RubyGems - fat_free_crm - Versions diffs - 0.15.0.beta.2 → 0.15.0 - Mend

fat_free_crm 0.15.0.beta.2 → 0.15.0

Potentially problematic release.

This version of fat_free_crm might be problematic. Click here for more details.

Files changed (225) hide show

checksums.yaml +4 -4
data/.docker/nginx/sites-enabled/ffcrm.conf +8 -0
data/.gitignore +2 -0
data/.rubocop.yml +4 -1
data/.rubocop_todo.yml +190 -89
data/.travis.yml +10 -3
data/CHANGELOG.md +27 -0
data/{CONTRIBUTORS → CONTRIBUTORS.md} +2 -1
data/Dockerfile +15 -13
data/Gemfile +7 -4
data/Gemfile.lock +200 -167
data/README.md +4 -2
data/app/assets/javascripts/crm_sortable.js.coffee +5 -0
data/app/assets/javascripts/timeago.js.coffee +5 -0
data/app/assets/stylesheets/about.css.scss +5 -0
data/app/assets/stylesheets/common.scss +2 -1
data/app/controllers/admin/fields_controller.rb +1 -1
data/app/controllers/admin/groups_controller.rb +5 -1
data/app/controllers/admin/tags_controller.rb +1 -1
data/app/controllers/admin/users_controller.rb +10 -6
data/app/controllers/application_controller.rb +13 -13
data/app/controllers/authentications_controller.rb +2 -2
data/app/controllers/comments_controller.rb +3 -2
data/app/controllers/entities/contacts_controller.rb +9 -7
data/app/controllers/entities/opportunities_controller.rb +1 -1
data/app/controllers/entities_controller.rb +4 -4
data/app/controllers/home_controller.rb +9 -9
data/app/controllers/passwords_controller.rb +1 -1
data/app/controllers/tasks_controller.rb +2 -1
data/app/controllers/users_controller.rb +4 -2
data/app/helpers/application_helper.rb +9 -9
data/app/helpers/javascript_helper.rb +5 -0
data/app/helpers/opportunities_helper.rb +1 -1
data/app/helpers/remote_link_pagination_helper.rb +5 -0
data/app/inputs/date_pair_input.rb +1 -1
data/app/models/entities/account.rb +2 -2
data/app/models/entities/account_contact.rb +1 -1
data/app/models/entities/campaign.rb +3 -3
data/app/models/entities/contact.rb +3 -3
data/app/models/entities/lead.rb +2 -2
data/app/models/entities/opportunity.rb +3 -3
data/app/models/fields/custom_field.rb +1 -1
data/app/models/fields/custom_field_pair.rb +2 -2
data/app/models/fields/field.rb +1 -1
data/app/models/polymorphic/address.rb +2 -2
data/app/models/polymorphic/avatar.rb +4 -2
data/app/models/polymorphic/email.rb +8 -6
data/app/models/polymorphic/task.rb +3 -1
data/app/models/polymorphic/version.rb +3 -3
data/app/models/users/ability.rb +1 -1
data/app/models/users/permission.rb +2 -0
data/app/models/users/user.rb +2 -2
data/app/views/accounts/index.js.haml +1 -1
data/app/views/admin/fields/_sort_by.html.haml +1 -1
data/app/views/admin/users/_user.html.haml +1 -1
data/app/views/campaigns/index.js.haml +1 -1
data/app/views/contacts/index.js.haml +1 -1
data/app/views/entities/_basic_search.html.haml +1 -1
data/app/views/home/_duration_menu.html.haml +1 -1
data/app/views/home/_events_menu.html.haml +1 -1
data/app/views/home/_users_menu.html.haml +1 -1
data/app/views/layouts/application.html.haml +1 -1
data/app/views/leads/index.js.haml +1 -1
data/app/views/opportunities/index.js.haml +1 -1
data/app/views/shared/_naming.html.haml +1 -1
data/app/views/users/_languages.html.haml +1 -1
data/config/application.rb +2 -3
data/config/boot.rb +2 -0
data/config/deploy.example.rb +1 -1
data/config/environments/development.rb +2 -0
data/config/environments/production.rb +1 -1
data/config/environments/test.rb +2 -2
data/config/initializers/assets.rb +6 -1
data/config/initializers/backtrace_silencers.rb +5 -0
data/config/initializers/constants.rb +1 -1
data/config/initializers/cookies_serializer.rb +5 -0
data/config/initializers/custom_field_ransack_translations.rb +5 -0
data/config/initializers/filter_parameter_logging.rb +5 -0
data/config/initializers/inflections.rb +5 -0
data/config/initializers/paper_trail.rb +5 -0
data/config/initializers/ransack.rb +3 -3
data/config/initializers/session_store.rb +5 -0
data/config/initializers/wrap_parameters.rb +5 -0
data/config/locales/et.yml +207 -0
data/config/locales/et_fat_free_crm.yml +928 -0
data/config/locales/pt-BR_ransack.yml +81 -0
data/config/locales/th.rb +1 -1
data/config/routes.rb +18 -18
data/db/migrate/20100928030598_create_sessions.rb +1 -1
data/db/migrate/20100928030599_create_users.rb +2 -2
data/db/migrate/20100928030600_create_openid_tables.rb +1 -1
data/db/migrate/20100928030601_create_accounts.rb +2 -2
data/db/migrate/20100928030602_create_permissions.rb +1 -1
data/db/migrate/20100928030603_create_settings.rb +1 -1
data/db/migrate/20100928030604_create_preferences.rb +2 -2
data/db/migrate/20100928030605_create_campaigns.rb +2 -2
data/db/migrate/20100928030606_create_leads.rb +2 -2
data/db/migrate/20100928030607_create_contacts.rb +2 -2
data/db/migrate/20100928030608_create_opportunities.rb +2 -2
data/db/migrate/20100928030609_create_account_contacts.rb +1 -1
data/db/migrate/20100928030610_create_account_opportunities.rb +1 -1
data/db/migrate/20100928030611_create_contact_opportunities.rb +1 -1
data/db/migrate/20100928030612_create_tasks.rb +2 -2
data/db/migrate/20100928030613_create_comments.rb +1 -1
data/db/migrate/20100928030614_create_activities.rb +1 -1
data/db/migrate/20100928030615_create_avatars.rb +1 -1
data/db/migrate/20100928030616_rename_remember_token.rb +1 -1
data/db/migrate/20100928030617_drop_openid_tables.rb +1 -1
data/db/migrate/20100928030618_add_admin_to_users.rb +1 -1
data/db/migrate/20100928030619_add_suspended_to_users.rb +1 -1
data/db/migrate/20100928030620_remove_uuid.rb +2 -2
data/db/migrate/20100928030621_add_email_to_accounts.rb +1 -1
data/db/migrate/20100928030622_add_background_info_to_models.rb +1 -1
data/db/migrate/20100928030623_create_addresses.rb +2 -2
data/db/migrate/20100928030624_add_index_on_permissions.rb +3 -3
data/db/migrate/20100928030625_create_emails.rb +2 -2
data/db/migrate/20100928030626_add_state_to_timeline_objects.rb +1 -1
data/db/migrate/20100928030627_acts_as_taggable_on_migration.rb +2 -2
data/db/migrate/20101221123456_add_single_access_token_to_users.rb +1 -1
data/db/migrate/20101221345678_add_rating_and_category_to_accounts.rb +1 -1
data/db/migrate/20110719082054_add_skype_to_contacts_and_leads.rb +1 -1
data/db/migrate/20111101083437_create_fields.rb +1 -1
data/db/migrate/20111101090312_create_field_groups.rb +1 -1
data/db/migrate/20111116091952_add_field_groups_tag_id.rb +1 -1
data/db/migrate/20111117041311_change_fields_collection_to_text.rb +1 -1
data/db/migrate/20111201030535_add_field_groups_klass_name.rb +2 -2
data/db/migrate/20120121054235_create_lists.rb +1 -1
data/db/migrate/20120216031616_create_versions.rb +3 -3
data/db/migrate/20120216042541_is_paranoid_to_paper_trail.rb +1 -1
data/db/migrate/20120220233724_add_versions_object_changes.rb +1 -1
data/db/migrate/20120224073107_remove_default_value_and_clear_settings.rb +1 -1
data/db/migrate/20120309070209_add_versions_related.rb +1 -1
data/db/migrate/20120314080441_add_subscribed_users_to_entities.rb +2 -2
data/db/migrate/20120316045804_activities_to_versions.rb +1 -1
data/db/migrate/20120405080727_change_subscribed_users_to_set.rb +1 -1
data/db/migrate/20120405080742_change_further_subscribed_users_to_set.rb +2 -2
data/db/migrate/20120406082136_create_groups.rb +2 -2
data/db/migrate/20120413034923_add_index_on_versions_item_type.rb +1 -1
data/db/migrate/20120510025219_add_not_null_constraints_for_timestamp_columns.rb +3 -3
data/db/migrate/20120528102124_increase_length_of_version_events.rb +1 -1
data/db/migrate/20120801032706_add_pair_id_to_fields.rb +1 -1
data/db/migrate/20121003063155_add_settings_to_custom_fields.rb +1 -1
data/db/migrate/20121221033947_fix_country_mapping.rb +1 -1
data/db/migrate/20131207033244_add_user_id_to_lists.rb +1 -1
data/db/migrate/20140916011927_add_created_at_index_on_versions.rb +1 -1
data/db/migrate/20140916012922_add_indexes_to_model_associations.rb +3 -3
data/db/migrate/20141126031837_increase_email_to254_chars.rb +1 -1
data/db/migrate/20141230021159_add_transaction_id_column_to_versions.rb +1 -1
data/db/migrate/20141230205453_add_missing_unique_indices.acts_as_taggable_on_engine.rb +4 -4
data/db/migrate/20141230205454_add_taggings_counter_cache_to_tags.acts_as_taggable_on_engine.rb +1 -1
data/db/migrate/20141230205455_add_missing_taggable_index.acts_as_taggable_on_engine.rb +3 -3
data/db/migrate/20150123060900_convert_radio_to_radio_buttons.rb +1 -1
data/db/migrate/20150227123054_remove_last_request_at_from_users.rb +1 -1
data/db/migrate/20150427131956_create_index_related_type.rb +3 -3
data/db/migrate/20160511053730_add_account_contacts_index.rb +2 -2
data/docker-compose.yml +17 -13
data/fat_free_crm.gemspec +4 -6
data/lib/development_tasks/license.rake +12 -9
data/lib/fat_free_crm/callback.rb +4 -4
data/lib/fat_free_crm/engine.rb +2 -2
data/lib/fat_free_crm/exportable.rb +2 -2
data/lib/fat_free_crm/fields.rb +2 -4
data/lib/fat_free_crm/gem_ext.rb +0 -1
data/lib/fat_free_crm/gem_ext/rake/task.rb +2 -0
data/lib/fat_free_crm/mail_processor/base.rb +4 -4
data/lib/fat_free_crm/mail_processor/dropbox.rb +1 -1
data/lib/fat_free_crm/permissions.rb +5 -5
data/lib/fat_free_crm/sortable.rb +1 -1
data/lib/fat_free_crm/version.rb +1 -1
data/lib/gravatar_image_tag.rb +1 -0
data/lib/tasks/ffcrm/demo.rake +2 -2
data/spec/controllers/admin/users_controller_spec.rb +25 -25
data/spec/controllers/authentications_controller_spec.rb +9 -9
data/spec/controllers/comments_controller_spec.rb +15 -15
data/spec/controllers/emails_controller_spec.rb +2 -2
data/spec/controllers/entities/accounts_controller_spec.rb +46 -46
data/spec/controllers/entities/campaigns_controller_spec.rb +46 -46
data/spec/controllers/entities/contacts_controller_spec.rb +55 -55
data/spec/controllers/entities/leads_controller_spec.rb +85 -85
data/spec/controllers/entities/opportunities_controller_spec.rb +74 -74
data/spec/controllers/home_controller_spec.rb +11 -11
data/spec/controllers/passwords_controller_spec.rb +2 -2
data/spec/controllers/tasks_controller_spec.rb +37 -37
data/spec/controllers/users_controller_spec.rb +31 -31
data/spec/factories/campaign_factories.rb +1 -1
data/spec/factories/contact_factories.rb +1 -1
data/spec/factories/field_factories.rb +1 -1
data/spec/factories/lead_factories.rb +2 -2
data/spec/factories/opportunity_factories.rb +3 -3
data/spec/factories/shared_factories.rb +1 -1
data/spec/factories/task_factories.rb +1 -1
data/spec/features/support/browser.rb +9 -1
data/spec/lib/fields_spec.rb +2 -2
data/spec/lib/permissions_spec.rb +38 -6
data/spec/lib/view_factory_spec.rb +2 -2
data/spec/models/fields/custom_field_spec.rb +3 -3
data/spec/models/observers/entity_observer_spec.rb +1 -1
data/spec/models/polymorphic/version_spec.rb +11 -11
data/spec/models/users/abilities/user_ability_spec.rb +8 -3
data/spec/models/users/permission_spec.rb +8 -0
data/spec/models/users/user_spec.rb +1 -1
data/spec/shared/controllers.rb +10 -10
data/spec/spec_helper.rb +1 -1
data/spec/views/accounts/index.haml_spec.rb +1 -1
data/spec/views/accounts/update.js.haml_spec.rb +2 -2
data/spec/views/admin/users/update.js.haml_spec.rb +2 -2
data/spec/views/application/auto_complete.haml_spec.rb +1 -1
data/spec/views/campaigns/index.haml_spec.rb +1 -1
data/spec/views/campaigns/update.js.haml_spec.rb +2 -2
data/spec/views/contacts/index.haml_spec.rb +1 -1
data/spec/views/contacts/update.js.haml_spec.rb +2 -2
data/spec/views/home/options.js.haml_spec.rb +1 -1
data/spec/views/leads/index.haml_spec.rb +1 -1
data/spec/views/leads/promote.js.haml_spec.rb +2 -2
data/spec/views/leads/update.js.haml_spec.rb +2 -2
data/spec/views/opportunities/index.haml_spec.rb +1 -1
data/spec/views/opportunities/update.js.haml_spec.rb +1 -1
data/spec/views/tasks/_edit.haml_spec.rb +2 -2
data/spec/views/tasks/create.js.haml_spec.rb +2 -2
data/spec/views/tasks/edit.js.haml_spec.rb +1 -1
data/spec/views/users/change_password.js.haml_spec.rb +2 -2
data/spec/views/users/update.js.haml_spec.rb +2 -2
data/spec/views/users/upload_avatar.js.haml_spec.rb +2 -2
metadata +17 -20
data/lib/fat_free_crm/gem_ext/active_record/schema_dumper.rb +0 -27

data/README.md CHANGED Viewed

@@ -1,7 +1,9 @@
-# Fat Free CRM [![TravisCI][travis-img-url]][travis-ci-url]  [![Code Climate](https://codeclimate.com/github/fatfreecrm/fat_free_crm.png)](https://codeclimate.com/github/fatfreecrm/fat_free_crm)
+# Fat Free CRM [![TravisCI][travis-img-url]][travis-ci-url]  [![Code Climate][codeclimate-img-url]][codeclimate-url]
-[travis-img-url]: https://secure.travis-ci.org/fatfreecrm/fat_free_crm.png?branch=master
+[travis-img-url]: https://secure.travis-ci.org/fatfreecrm/fat_free_crm.svg?branch=master
 [travis-ci-url]: https://travis-ci.org/fatfreecrm/fat_free_crm
+[codeclimate-img-url]: https://codeclimate.com/github/fatfreecrm/fat_free_crm.svg
+[codeclimate-url]: https://codeclimate.com/github/fatfreecrm/fat_free_crm
 ### An open source, Ruby on Rails [customer relationship management][crm-wiki] platform (CRM).

data/app/assets/javascripts/crm_sortable.js.coffee CHANGED Viewed

@@ -1,3 +1,8 @@
+# Copyright (c) 2008-2013 Michael Dvorkin and contributors.
+#
+# Fat Free CRM is freely distributable under the terms of MIT license.
+# See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
+#------------------------------------------------------------------------------
 (($) ->
   window.crm ||= {}

data/app/assets/javascripts/timeago.js.coffee CHANGED Viewed

@@ -1,3 +1,8 @@
+# Copyright (c) 2008-2013 Michael Dvorkin and contributors.
+#
+# Fat Free CRM is freely distributable under the terms of MIT license.
+# See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
+#------------------------------------------------------------------------------
 (($) ->
   # Run function on page load

data/app/assets/stylesheets/about.css.scss CHANGED Viewed

@@ -1,3 +1,8 @@
+// Copyright (c) 2008-2013 Michael Dvorkin and contributors.
+//
+// Fat Free CRM is freely distributable under the terms of MIT license.
+// See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
+//------------------------------------------------------------------------------
 #about > ul {
   margin-left: 15px;
 }

data/app/assets/stylesheets/common.scss CHANGED Viewed

@@ -704,7 +704,8 @@ ul.tools {
 .mail.highlight,
 .comment.highlight {
-  background-color: #f2f2f2; }
+  background-color: #f2f2f2;
+  word-break: break-all; }
 .highlight:hover {
   background-color: seashell;

data/app/controllers/admin/fields_controller.rb CHANGED Viewed

@@ -6,7 +6,7 @@
 class Admin::FieldsController < Admin::ApplicationController
   before_action "set_current_tab('admin/fields')", only: [:index]
-  load_resource except: [:create, :subform]
+  load_resource except: %i[create subform]
   # GET /fields
   # GET /fields.xml                                                      HTML

data/app/controllers/admin/groups_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class Admin::GroupsController < Admin::ApplicationController
-  before_action "set_current_tab('admin/groups')", only: [:index, :show]
+  before_action :setup_current_tab, only: %i[index show]
   load_resource
@@ -62,4 +62,8 @@ class Admin::GroupsController < Admin::ApplicationController
   def group_params
     params[:group].permit!
   end
+  def setup_current_tab
+    set_current_tab('admin/groups')
+  end
 end

data/app/controllers/admin/tags_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class Admin::TagsController < Admin::ApplicationController
-  before_action "set_current_tab('admin/tags')", only: [:index, :show]
+  before_action "set_current_tab('admin/tags')", only: %i[index show]
   load_resource

data/app/controllers/admin/users_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class Admin::UsersController < Admin::ApplicationController
-  before_action "set_current_tab('admin/users')", only: [:index, :show]
+  before_action :setup_current_tab, only: %i[index show]
   load_resource except: [:create]
@@ -44,8 +44,6 @@ class Admin::UsersController < Admin::ApplicationController
   # POST /admin/users.xml                                                  AJAX
   #----------------------------------------------------------------------------
   def create
-    params[:user][:email].try(:strip!)
-    params[:user][:password_confirmation] = nil if params[:user][:password_confirmation].blank?
     @user = User.new(user_params)
     @user.check_if_needs_approval
     @user.save_without_session_maintenance
@@ -57,8 +55,6 @@ class Admin::UsersController < Admin::ApplicationController
   # PUT /admin/users/1.xml                                                 AJAX
   #----------------------------------------------------------------------------
   def update
-    params[:user][:email].try(:strip!)
-    params[:user][:password_confirmation] = nil if params[:user][:password_confirmation].blank?
     @user = User.find(params[:id])
     @user.attributes = user_params
     @user.save_without_session_maintenance
@@ -108,6 +104,10 @@ class Admin::UsersController < Admin::ApplicationController
   protected
   def user_params
+    return {} unless params[:user]
+    params[:user][:email].try(:strip!)
+    params[:user][:password_confirmation] = nil if params[:user][:password_confirmation].blank?
     params[:user].permit(
       :admin,
       :username,
@@ -136,7 +136,7 @@ class Admin::UsersController < Admin::ApplicationController
     self.current_page  = options[:page] if options[:page]
     self.current_query = params[:query] if params[:query]
-    @search = klass.search(params[:q])
+    @search = klass.ransack(params[:q])
     @search.build_grouping unless @search.groupings.any?
     wants = request.format
@@ -146,4 +146,8 @@ class Admin::UsersController < Admin::ApplicationController
     scope = scope.paginate(page: current_page) if wants.html? || wants.js? || wants.xml?
     scope
   end
+  def setup_current_tab
+    set_current_tab('admin/users')
+  end
 end

data/app/controllers/application_controller.rb CHANGED Viewed

@@ -6,20 +6,20 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery
-  before_filter :set_paper_trail_whodunnit
+  before_action :set_paper_trail_whodunnit
   before_action :set_context
   before_action :clear_setting_cache
   before_action :cors_preflight_check
-  before_action "hook(:app_before_filter, self)"
-  after_action "hook(:app_after_filter,  self)"
+  before_action { hook(:app_before_filter, self) }
+  after_action { hook(:app_after_filter,  self) }
   after_action :cors_set_access_control_headers
   helper_method :current_user_session, :current_user, :can_signup?
   helper_method :called_from_index_page?, :called_from_landing_page?
   helper_method :klass
-  respond_to :html, only: [:index, :show, :auto_complete]
+  respond_to :html, only: %i[index show auto_complete]
   respond_to :js
   respond_to :json, :xml, except: :edit
   respond_to :atom, :csv, :rss, :xls, only: :index
@@ -36,7 +36,7 @@ class ApplicationController < ActionController::Base
     @auto_complete = hook(:auto_complete, self, query: @query, user: current_user)
     if @auto_complete.empty?
       exclude_ids = auto_complete_ids_to_exclude(params[:related])
-      @auto_complete = klass.my.text_search(@query).search(id_not_in: exclude_ids).result.limit(10)
+      @auto_complete = klass.my.text_search(@query).ransack(id_not_in: exclude_ids).result.limit(10)
     else
       @auto_complete = @auto_complete.last
     end
@@ -135,7 +135,7 @@ class ApplicationController < ActionController::Base
       flash[:notice] = t(:msg_login_needed) if request.fullpath != "/"
       respond_to do |format|
         format.html { redirect_to login_url }
-        format.js   { render text: "window.location = '#{login_url}';" }
+        format.js   { render plain: "window.location = '#{login_url}';" }
       end
     end
   end
@@ -217,8 +217,8 @@ class ApplicationController < ActionController::Base
     respond_to do |format|
       format.html { redirect_to(redirection_url) }
-      format.js   { render text: 'window.location.reload();' }
-      format.json { render text: flash[:warning],  status: :not_found }
+      format.js   { render plain: 'window.location.reload();' }
+      format.json { render plain: flash[:warning],  status: :not_found }
       format.xml  { render xml: [flash[:warning]], status: :not_found }
     end
   end
@@ -231,8 +231,8 @@ class ApplicationController < ActionController::Base
     url = send("#{related.pluralize}_path")
     respond_to do |format|
       format.html { redirect_to(url) }
-      format.js   { render text: %(window.location.href = "#{url}";) }
-      format.json { render text: flash[:warning],  status: :not_found }
+      format.js   { render plain: %(window.location.href = "#{url}";) }
+      format.json { render plain: flash[:warning],  status: :not_found }
       format.xml  { render xml: [flash[:warning]], status: :not_found }
     end
   end
@@ -242,8 +242,8 @@ class ApplicationController < ActionController::Base
     flash[:warning] = t(:msg_not_authorized, default: 'You are not authorized to take this action.')
     respond_to do |format|
       format.html { redirect_to(redirection_url) }
-      format.js   { render text: 'window.location.reload();' }
-      format.json { render text: flash[:warning],  status: :unauthorized }
+      format.js   { render plain: 'window.location.reload();' }
+      format.json { render plain: flash[:warning],  status: :unauthorized }
       format.xml  { render xml: [flash[:warning]], status: :unauthorized }
     end
   end
@@ -272,7 +272,7 @@ class ApplicationController < ActionController::Base
       headers['Access-Control-Allow-Headers'] = 'X-Requested-With, X-Prototype-Version, Token'
       headers['Access-Control-Max-Age'] = '1728000'
-      render text: '', content_type: 'text/plain'
+      render plain: ''
     end
   end
 end

data/app/controllers/authentications_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class AuthenticationsController < ApplicationController
-  before_action :require_no_user, only: [:new, :create, :show]
+  before_action :require_no_user, only: %i[new create show]
   before_action :require_user, only: :destroy
   #----------------------------------------------------------------------------
@@ -19,7 +19,7 @@ class AuthenticationsController < ApplicationController
   #----------------------------------------------------------------------------
   def create
-    @authentication = Authentication.new(params[:authentication])
+    @authentication = Authentication.new(params[:authentication].permit(:username, :password, :remember_me))
     if @authentication.save && !@authentication.user.suspended?
       flash[:notice] = t(:msg_welcome)

data/app/controllers/comments_controller.rb CHANGED Viewed

@@ -24,8 +24,8 @@ class CommentsController < ApplicationController
     flash[:warning] = t(:msg_assets_not_available, "notes")
     respond_to do |format|
       format.html { redirect_to root_url }
-      format.json { render text: flash[:warning], status: :not_found }
-      format.xml  { render text: flash[:warning], status: :not_found }
+      format.json { render plain: flash[:warning], status: :not_found }
+      format.xml  { render plain: flash[:warning], status: :not_found }
     end
   end
@@ -83,6 +83,7 @@ class CommentsController < ApplicationController
   protected
   def comment_params
+    return {} unless params[:comment]
     params[:comment].permit!
   end

data/app/controllers/entities/contacts_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class ContactsController < EntitiesController
-  before_action :get_accounts, only: [:new, :create, :edit, :update]
+  before_action :get_accounts, only: %i[new create edit update]
   # GET /contacts
   #----------------------------------------------------------------------------
@@ -65,14 +65,16 @@ class ContactsController < EntitiesController
         @contact.add_comment_by_user(@comment_body, current_user)
         @contacts = get_contacts if called_from_index_page?
       else
-        if params[:account][:id].blank?
-          if request.referer =~ /\/accounts\/(\d+)\z/
-            @account = Account.find(Regexp.last_match[1]) # related account
+        if params[:account]
+          if params[:account][:id].blank?
+            if request.referer =~ /\/accounts\/(\d+)\z/
+              @account = Account.find(Regexp.last_match[1]) # related account
+            else
+              @account = Account.new(user: current_user)
+            end
           else
-            @account = Account.new(user: current_user)
+            @account = Account.find(params[:account][:id])
           end
-        else
-          @account = Account.find(params[:account][:id])
         end
         @opportunity = Opportunity.my.find(params[:opportunity]) unless params[:opportunity].blank?
       end

data/app/controllers/entities/opportunities_controller.rb CHANGED Viewed

@@ -6,7 +6,7 @@
 class OpportunitiesController < EntitiesController
   before_action :load_settings
   before_action :get_data_for_sidebar, only: :index
-  before_action :set_params, only: [:index, :redraw, :filter]
+  before_action :set_params, only: %i[index redraw filter]
   # GET /opportunities
   #----------------------------------------------------------------------------

data/app/controllers/entities_controller.rb CHANGED Viewed

@@ -5,8 +5,8 @@
 #------------------------------------------------------------------------------
 class EntitiesController < ApplicationController
   before_action :require_user
-  before_action :set_current_tab, only: [:index, :show]
-  before_action :set_view, only: [:index, :show, :redraw]
+  before_action :set_current_tab, only: %i[index show]
+  before_action :set_view, only: %i[index show redraw]
   before_action :set_options, only: :index
   before_action :load_ransack_search, only: :index
@@ -87,7 +87,7 @@ class EntitiesController < ApplicationController
         render('fields/group') && return
       end
     end
-    render text: ''
+    render plain: ''
   end
   protected
@@ -121,7 +121,7 @@ class EntitiesController < ApplicationController
   end
   def resource_params
-    params[controller_name.singularize].permit!
+    params[controller_name.singularize].permit! if params[controller_name.singularize].present?
   end
   private

data/app/controllers/home_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class HomeController < ApplicationController
-  before_action :require_user, except: [:toggle, :timezone]
+  before_action :require_user, except: %i[toggle timezone]
   before_action :set_current_tab, only: :index
   #----------------------------------------------------------------------------
@@ -50,16 +50,16 @@ class HomeController < ApplicationController
     else
       session[params[:id].to_sym] = true
     end
-    render nothing: true
+    head :ok
   end
   # GET /home/timeline                                                     AJAX
   #----------------------------------------------------------------------------
   def timeline
     state = params[:state].to_s
-    if %w(Collapsed Expanded).include?(state)
+    if %w[Collapsed Expanded].include?(state)
       if (model_type = params[:type].to_s).present?
-        if %w(comment email).include?(model_type)
+        if %w[comment email].include?(model_type)
           model = model_type.camelize.constantize
           item = model.find(params[:id])
           item.update_attribute(:state, state)
@@ -71,7 +71,7 @@ class HomeController < ApplicationController
       end
     end
-    render nothing: true
+    head :ok
   end
   # GET /home/timezone                                                     AJAX
@@ -85,7 +85,7 @@ class HomeController < ApplicationController
       session[:timezone_offset] = params[:offset].to_i * -60
       ActiveSupport::TimeZone[session[:timezone_offset]]
     end
-    render nothing: true
+    head :ok
   end
   private
@@ -115,7 +115,7 @@ class HomeController < ApplicationController
   def activity_event
     event = current_user.pref[:activity_event]
     if event == "all_events"
-      %w(create update destroy)
+      %w[create update destroy]
     else
       event
     end
@@ -155,8 +155,8 @@ class HomeController < ApplicationController
     duration = current_user.pref[:activity_duration]
     if duration
       words = duration.split("_") # "two_weeks" => 2.weeks
-      if %w(one two).include?(words.first) && %w(hour day days week weeks month).include?(words.last)
-        %w(zero one two).index(words.first).send(words.last)
+      if %w[one two].include?(words.first) && %w[hour day days week weeks month].include?(words.last)
+        %w[zero one two].index(words.first).send(words.last)
       end
     end
   end

data/app/controllers/passwords_controller.rb CHANGED Viewed

@@ -4,7 +4,7 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class PasswordsController < ApplicationController
-  before_action :load_user_using_perishable_token, only: [:edit, :update]
+  before_action :load_user_using_perishable_token, only: %i[edit update]
   before_action :require_no_user
   #----------------------------------------------------------------------------

data/app/controllers/tasks_controller.rb CHANGED Viewed

@@ -5,7 +5,7 @@
 #------------------------------------------------------------------------------
 class TasksController < ApplicationController
   before_action :require_user
-  before_action :set_current_tab, only: [:index, :show]
+  before_action :set_current_tab, only: %i[index show]
   before_action :update_sidebar, only: :index
   # GET /tasks
@@ -170,6 +170,7 @@ class TasksController < ApplicationController
   protected
   def task_params
+    return {} unless params[:task]
     params[:task].permit!
   end

data/app/controllers/users_controller.rb CHANGED Viewed

@@ -4,12 +4,12 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class UsersController < ApplicationController
-  before_action :set_current_tab, only: [:show, :opportunities_overview] # Don't hightlight any tabs.
+  before_action :set_current_tab, only: %i[show opportunities_overview] # Don't hightlight any tabs.
   check_authorization
   load_and_authorize_resource # handles all security
-  respond_to :html, only: [:show, :new]
+  respond_to :html, only: %i[show new]
   # GET /users/1
   # GET /users/1.js
@@ -134,6 +134,7 @@ class UsersController < ApplicationController
   protected
   def user_params
+    return {} unless params[:user]
     params[:user][:email].try(:strip!)
     params[:user].permit(
       :username,
@@ -153,6 +154,7 @@ class UsersController < ApplicationController
   end
   def avatar_params
+    return {} unless params[:avatar]
     params[:avatar]
       .permit(:image)
       .merge(entity: @user)