diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml
index f2bd4b3464..b05c9807c9 100644
--- a/.github/workflows/eslint.yml
+++ b/.github/workflows/eslint.yml
@@ -8,9 +8,19 @@ jobs:
runs-on: ubuntu-latest
steps:
+ # Checkout the repo
- uses: actions/checkout@v2
- # Will run ES Lint checks on javascript files
+ # Install Node
+ - uses: actions/setup-node@v2
+ with:
+ cache: 'yarn'
+
+ # Run yarn install for JS dependencies
+ - name: 'Yarn Install'
+ run: yarn install
+
+ # Run the ES Lint checks on javascript files
# https://github.com/marketplace/actions/run-eslint
- name: 'ES Lint checks'
uses: stefanoeb/eslint-action@1.0.0
diff --git a/.github/workflows/mysql.yml b/.github/workflows/mysql.yml
index 740bd53d1f..6c6a4395fb 100644
--- a/.github/workflows/mysql.yml
+++ b/.github/workflows/mysql.yml
@@ -6,6 +6,7 @@ jobs:
mysql:
runs-on: ubuntu-latest
+ # Define environment variables for MySQL and Rails
env:
DB_ADAPTER: mysql2
MYSQL_PWD: root
@@ -14,94 +15,59 @@ jobs:
steps:
# Checkout the repo
- uses: actions/checkout@v2
- with:
- fetch-depth: 1
-
- - name: 'Install MySQL Packages'
- run: |
- sudo apt-get update
- sudo apt-get install -y mysql-client libmysqlclient-dev
- - name: 'Determine Ruby and Bundler Versions from Gemfile.lock'
- run: |
- echo "RUBY_VERSION=`cat ./Gemfile.lock | grep -A 1 'RUBY VERSION' | grep 'ruby' | grep -oE '[0-9]\.[0-9]'`" >> $GITHUB_ENV
- echo "BUNDLER_VERSION=`cat ./Gemfile.lock | grep -A 1 'BUNDLED WITH' | grep -oE '[0-9]\.[0-9]'`" >> $GITHUB_ENV
+ # Install Ruby and run bundler
+ - uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: 2.6.3
+ bundler-cache: true
- - name: 'Install Ruby'
- uses: actions/setup-ruby@v1
+ # Install Node
+ - uses: actions/setup-node@v2
with:
- ruby-version: ${{ env.RUBY_VERSION }}
+ cache: 'yarn'
# Copy all of the example configs over
- name: 'Setup Default Configuration'
run: |
- # Make copies of all the example config files
cp config/database.yml.sample config/database.yml
cp config/initializers/contact_us.rb.example config/initializers/contact_us.rb
cp config/initializers/wicked_pdf.rb.example config/initializers/wicked_pdf.rb
- # Try to retrieve the gems from the cache
- - name: 'Cache Gems'
- uses: actions/cache@v2.1.5
- with:
- path: vendor/bundle
- key: ${{ runner.os }}-gem-${{ hashFiles('**/Gemfile.lock') }}
- restore-keys: |
- ${{ runner.os }}-gem-
-
- - name: 'Bundle Install'
- run: |
- gem install bundler -v ${{ env.BUNDLER_VERSION }}
- bundle config path vendor/bundle
- bundle install --jobs 4 --retry 3 --without pgsql rollbar aws
-
+ # Stub out the Rails credentials file so that we can start the Rails app
- name: 'Setup Credentials'
- run: |
- # generate a default credential file and key
- EDITOR='echo "$(cat config/credentials.yml.example)" >' bundle exec rails credentials:edit
-
- # Try to retrieve the yarn JS dependencies from the cache
- - name: 'Cache Yarn Packages'
- uses: actions/cache@v2.1.5
- with:
- path: node_modules/
- key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
- restore-keys: |
- ${{ runner.os }}-build-${{ env.cache-name }}-
- ${{ runner.os }}-build-
- ${{ runner.os }}-yarn-
- ${{ runner.os }}-
+ run: EDITOR='echo "$(cat config/credentials.yml.example)" >' bundle exec rails credentials:edit
+ # Set the path to the wkhtmltopdf executable
- name: 'Determine wkhtmltopdf location'
run: echo "WICKED_PDF_PATH=`bundle exec which wkhtmltopdf`" >> $GITHUB_ENV
+ # Run yarn install for JS dependencies
- name: 'Yarn Install'
- run: |
- yarn install
+ run: yarn install
+ # Start the DB server and initialize the DB
- name: 'Start MySQL'
- run: sudo systemctl start mysql
-
- - name: 'Setup Test DB'
- run: bin/rails db:setup RAILS_ENV=test
-
- - name: 'Migrate DB'
- run: bin/rails db:migrate RAILS_ENV=test
-
- - name: 'Compile Assets'
run: |
- bin/rails webpacker:compile
- bin/rails assets:precompile
+ sudo systemctl start mysql
+ bin/rails db:setup RAILS_ENV=test
+ bin/rails db:migrate RAILS_ENV=test
+
+ # Prebuild the CSS, JS and image assets
+ - name: 'Precompile all of the Assets'
+ run: bin/rails assets:precompile
+ # Run the JS tests
- name: 'Run Karma Tests'
run: yarn test
+ # Run the unit and functional tests
- name: 'Run Rspec Unit and Functional Tests'
run: |
bin/bundle exec rspec spec/models/ spec/policies/ spec/services/ spec/helpers/
bin/bundle exec rspec spec/controllers/ spec/presenters/ spec/requests/ spec/views
bin/bundle exec rspec spec/mixins/
- # Only run Integration tests if the PR or Push is to master or development branches
+ # Run the time consuming integration tests (using Chrome headless browser)
- name: 'Run Rspec Integration Tests'
run: bin/bundle exec rspec spec/features/
diff --git a/.github/workflows/postgres.yml b/.github/workflows/postgres.yml
index 5681a97364..504983a12a 100644
--- a/.github/workflows/postgres.yml
+++ b/.github/workflows/postgres.yml
@@ -23,6 +23,7 @@ jobs:
--health-timeout 5s
--health-retries 5
+ # Define environment variables for Postgres and Rails
env:
RAILS_ENV: test
DATABASE_URL: postgres://postgres:@localhost:5432/roadmap_test
@@ -30,92 +31,67 @@ jobs:
steps:
# Checkout the repo
- uses: actions/checkout@v2
+
+ # Install Ruby and run bundler
+ - uses: ruby/setup-ruby@v1
+ with:
+ ruby-version: 2.6.3
+ bundler-cache: true
+
+ # Install Node
+ - uses: actions/setup-node@v2
with:
- fetch-depth: 1
+ cache: 'yarn'
+ # Install the Postgres developer packages
- name: 'Install Postgresql Packages'
run: |
sudo apt-get update
sudo apt-get install libpq-dev
- - name: 'Determine Ruby and Bundler Versions from Gemfile.lock'
- run: |
- echo "RUBY_VERSION=`cat ./Gemfile.lock | grep -A 1 'RUBY VERSION' | grep 'ruby' | grep -oE '[0-9]\.[0-9]'`" >> $GITHUB_ENV
- echo "BUNDLER_VERSION=`cat ./Gemfile.lock | grep -A 1 'BUNDLED WITH' | grep -oE '[0-9]\.[0-9]'`" >> $GITHUB_ENV
-
- # Install Ruby - using the version found in the Gemfile.lock
- - name: 'Install Ruby'
- uses: actions/setup-ruby@v1
- with:
- ruby-version: ${{ env.RUBY_VERSION }}
-
# Copy all of the example configs over
- name: 'Setup Default Configuration'
run: |
- # Make copies of all the example config files
cp config/database.yml.sample config/database.yml
cp config/initializers/contact_us.rb.example config/initializers/contact_us.rb
cp config/initializers/wicked_pdf.rb.example config/initializers/wicked_pdf.rb
- # Try to retrieve the gems from the cache
- - name: 'Cache Gems'
- uses: actions/cache@v2.1.5
- with:
- path: vendor/bundle
- key: ${{ runner.os }}-gem-${{ hashFiles('**/Gemfile.lock') }}
- restore-keys: |
- ${{ runner.os }}-gem-
-
- - name: 'Bundle Install'
- run: |
- gem install bundler -v ${{ env.BUNDLER_VERSION }}
- bundle config path vendor/bundle
- bundle install --jobs 4 --retry 3 --without mysql rollbar aws
-
+ # Stub out the Rails credentials file so that we can start the Rails app
- name: 'Setup Credentials'
run: |
# generate a default credential file and key
EDITOR='echo "$(cat config/credentials.yml.example)" >' bundle exec rails credentials:edit
- # Try to retrieve the yarn JS dependencies from the cache
- - name: 'Cache Yarn Packages'
- uses: actions/cache@v2.1.5
- with:
- path: node_modules/
- key: ${{ runner.os }}-yarn-${{ hashFiles('**/yarn.lock') }}
- restore-keys: |
- ${{ runner.os }}-build-${{ env.cache-name }}-
- ${{ runner.os }}-build-
- ${{ runner.os }}-yarn-
- ${{ runner.os }}-
-
+ # Set the path to the wkhtmltopdf executable
- name: 'Determine wkhtmltopdf location'
run: echo "WICKED_PDF_PATH=`bundle exec which wkhtmltopdf`" >> $GITHUB_ENV
+ # Run yarn install for JS dependencies
- name: 'Yarn Install'
run: |
yarn install
+ # Initialize the DB
- name: 'Setup Test DB'
- run: bin/rails db:setup RAILS_ENV=test
-
- - name: 'Migrate DB'
- run: bin/rails db:migrate RAILS_ENV=test
+ run: |
+ bin/rails db:setup RAILS_ENV=test
+ bin/rails db:migrate RAILS_ENV=test
+ # Prebuild the CSS, JS and image assets
- name: 'Compile Assets'
- run: |
- bin/rails webpacker:compile
- bin/rails assets:precompile
+ run: bin/rails assets:precompile
+ # Run the JS tests
- name: 'Run Karma Tests'
run: yarn test
+ # Run the unit and functional tests
- name: 'Run Rspec Unit and Functional Tests'
run: |
bin/rspec spec/models/ spec/policies/ spec/services/ spec/helpers/
bin/rspec spec/controllers/ spec/presenters/ spec/requests/ spec/views
bin/rspec spec/mixins/
- # Integration Tests are only run if PR or Push is to master or development branches
+ # Run the time consuming integration tests (using Chrome headless browser)
- name: 'Run Integration Tests'
run: bin/rspec spec/features/
diff --git a/.github/workflows/rubocop.yml b/.github/workflows/rubocop.yml
index 085bbb0183..0fd54b1cc4 100644
--- a/.github/workflows/rubocop.yml
+++ b/.github/workflows/rubocop.yml
@@ -7,24 +7,15 @@ jobs:
runs-on: ubuntu-latest
steps:
+ # Checkout the repo
- uses: actions/checkout@v2
- - name: 'Determine Ruby and Bundler Versions from Gemfile.lock'
- run: |
- echo "RUBY_VERSION=`cat ./Gemfile.lock | grep -A 1 'RUBY VERSION' | grep 'ruby' | grep -oE '[0-9]\.[0-9]'`" >> $GITHUB_ENV
- echo "BUNDLER_VERSION=`cat ./Gemfile.lock | grep -A 1 'BUNDLED WITH' | grep -oE '[0-9]\.[0-9]'`" >> $GITHUB_ENV
-
- # Install Ruby - using the version found in the Gemfile.lock
- - name: 'Install Ruby'
- uses: actions/setup-ruby@v1
+ # Install Ruby and run bundler
+ - uses: ruby/setup-ruby@v1
with:
- ruby-version: ${{ env.RUBY_VERSION }}
-
- - name: 'Bundle Install'
- run: |
- gem install bundler -v ${{ env.BUNDLER_VERSION }}
- bundle config path vendor/bundle
- bundle install --jobs 4 --retry 3 --without pgsql rollbar aws
+ ruby-version: 2.6.3
+ bundler-cache: true
+ # Run the Rubocop linter checks
- name: 'Run Rubocop'
run: bin/rubocop
diff --git a/.rubocop.yml b/.rubocop.yml
index af6bbac1ba..5a9465c8f2 100644
--- a/.rubocop.yml
+++ b/.rubocop.yml
@@ -1,179 +1,186 @@
+# ----------------
+# - INSTRUCTIONS -
+# ----------------
+# The DMPRoadmap codebase tries to follow the latest Ruby/Rails style guidelines as defined
+# by the community via the Rubocop gem.
+#
+# Before submitting a PR, please run `bin/rubocop` from the project root.
+# Note that you can specify individual files or folders e.g.: `bin/rubocop app/mailers`
+# Note you can let Rubocop auto-correct many issues with the `-a` flag
+#
+# New versions of Rubocop typically include new Cops (Cops are inidivual Rubocop rules).
+# If you see a message like the following when you run `bin/rubocop`:
+#
+# "The following cops were added to RuboCop, but are not configured. Please set Enabled
+# to either `true` or `false` in your `.rubocop.yml` file."
+#
+# You should copy and paste the specified Cops into this file. You can review what the
+# Cop will do by Googling the name of the rule e.g.: "rubocop Layout/SpaceBeforeBrackets"
+#
+# After you review the rule, you can either Enable it or Disable it in this file. The
+# Rubocop documentation for the Cop may also give you additional options that can be
+# configured.
+#
+# Try to place any new Cops under their relevant section and in alphabetical order
+
AllCops:
- # Cache the results for faster processing
- UseCache: true
# Show the name of the cops being voilated in the feedback
DisplayCopNames: true
DisplayStyleGuide: true
+
+ # Rubocop will skip checking the following directories
Exclude:
- 'bin/**/*'
- 'db/**/*'
- 'vendor/**/*'
- 'node_modules/**/*'
- - 'test/**/*'
- - 'lib/tasks/*'
+ - 'scripts/**/*'
-# Force no empty lines at the start or end of a block's body. Ignore specs, since this
-# improves readability within the RSpec blocks.
-Layout/EmptyLinesAroundBlockBody:
- Exclude:
- - 'spec/**/*'
+ # Automatically add any new Cops to this file and enable them
+ NewCops: enable
-# Force a single blank line around a class's body. Adding this whitespace makes code
-# a bit easier to read.
-Layout/EmptyLinesAroundClassBody:
- Enabled: true
- EnforcedStyle: empty_lines
-
-# Force a single blank line around a module's body. Adding this whitespace makes code
-# a bit easier to read.
-Layout/EmptyLinesAroundModuleBody:
- Enabled: true
- EnforcedStyle: empty_lines
+ # Cache the results for faster processing
+ UseCache: true
-# Ignore this cop. The Rubocop default is sensible, but the rubocop-rails gem modifies
-# this to position end keywords awkwardly.
-Layout/EndAlignment:
+# -----------
+# - GEMSPEC -
+# -----------
+Gemspec/DateAssignment: # new in 1.10
Enabled: true
- EnforcedStyleAlignWith: keyword
-
-# The difference between `rails` and `normal` is that the `rails` style
-# prescribes that in classes and modules the `protected` and `private`
-# modifier keywords shall be indented the same as public methods and that
-# protected and private members shall be indented one step more than the
-# modifiers. Other than that, both styles mean that entities on the same
-# logical depth shall have the same indentation.
-Layout/IndentationConsistency:
- Description: 'Keep indentation straight.'
- StyleGuide: '#spaces-indentation'
- Enabled: true
- EnforcedStyle: normal
-Layout/IndentationWidth:
- Description: 'Use 2 spaces for indentation.'
- StyleGuide: '#spaces-indentation'
+# ----------
+# - LAYOUT -
+# ----------
+Layout/LineEndStringConcatenationIndentation: # new in 1.18
Enabled: true
-
-# Restrict the length of each line of code to 90 characters. Enforcing this is important
-# as many developers are working on smaller screens, or split screens. Having to scroll
-# to read a full line of code makes code harder to read and more frustrating to work with.
-Layout/LineLength:
- # I've found that 90 is a suitable limit. Many developers balk at the 80 character
- # default.
- Max: 100
-
-Layout/EmptyLinesAroundAttributeAccessor:
+Layout/SpaceBeforeBrackets: # new in 1.7
Enabled: true
-Layout/SpaceAroundMethodCallOperator:
+# --------
+# - LINT -
+# --------
+Lint/AmbiguousAssignment: # new in 1.7
Enabled: true
-
-# Enforce this in the main code but ignore it in specs since the Rspec core methods
-# are defined as potentially ambiguous blocks
Lint/AmbiguousBlockAssociation:
Exclude:
- 'spec/**/*'
-
-Lint/DeprecatedOpenSSLConstant:
+Lint/AmbiguousOperatorPrecedence: # new in 1.21
Enabled: true
-
-Lint/MixedRegexpCaptureTypes:
+Lint/AmbiguousRange: # new in 1.19
Enabled: true
-
-Lint/RaiseException:
+Lint/DeprecatedConstants: # new in 1.8
Enabled: true
-
-Lint/StructNewOverride:
+Lint/DuplicateBranch: # new in 1.3
+ Enabled: true
+Lint/DuplicateRegexpCharacterClassElement: # new in 1.1
+ Enabled: true
+Lint/EmptyBlock: # new in 1.1
+ Enabled: true
+Lint/EmptyClass: # new in 1.3
+ Enabled: true
+Lint/EmptyInPattern: # new in 1.16
+ Enabled: true
+Lint/IncompatibleIoSelectWithFiberScheduler: # new in 1.21
+ Enabled: true
+Lint/LambdaWithoutLiteralBlock: # new in 1.8
+ Enabled: true
+Lint/NoReturnInBeginEndBlocks: # new in 1.2
+ Enabled: true
+Lint/NumberedParameterAssignment: # new in 1.9
+ Enabled: true
+Lint/OrAssignmentToConstant: # new in 1.9
+ Enabled: true
+Lint/RedundantDirGlobSort: # new in 1.8
+ Enabled: true
+Lint/RequireRelativeSelfPath: # new in 1.22
+ Enabled: true
+Lint/SymbolConversion: # new in 1.9
+ Enabled: true
+Lint/ToEnumArguments: # new in 1.1
+ Enabled: true
+Lint/TripleQuotes: # new in 1.9
+ Enabled: true
+Lint/UnexpectedBlockArity: # new in 1.5
+ Enabled: true
+Lint/UnmodifiedReduceAccumulator: # new in 1.1
Enabled: true
-# Bumping the default AbcSize so we don't need to refactor everything
-Metrics/AbcSize:
- Max: 25
-
-# Restrict the number of lines of code that may be within a block of code. This should
-# force developers to break their code into smaller discrete methods or objects.
-Metrics/BlockLength:
- # Exclude specs, since those are defined as large blocks of code
- Exclude:
- - 'spec/**/*'
-
-# Bumping the default ClassLength so we don't need to refactor everything
+# -----------
+# - METRICS -
+# -----------
+# briley Oct. 4th 2021
+# Default is 100 lines. Most of our controllers, models, etc. violate this
+# Cop, so setting it to 300 since we do not have time to refactor everything
Metrics/ClassLength:
Max: 300
-
-# Bumping the default CyclomaticComplexity so we don't need to refactor everything
-Metrics/CyclomaticComplexity:
- Max: 25
-
-# Bumping the default MethodLength so we don't need to refactor everything
+# briley Oct. 4th 2021
+# Default is 10 lines which feels very restrictive but would also require us to do
+# too much refactoring at this point.
Metrics/MethodLength:
- Max: 25
-
-# Bumping the default PerceivedComplexity so we don't need to refactor everything
-Metrics/PerceivedComplexity:
- Max: 25
+ Max: 20
-# This cop enforces the use of boolean and/or "&&" and "||" over "and" "or".
-# Sometimes using "and"/"or" is preferrable, when these are used as control flow.
-#
-# For example:
-#
-# render text: "Hello world" and return
-#
-Style/AndOr:
- Enabled: false
-
-# This cop enforces how modules and classes are nested within another module or class.
-# In Rails code (e.g. models and controllers) nesting with a colon is preferrable (e.g.
-# User::Session).
-Style/ClassAndModuleChildren:
+# mnicholson Oct. 6th 2021
+# Default lenght for block is 25 lines, which it would be very restrictive for
+# the Rspec views methods. So I'll just exclude some files.
+Metrics/BlockLength:
Exclude:
- - 'app/**/*'
+ - 'lib/tasks/*.rake'
+ - 'lib/tasks/utils/*.rake'
+ - 'spec/**/*'
-# This cop enforces each class to have documentation at the top. That's not always
-# practical or necessary in Rails apps (e.g. the purpose of helpers is self evident).
-Style/Documentation:
- Enabled: false
+ IgnoredMethods: ['describe', 'context', 'task', 'namespace']
-# Enforce empty methods to be written across two lines, like any normal method would be.
-# This allows for easy modification of the method in future.
-Style/EmptyMethod:
+# ------------
+# - SECURITY -
+# ------------
+Security/IoMethods: # new in 1.22
Enabled: true
- EnforcedStyle: expanded
-# Leave the string formatting style as `"some text %{value}" % { value: "text" }`
-# since we're uncertain what effect `format` and `sprintf` may have on the Fastgetext
-# markup `_("text")`
-Style/FormatString:
- EnforcedStyle: percent
-
-# Prefer the use of `"some %{token} text"` instead of `some %
A data librarian from %{org_name} will respond to your request within 48 + format(_("
A data librarian from %
The following %{object_types} will be moved over to '%{org_name}':
") % { - object_types: entries.first.class.name.pluralize, - org_name: to_org_name - } + html = format(_("The following %
<%= plan.template.title %> | -<%= plan.owner.org.name %> | -<%= plan.owner.name(false) %> | +<%= plan.owner&.org&.name %> | +<%= plan.owner&.name(false) %> | <%= l(plan.updated_at.to_date, formats: :short) %> |
<%= plan.visibility === 'is_test' ? _('Test') : sanitize(display_visibility(plan.visibility)) %>
diff --git a/app/views/plans/_project_details.html.erb b/app/views/plans/_project_details.html.erb
index 10d913c6bb..125d3cabfc 100644
--- a/app/views/plans/_project_details.html.erb
+++ b/app/views/plans/_project_details.html.erb
@@ -192,7 +192,7 @@ ethics_report_tooltip = _("Link to a protocol from a meeting with an ethics comm
autocomplete: "off",
aria: { required: false } %>
<%= grant_fields.hidden_field :value %>
- Grant number: <%= plan.grant&.value %>
+ <%= _("Grant number:") -%> <%= plan.grant&.value %>
<% else %>
<%= grant_fields.text_field(:value, class: "form-control",
data: { toggle: "tooltip" },
diff --git a/app/views/plans/export.xml.builder b/app/views/plans/export.xml.builder
index e45e8449ed..b7ae35fca6 100644
--- a/app/views/plans/export.xml.builder
+++ b/app/views/plans/export.xml.builder
@@ -2,9 +2,9 @@
xml.instruct!
# rubocop:disable Metrics/BlockLength
-xml.plan("id" => @plan.id) do
- xml.project(@plan.project.title, "id" => @plan.project.id)
- xml.phase(@plan.version.phase.title, "id" => @plan.version.phase.id)
+xml.plan('id' => @plan.id) do
+ xml.project(@plan.project.title, 'id' => @plan.project.id)
+ xml.phase(@plan.version.phase.title, 'id' => @plan.version.phase.id)
details = @exported_plan.admin_details
if details.present?
@@ -18,22 +18,22 @@ xml.plan("id" => @plan.id) do
xml.sections do
@exported_plan.sections.each do |section|
- xml.section("id" => section.id, "number" => section.number, "title" => section.title) do
+ xml.section('id' => section.id, 'number' => section.number, 'title' => section.title) do
xml.answers do
questions = @exported_plan.questions_for_section(section.id)
questions.each do |question|
- xml.question("id" => question.id, "number" => question.number,
- "question_format" => question.question_format) do
+ xml.question('id' => question.id, 'number' => question.number,
+ 'question_format' => question.question_format) do
q_format = question.question_format
xml.question_text question.text
answer = @plan.answer(question.id, false)
unless answer.nil?
- xml.answer("id" => answer.id) do # should add user and date info here
- if q_format.title == _("Check box") || q_format.title == _("Multi select box") ||
- q_format.title == _("Radio buttons") || q_format.title == _("Dropdown")
+ xml.answer('id' => answer.id) do # should add user and date info here
+ if q_format.title == _('Check box') || q_format.title == _('Multi select box') ||
+ q_format.title == _('Radio buttons') || q_format.title == _('Dropdown')
xml.selections do
answer.options.each do |option|
- xml.selection(option.text, "id" => option.id, "number" => option.number)
+ xml.selection(option.text, 'id' => option.id, 'number' => option.number)
end
end
xml.comment_text answer.text if question.option_comment_display == true
diff --git a/app/views/shared/export/_plan.erb b/app/views/shared/export/_plan.erb
index f5c2e45e83..423de9ae25 100644
--- a/app/views/shared/export/_plan.erb
+++ b/app/views/shared/export/_plan.erb
@@ -78,7 +78,7 @@
<%# case for displaying comments OR text %> <% elsif !blank %> - <%= sanitize answer.text %> + <%= sanitize answer&.text %> <% end %> <% end %> diff --git a/app/views/shared/export/_plan_coversheet.erb b/app/views/shared/export/_plan_coversheet.erb index df16331646..370fdf2338 100644 --- a/app/views/shared/export/_plan_coversheet.erb +++ b/app/views/shared/export/_plan_coversheet.erb @@ -3,9 +3,7 @@ <%= _("A Data Management Plan created using %{application_name}") % { application_name: ApplicationService.application_name } %>
- <%# Using tags as the htmltoword gem does not recognise css styles defined %>
- <%# Allow raw html (==) for plan_attribution as it has tags %>
- <%== plan_attribution(@hash[:attribution]) %> + <%= _("Creator:") %><%= @hash[:attribution] %> <%= _("Affiliation: ") %><%= @hash[:affiliation] %> diff --git a/app/views/shared/export/_plan_txt.erb b/app/views/shared/export/_plan_txt.erb index fd8ce323e6..32f83e8303 100644 --- a/app/views/shared/export/_plan_txt.erb +++ b/app/views/shared/export/_plan_txt.erb @@ -1,7 +1,7 @@ <%= "#{@plan.title}" %> <%= "----------------------------------------------------------\n" %> <% if @show_coversheet %> -<%= @hash[:attribution].many? ? _("Creators: ") : _('Creator:') %> <%= @hash[:attribution].join(', ') %> +<%= @hash[:attribution].length > 1 ? _("Creators: ") : _('Creator:') %> <%= @hash[:attribution].join(', ') %> <%= _("Affiliation: ") + @hash[:affiliation] %> <% if @hash[:funder].present? %> <%= _("Template: ") + @hash[:funder] %> @@ -24,7 +24,7 @@ <% @hash[:phases].each do |phase| %> <%# Only render selected phase %> <% if phase[:title] == @selected_phase.title %> -<%= (@hash[:phases].many? ? "#{phase[:title]}" : "") %> +<%= (@hash[:phases].length > 1 ? "#{phase[:title]}" : "") %> <% phase[:sections].each do |section| %> <% if display_section?(@hash[:customization], section, @show_custom_sections) && num_section_questions(@plan, section, phase) > 0 %> <% if @show_sections_questions %> diff --git a/config.ru b/config.ru index 08dee95cd3..4eb3d8a92b 100644 --- a/config.ru +++ b/config.ru @@ -1,8 +1,8 @@ # frozen_string_literal: true # This file is used by Rack-based servers to start the application. -require File.expand_path(File.dirname(__FILE__) + "/config/environment") +require File.expand_path("#{File.dirname(__FILE__)}/config/environment") -map ENV["RAILS_RELATIVE_URL_ROOT"] || "/" do +map ENV['RAILS_RELATIVE_URL_ROOT'] || '/' do run DMPRoadmap::Application end diff --git a/config/application.rb b/config/application.rb index ea737baa8c..d1d65c2638 100644 --- a/config/application.rb +++ b/config/application.rb @@ -1,19 +1,18 @@ # frozen_string_literal: true -require_relative "boot" +require_relative 'boot' -require "rails/all" +require 'rails/all' -require "csv" +require 'csv' # Require the gems listed in Gemfile, including any gems # you've limited to :test, :development, or :production. Bundler.require(*Rails.groups) module DMPRoadmap - + # DMPRoadmap application class Application < Rails::Application - # Initialize configuration defaults for originally generated Rails version. config.load_defaults 5.2 @@ -47,7 +46,5 @@ class Application < Rails::Application # Set the default host for mailer URLs config.action_mailer.default_url_options = { host: Socket.gethostname.to_s } - end - end diff --git a/config/boot.rb b/config/boot.rb index aef6d031ee..c04863fa7d 100644 --- a/config/boot.rb +++ b/config/boot.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__) +ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../Gemfile', __dir__) -require "bundler/setup" # Set up gems listed in the Gemfile. -require "bootsnap/setup" # Speed up boot time by caching expensive operations. +require 'bundler/setup' # Set up gems listed in the Gemfile. +require 'bootsnap/setup' # Speed up boot time by caching expensive operations. diff --git a/config/brakeman.ignore b/config/brakeman.ignore index 7460461fd8..0ccd7ed98b 100644 --- a/config/brakeman.ignore +++ b/config/brakeman.ignore @@ -7,7 +7,7 @@ "check_name": "SQL", "message": "Possible SQL injection", "file": "app/models/user.rb", - "line": 396, + "line": 400, "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/", "code": "User.where(\"LOWER(#{field}) = :value\", :value => val.to_s.downcase)", "render_path": null, @@ -20,6 +20,26 @@ "confidence": "Medium", "note": "" }, + { + "warning_type": "SQL Injection", + "warning_code": 0, + "fingerprint": "a5ed3314d376e328714a71d1bc2d560e63c241e5722e5fdf7ad6f29717db9259", + "check_name": "SQL", + "message": "Possible SQL injection", + "file": "app/controllers/concerns/paginable.rb", + "line": 152, + "link": "https://brakemanscanner.org/docs/warning_types/sql_injection/", + "code": "scope.search(@args.with_indifferent_access[:search]).order(ActiveRecord::Base.sanitize_sql(@args.with_indifferent_access[:sort_field].partition(\".\").last).to_sym => sort_direction.to_s).includes(@args.with_indifferent_access[:sort_field].partition(\".\").first.singularize.to_sym).order(\"#{ActiveRecord::Base.sanitize_sql(@args.with_indifferent_access[:sort_field])} #{sort_direction}\")", + "render_path": null, + "location": { + "type": "method", + "class": "Paginable", + "method": "refine_query" + }, + "user_input": "sort_direction", + "confidence": "Weak", + "note": "" + }, { "warning_type": "Redirect", "warning_code": 18, @@ -27,7 +47,7 @@ "check_name": "Redirect", "message": "Possible unprotected redirect", "file": "app/controllers/plans_controller.rb", - "line": 364, + "line": 394, "link": "https://brakemanscanner.org/docs/warning_types/redirect/", "code": "redirect_to(Plan.deep_copy(Plan.find(params[:id])), :notice => success_message(Plan.deep_copy(Plan.find(params[:id])), _(\"copied\")))", "render_path": null, @@ -47,7 +67,7 @@ "check_name": "Redirect", "message": "Possible unprotected redirect", "file": "app/controllers/orgs_controller.rb", - "line": 131, + "line": 141, "link": "https://brakemanscanner.org/docs/warning_types/redirect/", "code": "redirect_to(\"#{shib_login_url}?#{shib_callback_url}{\"entityID=#{Identifier.by_scheme_name(\"shibboleth\", \"Org\").where(:identifiable => Org.where(:id => shib_params[:org_id])).first.value}\"}\")", "render_path": null, @@ -61,6 +81,6 @@ "note": "" } ], - "updated": "2020-12-17 10:14:39 -0800", - "brakeman_version": "4.10.0" + "updated": "2021-11-03 09:56:48 -0700", + "brakeman_version": "5.1.1" } diff --git a/config/environment.rb b/config/environment.rb index 7df99e89c6..d5abe55806 100644 --- a/config/environment.rb +++ b/config/environment.rb @@ -1,7 +1,7 @@ # frozen_string_literal: true # Load the Rails application. -require_relative "application" +require_relative 'application' # Initialize the Rails application. Rails.application.initialize! diff --git a/config/environments/development.rb b/config/environments/development.rb index d222d888a1..6180a5db75 100644 --- a/config/environments/development.rb +++ b/config/environments/development.rb @@ -16,12 +16,12 @@ # Enable/disable caching. By default caching is disabled. # Run rails dev:cache to toggle caching. - if Rails.root.join("tmp", "caching-dev.txt").exist? + if Rails.root.join('tmp', 'caching-dev.txt').exist? config.action_controller.perform_caching = true config.cache_store = :memory_store config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{2.days.to_i}" + 'Cache-Control' => "public, max-age=#{2.days.to_i}" } else config.action_controller.perform_caching = false @@ -39,14 +39,14 @@ # settings for mailcatcher config.action_mailer.delivery_method = :smtp - config.action_mailer.smtp_settings = { address: "mailcatcher", port: 1025 } + config.action_mailer.smtp_settings = { address: 'mailcatcher', port: 1025 } # Print deprecation notices to the Rails logger. config.active_support.deprecation = :log # Use the lowest log level to ensure availability of diagnostic information # when problems arise. - config.log_level = ENV["RAILS_LOG_LEVEL"]&.to_sym || :debug + config.log_level = ENV['RAILS_LOG_LEVEL']&.to_sym || :debug # Raise an error on page load if there are pending migrations. config.active_record.migration_error = :page_load @@ -71,4 +71,4 @@ end # Used by Rails' routes url_helpers (typically when including a link in an email) -Rails.application.routes.default_url_options[:host] = "localhost:3000" +Rails.application.routes.default_url_options[:host] = 'localhost:3000' diff --git a/config/environments/production.rb b/config/environments/production.rb index 7b640d4973..91c4b08438 100644 --- a/config/environments/production.rb +++ b/config/environments/production.rb @@ -22,7 +22,7 @@ # Disable serving static files from the `/public` folder by default since # Apache or NGINX already handles this. - config.public_file_server.enabled = ENV["RAILS_SERVE_STATIC_FILES"].present? + config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present? # Compress JavaScripts and CSS. # config.assets.css_compressor = :sass @@ -53,7 +53,7 @@ # Use the lowest log level to ensure availability of diagnostic information # when problems arise. - config.log_level = ENV["RAILS_LOG_LEVEL"]&.to_sym || :info + config.log_level = ENV['RAILS_LOG_LEVEL']&.to_sym || :info # Prepend all log lines with the following tags. config.log_tags = [:request_id] @@ -85,8 +85,8 @@ # require 'syslog/logger' # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name') - if ENV["RAILS_LOG_TO_STDOUT"].present? - logger = ActiveSupport::Logger.new(STDOUT) + if ENV['RAILS_LOG_TO_STDOUT'].present? + logger = ActiveSupport::Logger.new($stdout) logger.formatter = config.log_formatter config.logger = ActiveSupport::TaggedLogging.new(logger) end @@ -94,6 +94,5 @@ # Do not dump schema after migrations. config.active_record.dump_schema_after_migration = false end - # Used by Rails' routes url_helpers (typically when including a link in an email) -Rails.application.routes.default_url_options[:host] = "example.org" +Rails.application.routes.default_url_options[:host] = 'example.org' diff --git a/config/environments/test.rb b/config/environments/test.rb index 8d4fac41a4..0825f8d56a 100644 --- a/config/environments/test.rb +++ b/config/environments/test.rb @@ -17,7 +17,7 @@ # Configure public file server for tests with Cache-Control for performance. config.public_file_server.enabled = true config.public_file_server.headers = { - "Cache-Control" => "public, max-age=#{1.hour.to_i}" + 'Cache-Control' => "public, max-age=#{1.hour.to_i}" } # Disable fragment caching used in ExternalApis and OrgSelection services @@ -53,4 +53,4 @@ end # Used by Rails' routes url_helpers (typically when including a link in an email) -Rails.application.routes.default_url_options[:host] = "example.org" +Rails.application.routes.default_url_options[:host] = 'example.org' diff --git a/config/initializers/_dmproadmap.rb b/config/initializers/_dmproadmap.rb index 0d44e72c5f..2886e46178 100644 --- a/config/initializers/_dmproadmap.rb +++ b/config/initializers/_dmproadmap.rb @@ -1,6 +1,6 @@ # frozen_string_literal: true -require "csv" +require 'csv' # DMPRoadmap constants # @@ -14,39 +14,39 @@ # # This file's name begins with an underscore so that it is processed first and its # values are available to all other initializers within this directory! -# rubocop:disable Layout/LineLength module DMPRoadmap - + # Base configuration for the DMPRoadmap system class Application < Rails::Application - # --------------------- # # ORGANISATION SETTINGS # # --------------------- # # Your organisation name, used in various places throught the application - config.x.organisation.name = "Curation Center" + config.x.organisation.name = 'Curation Center' # Your organisation's abbreviation - config.x.organisation.abbreviation = "CC" + config.x.organisation.abbreviation = 'CC' # Your organisation's homepage, used in some of the public facing pages - config.x.organisation.url = "https://github.com/DMPRoadmap/roadmap/wiki" + config.x.organisation.url = 'https://github.com/DMPRoadmap/roadmap/wiki' # Your organisation's legal (official) name - used in the copyright portion of the footer - config.x.organisation.copywrite_name = "Curation Centre (CC)" + config.x.organisation.copywrite_name = 'Curation Centre (CC)' # This email is used as the 'from' address for emails generated by the application - config.x.organisation.email = "tester@example.org" + config.x.organisation.email = 'tester@example.org' # This email is used as the 'from' address for the feedback_complete email to users - config.x.organisation.do_not_reply_email "do-not-reply@cc_curation_centre.org" + config.x.organisation.do_not_reply_email 'do-not-reply@cc_curation_centre.org' # This email is used in email communications - config.x.organisation.helpdesk_email = "help@example.org" + config.x.organisation.helpdesk_email = 'help@example.org' # Your organisation's telephone number - used on the contact us page - config.x.organisation.telephone = "+1-123-123-1234" + config.x.organisation.telephone = '+1-123-123-1234' # Your organisation's address - used on the contact us page + # rubocop:disable Naming/VariableNumber config.x.organisation.address = { - line_1: "Princess Elisabeth Station", - line_2: "123 Freezing Cold Street", - line_3: "Suite 123", - line_4: "Polar Vortex, ABC-345", - country: "Antarctica" + line_1: 'Princess Elisabeth Station', + line_2: '123 Freezing Cold Street', + line_3: 'Suite 123', + line_4: 'Polar Vortex, ABC-345', + country: 'Antarctica' } + # rubocop:enable Naming/VariableNumber # The Google maps link to your organisation's location - used to display the # Google map on the contact us page. @@ -55,7 +55,7 @@ class Application < Rails::Application # once the menu opens, click the 'share or embed' link and the 'embed' tab on # the dialog window that opens. DO NOT place the entire |