From e2bf1d5eb11d780db1f9bec6fbc6b614684510dd Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Sun, 20 Dec 2015 18:36:57 +0800 Subject: [PATCH 01/14] try to make metamaps more tls friendly --- app/assets/javascripts/src/Metamaps.js.erb | 15 +++++++++------ app/controllers/application_controller.rb | 10 ++++++++-- app/views/layouts/_lightboxes.html.erb | 10 +++++++--- 3 files changed, 24 insertions(+), 11 deletions(-) diff --git a/app/assets/javascripts/src/Metamaps.js.erb b/app/assets/javascripts/src/Metamaps.js.erb index 33cb15ef..bcc5dcf0 100644 --- a/app/assets/javascripts/src/Metamaps.js.erb +++ b/app/assets/javascripts/src/Metamaps.js.erb @@ -928,8 +928,11 @@ Metamaps.TopicCard = { setTimeout(function () { var text = $(element).val(); if (event.type=="paste" || (event.type=="keyup" && event.which==13)){ - if (text.slice(0, 4) !== 'http') { - text='http://'+text; + // TODO evaluate converting this to '//' no matter what (infer protocol) + if (text.slice(0, 7) !== 'http://' && + text.slice(0, 8) !== 'https://' && + text.slice(0, 2) !== '//') { + text='//'+text; } topic.save({ link: text @@ -1897,7 +1900,7 @@ Metamaps.Util = { return (url.match(/\.(jpeg|jpg|gif|png)$/) != null); }, checkURLisYoutubeVideo: function (url) { - return (url.match(/^http:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null); + return (url.match(/^https?:\/\/(?:www\.)?youtube.com\/watch\?(?=[^?]*v=\w+)(?:[^\s?]+)?$/) != null); } }; // end Metamaps.Util @@ -1907,9 +1910,9 @@ Metamaps.Util = { * */ Metamaps.Realtime = { - stringForLocalhost: 'http://localhost:5001', - stringForMetamaps: 'http://metamaps.cc:5001', - stringForHeroku: 'http://gentle-savannah-1303.herokuapp.com', + stringForLocalhost: '//localhost:5001', + stringForMetamaps: '//metamaps.cc:5001', + stringForHeroku: '//gentle-savannah-1303.herokuapp.com', socket: null, isOpen: false, changing: false, diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index 4278637f..de20193a 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -11,7 +11,13 @@ class ApplicationController < ActionController::Base helper_method :admin? def after_sign_in_path_for(resource) - sign_in_url = url_for(:action => 'new', :controller => 'sessions', :only_path => false, :protocol => 'http') + unsafe_uri = request.env["REQUEST_URI"] + if unsafe_uri.starts_with? 'http' && !unsafe_uri.starts_with? 'https' + protocol = 'http' + else + protocol = 'https' + end + sign_in_url = url_for(:action => 'new', :controller => 'sessions', :only_path => false, :protocol => protocol) if request.referer == sign_in_url super @@ -60,7 +66,7 @@ private def get_invite_link unsafe_uri = request.env["REQUEST_URI"] valid_url = /^https?:\/\/([\w\.-]+)(:\d{1,5})?\/?$/ - safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "http://metamaps.cc/" + safe_uri = (unsafe_uri.match(valid_url)) ? unsafe_uri : "//metamaps.cc/" @invite_link = "#{safe_uri}join" + (current_user ? "?code=#{current_user.code}" : "") end end diff --git a/app/views/layouts/_lightboxes.html.erb b/app/views/layouts/_lightboxes.html.erb index 46ab2edf..1ea13866 100644 --- a/app/views/layouts/_lightboxes.html.erb +++ b/app/views/layouts/_lightboxes.html.erb @@ -46,6 +46,7 @@
  • + <% # TODO enable ssl on blog.metamaps.cc %>
    blog @@ -58,7 +59,8 @@
  • - + <% # TODO switch to https:// once we're confident %> +
    terms     @@ -115,7 +117,7 @@
  • Google Plus *
  • Hackpad *
  • Loomio *
    • -
  • Twitter *
    • +
  • Twitter *
  • Hipchat
  • Google Hangouts
  • Vimeo
    • @@ -152,6 +154,7 @@ Chrome Firefox Safari + <% # TODO https for blog.metamaps.cc %>

    While it's downloading, explore our blog,
    watch the tutorials, or visit our knowledge base! @@ -200,13 +203,14 @@

    Want to help with design, code, community building, or communications for Metamaps? We're an open value network, which for us means we want to invite and empower peers to participate in creating value together. + <% # TODO change this link to https once it works %>

    To be a USER, request an invite! We'll expect you to abide by our terms of service.

    To be a CONTRIBUTOR, simply enter our spaces and join the conversation! We'll expect you to follow some guidelines.

    MEMBERS are contributors who act as stewards and guardians of the collective and are responsible for maintaining our culture and purpose. We're working on a set of agreements to formalize what it means to be a member.

    -

    We welcome people of all skillsets to create value within our network. There's open possibilities for designers, researchers, academics, strategists, and facilitators to contribute. If you're a developer, help us advance the code and take a look around our Github.

    +

    We welcome people of all skillsets to create value within our network. There's open possibilities for designers, researchers, academics, strategists, and facilitators to contribute. If you're a developer, help us advance the code and take a look around our Github.

    Thanks for your interest in helping out with Metamaps! Hopefully this gets you pointed in the right direction to get involved. The next step is to read the links on this page and then contribute!

    From f35d4d51a974933cb9123f8074ce8ca3f2b19e4b Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Sun, 20 Dec 2015 20:19:09 +0800 Subject: [PATCH 02/14] s3 over https by default --- config/environments/development.rb | 13 +++++++------ config/environments/production.rb | 11 ++++++----- 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/config/environments/development.rb b/config/environments/development.rb index cd440097..6aacdb20 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -15,12 +15,13 @@ Metamaps::Application.configure do # S3 file storage config.paperclip_defaults = { - :storage => :s3, - :s3_credentials => { - :bucket => ENV['S3_BUCKET_NAME'], - :access_key_id => ENV['AWS_ACCESS_KEY_ID'], - :secret_access_key => ENV['AWS_SECRET_ACCESS_KEY'] - } + storage: :s3, + :s3_credentials: { + bucket: ENV['S3_BUCKET_NAME'], + access_key_id: ENV['AWS_ACCESS_KEY_ID'], + secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'] + }, + s3_protocol: 'https' } config.action_mailer.delivery_method = :smtp diff --git a/config/environments/production.rb b/config/environments/production.rb index 192f631d..55220ee3 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -24,11 +24,12 @@ Metamaps::Application.configure do # S3 file storage config.paperclip_defaults = { :storage => :s3, - :s3_credentials => { - :bucket => ENV['S3_BUCKET_NAME'], - :access_key_id => ENV['AWS_ACCESS_KEY_ID'], - :secret_access_key => ENV['AWS_SECRET_ACCESS_KEY'] - } + s3_credentials: { + bucket: ENV['S3_BUCKET_NAME'], + access_key_id: ENV['AWS_ACCESS_KEY_ID'], + secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'] + }, + s3_protocol: 'https' } config.action_mailer.delivery_method = :smtp From d33f4bffb1d9e00f9ceae2658dfe09923d6c1921 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Sun, 20 Dec 2015 20:19:24 +0800 Subject: [PATCH 03/14] typekit https --- app/views/layouts/application.html.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 9911466a..5dfaaa6f 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -16,7 +16,7 @@ <%= javascript_include_tag "application" %> - + From 888edae6f6f2a03a24fea53b7a31561a16497810 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Sun, 20 Dec 2015 22:28:05 +0800 Subject: [PATCH 04/14] finish remove asset_path_icon whoops --- app/models/metacode.rb | 7 ------- 1 file changed, 7 deletions(-) diff --git a/app/models/metacode.rb b/app/models/metacode.rb index 51ac4fa5..03b0f0c0 100644 --- a/app/models/metacode.rb +++ b/app/models/metacode.rb @@ -13,11 +13,4 @@ class Metacode < ActiveRecord::Base return true if self.metacode_sets.include? metacode_set return false end - - #output json with asset_paths merged in - def as_json(options) - json = super(options.merge!(methods: :asset_path_icon)) - json["icon"] = json["asset_path_icon"] - json.except("asset_path_icon") - end end From 603b9dc52e8ee39c9815aefc142655245ca3d6a1 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Mon, 21 Dec 2015 10:16:51 +0800 Subject: [PATCH 05/14] remove uservoice code --- app/views/layouts/application.html.erb | 11 ----------- 1 file changed, 11 deletions(-) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index 5dfaaa6f..bf351870 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -138,19 +138,8 @@ Metamaps.Loading.loader.setDensity(41); // default is 40 Metamaps.Loading.loader.setRange(0.9); // default is 1.3 Metamaps.Loading.loader.show(); // Hidden by default - - // set up uservoice with signed in user - <% if authenticated? && ENV['SSO_KEY'] %> - USERVOICE.load(Metamaps.Active.Mapper.name, Metamaps.Active.Mapper.id, "<%= user.email %>", "<%= current_sso_token %>"); - <% else %> - USERVOICE.load(); - <% end %> -<% if !authenticated? %> - -<% end %> - <%= render :partial => 'layouts/googleanalytics' if Rails.env.production? %> From 914ff46bb9c37478939733f05dcfc010eb6b018b Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Mon, 21 Dec 2015 11:40:30 +0800 Subject: [PATCH 06/14] syntax error in development.rb --- config/environments/development.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/config/environments/development.rb b/config/environments/development.rb index 6aacdb20..593fbd3c 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -16,7 +16,7 @@ Metamaps::Application.configure do # S3 file storage config.paperclip_defaults = { storage: :s3, - :s3_credentials: { + s3_credentials: { bucket: ENV['S3_BUCKET_NAME'], access_key_id: ENV['AWS_ACCESS_KEY_ID'], secret_access_key: ENV['AWS_SECRET_ACCESS_KEY'] From 6e10b4c508304c682774c339307af8c19f4be3d5 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Mon, 21 Dec 2015 21:28:18 +0800 Subject: [PATCH 07/14] make use of realtime.metamaps.cc server --- app/assets/javascripts/src/Metamaps.js.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/assets/javascripts/src/Metamaps.js.erb b/app/assets/javascripts/src/Metamaps.js.erb index bcc5dcf0..8ae3c2cb 100644 --- a/app/assets/javascripts/src/Metamaps.js.erb +++ b/app/assets/javascripts/src/Metamaps.js.erb @@ -1911,7 +1911,7 @@ Metamaps.Util = { */ Metamaps.Realtime = { stringForLocalhost: '//localhost:5001', - stringForMetamaps: '//metamaps.cc:5001', + stringForMetamaps: 'https://realtime.metamaps.cc', stringForHeroku: '//gentle-savannah-1303.herokuapp.com', socket: null, isOpen: false, From d96e991de31475b2f804d4f10dbe63b9e9b87de3 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Mon, 21 Dec 2015 21:29:15 +0800 Subject: [PATCH 08/14] don't use // for heroku either --- app/assets/javascripts/src/Metamaps.js.erb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/assets/javascripts/src/Metamaps.js.erb b/app/assets/javascripts/src/Metamaps.js.erb index 8ae3c2cb..1e579b04 100644 --- a/app/assets/javascripts/src/Metamaps.js.erb +++ b/app/assets/javascripts/src/Metamaps.js.erb @@ -1912,7 +1912,7 @@ Metamaps.Util = { Metamaps.Realtime = { stringForLocalhost: '//localhost:5001', stringForMetamaps: 'https://realtime.metamaps.cc', - stringForHeroku: '//gentle-savannah-1303.herokuapp.com', + stringForHeroku: 'https://gentle-savannah-1303.herokuapp.com', socket: null, isOpen: false, changing: false, From c58b2c805e2b9271332d259ded4acc30e27f3877 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Mon, 21 Dec 2015 21:38:02 +0800 Subject: [PATCH 09/14] syntax error --- app/controllers/application_controller.rb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index de20193a..ea4597ab 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -12,7 +12,7 @@ class ApplicationController < ActionController::Base def after_sign_in_path_for(resource) unsafe_uri = request.env["REQUEST_URI"] - if unsafe_uri.starts_with? 'http' && !unsafe_uri.starts_with? 'https' + if unsafe_uri.starts_with?('http') && !unsafe_uri.starts_with?('https') protocol = 'http' else protocol = 'https' From 8394e0ce86391b0518401be403d10f2eeb60076a Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Tue, 22 Dec 2015 07:13:26 +0800 Subject: [PATCH 10/14] re-add regular uservoice code --- app/views/layouts/application.html.erb | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index bf351870..8057d576 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -138,6 +138,13 @@ Metamaps.Loading.loader.setDensity(41); // default is 40 Metamaps.Loading.loader.setRange(0.9); // default is 1.3 Metamaps.Loading.loader.show(); // Hidden by default + + // set up uservoice with signed in user + <% if authenticated? && ENV['SSO_KEY'] %> + USERVOICE.load(Metamaps.Active.Mapper.name, Metamaps.Active.Mapper.id, "<%= user.email %>", "<%= current_sso_token %>"); + <% else %> + USERVOICE.load(); + <% end %> <%= render :partial => 'layouts/googleanalytics' if Rails.env.production? %> From 6db91ea70356474eaebe168cea386a6e8a5eb3dd Mon Sep 17 00:00:00 2001 From: Connor Turland Date: Tue, 22 Dec 2015 22:28:03 -0500 Subject: [PATCH 11/14] broken funnnnnction --- app/assets/javascripts/src/Metamaps.js.erb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/assets/javascripts/src/Metamaps.js.erb b/app/assets/javascripts/src/Metamaps.js.erb index 1e579b04..069fdc21 100644 --- a/app/assets/javascripts/src/Metamaps.js.erb +++ b/app/assets/javascripts/src/Metamaps.js.erb @@ -2551,7 +2551,7 @@ Metamaps.Realtime = { Metamaps.Topic.renderTopic(mapping, topic, false, false); } else if (!cancel) { - setTimeout(test, 10); + setTimeout(waitThenRenderTopic, 10); } } @@ -2649,7 +2649,7 @@ Metamaps.Realtime = { Metamaps.Synapse.renderSynapse(mapping, synapse, node1, node2, false); } else if (!cancel) { - setTimeout(test, 10); + setTimeout(waitThenRenderSynapse, 10); } } From a45d0f77910b304ffb9396f3481b931a9ee92549 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Thu, 24 Dec 2015 15:19:03 +0800 Subject: [PATCH 12/14] fix search box on authenticated homepage --- app/assets/stylesheets/search.scss.erb | 6 ------ app/views/main/home.html.erb | 2 +- 2 files changed, 1 insertion(+), 7 deletions(-) diff --git a/app/assets/stylesheets/search.scss.erb b/app/assets/stylesheets/search.scss.erb index 607a561f..0f806f96 100644 --- a/app/assets/stylesheets/search.scss.erb +++ b/app/assets/stylesheets/search.scss.erb @@ -19,12 +19,6 @@ } } -.explorePage .sidebarSearchField, -.explorePage .sidebarSearch .tt-hint { - width: 380px; - padding: 5px 10px 5px 10px; -} - .sidebarSearchIcon { float: left; width: 72px; diff --git a/app/views/main/home.html.erb b/app/views/main/home.html.erb index b40fb2a4..3c1319e0 100644 --- a/app/views/main/home.html.erb +++ b/app/views/main/home.html.erb @@ -47,7 +47,7 @@ Metamaps.Maps.Active = <%= @maps.to_json.html_safe %>; Metamaps.currentSection = ""; Metamaps.currentPage = ""; - Metamaps.GlobalUI.Search.isOpen = true; + Metamaps.GlobalUI.Search.open(); Metamaps.GlobalUI.Search.lock(); <% end %> From 40561c629ac808f4c11a52f5ee9b5b77484b34fb Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Thu, 24 Dec 2015 15:42:51 +0800 Subject: [PATCH 13/14] fix handleResultClick on search box --- app/assets/javascripts/src/Metamaps.GlobalUI.js.erb | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/app/assets/javascripts/src/Metamaps.GlobalUI.js.erb b/app/assets/javascripts/src/Metamaps.GlobalUI.js.erb index 2e17ffae..fc2ba6fc 100644 --- a/app/assets/javascripts/src/Metamaps.GlobalUI.js.erb +++ b/app/assets/javascripts/src/Metamaps.GlobalUI.js.erb @@ -614,14 +614,14 @@ Metamaps.GlobalUI.Search = { self.hideLoader(); - if (datum.rtype != "noresult") { + if (["topic", "map", "mapper"].indexOf(datum.rtype) !== -1) { self.close(0, true); var win; - if (dataset == "topics") { + if (datum.rtype == "topic") { Metamaps.Router.topics(datum.id); - } else if (dataset == "maps") { + } else if (datum.rtype == "map") { Metamaps.Router.maps(datum.id); - } else if (dataset == "mappers") { + } else if (datum.rtype == "mapper") { Metamaps.Router.explore("mapper", datum.id); } } From 21aba2fe5e726b71c20981c38c261ff7163f8688 Mon Sep 17 00:00:00 2001 From: Devin Howard Date: Thu, 24 Dec 2015 16:36:58 +0800 Subject: [PATCH 14/14] more modular database.yml.default --- config/database.yml.default | 17 ++++++++++++++--- 1 file changed, 14 insertions(+), 3 deletions(-) diff --git a/config/database.yml.default b/config/database.yml.default index 06bfae01..f8121488 100644 --- a/config/database.yml.default +++ b/config/database.yml.default @@ -1,10 +1,21 @@ -development: +default: &default min_messages: WARNING adapter: postgresql host: 127.0.0.1 port: 5432 encoding: unicode - database: metamap002_development pool: 5 username: postgres - password: "3112" \ No newline at end of file + password: "3112" + +development: + <<: *default + database: metamap002_development + +test: + <<: *default + database: metamap002_test + +production: + <<: *default + database: metamap002_production