Revert "update rails dependencies"

Original commit broke the build, since some dependencies have breaking
changes.

This reverts commit f753392d49.

Gemfile

@@ -38,7 +38,7 @@ gem 'uglifier'
 
 group :test do
   gem 'brakeman', require: false
-  gem 'factory_girl_rails'
+  gem 'factory_bot_rails'
   gem 'json-schema'
   gem 'rspec-rails'
   gem 'shoulda-matchers'

Gemfile.lock

@@ -105,10 +105,10 @@ GEM
       actionmailer (>= 4.0, < 6)
       activesupport (>= 4.0, < 6)
     execjs (2.7.0)
-    factory_girl (4.8.0)
+    factory_bot (4.8.2)
       activesupport (>= 3.0.0)
-    factory_girl_rails (4.8.0)
-      factory_girl (~> 4.8.0)
+    factory_bot_rails (4.8.2)
+      factory_bot (~> 4.8.2)
       railties (>= 3.0.0)
     faker (1.8.4)
       i18n (~> 0.5)
@@ -311,7 +311,7 @@ DEPENDENCIES
   doorkeeper
   dotenv-rails
   exception_notification
-  factory_girl_rails
+  factory_bot_rails
   faker
   httparty
   jquery-rails

app/controllers/access_controller.rb

@@ -62,6 +62,7 @@ class AccessController < ApplicationController
     request = AccessRequest.find(params[:request_id])
     request.approve
     respond_to do |format|
+      format.js
       format.json do
         head :ok
       end
@@ -73,6 +74,7 @@ class AccessController < ApplicationController
     request = AccessRequest.find(params[:request_id])
     request.deny
     respond_to do |format|
+      format.js
       format.json do
         head :ok
       end

app/controllers/application_controller.rb

@@ -5,6 +5,7 @@ class ApplicationController < ActionController::Base
   include Pundit
   include PunditExtra
   rescue_from Pundit::NotAuthorizedError, with: :handle_unauthorized
+  protect_from_forgery(with: :exception)
 
   before_action :invite_link
   before_action :prepare_exception_notifier
@@ -22,7 +23,14 @@ class ApplicationController < ActionController::Base
   helper_method :admin?
 
   def handle_unauthorized
-    head :forbidden
+    if authenticated? && (params[:controller] == 'maps') && (params[:action] == 'show')
+      redirect_to request_access_map_path(params[:id])
+    elsif authenticated?
+      redirect_to root_path, notice: "You don't have permission to see that page."
+    else
+      store_location_for(resource, request.fullpath)
+      redirect_to sign_in_path, notice: 'Try signing in to do that.'
+    end
   end
 
   private
@@ -33,19 +41,19 @@ class ApplicationController < ActionController::Base
 
   def require_no_user
     return true unless authenticated?
-    head :forbidden
+    redirect_to edit_user_path(user), notice: 'You must be logged out.'
     false
   end
 
   def require_user
     return true if authenticated?
-    head :forbidden
+    redirect_to sign_in_path, notice: 'You must be logged in.'
     false
   end
 
   def require_admin
     return true if authenticated? && admin?
-    head :forbidden
+    redirect_to root_url, notice: 'You need to be an admin for that.'
     false
   end
 

app/controllers/metacode_sets_controller.rb

@@ -1,35 +1,81 @@
 # frozen_string_literal: true
 
 class MetacodeSetsController < ApplicationController
-  include MetacodesHelper
-  before_action :require_admin, except: :index
+  before_action :require_admin
 
   # GET /metacode_sets
+  # GET /metacode_sets.json
   def index
     @metacode_sets = MetacodeSet.order('name').all
-    render json: metacode_sets_json
+
+    respond_to do |format|
+      format.html # index.html.erb
+      format.json { render json: @metacode_sets }
+    end
+  end
+
+  ### SHOW IS NOT CURRENTLY IN USE
+  # GET /metacode_sets/1
+  # GET /metacode_sets/1.json
+  #  def show
+  #    @metacode_set = MetacodeSet.find(params[:id])
+  #
+  #    respond_to do |format|
+  #      format.html # show.html.erb
+  #      format.json { render json: @metacode_set }
+  #    end
+  #  end
+
+  # GET /metacode_sets/new
+  # GET /metacode_sets/new.json
+  def new
+    @metacode_set = MetacodeSet.new
+
+    respond_to do |format|
+      format.html # new.html.erb
+      format.json { render json: @metacode_set }
+    end
+  end
+
+  # GET /metacode_sets/1/edit
+  def edit
+    @metacode_set = MetacodeSet.find(params[:id])
   end
 
   # POST /metacode_sets
+  # POST /metacode_sets.json
   def create
     @user = current_user
     @metacode_set = MetacodeSet.new(metacode_set_params)
     @metacode_set.user_id = @user.id
+
+    respond_to do |format|
       if @metacode_set.save
         # create the InMetacodeSet for all the metacodes that were selected for the set
         @metacodes = params[:metacodes][:value].split(',')
         @metacodes.each do |m|
           InMetacodeSet.create(metacode_id: m, metacode_set_id: @metacode_set.id)
         end
-      render json: @metacode_set, status: :created
+        format.html do
+          redirect_to metacode_sets_url,
+                      notice: 'Metacode set was successfully created.'
+        end
+        format.json do
+          render json: @metacode_set, status: :created, location: metacode_sets_url
+        end
       else
-      render json: @metacode_set.errors, status: :unprocessable_entity
+        format.html { render action: 'new' }
+        format.json { render json: @metacode_set.errors, status: :unprocessable_entity }
+      end
     end
   end
 
   # PUT /metacode_sets/1
+  # PUT /metacode_sets/1.json
   def update
     @metacode_set = MetacodeSet.find(params[:id])
+
+    respond_to do |format|
       if @metacode_set.update_attributes(metacode_set_params)
 
         # build an array of the IDs of the metacodes currently in the set
@@ -50,19 +96,29 @@ class MetacodeSetsController < ApplicationController
           InMetacodeSet.create(metacode_id: m, metacode_set_id: @metacode_set.id)
         end
 
-      head :no_content
+        format.html { redirect_to metacode_sets_url, notice: 'Metacode set was successfully updated.' }
+        format.json { head :no_content }
       else
-      render json: @metacode_set.errors, status: :unprocessable_entity
+        format.html { render action: 'edit' }
+        format.json { render json: @metacode_set.errors, status: :unprocessable_entity }
+      end
     end
   end
 
   # DELETE /metacode_sets/1
+  # DELETE /metacode_sets/1.json
   def destroy
     @metacode_set = MetacodeSet.find(params[:id])
+
     # delete everything that tracks what's in the set
     @metacode_set.in_metacode_sets.each(&:destroy)
+
     @metacode_set.destroy
-    head :no_content
+
+    respond_to do |format|
+      format.html { redirect_to metacode_sets_url }
+      format.json { head :no_content }
+    end
   end
 
   private

app/controllers/metacodes_controller.rb

@@ -2,39 +2,76 @@
 
 class MetacodesController < ApplicationController
   before_action :require_admin, except: %i[index show]
-  before_action :set_metacode, only: %i[update]
+  before_action :set_metacode, only: %i[edit update]
 
   # GET /metacodes
+  # GET /metacodes.json
   def index
     @metacodes = Metacode.order('name').all
-    render json: @metacodes
+
+    respond_to do |format|
+      format.html do
+        return unless require_admin
+        render :index
+      end
+      format.json { render json: @metacodes }
+    end
   end
 
-  # GET /metacodes/1
-  # GET /metacodes/Action
-  # GET /metacodes/action
+  # GET /metacodes/1.json
+  # GET /metacodes/Action.json
+  # GET /metacodes/action.json
   def show
     @metacode = Metacode.where('DOWNCASE(name) = ?', downcase(params[:name])).first if params[:name]
     set_metacode unless @metacode
-    render json: @metacode
+
+    respond_to do |format|
+      format.json { render json: @metacode }
+    end
+  end
+
+  # GET /metacodes/new
+  # GET /metacodes/new.json
+  def new
+    @metacode = Metacode.new
+
+    respond_to do |format|
+      format.html
+      format.json { render json: @metacode }
+    end
+  end
+
+  # GET /metacodes/1/edit
+  def edit
   end
 
   # POST /metacodes
+  # POST /metacodes.json
   def create
     @metacode = Metacode.new(metacode_params)
+
+    respond_to do |format|
       if @metacode.save
-      render json: @metacode, status: :created
+        format.html { redirect_to metacodes_url, notice: 'Metacode was successfully created.' }
+        format.json { render json: @metacode, status: :created, location: metacodes_url }
       else
-      render json: @metacode.errors, status: :unprocessable_entity
+        format.html { render :new }
+        format.json { render json: @metacode.errors, status: :unprocessable_entity }
+      end
     end
   end
 
   # PUT /metacodes/1
+  # PUT /metacodes/1.json
   def update
+    respond_to do |format|
       if @metacode.update(metacode_params)
-      head :no_content
+        format.html { redirect_to metacodes_url, notice: 'Metacode was successfully updated.' }
+        format.json { head :no_content }
       else
-      render json: @metacode.errors, status: :unprocessable_entity
+        format.html { render :edit }
+        format.json { render json: @metacode.errors, status: :unprocessable_entity }
+      end
     end
   end
 

app/controllers/users_controller.rb

@@ -5,23 +5,6 @@ class UsersController < ApplicationController
 
   respond_to :html, :json
 
-  # GET /users/current
-  def current
-    if current_user
-      # these are just options, saying include these values, they aren't the values themselves
-      render json: current_user.to_json({
-        follows: true,
-        email: true,
-        follow_settings: true,
-        emails_allowed: true,
-        inviteCode: true,
-        unread_notifications_count: user_unread_notifications_count
-      })
-    else
-      render json: nil
-    end
-  end
-
   # GET /users/1.json
   def show
     @user = User.find(params[:id])
@@ -59,7 +42,7 @@ class UsersController < ApplicationController
       correct_pass = @user.valid_password?(params[:current_password])
 
       if correct_pass && @user.update_attributes(user_params)
-        update_follow_settings(@user, params[:settings]) if is_tester(@user)
+        update_follow_settings(@user, params[:settings])
         @user.image = nil if params[:remove_image] == '1'
         @user.save
         sign_in(@user, bypass: true)

app/helpers/application_helper.rb

@@ -5,7 +5,7 @@ module ApplicationHelper
     "#{request.base_url}/join" + (current_user ? "?code=#{current_user.code}" : '')
   end
 
-  def user_unread_notifications_count
+  def user_unread_notification_count
     return 0 if current_user.nil?
     @uunc ||= current_user.mailboxer_notification_receipts.reduce(0) do |total, receipt|
       receipt.is_read ? total : total + 1

app/helpers/metacodes_helper.rb

@@ -52,30 +52,27 @@ module MetacodesHelper
 
   def metacode_sets_json
     metacode_sets = []
-    if current_user
     metacode_sets << {
       name: 'Recently Used',
-        description: 'Your recently used metacodes',
-        metacodes: user_recent_metacodes.map { |m| m.id }
+      metacodes: user_recent_metacodes
+                     .map { |m| { id: m.id, icon_path: asset_path(m.icon), name: m.name } }
     }
     metacode_sets << {
       name: 'Most Used',
-        description: 'Your most used metacodes',
-        metacodes: user_most_used_metacodes.map { |m| m.id }
+      metacodes: user_most_used_metacodes
+                     .map { |m| { id: m.id, icon_path: asset_path(m.icon), name: m.name } }
     }
-    end
     metacode_sets += MetacodeSet.order('name').all.map do |set|
       {
-        id: set.id,
         name: set.name,
-        desc: set.desc,
-        metacodes: set.metacodes.order('name').map { |m| m.id }
+        metacodes: set.metacodes.order('name')
+                      .map { |m| { id: m.id, icon_path: asset_path(m.icon), name: m.name } }
       }
     end
     metacode_sets << {
       name: 'All',
-      desc: 'A list of all the metacodes',
-      metacodes: Metacode.order('name').all.map { |m| m.id }
+      metacodes: Metacode.order('name').all
+                         .map { |m| { id: m.id, icon_path: asset_path(m.icon), name: m.name } }
     }
     metacode_sets.to_json
   end

app/models/user.rb

@@ -70,8 +70,6 @@ class User < ApplicationRecord
       json['follow_map_on_contributed'] = settings.follow_map_on_contributed == '1'
     end
     json['email'] = email if options[:email]
-    json['invite_code'] = code if options[:inviteCode]
-    json['unread_notifications_count'] = options[:unread_notifications_count] if not options[:unread_notifications_count].nil?
     json
   end
 

app/views/access/approve_access_post.js.erb

@@ -0,0 +1 @@
+$('.main-text').text($('.requesterName').text() + ' has been shared on the map and notified.')

app/views/access/deny_access_post.js.erb

@@ -0,0 +1 @@
+$('.main-text').text('Fair enough.')

app/views/layouts/_foot.html.erb

@@ -1,6 +1,6 @@
 <div id="loading"></div>
 <script type="text/javascript">
-  Metamaps.ServerData.unreadNotificationsCount = <%= current_user ? user_unread_notifications_count : 0 %>
+  Metamaps.ServerData.unreadNotificationsCount = <%= current_user ? user_unread_notification_count : 0 %>
   Metamaps.ServerData.mapIsStarred = <%= current_user && @map && current_user.starred_map?(@map) ? true : false %>
   Metamaps.ServerData.mobileTitle = "<%= yield(:mobile_title) %>"
   Metamaps.ServerData.ActiveMapper = <%= current_user ? current_user.to_json({follows: true, email: true, follow_settings: true}).html_safe : nil %>

config/environments/development.rb

@@ -6,10 +6,6 @@ Rails.application.configure do
   config.log_level = :info
   config.eager_load = false
 
-  config.action_cable.allowed_request_origins = [
-    'http://localhost:3000'
-  ]
-
   # In the development environment your application's code is reloaded on
   # every request. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.

config/environments/production.rb

@@ -5,7 +5,7 @@ Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
   config.action_cable.allowed_request_origins = [
-    'https://metamaps.herokuapp.com', 'https://metamaps.cc'
+    'https://metamaps.herokuapp.com', 'http://metamaps.herokuapp.com', 'https://metamaps.cc'
   ]
 
   # log to stdout

config/routes.rb

@@ -15,6 +15,7 @@ Metamaps::Application.routes.draw do
     get 'starred'
     get 'mapper/:id', action: 'mapper'
   end
+  get :explore, to: redirect('/')
 
   resources :maps, except: %i[index edit] do
     member do
@@ -69,7 +70,7 @@ Metamaps::Application.routes.draw do
 
   resources :metacode_sets, except: [:show]
 
-  resources :metacodes, except: [:new, :edit, :destroy]
+  resources :metacodes, except: [:destroy]
   get 'metacodes/:name', to: 'metacodes#show'
 
   namespace :search do
@@ -111,9 +112,6 @@ Metamaps::Application.routes.draw do
   end
 
   resources :users, except: %i[index destroy] do
-    collection do
-      get :current
-    end
     member do
       get :details
     end

doc/RspecTesting.md

@@ -26,13 +26,13 @@ At the time of writing, there are four directories in the spec folder. One,
 `support`, is for helper functions. `rails_helper.rb` and `spec_helper.rb` are
 also for helper functions.
 
-`factories` is for a gem called [factory-girl][factory-girl]. This gem lets you
+`factories` is for a gem called [factory-bot][factory_bot]. This gem lets you
 use the `create` and `build` functions to quickly create the simplest possible
 valid version of a given model. For instance:
 
     let(:map1) { create :map }
-    let(:ronald) { create :user, name: "Ronald" }
-    let(:map2) { create :map, user: ronald }
+    let(:alex) { create :user, name: "Alex" }
+    let(:map2) { create :map, user: alex }
 
 As you can see, you can also customize the factories. You can read the full
 documentation at the link above or check the existing specs to see how it works.
@@ -53,5 +53,5 @@ the added code works. This will help in a few ways:
 
 Happy testing!
 
-[factory-girl]: https://github.com/thoughtbot/factory_girl
+[factory-bot]: https://github.com/thoughtbot/factory_bot
 [rspec-docs]: http://rspec.info

spec/factories/access_requests.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :access_request do
     map
     user

spec/factories/mappings.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :mapping do
     xloc 0
     yloc 0

spec/factories/maps.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :map do
     sequence(:name) { |n| "Cool Map ##{n}" }
     permission :commons

spec/factories/message.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :message do
     association :resource, factory: :map
     user

spec/factories/metacodes.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :metacode do
     sequence(:name) { |n| "Cool Metacode ##{n}" }
     manual_icon 'https://images.com/image.png'

spec/factories/stars.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :star do
   end
 end

spec/factories/synapses.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :synapse do
     sequence(:desc) { |n| "Cool synapse ##{n}" }
     category :'from-to'

spec/factories/tokens.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :token do
     user
     description ''

spec/factories/topics.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :topic do
     user
     association :updated_by, factory: :user

spec/factories/user_maps.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :user_map do
     map
     user

spec/factories/users.rb

@@ -10,7 +10,7 @@
 # have actual codes, you'll need to specify one simple_user and then you
 # can specify other :code_user users based on the pre-existing user's code.
 
-FactoryGirl.define do
+FactoryBot.define do
   factory :code_user, class: User do
     sequence(:name) { |n| "Cool User ##{n}" }
     sequence(:email) { |n| "cooluser#{n}@cooldomain.com" }

spec/support/factory_girl.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-# lets you type create(:user) instead of FactoryGirl.create(:user)
+# lets you type create(:user) instead of FactoryBot.create(:user)
 RSpec.configure do |config|
-  config.include FactoryGirl::Syntax::Methods
+  config.include FactoryBot::Syntax::Methods
 end