cirandas.net

ref: master

config/application.rb


  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
require_relative 'boot'

require 'pp'
require 'rails/all'

# Silence Rails 5 deprecation warnings
ActiveSupport::Deprecation.silenced = true

Bundler.require :default, :assets, Rails.env, :performance
Bundler.require :profile if Rails.env.development?

# init dependencies at vendor, loaded at the Gemfile
$: << 'vendor/plugins'
vendor = Dir['vendor/{,plugins/}*'] - ['vendor/plugins']
vendor.each do |dir|
  init_rb = "#{dir}/init.rb"
  require_relative "../#{init_rb}" if File.file? init_rb
end

require_relative '../lib/extensions'
require_relative '../lib/noosfero'
require_relative '../lib/noosfero/plugin'
require_relative '../lib/noosfero/multi_tenancy'

module Noosfero
  class Application < Rails::Application

    # The plugin xss_terminator(located in vendor/plugins/xss_terminator) and the helper
    # SanitizeHelper(located in app/helpers/sanitize_helper.rb) use
    # ALLOWED_TAGS and ALLOWED_ATTRIBUTES to make a sanitize with html.

    ALLOWED_TAGS = %w(object embed param table tr th td applet comment iframe audio video source
    strong em b i p code pre tt samp kbd var sub sup dfn cite big small address hr br div span h1
    h2 h3 h4 h5 h6 ul ol li dl dt dd abbr acronym a img blockquote del ins a)

    ALLOWED_ATTRIBUTES = %w(name href cite class title src xml:lang height datetime alt abbr width
      vspace hspace heigth value type data style target codebase archive data-macro align border
      classid code flashvars scrolling frameborder controls autoplay colspan id rowspan)

    config.action_view.sanitized_allowed_tags = ALLOWED_TAGS
    config.action_view.sanitized_allowed_attributes = ALLOWED_ATTRIBUTES

    config.action_controller.include_all_helpers = false

    # Settings in config/environments/* take precedence over those specified here.
    # Application configuration should go into files in config/initializers
    # -- all .rb files in that directory are automatically loaded.

    # Custom directories with classes and modules you want to be autoloadable.
    [config.eager_load_paths, config.autoload_paths].each do |path|
      path << config.root.join('app')
      path << config.root.join('app/sweepers')
      path.concat Dir["#{config.root}/app/controllers/**/"]
    end

    # Only load the plugins named here, in the order given (default is alphabetical).
    # :all can be used as a placeholder for all plugins not explicitly named.
    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]

    # Activate observers that should always be running.
    # Sweepers are observers
    # don't load the sweepers while loading the database
    ignore_rake_commands = %w[
      db:schema:load
      gems:install
      clobber
      noosfero:translations:compile
      makemo
    ]
    if $PROGRAM_NAME =~ /rake$/ && (ignore_rake_commands.include?(ARGV.first))
      Noosfero::Plugin.should_load = false
    else
      config.active_record.observers = :article_sweeper, :role_assignment_sweeper, :friendship_sweeper, :category_sweeper, :block_sweeper
    end

    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
    config.i18n.available_locales = Noosfero.available_locales
    config.i18n.default_locale = nil
    config.i18n.enforce_available_locales = false

    # Configure the default encoding used in templates for Ruby 1.9.
    config.encoding = "utf-8"

    # Configure sensitive parameters which will be filtered from the log file.
    config.filter_parameters += [:password]

    ##
    # Configure ActiveJob
    #
    config.active_job.queue_adapter = :delayed_job

    # Enable escaping HTML in JSON.
    ActiveSupport::JSON::Encoding.escape_html_entities_in_json = true

    # Use SQL instead of Active Record's schema dumper when creating the database.
    # This is necessary if your schema can't be completely dumped by the schema dumper,
    # like if you have constraints or database-specific column types
    # config.active_record.schema_format = :sql

    # Enforce whitelist mode for mass assignment.
    # This will create an empty whitelist of attributes available for mass-assignment for all models
    # in your app. As such, your models will need to explicitly whitelist or blacklist accessible
    # parameters by using an attr_accessible or attr_protected declaration.
    config.active_record.whitelist_attributes = true

    # Asset pipeline
    config.assets.paths =
      Dir.glob("app/assets/plugins/*/{,stylesheets,javascripts}") +
      Dir.glob("app/assets/{,stylesheets,javascripts}") +
      # no precedence over core
      Dir.glob("app/assets/designs/{icons,themes,user_themes}/*")

    # rack lock is nothing but trouble, get rid of it
    # for some reason still seeing it in Rails 4
    # needed for message_bus: https://github.com/SamSaffron/message_bus/issues/17
    config.middleware.delete Rack::Lock

    # disable strong_parameters before migration from protected_attributes
    config.action_controller.permit_all_parameters = true
    # Version of your assets, change this if you want to expire all your assets
    config.assets.version = '1.0'

    config.sass.preferred_syntax = :scss
    config.sass.cache = true
    config.sass.line_comments = false

    config.action_dispatch.session = {key: '_noosfero_session'}
    config.session_store :active_record_store, key: '_noosfero_session'

    config.paths['config/routes.rb'] =
      Dir['config/routes/*.rb'] +
      Dir['config/routes/profile/*.rb'] +
      Dir['config/routes/myprofile/*.rb'] +
      Dir['config/routes/admin/*.rb'] +
      Dir['{baseplugins,config/plugins}/*/config/routes**.rb'] +
      Dir['config/routes/cms/*.rb']

    config.paths['db/migrate'].concat Dir.glob("{baseplugins,config/plugins}/*/db/migrate")
    config.i18n.load_path.concat Dir.glob("{baseplugins,config/plugins}/*/locales/*.{rb,yml}")

    begin
      # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
      # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
      config.time_zone = File.read('/etc/timezone').split("\n").first
    rescue
      config.time_zone = :utc
    end
    # timezone varies for each request, see ApplicationController#set_time_zone
    config.active_record.default_timezone = :utc

    config.middleware.use Noosfero::MultiTenancy::Middleware

    Noosfero::Plugin.setup config

    #config.eager_load_paths.concat config.autoload_paths
    config.eager_load = true
  end
end