merge develop

Gemfile

@@ -51,6 +51,3 @@ group :development, :test do
   gem 'quiet_assets'
   gem 'tunemygc'
 end
-
-# To use Jbuilder templates for JSON
-gem 'jbuilder'

app/assets/javascripts/src/Metamaps.js.erb

@@ -928,8 +928,11 @@ Metamaps.TopicCard = {
             setTimeout(function () {
                 var text = $(element).val();
                 if (event.type=="paste" || (event.type=="keyup" && event.which==13)){
-                    if (text.slice(0, 4) !== 'http') {
-                        text='http://'+text;
+                  // TODO evaluate converting this to '//' no matter what (infer protocol)
+                  if (text.slice(0, 7) !== 'http://' &&
+                      text.slice(0, 8) !== 'https://' &&
+                      text.slice(0, 2) !== '//') {
+                        text='//'+text;
                     }
                     topic.save({
                         link: text
@@ -1897,7 +1900,7 @@ Metamaps.Util = {
         return (url.match(/\.(jpeg|jpg|gif|png)$/) != null);
     },
     checkURLisYoutubeVideo: function (url) {
-        return (url.match(/^http:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null);
+        return (url.match(/^https?:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null);
     }
 }; // end Metamaps.Util
 
@@ -1907,8 +1910,8 @@ Metamaps.Util = {
  *
  */
 Metamaps.Realtime = {
-    stringForLocalhost: 'http://' + location.host.split(':')[0] + ':5001',
-    stringForMetamaps: 'http://metamaps.cc:5001',
+    stringForLocalhost: '//' + location.host.split(':')[0] + ':5001',
+    stringForMetamaps: 'https://realtime.metamaps.cc',
     stringForHeroku: 'https://gentle-savannah-1303.herokuapp.com',
     videoId: 'video-wrapper',
     socket: null,
@@ -3226,7 +3229,6 @@ Metamaps.Control = {
             if (edge.getData("synapses").length - 1 === 0) {
                 Metamaps.Control.hideEdge(edge);
             }
-
             var mappableid = synapse.id;
             synapse.destroy();
 

app/controllers/application_controller.rb

@@ -2,16 +2,22 @@ class ApplicationController < ActionController::Base
   protect_from_forgery
 
   before_filter :get_invite_link
-  
+
   # this is for global login
   include ContentHelper
-  
+
   helper_method :user
   helper_method :authenticated?
   helper_method :admin?
-  
+
   def after_sign_in_path_for(resource)
-    sign_in_url = url_for(:action => 'new', :controller => 'sessions', :only_path => false, :protocol => 'http')
+    unsafe_uri = request.env["REQUEST_URI"]
+    if unsafe_uri.starts_with?('http') && !unsafe_uri.starts_with?('https')
+      protocol = 'http'
+    else
+      protocol = 'https'
+    end
+    sign_in_url = url_for(:action => 'new', :controller => 'sessions', :only_path => false, :protocol => protocol)
 
     if request.referer == sign_in_url
       super
@@ -21,7 +27,7 @@ class ApplicationController < ActionController::Base
       stored_location_for(resource) || request.referer || root_path
     end
   end
-  
+
 private
 
   def require_no_user
@@ -30,29 +36,29 @@ private
       return false
     end
   end
-  
+
   def require_user
     unless authenticated?
       redirect_to new_user_session_path, notice: "You must be logged in."
       return false
     end
   end
-    
+
   def require_admin
     unless authenticated? && admin?
       redirect_to root_url, notice: "You need to be an admin for that."
       return false
     end
   end
-  
+
   def user
     current_user
   end
-  
+
   def authenticated?
     current_user
   end
-    
+
   def admin?
     current_user && current_user.admin
   end
@@ -60,7 +66,7 @@ private
   def get_invite_link
     unsafe_uri = request.env["REQUEST_URI"]
     valid_url = /^https?:\/\/([\w\.-]+)(:\d{1,5})?\/?$/
-    safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "http://metamaps.cc/"
+    safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "//metamaps.cc/"
     @invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "")
   end
 end

app/models/map.rb

@@ -14,11 +14,11 @@ class Map < ActiveRecord::Base
    #:full => ['940x630#', :png]
   },
   :default_url => 'https://s3.amazonaws.com/metamaps-assets/site/missing-map.png'
-    
+
   # Validate the attached image is image/jpg, image/png, etc
   validates_attachment_content_type :screenshot, :content_type => /\Aimage\/.*\Z/
 
-  def mappings 
+  def mappings
   	topicmappings + synapsemappings
   end
 
@@ -35,11 +35,11 @@ class Map < ActiveRecord::Base
   #return an array of the contributors to the map
   def contributors
     contributors = []
-    
+
     self.mappings.each do |m|
       contributors.push(m.user) if !contributors.include?(m.user)
     end
-    
+
     return contributors
   end
 
@@ -59,7 +59,7 @@ class Map < ActiveRecord::Base
     self.user.image.url
   end
 
-  def contributor_count 
+  def contributor_count
     self.contributors.length
   end
 
@@ -83,7 +83,7 @@ class Map < ActiveRecord::Base
   end
 
   ##### PERMISSIONS ######
-  
+
   def authorize_to_delete(user)
     if (self.user != user)
       return false
@@ -98,9 +98,9 @@ class Map < ActiveRecord::Base
   	end
   	return self
   end
-  
+
   # returns false if user not allowed to 'edit' Topic, Synapse, or Map
-  def authorize_to_edit(user)  
+  def authorize_to_edit(user)
   	if !user
       return false
     elsif (self.permission == "private" && self.user != user)
@@ -110,9 +110,9 @@ class Map < ActiveRecord::Base
   	end
   	return self
   end
-  
+
   # returns Boolean if user allowed to view Topic, Synapse, or Map
-  def authorize_to_view(user)  
+  def authorize_to_view(user)
   	if (self.permission == "private" && self.user != user)
   		return false
   	end
@@ -121,7 +121,7 @@ class Map < ActiveRecord::Base
 
   def decode_base64(imgBase64)
     decoded_data = Base64.decode64(imgBase64)
- 
+
     data = StringIO.new(decoded_data)
     data.class_eval do
       attr_accessor :content_type, :original_filename

app/models/metacode.rb

@@ -1,31 +1,16 @@
 class Metacode < ActiveRecord::Base
 
   has_many :in_metacode_sets
-  has_many :metacode_sets, :through => :in_metacode_sets 
+  has_many :metacode_sets, :through => :in_metacode_sets
   has_many :topics
 
   def hasSelected(user)
     return true if user.settings.metacodes.include? self.id.to_s
     return false
   end
-    
+
   def inMetacodeSet(metacode_set)
     return true if self.metacode_sets.include? metacode_set
     return false
   end
-
-  def asset_path_icon
-    if icon.start_with?('http')
-      icon
-    else
-      ActionController::Base.helpers.asset_path icon
-    end
-  end
-
-  #output json with asset_paths merged in
-  def as_json(options)
-    json = super(options.merge!(methods: :asset_path_icon))
-    json["icon"] = json["asset_path_icon"]
-    json.except("asset_path_icon")
-  end
 end

app/models/user.rb

@@ -66,15 +66,10 @@ class User < ActiveRecord::Base
   def generate_code
 	  self.code = rand(36**8).to_s(36)
     $codes.push(self.code)
-    self.generation = self.get_generation
+    self.generation = get_generation!
   end
 
-  def get_generation
-    calculate_generation() if generation.nil?
-    generation
-  end
-
-  def calculate_generation
+  def get_generation!
     if code == joinedwithcode
       update(generation: 0)
     else

app/views/layouts/_lightboxes.html.erb

@@ -46,6 +46,7 @@
             </a>
           </li>
           <li>
+            <% # TODO enable ssl on blog.metamaps.cc %>
             <a id="lightbox_blog" href="http://blog.metamaps.cc" target="_blank">
               <div class="lightboxAboutIcon"></div>
               blog
@@ -58,7 +59,8 @@
             </a>
           </li>
           <li>
-            <a id="lightbox_term" data-bypass="true" href="http://metamaps.cc/maps/331" target="_blank">
+            <% # TODO switch to https:// once we're confident %>
+            <a id="lightbox_term" data-bypass="true" href="//metamaps.cc/maps/331" target="_blank">
               <div class="lightboxAboutIcon"></div>
               terms
             </a>
@@ -115,7 +117,7 @@
             <li>Google Plus <a href="https://plus.google.com/communities/115060009262157699234" target="_blank">*</a></li>
             <li>Hackpad <a href="http://metamaps.hackpad.com/" target="_blank">*</a></li>
             <li>Loomio <a href="https://www.loomio.org/g/bu3L1tIW/topos-ffo" target="_blank">*</a></li>
-            <li>Twitter <a href="http://twitter.com/metamapps" target="_blank">*</a></li>
+            <li>Twitter <a href="https://twitter.com/metamapps" target="_blank">*</a></li>
             <li>Hipchat</li>
             <li>Google Hangouts</li>
             <li>Vimeo </li>
@@ -152,6 +154,7 @@
         <a id="chromeIcon" href="https://www.google.com/chrome/browser/" target="_blank">Chrome</a>
         <a id="fireFoxIcon" href="https://www.mozilla.org/en-US/firefox/new/" target="_blank">Firefox</a>
         <a id="safariIcon" href="http://support.apple.com/downloads/#safari" target="_blank">Safari</a>
+        <% # TODO https for blog.metamaps.cc %>
         <p id="noIEbody">While it's downloading, explore our <a href="http://blog.metamaps.cc/">blog</a>,<br> watch the <a href="http://vimeo.com/88334167">tutorials</a>, or visit our <a href="http://support.metamaps.cc/">knowledge base</a>!
 
       </div>
@@ -200,13 +203,14 @@
         
         <p>Want to help with design, code, community building, or communications for Metamaps? We're an open value network, which for us means we want to invite and empower peers to participate in creating value together.
 
+        <% # TODO change this link to https once it works %>
         <p>To be a <b>USER</b>, request an invite! We'll expect you to abide by our <a href="http://metamaps.cc/maps/331" target="_blank">terms of service</a>.</p>
         
         <p>To be a <b>CONTRIBUTOR</b>, simply <a href="https://docs.google.com/document/d/1z8FsSmYkHbLRLOsXc8i8M5ubKky8_WB2E9bLBoXJapU" target="_blank">enter our spaces</a> and join the conversation! We'll expect you to follow some guidelines.</p>
         
         <p><b>MEMBERS</b> are contributors who act as stewards and guardians of the collective and are responsible for maintaining our culture and purpose. We're working on a set of agreements to formalize what it means to be a member.</p>
 
-        <p>We welcome people of all skillsets to create value within our network. There's open possibilities for designers, researchers, academics, strategists, and facilitators to contribute. If you're a developer, help us advance the code and take a look around our <a href="http://github.com/metamaps/metamaps_gen002" target="_blank">Github</a>.</p>
+        <p>We welcome people of all skillsets to create value within our network. There's open possibilities for designers, researchers, academics, strategists, and facilitators to contribute. If you're a developer, help us advance the code and take a look around our <a href="https://github.com/metamaps/metamaps_gen002" target="_blank">Github</a>.</p>
 
         <p>Thanks for your interest in helping out with Metamaps! Hopefully this gets you pointed in the right direction to get involved. The next step is to read the links on this page and then contribute! </p>
 

app/views/layouts/application.html.erb

@@ -16,7 +16,7 @@
   <%= javascript_include_tag "application" %>
 
   <!-- typekit for vinyl font -->
-  <script type="text/javascript" src="//use.typekit.net/tki2nyo.js"></script>
+  <script type="text/javascript" src="https://use.typekit.net/tki2nyo.js"></script>
   <script type="text/javascript">try{Typekit.load();}catch(e){}</script>
 
         <!-- app code -->
@@ -141,16 +141,12 @@
 
     // set up uservoice with signed in user
     <% if authenticated? && ENV['SSO_KEY'] %>
-        USERVOICE.load(Metamaps.Active.Mapper.name, Metamaps.Active.Mapper.id, "<%= user.email %>", "<%= current_sso_token %>");
+      USERVOICE.load(Metamaps.Active.Mapper.name, Metamaps.Active.Mapper.id, "<%= user.email %>", "<%= current_sso_token %>");
     <% else %>
-        USERVOICE.load();
+      USERVOICE.load();
     <% end %>
 </script>
 
-<% if !authenticated? %>
-  <iframe width="1" height="1" src="http://support.metamaps.cc/logout.json"; style="visibility:hidden;"></iframe>
-<% end %>
-
 <%= render :partial => 'layouts/googleanalytics' if Rails.env.production? %>
 </body>
 </html>

config/environments/development.rb

@@ -15,12 +15,13 @@ Metamaps::Application.configure do
   
   # S3 file storage
   config.paperclip_defaults = {
-    :storage => :s3,
-    :s3_credentials => {
-      :bucket => ENV['S3_BUCKET_NAME'],
-      :access_key_id => ENV['AWS_ACCESS_KEY_ID'],
-      :secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
-    }
+    storage: :s3,
+    s3_credentials: {
+      bucket: ENV['S3_BUCKET_NAME'],
+      access_key_id: ENV['AWS_ACCESS_KEY_ID'],
+      secret_access_key: ENV['AWS_SECRET_ACCESS_KEY']
+    },
+    s3_protocol: 'https'
   }
     
   config.action_mailer.delivery_method = :smtp

config/environments/production.rb

@@ -24,11 +24,12 @@ Metamaps::Application.configure do
   # S3 file storage
   config.paperclip_defaults = {
     :storage => :s3,
-    :s3_credentials => {
-      :bucket => ENV['S3_BUCKET_NAME'],
-      :access_key_id => ENV['AWS_ACCESS_KEY_ID'],
-      :secret_access_key => ENV['AWS_SECRET_ACCESS_KEY']
-    }
+    s3_credentials: {
+      bucket: ENV['S3_BUCKET_NAME'],
+      access_key_id: ENV['AWS_ACCESS_KEY_ID'],
+      secret_access_key: ENV['AWS_SECRET_ACCESS_KEY']
+    },
+    s3_protocol: 'https'
   }
   
   config.action_mailer.delivery_method = :smtp

db/migrate/20151028061513_metacode_asset_path_update.rb

@@ -0,0 +1,9 @@
+class MetacodeAssetPathUpdate < ActiveRecord::Migration
+  def change
+    Metacode.all.each do |metacode|
+      if metacode.icon.start_with?("/assets/icons/")
+        metacode.update(icon: metacode.icon.gsub(/^\/assets\/icons/, "https://s3.amazonaws.com/metamaps-assets/metacodes"))
+      end
+    end
+  end
+end

doc/WindowsInstallation.md

@@ -1,17 +1,16 @@
-Before you begin, you'll need to install a number of software packages:
+Before you begin, you'll need to install stuff:
 
-Ruby:           http://rubyinstaller.org/downloads
-Git:            http://git-scm.com/download/win
-PostgreSQL 9.2: http://www.enterprisedb.com/products-services-training/pgdownload
-nodejs:         http://nodejs.org/download
+Ruby, Git, and Rails: http://railsinstaller.org/en
+PostgreSQL 9.2:       http://www.enterprisedb.com/products-services-training/pgdownload
+nodejs:               http://nodejs.org/download
 
-During the installation of the PostgreSQL database, you'll need to choose a database password. Anything is fine, just note what you choose somewhere.
+During the installation of the PostgreSQL database, you'll need to choose a database password. Anything is fine, just note down what you choose.
 
 Once you are ready, create a new folder to hold this and any other git repositories. As an example, let's pretend you've chose C:\git, and made that folder writable by your user account.
 
 Open a command prompt ("cmd.exe"), and navigate to the folder you chose. Then use the gem command (which is part of Ruby) to install Ruby on Rails.
 
-    cd \git
+    cd .\git
     gem install rails -v 4.2
 
 Now you are ready to clone the Metamaps git repository:
@@ -21,7 +20,7 @@ Now you are ready to clone the Metamaps git repository:
     bundle install
 
 The third `bundle install` command downloads and installs the rubygem dependencies of Metamaps.
-  
+
 At this point you should be in C:\git\metamaps_gen002, or whatever equivalent directory you've chosen. The next step is to set up your database configuration. From the metamaps_gen002 directory, run
 
     start config
@@ -35,14 +34,13 @@ This command will open a Windows Explorer window of the "config" directory of Me
 And you're set up! At this point, you should be able to run the server at any time with only one command; you don't need to repeat any of the previous steps again. The command to run the server is:
 
     rails s
-  
+
 Navigate your browser to localhost:3000 once you have the server running
 
 Sign in with the default account
 
-email: user@user.com
-
-password: toolsplusconsciousness
+    email:    user@user.com
+    password: toolsplusconsciousness
 
 OR create a new account at /join, and use access code 'qwertyui'