RubyGems - fat_free_crm - Versions diffs - 0.17.3 → 0.19.2 - Mend

fat_free_crm 0.17.3 → 0.19.2

Potentially problematic release.

This version of fat_free_crm might be problematic. Click here for more details.

Files changed (329) hide show

checksums.yaml +4 -4
data/.rubocop.yml +1 -1
data/.rubocop_todo.yml +71 -148
data/.travis.yml +35 -14
data/CHANGELOG.md +92 -6
data/CONTRIBUTORS.md +96 -53
data/Dockerfile +45 -14
data/Gemfile +23 -13
data/Gemfile.lock +256 -248
data/Procfile +1 -1
data/README.md +9 -6
data/Rakefile +1 -1
data/app/assets/javascripts/crm.js.coffee +3 -3
data/app/assets/javascripts/crm_select2.js.coffee +15 -14
data/app/assets/stylesheets/common.scss +1 -1
data/app/controllers/admin/application_controller.rb +1 -1
data/app/controllers/admin/field_groups_controller.rb +9 -4
data/app/controllers/admin/fields_controller.rb +4 -4
data/app/controllers/admin/groups_controller.rb +1 -1
data/app/controllers/admin/tags_controller.rb +2 -4
data/app/controllers/admin/users_controller.rb +5 -8
data/app/controllers/application_controller.rb +22 -45
data/app/controllers/comments_controller.rb +16 -11
data/{config/initializers/authlogic.rb → app/controllers/confirmations_controller.rb} +4 -2
data/app/controllers/emails_controller.rb +0 -2
data/app/controllers/entities/accounts_controller.rb +1 -3
data/app/controllers/entities/campaigns_controller.rb +8 -5
data/app/controllers/entities/contacts_controller.rb +4 -24
data/app/controllers/entities/leads_controller.rb +16 -12
data/app/controllers/entities/opportunities_controller.rb +17 -16
data/app/controllers/entities_controller.rb +31 -12
data/app/controllers/home_controller.rb +2 -4
data/app/controllers/lists_controller.rb +5 -1
data/app/controllers/passwords_controller.rb +3 -59
data/{spec/features/support/maintain_sessions.rb → app/controllers/registrations_controller.rb} +12 -5
data/{lib/development_tasks/gem.rake → app/controllers/sessions_controller.rb} +6 -6
data/app/controllers/tasks_controller.rb +22 -17
data/app/controllers/users_controller.rb +8 -29
data/app/helpers/accounts_helper.rb +1 -1
data/app/helpers/admin/users_helper.rb +1 -1
data/app/helpers/application_helper.rb +28 -33
data/app/helpers/campaigns_helper.rb +1 -1
data/app/helpers/contacts_helper.rb +1 -3
data/app/helpers/leads_helper.rb +1 -1
data/app/helpers/opportunities_helper.rb +48 -3
data/app/helpers/tasks_helper.rb +1 -1
data/app/helpers/users_helper.rb +1 -3
data/{config/initializers/paper_trail.rb → app/mailers/devise_mailer.rb} +5 -1
data/app/mailers/user_mailer.rb +0 -9
data/app/models/entities/account.rb +10 -10
data/app/models/entities/campaign.rb +4 -6
data/app/models/entities/contact.rb +24 -12
data/app/models/entities/lead.rb +7 -14
data/app/models/entities/opportunity.rb +10 -11
data/app/models/fields/custom_field.rb +1 -0
data/app/models/fields/custom_field_date_pair.rb +2 -0
data/app/models/fields/field.rb +1 -3
data/app/models/list.rb +1 -1
data/app/models/observers/entity_observer.rb +3 -7
data/app/models/observers/lead_observer.rb +2 -4
data/app/models/observers/opportunity_observer.rb +5 -7
data/app/models/observers/task_observer.rb +1 -1
data/app/models/polymorphic/email.rb +2 -2
data/app/models/polymorphic/task.rb +13 -9
data/app/models/polymorphic/version.rb +3 -2
data/app/models/setting.rb +2 -0
data/app/models/users/ability.rb +3 -4
data/app/models/users/permission.rb +3 -3
data/app/models/users/preference.rb +2 -1
data/app/models/users/user.rb +67 -42
data/app/views/accounts/_top_section.html.haml +1 -1
data/app/views/accounts/edit.js.haml +1 -1
data/app/views/accounts/update.js.haml +2 -2
data/app/views/admin/users/_user.html.haml +4 -4
data/app/views/campaigns/_metrics.html.haml +3 -3
data/app/views/contacts/_index_brief.html.haml +1 -1
data/app/views/contacts/_index_full.html.haml +1 -1
data/app/views/contacts/_index_long.html.haml +1 -1
data/app/views/devise/confirmations/new.html.haml +9 -0
data/app/views/devise/mailer/confirmation_instructions.html.haml +4 -0
data/app/views/devise/mailer/password_change.html.haml +3 -0
data/app/views/devise/mailer/reset_password_instructions.html.haml +6 -0
data/app/views/devise/passwords/edit.html.haml +18 -0
data/app/views/devise/passwords/new.html.haml +10 -0
data/app/views/devise/registrations/new.html.haml +21 -0
data/app/views/devise/sessions/new.html.haml +32 -0
data/app/views/home/_opportunity.html.haml +4 -19
data/app/views/layouts/_about.html.haml +5 -5
data/app/views/layouts/_header.html.haml +3 -3
data/app/views/layouts/admin/_header.html.haml +1 -1
data/app/views/opportunities/_index_long.html.haml +1 -24
data/app/views/opportunities/_sidebar_show.html.haml +3 -3
data/app/views/opportunities/_top_section.html.haml +1 -1
data/app/views/shared/_address.html.haml +5 -5
data/app/views/shared/_empty.html.haml +1 -1
data/app/views/shared/_paginate_with_per_page.html.haml +1 -0
data/app/views/users/_avatar.html.haml +1 -1
data/bin/bundle +1 -1
data/bin/rails +1 -1
data/bin/setup +38 -0
data/bin/update +33 -0
data/bin/yarn +13 -0
data/config/application.rb +8 -6
data/config/boot.rb +1 -1
data/config/brakeman.ignore +2 -2
data/config/database.postgres.docker.yml +5 -5
data/config/environment.rb +1 -1
data/config/environments/development.rb +1 -0
data/config/environments/test.rb +7 -0
data/config/initializers/action_mailer.rb +1 -3
data/config/initializers/application_controller_renderer.rb +9 -0
data/config/initializers/assets.rb +6 -11
data/config/initializers/backtrace_silencers.rb +0 -6
data/config/initializers/content_security_policy.rb +26 -0
data/config/initializers/cookies_serializer.rb +3 -6
data/config/initializers/devise.rb +289 -0
data/config/initializers/filter_parameter_logging.rb +0 -5
data/config/initializers/gravatar.rb +0 -1
data/config/initializers/inflections.rb +0 -6
data/config/initializers/mime_types.rb +1 -9
data/config/initializers/new_framework_defaults_5_2.rb +40 -0
data/config/initializers/relative_url_root.rb +1 -3
data/config/initializers/session_store.rb +1 -3
data/config/initializers/wrap_parameters.rb +4 -9
data/config/locales/fat_free_crm.en-GB.yml +5 -5
data/config/locales/fat_free_crm.en-US.yml +5 -5
data/config/locales/fat_free_crm.fr.yml +1 -1
data/config/locales/fat_free_crm.ru.yml +1 -0
data/config/routes.rb +20 -9
data/db/demo/users.yml +62 -81
data/db/migrate/20100928030620_remove_uuid.rb +1 -2
data/db/migrate/20120316045804_activities_to_versions.rb +1 -0
data/db/migrate/20120510025219_add_not_null_constraints_for_timestamp_columns.rb +1 -0
data/db/migrate/20180107082701_authlogic_to_devise.rb +58 -0
data/db/schema.rb +48 -46
data/docker-compose.yml +10 -0
data/fat_free_crm.gemspec +12 -14
data/lib/development_tasks/license.rake +2 -2
data/lib/fat_free_crm/callback.rb +2 -2
data/lib/fat_free_crm/comment_extensions.rb +2 -4
data/lib/fat_free_crm/core_ext/string.rb +1 -1
data/lib/fat_free_crm/engine.rb +2 -2
data/lib/fat_free_crm/errors.rb +1 -1
data/lib/fat_free_crm/export_csv.rb +1 -0
data/lib/fat_free_crm/exportable.rb +1 -1
data/lib/fat_free_crm/fields.rb +2 -2
data/lib/fat_free_crm/gem_dependencies.rb +1 -1
data/lib/fat_free_crm/gem_ext/simple_form/action_view_extensions/form_helper.rb +1 -3
data/lib/fat_free_crm/i18n.rb +2 -2
data/lib/fat_free_crm/mail_processor/base.rb +4 -10
data/lib/fat_free_crm/mail_processor/dropbox.rb +5 -15
data/lib/fat_free_crm/permissions.rb +7 -18
data/lib/fat_free_crm/sortable.rb +1 -1
data/lib/fat_free_crm/tabs.rb +2 -2
data/lib/fat_free_crm/version.rb +2 -2
data/lib/gravatar_image_tag.rb +7 -8
data/lib/missing_translation_detector.rb +1 -0
data/lib/tasks/ffcrm/missing_translations.rake +1 -0
data/lib/tasks/ffcrm/setup.rake +13 -4
data/lib/tasks/ffcrm/update_data.rake +2 -2
data/script/rails +2 -2
data/spec/controllers/admin/users_controller_spec.rb +25 -81
data/spec/controllers/comments_controller_spec.rb +19 -19
data/spec/controllers/emails_controller_spec.rb +2 -2
data/spec/controllers/entities/accounts_controller_spec.rb +56 -56
data/spec/controllers/entities/campaigns_controller_spec.rb +66 -66
data/spec/controllers/entities/contacts_controller_spec.rb +69 -68
data/spec/controllers/entities/leads_controller_spec.rb +126 -126
data/spec/controllers/entities/opportunities_controller_spec.rb +101 -101
data/spec/controllers/entities_controller_spec.rb +5 -0
data/spec/controllers/home_controller_spec.rb +30 -30
data/spec/controllers/tasks_controller_spec.rb +42 -40
data/spec/controllers/users_controller_spec.rb +43 -113
data/spec/factories/account_factories.rb +13 -13
data/spec/factories/campaign_factories.rb +8 -8
data/spec/factories/contact_factories.rb +18 -18
data/spec/factories/field_factories.rb +11 -10
data/spec/factories/lead_factories.rb +13 -13
data/spec/factories/list_factories.rb +3 -3
data/spec/factories/opportunity_factories.rb +9 -9
data/spec/factories/sequences.rb +1 -1
data/spec/factories/setting_factories.rb +5 -5
data/spec/factories/shared_factories.rb +25 -23
data/spec/factories/subscription_factories.rb +1 -1
data/spec/factories/tag_factories.rb +1 -1
data/spec/factories/task_factories.rb +11 -11
data/spec/factories/user_factories.rb +27 -30
data/spec/features/accounts_spec.rb +17 -4
data/spec/features/admin/groups_spec.rb +2 -2
data/spec/features/admin/users_spec.rb +4 -2
data/spec/features/campaigns_spec.rb +5 -5
data/spec/features/contacts_spec.rb +11 -5
data/spec/features/dashboard_spec.rb +8 -8
data/spec/features/devise/sign_in_spec.rb +58 -0
data/spec/features/devise/sign_up_spec.rb +36 -0
data/spec/features/leads_spec.rb +5 -5
data/spec/features/opportunities_overview_spec.rb +16 -16
data/spec/features/opportunities_spec.rb +35 -9
data/spec/features/support/autocomlete_helper.rb +17 -0
data/spec/features/support/browser.rb +5 -9
data/spec/features/tasks_spec.rb +5 -5
data/spec/helpers/admin/field_groups_helper_spec.rb +1 -1
data/spec/helpers/application_helper_spec.rb +1 -1
data/spec/helpers/tasks_helper_spec.rb +1 -1
data/spec/helpers/users_helper_spec.rb +7 -7
data/spec/lib/comment_extensions_spec.rb +11 -5
data/spec/lib/errors_spec.rb +2 -2
data/spec/lib/mail_processor/base_spec.rb +3 -3
data/spec/lib/mail_processor/comment_replies_spec.rb +3 -3
data/spec/lib/mail_processor/dropbox_spec.rb +17 -17
data/spec/lib/mail_processor/sample_emails/dropbox.rb +8 -8
data/spec/lib/permissions_spec.rb +15 -28
data/spec/mailers/devise_mailer_spec.rb +35 -0
data/spec/mailers/user_mailer_spec.rb +6 -32
data/spec/models/entities/account_spec.rb +58 -32
data/spec/models/entities/campaign_spec.rb +18 -25
data/spec/models/entities/contact_spec.rb +113 -21
data/spec/models/entities/lead_spec.rb +9 -11
data/spec/models/entities/opportunity_spec.rb +45 -45
data/spec/models/fields/custom_field_date_pair_spec.rb +4 -2
data/spec/models/fields/custom_field_spec.rb +21 -19
data/spec/models/list_spec.rb +2 -2
data/spec/models/observers/entity_observer_spec.rb +7 -7
data/spec/models/polymorphic/address_spec.rb +1 -1
data/spec/models/polymorphic/avatar_spec.rb +5 -5
data/spec/models/polymorphic/comment_spec.rb +5 -5
data/spec/models/polymorphic/task_spec.rb +65 -58
data/spec/models/polymorphic/version_spec.rb +31 -31
data/spec/models/setting_spec.rb +2 -2
data/spec/models/users/preference_spec.rb +6 -6
data/spec/models/users/user_spec.rb +46 -50
data/spec/routing/users_routing_spec.rb +30 -8
data/spec/shared/controllers.rb +3 -9
data/spec/shared/models.rb +22 -22
data/spec/spec_helper.rb +12 -4
data/spec/support/assert_select.rb +1 -0
data/spec/support/devise_helpers.rb +28 -0
data/spec/{features/support/helpers.rb → support/feature_helpers.rb} +11 -11
data/spec/support/macros.rb +7 -4
data/spec/views/accounts/_edit.haml_spec.rb +1 -1
data/spec/views/accounts/create.js.haml_spec.rb +3 -3
data/spec/views/accounts/destroy.js.haml_spec.rb +1 -1
data/spec/views/accounts/edit.js.haml_spec.rb +2 -2
data/spec/views/accounts/index.haml_spec.rb +2 -2
data/spec/views/accounts/index.js.haml_spec.rb +1 -1
data/spec/views/accounts/show.haml_spec.rb +4 -4
data/spec/views/accounts/update.js.haml_spec.rb +1 -1
data/spec/views/admin/field_groups/create.js.haml_spec.rb +1 -1
data/spec/views/admin/field_groups/destroy.js.haml_spec.rb +1 -1
data/spec/views/admin/field_groups/edit.js.haml_spec.rb +1 -1
data/spec/views/admin/field_groups/new.js.haml_spec.rb +1 -1
data/spec/views/admin/field_groups/update.js.haml_spec.rb +1 -1
data/spec/views/admin/users/create.js.haml_spec.rb +2 -2
data/spec/views/admin/users/destroy.js.haml_spec.rb +2 -2
data/spec/views/admin/users/edit.js.haml_spec.rb +2 -2
data/spec/views/admin/users/index.haml_spec.rb +1 -1
data/spec/views/admin/users/index.js.haml_spec.rb +2 -2
data/spec/views/admin/users/reactivate.js.haml_spec.rb +1 -1
data/spec/views/admin/users/suspend.js.haml_spec.rb +1 -1
data/spec/views/admin/users/update.js.haml_spec.rb +1 -1
data/spec/views/application/auto_complete.haml_spec.rb +3 -3
data/spec/views/campaigns/_edit.haml_spec.rb +1 -1
data/spec/views/campaigns/create.js.haml_spec.rb +4 -4
data/spec/views/campaigns/destroy.js.haml_spec.rb +1 -1
data/spec/views/campaigns/edit.js.haml_spec.rb +4 -4
data/spec/views/campaigns/index.haml_spec.rb +1 -1
data/spec/views/campaigns/index.js.haml_spec.rb +2 -2
data/spec/views/campaigns/show.haml_spec.rb +4 -4
data/spec/views/campaigns/update.js.haml_spec.rb +2 -2
data/spec/views/contacts/_edit.haml_spec.rb +7 -7
data/spec/views/contacts/_new.haml_spec.rb +1 -1
data/spec/views/contacts/create.js.haml_spec.rb +5 -5
data/spec/views/contacts/destroy.js.haml_spec.rb +1 -1
data/spec/views/contacts/edit.js.haml_spec.rb +4 -4
data/spec/views/contacts/index.haml_spec.rb +1 -1
data/spec/views/contacts/index.js.html_spec.rb +2 -2
data/spec/views/contacts/new.js.haml_spec.rb +1 -1
data/spec/views/contacts/show.haml_spec.rb +3 -3
data/spec/views/contacts/update.js.haml_spec.rb +5 -5
data/spec/views/home/index.haml_spec.rb +1 -1
data/spec/views/home/index.js.haml_spec.rb +1 -1
data/spec/views/home/options.js.haml_spec.rb +2 -2
data/spec/views/leads/_convert.haml_spec.rb +3 -3
data/spec/views/leads/_edit.haml_spec.rb +2 -2
data/spec/views/leads/_new.haml_spec.rb +2 -2
data/spec/views/leads/_sidebar_show.haml_spec.rb +5 -5
data/spec/views/leads/convert.js.haml_spec.rb +4 -4
data/spec/views/leads/create.js.haml_spec.rb +5 -5
data/spec/views/leads/destroy.js.haml_spec.rb +2 -2
data/spec/views/leads/edit.js.haml_spec.rb +4 -4
data/spec/views/leads/index.haml_spec.rb +1 -1
data/spec/views/leads/index.js.haml_spec.rb +1 -1
data/spec/views/leads/new.js.haml_spec.rb +1 -1
data/spec/views/leads/promote.js.haml_spec.rb +7 -7
data/spec/views/leads/reject.js.haml_spec.rb +2 -2
data/spec/views/leads/show.haml_spec.rb +2 -2
data/spec/views/leads/update.js.haml_spec.rb +4 -4
data/spec/views/opportunities/_edit.haml_spec.rb +7 -7
data/spec/views/opportunities/_new.haml_spec.rb +2 -2
data/spec/views/opportunities/create.js.haml_spec.rb +6 -6
data/spec/views/opportunities/destroy.js.haml_spec.rb +3 -3
data/spec/views/opportunities/edit.js.haml_spec.rb +3 -3
data/spec/views/opportunities/index.haml_spec.rb +1 -1
data/spec/views/opportunities/index.js.haml_spec.rb +1 -1
data/spec/views/opportunities/new.js.haml_spec.rb +1 -1
data/spec/views/opportunities/show.haml_spec.rb +3 -3
data/spec/views/opportunities/update.js.haml_spec.rb +5 -5
data/spec/views/tasks/_edit.haml_spec.rb +1 -1
data/spec/views/tasks/complete.js.haml_spec.rb +4 -4
data/spec/views/tasks/create.js.haml_spec.rb +6 -6
data/spec/views/tasks/destroy.js.haml_spec.rb +2 -2
data/spec/views/tasks/index.haml_spec.rb +4 -4
data/spec/views/tasks/new.js.haml_spec.rb +1 -1
data/spec/views/tasks/uncomplete.js.haml_spec.rb +2 -2
data/spec/views/tasks/update.js.haml_spec.rb +18 -18
data/spec/views/users/upload_avatar.js.haml_spec.rb +2 -2
metadata +49 -71
data/app/controllers/authentications_controller.rb +0 -53
data/app/models/users/authentication.rb +0 -56
data/app/views/authentications/new.html.haml +0 -19
data/app/views/passwords/edit.html.haml +0 -15
data/app/views/passwords/new.html.haml +0 -10
data/app/views/user_mailer/password_reset_instructions.html.haml +0 -6
data/app/views/users/new.html.haml +0 -19
data/spec/controllers/authentications_controller_spec.rb +0 -150
data/spec/controllers/passwords_controller_spec.rb +0 -32
data/spec/models/users/authentication_spec.rb +0 -19
data/spec/support/auth_macros.rb +0 -49
data/spec/views/authentications/new.haml_spec.rb +0 -31

data/Procfile CHANGED Viewed

	@@ -1 +1 @@
1	- web: bundle exec ~~unicorn~~ -p ~~$PORT -c ./~~config/~~unicorn~~.rb
1	+ web: bundle exec puma -C config/puma.rb

data/README.md CHANGED Viewed

@@ -53,7 +53,7 @@ Visit our website at http://www.fatfreecrm.com/
 ## System Requirements
-* Ruby 2.3+ recommended
+* Ruby 2.4+ recommended
 * MySQL v4.1.1 or later (v5+ is recommended), SQLite v3.4 or later, or Postgres 8.4.8 or later.
 * ImageMagick (optional, only needed if you would like to use avatars)
@@ -84,7 +84,7 @@ This is the best way to deploy Fat Free CRM if you need to add plugins or make a
 ## Upgrading from previous versions of Fat Free CRM
-Please read the [Release Notes](https://github.com/fatfreecrm/fat_free_crm/blob/master/CHANGELOG.md) document for more detailed information on upgrading from previous versions.
+Please read the [Changelog](https://github.com/fatfreecrm/fat_free_crm/blob/master/CHANGELOG.md) document for more detailed information on upgrading from previous versions.
 ## Resources
@@ -116,15 +116,18 @@ Tests can easily be run by typing 'rake' but please note that they do take a whi
 ## Main contributors
 * [Michael Dvorkin (@michaeldv)](https://github.com/michaeldv) - Founding creator
-* [Steve Kenworthy (@steveyken)](https://github.com/steveyken) - Maintainer
-* [Nathan Broadbent (@ndbroadbent)](https://github.com/ndbroadbent)
+* CloCkWeRX
+* johnnyshield
+* DmitryAvramec
+* steveyken
-See the [contributors graph](https://github.com/fatfreecrm/fat_free_crm/graphs/contributors) and the [contributors file](https://github.com/fatfreecrm/fat_free_crm/blob/master/CONTRIBUTORS) for further details.
+See the [contributors graph](https://github.com/fatfreecrm/fat_free_crm/graphs/contributors) and the [contributors file](https://github.com/fatfreecrm/fat_free_crm/blob/master/CONTRIBUTORS.md) for further details.
 ## License
 Fat Free CRM
-Copyright (c) 2008-2014 Michael Dvorkin and contributors.
+Copyright (c) 2008-2018 Michael Dvorkin and contributors.
 Permission is hereby granted, free of charge, to any person obtaining
 a copy of this software and associated documentation files (the

data/Rakefile CHANGED Viewed

@@ -4,7 +4,7 @@
 # Add your own tasks in files placed in lib/tasks ending in .rake,
 # for example lib/tasks/capistrano.rake, and they will automatically be available to Rake.
-require File.expand_path('../config/application', __FILE__)
+require File.expand_path('config/application', __dir__)
 FatFreeCRM::Application.load_tasks

data/app/assets/javascripts/crm.js.coffee CHANGED Viewed

@@ -374,9 +374,9 @@
         source: (request, response) =>
           request = {auto_complete_query: request['term'], related: related}
           $.get @base_url + "/" + controller + "/auto_complete.json", request, (data) ->
-            response $.map(data, (value, key) ->
-              label: value
-              value: key
+            response $.map(data.results, (value) ->
+              label: value.text
+              value: value.id
             )
         # Attach to related asset.

data/app/assets/javascripts/crm_select2.js.coffee CHANGED Viewed

@@ -11,22 +11,23 @@
   crm.make_select2 = ->
     $(".select2").not(".select2-container, .select2-offscreen, .select2-hidden-accessible").each ->
-      #$(".select2").each ->
-        if $(this).data("url")
-          $(this).select2
-            'width':'resolve'
-            placeholder: $(this).attr("placeholder")
-            ajax:
-              url: $(this).data("url")
-              dataType: 'json'
-        else
-          $(this).select2
-            'width':'resolve'
-            placeholder: $(this).attr("placeholder")
+      if $(this).data("url")
+        $(this).select2
+          'width':'resolve'
+          placeholder: $(this).attr("placeholder")
+          ajax:
+            url: $(this).data("url")
+            dataType: 'json'
+      else
+        $(this).select2
+          'width':'resolve'
+          placeholder: $(this).attr("placeholder")
+      if $(this).prop("disabled") == true
+        $(this).next('.select2-container').disable()
+        $(this).next('.select2-container').hide()
     $(".select2_tag").not(".select2-container, .select2-offscreen").each ->
-    #$(".select2_tag").each ->
       $(this).select2
         'width':'resolve'
         placeholder: $(this).data("placeholder")

data/app/assets/stylesheets/common.scss CHANGED Viewed

@@ -89,7 +89,7 @@ $sidebar_width: 210px;
   -moz-box-shadow: 5px 5px 15px #bbbbbb, -5px 0px 15px #bbbbbb;
   -webkit-border-radius: 6px;
   -webkit-box-shadow: 5px 5px 15px #bbbbbb, -5px 0px 15px #bbbbbb;
-  input[type="text"], input[type="password"] {
+  input[type="text"], input[type="email"], input[type="password"] {
     font-size: 16px;
     padding: 2px;
     width: 355px; }

data/app/controllers/admin/application_controller.rb CHANGED Viewed

@@ -23,7 +23,7 @@ class Admin::ApplicationController < ApplicationController
   #----------------------------------------------------------------------------
   def require_admin_user
-    require_user
+    authenticate_user!
     unless current_user&.admin?
       flash[:notice] = t(:msg_require_admin)
       redirect_to root_path

data/app/controllers/admin/field_groups_controller.rb CHANGED Viewed

@@ -22,9 +22,7 @@ class Admin::FieldGroupsController < Admin::ApplicationController
   def edit
     @field_group = FieldGroup.find(params[:id])
-    if params[:previous].to_s =~ /(\d+)\z/
-      @previous = FieldGroup.find_by_id(Regexp.last_match[1]) || Regexp.last_match[1].to_i
-    end
+    @previous = FieldGroup.find_by_id(Regexp.last_match[1]) || Regexp.last_match[1].to_i if params[:previous].to_s =~ /(\d+)\z/
     respond_with(@field_group)
   end
@@ -80,6 +78,13 @@ class Admin::FieldGroupsController < Admin::ApplicationController
   protected
   def field_group_params
-    params[:field_group].permit!
+    params.require(:field_group).permit(
+      :name,
+      :label,
+      :position,
+      :hint,
+      :tag_id,
+      :klass_name
+    )
   end
 end

data/app/controllers/admin/fields_controller.rb CHANGED Viewed

@@ -43,10 +43,10 @@ class Admin::FieldsController < Admin::ApplicationController
   def create
     as = field_params[:as]
     @field =
-      if as =~ /pair/
+      if as.match?(/pair/)
         CustomFieldPair.create_pair(params).first
       elsif as.present?
-        klass = Field.lookup_class(as).classify.constantize
+        klass = find_class(Field.lookup_class(as))
         klass.create(field_params)
       else
         Field.new(field_params).tap(&:valid?)
@@ -59,7 +59,7 @@ class Admin::FieldsController < Admin::ApplicationController
   # PUT /fields/1.xml                                                    AJAX
   #----------------------------------------------------------------------------
   def update
-    if field_params[:as] =~ /pair/
+    if field_params[:as].match?(/pair/)
       @field = CustomFieldPair.update_pair(params).first
     else
       @field = Field.find(params[:id])
@@ -102,7 +102,7 @@ class Admin::FieldsController < Admin::ApplicationController
                Field.find(id).tap { |f| f.as = as }
              else
                field_group_id = field[:field_group_id]
-               klass = Field.lookup_class(as).classify.constantize
+               klass = find_class(Field.lookup_class(as))
                klass.new(field_group_id: field_group_id, as: as)
       end

data/app/controllers/admin/groups_controller.rb CHANGED Viewed

@@ -62,7 +62,7 @@ class Admin::GroupsController < Admin::ApplicationController
   protected
   def group_params
-    params[:group].permit!
+    params.require(:group).permit(:name, user_ids: [])
   end
   def setup_current_tab

data/app/controllers/admin/tags_controller.rb CHANGED Viewed

@@ -28,9 +28,7 @@ class Admin::TagsController < Admin::ApplicationController
   # GET /admin/tags/1/edit                                                AJAX
   #----------------------------------------------------------------------------
   def edit
-    if params[:previous].to_s =~ /(\d+)\z/
-      @previous = Tag.find_by_id(Regexp.last_match[1]) || Regexp.last_match[1].to_i
-    end
+    @previous = Tag.find_by_id(Regexp.last_match[1]) || Regexp.last_match[1].to_i if params[:previous].to_s =~ /(\d+)\z/
   end
   # POST /admin/tags
@@ -68,7 +66,7 @@ class Admin::TagsController < Admin::ApplicationController
   protected
   def tag_params
-    params[:tag].permit!
+    params.require(:tag).permit(:name, :taggings_count)
   end
   def setup_current_tab

data/app/controllers/admin/users_controller.rb CHANGED Viewed

@@ -35,9 +35,7 @@ class Admin::UsersController < Admin::ApplicationController
   # GET /admin/users/1/edit                                                AJAX
   #----------------------------------------------------------------------------
   def edit
-    if params[:previous].to_s =~ /(\d+)\z/
-      @previous = User.find_by_id(Regexp.last_match[1]) || Regexp.last_match[1].to_i
-    end
+    @previous = User.find_by_id(Regexp.last_match[1]) || Regexp.last_match[1].to_i if params[:previous].to_s =~ /(\d+)\z/
     respond_with(@user)
   end
@@ -48,7 +46,7 @@ class Admin::UsersController < Admin::ApplicationController
   def create
     @user = User.new(user_params)
     @user.suspend_if_needs_approval
-    @user.save_without_session_maintenance
+    @user.save
     respond_with(@user)
   end
@@ -59,7 +57,7 @@ class Admin::UsersController < Admin::ApplicationController
   def update
     @user = User.find(params[:id])
     @user.attributes = user_params
-    @user.save_without_session_maintenance
+    @user.save
     respond_with(@user)
   end
@@ -74,9 +72,7 @@ class Admin::UsersController < Admin::ApplicationController
   # DELETE /admin/users/1.xml                                              AJAX
   #----------------------------------------------------------------------------
   def destroy
-    unless @user.destroyable?(current_user) && @user.destroy
-      flash[:warning] = t(:msg_cant_delete_user, @user.full_name)
-    end
+    flash[:warning] = t(:msg_cant_delete_user, @user.full_name) unless @user.destroyable?(current_user) && @user.destroy
     respond_with(@user)
   end
@@ -107,6 +103,7 @@ class Admin::UsersController < Admin::ApplicationController
   def user_params
     return {} unless params[:user]
     params[:user][:email].try(:strip!)
     params[:user][:password_confirmation] = nil if params[:user][:password_confirmation].blank?

data/app/controllers/application_controller.rb CHANGED Viewed

@@ -8,8 +8,9 @@
 class ApplicationController < ActionController::Base
   protect_from_forgery with: :exception
+  before_action :configure_devise_parameters, if: :devise_controller?
+  before_action :authenticate_user!
   before_action :set_paper_trail_whodunnit
   before_action :set_context
   before_action :clear_setting_cache
   before_action :cors_preflight_check
@@ -17,7 +18,6 @@ class ApplicationController < ActionController::Base
   after_action { hook(:app_after_filter, self) }
   after_action :cors_set_access_control_headers
-  helper_method :current_user_session, :current_user, :can_signup?
   helper_method :called_from_index_page?, :called_from_landing_page?
   helper_method :klass
@@ -73,16 +73,17 @@ class ApplicationController < ActionController::Base
   end
   #
-  # Takes { :related => 'campaigns/7' } or { :related => '5' }
+  # Takes { related: 'campaigns/7' } or { related: '5' }
   #   and returns array of object ids that should be excluded from search
   #   assumes controller_name is a method on 'related' class that returns a collection
   #----------------------------------------------------------------------------
   def auto_complete_ids_to_exclude(related)
     return [] if related.blank?
     return [related.to_i].compact unless related.index('/')
     related_class, id = related.split('/')
     obj = related_class.classify.constantize.find_by_id(id)
-    if obj && obj.respond_to?(controller_name)
+    if obj&.respond_to?(controller_name)
       obj.send(controller_name).map(&:id)
     else
       []
@@ -114,47 +115,6 @@ class ApplicationController < ActionController::Base
     @current_tab = tab
   end
-  #----------------------------------------------------------------------------
-  def current_user_session
-    @current_user_session ||= Authentication.find
-    @current_user_session = nil if @current_user_session&.record&.suspended?
-    @current_user_session
-  end
-  #----------------------------------------------------------------------------
-  def current_user
-    unless @current_user
-      @current_user = (current_user_session&.record)
-      if @current_user
-        @current_user.set_individual_locale
-        @current_user.set_single_access_token
-      end
-      User.current_user = @current_user
-    end
-    @current_user
-  end
-  #----------------------------------------------------------------------------
-  def require_user
-    unless current_user
-      store_location
-      flash[:notice] = t(:msg_login_needed) if request.fullpath != "/"
-      respond_to do |format|
-        format.html { redirect_to login_url }
-        format.js   { render plain: "window.location = '#{login_url}';" }
-      end
-    end
-  end
-  #----------------------------------------------------------------------------
-  def require_no_user
-    if current_user
-      store_location
-      flash[:notice] = t(:msg_logout_needed)
-      redirect_to profile_url
-    end
-  end
   #----------------------------------------------------------------------------
   def store_location
     session[:return_to] = request.fullpath
@@ -281,4 +241,21 @@ class ApplicationController < ActionController::Base
       render plain: ''
     end
   end
+  def configure_devise_parameters
+    devise_parameter_sanitizer.permit(:sign_up) do |user_params|
+      user_params.permit(:username, :email, :password, :password_confirmation)
+    end
+  end
+  def find_class(asset)
+    Rails.application.eager_load! unless Rails.application.config.cache_classes
+    classes = ActiveRecord::Base.descendants.map(&:name)
+    find = classes.find { |m| m == asset.classify }
+    if find
+      find.safe_constantize
+    else
+      raise "Unknown resource"
+    end
+  end
 end

data/app/controllers/comments_controller.rb CHANGED Viewed

@@ -6,8 +6,6 @@
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
 #------------------------------------------------------------------------------
 class CommentsController < ApplicationController
-  before_action :require_user
   # GET /comments
   # GET /comments.json
   # GET /comments.xml
@@ -15,7 +13,7 @@ class CommentsController < ApplicationController
   def index
     @commentable = extract_commentable_name(params)
     if @commentable
-      @asset = @commentable.classify.constantize.my(current_user).find(params[:"#{@commentable}_id"])
+      @asset = find_class(@commentable).my(current_user).find(params[:"#{@commentable}_id"])
       @comments = @asset.comments.order("created_at DESC")
     end
     respond_with(@comments) do |format|
@@ -35,11 +33,9 @@ class CommentsController < ApplicationController
   def edit
     @comment = Comment.find(params[:id])
-    model = @comment.commentable_type
+    model = find_class(@comment.commentable_type)
     id = @comment.commentable_id
-    unless model.constantize.my(current_user).find_by_id(id)
-      respond_to_related_not_found(model.downcase)
-    end
+    respond_to_related_not_found(model.downcase) unless model.my(current_user).find_by_id(id)
   end
   # POST /comments
@@ -51,13 +47,13 @@ class CommentsController < ApplicationController
       comment_params.merge(user_id: current_user.id)
     )
     # Make sure commentable object exists and is accessible to the current user.
-    model = @comment.commentable_type
+    model = find_class(@comment.commentable_type)
     id = @comment.commentable_id
-    if model.constantize.my(current_user).find_by_id(id)
+    if model.my(current_user).find_by_id(id)
       @comment.save
       respond_with(@comment)
     else
-      respond_to_related_not_found(model.downcase)
+      respond_to_related_not_found(model.name.downcase)
     end
   end
@@ -85,7 +81,16 @@ class CommentsController < ApplicationController
   def comment_params
     return {} unless params[:comment]
-    params[:comment].permit!
+    params.require(:comment).permit(
+      :user_id,
+      :commentable_type,
+      :commentable_id,
+      :private,
+      :title,
+      :comment,
+      :state
+    )
   end
   private

data/{config/initializers/authlogic.rb → app/controllers/confirmations_controller.rb} RENAMED Viewed

@@ -4,5 +4,7 @@
 #
 # Fat Free CRM is freely distributable under the terms of MIT license.
 # See MIT-LICENSE file or http://www.opensource.org/licenses/mit-license.php
-#------------------------------------------------------------------------------
-require 'authlogic'
+class ConfirmationsController < Devise::ConfirmationsController
+  respond_to :html
+  append_view_path 'app/views/devise'
+end