Merge pull request #5955 from betagouv/rails-6.1

Mise à jour vers Rails 6.1 (#5955)

Gemfile.lock

@@ -23,38 +23,40 @@ GEM
   specs:
     aasm (5.1.1)
       concurrent-ruby (~> 1.0)
-    actioncable (6.0.3.5)
+    actioncable (6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
+      activesupport (= 6.1.3)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (6.0.3.5)
+    actionmailbox (6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
-      activejob (= 6.0.3.5)
+      activejob (= 6.1.3)
-      activerecord (= 6.0.3.5)
+      activerecord (= 6.1.3)
-      activestorage (= 6.0.3.5)
+      activestorage (= 6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
       mail (>= 2.7.1)
-    actionmailer (6.0.3.5)
+    actionmailer (6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
-      actionview (= 6.0.3.5)
+      actionview (= 6.1.3)
-      activejob (= 6.0.3.5)
+      activejob (= 6.1.3)
+      activesupport (= 6.1.3)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (6.0.3.5)
+    actionpack (6.1.3)
-      actionview (= 6.0.3.5)
+      actionview (= 6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
-      rack (~> 2.0, >= 2.0.8)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actiontext (6.0.3.5)
+    actiontext (6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
-      activerecord (= 6.0.3.5)
+      activerecord (= 6.1.3)
-      activestorage (= 6.0.3.5)
+      activestorage (= 6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
       nokogiri (>= 1.8.5)
-    actionview (6.0.3.5)
+    actionview (6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -69,29 +71,31 @@ GEM
       jsonapi-renderer (>= 0.1.1.beta1, < 0.3)
     active_storage_validations (0.9.2)
       rails (>= 5.2.0)
-    activejob (6.0.3.5)
+    activejob (6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
       globalid (>= 0.3.6)
-    activemodel (6.0.3.5)
+    activemodel (6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
-    activerecord (6.0.3.5)
+    activerecord (6.1.3)
-      activemodel (= 6.0.3.5)
+      activemodel (= 6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
-    activestorage (6.0.3.5)
+    activestorage (6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
-      activejob (= 6.0.3.5)
+      activejob (= 6.1.3)
-      activerecord (= 6.0.3.5)
+      activerecord (= 6.1.3)
+      activesupport (= 6.1.3)
       marcel (~> 0.3.1)
+      mimemagic (~> 0.3.2)
     activestorage-openstack (1.5.1)
       fog-openstack (~> 1.0)
       marcel
       rails (>= 5.2.2)
-    activesupport (6.0.3.5)
+    activesupport (6.1.3)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
+      i18n (>= 1.6, < 2)
-      minitest (~> 5.1)
+      minitest (>= 5.1)
-      tzinfo (~> 1.1)
+      tzinfo (~> 2.0)
-      zeitwerk (~> 2.2, >= 2.2.2)
+      zeitwerk (~> 2.3)
     addressable (2.7.0)
       public_suffix (>= 2.0.2, < 5.0)
     administrate (0.14.0)
@@ -137,7 +141,7 @@ GEM
     bootsnap (1.7.2)
       msgpack (~> 1.0)
     brakeman (5.0.0)
-    browser (5.3.0)
+    browser (5.3.1)
     builder (3.2.4)
     byebug (11.1.3)
     capybara (3.35.3)
@@ -195,6 +199,9 @@ GEM
     database_cleaner-core (2.0.1)
     datetime_picker_rails (0.0.7)
       momentjs-rails (>= 2.8.1)
+    debase (2.3.2)
+      debase-ruby_core_source (~> 0.10.11)
+    debase-ruby_core_source (0.10.12)
     deep_cloneable (3.0.0)
       activerecord (>= 3.1.0, < 7)
     delayed_cron_job (0.7.4)
@@ -287,7 +294,7 @@ GEM
       i18n (>= 0.7)
       multi_json
       request_store (>= 1.0)
-    graphql (1.12.4)
+    graphql (1.12.5)
     graphql-batch (0.4.3)
       graphql (>= 1.3, < 2)
       promise.rb (~> 0.7.2)
@@ -499,20 +506,20 @@ GEM
       rack
     rack-test (1.1.0)
       rack (>= 1.0, < 3)
-    rails (6.0.3.5)
+    rails (6.1.3)
-      actioncable (= 6.0.3.5)
+      actioncable (= 6.1.3)
-      actionmailbox (= 6.0.3.5)
+      actionmailbox (= 6.1.3)
-      actionmailer (= 6.0.3.5)
+      actionmailer (= 6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
-      actiontext (= 6.0.3.5)
+      actiontext (= 6.1.3)
-      actionview (= 6.0.3.5)
+      actionview (= 6.1.3)
-      activejob (= 6.0.3.5)
+      activejob (= 6.1.3)
-      activemodel (= 6.0.3.5)
+      activemodel (= 6.1.3)
-      activerecord (= 6.0.3.5)
+      activerecord (= 6.1.3)
-      activestorage (= 6.0.3.5)
+      activestorage (= 6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
-      bundler (>= 1.3.0)
+      bundler (>= 1.15.0)
-      railties (= 6.0.3.5)
+      railties (= 6.1.3)
       sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
@@ -521,7 +528,7 @@ GEM
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
-    rails-erd (1.6.0)
+    rails-erd (1.6.1)
       activerecord (>= 4.2)
       activesupport (>= 4.2)
       choice (~> 0.2.0)
@@ -531,12 +538,12 @@ GEM
     rails-i18n (6.0.0)
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 7)
-    railties (6.0.3.5)
+    railties (6.1.3)
-      actionpack (= 6.0.3.5)
+      actionpack (= 6.1.3)
-      activesupport (= 6.0.3.5)
+      activesupport (= 6.1.3)
       method_source
       rake (>= 0.8.7)
-      thor (>= 0.20.3, < 2.0)
+      thor (~> 1.0)
     rainbow (3.0.0)
     rake (13.0.3)
     rake-progressbar (0.0.5)
@@ -549,7 +556,7 @@ GEM
       execjs
       railties (>= 3.2)
       tilt
-    regexp_parser (2.0.3)
+    regexp_parser (2.1.0)
     request_store (1.5.0)
       rack (>= 1.4)
     responders (3.0.1)
@@ -611,7 +618,7 @@ GEM
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 0.90.0, < 2.0)
-    rubocop-rails_config (1.3.0)
+    rubocop-rails_config (1.3.1)
       railties (>= 5.0)
       rubocop (>= 1.8)
       rubocop-ast (>= 1.0.1)
@@ -651,16 +658,16 @@ GEM
       childprocess (>= 0.5, < 4.0)
       rubyzip (>= 1.2.2)
     semantic_range (2.3.1)
-    sentry-delayed_job (4.2.0)
+    sentry-delayed_job (4.2.1)
       sentry-ruby-core (~> 4.2.0)
-    sentry-rails (4.2.1)
+    sentry-rails (4.2.2)
       rails (>= 5.0)
       sentry-ruby-core (~> 4.2.0)
-    sentry-ruby (4.2.1)
+    sentry-ruby (4.2.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       faraday (>= 1.0)
-      sentry-ruby-core (= 4.2.1)
+      sentry-ruby-core (= 4.2.2)
-    sentry-ruby-core (4.2.1)
+    sentry-ruby-core (4.2.2)
       concurrent-ruby
       faraday
     sexp_processor (4.15.2)
@@ -715,8 +722,8 @@ GEM
     ttfunk (1.7.0)
     typhoeus (1.4.0)
       ethon (>= 0.9.0)
-    tzinfo (1.2.9)
+    tzinfo (2.0.4)
-      thread_safe (~> 0.1)
+      concurrent-ruby (~> 1.0)
     unf (0.1.4)
       unf_ext
     unf_ext (0.0.7.7)

app/controllers/api/v2/dossiers_controller.rb

@@ -3,7 +3,7 @@ class API::V2::DossiersController < API::V2::BaseController
 
   def pdf
     @include_infos_administration = true
-    render(file: 'dossiers/show', formats: [:pdf])
+    render(template: 'dossiers/show', formats: [:pdf])
   end
 
   def geojson

app/controllers/instructeurs/dossiers_controller.rb

@@ -42,7 +42,7 @@ module Instructeurs
       respond_to do |format|
         format.pdf do
           @include_infos_administration = true
-          render(file: 'dossiers/show', formats: [:pdf])
+          render(template: 'dossiers/show', formats: [:pdf])
         end
         format.all
       end
@@ -235,7 +235,7 @@ module Instructeurs
 
     def generate_pdf_for_instructeur_export
       @include_infos_administration = true
-      pdf = render_to_string(file: 'dossiers/show', formats: [:pdf])
+      pdf = render_to_string(template: 'dossiers/show', formats: [:pdf])
       dossier.pdf_export_for_instructeur.attach(io: StringIO.open(pdf), filename: "export-#{dossier.id}.pdf", content_type: 'application/pdf')
     end
 

app/controllers/users/commencer_controller.rb

@@ -82,7 +82,7 @@ module Users
 
     def generate_empty_pdf(procedure)
       @dossier = procedure.new_dossier
-      s = render_to_string(file: 'dossiers/dossier_vide', formats: [:pdf])
+      s = render_to_string(template: 'dossiers/dossier_vide', formats: [:pdf])
       send_data(s, :filename => "#{procedure.libelle}.pdf")
     end
   end

app/controllers/users/dossiers_controller.rb

@@ -32,7 +32,7 @@ module Users
       respond_to do |format|
         format.pdf do
           @include_infos_administration = false
-          render(file: 'dossiers/show', formats: [:pdf])
+          render(template: 'dossiers/show', formats: [:pdf])
         end
         format.all
       end

app/models/attestation_template.rb

@@ -121,7 +121,7 @@ class AttestationTemplate < ApplicationRecord
   def build_pdf(dossier)
     attestation = render_attributes_for(dossier: dossier)
     attestation_view = ApplicationController.render(
-      file: 'new_administrateur/attestation_templates/show',
+      template: 'new_administrateur/attestation_templates/show',
       formats: :pdf,
       assigns: { attestation: attestation }
     )

app/services/dossier_search_service.rb

@@ -37,7 +37,7 @@ class DossierSearchService
 
     dossiers
       .where("#{ts_vector} @@ #{ts_query}")
-      .order("COALESCE(ts_rank(#{ts_vector}, #{ts_query}), 0) DESC")
+      .order(Arel.sql("COALESCE(ts_rank(#{ts_vector}, #{ts_query}), 0) DESC"))
   end
 
   def self.dossier_by_exact_id_for_user(search_terms, user)
@@ -57,7 +57,7 @@ class DossierSearchService
       .dossiers
       .state_not_brouillon
       .where("#{ts_vector} @@ #{ts_query}")
-      .order("COALESCE(ts_rank(#{ts_vector}, #{ts_query}), 0) DESC")
+      .order(Arel.sql("COALESCE(ts_rank(#{ts_vector}, #{ts_query}), 0) DESC"))
   end
 
   def self.to_tsquery(search_terms)

bin/rails

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
+load File.expand_path("spring", __dir__)
 APP_PATH = File.expand_path('../config/application', __dir__)
-require_relative '../config/boot'
+require_relative "../config/boot"
-require 'rails/commands'
+require "rails/commands"

bin/rake

@@ -1,4 +1,5 @@
 #!/usr/bin/env ruby
-require_relative '../config/boot'
+load File.expand_path("spring", __dir__)
-require 'rake'
+require_relative "../config/boot"
+require "rake"
 Rake.application.run

bin/setup

@@ -1,5 +1,5 @@
 #!/usr/bin/env ruby
-require 'fileutils'
+require "fileutils"
 
 # path to your application root.
 APP_ROOT = File.expand_path('..', __dir__)
@@ -9,10 +9,11 @@ def system!(*args)
 end
 
 FileUtils.chdir APP_ROOT do
-  # This script is a starting point to setup your application.
+  # This script is a way to set up or update your development environment automatically.
+  # This script is idempotent, so that you can run it at any time and get an expectable outcome.
   # Add necessary setup steps to this file.
 
-  puts "\n== Installing dependencies =="
+  puts '== Installing dependencies =='
   system! 'gem install bundler --conservative'
   system('bundle check') || system!('bundle install')
 
@@ -29,11 +30,11 @@ FileUtils.chdir APP_ROOT do
 
   # Create the database, load the schema, and initialize it with the seed data
   puts "\n== Preparing database =="
-  system! 'bin/rails db:setup'
+  system! 'bin/rails db:prepare'
 
   puts "\n== Removing old logs and tempfiles =="
   system! 'bin/rails log:clear tmp:clear'
 
-  puts "\n== Done =="
+  puts "\n== Restarting application server =="
-  puts "You can now start the application server with `bin/rails server`."
+  system! 'bin/rails restart'
 end

bin/spring

@@ -1,17 +1,14 @@
 #!/usr/bin/env ruby
+if !defined?(Spring) && [nil, "development", "test"].include?(ENV["RAILS_ENV"])
+  gem "bundler"
+  require "bundler"
 
-# This file loads spring without using Bundler, in order to be fast.
+  # Load Spring without loading other gems in the Gemfile, for speed.
-# It gets overwritten when you run the `spring binstub` command.
+  Bundler.locked_gems.specs.find { |spec| spec.name == "spring" }&.tap do |spring|
-
-unless defined?(Spring)
-  require 'rubygems'
-  require 'bundler'
-
-  lockfile = Bundler::LockfileParser.new(Bundler.default_lockfile.read)
-  spring = lockfile.specs.detect { |spec| spec.name == "spring" }
-  if spring
     Gem.use_paths Gem.dir, Bundler.bundle_path.to_s, *Gem.path
-    gem 'spring', spring.version
+    gem "spring", spring.version
-    require 'spring/binstub'
+    require "spring/binstub"
+  rescue Gem::LoadError
+    # Ignore when Spring is not installed.
   end
 end

bin/yarn

@@ -1,9 +1,15 @@
 #!/usr/bin/env ruby
 APP_ROOT = File.expand_path('..', __dir__)
 Dir.chdir(APP_ROOT) do
-  begin
+  yarn = ENV["PATH"].split(File::PATH_SEPARATOR).
-    exec "yarnpkg", *ARGV
+    select { |dir| File.expand_path(dir) != __dir__ }.
-  rescue Errno::ENOENT
+    product(["yarn", "yarn.cmd", "yarn.ps1"]).
+    map { |dir, file| File.expand_path(file, dir) }.
+    find { |file| File.executable?(file) }
+
+  if yarn
+    exec yarn, *ARGV
+  else
     $stderr.puts "Yarn executable was not detected in the system."
     $stderr.puts "Download Yarn at https://yarnpkg.com/en/docs/install"
     exit 1

config.ru

@@ -1,5 +1,6 @@
 # This file is used by Rack-based servers to start the application.
 
-require ::File.expand_path('config/environment', __dir__)
+require_relative "config/environment"
 
 run Rails.application
+Rails.application.load_server

config/application.rb

@@ -1,6 +1,6 @@
-require File.expand_path('boot', __dir__)
+require_relative "boot"
 
-require 'rails/all'
+require "rails/all"
 
 # Require the gems listed in Gemfile, including any gems
 # you've limited to :test, :development, or :production.
@@ -10,11 +10,13 @@ Dotenv::Railtie.load
 
 module TPS
   class Application < Rails::Application
+    # Initialize configuration defaults for originally generated Rails version.
     config.load_defaults 6.0
 
-    # Settings in config/environments/* take precedence over those specified here.
+    # Configuration for the application, engines, and railties goes here.
-    # Application configuration should go into files in config/initializers
+    #
-    # -- all .rb files in that directory are automatically loaded.
+    # These settings can be overridden in specific environments using the files
+    # in config/environments, which are processed later.
 
     Rails.autoloaders.main.ignore(Rails.root.join('lib/cops'))
     Rails.autoloaders.main.ignore(Rails.root.join('lib/linters'))
@@ -36,8 +38,6 @@ module TPS
     config.assets.paths << Rails.root.join('app', 'assets', 'fonts')
     config.assets.precompile += ['.woff']
 
-    config.active_job.queue_adapter = :delayed_job
-
     # The default list used to be accessible through `ActionView::Base.sanitized_allowed_tags`,
     # but a regression in Rails 6.0 makes it unavailable.
     # It should be fixed in Rails 6.1.

config/cable.yml

@@ -1,10 +1,10 @@
-production:
-  adapter: redis
-  url: redis://localhost:6379
-
 development:
-  adapter: redis
+  adapter: async
-  url: redis://localhost:6379
 
 test:
-  adapter: async
+  adapter: test
+
+production:
+  adapter: redis
+  url: <%= ENV.fetch("REDIS_URL") { "redis://localhost:6379/1" } %>
+  channel_prefix: tps_production

config/environment.rb

@@ -1,5 +1,5 @@
 # Load the Rails application.
-require_relative 'application'
+require_relative "application"
 
 # Initialize the Rails application.
 Rails.application.initialize!

config/environments/development.rb

@@ -1,32 +1,56 @@
+require "active_support/core_ext/integer/time"
+
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 
   # Verifies that versions and hashed value of the package contents in the project's package.json
   config.webpacker.check_yarn_integrity = true
 
-  # In the development environment your application's code is reloaded on
+  # In the development environment your application's code is reloaded any time
-  # every request. This slows down response time but is perfect for development
+  # it changes. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
   # Do not eager load code on boot.
   config.eager_load = false
 
+  # Show full error reports.
+  config.consider_all_requests_local = true
+
+  # Enable/disable caching. By default caching is disabled.
+  # Run rails dev:cache to toggle caching.
+  if Rails.root.join('tmp', 'caching-dev.txt').exist?
+    config.action_controller.perform_caching = true
+    config.action_controller.enable_fragment_cache_logging = true
+
+    config.cache_store = :memory_store
+    config.public_file_server.headers = {
+      'Cache-Control' => "public, max-age=#{2.days.to_i}"
+    }
+  else
+    config.action_controller.perform_caching = false
+
+    config.cache_store = :null_store
+  end
+
   config.public_file_server.enabled = true
   config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
 
-  # Show full error reports and disable caching.
-  config.consider_all_requests_local       = true
-  config.action_controller.perform_caching = false
-
   # Don't care if the mailer can't send.
   config.action_mailer.raise_delivery_errors = false
 
+  # Store uploaded files on the local file system (see config/storage.yml for options).
   config.active_storage.service = ENV['FOG_ENABLED'] == 'enabled' ? :openstack : :local
 
   # Print deprecation notices to the Rails logger.
   config.active_support.deprecation = :log
 
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
   # Raise an error on page load if there are pending migrations.
   config.active_record.migration_error = :page_load
 
@@ -83,12 +107,20 @@ Rails.application.configure do
   # Raises error for missing translations
   # config.action_view.raise_on_missing_translations = true
 
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
+
   # We use the async adapter by default, but delayed_job can be set using
   # RAILS_QUEUE_ADAPTER=delayed_job bin/rails server
   config.active_job.queue_adapter = ENV.fetch('RAILS_QUEUE_ADAPTER', 'async').to_sym
 
+  # Use an evented file watcher to asynchronously detect changes in source code,
+  # routes, locales, etc. This feature depends on the listen gem.
   config.file_watcher = ActiveSupport::EventedFileUpdateChecker
 
+  # Uncomment if you wish to allow Action Cable access from any origin.
+  # config.action_cable.disable_request_forgery_protection = true
+
   if ENV['IGN_CARTE_REFERER']
     config.hosts << ENV['IGN_CARTE_REFERER']
   end

config/environments/production.rb

@@ -1,3 +1,5 @@
+require "active_support/core_ext/integer/time"
+
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 
@@ -17,33 +19,36 @@ Rails.application.configure do
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
 
-  # Enable Rack::Cache to put a simple HTTP cache in front of your application
+  # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
-  # Add `rack-cache` to your Gemfile before enabling this.
+  # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
-  # For large-scale production use, consider using a caching reverse proxy like
+  # config.require_master_key = true
-  # NGINX, varnish or squid.
-  # config.action_dispatch.rack_cache = true
 
   # Disable serving static files from the `/public` folder by default since
   # Apache or NGINX already handles this.
   config.public_file_server.enabled = ENV['RAILS_SERVE_STATIC_FILES'].present?
 
-  # Compress JavaScripts and CSS.
+  # Compress CSS using a preprocessor.
-  # config.assets.js_compressor = :uglifier
   # config.assets.css_compressor = :sass
 
   # Do not fallback to assets pipeline if a precompiled asset is missed.
   config.assets.compile = false
 
+  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # config.asset_host = 'http://assets.example.com'
+
   # Asset digests allow you to set far-future HTTP expiration dates on all assets,
   # yet still be able to expire them through the digest params.
   config.assets.digest = true
 
-  # `config.assets.precompile` and `config.assets.version` have moved to config/initializers/assets.rb
-
   # Specifies the header that your server uses for sending files.
   # config.action_dispatch.x_sendfile_header = 'X-Sendfile' # for Apache
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for NGINX
 
+  # Mount Action Cable outside main process or domain.
+  # config.action_cable.mount_path = nil
+  # config.action_cable.url = 'wss://example.com/cable'
+  # config.action_cable.allowed_request_origins = [ 'http://example.com', /http:\/\/example.*/ ]
+
   # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies.
   config.force_ssl = true
 
@@ -58,10 +63,13 @@ Rails.application.configure do
   # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
 
   # Use a different cache store in production.
-  # config.cache_store = :memory_store
+  # config.cache_store = :mem_cache_store
 
-  # Enable serving of images, stylesheets, and JavaScripts from an asset server.
+  # Use a real queuing backend for Active Job (and separate queues per environment).
-  # config.action_controller.asset_host = 'http://assets.example.com'
+  config.active_job.queue_adapter = :delayed_job
+  # config.active_job.queue_name_prefix = "tps_production"
+
+  config.action_mailer.perform_caching = false
 
   # Ignore bad email addresses and do not raise email delivery errors.
   # Set this to true and configure the email server for immediate delivery to raise delivery errors.
@@ -108,12 +116,49 @@ Rails.application.configure do
   # Send deprecation notices to registered listeners.
   config.active_support.deprecation = :notify
 
+  # Log disallowed deprecations.
+  config.active_support.disallowed_deprecation = :log
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
   # Use default logging formatter so that PID and timestamp are not suppressed.
   config.log_formatter = ::Logger::Formatter.new
 
+  # Use a different logger for distributed setups.
+  # require "syslog/logger"
+  # config.logger = ActiveSupport::TaggedLogging.new(Syslog::Logger.new 'app-name')
+
+  if ENV["RAILS_LOG_TO_STDOUT"].present?
+    logger           = ActiveSupport::Logger.new(STDOUT)
+    logger.formatter = config.log_formatter
+    config.logger    = ActiveSupport::TaggedLogging.new(logger)
+  end
+
   # Do not dump schema after migrations.
   config.active_record.dump_schema_after_migration = false
 
+  # Inserts middleware to perform automatic connection switching.
+  # The `database_selector` hash is used to pass options to the DatabaseSelector
+  # middleware. The `delay` is used to determine how long to wait after a write
+  # to send a subsequent read to the primary.
+  #
+  # The `database_resolver` class is used by the middleware to determine which
+  # database is appropriate to use based on the time delay.
+  #
+  # The `database_resolver_context` class is used by the middleware to set
+  # timestamps for the last write to the primary. The resolver uses the context
+  # class timestamps to determine how long to wait before reading from the
+  # replica.
+  #
+  # By default Rails will store a last write timestamp in the session. The
+  # DatabaseSelector middleware is designed as such you can define your own
+  # strategy for connection switching and pass that into the middleware through
+  # these configuration options.
+  # config.active_record.database_selector = { delay: 2.seconds }
+  # config.active_record.database_resolver = ActiveRecord::Middleware::DatabaseSelector::Resolver
+  # config.active_record.database_resolver_context = ActiveRecord::Middleware::DatabaseSelector::Resolver::Session
+
   Rails.application.routes.default_url_options = {
     protocol: :https,
     host: ENV['APP_HOST']

config/environments/test.rb

@@ -1,24 +1,31 @@
+require "active_support/core_ext/integer/time"
+
+# The test environment is used exclusively to run your application's
+# test suite. You never need to work with it otherwise. Remember that
+# your test database is "scratch space" for the test suite and is wiped
+# and recreated between test runs. Don't rely on the data there!
+
 Rails.application.configure do
   # Settings specified here will take precedence over those in config/application.rb.
 
-  # The test environment is used exclusively to run your application's
-  # test suite. You never need to work with it otherwise. Remember that
-  # your test database is "scratch space" for the test suite and is wiped
-  # and recreated between test runs. Don't rely on the data there!
   config.cache_classes = false
+  config.action_view.cache_template_loading = true
 
   # Do not eager load code on boot. This avoids loading your whole application
   # just for the purpose of running a single test. If you are using a tool that
   # preloads Rails for running tests, you may have to set it to true.
   config.eager_load = false
 
-  # Configure static file server for tests with Cache-Control for performance.
+  # Configure public file server for tests with Cache-Control for performance.
   config.public_file_server.enabled = true
-  config.public_file_server.headers = { 'Cache-Control' => 'public, max-age=3600' }
+  config.public_file_server.headers = {
+    'Cache-Control' => "public, max-age=#{1.hour.to_i}"
+  }
 
   # Show full error reports and disable caching.
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
+  config.cache_store = :null_store
 
   # Raise exceptions instead of rendering exception templates.
   config.action_dispatch.show_exceptions = false
@@ -26,19 +33,33 @@ Rails.application.configure do
   # Disable request forgery protection in test environment.
   config.action_controller.allow_forgery_protection = false
 
+  # Store uploaded files on the local file system in a temporary directory.
+  config.active_storage.service = :test
+
+  config.action_mailer.perform_caching = false
+
   # Tell Action Mailer not to deliver emails to the real world.
   # The :test delivery method accumulates sent emails in the
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  config.active_storage.service = :test
-
   # Randomize the order test cases are executed.
   config.active_support.test_order = :random
 
   # Print deprecation notices to the stderr.
   config.active_support.deprecation = :stderr
 
+  # Raise exceptions for disallowed deprecations.
+  config.active_support.disallowed_deprecation = :raise
+
+  # Tell Active Support which deprecation messages to disallow.
+  config.active_support.disallowed_deprecation_warnings = []
+
+  # Raises error for missing translations.
+  # config.i18n.raise_on_missing_translations = true
+
+  # Annotate rendered view with file names.
+  # config.action_view.annotate_rendered_view_with_filenames = true
   config.action_mailer.default_url_options = { :host => 'localhost:3000' }
   Rails.application.routes.default_url_options = {
     host: 'localhost:3000',
@@ -51,9 +72,6 @@ Rails.application.configure do
   config.active_job.queue_adapter = :test
   config.active_storage.service = :test
 
-  # Raises error for missing translations
-  # config.action_view.raise_on_missing_translations = true
-
   config.ds_autosave = {
     debounce_delay: 500,
     status_visible_duration: 500

config/initializers/active_job_log_subscriber.rb

@@ -1,7 +1,7 @@
 require 'active_job/logging'
 require 'logstash-event'
 
-class ActiveJobLogSubscriber < ::ActiveJob::Logging::LogSubscriber
+class ActiveJobLogSubscriber < ::ActiveJob::LogSubscriber
   def enqueue(event)
     process_event(event, 'enqueue')
   end

config/initializers/assets.rb

@@ -3,7 +3,9 @@
 # Version of your assets, change this if you want to expire all your assets.
 Rails.application.config.assets.version = '1.0'
 
-# Add additional assets to the asset load path
+# Add additional assets to the asset load path.
+# Rails.application.config.assets.paths << Emoji.images_path
+# Add some node_modules folder to the asset load path.
 Rails.application.config.assets.paths << Rails.root.join('node_modules', 'trix', 'dist')
 Rails.application.config.assets.paths << Rails.root.join('node_modules', 'mapbox-gl', 'dist')
 Rails.application.config.assets.paths << Rails.root.join('node_modules', '@reach', 'combobox')

config/initializers/backtrace_silencers.rb

@@ -1,7 +1,8 @@
 # Be sure to restart your server when you modify this file.
 
 # You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
-# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+# Rails.backtrace_cleaner.add_silencer { |line| /my_noisy_library/.match?(line) }
 
-# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code
-# Rails.backtrace_cleaner.remove_silencers!
+# by setting BACKTRACE=1 before calling your invocation, like "BACKTRACE=1 ./bin/rails runner 'MyClass.perform'".
+Rails.backtrace_cleaner.remove_silencers! if ENV["BACKTRACE"]

config/initializers/content_security_policy.rb

@@ -1,3 +1,9 @@
+# Be sure to restart your server when you modify this file.
+
+# Define an application-wide content security policy
+# For further information see the following documentation
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy
+
 # rubocop:disable DS/ApplicationName
 Rails.application.config.content_security_policy do |policy|
   # Whitelist image
@@ -22,3 +28,14 @@ Rails.application.config.content_security_policy do |policy|
   end
 end
 # rubocop:enable DS/ApplicationName
+
+# If you are using UJS then enable automatic nonce generation
+# Rails.application.config.content_security_policy_nonce_generator = -> request { SecureRandom.base64(16) }
+
+# Set the nonce only to specific directives
+# Rails.application.config.content_security_policy_nonce_directives = %w(script-src)
+
+# Report CSP violations to a specified URI
+# For further information see the following documentation:
+# https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy-Report-Only
+# Rails.application.config.content_security_policy_report_only = true

config/initializers/filter_parameter_logging.rb

@@ -1,4 +1,6 @@
 # Be sure to restart your server when you modify this file.
 
 # Configure sensitive parameters which will be filtered from the log file.
-Rails.application.config.filter_parameters += [:password]
+Rails.application.config.filter_parameters += [
+  :passw, :secret, :token, :_key, :crypt, :salt, :certificate, :otp, :ssn
+]

config/initializers/inflections.rb

@@ -4,10 +4,10 @@
 # are locale specific, and you may define rules for as many different
 # locales as you wish. All of these examples are active by default:
 ActiveSupport::Inflector.inflections(:en) do |inflect|
-  # inflect.plural /^(ox)$/i, '\1en'
+  #  inflect.plural /^(ox)$/i, '\1en'
-  # inflect.singular /^(ox)en/i, '\1'
+  #  inflect.singular /^(ox)en/i, '\1'
-  # inflect.irregular 'person', 'people'
+  #  inflect.irregular 'person', 'people'
-  # inflect.uncountable %w( fish sheep )
+  #  inflect.uncountable %w( fish sheep )
   inflect.acronym 'API'
   inflect.acronym 'ASN1'
   inflect.acronym 'IP'

config/initializers/new_framework_defaults_6_1.rb

@@ -0,0 +1,67 @@
+# Be sure to restart your server when you modify this file.
+#
+# This file contains migration options to ease your Rails 6.1 upgrade.
+#
+# Once upgraded flip defaults one by one to migrate to the new default.
+#
+# Read the Guide for Upgrading Ruby on Rails for more info on each option.
+
+# Support for inversing belongs_to -> has_many Active Record associations.
+# Rails.application.config.active_record.has_many_inversing = true
+
+# Track Active Storage variants in the database.
+# Rails.application.config.active_storage.track_variants = true
+
+# Apply random variation to the delay when retrying failed jobs.
+# Rails.application.config.active_job.retry_jitter = 0.15
+
+# Stop executing `after_enqueue`/`after_perform` callbacks if
+# `before_enqueue`/`before_perform` respectively halts with `throw :abort`.
+# Rails.application.config.active_job.skip_after_callbacks_if_terminated = true
+
+# Specify cookies SameSite protection level: either :none, :lax, or :strict.
+#
+# This change is not backwards compatible with earlier Rails versions.
+# It's best enabled when your entire app is migrated and stable on 6.1.
+# Rails.application.config.action_dispatch.cookies_same_site_protection = :lax
+
+# Generate CSRF tokens that are encoded in URL-safe Base64.
+#
+# This change is not backwards compatible with earlier Rails versions.
+# It's best enabled when your entire app is migrated and stable on 6.1.
+# Rails.application.config.action_controller.urlsafe_csrf_tokens = true
+
+# Specify whether `ActiveSupport::TimeZone.utc_to_local` returns a time with an
+# UTC offset or a UTC time.
+# ActiveSupport.utc_to_local_returns_utc_offset_times = true
+
+# Change the default HTTP status code to `308` when redirecting non-GET/HEAD
+# requests to HTTPS in `ActionDispatch::SSL` middleware.
+# Rails.application.config.action_dispatch.ssl_default_redirect_status = 308
+
+# Use new connection handling API. For most applications this won't have any
+# effect. For applications using multiple databases, this new API provides
+# support for granular connection swapping.
+# Rails.application.config.active_record.legacy_connection_handling = false
+
+# Make `form_with` generate non-remote forms by default.
+# Rails.application.config.action_view.form_with_generates_remote_forms = false
+
+# Set the default queue name for the analysis job to the queue adapter default.
+# Rails.application.config.active_storage.queues.analysis = nil
+
+# Set the default queue name for the purge job to the queue adapter default.
+# Rails.application.config.active_storage.queues.purge = nil
+
+# Set the default queue name for the incineration job to the queue adapter default.
+# Rails.application.config.action_mailbox.queues.incineration = nil
+
+# Set the default queue name for the routing job to the queue adapter default.
+# Rails.application.config.action_mailbox.queues.routing = nil
+
+# Set the default queue name for the mail deliver job to the queue adapter default.
+# Rails.application.config.action_mailer.deliver_later_queue_name = nil
+
+# Generate a `Link` header that gives a hint to modern browsers about
+# preloading assets when using `javascript_include_tag` and `stylesheet_link_tag`.
+# Rails.application.config.action_view.preload_links_header = true

config/initializers/permissions_policy.rb

@@ -0,0 +1,11 @@
+# Define an application-wide HTTP permissions policy. For further
+# information see https://developers.google.com/web/updates/2018/06/feature-policy
+#
+# Rails.application.config.permissions_policy do |f|
+#   f.camera      :none
+#   f.gyroscope   :none
+#   f.microphone  :none
+#   f.usb         :none
+#   f.fullscreen  :self
+#   f.payment     :self, "https://secure.example.com"
+# end

config/initializers/wrap_parameters.rb

@@ -5,10 +5,10 @@
 
 # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
 ActiveSupport.on_load(:action_controller) do
-  wrap_parameters format: [:json] if respond_to?(:wrap_parameters)
+  wrap_parameters format: [:json]
 end
 
 # To enable root element in JSON for ActiveRecord objects.
 # ActiveSupport.on_load(:active_record) do
-#  self.include_root_in_json = true
+#   self.include_root_in_json = true
 # end

config/locales/en.yml

@@ -16,6 +16,16 @@
 #
 # This would use the information in config/locales/es.yml.
 #
+# The following keys must be escaped otherwise they will not be retrieved by
+# the default I18n backend:
+#
+# true, false, on, off, yes, no
+#
+# Instead, surround them with single quotes.
+#
+# en:
+#   'true': 'foo'
+#
 # To learn more, please read the Rails Internationalization guide
 # available at http://guides.rubyonrails.org/i18n.html.
 

config/puma.rb

@@ -4,17 +4,26 @@
 # the maximum value specified for Puma. Default is set to 5 threads for minimum
 # and maximum; this matches the default thread size of Active Record.
 #
-threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
+max_threads_count = ENV.fetch("RAILS_MAX_THREADS") { 5 }
-threads threads_count, threads_count
+min_threads_count = ENV.fetch("RAILS_MIN_THREADS") { max_threads_count }
+threads min_threads_count, max_threads_count
+
+# Specifies the `worker_timeout` threshold that Puma will use to wait before
+# terminating a worker in development environments.
+#
+worker_timeout 3600 if ENV.fetch("RAILS_ENV", "development") == "development"
 
 # Specifies the `port` that Puma will listen on to receive requests; default is 3000.
 #
-port        ENV.fetch("PORT") { 3000 }
+port ENV.fetch("PORT") { 3000 }
 
 # Specifies the `environment` that Puma will run in.
 #
 environment ENV.fetch("RAILS_ENV") { "development" }
 
+# Specifies the `pidfile` that Puma will use.
+pidfile ENV.fetch("PIDFILE") { "tmp/pids/server.pid" }
+
 if ENV.fetch("RAILS_ENV") == "production"
   # Specifies the number of `workers` to boot in clustered mode.
   # Workers are forked webserver processes. If using threads and workers together

config/routes.rb

@@ -1,4 +1,6 @@
 Rails.application.routes.draw do
+  # For details on the DSL available within this file, see https://guides.rubyonrails.org/routing.html
+
   get '/saml/auth' => 'saml_idp#new'
   post '/saml/auth' => 'saml_idp#create'
   get '/saml/metadata' => 'saml_idp#metadata'

db/migrate/20210318090000_add_service_name_to_active_storage_blobs.active_storage.rb

@@ -0,0 +1,20 @@
+# This migration comes from active_storage (originally 20190112182829)
+class AddServiceNameToActiveStorageBlobs < ActiveRecord::Migration[6.0]
+  def up
+    unless column_exists?(:active_storage_blobs, :service_name)
+      add_column :active_storage_blobs, :service_name, :string
+
+      if (configured_service = ActiveStorage::Blob.service.name)
+        # rubocop:disable DS/Unscoped
+        ActiveStorage::Blob.unscoped.update_all(service_name: configured_service)
+        # rubocop:enable DS/Unscoped
+      end
+
+      change_column :active_storage_blobs, :service_name, :string, null: false
+    end
+  end
+
+  def down
+    remove_column :active_storage_blobs, :service_name
+  end
+end

db/migrate/20210318090001_create_active_storage_variant_records.active_storage.rb

@@ -0,0 +1,14 @@
+# This migration comes from active_storage (originally 20191206030411)
+# rubocop:disable Rails/CreateTableWithTimestamps
+class CreateActiveStorageVariantRecords < ActiveRecord::Migration[6.0]
+  def change
+    create_table :active_storage_variant_records do |t|
+      t.belongs_to :blob, null: false, index: false
+      t.string :variation_digest, null: false
+
+      t.index [:blob_id, :variation_digest], name: "index_active_storage_variant_records_uniqueness", unique: true
+      t.foreign_key :active_storage_blobs, column: :blob_id
+    end
+  end
+end
+# rubocop:enable Rails/CreateTableWithTimestamps

db/schema.rb

@@ -2,15 +2,15 @@
 # of editing this file, please use the migrations feature of Active Record to
 # incrementally modify your database, and then regenerate this schema definition.
 #
-# This file is the source Rails uses to define your schema when running `rails
+# This file is the source Rails uses to define your schema when running `bin/rails
-# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
+# db:schema:load`. When creating a new database, `bin/rails db:schema:load` tends to
 # be faster and is potentially less error prone than running all of your
 # migrations from scratch. Old migrations may fail to apply correctly if those
 # migrations use external dependencies or application code.
 #
 # It's strongly recommended that you check this file into your version control system.
 
-ActiveRecord::Schema.define(version: 2021_03_11_141956) do
+ActiveRecord::Schema.define(version: 2021_03_18_090001) do
 
   # These are extensions that must be enabled in order to support this database
   enable_extension "plpgsql"
@@ -44,9 +44,16 @@ ActiveRecord::Schema.define(version: 2021_03_11_141956) do
     t.bigint "byte_size", null: false
     t.string "checksum", null: false
     t.datetime "created_at", null: false
+    t.string "service_name", null: false
     t.index ["key"], name: "index_active_storage_blobs_on_key", unique: true
   end
 
+  create_table "active_storage_variant_records", force: :cascade do |t|
+    t.bigint "blob_id", null: false
+    t.string "variation_digest", null: false
+    t.index ["blob_id", "variation_digest"], name: "index_active_storage_variant_records_uniqueness", unique: true
+  end
+
   create_table "administrateurs", id: :serial, force: :cascade do |t|
     t.datetime "created_at"
     t.datetime "updated_at"
@@ -727,6 +734,7 @@ ActiveRecord::Schema.define(version: 2021_03_11_141956) do
     t.index ["procedure_id"], name: "index_without_continuation_mails_on_procedure_id"
   end
 
+  add_foreign_key "active_storage_variant_records", "active_storage_blobs", column: "blob_id"
   add_foreign_key "assign_tos", "groupe_instructeurs"
   add_foreign_key "attestation_templates", "procedures"
   add_foreign_key "attestations", "dossiers"

spec/features/instructeurs/expert_spec.rb

@@ -42,7 +42,7 @@ feature 'Inviting an expert:' do
       expect(emails_sent_to(expert2.email.to_s).size).to eq(1)
 
       invitation_email = open_email(expert.email.to_s)
-      avis = Avis.find_by(expert: expert.id)
+      avis = expert.avis.reload.last
       sign_up_link = sign_up_expert_avis_path(avis.dossier.procedure, avis, avis.expert.email)
       expect(invitation_email.body).to include(sign_up_link)
     end

spec/models/deleted_dossier_spec.rb

@@ -1,5 +1,3 @@
-require 'spec_helper'
-
 describe DeletedDossier do
   let(:deleted_dossier) { create(:deleted_dossier) }