Fall raking 🍂 🧹 (#552)

Gemfile

@@ -12,8 +12,6 @@ gem "sqlite3"
 gem "puma"
 gem "redis"
 
-gem "airrecord" # Airtable client
-
 # Assets
 gem "sprockets-rails"
 gem "sass-rails"

Gemfile.lock

@@ -490,7 +490,6 @@ PLATFORMS
 
 DEPENDENCIES
   active_storage_validations
-  airrecord
   appsignal
   audits1984
   aws-sdk-locationservice

app/controllers/admin/hackathons_controller.rb

@@ -15,13 +15,7 @@ def update
     if @hackathon.update(hackathon_params)
       redirect_to admin_hackathon_path(@hackathon)
     else
-      flash.now[:notice] = @hackathon.errors.full_messages.to_sentence
-
-      respond_to do |format|
-        format.turbo_stream { render turbo_stream: turbo_stream.replace("flash", partial: "shared/flash") }
-
-        format.html { render :edit, status: :unprocessable_entity }
-      end
+      stream_flash_notice @hackathon.errors.full_messages.to_sentence
     end
   end
 
@@ -38,6 +32,7 @@ def destroy
   def hackathon_params
     params.require(:hackathon).permit(
       :name,
+      :status,
       :website,
       :logo,
       :banner,

app/controllers/admin/users_controller.rb

@@ -8,13 +8,7 @@ def index
     if (user = User.find_by_email_address @email_address.downcase)
       redirect_to admin_user_path(user)
     else
-      flash.now[:notice] = "User not found."
-
-      respond_to do |format|
-        format.turbo_stream { render turbo_stream: turbo_stream.replace("flash", partial: "shared/flash") }
-
-        format.html { render :index, status: :unprocessable_entity }
-      end
+      stream_flash_notice "User not found."
     end
   end
 
@@ -25,13 +19,7 @@ def update
     if @user.update(user_params)
       redirect_to admin_user_path(@user)
     else
-      flash.now[:notice] = @user.errors.full_messages.first
-
-      respond_to do |format|
-        format.turbo_stream { render turbo_stream: turbo_stream.replace("flash", partial: "shared/flash") }
-
-        format.html { render :edit, status: :unprocessable_entity }
-      end
+      stream_flash_notice @user.errors.full_messages.first
     end
   end
 

app/controllers/application_controller.rb

@@ -4,4 +4,5 @@ class ApplicationController < ActionController::Base
 
   include SetCurrentRequestDetails
   include Authenticate
+  include StreamFlashes
 end

app/controllers/concerns/authenticate.rb

@@ -16,8 +16,7 @@ def allow_unauthenticated_access(**)
 
   def authenticate
     if (session = User::Session.find_by(token: cookies.signed[:session_token]))
-      session.access
-      Current.session = session
+      Current.session = session.access
 
       # handle cookies that weren't initially set as HTTP-only / Secure
       cookies.permanent.signed[:session_token] = {value: cookies.signed[:session_token], httponly: true, secure: Rails.env.production?}

app/controllers/concerns/stream_flashes.rb

@@ -0,0 +1,8 @@
+module StreamFlashes
+  private
+
+  def stream_flash_notice(notice = flash.now[:notice])
+    flash.now[:notice] = notice
+    render turbo_stream: turbo_stream.replace("flash", partial: "shared/flash")
+  end
+end

app/controllers/database_dumps_controller.rb

@@ -1,5 +1,5 @@
 class DatabaseDumpsController < ApplicationController
-  before_action :set_database_dump, except: [:index, :create]
+  before_action :set_database_dump, except: %i[index create]
 
   def index
     @database_dumps = DatabaseDump.all

app/controllers/hackathons/submissions_controller.rb

@@ -1,5 +1,5 @@
 class Hackathons::SubmissionsController < ApplicationController
-  skip_before_action :redirect_if_unauthenticated, only: [:new, :create]
+  allow_unauthenticated_access only: %i[new create]
 
   def index
     @hackathons = Hackathon.not_approved.where applicant: Current.user
@@ -47,15 +47,13 @@ def hackathon_params
       :starts_at,
       :ends_at,
       :modality,
-      # Location
       :street,
       :city,
       :province,
       :postal_code,
       :country_code,
       :expected_attendees,
       :high_school_led,
-      # Swag
       swag_request_attributes: [
         mailing_address_attributes: [
           :line1,

app/controllers/hackathons/subscriptions/bulk_controller.rb

@@ -1,20 +1,16 @@
 class Hackathons::Subscriptions::BulkController < ApplicationController
-  skip_before_action :redirect_if_unauthenticated
+  allow_unauthenticated_access
 
   before_action :set_user
   before_action :set_subscriptions
 
-  # Marking subscriptions as active. Used for undoing an "Unsubscribe from all".
-  # PUT /users/:user_id/subscriptions/bulk
   def update
     @count = @subscriptions.map(&:resubscribe).count(true)
 
     redirect_to Hackathon::Subscription.manage_subscriptions_url_for(@user),
       notice: "Resubscribed to #{@count} #{"locations".pluralize(@count)}."
   end
 
-  # Marking subscriptions as inactive.
-  # DELETE /users/:user_id/subscriptions/bulk
   def destroy
     @count = @subscriptions.map(&:unsubscribe).count(true)
 
@@ -25,7 +21,6 @@ def destroy
   private
 
   def set_user
-    # We're using signed ids here to avoid the need for authentication.
     @user = User.find_signed!(params[:user_id], purpose: :manage_subscriptions)
   end
 

app/controllers/hackathons/subscriptions_controller.rb

@@ -1,30 +1,24 @@
 class Hackathons::SubscriptionsController < ApplicationController
-  skip_before_action :redirect_if_unauthenticated
+  allow_unauthenticated_access
   before_action :set_user
 
-  # Manage subscriptions for a user.
-  # GET /users/:user_id/subscriptions
   def index
     return if @expired
 
     @subscriptions = @user.subscriptions.active
   end
 
-  # Unsubscribe from all subscriptions for a user.
-  # GET /users/:user_id/subscriptions/unsubscribe_all
   def unsubscribe_all
     return if @expired
 
     @subscriptions = @user.subscriptions.active
 
-    @unsubscribed_ids = @subscriptions.pluck(:id)
     @unsubscribe_count = @subscriptions.map(&:unsubscribe).count(true)
   end
 
   private
 
   def set_user
-    # We're using signed ids here to avoid the need for authentication.
     @user = User.find_signed(params[:user_id], purpose: :manage_subscriptions)
     @expired = @user.nil?
   end

app/controllers/users/sessions_controller.rb

@@ -3,25 +3,12 @@ class Users::SessionsController < ApplicationController
   before_action :redirect_if_authenticated, except: :destroy
 
   def new
-    authentication = User::Authentication.find_by(token: params[:auth_token])
-    return redirect_to sign_in_path unless authentication
-
-    if authentication.expired?
-      authentication.reject reason: :expired
-      return redirect_to sign_in_path
-    end
-
-    if authentication.succeeded?
-      authentication.reject reason: :previously_succeeded
-      return redirect_to sign_in_path
+    if (auth = User.authenticate(params[:auth_token]))
+      cookies.permanent.signed[:session_token] = {value: auth.token, httponly: true, secure: Rails.env.production?}
+      redirect_to hackathons_submissions_path
+    else
+      redirect_to sign_in_path, notice: "Invalid or expired, try again!"
     end
-
-    authentication.complete
-    session = authentication.create_session!
-
-    cookies.permanent.signed[:session_token] = {value: session.token, httponly: true, secure: Rails.env.production?}
-
-    redirect_to hackathons_submissions_path
   end
 
   def destroy

app/jobs/hackathons/digests_delivery_job.rb

@@ -2,17 +2,17 @@ class Hackathons::DigestsDeliveryJob < ApplicationJob
   sidekiq_options retry: 20 # up to 6.5 days
 
   def perform
-    sent_digests = []
+    sent_digest_ids = []
     current_subscribers.find_each do |subscriber|
       next unless new_digest_pertinent?(subscriber)
 
       digest = subscriber.digests.new
 
       digest.save! unless digest.invalid? && digest.listings.none?
-      sent_digests << digest if digest.persisted?
+      sent_digest_ids << digest.id if digest.persisted?
     end
   ensure
-    Hackathons::DigestMailer.admin_summary(sent_digests).deliver_later if sent_digests.any?
+    Hackathons::DigestMailer.admin_summary(sent_digest_ids).deliver_later if sent_digest_ids.any?
   end
 
   private

app/mailers/hackathons/digest_mailer.rb

@@ -1,20 +1,18 @@
 class Hackathons::DigestMailer < ApplicationMailer
-  def digest
-    @digest = params[:digest]
-    @recipient = @digest.recipient
+  def digest(digest)
+    @digest = digest
+    @recipient = digest.recipient
 
-    @listings_by_subscription = @digest.listings
+    @listings_by_subscription = digest.listings
       .includes(:subscription, hackathon: {logo_attachment: :blob})
       .group_by(&:subscription)
 
     set_unsubscribe_urls_for @recipient
     mail to: @recipient.email_address, subject: "Hackathons near you"
   end
 
-  def admin_summary(sent_digests)
-    # This reloads the (possible) sent_digests array as an
-    # ActiveRecord::Relation so that we can use includes to prevent an N+1.
-    @sent_digests = Hackathon::Digest.where(id: sent_digests.map(&:id))
+  def admin_summary(sent_digest_ids)
+    @sent_digests = Hackathon::Digest.where(id: sent_digest_ids)
 
     @sent_digests_by_hackathons = @sent_digests
       .includes(listings: {hackathon: {logo_attachment: :blob}})