Merge pull request #1317 from Growstuff/dev

release 22

.codeclimate.yml

@@ -0,0 +1,44 @@
+engines:
+  rubocop:
+    enabled: true
+  scss-lint:
+    enabled: true
+  shellcheck:
+    enabled: true
+  eslint:
+    enabled: true
+  coffeelint:
+    enabled: true
+  brakeman:
+    enabled: true
+  bundler-audit:
+    enabled: true
+  duplication:
+    enabled: true
+    config:
+      languages:
+      - ruby
+      - javascript
+    exclude_fingerprints:
+    - 16dbcb58d6caa7ccfe241417831ecfa6
+    - 7d7dca4f27f50e3084f203280073cc74
+  fixme:
+    enabled: true
+    exclude_fingerprints:  # rubocop_todo filename
+    - 63b8552079d106832fbe281566b6d028
+    - d38afbaaea3ecaa9a4cf046b07a01cec
+    - 57ff3968fd371d3e1f75c237d6c78acf
+ratings:
+  paths:
+  - "**.rb"
+  - "**.js"
+  - "**.coffee"
+  - "**.sass"
+  - "**.haml"
+  - Gemfile.lock
+exclude_paths:
+- config/
+- db/
+- spec/
+- public/
+- app/assets/stylesheets/bootstrap-accessibility.css

.gitignore

@@ -8,8 +8,12 @@ coverage
 *~
 *.DS_Store
 config/application.yml
+config/database.yml
 credentials*.sh
 Pathogen:
 custom_plan.rb
 zeus.json
 .bundle
+.idea/**
+public/**
+node_modules

.haml-lint.yml

@@ -0,0 +1,9 @@
+linters:
+  LineLength:
+    max: 120
+  InstanceVariables:
+    enabled: false
+  IdNames:
+    enabled: false
+  ConsecutiveComments:
+    enabled: false

.mention-bot

@@ -0,0 +1,3 @@
+{
+    "userBlacklist": ["tygriffin","oshiho3"]
+}

.overcommit.yml

@@ -0,0 +1,104 @@
+---
+# Use this file to configure the Overcommit hooks you wish to use. This will
+# extend the default configuration defined in:
+# https://github.com/brigade/overcommit/blob/master/config/default.yml
+#
+# At the topmost level of this YAML file is a key representing type of hook
+# being run (e.g. pre-commit, commit-msg, etc.). Within each type you can
+# customize each hook, such as whether to only run it on certain files (via
+# `include`), whether to only display output if it fails (via `quiet`), etc.
+#
+# For a complete list of hooks, see:
+# https://github.com/brigade/overcommit/tree/master/lib/overcommit/hook
+#
+# For a complete list of options that you can use to customize hooks, see:
+# https://github.com/brigade/overcommit#configuration
+#
+# Uncomment the following lines to make the configuration take effect.
+
+PreCommit:
+  ALL:
+    quiet: false
+    problem_on_unmodified_line: warn
+  RuboCop:
+    enabled: true
+    command: ['bundle', 'exec', 'rubocop', '-D', '--rails']
+  TrailingWhitespace:
+    enabled: true
+    exclude:
+      - '**/db/structure.sql'  # Ignore trailing whitespace in generated files
+  CoffeeLint:
+    enabled: true
+    on_fail: warn
+    command: ['npm', 'run', 'coffeelint']
+  HardTabs:
+    enabled: true
+  AuthorEmail:
+    enabled: false
+  AuthorName:
+    enabled: false
+  CssLint:
+    enabled: true
+    exclude:
+      - '**/bootstrap.min.css'
+    command: ['npm', 'run', 'csslint']
+  HamlLint:
+    enabled: true
+    requires_files: true
+    on_warn: fail
+    command: ['bundle', 'exec', 'haml-lint', 'app/views']
+  JsonSyntax:
+    enabled: true
+  BundleOutdated:
+    enabled: true
+    on_warn: warn
+  BundleAudit:
+    enabled: true
+    on_warn: warn
+  JsHint:
+    enabled: true
+    exclude:
+      - 'app/assets/**'
+      - 'spec/javascripts/support/vendor/**'
+      - '**/bootstrap*'
+    command: ['npm', 'run', 'jshint']
+  ScssLint:
+    enabled: true
+  RailsSchemaUpToDate:
+    enabled: true
+  MergeConflicts:
+    enabled: true
+  YamlLint:
+    enabled: true
+
+PostCommit:
+  GitGuilt:
+    enabled: true
+    command: ['npm', 'run', 'git-guilt']
+
+PostCheckout:
+  ALL:
+    quiet: false
+  BundleInstall:
+    enabled: true
+  RailsSchemaUpToDate:
+    enabled: true
+
+PostMerge:
+  BundleInstall:
+    enabled: true
+  RailsSchemaUpToDate:
+    enabled: true
+
+# PrePush:
+#   ALL:
+#     on_warn: fail  # Treat all warnings as failures
+#     quiet: false
+#   # Brakeman:
+#   #   enabled: true
+#   RSpec:
+#     enabled: true
+#     command: ['bundle', 'exec', 'rspec', '--fail-fast']
+#
+#  IndexTags:
+#    enabled: true # Generate a tags file with `ctags` each time HEAD changes

.rspec

@@ -1 +1,2 @@
 --color
+--require spec_helper

.rubocop.yml

@@ -0,0 +1,67 @@
+inherit_from: .rubocop_todo.yml
+AllCops:
+  Include:
+    - 'Rakefile'
+    - 'config.ru'
+    - 'lib/**/*.rake'
+  Exclude:
+    - 'db/schema.rb'
+    - 'vendor/**/*'
+
+Rails:
+  Enabled: true
+
+Style/FileName:
+  Exclude:
+    - 'Gemfile'
+    - 'Gemfile.lock'
+
+Style/StringLiterals:
+  Enabled: false
+
+Style/MultilineMethodCallIndentation:
+  EnforcedStyle: indented
+
+# Configuration parameters: EnforcedStyle, SupportedStyles, IndentationWidth.
+# SupportedStyles: with_first_parameter, with_fixed_indentation
+Style/AlignParameters:
+  EnforcedStyle: with_fixed_indentation
+
+Metrics/LineLength:
+  Max: 120
+
+
+# See https://github.com/bbatsov/rubocop/issues/3629
+Rails/HttpPositionalArguments:
+  Enabled: false
+
+Style/Documentation:
+  Enabled: false
+
+Style/FrozenStringLiteralComment:
+  Enabled: false
+
+# Configuration parameters: Include.
+# Include: app/**/*.rb, config/**/*.rb, db/**/*.rb, lib/**/*.rb
+Rails/Output:
+  Exclude:
+    - 'config/unicorn.rb'
+    - 'db/seeds.rb'
+
+Metrics/BlockLength:
+  Exclude:
+    - 'spec/**/*'
+    - '**/*.rake'
+    - 'config/**/*.rb'
+
+# Remove the following once the code style matches
+Metrics/MethodLength:
+  Max: 34
+Metrics/AbcSize:
+  Max: 32
+Metrics/ClassLength:
+  Max: 207
+Metrics/CyclomaticComplexity:
+  Max: 11
+Metrics/PerceivedComplexity:
+  Max: 9

.rubocop_todo.yml

@@ -0,0 +1,316 @@
+# This configuration was generated by
+# `rubocop --auto-gen-config --no-offense-counts`
+# on 2017-03-01 11:18:11 +1300 using RuboCop version 0.47.1.
+# The point is for the user to remove these configuration records
+# one by one as the offenses are removed from the code base.
+# Note that changes in the inspected code, or installation of new
+# versions of RuboCop, may require this file to be generated again.
+
+Lint/AmbiguousRegexpLiteral:
+  Exclude:
+    - 'spec/controllers/admin/orders_controller_spec.rb'
+    - 'spec/controllers/orders_controller_spec.rb'
+    - 'spec/features/cms_spec.rb'
+    - 'spec/lib/haml/filters/escaped_markdown_spec.rb'
+    - 'spec/lib/haml/filters/growstuff_markdown_spec.rb'
+    - 'spec/models/comment_spec.rb'
+    - 'spec/models/planting_spec.rb'
+    - 'spec/views/members/show.rss.haml_spec.rb'
+    - 'spec/views/posts/show.html.haml_spec.rb'
+
+Lint/HandleExceptions:
+  Exclude:
+    - 'lib/tasks/testing.rake'
+
+# Cop supports --auto-correct.
+# Configuration parameters: IgnoreEmptyBlocks, AllowUnusedKeywordArguments.
+Lint/UnusedBlockArgument:
+  Exclude:
+    - 'app/controllers/crops_controller.rb'
+    - 'app/controllers/sessions_controller.rb'
+    - 'config/unicorn.rb'
+    - 'lib/haml/filters/growstuff_markdown.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: AllowUnusedKeywordArguments, IgnoreEmptyMethods.
+Lint/UnusedMethodArgument:
+  Exclude:
+    - 'app/controllers/application_controller.rb'
+    - 'app/controllers/passwords_controller.rb'
+    - 'app/controllers/registrations_controller.rb'
+    - 'app/validators/approved_validator.rb'
+    - 'spec/views/plantings/show.html.haml_spec.rb'
+
+Lint/Void:
+  Exclude:
+    - 'spec/models/crop_spec.rb'
+    - 'spec/models/garden_spec.rb'
+    - 'spec/models/post_spec.rb'
+
+# Cop supports --auto-correct.
+Performance/StringReplacement:
+  Exclude:
+    - 'spec/rails_helper.rb'
+
+Rails/FilePath:
+  Exclude:
+    - 'spec/rails_helper.rb'
+
+Rails/OutputSafety:
+  Exclude:
+    - 'app/helpers/application_helper.rb'
+    - 'app/helpers/auto_suggest_helper.rb'
+    - 'app/helpers/gardens_helper.rb'
+
+# Configuration parameters: Blacklist.
+# Blacklist: decrement!, decrement_counter, increment!, increment_counter
+# toggle!, touch, update_all, update_attribute, update_column, update_columns,
+# update_counters
+Rails/SkipsModelValidations:
+  Exclude:
+    - 'app/controllers/plantings_controller.rb'
+    - 'db/seeds.rb'
+
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: strict, flexible
+Rails/TimeZone:
+  Exclude:
+    - 'spec/controllers/accounts_controller_spec.rb'
+    - 'spec/factories/member.rb'
+    - 'spec/factories/post.rb'
+    - 'spec/models/post_spec.rb'
+    - 'spec/views/plantings/index.html.haml_spec.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: always, conditionals
+Style/AndOr:
+  Exclude:
+    - 'config/unicorn.rb'
+    - 'lib/tasks/growstuff.rake'
+
+Style/AsciiComments:
+  Exclude:
+    - 'config/initializers/comfortable_mexican_sofa.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: percent_q, bare_percent
+Style/BarePercentLiterals:
+  Exclude:
+    - 'app/helpers/auto_suggest_helper.rb'
+    - 'spec/support/feature_helpers.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles, ProceduralMethods, FunctionalMethods, IgnoredMethods.
+# SupportedStyles: line_count_based, semantic, braces_for_chaining
+# ProceduralMethods: benchmark, bm, bmbm, create, each_with_object, measure, new, realtime, tap, with_object
+# FunctionalMethods: let, let!, subject, watch
+# IgnoredMethods: lambda, proc, it
+Style/BlockDelimiters:
+  Exclude:
+    - 'app/controllers/members_controller.rb'
+    - 'spec/controllers/order_items_controller_spec.rb'
+    - 'spec/features/notifications_spec.rb'
+    - 'spec/models/ability_spec.rb'
+    - 'spec/models/comment_spec.rb'
+    - 'spec/models/follow_spec.rb'
+    - 'spec/models/member_spec.rb'
+    - 'spec/models/planting_spec.rb'
+    - 'spec/models/post_spec.rb'
+    - 'spec/views/crops/edit.html.haml_spec.rb'
+
+# Cop supports --auto-correct.
+Style/BlockEndNewline:
+  Exclude:
+    - 'app/controllers/members_controller.rb'
+    - 'spec/models/ability_spec.rb'
+    - 'spec/models/member_spec.rb'
+    - 'spec/models/planting_spec.rb'
+
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: nested, compact
+Style/ClassAndModuleChildren:
+  Exclude:
+    - 'app/controllers/admin/orders_controller.rb'
+    - 'lib/actions/oauth_signup_action.rb'
+    - 'lib/haml/filters/escaped_markdown.rb'
+    - 'lib/haml/filters/growstuff_markdown.rb'
+
+# Cop supports --auto-correct.
+Style/ClassMethods:
+  Exclude:
+    - 'app/models/planting.rb'
+
+# Cop supports --auto-correct.
+Style/ColonMethodCall:
+  Exclude:
+    - 'spec/lib/haml/filters/escaped_markdown_spec.rb'
+    - 'spec/lib/haml/filters/growstuff_markdown_spec.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: Keywords.
+# Keywords: TODO, FIXME, OPTIMIZE, HACK, REVIEW
+Style/CommentAnnotation:
+  Exclude:
+    - 'app/controllers/crops_controller.rb'
+
+# Cop supports --auto-correct.
+Style/EachForSimpleLoop:
+  Exclude:
+    - 'spec/models/crop_spec.rb'
+    - 'spec/views/home/_crops.html.haml_spec.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: compact, expanded
+Style/EmptyMethod:
+  Exclude:
+    - 'app/controllers/accounts_controller.rb'
+    - 'app/controllers/photos_controller.rb'
+    - 'app/controllers/plant_parts_controller.rb'
+    - 'app/controllers/posts_controller.rb'
+    - 'app/controllers/products_controller.rb'
+    - 'app/controllers/roles_controller.rb'
+    - 'app/controllers/scientific_names_controller.rb'
+    - 'app/controllers/seeds_controller.rb'
+
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: format, sprintf, percent
+Style/FormatString:
+  Exclude:
+    - 'app/helpers/application_helper.rb'
+    - 'spec/helpers/application_helper_spec.rb'
+    - 'spec/views/shop/index_spec.rb'
+
+Style/IdenticalConditionalBranches:
+  Exclude:
+    - 'app/controllers/follows_controller.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: MaxLineLength.
+Style/IfUnlessModifier:
+  Exclude:
+    - 'app/controllers/shop_controller.rb'
+    - 'app/helpers/crops_helper.rb'
+    - 'app/models/planting.rb'
+    - 'config/initializers/geocoder.rb'
+    - 'lib/tasks/growstuff.rake'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles.
+# SupportedStyles: line_count_dependent, lambda, literal
+Style/Lambda:
+  Exclude:
+    - 'spec/controllers/member_controller_spec.rb'
+    - 'spec/models/photo_spec.rb'
+
+# Cop supports --auto-correct.
+Style/MultilineIfModifier:
+  Exclude:
+    - 'spec/rails_helper.rb'
+
+# Cop supports --auto-correct.
+Style/MultilineIfThen:
+  Exclude:
+    - 'script/check_contributors_md'
+
+Style/MultilineTernaryOperator:
+  Exclude:
+    - 'app/controllers/notifications_controller.rb'
+    - 'app/controllers/order_items_controller.rb'
+
+# Cop supports --auto-correct.
+Style/MutableConstant:
+  Exclude:
+    - 'app/controllers/members_controller.rb'
+    - 'app/models/planting.rb'
+
+# Cop supports --auto-correct.
+Style/NegatedIf:
+  Exclude:
+    - 'app/helpers/crops_helper.rb'
+
+Style/NestedTernaryOperator:
+  Exclude:
+    - 'app/controllers/plantings_controller.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, MinBodyLength, SupportedStyles.
+# SupportedStyles: skip_modifier_ifs, always
+Style/Next:
+  Exclude:
+    - 'lib/tasks/growstuff.rake'
+
+# Cop supports --auto-correct.
+Style/NilComparison:
+  Exclude:
+    - 'lib/tasks/growstuff.rake'
+
+# Cop supports --auto-correct.
+# Configuration parameters: AutoCorrect, EnforcedStyle, SupportedStyles.
+# SupportedStyles: predicate, comparison
+Style/NumericPredicate:
+  Exclude:
+    - 'spec/**/*'
+    - 'app/helpers/harvests_helper.rb'
+    - 'app/helpers/plantings_helper.rb'
+    - 'lib/tasks/growstuff.rake'
+    - 'script/check_contributors_md'
+
+# Cop supports --auto-correct.
+Style/ParallelAssignment:
+  Exclude:
+    - 'app/mailers/notifier.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: PreferredDelimiters.
+Style/PercentLiteralDelimiters:
+  Exclude:
+    - 'app/helpers/auto_suggest_helper.rb'
+    - 'script/check_contributors_md'
+    - 'spec/features/signin_spec.rb'
+    - 'spec/features/signout_spec.rb'
+
+# Cop supports --auto-correct.
+Style/PerlBackrefs:
+  Exclude:
+    - 'lib/haml/filters/growstuff_markdown.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: EnforcedStyle, SupportedStyles, AllowInnerSlashes.
+# SupportedStyles: slashes, percent_r, mixed
+Style/RegexpLiteral:
+  Exclude:
+    - 'spec/lib/haml/filters/growstuff_markdown_spec.rb'
+    - 'spec/rails_helper.rb'
+    - 'spec/views/devise/registrations/edit_spec.rb'
+    - 'spec/views/members/index.html.haml_spec.rb'
+    - 'spec/views/posts/index.html.haml_spec.rb'
+    - 'spec/views/posts/show.html.haml_spec.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: SupportedStyles.
+# SupportedStyles: use_perl_names, use_english_names
+Style/SpecialGlobalVars:
+  EnforcedStyle: use_perl_names
+
+# Cop supports --auto-correct.
+# Configuration parameters: IgnoredMethods.
+# IgnoredMethods: respond_to, define_method
+Style/SymbolProc:
+  Exclude:
+    - 'app/controllers/crops_controller.rb'
+    - 'lib/tasks/growstuff.rake'
+
+# Cop supports --auto-correct.
+Style/UnlessElse:
+  Exclude:
+    - 'app/controllers/omniauth_callbacks_controller.rb'
+
+# Cop supports --auto-correct.
+# Configuration parameters: SupportedStyles, WordRegex.
+# SupportedStyles: percent, brackets
+Style/WordArray:
+  EnforcedStyle: percent
+  MinSize: 5

.ruby-version

@@ -1 +1 @@
-2.1.5
+2.3.4

.travis.yml

@@ -1,12 +1,67 @@
----
+sudo: false
 language: ruby
-
-env: GROWSTUFF_SITE_NAME="Growstuff (travis)" RAILS_SECRET_TOKEN='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
-bundler_args: --without development production staging
+cache:
+  bundler: true
+  directories:
+    - travis_phantomjs
+    - tmp/cache/assets/test/sprockets
+env:
+  matrix:
+    - GROWSTUFF_ELASTICSEARCH='true' RSPEC_TAG=elasticsearch STATIC_CHECKS=false
+    - GROWSTUFF_ELASTICSEARCH='false' RSPEC_TAG=~elasticsearch STATIC_CHECKS=false
+    - STATIC_CHECKS=true
+  global:
+    - GROWSTUFF_SITE_NAME="Growstuff (travis)"
+    - RAILS_SECRET_TOKEN='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
+    - secure: "Z5TpM2jEX4UCvNePnk/LwltQX48U2u9BRc+Iypr1x9QW2o228QJhPIOH39a8RMUrepGnkQIq9q3ZRUn98RfrJz1yThtlNFL3NmzdQ57gKgjGwfpa0e4Dwj/ZJqV2D84tDGjvdVYLP7zzaYZxQcwk/cgNpzKf/jq97HLNP7CYuf4="
 rvm:
-  - 2.1.5
+  - 2.3.4
+before_install:
+  - ./script/install_phantomjs;
+  - export PATH=$PWD/travis_phantomjs/phantomjs-2.1.1-linux-x86_64/bin:$PATH
 before_script:
-  - psql -c 'create database growstuff_test;' -U postgres
+  - bundle exec rake db:create db:migrate db:test:prepare
+  - set -e
+  - >
+    if [ "${STATIC_CHECKS}" = "true" ]; then
+      ./script/install_linters;
+    else
+      bundle exec rake assets:precompile;
+    fi
+  - set +e
 script:
-  - bundle exec rake db:migrate --trace
-  - bundle exec rspec spec/
+  - set -e
+  - >
+    if [ "${STATIC_CHECKS}" = "true" ]; then
+      ./script/check_static.rb
+    else
+      bundle exec rake db:migrate --trace;
+      bundle exec rspec --tag $RSPEC_TAG spec/;
+      bundle exec rake jasmine:ci;
+    fi;
+  - set +e
+
+services:
+  - elasticsearch
+before_deploy:
+  - bundle exec script/heroku_maintenance.rb on
+deploy:
+  provider: heroku
+  api_key:
+    secure: "WrQxf0fEKkCdXrjcejurobOnNNz3he4dDwjBbToXbQTQNDObPp7NetJrLsfM8FiUFEeOuvhIHHiDQtMvY720zGGAGxDptvgFS+0QHCUqoTRZA/yFfUmHlG2jROXTzk5uVK0AE4k6Ion5kX8+mM0EnMT/7u+MTFiukrJctSiEXfg="
+  on:
+    repo: Growstuff/growstuff
+  app:
+    dev: growstuff-staging
+    master: growstuff-prod
+    travis_deploy: tranquil-basin-3130
+    travis_containers: tranquil-basin-3130
+  run:
+    - "rake db:migrate"
+    - "script/deploy-tasks.sh"
+    - restart
+after_deploy:
+  - bundle exec script/heroku_maintenance.rb off
+addons:
+  code_climate:
+    repo_token: 462e015bbdaabfb20910fc07f2fea253410ecb131444e00f97dbf32dc6789ca6

.yamllint

@@ -0,0 +1,7 @@
+extends: relaxed
+
+rules:
+  # 80 chars should be enough, but don't fail if a line is longer
+  line-length:
+    max: 150
+    level: warning

CONTRIBUTING.md

@@ -3,11 +3,36 @@ Thanks for contributing to Growstuff!
 When you create a pull request, please include the following:
 
 * Mention the issue it solves (eg. #123)
-* Your code should follow our [Coding style guide](http://wiki.growstuff.org/index.php/Coding_style_guide)
+* Your code should follow our [Coding style guide](https://github.com/Growstuff/growstuff/wiki/Development-process-overview#coding-practices)
 * Make sure you have automated tests for your work, where possible.
 * Add your name (and that of your pair partner, if any) to [CONTRIBUTORS.md](CONTRIBUTORS.md).
 
-If you would like to discuss your work before submitting a pull request,
-please join any of our [Discussion
-forums](http://wiki.growstuff.org/index.php/Discussion_forums), where
-our dev team will be happy to help you.
+All pull requests should pass our automatic continuous integration and style
+checks before being merged. You can run tests locally as follows:
+
+ - `rake spec` to run all Ruby tests
+ - `rake spec:models` to run Ruby model tests (or `rake spec:views` for view tests, etc)
+ - `rake static` to run all static checks (code style, unfixed Git conflicts, etc)
+ - `rake jasmine:ci` to run JavaScript unit tests in headless mode
+ - `rake jasmine` to start a server for running JavaScript unit tests in a
+   browser (eg for debugging). Point your browser at http://localhost:8888 to
+   run the tests.
+ - `rspec ./spec/path/to/my_spec.rb` to run all Ruby tests in the file `my_spec.rb`
+ - `rspec ./spec/path/to/my_spec.rb:45` to run the Ruby test starting on line 45 of
+   `my_spec.rb`. RSpec will output a list of command-lines in this form for all
+   failing tests so you can easily re-run particular ones.
+ - `rspec --only-failures` to re-run all Ruby tests that failed last time.
+
+Growstuff runs several linters and checkers before a change is merged. These
+run from overcommit. To automatically run the same linters yourself you can
+install overcommit too.
+
+ - `./script/install_linters`
+
+You can run `rake -T` to see a list of available Rake tasks. If you can't get
+some tests to pass, please submit a pull request anyway - we'll be happy to
+help you debug the failures.
+
+If you would like to discuss an idea before submitting a pull request,
+please open a [GitHub Issue](https://github.com/growstuff/growstuff/issues),
+where our dev team will be happy to help you.

CONTRIBUTORS.md

@@ -11,10 +11,12 @@ submit the change with your pull request.
 - Alex Bayley / [Skud](https://github.com/Skud)
 - Cesy / [cesy](https://github.com/cesy)
 - Miles Gould / [pozorvlak](https://github.com/pozorvlak)
-- Joseph Caudle / [jcaudle](https://github.com/jcaudle)
+- Taylor Griffin / [tygriffin](https://github.com/tygriffin)
+- Mackenzie Morgan / [maco](https://github.com/maco)
 
 ## Contributors
 
+- Joseph Caudle / [jcaudle](https://github.com/jcaudle)
 - Ricky Amianym / [amianym](https://github.com/amianym)
 - Juliet Kemp / [julietk](https://github.com/julietk)
 - Federico Mena Quintero / [federicomenaquintero](https://github.com/federicomenaquintero)
@@ -22,7 +24,6 @@ submit the change with your pull request.
 - Maia Sauren / [sauramaia](https://github.com/sauramaia)
 - Norman Ancajas / [nbancajas](https://github.com/nbancajas)
 - Jonathan "Duke" Leto / [leto](https://github.com/leto)
-- Mackenzie Morgan / [maco](https://github.com/maco)
 - Amy Hendrix / [sabreuse](https://github.com/sabreuse)
 - CephLPod / [cephLpod](https://github.com/cephLpod/)
 - Gemma Mason / [gemmaellen](https://github.com/gemmaellen)
@@ -40,7 +41,6 @@ submit the change with your pull request.
 - Marty Hines / [martyhines](https://github.com/martyhines)
 - Amelia Greenhall / [ameliagreenhall](https://github.com/ameliagreenhall)
 - Barb Natali / [barbnatali](https://github.com/barbnatali)
-- Taylor Griffin / [tygriffin](https://github.com/tygriffin)
 - Marlena Compton / [Marlena](https://github.com/marlena)
 - Elizabeth A. Kari / [catfriend](https://github.com/catfriend)
 - Cheri Allen / [cherimarie](https://github.com/cherimarie)
@@ -51,4 +51,36 @@ submit the change with your pull request.
 - Yoong Kang Lim / [yoongkang](https://github.com/yoongkang)
 - Kevin Yang / [kevieyang](https://github.com/kevieyang)
 - Justin Hamman / [juzham](https://github.com/juzham)
+- Rocky Jaiswal / [rocky-jaiswal](https://github.com/rocky-jaiswal)
+- Robert Landreaux / [robertlandreaux](https://github.com/robertlandreaux)
+- Savant Krishna / [sksavant](https://github.com/sksavant)
+- Marlena Compton / [marlena](https://github/marlena)
+- Ryan Dy / [rdy](https://github/rdy)
+- Jake Yesbeck / [yez](https://github.com/yez)
+- Mauricio Gonzalez / [mauricio-gonzalez](https://github.com/mauricio-gonzalez)
+- Andrey Bazhutkin / [andrba](https://github.com/andrba)
+- Gabriel Sandoval / [gabrielsandoval](https://github.com/gabrielsandoval)
+- Cjay Billones / [CjayBillones](https://github.com/CjayBillones)
+- Katy Ereira / [maccath](https://github.com/maccath)
+- Gabrielle DeWitt / [gabrielle27](https://github.com/gabrielle27)
+- Manmeet Singh / [manmeetsingh](https://github.com/manmeetsingh)
+- Jym Paul Carandang / [jacarandang](https://github.com/jacarandang)
+- Anthony Atkinson / [sha1sum](https://github.com/sha1sum)
+- Terence Conquest / [twconquest](https://github.com/twconquest)
+- Daniel O'Connor / [CloCkWeRX](https://github.com/CloCkWeRX)
+- DV Dasari / [dv2](https://github.com/dv2)
+- Eric Tillberg / [Thrillberg](https://github.com/Thrillberg)
+- Lucas Nogueira / [lucasnogueira](https://github.com/lucasnogueira)
+- Charley Lewittes / [ctlewitt](https://github.com/ctlewitt)
+- Kristine Nicole Polvoriza / [polveenomials](https://github.com/polveenomials)
+- Brenda Wallace / [br3nda](https://github.com/br3nda)
+- Jim Stallings / [jestallin](https://github.com/jestallin)
+- Alyssa Ransbury / [alran](https://github.com/alran)
+- Thomas Countz / [thomascountz](https://github.com/thomascountz)
+- Megan Talbot / [meganft](https://github.com/meganft)
+- Arun Kumar / [arun1595](https://github.com/arun1595)
+- Harry Brodsky / [hbrodsk1](https://github.com/hbrodsk1)
 
+## Bots
+
+- Security and Dependency Updates / [deppbot](https://github.com/deppbot)

Capfile

@@ -1,4 +0,0 @@
-load 'deploy'
-# Uncomment if you are using Rails' asset pipeline
-    # load 'deploy/assets'
-load 'config/deploy' # remove this line to skip loading any of the default tasks

Gemfile

@@ -1,92 +1,45 @@
+# frozen_string_literal: true
 source 'https://rubygems.org'
 
-ruby "2.1.5"
+ruby '2.3.4'
+
+gem 'rails', '~> 4.2.7'
 
 gem 'bundler', '>=1.1.5'
 
-gem 'rails', '3.2.13'
-gem 'rack', '~>1.4.5'
-gem 'json', '~>1.7.7'
+gem 'coffee-rails', '~> 4.1.0'
 gem 'haml'
-gem 'leaflet-rails'
-gem 'leaflet-markercluster-rails'
-gem 'unicorn' # http server
+gem 'sass-rails', '~> 5.0.4'
 
-gem 'pg'
+# CSS framework
+gem 'bootstrap-sass', '~> 3.3.6'
+gem 'font-awesome-sass'
 
-gem 'figaro' # for handling config via ENV variables
+gem 'uglifier', '~> 2.7.2' # JavaScript compressor
 
-gem 'cancan' # for checking member privileges
-
-gem 'gibbon' # for Mailchimp newsletter subscriptions
-
-gem 'csv_shaper' # CSV export
-
-# vendored activemerchant for testing- needed for bogus paypal
-# gateway monkeypatch
-gem 'activemerchant', '1.33.0',
-  :path => 'vendor/gems/activemerchant-1.33.0',
-  :require => 'active_merchant'
-gem 'active_utils', '1.0.5',
-  :path => 'vendor/gems/active_utils-1.0.5'
-
-group :production, :staging do
-  gem 'newrelic_rpm'
-  gem 'dalli'
-  gem 'memcachier'
-  gem 'rails_12factor' # supresses heroku plugin injection
-end
-
-# Gems used only for assets and not required
-# in production environments by default.
-group :assets do
-  # CSS preprocessor, used for app/assets/stylesheets/application.css
-  gem 'sass-rails',   '~> 3.2.3'
-  # CoffeeScript is a Python-like language that compiles to JavaScript
-  gem 'coffee-rails', '~> 3.2.1'
-
-  # less-rails depends on a JavaScript engine; we use therubyracer.
-  # See https://github.com/sstephenson/execjs#readme for more supported runtimes
-  # long term, we'll probably want node.js for performance, but this will do
-  # for now as it's easier for new people to install
-  gem "therubyracer", "~> 0.12", :platforms => :ruby
-  # libv8 is needed by therubyracer and is a bit finicky
-  gem 'libv8', '3.16.14.7'
-
-  # Another CSS preprocessor, used for Bootstrap overrides
-  gem "less", '~>2.5.0'
-  gem "less-rails", '~> 2.5.0'
-  # CSS framework
-  gem "less-rails-bootstrap", '~> 3.2.0'
-
-  gem 'uglifier', '>= 1.0.3' # JavaScript compressor
-
-  gem 'compass-rails', '~> 1.0.3' # Yet Another CSS framework
-end
-
-gem 'jquery-rails'
-gem 'jquery-ui-rails'
-gem 'js-routes'  # provides access to Rails routes in Javascript
 gem 'flickraw'
+gem 'jquery-rails'
+gem 'jquery-ui-rails', '~> 5.0.2'
+gem 'js-routes' # provides access to Rails routes in Javascript
 
-# To use ActiveModel has_secure_password
-# gem 'bcrypt-ruby', '~> 3.0.0'
+gem 'cancancan', '~> 1.9'          # for checking member privileges
+gem 'csv_shaper'                   # CSV export
+gem 'figaro'                       # for handling config via ENV variables
+gem 'gibbon', '~>1.2.0'            # for Mailchimp newsletter subscriptions
+gem 'leaflet-markercluster-rails'
+gem 'leaflet-rails', '~> 0.7.7'    # Newer versions break tests - see https://travis-ci.org/CloCkWeRX/growstuff/builds/200984350
+gem 'pg'
+gem 'ruby-units'                   # for unit conversion
+gem 'unicorn'                      # http server
 
-# To use Jbuilder templates for JSON
-# gem 'jbuilder'
+gem 'comfortable_mexican_sofa', '~> 1.12.0' # content management system
 
-# Use unicorn as the app server
-# gem 'unicorn'
+gem 'bootstrap-kaminari-views'     # bootstrap views for kaminari
+gem 'kaminari', '~> 0.17.0'        # pagination
 
-group :development do
-  # A debugger and irb alternative. Pry doesn't play nice
-  # with unicorn, so start a Webrick server when debugging
-  # with Pry
-  gem 'pry'
-  gem 'better_errors'
-  gem 'binding_of_caller'
-  gem 'letter_opener'
-end
+gem 'activemerchant'
+gem 'active_utils'
+gem 'sidekiq'
 
 # Markdown formatting for updates etc
 gem 'bluecloth'
@@ -95,39 +48,96 @@ gem 'bluecloth'
 gem 'will_paginate', '~> 3.0'
 
 # user signup/login/etc
-gem 'devise', '~> 3.2.0'
+gem 'devise', '>= 4.0.0'
 
 # nicely formatted URLs
-gem 'friendly_id', '~> 4.0.10'
+gem 'friendly_id', '~> 5.0.4'
 
 # gravatars
 gem 'gravatar-ultimate'
 
 # For geolocation
-gem 'geocoder',
-  :git => 'https://github.com/alexreisner/geocoder.git',
-  :ref => '104d46'
+gem 'geocoder'
 
 # For easy calendar selection
 gem 'bootstrap-datepicker-rails'
 
 # For connecting to other services (eg Twitter)
-gem 'omniauth'
-gem 'omniauth-twitter'
+gem 'omniauth', '~> 1.3'
+gem 'omniauth-facebook'
 gem 'omniauth-flickr', '>= 0.0.15'
+gem 'omniauth-twitter', '~> 1.2'
+
+# For charting data
+gem 'd3-rails', '~> 3.5' # 4.* produces Error: <spyOn> : could not find an object to spy upon for linear() - see https://travis-ci.org/Growstuff/growstuff/jobs/204461482
+
+# client for Elasticsearch. Elasticsearch is a flexible
+# and powerful, distributed, real-time search and analytics engine.
+# An example of the use in the project is fuzzy crop search.
+
+# Project does not use semver, so we want to be in sync with the version of
+# elasticsearch we use
+# See https://github.com/elastic/elasticsearch-ruby#compatibility
+gem "elasticsearch-api", "~> 2.0.0"
+gem "elasticsearch-model"
+gem "elasticsearch-rails"
+gem "hashie", ">= 3.5.3"
 
 gem 'rake', '>= 10.0.0'
 
-group :development, :test do
-  gem 'byebug'                       # debugging
-  gem 'haml-rails'                   # HTML templating language
-  gem 'rspec-rails', '~> 2.12.1'     # unit testing framework
-  gem 'database_cleaner', '~> 1.3.0'
-  gem 'webrat'                       # provides HTML matchers for view tests
-  gem 'factory_girl_rails', '~> 4.0' # for creating test data
-  gem 'coveralls', require: false    # coverage analysis
-  gem 'capybara'                     # integration tests
-  gem 'capybara-email'               # integration tests for email
-  gem 'poltergeist', '~> 1.5.1'      # for headless JS testing
-  gem 'i18n-tasks'                   # adds tests for finding missing and unused translations
+# # CMS
+# gem 'comfortable_mexican_sofa', '~> 1.12.0'
+
+group :production, :staging do
+  gem 'bonsai-elasticsearch-rails' # Integration with Bonsa-Elasticsearch on heroku
+  gem 'dalli'
+  gem 'memcachier'
+  gem 'newrelic_rpm'
+  gem 'rails_12factor' # supresses heroku plugin injection
+  gem 'sparkpost_rails'
+end
+
+group :development do
+  # A debugger and irb alternative. Pry doesn't play nice
+  # with unicorn, so start a Webrick server when debugging
+  # with Pry
+  gem 'better_errors'
+  gem 'binding_of_caller'
+  gem 'guard'
+  gem 'guard-rspec'
+  gem 'letter_opener'
+  gem 'pry'
+  gem 'quiet_assets'
+end
+
+group :development, :test do
+  gem "active_merchant-paypal-bogus-gateway"
+  gem 'bullet'                          # performance tuning by finding unnecesary queries
+  gem 'byebug'                          # debugging
+  gem 'capybara'                        # integration tests
+  gem 'capybara-email'                  # integration tests for email
+  gem 'capybara-screenshot'             # for test debugging
+  gem 'coveralls', require: false       # coverage analysis
+  gem 'database_cleaner', '~> 1.5.0'
+  gem 'factory_girl_rails'              # for creating test data
+  gem 'haml-i18n-extractor'
+  gem 'haml-rails'                      # HTML templating language
+  gem 'haml_lint'                       # Checks haml files for goodness
+  gem 'i18n-tasks'                      # adds tests for finding missing and unused translations
+  gem 'jasmine'                         # javascript unit testing
+  gem 'poltergeist'                     # for headless JS testing
+  gem 'rainbow', '< 2.2.0' # See https://github.com/sickill/rainbow/issues/44
+  gem 'rspec-activemodel-mocks'
+  gem 'rspec-rails' # unit testing framework
+  gem 'rubocop', '<= 0.47.1', require: false # Pin to rubocop (0.47.1) as 0.48.0 is buggy
+  gem 'selenium-webdriver'
+  gem 'webrat' # provides HTML matchers for view tests
+end
+
+group :test do
+  gem 'codeclimate-test-reporter', require: false
+end
+
+group :travis do
+  gem 'heroku-api'
 end

Gemfile.lock

@@ -1,320 +1,509 @@
-GIT
-  remote: https://github.com/alexreisner/geocoder.git
-  revision: 104d466ba7097b7dce5ba19f8e4091b7f69ccdf6
-  ref: 104d46
-  specs:
-    geocoder (1.1.8)
-
-PATH
-  remote: vendor/gems/active_utils-1.0.5
-  specs:
-    active_utils (1.0.5)
-      activesupport (>= 2.3.11)
-      i18n
-
-PATH
-  remote: vendor/gems/activemerchant-1.33.0
-  specs:
-    activemerchant (1.33.0)
-
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (3.2.13)
-      actionpack (= 3.2.13)
-      mail (~> 2.5.3)
-    actionpack (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-      builder (~> 3.0.0)
+    actionmailer (4.2.8)
+      actionpack (= 4.2.8)
+      actionview (= 4.2.8)
+      activejob (= 4.2.8)
+      mail (~> 2.5, >= 2.5.4)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+    actionpack (4.2.8)
+      actionview (= 4.2.8)
+      activesupport (= 4.2.8)
+      rack (~> 1.6)
+      rack-test (~> 0.6.2)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.2)
+    actionview (4.2.8)
+      activesupport (= 4.2.8)
+      builder (~> 3.1)
       erubis (~> 2.7.0)
-      journey (~> 1.0.4)
-      rack (~> 1.4.5)
-      rack-cache (~> 1.2)
-      rack-test (~> 0.6.1)
-      sprockets (~> 2.2.1)
-    activemodel (3.2.13)
-      activesupport (= 3.2.13)
-      builder (~> 3.0.0)
-    activerecord (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activeresource (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-    activesupport (3.2.13)
-      i18n (= 0.6.1)
-      multi_json (~> 1.0)
-    addressable (2.3.6)
-    arel (3.0.3)
-    bcrypt (3.1.9)
-    better_errors (2.0.0)
+      rails-dom-testing (~> 1.0, >= 1.0.5)
+      rails-html-sanitizer (~> 1.0, >= 1.0.3)
+    active_link_to (1.0.4)
+      actionpack
+      addressable
+    active_merchant-paypal-bogus-gateway (0.1.0)
+      activemerchant
+    active_utils (3.3.3)
+      activesupport (>= 3.2, < 5.2.0)
+      i18n
+    activejob (4.2.8)
+      activesupport (= 4.2.8)
+      globalid (>= 0.3.0)
+    activemerchant (1.64.0)
+      activesupport (>= 3.2.14, < 5.1)
+      builder (>= 2.1.2, < 4.0.0)
+      i18n (>= 0.6.9)
+      nokogiri (~> 1.4)
+    activemodel (4.2.8)
+      activesupport (= 4.2.8)
+      builder (~> 3.1)
+    activerecord (4.2.8)
+      activemodel (= 4.2.8)
+      activesupport (= 4.2.8)
+      arel (~> 6.0)
+    activesupport (4.2.8)
+      i18n (~> 0.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.3, >= 0.3.4)
+      tzinfo (~> 1.1)
+    addressable (2.5.1)
+      public_suffix (~> 2.0, >= 2.0.2)
+    arel (6.0.4)
+    ast (2.3.0)
+    autoprefixer-rails (6.7.7.2)
+      execjs
+    bcrypt (3.1.11)
+    better_errors (2.1.1)
       coderay (>= 1.0.0)
       erubis (>= 2.6.6)
       rack (>= 0.9.0)
     binding_of_caller (0.7.2)
       debug_inspector (>= 0.0.1)
     bluecloth (2.2.0)
-    bootstrap-datepicker-rails (1.3.0.2)
+    bonsai-elasticsearch-rails (0.2.0)
+      elasticsearch-model (~> 0)
+      elasticsearch-rails (~> 0)
+    bootstrap-datepicker-rails (1.6.4.1)
       railties (>= 3.0)
-    builder (3.0.4)
-    byebug (3.5.1)
-      columnize (~> 0.8)
-      debugger-linecache (~> 1.2)
-      slop (~> 3.6)
-    cancan (1.6.10)
-    capybara (2.4.4)
+    bootstrap-kaminari-views (0.0.5)
+      kaminari (>= 0.13)
+      rails (>= 3.1)
+    bootstrap-sass (3.3.7)
+      autoprefixer-rails (>= 5.2.1)
+      sass (>= 3.3.4)
+    bootstrap_form (2.6.0)
+    builder (3.2.3)
+    bullet (5.5.1)
+      activesupport (>= 3.0.0)
+      uniform_notifier (~> 1.10.0)
+    byebug (9.0.6)
+    cancancan (1.16.0)
+    capybara (2.13.0)
+      addressable
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
       rack (>= 1.0.0)
       rack-test (>= 0.5.4)
       xpath (~> 2.0)
-    capybara-email (2.4.0)
+    capybara-email (2.5.0)
       capybara (~> 2.4)
       mail
-    chunky_png (1.3.3)
+    capybara-screenshot (1.0.14)
+      capybara (>= 1.0, < 3)
+      launchy
+    childprocess (0.6.3)
+      ffi (~> 1.0, >= 1.0.11)
+    climate_control (0.1.0)
     cliver (0.3.2)
-    coderay (1.1.0)
-    coffee-rails (3.2.2)
+    cocaine (0.5.8)
+      climate_control (>= 0.0.3, < 1.0)
+    codeclimate-test-reporter (1.0.8)
+      simplecov (<= 0.13)
+    codemirror-rails (5.16.0)
+      railties (>= 3.0, < 6.0)
+    coderay (1.1.1)
+    coffee-rails (4.1.1)
       coffee-script (>= 2.2.0)
-      railties (~> 3.2.0)
-    coffee-script (2.3.0)
+      railties (>= 4.0.0, < 5.1.x)
+    coffee-script (2.4.1)
       coffee-script-source
       execjs
-    coffee-script-source (1.8.0)
-    columnize (0.8.9)
-    commonjs (0.2.7)
-    compass (0.12.7)
-      chunky_png (~> 1.2)
-      fssm (>= 0.2.7)
-      sass (~> 3.2.19)
-    compass-rails (1.0.3)
-      compass (>= 0.12.2, < 0.14)
-    coveralls (0.7.1)
-      multi_json (~> 1.3)
-      rest-client
-      simplecov (>= 0.7)
-      term-ansicolor
-      thor
-    csv_shaper (1.1.1)
+    coffee-script-source (1.12.2)
+    comfortable_mexican_sofa (1.12.10)
+      active_link_to (>= 1.0.0)
+      bootstrap-sass (>= 3.2.0)
+      bootstrap_form (>= 2.2.0)
+      codemirror-rails (>= 3.0.0)
+      coffee-rails (>= 3.1.0)
+      haml-rails (>= 0.3.0)
+      jquery-rails (>= 3.0.0)
+      jquery-ui-rails (>= 5.0.0)
+      kramdown (>= 1.0.0)
+      paperclip (>= 4.0.0)
+      plupload-rails (>= 1.2.1)
+      rails (>= 4.0.0, < 5.1)
+      rails-i18n (>= 4.0.0)
+      sass-rails (>= 4.0.3)
+    concurrent-ruby (1.0.5)
+    connection_pool (2.2.1)
+    coveralls (0.8.19)
+      json (>= 1.8, < 3)
+      simplecov (~> 0.12.0)
+      term-ansicolor (~> 1.3)
+      thor (~> 0.19.1)
+      tins (~> 1.6)
+    csv_shaper (1.3.0)
       activesupport (>= 3.0.0)
-    dalli (2.7.2)
-    database_cleaner (1.3.0)
+    d3-rails (3.5.17)
+      railties (>= 3.1)
+    dalli (2.7.6)
+    database_cleaner (1.5.3)
     debug_inspector (0.0.2)
-    debugger-linecache (1.2.0)
-    devise (3.2.4)
+    devise (4.2.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 3.2.6, < 5)
-      thread_safe (~> 0.1)
+      railties (>= 4.1.0, < 5.1)
+      responders
       warden (~> 1.2.3)
-    diff-lcs (1.1.3)
+    diff-lcs (1.3)
     docile (1.1.5)
     easy_translate (0.5.0)
       json
       thread
       thread_safe
+    elasticsearch (2.0.2)
+      elasticsearch-api (= 2.0.2)
+      elasticsearch-transport (= 2.0.2)
+    elasticsearch-api (2.0.2)
+      multi_json
+    elasticsearch-model (0.1.9)
+      activesupport (> 3)
+      elasticsearch (> 0.4)
+      hashie
+    elasticsearch-rails (0.1.9)
+    elasticsearch-transport (2.0.2)
+      faraday
+      multi_json
     erubis (2.7.0)
-    execjs (2.2.2)
-    factory_girl (4.5.0)
+    excon (0.55.0)
+    execjs (2.7.0)
+    factory_girl (4.8.0)
       activesupport (>= 3.0.0)
-    factory_girl_rails (4.5.0)
-      factory_girl (~> 4.5.0)
+    factory_girl_rails (4.8.0)
+      factory_girl (~> 4.8.0)
       railties (>= 3.0.0)
-    figaro (1.0.0)
+    faraday (0.11.0)
+      multipart-post (>= 1.2, < 3)
+    ffi (1.9.18)
+    figaro (1.1.1)
       thor (~> 0.14)
-    flickraw (0.9.8)
-    friendly_id (4.0.10.1)
-      activerecord (>= 3.0, < 4.0)
-    fssm (0.2.10)
-    gibbon (1.1.4)
+    flickraw (0.9.9)
+    font-awesome-sass (4.7.0)
+      sass (>= 3.2)
+    formatador (0.2.5)
+    friendly_id (5.0.5)
+      activerecord (>= 4.0.0)
+    geocoder (1.4.3)
+    gibbon (1.2.1)
       httparty
-      multi_json (>= 1.3.4)
+      multi_json (>= 1.9.0)
+    globalid (0.4.0)
+      activesupport (>= 4.2.0)
     gravatar-ultimate (2.0.0)
       activesupport (>= 2.3.14)
       rack
-    haml (4.0.5)
+    guard (2.14.1)
+      formatador (>= 0.2.4)
+      listen (>= 2.7, < 4.0)
+      lumberjack (~> 1.0)
+      nenv (~> 0.1)
+      notiffany (~> 0.0)
+      pry (>= 0.9.12)
+      shellany (~> 0.0)
+      thor (>= 0.18.1)
+    guard-compat (1.2.1)
+    guard-rspec (4.7.3)
+      guard (~> 2.1)
+      guard-compat (~> 1.1)
+      rspec (>= 2.99.0, < 4.0)
+    haml (4.0.7)
       tilt
-    haml-rails (0.4)
-      actionpack (>= 3.1, < 4.1)
-      activesupport (>= 3.1, < 4.1)
-      haml (>= 3.1, < 4.1)
-      railties (>= 3.1, < 4.1)
-    hashie (3.3.2)
-    highline (1.6.21)
-    hike (1.2.3)
-    httparty (0.11.0)
-      multi_json (~> 1.0)
-      multi_xml (>= 0.5.2)
-    i18n (0.6.1)
-    i18n-tasks (0.7.8)
+    haml-i18n-extractor (0.5.9)
       activesupport
+      haml
+      highline
+      tilt
+      trollop (= 1.16.2)
+    haml-rails (0.9.0)
+      actionpack (>= 4.0.1)
+      activesupport (>= 4.0.1)
+      haml (>= 4.0.6, < 5.0)
+      html2haml (>= 1.0.1)
+      railties (>= 4.0.1)
+    haml_lint (0.24.0)
+      haml (>= 4.0, < 5.1)
+      rainbow
+      rake (>= 10, < 13)
+      rubocop (>= 0.47.0)
+      sysexits (~> 1.1)
+    hashie (3.5.5)
+    heroku-api (0.4.2)
+      excon (~> 0.45)
+      multi_json (~> 1.8)
+    highline (1.7.8)
+    html2haml (2.1.0)
+      erubis (~> 2.7.0)
+      haml (~> 4.0)
+      nokogiri (>= 1.6.0)
+      ruby_parser (~> 3.5)
+    httparty (0.14.0)
+      multi_xml (>= 0.5.2)
+    i18n (0.8.1)
+    i18n-tasks (0.9.12)
+      activesupport (>= 4.0.2)
+      ast (>= 2.1.0)
       easy_translate (>= 0.5.0)
       erubis
-      highline
+      highline (>= 1.7.3)
       i18n
-      slop (>= 3.5.0)
-      term-ansicolor
-      terminal-table
-    journey (1.0.4)
-    jquery-rails (3.1.2)
-      railties (>= 3.0, < 5.0)
+      parser (>= 2.2.3.0)
+      term-ansicolor (>= 1.3.2)
+      terminal-table (>= 1.5.1)
+    jasmine (2.5.2)
+      jasmine-core (>= 2.5.1, < 3.0.0)
+      phantomjs
+      rack (>= 1.2.1)
+      rake
+    jasmine-core (2.5.2)
+    jquery-rails (4.3.1)
+      rails-dom-testing (>= 1, < 3)
+      railties (>= 4.2.0)
       thor (>= 0.14, < 2.0)
-    jquery-ui-rails (4.1.2)
-      railties (>= 3.1.0)
-    js-routes (0.9.9)
+    jquery-ui-rails (5.0.5)
+      railties (>= 3.2.16)
+    js-routes (1.3.3)
       railties (>= 3.2)
       sprockets-rails
-    json (1.7.7)
-    kgio (2.9.2)
+    json (2.0.4)
+    jwt (1.5.6)
+    kaminari (0.17.0)
+      actionpack (>= 3.0.0)
+      activesupport (>= 3.0.0)
+    kgio (2.11.0)
+    kramdown (1.13.2)
     launchy (2.4.3)
       addressable (~> 2.3)
     leaflet-markercluster-rails (0.7.0)
       railties (>= 3.1)
-    leaflet-rails (0.7.4)
-    less (2.5.1)
-      commonjs (~> 0.2.7)
-    less-rails (2.5.0)
-      actionpack (>= 3.1)
-      less (~> 2.5.0)
-    less-rails-bootstrap (3.2.0)
-      less-rails (~> 2.5.0)
-    letter_opener (1.2.0)
+    leaflet-rails (0.7.7)
+    letter_opener (1.4.1)
       launchy (~> 2.2)
-    libv8 (3.16.14.7)
-    mail (2.5.4)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
+    listen (3.1.5)
+      rb-fsevent (~> 0.9, >= 0.9.4)
+      rb-inotify (~> 0.9, >= 0.9.7)
+      ruby_dep (~> 1.2)
+    loofah (2.0.3)
+      nokogiri (>= 1.5.9)
+    lumberjack (1.0.11)
+    mail (2.6.4)
+      mime-types (>= 1.16, < 4)
     memcachier (0.0.2)
     method_source (0.8.2)
-    mime-types (1.25.1)
-    mini_portile (0.6.1)
-    multi_json (1.10.1)
-    multi_xml (0.5.5)
-    netrc (0.8.0)
-    newrelic_rpm (3.9.7.266)
-    nokogiri (1.6.5)
-      mini_portile (~> 0.6.0)
-    oauth (0.4.7)
-    omniauth (1.2.2)
-      hashie (>= 1.2, < 4)
-      rack (~> 1.0)
-    omniauth-flickr (0.0.15)
+    mime-types (3.1)
+      mime-types-data (~> 3.2015)
+    mime-types-data (3.2016.0521)
+    mimemagic (0.3.2)
+    mini_portile2 (2.1.0)
+    minitest (5.10.1)
+    multi_json (1.11.3)
+    multi_xml (0.6.0)
+    multipart-post (2.0.0)
+    nenv (0.3.0)
+    newrelic_rpm (4.1.0.333)
+    nokogiri (1.7.1)
+      mini_portile2 (~> 2.1.0)
+    notiffany (0.1.1)
+      nenv (~> 0.1)
+      shellany (~> 0.0)
+    oauth (0.5.1)
+    oauth2 (1.3.1)
+      faraday (>= 0.8, < 0.12)
+      jwt (~> 1.0)
+      multi_json (~> 1.3)
+      multi_xml (~> 0.5)
+      rack (>= 1.2, < 3)
+    omniauth (1.6.1)
+      hashie (>= 3.4.6, < 3.6.0)
+      rack (>= 1.6.2, < 3)
+    omniauth-facebook (4.0.0)
+      omniauth-oauth2 (~> 1.2)
+    omniauth-flickr (0.0.19)
+      multi_json (~> 1.11.0)
       omniauth-oauth (~> 1.0)
-    omniauth-oauth (1.0.1)
+    omniauth-oauth (1.1.0)
       oauth
       omniauth (~> 1.0)
-    omniauth-twitter (1.1.0)
-      multi_json (~> 1.3)
-      omniauth-oauth (~> 1.0)
+    omniauth-oauth2 (1.4.0)
+      oauth2 (~> 1.0)
+      omniauth (~> 1.2)
+    omniauth-twitter (1.4.0)
+      omniauth-oauth (~> 1.1)
+      rack
     orm_adapter (0.5.0)
-    pg (0.17.1)
-    poltergeist (1.5.1)
+    paperclip (5.1.0)
+      activemodel (>= 4.2.0)
+      activesupport (>= 4.2.0)
+      cocaine (~> 0.5.5)
+      mime-types
+      mimemagic (~> 0.3.0)
+    parser (2.4.0.0)
+      ast (~> 2.2)
+    pg (0.20.0)
+    phantomjs (2.1.1.0)
+    plupload-rails (1.2.1)
+      rails (>= 3.1)
+    poltergeist (1.14.0)
       capybara (~> 2.1)
       cliver (~> 0.3.1)
-      multi_json (~> 1.0)
       websocket-driver (>= 0.2.0)
-    polyglot (0.3.5)
-    pry (0.10.1)
+    powerpack (0.1.1)
+    pry (0.10.4)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
-    rack (1.4.5)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.4)
+    public_suffix (2.0.5)
+    quiet_assets (1.1.0)
+      railties (>= 3.1, < 5.0)
+    rack (1.6.5)
+    rack-protection (1.5.3)
       rack
-    rack-test (0.6.2)
+    rack-test (0.6.3)
       rack (>= 1.0)
-    rails (3.2.13)
-      actionmailer (= 3.2.13)
-      actionpack (= 3.2.13)
-      activerecord (= 3.2.13)
-      activeresource (= 3.2.13)
-      activesupport (= 3.2.13)
-      bundler (~> 1.0)
-      railties (= 3.2.13)
+    rails (4.2.8)
+      actionmailer (= 4.2.8)
+      actionpack (= 4.2.8)
+      actionview (= 4.2.8)
+      activejob (= 4.2.8)
+      activemodel (= 4.2.8)
+      activerecord (= 4.2.8)
+      activesupport (= 4.2.8)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.2.8)
+      sprockets-rails
+    rails-deprecated_sanitizer (1.0.3)
+      activesupport (>= 4.2.0.alpha)
+    rails-dom-testing (1.0.8)
+      activesupport (>= 4.2.0.beta, < 5.0)
+      nokogiri (~> 1.6)
+      rails-deprecated_sanitizer (>= 1.0.1)
+    rails-html-sanitizer (1.0.3)
+      loofah (~> 2.0)
+    rails-i18n (4.0.9)
+      i18n (~> 0.7)
+      railties (~> 4.0)
     rails_12factor (0.0.3)
       rails_serve_static_assets
       rails_stdout_logging
-    rails_serve_static_assets (0.0.2)
-    rails_stdout_logging (0.0.3)
-    railties (3.2.13)
-      actionpack (= 3.2.13)
-      activesupport (= 3.2.13)
-      rack-ssl (~> 1.3.2)
+    rails_serve_static_assets (0.0.5)
+    rails_stdout_logging (0.0.5)
+    railties (4.2.8)
+      actionpack (= 4.2.8)
+      activesupport (= 4.2.8)
       rake (>= 0.8.7)
-      rdoc (~> 3.4)
-      thor (>= 0.14.6, < 2.0)
-    raindrops (0.13.0)
-    rake (10.4.0)
-    rdoc (3.12.2)
-      json (~> 1.4)
-    ref (1.0.5)
-    rest-client (1.7.2)
-      mime-types (>= 1.16, < 3.0)
-      netrc (~> 0.7)
-    rspec-core (2.12.2)
-    rspec-expectations (2.12.1)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.12.2)
-    rspec-rails (2.12.2)
+      thor (>= 0.18.1, < 2.0)
+    rainbow (2.1.0)
+    raindrops (0.18.0)
+    rake (12.0.0)
+    rb-fsevent (0.9.8)
+    rb-inotify (0.9.8)
+      ffi (>= 0.5.0)
+    redis (3.3.3)
+    responders (2.3.0)
+      railties (>= 4.2.0, < 5.1)
+    rspec (3.5.0)
+      rspec-core (~> 3.5.0)
+      rspec-expectations (~> 3.5.0)
+      rspec-mocks (~> 3.5.0)
+    rspec-activemodel-mocks (1.0.3)
+      activemodel (>= 3.0)
+      activesupport (>= 3.0)
+      rspec-mocks (>= 2.99, < 4.0)
+    rspec-core (3.5.4)
+      rspec-support (~> 3.5.0)
+    rspec-expectations (3.5.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.5.0)
+    rspec-mocks (3.5.0)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.5.0)
+    rspec-rails (3.5.2)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 2.12.0)
-      rspec-expectations (~> 2.12.0)
-      rspec-mocks (~> 2.12.0)
-    sass (3.2.19)
-    sass-rails (3.2.6)
-      railties (~> 3.2.0)
-      sass (>= 3.1.10)
-      tilt (~> 1.3)
-    simplecov (0.9.1)
+      rspec-core (~> 3.5.0)
+      rspec-expectations (~> 3.5.0)
+      rspec-mocks (~> 3.5.0)
+      rspec-support (~> 3.5.0)
+    rspec-support (3.5.0)
+    rubocop (0.47.1)
+      parser (>= 2.3.3.1, < 3.0)
+      powerpack (~> 0.1)
+      rainbow (>= 1.99.1, < 3.0)
+      ruby-progressbar (~> 1.7)
+      unicode-display_width (~> 1.0, >= 1.0.1)
+    ruby-progressbar (1.8.1)
+    ruby-units (2.1.0)
+    ruby_dep (1.5.0)
+    ruby_parser (3.9.0)
+      sexp_processor (~> 4.1)
+    rubyzip (1.2.1)
+    sass (3.4.23)
+    sass-rails (5.0.6)
+      railties (>= 4.0.0, < 6)
+      sass (~> 3.1)
+      sprockets (>= 2.8, < 4.0)
+      sprockets-rails (>= 2.0, < 4.0)
+      tilt (>= 1.1, < 3)
+    selenium-webdriver (3.3.0)
+      childprocess (~> 0.5)
+      rubyzip (~> 1.0)
+      websocket (~> 1.0)
+    sexp_processor (4.9.0)
+    shellany (0.0.1)
+    sidekiq (4.2.10)
+      concurrent-ruby (~> 1.0)
+      connection_pool (~> 2.2, >= 2.2.0)
+      rack-protection (>= 1.5.0)
+      redis (~> 3.2, >= 3.2.1)
+    simplecov (0.12.0)
       docile (~> 1.1.0)
-      multi_json (~> 1.0)
-      simplecov-html (~> 0.8.0)
-    simplecov-html (0.8.0)
+      json (>= 1.8, < 3)
+      simplecov-html (~> 0.10.0)
+    simplecov-html (0.10.0)
     slop (3.6.0)
-    sprockets (2.2.3)
-      hike (~> 1.2)
-      multi_json (~> 1.0)
-      rack (~> 1.0)
-      tilt (~> 1.1, != 1.3.0)
-    sprockets-rails (0.0.1)
-      sprockets (>= 1.0.2)
-    term-ansicolor (1.3.0)
+    sparkpost_rails (1.4.0)
+      rails (>= 4.0, < 5.1)
+    sprockets (3.7.1)
+      concurrent-ruby (~> 1.0)
+      rack (> 1, < 3)
+    sprockets-rails (3.2.0)
+      actionpack (>= 4.0)
+      activesupport (>= 4.0)
+      sprockets (>= 3.0.0)
+    sysexits (1.2.0)
+    term-ansicolor (1.6.0)
       tins (~> 1.0)
-    terminal-table (1.4.5)
-    therubyracer (0.12.1)
-      libv8 (~> 3.16.14.0)
-      ref
-    thor (0.19.1)
-    thread (0.1.4)
-    thread_safe (0.3.4)
-    tilt (1.4.1)
-    tins (1.3.3)
-    treetop (1.4.15)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.42)
-    uglifier (2.2.1)
+    terminal-table (1.7.3)
+      unicode-display_width (~> 1.1.1)
+    thor (0.19.4)
+    thread (0.2.2)
+    thread_safe (0.3.6)
+    tilt (2.0.7)
+    tins (1.13.2)
+    trollop (1.16.2)
+    tzinfo (1.2.3)
+      thread_safe (~> 0.1)
+    uglifier (2.7.2)
       execjs (>= 0.3.0)
-      multi_json (~> 1.0, >= 1.0.2)
-    unicorn (4.8.3)
+      json (>= 1.8.0)
+    unicode-display_width (1.1.3)
+    unicorn (5.3.0)
       kgio (~> 2.6)
-      rack
       raindrops (~> 0.7)
-    warden (1.2.3)
+    uniform_notifier (1.10.0)
+    warden (1.2.7)
       rack (>= 1.0)
     webrat (0.7.3)
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
-    websocket-driver (0.4.0)
-    will_paginate (3.0.7)
+    websocket (1.2.4)
+    websocket-driver (0.6.5)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.2)
+    will_paginate (3.1.5)
     xpath (2.0.0)
       nokogiri (~> 1.3)
 
@@ -322,61 +511,89 @@ PLATFORMS
   ruby
 
 DEPENDENCIES
-  active_utils (= 1.0.5)!
-  activemerchant (= 1.33.0)!
+  active_merchant-paypal-bogus-gateway
+  active_utils
+  activemerchant
   better_errors
   binding_of_caller
   bluecloth
+  bonsai-elasticsearch-rails
   bootstrap-datepicker-rails
+  bootstrap-kaminari-views
+  bootstrap-sass (~> 3.3.6)
+  bullet
   bundler (>= 1.1.5)
   byebug
-  cancan
+  cancancan (~> 1.9)
   capybara
   capybara-email
-  coffee-rails (~> 3.2.1)
-  compass-rails (~> 1.0.3)
+  capybara-screenshot
+  codeclimate-test-reporter
+  coffee-rails (~> 4.1.0)
+  comfortable_mexican_sofa (~> 1.12.0)
   coveralls
   csv_shaper
+  d3-rails (~> 3.5)
   dalli
-  database_cleaner (~> 1.3.0)
-  devise (~> 3.2.0)
-  factory_girl_rails (~> 4.0)
+  database_cleaner (~> 1.5.0)
+  devise (>= 4.0.0)
+  elasticsearch-api (~> 2.0.0)
+  elasticsearch-model
+  elasticsearch-rails
+  factory_girl_rails
   figaro
   flickraw
-  friendly_id (~> 4.0.10)
-  geocoder!
-  gibbon
+  font-awesome-sass
+  friendly_id (~> 5.0.4)
+  geocoder
+  gibbon (~> 1.2.0)
   gravatar-ultimate
+  guard
+  guard-rspec
   haml
+  haml-i18n-extractor
   haml-rails
+  haml_lint
+  hashie (>= 3.5.3)
+  heroku-api
   i18n-tasks
+  jasmine
   jquery-rails
-  jquery-ui-rails
+  jquery-ui-rails (~> 5.0.2)
   js-routes
-  json (~> 1.7.7)
+  kaminari (~> 0.17.0)
   leaflet-markercluster-rails
-  leaflet-rails
-  less (~> 2.5.0)
-  less-rails (~> 2.5.0)
-  less-rails-bootstrap (~> 3.2.0)
+  leaflet-rails (~> 0.7.7)
   letter_opener
-  libv8 (= 3.16.14.7)
   memcachier
   newrelic_rpm
-  omniauth
+  omniauth (~> 1.3)
+  omniauth-facebook
   omniauth-flickr (>= 0.0.15)
-  omniauth-twitter
+  omniauth-twitter (~> 1.2)
   pg
-  poltergeist (~> 1.5.1)
+  poltergeist
   pry
-  rack (~> 1.4.5)
-  rails (= 3.2.13)
+  quiet_assets
+  rails (~> 4.2.7)
   rails_12factor
+  rainbow (< 2.2.0)
   rake (>= 10.0.0)
-  rspec-rails (~> 2.12.1)
-  sass-rails (~> 3.2.3)
-  therubyracer (~> 0.12)
-  uglifier (>= 1.0.3)
+  rspec-activemodel-mocks
+  rspec-rails
+  rubocop (<= 0.47.1)
+  ruby-units
+  sass-rails (~> 5.0.4)
+  selenium-webdriver
+  sidekiq
+  sparkpost_rails
+  uglifier (~> 2.7.2)
   unicorn
   webrat
   will_paginate (~> 3.0)
+
+RUBY VERSION
+   ruby 2.3.4p301
+
+BUNDLED WITH
+   1.14.6

Guardfile

@@ -0,0 +1,13 @@
+guard :rspec,
+      cmd: 'bundle exec rspec --format documentation',
+      failed_mode: :keep do
+  watch(%r{^spec/.+_spec\.rb$})
+  watch(%r{^lib/(.+)\.rb$}) { |m| "spec/libs/#{m[1]}_spec.rb" }
+  watch('spec/spec_helper.rb')  { "spec" }
+
+  # Rails example
+  watch(%r{^app/(.+)\.rb$})                           { |m| "spec/#{m[1]}_spec.rb" }
+  watch(%r{^app/(.*)(\.erb|\.haml|\.slim)$})          { |m| "spec/#{m[1]}#{m[2]}_spec.rb" }
+  watch(%r{^spec/support/(.+)\.rb$})                  { "spec" }
+  watch('config/routes.rb')                           { "spec/routing" }
+end

README.md

@@ -1,7 +1,8 @@
 # Growstuff
 
-[![Build Status](https://travis-ci.org/Growstuff/growstuff.png)](https://travis-ci.org/Growstuff/growstuff)
+[![Build Status](https://travis-ci.org/Growstuff/growstuff.svg?branch=dev)](https://travis-ci.org/Growstuff/growstuff)
 [![Coverage Status](https://coveralls.io/repos/Growstuff/growstuff/badge.png)](https://coveralls.io/r/Growstuff/growstuff)
+[![Code Climate](https://codeclimate.com/github/Growstuff/growstuff/badges/gpa.svg)](https://codeclimate.com/github/Growstuff/growstuff)
 
 Welcome to the Growstuff project.
 
@@ -18,8 +19,8 @@ encourage participation from people of all backgrounds and skill levels.
 
 * [Issues](http://github.com/Growstuff/growstuff/issues) (features we're
   working on, known bugs, etc)
-* [Discussion forums](http://wiki.growstuff.org/index.php/Discussion_forums) (mailing lists, IRC, etc)
-* [Wiki](http://wiki.growstuff.org/) (general documentation)
+* [IRC](https://webchat.freenode.net/) growstuff channel (general chat, brainstorming and troubleshooting) or [Gitter](https://gitter.im/Growstuff/growstuff)
+* [Wiki](https://github.com/Growstuff/growstuff/wiki) (general documentation, etc. Help by migrating from the [old wiki](https://web.archive.org/web/*/wiki.growstuff.org))
 
 ## For coders
 
@@ -27,10 +28,9 @@ Growstuff is built in Ruby on Rails and also uses JavaScript for
 frontend features. We welcome contributions -- see
 [CONTRIBUTING](CONTRIBUTING.md) for details.
 
-* To set up your development environment, see [Getting started](http://wiki.growstuff.org/index.php/Development/Getting_Started).
-* We encourage [pair programming](http://wiki.growstuff.org/index.php/Pairing), especially for newer developers. [Find a pair programming partner.](http://talk.growstuff.org/t/find-a-pair-programming-partner/13)
-* Drop in to one of our [discussion forums](http://wiki.growstuff.org/index.php/Discussion_forums) to chat to other developers, get help, etc.
-* You may also be interested in our [API](http://wiki.growstuff.org/index.php/API).
+* To set up your development environment, see [Getting started](https://github.com/Growstuff/growstuff/wiki/New-contributor-guide).
+* We encourage [pair programming](http://wiki.growstuff.org/index.php/Pairing), especially for newer developers.
+* You may also be interested in our [API](https://github.com/Growstuff/growstuff/wiki/API).
 
 ## For designers, writers, researchers, data wranglers, and other contributors
 
@@ -39,22 +39,23 @@ your skills and interests.
 
 You might like to check out:
 
-* The [Get Involved](http://wiki.growstuff.org/index.php/Get_involved)
+* The [New Contributor Guide](https://github.com/Growstuff/growstuff/wiki/New-contributor-guide)
   page on our wiki, which has lots of detail for different areas
-* [Growstuff Talk](http://talk.growstuff.org/) especially the [Idea category](http://talk.growstuff.org/c/idea)
 
 Here on Github, you might find these useful:
 
+* [Waffle](http://waffle.io/Growstuff/growstuff) has stories in "ready" that can be worked on.
 * [needs: design](https://github.com/Growstuff/growstuff/labels/needs:%20design) - tasks requiring high-level design
 * [needs: visual design](https://github.com/Growstuff/growstuff/labels/needs:%20visual design) - tasks requiring visual/graphical design
 * [needs: documentation](https://github.com/Growstuff/growstuff/labels/needs:%20documentation)
 * [needs: data](https://github.com/Growstuff/growstuff/labels/needs:%20data) - tasks requiring data entry, data design, data import, or similar
+* [curated:beginner](https://github.com/Growstuff/growstuff/labels/curated:%20beginner) - tasks that are ideal for beginner programmers or people new to the project
 
-Feel free to comment on any of the issues you find there, or open up a broader conversation on [Growstuff Talk](http://talk.growstuff.org).
+Feel free to comment on any of the issues on [Github](https://github.com/Growstuff/growstuff/issues).
 
 ## Contact
 
 For more information about this project, contact [info@growstuff.org](mailto:info@growstuff.org).
 
 You can also contact us on [Twitter](http://twitter.com/growstufforg/) or
-[Facebook](https://www.facebook.com/pages/Growstuff/1531133417099494).
+[Facebook](https://www.facebook.com/pages/Growstuff/1531133417099494) or [Github](https://github.com/Growstuff/growstuff/issues)..

app/assets/javascripts/append_date.js.coffee

@@ -5,17 +5,15 @@
 jQuery ->
 
   el = $('.append-date')
-  
+
   el.datepicker({'format': 'yyyy-mm-dd'})
 
-  href = el.attr('href')
-
-  originalText = el.text()
-
   el.click (e) ->
     e.stopPropagation()
     e.preventDefault()
 
+    originalText = $(this).text()
+    href = $(this).attr('href')
     $(this).text('Confirm without date')
 
     $(this).bind('click.confirm', (e) ->
@@ -31,6 +29,8 @@ jQuery ->
 
   el.one 'changeDate', ->
     date = $(this).datepicker('getDate')
+    href = $(this).attr('href')
+
     url  = "#{href}&planting[finished_at]=#{date}"
 
     link = $("<a href='#{url}' data-method='put'></a>")

app/assets/javascripts/application.js

@@ -15,8 +15,7 @@
 //= require js-routes
 //= require jquery
 //= require jquery_ujs
-//= require jquery.ui.autocomplete
-//= require twitter/bootstrap
-//= require_tree .
+//= require jquery-ui/autocomplete
+//= require bootstrap-sprockets
 //= require bootstrap-datepicker
-
+//= require_tree .

app/assets/javascripts/comfy/admin/cms/custom.js.coffee

@@ -0,0 +1 @@
+# Custom JS for the admin area

app/assets/javascripts/crops.js.erb

@@ -1,6 +1,9 @@
+//= require graphs/horizontal_bar_graph
+
 if (document.getElementById("cropmap") !== null) {
   mapbox_map_id = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.mapbox_map_id %>";
-  mapbox_base_url = "https://c.tiles.mapbox.com/v3/" + mapbox_map_id + "/{z}/{x}/{y}.png";
+  mapbox_access_token = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.mapbox_access_token %>";
+  mapbox_base_url = "http://a.tiles.mapbox.com/v4/" + mapbox_map_id + "/{z}/{x}/{y}.png?access_token=" + mapbox_access_token;
 
   L.Icon.Default.imagePath = '/assets'
 
@@ -47,3 +50,42 @@ function showCropMap(cropmap) {
 
   cropmap.addLayer(markers);
 }
+
+function plantingStats(crop) {
+  var sunniness_counts = { 'empty': 0, 'sun': 0, 'semi-shade': 0, 'shade': 0 };
+  $.each(crop.plantings, function(i, planting) {
+    if (planting.sunniness) {
+      sunniness_counts[planting.sunniness]++;
+    } else {
+      sunniness_counts['Empty']++;
+    }
+  });
+  return [
+    {name: 'Empty', value: sunniness_counts['empty']},
+    {name: 'Sun', value: sunniness_counts['sun']},
+    {name: 'Semi-shade', value: sunniness_counts['semi-shade']},
+    {name: 'Shade', value: sunniness_counts['shade']}
+  ];
+}
+
+if ($("#sunchart")[0] !== null) {
+  var HorizontalBarGraph = growstuff.HorizontalBarGraph;
+  $.getJSON(location.pathname + '.json', function (crop) {
+    data = {
+      bars: plantingStats(crop),
+      bar_color: 'steelblue',
+      width: {size: 300, scale: 'linear'},
+      height: {size: 100, scale: 'ordinal'},
+      //left is used to shift the bars over so that there is
+      //room for the labels
+      margin: {top: 0, right: 0, bottom: 0, left: 100}
+    };
+
+    var graph = new HorizontalBarGraph(data);
+    graph.render(d3.select($('#sunchart')[0]));
+  });
+}
+
+$('.btn.toggle.crop-hierarchy').click(function () {
+  $('.toggle.crop-hierarchy').toggleClass('hide');
+});

app/assets/javascripts/finish_planting.js.coffee

@@ -9,11 +9,11 @@ jQuery ->
     finished = $('#planting_finished_at')
     if @checked
       if previousValue.length
-        date = previousValue 
+        date = previousValue
         finished.val(date)
       else
         finished.trigger('focus')
     else
       previousValue = finished.val()
       finished.val('')
-  )
+  )

app/assets/javascripts/graphs/bar_group.js

@@ -0,0 +1,50 @@
+//= require graphs/width_scale
+//= require graphs/height_scale
+
+(function(){
+  'use strict';
+
+  /*
+  This represents bars for a bar graph.
+  Currently these are used for HorizontalBarGraph.
+   */
+
+  var growstuff = (window.growstuff = window.growstuff || {});
+  var WidthScale = growstuff.WidthScale;
+  var HeightScale = growstuff.HeightScale;
+
+function BarGroup(data) {
+  this._data = data;
+}
+
+BarGroup.prototype.render = function(root){
+
+  var data = this._data;
+  var bars = this._data.bars;
+  var widthScale = new WidthScale(data).render();
+  var heightScale = new HeightScale(data).render();
+
+  return root.append('g')
+    .attr("class", "bar")
+    .selectAll("rect")
+    .data(bars.map(function(bar) { return bar.value; }))
+    .enter()
+    .append("rect")
+    .attr("y", function(d, i){
+      return heightScale(i);
+
+    })
+    .attr("height", heightScale.rangeBand())
+    .attr("fill", data.bar_color)
+    .attr("width", function(d){
+      return widthScale(d);
+    })
+    .append("title")
+    .text(function(d){
+      return 'This value is ' + d + '.';
+    });
+};
+
+growstuff.BarGroup = BarGroup;
+
+}());

app/assets/javascripts/graphs/bar_label_group.js

@@ -0,0 +1,40 @@
+(function() {
+  'use strict';
+
+/*
+This file draws the labels to the left of each bar.
+ */
+
+  var growstuff = (window.growstuff = window.growstuff || {});
+
+  function BarLabelGroup(data) {
+    this._data = data;
+  }
+
+  BarLabelGroup.prototype.render = function(d3){
+    var bars = this._data.bars;
+    //vvcopy pasta from spike vv  -- this is a good candidate for refactor
+    var barHeight = 40;
+
+    return d3.append('g')
+      .attr("class", "bar-label")
+      .selectAll("text")
+      .data(bars.map(function(bar){ return bar.name;}))
+      .enter()
+      .append("text")
+      .attr('x', -80)
+      .attr('y', function(d, i){
+        //shrink the margin between each label to give them an even spread with
+        //bars
+        var barLabelSpread = 2/3;
+        //move them downward to line up with bars
+        var barLabelTopEdge = 17;
+        return i * barHeight * (barLabelSpread) + barLabelTopEdge;
+      })
+      .text(function(d){return d;});
+
+  };
+
+  growstuff.BarLabelGroup = BarLabelGroup;
+
+}());

app/assets/javascripts/graphs/height_scale.js

@@ -0,0 +1,29 @@
+//=require d3
+
+/*
+Height Scale is used to map the number of bars to the display size of
+the svg
+ */
+
+(function(){
+  'use strict';
+
+  var growstuff = (window.growstuff = window.growstuff || {});
+
+  function HeightScale(data){
+    this._data = data;
+  }
+
+  HeightScale.prototype.render = function(){
+    var data = this._data;
+    var scaleType = data.height.scale;
+    var axisSize = data.height.size;
+
+    return d3.scale[scaleType]()
+        .domain(d3.range(data.bars.length))
+        .rangeRoundBands([0, data.height.size], 0.05, 0);
+  };
+
+  growstuff.HeightScale = HeightScale;
+
+}());

app/assets/javascripts/graphs/horizontal_bar_graph.js

@@ -0,0 +1,51 @@
+//= require d3
+//= require graphs/bar_group
+//= require graphs/bar_label_group
+
+/*
+Horizontal Bar Graph represents sum total of the graph including all of the parts:
+Bars
+Bar Labels
+
+The main dimensions of the graph are rendered here.
+ */
+
+(function() {
+  'use strict';
+
+  var growstuff = (window.growstuff = window.growstuff || {});
+  var BarGroup = growstuff.BarGroup;
+  var BarLabelGroup = growstuff.BarLabelGroup;
+
+  function HorizontalBarGraph(data) {
+    this._data = data;
+    this._d3 = d3;
+  }
+
+  HorizontalBarGraph.prototype.render = function(root) {
+    var bars = this._data.bars;
+    var width = this._data.width;
+    var height = this._data.height;
+
+    var barLabelGroup = new BarLabelGroup(this._data);
+    var margin = this._data.margin;
+
+    var barGroup = new BarGroup(this._data);
+
+    var svg = root
+      .append("svg")
+        .attr("width", width.size + margin.left + margin.right)
+        .attr("height", height.size + margin.top + margin.bottom)
+      .append("g")
+        .attr("class","bar-graph")
+        .attr("transform","translate(" + margin.left + "," + margin.top + ")");
+
+
+    barGroup.render(svg);
+    barLabelGroup.render(svg);
+
+    return svg;
+  };
+
+  growstuff.HorizontalBarGraph = HorizontalBarGraph;
+}());

app/assets/javascripts/graphs/width_scale.js

@@ -0,0 +1,33 @@
+//=require d3
+
+/*
+Width scale is used to map the value for the length of each bar
+to the display size of the svg
+ */
+
+(function(){
+  'use strict';
+
+  var growstuff = (window.growstuff = window.growstuff || {});
+
+  function WidthScale (data){
+    this._data = data;
+  }
+
+  WidthScale.prototype.render = function() {
+    var data = this._data;
+    var scaleType = data.width.scale;
+    var axisSize = data.width.size;
+
+    return d3.scale[scaleType]()
+        .domain([0, this.getMaxValue()])
+        .range([0, axisSize]);
+  };
+
+  WidthScale.prototype.getMaxValue = function(){
+    return d3.max(this._data.bars.map(function(bar) { return bar.value; }));
+  };
+
+  growstuff.WidthScale = WidthScale;
+
+}());

app/assets/javascripts/members.js.erb

@@ -1,6 +1,7 @@
 if (document.getElementById("membermap") !== null) {
   mapbox_map_id = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.mapbox_map_id %>";
-  mapbox_base_url = "https://c.tiles.mapbox.com/v3/" + mapbox_map_id + "/{z}/{x}/{y}.png";
+  mapbox_access_token = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.mapbox_access_token %>";
+  mapbox_base_url = "http://a.tiles.mapbox.com/v4/" + mapbox_map_id + "/{z}/{x}/{y}.png?access_token=" + mapbox_access_token;
 
   L.Icon.Default.imagePath = '/assets'
 

app/assets/javascripts/places.js.erb

@@ -1,7 +1,8 @@
 if (document.getElementById("placesmap") !== null) {
   places_base_path = "/places";
   mapbox_map_id = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.mapbox_map_id %>";
-  mapbox_base_url = "https://c.tiles.mapbox.com/v3/" + mapbox_map_id + "/{z}/{x}/{y}.png";
+  mapbox_access_token = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.mapbox_access_token %>";
+  mapbox_base_url = "http://a.tiles.mapbox.com/v4/" + mapbox_map_id + "/{z}/{x}/{y}.png?access_token=" + mapbox_access_token;
   nominatim_base_url = 'http://nominatim.openstreetmap.org/search/';
   nominatim_user_agent_email = "<%= Rails.env == 'test' ? 0 : Growstuff::Application.config.user_agent_email %>";
 

app/assets/javascripts/posts.js

@@ -0,0 +1,18 @@
+$(document).ready(function () {
+  $('.post-like').show();
+
+  $('.post-like').on('ajax:success', function(event, data) {
+    var like_control = $('#post-' + data.id + ' .post-like');
+
+    $('#post-' + data.id + ' .like-count').text(data.description);
+    if (data.liked_by_member) {
+      like_control.data("method", "delete");
+      like_control.attr("href", data.url);
+      like_control.text("Unlike");
+    } else {
+      like_control.data("method", "post");
+      like_control.attr("href", '/likes.json?post_id=' + data.id);
+      like_control.text("Like");
+    }
+  });
+});

app/assets/javascripts/seeds.js.coffee

@@ -4,3 +4,41 @@
 
 jQuery ->
   $('.add-datepicker').datepicker('format' : 'yyyy-mm-dd')
+  $('#add-sci_name-row').css("display", "inline-block")
+  $('#remove-sci_name-row').css("display", "inline-block")
+  $("#add-alt_name-row").css("display", "inline-block")
+  $("#remove-alt_name-row").css("display", "inline-block")
+
+$ ->
+  sci_template = "<div id='sci_template[INDEX]' class='template col-md-12'><div class='col-md-2'><label>Scientific name INDEX:</label></div><div class='col-md-8'><input name='sci_name[INDEX]' class='form-control', id='sci_name[INDEX]')'></input><span class='help-block'>Scientific name of crop.</span></div><div class='col-md-2'></div></div>"
+
+  sci_index = $('#scientific_names .template').length + 1
+
+  $('#add-sci_name-row').click ->
+    compiled_input = $(sci_template.split("INDEX").join(sci_index))
+    $('#scientific_names').append(compiled_input)
+    sci_index = sci_index + 1
+
+  $('#remove-sci_name-row').click ->
+    if (sci_index > 2)
+      sci_index = sci_index - 1
+      tmp = 'sci_template[' + sci_index + ']'
+      element = document.getElementById(tmp)
+      element.remove()
+
+  alt_template = "<div id='alt_template[INDEX]' class='template col-md-12'><div class='col-md-2'><label>Alternate name INDEX:</label></div><div class='col-md-8'><input name='alt_name[INDEX]' class='form-control', id='alt_name[INDEX]')'></input><span class='help-block'>Alternate name of crop.</span></div><div class='col-md-2'></div></div>"
+
+  alt_index = $('#alternate_names .template').length + 1
+
+  $('#add-alt_name-row').click ->
+    compiled_input = $(alt_template.split("INDEX").join(alt_index))
+    $('#alternate_names').append(compiled_input)
+    alt_index = alt_index + 1
+
+  $('#remove-alt_name-row').click ->
+    if (alt_index > 2)
+      alt_index = alt_index - 1
+      tmp = 'alt_template[' + alt_index + ']'
+      element = document.getElementById(tmp)
+      console.log("%s",tmp)
+      element.remove()

app/assets/stylesheets/application.css

@@ -1,14 +0,0 @@
-/*
- * This is a manifest file that'll automatically include all the stylesheets available in this directory
- * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
- * the top of the compiled file, but it's generally better to create a new file per style scope.
- *= require_self
- *= require jquery.ui.autocomplete
- *= require bootstrap-datepicker
- *= require leaflet
- *= require leaflet.markercluster
- *= require leaflet.markercluster.default
- *= require custom_bootstrap/custom_bootstrap
- *= require overrides.css
- *= require_tree .
-*/

app/assets/stylesheets/application.sass

@@ -0,0 +1,8 @@
+@import 'jquery-ui/autocomplete'
+@import 'bootstrap-datepicker'
+@import 'leaflet'
+@import 'leaflet.markercluster'
+@import 'leaflet.markercluster.default'
+@import 'custom_bootstrap/custom_bootstrap'
+@import 'overrides'
+@import 'graphs'

app/assets/stylesheets/bootstrap-accessibility.css

@@ -0,0 +1 @@
+.btn:focus{outline:dotted 2px #000}div.active:focus{outline:dotted 1px #000}a:focus{outline:dotted 1px #000}.close:hover,.close:focus{outline:dotted 1px #000}.nav>li>a:hover,.nav>li>a:focus{outline:dotted 1px #000}.carousel-inner>.item{position:absolute;top:-999999em;display:block;-moz-transition:ease-in-out 0.6s left;-o-transition:ease-in-out 0.6s left;-webkit-transition:ease-in-out 0.6s left;transition:ease-in-out 0.6s left}.carousel-inner>.active{top:0}.carousel-inner>.active,.carousel-inner>.next,.carousel-inner>.prev{position:relative}.carousel-inner>.next,.carousel-inner>.prev{position:absolute;top:0;width:100%}.alert-success{color:#2d4821}.alert-info{color:#214c62}.alert-warning{color:#6c4a00;background-color:#f9f1c6}.alert-danger{color:#d2322d}.alert-danger:hover{color:#a82824}

app/assets/stylesheets/comfy/admin/cms/custom.sass

@@ -0,0 +1 @@
+// custom CSS for admin area

app/assets/stylesheets/custom_bootstrap/custom_bootstrap.less

@@ -1,56 +0,0 @@
-// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-// !!! AUTOMATICALLY GENERATED FILE. DO NOT MODIFY !!!
-// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
-
-// Core variables and mixins
-@import "twitter/bootstrap/variables.less";
-@import "custom_bootstrap/variables.less"; // Modify this for custom colors, font-sizes, etc
-@import "twitter/bootstrap/mixins.less";
-@import "custom_bootstrap/mixins.less"; // Modify this for custom mixins
-
-// Reset and dependencies
-@import "twitter/bootstrap/normalize.less";
-@import "twitter/bootstrap/print.less";
-@import "twitter/bootstrap/glyphicons.less";
-
-// Core CSS
-@import "twitter/bootstrap/scaffolding.less";
-@import "twitter/bootstrap/type.less";
-@import "twitter/bootstrap/code.less";
-@import "twitter/bootstrap/grid.less";
-@import "twitter/bootstrap/tables.less";
-@import "twitter/bootstrap/forms.less";
-@import "twitter/bootstrap/buttons.less";
-
-// Components
-@import "twitter/bootstrap/component-animations.less";
-@import "twitter/bootstrap/dropdowns.less";
-@import "twitter/bootstrap/button-groups.less";
-@import "twitter/bootstrap/input-groups.less";
-@import "twitter/bootstrap/navs.less";
-@import "twitter/bootstrap/navbar.less";
-@import "twitter/bootstrap/breadcrumbs.less";
-@import "twitter/bootstrap/pagination.less";
-@import "twitter/bootstrap/pager.less";
-@import "twitter/bootstrap/labels.less";
-@import "twitter/bootstrap/badges.less";
-@import "twitter/bootstrap/jumbotron.less";
-@import "twitter/bootstrap/thumbnails.less";
-@import "twitter/bootstrap/alerts.less";
-@import "twitter/bootstrap/progress-bars.less";
-@import "twitter/bootstrap/media.less";
-@import "twitter/bootstrap/list-group.less";
-@import "twitter/bootstrap/panels.less";
-@import "twitter/bootstrap/responsive-embed.less";
-@import "twitter/bootstrap/wells.less";
-@import "twitter/bootstrap/close.less";
-
-// Components w/ JavaScript
-@import "twitter/bootstrap/modals.less";
-@import "twitter/bootstrap/tooltip.less";
-@import "twitter/bootstrap/popovers.less";
-@import "twitter/bootstrap/carousel.less";
-
-// Utility classes
-@import "twitter/bootstrap/utilities.less";
-@import "twitter/bootstrap/responsive-utilities.less";

app/assets/stylesheets/custom_bootstrap/custom_bootstrap.sass

@@ -0,0 +1,59 @@
+// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+// !!! AUTOMATICALLY GENERATED FILE. DO NOT MODIFY !!!
+// !!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
+
+// Core variables and mixins
+@import "bootstrap-sprockets"
+@import "bootstrap/variables"
+// Modify this for custom colors, font-sizes, etc
+@import "custom_bootstrap/variables"
+@import "bootstrap/mixins"
+// Modify this for custom mixins
+@import "custom_bootstrap/mixins"
+
+// Reset and dependencies
+@import "bootstrap/normalize"
+@import "bootstrap/print"
+@import "bootstrap/glyphicons"
+
+// Core CSS
+@import "bootstrap/scaffolding"
+@import "bootstrap/type"
+@import "bootstrap/code"
+@import "bootstrap/grid"
+@import "bootstrap/tables"
+@import "bootstrap/forms"
+@import "bootstrap/buttons"
+
+// Components
+@import "bootstrap/component-animations"
+@import "bootstrap/dropdowns"
+@import "bootstrap/button-groups"
+@import "bootstrap/input-groups"
+@import "bootstrap/navs"
+@import "bootstrap/navbar"
+@import "bootstrap/breadcrumbs"
+@import "bootstrap/pagination"
+@import "bootstrap/pager"
+@import "bootstrap/labels"
+@import "bootstrap/badges"
+@import "bootstrap/jumbotron"
+@import "bootstrap/thumbnails"
+@import "bootstrap/alerts"
+@import "bootstrap/progress-bars"
+@import "bootstrap/media"
+@import "bootstrap/list-group"
+@import "bootstrap/panels"
+@import "bootstrap/responsive-embed"
+@import "bootstrap/wells"
+@import "bootstrap/close"
+
+// Components w/ JavaScript
+@import "bootstrap/modals"
+@import "bootstrap/tooltip"
+@import "bootstrap/popovers"
+@import "bootstrap/carousel"
+
+// Utility classes
+@import "bootstrap/utilities"
+@import "bootstrap/responsive-utilities"

app/assets/stylesheets/custom_bootstrap/variables.less

@@ -1,54 +0,0 @@
-// Use this file to override Twitter Bootstrap variables or define own variables.
-
-// Import original variables so they can be used in overrides
-@import "twitter/bootstrap/variables.less";
-
-// Base colours
-
-@beige: #f3f1ee;
-@brown: #413f3b;
-
-@green:  #5f8e43;
-@blue:   #2f4365;
-@red:    #8e4d43;
-@orange: #b2685c;
-@yellow: #b2935c;
-
-@body-bg: @beige;
-@text-color: @brown;
-@link-color: @green;
-
-@brand-primary: @green;
-
-@font-family-sans-serif:        "Helvetica Neue", Helvetica, Arial, sans-serif;
-@font-family-serif:       Georgia, "Times New Roman", Times, serif;
-@font-family-mono:        Monaco, Menlo, Consolas, "Courier New", monospace;
-
-@font-size-base:          14px;
-@font-family-base:        @font-family-sans-serif;
-@line-height-base:        1.5;
-@alt-font-family:         @font-family-serif;
-
-@headings-font-family:    @font-family-sans-serif;
-@headings-font-weight:    bold;    // instead of browser default, bold
-@headings-color:         inherit; // empty to use BS default, @textColor
-
-// Hero unit
-@jumbotron-bg: darken(@body-bg, 10%);
-
-// Nav bar
-@navbar-default-bg: @brown;
-@navbar-default-bg-highlight: @brown;
-@navbar-default-color: @beige;
-@navbar-default-link-color: darken(@beige, 20%);
-@navbar-default-link-hover-color: @beige;
-@navbar-default-link-active-color: @beige;
-@navbar-default-brand-color: lighten(@green, 20%);
-
-// Top nav collapse threshold
-@grid-float-breakpoint: @screen-md-min;
-
-@dropdown-bg: lighten(@beige, 10%);
-@dropdown-link-color: @brown;
-@dropdown-link-hover-color: @brown;
-@dropdown-link-hover-bg: lighten(@green, 50%);

app/assets/stylesheets/custom_bootstrap/variables.sass

@@ -0,0 +1,55 @@
+// Use this file to override Twitter Bootstrap variables or define own variables.
+
+// Import original variables so they can be used in overrides
+//@import 'bootstrap/variables.scss'
+
+// Base colours
+
+$beige: #f3f1ee
+$brown: #413f3b
+
+$green:  #5f8e43
+$blue:   #2f4365
+$red:    #8e4d43
+$orange: #ffa500
+$yellow: #b2935c
+
+$body-bg: $beige
+$text-color: $brown
+$link-color: $green
+$graph-hover: $orange
+
+$brand-primary: $green
+
+$font-family-sans-serif:        "Helvetica Neue", Helvetica, Arial, sans-serif
+$font-family-serif:       Georgia, "Times New Roman", Times, serif
+$font-family-mono:        Monaco, Menlo, Consolas, "Courier New", monospace
+
+$font-size-base:          14px
+$font-family-base:        $font-family-sans-serif
+$line-height-base:        1.5
+$alt-font-family:         $font-family-serif
+
+$headings-font-family:    $font-family-sans-serif
+$headings-font-weight:    bold    // instead of browser default, bold
+$headings-color:         inherit // empty to use BS default, $textColor
+
+// Hero unit
+$jumbotron-bg: darken($body-bg, 10%)
+
+// Nav bar
+$navbar-default-bg: $brown
+$navbar-default-bg-highlight: $brown
+$navbar-default-color: $beige
+$navbar-default-link-color: darken($beige, 20%)
+$navbar-default-link-hover-color: $beige
+$navbar-default-link-active-color: darken($beige,80%)
+$navbar-default-brand-color: lighten($green, 20%)
+
+// Top nav collapse threshold
+$grid-float-breakpoint: $screen-md-min
+
+$dropdown-bg: lighten($beige, 10%)
+$dropdown-link-color: $brown
+$dropdown-link-hover-color: $brown
+$dropdown-link-hover-bg: lighten($green, 50%)

app/assets/stylesheets/graphs.sass

@@ -0,0 +1,2 @@
+.bar rect:hover
+  fill: $graph-hover

app/assets/stylesheets/leaflet_overrides.css.less

@@ -1,3 +0,0 @@
-.leaflet-popup-content-wrapper, .leaflet-popup-tip {
-  border: none;
-}

app/assets/stylesheets/leaflet_overrides.sass

@@ -0,0 +1,10 @@
+.leaflet-popup-content-wrapper,
+.leaflet-popup-tip
+  border: none
+
+.thumbnail
+  background: #fff !important
+  border: solid 1px whitesmoke
+
+.thumbnail .crop-thumbnail .cropinfo
+  padding-top: 14px

app/assets/stylesheets/overrides.css.less

@@ -1,263 +0,0 @@
-@import "twitter/bootstrap/bootstrap";
-@import "custom_bootstrap/variables";
-// this padding needs to be done before the responsive stuff is imported
-body {
-  // modifying this for our promotional banner. can be replaced after if
-  // needed.
-  // padding-top: @navbar-height + 15px;
-  padding-top: @navbar-height;
-}
-
-//@import "twitter/bootstrap/responsive";
-
-// Set the correct sprite paths
-@iconSpritePath: asset-path("twitter/bootstrap/glyphicons-halflings");
-@iconWhiteSpritePath: asset-path("twitter/bootstrap/glyphicons-halflings-white");
-
-// Set the Font Awesome (Font Awesome is default. You can disable by commenting below lines)
-@fontAwesomeEotPath: asset-url("fontawesome-webfont.eot");
-@fontAwesomeEotPath_iefix: asset-url("fontawesome-webfont.eot#iefix");
-@fontAwesomeWoffPath: asset-url("fontawesome-webfont.woff");
-@fontAwesomeTtfPath: asset-url("fontawesome-webfont.ttf");
-@fontAwesomeSvgPath: asset-url("fontawesome-webfont.svg#fontawesomeregular");
-
-// Font Awesome
-//@import "fontawesome/font-awesome";
-
-// Glyphicons
-//@import "twitter/bootstrap/sprites.less";
-
-
-.list-inline > li.first {
-  padding-left: 0px;
-}
-
-h2 {
-  font-size: 150%;
-}
-
-/*
-#subtitle {
-  color: lighten(@brown, 30%);
-  margin-top: 0px;
-  padding-top: 0px;
-  padding-left: 1em;
-  font-style: italic;
-  font-weight: normal;
-}
-*/
-
-h3 {
-  font-size: 120%;
-}
-
-.main {
-  padding-right: 1em;
-}
-
-.sidebar {
-  margin-left: -1px;
-  border-left: 1px solid darken(@beige, 10%);
-  padding-left: 1em;
-}
-
-// this is used for eg. crops and members index pages
-.six-across:nth-child(6n+1) {
-  margin-left: 0px
-}
-
-.three-across:nth-child(3n+1) {
-  margin-left: 0px;
-  clear: both;
-}
-
-// let's condense the hero unit a little
-.jumbotron {
-  padding-top: 30px;
-  padding-bottom: 30px;
-}
-
-// info under the main heading on homepage
-.jumbotron .info {
-  padding-top: 15px;
-}
-
-// signup widget on homepage
-.jumbotron .signup {
-  background-color: lighten(@green, 40%);
-  border: 1px solid lighten(@green, 20%);
-  border-radius: 6px;
-  padding: 15px;
-  text-align: center;
-  line-height: 200%;
-}
-
-// stats shown on homepage. eg. "999 members..."
-p.stats {
-  font-weight: bold;
-}
-
-.homepage-members {
-  height: 100px;
-}
-
-.homepage-members:nth-child(odd) {
-  margin-left: 0px;
-}
-
-#placesmap, #cropmap {
-  height: 500px;
-}
-
-#membermap {
-  height: 250px;
-}
-
-.member-location {
-  font-size: small;
-  font-style: italic;
-}
-
-.member-location a {
-  color: @brown;
-}
-
-.crop-thumbnail {
-  position:relative;
-  padding:0;
-  img {
-    width:100%;
-  }
-  .text {
-    display:none;
-    color:#000;
-    position:absolute;
-    bottom:0;
-    background:rgba(0, 0, 0, 0.8);
-    width:100%;
-    margin:0;
-  }
-  p {
-    padding:5px;
-    margin:0;
-    color:#fff;
-  }
-  &:hover {
-    .text {
-      display:block;
-    }
-  }
-}
-
-.member-thumbnail {
-  img {
-    height: 85px;
-    width: 85px;
-    max-width: 85px
-  }
-}
-
-.thumbnail {
-  margin-bottom: 1.5em;
-  
-  .scientific-name small, .crop-name a {
-    display: inline-block;
-    max-width: 100%;
-    white-space: nowrap;
-    overflow: hidden;
-    text-overflow: ellipsis;
-    line-height: 1em;
-    padding-bottom: 2px;
-  }
-
-  .crop-name a {
-    padding-top: 2px;
-  }
-
-  .scientific-name small {
-    margin-bottom: -2px;
-  }
-}
-
-li.crop-hierarchy {
-  list-style-type: disc;
-}
-
-.navbar-brand {
-  margin: 0px;
-  padding: 0px;
-}
-
-.navbar-bottom {
-  margin: 40px 0px 0px 0px !important;
-}
-
-// navbar centering
-footer .navbar .nav {
-  float: none;
-  display: inline-block;
-  *display: inline;
-  /* ie7 fix */
-  *zoom: 1;
-  /* hasLayout ie7 trigger */
-  vertical-align: top;
-  > li {
-    float: none;
-    display: inline-block;
-    *display: inline;
-    /* ie7 fix */
-    *zoom: 1;
-    /* hasLayout ie7 trigger */
-    vertical-align: top;
-  }
-}
-
-.navbar-bottom.navbar {
-  text-align: center;
-  border-radius: 0;
-}
-
-.crop-image, .member-image {
-  width: 100%;
-  height: 100%;
-}
-
-// Autosuggest
-
-.ui-autocomplete {
-  z-index: @zindex-tooltip;
-}
-
-// Crowdfunding campaign, Sep-Oct 2014
-
-.crowdfunding-banner {
-  text-align: center;
-  font-weight: bold;
-  background-color: lighten(@green, 30%);
-  margin-top: 0px;
-  margin-bottom: 5px;
-  padding: 15px;
-}
-
-.crowdfunding-banner a {
-  color: @brown;
-  text-decoration: underline;
-}
-
-// Overrides applying only to mobile view. This must be at the end of the overrides file.
-
-@media only screen and (max-width: 767px) {
-  .sidebar {
-    margin-left: 0;
-    border-left: none;
-    padding-left: 0;
-  }
-
-  #map {
-    height: 300px;
-  }
-
-  .navbar .nav > li {
-    display: block;
-  }
-}

app/assets/stylesheets/overrides.sass

@@ -0,0 +1,338 @@
+@import "bootstrap-sprockets"
+@import "bootstrap"
+@import "custom_bootstrap/variables"
+// this padding needs to be done before the responsive stuff is imported
+body
+  // modifying this for our promotional banner. can be replaced after if
+  // needed.
+  // padding-top: $navbar-height + 15px
+  padding-top: $navbar-height
+
+
+//@import "bootstrap/responsive"
+
+// Font Awesome
+@import "font-awesome-sprockets"
+@import "font-awesome"
+
+// Glyphicons
+//@import "bootstrap/glyphicons"
+
+
+.list-inline > li.first
+  padding-left: 0px
+
+h2
+  font-size: 150%
+
+
+//#subtitle
+//  color: lighten($brown, 30%)
+//  font-style: italic
+//  font-weight: normal
+//  margin-top: 0px
+//  padding-left: 1em
+//  padding-top: 0px
+
+h3
+  font-size: 120%
+
+.main
+  padding-right: 1em
+
+.navbar .navbar-form
+  padding-top: 0
+  padding-bottom: 0
+  margin-right: 0
+  margin-left: 15px
+  border: 0
+  -webkit-box-shadow: none
+  box-shadow: none
+
+.img-responsive
+  max-width: 100%
+  height: auto
+
+.sidebar
+  border-left: 1px solid darken($beige, 10%)
+  margin-left: -1px
+  padding-left: 1em
+
+// this is used for eg. crops and members index pages
+.six-across:nth-child(6n+1)
+  margin-left: 0px
+
+.three-across:nth-child(3n+1)
+  margin-left: 0px
+  clear: both
+
+// let's condense the hero unit a little
+.jumbotron
+  padding-top: 30px
+  padding-bottom: 30px
+
+// info under the main heading on homepage
+.jumbotron .info
+  padding-top: 15px
+
+// signup widget on homepage
+.jumbotron .signup
+  background-color: lighten($green, 40%)
+  border: 1px solid lighten($green, 20%)
+  border-radius: 6px
+  line-height: 200%
+  padding: 15px
+  text-align: center
+
+// stats shown on homepage. eg. "999 members..."
+p.stats
+  font-weight: bold
+
+.member-cards
+  display: flex
+  flex: none
+  flex-wrap: wrap
+  justify-content: space-between
+
+.member-thumbnail
+  padding: .25em
+
+  div
+    width: 5em
+    display: inline-block
+    vertical-align: top
+
+.member-thumbnail div~div
+  padding-left: 1em
+  width: 15em
+
+.planting
+  dl.planting-attributes
+    font-size: 85%
+
+    dt
+      text-align: left
+    dd
+      margin-left: auto
+
+@media (min-width: $screen-md-min)
+  .planting-thumbnail
+    dl.planting-attributes
+      font-size: 85%
+      width: 100%
+
+      dt
+        text-align: left
+        width: 80px
+      dd
+        padding-left: 80px
+        margin-left: auto
+
+  .navbar .navbar-form
+    width: 250px
+
+
+#placesmap, #cropmap
+  height: 500px
+
+#membermap
+  height: 250px
+
+.location-not-set
+  height: 250px
+  width: 100%
+  background-image: image-url('location-not-set.en.png')
+  background-repeat: no-repeat
+  background-position: center
+
+.member-location
+  font-size: small
+  font-style: italic
+
+
+.member-location a
+  color: $brown
+
+
+.photo-thumbnail
+  padding: 0
+  position: relative
+
+  img
+    width: 100%
+
+  .text
+    display: none
+    color: #000
+    position: absolute
+    bottom: 0
+    background: rgba(0, 0, 0, 0.8)
+    width: 100%
+    margin: 0
+
+  p
+    padding: 5px
+    margin: 0
+    color: #fff
+
+  &:hover
+    .text
+      display: block
+
+.thumbnail
+  border: none
+  text-align: center
+  margin-bottom: 1.5em
+
+  .member-thumbnail
+    text-align: left
+    img
+      height: 85px
+      width: 85px
+      max-width: 85px
+
+  .crop-thumbnail
+    height: 220px
+    .cropinfo
+      display: inline-block
+      max-width: 100%
+      white-space: nowrap
+      line-height: 1em
+      padding-bottom: 2px
+
+      .cropname
+        overflow: hidden
+        text-overflow: ellipsis
+
+      .scientificname
+        font-size: small
+        font-style: italic
+        overflow: hidden
+        text-overflow: ellipsis
+
+      .plantingcount
+        font-size: small
+
+    .crop-name a
+      padding-top: 2px
+
+    .scientific-name small
+      margin-bottom: -2px
+
+li.crop-hierarchy
+  list-style-type: disc
+
+.navbar-brand
+  margin: 0px
+  padding: 0px
+
+.navbar-bottom
+  margin: 40px 0px 0px 0px !important
+
+// footer
+footer
+  #footer1, #footer2, #footer3
+    text-align: left
+    padding-top: 1em
+    padding-bottom: 2em
+    ul
+      list-style-type: none
+      list-style-position: outside
+      padding-left: 0px
+      margin-left: 0px
+
+    a
+      color: $navbar-default-link-color
+      text-decoration: none
+
+    a:hover
+      color: $navbar-default-link-hover-color
+
+    a:active
+      color: $navbar-default-link-active-color
+
+  .navbar-bottom.navbar
+    border-radius: 0
+
+// ensure footer is pushed to bottom of browser window
+
+#maincontainer
+  min-height: 80%
+
+html, body
+  height: 100%
+
+.crop-image, .member-image
+  width: 100%
+  height: 100%
+
+// Autosuggest
+
+.ui-autocomplete
+  background: white
+  z-index: $zindex-tooltip
+
+.alert
+  a
+    font-weight: 800
+
+// Overrides applying only to mobile view. This must be at the end of the overrides file.
+
+@media only screen and (max-width: 767px)
+  .sidebar
+    margin-left: 0
+    border-left: none
+    padding-left: 0
+
+  #map
+    height: 300px
+
+  .navbar .nav > li
+    display: block
+
+  .navbar .navbar-form
+    width: 185px
+    padding-left: 0
+    padding-right: 0
+
+/* override "info" alert boxes to be green, not blue, on Growstuff */
+$state-info-text: darken($green, 10%)
+$state-info-bg: lighten($green, 50%)
+
+/* and set "success" to be the same, as it was just very slightly
+ * different because the default bootstrap green is slightly different
+ * from ours */
+$state-success-text: darken($green, 10%)
+$state-success-bg: lighten($green, 50%)
+
+.hide
+  display: none
+
+#add-sci_name-row, #remove-sci_name-row, #add-alt_name-row, #remove-alt_name-row
+  display: none
+
+.panel-footer
+  height: 6em
+
+.panel
+  .dl-horizontal
+    text-overflow: ellipsis
+    overflow: hidden
+
+.form-group.required .control-label:before
+  content: "* "
+  color: red
+
+.margin-bottom
+  margin-bottom: 1em
+
+.red
+  color: red
+
+.truncate
+  overflow: hidden
+  text-overflow: ellipsis
+  white-space: nowrap
+
+ul.plantings
+  list-style-type: none

app/constants/photo_models.rb

@@ -0,0 +1,38 @@
+module Growstuff
+  module Constants
+    class PhotoModels
+      PLANTING = { type: 'planting', class: 'Planting', relation: 'plantings' }.freeze
+      HARVEST = { type: 'harvest', class: 'Harvest', relation: 'harvests' }.freeze
+      GARDEN = { type: 'garden', class: 'Garden', relation: 'gardens' }.freeze
+      SEED = { type: 'seed', class: 'Seed', relation: 'seeds' }.freeze
+
+      ALL = [PLANTING, HARVEST, GARDEN, SEED].freeze
+
+      def self.types
+        ALL.map do |model|
+          model[:type]
+        end
+      end
+
+      def self.relations
+        ALL.map do |model|
+          model[:relation]
+        end
+      end
+
+      def self.get_relation(object, type)
+        relation = ALL.select do |model|
+          model[:type] == type
+        end[0][:relation]
+        object.send(relation)
+      end
+
+      def self.get_item(type)
+        class_name = ALL.select do |model|
+          model[:type] == type
+        end[0][:class]
+        class_name.constantize
+      end
+    end
+  end
+end

app/controllers/about_controller.rb

@@ -1,2 +0,0 @@
-class AboutController < ApplicationController
-end

app/controllers/account_types_controller.rb

@@ -1,72 +1,53 @@
 class AccountTypesController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
-  
+  respond_to :html
+
   # GET /account_types
   def index
     @account_types = AccountType.all
-
-    respond_to do |format|
-      format.html # index.html.erb
-    end
+    respond_with(@account_types)
   end
 
   # GET /account_types/1
   def show
-    @account_type = AccountType.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-    end
+    respond_with(@account_types)
   end
 
   # GET /account_types/new
   def new
     @account_type = AccountType.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-    end
+    respond_with(@account_type)
   end
 
   # GET /account_types/1/edit
   def edit
-    @account_type = AccountType.find(params[:id])
+    respond_with(@account_type)
   end
 
   # POST /account_types
   def create
-    @account_type = AccountType.new(params[:account_type])
-
-    respond_to do |format|
-      if @account_type.save
-        format.html { redirect_to @account_type, notice: 'Account type was successfully created.' }
-      else
-        format.html { render action: "new" }
-      end
-    end
+    @account_type = AccountType.new(account_type_params)
+    flash[:notice] = I18n.t('account_types.created') if @account_type.save
+    respond_with(@account_type)
   end
 
   # PUT /account_types/1
   def update
-    @account_type = AccountType.find(params[:id])
-
-    respond_to do |format|
-      if @account_type.update_attributes(params[:account_type])
-        format.html { redirect_to @account_type, notice: 'Account type was successfully updated.' }
-      else
-        format.html { render action: "edit" }
-      end
-    end
+    flash[:notice] = I18n.t('account_types.updated') if @account_type.update(account_type_params)
+    respond_with(@account_type)
   end
 
   # DELETE /account_types/1
   def destroy
-    @account_type = AccountType.find(params[:id])
     @account_type.destroy
+    flash[:notice] = I18n.t('account_types.deleted')
+    respond_with(@account_type)
+  end
 
-    respond_to do |format|
-      format.html { redirect_to account_types_url, notice: 'Account type was successfully deleted.' }
-    end
+  private
+
+  def account_type_params
+    params.require(:account_type).permit(:is_paid, :is_permanent_paid, :name)
   end
 end

app/controllers/accounts_controller.rb

@@ -1,41 +1,32 @@
 class AccountsController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
-  
+  respond_to :html
+
   # GET /accounts
   def index
     @accounts = Account.all
-
-    respond_to do |format|
-      format.html # index.html.erb
-    end
+    respond_with(@accounts)
   end
 
   # GET /accounts/1
   def show
-    @account = Account.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-    end
+    respond_with(@account)
   end
 
   # GET /accounts/1/edit
   def edit
-    @account = Account.find(params[:id])
   end
 
   # PUT /accounts/1
   def update
-    @account = Account.find(params[:id])
-
-    respond_to do |format|
-      if @account.update_attributes(params[:account])
-        format.html { redirect_to @account, notice: 'Account detail was successfully updated.' }
-      else
-        format.html { render action: "edit" }
-      end
-    end
+    flash[:notice] = I18n.t('account.update') if @account.update(params[:account])
+    respond_with(@account)
   end
 
+  private
+
+  def account_params
+    params.require(:account).permit(:account_type_id, :member_id, :paid_until)
+  end
 end

app/controllers/admin/orders_controller.rb

@@ -8,7 +8,7 @@ class Admin::OrdersController < ApplicationController
 
   def search
     authorize! :manage, :all
-    @orders = Order.search({:by => params[:search_by], :for => params[:search_text]})
+    @orders = Order.search(by: params[:search_by], for: params[:search_text])
 
     if @orders.empty?
       flash[:alert] = "Couldn't find order with #{params[:search_by]} = #{params[:search_text]}"
@@ -17,6 +17,5 @@ class Admin::OrdersController < ApplicationController
     respond_to do |format|
       format.html # index.html.haml
     end
-
   end
 end

app/controllers/alternate_names_controller.rb

@@ -1,91 +1,59 @@
 class AlternateNamesController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
+  respond_to :html, :json
 
   # GET /alternate_names
   # GET /alternate_names.json
   def index
     @alternate_names = AlternateName.all
-
-    respond_to do |format|
-      format.html # index.html.haml
-      format.json { render json: @alternate_names }
-    end
-  end
-
-  # GET /alternate_names/1
-  # GET /alternate_names/1.json
-  def show
-    @alternate_name = AlternateName.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.haml
-      format.json { render json: @alternate_name }
-    end
+    respond_with(@alternate_names)
   end
 
   # GET /alternate_names/new
   # GET /alternate_names/new.json
   def new
     @alternate_name = AlternateName.new
-    @crop = Crop.find_by_id(params[:crop_id]) || Crop.new
-
-    respond_to do |format|
-      format.html # new.html.haml
-      format.json { render json: @alternate_name }
-    end
+    @crop = Crop.find_or_initialize_by(id: params[:crop_id])
   end
 
   # GET /alternate_names/1/edit
-  def edit
-    @alternate_name = AlternateName.find(params[:id])
-  end
+  def edit; end
 
   # POST /alternate_names
   # POST /alternate_names.json
   def create
     params[:alternate_name][:creator_id] = current_member.id
-    @alternate_name = AlternateName.new(params[:alternate_name])
+    @alternate_name = AlternateName.new(alternate_name_params)
 
-    respond_to do |format|
-      if @alternate_name.save
-        format.html { redirect_to @alternate_name.crop, notice: 'Alternate name was successfully created.' }
-        format.json { render json: @alternate_name, status: :created, location: @alternate_name }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @alternate_name.errors, status: :unprocessable_entity }
-      end
+    if @alternate_name.save
+      redirect_to @alternate_name.crop, notice: 'Alternate name was successfully created.'
+    else
+      render action: "new"
     end
   end
 
   # PUT /alternate_names/1
   # PUT /alternate_names/1.json
   def update
-    @alternate_name = AlternateName.find(params[:id])
-
-    respond_to do |format|
-      if @alternate_name.update_attributes(params[:alternate_name])
-        format.html { redirect_to @alternate_name.crop, notice: 'Alternate name was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @alternate_name.errors, status: :unprocessable_entity }
-      end
+    if @alternate_name.update(alternate_name_params)
+      redirect_to @alternate_name.crop, notice: 'Alternate name was successfully updated.'
+    else
+      render action: "edit"
     end
   end
 
   # DELETE /alternate_names/1
   # DELETE /alternate_names/1.json
   def destroy
-    @alternate_name = AlternateName.find(params[:id])
     @crop = @alternate_name.crop
     @alternate_name.destroy
+    redirect_to @crop, notice: 'Alternate name was successfully deleted.'
+  end
 
-    respond_to do |format|
-      format.html {
-        redirect_to @crop, notice: 'Alternate name was successfully deleted.'
-      }
-      format.json { head :no_content }
-    end
+  private
+
+  def alternate_name_params
+    params.require(:alternate_name).permit(:crop_id, :name, :creator_id)
   end
 end

app/controllers/application_controller.rb

@@ -3,18 +3,17 @@ class ApplicationController < ActionController::Base
 
   include ApplicationHelper
 
-  after_filter :store_location
-  before_filter :set_locale
+  after_action :store_location
+  before_action :set_locale
 
   def store_location
-    if (request.path != "/members/sign_in" &&
-        request.path != "/members/sign_up" &&
-        request.path != "/members/password/new" &&
-        request.path != "/members/password/edit" &&
-        request.path != "/members/confirmation" &&
-        request.path != "/members/sign_out" &&
-        !request.xhr?)
-        store_location_for(:member, request.fullpath)
+    unless request.path.in?(["/members/sign_in",
+                             "/members/sign_up",
+                             "/members/password/new",
+                             "/members/password/edit",
+                             "/members/confirmation",
+                             "/members/sign_out"]) || request.xhr?
+      store_location_for(:member, request.fullpath)
     end
   end
 
@@ -22,6 +21,10 @@ class ApplicationController < ActionController::Base
     stored_location_for(:member) || root_path
   end
 
+  def after_sign_out_path_for(resource_or_scope)
+    request.referer
+  end
+
   # tweak CanCan defaults because we don't have a "current_user" method
   # this means that we use current_user in specs but current_member everywhere
   # else in the code.
@@ -31,9 +34,9 @@ class ApplicationController < ActionController::Base
 
   # CanCan error handling
   rescue_from CanCan::AccessDenied do |exception|
-    redirect_to request.referer || root_url, :alert => exception.message
+    redirect_to request.referer || root_url, alert: exception.message
   end
-   
+
   def set_locale
     I18n.locale = params[:locale] || extract_locale_from_subdomain || I18n.default_locale
   end
@@ -43,4 +46,37 @@ class ApplicationController < ActionController::Base
     I18n.available_locales.map(&:to_s).include?(parsed_locale) ? parsed_locale : nil
   end
 
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.permit(:sign_up) do |member|
+      member.permit(:login_name, :email, :password, :password_confirmation,
+        :remember_me, :login,
+        # terms of service
+        :tos_agreement,
+        # profile stuff
+        :bio, :location, :latitude, :longitude,
+        # email settings
+        :show_email, :newsletter, :send_notification_email, :send_planting_reminder)
+    end
+
+    devise_parameter_sanitizer.permit(:account_update) do |member|
+      member.permit(:login_name, :email, :password, :password_confirmation,
+        :remember_me, :login,
+        # terms of service
+        :tos_agreement,
+        # profile stuff
+        :bio, :location, :latitude, :longitude,
+        # email settings
+        :show_email, :newsletter, :send_notification_email, :send_planting_reminder,
+        # update password
+        :current_password)
+    end
+  end
+
+  def expire_homepage
+    expire_fragment("homepage_stats")
+  end
 end

app/controllers/authentications_controller.rb

@@ -1,38 +1,26 @@
 class AuthenticationsController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
 
-  # GET /authentications
-  def index
-    @authentications = current_member.authentications if member_signed_in?
-
-    respond_to do |format|
-      format.html # index.html.erb
-    end
-  end
-
   # POST /authentications
   def create
     auth = request.env['omniauth.auth']
     @authentication = nil
     if auth
+      name = Growstuff::OauthSignupAction.new.determine_name(auth)
 
-      name = ''
-      case auth['provider']
-      when 'twitter'
-        name = auth['info']['nickname']
-      when 'flickr'
-        name = auth['info']['name']
-      else
-        name = auth['info']['name']
-      end
+      @authentication = current_member.authentications
+        .create_with(
+          name: name,
+          token: auth['credentials']['token'],
+          secret: auth['credentials']['secret']
+        )
+        .find_or_create_by(
+          provider: auth['provider'],
+          uid: auth['uid'],
+          name: name
+        )
 
-      @authentication = current_member.authentications.find_or_create_by_provider_and_uid(
-        :provider => auth['provider'],
-        :uid => auth['uid'],
-        :name => name,
-        :token => auth['credentials']['token'],
-        :secret => auth['credentials']['secret'])
       flash[:notice] = "Authentication successful."
     else
       flash[:notice] = "Authentication failed."
@@ -42,7 +30,6 @@ class AuthenticationsController < ApplicationController
 
   # DELETE /authentications/1
   def destroy
-    @authentication = Authentication.find(params[:id])
     @authentication.destroy
 
     respond_to do |format|

app/controllers/comments_controller.rb

@@ -1,104 +1,67 @@
 class CommentsController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
-
-  cache_sweeper :comment_sweeper
+  respond_to :html, :json
+  respond_to :rss, only: :index
 
   # GET /comments
   # GET /comments.json
+  # GET /comments.rss
   def index
-    @comments = Comment.paginate(:page => params[:page])
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @comments }
-      format.rss { render :layout => false }
-    end
-  end
-
-  # GET /comments/1
-  # GET /comments/1.json
-  def show
-    @comment = Comment.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @comment }
-    end
+    @comments = Comment.paginate(page: params[:page])
+    respond_with(@comments)
   end
 
   # GET /comments/new
   # GET /comments/new.json
   def new
     @comment = Comment.new
-    @post = Post.find_by_id(params[:post_id])
+    @post = Post.find_by(id: params[:post_id])
 
     if @post
       @comments = @post.comments
-      respond_to do |format|
-        format.html # new.html.erb
-        format.json { render json: @comment }
-      end
+      respond_with(@comment)
     else
-      redirect_to request.referer || root_url,
-        :alert => "Can't post a comment on a non-existent post"
+      redirect_to(request.referer || root_url,
+        alert: "Can't post a comment on a non-existent post")
     end
   end
 
   # GET /comments/1/edit
   def edit
-    @comment = Comment.find(params[:id])
     @comments = @comment.post.comments
   end
 
   # POST /comments
   # POST /comments.json
   def create
-    params[:comment][:author_id] = current_member.id
-    @comment = Comment.new(params[:comment])
-
-    respond_to do |format|
-      if @comment.save
-        format.html { redirect_to @comment.post, notice: 'Comment was successfully created.' }
-        format.json { render json: @comment, status: :created, location: @comment }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @comment.errors, status: :unprocessable_entity }
-      end
-    end
+    @comment = Comment.new(comment_params)
+    @comment.author = current_member
+    flash[:notice] = "Comment was successfully created." if @comment.save
+    respond_with(@comment.post)
   end
 
   # PUT /comments/1
   # PUT /comments/1.json
   def update
-    @comment = Comment.find(params[:id])
-
-    # you should never be able to change the author or post when
-    # updating
-    params[:comment].delete("post_id")
-    params[:comment].delete("author_id")
-
-    respond_to do |format|
-      if @comment.update_attributes(params[:comment])
-        format.html { redirect_to @comment.post, notice: 'Comment was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @comment.errors, status: :unprocessable_entity }
-      end
+    # only body can be updated
+    if @comment.update(body: comment_params['body'])
+      flash[:notice] = 'Comment was successfully updated.'
     end
+    respond_with(@comment.post)
   end
 
   # DELETE /comments/1
   # DELETE /comments/1.json
   def destroy
-    @comment = Comment.find(params[:id])
     @post = @comment.post
     @comment.destroy
+    respond_with(@post)
+  end
 
-    respond_to do |format|
-      format.html { redirect_to @post }
-      format.json { head :no_content }
-    end
+  private
+
+  def comment_params
+    params.require(:comment).permit(:body, :post_id)
   end
 end

app/controllers/crops_controller.rb

@@ -1,40 +1,56 @@
-class CropsController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :hierarchy, :search, :show]
-  load_and_authorize_resource
-  skip_authorize_resource :only => [:hierarchy, :search]
+require 'will_paginate/array'
 
-  cache_sweeper :crop_sweeper
+class CropsController < ApplicationController
+  before_action :authenticate_member!, except: [:index, :hierarchy, :search, :show]
+  load_and_authorize_resource
+  skip_authorize_resource only: [:hierarchy, :search]
 
   # GET /crops
   # GET /crops.json
   def index
     @sort = params[:sort]
-    if @sort == 'alpha'
-      # alphabetical order
-      @crops = Crop.includes(:scientific_names, {:plantings => :photos}).paginate(:page => params[:page])
-    else
-      # default to sorting by popularity
-      @crops = Crop.popular.includes(:scientific_names, {:plantings => :photos}).paginate(:page => params[:page])
-    end
+    @crops = if @sort == 'alpha'
+               Crop.includes(:scientific_names, plantings: :photos)
+             else
+               popular_crops
+             end
+    @paginated_crops = @crops.approved.paginate(page: params[:page])
+
+    @has_requested_pending = Crop.pending_approval.where(requester: current_member).count if current_member
 
     respond_to do |format|
       format.html
-      format.json { render :json => @crops }
+      format.json { render json: @crops }
       format.rss do
         @crops = Crop.recent.includes(:scientific_names, :creator)
-        render :rss => @crops
+        render rss: @crops
       end
       format.csv do
         @filename = "Growstuff-Crops-#{Time.zone.now.to_s(:number)}.csv"
         @crops = Crop.includes(:scientific_names, :plantings, :seeds, :creator)
-        render :csv => @crops
+        render csv: @crops
       end
     end
   end
 
+  def requested
+    @requested = Crop.pending_approval.where(requester: current_member).paginate(page: params[:page])
+  end
+
   # GET /crops/wrangle
   def wrangle
-    @crops = Crop.recent.paginate(:page => params[:page])
+    @approval_status = params[:approval_status]
+    @crops = case @approval_status
+             when "pending"
+               Crop.pending_approval
+             when "rejected"
+               Crop.rejected
+             else
+               Crop.recent
+             end
+
+    @crops = @crops.paginate(page: params[:page])
+
     @crop_wranglers = Role.crop_wranglers
     respond_to do |format|
       format.html
@@ -51,33 +67,36 @@ class CropsController < ApplicationController
 
   # GET /crops/search
   def search
-    @search = params[:search]
-    @exact_match = Crop.find_by_name(params[:search])
-
-    @partial_matches = Crop.search(params[:search])
-    # exclude exact match from partial match list
-    @partial_matches.reject!{ |r| @exact_match && r.eql?(@exact_match) }
-
-    @fuzzy = Crop.search(params[:term])
+    @term = params[:term]
+    @matches = Crop.search(@term)
+    @paginated_matches = @matches.paginate(page: params[:page])
 
     respond_to do |format|
       format.html
-      format.json { render :json => @fuzzy }
+      format.json { render json: @matches }
     end
   end
 
   # GET /crops/1
   # GET /crops/1.json
   def show
-    @crop = Crop.includes(:scientific_names, {:plantings => :photos}).find(params[:id])
-    @posts = @crop.posts.paginate(:page => params[:page])
+    @crop = Crop.includes(:scientific_names, plantings: :photos).find(params[:id])
+    @posts = @crop.posts.paginate(page: params[:page])
 
     respond_to do |format|
       format.html # show.html.haml
       format.json do
-        render :json => @crop.to_json(:include => {
-          :plantings => { :include => { :owner => { :only => [:id, :login_name, :location, :latitude, :longitude] }}}
-        })
+        # TODO RABL or similar one day to avoid presentation logic here
+        owner_structure = {
+          owner: {
+            only: [:id, :login_name, :location, :latitude, :longitude]
+          }
+        }
+        render json: @crop.to_json(include: {
+                                     plantings: {
+                                       include: owner_structure
+                                     }
+                                   })
       end
     end
   end
@@ -86,9 +105,9 @@ class CropsController < ApplicationController
   # GET /crops/new.json
   def new
     @crop = Crop.new
-    3.times do
-      @crop.scientific_names.build
-    end
+    @crop.alternate_names.build
+    @crop.scientific_names.build
+
     respond_to do |format|
       format.html # new.html.haml
       format.json { render json: @crop }
@@ -97,18 +116,39 @@ class CropsController < ApplicationController
 
   # GET /crops/1/edit
   def edit
-    @crop = Crop.find(params[:id])
+    @crop.alternate_names.build if @crop.alternate_names.blank?
+    @crop.scientific_names.build if @crop.scientific_names.blank?
   end
 
   # POST /crops
   # POST /crops.json
   def create
-    params[:crop][:creator_id] = current_member.id
-    @crop = Crop.new(params[:crop])
+    @crop = Crop.new(crop_params)
+
+    if current_member.role? :crop_wrangler
+      @crop.creator = current_member
+      success_msg = "Crop was successfully created."
+    else
+      @crop.requester = current_member
+      @crop.approval_status = "pending"
+      success_msg = "Crop was successfully requested."
+    end
 
     respond_to do |format|
       if @crop.save
-        format.html { redirect_to @crop, notice: 'Crop was successfully created.' }
+        params[:alt_name].each do |index, value|
+          create_name('alternate', value)
+        end
+        params[:sci_name].each do |index, value|
+          create_name('scientific', value)
+        end
+        unless current_member.role? :crop_wrangler
+          Role.crop_wranglers.each do |w|
+            Notifier.new_crop_request(w, @crop).deliver_now!
+          end
+        end
+
+        format.html { redirect_to @crop, notice: success_msg }
         format.json { render json: @crop, status: :created, location: @crop }
       else
         format.html { render action: "new" }
@@ -120,10 +160,21 @@ class CropsController < ApplicationController
   # PUT /crops/1
   # PUT /crops/1.json
   def update
-    @crop = Crop.find(params[:id])
+    previous_status = @crop.approval_status
+
+    @crop.creator = current_member if previous_status == "pending"
 
     respond_to do |format|
-      if @crop.update_attributes(params[:crop])
+      if @crop.update(crop_params)
+        recreate_names('alt_name', 'alternate')
+        recreate_names('sci_name', 'scientific')
+
+        if previous_status == "pending"
+          requester = @crop.requester
+          new_status = @crop.approval_status
+          Notifier.crop_request_approved(requester, @crop).deliver_now! if new_status == "approved"
+          Notifier.crop_request_rejected(requester, @crop).deliver_now! if new_status == "rejected"
+        end
         format.html { redirect_to @crop, notice: 'Crop was successfully updated.' }
         format.json { head :no_content }
       else
@@ -136,7 +187,6 @@ class CropsController < ApplicationController
   # DELETE /crops/1
   # DELETE /crops/1.json
   def destroy
-    @crop = Crop.find(params[:id])
     @crop.destroy
 
     respond_to do |format|
@@ -144,4 +194,41 @@ class CropsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def popular_crops
+    Crop.popular.includes(:scientific_names, plantings: :photos)
+  end
+
+  def recreate_names(param_name, name_type)
+    return unless params[param_name].present?
+    destroy_names(name_type)
+    params[param_name].each do |index, value|
+      create_name(name_type, value)
+    end
+  end
+
+  def destroy_names(name_type)
+    @crop.send("#{name_type}_names").each do |alt_name|
+      alt_name.destroy
+    end
+  end
+
+  def create_name(name_type, value)
+    @crop.send("#{name_type}_names").create(name: value, creator_id: current_member.id)
+  end
+
+  def crop_params
+    params.require(:crop).permit(:en_wikipedia_url,
+      :name,
+      :parent_id,
+      :creator_id,
+      :approval_status,
+      :request_notes,
+      :reason_for_rejection,
+      :rejection_notes, scientific_names_attributes: [:scientific_name,
+                                                      :_destroy,
+                                                      :id])
+  end
 end

app/controllers/follows_controller.rb

@@ -1,11 +1,14 @@
 class FollowsController < ApplicationController
+  before_action :authenticate_member!
+  load_and_authorize_resource
+  skip_load_resource only: :create
 
   # POST /follows
   def create
-    @follow = current_member.follows.build(:followed_id => params[:followed_id])
+    @follow = current_member.follows.build(followed_id: follow_params[:followed_id])
 
     if @follow.save
-      flash[:notice] = "Followed #{ @follow.followed.login_name }"
+      flash[:notice] = "Followed #{@follow.followed.login_name}"
       redirect_to :back
     else
       flash[:error] = "Already following or error while following."
@@ -15,11 +18,17 @@ class FollowsController < ApplicationController
 
   # DELETE /follows/1
   def destroy
-    @follow = current_member.follows.find(params[:id])
+    @follow = current_member.follows.find(follow_params[:id])
     unfollowed_name = @follow.followed.login_name
     @follow.destroy
 
-    flash[:notice] = "Unfollowed #{ unfollowed_name }"
+    flash[:notice] = "Unfollowed #{unfollowed_name}"
     redirect_to root_path
   end
+
+  private
+
+  def follow_params
+    params.permit(:id, :followed_id, :follower_id, :authenticity_token, :_method)
+  end
 end

app/controllers/forums_controller.rb

@@ -1,87 +1,56 @@
 class ForumsController < ApplicationController
   load_and_authorize_resource
-
-  cache_sweeper :forum_sweeper
+  respond_to :html, :json
 
   # GET /forums
   # GET /forums.json
   def index
     @forums = Forum.all
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @forums }
-    end
+    respond_with(@forums)
   end
 
   # GET /forums/1
   # GET /forums/1.json
   def show
-    @forum = Forum.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @forum }
-    end
+    respond_with(@forum)
   end
 
   # GET /forums/new
   # GET /forums/new.json
   def new
     @forum = Forum.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @forum }
-    end
+    respond_with(@forum)
   end
 
   # GET /forums/1/edit
-  def edit
-    @forum = Forum.find(params[:id])
-  end
+  def edit; end
 
   # POST /forums
   # POST /forums.json
   def create
-    @forum = Forum.new(params[:forum])
-
-    respond_to do |format|
-      if @forum.save
-        format.html { redirect_to @forum, notice: 'Forum was successfully created.' }
-        format.json { render json: @forum, status: :created, location: @forum }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @forum.errors, status: :unprocessable_entity }
-      end
-    end
+    @forum = Forum.new(forum_params)
+    flash[:notice] = 'Forum was successfully created.' if @forum.save
+    respond_with(@forum)
   end
 
   # PUT /forums/1
   # PUT /forums/1.json
   def update
-    @forum = Forum.find(params[:id])
-
-    respond_to do |format|
-      if @forum.update_attributes(params[:forum])
-        format.html { redirect_to @forum, notice: 'Forum was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @forum.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = 'Forum was successfully updated.' if @forum.update(forum_params)
+    respond_with(@forum)
   end
 
   # DELETE /forums/1
   # DELETE /forums/1.json
   def destroy
-    @forum = Forum.find(params[:id])
     @forum.destroy
+    flash[:notice] = 'Forum was successfully deleted'
+    redirect_to forums_url
+  end
 
-    respond_to do |format|
-      format.html { redirect_to forums_url, notice: 'Forum was successfully deleted' }
-      format.json { head :no_content }
-    end
+  private
+
+  def forum_params
+    params.require(:forum).permit(:description, :name, :owner_id, :slug)
   end
 end

app/controllers/gardens_controller.rb

@@ -1,93 +1,68 @@
 class GardensController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
+  after_action :expire_homepage, only: [:create, :delete]
   load_and_authorize_resource
-  
-  cache_sweeper :garden_sweeper
+  respond_to :html, :json
 
   # GET /gardens
   # GET /gardens.json
   def index
-    @gardens = Garden.paginate(:page => params[:page])
-    @owner = Member.find_by_slug(params[:owner])
-    if @owner
-      @gardens = @owner.gardens.paginate(:page => params[:page])
-    end
+    @owner = Member.find_by(slug: params[:owner])
+    @show_all = params[:all] == '1'
+    @gardens = gardens
 
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @gardens }
-    end
+    respond_with(@gardens)
   end
 
   # GET /gardens/1
   # GET /gardens/1.json
   def show
-    @garden = Garden.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @garden }
-    end
+    respond_with(@garden)
   end
 
   # GET /gardens/new
   # GET /gardens/new.json
   def new
     @garden = Garden.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @garden }
-    end
+    respond_with(@garden)
   end
 
   # GET /gardens/1/edit
-  def edit
-    @garden = Garden.find(params[:id])
-  end
+  def edit; end
 
   # POST /gardens
   # POST /gardens.json
   def create
-    params[:garden][:owner_id] = current_member.id
-    @garden = Garden.new(params[:garden])
-
-    respond_to do |format|
-      if @garden.save
-        format.html { redirect_to @garden, notice: 'Garden was successfully created.' }
-        format.json { render json: @garden, status: :created, location: @garden }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @garden.errors, status: :unprocessable_entity }
-      end
-    end
+    @garden.owner_id = current_member.id
+    flash[:notice] = I18n.t('gardens.created') if @garden.save
+    respond_with(@garden)
   end
 
   # PUT /gardens/1
   # PUT /gardens/1.json
   def update
-    @garden = Garden.find(params[:id])
-
-    respond_to do |format|
-      if @garden.update_attributes(params[:garden])
-        format.html { redirect_to @garden, notice: 'Garden was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @garden.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = I18n.t('gardens.updated') if @garden.update(garden_params)
+    respond_with(@garden)
   end
 
   # DELETE /gardens/1
   # DELETE /gardens/1.json
   def destroy
-    @garden = Garden.find(params[:id])
     @garden.destroy
+    flash[:notice] = I18n.t('gardens.deleted')
+    redirect_to(gardens_by_owner_path(owner: @garden.owner))
+  end
 
-    respond_to do |format|
-      format.html { redirect_to gardens_by_owner_path(:owner => @garden.owner), notice: 'Garden was successfully deleted.' }
-      format.json { head :no_content }
-    end
+  private
+
+  def garden_params
+    params.require(:garden).permit(:name, :slug, :description, :active,
+      :location, :latitude, :longitude, :area, :area_unit)
+  end
+
+  def gardens
+    g = @owner ? @owner.gardens : Garden.all
+    g = g.active unless @show_all
+    g.includes(:owner).order(:updated_at).paginate(page: params[:page])
   end
 end

app/controllers/harvests_controller.rb

@@ -1,105 +1,99 @@
 class HarvestsController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
-  
+  respond_to :html, :json
+  respond_to :csv, only: :index
 
   # GET /harvests
   # GET /harvests.json
   def index
-    @owner = Member.find_by_slug(params[:owner])
-    @crop = Crop.find_by_slug(params[:crop])
-    if @owner
-      @harvests = @owner.harvests.includes(:owner, :crop)
-    elsif @crop
-      @harvests = @crop.harvests.includes(:owner, :crop)
-    else
-      @harvests = Harvest.includes(:owner, :crop)
-    end
+    @owner = Member.find_by(slug: params[:owner])
+    @crop = Crop.find_by(slug: params[:crop])
+    @planting = Planting.find_by(slug: params['planting_id'])
 
-    respond_to do |format|
-      format.html { @harvests = @harvests.paginate(:page => params[:page]) }
-      format.json { render json: @harvests }
-      format.csv do
-        specifics = (@owner ? "#{@owner.name}-" : @crop ? "#{@crop.name}-" : nil)
-        @filename = "Growstuff-#{specifics}Harvests-#{Time.zone.now.to_s(:number)}.csv"
-        render :csv => @harvests
-      end
-    end
+    @harvests = harvests
+    @filename = csv_filename
+    respond_with(@harvests)
   end
 
   # GET /harvests/1
   # GET /harvests/1.json
   def show
-    @harvest = Harvest.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @harvest }
-    end
+    @matching_plantings = matching_plantings if @harvest.owner == current_member
+    respond_with(@harvest)
   end
 
   # GET /harvests/new
   # GET /harvests/new.json
   def new
-    @harvest = Harvest.new('harvested_at' => Date.today)
-
+    @harvest = Harvest.new(harvested_at: Time.zone.today)
+    @planting = Planting.find_by(slug: params[:planting_id]) if params[:planting_id]
     # using find_by_id here because it returns nil, unlike find
-    @crop     = Crop.find_by_id(params[:crop_id]) || Crop.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @harvest }
-    end
+    @crop = Crop.find_by(id: params[:crop_id])
+    respond_with(@harvest)
   end
 
   # GET /harvests/1/edit
   def edit
-    @harvest = Harvest.find(params[:id])
+    @planting = @harvest.planting if @harvest.planting_id
   end
 
   # POST /harvests
   # POST /harvests.json
   def create
-    params[:harvest][:owner_id] = current_member.id
-    params[:harvested_at] = parse_date(params[:harvested_at])
-    @harvest = Harvest.new(params[:harvest])
-
-    respond_to do |format|
-      if @harvest.save
-        format.html { redirect_to @harvest, notice: 'Harvest was successfully created.' }
-        format.json { render json: @harvest, status: :created, location: @harvest }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @harvest.errors, status: :unprocessable_entity }
-      end
-    end
+    @harvest.crop_id = @harvest.planting.crop_id if @harvest.planting_id
+    flash[:notice] = I18n.t('harvests.created') if @harvest.save
+    respond_with(@harvest)
   end
 
   # PUT /harvests/1
   # PUT /harvests/1.json
   def update
-    @harvest = Harvest.find(params[:id])
-
-    respond_to do |format|
-      if @harvest.update_attributes(params[:harvest])
-        format.html { redirect_to @harvest, notice: 'Harvest was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @harvest.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = I18n.t('harvests.updated') if @harvest.update(harvest_params)
+    respond_with(@harvest)
   end
 
   # DELETE /harvests/1
   # DELETE /harvests/1.json
   def destroy
-    @harvest = Harvest.find(params[:id])
     @harvest.destroy
+    respond_with(@harvest)
+  end
 
-    respond_to do |format|
-      format.html { redirect_to harvests_url }
-      format.json { head :no_content }
-    end
+  private
+
+  def harvest_params
+    params.require(:harvest)
+      .permit(:planting_id, :crop_id, :harvested_at, :description,
+        :quantity, :unit, :weight_quantity, :weight_unit,
+        :plant_part_id, :slug, :si_weight)
+      .merge(owner_id: current_member.id)
+  end
+
+  def matching_plantings
+    Planting.where(crop: @harvest.crop, owner: @harvest.owner)
+      .where('(planted_at IS NULL OR planted_at <= ?)', @harvest.harvested_at)
+      .where('(finished_at IS NULL OR finished_at >= ?)', @harvest.harvested_at)
+  end
+
+  def harvests
+    if @owner
+      @owner.harvests
+    elsif @crop
+      @crop.harvests
+    elsif @planting_id
+      @planting.harvests
+    else
+      Harvest
+    end.includes(:owner, :crop).paginate(page: params[:page])
+  end
+
+  def csv_filename
+    specifics = if @owner
+                  "#{@owner.login_name}-"
+                elsif @crop
+                  "#{@crop.name}-"
+                end
+    "Growstuff-#{specifics}Harvests-#{Time.zone.now.to_s(:number)}.csv"
   end
 end

app/controllers/home_controller.rb

@@ -2,7 +2,6 @@ class HomeController < ApplicationController
   skip_authorize_resource
 
   def index
-
     # we were previously generating a lot of instance variables like
     # @members_count and @interesting_crops in here, but now we call
     # the relevant class methods directly in the view, so that fragment
@@ -12,5 +11,4 @@ class HomeController < ApplicationController
       format.html # index.html.haml
     end
   end
-
 end

app/controllers/likes_controller.rb

@@ -0,0 +1,57 @@
+class LikesController < ApplicationController
+  before_action :authenticate_member!
+  respond_to :html, :json
+
+  def create
+    @like = Like.new(member: current_member, likeable: find_likeable)
+    return failed(@like, message: 'Unable to like') unless @like.likeable && @like.save
+
+    success(@like, liked_by_member: true, status_code: :created)
+  end
+
+  def destroy
+    @like = Like.find_by(id: params[:id], member: current_member)
+    return failed(@like, message: 'Unable to unlike') unless @like && @like.destroy
+
+    success(@like, liked_by_member: false, status_code: :ok)
+  end
+
+  private
+
+  def find_likeable
+    Post.find(params[:post_id]) if params[:post_id]
+  end
+
+  def render_json(like, liked_by_member: true)
+    {
+      id: like.likeable.id,
+      liked_by_member: liked_by_member,
+      description: ActionController::Base.helpers.pluralize(like.likeable.likes.count, "like"),
+      url: like_path(like, format: :json)
+    }
+  end
+
+  def success(like, liked_by_member: nil, status_code: nil)
+    respond_to do |format|
+      format.html { redirect_to like.likeable }
+      format.json do
+        render(json: render_json(like, liked_by_member: liked_by_member),
+               status: status_code)
+      end
+    end
+  end
+
+  def failed(like, message)
+    respond_to do |format|
+      format.json { render(json: { 'error': message }, status: :forbidden) }
+      format.html do
+        flash[:error] = message
+        if like && like.likeable
+          redirect_to like.likeable
+        else
+          redirect_to root_path
+        end
+      end
+    end
+  end
+end

app/controllers/members_controller.rb

@@ -1,47 +1,108 @@
 class MembersController < ApplicationController
-  load_and_authorize_resource
+  load_and_authorize_resource except: [:finish_signup, :unsubscribe, :view_follows, :view_followers, :show]
+  skip_authorize_resource only: [:nearby, :unsubscribe, :finish_signup]
 
-  cache_sweeper :member_sweeper
-
-  skip_authorize_resource :only => :nearby
+  after_action :expire_cache_fragments, only: :create
 
   def index
-    @members = Member.confirmed.paginate(:page => params[:page])
+    @sort = params[:sort]
+    @members = if @sort == 'recently_joined'
+                 Member.confirmed.recently_joined.paginate(page: params[:page])
+               else
+                 Member.confirmed.paginate(page: params[:page])
+               end
 
     respond_to do |format|
       format.html # index.html.haml
-      format.json { render :json => @members.to_json(:only => [:id, :login_name, :slug, :bio, :created_at, :location, :latitude, :longitude]) }
+      format.json {
+        render json: @members.to_json(only: [
+                                        :id, :login_name,
+                                        :slug, :bio, :created_at,
+                                        :location, :latitude, :longitude
+                                      ])
+      }
     end
   end
 
   def show
-    @member       = Member.confirmed.find(params[:id])
-    @twitter_auth = @member.auth('twitter')
-    @flickr_auth  = @member.auth('flickr')
-    @posts        = @member.posts
+    @member        = Member.confirmed.find(params[:id])
+    @twitter_auth  = @member.auth('twitter')
+    @flickr_auth   = @member.auth('flickr')
+    @facebook_auth = @member.auth('facebook')
+    @posts         = @member.posts
+    @gardens       = @member.gardens.active.order(:name)
     # The garden form partial is called from the "New Garden" tab;
     # it requires a garden to be passed in @garden.
     # The new garden is not persisted unless Garden#save is called.
     @garden = Garden.new
-    
+
     respond_to do |format|
       format.html # show.html.haml
-      format.json { render :json => @member.to_json(:only => [:id, :login_name, :bio, :created_at, :slug, :location, :latitude, :longitude]) }
-      format.rss { render(
-        :layout => false,
-        :locals => { :member => @member }
-      )}
+      format.json {
+        render json: @member.to_json(only: [
+                                       :id, :login_name, :bio,
+                                       :created_at, :slug, :location,
+                                       :latitude, :longitude
+                                     ])
+      }
+      format.rss {
+        render(
+          layout: false,
+          locals: { member: @member }
+        )}
     end
   end
 
   def view_follows
     @member = Member.confirmed.find(params[:login_name])
-    @follows = @member.followed.paginate(:page => params[:page])
+    @follows = @member.followed.paginate(page: params[:page])
   end
 
   def view_followers
     @member = Member.confirmed.find(params[:login_name])
-    @followers = @member.followers.paginate(:page => params[:page])
+    @followers = @member.followers.paginate(page: params[:page])
   end
 
+  EMAIL_TYPE_STRING = {
+    send_notification_email: "direct message notifications",
+    send_planting_reminder: "planting reminders"
+  }
+
+  def unsubscribe
+    verifier = ActiveSupport::MessageVerifier.new(ENV['RAILS_SECRET_TOKEN'])
+    decrypted_message = verifier.verify(params[:message])
+
+    @member = Member.find(decrypted_message[:member_id])
+    @type = decrypted_message[:type]
+    @member.update(@type => false)
+
+    flash.now[:notice] = I18n.t('members.unsubscribed', email_type: EMAIL_TYPE_STRING[@type])
+
+  rescue ActiveSupport::MessageVerifier::InvalidSignature
+    flash.now[:alert] = I18n.t('members.unsubscribe.error')
+  end
+
+  def finish_signup
+    @member = current_member
+    return unless request.patch? && params[:member]
+
+    if @member.update(member_params)
+      @member.skip_reconfirmation!
+      bypass_sign_in(@member)
+      redirect_to root_path, notice: I18n.t('members.welcome')
+    else
+      flash[:alert] = I18n.t('members.signup.error')
+      @show_errors = true
+    end
+  end
+
+  private
+
+  def expire_cache_fragments
+    expire_fragment("homepage_stats")
+  end
+
+  def member_params
+    params.require(:member).permit(:login_name, :tos_agreement, :email, :newsletter)
+  end
 end

app/controllers/notifications_controller.rb

@@ -1,63 +1,63 @@
 class NotificationsController < ApplicationController
   include NotificationsHelper
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
+  respond_to :html
 
   # GET /notifications
   def index
-    @notifications = Notification.find_all_by_recipient_id(current_member)
-
-    respond_to do |format|
-      format.html # index.html.erb
-    end
+    @notifications = Notification.by_recipient(current_member).page(params[:page])
   end
 
   # GET /notifications/1
   def show
-    @notification = Notification.find(params[:id])
     @notification.read = true
     @notification.save
     @reply_link = reply_link(@notification)
-
-    respond_to do |format|
-      format.html # show.html.erb
-    end
   end
 
   # GET /notifications/new
 
   def new
     @notification = Notification.new
-    @recipient = Member.find_by_id(params[:recipient_id])
+    @recipient = Member.find_by(id: params[:recipient_id])
     @subject   = params[:subject] || ""
+  end
 
-    respond_to do |format|
-      format.html # new.html.erb
-    end
+  # GET /notifications/1/reply
+  def reply
+    @notification = Notification.new
+    @sender_notification = Notification.find_by(id: params[:id], recipient: current_member)
+    @sender_notification.read = true
+    @sender_notification.save
+    @recipient = @sender_notification.sender
+    @subject   = @sender_notification.subject =~ /^Re: / ?
+      @sender_notification.subject :
+      "Re: " + @sender_notification.subject
   end
 
   # DELETE /notifications/1
   def destroy
-    @notification = Notification.find(params[:id])
     @notification.destroy
-
-    respond_to do |format|
-      format.html { redirect_to notifications_url }
-    end
+    redirect_to notifications_url
   end
 
   # POST /notifications
   def create
     params[:notification][:sender_id] = current_member.id
-    @notification = Notification.new(params[:notification])
-    @recipient = Member.find_by_id(params[:notification][:recipient_id])
+    @notification = Notification.new(notification_params)
+    @recipient = Member.find_by(id: params[:notification][:recipient_id])
 
-    respond_to do |format|
-      if @notification.save
-        format.html { redirect_to notifications_path, notice: 'Message was successfully sent.' }
-      else
-        format.html { render action: "new" }
-      end
+    if @notification.save
+      redirect_to notifications_path, notice: 'Message was successfully sent.'
+    else
+      render action: "new"
     end
   end
+
+  private
+
+  def notification_params
+    params.require(:notification).permit(:sender_id, :recipient_id, :subject, :body, :post_id, :read)
+  end
 end

app/controllers/omniauth_callbacks_controller.rb

@@ -0,0 +1,51 @@
+require './lib/actions/oauth_signup_action'
+
+#
+# Handle signup or signin
+# from various oauth providers
+#
+# Heavily overlaps with Authentications controller
+#
+class OmniauthCallbacksController < Devise::OmniauthCallbacksController
+  def facebook
+    create
+  end
+
+  def failure
+    flash[:alert] = "Authentication failed."
+    redirect_to request.env['omniauth.origin'] || "/"
+  end
+
+  private
+
+  def create
+    auth = request.env['omniauth.auth']
+    action = Growstuff::OauthSignupAction.new
+
+    @authentication = nil
+
+    return redirect_to request.env['omniauth.origin'] || edit_member_registration_path unless auth
+
+    member = action.find_or_create_from_authorization(auth)
+    @authentication = action.establish_authentication(auth, member)
+
+    unless action.member_created?
+      sign_in_and_redirect member, event: :authentication # this will throw if @user is not activated
+      set_flash_message(:notice, :success, kind: auth['provider']) if is_navigational_format?
+    else
+      raise "Invalid provider" unless ['facebook', 'twitter', 'flickr'].index(auth['provider'].to_s)
+
+      session["devise.#{auth['provider']}_data"] = request.env["omniauth.auth"]
+      sign_in member
+      redirect_to finish_signup_url(member)
+    end
+  end
+
+  def after_sign_in_path_for(resource)
+    if resource.tos_agreement
+      super resource
+    else
+      finish_signup_path(resource)
+    end
+  end
+end

app/controllers/order_items_controller.rb

@@ -1,5 +1,5 @@
 class OrderItemsController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
 
   # POST /order_items
@@ -7,8 +7,8 @@ class OrderItemsController < ApplicationController
     if params[:order_item][:price]
       params[:order_item][:price] = params[:order_item][:price].to_f * 100 # convert to cents
     end
-    @order_item = OrderItem.new(params[:order_item])
-    @order_item.order = current_member.current_order || Order.create(:member_id => current_member.id)
+    @order_item = OrderItem.new(order_item_params)
+    @order_item.order = current_member.current_order || Order.create(member_id: current_member.id)
 
     respond_to do |format|
       if @order_item.save
@@ -20,4 +20,10 @@ class OrderItemsController < ApplicationController
       end
     end
   end
+
+  private
+
+  def order_item_params
+    params.require(:order_item).permit(:order_id, :price, :product_id, :quantity)
+  end
 end

app/controllers/orders_controller.rb

@@ -1,10 +1,10 @@
 class OrdersController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
 
   # GET /orders
   def index
-    @orders = Order.find_all_by_member_id(current_member.id)
+    @orders = Order.by_member(current_member)
 
     respond_to do |format|
       format.html # index.html.erb
@@ -13,8 +13,6 @@ class OrdersController < ApplicationController
 
   # GET /orders/1
   def show
-    @order = Order.find(params[:id])
-
     respond_to do |format|
       format.html # show.html.erb
     end
@@ -31,37 +29,32 @@ class OrdersController < ApplicationController
 
   # checkout with PayPal
   def checkout
-    @order = Order.find(params[:id])
-
     respond_to do |format|
-      if @order.update_attributes(:referral_code => params[:referral_code])
+      if @order.update_attributes(referral_code: params[:referral_code])
         response = EXPRESS_GATEWAY.setup_purchase(
           @order.total,
-          :items             => @order.activemerchant_items,
-          :currency          => Growstuff::Application.config.currency,
-          :no_shipping       => true,
-          :ip                => request.remote_ip,
-          :return_url        => complete_order_url,
-          :cancel_return_url => shop_url
+          items: @order.activemerchant_items,
+          currency: Growstuff::Application.config.currency,
+          no_shipping: true,
+          ip: request.remote_ip,
+          return_url: complete_order_url,
+          cancel_return_url: shop_url
         )
         format.html { redirect_to EXPRESS_GATEWAY.redirect_url_for(response.token) }
       else
         format.html { render action: "show" }
       end
     end
-
   end
 
   def complete
-    @order = Order.find(params[:id])
-
-    if (params[:token] && params['PayerID'])
+    if params[:token] && params['PayerID']
       purchase = EXPRESS_GATEWAY.purchase(
         @order.total,
-        :currency          => Growstuff::Application.config.currency,
-        :ip       => request.remote_ip,
-        :payer_id => params['PayerID'],
-        :token    => params[:token]
+        currency: Growstuff::Application.config.currency,
+        ip: request.remote_ip,
+        payer_id: params['PayerID'],
+        token: params[:token]
       )
       if purchase.success?
         @order.completed_at = Time.zone.now
@@ -78,11 +71,9 @@ class OrdersController < ApplicationController
     respond_to do |format|
       format.html # new.html.erb
     end
-
   end
 
   def cancel
-    @order = Order.find(params[:id])
     respond_to do |format|
       format.html { redirect_to shop_url, notice: 'Order was cancelled.' }
     end
@@ -90,7 +81,6 @@ class OrdersController < ApplicationController
 
   # DELETE /orders/1
   def destroy
-    @order = Order.find(params[:id])
     @order.destroy
 
     respond_to do |format|

app/controllers/pages_controller.rb

@@ -0,0 +1,6 @@
+class PagesController < ApplicationController
+  def letsencrypt
+    # use your code here, not mine
+    render text: "y9KNck8wqkoQLnlr2RgA2TVwWtyYb4PeY_hzGNx0Tfs.dlIPqFhMDCLyQEccczY3roHZ1UWu6UqVeyb9mkRxheU"
+  end
+end

app/controllers/passwords_controller.rb

@@ -1,7 +1,7 @@
 class PasswordsController < Devise::PasswordsController
+  protected
 
-protected
   def after_resetting_password_path_for(resource)
     root_path
   end
-end
+end

app/controllers/photos_controller.rb

@@ -1,135 +1,104 @@
 class PhotosController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
+  after_action :expire_homepage, only: [:create, :delete]
   load_and_authorize_resource
-  
-  cache_sweeper :photo_sweeper
+  respond_to :html, :json
 
   # GET /photos
   # GET /photos.json
   def index
-    @photos = Photo.paginate(:page => params[:page])
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @photos }
-    end
-  end
-
-  # GET /photos/1
-  # GET /photos/1.json
-  def show
-    @photo = Photo.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @photo }
-    end
+    @photos = Photo.paginate(page: params[:page])
+    respond_with(@photos)
   end
 
   # GET /photos/new
   # GET /photos/new.json
   def new
-    @photo = Photo.new
     @type = params[:type]
     @id = params[:id]
 
-    page = params[:page] || 1
-
-    @flickr_auth = current_member.auth('flickr')
-    @current_set = params[:set]
-    if @flickr_auth
-      @sets = current_member.flickr_sets
-      photos, total = current_member.flickr_photos(page, @current_set)
-
-      @photos = WillPaginate::Collection.create(page, 30, total) do |pager|
-        pager.replace photos
-      end
-    end
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @photo }
-    end
+    @photo = Photo.new
+    retrieve_from_flickr
+    respond_with(@photo)
   end
 
   # GET /photos/1/edit
   def edit
-    @photo = Photo.find(params[:id])
   end
 
   # POST /photos
   # POST /photos.json
   def create
-    @photo = Photo.find_by_flickr_photo_id(params[:photo][:flickr_photo_id]) ||
-      Photo.new(params[:photo])
-    @photo.owner_id = current_member.id
-    @photo.set_flickr_metadata
-
-    # several models can have photos. we need to know what model and the id
-    # for the entry to attach the photo to
-    valid_models = ["planting", "harvest"]
-    if params[:type]
-      if valid_models.include?(params[:type])
-        if params[:id]
-          item = params[:type].camelcase.constantize.find_by_id(params[:id])
-          if item
-            if item.owner.id == current_member.id
-              #  This syntax is weird, so just know that it means this:
-              #  @photo.harvests << item unless @photo.harvests.include?(item)
-              #  but with the correct many-to-many relationship automatically referenced
-              (@photo.send "#{params[:type]}s") << item unless (@photo.send "#{params[:type]}s").include?(item)
-            else
-              flash[:alert] = "You must own both the #{params[:type]} and the photo."
-            end
-          else
-            flash[:alert] = "Couldn't find #{params[:type]} to connect to photo."
-          end
-        else
-          flash[:alert] = "Missing id parameter"
-        end
-      else
-        flash[:alert] = "Cannot attach photos to #{params[:type]}"
-      end
-    else    
-      flash[:alert] = "Missing type parameter"
-    end
-  
-    respond_to do |format|
-      if @photo.save
-        format.html { redirect_to @photo, notice: 'Photo was successfully added.' }
-        format.json { render json: @photo, status: :created, location: @photo }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @photo.errors, status: :unprocessable_entity }
-      end
-    end
+    find_or_create_photo_from_flickr_photo
+    add_photo_to_collection
+    flash[:notice] = 'Photo was successfully added.' if @photo.present? && @photo.save
+    respond_with(@photo)
   end
 
   # PUT /photos/1
   # PUT /photos/1.json
   def update
-    @photo = Photo.find(params[:id])
-
-    respond_to do |format|
-      if @photo.update_attributes(params[:photo])
-        format.html { redirect_to @photo, notice: 'Photo was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @photo.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = 'Photo was successfully updated.' if @photo.update(photo_params)
+    respond_with(@photo)
   end
 
   # DELETE /photos/1
   # DELETE /photos/1.json
   def destroy
-    @photo = Photo.find(params[:id])
     @photo.destroy
+    flash[:alert] = "Photo successfully deleted."
+    respond_with(@photo)
+  end
 
-    respond_to do |format|
-      format.html { redirect_to photos_url }
-      format.json { head :no_content }
+  private
+
+  def item_id?
+    params.key? :id
+  end
+
+  def flickr_photo_id_param
+    params[:photo][:flickr_photo_id]
+  end
+
+  def photo_params
+    params.require(:photo).permit(:flickr_photo_id, :title, :license_name,
+      :license_url, :thumbnail_url, :fullsize_url, :link_url)
+  end
+
+  def find_or_create_photo_from_flickr_photo
+    @photo = Photo.find_by(flickr_photo_id: flickr_photo_id_param)
+    @photo = Photo.new(photo_params) unless @photo
+    @photo.owner_id = current_member.id
+    @photo.set_flickr_metadata
+    @photo
+  end
+
+  def add_photo_to_collection
+    raise "Missing or invalid type provided" unless Growstuff::Constants::PhotoModels.types.include?(params[:type])
+    raise "No item id provided" unless item_id?
+    collection = Growstuff::Constants::PhotoModels.get_relation(@photo, params[:type])
+
+    item_class = Growstuff::Constants::PhotoModels.get_item(params[:type])
+    item = item_class.find_by!(id: params[:id], owner_id: current_member.id)
+    raise "Could not find this item owned by you" unless item
+
+    collection << item unless collection.include?(item)
+  rescue => e
+    flash[:alert] = e.message
+  end
+
+  def retrieve_from_flickr
+    @flickr_auth = current_member.auth('flickr')
+    @current_set = params[:set]
+    return unless @flickr_auth
+
+    page = params[:page] || 1
+
+    @sets = current_member.flickr_sets
+    photos, total = current_member.flickr_photos(page, @current_set)
+
+    @photos = WillPaginate::Collection.create(page, 30, total) do |pager|
+      pager.replace photos
     end
   end
 end

app/controllers/places_controller.rb

@@ -5,7 +5,11 @@ class PlacesController < ApplicationController
     respond_to do |format|
       format.html
       # json response is whatever we want to map here
-      format.json { render :json => Member.located.to_json(:only => [:id, :login_name, :slug, :location, :latitude, :longitude]) }
+      format.json do
+        render json: Member.located.to_json(only: [
+                                              :id, :login_name, :slug, :location, :latitude, :longitude
+                                            ])
+      end
     end
   end
 
@@ -16,16 +20,27 @@ class PlacesController < ApplicationController
     @nearby_members = Member.nearest_to(params[:place])
     respond_to do |format|
       format.html # show.html.haml
-      format.json { render :json => @nearby_members.to_json(:only => [:id, :login_name, :slug, :location, :latitude, :longitude]) }
-    end
-  end
-
-  def search
-    respond_to do |format|
-      format.html do
-        redirect_to place_path(params[:new_place])
+      format.json do
+        render json: @nearby_members.to_json(only: [
+                                               :id, :login_name, :slug, :location, :latitude, :longitude
+                                             ])
       end
     end
   end
 
+  def search
+    if params[:new_place].empty?
+      respond_to do |format|
+        format.html do
+          redirect_to places_path, alert: 'Please enter a valid location'
+        end
+      end
+    else
+      respond_to do |format|
+        format.html do
+          redirect_to place_path(params[:new_place])
+        end
+      end
+    end
+  end
 end

app/controllers/plant_parts_controller.rb

@@ -1,48 +1,35 @@
 class PlantPartsController < ApplicationController
   load_and_authorize_resource
+  respond_to :html, :json
 
   # GET /plant_parts
   # GET /plant_parts.json
   def index
     @plant_parts = PlantPart.all
-
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @plant_parts }
-    end
+    respond_with(@plant_parts)
   end
 
   # GET /plant_parts/1
   # GET /plant_parts/1.json
   def show
-    @plant_part = PlantPart.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @plant_part }
-    end
+    respond_with(@plant_part)
   end
 
   # GET /plant_parts/new
   # GET /plant_parts/new.json
   def new
     @plant_part = PlantPart.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @plant_part }
-    end
+    respond_with(@plant_part)
   end
 
   # GET /plant_parts/1/edit
   def edit
-    @plant_part = PlantPart.find(params[:id])
   end
 
   # POST /plant_parts
   # POST /plant_parts.json
   def create
-    @plant_part = PlantPart.new(params[:plant_part])
+    @plant_part = PlantPart.new(plant_part_params)
 
     respond_to do |format|
       if @plant_part.save
@@ -58,10 +45,8 @@ class PlantPartsController < ApplicationController
   # PUT /plant_parts/1
   # PUT /plant_parts/1.json
   def update
-    @plant_part = PlantPart.find(params[:id])
-
     respond_to do |format|
-      if @plant_part.update_attributes(params[:plant_part])
+      if @plant_part.update(plant_part_params)
         format.html { redirect_to @plant_part, notice: 'Plant part was successfully updated.' }
         format.json { head :no_content }
       else
@@ -74,7 +59,6 @@ class PlantPartsController < ApplicationController
   # DELETE /plant_parts/1
   # DELETE /plant_parts/1.json
   def destroy
-    @plant_part = PlantPart.find(params[:id])
     @plant_part.destroy
 
     respond_to do |format|
@@ -82,4 +66,10 @@ class PlantPartsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def plant_part_params
+    params.require(:plant_part).permit(:name, :slug)
+  end
 end

app/controllers/plantings_controller.rb

@@ -1,31 +1,23 @@
 class PlantingsController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
-  
-
-  cache_sweeper :planting_sweeper
 
   # GET /plantings
   # GET /plantings.json
   def index
-    @owner = Member.find_by_slug(params[:owner])
-    @crop = Crop.find_by_slug(params[:crop])
-    if @owner
-      @plantings = @owner.plantings.includes(:owner, :crop, :garden).paginate(:page => params[:page])
-    elsif @crop
-      @plantings = @crop.plantings.includes(:owner, :crop, :garden).paginate(:page => params[:page])
-    else
-      @plantings = Planting.includes(:owner, :crop, :garden).paginate(:page => params[:page])
-    end
+    @owner = Member.find_by(slug: params[:owner]) if params[:owner]
+    @crop = Crop.find_by(slug: params[:crop]) if params[:crop]
+    @show_all = params[:all] == '1'
+    @plantings = plantings
 
     respond_to do |format|
-      format.html { @plantings = @plantings.paginate(:page => params[:page]) }
+      format.html { @plantings = @plantings.paginate(page: params[:page]) }
       format.json { render json: @plantings }
-      format.rss { render :layout => false } #index.rss.builder
+      format.rss { render layout: false } # index.rss.builder
       format.csv do
-        specifics = (@owner ? "#{@owner.name}-" : @crop ? "#{@crop.name}-" : nil)
+        specifics = (@owner ? "#{@owner.login_name}-" : @crop ? "#{@crop.name}-" : nil)
         @filename = "Growstuff-#{specifics}Plantings-#{Time.zone.now.to_s(:number)}.csv"
-        render :csv => @plantings
+        render csv: @plantings
       end
     end
   end
@@ -33,7 +25,7 @@ class PlantingsController < ApplicationController
   # GET /plantings/1
   # GET /plantings/1.json
   def show
-    @planting = Planting.includes(:owner, :crop, :garden, :photos).find(params[:id])
+    @planting = Planting.includes(:owner, :crop, :garden, :photos).friendly.find(params[:id])
 
     respond_to do |format|
       format.html # show.html.erb
@@ -44,11 +36,11 @@ class PlantingsController < ApplicationController
   # GET /plantings/new
   # GET /plantings/new.json
   def new
-    @planting = Planting.new('planted_at' => Date.today)
+    @planting = Planting.new('planted_at' => Time.zone.today)
 
     # using find_by_id here because it returns nil, unlike find
-    @crop     = Crop.find_by_id(params[:crop_id])     || Crop.new
-    @garden   = Garden.find_by_id(params[:garden_id]) || Garden.new
+    @crop     = Crop.approved.find_by(id: params[:crop_id]) || Crop.new
+    @garden   = Garden.find_by(owner: current_member, id: params[:garden_id]) || Garden.new
 
     respond_to do |format|
       format.html # new.html.erb
@@ -58,8 +50,6 @@ class PlantingsController < ApplicationController
 
   # GET /plantings/1/edit
   def edit
-    @planting = Planting.find(params[:id])
-
     # the following are needed to display the form but aren't used
     @crop     = Crop.new
     @garden   = Garden.new
@@ -68,14 +58,17 @@ class PlantingsController < ApplicationController
   # POST /plantings
   # POST /plantings.json
   def create
-    params[:planting][:owner_id] = current_member.id
     params[:planted_at] = parse_date(params[:planted_at])
-    @planting = Planting.new(params[:planting])
+    @planting = Planting.new(planting_params)
+    @planting.owner = current_member
 
     respond_to do |format|
       if @planting.save
+        @planting.update_attribute(:days_before_maturity,
+          update_days_before_maturity(@planting, planting_params[:crop_id]))
         format.html { redirect_to @planting, notice: 'Planting was successfully created.' }
         format.json { render json: @planting, status: :created, location: @planting }
+        expire_fragment("homepage_stats")
       else
         format.html { render action: "new" }
         format.json { render json: @planting.errors, status: :unprocessable_entity }
@@ -86,11 +79,12 @@ class PlantingsController < ApplicationController
   # PUT /plantings/1
   # PUT /plantings/1.json
   def update
-    @planting = Planting.find(params[:id])
     params[:planted_at] = parse_date(params[:planted_at])
 
     respond_to do |format|
-      if @planting.update_attributes(params[:planting])
+      if @planting.update(planting_params)
+        @planting.update_attribute(:days_before_maturity,
+          update_days_before_maturity(@planting, planting_params[:crop_id]))
         format.html { redirect_to @planting, notice: 'Planting was successfully updated.' }
         format.json { head :no_content }
       else
@@ -103,13 +97,41 @@ class PlantingsController < ApplicationController
   # DELETE /plantings/1
   # DELETE /plantings/1.json
   def destroy
-    @planting = Planting.find(params[:id])
     @garden = @planting.garden
     @planting.destroy
+    expire_fragment("homepage_stats")
 
     respond_to do |format|
       format.html { redirect_to @garden }
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def planting_params
+    params.require(:planting).permit(:crop_id, :description, :garden_id, :planted_at,
+      :quantity, :sunniness, :planted_from, :owner_id, :finished,
+      :finished_at)
+  end
+
+  def update_days_before_maturity(planting, crop_id)
+    if planting.finished_at.nil?
+      planting.calculate_days_before_maturity(planting, crop_id)
+    else
+      (planting.finished_at - planting.planted_at).to_i
+    end
+  end
+
+  def plantings
+    p = if @owner
+          @owner.plantings
+        elsif @crop
+          @crop.plantings
+        else
+          Planting
+        end
+    p = p.current unless @show_all
+    p.includes(:owner, :crop, :garden).order(:created_at).paginate(page: params[:page])
+  end
 end

app/controllers/policy_controller.rb

@@ -1,2 +0,0 @@
-class PolicyController < ApplicationController
-end

app/controllers/posts_controller.rb

@@ -1,101 +1,72 @@
 class PostsController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
-
-  cache_sweeper :post_sweeper
+  respond_to :html, :json
+  respond_to :rss, only: [:index, :show]
 
   # GET /posts
   # GET /posts.json
-
+  # GET /posts.rss
   def index
-    @author = Member.find_by_slug(params[:author])
-    if @author
-      @posts = @author.posts.includes(:author, { :comments => :author }).paginate(:page => params[:page])
-    else
-      @posts = Post.includes(:author, { :comments => :author }).paginate(:page => params[:page])
-    end
-
-    respond_to do |format|
-      format.html # index.html.haml
-      format.json { render json: @posts }
-      format.rss { render :layout => false } #index.rss.builder
-    end
+    @author = Member.find_by(slug: params[:author])
+    @posts = posts
+    respond_with(@posts)
   end
 
   # GET /posts/1
   # GET /posts/1.json
+  # GET /posts/1.rss
   def show
-    @post = Post.includes(:author, { :comments => :author }).find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.haml
-      format.json { render json: @post }
-      format.rss { render(
-        :layout => false,
-        :locals => { :post => @post }
-      )}
-    end
+    @post = Post.includes(:author, comments: :author).find(params[:id])
+    respond_with(@post)
   end
 
   # GET /posts/new
   # GET /posts/new.json
   def new
     @post = Post.new
-    @forum = Forum.find_by_id(params[:forum_id])
-
-    respond_to do |format|
-      format.html # new.html.haml
-      format.json { render json: @post }
-    end
+    @forum = Forum.find_by(id: params[:forum_id])
+    respond_with(@post)
   end
 
   # GET /posts/1/edit
   def edit
-    @post = Post.find(params[:id])
   end
 
   # POST /posts
   # POST /posts.json
   def create
     params[:post][:author_id] = current_member.id
-    @post = Post.new(params[:post])
-
-    respond_to do |format|
-      if @post.save
-        format.html { redirect_to @post, notice: 'Post was successfully created.' }
-        format.json { render json: @post, status: :created, location: @post }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @post.errors, status: :unprocessable_entity }
-      end
-    end
+    @post = Post.new(post_params)
+    flash[:notice] = 'Post was successfully created.' if @post.save
+    respond_with(@post)
   end
 
   # PUT /posts/1
   # PUT /posts/1.json
   def update
-    @post = Post.find(params[:id])
-
-    respond_to do |format|
-      if @post.update_attributes(params[:post])
-        format.html { redirect_to @post, notice: 'Post was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @post.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = 'Post was successfully updated.' if @post.update(post_params)
+    respond_with(@post)
   end
 
   # DELETE /posts/1
   # DELETE /posts/1.json
   def destroy
-    @post = Post.find(params[:id])
-    @post.destroy
+    flash[:notice] = 'Post was deleted.' if @post.destroy
+    respond_with(@post)
+  end
 
-    respond_to do |format|
-      format.html { redirect_to posts_url, notice: 'Post was deleted.' }
-      format.json { head :no_content }
-    end
+  private
+
+  def post_params
+    params.require(:post).permit(:body, :subject, :author_id, :forum_id)
+  end
+
+  def posts
+    if @author
+      @author.posts
+    else
+      Post
+    end.includes(:author, comments: :author).paginate(page: params[:page])
   end
 end

app/controllers/products_controller.rb

@@ -1,5 +1,5 @@
 class ProductsController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
 
   # GET /products
@@ -13,8 +13,6 @@ class ProductsController < ApplicationController
 
   # GET /products/1
   def show
-    @product = Product.find(params[:id])
-
     respond_to do |format|
       format.html # show.html.erb
     end
@@ -31,12 +29,11 @@ class ProductsController < ApplicationController
 
   # GET /products/1/edit
   def edit
-    @product = Product.find(params[:id])
   end
 
   # POST /products
   def create
-    @product = Product.new(params[:product])
+    @product = Product.new(product_params)
 
     respond_to do |format|
       if @product.save
@@ -49,10 +46,8 @@ class ProductsController < ApplicationController
 
   # PUT /products/1
   def update
-    @product = Product.find(params[:id])
-
     respond_to do |format|
-      if @product.update_attributes(params[:product])
+      if @product.update(product_params)
         format.html { redirect_to @product, notice: 'Product was successfully updated.' }
       else
         format.html { render action: "edit" }
@@ -62,11 +57,17 @@ class ProductsController < ApplicationController
 
   # DELETE /products/1
   def destroy
-    @product = Product.find(params[:id])
     @product.destroy
 
     respond_to do |format|
       format.html { redirect_to products_url }
     end
   end
+
+  private
+
+  def product_params
+    params.require(:product).permit(:description, :min_price, :recommended_price, :name,
+      :account_type_id, :paid_months)
+  end
 end

app/controllers/registrations_controller.rb

@@ -1,46 +1,44 @@
 class RegistrationsController < Devise::RegistrationsController
-
-  cache_sweeper :member_sweeper
+  respond_to :json
 
   def edit
-    @twitter_auth = current_member.auth('twitter')
-    @flickr_auth  = current_member.auth('flickr')
+    @twitter_auth  = current_member.auth('twitter')
+    @flickr_auth   = current_member.auth('flickr')
+    @facebook_auth = current_member.auth('facebook')
     render "edit"
   end
 
-# we need this subclassed method so that Devise doesn't force people to
-# change their password every time they want to edit their settings.
-# we also check that they give their current password to change their password.
-# Code copied from
-# https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-edit-their-account-without-providing-a-password
+  # we need this subclassed method so that Devise doesn't force people to
+  # change their password every time they want to edit their settings.
+  # we also check that they give their current password to change their password.
+  # Code copied from
+  # https://github.com/plataformatec/devise/wiki/How-To:-Allow-users-to-edit-their-account-without-providing-a-password
 
   def update
-
     @member = Member.find(current_member.id)
 
-    successfully_updated = if needs_password?(@member, params)
-      @member.update_with_password(devise_parameter_sanitizer.sanitize(:account_update))
+    if needs_password?(@member, params)
+      successfully_updated = @member.update_with_password(devise_parameter_sanitizer.sanitize(:account_update))
     else
       # remove the virtual current_password attribute
       # update_without_password doesn't know how to ignore it
       params[:member].delete(:current_password)
-      @member.update_without_password(devise_parameter_sanitizer.sanitize(:account_update))
+      successfully_updated = @member.update_without_password(devise_parameter_sanitizer.sanitize(:account_update))
     end
 
     if successfully_updated
       set_flash_message :notice, :updated
       # Sign in the member bypassing validation in case their password changed
-      sign_in @member, :bypass => true
+      sign_in @member, bypass: true
       redirect_to edit_member_registration_path
     else
       render "edit"
     end
-
   end
 end
 
 # check if we need the current password to update fields
 def needs_password?(member, params)
   params[:member][:password].present? ||
-  params[:member][:password_confirmation].present?
+    params[:member][:password_confirmation].present?
 end

app/controllers/robots_controller.rb

@@ -0,0 +1,15 @@
+class RobotsController < ApplicationController
+  DEFAULT_FILENAME = 'config/robots.txt'.freeze
+
+  def robots
+    filename = "config/robots.#{subdomain}.txt" if subdomain && subdomain != 'www'
+    file_to_render = File.exist?(filename.to_s) ? filename : DEFAULT_FILENAME
+    render file: file_to_render, layout: false, content_type: 'text/plain'
+  end
+
+  private
+
+  def subdomain
+    request.subdomain.present? ? request.subdomain : nil
+  end
+end

app/controllers/roles_controller.rb

@@ -1,7 +1,7 @@
 class RolesController < ApplicationController
-  before_filter :authenticate_member!
+  before_action :authenticate_member!
   load_and_authorize_resource
-  
+
   # GET /roles
   def index
     @roles = Role.all
@@ -13,8 +13,6 @@ class RolesController < ApplicationController
 
   # GET /roles/1
   def show
-    @role = Role.find(params[:id])
-
     respond_to do |format|
       format.html # show.html.erb
     end
@@ -31,12 +29,11 @@ class RolesController < ApplicationController
 
   # GET /roles/1/edit
   def edit
-    @role = Role.find(params[:id])
   end
 
   # POST /roles
   def create
-    @role = Role.new(params[:role])
+    @role = Role.new(role_params)
 
     respond_to do |format|
       if @role.save
@@ -49,10 +46,8 @@ class RolesController < ApplicationController
 
   # PUT /roles/1
   def update
-    @role = Role.find(params[:id])
-
     respond_to do |format|
-      if @role.update_attributes(params[:role])
+      if @role.update(role_params)
         format.html { redirect_to @role, notice: 'Role was successfully updated.' }
       else
         format.html { render action: "edit" }
@@ -62,11 +57,16 @@ class RolesController < ApplicationController
 
   # DELETE /roles/1
   def destroy
-    @role = Role.find(params[:id])
     @role.destroy
 
     respond_to do |format|
       format.html { redirect_to roles_url }
     end
   end
+
+  private
+
+  def role_params
+    params.require(:role).permit(:description, :name, :members, :slug)
+  end
 end

app/controllers/scientific_names_controller.rb

@@ -1,93 +1,62 @@
 class ScientificNamesController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
-
-  cache_sweeper :scientific_name_sweeper
+  respond_to :html, :json
 
   # GET /scientific_names
   # GET /scientific_names.json
   def index
     @scientific_names = ScientificName.all
-
-    respond_to do |format|
-      format.html # index.html.haml
-      format.json { render json: @scientific_names }
-    end
+    respond_with(@scientific_names)
   end
 
   # GET /scientific_names/1
   # GET /scientific_names/1.json
   def show
-    @scientific_name = ScientificName.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.haml
-      format.json { render json: @scientific_name }
-    end
+    respond_with(@scientific_name)
   end
 
   # GET /scientific_names/new
   # GET /scientific_names/new.json
   def new
     @scientific_name = ScientificName.new
-    @crop = Crop.find_by_id(params[:crop_id]) || Crop.new
-
-    respond_to do |format|
-      format.html # new.html.haml
-      format.json { render json: @scientific_name }
-    end
+    @crop = Crop.find_or_initialize_by(id: params[:crop_id])
+    respond_with(@scientific_name)
   end
 
   # GET /scientific_names/1/edit
   def edit
-    @scientific_name = ScientificName.find(params[:id])
   end
 
   # POST /scientific_names
   # POST /scientific_names.json
   def create
-    params[:scientific_name][:creator_id] = current_member.id
-    @scientific_name = ScientificName.new(params[:scientific_name])
+    @scientific_name = ScientificName.new(scientific_name_params)
+    @scientific_name.creator = current_member
 
-    respond_to do |format|
-      if @scientific_name.save
-        format.html { redirect_to @scientific_name.crop, notice: 'Scientific name was successfully created.' }
-        format.json { render json: @scientific_name, status: :created, location: @scientific_name }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @scientific_name.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = 'Scientific name was successfully created.' if @scientific_name.save
+    respond_with(@scientific_name.crop)
   end
 
   # PUT /scientific_names/1
   # PUT /scientific_names/1.json
   def update
-    @scientific_name = ScientificName.find(params[:id])
-
-    respond_to do |format|
-      if @scientific_name.update_attributes(params[:scientific_name])
-        format.html { redirect_to @scientific_name.crop, notice: 'Scientific name was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @scientific_name.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = 'Scientific name was successfully updated.' if @scientific_name.update(scientific_name_params)
+    respond_with(@scientific_name.crop)
   end
 
   # DELETE /scientific_names/1
   # DELETE /scientific_names/1.json
   def destroy
-    @scientific_name = ScientificName.find(params[:id])
     @crop = @scientific_name.crop
     @scientific_name.destroy
+    flash[:notice] = 'Scientific name was successfully deleted.'
+    respond_with(@crop)
+  end
 
-    respond_to do |format|
-      format.html {
-        redirect_to @crop, notice: 'Scientific name was successfully deleted.'
-      }
-      format.json { head :no_content }
-    end
+  private
+
+  def scientific_name_params
+    params.require(:scientific_name).permit(:crop_id, :name)
   end
 end

app/controllers/seeds_controller.rb

@@ -1,48 +1,25 @@
 class SeedsController < ApplicationController
-  before_filter :authenticate_member!, :except => [:index, :show]
+  before_action :authenticate_member!, except: [:index, :show]
   load_and_authorize_resource
-
-  cache_sweeper :seed_sweeper
+  respond_to :html, :json
+  respond_to :csv, only: :index
+  respond_to :rss, only: :index
 
   # GET /seeds
   # GET /seeds.json
   def index
-    @owner = Member.find_by_slug(params[:owner])
-    @crop = Crop.find_by_slug(params[:crop])
-    if @owner
-      @seeds = @owner.seeds.includes(:owner, :crop).paginate(:page => params[:page])
-    elsif @crop
-      @seeds = @crop.seeds.includes(:owner, :crop).paginate(:page => params[:page])
-    else
-      @seeds = Seed.includes(:owner, :crop).paginate(:page => params[:page])
-    end
+    @owner = Member.find_by(slug: params[:owner])
+    @crop = Crop.find_by(slug: params[:crop])
+    @seeds = seeds(owner: @owner, crop: @crop)
+    @filename = csv_filename
 
-    respond_to do |format|
-      format.html # index.html.erb
-      format.json { render json: @seeds }
-      format.rss { render :layout => false } #index.rss.builder
-      format.csv do
-        if @owner
-          @filename = "Growstuff-#{@owner}-Seeds-#{Time.zone.now.to_s(:number)}.csv"
-          @seeds = @owner.seeds.includes(:owner, :crop)
-        else
-          @filename = "Growstuff-Seeds-#{Time.zone.now.to_s(:number)}.csv"
-          @seeds = Seed.includes(:owner, :crop)
-        end
-        render :csv => @seeds
-      end
-    end
+    respond_with(@seeds)
   end
 
   # GET /seeds/1
   # GET /seeds/1.json
   def show
-    @seed = Seed.find(params[:id])
-
-    respond_to do |format|
-      format.html # show.html.erb
-      format.json { render json: @seed }
-    end
+    respond_with(@seed)
   end
 
   # GET /seeds/new
@@ -51,61 +28,62 @@ class SeedsController < ApplicationController
     @seed = Seed.new
 
     # using find_by_id here because it returns nil, unlike find
-    @crop     = Crop.find_by_id(params[:crop_id])     || Crop.new
-
-    respond_to do |format|
-      format.html # new.html.erb
-      format.json { render json: @seed }
-    end
+    @crop = Crop.find_or_initialize_by(id: params[:crop_id])
+    respond_with(@seed)
   end
 
   # GET /seeds/1/edit
   def edit
-    @seed = Seed.find(params[:id])
   end
 
   # POST /seeds
   # POST /seeds.json
   def create
-    params[:seed][:owner_id] = current_member.id
-    @seed = Seed.new(params[:seed])
-
-    respond_to do |format|
-      if @seed.save
-        format.html { redirect_to @seed, notice: "Successfully added #{@seed.crop} seed to your stash." }
-        format.json { render json: @seed, status: :created, location: @seed }
-      else
-        format.html { render action: "new" }
-        format.json { render json: @seed.errors, status: :unprocessable_entity }
-      end
-    end
+    @seed = Seed.new(seed_params)
+    @seed.owner = current_member
+    flash[:notice] = "Successfully added #{@seed.crop} seed to your stash." if @seed.save
+    respond_with(@seed)
   end
 
   # PUT /seeds/1
   # PUT /seeds/1.json
   def update
-    @seed = Seed.find(params[:id])
-
-    respond_to do |format|
-      if @seed.update_attributes(params[:seed])
-        format.html { redirect_to @seed, notice: 'Seed was successfully updated.' }
-        format.json { head :no_content }
-      else
-        format.html { render action: "edit" }
-        format.json { render json: @seed.errors, status: :unprocessable_entity }
-      end
-    end
+    flash[:notice] = 'Seed was successfully updated.' if @seed.update(seed_params)
+    respond_with(@seed)
   end
 
   # DELETE /seeds/1
   # DELETE /seeds/1.json
   def destroy
-    @seed = Seed.find(params[:id])
     @seed.destroy
+    respond_with(@seed)
+  end
 
-    respond_to do |format|
-      format.html { redirect_to seeds_url }
-      format.json { head :no_content }
+  private
+
+  def seed_params
+    params.require(:seed).permit(
+      :crop_id, :description, :quantity, :plant_before,
+      :days_until_maturity_min, :days_until_maturity_max, :organic, :gmo,
+      :heirloom, :tradable_to, :slug
+    )
+  end
+
+  def seeds(owner: nil, crop: nil)
+    if owner
+      owner.seeds
+    elsif crop
+      crop.seeds
+    else
+      Seed
+    end.includes(:owner, :crop).paginate(page: params[:page])
+  end
+
+  def csv_filename
+    if @owner
+      "Growstuff-#{@owner}-Seeds-#{Time.zone.now.to_s(:number)}.csv"
+    else
+      "Growstuff-Seeds-#{Time.zone.now.to_s(:number)}.csv"
     end
   end
 end

app/controllers/sessions_controller.rb

@@ -0,0 +1,11 @@
+class SessionsController < Devise::SessionsController
+  respond_to :json
+
+  def create
+    super do |resource|
+      if Crop.pending_approval.present? && current_member.role?(:crop_wrangler)
+        flash[:alert] = "There are crops waiting to be wrangled."
+      end
+    end
+  end
+end

app/controllers/support_controller.rb

@@ -1,2 +0,0 @@
-class SupportController < ApplicationController
-end

app/helpers/application_helper.rb

@@ -1,28 +1,111 @@
 module ApplicationHelper
-
   def price_in_dollars(price)
-    return sprintf('%.2f', price / 100.0)
+    sprintf('%.2f', price / 100.0)
   end
 
   # 999 cents becomes 9.99 AUD -- for products/orders/etc
   def price_with_currency(price)
-    return sprintf('%.2f %s', price / 100.0,
-        Growstuff::Application.config.currency)
+    sprintf('%.2f %s', price / 100.0, Growstuff::Application.config.currency)
   end
 
   def parse_date(str)
     str ||= '' # Date.parse barfs on nil
-    return str == '' ? nil : Date.parse(str)
+    str == '' ? nil : Date.parse(str)
   end
 
   def forex_link(price)
     pid = price_in_dollars(price)
     currency = Growstuff::Application.config.currency
     link = "http://www.wolframalpha.com/input/?i=#{pid}+#{currency}"
-    return link_to "(convert)",
-      link,
-      :target => "_blank"
-  end 
 
+    link_to "(convert)", link, target: "_blank", rel: "noopener noreferrer"
+  end
+
+  def build_alert_classes(alert_type = :info)
+    classes = 'alert alert-dismissable '
+    case alert_type.to_sym
+    when :alert, :danger, :error, :validation_errors
+      classes += 'alert-danger'
+    when :warning, :todo
+      classes += 'alert-warning'
+    when :notice, :success
+      classes += 'alert-success'
+    when :info
+      classes += 'alert-info'
+    end
+    classes
+  end
+
+  # Produces a cache key for uniquely identifying cached fragments.
+  def cache_key_for(klass, identifier = "all")
+    count          = klass.count
+    max_updated_at = klass.maximum(:updated_at).try(:utc).try(:to_s, :number)
+    "#{klass.name.downcase.pluralize}/#{identifier}-#{count}-#{max_updated_at}"
+  end
+
+  def required_field_help_text
+    asterisk = content_tag :span, '*', class: ['red']
+    text = content_tag :em, 'denotes a required field'
+    content_tag :div, asterisk + ' '.html_safe + text, class: ['margin-bottom']
+  end
+
+  #
+  # Returns an image uri for a given member.
+  #
+  # Falls back to Gravatar
+  #
+  def avatar_uri(member, size = 150)
+    if member.preferred_avatar_uri.present?
+      # Some avatars support different sizes
+      # http://graph.facebook.com/12345678/picture?width=150&height=150
+      uri = URI.parse(member.preferred_avatar_uri)
+
+      if uri.host == 'graph.facebook.com'
+        uri.query = "&width=#{size}&height=#{size}"
+      end
+
+      # TODO: Assess twitter - https://dev.twitter.com/overview/general/user-profile-images-and-banners
+      # TODO: Assess flickr  - https://www.flickr.com/services/api/misc.buddyicons.html
+
+      return uri.to_s
+    end
+
+    Gravatar.new(member.email).image_url(size: size,
+                                         default: :identicon)
+  end
+
+  # Returns a string with the quantity and the right pluralization for a
+  # given collection and model.
+  def localize_plural(collection, model)
+    size       = collection.size
+    model_name = model.model_name.human(count: size)
+    "#{size} #{model_name}"
+  end
+
+  def show_inactive_tickbox_path(type, owner, show_all)
+    all = show_all ? '' : 1
+    if owner
+      plantings_by_owner_path(owner: owner.slug, all: all) if type == 'plantings'
+      gardens_by_owner_path(owner: owner.slug, all: all) if type == 'gardens'
+    else
+      plantings_path(all: all) if type == 'plantings'
+      gardens_path(all: all) if type == 'gardens'
+    end
+  end
+
+  def title(type, owner, crop, planting)
+    if owner
+      t(".title.owner_#{type}", owner: owner.login_name)
+    elsif crop
+      t(".title.crop_#{type}", crop: crop.name)
+    elsif planting
+      t(".title.planting_#{type}", planting: planting.to_s)
+    else
+      t(".title.default")
+    end
+  end
+
+  def og_description(description)
+    strip_tags(description).split(' ')[0..20].join(' ')
+  end
 end
-

app/helpers/auto_suggest_helper.rb

@@ -1,6 +1,5 @@
 module AutoSuggestHelper
-
-  def auto_suggest(resource, source, options={})
+  def auto_suggest(resource, source, options = {})
     if options[:default] && !options[:default].new_record?
       default = options[:default]
       default_id = options[:default].try(:id)
@@ -13,10 +12,14 @@ module AutoSuggestHelper
     source_path = Rails.application.routes.url_helpers.send("#{source}s_search_path")
 
     %Q{
-      <input id="#{source}" class="auto-suggest #{options[:class]}" type="text" value="#{default}" data-source-url="#{source_path}", placeholder="e.g. lettuce">
-      <noscript class="text-warning">Warning: Javascript must be available to search and match crops</noscript>
-      <input id="#{resource}_#{source}_id" class="auto-suggest-id" type="hidden" name="#{resource}[#{source}_id]" value="#{default_id}">
+      <input id="#{source}" class="auto-suggest #{options[:class]}"
+        type="text" value="#{default}" data-source-url="#{source_path}",
+        placeholder="e.g. lettuce">
+      <noscript class="text-warning">
+        Warning: Javascript must be available to search and match crops
+      </noscript>
+      <input id="#{resource}_#{source}_id" class="auto-suggest-id"
+        type="hidden" name="#{resource}[#{source}_id]" value="#{default_id}">
     }.html_safe
   end
-
-end
+end

app/helpers/crops_helper.rb

@@ -0,0 +1,25 @@
+module CropsHelper
+  def display_seed_availability(member, crop)
+    total_quantity = 0
+
+    seeds = member.seeds.select { |seed| seed.crop.name == crop.name }
+
+    seeds.each do |seed|
+      total_quantity += seed.quantity if seed.quantity
+    end
+
+    if !seeds.any?
+      return "You don't have any seeds of this crop."
+    end
+
+    if total_quantity != 0
+      "You have #{total_quantity} #{Seed.model_name.human(count: total_quantity)} of this crop."
+    else
+      "You have an unknown quantity of seeds of this crop."
+    end
+  end
+
+  def crop_ebay_seeds_url(crop)
+    "http://rover.ebay.com/rover/1/705-53470-19255-0/1?icep_ff3=9&pub=5575213277&toolid=10001&campid=5337940151&customid=&icep_uq=#{URI.escape crop.name}&icep_sellerId=&icep_ex_kw=&icep_sortBy=12&icep_catId=181003&icep_minPrice=&icep_maxPrice=&ipn=psmain&icep_vectorid=229515&kwid=902099&mtid=824&kw=lg" # rubocop:disable Metrics/LineLength
+  end
+end

app/helpers/gardens_helper.rb

@@ -0,0 +1,35 @@
+module GardensHelper
+  def display_garden_description(garden)
+    if garden.description.nil?
+      "no description provided."
+    else
+      truncate(garden.description, length: 130, separator: ' ', omission: '... ') do
+        link_to "Read more", garden_path(garden)
+      end
+    end
+  end
+
+  def gardens_active_tickbox_path(owner, show_all)
+    show_inactive_tickbox_path('gardens', owner, show_all)
+  end
+
+  def display_garden_name(garden)
+    truncate(garden.name, length: 50, separator: ' ', omission: '... ')
+  end
+
+  def display_garden_plantings(plantings)
+    if plantings.blank?
+      "None"
+    else
+      output = '<ul class="plantings">'
+      plantings.each do |planting|
+        output += "<li>"
+        output += planting.quantity.nil? ? "0 " : "#{planting.quantity} "
+        output += link_to planting.crop.name, planting.crop
+        output += ", planted on #{planting.planted_at}</li>"
+      end
+      output += '</ul>'
+      output.html_safe
+    end
+  end
+end

app/helpers/harvests_helper.rb

@@ -1,40 +1,34 @@
 module HarvestsHelper
-
   def display_quantity(harvest)
     human_quantity = display_human_quantity(harvest)
     weight = display_weight(harvest)
 
-    if human_quantity && weight
-      return "#{human_quantity}, weighing #{weight}"
-    elsif human_quantity
-      return human_quantity
-    elsif weight
-      return weight
-    else
-      return 'not specified'
-    end
+    return "#{human_quantity}, weighing #{weight}" if human_quantity && weight
+    return human_quantity if human_quantity
+    return weight if weight
+
+    'not specified'
   end
 
   def display_human_quantity(harvest)
-    if ! harvest.quantity.blank? && harvest.quantity > 0
-      if harvest.unit == 'individual' # just the number
-        number_to_human(harvest.quantity, :strip_insignificant_zeros => true)
-      elsif ! harvest.unit.blank? # pluralize anything else
-        return pluralize(number_to_human(harvest.quantity, :strip_insignificant_zeros => true), harvest.unit)
-      else
-        return "#{number_to_human(harvest.quantity, :strip_insignificant_zeros => true)} #{harvest.unit}"
-      end
+    return unless harvest.quantity.present? && harvest.quantity > 0
+
+    if harvest.unit == 'individual' # just the number
+      number_to_human(harvest.quantity, strip_insignificant_zeros: true)
+    elsif !harvest.unit.blank? # pluralize anything else
+      pluralize(number_to_human(harvest.quantity, strip_insignificant_zeros: true), harvest.unit)
     else
-      return nil
+      "#{number_to_human(harvest.quantity, strip_insignificant_zeros: true)} #{harvest.unit}"
     end
   end
 
   def display_weight(harvest)
-    if ! harvest.weight_quantity.blank? && harvest.weight_quantity > 0
-      return "#{number_to_human(harvest.weight_quantity, :strip_insignificant_zeros => true)} #{harvest.weight_unit}"
-    else
-      return nil
-    end
+    return if harvest.weight_quantity.blank? || harvest.weight_quantity <= 0
+    "#{number_to_human(harvest.weight_quantity, strip_insignificant_zeros: true)} #{harvest.weight_unit}"
   end
 
+  def display_harvest_description(harvest)
+    return "No description provided." if harvest.description.nil?
+    harvest.description
+  end
 end

app/helpers/notifications_helper.rb

@@ -2,15 +2,10 @@ module NotificationsHelper
   def reply_link(notification)
     if notification.post
       # comment on the post in question
-      new_comment_url(:post_id => notification.post.id)
+      new_comment_url(post_id: notification.post.id)
     else
       # by default, reply link sends a PM in return
-      new_notification_url(
-        :recipient_id => notification.sender.id,
-        :subject => notification.subject =~ /^Re: / ?
-          notification.subject :
-          "Re: " + notification.subject
-      )
+      reply_notification_url(notification)
     end
   end
 end

app/helpers/plantings_helper.rb

@@ -0,0 +1,47 @@
+module PlantingsHelper
+  def display_days_before_maturity(planting)
+    # First try to calc from finished/finished_at
+    if planting.finished? || planting.finished_at.present?
+      planting.days_until_finished.to_s
+    # then try to calc from planted at + maturity
+    elsif planting.planted_at.present? && planting.days_before_maturity.present?
+      planting.days_until_mature.to_s
+    else
+      "unknown"
+    end
+  end
+
+  def display_finished(planting)
+    if !planting.finished_at.nil?
+      planting.finished_at
+    elsif planting.finished
+      "Yes (no date specified)"
+    else
+      "(no date specified)"
+    end
+  end
+
+  def display_planted_from(planting)
+    !planting.planted_from.blank? ? planting.planted_from : "not specified"
+  end
+
+  def display_planting_quantity(planting)
+    !planting.quantity.blank? ? planting.quantity : "not specified"
+  end
+
+  def display_planting(planting)
+    if planting.quantity.to_i > 0 && planting.planted_from.present?
+      "#{planting.owner} planted #{pluralize(planting.quantity, planting.planted_from)}."
+    elsif planting.quantity.to_i > 0
+      "#{planting.owner} planted #{pluralize(planting.quantity, 'unit')}."
+    elsif planting.planted_from.present?
+      "#{planting.owner} planted #{planting.planted_from.pluralize}."
+    else
+      "#{planting.owner}."
+    end
+  end
+
+  def plantings_active_tickbox_path(owner, show_all)
+    show_inactive_tickbox_path('plantings', owner, show_all)
+  end
+end

app/helpers/seeds_helper.rb

@@ -0,0 +1,9 @@
+module SeedsHelper
+  def display_seed_description(seed)
+    if seed.description.nil?
+      "no description provided."
+    else
+      truncate(seed.description, length: 130, separator: ' ', omission: '... ') { link_to "Read more", seed_path(seed) }
+    end
+  end
+end