Merge pull request #643 from Growstuff/dev

Production push: release 7

.rspec

@@ -1 +1,2 @@
 --color
+--require spec_helper

CONTRIBUTORS.md

@@ -11,10 +11,11 @@ submit the change with your pull request.
 - Alex Bayley / [Skud](https://github.com/Skud)
 - Cesy / [cesy](https://github.com/cesy)
 - Miles Gould / [pozorvlak](https://github.com/pozorvlak)
-- Joseph Caudle / [jcaudle](https://github.com/jcaudle)
+- Taylor Griffin / [tygriffin](https://github.com/tygriffin)
 
 ## Contributors
 
+- Joseph Caudle / [jcaudle](https://github.com/jcaudle)
 - Ricky Amianym / [amianym](https://github.com/amianym)
 - Juliet Kemp / [julietk](https://github.com/julietk)
 - Federico Mena Quintero / [federicomenaquintero](https://github.com/federicomenaquintero)
@@ -40,7 +41,6 @@ submit the change with your pull request.
 - Marty Hines / [martyhines](https://github.com/martyhines)
 - Amelia Greenhall / [ameliagreenhall](https://github.com/ameliagreenhall)
 - Barb Natali / [barbnatali](https://github.com/barbnatali)
-- Taylor Griffin / [tygriffin](https://github.com/tygriffin)
 - Marlena Compton / [Marlena](https://github.com/marlena)
 - Elizabeth A. Kari / [catfriend](https://github.com/catfriend)
 - Cheri Allen / [cherimarie](https://github.com/cherimarie)
@@ -51,4 +51,5 @@ submit the change with your pull request.
 - Yoong Kang Lim / [yoongkang](https://github.com/yoongkang)
 - Kevin Yang / [kevieyang](https://github.com/kevieyang)
 - Justin Hamman / [juzham](https://github.com/juzham)
+- Rocky Jaiswal / [rocky-jaiswal](https://github.com/rocky-jaiswal)
 

Gemfile

@@ -1,92 +1,52 @@
 source 'https://rubygems.org'
 
-ruby "2.1.5"
+ruby '2.1.5'
+
+gem 'rails', '4.1.9'
 
 gem 'bundler', '>=1.1.5'
 
-gem 'rails', '3.2.13'
-gem 'rack', '~>1.4.5'
-gem 'json', '~>1.7.7'
+gem 'sass-rails',   '~> 4.0.4'
+gem 'coffee-rails', '~> 4.1.0'
 gem 'haml'
+
+# Another CSS preprocessor, used for Bootstrap overrides
+gem 'less', '~>2.5.0'
+gem 'less-rails', '~> 2.5.0'
+# CSS framework
+gem 'less-rails-bootstrap', '~> 3.2.0'
+
+gem 'uglifier', '~> 2.5.3'         # JavaScript compressor
+
+gem 'jquery-rails'
+gem 'jquery-ui-rails', '~> 5.0.2'
+gem 'js-routes'  # provides access to Rails routes in Javascript
+gem 'flickraw'
+
 gem 'leaflet-rails'
 gem 'leaflet-markercluster-rails'
-gem 'unicorn' # http server
-
+gem 'unicorn'                      # http server
 gem 'pg'
-
-gem 'figaro' # for handling config via ENV variables
-
-gem 'cancan' # for checking member privileges
-
-gem 'gibbon' # for Mailchimp newsletter subscriptions
-
-gem 'csv_shaper' # CSV export
+gem 'figaro'                       # for handling config via ENV variables
+gem 'cancancan', '~> 1.9'          # for checking member privileges
+gem 'gibbon'                       # for Mailchimp newsletter subscriptions
+gem 'csv_shaper'                   # CSV export
 
 # vendored activemerchant for testing- needed for bogus paypal
 # gateway monkeypatch
 gem 'activemerchant', '1.33.0',
-  :path => 'vendor/gems/activemerchant-1.33.0',
+  :path    => 'vendor/gems/activemerchant-1.33.0',
   :require => 'active_merchant'
 gem 'active_utils', '1.0.5',
-  :path => 'vendor/gems/active_utils-1.0.5'
+  :path    => 'vendor/gems/active_utils-1.0.5'
 
-group :production, :staging do
-  gem 'newrelic_rpm'
-  gem 'dalli'
-  gem 'memcachier'
-  gem 'rails_12factor' # supresses heroku plugin injection
-end
-
-# Gems used only for assets and not required
-# in production environments by default.
-group :assets do
-  # CSS preprocessor, used for app/assets/stylesheets/application.css
-  gem 'sass-rails',   '~> 3.2.3'
-  # CoffeeScript is a Python-like language that compiles to JavaScript
-  gem 'coffee-rails', '~> 3.2.1'
-
-  # less-rails depends on a JavaScript engine; we use therubyracer.
-  # See https://github.com/sstephenson/execjs#readme for more supported runtimes
-  # long term, we'll probably want node.js for performance, but this will do
-  # for now as it's easier for new people to install
-  gem "therubyracer", "~> 0.12", :platforms => :ruby
-  # libv8 is needed by therubyracer and is a bit finicky
-  gem 'libv8', '3.16.14.7'
-
-  # Another CSS preprocessor, used for Bootstrap overrides
-  gem "less", '~>2.5.0'
-  gem "less-rails", '~> 2.5.0'
-  # CSS framework
-  gem "less-rails-bootstrap", '~> 3.2.0'
-
-  gem 'uglifier', '>= 1.0.3' # JavaScript compressor
-
-  gem 'compass-rails', '~> 1.0.3' # Yet Another CSS framework
-end
-
-gem 'jquery-rails'
-gem 'jquery-ui-rails'
-gem 'js-routes'  # provides access to Rails routes in Javascript
-gem 'flickraw'
-
-# To use ActiveModel has_secure_password
-# gem 'bcrypt-ruby', '~> 3.0.0'
-
-# To use Jbuilder templates for JSON
-# gem 'jbuilder'
-
-# Use unicorn as the app server
-# gem 'unicorn'
-
-group :development do
-  # A debugger and irb alternative. Pry doesn't play nice
-  # with unicorn, so start a Webrick server when debugging
-  # with Pry
-  gem 'pry'
-  gem 'better_errors'
-  gem 'binding_of_caller'
-  gem 'letter_opener'
-end
+# less-rails depends on a JavaScript engine; we use therubyracer.
+# See https://github.com/sstephenson/execjs#readme for more supported runtimes
+# long term, we'll probably want node.js for performance, but this will do
+# for now as it's easier for new people to install
+gem 'therubyracer', '~> 0.12', :platforms => :ruby
+# libv8 is needed by therubyracer and is a bit finicky
+gem 'libv8', '3.16.14.7'
 
 # Markdown formatting for updates etc
 gem 'bluecloth'
@@ -95,10 +55,10 @@ gem 'bluecloth'
 gem 'will_paginate', '~> 3.0'
 
 # user signup/login/etc
-gem 'devise', '~> 3.2.0'
+gem 'devise', '~> 3.4.1'
 
 # nicely formatted URLs
-gem 'friendly_id', '~> 4.0.10'
+gem 'friendly_id', '~> 5.0.4'
 
 # gravatars
 gem 'gravatar-ultimate'
@@ -118,16 +78,34 @@ gem 'omniauth-flickr', '>= 0.0.15'
 
 gem 'rake', '>= 10.0.0'
 
-group :development, :test do
-  gem 'byebug'                       # debugging
-  gem 'haml-rails'                   # HTML templating language
-  gem 'rspec-rails', '~> 2.12.1'     # unit testing framework
-  gem 'database_cleaner', '~> 1.3.0'
-  gem 'webrat'                       # provides HTML matchers for view tests
-  gem 'factory_girl_rails', '~> 4.0' # for creating test data
-  gem 'coveralls', require: false    # coverage analysis
-  gem 'capybara'                     # integration tests
-  gem 'capybara-email'               # integration tests for email
-  gem 'poltergeist', '~> 1.5.1'      # for headless JS testing
-  gem 'i18n-tasks'                   # adds tests for finding missing and unused translations
+group :production, :staging do
+  gem 'newrelic_rpm'
+  gem 'dalli'
+  gem 'memcachier'
+  gem 'rails_12factor' # supresses heroku plugin injection
+end
+
+group :development do
+  # A debugger and irb alternative. Pry doesn't play nice
+  # with unicorn, so start a Webrick server when debugging
+  # with Pry
+  gem 'pry'
+  gem 'better_errors'
+  gem 'binding_of_caller'
+  gem 'letter_opener'
+end
+
+group :development, :test do
+  gem 'haml-rails'                      # HTML templating language
+  gem 'rspec-rails', '~> 3.1.0'         # unit testing framework
+  gem 'rspec-activemodel-mocks'
+  gem 'byebug'                          # debugging
+  gem 'database_cleaner', '~> 1.3.0'
+  gem 'webrat'                          # provides HTML matchers for view tests
+  gem 'factory_girl_rails', '~> 4.5.0'  # for creating test data
+  gem 'coveralls', require: false       # coverage analysis
+  gem 'capybara'                        # integration tests
+  gem 'capybara-email'                  # integration tests for email
+  gem 'poltergeist', '~> 1.5.1'         # for headless JS testing
+  gem 'i18n-tasks'                      # adds tests for finding missing and unused translations
 end

Gemfile.lock

@@ -20,35 +20,34 @@ PATH
 GEM
   remote: https://rubygems.org/
   specs:
-    actionmailer (3.2.13)
-      actionpack (= 3.2.13)
-      mail (~> 2.5.3)
-    actionpack (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-      builder (~> 3.0.0)
+    actionmailer (4.1.9)
+      actionpack (= 4.1.9)
+      actionview (= 4.1.9)
+      mail (~> 2.5, >= 2.5.4)
+    actionpack (4.1.9)
+      actionview (= 4.1.9)
+      activesupport (= 4.1.9)
+      rack (~> 1.5.2)
+      rack-test (~> 0.6.2)
+    actionview (4.1.9)
+      activesupport (= 4.1.9)
+      builder (~> 3.1)
       erubis (~> 2.7.0)
-      journey (~> 1.0.4)
-      rack (~> 1.4.5)
-      rack-cache (~> 1.2)
-      rack-test (~> 0.6.1)
-      sprockets (~> 2.2.1)
-    activemodel (3.2.13)
-      activesupport (= 3.2.13)
-      builder (~> 3.0.0)
-    activerecord (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-      arel (~> 3.0.2)
-      tzinfo (~> 0.3.29)
-    activeresource (3.2.13)
-      activemodel (= 3.2.13)
-      activesupport (= 3.2.13)
-    activesupport (3.2.13)
-      i18n (= 0.6.1)
-      multi_json (~> 1.0)
+    activemodel (4.1.9)
+      activesupport (= 4.1.9)
+      builder (~> 3.1)
+    activerecord (4.1.9)
+      activemodel (= 4.1.9)
+      activesupport (= 4.1.9)
+      arel (~> 5.0.0)
+    activesupport (4.1.9)
+      i18n (~> 0.6, >= 0.6.9)
+      json (~> 1.7, >= 1.7.7)
+      minitest (~> 5.1)
+      thread_safe (~> 0.1)
+      tzinfo (~> 1.1)
     addressable (2.3.6)
-    arel (3.0.3)
+    arel (5.0.1.20140414130214)
     bcrypt (3.1.9)
     better_errors (2.0.0)
       coderay (>= 1.0.0)
@@ -59,12 +58,12 @@ GEM
     bluecloth (2.2.0)
     bootstrap-datepicker-rails (1.3.0.2)
       railties (>= 3.0)
-    builder (3.0.4)
+    builder (3.2.2)
     byebug (3.5.1)
       columnize (~> 0.8)
       debugger-linecache (~> 1.2)
       slop (~> 3.6)
-    cancan (1.6.10)
+    cancancan (1.9.2)
     capybara (2.4.4)
       mime-types (>= 1.16)
       nokogiri (>= 1.3.3)
@@ -74,24 +73,17 @@ GEM
     capybara-email (2.4.0)
       capybara (~> 2.4)
       mail
-    chunky_png (1.3.3)
     cliver (0.3.2)
     coderay (1.1.0)
-    coffee-rails (3.2.2)
+    coffee-rails (4.1.0)
       coffee-script (>= 2.2.0)
-      railties (~> 3.2.0)
+      railties (>= 4.0.0, < 5.0)
     coffee-script (2.3.0)
       coffee-script-source
       execjs
     coffee-script-source (1.8.0)
-    columnize (0.8.9)
+    columnize (0.9.0)
     commonjs (0.2.7)
-    compass (0.12.7)
-      chunky_png (~> 1.2)
-      fssm (>= 0.2.7)
-      sass (~> 3.2.19)
-    compass-rails (1.0.3)
-      compass (>= 0.12.2, < 0.14)
     coveralls (0.7.1)
       multi_json (~> 1.3)
       rest-client
@@ -104,13 +96,14 @@ GEM
     database_cleaner (1.3.0)
     debug_inspector (0.0.2)
     debugger-linecache (1.2.0)
-    devise (3.2.4)
+    devise (3.4.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 3.2.6, < 5)
+      responders
       thread_safe (~> 0.1)
       warden (~> 1.2.3)
-    diff-lcs (1.1.3)
+    diff-lcs (1.2.5)
     docile (1.1.5)
     easy_translate (0.5.0)
       json
@@ -126,29 +119,35 @@ GEM
     figaro (1.0.0)
       thor (~> 0.14)
     flickraw (0.9.8)
-    friendly_id (4.0.10.1)
-      activerecord (>= 3.0, < 4.0)
-    fssm (0.2.10)
+    friendly_id (5.0.4)
+      activerecord (>= 4.0.0)
     gibbon (1.1.4)
       httparty
       multi_json (>= 1.3.4)
     gravatar-ultimate (2.0.0)
       activesupport (>= 2.3.14)
       rack
-    haml (4.0.5)
+    haml (4.1.0.beta.1)
       tilt
-    haml-rails (0.4)
-      actionpack (>= 3.1, < 4.1)
-      activesupport (>= 3.1, < 4.1)
-      haml (>= 3.1, < 4.1)
-      railties (>= 3.1, < 4.1)
+    haml-rails (0.6.0)
+      actionpack (>= 4.0.1)
+      activesupport (>= 4.0.1)
+      haml (>= 3.1, < 5.0)
+      html2haml (>= 1.0.1)
+      railties (>= 4.0.1)
     hashie (3.3.2)
     highline (1.6.21)
     hike (1.2.3)
-    httparty (0.11.0)
-      multi_json (~> 1.0)
+    hpricot (0.8.6)
+    html2haml (1.0.1)
+      erubis (~> 2.7.0)
+      haml (>= 4.0.0.rc.1)
+      hpricot (~> 0.8.6)
+      ruby_parser (~> 3.1.1)
+    httparty (0.13.3)
+      json (~> 1.8)
       multi_xml (>= 0.5.2)
-    i18n (0.6.1)
+    i18n (0.7.0)
     i18n-tasks (0.7.8)
       activesupport
       easy_translate (>= 0.5.0)
@@ -158,16 +157,15 @@ GEM
       slop (>= 3.5.0)
       term-ansicolor
       terminal-table
-    journey (1.0.4)
     jquery-rails (3.1.2)
       railties (>= 3.0, < 5.0)
       thor (>= 0.14, < 2.0)
-    jquery-ui-rails (4.1.2)
-      railties (>= 3.1.0)
+    jquery-ui-rails (5.0.3)
+      railties (>= 3.2.16)
     js-routes (0.9.9)
       railties (>= 3.2)
       sprockets-rails
-    json (1.7.7)
+    json (1.8.2)
     kgio (2.9.2)
     launchy (2.4.3)
       addressable (~> 2.3)
@@ -181,20 +179,20 @@ GEM
       less (~> 2.5.0)
     less-rails-bootstrap (3.2.0)
       less-rails (~> 2.5.0)
-    letter_opener (1.2.0)
+    letter_opener (1.3.0)
       launchy (~> 2.2)
     libv8 (3.16.14.7)
-    mail (2.5.4)
-      mime-types (~> 1.16)
-      treetop (~> 1.4.8)
+    mail (2.6.3)
+      mime-types (>= 1.16, < 3)
     memcachier (0.0.2)
     method_source (0.8.2)
-    mime-types (1.25.1)
+    mime-types (2.4.3)
     mini_portile (0.6.1)
+    minitest (5.5.1)
     multi_json (1.10.1)
     multi_xml (0.5.5)
-    netrc (0.8.0)
-    newrelic_rpm (3.9.7.266)
+    netrc (0.10.0)
+    newrelic_rpm (3.9.8.273)
     nokogiri (1.6.5)
       mini_portile (~> 0.6.0)
     oauth (0.4.7)
@@ -216,75 +214,85 @@ GEM
       cliver (~> 0.3.1)
       multi_json (~> 1.0)
       websocket-driver (>= 0.2.0)
-    polyglot (0.3.5)
     pry (0.10.1)
       coderay (~> 1.1.0)
       method_source (~> 0.8.1)
       slop (~> 3.4)
-    rack (1.4.5)
-    rack-cache (1.2)
-      rack (>= 0.4)
-    rack-ssl (1.3.4)
-      rack
-    rack-test (0.6.2)
+    rack (1.5.2)
+    rack-test (0.6.3)
       rack (>= 1.0)
-    rails (3.2.13)
-      actionmailer (= 3.2.13)
-      actionpack (= 3.2.13)
-      activerecord (= 3.2.13)
-      activeresource (= 3.2.13)
-      activesupport (= 3.2.13)
-      bundler (~> 1.0)
-      railties (= 3.2.13)
+    rails (4.1.9)
+      actionmailer (= 4.1.9)
+      actionpack (= 4.1.9)
+      actionview (= 4.1.9)
+      activemodel (= 4.1.9)
+      activerecord (= 4.1.9)
+      activesupport (= 4.1.9)
+      bundler (>= 1.3.0, < 2.0)
+      railties (= 4.1.9)
+      sprockets-rails (~> 2.0)
     rails_12factor (0.0.3)
       rails_serve_static_assets
       rails_stdout_logging
     rails_serve_static_assets (0.0.2)
     rails_stdout_logging (0.0.3)
-    railties (3.2.13)
-      actionpack (= 3.2.13)
-      activesupport (= 3.2.13)
-      rack-ssl (~> 1.3.2)
+    railties (4.1.9)
+      actionpack (= 4.1.9)
+      activesupport (= 4.1.9)
       rake (>= 0.8.7)
-      rdoc (~> 3.4)
-      thor (>= 0.14.6, < 2.0)
+      thor (>= 0.18.1, < 2.0)
     raindrops (0.13.0)
-    rake (10.4.0)
-    rdoc (3.12.2)
-      json (~> 1.4)
+    rake (10.4.2)
     ref (1.0.5)
+    responders (1.1.2)
+      railties (>= 3.2, < 4.2)
     rest-client (1.7.2)
       mime-types (>= 1.16, < 3.0)
       netrc (~> 0.7)
-    rspec-core (2.12.2)
-    rspec-expectations (2.12.1)
-      diff-lcs (~> 1.1.3)
-    rspec-mocks (2.12.2)
-    rspec-rails (2.12.2)
+    rspec-activemodel-mocks (1.0.1)
+      activemodel (>= 3.0)
+      activesupport (>= 3.0)
+      rspec-mocks (>= 2.99, < 4.0)
+    rspec-core (3.1.7)
+      rspec-support (~> 3.1.0)
+    rspec-expectations (3.1.2)
+      diff-lcs (>= 1.2.0, < 2.0)
+      rspec-support (~> 3.1.0)
+    rspec-mocks (3.1.3)
+      rspec-support (~> 3.1.0)
+    rspec-rails (3.1.0)
       actionpack (>= 3.0)
       activesupport (>= 3.0)
       railties (>= 3.0)
-      rspec-core (~> 2.12.0)
-      rspec-expectations (~> 2.12.0)
-      rspec-mocks (~> 2.12.0)
+      rspec-core (~> 3.1.0)
+      rspec-expectations (~> 3.1.0)
+      rspec-mocks (~> 3.1.0)
+      rspec-support (~> 3.1.0)
+    rspec-support (3.1.2)
+    ruby_parser (3.1.3)
+      sexp_processor (~> 4.1)
     sass (3.2.19)
-    sass-rails (3.2.6)
-      railties (~> 3.2.0)
-      sass (>= 3.1.10)
-      tilt (~> 1.3)
+    sass-rails (4.0.5)
+      railties (>= 4.0.0, < 5.0)
+      sass (~> 3.2.2)
+      sprockets (~> 2.8, < 3.0)
+      sprockets-rails (~> 2.0)
+    sexp_processor (4.4.4)
     simplecov (0.9.1)
       docile (~> 1.1.0)
       multi_json (~> 1.0)
       simplecov-html (~> 0.8.0)
     simplecov-html (0.8.0)
     slop (3.6.0)
-    sprockets (2.2.3)
+    sprockets (2.12.3)
       hike (~> 1.2)
       multi_json (~> 1.0)
       rack (~> 1.0)
       tilt (~> 1.1, != 1.3.0)
-    sprockets-rails (0.0.1)
-      sprockets (>= 1.0.2)
+    sprockets-rails (2.2.2)
+      actionpack (>= 3.0)
+      activesupport (>= 3.0)
+      sprockets (>= 2.8, < 4.0)
     term-ansicolor (1.3.0)
       tins (~> 1.0)
     terminal-table (1.4.5)
@@ -296,13 +304,11 @@ GEM
     thread_safe (0.3.4)
     tilt (1.4.1)
     tins (1.3.3)
-    treetop (1.4.15)
-      polyglot
-      polyglot (>= 0.3.1)
-    tzinfo (0.3.42)
-    uglifier (2.2.1)
+    tzinfo (1.2.2)
+      thread_safe (~> 0.1)
+    uglifier (2.5.3)
       execjs (>= 0.3.0)
-      multi_json (~> 1.0, >= 1.0.2)
+      json (>= 1.8.0)
     unicorn (4.8.3)
       kgio (~> 2.6)
       rack
@@ -313,7 +319,9 @@ GEM
       nokogiri (>= 1.2.0)
       rack (>= 1.0)
       rack-test (>= 0.5.3)
-    websocket-driver (0.4.0)
+    websocket-driver (0.5.0)
+      websocket-extensions (>= 0.1.0)
+    websocket-extensions (0.1.0)
     will_paginate (3.0.7)
     xpath (2.0.0)
       nokogiri (~> 1.3)
@@ -330,20 +338,19 @@ DEPENDENCIES
   bootstrap-datepicker-rails
   bundler (>= 1.1.5)
   byebug
-  cancan
+  cancancan (~> 1.9)
   capybara
   capybara-email
-  coffee-rails (~> 3.2.1)
-  compass-rails (~> 1.0.3)
+  coffee-rails (~> 4.1.0)
   coveralls
   csv_shaper
   dalli
   database_cleaner (~> 1.3.0)
-  devise (~> 3.2.0)
-  factory_girl_rails (~> 4.0)
+  devise (~> 3.4.1)
+  factory_girl_rails (~> 4.5.0)
   figaro
   flickraw
-  friendly_id (~> 4.0.10)
+  friendly_id (~> 5.0.4)
   geocoder!
   gibbon
   gravatar-ultimate
@@ -351,9 +358,8 @@ DEPENDENCIES
   haml-rails
   i18n-tasks
   jquery-rails
-  jquery-ui-rails
+  jquery-ui-rails (~> 5.0.2)
   js-routes
-  json (~> 1.7.7)
   leaflet-markercluster-rails
   leaflet-rails
   less (~> 2.5.0)
@@ -369,14 +375,14 @@ DEPENDENCIES
   pg
   poltergeist (~> 1.5.1)
   pry
-  rack (~> 1.4.5)
-  rails (= 3.2.13)
+  rails (= 4.1.9)
   rails_12factor
   rake (>= 10.0.0)
-  rspec-rails (~> 2.12.1)
-  sass-rails (~> 3.2.3)
+  rspec-activemodel-mocks
+  rspec-rails (~> 3.1.0)
+  sass-rails (~> 4.0.4)
   therubyracer (~> 0.12)
-  uglifier (>= 1.0.3)
+  uglifier (~> 2.5.3)
   unicorn
   webrat
   will_paginate (~> 3.0)

app/assets/javascripts/application.js

@@ -15,7 +15,7 @@
 //= require js-routes
 //= require jquery
 //= require jquery_ujs
-//= require jquery.ui.autocomplete
+//= require jquery-ui/autocomplete
 //= require twitter/bootstrap
 //= require_tree .
 //= require bootstrap-datepicker

app/assets/stylesheets/application.css

@@ -3,7 +3,7 @@
  * and any sub-directories. You're free to add application-wide styles to this file and they'll appear at
  * the top of the compiled file, but it's generally better to create a new file per style scope.
  *= require_self
- *= require jquery.ui.autocomplete
+ *= require jquery-ui/autocomplete
  *= require bootstrap-datepicker
  *= require leaflet
  *= require leaflet.markercluster

app/assets/stylesheets/overrides.css.less

@@ -1,3 +1,5 @@
+
+
 @import "twitter/bootstrap/bootstrap";
 @import "custom_bootstrap/variables";
 // this padding needs to be done before the responsive stuff is imported
@@ -122,7 +124,7 @@ p.stats {
   color: @brown;
 }
 
-.crop-thumbnail {
+.photo-thumbnail {
   position:relative;
   padding:0;
   img {
@@ -149,33 +151,40 @@ p.stats {
   }
 }
 
-.member-thumbnail {
-  img {
-    height: 85px;
-    width: 85px;
-    max-width: 85px
-  }
-}
 
 .thumbnail {
+  border: none;
+  text-align: center;
   margin-bottom: 1.5em;
-  
-  .scientific-name small, .crop-name a {
-    display: inline-block;
-    max-width: 100%;
-    white-space: nowrap;
-    overflow: hidden;
-    text-overflow: ellipsis;
-    line-height: 1em;
-    padding-bottom: 2px;
+
+  .member-thumbnail {
+    text-align: left;
+    img {
+      height: 85px;
+      width: 85px;
+      max-width: 85px
+    }
   }
 
-  .crop-name a {
-    padding-top: 2px;
-  }
+  .crop-thumbnail {
+    height: 220px;
+    .scientific-name small, .crop-name a {
+      display: inline-block;
+      max-width: 100%;
+      white-space: nowrap;
+      overflow: hidden;
+      text-overflow: ellipsis;
+      line-height: 1em;
+      padding-bottom: 2px;
+    }
 
-  .scientific-name small {
-    margin-bottom: -2px;
+    .crop-name a {
+      padding-top: 2px;
+    }
+
+    .scientific-name small {
+      margin-bottom: -2px;
+    }
   }
 }
 
@@ -192,30 +201,34 @@ li.crop-hierarchy {
   margin: 40px 0px 0px 0px !important;
 }
 
-// navbar centering
-footer .navbar .nav {
-  float: none;
-  display: inline-block;
-  *display: inline;
-  /* ie7 fix */
-  *zoom: 1;
-  /* hasLayout ie7 trigger */
-  vertical-align: top;
-  > li {
-    float: none;
-    display: inline-block;
-    *display: inline;
-    /* ie7 fix */
-    *zoom: 1;
-    /* hasLayout ie7 trigger */
-    vertical-align: top;
+footer {
+  #contact, #about-growstuff, #policies {
+    text-align: left;
+    padding-top: 1em;
+    padding-bottom: 2em;
+    ul {
+      list-style-type: none;
+      list-style-position: outside;
+      padding-left: 0px;
+      margin-left: 0px;
+    }
+    a {
+      color: @navbar-default-link-color;
+      text-decoration: none;
+    }
+    a:hover {
+      color: @navbar-default-link-hover-color;
+    }
+    a:active {
+      color: @navbar-default-link-active-color;
+    }
+  }
+
+  .navbar-bottom.navbar {
+    border-radius: 0;
   }
 }
 
-.navbar-bottom.navbar {
-  text-align: center;
-  border-radius: 0;
-}
 
 .crop-image, .member-image {
   width: 100%;

app/controllers/account_types_controller.rb

@@ -36,7 +36,7 @@ class AccountTypesController < ApplicationController
 
   # POST /account_types
   def create
-    @account_type = AccountType.new(params[:account_type])
+    @account_type = AccountType.new(account_type_params)
 
     respond_to do |format|
       if @account_type.save
@@ -52,7 +52,7 @@ class AccountTypesController < ApplicationController
     @account_type = AccountType.find(params[:id])
 
     respond_to do |format|
-      if @account_type.update_attributes(params[:account_type])
+      if @account_type.update(account_type_params)
         format.html { redirect_to @account_type, notice: 'Account type was successfully updated.' }
       else
         format.html { render action: "edit" }
@@ -69,4 +69,10 @@ class AccountTypesController < ApplicationController
       format.html { redirect_to account_types_url, notice: 'Account type was successfully deleted.' }
     end
   end
+
+  private 
+
+  def account_type_params
+    params.require(:account_type).permit(:is_paid, :is_permanent_paid, :name)
+  end
 end

app/controllers/accounts_controller.rb

@@ -30,7 +30,7 @@ class AccountsController < ApplicationController
     @account = Account.find(params[:id])
 
     respond_to do |format|
-      if @account.update_attributes(params[:account])
+      if @account.update(params[:account])
         format.html { redirect_to @account, notice: 'Account detail was successfully updated.' }
       else
         format.html { render action: "edit" }
@@ -38,4 +38,10 @@ class AccountsController < ApplicationController
     end
   end
 
+  private
+
+  def account_params
+    params.require(:account).permit(:account_type_id, :member_id, :paid_until)
+  end
+
 end

app/controllers/alternate_names_controller.rb

@@ -45,7 +45,7 @@ class AlternateNamesController < ApplicationController
   # POST /alternate_names.json
   def create
     params[:alternate_name][:creator_id] = current_member.id
-    @alternate_name = AlternateName.new(params[:alternate_name])
+    @alternate_name = AlternateName.new(alternate_name_params)
 
     respond_to do |format|
       if @alternate_name.save
@@ -64,7 +64,7 @@ class AlternateNamesController < ApplicationController
     @alternate_name = AlternateName.find(params[:id])
 
     respond_to do |format|
-      if @alternate_name.update_attributes(params[:alternate_name])
+      if @alternate_name.update(alternate_name_params)
         format.html { redirect_to @alternate_name.crop, notice: 'Alternate name was successfully updated.' }
         format.json { head :no_content }
       else
@@ -88,4 +88,10 @@ class AlternateNamesController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def alternate_name_params
+    params.require(:alternate_name).permit(:crop_id, :name, :creator_id)
+  end
 end

app/controllers/application_controller.rb

@@ -43,4 +43,36 @@ class ApplicationController < ActionController::Base
     I18n.available_locales.map(&:to_s).include?(parsed_locale) ? parsed_locale : nil
   end
 
+  before_action :configure_permitted_parameters, if: :devise_controller?
+
+  protected
+
+  def configure_permitted_parameters
+    devise_parameter_sanitizer.for(:sign_up) do |member| 
+      member.permit(:login_name, :email, :password, :password_confirmation,
+        :remember_me, :login,
+        # terms of service
+        :tos_agreement,
+        # profile stuff
+        :bio, :location, :latitude, :longitude,
+        # email settings
+        :show_email, :newsletter, :send_notification_email, :send_planting_reminder
+      )
+    end
+
+    devise_parameter_sanitizer.for(:account_update) do |member|
+      member.permit(:login_name, :email, :password, :password_confirmation,
+        :remember_me, :login,
+        # terms of service
+        :tos_agreement,
+        # profile stuff
+        :bio, :location, :latitude, :longitude,
+        # email settings
+        :show_email, :newsletter, :send_notification_email, :send_planting_reminder,
+        #update password
+        :current_password
+      )
+    end
+  end
+
 end

app/controllers/authentications_controller.rb

@@ -2,15 +2,6 @@ class AuthenticationsController < ApplicationController
   before_filter :authenticate_member!
   load_and_authorize_resource
 
-  # GET /authentications
-  def index
-    @authentications = current_member.authentications if member_signed_in?
-
-    respond_to do |format|
-      format.html # index.html.erb
-    end
-  end
-
   # POST /authentications
   def create
     auth = request.env['omniauth.auth']
@@ -27,12 +18,17 @@ class AuthenticationsController < ApplicationController
         name = auth['info']['name']
       end
 
-      @authentication = current_member.authentications.find_or_create_by_provider_and_uid(
-        :provider => auth['provider'],
-        :uid => auth['uid'],
+      @authentication = current_member.authentications
+      .create_with(
         :name => name,
         :token => auth['credentials']['token'],
-        :secret => auth['credentials']['secret'])
+        :secret => auth['credentials']['secret']
+      )
+      .find_or_create_by(
+        :provider => auth['provider'],
+        :uid => auth['uid'],
+        :name => name)
+
       flash[:notice] = "Authentication successful."
     else
       flash[:notice] = "Authentication failed."

app/controllers/comments_controller.rb

@@ -2,8 +2,6 @@ class CommentsController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
 
-  cache_sweeper :comment_sweeper
-
   # GET /comments
   # GET /comments.json
   def index
@@ -55,11 +53,11 @@ class CommentsController < ApplicationController
   # POST /comments.json
   def create
     params[:comment][:author_id] = current_member.id
-    @comment = Comment.new(params[:comment])
+    @comment = Comment.new(comment_params)
 
     respond_to do |format|
       if @comment.save
-        format.html { redirect_to @comment.post, notice: 'Comment was successfully created.' }
+        format.html { redirect_to @comment.post, notice: "Comment was successfully created." }
         format.json { render json: @comment, status: :created, location: @comment }
       else
         format.html { render action: "new" }
@@ -79,7 +77,7 @@ class CommentsController < ApplicationController
     params[:comment].delete("author_id")
 
     respond_to do |format|
-      if @comment.update_attributes(params[:comment])
+      if @comment.update(comment_params)
         format.html { redirect_to @comment.post, notice: 'Comment was successfully updated.' }
         format.json { head :no_content }
       else
@@ -101,4 +99,10 @@ class CommentsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private 
+
+  def comment_params
+    params.require(:comment).permit(:author_id, :body, :post_id)
+  end
 end

app/controllers/crops_controller.rb

@@ -3,8 +3,6 @@ class CropsController < ApplicationController
   load_and_authorize_resource
   skip_authorize_resource :only => [:hierarchy, :search]
 
-  cache_sweeper :crop_sweeper
-
   # GET /crops
   # GET /crops.json
   def index
@@ -56,7 +54,7 @@ class CropsController < ApplicationController
 
     @partial_matches = Crop.search(params[:search])
     # exclude exact match from partial match list
-    @partial_matches.reject!{ |r| @exact_match && r.eql?(@exact_match) }
+    @partial_matches = @partial_matches.reject{ |r| @exact_match && r.eql?(@exact_match) }
 
     @fuzzy = Crop.search(params[:term])
 
@@ -104,7 +102,7 @@ class CropsController < ApplicationController
   # POST /crops.json
   def create
     params[:crop][:creator_id] = current_member.id
-    @crop = Crop.new(params[:crop])
+    @crop = Crop.new(crop_params)
 
     respond_to do |format|
       if @crop.save
@@ -123,7 +121,7 @@ class CropsController < ApplicationController
     @crop = Crop.find(params[:id])
 
     respond_to do |format|
-      if @crop.update_attributes(params[:crop])
+      if @crop.update(crop_params)
         format.html { redirect_to @crop, notice: 'Crop was successfully updated.' }
         format.json { head :no_content }
       else
@@ -144,4 +142,10 @@ class CropsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def crop_params
+    params.require(:crop).permit(:en_wikipedia_url, :name, :parent_id, :creator_id, :scientific_names_attributes)
+  end
 end

app/controllers/follows_controller.rb

@@ -2,7 +2,8 @@ class FollowsController < ApplicationController
 
   # POST /follows
   def create
-    @follow = current_member.follows.build(:followed_id => params[:followed_id])
+    
+    @follow = current_member.follows.build(:followed_id => follow_params[:followed_id])
 
     if @follow.save
       flash[:notice] = "Followed #{ @follow.followed.login_name }"
@@ -15,11 +16,17 @@ class FollowsController < ApplicationController
 
   # DELETE /follows/1
   def destroy
-    @follow = current_member.follows.find(params[:id])
+    @follow = current_member.follows.find(follow_params[:id])
     unfollowed_name = @follow.followed.login_name
     @follow.destroy
 
     flash[:notice] = "Unfollowed #{ unfollowed_name }"
     redirect_to root_path
   end
+
+  private
+
+  def follow_params
+    params.permit(:id, :followed_id, :follower_id, :authenticity_token, :_method)
+  end
 end

app/controllers/forums_controller.rb

@@ -1,8 +1,6 @@
 class ForumsController < ApplicationController
   load_and_authorize_resource
 
-  cache_sweeper :forum_sweeper
-
   # GET /forums
   # GET /forums.json
   def index
@@ -44,7 +42,7 @@ class ForumsController < ApplicationController
   # POST /forums
   # POST /forums.json
   def create
-    @forum = Forum.new(params[:forum])
+    @forum = Forum.new(forum_params)
 
     respond_to do |format|
       if @forum.save
@@ -63,7 +61,7 @@ class ForumsController < ApplicationController
     @forum = Forum.find(params[:id])
 
     respond_to do |format|
-      if @forum.update_attributes(params[:forum])
+      if @forum.update(forum_params)
         format.html { redirect_to @forum, notice: 'Forum was successfully updated.' }
         format.json { head :no_content }
       else
@@ -84,4 +82,10 @@ class ForumsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def forum_params
+    params.require(:forum).permit(:description, :name, :owner_id, :slug)
+  end
 end

app/controllers/gardens_controller.rb

@@ -1,8 +1,7 @@
 class GardensController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
-  
-  cache_sweeper :garden_sweeper
+
 
   # GET /gardens
   # GET /gardens.json
@@ -50,12 +49,13 @@ class GardensController < ApplicationController
   # POST /gardens.json
   def create
     params[:garden][:owner_id] = current_member.id
-    @garden = Garden.new(params[:garden])
+    @garden = Garden.new(garden_params)
 
     respond_to do |format|
       if @garden.save
         format.html { redirect_to @garden, notice: 'Garden was successfully created.' }
         format.json { render json: @garden, status: :created, location: @garden }
+        expire_fragment("homepage_stats")
       else
         format.html { render action: "new" }
         format.json { render json: @garden.errors, status: :unprocessable_entity }
@@ -69,7 +69,7 @@ class GardensController < ApplicationController
     @garden = Garden.find(params[:id])
 
     respond_to do |format|
-      if @garden.update_attributes(params[:garden])
+      if @garden.update(garden_params)
         format.html { redirect_to @garden, notice: 'Garden was successfully updated.' }
         format.json { head :no_content }
       else
@@ -84,10 +84,18 @@ class GardensController < ApplicationController
   def destroy
     @garden = Garden.find(params[:id])
     @garden.destroy
+    expire_fragment("homepage_stats")
 
     respond_to do |format|
       format.html { redirect_to gardens_by_owner_path(:owner => @garden.owner), notice: 'Garden was successfully deleted.' }
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def garden_params
+    params.require(:garden).permit(:name, :slug, :owner_id, :description, :active,
+    :location, :latitude, :longitude, :area, :area_unit)
+  end
 end

app/controllers/harvests_controller.rb

@@ -62,7 +62,7 @@ class HarvestsController < ApplicationController
   def create
     params[:harvest][:owner_id] = current_member.id
     params[:harvested_at] = parse_date(params[:harvested_at])
-    @harvest = Harvest.new(params[:harvest])
+    @harvest = Harvest.new(harvest_params)
 
     respond_to do |format|
       if @harvest.save
@@ -81,7 +81,7 @@ class HarvestsController < ApplicationController
     @harvest = Harvest.find(params[:id])
 
     respond_to do |format|
-      if @harvest.update_attributes(params[:harvest])
+      if @harvest.update(harvest_params)
         format.html { redirect_to @harvest, notice: 'Harvest was successfully updated.' }
         format.json { head :no_content }
       else
@@ -102,4 +102,11 @@ class HarvestsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def harvest_params
+    params.require(:harvest).permit(:crop_id, :harvested_at, :description, :owner_id,
+    :quantity, :unit, :weight_quantity, :weight_unit, :plant_part_id, :slug)
+  end
 end

app/controllers/members_controller.rb

@@ -1,10 +1,10 @@
 class MembersController < ApplicationController
   load_and_authorize_resource
 
-  cache_sweeper :member_sweeper
-
   skip_authorize_resource :only => :nearby
 
+  after_action :expire_cache_fragments, :only => :create
+
   def index
     @members = Member.confirmed.paginate(:page => params[:page])
 
@@ -44,4 +44,10 @@ class MembersController < ApplicationController
     @followers = @member.followers.paginate(:page => params[:page])
   end
 
+  private
+
+  def expire_cache_fragments
+    expire_fragment("homepage_stats")
+  end
+
 end

app/controllers/notifications_controller.rb

@@ -5,7 +5,7 @@ class NotificationsController < ApplicationController
 
   # GET /notifications
   def index
-    @notifications = Notification.find_all_by_recipient_id(current_member)
+    @notifications = Notification.where(recipient_id: current_member)
 
     respond_to do |format|
       format.html # index.html.erb
@@ -49,7 +49,7 @@ class NotificationsController < ApplicationController
   # POST /notifications
   def create
     params[:notification][:sender_id] = current_member.id
-    @notification = Notification.new(params[:notification])
+    @notification = Notification.new(notification_params)
     @recipient = Member.find_by_id(params[:notification][:recipient_id])
 
     respond_to do |format|
@@ -60,4 +60,10 @@ class NotificationsController < ApplicationController
       end
     end
   end
+
+  private
+
+  def notification_params
+    params.require(:notification).permit(:sender_id, :recipient_id, :subject, :body, :post_id, :read)
+  end
 end

app/controllers/order_items_controller.rb

@@ -7,7 +7,7 @@ class OrderItemsController < ApplicationController
     if params[:order_item][:price]
       params[:order_item][:price] = params[:order_item][:price].to_f * 100 # convert to cents
     end
-    @order_item = OrderItem.new(params[:order_item])
+    @order_item = OrderItem.new(order_item_params)
     @order_item.order = current_member.current_order || Order.create(:member_id => current_member.id)
 
     respond_to do |format|
@@ -20,4 +20,10 @@ class OrderItemsController < ApplicationController
       end
     end
   end
+
+  private
+
+  def order_item_params
+    params.require(:order_item).permit(:order_id, :price, :product_id, :quantity)
+  end
 end

app/controllers/orders_controller.rb

@@ -4,7 +4,7 @@ class OrdersController < ApplicationController
 
   # GET /orders
   def index
-    @orders = Order.find_all_by_member_id(current_member.id)
+    @orders = Order.where(member_id: current_member.id)
 
     respond_to do |format|
       format.html # index.html.erb

app/controllers/photos_controller.rb

@@ -1,8 +1,6 @@
 class PhotosController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
-  
-  cache_sweeper :photo_sweeper
 
   # GET /photos
   # GET /photos.json
@@ -61,7 +59,7 @@ class PhotosController < ApplicationController
   # POST /photos.json
   def create
     @photo = Photo.find_by_flickr_photo_id(params[:photo][:flickr_photo_id]) ||
-      Photo.new(params[:photo])
+      Photo.new(photo_params)
     @photo.owner_id = current_member.id
     @photo.set_flickr_metadata
 
@@ -111,7 +109,7 @@ class PhotosController < ApplicationController
     @photo = Photo.find(params[:id])
 
     respond_to do |format|
-      if @photo.update_attributes(params[:photo])
+      if @photo.update(photo_params)
         format.html { redirect_to @photo, notice: 'Photo was successfully updated.' }
         format.json { head :no_content }
       else
@@ -132,4 +130,11 @@ class PhotosController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def photo_params
+    params.require(:photo).permit(:flickr_photo_id, :owner_id, :title, :license_name,
+    :license_url, :thumbnail_url, :fullsize_url, :link_url)
+  end
 end

app/controllers/plant_parts_controller.rb

@@ -42,7 +42,7 @@ class PlantPartsController < ApplicationController
   # POST /plant_parts
   # POST /plant_parts.json
   def create
-    @plant_part = PlantPart.new(params[:plant_part])
+    @plant_part = PlantPart.new(plant_part_params)
 
     respond_to do |format|
       if @plant_part.save
@@ -61,7 +61,7 @@ class PlantPartsController < ApplicationController
     @plant_part = PlantPart.find(params[:id])
 
     respond_to do |format|
-      if @plant_part.update_attributes(params[:plant_part])
+      if @plant_part.update(plant_part_params)
         format.html { redirect_to @plant_part, notice: 'Plant part was successfully updated.' }
         format.json { head :no_content }
       else
@@ -82,4 +82,10 @@ class PlantPartsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def plant_part_params
+    params.require(:plant_part).permit(:name, :slug)
+  end
 end

app/controllers/plantings_controller.rb

@@ -1,9 +1,6 @@
 class PlantingsController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
-  
-
-  cache_sweeper :planting_sweeper
 
   # GET /plantings
   # GET /plantings.json
@@ -33,7 +30,7 @@ class PlantingsController < ApplicationController
   # GET /plantings/1
   # GET /plantings/1.json
   def show
-    @planting = Planting.includes(:owner, :crop, :garden, :photos).find(params[:id])
+    @planting = Planting.includes(:owner, :crop, :garden, :photos).friendly.find(params[:id])
 
     respond_to do |format|
       format.html # show.html.erb
@@ -68,14 +65,15 @@ class PlantingsController < ApplicationController
   # POST /plantings
   # POST /plantings.json
   def create
-    params[:planting][:owner_id] = current_member.id
     params[:planted_at] = parse_date(params[:planted_at])
-    @planting = Planting.new(params[:planting])
+    @planting = Planting.new(planting_params)
+    @planting.owner = current_member
 
     respond_to do |format|
       if @planting.save
         format.html { redirect_to @planting, notice: 'Planting was successfully created.' }
         format.json { render json: @planting, status: :created, location: @planting }
+        expire_fragment("homepage_stats")
       else
         format.html { render action: "new" }
         format.json { render json: @planting.errors, status: :unprocessable_entity }
@@ -90,7 +88,7 @@ class PlantingsController < ApplicationController
     params[:planted_at] = parse_date(params[:planted_at])
 
     respond_to do |format|
-      if @planting.update_attributes(params[:planting])
+      if @planting.update(planting_params)
         format.html { redirect_to @planting, notice: 'Planting was successfully updated.' }
         format.json { head :no_content }
       else
@@ -106,10 +104,19 @@ class PlantingsController < ApplicationController
     @planting = Planting.find(params[:id])
     @garden = @planting.garden
     @planting.destroy
+    expire_fragment("homepage_stats")
 
     respond_to do |format|
       format.html { redirect_to @garden }
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def planting_params
+    params.require(:planting).permit(:crop_id, :description, :garden_id, :planted_at,
+    :quantity, :sunniness, :planted_from, :owner_id, :finished,
+    :finished_at)
+  end
 end

app/controllers/posts_controller.rb

@@ -2,8 +2,6 @@ class PostsController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
 
-  cache_sweeper :post_sweeper
-
   # GET /posts
   # GET /posts.json
 
@@ -58,7 +56,7 @@ class PostsController < ApplicationController
   # POST /posts.json
   def create
     params[:post][:author_id] = current_member.id
-    @post = Post.new(params[:post])
+    @post = Post.new(post_params)
 
     respond_to do |format|
       if @post.save
@@ -77,7 +75,7 @@ class PostsController < ApplicationController
     @post = Post.find(params[:id])
 
     respond_to do |format|
-      if @post.update_attributes(params[:post])
+      if @post.update(post_params)
         format.html { redirect_to @post, notice: 'Post was successfully updated.' }
         format.json { head :no_content }
       else
@@ -98,4 +96,10 @@ class PostsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def post_params
+    params.require(:post).permit(:body, :subject, :author_id, :forum_id)
+  end
 end

app/controllers/products_controller.rb

@@ -36,7 +36,7 @@ class ProductsController < ApplicationController
 
   # POST /products
   def create
-    @product = Product.new(params[:product])
+    @product = Product.new(product_params)
 
     respond_to do |format|
       if @product.save
@@ -52,7 +52,7 @@ class ProductsController < ApplicationController
     @product = Product.find(params[:id])
 
     respond_to do |format|
-      if @product.update_attributes(params[:product])
+      if @product.update(product_params)
         format.html { redirect_to @product, notice: 'Product was successfully updated.' }
       else
         format.html { render action: "edit" }
@@ -69,4 +69,11 @@ class ProductsController < ApplicationController
       format.html { redirect_to products_url }
     end
   end
+
+  private
+
+  def product_params
+    params.require(:product).permit(:description, :min_price, :recommended_price, :name,
+    :account_type_id, :paid_months)
+  end
 end

app/controllers/registrations_controller.rb

@@ -1,7 +1,5 @@
 class RegistrationsController < Devise::RegistrationsController
 
-  cache_sweeper :member_sweeper
-
   def edit
     @twitter_auth = current_member.auth('twitter')
     @flickr_auth  = current_member.auth('flickr')

app/controllers/roles_controller.rb

@@ -36,7 +36,7 @@ class RolesController < ApplicationController
 
   # POST /roles
   def create
-    @role = Role.new(params[:role])
+    @role = Role.new(role_params)
 
     respond_to do |format|
       if @role.save
@@ -52,7 +52,7 @@ class RolesController < ApplicationController
     @role = Role.find(params[:id])
 
     respond_to do |format|
-      if @role.update_attributes(params[:role])
+      if @role.update(role_params)
         format.html { redirect_to @role, notice: 'Role was successfully updated.' }
       else
         format.html { render action: "edit" }
@@ -69,4 +69,10 @@ class RolesController < ApplicationController
       format.html { redirect_to roles_url }
     end
   end
+
+  private
+
+  def role_params
+    params.require(:role).permit(:description, :name, :members, :slug)
+  end
 end

app/controllers/scientific_names_controller.rb

@@ -2,8 +2,6 @@ class ScientificNamesController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
 
-  cache_sweeper :scientific_name_sweeper
-
   # GET /scientific_names
   # GET /scientific_names.json
   def index
@@ -47,7 +45,7 @@ class ScientificNamesController < ApplicationController
   # POST /scientific_names.json
   def create
     params[:scientific_name][:creator_id] = current_member.id
-    @scientific_name = ScientificName.new(params[:scientific_name])
+    @scientific_name = ScientificName.new(scientific_name_params)
 
     respond_to do |format|
       if @scientific_name.save
@@ -66,7 +64,7 @@ class ScientificNamesController < ApplicationController
     @scientific_name = ScientificName.find(params[:id])
 
     respond_to do |format|
-      if @scientific_name.update_attributes(params[:scientific_name])
+      if @scientific_name.update(scientific_name_params)
         format.html { redirect_to @scientific_name.crop, notice: 'Scientific name was successfully updated.' }
         format.json { head :no_content }
       else
@@ -90,4 +88,10 @@ class ScientificNamesController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def scientific_name_params
+    params.require(:scientific_name).permit(:crop_id, :scientific_name, :creator_id)
+  end
 end

app/controllers/seeds_controller.rb

@@ -2,8 +2,6 @@ class SeedsController < ApplicationController
   before_filter :authenticate_member!, :except => [:index, :show]
   load_and_authorize_resource
 
-  cache_sweeper :seed_sweeper
-
   # GET /seeds
   # GET /seeds.json
   def index
@@ -68,7 +66,7 @@ class SeedsController < ApplicationController
   # POST /seeds.json
   def create
     params[:seed][:owner_id] = current_member.id
-    @seed = Seed.new(params[:seed])
+    @seed = Seed.new(seed_params)
 
     respond_to do |format|
       if @seed.save
@@ -87,7 +85,7 @@ class SeedsController < ApplicationController
     @seed = Seed.find(params[:id])
 
     respond_to do |format|
-      if @seed.update_attributes(params[:seed])
+      if @seed.update(seed_params)
         format.html { redirect_to @seed, notice: 'Seed was successfully updated.' }
         format.json { head :no_content }
       else
@@ -108,4 +106,11 @@ class SeedsController < ApplicationController
       format.json { head :no_content }
     end
   end
+
+  private
+
+  def seed_params
+    params.require(:seed).permit(:owner_id, :crop_id, :description, :quantity, :plant_before,
+    :tradable_to, :slug)
+  end
 end

app/helpers/application_helper.rb

@@ -24,5 +24,12 @@ module ApplicationHelper
       :target => "_blank"
   end 
 
+  # Produces a cache key for uniquely identifying cached fragments.
+  def cache_key_for(klass, identifier="all")
+    count          = klass.count
+    max_updated_at = klass.maximum(:updated_at).try(:utc).try(:to_s, :number)
+    "#{klass.name.downcase.pluralize}/#{identifier}-#{count}-#{max_updated_at}"
+  end
+
 end
 

app/mailers/notifier.rb

@@ -13,8 +13,8 @@ class Notifier < ActionMailer::Base
   def planting_reminder(member)
     @member = member
 
-    @plantings = @member.plantings.reorder.last(5)
-    @harvests = @member.harvests.reorder.last(5)
+    @plantings = @member.plantings.first(5)
+    @harvests = @member.harvests.first(5)
 
     if @member.send_planting_reminder
       mail(:to => @member.email,

app/models/account.rb

@@ -1,5 +1,4 @@
 class Account < ActiveRecord::Base
-  attr_accessible :account_type_id, :member_id, :paid_until
   belongs_to :member
   belongs_to :account_type
 
@@ -9,7 +8,7 @@ class Account < ActiveRecord::Base
 
   before_create do |account|
     unless account.account_type
-      account.account_type = AccountType.find_or_create_by_name(
+      account.account_type = AccountType.find_or_create_by(name: 
         Growstuff::Application.config.default_account_type
       )
     end

app/models/account_type.rb

@@ -1,5 +1,4 @@
 class AccountType < ActiveRecord::Base
-  attr_accessible :is_paid, :is_permanent_paid, :name
   has_many :products
 
   def to_s

app/models/alternate_name.rb

@@ -1,5 +1,4 @@
 class AlternateName < ActiveRecord::Base
-  attr_accessible :crop_id, :name, :creator_id
   belongs_to :crop
   belongs_to :creator, :class_name => 'Member'
 end

app/models/authentication.rb

@@ -1,4 +1,3 @@
 class Authentication < ActiveRecord::Base
   belongs_to :member
-  attr_accessible :provider, :uid, :token, :secret, :name
 end

app/models/comment.rb

@@ -1,10 +1,9 @@
 class Comment < ActiveRecord::Base
-  attr_accessible :author_id, :body, :post_id
   belongs_to :author, :class_name => 'Member'
   belongs_to :post
 
-  default_scope order("created_at DESC")
-  scope :post_order, reorder("created_at ASC") # for display on post page
+  default_scope { order("created_at DESC") }
+  scope :post_order, -> { reorder("created_at ASC") } # for display on post page
 
   after_create do
     recipient = self.post.author.id

app/models/comment_sweeper.rb

@@ -1,15 +0,0 @@
-class CommentSweeper < ActionController::Caching::Sweeper
-  observe Comment
-
-  def after_create(comment)
-    expire_fragment('recent_posts')
-  end
-
-  def after_update(comment)
-  end
-
-  def after_destroy(comment)
-    expire_fragment('recent_posts')
-  end
-
-end

app/models/crop.rb

@@ -1,7 +1,6 @@
 class Crop < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :name, use: :slugged
-  attr_accessible :en_wikipedia_url, :name, :parent_id, :creator_id, :scientific_names_attributes
+  friendly_id :name, use: [:slugged, :finders]
 
   has_many :scientific_names
   accepts_nested_attributes_for :scientific_names,
@@ -13,7 +12,7 @@ class Crop < ActiveRecord::Base
   has_many :photos, :through => :plantings
   has_many :seeds
   has_many :harvests
-  has_many :plant_parts, :through => :harvests, :uniq => :true
+  has_many :plant_parts, -> { uniq }, :through => :harvests
   belongs_to :creator, :class_name => 'Member'
 
   belongs_to :parent, :class_name => 'Crop'
@@ -21,16 +20,15 @@ class Crop < ActiveRecord::Base
   has_and_belongs_to_many :posts
   before_destroy {|crop| crop.posts.clear}
 
-
-  default_scope order("lower(name) asc")
-  scope :recent, reorder("created_at desc")
-  scope :toplevel, where(:parent_id => nil)
-  scope :popular, reorder("plantings_count desc, lower(name) asc")
-  scope :randomized, reorder('random()') # ok on sqlite and psql, but not on mysql
+  default_scope { order("lower(name) asc") }
+  scope :recent, -> { reorder("created_at desc") }
+  scope :toplevel, -> { where(:parent_id => nil) }
+  scope :popular, -> { reorder("plantings_count desc, lower(name) asc") }
+  scope :randomized, -> { reorder('random()') } # ok on sqlite and psql, but not on mysql
 
   validates :en_wikipedia_url,
     :format => {
-      :with => /^https?:\/\/en\.wikipedia\.org\/wiki/,
+      :with => /\Ahttps?:\/\/en\.wikipedia\.org\/wiki/,
       :message => 'is not a valid English Wikipedia URL'
     }
 
@@ -132,7 +130,7 @@ class Crop < ActiveRecord::Base
     cropbot = Member.find_by_login_name('cropbot')
     raise "cropbot account not found: run rake db:seed" unless cropbot
 
-    crop = Crop.find_or_create_by_name(name)
+    crop = Crop.find_or_create_by(name: name)
     crop.update_attributes(
       :en_wikipedia_url => en_wikipedia_url,
       :creator_id => cropbot.id

app/models/crop_sweeper.rb

@@ -1,21 +0,0 @@
-class CropSweeper < ActionController::Caching::Sweeper
-  observe Crop
-
-  def after_create(crop)
-    expire_fragment('homepage_stats')
-    expire_fragment('recent_crops')
-    expire_fragment('full_crop_hierarchy')
-  end
-
-  def after_update(crop)
-    expire_fragment("crop_image_#{crop.id}")
-  end
-
-  def after_destroy(crop)
-    expire_fragment('homepage_stats')
-    expire_fragment('recent_crops')
-    expire_fragment('full_crop_hierarchy')
-  end
-
-end
-

app/models/follow.rb

@@ -1,5 +1,4 @@
 class Follow < ActiveRecord::Base
-  attr_accessible :followed_id, :follower_id
   belongs_to :follower, class_name: "Member"
   belongs_to :followed, class_name: "Member"
   validates :follower_id, uniqueness: { :scope => :followed_id }

app/models/forum.rb

@@ -1,7 +1,7 @@
 class Forum < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :name, use: :slugged
-  attr_accessible :description, :name, :owner_id, :slug
+  friendly_id :name, use: [:slugged, :finders]
+
   has_many :posts
   belongs_to :owner, :class_name => "Member"
 

app/models/forum_sweeper.rb

@@ -1,16 +0,0 @@
-class ForumSweeper < ActionController::Caching::Sweeper
-  observe Forum
-
-  def after_create(forum)
-    expire_fragment('homepage_forums')
-  end
-
-  def after_update(forum)
-    expire_fragment('homepage_forums')
-  end
-
-  def after_destroy(forum)
-    expire_fragment('homepage_forums')
-  end
-
-end

app/models/garden.rb

@@ -1,13 +1,10 @@
 class Garden < ActiveRecord::Base
   include Geocodable
   extend FriendlyId
-  friendly_id :garden_slug, use: :slugged
-
-  attr_accessible :name, :slug, :owner_id, :description, :active,
-    :location, :latitude, :longitude, :area, :area_unit
+  friendly_id :garden_slug, use: [:slugged, :finders]
 
   belongs_to :owner, :class_name => 'Member', :foreign_key => 'owner_id'
-  has_many :plantings, :order => 'created_at DESC', :dependent => :destroy
+  has_many :plantings, -> { order(created_at: :desc) }, :dependent => :destroy
   has_many :crops, :through => :plantings
 
   # set up geocoding
@@ -16,9 +13,9 @@ class Garden < ActiveRecord::Base
   after_validation :empty_unwanted_geocodes
   after_save :mark_inactive_garden_plantings_as_finished
 
-  default_scope order("lower(name) asc")
-  scope :active, where(:active => true)
-  scope :inactive, where(:active => false)
+  default_scope { order("lower(name) asc") }
+  scope :active, -> { where(:active => true) }
+  scope :inactive, -> { where(:active => false) }
 
   validates :name,
     :format => {

app/models/garden_sweeper.rb

@@ -1,16 +0,0 @@
-class GardenSweeper < ActionController::Caching::Sweeper
-  observe Garden
-
-  def after_create(garden)
-    expire_fragment('homepage_stats')
-    expire_fragment('interesting_members') if garden.owner.interesting?
-    expire_fragment("member_thumbnail_#{garden.owner.id}")
-  end
-
-  def after_destroy(garden)
-    expire_fragment('homepage_stats')
-    expire_fragment('interesting_members') if garden.owner.interesting?
-    expire_fragment("member_thumbnail_#{garden.owner.id}")
-  end
-end
-

app/models/harvest.rb

@@ -1,10 +1,7 @@
 class Harvest < ActiveRecord::Base
   include ActionView::Helpers::NumberHelper
   extend FriendlyId
-  friendly_id :harvest_slug, use: :slugged
-
-  attr_accessible :crop_id, :harvested_at, :description, :owner_id,
-    :quantity, :unit, :weight_quantity, :weight_unit, :plant_part_id, :slug
+  friendly_id :harvest_slug, use: [:slugged, :finders]
 
   belongs_to :crop
   belongs_to :owner, :class_name => 'Member'
@@ -21,7 +18,7 @@ class Harvest < ActiveRecord::Base
     end
   end
 
-  default_scope order('created_at DESC')
+  default_scope { order('created_at DESC') }
 
   validates :crop, :presence => {:message => "must be present and exist in our database"}
 

app/models/member.rb

@@ -2,7 +2,7 @@ class Member < ActiveRecord::Base
   include Geocodable
   extend FriendlyId
 
-  friendly_id :login_name, use: :slugged
+  friendly_id :login_name, use: [:slugged, :finders]
 
   has_many :posts,   :foreign_key => 'author_id'
   has_many :comments, :foreign_key => 'author_id'
@@ -27,18 +27,19 @@ class Member < ActiveRecord::Base
 
   has_many :photos
 
+
+  default_scope { order("lower(login_name) asc") }
+  scope :confirmed, -> { where('confirmed_at IS NOT NULL') }
+  scope :located, -> { where("location <> '' and latitude IS NOT NULL and longitude IS NOT NULL") }
+  scope :recently_signed_in, -> { reorder('updated_at DESC') }
+  scope :wants_newsletter, -> { where(:newsletter => true) }
+
   has_many :follows, :class_name => "Follow", :foreign_key => "follower_id"
   has_many :followed, :through => :follows
 
   has_many :inverse_follows, :class_name => "Follow", :foreign_key => "followed_id"
   has_many :followers, :through => :inverse_follows, :source => :follower
 
-  default_scope order("lower(login_name) asc")
-  scope :confirmed, where('confirmed_at IS NOT NULL')
-  scope :located, where("location <> '' and latitude IS NOT NULL and longitude IS NOT NULL")
-  scope :recently_signed_in, reorder('updated_at DESC')
-  scope :wants_newsletter, where(:newsletter => true)
-
   # Include default devise modules. Others available are:
   # :token_authenticatable, :confirmable,
   # :lockable, :timeoutable and :omniauthable
@@ -46,16 +47,6 @@ class Member < ActiveRecord::Base
          :recoverable, :rememberable, :trackable, :validatable,
          :confirmable, :lockable, :timeoutable
 
-  # Setup accessible (or protected) attributes for your model
-  attr_accessible :login_name, :email, :password, :password_confirmation,
-    :remember_me, :login,
-    # terms of service
-    :tos_agreement,
-    # profile stuff
-    :bio, :location, :latitude, :longitude,
-    # email settings
-    :show_email, :newsletter, :send_notification_email, :send_planting_reminder
-
   # set up geocoding
   geocoded_by :location
   after_validation :geocode
@@ -80,7 +71,7 @@ class Member < ActiveRecord::Base
       :message => "name is reserved"
     },
     :format => {
-      :with => /^\w+$/,
+      :with => /\A\w+\z/,
       :message => "may only include letters, numbers, or underscores"
     },
     :uniqueness => {
@@ -93,7 +84,7 @@ class Member < ActiveRecord::Base
   # and an account record (for paid accounts etc)
   # we use find_or_create to avoid accidentally creating a second one,
   # which can happen sometimes especially with FactoryGirl associations
-  after_create {|member| Account.find_or_create_by_member_id(:member_id => member.id) }
+  after_create {|member| Account.find_or_create_by(:member_id => member.id) }
 
   after_save :update_newsletter_subscription
 
@@ -243,17 +234,19 @@ class Member < ActiveRecord::Base
     end
   end
 
-  def newsletter_subscribe
+  def newsletter_subscribe(testing=false)
+    return true if (Rails.env.test? && !testing)
     gb = Gibbon::API.new
     res = gb.lists.subscribe({
       :id => Gibbon::API.api_key,
       :email => { :email => email },
       :merge_vars => { :login_name => login_name },
-      :double_optin => false # they alredy confirmed their email with us
+      :double_optin => false # they already confirmed their email with us
     })
   end
 
-  def newsletter_unsubscribe
+  def newsletter_unsubscribe(testing=false)
+    return true if (Rails.env.test? && !testing)
     gb = Gibbon::API.new
     res = gb.lists.unsubscribe({
       :id => ENV['GROWSTUFF_MAILCHIMP_NEWSLETTER_ID'],

app/models/member_sweeper.rb

@@ -1,23 +0,0 @@
-class MemberSweeper < ActionController::Caching::Sweeper
-  observe Member
-
-  def after_create(member)
-    expire_fragment('homepage_stats')
-  end
-
-  def after_update(member)
-    expire_fragment('interesting_members') if member.interesting?
-    expire_fragment("interesting_seeds") if member.seeds.tradable.present?
-    expire_fragment("member_thumbnail_#{member.id}")
-
-    if member.plantings.present?
-      member.plantings.each do |p|
-        expire_fragment("plantings_listitem_#{p.id}") if p.interesting?
-      end
-      expire_fragment('interesting_plantings')
-    end
-
-  end
-
-end
-

app/models/notification.rb

@@ -1,13 +1,10 @@
 class Notification < ActiveRecord::Base
-  attr_accessible :sender_id, :recipient_id, 
-    :subject, :body, :post_id, :read
-
   belongs_to :sender, :class_name => 'Member'
   belongs_to :recipient, :class_name => 'Member'
   belongs_to :post
 
-  default_scope order('created_at DESC')
-  scope :unread, where(:read => false)
+  default_scope { order('created_at DESC') }
+  scope :unread, -> { where(:read => false) }
 
   before_create :replace_blank_subject
   after_create :send_email

app/models/order.rb

@@ -1,10 +1,9 @@
 class Order < ActiveRecord::Base
-  attr_accessible :member_id, :completed_at, :referral_code
   belongs_to :member
 
   has_many :order_items, :dependent => :destroy
 
-  default_scope order('created_at DESC')
+  default_scope { order('created_at DESC') }
 
   validates :referral_code, :format => {
     :with => /\A[a-zA-Z0-9 ]*\z/,

app/models/order_item.rb

@@ -1,6 +1,4 @@
 class OrderItem < ActiveRecord::Base
-  attr_accessible :order_id, :price, :product_id, :quantity
-
   belongs_to :order
   belongs_to :product
 

app/models/photo.rb

@@ -1,6 +1,4 @@
 class Photo < ActiveRecord::Base
-  attr_accessible :flickr_photo_id, :owner_id, :title, :license_name,
-    :license_url, :thumbnail_url, :fullsize_url, :link_url
   belongs_to :owner, :class_name => 'Member'
 
   has_and_belongs_to_many :plantings
@@ -10,7 +8,7 @@ class Photo < ActiveRecord::Base
     photo.harvests.clear
   end
 
-  default_scope order("created_at desc")
+  default_scope { order("created_at desc") }
 
   # remove photos that aren't used by anything
   def destroy_if_unused

app/models/photo_sweeper.rb

@@ -1,13 +0,0 @@
-class PhotoSweeper < ActionController::Caching::Sweeper
-  observe Photo
-
-  def after_create(photo)
-    expire_fragment('interesting_plantings')
-  end
-
-  def after_destroy(photo)
-    expire_fragment('interesting_plantings')
-  end
-
-end
-

app/models/plant_part.rb

@@ -1,11 +1,9 @@
 class PlantPart < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :name, :use => :slugged
+  friendly_id :name, :use => [:slugged, :finders]
 
   has_many :harvests
-  has_many :crops, :through => :harvests, :uniq => true
-
-  attr_accessible :name, :slug
+  has_many :crops, -> { uniq }, :through => :harvests
 
   def to_s
     return name

app/models/planting.rb

@@ -1,10 +1,6 @@
 class Planting < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :planting_slug, use: :slugged
-
-  attr_accessible :crop_id, :description, :garden_id, :planted_at,
-    :quantity, :sunniness, :planted_from, :owner_id, :finished,
-    :finished_at
+  friendly_id :planting_slug, use: [:slugged, :finders]
 
   belongs_to :garden
   belongs_to :owner, :class_name => 'Member', :counter_cache => true
@@ -21,9 +17,9 @@ class Planting < ActiveRecord::Base
     end
   end
 
-  default_scope order("created_at desc")
-  scope :finished, where(:finished => true)
-  scope :current, where(:finished => false)
+  default_scope { order("created_at desc") }
+  scope :finished, -> { where(:finished => true) }
+  scope :current, -> { where(:finished => false) }
 
   delegate :name,
     :en_wikipedia_url,
@@ -32,7 +28,7 @@ class Planting < ActiveRecord::Base
     :to => :crop,
     :prefix => true
 
-  default_scope order("created_at desc")
+  default_scope { order("created_at desc") }
 
   validates :crop_id, :presence => {:message => "must be present and exist in our database"}
 

app/models/planting_sweeper.rb

@@ -1,25 +0,0 @@
-class PlantingSweeper < ActionController::Caching::Sweeper
-  observe Planting
-
-  def after_create(planting)
-    expire_fragment('homepage_stats')
-    expire_fragment("member_thumbnail_#{planting.owner.id}")
-    expire_fragment("interesting_members") if planting.owner.interesting?
-    expire_fragment("crop_image_#{planting.crop.id}")
-  end
-
-  def after_update(planting)
-    expire_fragment("planting_listitem_#{planting.id}")
-    expire_fragment("planting_image_#{planting.id}")
-    expire_fragment("interesting_plantings")
-  end
-
-  def after_destroy(planting)
-    expire_fragment('homepage_stats')
-    expire_fragment("crop_image_#{planting.crop.id}")
-    expire_fragment('interesting_plantings') if planting.interesting?
-    expire_fragment("interesting_members") if planting.owner.interesting?
-  end
-
-end
-

app/models/post.rb

@@ -1,7 +1,6 @@
 class Post < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :author_date_subject, use: :slugged
-  attr_accessible :body, :subject, :author_id, :forum_id
+  friendly_id :author_date_subject, use: [:slugged, :finders]
   belongs_to :author, :class_name => 'Member'
   belongs_to :forum
   has_many :comments, :dependent => :destroy
@@ -11,7 +10,7 @@ class Post < ActiveRecord::Base
   # also has_many notifications, but kinda meaningless to get at them
   # from this direction, so we won't set up an association for now.
 
-  default_scope order("created_at desc")
+  default_scope { order("created_at desc") }
 
   validates :subject,
     :format => {

app/models/post_sweeper.rb

@@ -1,16 +0,0 @@
-class PostSweeper < ActionController::Caching::Sweeper
-  observe Post
-
-  def after_create(post)
-    expire_fragment('recent_posts')
-  end
-
-  def after_update(post)
-    expire_fragment('recent_posts')
-  end
-
-  def after_destroy(post)
-    expire_fragment('recent_posts')
-  end
-
-end

app/models/product.rb

@@ -1,7 +1,4 @@
 class Product < ActiveRecord::Base
-  attr_accessible :description, :min_price, :recommended_price, :name,
-  :account_type_id, :paid_months
-
   has_and_belongs_to_many :orders
   belongs_to :account_type
 

app/models/role.rb

@@ -1,7 +1,7 @@
 class Role < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :name, use: :slugged
-  attr_accessible :description, :name, :members, :slug
+  friendly_id :name, use: [:slugged, :finders]
+
   has_and_belongs_to_many :members
 
   class << self

app/models/scientific_name.rb

@@ -1,5 +1,4 @@
 class ScientificName < ActiveRecord::Base
-  attr_accessible :crop_id, :scientific_name, :creator_id
   belongs_to :crop
   belongs_to :creator, :class_name => 'Member'
 end

app/models/scientific_name_sweeper.rb

@@ -1,17 +0,0 @@
-class ScientificNameSweeper < ActionController::Caching::Sweeper
-  observe ScientificName
-
-  def after_create(scientific_name)
-    expire_fragment("crop_image_#{scientific_name.crop.id}")
-  end
-
-  def after_update(scientific_name)
-    expire_fragment("crop_image_#{scientific_name.crop.id}")
-  end
-
-  def after_destroy(scientific_name)
-    expire_fragment("crop_image_#{scientific_name.crop.id}")
-  end
-
-end
-

app/models/seed.rb

@@ -1,21 +1,18 @@
 class Seed < ActiveRecord::Base
   extend FriendlyId
-  friendly_id :seed_slug, use: :slugged
-
-  attr_accessible :owner_id, :crop_id, :description, :quantity, :plant_before,
-    :tradable_to, :slug
+  friendly_id :seed_slug, use: [:slugged, :finders]
 
   belongs_to :crop
   belongs_to :owner, :class_name => 'Member', :foreign_key => 'owner_id'
 
-  default_scope order("created_at desc")
+  default_scope { order("created_at desc") }
 
   validates :crop, :presence => {:message => "must be present and exist in our database"}
   validates :quantity,
     :numericality => { :only_integer => true },
     :allow_nil => true
 
-  scope :tradable, where("tradable_to != 'nowhere'")
+  scope :tradable, -> { where("tradable_to != 'nowhere'") }
 
   TRADABLE_TO_VALUES = %w(nowhere locally nationally internationally)
   validates :tradable_to, :inclusion => { :in => TRADABLE_TO_VALUES,

app/models/seed_sweeper.rb

@@ -1,26 +0,0 @@
-class SeedSweeper < ActionController::Caching::Sweeper
-  observe Seed
-
-  def after_create(seed)
-    if seed.tradable? && seed.interesting?
-      expire_fragment('interesting_seeds')
-    end
-    expire_fragment('interesting_members') if seed.owner.interesting?
-    expire_fragment("member_thumbnail_#{seed.owner.id}")
-  end
-
-  def after_update(seed)
-    expire_fragment('interesting_seeds')
-  end
-
-  def after_destroy(seed)
-    if seed.tradable? && seed.interesting?
-      expire_fragment('interesting_seeds')
-    end
-    expire_fragment('interesting_members') if seed.owner.interesting?
-    expire_fragment("member_thumbnail_#{seed.owner.id}")
-  end
-
-end
-
-

app/views/authentications/index.html.haml

@@ -1,22 +0,0 @@
-- content_for :title, "Linked accounts on other sites"
-
-- if @authentications
-  - unless @authentications.empty?
-    .authentications
-    - @authentications.each do |authentication|
-      %a{ :href => "http://twitter.com/#{authentication.name}" }
-        .authentication
-          = image_tag "#{authentication.provider}_64.png", :size => "64x64"
-        .provider
-          = authentication.provider.titleize
-        .name
-          = authentication.name
-      = link_to "X", authentication, :confirm => "Are you sure you want to remove this authentication?", :method => :delete, :class => "remove"
-    .clear
-    %p
-      %strong Link another external account:
-  - else
-    %p
-      %strong Link to an external account:
-
-= link_to image_tag("twitter_64.png", :size => "64x64"), "/auth/twitter", :class => "auth_provider"

app/views/crops/_find_seeds.html.haml

@@ -1,4 +1,4 @@
-%h4 Find seeds
+%h4 Find #{ crop.name } seeds
 - if crop.seeds.empty?
   %p
     There are no seeds available to trade.

app/views/crops/_harvests.html.haml

@@ -1,4 +1,4 @@
-%h4 Harvests
+%h4 #{ crop.name.capitalize } harvests
 - if crop.harvests.empty?
   %p
     Nobody has harvested this crop yet.

app/views/crops/_image_with_popover.html.haml

@@ -1,4 +1,4 @@
-- cache "crop_image_#{crop.id}" do
+- cache crop do
   = link_to |
     image_tag( |
       crop.default_photo ?  crop.default_photo.thumbnail_url : 'placeholder_150.png', |

app/views/crops/_plantings.html.haml

@@ -1,4 +1,4 @@
-%h4 Plantings
+%h4 See who's planted #{ crop.name.pluralize }
 - if crop.plantings.empty?
   %p
     Nobody has planted this crop yet.

app/views/crops/_thumbnail.html.haml

@@ -1,6 +1,6 @@
-.thumbnail(style='height: 220px')
+.thumbnail.crop-thumbnail
   - if crop
-    = link_to image_tag((crop.default_photo ?  crop.default_photo.thumbnail_url : 'placeholder_150.png'), :alt => crop.name, :class => 'img-rounded'), crop
+    = link_to image_tag((crop.default_photo ?  crop.default_photo.thumbnail_url : 'placeholder_150.png'), :alt => crop.name, :class => 'img'), crop
     %p.crop-name
       = link_to crop.name, crop
       - if crop.scientific_names.count > 0

app/views/crops/hierarchy.html.haml

@@ -5,5 +5,5 @@
   = succeed "." do
     = link_to "crops database", crops_path
 
-- cache("full_crop_hierarchy") do
+- cache cache_key_for(Crop) do
   = render :partial => "hierarchy", :locals => { :display_crops => @crops }

app/views/crops/show.html.haml

@@ -13,6 +13,8 @@
 
 .row
   .col-md-9
+    - unless current_member
+      Learn how to grow #{ @crop.name.pluralize } from growers around the world. #{ ENV['GROWSTUFF_SITE_NAME'] } has tips and advice from real-life growers, including when to plant #{ @crop.name.pluralize }, how to harvest #{ @crop.name.pluralize }, and more.
 
     = render :partial => 'photos', :locals => { :crop => @crop }
 
@@ -34,37 +36,46 @@
     %div#cropmap
 
     %a{:name => 'posts'}
-    %div.pagination
-      = page_entries_info @posts, :model => "posts"
-      = will_paginate @posts, :params => {:anchor => "posts"}
+    %h2 What people are saying about #{ @crop.name.pluralize }
 
-    - unless @posts.empty?
+    - if @posts.empty?
+      %p
+        Nobody has posted about #{ @crop.name.pluralize } yet.
+      %p
+        - if can? :create, Post
+          = link_to "Post something", new_post_path, :class => 'btn btn-default'
+        - else
+          = render :partial => "shared/signin_signup", :locals => { :to => "post your tips and experiences growing #{ @crop.name.pluralize }" }
+    - else
+      %div.pagination
+        = page_entries_info @posts, :model => "posts"
+        = will_paginate @posts, :params => {:anchor => "posts"}
       - @posts.each do |post|
         = render :partial => "posts/single", :locals => { :post => post, :subject => true }
 
-    %div.pagination
-      = page_entries_info @posts, :model => "posts"
-      = will_paginate @posts, :params => {:anchor => "posts"}
+      %div.pagination
+        = page_entries_info @posts, :model => "posts"
+        = will_paginate @posts, :params => {:anchor => "posts"}
 
   .col-md-3
 
     = render :partial => 'wrangle', :locals => { :crop => @crop }
-    = render :partial => 'scientific_names', :locals => { :crop => @crop }
-    = render :partial => 'alternate_names', :locals => { :crop => @crop }
 
-    %h4 Planting advice
+    %h4 How to grow #{ @crop.name.pluralize }
 
     = render :partial => 'grown_for', :locals => { :crop => @crop }
     = render :partial => 'planting_advice', :locals => { :crop => @crop }
 
-    %h4 Varieties
+    = render :partial => 'scientific_names', :locals => { :crop => @crop }
+    = render :partial => 'alternate_names', :locals => { :crop => @crop }
+
+    %h4 #{ @crop.name.capitalize } varieties
     = render :partial => 'varieties', :locals => { :crop => @crop }
 
-
-    %h4 More information
-    %ul
-      %li= link_to 'Wikipedia (English)', @crop.en_wikipedia_url
-
     = render :partial => 'plantings', :locals => { :crop => @crop }
     = render :partial => 'harvests', :locals => { :crop => @crop }
     = render :partial => 'find_seeds', :locals => { :crop => @crop }
+
+    %h4 Learn more about #{ @crop.name.pluralize }
+    %ul
+      %li= link_to 'Wikipedia (English)', @crop.en_wikipedia_url

app/views/home/_crops.html.haml

@@ -1,19 +1,24 @@
 .row
-  .col-md-6.hidden-xs
-    - cache "interesting_crops", :expires_in => 1.day do
+  .col-md-8
+    - cache cache_key_for(Crop, 'interesting'), :expires_in => 1.day do
       %h2= t('.our_crops')
-      - Crop.interesting.each do |c|
-        .col-md-3{:style => 'margin:0px; padding: 3px'}
-          = render :partial => 'crops/image_with_popover', :locals => { :crop => c }
+      .hidden-xs
+        - Crop.interesting.first(8).each do |c|
+          .col-md-3
+            = render :partial => 'crops/thumbnail', :locals => { :crop => c }
+      .visible-xs
+        - Crop.interesting.first(3).each do |c|
+          .col-md-3
+            = render :partial => 'crops/thumbnail', :locals => { :crop => c }
 
-  .col-md-6
-    - cache "interesting_plantings" do
+  .col-md-4.hidden-xs
+    - cache cache_key_for(Planting) do
       %h2= t('.recently_planted')
-      = render :partial => 'plantings/list', :locals => { :plantings => Planting.interesting.first(4) }
+      = render :partial => 'plantings/list', :locals => { :plantings => Planting.interesting.first(6) }
 
 .row
   .col-md-12
-    - cache "recent_crops" do
+    - cache cache_key_for(Crop, 'recent') do
       %p{ :style => 'margin-top: 11.25px' }
         %strong
           #{t('.recently_added')}:

app/views/home/_discuss.html.haml

@@ -1,11 +1,10 @@
 %h2= t('.discussion')
 
-- cache "recent_posts" do
-  - posts = Post.limit(6)
-  - if posts
-    =render :partial => "posts/summary", :locals => { :posts => posts, :howmany => 6 }
+- posts = Post.limit(6)
+- if posts
+  =render :partial => "posts/summary", :locals => { :posts => posts, :howmany => 6 }
 
-- cache "homepage_forums" do
+- cache cache_key_for(Forum) do
   - forums = Forum.all
   - if forums
     %ul.list-inline

app/views/home/_keep_in_touch.html.haml

@@ -1,17 +0,0 @@
-%h2= t('.keep_in_touch')
-
-%p
-  = link_to(image_tag("twitter_32.png", :alt => ''), 'http://twitter.com/growstufforg', :target => "_blank")
-  = t('.twitter_html', link: link_to(t('.twitter_linktext'), 'http://twitter.com/growstufforg', :target => "_blank"))
-
-%p
-  = link_to(image_tag("facebook_32.png", :alt => ''), 'https://www.facebook.com/Growstufforg', :target => "_blank")
-  = t('.facebook_html', link: link_to(t('.facebook_linktext'), 'https://www.facebook.com/Growstufforg', :target => "_blank"))
-
-%p
-  = link_to(image_tag("blog_32.png", :alt => ''), 'http://blog.growstuff.org/', :target => "_blank")
-  = t('.blog_html', link: link_to(t('.blog_linktext'), 'http://blog.growstuff.org/', :target => "_blank"))
-
-%p
-  = link_to(image_tag("email_32.png", :alt => ''), 'http://blog.growstuff.org/newsletter', :target => "_blank")
-  = t('.newsletter_html', link: link_to(t('.newsletter_linktext'), 'http://blog.growstuff.org/newsletter', :target => "_blank"))

app/views/home/_members.html.haml

@@ -1,4 +1,4 @@
-- cache "interesting_members" do
+- cache cache_key_for(Member) do
   .hidden-xs
     - members = Member.interesting.first(6)
     - if members.present?
@@ -6,7 +6,7 @@
 
       .row
         - members.each do |m|
-          .col-md-6.homepage-members
+          .col-md-4.homepage-members
             = render :partial => "members/thumbnail", :locals => { :member => m }
 
       %p.text-right

app/views/home/_open.html.haml

@@ -1,29 +0,0 @@
-%h2= t('.open_source_title')
-
-%p
-  = t('.open_source_body_html', why: link_to(t('.why_linktext'), 'http://blog.growstuff.org/2013/02/20/why-growstuff-is-open-source/'), 
-                                github: link_to(t('.github_linktext'), 'http://github.com/Growstuff/growstuff'),
-                                site_name: ENV['GROWSTUFF_SITE_NAME'] )
-
-
-%h2= t('.open_data_title')
-
-%p
-  = t('.open_data_body_html', creative_commons_link: link_to(t('.creative_commons_linktext'), 'http://creativecommons.org/licenses/by-sa/3.0/'), 
-                              wiki_link: link_to(t('.wiki_linktext'), 'http://wiki.growstuff.org/index.php/Open_data'), 
-                              api_docs_link: link_to(t('.api_docs_linktext'), 'http://wiki.growstuff.org/index.php/API'))
-
-
-
-%h2= t('.get_involved_title')
-
-%p
-  = t('.get_involved_body_html', talk_link: link_to(t('.talk_linktext'), 'http://talk.growstuff.org/'), 
-                                 wiki_link: link_to(t('.wiki_linktext'), 'http://wiki.growstuff.org/'))
-
-
-%h2= t('.support_title')
-
-%p
-  = t('.support_body_html', ad_free: link_to(t('.ad_free_linktext'), 'http://wiki.growstuff.org/index.php/Why_no_ads%3F'),
-                            buy_account: link_to(t('.buy_account_linktext'), shop_path))

app/views/home/_seeds.html.haml

@@ -3,7 +3,7 @@
 
   %h2= t('.title')
 
-  - cache "interesting_seeds" do
+  - cache cache_key_for(Seed) do
     - if seeds.length > 0
 
       %table.table.table-striped

app/views/home/index.html.haml

@@ -17,13 +17,9 @@
           = render :partial => 'blurb'
       .visible-xs
         = render :partial => 'blurb'
-.row
-  .col-md-8.main
+
     = render :partial => 'crops'
     = render :partial => 'seeds'
     = render :partial => 'members'
     = render :partial => 'discuss'
 
-  .col-md-4.sidebar
-    = render :partial => 'keep_in_touch'
-    = render :partial => 'open'

app/views/layouts/_footer.html.haml

@@ -1,10 +1,29 @@
 .navbar.navbar-default.navbar-bottom
   .container
-    %ul.nav.navbar-nav.text-center
-      %li= link_to "About", "http://wiki.growstuff.org/index.php/About%20Growstuff"
-      %li= link_to "Contact", url_for(:controller => '/about', :action => 'contact')
-      %li= link_to "Terms of Service", url_for(:controller => '/policy', :action => 'tos')
-      %li= link_to "Privacy Policy", url_for(:controller => %'/policy', :action => 'privacy')
-      %li= link_to "Community Guidelines", url_for(:controller => '/policy', :action => 'community')
-      %li= link_to "Support/FAQ", url_for(:controller => '/support')
-      %li= link_to "Open Source", "https://github.com/Growstuff/growstuff"
+    .row
+      .col-md-4#about-growstuff
+        %ul
+          %li= link_to t('about'), "http://wiki.growstuff.org/index.php/About%20Growstuff"
+          %li= link_to t('our_values'), "http://wiki.growstuff.org/index.php/Values"
+          %li= link_to t('open_source'), "https://github.com/Growstuff/growstuff"
+          %li= link_to t('growstuff_team'), "http://wiki.growstuff.org/index.php/Team"
+          %li= link_to t('get_involved'), "http://wiki.growstuff.org/index.php/Get_involved"
+      .col-md-4#policies
+        %ul
+          %li= link_to t('terms_of_service'), url_for(:controller => '/policy', :action => 'tos')
+          %li= link_to t('privacy_policy'), url_for(:controller => '/policy', :action => 'privacy')
+          %li= link_to t('data_use_policy'), url_for(:controller => '/policy', :action => 'api')
+          %li= link_to t('community_guidelines'), url_for(:controller => '/policy', :action => 'community')
+      .col-md-4#contact
+        %ul
+          %li= link_to t('support_'), url_for(:controller => '/support')
+          %li= link_to t('contact'), url_for(:controller => '/about', :action => 'contact')
+        %p
+          = link_to('http://twitter.com/growstufforg', :target => "_blank") do
+            = image_tag("twitter_32.png", :alt => 'Twitter: @growstufforg')
+           
+          = link_to('https://www.facebook.com/Growstufforg', :target => "_blank") do
+            = image_tag("facebook_32.png", :alt => 'Facebook')
+           
+          = link_to('http://blog.growstuff.org/', :target => "_blank") do
+            = image_tag("blog_32.png", :alt => 'Growstuff Blog')

app/views/layouts/_header.html.haml

@@ -9,7 +9,7 @@
         %span.icon-bar
         %span.icon-bar
       %a.navbar-brand(href=root_path)
-        = image_tag("/assets/growstuff-brand.png", :size => "200x50", :alt => ENV['GROWSTUFF_SITE_NAME'])
+        = image_tag("growstuff-brand.png", :size => "200x50", :alt => ENV['GROWSTUFF_SITE_NAME'])
     .navbar-collapse.collapse#navbar-collapse
       %ul.nav.navbar-nav
         %li.dropdown<

app/views/layouts/_meta.html.haml

@@ -16,5 +16,5 @@
     = javascript_include_tag "http://html5shim.googlecode.com/svn/trunk/html5.js"
   = stylesheet_link_tag "application", :media => "all"
 
-  %link(href="/assets/growstuff-apple-touch-icon-precomposed.png" rel="apple-touch-icon-precomposed")
-  = favicon_link_tag '/assets/favicon.ico'
+  %link(href="/growstuff-apple-touch-icon-precomposed.png" rel="apple-touch-icon-precomposed")
+  = favicon_link_tag 'favicon.ico'

app/views/members/_thumbnail.html.haml

@@ -1,4 +1,4 @@
-- cache "member_thumbnail_#{member.id}" do
+- cache member do
   .row
     .member-thumbnail
       .col-md-3

app/views/photos/_thumbnail.html.haml

@@ -1,5 +1,5 @@
-.thumbnail.crop-thumbnail
-  = link_to image_tag(photo.thumbnail_url, :alt => photo.title, :class => 'img-rounded img-responsive'), photo
+.thumbnail.photo-thumbnail
+  = link_to image_tag(photo.thumbnail_url, :alt => photo.title, :class => 'img img-responsive'), photo
   .text
     %p
       = link_to photo.title, photo

app/views/plantings/_image_with_popover.html.haml

@@ -1,4 +1,4 @@
-- cache "planting_image_#{planting.id}" do
+- cache planting do
   = link_to |
     image_tag( |
       planting.photos.present? ? planting.photos.first.thumbnail_url : 'placeholder_150.png', |

app/views/plantings/_list.html.haml

@@ -1,5 +1,5 @@
 - plantings.each do |p|
-  - cache "plantings_listitem_#{p.id}" do
+  - cache p do
     .row
       .col-md-3{:style => 'padding-bottom: 6px'}
         = render :partial => 'plantings/image_with_popover', :locals => { :planting => p }

app/views/posts/_summary.html.haml

@@ -8,13 +8,14 @@
       %th.hidden-xs Comments
 
     - posts.recently_active[0..howmany-1].each do |post|
-      %tr
-        %td
-          = link_to truncate(strip_tags(post.subject), :length => 40, :separator => ' '), post
-        %td.hidden-xs
-          =link_to post.author, post.author
-        %td
-          = distance_of_time_in_words(post.recent_activity, Time.zone.now)
-          ago
-        %td.hidden-xs
-          = post.comments.count.to_s
+      - cache post do
+        %tr
+          %td
+            = link_to truncate(strip_tags(post.subject), :length => 40, :separator => ' '), post
+          %td.hidden-xs
+            =link_to post.author, post.author
+          %td
+            = distance_of_time_in_words(post.recent_activity, Time.zone.now)
+            ago
+          %td.hidden-xs
+            = post.comments.count.to_s

app/views/shared/_account_status.html.haml

@@ -9,5 +9,5 @@
     %strong Paid until:
     = current_member.account.paid_until_string
 
-- if ! current_member.is_paid?
+- if !current_member.is_paid?
   = link_to "Upgrade and support #{ENV['GROWSTUFF_SITE_NAME']}", shop_path, :class => 'btn btn-primary'

bin/bundle

@@ -0,0 +1,3 @@
+#!/usr/bin/env ruby
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+load Gem.bin_path('bundler', 'bundle')

bin/rails

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+APP_PATH = File.expand_path('../../config/application',  __FILE__)
+require_relative '../config/boot'
+require 'rails/commands'

bin/rake

@@ -0,0 +1,4 @@
+#!/usr/bin/env ruby
+require_relative '../config/boot'
+require 'rake'
+Rake.application.run

config/application.rb

@@ -1,6 +1,7 @@
 require File.expand_path('../boot', __FILE__)
 
 require 'rails/all'
+require 'openssl'
 
 if defined?(Bundler)
   # If you precompile assets before deploying to production, use this line
@@ -25,6 +26,8 @@ module Growstuff
     # Activate observers that should always be running.
     # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
 
+    I18n.config.enforce_available_locales = true
+
     # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
     # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
     config.time_zone = 'UTC'
@@ -59,7 +62,7 @@ module Growstuff
     # This will create an empty whitelist of attributes available for mass-assignment for all models
     # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
     # parameters by using an attr_accessible or attr_protected declaration.
-    config.active_record.whitelist_attributes = true
+    # config.active_record.whitelist_attributes = true
 
     # Enable the asset pipeline
     config.assets.enabled = true

config/environments/development.rb

@@ -1,14 +1,14 @@
 Growstuff::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
+  # Do not eager load code on boot.
+  config.eager_load = false
+
   # In the development environment your application's code is reloaded on
   # every request. This slows down response time but is perfect for development
   # since you don't have to restart the web server when you make code changes.
   config.cache_classes = false
 
-  # Log error messages when you accidentally call methods on nil.
-  config.whiny_nils = true
-
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true
 
@@ -25,19 +25,24 @@ Growstuff::Application.configure do
   # Only use best-standards-support built into browsers
   config.action_dispatch.best_standards_support = :builtin
 
-  # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
-
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  config.active_record.auto_explain_threshold_in_seconds = 0.5
-
   # Do not compress assets
   config.assets.compress = false
 
   # Expands the lines which load the assets
   config.assets.debug = true
 
+  # Asset digests allow you to set far-future HTTP expiration dates on all assets, 
+  # yet still be able to expire them through the digest params.
+  config.assets.digest = true
+
+  # Adds additional error checking when serving assets at runtime.
+  # Checks for improperly declared sprockets dependencies.
+  # Raises helpful error messages.
+  config.assets.raise_runtime_errors = true
+
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+
   # Growstuff config
   config.new_crops_request_link = "http://example.com/not-a-real-url"
   config.action_mailer.default_url_options = { :host => 'localhost:8080' }
@@ -68,4 +73,6 @@ Growstuff::Application.configure do
     ::STANDARD_GATEWAY = ActiveMerchant::Billing::PaypalGateway.new(paypal_options)
     ::EXPRESS_GATEWAY = ActiveMerchant::Billing::PaypalExpressGateway.new(paypal_options)
   end
+
+  config.action_controller.action_on_unpermitted_parameters = :raise
 end

config/environments/production.rb

@@ -1,6 +1,12 @@
 Growstuff::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
   # Code is not reloaded between requests
   config.cache_classes = true
 
@@ -11,8 +17,9 @@ Growstuff::Application.configure do
   # Disable Rails's static asset server (Apache or nginx will already do this)
   config.serve_static_assets = false
 
-  # Compress JavaScripts and CSS
-  config.assets.compress = true
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  config.assets.css_compressor = :sass
 
   # Don't fallback to assets pipeline if a precompiled asset is missed
   config.assets.compile = true
@@ -20,9 +27,6 @@ Growstuff::Application.configure do
   # Generate digests for assets URLs
   config.assets.digest = true
 
-  # Defaults to nil and saved in location specified by config.assets.prefix
-  # config.assets.manifest = YOUR_PATH
-
   # Specifies the header that your server uses for sending files
   # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
@@ -45,15 +49,10 @@ Growstuff::Application.configure do
   # Enable serving of images, stylesheets, and JavaScripts from an asset server
   # config.action_controller.asset_host = "http://assets.example.com"
 
-  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
-  # config.assets.precompile += %w( search.js )
-
-  # Disable delivery errors, bad email addresses will be ignored
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
   # config.action_mailer.raise_delivery_errors = false
 
-  # Enable threaded mode
-  # config.threadsafe!
-
   # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
   # the I18n.default_locale when a translation can not be found)
   config.i18n.fallbacks = true
@@ -61,9 +60,11 @@ Growstuff::Application.configure do
   # Send deprecation notices to registered listeners
   config.active_support.deprecation = :notify
 
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
 
   # Growstuff configuration
   config.new_crops_request_link = "http://growstuff.org/posts/skud-20130319-requests-for-new-crops"

config/environments/staging.rb

@@ -1,6 +1,12 @@
 Growstuff::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
+  # Eager load code on boot. This eager loads most of Rails and
+  # your application in memory, allowing both threaded web servers
+  # and those relying on copy on write to perform better.
+  # Rake tasks automatically ignore this option for performance.
+  config.eager_load = true
+
   # Code is not reloaded between requests
   config.cache_classes = true
 
@@ -11,8 +17,9 @@ Growstuff::Application.configure do
   # Disable Rails's static asset server (Apache or nginx will already do this)
   config.serve_static_assets = false
 
-  # Compress JavaScripts and CSS
-  config.assets.compress = true
+  # Compress JavaScripts and CSS.
+  config.assets.js_compressor = :uglifier
+  config.assets.css_compressor = :sass
 
   # Don't fallback to assets pipeline if a precompiled asset is missed
   config.assets.compile = true
@@ -20,9 +27,6 @@ Growstuff::Application.configure do
   # Generate digests for assets URLs
   config.assets.digest = true
 
-  # Defaults to nil and saved in location specified by config.assets.prefix
-  # config.assets.manifest = YOUR_PATH
-
   # Specifies the header that your server uses for sending files
   # config.action_dispatch.x_sendfile_header = "X-Sendfile" # for apache
   # config.action_dispatch.x_sendfile_header = 'X-Accel-Redirect' # for nginx
@@ -45,15 +49,10 @@ Growstuff::Application.configure do
   # Enable serving of images, stylesheets, and JavaScripts from an asset server
   # config.action_controller.asset_host = "http://assets.example.com"
 
-  # Precompile additional assets (application.js, application.css, and all non-JS/CSS are already added)
-  # config.assets.precompile += %w( search.js )
-
-  # Disable delivery errors, bad email addresses will be ignored
+  # Ignore bad email addresses and do not raise email delivery errors.
+  # Set this to true and configure the email server for immediate delivery to raise delivery errors.
   # config.action_mailer.raise_delivery_errors = false
 
-  # Enable threaded mode
-  # config.threadsafe!
-
   # Enable locale fallbacks for I18n (makes lookups for any locale fall back to
   # the I18n.default_locale when a translation can not be found)
   config.i18n.fallbacks = true
@@ -61,9 +60,11 @@ Growstuff::Application.configure do
   # Send deprecation notices to registered listeners
   config.active_support.deprecation = :notify
 
-  # Log the query plan for queries taking more than this (works
-  # with SQLite, MySQL, and PostgreSQL)
-  # config.active_record.auto_explain_threshold_in_seconds = 0.5
+  # Use default logging formatter so that PID and timestamp are not suppressed.
+  config.log_formatter = ::Logger::Formatter.new
+
+  # Do not dump schema after migrations.
+  config.active_record.dump_schema_after_migration = false
 
   # Growstuff configuration
   config.new_crops_request_link = "http://example.com/not-a-real-url"

config/environments/test.rb

@@ -1,6 +1,11 @@
 Growstuff::Application.configure do
   # Settings specified here will take precedence over those in config/application.rb
 
+  # Do not eager load code on boot. This avoids loading your whole application
+  # just for the purpose of running a single test. If you are using a tool that
+  # preloads Rails for running tests, you may have to set it to true.
+  config.eager_load = false
+
   # The test environment is used exclusively to run your application's
   # test suite. You never need to work with it otherwise. Remember that
   # your test database is "scratch space" for the test suite and is wiped
@@ -13,9 +18,6 @@ Growstuff::Application.configure do
   config.serve_static_assets = true
   config.static_cache_control = "public, max-age=3600"
 
-  # Log error messages when you accidentally call methods on nil
-  config.whiny_nils = true
-
   # Show full error reports and disable caching
   config.consider_all_requests_local       = true
   config.action_controller.perform_caching = false
@@ -31,12 +33,12 @@ Growstuff::Application.configure do
   # ActionMailer::Base.deliveries array.
   config.action_mailer.delivery_method = :test
 
-  # Raise exception on mass assignment protection for Active Record models
-  config.active_record.mass_assignment_sanitizer = :strict
-
   # Print deprecation notices to the stderr
   config.active_support.deprecation = :stderr
 
+  # Raises error for missing translations
+  # config.action_view.raise_on_missing_translations = true
+  
   # Growstuff config
   config.new_crops_request_link = "http://example.com/not-a-real-url"
   config.action_mailer.default_url_options = { :host => 'localhost:8080' }

config/initializers/friendly_id.rb

@@ -0,0 +1,88 @@
+# FriendlyId Global Configuration
+#
+# Use this to set up shared configuration options for your entire application.
+# Any of the configuration options shown here can also be applied to single
+# models by passing arguments to the `friendly_id` class method or defining
+# methods in your model.
+#
+# To learn more, check out the guide:
+#
+# http://norman.github.io/friendly_id/file.Guide.html
+
+FriendlyId.defaults do |config|
+  # ## Reserved Words
+  #
+  # Some words could conflict with Rails's routes when used as slugs, or are
+  # undesirable to allow as slugs. Edit this list as needed for your app.
+  # config.use :reserved
+
+  # config.reserved_words = %w(new edit index session login logout users admin
+  #   stylesheets assets javascripts images)
+
+  #  ## Friendly Finders
+  #
+  # Uncomment this to use friendly finders in all models. By default, if
+  # you wish to find a record by its friendly id, you must do:
+  #
+  #    MyModel.friendly.find('foo')
+  #
+  # If you uncomment this, you can do:
+  #
+  #    MyModel.find('foo')
+  #
+  # This is significantly more convenient but may not be appropriate for
+  # all applications, so you must explicity opt-in to this behavior. You can
+  # always also configure it on a per-model basis if you prefer.
+  #
+  # Something else to consider is that using the :finders addon boosts
+  # performance because it will avoid Rails-internal code that makes runtime
+  # calls to `Module.extend`.
+  #
+  # config.use :finders
+  #
+  # ## Slugs
+  #
+  # Most applications will use the :slugged module everywhere. If you wish
+  # to do so, uncomment the following line.
+  #
+  # config.use :slugged
+  #
+  # By default, FriendlyId's :slugged addon expects the slug column to be named
+  # 'slug', but you can change it if you wish.
+  #
+  # config.slug_column = 'slug'
+  #
+  # When FriendlyId can not generate a unique ID from your base method, it appends
+  # a UUID, separated by a single dash. You can configure the character used as the
+  # separator. If you're upgrading from FriendlyId 4, you may wish to replace this
+  # with two dashes.
+  #
+  # config.sequence_separator = '-'
+  #
+  #  ## Tips and Tricks
+  #
+  #  ### Controlling when slugs are generated
+  #
+  # As of FriendlyId 5.0, new slugs are generated only when the slug field is
+  # nil, but if you're using a column as your base method can change this
+  # behavior by overriding the `should_generate_new_friendly_id` method that
+  # FriendlyId adds to your model. The change below makes FriendlyId 5.0 behave
+  # more like 4.0.
+  #
+  # config.use Module.new {
+  #   def should_generate_new_friendly_id?
+  #     slug.blank? || <your_column_name_here>_changed?
+  #   end
+  # }
+  #
+  # FriendlyId uses Rails's `parameterize` method to generate slugs, but for
+  # languages that don't use the Roman alphabet, that's not usually suffient. Here
+  # we use the Babosa library to transliterate Russian Cyrillic slugs to ASCII. If
+  # you use this, don't forget to add "babosa" to your Gemfile.
+  #
+  # config.use Module.new {
+  #   def normalize_friendly_id(text)
+  #     text.to_slug.normalize! :transliterations => [:russian, :latin]
+  #   end
+  # }
+end

config/initializers/inflections.rb

@@ -16,4 +16,11 @@
 
 ActiveSupport::Inflector.inflections do |inflect|
   inflect.plural 'square foot', 'square feet'
+  inflect.plural 'broccoli', 'broccoli'
+  inflect.plural 'kale', 'kale'
+  inflect.plural 'squash', 'squash'
+  inflect.plural 'bok choy', 'bok choy'
+  inflect.plural 'achiote', 'achiote'
+  inflect.plural 'alfalfa', 'alfalfa'
+  inflect.plural 'allspice', 'allspice'
 end