From 8845854eec0b7358d0d821a71de8426e31b30038 Mon Sep 17 00:00:00 2001
From: Matteo Bronkhorst <32799956+DrumsnChocolate@users.noreply.github.com>
Date: Fri, 29 Nov 2024 23:22:33 +0100
Subject: [PATCH] Manually merge staging into master (#956)

* chore(deps): update dependency paranoia to v3 (#931)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Edited the env file (#944)

* edited the env file

* changed company name to UTF-8

* chore(deps): update dependency puma to '~> 6.4.0' [security] (#935)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update actions/delete-package-versions action to v5 (#906)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update dependency rails to v7.0.8.1 [security] (#918)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update docker/build-push-action action to v6 (#928)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update docker/login-action action to v3 (#886)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* feat(tests): add code coverage reporting (#891)

* feat(tests): add code coverage reporting

* fix: correct coverage path

* refactor: use simplecov-lcov

* fix: indentation in Gemfile.lock

* fix: remove test filters

* feat(README): add badge

* refactor: try tokenless report uploading

* chore: update codecov-action

* chore: update codecov-action

* fix(cd): pass CODECOV_TOKEN To ci

* Revert "chore(deps): update docker/login-action action to v3 (#886)" (#951)

This reverts commit d546681f8b0ca25b867fc2bc34192928991e6ff9. due to CI failure

* chore(deps): update codecov/codecov-action action to v5 (#950)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update dependency puma to v6.4.3 [security] (#948)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore(deps): update actions/upload-artifact action to v4 (#949)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* Refractor/tomato to sofia (#947)

* Intial commit

* updated apliction.rb

* Fixed mistake in credentials

* Made it so the file is backwards compatiable

* Fixed a typo

* Update amber_oauth2.rb

remove tomato paramater

* Remove development title lux ad mosam (#946)

* intial commit

* Fix typo

* update tomato to sofia

* updated with suggestion

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: lodewiges <131907615+lodewiges@users.noreply.github.com>
Co-authored-by: Guido de Jong <35309288+guidojw@users.noreply.github.com>
---
 .env.example                                 |   6 +-
 .github/workflows/cleanup-registry.yml       |   2 +-
 .github/workflows/continuous-delivery.yml    |   1 +
 .github/workflows/continuous-integration.yml |  21 ++-
 .github/workflows/publish-image.yml          |   2 +-
 Gemfile                                      |   5 +-
 Gemfile.lock                                 | 162 +++++++++----------
 README.md                                    |   3 +-
 app/models/payment.rb                        |   2 +-
 app/views/partials/_footer.html.erb          |   4 +-
 config/application.rb                        |   4 +-
 config/credentials.yml.enc                   |   2 +-
 config/environments/production.rb            |   2 +-
 lib/omniauth/strategies/amber_oauth2.rb      |   2 +-
 spec/spec_helper.rb                          |  13 +-
 15 files changed, 123 insertions(+), 108 deletions(-)

diff --git a/.env.example b/.env.example
index f98c69fb8..2667f8681 100644
--- a/.env.example
+++ b/.env.example
@@ -18,10 +18,10 @@ TREASURER_NAME=
 TREASURER_PHONE=
 
 AUTHORIZE_URL=/oauth/authorize
-TOKEN_URL=/oauth/token
-ME_URL=/oauth/me
+TOKEN_URL=/api/v1/oauth/token
+ME_URL=/api/v1/users?filter[me]&include="active_groups"
 
-COMPANY_NAME=Stichting Sociëteit Flux
+COMPANY_NAME=Stichting Societeit Flux
 COMPANY_IBAN=NL68 INGB 0008 1654 20
 COMPANY_ADDRESS=Oude Markt 24-3, 7511 GB Enschede
 COMPANY_WEBSITE=https://societeitflux.nl
diff --git a/.github/workflows/cleanup-registry.yml b/.github/workflows/cleanup-registry.yml
index 32b82f8df..f7b50d9d2 100644
--- a/.github/workflows/cleanup-registry.yml
+++ b/.github/workflows/cleanup-registry.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Delete untagged images
-        uses: actions/delete-package-versions@0d39a63126868f5eefaa47169615edd3c0f61e20 # v4.1.1
+        uses: actions/delete-package-versions@e5bc658cc4c965c472efe991f8beea3981499c55 # v5.0.0
         with:
           package-name: ${{ github.event.repository.name }}
           package-type: container
diff --git a/.github/workflows/continuous-delivery.yml b/.github/workflows/continuous-delivery.yml
index 738ed981c..ae51732d9 100644
--- a/.github/workflows/continuous-delivery.yml
+++ b/.github/workflows/continuous-delivery.yml
@@ -124,6 +124,7 @@ jobs:
     with:
       sha: ${{ needs.merge.outputs.sha }}
     secrets:
+      codecov_token: ${{ secrets.CODECOV_TOKEN }}
       rails_master_key: ${{ secrets.RAILS_MASTER_KEY }}
 
   publish_image:
diff --git a/.github/workflows/continuous-integration.yml b/.github/workflows/continuous-integration.yml
index 4510d3309..df42dd331 100644
--- a/.github/workflows/continuous-integration.yml
+++ b/.github/workflows/continuous-integration.yml
@@ -12,6 +12,9 @@ on:
         required: false
         type: string
     secrets:
+      codecov_token:
+        description: Codecov token
+        required: true
       rails_master_key:
         description: The Rails master key
         required: true
@@ -119,5 +122,21 @@ jobs:
         env:
           RAILS_MASTER_KEY: ${{ secrets.RAILS_MASTER_KEY }}
         run: |
+          mkdir coverage
           docker run -e POSTGRES_USER=postgres -e POSTGRES_PASSWORD=postgres -e POSTGRES_HOST=localhost -e \
-            RAILS_MASTER_KEY --network=host app bin/ci.sh spec
+            RAILS_MASTER_KEY --network=host -v "$(pwd)"'/coverage:/app/coverage' app bin/ci.sh spec
+
+      - name: Upload coverage report to Codecov
+        if: ${{ !cancelled() }}
+        uses: codecov/codecov-action@015f24e6818733317a2da2edd6290ab26238649a # v5.0.7
+        with:
+          fail_ci_if_error: true
+          token: ${{ secrets.CODECOV_TOKEN }}
+
+      - name: Upload coverage report artifact
+        if: ${{ !cancelled() }}
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        with:
+          name: coverage
+          path: coverage/
+          if-no-files-found: error
diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml
index e36865db1..3d65f8977 100644
--- a/.github/workflows/publish-image.yml
+++ b/.github/workflows/publish-image.yml
@@ -68,7 +68,7 @@ jobs:
 
       - name: Build and push image
         id: build_push_image
-        uses: docker/build-push-action@0565240e2d4ab88bba5387d719585280857ece09 # v5.0.0
+        uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0
         with:
           push: true
           context: .
diff --git a/Gemfile b/Gemfile
index a667c3383..1caa202cc 100644
--- a/Gemfile
+++ b/Gemfile
@@ -21,9 +21,9 @@ gem 'omniauth', '~> 2.0.0'
 gem 'omniauth-oauth2', '~> 1.7.0'
 gem 'omniauth-rails_csrf_protection', '~> 1.0'
 gem 'paper_trail', '~> 14.0.0'
-gem 'paranoia', '~> 2.6.0'
+gem 'paranoia', '~> 3.0.0'
 gem 'pg', '~> 1.3.0'
-gem 'puma', '~> 6.1.1'
+gem 'puma', '~> 6.4.0'
 gem 'pundit', '~> 2.2.0'
 gem 'rack-attack', '~> 6.6.0'
 gem 'rails', '~> 7.0.4', '>= 7.0.4.3'
@@ -79,6 +79,7 @@ group :test do
   gem 'rubocop-rails'
   gem 'rubocop-rspec'
   gem 'simplecov', require: false
+  gem 'simplecov-lcov', '~> 0.8.0', require: false
   gem 'terminal-notifier-guard'
   gem 'timecop'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
index 1d59c3a6c..f8ccbf2bf 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -1,67 +1,67 @@
 GEM
   remote: https://rubygems.org/
   specs:
-    actioncable (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actioncable (7.0.8.6)
+      actionpack (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailbox (7.0.8.6)
+      actionpack (= 7.0.8.6)
+      activejob (= 7.0.8.6)
+      activerecord (= 7.0.8.6)
+      activestorage (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       mail (>= 2.7.1)
       net-imap
       net-pop
       net-smtp
-    actionmailer (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailer (7.0.8.6)
+      actionpack (= 7.0.8.6)
+      actionview (= 7.0.8.6)
+      activejob (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       mail (~> 2.5, >= 2.5.4)
       net-imap
       net-pop
       net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (7.0.4.3)
-      actionview (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      rack (~> 2.0, >= 2.2.0)
+    actionpack (7.0.8.6)
+      actionview (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
+      rack (~> 2.0, >= 2.2.4)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actiontext (7.0.8.6)
+      actionpack (= 7.0.8.6)
+      activerecord (= 7.0.8.6)
+      activestorage (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       globalid (>= 0.6.0)
       nokogiri (>= 1.8.5)
-    actionview (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionview (7.0.8.6)
+      activesupport (= 7.0.8.6)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.1, >= 1.2.0)
-    activejob (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activejob (7.0.8.6)
+      activesupport (= 7.0.8.6)
       globalid (>= 0.3.6)
-    activemodel (7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activerecord (7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activestorage (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activemodel (7.0.8.6)
+      activesupport (= 7.0.8.6)
+    activerecord (7.0.8.6)
+      activemodel (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
+    activestorage (7.0.8.6)
+      actionpack (= 7.0.8.6)
+      activejob (= 7.0.8.6)
+      activerecord (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (7.0.4.3)
+    activesupport (7.0.8.6)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
@@ -100,7 +100,7 @@ GEM
       sidekiq (>= 6.0)
     coderay (1.1.3)
     colorize (0.8.1)
-    concurrent-ruby (1.2.2)
+    concurrent-ruby (1.3.4)
     connection_pool (2.3.0)
     consistency_fail (0.3.7)
     crass (1.0.6)
@@ -183,7 +183,7 @@ GEM
       domain_name (~> 0.5)
     http-form_data (2.3.0)
     http_parser.rb (0.8.0)
-    i18n (1.13.0)
+    i18n (1.14.6)
       concurrent-ruby (~> 1.0)
     jbuilder (2.11.5)
       actionview (>= 5.0.0)
@@ -222,7 +222,7 @@ GEM
       net-imap
       net-pop
       net-smtp
-    marcel (1.0.2)
+    marcel (1.0.4)
     method_source (1.0.0)
     mime-types (3.4.1)
       mime-types-data (~> 3.2015)
@@ -230,39 +230,35 @@ GEM
     mina (1.2.4)
       open4 (~> 1.3.4)
       rake
-    mini_mime (1.1.2)
-    mini_portile2 (2.8.2)
+    mini_mime (1.1.5)
+    mini_portile2 (2.8.8)
     mini_racer (0.6.2)
       libv8-node (~> 16.10.0.0)
-    minitest (5.18.0)
+    minitest (5.24.1)
     mollie-api-ruby (4.7.1)
     msgpack (1.5.2)
     multi_json (1.15.0)
     multi_xml (0.6.0)
     nenv (0.3.0)
-    net-imap (0.2.3)
+    net-imap (0.2.4)
       digest
       net-protocol
       strscan
-    net-pop (0.1.1)
-      digest
+    net-pop (0.1.2)
       net-protocol
-      timeout
     net-protocol (0.1.3)
       timeout
     net-scp (3.0.0)
       net-ssh (>= 2.6.5, < 7.0.0)
-    net-smtp (0.3.1)
-      digest
+    net-smtp (0.3.4)
       net-protocol
-      timeout
     net-ssh (6.1.0)
     netrc (0.11.0)
-    nio4r (2.5.8)
-    nokogiri (1.14.3)
+    nio4r (2.7.4)
+    nokogiri (1.14.5)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
-    nokogiri (1.14.3-x86_64-linux)
+    nokogiri (1.14.5-x86_64-linux)
       racc (~> 1.4)
     notiffany (0.1.3)
       nenv (~> 0.1)
@@ -289,8 +285,8 @@ GEM
       activerecord (>= 6.0)
       request_store (~> 1.4)
     parallel (1.22.1)
-    paranoia (2.6.0)
-      activerecord (>= 5.1, < 7.1)
+    paranoia (3.0.0)
+      activerecord (>= 6, < 8.1)
     parser (3.1.2.0)
       ast (~> 2.4.1)
     pg (1.3.5)
@@ -303,13 +299,13 @@ GEM
     pry-rails (0.3.9)
       pry (>= 0.10.4)
     public_suffix (4.0.7)
-    puma (6.1.1)
+    puma (6.4.3)
       nio4r (~> 2.0)
     pundit (2.2.0)
       activesupport (>= 3.0.0)
     raabro (1.4.0)
     racc (1.6.2)
-    rack (2.2.7)
+    rack (2.2.10)
     rack-attack (6.6.1)
       rack (>= 1.0, < 3)
     rack-protection (3.0.2)
@@ -318,20 +314,20 @@ GEM
       rack
     rack-test (2.1.0)
       rack (>= 1.3)
-    rails (7.0.4.3)
-      actioncable (= 7.0.4.3)
-      actionmailbox (= 7.0.4.3)
-      actionmailer (= 7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actiontext (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    rails (7.0.8.6)
+      actioncable (= 7.0.8.6)
+      actionmailbox (= 7.0.8.6)
+      actionmailer (= 7.0.8.6)
+      actionpack (= 7.0.8.6)
+      actiontext (= 7.0.8.6)
+      actionview (= 7.0.8.6)
+      activejob (= 7.0.8.6)
+      activemodel (= 7.0.8.6)
+      activerecord (= 7.0.8.6)
+      activestorage (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       bundler (>= 1.15.0)
-      railties (= 7.0.4.3)
+      railties (= 7.0.8.6)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -344,9 +340,9 @@ GEM
     rails-i18n (7.0.3)
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 8)
-    railties (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    railties (7.0.8.6)
+      actionpack (= 7.0.8.6)
+      activesupport (= 7.0.8.6)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
@@ -468,6 +464,7 @@ GEM
       simplecov-html (~> 0.11)
       simplecov_json_formatter (~> 0.1)
     simplecov-html (0.12.3)
+    simplecov-lcov (0.8.0)
     simplecov_json_formatter (0.1.4)
     slack-notifier (2.4.0)
     spring (2.1.1)
@@ -486,13 +483,13 @@ GEM
     sshkit (1.21.2)
       net-scp (>= 1.1.2)
       net-ssh (>= 2.8.0)
-    strscan (3.0.3)
+    strscan (3.0.9)
     terminal-notifier-guard (1.7.0)
-    thor (1.2.1)
+    thor (1.2.2)
     tilt (2.1.0)
     timecop (0.9.5)
     timeliness (0.4.5)
-    timeout (0.3.1)
+    timeout (0.3.2)
     turbolinks (5.2.1)
       turbolinks-source (~> 5.2)
     turbolinks-source (5.2.0)
@@ -520,13 +517,13 @@ GEM
       rack-proxy (>= 0.6.1)
       railties (>= 5.2)
       semantic_range (>= 2.3.0)
-    websocket-driver (0.7.5)
+    websocket-driver (0.7.6)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
     wicked_pdf (2.6.3)
       activesupport
     wkhtmltopdf-binary (0.12.6.5)
-    zeitwerk (2.6.8)
+    zeitwerk (2.6.18)
 
 PLATFORMS
   ruby
@@ -567,11 +564,11 @@ DEPENDENCIES
   omniauth-oauth2 (~> 1.7.0)
   omniauth-rails_csrf_protection (~> 1.0)
   paper_trail (~> 14.0.0)
-  paranoia (~> 2.6.0)
+  paranoia (~> 3.0.0)
   pg (~> 1.3.0)
   pry-byebug
   pry-rails
-  puma (~> 6.1.1)
+  puma (~> 6.4.0)
   pundit (~> 2.2.0)
   rack-attack (~> 6.6.0)
   rails (~> 7.0.4, >= 7.0.4.3)
@@ -593,6 +590,7 @@ DEPENDENCIES
   sidekiq-scheduler (~> 5.0.2)
   simple_form (~> 5.1.0)
   simplecov
+  simplecov-lcov (~> 0.8.0)
   slack-notifier (~> 2.4.0)
   spring
   spring-commands-rspec
@@ -609,4 +607,4 @@ DEPENDENCIES
   wkhtmltopdf-binary
 
 BUNDLED WITH
-   2.2.15
+   2.4.14
diff --git a/README.md b/README.md
index 2613efb97..aef9c7370 100644
--- a/README.md
+++ b/README.md
@@ -3,6 +3,7 @@ Alpha SOFIA
 
 [![Continuous Integration](https://github.com/csvalpha/sofia/actions/workflows/continuous-integration.yml/badge.svg)](https://github.com/csvalpha/sofia/actions/workflows/continuous-integration.yml)
 [![Continuous Delivery](https://github.com/csvalpha/sofia/actions/workflows/continuous-delivery.yml/badge.svg)](https://github.com/csvalpha/sofia/actions/workflows/continuous-delivery.yml)
+[![codecov](https://codecov.io/github/csvalpha/sofia/graph/badge.svg?token=RGR5PARLD5)](https://codecov.io/github/csvalpha/sofia)
 
 The source code belonging to Alpha SOFIA. It is a system built with Ruby on Rails with Turbolinks and a little VueJS, used to manage orders in our own bar "Flux". Users authenticate via OAuth API (currently "Alpha AMBER") to see how much credit they got left, or to be able to register new orders and/or payments.
 
@@ -54,7 +55,7 @@ $ EDITOR="code --wait" bundle exec rails credentials:edit
 In OAuth AMBER (github.com/csvalpha/amber-api), execute the following command (in `rails console`):
 
 ```ruby
-app = Doorkeeper::Application.create(name: 'SOFIA - Streepsysteem der C.S.V. Alpha', redirect_uri: 'http://localhost:5000/users/auth/amber_oauth2/callback', scopes: 'public tomato')
+app = Doorkeeper::Application.create(name: 'SOFIA - Streepsysteem der C.S.V. Alpha', redirect_uri: 'http://localhost:5000/users/auth/amber_oauth2/callback', scopes: 'public sofia')
 app.uid
 app.plaintext_secret
 ```
diff --git a/app/models/payment.rb b/app/models/payment.rb
index 4dd231c05..8a5982dec 100644
--- a/app/models/payment.rb
+++ b/app/models/payment.rb
@@ -33,7 +33,7 @@ def self.create_with_mollie(description, attributes = nil)
     mollie_payment = Mollie::Payment.create(
       amount: { value: format('%<amount>.2f', amount: attributes[:amount]), currency: 'EUR' },
       description: description,
-      redirect_url: "http://#{Rails.application.config.x.tomato_host}/payments/#{obj.id}/callback"
+      redirect_url: "http://#{Rails.application.config.x.sofia_host}/payments/#{obj.id}/callback"
     )
 
     obj.update(mollie_id: mollie_payment.id)
diff --git a/app/views/partials/_footer.html.erb b/app/views/partials/_footer.html.erb
index 5e2ce47d4..c510d5f3c 100644
--- a/app/views/partials/_footer.html.erb
+++ b/app/views/partials/_footer.html.erb
@@ -1,8 +1,8 @@
 <footer class="footer d-flex justify-content-between">
   <span class="text-danger text-uppercase fw-bold mx-2">
-    <% if Rails.application.config.x.tomato_host == 'stagingstreep.csvalpha.nl' %>
+    <% if Rails.application.config.x.sofia_host == 'stagingstreep.csvalpha.nl' %>
       For demo and testing purposes only
-    <% elsif Rails.application.config.x.tomato_host != 'streep.csvalpha.nl' %>
+    <% elsif Rails.application.config.x.sofia_host != 'streep.csvalpha.nl' && Rails.application.config.x.sofia_host != 'luxstreep.csvalpha.nl' %>
       Development mode
     <% end %>
   </span>
diff --git a/config/application.rb b/config/application.rb
index 9df8e9b67..1bfc53384 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -32,8 +32,8 @@ class Application < Rails::Application
       Rails.env.to_sym, :amber_client_secret
     ) || ENV.fetch('AMBER_CLIENT_SECRET', nil)
 
-    config.x.amber_host = credentials.dig(Rails.env.to_sym, :amber_host)
-    config.x.tomato_host          = credentials.dig(Rails.env.to_sym, :tomato_host)
+    config.x.amber_host          = credentials.dig(Rails.env.to_sym, :amber_host)
+    config.x.sofia_host          = credentials.dig(Rails.env.to_sym, :sofia_host)
 
     config.x.slack_webhook        = credentials.dig(Rails.env.to_sym, :slack_webhook) || ''
     config.x.slack_channel        = '#monitoring'
diff --git a/config/credentials.yml.enc b/config/credentials.yml.enc
index 806bcdf6d..bad474fb2 100644
--- a/config/credentials.yml.enc
+++ b/config/credentials.yml.enc
@@ -1 +1 @@
-38UAhGCN6gvsrpCR7TLGT4zffXEfkWvGcnv8mXhZbQvej5tdBE847d6KX1P2Gri240u8dtu0WXuTtZPYw3F/hlAg+0eKwZVX45nVHFtQbe8A37rjLIS+cLwFX3y5T4FmUAvfOSb+5fIkPaYW3tbzUtwuD8I2LGyOMr6xDlKwX1eQX7KIH75/XyObE2ABbXd3wNzEHZO1TXhyTbUwt09JA0Ck/zSRf9mb1vYG6gnEBF3Inv3kVVU6DUtI5OUrrZ541jAnyd1vtE19N+9GA1DQaboRtk65/+mJ7uhks8trw2PwY0NC0W0iVeFCUWaQUrw1UPKMrlCdWCzoxECGqfA+VOO7CjqCgVQ3ClmU8ym6oJ055PHjAyAvYludIwkVJj9QKW3XcqVP3qAxeXjxDRs9j9H3whMdu2NFcBoOWnPUWQNLfMtJKovJ1PVbB0zf8UdJwNiGJ4LRZ4167Fsv6UeL5ktZ7/HfmgGZ8YHaENZBL5/u103+RxzJ6blsxjfMZ4DZjDdZT/c4miEB+pQUCk5zPKu5De6WPBQq5zhfB4KpKtVqJq8RvsXcBsQMDrjPL748TDeK+Hpe8XVy28nbMwH2E0DsW/3z4/TAs6qz8ggXw+uPw3Xp+ZRRacR9tgjWLU9cLivCMfG3E/YX2GOAE8q0OvkZG6Rik/aN8RSPJNEklPbsz+BXKrKGYDrawQvxVOm8u3/lapbW4W2GieO5I3SbYuPnnWBgH2gMHJgSieN/92Ug8gojAPV9q/rVb/+rQcmS+kSgjNTNo3VSN2GC2za/CEt8LufUK0lmwB1BJhZhKfVFVSJRvwzdCnHD2XVRnoiquwNRPL5xYgJZLWIBR3T41VYPcjN0gYpknZO/ZbnVBWjuOHnphKnclsEUhlMPd7tjlqT+dYRcZzYBvHMR7c+xkjv2PKD4g++6foLOsOHWy2qcU9nnN2f2gt84jsBohB6jBqLerSuWsvQU94D9wf6yjGK3uA6kBL7IydrQ0+9G59GQL1zb5eYUlwC8ZF8EdDvNa8Au+CMEgHwqE9zf64VwVFoET0yCu/Q0/tSHrW/dth/8D+lTXTwkKrPAe91Nu+zgW0IFm1OREljIbzZZO5snBhyweOHBxMDGHxU3UjlZGhGAv6lEMWCcSaQDu8ZY332Uj8YLgvTKMVxn6lZ8e4e9CjJ+TfDzGmp1WhUrhd76VRgxIe57a4lmw84Vsj8UmGJn6sYoOVCbSijayCj1CiOuEd2y/fRekAIh3bbfijVj3b7yCIP4eIGXol3HfA1TqwSFRcuoLmsHLMCkjzNadSzBYbhdyqf90/N5zr40oS2vPIioDpzPT+d1lz8LxfPKSIH3mwpzWlSs6N+kUjYEaiQBCJt147Ojxh8UUjsYsUuxbvS25ZmrTnN9bWbRgmnTU6rb/631xxoDIWYalQeoPAapnxuo5hQy/cHGKLb6q+Yata3nAzUYQod5cdmBPZfMop8t5DwVde7ZiZUmjq2LW69/7rEprZX2Kzi2FHkfB9xa6gkO6MvI5C4vaG0yflNhlUYRKokPMMEd+qIWuBLDicMJtStRFG+Cja46llO0vFG3bw+Qf6FVf9jkuLjoSyA2+pG5WQUFCBP65tPIpDKn7NYGzowzpg8t8qJUfRDzZWDvN2feTtVPRtYREK39pVHuQ62FE2DG2X4CgY4mBDFcmAkM0ww8G25F5f/nqPPKUkGgyfcCmUAsIxpJH3N/mZoII9qumxYCm5wTm/NvOlBWR5y2uAAGuiIdu3yffFi4MZCQoWNFplbRA3VVJ0o0CshMS19wPf86hS7q0sbUDWXxJjhUNnDO9k6BLGSuljsK+Ywitw4+DGEAV4uh0Z3P5vl1x2YPY9NUF7L3PDZaJ/jRVszsQfT8Z+Fw83O3tI95L84Cn+QBF84TqtcHQIgE2UZD2xQdoMPtX5BAyFIs1/b8/Ux7f6hQistjMFuuncCn0cIglQ4EoaP7kmBwB3sqMVgJMVai0v584WWHw8cLDi18PXsamZp04PC3IcdficQRd0/QvJpFDlF3LSiEPaRnH1vryJHao8tXv83xsv2Z92nElePUiSI4pLspXKdd1ung/Fj/tDnlkdKSt3T6k7dQsoab2ya6ANsMsof27W0wo5/jB4MfijRGR8Amfe14bZ+AL8s4gk/LWkPKsfH8L8U7jeBpzPl+GqOSO6gdJR7TmvXLhfZRD9nT1YlaFgr72Ojv8xBz9i3qq3ImYB4C73IbFzYnY6luQIARlBU6R2L4lUkLiGF9a+dsC7NtblkaJByKQ7G6jFbGB7o+lmpx+6OEM7XMXfe5HxAhw+0YF2xxlINTVzvLsHDqyLqduZ3TZs1Ma26TniX2SLvSHhCBtmxB0keoW3P3lUvAo8ESnbs2vt+h+DUd0llb6moAo4eSCU9uUH/I6jRuXUSNFHGP6GKjgqb729RyNoSDtA4CsD+g81huYhfShaco8VAJlL/BGHQPANt54/FHqNpmX3nNABPH2s7JCbf5Jh8rpH3CMxnSHpiRFtILcfMdqUT9w7Qz+hkC0Ha+UnIwcJw9yHIEEGo6y7lERtyfqUgQLXHO6Fouq1oOeO/s6Jp3TZekLpEFaOKec8dNjMcL6G57DcssEjr8xDRrJ4sBZ53v2H8aRQQgirQNJOP3hgL99sFmg4Udv5GLs/3UgXgzT6MXcb7LZD07dFy7KBQz8cKbGVIGdYBsg+XS5ky7WwbObsKrz6jvmcILRn4LeCzokt9RczswJbBjrvhTOZTDmk6VerOzMtyV5+uO2rXvTej5VxUqWShHw8ilC4fNGL4ZEdrYjHofFoCWB9UaM80EmEZOEXDDmodsQeG5N4EceKVFGcK2VeAgnAVMs8jTOp/jzDUuxP7nWq40sKWnHxg5/d2+zb5wDJ9zd1CDYJRti8apbFchtbTpC27826Xe9FNSPiBnRFxErXnBi05dexAB9ADD2BRnz3naG/Fx2zT5cALFxwda5hALtbDv7BoAfMzGaqUNAw8Vzn3S/2bwtrmx3pxzSBympiu7AxW3Da+jZXgRUreA9hUpjYYI4hnmTMVuUOI3kDiZ/FjL4ZZFn+eUMCe+asnvviZ7g4qhpKqUkdHJ+oR8KR7xo5d+Tu0OtypNJNLblgOtJjX2zeLI9LdXjB3zJxtoyQN192zBlfooq//HxrYWp6IO7xRxPrP8QWRiHxzB3om/YAdjMy4Ngfh6eaaEje0Bnzkv7n5Nqj5oQlC5dBOlVBhUpPvDtVyYMKnsd034ff2m+BNsuHp/ni/RVL7KtGqtQ+eSlleT7aMe45+WurBuDN+JYEcxPZcZDPsFXFaQF+1SNwVLrF+b04Am7HbE2gbc9dIZr62n9dOVvlhgJLdcJKAOKWtWn2W3PNyK7F0PfvjpNUEcLUHmWFnSHdBWtOEDPvDdYg3LNXrZ2l0J6J+ABtxgkNlCyfdD2DB+exLvKoV1O7qYG7y6G+uqLvddhPM3wHFG3V3vH4kcxLy5v/bQFWpn1Uqr9Fsr9mpZdbOt3S3N2YcBoDI/LIzSZsOvYHR1UsKzKfWUMewdF6ZISAVgQ6l3C5Jb2v79yxJWCnnC+M4o7FdueQowruc4kDm1knFIJZUuoKZ15c7+DGHklcYHlMff6nxmG6on+KBBLnTohbfw1PL5aPG0uAptkN37mcGIRoLngzms3ZSflCqhNoZBJyNBsQ87f9J+glMH2JUohbuEcHvqc6CQu+4hZKNQLN+p1PpoQN5mIIVGUUIcbP3IP+BYLnB6GlMNB1Bm+8oyX7DnGGnWrbfbrZSwrdhoMA5QggkOFyDdVtZOrmEdHPQzJvkBXrRwjfQZClTZa0/EzDsoaELG7q1qoppaVdp9H3l/ZFgnyA==--G8VsFkH0hWoT5VZb--aeMXLt0yLUV+0ugJCIv8TQ==
\ No newline at end of file
+8nWkRnggkMar5tNfaaPjE+OCltUrQfCyE34miPK+W2v5TMWLFvXK+88F2lrjHFZf+YszOIZbE9hGgeTFZD2Nlpmj8uioFIeVNVczsVGUhfdmgMv4OmALuIKijXKMrwH2ZMqmdUl6zOYSqQf8/gtz/8rAIcjEQk3XpqUwmrTN2Dntjpv43yRcau1VGa1yt0pAUC3zy8Lcl3nqZyULB68vzs5clO6cELeLEWn2MIbGk9ul1cJuNzI5Kq77Unv9YzwjO8yIMYI0yhQxUpabm9+mvZ1iSnKyxy6te1dlFWVxyLQOUkXcbHLcmlzPg/345wHawKy9CiNS4g19aZCpB94dxFLZekpIwnW3CosbsszO06OJHtHu0So82h6XYH8CYutwRdEpgDfQiYdYHuNyIU9UJ5whEmrHg/e8bozeNNCkpo9G/FNec8vRBCNEVCY6kjz3S7COn3ro5GHieRBBTdw+ZXIksIEy6CBhdJKDb1FnYpQSka5OMCfghN9YYYd6d9dsEppcnCMBTzBdDFXFWW1ADnl4oi+B6BUUP14nsPBpcywuZ9QoqLufVwOfCH7Cf3kfnB8YqEigJgwhAY2xD4txtLPSY4kGfJ1deVNcW8oECzf8ydBxUlGXBs/7pwpZNztezgYy0zYpRvrhWoz/2xHQOFY6BGyLpc2RrgM5MreIsOSC51JufCpgJcH1gq67WZaQeAAal3ddCzNty/X3xIWkGiF83JiL8cxiaKgXlvE5+OFikuPnrVh0/C5YWvrAotDnQ1xCVmECsiL4xmymNGUSHR8yyLfAGixcmjfJjWl8ztkL43q4MxL5J4msVoTWzXLeJdwiRrbe+AgSNjeTYaL/Ne8qrqkWUQDT8nYRL7Vwvl7gM/XYp5ggFsFZ/hmAg8mvTM8kYzoHTGSpmQb315YQCXVkpRQ0OI3Uy9aCk8L1R7itQboWhcWL1/IiKOUUJYEXPAXzMH2BJJWdFImOp7n5LgfruibGnW4cXHiFK6p74JR0wn5MLx5/IcQ24Ttplg6dYxl8qUMSjHycUCftsCStRET5UrGYgy6jvyUGEbV38EjVMmb7TtFSLhY36MJfCnzV7tygYkhBvAP5eXgM2zwugoynajYeKpRxuimCZIDqtygmkTUztqqHOpqlK3gmHZlS6hVtXWbZJ8Jj1XLVmhMy/13OjZ+h9HrjQPCC5N/QsPpqZ0qvdTYrR0r76PJa/A/TTFI7h5/0ujzmp8UdmqWhhiJMRFjRpPFTGgzR4T0Si2VAqD38FpOjFBgbepLIDQaikal7dkIwjoYFeuhEyYpdtJBxYRtjw3EDTtKN94+mEpQBqRl6z+dBR/gxBYu/qaBPVYO/2lx0IKJLZaM8TniequdC045H32TPpy493a97KJLVR9qSEfmPevwksgAsA7qEJC5U2m1pqfX6L39cl4cGv9DZJO/I0BJnUglxDfp13bsp1Hd7is6av/QUbj4Ft3ACqRwNPdj+MmG9U7s57gZlLxcAn8qJEiL1ZRqEuIODZ3OkzWicAYnQRCoqp6j5rDqYtgF8xY2J7eHzKlYWv+lTfj8hndIx6DFDO7nyRiwg9EwaDXk34vWByger+SpjoQzSCdmEuuqpHYUuh71lvsalsHtK+ET9mgVbcsmlZNEyTYALBFCqnWlpkpZ/cuG1zxqqgFm+3qXConRPkDdYb2RjuMApYyNgZDFlfU+J4offme4JO4ULCSF2sMt79m157oMwhZ7P0Y6TpOKXttDJL+FGEOQNiKtWv6PTCtlFIovwexlUdcu3cPNbrLuMLP5Efd0exbo+sMMJWCfUoOA35FgGzlov0GaEQ1MkBuauSMdQSVgMhy/f8dYAU9myjPoX1KNirLs/bYK3sZ5RHnpUbwWePHNA9nxBb54RfqsBQM5LyXR4eVSOeRXmjop/hdSaLwtjJhQD+ExeRG1MN+7I1vAFxAmKQIf4C31vb/ODaefFzf/yiqCXjZzjOyQsr4cz1psvqkbOb0B2DgdiarFqo7BZbWX8mkbPtZUdGAexabbVvz3rd66I5nudI/hhejpnbkzZW/Od8wrDjsjB/ihtGcnEuANVvqvPyu9irJMFcsDoCQ8EjT1IrFMp7Ror2KRpP7pmrfPwgIF3QbjEKw7L0F2zpgVMReiBGA6JV3xd6wwE+UjBnjI/mOSzldtYKrhzv6aoTOviwWNBxd5g38Psid3GMBS9q0ZEl2PN3JS6JBRK7vNC9zmjHjTg8J23vfhBfk5jJdUtcicW+dO6MZSw8jCEIQrru/JRNaFsbOEWYoKmn61PYR2RjSj2vSnOL85VTMMxoLWFi5JhsaD65c7tKMERTy0EvA05DbZUblzI/2tXa6rlJWBtz0uv7Msg2DOM0BvC9Fr+C3c9PC2d8dpWc8GPPhBG01qvObUaXXI13XGMKILREs3fHYWyzZJUxIzDD3tuh+6OeDuFb+gxm5wdiVlfSvUIJhhfTydcG5zsnTsr/rIsq/Us7D1bWmbPi5+VroBwCQ4cmEWIF4A0RmOlBan8tS6Ro/9b3kFxC80lHJzOtZSsI2hOtJlFSHFX2umtliWFfLzH0aJjJWbSgnE8T0naSdB9Z3BtCCGi22wwx1oeP1jywjQbZ9ziMpXlBq+LrXnsibEx3nTFEfTJ4MRKzq4Q2Eq/xN3nePzalDRkXUcJjBbJKIC0gp/CNsRDegDFQHKF8pAFSraHs1mKKXnWvfRA1A2pI2W1ZirMquWoJlTOEgGDV3+wwzj3BzUZJnH0xb0E1L6aiGJFptgvQ2Jcl+hdyFMYx7gPmWwAh9gyaLTR5lI0WJdykBaOHIEUMcwWwci+jmfPExhDUN74Vt2IheG5LydOX7FAUqnrb9fggHjOIq35yY7rU9LOtOkXC+oo1DwodxMKI7j2VuMIXemw4BwdTpwmJJU75PKM2EVefqQYInvs9h3hYRepe0y5IfRN+yVGkcA4jImNHlNiV9GK0jJ1zQYXFEgeKgWgsmgWUXeW6iS4OA5nqOSZNuM8vLwANXqvV1Es/+wMkqV97eS1+6Dodo7YbMpRKrhuBXInbQy8S3yCvxJsDxEFlzT3IVLNMyWC7pcpLj2pAlGIydyPtpDr2Eu/BQICt4LQ9zA3yZQr2Xf4+7M8wStdxX+C9/6d46hLxgFH40FMSXNXEBjwzuvr2crcTwPC7lPCsVDeQrtOLfzTbEk3iWeKfZ18m3ORJO6VAjAVnMm8ztaHDmXNBKrV0owN1ZMaeez4jWtZKcjgNZQijOqs2Lm19abzTInzz4QGoeDKGjZx3ipkGMgZcwmfivzeTgUH4YMSArQj+vfox6FjKG43GPs0xMYSBplK2pLDAPwl7++7D8LiATuIbMxauEZeg96llt3ryBwj1VMcVLfTjvbp+Td6Jnh0AofgclSuZpjQxiF0uho3lDnwhh3qLXq7S0uiY+P25+YGoXEM90KbbdG25YK037haLUOaUaZw0XEiD3omsbnFG3IzEFt88mE7A+LHBiSf30CVCht3sAurgRaZBMCds3NlWxiWiUCVYQ9WMItoQas7Lwv0mhIwTot4yoZaNbplHO6rz9DDVFEUAVDJj1a+q3WjxmD59IpYHriT4I/m00Etc+08f57KfTNkM2uSnC8VrltX4/+EuzQWixYh756ntw==--32WLAptEbUz5grLv--qA/GkDJDSgWC8w1geJYPRw==
\ No newline at end of file
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 4fb19b381..ddbcd9648 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -84,7 +84,7 @@
   # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
 
   config.action_mailer.default_url_options = {
-    scheme: 'https', host: Rails.application.config.x.tomato_host
+    scheme: 'https', host: Rails.application.config.x.sofia_host
   }
 
   config.action_mailer.delivery_method = :smtp
diff --git a/lib/omniauth/strategies/amber_oauth2.rb b/lib/omniauth/strategies/amber_oauth2.rb
index 35b7bd3da..991439f8a 100644
--- a/lib/omniauth/strategies/amber_oauth2.rb
+++ b/lib/omniauth/strategies/amber_oauth2.rb
@@ -12,7 +12,7 @@ class AmberOauth2 < OmniAuth::Strategies::OAuth2
 
       def authorize_params
         params = super
-        params[:scope] = 'public tomato'
+        params[:scope] = 'public sofia'
         params
       end
 
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 8fa233880..a5f96ef4f 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -1,15 +1,10 @@
 require 'simplecov'
+require 'simplecov-lcov'
 
+SimpleCov.formatter = SimpleCov::Formatter::LcovFormatter
 SimpleCov.start 'rails' do
-  add_filter 'app/controllers/'
-  add_filter 'app/jobs/'
-  add_filter 'app/mailers/'
-  add_filter 'app/policies/'
-  add_filter 'app/views/'
-  add_filter 'lib/'
-
-  minimum_coverage 95
-  minimum_coverage_by_file 95
+  # minimum_coverage 95
+  # minimum_coverage_by_file 95
 end
 
 RSpec.configure do |config|