Upgrade to rails 5.1

.gitignore

@@ -27,6 +27,12 @@ public/404.html
 public/422.html
 public/500.html
 
+# the db/schema.rb. Although this is contrary to rails best-practises, we
+# cannot provide a schema.rb that works for both MySQL and PostgreSQL, so we
+# have no choice. Our migrations are maintained, so it should always be
+# possible to get back to a "clean" database schema anyway.
+db/schema.rb
+
 # Sprites
 app/assets/images/branding-*.png
 app/assets/images/branding/logos-*.png

Gemfile

@@ -1,6 +1,6 @@
 source "https://rubygems.org"
 
-gem "rails", "4.2.9"
+gem "rails", "5.1.3"
 
 # Legacy Rails features, remove me!
 # responders (class level)
@@ -90,7 +90,7 @@ gem "entypo-rails", "3.0.0"
 gem "handlebars_assets", "0.23.2"
 gem "jquery-rails",      "4.3.1"
 gem "js-routes",         "1.3.3"
-gem "js_image_paths",    "0.1.0"
+gem "js_image_paths",    "0.1.1"
 
 source "https://rails-assets.org" do
   gem "rails-assets-jquery",                              "3.2.1" # Should be kept in sync with jquery-rails
@@ -124,7 +124,7 @@ end
 
 gem "http_accept_language", "2.1.1"
 gem "i18n-inflector-rails", "1.0.7"
-gem "rails-i18n",           "4.0.9"
+gem "rails-i18n",           "5.0.4"
 
 # Mail
 
@@ -185,7 +185,7 @@ gem "typhoeus",           "1.1.2"
 
 gem "gon",                     "6.1.0"
 gem "hamlit",                  "2.8.4"
-gem "mobile-fu",               "1.3.1"
+gem "mobile_fu",               "1.4.0"
 gem "rails-timeago",           "2.16.0"
 gem "will_paginate",           "3.1.6"
 
@@ -280,7 +280,6 @@ group :test do
   gem "fuubar",            "2.2.0"
   gem "json-schema-rspec", "0.0.4"
   gem "rspec-json_expectations", "~> 2.1"
-  gem "test_after_commit", "1.1.0"
 
   # Cucumber (integration tests)
 
@@ -315,4 +314,7 @@ group :development, :test do
   gem "jasmine-jquery-rails",      "2.0.3"
   gem "rails-assets-jasmine-ajax", "3.3.1", source: "https://rails-assets.org"
   gem "sinon-rails",               "1.15.0"
+
+  # For `assigns` in controller specs
+  gem "rails-controller-testing", "1.0.2"
 end

Gemfile.lock

@@ -2,44 +2,47 @@ GEM
   remote: https://rubygems.org/
   remote: https://rails-assets.org/
   specs:
-    actionmailer (4.2.9)
-      actionpack (= 4.2.9)
-      actionview (= 4.2.9)
-      activejob (= 4.2.9)
+    actioncable (5.1.3)
+      actionpack (= 5.1.3)
+      nio4r (~> 2.0)
+      websocket-driver (~> 0.6.1)
+    actionmailer (5.1.3)
+      actionpack (= 5.1.3)
+      actionview (= 5.1.3)
+      activejob (= 5.1.3)
       mail (~> 2.5, >= 2.5.4)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
-    actionpack (4.2.9)
-      actionview (= 4.2.9)
-      activesupport (= 4.2.9)
-      rack (~> 1.6)
-      rack-test (~> 0.6.2)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-dom-testing (~> 2.0)
+    actionpack (5.1.3)
+      actionview (= 5.1.3)
+      activesupport (= 5.1.3)
+      rack (~> 2.0)
+      rack-test (~> 0.6.3)
+      rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
-    actionview (4.2.9)
-      activesupport (= 4.2.9)
+    actionview (5.1.3)
+      activesupport (= 5.1.3)
       builder (~> 3.1)
-      erubis (~> 2.7.0)
-      rails-dom-testing (~> 1.0, >= 1.0.5)
+      erubi (~> 1.4)
+      rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
     active_model_serializers (0.9.7)
       activemodel (>= 3.2)
       concurrent-ruby (~> 1.0)
-    activejob (4.2.9)
-      activesupport (= 4.2.9)
-      globalid (>= 0.3.0)
-    activemodel (4.2.9)
-      activesupport (= 4.2.9)
-      builder (~> 3.1)
-    activerecord (4.2.9)
-      activemodel (= 4.2.9)
-      activesupport (= 4.2.9)
-      arel (~> 6.0)
+    activejob (5.1.3)
+      activesupport (= 5.1.3)
+      globalid (>= 0.3.6)
+    activemodel (5.1.3)
+      activesupport (= 5.1.3)
+    activerecord (5.1.3)
+      activemodel (= 5.1.3)
+      activesupport (= 5.1.3)
+      arel (~> 8.0)
     activerecord-import (0.19.1)
       activerecord (>= 3.2)
-    activesupport (4.2.9)
+    activesupport (5.1.3)
+      concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (~> 0.7)
       minitest (~> 5.1)
-      thread_safe (~> 0.3, >= 0.3.4)
       tzinfo (~> 1.1)
     acts-as-taggable-on (5.0.0)
       activerecord (>= 4.2.8)
@@ -49,7 +52,7 @@ GEM
       rack (>= 1.1.0)
     addressable (2.5.1)
       public_suffix (~> 2.0, >= 2.0.2)
-    arel (6.0.4)
+    arel (8.0.0)
     asset_sync (2.2.0)
       activemodel (>= 4.1.0)
       fog-core
@@ -183,7 +186,7 @@ GEM
     entypo-rails (3.0.0)
       railties (>= 4.1, < 6)
     equalizer (0.0.11)
-    erubis (2.7.0)
+    erubi (1.6.1)
     eslintrb (2.1.0)
       execjs
       multi_json (>= 1.3)
@@ -324,8 +327,9 @@ GEM
     js-routes (1.3.3)
       railties (>= 3.2)
       sprockets-rails
-    js_image_paths (0.1.0)
-      rails (~> 4.0)
+    js_image_paths (0.1.1)
+      rails (>= 4.0, < 6.0)
+      sprockets (>= 3.0.0)
     json (2.1.0)
     json-jwt (1.7.2)
       activesupport
@@ -371,7 +375,7 @@ GEM
     mini_magick (4.8.0)
     mini_portile2 (2.2.0)
     minitest (5.10.3)
-    mobile-fu (1.3.1)
+    mobile_fu (1.4.0)
       rack-mobile-detect
       rails
     multi_json (1.12.1)
@@ -430,7 +434,7 @@ GEM
       validate_url
       webfinger (>= 1.0.1)
     orm_adapter (0.5.0)
-    parallel (1.11.2)
+    parallel (1.12.0)
     parser (2.4.0.0)
       ast (~> 2.2)
     pg (0.21.0)
@@ -467,7 +471,7 @@ GEM
       byebug (~> 9.0)
       pry (~> 0.10)
     public_suffix (2.0.5)
-    rack (1.6.8)
+    rack (2.0.3)
     rack-cors (1.0.1)
     rack-google-analytics (1.2.0)
       actionpack
@@ -488,17 +492,18 @@ GEM
       rack
     rack-test (0.6.3)
       rack (>= 1.0)
-    rails (4.2.9)
-      actionmailer (= 4.2.9)
-      actionpack (= 4.2.9)
-      actionview (= 4.2.9)
-      activejob (= 4.2.9)
-      activemodel (= 4.2.9)
-      activerecord (= 4.2.9)
-      activesupport (= 4.2.9)
-      bundler (>= 1.3.0, < 2.0)
-      railties (= 4.2.9)
-      sprockets-rails
+    rails (5.1.3)
+      actioncable (= 5.1.3)
+      actionmailer (= 5.1.3)
+      actionpack (= 5.1.3)
+      actionview (= 5.1.3)
+      activejob (= 5.1.3)
+      activemodel (= 5.1.3)
+      activerecord (= 5.1.3)
+      activesupport (= 5.1.3)
+      bundler (>= 1.3.0)
+      railties (= 5.1.3)
+      sprockets-rails (>= 2.0.0)
     rails-assets-autosize (4.0.0)
     rails-assets-backbone (1.3.3)
       rails-assets-underscore (>= 1.8.3)
@@ -545,23 +550,25 @@ GEM
     rails-assets-markdown-it-sup (1.0.0)
     rails-assets-perfect-scrollbar (0.6.16)
     rails-assets-underscore (1.8.3)
-    rails-deprecated_sanitizer (1.0.3)
-      activesupport (>= 4.2.0.alpha)
-    rails-dom-testing (1.0.8)
-      activesupport (>= 4.2.0.beta, < 5.0)
-      nokogiri (~> 1.6)
-      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-controller-testing (1.0.2)
+      actionpack (~> 5.x, >= 5.0.1)
+      actionview (~> 5.x, >= 5.0.1)
+      activesupport (~> 5.x)
+    rails-dom-testing (2.0.3)
+      activesupport (>= 4.2.0)
+      nokogiri (>= 1.6)
     rails-html-sanitizer (1.0.3)
       loofah (~> 2.0)
-    rails-i18n (4.0.9)
+    rails-i18n (5.0.4)
       i18n (~> 0.7)
-      railties (~> 4.0)
+      railties (~> 5.0)
     rails-timeago (2.16.0)
       actionpack (>= 3.1)
       activesupport (>= 3.1)
-    railties (4.2.9)
-      actionpack (= 4.2.9)
-      activesupport (= 4.2.9)
+    railties (5.1.3)
+      actionpack (= 5.1.3)
+      activesupport (= 5.1.3)
+      method_source
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     rainbow (2.2.2)
@@ -682,8 +689,6 @@ GEM
       tins (~> 1.0)
     terminal-table (1.8.0)
       unicode-display_width (~> 1.1, >= 1.1.1)
-    test_after_commit (1.1.0)
-      activerecord (>= 3.2)
     thor (0.19.1)
     thread_safe (0.3.6)
     tilt (2.0.8)
@@ -803,7 +808,7 @@ DEPENDENCIES
   jasmine-jquery-rails (= 2.0.3)
   jquery-rails (= 4.3.1)
   js-routes (= 1.3.3)
-  js_image_paths (= 0.1.0)
+  js_image_paths (= 0.1.1)
   json (= 2.1.0)
   json-schema (= 2.8.0)
   json-schema-rspec (= 0.0.4)
@@ -812,7 +817,7 @@ DEPENDENCIES
   markerb (= 1.1.0)
   mini_magick (= 4.8.0)
   minitest
-  mobile-fu (= 1.3.1)
+  mobile_fu (= 1.4.0)
   mysql2 (= 0.4.8)
   nokogiri (= 1.8.0)
   omniauth (= 1.6.1)
@@ -836,7 +841,7 @@ DEPENDENCIES
   rack-piwik (= 0.3.0)
   rack-rewrite (= 1.5.1)
   rack-ssl (= 1.4.1)
-  rails (= 4.2.9)
+  rails (= 5.1.3)
   rails-assets-autosize (= 4.0.0)!
   rails-assets-backbone (= 1.3.3)!
   rails-assets-blueimp-gallery (= 2.25.2)!
@@ -859,7 +864,8 @@ DEPENDENCIES
   rails-assets-markdown-it-sub (= 1.0.0)!
   rails-assets-markdown-it-sup (= 1.0.0)!
   rails-assets-perfect-scrollbar (= 0.6.16)!
-  rails-i18n (= 4.0.9)
+  rails-controller-testing (= 1.0.2)
+  rails-i18n (= 5.0.4)
   rails-timeago (= 2.16.0)
   rb-fsevent (= 0.10.2)
   rb-inotify (= 0.9.10)
@@ -883,7 +889,6 @@ DEPENDENCIES
   spring-commands-rspec (= 1.0.4)
   sprockets-rails (= 3.2.0)
   string-direction (= 1.2.0)
-  test_after_commit (= 1.1.0)
   thor (= 0.19.1)
   timecop (= 0.9.1)
   turbo_dev_assets (= 0.0.2)

app/assets/javascripts/mobile/mobile_file_uploader.js

@@ -33,7 +33,6 @@ function createUploader(){
         $("#fileInfo-publisher").text(fileName + " " + progress + "%");
       },
       onSubmit: function() {
-        $("#file-upload-publisher").addClass("loading");
         $("#publisher_textarea_wrapper").addClass("with_attachments");
         $("#photodropzone").append(
           "<li class='publisher_photo loading' style='position:relative;'>" +

app/assets/stylesheets/bootstrap-complete.scss

@@ -1,7 +1,7 @@
 // Calling this file bootstrap would cause an infinite recursion during asset compilation.
 @import "bootstrap-sprockets";
 @import "bootstrap-variables"; //our overwrites of bootstrap variables
-@import "bootstrap";
+@import "_bootstrap";
 
 // Plugins
 

app/controllers/admin/admin_controller.rb

@@ -1,8 +1,6 @@
 module Admin
   class AdminController < ApplicationController
-
-    before_filter :authenticate_user!
-    before_filter :redirect_unless_admin
-
+    before_action :authenticate_user!
+    before_action :redirect_unless_admin
   end
 end

app/controllers/api/openid_connect/authorizations_controller.rb

@@ -205,7 +205,7 @@ def auth_user_unless_prompt_none!
         if prompt && prompt.include?("none")
           handle_prompt_none
         elsif prompt && prompt.include?("login")
-          new_params = params.except("controller", "action").merge(prompt: prompt.remove("login"))
+          new_params = params.except("controller", "action").permit!.to_h.merge(prompt: prompt.remove("login"))
           reauthenticate(new_params)
         else
           authenticate_user!

app/controllers/api/openid_connect/token_endpoint_controller.rb

@@ -8,7 +8,8 @@ def create
         if req["client_assertion_type"] == "urn:ietf:params:oauth:client-assertion-type:jwt-bearer"
           handle_jwt_bearer(req)
         end
-        self.status, response.headers, self.response_body = Api::OpenidConnect::TokenEndpoint.new.call(request.env)
+        self.status, headers, self.response_body = Api::OpenidConnect::TokenEndpoint.new.call(request.env)
+        headers.each {|name, value| response.headers[name] = value }
         nil
       end
 

app/controllers/application_controller.rb

@@ -5,7 +5,7 @@
 class ApplicationController < ActionController::Base
   before_action :force_tablet_html
   has_mobile_fu
-  protect_from_forgery except: :receive, with: :exception
+  protect_from_forgery except: :receive, with: :exception, prepend: true
 
   rescue_from ActionController::InvalidAuthenticityToken do
     if user_signed_in?