rack-mini-profiler (2.0.2) + rack-mini-profiler (2.0.3) rack (>= 1.2.0) rack-test (1.1.0) rack (>= 1.0, < 3) From 0f0c6d369e518d83ae79f68e7432f29fbc904394 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 4 Aug 2020 07:05:48 +0000 Subject: [PATCH 31/46] Bump rack-mini-profiler from 2.0.3 to 2.0.4 Bumps [rack-mini-profiler](https://github.com/MiniProfiler/rack-mini-profiler) from 2.0.3 to 2.0.4. - [Release notes](https://github.com/MiniProfiler/rack-mini-profiler/releases) - [Changelog](https://github.com/MiniProfiler/rack-mini-profiler/blob/master/CHANGELOG.md) - [Commits](https://github.com/MiniProfiler/rack-mini-profiler/compare/v2.0.3...v2.0.4) Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 8f2b7c63..d5f5c7c3 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -155,7 +155,7 @@ GEM puma (4.3.5) nio4r (~> 2.0) rack (2.2.3) - rack-mini-profiler (2.0.3) + rack-mini-profiler (2.0.4) rack (>= 1.2.0) rack-test (1.1.0) rack (>= 1.0, < 3) From 2120cbfc1df5160bac53989c18d4f7ea04e1c1c4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 6 Aug 2020 06:29:29 +0000 Subject: [PATCH 32/46] Bump solargraph from 0.39.12 to 0.39.13 Bumps [solargraph](https://github.com/castwide/solargraph) from 0.39.12 to 0.39.13. - [Release notes](https://github.com/castwide/solargraph/releases) - [Commits](https://github.com/castwide/solargraph/compare/v0.39.12...v0.39.13) Signed-off-by: dependabot[bot] --- Gemfile.lock | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index d5f5c7c3..3bc69b9c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -212,8 +212,8 @@ GEM rubocop-ast (>= 0.1.0, < 1.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 2.0) - rubocop-ast (0.2.0) - parser (>= 2.7.0.1) + rubocop-ast (0.3.0) + parser (>= 2.7.1.4) ruby-progressbar (1.10.1) rubyzip (2.0.0) safe_yaml (1.0.5) @@ -242,7 +242,7 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov-html (0.12.2) - solargraph (0.39.12) + solargraph (0.39.13) backport (~> 1.1) benchmark bundler (>= 1.17.2) From 126299b7c7c33e280d3632a2d206e00a0dd0efb4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 6 Aug 2020 06:29:56 +0000 Subject: [PATCH 33/46] Bump rubocop from 0.88.0 to 0.89.0 Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.88.0 to 0.89.0. - [Release notes](https://github.com/rubocop-hq/rubocop/releases) - [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.88.0...v0.89.0) Signed-off-by: dependabot[bot] --- Gemfile | 2 +- Gemfile.lock | 8 ++++---- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/Gemfile b/Gemfile index 320fa122..5a0c005a 100644 --- a/Gemfile +++ b/Gemfile @@ -63,7 +63,7 @@ end group :development, :test do gem 'byebug' gem 'listen' - gem "rubocop", "~> 0.88", require: false + gem "rubocop", "~> 0.89", require: false end group :test do diff --git a/Gemfile.lock b/Gemfile.lock index d5f5c7c3..eac01fe7 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -203,7 +203,7 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.9.0) rspec-support (3.9.3) - rubocop (0.88.0) + rubocop (0.89.0) parallel (~> 1.10) parser (>= 2.7.1.1) rainbow (>= 2.2.2, < 4.0) @@ -212,8 +212,8 @@ GEM rubocop-ast (>= 0.1.0, < 1.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 2.0) - rubocop-ast (0.2.0) - parser (>= 2.7.0.1) + rubocop-ast (0.3.0) + parser (>= 2.7.1.4) ruby-progressbar (1.10.1) rubyzip (2.0.0) safe_yaml (1.0.5) @@ -323,7 +323,7 @@ DEPENDENCIES rails-dom-testing (~> 2.0.0) rails_autolink rspec-expectations - rubocop (~> 0.88) + rubocop (~> 0.89) sanitize (~> 5.2) sass-rails (~> 5.0) selenium-webdriver (~> 3.142) From 8369bf9e9687a475fc81226ab420bbfd0283cff7 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Fri, 7 Aug 2020 21:03:51 +0300 Subject: [PATCH 34/46] #2448: Add created_at and updated_at fields to the user model and display the creation date in user list --- app/views/users/index.html.erb | 2 ++ db/migrate/20200807175610_add_dates_to_user.rb | 6 ++++++ 2 files changed, 8 insertions(+) create mode 100644 db/migrate/20200807175610_add_dates_to_user.rb diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb index 488edac3..9cf49d00 100644 --- a/app/views/users/index.html.erb +++ b/app/views/users/index.html.erb @@ -13,6 +13,7 @@ <%= t('users.total_contexts') %> <%= t('users.total_projects') %> <%= t('users.total_notes') %> + <%= User.human_attribute_name('created_at') %>   <% for user in @users %> @@ -26,6 +27,7 @@ <%= h user.contexts.size %> <%= h user.projects.size %> <%= h user.notes.size %> + <%= format_date(user.created_at) %> <%= !user.is_admin? ? remote_delete_user(user) : " ".html_safe %> <% end %> diff --git a/db/migrate/20200807175610_add_dates_to_user.rb b/db/migrate/20200807175610_add_dates_to_user.rb new file mode 100644 index 00000000..9f58dfd2 --- /dev/null +++ b/db/migrate/20200807175610_add_dates_to_user.rb @@ -0,0 +1,6 @@ +class AddDatesToUser < ActiveRecord::Migration[5.2] + def change + add_column :users, :created_at, :datetime + add_column :users, :updated_at, :datetime + end +end From c9e5f0318d16ccf2212235679a79d0a8c3257514 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Fri, 7 Aug 2020 21:38:16 +0300 Subject: [PATCH 35/46] #2448: Update the schema file --- db/schema.rb | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/db/schema.rb b/db/schema.rb index 4995cd50..68ea91d1 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_07_20_151220) do +ActiveRecord::Schema.define(version: 2020_08_07_175610) do create_table "attachments", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t| t.integer "todo_id" @@ -221,6 +221,8 @@ ActiveRecord::Schema.define(version: 2020_07_20_151220) do t.string "remember_token" t.datetime "remember_token_expires_at" t.string "email" + t.datetime "created_at" + t.datetime "updated_at" t.index ["login"], name: "index_users_on_login" end From 1936c90c951ba69a1528d53ce3178d42620bf25a Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 10 Aug 2020 16:54:48 +0300 Subject: [PATCH 36/46] Record and show the last time users have logged in --- app/controllers/login_controller.rb | 1 + app/views/users/index.html.erb | 2 ++ db/migrate/20200810123316_add_lastlogin_to_user.rb | 5 +++++ db/schema.rb | 3 ++- 4 files changed, 10 insertions(+), 1 deletion(-) create mode 100644 db/migrate/20200810123316_add_lastlogin_to_user.rb diff --git a/app/controllers/login_controller.rb b/app/controllers/login_controller.rb index 402f7a4b..2ca0b1cb 100644 --- a/app/controllers/login_controller.rb +++ b/app/controllers/login_controller.rb @@ -14,6 +14,7 @@ class LoginController < ApplicationController case request.method when 'POST' if @user = User.authenticate(params['user_login'], params['user_password']) + @user.update_attribute(:last_login_at, Time.now) return handle_post_success else handle_post_failure diff --git a/app/views/users/index.html.erb b/app/views/users/index.html.erb index 9cf49d00..f463466f 100644 --- a/app/views/users/index.html.erb +++ b/app/views/users/index.html.erb @@ -14,6 +14,7 @@ <%= t('users.total_projects') %> <%= t('users.total_notes') %> <%= User.human_attribute_name('created_at') %> + <%= User.human_attribute_name('last_login_at') %>   <% for user in @users %> @@ -28,6 +29,7 @@ <%= h user.projects.size %> <%= h user.notes.size %> <%= format_date(user.created_at) %> + <%= format_date(user.last_login_at) %> <%= !user.is_admin? ? remote_delete_user(user) : " ".html_safe %> <% end %> diff --git a/db/migrate/20200810123316_add_lastlogin_to_user.rb b/db/migrate/20200810123316_add_lastlogin_to_user.rb new file mode 100644 index 00000000..c7ec36d9 --- /dev/null +++ b/db/migrate/20200810123316_add_lastlogin_to_user.rb @@ -0,0 +1,5 @@ +class AddLastloginToUser < ActiveRecord::Migration[5.2] + def change + add_column :users, :last_login_at, :datetime + end +end diff --git a/db/schema.rb b/db/schema.rb index 68ea91d1..b0f92d33 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -10,7 +10,7 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 2020_08_07_175610) do +ActiveRecord::Schema.define(version: 2020_08_10_123316) do create_table "attachments", options: "ENGINE=InnoDB DEFAULT CHARSET=utf8", force: :cascade do |t| t.integer "todo_id" @@ -223,6 +223,7 @@ ActiveRecord::Schema.define(version: 2020_08_07_175610) do t.string "email" t.datetime "created_at" t.datetime "updated_at" + t.datetime "last_login_at" t.index ["login"], name: "index_users_on_login" end From f8cf140bf4bc936c462a6e85d6aa67864b31b709 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 10 Aug 2020 23:19:13 +0300 Subject: [PATCH 37/46] Show 10 users at a time instead of just five, the user list has plenty space. --- app/models/user.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/models/user.rb b/app/models/user.rb index d68cf40f..fd9bcaad 100644 --- a/app/models/user.rb +++ b/app/models/user.rb @@ -7,7 +7,7 @@ class User < ApplicationRecord #for will_paginate plugin cattr_accessor :per_page - @@per_page = 5 + @@per_page = 10 has_many(:contexts, -> { order 'position ASC' }, dependent: :delete_all) do def find_by_params(params) From 46b8d3ce9f951ed8ee9a204171a5a0f5aaa73d18 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 11 Aug 2020 01:18:10 +0300 Subject: [PATCH 38/46] Allow the user to delete their own account --- app/controllers/users_controller.rb | 22 +++++++++++++++---- app/helpers/preferences_helper.rb | 10 +++++++++ .../preferences/_remove_account.html.erb | 4 ++++ app/views/preferences/index.html.erb | 10 ++++++--- config/locales/en.yml | 2 ++ config/routes.rb | 2 +- lib/login_system.rb | 1 + 7 files changed, 43 insertions(+), 8 deletions(-) create mode 100644 app/views/preferences/_remove_account.html.erb diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index 059a1f74..a58d5a63 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,6 +1,6 @@ class UsersController < ApplicationController - before_action :admin_login_required, :only => [ :index, :show, :destroy ] + before_action :admin_login_required, :only => [ :index, :show ] skip_before_action :login_required, :only => [ :new, :create ] prepend_before_action :login_optional, :only => [ :new, :create ] @@ -103,7 +103,7 @@ class UsersController < ApplicationController end format.xml do unless current_user && current_user.is_admin - render :body => "401 Unauthorized: Only admin users are allowed access to this function.", :status => 401 + render :body => t('errors.user_unauthorized'), :status => 401 return end unless check_create_user_params @@ -131,7 +131,15 @@ class UsersController < ApplicationController # DELETE /users/id DELETE /users/id.xml def destroy @deleted_user = User.find(params[:id]) + unless current_user && (current_user.is_admin || current_user == @deleted_user) + render :body => t('errors.user_unauthorized'), :status => 401 + return + end + @saved = @deleted_user.destroy + if current_user == @deleted_user + logout_user + end @total_users = User.count respond_to do |format| @@ -141,10 +149,16 @@ class UsersController < ApplicationController else notify :error, t('users.failed_to_delete_user', :username => @deleted_user.login) end - redirect_to users_url + if current_user == @deleted_user + redirect_to login + else + redirect_to users_url + end end format.js - format.xml { head :ok } + format.xml do + head :ok + end end end diff --git a/app/helpers/preferences_helper.rb b/app/helpers/preferences_helper.rb index e8cbafe9..4ba46e2f 100644 --- a/app/helpers/preferences_helper.rb +++ b/app/helpers/preferences_helper.rb @@ -18,4 +18,14 @@ module PreferencesHelper pref(model, pref_name) { text_field(model, pref_name, class: "form-control") } end + def profile_delete_user(user) + return link_to( + t('users.destroy_user'), + url_for({:controller => 'users', :action => 'destroy', :id => user.id}), + {:id => "delete_user_#{user.id}", + :class => "delete_user_button btn btn-danger", + :title => t('users.destroy_user'), + :x_confirm_message => t('users.destroy_confirmation', :login => user.login) + }) + end end diff --git a/app/views/preferences/_remove_account.html.erb b/app/views/preferences/_remove_account.html.erb new file mode 100644 index 00000000..7a310842 --- /dev/null +++ b/app/views/preferences/_remove_account.html.erb @@ -0,0 +1,4 @@ +

<%= t 'preferences.remove_introduction' %>

+
+ <%= profile_delete_user(@user) %> +
diff --git a/app/views/preferences/index.html.erb b/app/views/preferences/index.html.erb index 852b67fe..879dd245 100644 --- a/app/views/preferences/index.html.erb +++ b/app/views/preferences/index.html.erb @@ -21,16 +21,20 @@
  • <%= link_to t('preferences.tabs.tracks_behavior'), "#behavior", data: { toggle: "tab" } %>
    • +
  • + <%= link_to t('preferences.tabs.remove_account'), "#remove_account", data: { toggle: "tab" } %> +
    • <%= render :partial => 'profile'%>
    <%= render :partial => 'authentication'%>
    <%= render :partial => 'date_and_time'%>
    <%= render :partial => 'tracks_behavior'%>
    +
    <%= render :partial => 'remove_account'%>
    +
    +
    +
    - - - <% end %> diff --git a/config/locales/en.yml b/config/locales/en.yml index a953c51a..663cbea6 100644 --- a/config/locales/en.yml +++ b/config/locales/en.yml @@ -821,11 +821,13 @@ en: authentication_header: Your authentication current_authentication_type: Your authentication type is %{auth_type} change_authentication_type: Change your authentication type + remove_introduction: You can remove your user account here. Note that this is irreversible and will remove all your data! After removal you will be logged out. tabs: authentication: Authentication tracks_behavior: Tracks behavior profile: Profile date_and_time: Date and time + remove_account: Remove account generate_new_token_confirm: Are you sure? Generating a new token will replace the existing one and break any external usages of this token. data: import_successful: Import was successful. diff --git a/config/routes.rb b/config/routes.rb index 79d5d5c6..6650560a 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -106,7 +106,7 @@ Rails.application.routes.draw do # This means the controller action needs to parse the extension and set format/content type # Needed for /todos/tag/first.last.m to work get 'todos/tag/:name' => 'todos#tag', :as => :tag, :format => false, :name => /.*/ - + get 'attachments/:id/:filename' => "todos#attachment" get 'tags.autocomplete' => "todos#tags", :format => 'autocomplete' get 'todos/done/tag/:name' => "todos#done_tag", :as => :done_tag diff --git a/lib/login_system.rb b/lib/login_system.rb index ce2e2614..85d1d3e0 100644 --- a/lib/login_system.rb +++ b/lib/login_system.rb @@ -222,6 +222,7 @@ private def redirect_to_login respond_to do |format| format.html { redirect_to login_path } + format.js { render js: "redirect_to('" + login_path + "')" } format.m { redirect_to login_path(:format => 'm') } end end From 2f5e5a5ae3fd8bd7466be8ed9163078fc92ba467 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Aug 2020 05:56:58 +0000 Subject: [PATCH 39/46] Bump rubocop from 0.89.0 to 0.89.1 Bumps [rubocop](https://github.com/rubocop-hq/rubocop) from 0.89.0 to 0.89.1. - [Release notes](https://github.com/rubocop-hq/rubocop/releases) - [Changelog](https://github.com/rubocop-hq/rubocop/blob/master/CHANGELOG.md) - [Commits](https://github.com/rubocop-hq/rubocop/compare/v0.89.0...v0.89.1) Signed-off-by: dependabot[bot] --- Gemfile.lock | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Gemfile.lock b/Gemfile.lock index 93fc2af7..9f65353c 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -203,13 +203,13 @@ GEM diff-lcs (>= 1.2.0, < 2.0) rspec-support (~> 3.9.0) rspec-support (3.9.3) - rubocop (0.89.0) + rubocop (0.89.1) parallel (~> 1.10) parser (>= 2.7.1.1) rainbow (>= 2.2.2, < 4.0) regexp_parser (>= 1.7) rexml - rubocop-ast (>= 0.1.0, < 1.0) + rubocop-ast (>= 0.3.0, < 1.0) ruby-progressbar (~> 1.7) unicode-display_width (>= 1.4.0, < 2.0) rubocop-ast (0.3.0) From 95cb7ec79971fecb09942b4667e573a3fdef2c68 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 11 Aug 2020 11:50:35 +0300 Subject: [PATCH 40/46] Fix tests and add more comments --- app/controllers/users_controller.rb | 12 +++++++++--- test/test_helper.rb | 2 +- 2 files changed, 10 insertions(+), 4 deletions(-) diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index a58d5a63..f4c6da9f 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -131,16 +131,20 @@ class UsersController < ApplicationController # DELETE /users/id DELETE /users/id.xml def destroy @deleted_user = User.find(params[:id]) + + # Check that the user has access (logged in as admin or the target user.) unless current_user && (current_user.is_admin || current_user == @deleted_user) render :body => t('errors.user_unauthorized'), :status => 401 return end + # Remove the user @saved = @deleted_user.destroy - if current_user == @deleted_user + + # Log out the user if they've deleted their own user and it succeeded. + if @saved && current_user == @deleted_user logout_user end - @total_users = User.count respond_to do |format| format.html do @@ -155,7 +159,9 @@ class UsersController < ApplicationController redirect_to users_url end end - format.js + format.js do + @total_users = User.count + end format.xml do head :ok end diff --git a/test/test_helper.rb b/test/test_helper.rb index 94bdf410..70c26275 100644 --- a/test/test_helper.rb +++ b/test/test_helper.rb @@ -140,7 +140,7 @@ class ActionDispatch::IntegrationTest end def assert_401_unauthorized_admin - assert_response_and_body 401, "401 Unauthorized: Only admin users are allowed access to this function." + assert_response_and_body 401, "401 Unauthorized: Only administrative users are allowed access to this function." end def assert_responses_with_error(error_msg) From b4f8b65f49ac38520675ed27b8f382fc366104ba Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 14 Aug 2020 05:49:16 +0000 Subject: [PATCH 41/46] Bump solargraph from 0.39.13 to 0.39.14 Bumps [solargraph](https://github.com/castwide/solargraph) from 0.39.13 to 0.39.14. - [Release notes](https://github.com/castwide/solargraph/releases) - [Commits](https://github.com/castwide/solargraph/compare/v0.39.13...v0.39.14) Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 9f65353c..439d7ecf 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -242,7 +242,7 @@ GEM docile (~> 1.1) simplecov-html (~> 0.11) simplecov-html (0.12.2) - solargraph (0.39.13) + solargraph (0.39.14) backport (~> 1.1) benchmark bundler (>= 1.17.2) From 4bfffc6476db1fc6a3d37a7af997004cb99550da Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 17 Aug 2020 05:49:51 +0000 Subject: [PATCH 42/46] Bump simplecov from 0.18.5 to 0.19.0 Bumps [simplecov](https://github.com/simplecov-ruby/simplecov) from 0.18.5 to 0.19.0. - [Release notes](https://github.com/simplecov-ruby/simplecov/releases) - [Changelog](https://github.com/simplecov-ruby/simplecov/blob/main/CHANGELOG.md) - [Commits](https://github.com/simplecov-ruby/simplecov/compare/v0.18.5...v0.19.0) Signed-off-by: dependabot[bot] --- Gemfile.lock | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Gemfile.lock b/Gemfile.lock index 439d7ecf..1f36a807 100644 --- a/Gemfile.lock +++ b/Gemfile.lock @@ -238,7 +238,7 @@ GEM selenium-webdriver (3.142.7) childprocess (>= 0.5, < 4.0) rubyzip (>= 1.2.2) - simplecov (0.18.5) + simplecov (0.19.0) docile (~> 1.1) simplecov-html (~> 0.11) simplecov-html (0.12.2) From d03edb72694c7778facdb7b2180d46d8e772c768 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Mon, 17 Aug 2020 12:23:11 +0300 Subject: [PATCH 43/46] Dropping Ruby 2.4 because dependencies dropped it. --- doc/installation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/doc/installation.md b/doc/installation.md index f47db6a7..d138c70b 100644 --- a/doc/installation.md +++ b/doc/installation.md @@ -98,7 +98,7 @@ This description is intended for people installing Tracks from scratch. If you w Tracks has a few software requirements that must be satisfied before installation: -1. **Ruby**. Tracks requires Ruby 2.4 or greater, but is not tested with 2.7. +1. **Ruby**. Tracks requires Ruby 2.5 or greater. Most of the testing is done with 2.6. 2. **Bundler**. Tracks requires a recent version of [Bundler](http://bundler.io) to handle the installation of dependencies. Bundler is typically installed by running `gem install bundler`. 3. **Database**. Tracks is tested on [MySQL](http://www.mysql.com/) and [SQLite](http://www.sqlite.org/), but [PostgreSQL](http://www.postgresql.org/) can also be used. Of the three, SQLite requires the least configuration but is also the least performant and may make it difficult to operate in the future. We recommend either MySQL or PostgreSQL. Whatever your choice, the appropriate database software must be installed. From 2d4ba48ad4edf34d2d9c85699757f14ddf1aee7d Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 18 Aug 2020 11:51:16 +0300 Subject: [PATCH 44/46] Move the access control to a dedicated helper --- app/controllers/application_controller.rb | 7 +++++++ app/controllers/users_controller.rb | 7 +------ 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index bbe55e3a..f589762a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -154,6 +154,13 @@ class ApplicationController < ActionController::Base end end + def admin_or_self_login_required + unless User.find(session['user_id']).is_admin || session['user_id'] == params[:id] + render :body => t('errors.user_unauthorized'), :status => 401 + return false + end + end + def redirect_back_or_home respond_to do |format| format.html { redirect_back_or_default root_url } diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb index f4c6da9f..01d13fc1 100644 --- a/app/controllers/users_controller.rb +++ b/app/controllers/users_controller.rb @@ -1,6 +1,7 @@ class UsersController < ApplicationController before_action :admin_login_required, :only => [ :index, :show ] + before_action :admin_or_self_login_required, :only => [ :destroy ] skip_before_action :login_required, :only => [ :new, :create ] prepend_before_action :login_optional, :only => [ :new, :create ] @@ -132,12 +133,6 @@ class UsersController < ApplicationController def destroy @deleted_user = User.find(params[:id]) - # Check that the user has access (logged in as admin or the target user.) - unless current_user && (current_user.is_admin || current_user == @deleted_user) - render :body => t('errors.user_unauthorized'), :status => 401 - return - end - # Remove the user @saved = @deleted_user.destroy From 6c8e0ce176c03c70a53e7bea1f115d728dc37850 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 18 Aug 2020 14:49:37 +0300 Subject: [PATCH 45/46] Add tests --- test/controllers/users_controller_test.rb | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/test/controllers/users_controller_test.rb b/test/controllers/users_controller_test.rb index c3dde992..13ee8db6 100644 --- a/test/controllers/users_controller_test.rb +++ b/test/controllers/users_controller_test.rb @@ -36,7 +36,7 @@ class UsersControllerTest < ActionController::TestCase assert_equal assigns['users'],[User.where(:login => 'jane').first] end - def test_destroy_user + def test_destroy_user_as_admin login_as :admin_user @no_users_before = User.count user_id = users(:ldap_user).id @@ -44,8 +44,16 @@ class UsersControllerTest < ActionController::TestCase assert_equal @no_users_before-1, User.count end + def test_destroy_user_as_user + login_as :other_user + @no_users_before = User.count + user_id = users(:other_user).id + post :destroy, xhr: true, params: { :id => user_id.to_param } + assert_equal @no_users_before-1, User.count + end + def test_update_password_successful - get :change_password, params: { :id => users(:admin_user).id } + get :change_password, params: { :id => users(:admin_user).id } # should fail because no login assert_redirected_to login_path login_as :admin_user From 320da8b72a818dde02db63121625d3107c49cb04 Mon Sep 17 00:00:00 2001 From: Jyri-Petteri Paloposki Date: Tue, 18 Aug 2020 15:27:43 +0300 Subject: [PATCH 46/46] Compare int to int --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index f589762a..184b7fb5 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -155,7 +155,7 @@ class ApplicationController < ActionController::Base end def admin_or_self_login_required - unless User.find(session['user_id']).is_admin || session['user_id'] == params[:id] + unless User.find(session['user_id']).is_admin || session['user_id'] == params[:id].to_i render :body => t('errors.user_unauthorized'), :status => 401 return false end