Upgraded to rails 3.2.8

Gemfile

@@ -1,16 +1,16 @@
 # A sample Gemfile
-source "http://rubygems.org"
+source "https://rubygems.org"
 
-gem "rails", '3.1.8'
+gem "rails", '3.2.8'
 
 # Gems used only for assets and not required
 # in production environments by default.
 group :assets do
-  gem 'sass-rails',   '~> 3.1.5'
-  gem 'coffee-rails', '~> 3.1.1'
+  gem 'sass-rails',   '~> 3.2.3'
+  gem 'coffee-rails', '~> 3.2.1'
 
   # See https://github.com/sstephenson/execjs#readme for more supported runtimes
-  gem 'therubyracer'
+  gem 'therubyracer', :platforms => :ruby
 
   gem 'uglifier', '>= 1.0.3'
 end

Gemfile.lock

@@ -5,42 +5,41 @@ GIT
     localize_input (0.1.0)
 
 GEM
-  remote: http://rubygems.org/
+  remote: https://rubygems.org/
   specs:
-    actionmailer (3.1.8)
-      actionpack (= 3.1.8)
-      mail (~> 2.3.3)
-    actionpack (3.1.8)
-      activemodel (= 3.1.8)
-      activesupport (= 3.1.8)
+    actionmailer (3.2.8)
+      actionpack (= 3.2.8)
+      mail (~> 2.4.4)
+    actionpack (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
       builder (~> 3.0.0)
       erubis (~> 2.7.0)
-      i18n (~> 0.6)
-      rack (~> 1.3.6)
+      journey (~> 1.0.4)
+      rack (~> 1.4.0)
       rack-cache (~> 1.2)
-      rack-mount (~> 0.8.2)
       rack-test (~> 0.6.1)
-      sprockets (~> 2.0.4)
-    activemodel (3.1.8)
-      activesupport (= 3.1.8)
+      sprockets (~> 2.1.3)
+    activemodel (3.2.8)
+      activesupport (= 3.2.8)
       builder (~> 3.0.0)
-      i18n (~> 0.6)
-    activerecord (3.1.8)
-      activemodel (= 3.1.8)
-      activesupport (= 3.1.8)
-      arel (~> 2.2.3)
+    activerecord (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
+      arel (~> 3.0.2)
       tzinfo (~> 0.3.29)
-    activeresource (3.1.8)
-      activemodel (= 3.1.8)
-      activesupport (= 3.1.8)
-    activesupport (3.1.8)
-      multi_json (>= 1.0, < 1.3)
-    arel (2.2.3)
+    activeresource (3.2.8)
+      activemodel (= 3.2.8)
+      activesupport (= 3.2.8)
+    activesupport (3.2.8)
+      i18n (~> 0.6)
+      multi_json (~> 1.0)
+    arel (3.0.2)
     builder (3.0.3)
     client_side_validations (3.1.4)
-    coffee-rails (3.1.1)
+    coffee-rails (3.2.2)
       coffee-script (>= 2.2.0)
-      railties (~> 3.1.0)
+      railties (~> 3.2.0)
     coffee-script (2.2.0)
       coffee-script-source
       execjs
@@ -70,12 +69,13 @@ GEM
     inherited_resources (1.3.1)
       has_scope (~> 0.5.0)
       responders (~> 0.6)
+    journey (1.0.4)
     jquery-rails (2.1.3)
       railties (>= 3.1.0, < 5.0)
       thor (~> 0.14)
     json (1.7.5)
     libv8 (3.3.10.4)
-    mail (2.3.3)
+    mail (2.4.4)
       i18n (>= 0.4.0)
       mime-types (~> 1.16)
       treetop (~> 1.4.8)
@@ -85,7 +85,7 @@ GEM
       activesupport (~> 3.1)
       polyamorous (~> 0.5.0)
     mime-types (1.19)
-    multi_json (1.2.0)
+    multi_json (1.3.6)
     mysql2 (0.3.11)
     polyamorous (0.5.0)
       activerecord (~> 3.0)
@@ -100,53 +100,50 @@ GEM
       prawn-core
     prawn-layout (0.3.2)
     prawn-security (0.1.1)
-    rack (1.3.6)
+    rack (1.4.1)
     rack-cache (1.2)
       rack (>= 0.4)
-    rack-mount (0.8.3)
-      rack (>= 1.0.0)
     rack-ssl (1.3.2)
       rack
     rack-test (0.6.2)
       rack (>= 1.0)
-    rails (3.1.8)
-      actionmailer (= 3.1.8)
-      actionpack (= 3.1.8)
-      activerecord (= 3.1.8)
-      activeresource (= 3.1.8)
-      activesupport (= 3.1.8)
+    rails (3.2.8)
+      actionmailer (= 3.2.8)
+      actionpack (= 3.2.8)
+      activerecord (= 3.2.8)
+      activeresource (= 3.2.8)
+      activesupport (= 3.2.8)
       bundler (~> 1.0)
-      railties (= 3.1.8)
+      railties (= 3.2.8)
     rails3_acts_as_paranoid (0.1.4)
       activerecord (~> 3.1)
-    railties (3.1.8)
-      actionpack (= 3.1.8)
-      activesupport (= 3.1.8)
+    railties (3.2.8)
+      actionpack (= 3.2.8)
+      activesupport (= 3.2.8)
       rack-ssl (~> 1.3.2)
       rake (>= 0.8.7)
       rdoc (~> 3.4)
-      thor (~> 0.14.6)
+      thor (>= 0.14.6, < 2.0)
     rake (0.9.2.2)
     rdoc (3.12)
       json (~> 1.4)
     responders (0.9.3)
       railties (~> 3.1)
     sass (3.2.1)
-    sass-rails (3.1.6)
-      actionpack (~> 3.1.0)
-      railties (~> 3.1.0)
+    sass-rails (3.2.5)
+      railties (~> 3.2.0)
       sass (>= 3.1.10)
-      tilt (~> 1.3.2)
+      tilt (~> 1.3)
     simple_form (2.0.3)
       actionpack (~> 3.0)
       activemodel (~> 3.0)
-    sprockets (2.0.4)
+    sprockets (2.1.3)
       hike (~> 1.2)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
     therubyracer (0.10.2)
       libv8 (~> 3.3.10)
-    thor (0.14.6)
+    thor (0.16.0)
     tilt (1.3.3)
     treetop (1.4.10)
       polyglot
@@ -165,7 +162,7 @@ PLATFORMS
 
 DEPENDENCIES
   client_side_validations
-  coffee-rails (~> 3.1.1)
+  coffee-rails (~> 3.2.1)
   daemons
   delayed_job_active_record
   exception_notification
@@ -177,9 +174,9 @@ DEPENDENCIES
   meta_search
   mysql2
   prawn (<= 0.6.3)
-  rails (= 3.1.8)
+  rails (= 3.2.8)
   rails3_acts_as_paranoid (~> 0.1.4)
-  sass-rails (~> 3.1.5)
+  sass-rails (~> 3.2.3)
   simple_form
   therubyracer
   uglifier (>= 1.0.3)

config/application.rb

@@ -38,7 +38,21 @@ module Foodsoft
 
     # Configure sensitive parameters which will be filtered from the log file.
     config.filter_parameters += [:password]
+    
+    # Enable escaping HTML in JSON.
+    config.active_support.escape_html_entities_in_json = true
 
+    # Use SQL instead of Active Record's schema dumper when creating the database.
+    # This is necessary if your schema can't be completely dumped by the schema dumper,
+    # like if you have constraints or database-specific column types
+    # config.active_record.schema_format = :sql
+
+    # Enforce whitelist mode for mass assignment.
+    # This will create an empty whitelist of attributes available for mass-assignment for all models
+    # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
+    # parameters by using an attr_accessible or attr_protected declaration.
+    config.active_record.whitelist_attributes = false # TODO: Bette re-activate this!
+    
     # Enable the asset pipeline
     config.assets.enabled = true
 

config/environments/development.rb.SAMPLE

@@ -22,6 +22,13 @@ Foodsoft::Application.configure do
   # Only use best-standards-support built into browsers
   config.action_dispatch.best_standards_support = :builtin
 
+  # Raise exception on mass assignment protection for Active Record models
+  config.active_record.mass_assignment_sanitizer = :strict
+
+  # Log the query plan for queries taking more than this (works
+  # with SQLite, MySQL, and PostgreSQL)
+  config.active_record.auto_explain_threshold_in_seconds = 0.5
+
   # Do not compress assets
   config.assets.compress = false
 

config/environments/production.rb

@@ -20,7 +20,7 @@ Foodsoft::Application.configure do
   # Generate digests for assets URLs
   config.assets.digest = true
 
-  # Defaults to Rails.root.join("public/assets")
+  # # Defaults to nil and saved in location specified by config.assets.prefix
   # config.assets.manifest = YOUR_PATH
 
   # Specifies the header that your server uses for sending files
@@ -33,8 +33,11 @@ Foodsoft::Application.configure do
   # See everything in the log (default is :info)
   # config.log_level = :debug
 
+  # Prepend all log lines with the following tags
+  # config.log_tags = [ :subdomain, :uuid ]
+
   # Use a different logger for distributed setups
-  # config.logger = SyslogLogger.new
+  # config.logger = ActiveSupport::TaggedLogging.new(SyslogLogger.new)
 
   # Use a different cache store in production
   # config.cache_store = :mem_cache_store
@@ -58,6 +61,10 @@ Foodsoft::Application.configure do
   # Send deprecation notices to registered listeners
   config.active_support.deprecation = :notify
 
+  # Log the query plan for queries taking more than this (works
+  # with SQLite, MySQL, and PostgreSQL)
+  # config.active_record.auto_explain_threshold_in_seconds = 0.5
+
   # Use sendmail to avoid ssl cert problems
   config.action_mailer.delivery_method = :sendmail
 end

config/environments/test.rb

@@ -29,10 +29,8 @@ Foodsoft::Application.configure do
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  # Use SQL instead of Active Record's schema dumper when creating the test database.
-  # This is necessary if your schema can't be completely dumped by the schema dumper,
-  # like if you have constraints or database-specific column types
-  # config.active_record.schema_format = :sql
+  # Raise exception on mass assignment protection for Active Record models
+  config.active_record.mass_assignment_sanitizer = :strict
 
   # Print deprecation notices to the stderr
   config.active_support.deprecation = :stderr

config/initializers/inflections.rb

@@ -8,3 +8,9 @@
 #   inflect.irregular 'person', 'people'
 #   inflect.uncountable %w( fish sheep )
 # end
+#
+# These inflection rules are supported but not enabled by default:
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.acronym 'RESTful'
+# end
+

config/routes.rb

@@ -174,7 +174,7 @@ Foodsoft::Application.routes.draw do
 
     resources :users, :only => [:index]
 
-    match '/:controller(/:action(/:id))'
+    match ':controller(/:action(/:id))(.:format)'
 
   end # End of /:foodcoop scope
 end