[hotfix][Webapp] Bump rails to 5.2.5 [DAH-751] (#1444)

* [hotfix][Webapp] Bump rails to 5.2.5 [DAH-751] * add new framework defaults * fix rspec tests * update new framework defaults comment
SFDigitalServices · Apr 1, 2021 · 97041d1 · 97041d1
1 parent e0507c0
commit 97041d1
Show file tree

Hide file tree

Showing 5 changed files with 124 additions and 73 deletions.
diff --git a/Gemfile b/Gemfile
@@ -7,7 +7,7 @@ git_source(:github) do |repo_name|
   "https://github.com/#{repo_name}.git"
 end
 
-gem 'rails', '~> 5.1.7'
+gem 'rails', '~> 5.2.5'
 
 # Use SCSS for stylesheets
 gem 'sass-rails', '~> 5.0'

diff --git a/Gemfile.lock b/Gemfile.lock
@@ -21,44 +21,48 @@ GIT
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (5.1.7)
-      actionpack (= 5.1.7)
+    actioncable (5.2.5)
+      actionpack (= 5.2.5)
       nio4r (~> 2.0)
-      websocket-driver (~> 0.6.1)
-    actionmailer (5.1.7)
-      actionpack (= 5.1.7)
-      actionview (= 5.1.7)
-      activejob (= 5.1.7)
+      websocket-driver (>= 0.6.1)
+    actionmailer (5.2.5)
+      actionpack (= 5.2.5)
+      actionview (= 5.2.5)
+      activejob (= 5.2.5)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
     actionmailer-text (0.1.1)
       actionmailer
       htmlentities
-    actionpack (5.1.7)
-      actionview (= 5.1.7)
-      activesupport (= 5.1.7)
-      rack (~> 2.0)
+    actionpack (5.2.5)
+      actionview (= 5.2.5)
+      activesupport (= 5.2.5)
+      rack (~> 2.0, >= 2.0.8)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.2)
     actionpack-page_caching (1.2.3)
       actionpack (>= 5.0.0)
-    actionview (5.1.7)
-      activesupport (= 5.1.7)
+    actionview (5.2.5)
+      activesupport (= 5.2.5)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.0.3)
-    activejob (5.1.7)
-      activesupport (= 5.1.7)
+    activejob (5.2.5)
+      activesupport (= 5.2.5)
       globalid (>= 0.3.6)
-    activemodel (5.1.7)
-      activesupport (= 5.1.7)
-    activerecord (5.1.7)
-      activemodel (= 5.1.7)
-      activesupport (= 5.1.7)
-      arel (~> 8.0)
-    activesupport (5.1.7)
+    activemodel (5.2.5)
+      activesupport (= 5.2.5)
+    activerecord (5.2.5)
+      activemodel (= 5.2.5)
+      activesupport (= 5.2.5)
+      arel (>= 9.0)
+    activestorage (5.2.5)
+      actionpack (= 5.2.5)
+      activerecord (= 5.2.5)
+      marcel (~> 1.0.0)
+    activesupport (5.2.5)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 0.7, < 2)
       minitest (~> 5.1)
@@ -69,7 +73,7 @@ GEM
       railties (>= 4.2, < 6)
       sprockets (>= 3.0, < 5)
       tilt
-    arel (8.0.0)
+    arel (9.0.0)
     ast (2.4.0)
     awesome_print (1.8.0)
     bcrypt (3.1.13)
@@ -96,7 +100,7 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    concurrent-ruby (1.1.6)
+    concurrent-ruby (1.1.8)
     connection_pool (2.2.2)
     crack (0.4.3)
       safe_yaml (~> 1.0.0)
@@ -126,7 +130,7 @@ GEM
     easypost (3.0.1)
       multi_json (>= 1.3.0)
       rest-client (>= 1.7)
-    erubi (1.9.0)
+    erubi (1.10.0)
     erubis (2.7.0)
     excon (0.71.0)
     execjs (2.7.0)
@@ -174,7 +178,7 @@ GEM
       domain_name (~> 0.5)
     http-form_data (1.0.3)
     http_parser.rb (0.6.0)
-    i18n (1.8.3)
+    i18n (1.8.10)
       concurrent-ruby (~> 1.0)
     image_optimizer (1.7.2)
     iniparse (1.4.4)
@@ -194,26 +198,27 @@ GEM
       railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
     json (1.8.6)
-    loofah (2.6.0)
+    loofah (2.9.0)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.7.1)
       mini_mime (>= 0.1.1)
+    marcel (1.0.0)
     memcachier (0.0.2)
     method_source (0.9.2)
     mime-types (3.2.2)
       mime-types-data (~> 3.2015)
     mime-types-data (3.2019.0331)
     mini_magick (4.9.5)
-    mini_mime (1.0.2)
+    mini_mime (1.0.3)
     mini_portile2 (2.5.0)
-    minitest (5.14.1)
+    minitest (5.14.4)
     multi_json (1.13.1)
     multipart-post (2.1.1)
     netrc (0.11.0)
     newrelic_rpm (6.4.0.356)
-    nio4r (2.5.2)
-    nokogiri (1.11.0)
+    nio4r (2.5.7)
+    nokogiri (1.11.2)
       mini_portile2 (~> 2.5.0)
       racc (~> 1.4)
     oj (3.7.12)
@@ -251,17 +256,18 @@ GEM
     rack-rewrite (1.5.1)
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (5.1.7)
-      actioncable (= 5.1.7)
-      actionmailer (= 5.1.7)
-      actionpack (= 5.1.7)
-      actionview (= 5.1.7)
-      activejob (= 5.1.7)
-      activemodel (= 5.1.7)
-      activerecord (= 5.1.7)
-      activesupport (= 5.1.7)
+    rails (5.2.5)
+      actioncable (= 5.2.5)
+      actionmailer (= 5.2.5)
+      actionpack (= 5.2.5)
+      actionview (= 5.2.5)
+      activejob (= 5.2.5)
+      activemodel (= 5.2.5)
+      activerecord (= 5.2.5)
+      activestorage (= 5.2.5)
+      activesupport (= 5.2.5)
       bundler (>= 1.3.0)
-      railties (= 5.1.7)
+      railties (= 5.2.5)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.4)
       actionpack (>= 5.0.1.x)
@@ -282,14 +288,14 @@ GEM
       json
       require_all (~> 2.0)
       ruby-progressbar
-    railties (5.1.7)
-      actionpack (= 5.1.7)
-      activesupport (= 5.1.7)
+    railties (5.2.5)
+      actionpack (= 5.2.5)
+      activesupport (= 5.2.5)
       method_source
       rake (>= 0.8.7)
-      thor (>= 0.18.1, < 2.0)
+      thor (>= 0.19.0, < 2.0)
     rainbow (3.0.0)
-    rake (13.0.1)
+    rake (13.0.3)
     rb-fsevent (0.10.3)
     rb-inotify (0.10.0)
       ffi (~> 1.0)
@@ -374,7 +380,7 @@ GEM
     sprockets (3.7.2)
       concurrent-ruby (~> 1.0)
       rack (> 1, < 3)
-    sprockets-rails (3.2.1)
+    sprockets-rails (3.2.2)
       actionpack (>= 4.0)
       activesupport (>= 4.0)
       sprockets (>= 3.0.0)
@@ -385,7 +391,7 @@ GEM
     thor (0.19.4)
     thread_safe (0.3.6)
     tilt (2.0.9)
-    tzinfo (1.2.7)
+    tzinfo (1.2.9)
       thread_safe (~> 0.1)
     uglifier (3.2.0)
       execjs (>= 0.3.0, < 3)
@@ -400,7 +406,7 @@ GEM
       addressable (>= 2.3.6)
       crack (>= 0.3.2)
       hashdiff
-    websocket-driver (0.6.5)
+    websocket-driver (0.7.3)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
 
@@ -453,7 +459,7 @@ DEPENDENCIES
   rack (>= 2.2.3)
   rack-cors (~> 1.0.5)
   rack-rewrite (~> 1.5.0)
-  rails (~> 5.1.7)
+  rails (~> 5.2.5)
   rails-controller-testing
   rails_autoscale_agent
   rails_best_practices

diff --git a/config/initializers/new_framework_defaults.rb b/config/initializers/new_framework_defaults.rb
@@ -6,8 +6,6 @@
 #
 # Read the Guide for Upgrading Ruby on Rails for more info on each option.
 
-Rails.application.config.action_controller.raise_on_unfiltered_parameters = true
-
 # Enable per-form CSRF tokens. Previous versions had false.
 Rails.application.config.action_controller.per_form_csrf_tokens = false
 
@@ -17,6 +15,3 @@
 # Make Ruby 2.4 preserve the timezone of the receiver when calling `to_time`.
 # Previous versions had false.
 ActiveSupport.to_time_preserves_timezone = false
-
-# Do not halt callback chains when a callback returns false. Previous versions had true.
-ActiveSupport.halt_callback_chains_on_return_false = true
diff --git a/config/initializers/new_framework_defaults_5_2.rb b/config/initializers/new_framework_defaults_5_2.rb
@@ -0,0 +1,36 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains migration options to ease your Rails 5.2 upgrade.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+
+# Make Active Record use stable #cache_key alongside new #cache_version method.
+# This is needed for recyclable cache keys.
+Rails.application.config.active_record.cache_versioning = true
+
+# Use AES-256-GCM authenticated encryption for encrypted cookies.
+# Also, embed cookie expiry in signed or encrypted cookies for increased security.
+#
+# This option is not backwards compatible with earlier Rails versions.
+# It's best enabled when your entire app is migrated and stable on 5.2.
+#
+# Existing cookies will be converted on read then written with the new scheme.
+# Rails.application.config.action_dispatch.use_authenticated_cookie_encryption = true
+
+# Use AES-256-GCM authenticated encryption as default cipher for encrypting messages
+# instead of AES-256-CBC, when use_authenticated_message_encryption is set to true.
+Rails.application.config.active_support.use_authenticated_message_encryption = true
+
+# Add default protection from forgery to ActionController::Base instead of in
+# ApplicationController.
+Rails.application.config.action_controller.default_protect_from_forgery = true
+
+# Store boolean values are in sqlite3 databases as 1 and 0 instead of 't' and
+# 'f' after migrating old data.
+Rails.application.config.active_record.sqlite3.represent_boolean_as_integer = true
+
+# Use SHA-1 instead of MD5 to generate non-sensitive digests, such as the ETag header.
+Rails.application.config.active_support.use_sha1_digests = true
+
+# Make `form_with` generate id attributes for any generated HTML tags.
+Rails.application.config.action_view.form_with_generates_ids = true
diff --git a/spec/controllers/overrides/registrations_controller_spec.rb b/spec/controllers/overrides/registrations_controller_spec.rb
@@ -29,6 +29,14 @@
     }
   end
 
+  let!(:user) do
+    @user ||= User.create(
+      email: '[email protected]',
+      password: 'somepassword',
+      password_confirmation: 'somepassword',
+    )
+  end
+
   before(:each) do
     @request.env['devise.mapping'] = Devise.mappings[:user]
   end
@@ -47,34 +55,40 @@
   end
 
   describe '#update' do
-    # We no longer override the update method, but we want to confirm that email
-    # change confirmation emails are being sent.
     let(:user_update_params) do
       {
         user: {
-          id: 1,
-          email: '[email protected]',
+          email: '[email protected]',
         },
       }
     end
 
-    it 'sends a reconfirmation email when email address is updated' do
-      allow(Force::AccountService)
-        .to receive(:create_or_update)
-        .and_return(salesforce_response)
+    before(:each) do
+      user.update(allow_password_change: true)
+
+      # Mocking for token authentication
+      allow(controller).to receive(:update_auth_header).and_return(true)
+      allow(controller).to receive(:set_user_by_token).and_return(user)
+      allow(controller).to receive(:set_request_start).and_return(true)
+      controller.instance_variable_set(:@resource, user)
+    end
 
+    # We no longer override the update method, but we want to confirm that email
+    # change confirmation emails are being sent.
+    it 'sends a reconfirmation email when email address is updated' do
       message_delivery = instance_double(ActionMailer::MessageDelivery)
-      # Expect 2 emails, once for original confirmation, and once for email change.
-      expect(Emailer)
-        .to receive(:confirmation_instructions)
-        .twice
+      expect(Emailer).to receive(:confirmation_instructions)
+        .once
         .and_return(message_delivery)
-      allow(message_delivery).to receive(:deliver_later)
-      # First, create the valid user
-      post :create, params: valid_user_params
-      @resource = assigns(:resource)
-      # Then update the user
+      expect(message_delivery).to receive(:deliver_later).once
+
+      expect(assigns(:resource).uid).to eq '[email protected]'
+
       put :update, params: user_update_params
+
+      expect(assigns(:resource).uid).to eq '[email protected]'
+
+      expect(response.status).to eq 200
     end
   end
 end