Skip to content

Commit

Permalink
Merge pull request #302 from ncbo/refactor/rails-7-upgrade/297
Browse files Browse the repository at this point in the history
Upgrade Rails from 6.1.7.3 to 7.0.8
jvendetti authored Jan 19, 2024
2 parents c5b46be + e664bab commit a5b130e
Showing 20 changed files with 396 additions and 322 deletions.
4 changes: 2 additions & 2 deletions Gemfile
Original file line number Diff line number Diff line change
@@ -3,7 +3,7 @@
source 'https://rubygems.org'

# Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
gem 'rails', '6.1.7.3'
gem 'rails', '7.0.8'

gem 'sass-rails', '~> 5.0'
gem 'terser'
@@ -52,7 +52,7 @@ gem 'stackprof', require: false
gem 'thin'
gem 'will_paginate', '~> 3.0'

gem 'ontologies_api_client', github: 'ncbo/ontologies_api_ruby_client', tag: 'v2.2.4'
gem 'ontologies_api_client', github: 'ncbo/ontologies_api_ruby_client', tag: 'v2.2.5'

group :staging, :production do
# application monitoring
146 changes: 78 additions & 68 deletions Gemfile.lock
Original file line number Diff line number Diff line change
@@ -1,10 +1,10 @@
GIT
remote: https://github.com/ncbo/ontologies_api_ruby_client.git
revision: 7331b8372056ea0cf2a33cc0f86fcf6877712bef
tag: v2.2.4
revision: 115cf36f54f73eb10c503147f54bb6f6672d3d99
tag: v2.2.5
specs:
ontologies_api_client (2.2.4)
activesupport (= 6.1.7.3)
ontologies_api_client (2.2.5)
activesupport (= 7.0.8)
addressable (~> 2.8)
excon
faraday
@@ -18,71 +18,77 @@ GIT
GEM
remote: https://rubygems.org/
specs:
actioncable (6.1.7.3)
actionpack (= 6.1.7.3)
activesupport (= 6.1.7.3)
actioncable (7.0.8)
actionpack (= 7.0.8)
activesupport (= 7.0.8)
nio4r (~> 2.0)
websocket-driver (>= 0.6.1)
actionmailbox (6.1.7.3)
actionpack (= 6.1.7.3)
activejob (= 6.1.7.3)
activerecord (= 6.1.7.3)
activestorage (= 6.1.7.3)
activesupport (= 6.1.7.3)
actionmailbox (7.0.8)
actionpack (= 7.0.8)
activejob (= 7.0.8)
activerecord (= 7.0.8)
activestorage (= 7.0.8)
activesupport (= 7.0.8)
mail (>= 2.7.1)
actionmailer (6.1.7.3)
actionpack (= 6.1.7.3)
actionview (= 6.1.7.3)
activejob (= 6.1.7.3)
activesupport (= 6.1.7.3)
net-imap
net-pop
net-smtp
actionmailer (7.0.8)
actionpack (= 7.0.8)
actionview (= 7.0.8)
activejob (= 7.0.8)
activesupport (= 7.0.8)
mail (~> 2.5, >= 2.5.4)
net-imap
net-pop
net-smtp
rails-dom-testing (~> 2.0)
actionpack (6.1.7.3)
actionview (= 6.1.7.3)
activesupport (= 6.1.7.3)
rack (~> 2.0, >= 2.0.9)
actionpack (7.0.8)
actionview (= 7.0.8)
activesupport (= 7.0.8)
rack (~> 2.0, >= 2.2.4)
rack-test (>= 0.6.3)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.0, >= 1.2.0)
actiontext (6.1.7.3)
actionpack (= 6.1.7.3)
activerecord (= 6.1.7.3)
activestorage (= 6.1.7.3)
activesupport (= 6.1.7.3)
actiontext (7.0.8)
actionpack (= 7.0.8)
activerecord (= 7.0.8)
activestorage (= 7.0.8)
activesupport (= 7.0.8)
globalid (>= 0.6.0)
nokogiri (>= 1.8.5)
actionview (6.1.7.3)
activesupport (= 6.1.7.3)
actionview (7.0.8)
activesupport (= 7.0.8)
builder (~> 3.1)
erubi (~> 1.4)
rails-dom-testing (~> 2.0)
rails-html-sanitizer (~> 1.1, >= 1.2.0)
activejob (6.1.7.3)
activesupport (= 6.1.7.3)
activejob (7.0.8)
activesupport (= 7.0.8)
globalid (>= 0.3.6)
activemodel (6.1.7.3)
activesupport (= 6.1.7.3)
activerecord (6.1.7.3)
activemodel (= 6.1.7.3)
activesupport (= 6.1.7.3)
activestorage (6.1.7.3)
actionpack (= 6.1.7.3)
activejob (= 6.1.7.3)
activerecord (= 6.1.7.3)
activesupport (= 6.1.7.3)
activemodel (7.0.8)
activesupport (= 7.0.8)
activerecord (7.0.8)
activemodel (= 7.0.8)
activesupport (= 7.0.8)
activestorage (7.0.8)
actionpack (= 7.0.8)
activejob (= 7.0.8)
activerecord (= 7.0.8)
activesupport (= 7.0.8)
marcel (~> 1.0)
mini_mime (>= 1.1.0)
activesupport (6.1.7.3)
activesupport (7.0.8)
concurrent-ruby (~> 1.0, >= 1.0.2)
i18n (>= 1.6, < 2)
minitest (>= 5.1)
tzinfo (~> 2.0)
zeitwerk (~> 2.3)
addressable (2.8.5)
public_suffix (>= 2.0.2, < 6.0)
airbrussh (1.5.0)
sshkit (>= 1.6.1, != 1.7.0)
ast (2.4.2)
autoprefixer-rails (10.4.15.0)
autoprefixer-rails (10.4.16.0)
execjs (~> 2)
base64 (0.1.0)
bcrypt_pbkdf (1.1.0)
@@ -135,9 +141,9 @@ GEM
erubi (1.12.0)
erubis (2.7.0)
eventmachine (1.2.7)
excon (0.104.0)
excon (0.108.0)
execjs (2.9.1)
faraday (2.7.11)
faraday (2.7.12)
base64
faraday-net_http (>= 2.0, < 3.1)
ruby2_keywords (>= 0.0.4)
@@ -200,7 +206,7 @@ GEM
multi_json (1.15.0)
multipart-post (2.3.0)
mysql2 (0.5.5)
net-imap (0.4.5)
net-imap (0.4.7)
date
net-protocol
net-pop (0.1.2)
@@ -215,9 +221,13 @@ GEM
netrc (0.11.0)
newrelic_rpm (9.6.0)
base64
nio4r (2.6.0)
nio4r (2.6.1)
nokogiri (1.15.5-arm64-darwin)
racc (~> 1.4)
nokogiri (1.15.5-x86_64-darwin)
racc (~> 1.4)
nokogiri (1.15.5-x86_64-linux)
racc (~> 1.4)
oj (3.16.1)
open_uri_redirections (0.2.1)
parallel (1.23.0)
@@ -236,21 +246,20 @@ GEM
rack (>= 1.2.0)
rack-test (2.1.0)
rack (>= 1.3)
rails (6.1.7.3)
actioncable (= 6.1.7.3)
actionmailbox (= 6.1.7.3)
actionmailer (= 6.1.7.3)
actionpack (= 6.1.7.3)
actiontext (= 6.1.7.3)
actionview (= 6.1.7.3)
activejob (= 6.1.7.3)
activemodel (= 6.1.7.3)
activerecord (= 6.1.7.3)
activestorage (= 6.1.7.3)
activesupport (= 6.1.7.3)
rails (7.0.8)
actioncable (= 7.0.8)
actionmailbox (= 7.0.8)
actionmailer (= 7.0.8)
actionpack (= 7.0.8)
actiontext (= 7.0.8)
actionview (= 7.0.8)
activejob (= 7.0.8)
activemodel (= 7.0.8)
activerecord (= 7.0.8)
activestorage (= 7.0.8)
activesupport (= 7.0.8)
bundler (>= 1.15.0)
railties (= 6.1.7.3)
sprockets-rails (>= 2.0.0)
railties (= 7.0.8)
rails-dom-testing (2.2.0)
activesupport (>= 5.0.0)
minitest
@@ -262,12 +271,13 @@ GEM
actionview (> 3.1)
activesupport (> 3.1)
railties (> 3.1)
railties (6.1.7.3)
actionpack (= 6.1.7.3)
activesupport (= 6.1.7.3)
railties (7.0.8)
actionpack (= 7.0.8)
activesupport (= 7.0.8)
method_source
rake (>= 12.2)
thor (~> 1.0)
zeitwerk (~> 2.5)
rainbow (3.1.1)
rake (13.1.0)
rb-fsevent (0.11.2)
@@ -291,7 +301,7 @@ GEM
rspec-mocks (3.12.6)
diff-lcs (>= 1.2.0, < 2.0)
rspec-support (~> 3.12.0)
rspec-rails (6.0.3)
rspec-rails (6.1.0)
actionpack (>= 6.1)
activesupport (>= 6.1)
railties (>= 6.1)
@@ -351,7 +361,7 @@ GEM
net-ssh (>= 2.8.0)
stackprof (0.2.25)
temple (0.10.3)
terser (1.1.19)
terser (1.1.20)
execjs (>= 0.3.0, < 3)
thin (1.8.2)
daemons (~> 1.0, >= 1.0.9)
@@ -412,7 +422,7 @@ DEPENDENCIES
pry
psych (< 4)
rack-mini-profiler
rails (= 6.1.7.3)
rails (= 7.0.8)
rails_autolink
rdoc
recaptcha (~> 5.9.0)
2 changes: 1 addition & 1 deletion bin/rails
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
#!/usr/bin/env ruby
APP_PATH = File.expand_path('../config/application', __dir__)
APP_PATH = File.expand_path("../config/application", __dir__)
require_relative "../config/boot"
require "rails/commands"
16 changes: 8 additions & 8 deletions bin/setup
Original file line number Diff line number Diff line change
@@ -13,24 +13,24 @@ FileUtils.chdir APP_ROOT do
# This script is idempotent, so that you can run it at any time and get an expectable outcome.
# Add necessary setup steps to this file.

puts '== Installing dependencies =='
system! 'gem install bundler --conservative'
system('bundle check') || system!('bundle install')
puts "== Installing dependencies =="
system! "gem install bundler --conservative"
system("bundle check") || system!("bundle install")

# Install JavaScript dependencies
system! 'bin/yarn'

# puts "\n== Copying sample files =="
# unless File.exist?('config/database.yml')
# FileUtils.cp 'config/database.yml.sample', 'config/database.yml'
# unless File.exist?("config/database.yml")
# FileUtils.cp "config/database.yml.sample", "config/database.yml"
# end

puts "\n== Preparing database =="
system! 'bin/rails db:prepare'
system! "bin/rails db:prepare"

puts "\n== Removing old logs and tempfiles =="
system! 'bin/rails log:clear tmp:clear'
system! "bin/rails log:clear tmp:clear"

puts "\n== Restarting application server =="
system! 'bin/rails restart'
system! "bin/rails restart"
end
2 changes: 2 additions & 0 deletions config/application.rb
Original file line number Diff line number Diff line change
@@ -10,6 +10,8 @@ module BioportalWebUi
class Application < Rails::Application
# Initialize configuration defaults for originally generated Rails version.
config.load_defaults 6.1
config.active_support.cache_format_version = 6.1
config.active_support.disable_to_s_conversion = true
config.active_record.yaml_column_permitted_classes = [
ActionController::Parameters,
HashWithIndifferentAccess
2 changes: 1 addition & 1 deletion config/boot.rb
Original file line number Diff line number Diff line change
@@ -1,3 +1,3 @@
ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__)
ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)

require "bundler/setup" # Set up gems listed in the Gemfile.
7 changes: 5 additions & 2 deletions config/environments/development.rb
Original file line number Diff line number Diff line change
@@ -14,15 +14,18 @@
# Show full error reports.
config.consider_all_requests_local = true

# Enable server timing
config.server_timing = true

# Enable/disable caching. By default caching is disabled.
# Run rails dev:cache to toggle caching.
if Rails.root.join('tmp', 'caching-dev.txt').exist?
if Rails.root.join("tmp/caching-dev.txt").exist?
config.action_controller.perform_caching = true
config.action_controller.enable_fragment_cache_logging = true

config.cache_store = :memory_store
config.public_file_server.headers = {
'Cache-Control' => "public, max-age=#{2.days.to_i}"
"Cache-Control" => "public, max-age=#{2.days.to_i}"
}
else
config.action_controller.perform_caching = false
36 changes: 9 additions & 27 deletions config/environments/production.rb
Original file line number Diff line number Diff line change
@@ -34,19 +34,19 @@
config.assets.compile = false

# Enable serving of images, stylesheets, and JavaScripts from an asset server.
# config.asset_host = 'http://assets.example.com'
# config.asset_host = "http://assets.example.com"

# Specifies the header that your server uses for sending files.
config.action_dispatch.x_sendfile_header = 'X-Sendfile' unless config.public_file_server.enabled # for Apache
# config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
# config.action_dispatch.x_sendfile_header = "X-Accel-Redirect" # for NGINX

# Store uploaded files on the local file system (see config/storage.yml for options).
config.active_storage.service = :local

# Mount Action Cable outside main process or domain.
# config.action_cable.mount_path = nil
# config.action_cable.url = 'wss://example.com/cable'
# config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
# config.action_cable.url = "wss://example.com/cable"
# config.action_cable.allowed_request_origins = [ "http://example.com", /http:\/\/example.*/ ]

# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
# config.force_ssl = true
@@ -84,16 +84,19 @@
# Tell Active Support which deprecation messages to disallow.
config.active_support.disallowed_deprecation_warnings = []

# Don't log any deprecations.
# config.active_support.report_deprecations = false

# Use default logging formatter so that PID and timestamp are not suppressed.
config.log_formatter = ::Logger::Formatter.new

# Use a different logger for distributed setups.
# require "syslog/logger"
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
# config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new "app-name")

# Include the BioPortal-specific configuration options
require Rails.root.join('config', "bioportal_config_#{Rails.env}.rb")

# Use a different cache store in production.
config.cache_store = :mem_cache_store, ENV["MEMCACHE_SERVERS"] || "localhost:11211", { namespace: 'bioportal_web_ui', expires_in: 1.day }

@@ -108,25 +111,4 @@

# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false

# Inserts middleware to perform automatic connection switching.
# The `database_selector` hash is used to pass options to the DatabaseSelector
# middleware. The `delay` is used to determine how long to wait after a write
# to send a subsequent read to the primary.
#
# The `database_resolver` class is used by the middleware to determine which
# database is appropriate to use based on the time delay.
#
# The `database_resolver_context` class is used by the middleware to set
# timestamps for the last write to the primary. The resolver uses the context
# class timestamps to determine how long to wait before reading from the
# replica.
#
# By default Rails will store a last write timestamp in the session. The
# DatabaseSelector middleware is designed as such you can define your own
# strategy for connection switching and pass that into the middleware through
# these configuration options.
# config.active_record.database_selector = { delay: 2.seconds }
# config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
# config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
end
9 changes: 5 additions & 4 deletions config/environments/test.rb
Original file line number Diff line number Diff line change
@@ -8,12 +8,13 @@
Rails.application.configure do
# Settings specified here will take precedence over those in config/application.rb.

# Turn false under Spring and add config.action_view.cache_template_loading = true.
config.cache_classes = true

# Do not eager load code on boot. This avoids loading your whole application
# just for the purpose of running a single test. If you are using a tool that
# preloads Rails for running tests, you may have to set it to true.
config.eager_load = false
# Eager loading loads your whole application. When running a single test locally,
# this probably isn't necessary. It's a good idea to do in a continuous integration
# system, or in some way before deploying your code.
config.eager_load = ENV["CI"].present?

# Configure public file server for tests with Cache-Control for performance.
config.public_file_server.enabled = true
47 changes: 21 additions & 26 deletions config/initializers/content_security_policy.rb
Original file line number Diff line number Diff line change
@@ -1,30 +1,25 @@
# Be sure to restart your server when you modify this file.

# Define an application-wide content security policy
# For further information see the following documentation
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
# Define an application-wide content security policy.
# See the Securing Rails Applications Guide for more information:
# https://guides.rubyonrails.org/security.html#content-security-policy-header

# Rails.application.config.content_security_policy do |policy|
# policy.default_src :self, :https
# policy.font_src :self, :https, :data
# policy.img_src :self, :https, :data
# policy.object_src :none
# policy.script_src :self, :https
# policy.style_src :self, :https
# # If you are using webpack-dev-server then specify webpack-dev-server host
# policy.connect_src :self, :https, "http://localhost:3035", "ws://localhost:3035" if Rails.env.development?

# # Specify URI for violation reports
# # policy.report_uri "/csp-violation-report-endpoint"
# Rails.application.configure do
# config.content_security_policy do |policy|
# policy.default_src :self, :https
# policy.font_src :self, :https, :data
# policy.img_src :self, :https, :data
# policy.object_src :none
# policy.script_src :self, :https
# policy.style_src :self, :https
# # Specify URI for violation reports
# # policy.report_uri "/csp-violation-report-endpoint"
# end
#
# # Generate session nonces for permitted importmap and inline scripts
# config.content_security_policy_nonce_generator = ->(request) { request.session.id.to_s }
# config.content_security_policy_nonce_directives = %w(script-src)
#
# # Report violations without enforcing the policy.
# # config.content_security_policy_report_only = true
# end

# If you are using UJS then enable automatic nonce generation
# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) }

# Set the nonce only to specific directives
# Rails.application.config.content_security_policy_nonce_directives = %w(script-src)

# Report CSP violations to a specified URI
# For further information see the following documentation:
# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
# Rails.application.config.content_security_policy_report_only = true
19 changes: 19 additions & 0 deletions config/initializers/cookie_rotator.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
Rails.application.config.after_initialize do
Rails.application.config.action_dispatch.cookies_rotations.tap do |cookies|
authenticated_encrypted_cookie_salt = Rails.application.config.action_dispatch.authenticated_encrypted_cookie_salt
signed_cookie_salt = Rails.application.config.action_dispatch.signed_cookie_salt

secret_key_base = Rails.application.secret_key_base

key_generator = ActiveSupport::KeyGenerator.new(
secret_key_base, iterations: 1000, hash_digest_class: OpenSSL::Digest::SHA1
)
key_len = ActiveSupport::MessageEncryptor.key_len

old_encrypted_secret = key_generator.generate_key(authenticated_encrypted_cookie_salt, key_len)
old_signed_secret = key_generator.generate_key(signed_cookie_salt)

cookies.rotate :encrypted, old_encrypted_secret
cookies.rotate :signed, old_signed_secret
end
end
4 changes: 3 additions & 1 deletion config/initializers/filter_parameter_logging.rb
Original file line number Diff line number Diff line change
@@ -1,6 +1,8 @@
# Be sure to restart your server when you modify this file.

# Configure sensitive parameters which will be filtered from the log file.
# Configure parameters to be filtered from the log file. Use this to limit dissemination of
# sensitive information. See the ActiveSupport::ParameterFilter documentation for supported
# notations and behaviors.
Rails.application.config.filter_parameters += [
:passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
]
8 changes: 4 additions & 4 deletions config/initializers/inflections.rb
Original file line number Diff line number Diff line change
@@ -4,13 +4,13 @@
# are locale specific, and you may define rules for as many different
# locales as you wish. All of these examples are active by default:
# ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.plural /^(ox)$/i, '\1en'
# inflect.singular /^(ox)en/i, '\1'
# inflect.irregular 'person', 'people'
# inflect.plural /^(ox)$/i, "\\1en"
# inflect.singular /^(ox)en/i, "\\1"
# inflect.irregular "person", "people"
# inflect.uncountable %w( fish sheep )
# end

# These inflection rules are supported but not enabled by default:
# ActiveSupport::Inflector.inflections(:en) do |inflect|
# inflect.acronym 'RESTful'
# inflect.acronym "RESTful"
# end
45 changes: 0 additions & 45 deletions config/initializers/new_framework_defaults_6_0.rb

This file was deleted.

67 changes: 0 additions & 67 deletions config/initializers/new_framework_defaults_6_1.rb

This file was deleted.

143 changes: 143 additions & 0 deletions config/initializers/new_framework_defaults_7_0.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,143 @@
# Be sure to restart your server when you modify this file.
#
# This file eases your Rails 7.0 framework defaults upgrade.
#
# Uncomment each configuration one by one to switch to the new default.
# Once your application is ready to run with all new defaults, you can remove
# this file and set the `config.load_defaults` to `7.0`.
#
# Read the Guide for Upgrading Ruby on Rails for more info on each option.
# https://guides.rubyonrails.org/upgrading_ruby_on_rails.html

# `button_to` view helper will render `<button>` element, regardless of whether
# or not the content is passed as the first argument or as a block.
Rails.application.config.action_view.button_to_generates_button_tag = true

# `stylesheet_link_tag` view helper will not render the media attribute by default.
Rails.application.config.action_view.apply_stylesheet_media_default = false

# Change the digest class for the key generators to `OpenSSL::Digest::SHA256`.
# Changing this default means invalidate all encrypted messages generated by
# your application and, all the encrypted cookies. Only change this after you
# rotated all the messages using the key rotator.
#
# See upgrading guide for more information on how to build a rotator.
# https://guides.rubyonrails.org/v7.0/upgrading_ruby_on_rails.html
# Rails.application.config.active_support.key_generator_hash_digest_class = OpenSSL::Digest::SHA256

# Change the digest class for ActiveSupport::Digest.
# Changing this default means that for example Etags change and
# various cache keys leading to cache invalidation.
Rails.application.config.active_support.hash_digest_class = OpenSSL::Digest::SHA256

# Don't override ActiveSupport::TimeWithZone.name and use the default Ruby
# implementation.
Rails.application.config.active_support.remove_deprecated_time_with_zone_name = true

# Calls `Rails.application.executor.wrap` around test cases.
# This makes test cases behave closer to an actual request or job.
# Several features that are normally disabled in test, such as Active Record query cache
# and asynchronous queries will then be enabled.
Rails.application.config.active_support.executor_around_test_case = true

# Set both the `:open_timeout` and `:read_timeout` values for `:smtp` delivery method.
Rails.application.config.action_mailer.smtp_timeout = 5

# The ActiveStorage video previewer will now use scene change detection to generate
# better preview images (rather than the previous default of using the first frame
# of the video).
Rails.application.config.active_storage.video_preview_arguments =
"-vf 'select=eq(n\\,0)+eq(key\\,1)+gt(scene\\,0.015),loop=loop=-1:size=2,trim=start_frame=1' -frames:v 1 -f image2"

# Automatically infer `inverse_of` for associations with a scope.
Rails.application.config.active_record.automatic_scope_inversing = true

# Raise when running tests if fixtures contained foreign key violations
Rails.application.config.active_record.verify_foreign_keys_for_fixtures = true

# Disable partial inserts.
# This default means that all columns will be referenced in INSERT queries
# regardless of whether they have a default or not.
Rails.application.config.active_record.partial_inserts = false

# Protect from open redirect attacks in `redirect_back_or_to` and `redirect_to`.
Rails.application.config.action_controller.raise_on_open_redirects = true

# Change the variant processor for Active Storage.
# Changing this default means updating all places in your code that
# generate variants to use image processing macros and ruby-vips
# operations. See the upgrading guide for detail on the changes required.
# The `:mini_magick` option is not deprecated; it's fine to keep using it.
Rails.application.config.active_storage.variant_processor = :vips

# Enable parameter wrapping for JSON.
# Previously this was set in an initializer. It's fine to keep using that initializer if you've customized it.
# To disable parameter wrapping entirely, set this config to `false`.
Rails.application.config.action_controller.wrap_parameters_by_default = true

# Specifies whether generated namespaced UUIDs follow the RFC 4122 standard for namespace IDs provided as a
# `String` to `Digest::UUID.uuid_v3` or `Digest::UUID.uuid_v5` method calls.
#
# See https://guides.rubyonrails.org/configuring.html#config-active-support-use-rfc4122-namespaced-uuids for
# more information.
Rails.application.config.active_support.use_rfc4122_namespaced_uuids = true

# Change the default headers to disable browsers' flawed legacy XSS protection.
Rails.application.config.action_dispatch.default_headers = {
"X-Frame-Options" => "SAMEORIGIN",
"X-XSS-Protection" => "0",
"X-Content-Type-Options" => "nosniff",
"X-Download-Options" => "noopen",
"X-Permitted-Cross-Domain-Policies" => "none",
"Referrer-Policy" => "strict-origin-when-cross-origin"
}


# ** Please read carefully, this must be configured in config/application.rb **
# Change the format of the cache entry.
# Changing this default means that all new cache entries added to the cache
# will have a different format that is not supported by Rails 6.1 applications.
# Only change this value after your application is fully deployed to Rails 7.0
# and you have no plans to rollback.
# When you're ready to change format, add this to `config/application.rb` (NOT this file):
# config.active_support.cache_format_version = 7.0


# Cookie serializer: 2 options
#
# If you're upgrading and haven't set `cookies_serializer` previously, your cookie serializer
# is `:marshal`. The default for new apps is `:json`.
#
# Rails.application.config.action_dispatch.cookies_serializer = :json
#
#
# To migrate an existing application to the `:json` serializer, use the `:hybrid` option.
#
# Rails transparently deserializes existing (Marshal-serialized) cookies on read and
# re-writes them in the JSON format.
#
# It is fine to use `:hybrid` long term; you should do that until you're confident *all* your cookies
# have been converted to JSON. To keep using `:hybrid` long term, move this config to its own
# initializer or to `config/application.rb`.
#
# Rails.application.config.action_dispatch.cookies_serializer = :hybrid
#
#
# If your cookies can't yet be serialized to JSON, keep using `:marshal` for backward-compatibility.
#
# If you have configured the serializer elsewhere, you can remove this section of the file.
#
# See https://guides.rubyonrails.org/action_controller_overview.html#cookies for more information.

# Change the return value of `ActionDispatch::Request#content_type` to the Content-Type header without modification.
Rails.application.config.action_dispatch.return_only_request_media_type_on_content_type = false

# Active Storage `has_many_attached` relationships will default to replacing the current collection instead of appending to it.
# Thus, to support submitting an empty collection, the `file_field` helper will render an hidden field `include_hidden` by default when `multiple_file_field_include_hidden` is set to `true`.
# See https://guides.rubyonrails.org/configuring.html#config-active-storage-multiple-file-field-include-hidden for more information.
Rails.application.config.active_storage.multiple_file_field_include_hidden = true

# ** Please read carefully, this must be configured in config/application.rb (NOT this file) **
# Disables the deprecated #to_s override in some Ruby core classes
# See https://guides.rubyonrails.org/configuring.html#config-active-support-disable-to-s-conversion for more information.
# config.active_support.disable_to_s_conversion = true
6 changes: 6 additions & 0 deletions config/settings.yml
Original file line number Diff line number Diff line change
@@ -31,6 +31,12 @@ development:
host: 'purl.bioontology.org'
prefix: 'https://purl.bioontology.org/ontology'

test:
purl:
enabled: false
host: 'stagepurl.bioontology.org'
prefix: 'https://stagepurl.bioontology.org/ontology'

staging:
links:
release_notes: 'https://github.com/ncbo/bioportal_web_ui/releases'
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
# This migration comes from active_storage (originally 20211119233751)
class RemoveNotNullOnActiveStorageBlobsChecksum < ActiveRecord::Migration[6.0]
def change
return unless table_exists?(:active_storage_blobs)

change_column_null(:active_storage_blobs, :checksum, true)
end
end
23 changes: 11 additions & 12 deletions db/schema.rb
Original file line number Diff line number Diff line change
@@ -10,23 +10,22 @@
#
# It's strongly recommended that you check this file into your version control system.

ActiveRecord::Schema.define(version: 2023_06_16_231337) do

ActiveRecord::Schema[7.0].define(version: 2023_11_30_210229) do
create_table "analytics", id: :integer, charset: "utf8", force: :cascade do |t|
t.string "segment"
t.string "action"
t.string "bp_slice"
t.string "ip"
t.integer "user"
t.text "params"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", precision: nil
t.datetime "updated_at", precision: nil
end

create_table "licenses", charset: "utf8", force: :cascade do |t|
t.text "encrypted_key"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at", precision: nil, null: false
t.datetime "updated_at", precision: nil, null: false
end

create_table "margin_notes", id: :integer, charset: "utf8", force: :cascade do |t|
@@ -39,16 +38,16 @@
t.string "concept_id"
t.string "subject"
t.text "comment"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", precision: nil
t.datetime "updated_at", precision: nil
end

create_table "ontologies", charset: "utf8", force: :cascade do |t|
t.string "acronym", null: false
t.text "new_term_instructions"
t.text "custom_message"
t.datetime "created_at", null: false
t.datetime "updated_at", null: false
t.datetime "created_at", precision: nil, null: false
t.datetime "updated_at", precision: nil, null: false
t.index ["acronym"], name: "index_ontologies_on_acronym", unique: true
end

@@ -62,8 +61,8 @@

create_table "virtual_appliance_users", id: :integer, charset: "utf8", force: :cascade do |t|
t.string "user_id"
t.datetime "created_at"
t.datetime "updated_at"
t.datetime "created_at", precision: nil
t.datetime "updated_at", precision: nil
end

end
124 changes: 70 additions & 54 deletions spec/models/license_spec.rb
Original file line number Diff line number Diff line change
@@ -1,11 +1,27 @@
# frozen_string_literal: true

require 'rails_helper'

RSpec.describe License, type: :model do

include ActiveSupport::Testing::TimeHelpers

before(:all) do
@stage_server_appliance_id = '75872ccc-5019-4733-ac34-01ca7b8bcb3f'

response = JSON.parse(
LinkedData::Client::HTTP.get('https://stagedata.bioontology.org/admin/update_info', {}, raw: true)
)
unless response['appliance_id'].eql?(@stage_server_appliance_id)
puts "\nStaging server appliance ID has changed from %s to %s." % [@stage_server_appliance_id,
response['appliance_id']]
puts 'Test license generated with the old appliance ID will no longer validate.'
puts "Stopping test suite...\n\n"
exit
end
end

# Decryption of below variable: "841b4f58-02e1-4a66-9e27-191f15e16279;Microsoft Corporation;2021-02-14".
let (:encrypted_license_key) {
let(:encrypted_license_key) {
<<~HEREDOC
ds938nK0sdu8AzhtGefz0r7JTH97ncQfuokmwYLGHYbQF4CA1lWVHWwWoM/W\
lzvZlDSE/WSLvXKefOXk6+yrelKgUMcnLy1Q5o6E+jJW6uia77Ivv6Hxl445\
@@ -16,89 +32,90 @@
|a6Bh755yqiviJBFm/XAMS/lA1hhYjR5SKrnQ5vb4/osMutu91j9Z/BSNIknD\
Ia5kNAhlV6Ie0UkjjMbRgAr471TdLFcy2fB05BwG14JU1GM=
HEREDOC
}
}

# This license key was generated using the staging license server, and the
# This license key was generated using the staging license server, and the
# encoded appliance ID matches that of the BioPortal staging environment.
#
#
# Staging license server: https://license.stage.ontoportal.org
# Staging BioPortal instance: https://stage.bioontology.org/
# License information for this encrypted key: https://license.stage.ontoportal.org/licenses/1077
# License information for this encrypted key: https://license.stage.ontoportal.org/licenses/1078
#
# Decryption of below variable: "dd212a7c-29fd-4142-8353-f59a19a79738;BMIR;2021-04-20"
# Decryption of below variable:
# "75872ccc-5019-4733-ac34-01ca7b8bcb3f;Stanford Center for Biomedical Informatics;2021-04-21"
#
let (:encrypted_license_key_staging_env) {
let(:encrypted_license_key_staging_env) {
<<~HEREDOC
WtlzkakMaAKx7NwyuHRnCDVSMQszaEtv7jNiVgBcg9kQeNS69ToFp9Nhvb8F
AANaHtSibb6InYemQABpq+sONg9cp4+pfCTAh5ETmyF8GPrWiwv8DZstMRUO
IL0ws37nFZON8kYyFvWguiqL6U55r6ghaiCpI1tdfelujF4uThMbSQYI+gcN
UdElYm3lO2HNtEdSQ6Z3JeVZ7DtTGcGW9xKVOd1Nefoq+oDwRZ+z2JyMLtfK
xckDRKxzAKBhV43DS64dPXz9xAJwbLTWsGVofwN/1BTQRwimS8V4/Tc0vjha
2H5KyOVIGu1XNfEnIJ0Rbh9SiHflmT0T7JTNFIivNA==
|Sf6udPHZJB3CSRQBRw8CjB4nHEspfpg4fM7NwStIfXhfiDx0W0P0+9NiQkIh
0VlkhKD3ev0hnSDi/x/GazByvg==
bx93dtaUF/SzXgIcAQHtKowDdTil4pO1lU/bL49+5yN9VfE4qweEdEm7/BXH
MFEhIyhdegGBeTFgMuxjQeBlcl1IGPIgHg3RDaUDEu6Kp0TSBfPLhaUgmf0s
aeBkhmOpJ/hvHtOXRe8Vcy1003um7d0Lb5OCDPMq1GIONm5MUa8syJkftOoY
ERJGlFWReWYgaPYua6opvn0kzu/kNKRFO8bqcuRfyrWNchxeHUwj1ayGiXmT
eym1jcD6Vzzd4DmvfP7z7a+u7xJjXKFGyy885mfX7TcSMuD1pQko4DRTfrCJ
g/jNgRpOdoMvCXt/B1zPwY9vV/pBw0mOpanjWAjC7g==
|I7SRc0ymvXcB7yQJ+6radcth3h2NKYtvzYfohP4yHck4qn69oK3mvl5TvJ+R
OTJe7jgOUk6hQ8vn3yozG+9nFwsp6vgHgGSiah5UBAsqlFB4uRxcMM4ZM4iD
6X+O75eZ
HEREDOC
}

it do "decrypts license data"
it 'decrypts license data' do
license = License.create(encrypted_key: encrypted_license_key_staging_env)

expect(license.appliance_id).to eq("dd212a7c-29fd-4142-8353-f59a19a79738")
expect(license.organization).to eq("BMIR")
expect(license.expiry_date).to eq(Date.parse("2021-04-20"))
expect(license.appliance_id).to eq(@stage_server_appliance_id)
expect(license.organization).to eq('Stanford Center for Biomedical Informatics')
expect(license.expiry_date).to eq(Date.parse('2021-04-21'))
end

it do "is a trial license"
license = License.new(encrypted_key: "trial", created_at: Time.current)
it 'is a trial license' do
license = License.new(encrypted_key: 'trial', created_at: Time.current)

expect(license.is_trial?).to eq(true)
end

it do "is not a trial license"
it 'is not a trial license' do
license = License.new(encrypted_key: encrypted_license_key)

expect(license.is_trial?).to eq(false)
end

it do "is in trial period"
license = License.create(encrypted_key: "trial", created_at: Time.current)
it 'is in trial period' do
license = License.create(encrypted_key: 'trial', created_at: Time.current)

travel 15.days do
expect(license.days_remaining).to be > 0
end
end

it do "is out of trial after trial period"
license = License.create(encrypted_key: "trial", created_at: Time.current)
it 'is out of trial after trial period' do
license = License.create(encrypted_key: 'trial', created_at: Time.current)

travel 31.days do
expect(license.days_remaining).to eq(0)
end
end

it do "calculates days remaining"
it 'calculates days remaining' do
license = License.create(encrypted_key: encrypted_license_key_staging_env)

travel_to(Date.parse("2021-03-21")) do
travel_to(Date.parse('2021-03-22')) do
expect(license.days_remaining).to eq(30)
end

travel_to(Date.parse("2021-04-19")) do
travel_to(Date.parse('2021-04-20')) do
expect(license.days_remaining).to eq(1)
end

travel_to(Date.parse("2021-04-20")) do
travel_to(Date.parse('2021-04-21')) do
expect(license.days_remaining).to eq(0)
end

travel_to(Date.parse("2021-05-01")) do
travel_to(Date.parse('2021-05-01')) do
expect(license.days_remaining).to eq(0)
end
end

describe "validation" do

let (:encrypted_license_key_with_missing_characters) {
describe 'validation' do
let(:encrypted_license_key_with_missing_characters) {
<<~HEREDOC
ds938nK0sdu8AzhtGefz0r7JTH97ncQfuokmwYLGHYbQF4CA1lWVHWwWoM/W\
lzvZlDSE/WSLvXKefOXk6+yrelKgUMcnLy1Q5o6E+jJW6uia77Ivv6Hxl445\
@@ -109,36 +126,39 @@
|a6Bh755yqiviJBFm/XAMS/lA1hhYjR5SKrnQ5vb4/osMutu91j9Z/BSNIknD\
Ia5kNAhlV6Ie0UkjjMbRgAr471TdLFcy2fB05BwG14JU
HEREDOC
}
}

it "blocks malformed keys" do
it 'blocks malformed keys' do
license = License.new(encrypted_key: encrypted_license_key_with_missing_characters)

license.valid?

expect(license).to be_invalid
expect(license.errors[:encrypted_key]).to include I18n.t("activerecord.errors.models.license.attributes.encrypted_key.invalid_license_key")
expect(license.errors[:encrypted_key])
.to include(I18n.t('activerecord.errors.models.license.attributes.encrypted_key.invalid_license_key'))
end

it "blocks invalid keys" do
license = License.create(encrypted_key: "lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua")
it 'blocks invalid keys' do
license = License.create(encrypted_key: 'lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do \
eiusmod tempor incididunt ut labore et dolore magna aliqua')

license.valid?

expect(license).to be_invalid
expect(license.errors[:encrypted_key]).to include I18n.t("activerecord.errors.models.license.attributes.encrypted_key.invalid_license_key")
expect(license.errors[:encrypted_key])
.to include(I18n.t('activerecord.errors.models.license.attributes.encrypted_key.invalid_license_key'))
end

it "allows trial licenses" do
license = License.new(encrypted_key: "trial")
it 'allows trial licenses' do
license = License.new(encrypted_key: 'trial')

license.valid?

expect(license).to be_valid
expect(license.errors).to be_empty
end

it "allows valid keys" do
it 'allows valid keys' do
license = License.new(encrypted_key: encrypted_license_key_staging_env)

license.valid?
@@ -147,26 +167,22 @@
expect(license.errors).to be_empty
end

it "blocks licenses with mismatches between encoded appliance IDs and actual" do
it 'blocks licenses with mismatches between encoded appliance IDs and actual' do
license = License.new(encrypted_key: encrypted_license_key)

license.save

expect(license.errors[:encrypted_key]).to include "is an appliance ID mismatch"
expect(license.errors[:encrypted_key]).to include 'is an appliance ID mismatch'
end

end

describe ".current_license" do

it "should return the latest license" do
new_license = License.create(encrypted_key: encrypted_license_key_staging_env, created_at: Time.now + 1.day)
describe '.current_license' do
it 'should return the latest license' do
License.create(encrypted_key: encrypted_license_key_staging_env, created_at: Time.now + 1.day)
newer_license = License.create(encrypted_key: encrypted_license_key_staging_env, created_at: Time.now + 2.days)

expect(License.current_license.count).to eql(1)
expect(License.current_license.first).to eql(newer_license)
end

end

end

0 comments on commit a5b130e

Please sign in to comment.