restarone · Pralish · Mar 28, 2023 · Mar 28, 2023 · Mar 28, 2023 · Mar 28, 2023
diff --git a/.env.test b/.env.test
@@ -5,7 +5,7 @@ DATABASE_PASSWORD=password
 DATABASE_NAME=r_solutions_test
 DATABASE_PORT=5432
 REDIS_URL=redis://solutions_redis:6379/12
-APP_HOST=lvh.me:5250
+APP_HOST=restarone.com
 RECAPTCHA_SITE_KEY=6Lc6BAAAAAAAAChqRbQZcn_yyyyyyyyyyyyyyyyy
 RECAPTCHA_SECRET_KEY=6Lc6BAAAAAAAAKN3DRm6VA_xxxxxxxxxxxxxxxxx
 SECRET_KEY_BASE='38c72586473e364229897f24f1892f1dc5565776878aa4d8c6bf051258622bd2e923b926ab59b40f912b661216f764d993e8d6b8bbfbc33026e5c954b6c51f9b'

diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
@@ -16,7 +16,7 @@ def after_sign_in_path_for(resource)
         after_sign_in_path
       else
         # tenant
-        root_url(subdomain: Apartment::Tenant.current)
+        root_url
       end
     end
   end
@@ -26,7 +26,7 @@ def after_accept_path_for(resource)
     if after_sign_up_path
       return after_sign_up_path
     else
-      return root_url(subdomain: Apartment::Tenant.current)
+      return root_url
     end
   end
 

diff --git a/app/controllers/signin_wizard_controller.rb b/app/controllers/signin_wizard_controller.rb
@@ -12,7 +12,7 @@ def update
   end
 
   def finish_wizard_path
-    root_url(subdomain: params[:schema])
+    root_url
   end
 
   private

diff --git a/app/controllers/users/registrations_controller.rb b/app/controllers/users/registrations_controller.rb
@@ -122,7 +122,7 @@ def resolve_redirect
     if after_sign_up_path
       return after_sign_up_path
     else
-      return root_url(subdomain: Apartment::Tenant.current)
+      return root_url
     end
   end
 

diff --git a/app/helpers/api_resources_helper.rb b/app/helpers/api_resources_helper.rb
@@ -2,7 +2,7 @@ module ApiResourcesHelper
   def show_file(file, label)
     return unless file.attached?
 
-    file_url = rails_blob_url(file, subdomain: Apartment::Tenant.current)
+    file_url = rails_blob_url(file)
     output = ''
     output << <<-HTML
     #{image_tag (file.content_type.include?('image') ? file_url : ''), id: "#{label.parameterize.underscore}_preview_img", class: 'preview-media', style: "display: #{file.content_type.include?('image') ? 'block' : 'none'};"}

diff --git a/app/models/non_primitive_property.rb b/app/models/non_primitive_property.rb
@@ -13,10 +13,10 @@ def file_url
     if self.file? && self.attachment.attached?
       if Current.is_api_html_renderer_request
         # ActiveStorage::Current.host is only set in controller's context
-        ActiveStorage::Current.host = Rails.application.routes.url_helpers.root_url(host: Subdomain.current.hostname) if ActiveStorage::Current.host.blank?
+        ActiveStorage::Current.host = Rails.application.routes.url_helpers.root_url if ActiveStorage::Current.host.blank?
         self.attachment.blob.url(expires_in: 1.week)
       else
-        Rails.application.routes.url_helpers.rails_blob_url(self.attachment, host: Subdomain.current.hostname)
+        Rails.application.routes.url_helpers.rails_blob_url(self.attachment)
       end
     end
   end

diff --git a/app/services/violet/connection.rb b/app/services/violet/connection.rb
@@ -1,7 +1,7 @@
 # Utitlity class for external API connection plugins
 class Violet::Connection
     def get_blob_url(attachment)
-        Rails.application.routes.url_helpers.rails_blob_url(attachment, subdomain: Apartment::Tenant.current, host: ENV['APP_HOST'])
+        Rails.application.routes.url_helpers.rails_blob_url(attachment)
     end
 
     def get_subdomain_email_address

diff --git a/app/views/active_storage/blobs/_blob.html.erb b/app/views/active_storage/blobs/_blob.html.erb
@@ -1,6 +1,6 @@
 <figure class="attachment attachment--<%= blob.representable? ? "preview" : "file" %> attachment--<%= blob.filename.extension %>">
   <% if blob.representable? %>
-    <%= image_tag Rails.application.routes.url_helpers.rails_representation_url(blob.representation(resize_to_limit: local_assigns[:in_gallery] ? [ 800, 600 ] : [ 1024, 768 ]), subdomain: Apartment::Tenant.current, host: ENV['APP_HOST']) %>
+    <%= image_tag Rails.application.routes.url_helpers.rails_representation_url(blob.representation(resize_to_limit: local_assigns[:in_gallery] ? [ 800, 600 ] : [ 1024, 768 ])) %>
   <% end %>
 
   <figcaption class="attachment__caption">
@@ -10,7 +10,7 @@
       <span class="attachment__name"><%= blob.filename %></span>
       <span class="attachment__size"><%= number_to_human_size blob.byte_size %></span>
     <% end %>
-      <%= link_to Rails.application.routes.url_helpers.rails_blob_url(blob, subdomain: Apartment::Tenant.current, host: ENV['APP_HOST']),  target: '_blank' do %>
+      <%= link_to Rails.application.routes.url_helpers.rails_blob_url(blob), target: '_blank' do %>
       <span>Download</span>
     <% end %>
   </figcaption>

diff --git a/app/views/comfy/admin/api_namespaces/export_api_resources.csv.haml b/app/views/comfy/admin/api_namespaces/export_api_resources.csv.haml
@@ -24,7 +24,7 @@
     - if non_primitive_property.present? && non_primitive_property.richtext?
       - row_data << non_primitive_property.content.to_s
     - elsif non_primitive_property.present? && non_primitive_property.file?
-      - row_data << (non_primitive_property.attachment.attached? ? rails_blob_url(non_primitive_property.attachment, subdomain: Apartment::Tenant.current) : '')
+      - row_data << (non_primitive_property.attachment.attached? ? rails_blob_url(non_primitive_property.attachment) : '')
     - else
       - row_data << ''
 

diff --git a/app/views/shared/_company_logo.haml b/app/views/shared/_company_logo.haml
@@ -1,5 +1,5 @@
 - if Subdomain.current.logo.attached? 
-  = link_to root_url(subdomain: Subdomain.current.name), target: '_blank', class: 'd-flex justify-content-center align-items-center' do
-    - path = rails_blob_url(Subdomain.current.logo, subdomain: Subdomain.current.subdomain_name)
+  = link_to root_url, target: '_blank', class: 'd-flex justify-content-center align-items-center' do
+    - path = rails_blob_url(Subdomain.current.logo)
     = image_tag(path, class: 'd-none d-lg-block img-fluid p-4', size: '150x150')
 
diff --git a/app/views/simple_discussion/user_mailer/new_post.html.haml b/app/views/simple_discussion/user_mailer/new_post.html.haml
@@ -6,4 +6,4 @@
       %small commented:
     = formatted_content @forum_post.body
 %br/
-%p= link_to "Reply to this comment", forum_thread_url(@forum_post.forum_thread, anchor: "forum_post_#{@forum_post.id}", subdomain: Apartment::Tenant.current), style: "background:#be2126; color:#fff; text-decoration:none; padding: 10px 20px"
+%p= link_to "Reply to this comment", forum_thread_url(@forum_post.forum_thread, anchor: "forum_post_#{@forum_post.id}"), style: "background:#be2126; color:#fff; text-decoration:none; padding: 10px 20px"
diff --git a/app/views/simple_discussion/user_mailer/new_thread.html.haml b/app/views/simple_discussion/user_mailer/new_thread.html.haml
@@ -6,4 +6,4 @@
       %small commented:
     = formatted_content @forum_post.body
 %br/
-%p= link_to "Reply to this comment", forum_thread_url(@forum_post.forum_thread, anchor: "forum_post_#{@forum_post.id}", subdomain: Apartment::Tenant.current), style: "background:#be2126; color:#fff; text-decoration:none; padding: 10px 20px"
+%p= link_to "Reply to this comment", forum_thread_url(@forum_post.forum_thread, anchor: "forum_post_#{@forum_post.id}"), style: "background:#be2126; color:#fff; text-decoration:none; padding: 10px 20px"
diff --git a/app/views/user_mailer/send_otp.html.erb b/app/views/user_mailer/send_otp.html.erb
@@ -1 +1 @@
-Your OTP for <%= link_to Subdomain.current.name, Rails.application.routes.url_helpers.root_url(subdomain: Subdomain.current.name, host: ENV['APP_HOST']) %> is: <%= @user.current_otp %>
+Your OTP for <%= link_to Subdomain.current.name, Rails.application.routes.url_helpers.root_url %> is: <%= @user.current_otp %>
diff --git a/app/views/users/mailer/invitation_instructions.html.haml b/app/views/users/mailer/invitation_instructions.html.haml
@@ -1,7 +1,7 @@
 = render partial: 'shared/company_logo'
 %p= t("devise.mailer.invitation_instructions.hello", email: @resource.email)
-%p= t("devise.mailer.invitation_instructions.someone_invited_you", url: root_url(subdomain: @resource.subdomain))
-%p= link_to t("devise.mailer.invitation_instructions.accept"), accept_invitation_url(@resource, invitation_token: @token, subdomain: @resource.subdomain)
+%p= t("devise.mailer.invitation_instructions.someone_invited_you", url: root_url)
+%p= link_to t("devise.mailer.invitation_instructions.accept"), accept_invitation_url(@resource, invitation_token: @token)
 - if @resource.invitation_due_at
   %p= t("devise.mailer.invitation_instructions.accept_until", due_date: l(@resource.invitation_due_at, format: :'devise.mailer.invitation_instructions.accept_until_format'))
 %p= t("devise.mailer.invitation_instructions.ignore")
diff --git a/app/views/users/mailer/reset_password_instructions.html.haml b/app/views/users/mailer/reset_password_instructions.html.haml
@@ -2,6 +2,6 @@
 %p
   = "Hello #{@resource.email}!"
 %p Someone has requested a link to change your password. You can do this through the link below.
-%p= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token, subdomain: Apartment::Tenant.current)
+%p= link_to 'Change my password', edit_password_url(@resource, reset_password_token: @token)
 %p If you didn't request this, please ignore this email.
 %p Your password won't change until you access the link above and create a new one.
diff --git a/app/views/users/mailer/unlock_instructions.html.haml b/app/views/users/mailer/unlock_instructions.html.haml
@@ -3,4 +3,4 @@
   = "Hello #{@resource.email}!"
 %p Your account has been locked due to an excessive number of unsuccessful sign in attempts.
 %p Click the link below to unlock your account:
-%p= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token, subdomain: Subdomain.current.name)
+%p= link_to 'Unlock my account', unlock_url(@resource, unlock_token: @token)
diff --git a/config/initializers/apartment.rb b/config/initializers/apartment.rb
@@ -115,9 +115,9 @@
 # }
 
 # Rails.application.config.middleware.use Apartment::Elevators::Domain
-Rails.application.config.middleware.use Apartment::Elevators::Generic,
+Rails.application.config.middleware.insert_before Warden::Manager, Apartment::Elevators::Generic,
                       Proc.new { |request|
-                        hostname = request.host.split('.')[0]
+                        hostname = ActionDispatch::Http::URL.extract_subdomain(request.host, 1)
                         Apartment.tenant_names.include?(hostname) ? hostname : 'public'
                       }
 # Rails.application.config.middleware.use Apartment::Elevators::Subdomain

diff --git a/config/initializers/comfortable_mexican_sofa.rb b/config/initializers/comfortable_mexican_sofa.rb
@@ -5,7 +5,7 @@ def authenticate
       return true
     else
       flash.alert = "You do not have the permission to do that. Only users who can_access_admin are allowed to perform that action."
-      redirect_to root_url(subdomain: Apartment::Tenant.current)
+      redirect_to root_url
     end
   end
 end

diff --git a/config/initializers/default_url_options.rb b/config/initializers/default_url_options.rb
@@ -0,0 +1,31 @@
+module ActionDispatch::Routing
+  module RouteSetExtensions
+    # This allows lambdas as subdomain parameter for `default_url_options`:
+    #
+    #    Rails.application.routes.default_url_options = {
+    #      host: 'example.com',
+    #      protocol: 'https',
+    #      subdomain: lambda { ... }
+    #    }
+    #
+    def url_for(options, route_name = nil, url_strategy = ActionDispatch::Routing::RouteSet::UNKNOWN, method_name = nil, reserved = ActionDispatch::Routing::RouteSet::RESERVED_OPTIONS)
+      options[:subdomain] = options[:subdomain].call if options[:subdomain].respond_to? :call
+
+      if Rails.application.routes.default_url_options[:subdomain].respond_to? :call
+        options[:subdomain] ||= Rails.application.routes.default_url_options[:subdomain].call
+      end
+
+      super(options, route_name, url_strategy, reserved)
+    end
+  end
+
+  class RouteSet
+    prepend RouteSetExtensions
+  end
+end
+
+Rails.application.routes.default_url_options = {
+  host: ENV['APP_HOST'],
+  subdomain: lambda { Apartment::Tenant.current != 'public' ? Apartment::Tenant.current : '' },
+  protocol: (Rails.env.production? || Rails.env.staging?) ? 'https': 'http'
+}
diff --git a/config/initializers/force_ssl.rb b/config/initializers/force_ssl.rb
diff --git a/test/controllers/admin/comfy/admin_controller_test.rb b/test/controllers/admin/comfy/admin_controller_test.rb
@@ -4,43 +4,42 @@ class Comfy::Admin::Cms::BaseControllerTest < ActionDispatch::IntegrationTest
   setup do
     @user = users(:public)
     @user_subdomain = @user.subdomain
-    @restarone_subdomain = Subdomain.find_by(name: 'restarone')
-    Apartment::Tenant.switch @restarone_subdomain.name do
-      @unauthorized_user = User.create!(email: '[email protected]', password: '123456', password_confirmation: '123456')
-      @unauthorized_user.update(confirmed_at: Time.now)
-    end
     sign_in(@user)
   end
 
   test "get comfy root" do
     get comfy_admin_cms_url(subdomain: @user_subdomain)
-    assert_redirected_to comfy_admin_cms_site_pages_path(subdomain: @user_subdomain, site_id: Comfy::Cms::Site.first.id)
+    assert_redirected_to comfy_admin_cms_site_pages_path(site_id: Comfy::Cms::Site.first.id)
   end
 
   test "should not get admin index if not logged in" do
     sign_out(@user)
-    get comfy_admin_cms_site_layouts_url(subdomain: @user_subdomain, site_id: Comfy::Cms::Site.first.id)
+    get comfy_admin_cms_site_layouts_url(site_id: Comfy::Cms::Site.first.id)
     assert_response :redirect
-    assert_redirected_to new_user_session_path(subdomain: @user_subdomain)
+    assert_redirected_to new_user_session_path
   end
 
   test "should not get admin index if attempting to access different subdomain than what they are associated with" do
-    get comfy_admin_cms_site_layouts_url(subdomain: @restarone_subdomain.name, site_id: Comfy::Cms::Site.first.id)
+    restarone_subdomain = Subdomain.find_by(name: 'restarone')
+    Apartment::Tenant.switch restarone_subdomain.name do
+      unauthorized_user = User.create!(email: '[email protected]', password: '123456', password_confirmation: '123456')
+      unauthorized_user.update(confirmed_at: Time.now)
+    end
+    get comfy_admin_cms_site_layouts_url(subdomain: restarone_subdomain.name, site_id: Comfy::Cms::Site.first.id)
     assert_response :redirect
-    assert_redirected_to root_url
+    assert_redirected_to root_url(subdomain: restarone_subdomain.name)
   end
 
-
   test "should redirect to layouts#new while accessing layouts#index if there are no layouts" do
     Comfy::Cms::Layout.delete_all
-    get comfy_admin_cms_site_layouts_url(subdomain: @user_subdomain, site_id: Comfy::Cms::Site.first.id)
+    get comfy_admin_cms_site_layouts_url(site_id: Comfy::Cms::Site.first.id)
     assert_response :redirect
-    assert_redirected_to new_comfy_admin_cms_site_layout_url(subdomain: @user_subdomain, site_id: Comfy::Cms::Site.first.id)
+    assert_redirected_to new_comfy_admin_cms_site_layout_url(site_id: Comfy::Cms::Site.first.id)
     assert_redirected_to action: :new
   end
 
   test "should get admin index" do
-    get comfy_admin_cms_site_layouts_url(subdomain: @user_subdomain, site_id: Comfy::Cms::Site.first.id)
+    get comfy_admin_cms_site_layouts_url(site_id: Comfy::Cms::Site.first.id)
     assert_template :index
     assert_response :success
   end
@@ -50,8 +49,8 @@ class Comfy::Admin::Cms::BaseControllerTest < ActionDispatch::IntegrationTest
     sign_out(@user)
     @user.update(confirmed_at: nil)
     sign_in(@user)
-    get comfy_admin_cms_site_layouts_url(subdomain: @user_subdomain, site_id: Comfy::Cms::Site.first.id)
+    get comfy_admin_cms_site_layouts_url(site_id: Comfy::Cms::Site.first.id)
     assert_response :redirect
-    assert_redirected_to new_user_session_path(subdomain: @user_subdomain)
+    assert_redirected_to new_user_session_path
   end
 end
diff --git a/test/controllers/admin/comfy/api_namespaces_controller_test.rb b/test/controllers/admin/comfy/api_namespaces_controller_test.rb
@@ -317,7 +317,7 @@ class Comfy::Admin::ApiNamespacesControllerTest < ActionDispatch::IntegrationTes
     "</div>\n\""
 
     expected_csv = "id,api_namespace_id,null,array,number,object,string,boolean,created_at,updated_at,user_id,file_upload_one,richtext_field,file_upload_two\n" \
-    "#{resource_one.id},#{api_namespace.id},#{resource_one.properties['null']},#{resource_one.properties['array']},#{resource_one.properties['number']},\"{\"\"a\"\"=>\"\"apple\"\"}\",#{resource_one.properties['string']},\"\",#{resource_one.created_at},#{resource_one.updated_at},#{resource_one.user_id},#{rails_blob_url(file_upload_one, subdomain: Apartment::Tenant.current)},#{richtext_field},#{rails_blob_url(file_upload_two, subdomain: Apartment::Tenant.current)}\n" \
+    "#{resource_one.id},#{api_namespace.id},#{resource_one.properties['null']},#{resource_one.properties['array']},#{resource_one.properties['number']},\"{\"\"a\"\"=>\"\"apple\"\"}\",#{resource_one.properties['string']},\"\",#{resource_one.created_at},#{resource_one.updated_at},#{resource_one.user_id},#{rails_blob_url(file_upload_one)},#{richtext_field},#{rails_blob_url(file_upload_two)}\n" \
     "#{resource_two.id},#{api_namespace.id},#{resource_two.properties['null']},#{resource_two.properties['array']},#{resource_two.properties['number']},\"{\"\"b\"\"=>\"\"ball\"\"}\",#{resource_two.properties['string']},\"\",#{resource_two.created_at},#{resource_two.updated_at},#{resource_two.user_id},\"\",\"\",\"\"\n"
 
     assert_response :success

diff --git a/test/controllers/admin/comfy/pages_controller_test.rb b/test/controllers/admin/comfy/pages_controller_test.rb
@@ -72,9 +72,9 @@ class Comfy::Admin::Cms::PagesControllerTest < ActionDispatch::IntegrationTest
         } }, headers: {"HTTP_COOKIE" => "cookies_accepted=true;"}
       end
 
+      assert_response :redirect
+      assert_redirected_to action: :edit, id: @page
     end
-    assert_response :redirect
-    assert_redirected_to action: :edit, id: @page
   end
 
   test 'does not track page update (if tracking is enabled but cookies not consented)' do
@@ -95,9 +95,10 @@ class Comfy::Admin::Cms::PagesControllerTest < ActionDispatch::IntegrationTest
           ]
         } }
       end
+
+      assert_response :redirect
+      assert_redirected_to action: :edit, id: @page
     end
-    assert_response :redirect
-    assert_redirected_to action: :edit, id: @page
   end
 
   test 'does not track page update (if tracking is disabled)' do
@@ -118,9 +119,10 @@ class Comfy::Admin::Cms::PagesControllerTest < ActionDispatch::IntegrationTest
           ]
         } }
       end
+
+      assert_response :redirect
+      assert_redirected_to action: :edit, id: @page
     end
-    assert_response :redirect
-    assert_redirected_to action: :edit, id: @page
   end
 
   test 'does not track page update (if tracking is enabled and cookies disabled)' do
@@ -141,9 +143,10 @@ class Comfy::Admin::Cms::PagesControllerTest < ActionDispatch::IntegrationTest
           ]
         } }, headers: {"HTTP_COOKIE" => "cookies_accepted=false;"}
       end
+
+      assert_response :redirect
+      assert_redirected_to action: :edit, id: @page
     end
-    assert_response :redirect
-    assert_redirected_to action: :edit, id: @page
   end
 
   test 'does not track page update (if tracking is disabled and cookies enabled)' do
@@ -164,8 +167,9 @@ class Comfy::Admin::Cms::PagesControllerTest < ActionDispatch::IntegrationTest
           ]
         } }, headers: {"HTTP_COOKIE" => "cookies_accepted=true;"}
       end
+
+      assert_response :redirect
+      assert_redirected_to action: :edit, id: @page
     end
-    assert_response :redirect
-    assert_redirected_to action: :edit, id: @page
   end
 end
diff --git a/test/controllers/admin/subdomain_requests_controller_test.rb b/test/controllers/admin/subdomain_requests_controller_test.rb
@@ -22,14 +22,13 @@ class Admin::SubdomainRequestsControllerTest < ActionDispatch::IntegrationTest
     assert_template layout: "admin"
   end
 
-  test 'allows #index if not global admin (restarone)' do
+  test 'denies #index if global admin from not public schema (restarone)' do
     @restarone_user.update(global_admin: true)
     Apartment::Tenant.switch @restarone_subdomain do
       sign_in(@restarone_user)
       get admin_subdomain_requests_url
-      assert_response :success
-      assert_template :index
-      assert_template layout: "admin"
+      assert flash.alert
+      assert_response :redirect
     end
   end
 

diff --git a/test/controllers/admin/subdomains_controller_test.rb b/test/controllers/admin/subdomains_controller_test.rb
@@ -20,14 +20,13 @@ class Admin::SubdomainsControllerTest < ActionDispatch::IntegrationTest
     assert_template layout: "admin"
   end
 
-  test 'allows #index if global admin (restarone)' do
+  test 'denies #index if global admin (restarone)' do
     @restarone_user.update(global_admin: true)
     Apartment::Tenant.switch @restarone_subdomain.name do
       sign_in(@restarone_user)
       get admin_subdomains_url
-      assert_response :success
-      assert_template :index
-      assert_template layout: "admin"
+      assert flash.alert
+      assert_response :redirect
     end
   end
-Original file line number
+Diff line change
@@ Expand Up / @@ -12,7 +12,7 @@ def update @@
       end
       def finish_wizard_path
-        root_url(subdomain: params[:schema])
+        root_url
       end
       private
@@ Expand Down @@
Original file line number	Diff line number	Diff line change
		@@ -1 +1 @@
		Your OTP for <%= link_to Subdomain.current.name, Rails.application.routes.url_helpers.root_url(subdomain: Subdomain.current.name, host: ENV['APP_HOST']) %> is: <%= @user.current_otp %>
		Your OTP for <%= link_to Subdomain.current.name, Rails.application.routes.url_helpers.root_url %> is: <%= @user.current_otp %>