(security) upgrade to rails 6

CHANGELOG.md

@@ -1,5 +1,12 @@
 # Changelog Fab-manager
 
+- Updated ruby to 2.7
+- Updated rails to 6.1
+- Updated puma to 6.1
+- Updated responders to 3.0
+- Updated devise to 4.9
+- Updated sassc to 2.3
+
 ## v5.9.1 2023 March 22
 
 - Fix a bug: logical sequence of invoices references has duplicates

Dockerfile

@@ -1,4 +1,4 @@
-FROM ruby:2.6.10-alpine
+FROM ruby:2.7.7-alpine
 MAINTAINER contact@fab-manager.com
 
 # Install upgrade system packages

Gemfile

@@ -3,11 +3,11 @@
 source 'https://rubygems.org'
 
 # Bundle edge Rails instead: gem 'rails', github: 'rails/rails'
-gem 'rails', '~> 5.2.8'
+gem 'rails', '~> 6.1'
 # Used by rails 5.2 to reduce the app boot time by over 50%
 gem 'bootsnap'
 # Use Puma as web server
-gem 'puma', '4.3.12'
+gem 'puma', '6.1.0'
 gem 'shakapacker', '6.5.5'
 
 # Build JSON APIs with ease. Read more: https://github.com/rails/jbuilder
@@ -17,7 +17,7 @@ gem 'json', '>= 2.3.0'
 gem 'jsonpath'
 
 gem 'forgery'
-gem 'responders', '~> 2.0'
+gem 'responders', '~> 3.0'
 
 group :development, :test do
   # Call 'byebug' anywhere in the code to stop execution and get a debugger console
@@ -62,7 +62,7 @@ gem 'pg'
 gem 'pg_search'
 
 # authentication
-gem 'devise', '>= 4.6.0'
+gem 'devise', '>= 4.9'
 gem 'omniauth', '~> 1.9.2'
 gem 'omniauth-oauth2'
 gem 'omniauth_openid_connect'
@@ -107,9 +107,6 @@ gem 'pundit'
 
 gem 'oj'
 
-gem 'actionpack-page_caching', '1.2.2'
-gem 'rails-observers'
-
 gem 'chroma'
 
 gem 'message_format'

Gemfile.lock

@@ -4,50 +4,66 @@ GEM
     Ascii85 (1.0.3)
     aasm (5.0.8)
       concurrent-ruby (~> 1.0)
-    actioncable (5.2.8.1)
+    actioncable (6.1.7.2)
-      actionpack (= 5.2.8.1)
+      actionpack (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailer (5.2.8.1)
+    actionmailbox (6.1.7.2)
-      actionpack (= 5.2.8.1)
+      actionpack (= 6.1.7.2)
-      actionview (= 5.2.8.1)
+      activejob (= 6.1.7.2)
-      activejob (= 5.2.8.1)
+      activerecord (= 6.1.7.2)
+      activestorage (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
+      mail (>= 2.7.1)
+    actionmailer (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      actionview (= 6.1.7.2)
+      activejob (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       mail (~> 2.5, >= 2.5.4)
       rails-dom-testing (~> 2.0)
-    actionpack (5.2.8.1)
+    actionpack (6.1.7.2)
-      actionview (= 5.2.8.1)
+      actionview (= 6.1.7.2)
-      activesupport (= 5.2.8.1)
+      activesupport (= 6.1.7.2)
-      rack (~> 2.0, >= 2.0.8)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+      rails-html-sanitizer (~> 1.0, >= 1.2.0)
-    actionpack-page_caching (1.2.2)
+    actiontext (6.1.7.2)
-      actionpack (>= 5.0.0)
+      actionpack (= 6.1.7.2)
-    actionview (5.2.8.1)
+      activerecord (= 6.1.7.2)
-      activesupport (= 5.2.8.1)
+      activestorage (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
+      nokogiri (>= 1.8.5)
+    actionview (6.1.7.2)
+      activesupport (= 6.1.7.2)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
-      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+      rails-html-sanitizer (~> 1.1, >= 1.2.0)
     active_record_query_trace (1.7)
-    activejob (5.2.8.1)
+    activejob (6.1.7.2)
-      activesupport (= 5.2.8.1)
+      activesupport (= 6.1.7.2)
       globalid (>= 0.3.6)
-    activemodel (5.2.8.1)
+    activemodel (6.1.7.2)
-      activesupport (= 5.2.8.1)
+      activesupport (= 6.1.7.2)
-    activerecord (5.2.8.1)
+    activerecord (6.1.7.2)
-      activemodel (= 5.2.8.1)
+      activemodel (= 6.1.7.2)
-      activesupport (= 5.2.8.1)
+      activesupport (= 6.1.7.2)
-      arel (>= 9.0)
+    activestorage (6.1.7.2)
-    activestorage (5.2.8.1)
+      actionpack (= 6.1.7.2)
-      actionpack (= 5.2.8.1)
+      activejob (= 6.1.7.2)
-      activerecord (= 5.2.8.1)
+      activerecord (= 6.1.7.2)
-      marcel (~> 1.0.0)
+      activesupport (= 6.1.7.2)
-    activesupport (5.2.8.1)
+      marcel (~> 1.0)
+      mini_mime (>= 1.1.0)
+    activesupport (6.1.7.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
-      i18n (>= 0.7, < 2)
+      i18n (>= 1.6, < 2)
-      minitest (~> 5.1)
+      minitest (>= 5.1)
-      tzinfo (~> 1.1)
+      tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
     addressable (2.8.0)
@@ -58,7 +74,6 @@ GEM
     api-pagination (4.8.2)
     apipie-rails (0.5.17)
       rails (>= 4.1)
-    arel (9.0.0)
     ast (2.4.2)
     attr_required (1.0.1)
     awesome_print (1.8.0)
@@ -66,7 +81,7 @@ GEM
       descendants_tracker (~> 0.0.4)
       ice_nine (~> 0.11.0)
       thread_safe (~> 0.3, >= 0.3.1)
-    bcrypt (3.1.13)
+    bcrypt (3.1.18)
     bindata (2.4.10)
     bindex (0.8.1)
     bootsnap (1.4.6)
@@ -113,17 +128,17 @@ GEM
     database_cleaner (1.8.3)
     descendants_tracker (0.0.4)
       thread_safe (~> 0.3, >= 0.3.1)
-    devise (4.7.1)
+    devise (4.9.0)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
     docile (1.3.2)
-    dotenv (2.7.5)
+    dotenv (2.8.1)
-    dotenv-rails (2.7.5)
+    dotenv-rails (2.8.1)
-      dotenv (= 2.7.5)
+      dotenv (= 2.8.1)
-      railties (>= 3.2, < 6.1)
+      railties (>= 3.2)
     elasticsearch (5.0.5)
       elasticsearch-api (= 5.0.5)
       elasticsearch-transport (= 5.0.5)
@@ -160,7 +175,7 @@ GEM
     fugit (1.5.3)
       et-orbi (~> 1, >= 1.2.7)
       raabro (~> 1.4)
-    globalid (1.0.1)
+    globalid (1.1.0)
       activesupport (>= 5.0)
     hashdiff (1.0.1)
     hashery (2.1.2)
@@ -221,7 +236,7 @@ GEM
       rake
     mini_magick (4.10.1)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.0)
+    mini_portile2 (2.8.1)
     minitest (5.17.0)
     minitest-reporters (1.4.2)
       ansi
@@ -233,7 +248,7 @@ GEM
     multi_xml (0.6.0)
     multipart-post (2.1.1)
     nio4r (2.5.8)
-    nokogiri (1.13.10)
+    nokogiri (1.14.2)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     oauth2 (1.4.4)
@@ -293,12 +308,12 @@ GEM
     prawn-table (0.2.2)
       prawn (>= 1.3.0, < 3.0.0)
     public_suffix (4.0.6)
-    puma (4.3.12)
+    puma (6.1.0)
       nio4r (~> 2.0)
     pundit (2.1.0)
       activesupport (>= 3.0.0)
     raabro (1.4.0)
-    racc (1.6.1)
+    racc (1.6.2)
     rack (2.2.6.4)
     rack-oauth2 (1.19.0)
       activesupport
@@ -311,32 +326,32 @@ GEM
     rack-test (2.0.2)
       rack (>= 1.3)
     railroady (1.5.3)
-    rails (5.2.8.1)
+    rails (6.1.7.2)
-      actioncable (= 5.2.8.1)
+      actioncable (= 6.1.7.2)
-      actionmailer (= 5.2.8.1)
+      actionmailbox (= 6.1.7.2)
-      actionpack (= 5.2.8.1)
+      actionmailer (= 6.1.7.2)
-      actionview (= 5.2.8.1)
+      actionpack (= 6.1.7.2)
-      activejob (= 5.2.8.1)
+      actiontext (= 6.1.7.2)
-      activemodel (= 5.2.8.1)
+      actionview (= 6.1.7.2)
-      activerecord (= 5.2.8.1)
+      activejob (= 6.1.7.2)
-      activestorage (= 5.2.8.1)
+      activemodel (= 6.1.7.2)
-      activesupport (= 5.2.8.1)
+      activerecord (= 6.1.7.2)
-      bundler (>= 1.3.0)
+      activestorage (= 6.1.7.2)
-      railties (= 5.2.8.1)
+      activesupport (= 6.1.7.2)
+      bundler (>= 1.15.0)
+      railties (= 6.1.7.2)
       sprockets-rails (>= 2.0.0)
     rails-dom-testing (2.0.3)
       activesupport (>= 4.2.0)
       nokogiri (>= 1.6)
     rails-html-sanitizer (1.4.4)
       loofah (~> 2.19, >= 2.19.1)
-    rails-observers (0.1.5)
+    railties (6.1.7.2)
-      activemodel (>= 4.0)
+      actionpack (= 6.1.7.2)
-    railties (5.2.8.1)
+      activesupport (= 6.1.7.2)
-      actionpack (= 5.2.8.1)
-      activesupport (= 5.2.8.1)
       method_source
-      rake (>= 0.8.7)
+      rake (>= 12.2)
-      thor (>= 0.19.0, < 2.0)
+      thor (~> 1.0)
     rainbow (3.0.0)
     rake (13.0.6)
     rb-fsevent (0.10.3)
@@ -352,11 +367,11 @@ GEM
       redis (>= 3, < 5)
     regexp_parser (2.5.0)
     repost (0.3.2)
-    responders (2.4.1)
+    responders (3.1.0)
-      actionpack (>= 4.2.0, < 6.0)
+      actionpack (>= 5.2)
-      railties (>= 4.2.0, < 6.0)
+      railties (>= 5.2)
     rexml (3.2.5)
-    rolify (5.2.0)
+    rolify (5.3.0)
     rubocop (1.31.2)
       json (~> 2.3)
       parallel (~> 1.10)
@@ -377,10 +392,10 @@ GEM
     ruby-rc4 (0.1.5)
     ruby-vips (2.1.4)
       ffi (~> 1.12)
-    rubyXL (3.4.14)
+    rubyXL (3.4.25)
       nokogiri (>= 1.10.8)
       rubyzip (>= 1.3.0)
-    rubyzip (2.3.0)
+    rubyzip (2.3.2)
     rufus-scheduler (3.8.1)
       fugit (~> 1.1, >= 1.1.6)
     safe_yaml (1.0.5)
@@ -424,9 +439,9 @@ GEM
     spring-watcher-listen (2.0.1)
       listen (>= 2.7, < 4.0)
       spring (>= 1.2, < 3.0)
-    sprockets (4.1.1)
+    sprockets (4.2.0)
       concurrent-ruby (~> 1.0)
-      rack (> 1, < 3)
+      rack (>= 2.2.4, < 4)
     sprockets-rails (3.4.2)
       actionpack (>= 5.2)
       activesupport (>= 5.2)
@@ -452,8 +467,8 @@ GEM
       camertron-eprun
       cldr-plurals-runtime-rb (~> 1.0)
       tzinfo
-    tzinfo (1.2.10)
+    tzinfo (2.0.6)
-      thread_safe (~> 0.1)
+      concurrent-ruby (~> 1.0)
     tzinfo-data (1.2020.4)
       tzinfo (>= 1.0.0)
     unicode-display_width (1.4.1)
@@ -470,8 +485,8 @@ GEM
       coercible (~> 1.0)
       descendants_tracker (~> 0.0, >= 0.0.3)
       equalizer (~> 0.0, >= 0.0.9)
-    warden (1.2.8)
+    warden (1.2.9)
-      rack (>= 2.0.6)
+      rack (>= 2.0.9)
     web-console (3.7.0)
       actionview (>= 5.0)
       activemodel (>= 5.0)
@@ -487,13 +502,13 @@ GEM
     websocket-driver (0.7.5)
       websocket-extensions (>= 0.1.0)
     websocket-extensions (0.1.5)
+    zeitwerk (2.6.7)
 
 PLATFORMS
   ruby
 
 DEPENDENCIES
   aasm
-  actionpack-page_caching (= 1.2.2)
   active_record_query_trace
   acts_as_list
   api-pagination
@@ -507,7 +522,7 @@ DEPENDENCIES
   chroma
   coveralls_reborn (~> 0.18.0)
   database_cleaner
-  devise (>= 4.6.0)
+  devise (>= 4.9)
   dotenv-rails
   elasticsearch-model (~> 5)
   elasticsearch-persistence (~> 5)
@@ -539,16 +554,15 @@ DEPENDENCIES
   pg_search
   prawn
   prawn-table
-  puma (= 4.3.12)
+  puma (= 6.1.0)
   pundit
   railroady
-  rails (~> 5.2.8)
+  rails (~> 6.1)
-  rails-observers
   rb-readline
   recurrence
   redis-session-store
   repost
-  responders (~> 2.0)
+  responders (~> 3.0)
   rolify
   rubocop (~> 1.31)
   rubocop-rails

Procfile

@@ -1,3 +1,3 @@
-web:    bundle exec rails server puma -p $PORT
+web:    bundle exec rails server -u puma -p $PORT
 worker: bundle exec sidekiq -C ./config/sidekiq.yml
 webpack: bin/webpacker-dev-server

app/controllers/api/abuses_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Abuse.
 # Typical action is an user reporting an abuse on a project
-class API::AbusesController < API::ApiController
+class API::AbusesController < API::APIController
   before_action :authenticate_user!, except: :create
   before_action :set_abuse, only: %i[destroy]
 

app/controllers/api/accounting_exports_controller.rb

@@ -1,8 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for exporting accounting data to external accounting softwares
-class API::AccountingExportsController < API::ApiController
+class API::AccountingExportsController < API::APIController
-
   before_action :authenticate_user!
 
   def export
@@ -27,7 +26,7 @@ class API::AccountingExportsController < API::ApiController
         render json: @export.errors, status: :unprocessable_entity
       end
     else
-      send_file File.join(Rails.root, export.file),
+      send_file Rails.root.join(export.file),
                 type: 'text/csv',
                 disposition: 'attachment'
     end

app/controllers/api/accounting_periods_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of AccountingPeriod
-class API::AccountingPeriodsController < API::ApiController
+class API::AccountingPeriodsController < API::APIController
   before_action :authenticate_user!
   before_action :set_period, only: %i[show download_archive]
 

app/controllers/api/admins_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type User with role 'admin'.
-class API::AdminsController < API::ApiController
+class API::AdminsController < API::APIController
   before_action :authenticate_user!
 
   def index

app/controllers/api/age_ranges_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type AgeRange
 # AgeRange are used in Events
-class API::AgeRangesController < API::ApiController
+class API::AgeRangesController < API::APIController
   before_action :authenticate_user!, except: [:index]
   before_action :set_age_range, only: %i[show update destroy]
 

app/controllers/api/analytics_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for fabAnalytics
-class API::AnalyticsController < API::ApiController
+class API::AnalyticsController < API::APIController
   before_action :authenticate_user!
 
   def data

app/controllers/api/api_controller.rb

@@ -1,6 +1,4 @@
 # frozen_string_literal: true
 
-class API::ApiController < ApplicationController
+class API::APIController < ApplicationController
-
-
 end

app/controllers/api/auth_providers_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type AuthProvider
 # AuthProvider are used to connect users through single-sign on systems
-class API::AuthProvidersController < API::ApiController
+class API::AuthProvidersController < API::APIController
   before_action :set_provider, only: %i[show update destroy]
   def index
     @providers = policy_scope(AuthProvider)

app/controllers/api/availabilities_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Availability
-class API::AvailabilitiesController < API::ApiController
+class API::AvailabilitiesController < API::APIController
   before_action :authenticate_user!, except: [:public]
   before_action :set_availability, only: %i[show update reservations lock]
   before_action :set_operator_role, only: %i[machine spaces trainings]

app/controllers/api/cart_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller to manage user's cart
-class API::CartController < API::ApiController
+class API::CartController < API::APIController
   include API::OrderConcern
 
   before_action :current_order, except: %i[create]
@@ -17,7 +17,7 @@ class API::CartController < API::ApiController
     authorize @current_order, policy_class: CartPolicy
     service = Cart::CreateCartItemService.new(@current_order)
     @item = service.create(params)
-    if @item.save({ context: @current_order.order_items })
+    if @item.save(**{ context: @current_order.order_items })
       render 'api/orders/item', status: :created
     else
       render json: @item.errors.full_messages, status: :unprocessable_entity

app/controllers/api/categories_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Category
 # Categories are used to classify Events
-class API::CategoriesController < API::ApiController
+class API::CategoriesController < API::APIController
   before_action :authenticate_user!, except: [:index]
   before_action :set_category, only: %i[show update destroy]
 
@@ -22,7 +22,6 @@ class API::CategoriesController < API::ApiController
     end
   end
 
-
   def update
     authorize Category
     if @category.update(category_params)

app/controllers/api/checkout_controller.rb

@@ -4,7 +4,7 @@ require 'stripe/helper'
 require 'pay_zen/helper'
 
 # API Controller for cart checkout
-class API::CheckoutController < API::ApiController
+class API::CheckoutController < API::APIController
   include ::API::OrderConcern
   before_action :authenticate_user!
   before_action :current_order

app/controllers/api/components_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Component
 # Components are used in Projects
-class API::ComponentsController < API::ApiController
+class API::ComponentsController < API::APIController
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_component, only: %i[show update destroy]
 

app/controllers/api/coupons_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Coupon
 # Coupons are used in payments
-class API::CouponsController < API::ApiController
+class API::CouponsController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!, except: %i[validate]

app/controllers/api/credits_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Credit
 # Credits are used to give free reservations to users
-class API::CreditsController < API::ApiController
+class API::CreditsController < API::APIController
   before_action :authenticate_user!
   before_action :set_credit, only: %i[show update destroy]
 
@@ -15,6 +15,8 @@ class API::CreditsController < API::ApiController
                end
   end
 
+  def show; end
+
   def create
     authorize Credit
     @credit = Credit.new(credit_params)

app/controllers/api/custom_assets_controller.rb

@@ -2,9 +2,9 @@
 
 # API Controller for resources of type CustomAsset
 # CustomAssets are used in settings
-class API::CustomAssetsController < API::ApiController
+class API::CustomAssetsController < API::APIController
-  before_action :authenticate_user!, only: %i[index update create destroy]
+  before_action :authenticate_user!, only: %i[update create]
-  before_action :set_custom_asset, only: %i[show update destroy]
+  before_action :set_custom_asset, only: %i[show update]
 
   # PUT /api/custom_assets/1/
   def update
@@ -40,5 +40,4 @@ class API::CustomAssetsController < API::ApiController
   def custom_asset_params
     params.required(:custom_asset).permit(:name, custom_asset_file_attributes: [:attachment])
   end
-
 end

app/controllers/api/event_themes_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type EventTheme
 # EventTheme are used to classify Events
-class API::EventThemesController < API::ApiController
+class API::EventThemesController < API::APIController
   before_action :authenticate_user!, except: [:index]
   before_action :set_event_theme, only: %i[show update destroy]
 
@@ -22,7 +22,6 @@ class API::EventThemesController < API::ApiController
     end
   end
 
-
   def update
     authorize EventTheme
     if @event_theme.update(event_theme_params)

app/controllers/api/events_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Event
-class API::EventsController < API::ApiController
+class API::EventsController < API::APIController
   before_action :set_event, only: %i[show update destroy]
 
   def index

app/controllers/api/exports_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Export
 # Export are used to download data tables in offline files
-class API::ExportsController < API::ApiController
+class API::ExportsController < API::APIController
   before_action :authenticate_user!
   before_action :set_export, only: [:download]
 

app/controllers/api/files_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for handling special actions on files
-class API::FilesController < API::ApiController
+class API::FilesController < API::APIController
   before_action :authenticate_user!
 
   # test the mime type of the uploaded file

app/controllers/api/groups_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Group
 # Groups are used for categorizing Users
-class API::GroupsController < API::ApiController
+class API::GroupsController < API::APIController
   before_action :authenticate_user!, except: :index
 
   def index

app/controllers/api/i_calendar_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type iCalendar
-class API::ICalendarController < API::ApiController
+class API::ICalendarController < API::APIController
   before_action :authenticate_user!, except: %i[index events]
   before_action :set_i_cal, only: [:destroy]
   respond_to :json

app/controllers/api/imports_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Import
-class API::ImportsController < API::ApiController
+class API::ImportsController < API::APIController
   before_action :authenticate_user!
 
   def show

app/controllers/api/invoices_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of Invoice and Avoir
-class API::InvoicesController < API::ApiController
+class API::InvoicesController < API::APIController
   before_action :authenticate_user!
   before_action :set_invoice, only: %i[show download]
 

app/controllers/api/licences_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Licence
 # Licenses are used in Projects
-class API::LicencesController < API::ApiController
+class API::LicencesController < API::APIController
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_licence, only: %i[show update destroy]
 

app/controllers/api/machine_categories_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Machine Category
 # Categories are used to classify Machine
-class API::MachineCategoriesController < API::ApiController
+class API::MachineCategoriesController < API::APIController
   before_action :authenticate_user!, except: [:index]
   before_action :set_machine_category, only: %i[show update destroy]
 

app/controllers/api/machines_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Machine
-class API::MachinesController < API::ApiController
+class API::MachinesController < API::APIController
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_machine, only: %i[update destroy]
   respond_to :json

app/controllers/api/members_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type User with role 'member'
-class API::MembersController < API::ApiController
+class API::MembersController < API::APIController
   before_action :authenticate_user!, except: [:last_subscribed]
   before_action :set_member, only: %i[update destroy merge complete_tour update_role validate]
   before_action :set_operator, only: %i[show update create merge validate]

app/controllers/api/notification_preferences_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Notification Preferences
-class API::NotificationPreferencesController < API::ApiController
+class API::NotificationPreferencesController < API::APIController
   before_action :authenticate_user!
 
   def index

app/controllers/api/notification_types_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Notification Types
-class API::NotificationTypesController < API::ApiController
+class API::NotificationTypesController < API::APIController
   before_action :authenticate_user!
 
   def index

app/controllers/api/notifications_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Notification
 # Notifications are scoped by user
-class API::NotificationsController < API::ApiController
+class API::NotificationsController < API::APIController
   before_action :authenticate_user!
   before_action :set_notification, only: :update
 

app/controllers/api/open_api_clients_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type OpenAPI::Client
 # OpenAPI::Clients are used to allow access to the public API
-class API::OpenAPIClientsController < API::ApiController
+class API::OpenAPIClientsController < API::APIController
   before_action :authenticate_user!
 
   def index
@@ -40,7 +40,7 @@ class API::OpenAPIClientsController < API::ApiController
     @client = OpenAPI::Client.find(params[:id])
     authorize @client
     @client.destroy
-    head 204
+    head :no_content
   end
 
   private

app/controllers/api/openlab_projects_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Openlab::Projects
 # Openlab::Projects are Projects shared between different instances
-class API::OpenlabProjectsController < API::ApiController
+class API::OpenlabProjectsController < API::APIController
   before_action :init_openlab
 
   def index

app/controllers/api/orders_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Order
 # Orders are used in store
-class API::OrdersController < API::ApiController
+class API::OrdersController < API::APIController
   before_action :authenticate_user!, except: %i[withdrawal_instructions]
   before_action :set_order, only: %i[show update destroy withdrawal_instructions]
 

app/controllers/api/payment_schedules_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of PaymentSchedule
-class API::PaymentSchedulesController < API::ApiController
+class API::PaymentSchedulesController < API::APIController
   before_action :authenticate_user!
   before_action :set_payment_schedule, only: %i[download cancel update]
   before_action :set_payment_schedule_item, only: %i[show_item cash_check confirm_transfer refresh_item pay_item]

app/controllers/api/payments_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # Abstract API Controller to be extended by each payment gateway/mean, for handling the payments processes in the front-end
-class API::PaymentsController < API::ApiController
+class API::PaymentsController < API::APIController
   before_action :authenticate_user!
 
   # This method must be overridden by the the gateways controllers that inherits API::PaymentsControllers

app/controllers/api/plan_categories_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type PlanCategory
 # PlanCategory are used to sort plans
-class API::PlanCategoriesController < API::ApiController
+class API::PlanCategoriesController < API::APIController
   before_action :authenticate_user!, except: :index
   before_action :set_category, only: %i[show update destroy]
 

app/controllers/api/plans_controller.rb

@@ -3,7 +3,7 @@
 # API Controller for resources of type Plan and PartnerPlan.
 # Plan are used to define subscription's characteristics.
 # PartnerPlan is a special kind of plan which send notifications to an external user
-class API::PlansController < API::ApiController
+class API::PlansController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!, except: %i[index durations]

app/controllers/api/prepaid_packs_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type PrepaidPack
 # PrepaidPacks are used to provide discounts to users that bought many hours at once
-class API::PrepaidPacksController < API::ApiController
+class API::PrepaidPacksController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!, except: :index

app/controllers/api/price_categories_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type PriceCategory
 # PriceCategories are used in Events
-class API::PriceCategoriesController < API::ApiController
+class API::PriceCategoriesController < API::APIController
   before_action :authenticate_user!, only: %i[update show create destroy]
   before_action :set_price_category, only: %i[show update destroy]
 

app/controllers/api/prices_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Price
 # Prices are used in reservations (Machine, Space)
-class API::PricesController < API::ApiController
+class API::PricesController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!

app/controllers/api/pricing_controller.rb

@@ -3,7 +3,7 @@
 # @deprecated
 # <b>DEPRECATED:</b> Please use <tt>API::PriceController</tt> instead.
 # API Controller for managing Plans prices
-class API::PricingController < API::ApiController
+class API::PricingController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!, except: %i[index update]

app/controllers/api/product_categories_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type ProductCategory
 # ProductCategories are used to group Products
-class API::ProductCategoriesController < API::ApiController
+class API::ProductCategoriesController < API::APIController
   before_action :authenticate_user!, except: :index
   before_action :set_product_category, only: %i[update destroy position]
 

app/controllers/api/products_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Product
 # Products are used in store
-class API::ProductsController < API::ApiController
+class API::ProductsController < API::APIController
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_product, only: %i[update clone destroy]
 

app/controllers/api/profile_custom_fields_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type ProfileCustomField
 # ProfileCustomFields are fields configured by an admin, added to the user's profile
-class API::ProfileCustomFieldsController < API::ApiController
+class API::ProfileCustomFieldsController < API::APIController
   before_action :authenticate_user!, except: :index
   before_action :set_profile_custom_field, only: %i[show update destroy]
 

app/controllers/api/projects_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Project
-class API::ProjectsController < API::ApiController
+class API::ProjectsController < API::APIController
   before_action :authenticate_user!, except: %i[index show last_published search]
   before_action :set_project, only: %i[update destroy]
   respond_to :json

app/controllers/api/reservations_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Reservation
 # Reservations are used for Training, Machine, Space and Event
-class API::ReservationsController < API::ApiController
+class API::ReservationsController < API::APIController
   before_action :authenticate_user!
   before_action :set_reservation, only: %i[show update]
   respond_to :json

app/controllers/api/settings_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Setting
-class API::SettingsController < API::ApiController
+class API::SettingsController < API::APIController
   before_action :authenticate_user!, only: %i[update bulk_update reset]
 
   def index
@@ -47,7 +47,7 @@ class API::SettingsController < API::ApiController
         end
 
         @settings.push db_setting
-        may_rollback(params[:transactional]) if db_setting.errors.keys.count.positive?
+        may_rollback(params[:transactional]) if db_setting.errors.attribute_names.count.positive?
       end
     end
     SettingService.run_after_update(updated_settings)

app/controllers/api/slots_reservations_controller.rb

@@ -3,7 +3,7 @@
 # API Controller for resources of type Slot
 # Slots are used to cut Availabilities into reservable slots. The duration of these slots is configured per
 # availability by Availability.slot_duration, or otherwise globally by Setting.get('slot_duration')
-class API::SlotsReservationsController < API::ApiController
+class API::SlotsReservationsController < API::APIController
   before_action :authenticate_user!
   before_action :set_slots_reservation, only: %i[update cancel]
   respond_to :json

app/controllers/api/spaces_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Space
-class API::SpacesController < API::ApiController
+class API::SpacesController < API::APIController
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_space, only: %i[update destroy]
   respond_to :json

app/controllers/api/statistics_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for various statistical resources (gateway to elasticsearch DB)
-class API::StatisticsController < API::ApiController
+class API::StatisticsController < API::APIController
   before_action :authenticate_user!
 
   def index

app/controllers/api/stylesheets_controller.rb

@@ -2,9 +2,7 @@
 
 # API Controller for resources of type Stylesheet
 # Stylesheets are used to customize the appearance of Fab-manager
-class API::StylesheetsController < API::ApiController
+class API::StylesheetsController < API::APIController
-  caches_page :show # magic happens here
-
   def show
     @stylesheet = Stylesheet.find(params[:id])
   end

app/controllers/api/subscriptions_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Subscription
-class API::SubscriptionsController < API::ApiController
+class API::SubscriptionsController < API::APIController
   before_action :set_subscription, only: %i[show payment_details cancel]
   before_action :authenticate_user!
 

app/controllers/api/supporting_document_files_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type SupportingDocumentFile
 # SupportingDocumentFiles are used in settings
-class API::SupportingDocumentFilesController < API::ApiController
+class API::SupportingDocumentFilesController < API::APIController
   before_action :authenticate_user!
   before_action :set_supporting_document_file, only: %i[show update download]
 

app/controllers/api/supporting_document_refusals_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type SupportingDocumentRefusal
 # SupportingDocumentRefusal are used by admin refuse user's proof of identity file
-class API::SupportingDocumentRefusalsController < API::ApiController
+class API::SupportingDocumentRefusalsController < API::APIController
   before_action :authenticate_user!
 
   def index

app/controllers/api/supporting_document_types_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type SupportingDocumentType
 # ProofOfIdentityTypes are used to provide admin config proof of identity type by group
-class API::SupportingDocumentTypesController < API::ApiController
+class API::SupportingDocumentTypesController < API::APIController
   before_action :authenticate_user!, except: :index
   before_action :set_supporting_document_type, only: %i[show update destroy]
 

app/controllers/api/tags_controller.rb

@@ -2,8 +2,7 @@
 
 # API Controller for resources of type Tag
 # Tags are used to restrict access to Availabilities
-class API::TagsController < API::ApiController
+class API::TagsController < API::APIController
-
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_tag, only: %i[show update destroy]
 

app/controllers/api/themes_controller.rb

@@ -2,7 +2,7 @@
 
 # API Controller for resources of type Theme
 # Themes are used in Projects
-class API::ThemesController < API::ApiController
+class API::ThemesController < API::APIController
   before_action :authenticate_user!, except: %i[index show]
   before_action :set_theme, only: %i[show update destroy]
 

app/controllers/api/trainings_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Training
-class API::TrainingsController < API::ApiController
+class API::TrainingsController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!, except: %i[index show]

app/controllers/api/trainings_pricings_controller.rb

@@ -3,7 +3,7 @@
 # @deprecated
 # <b>DEPRECATED:</b> Please use <tt>API::PriceController</tt> instead.
 # API Controller for managing Training prices
-class API::TrainingsPricingsController < API::ApiController
+class API::TrainingsPricingsController < API::APIController
   include ApplicationHelper
 
   before_action :authenticate_user!

app/controllers/api/translations_controller.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 # API Controller for managing front-end translations
-class API::TranslationsController < API::ApiController
+class API::TranslationsController < API::APIController
   before_action :set_locale
 
   def show
     translations = I18n.t params[:state]
-    if translations.class.name == String.name && translations.start_with?('translation missing')
+    if translations.instance_of?(String) && translations.start_with?('translation missing')
       render json: { error: translations }, status: :unprocessable_entity
     else
       path = params[:state]
@@ -20,5 +20,4 @@ class API::TranslationsController < API::ApiController
   def set_locale
     I18n.locale = params[:locale] || I18n.default_locale
   end
-
 end

app/controllers/api/user_packs_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type StatisticProfilePrepaidPack
-class API::UserPacksController < API::ApiController
+class API::UserPacksController < API::APIController
   before_action :authenticate_user!
 
   def index

app/controllers/api/users_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Users with role :partner or :manager
-class API::UsersController < API::ApiController
+class API::UsersController < API::APIController
   before_action :authenticate_user!
   before_action :set_user, only: %i[destroy]
 

app/controllers/api/version_controller.rb

@@ -3,7 +3,7 @@
 require 'version'
 
 # API Controller to get the Fab-manager version
-class API::VersionController < API::ApiController
+class API::VersionController < API::APIController
   before_action :authenticate_user!
 
   def show

app/controllers/api/wallet_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # API Controller for resources of type Wallet
-class API::WalletController < API::ApiController
+class API::WalletController < API::APIController
   before_action :authenticate_user!
 
   def by_user

app/controllers/application_controller.rb

@@ -7,7 +7,6 @@ class ApplicationController < ActionController::Base
   # For APIs, you may want to use :null_session instead.
   protect_from_forgery with: :exception
   after_action :set_csrf_cookie
-  cache_sweeper :stylesheet_sweeper
 
   respond_to :html, :json
 
@@ -42,7 +41,7 @@ class ApplicationController < ActionController::Base
                                         {
                                           profile_attributes: %i[phone last_name first_name interest software_mastered],
                                           invoicing_profile_attributes: [
-                                            organization_attributes: [:name, address_attributes: [:address]],
+                                            organization_attributes: [:name, { address_attributes: [:address] }],
                                             user_profile_custom_fields_attributes: %i[profile_custom_field_id value],
                                             address_attributes: [:address]
                                           ],
@@ -60,7 +59,7 @@ class ApplicationController < ActionController::Base
   end
 
   def permission_denied
-    head 403
+    head :forbidden
   end
 
   # Set the configured locale for each action (API call)

app/controllers/open_api/v1/accounting_controller.rb

@@ -4,9 +4,9 @@ require_relative 'concerns/accountings_filters_concern'
 
 # authorized 3rd party softwares can fetch the accounting lines through the OpenAPI
 class OpenAPI::V1::AccountingController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
-  include AccountingsFiltersConcern
+  include OpenAPI::V1::Concerns::AccountingsFiltersConcern
   expose_doc
 
   def index

app/controllers/open_api/v1/bookable_machines_controller.rb

@@ -2,7 +2,7 @@
 
 # authorized 3rd party softwares can list the bookable machines through the OpenAPI
 class OpenAPI::V1::BookableMachinesController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   expose_doc
 
   def index

app/controllers/open_api/v1/concerns/accountings_filters_concern.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # Filter the list of accounting lines by the given parameters
-module AccountingsFiltersConcern
+module OpenAPI::V1::Concerns::AccountingsFiltersConcern
   extend ActiveSupport::Concern
 
   included do

app/controllers/open_api/v1/concerns/reservations_filters_concern.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # Filter the list of reservations by the given parameters
-module ReservationsFiltersConcern
+module OpenAPI::V1::Concerns::ReservationsFiltersConcern
   extend ActiveSupport::Concern
 
   included do

app/controllers/open_api/v1/concerns/subscriptions_filters_concern.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # Filter the list of subscriptions by the given parameters
-module SubscriptionsFiltersConcern
+module OpenAPI::V1::Concerns::SubscriptionsFiltersConcern
   extend ActiveSupport::Concern
 
   included do

app/controllers/open_api/v1/events_controller.rb

@@ -2,7 +2,7 @@
 
 # authorized 3rd party softwares can manage the events through the OpenAPI
 class OpenAPI::V1::EventsController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
   expose_doc
 

app/controllers/open_api/v1/invoices_controller.rb

@@ -2,7 +2,7 @@
 
 # OpenAPI controller for the invoices
 class OpenAPI::V1::InvoicesController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
   expose_doc
 

app/controllers/open_api/v1/machines_controller.rb

@@ -2,7 +2,7 @@
 
 # authorized 3rd party softwares can manage the machines through the OpenAPI
 class OpenAPI::V1::MachinesController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   expose_doc
 
   before_action :set_machine, only: %i[show update destroy]

app/controllers/open_api/v1/plan_categories_controller.rb

@@ -2,7 +2,7 @@
 
 # authorized 3rd party softwares can fetch data about plan categories through the OpenAPI
 class OpenAPI::V1::PlanCategoriesController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   expose_doc
 
   def index

app/controllers/open_api/v1/plans_controller.rb

@@ -2,7 +2,7 @@
 
 # authorized 3rd party softwares can fetch data about plans through the OpenAPI
 class OpenAPI::V1::PlansController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   expose_doc
 
   before_action :set_plan, only: %i[show]

app/controllers/open_api/v1/prices_controller.rb

@@ -2,7 +2,7 @@
 
 # public API controller for resources of type Price
 class OpenAPI::V1::PricesController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
   expose_doc
 

app/controllers/open_api/v1/reservations_controller.rb

@@ -4,9 +4,9 @@ require_relative 'concerns/reservations_filters_concern'
 
 # public API controller for resources of type Reservation
 class OpenAPI::V1::ReservationsController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
-  include ReservationsFiltersConcern
+  include OpenAPI::V1::Concerns::ReservationsFiltersConcern
   expose_doc
 
   def index

app/controllers/open_api/v1/spaces_controller.rb

@@ -2,7 +2,7 @@
 
 # authorized 3rd party softwares can fetch data about spaces through the OpenAPI
 class OpenAPI::V1::SpacesController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   expose_doc
 
   before_action :set_space, only: %i[show]

app/controllers/open_api/v1/subscriptions_controller.rb

@@ -4,9 +4,9 @@ require_relative 'concerns/subscriptions_filters_concern'
 
 # authorized 3rd party softwares can fetch the subscriptions through the OpenAPI
 class OpenAPI::V1::SubscriptionsController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
-  include SubscriptionsFiltersConcern
+  include OpenAPI::V1::Concerns::SubscriptionsFiltersConcern
   expose_doc
 
   def index

app/controllers/open_api/v1/trainings_controller.rb

@@ -2,7 +2,7 @@
 
 # public API controller for resources of type Training
 class OpenAPI::V1::TrainingsController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   expose_doc
 
   def index

app/controllers/open_api/v1/user_trainings_controller.rb

@@ -2,7 +2,7 @@
 
 # public API controller for user's trainings
 class OpenAPI::V1::UserTrainingsController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
   expose_doc
 

app/controllers/open_api/v1/users_controller.rb

@@ -2,7 +2,7 @@
 
 # public API controller for users
 class OpenAPI::V1::UsersController < OpenAPI::V1::BaseController
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
   include Rails::Pagination
   expose_doc
 

app/doc/open_api/api_doc.rb

@@ -4,11 +4,11 @@
 #
 # Controller extension with common API documentation shortcuts
 #
-module OpenAPI::ApiDoc
+module OpenAPI::APIDoc
   # Apipie doesn't allow to append anything to esisting
   #  description. It raises an error on double definition.
   #
-  def append_desc(desc = "")
+  def append_desc(desc = '')
     _apipie_dsl_data[:description] << desc << "\n"
   end
 
@@ -20,7 +20,7 @@ module OpenAPI::ApiDoc
   #
   def to_markdown_code(code)
     code.split("\n").map do |line|
-      (" " * 4) + line
+      (' ' * 4) + line
     end.join("\n")
   end
 
@@ -33,9 +33,8 @@ module OpenAPI::ApiDoc
   # @param schemas [Array<String>]
   #
   def include_response_schema(*schemas)
-    root = Rails.root.join('app/doc/responses')
     _apipie_dsl_data[:description] = _apipie_dsl_data[:description].strip_heredoc
-    append_desc("## Response schema")
+    append_desc('## Response schema')
 
     schemas.each do |relative_path|
       append_desc MarkdownJsonSchema.read(relative_path)

app/doc/open_api/application_doc.rb

@@ -19,7 +19,7 @@
 #   end
 #
 class OpenAPI::ApplicationDoc
-  extend OpenAPI::ApiDoc
+  extend OpenAPI::APIDoc
 
   class << self
     # Stores provided resource description
@@ -53,7 +53,7 @@ class OpenAPI::ApplicationDoc
     # @return [Hash]
     #
     def docs
-      @_docs ||= {}
+      @docs ||= {}
     end
 
     def define_param_group(param_group_name, &block)
@@ -61,7 +61,7 @@ class OpenAPI::ApplicationDoc
     end
 
     def param_groups
-      @_param_groups ||= {}
+      @param_groups ||= {}
     end
 
     # Applies all defined DSL to provided controller class

app/models/advanced_accounting.rb

@@ -3,12 +3,12 @@
 # AdvancedAccounting enables the various objects to have detailed accounting settings
 class AdvancedAccounting < ApplicationRecord
   belongs_to :accountable, polymorphic: true
-  belongs_to :machine, foreign_type: 'Machine', foreign_key: 'accountable_id', inverse_of: :advanced_accounting
+  belongs_to :machine, foreign_key: 'accountable_id', inverse_of: :advanced_accounting
-  belongs_to :training, foreign_type: 'Training', foreign_key: 'accountable_id', inverse_of: :advanced_accounting
+  belongs_to :training, foreign_key: 'accountable_id', inverse_of: :advanced_accounting
-  belongs_to :space, foreign_type: 'Space', foreign_key: 'accountable_id', inverse_of: :advanced_accounting
+  belongs_to :space, foreign_key: 'accountable_id', inverse_of: :advanced_accounting
-  belongs_to :event, foreign_type: 'Event', foreign_key: 'accountable_id', inverse_of: :advanced_accounting
+  belongs_to :event, foreign_key: 'accountable_id', inverse_of: :advanced_accounting
-  belongs_to :product, foreign_type: 'Product', foreign_key: 'accountable_id', inverse_of: :advanced_accounting
+  belongs_to :product, foreign_key: 'accountable_id', inverse_of: :advanced_accounting
-  belongs_to :plan, foreign_type: 'Plan', foreign_key: 'accountable_id', inverse_of: :advanced_accounting
+  belongs_to :plan, foreign_key: 'accountable_id', inverse_of: :advanced_accounting
 
   after_save :rebuild_accounting_lines
 

app/models/application_record.rb

@@ -15,7 +15,7 @@ class ApplicationRecord < ActiveRecord::Base
   def update_with_context(attributes, context)
     with_transaction_returning_status do
       assign_attributes(attributes)
-      save(context: context)
+      save(**{ context: context })
     end
   end
 end

app/models/availability.rb

@@ -190,7 +190,7 @@ class Availability < ApplicationRecord
     duration = slot_duration || Setting.get('slot_duration').to_i
     return unless end_at < (start_at + duration.minutes)
 
-    errors.add(:end_at, I18n.t('availabilities.length_must_be_slot_multiple', MIN: duration))
+    errors.add(:end_at, I18n.t('availabilities.length_must_be_slot_multiple', **{ MIN: duration }))
   end
 
   def should_be_associated

app/models/cart_item/base_item.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require_relative 'cart_item'
-
 # This is an abstract class implemented by classes that can be added to the shopping cart
 class CartItem::BaseItem < ApplicationRecord
   self.abstract_class = true

app/models/cart_item/cart_item.rb

@@ -1,4 +0,0 @@
-# frozen_string_literal: true
-
-# Items that can be added to the shopping cart
-module CartItem; end

app/models/cart_item/coupon.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require_relative 'cart_item'
-
 # A discount coupon applied to the whole shopping cart
 class CartItem::Coupon < ApplicationRecord
   self.table_name = 'cart_item_coupons'

app/models/cart_item/event_reservation.rb

@@ -10,7 +10,7 @@ class CartItem::EventReservation < CartItem::Reservation
   accepts_nested_attributes_for :cart_item_event_reservation_tickets
 
   has_many :cart_item_reservation_slots, class_name: 'CartItem::ReservationSlot', dependent: :destroy, inverse_of: :cart_item,
-                                         foreign_key: 'cart_item_id', foreign_type: 'cart_item_type'
+                                         foreign_type: 'cart_item_type', as: :cart_item
   accepts_nested_attributes_for :cart_item_reservation_slots
 
   belongs_to :operator_profile, class_name: 'InvoicingProfile'
@@ -22,6 +22,14 @@ class CartItem::EventReservation < CartItem::Reservation
     event
   end
 
+  def reservable_id
+    event_id
+  end
+
+  def reservable_type
+    'Event'
+  end
+
   def price
     amount = reservable.amount * normal_tickets
     is_privileged = operator.privileged? && operator.id != customer.id

app/models/cart_item/event_reservation_ticket.rb

@@ -1,7 +1,5 @@
 # frozen_string_literal: true
 
-require_relative 'cart_item'
-
 # A relation table between a pending event reservation and a special price for this event
 class CartItem::EventReservationTicket < ApplicationRecord
   self.table_name = 'cart_item_event_reservation_tickets'

app/models/cart_item/free_extension.rb

@@ -25,7 +25,7 @@ class CartItem::FreeExtension < CartItem::BaseItem
   end
 
   def name
-    I18n.t('cart_items.free_extension', DATE: I18n.l(new_expiration_date))
+    I18n.t('cart_items.free_extension', **{ DATE: I18n.l(new_expiration_date) })
   end
 
   def to_object

app/models/cart_item/machine_reservation.rb

@@ -3,7 +3,7 @@
 # A machine reservation added to the shopping cart
 class CartItem::MachineReservation < CartItem::Reservation
   has_many :cart_item_reservation_slots, class_name: 'CartItem::ReservationSlot', dependent: :destroy, inverse_of: :cart_item,
-                                         foreign_key: 'cart_item_id', foreign_type: 'cart_item_type'
+                                         foreign_type: 'cart_item_type', as: :cart_item
   accepts_nested_attributes_for :cart_item_reservation_slots
 
   belongs_to :operator_profile, class_name: 'InvoicingProfile'