Avoid using exception but simply errors attribute contained in object

and then expect the right values.

.env.development

@@ -11,9 +11,3 @@ OFN_REDIS_URL="redis://localhost:6379/1"
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"
 
 SITE_URL="0.0.0.0:3000"
-
-# Deactivate rack-timeout in development.
-# https://github.com/zombocom/rack-timeout#configuring
-RACK_TIMEOUT_SERVICE_TIMEOUT="0"
-RACK_TIMEOUT_WAIT_TIMEOUT="0"
-RACK_TIMEOUT_WAIT_OVERTIME="0"

.github/workflows/brakeman-analysis.yml

@@ -41,7 +41,6 @@ jobs:
     - name: Scan
       continue-on-error: true
       run: |
-        git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
         brakeman -f sarif -o output.sarif.json .
 
     # Upload the SARIF file generated in the previous step

.github/workflows/build.yml

@@ -68,6 +68,7 @@ jobs:
           bundle exec rake db:schema:load
 
       - name: Run tests
+
         env:
           KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: 864ef557d85ea8e603e086c0387d5154
           KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
@@ -81,8 +82,8 @@ jobs:
           # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
           #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb}" 
+        
         run: |
-          git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
           bundle exec rake knapsack_pro:rspec
 
   knapsack_rspec_models:

.github/workflows/linters.yml

@@ -9,11 +9,7 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v1
-
       - uses: ruby/setup-ruby@v1
-
-      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-
       - name: rubocop
         uses: reviewdog/action-rubocop@v2
         with:
@@ -36,8 +32,6 @@ jobs:
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
 
-      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-
       - name: prettier
         uses: EPMatt/reviewdog-action-prettier@v1
         with:

.node-version

@@ -1 +1 @@
-17.9.1
+14.21.2

.rubocop_styleguide.yml

@@ -2,8 +2,9 @@
 #
 # These are the rules we agreed upon and we work towards.
 AllCops:
-  NewCops: enable
+  NewCops: disable
   SuggestExtensions: false
+  TargetRailsVersion: 5.0
   Exclude:
     - 'bin/**/*'
     - 'db/**/*'

CONTRIBUTING.md

@@ -57,7 +57,6 @@ TL;DR:
 * Maintain a clean commit history
 * Use a style consistent with the rest of the codebase
 * Before submitting, [rebase your work][rebase] on the current master branch
-* After submitting, be sure to check the [CI test results](ci). Click on a ❌ result to view the logged results and investigate.
 
 From here, your pull request will progress through the [Review, Test, Merge & Deploy process][process].
 
@@ -72,4 +71,3 @@ From here, your pull request will progress through the [Review, Test, Merge & De
 [ofn-transifex]: https://www.transifex.com/open-food-foundation/open-food-network/
 [i18n]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Internationalisation-%28i18n%29
 [welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/2
-[ci]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Continuous-Integration

Dockerfile

@@ -28,9 +28,8 @@ RUN apt-get update && apt-get install -y \
   gnupg
 
 # Setup ENV variables
-ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:/usr/local/src/nodenv/shims:/usr/local/src/nodenv/bin:$PATH
+ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:$PATH
 ENV RBENV_ROOT /usr/local/src/rbenv
-ENV NODENV_ROOT /usr/local/src/nodenv
 ENV CONFIGURE_OPTS --disable-install-doc
 ENV BUNDLE_PATH /bundles
 ENV LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so
@@ -54,19 +53,10 @@ RUN sh -c "echo 'deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-
     apt-get update && \
     apt-get install -yqq --no-install-recommends postgresql-client-10 libpq-dev
 
-
-# trim spaces and line return from .node-version file
-COPY .node-version .node-version.raw
-RUN cat .node-version.raw | tr -d '\r\t ' > .node-version
-
-# Install Node and Yarn with Nodenv
-RUN git clone --depth 1 https://github.com/nodenv/nodenv.git ${NODENV_ROOT} && \
-    git clone --depth 1 https://github.com/nodenv/node-build.git ${NODENV_ROOT}/plugins/node-build && \
-    git clone --depth 1 https://github.com/pine/nodenv-yarn-install.git ${NODENV_ROOT}/plugins/nodenv-yarn-install && \
-    git clone --depth 1 https://github.com/nodenv/nodenv-package-rehash.git ${NODENV_ROOT}/plugins/nodenv-package-rehash && \
-    echo 'eval "$(nodenv init -)"' >> /etc/profile.d/nodenv.sh && \
-    nodenv install $(cat .node-version) && \
-    nodenv global $(cat .node-version)
+# Install NodeJs and yarn
+RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \
+    && apt-get install --no-install-recommends -y nodejs \
+    && npm install -g yarn
 
 # Install Chrome
 RUN wget --quiet -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \

GETTING_STARTED.md

@@ -48,14 +48,14 @@ Fetch the latest version of `master` from `upstream` (ie. the main repo):
 First, you need to create the database user the app will use by manually typing the following in your terminal:
 
 ```sh
-sudo --login --user=postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"
+$ sudo -u postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"
 ```
 
 This will create the "ofn" user as superuser and allowing it to create databases. If this command fails, check the [troubleshooting section](#creating-the-database) for an alternative.
 
 Next, it is _strongly recommended_ to run the setup script.
 ```sh
-./script/setup
+$ script/setup
 ```
 If the script succeeds you're ready to start developing. If not, take a look at the output as it should be informative enough to help you troubleshoot.
 
@@ -114,13 +114,13 @@ Below are fixes to potential issues that can happen during the installation proc
 
 #### Creating the database
 
-If the `sudo -u postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"` command doesn't work, you can run the following commands instead:
+If the ```$ sudo -u postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"``` command doesn't work, you can run the following commands instead:
 ```
-createuser --superuser --pwprompt ofn
-# Enter password for new role: f00d
-# Enter it again: f00d
-createdb open_food_network_dev --owner=ofn
-createdb open_food_network_test --owner=ofn
+$ createuser --superuser --pwprompt ofn
+Enter password for new role: f00d
+Enter it again: f00d
+$ createdb open_food_network_dev --owner=ofn
+$ createdb open_food_network_test --owner=ofn
 ```
 If these commands succeed, you should be able to [continue the setup process](#get-it-running).
 

Gemfile

@@ -6,7 +6,7 @@ git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 gem 'dotenv-rails', require: 'dotenv/rails-now' # Load ENV vars before other gems
 
-gem 'rails'
+gem 'rails', '>= 6.1.4'
 
 # Active Storage
 gem "active_storage_validations"
@@ -27,7 +27,7 @@ gem 'rails-i18n'
 gem 'rails_safe_tasks', '~> 1.0'
 
 gem "activerecord-import"
-gem "db2fog", github: "openfoodfoundation/db2fog", branch: "rails-7"
+gem "db2fog", github: "openfoodfoundation/db2fog", branch: "rails-6"
 gem "fog-aws", "~> 2.0" # db2fog does not support v3
 gem "mime-types" # required by fog
 
@@ -92,7 +92,6 @@ gem 'gmaps4rails'
 gem 'mimemagic', '> 0.3.5'
 gem 'paper_trail', '~> 12.1'
 gem 'rack-rewrite'
-gem 'rack-timeout'
 gem 'roadie-rails'
 
 gem 'hiredis'
@@ -101,8 +100,8 @@ gem 'redis', '>= 4.0', require: ['redis', 'redis/connection/hiredis']
 gem 'sidekiq'
 gem 'sidekiq-scheduler'
 
-gem "cable_ready", "5.0.0.rc2"
-gem "stimulus_reflex", "3.5.0.rc2"
+gem "cable_ready", "5.0.0.pre9"
+gem "stimulus_reflex", "3.5.0.pre9"
 
 gem 'combine_pdf'
 gem 'wicked_pdf'
@@ -137,11 +136,9 @@ gem 'view_component_reflex', '3.1.14.pre9'
 
 gem 'mini_portile2', '~> 2.8'
 
-gem "faraday"
-gem "private_address_check"
-
 group :production, :staging do
   gem 'ddtrace'
+  gem 'rack-timeout'
   gem 'sd_notify' # For better Systemd process management. Used by Puma.
 end
 

Gemfile.lock

@@ -1,12 +1,12 @@
 GIT
   remote: https://github.com/openfoodfoundation/db2fog.git
-  revision: 6e88c0ab9eeb23d7ad9964b27becb1c04a83141f
-  branch: rails-7
+  revision: 5b63343847452f52aa42f7fc169d6ab3af57cda3
+  branch: rails-6
   specs:
     db2fog (0.9.2)
-      activerecord (>= 3.2.0)
+      activerecord (>= 3.2.0, < 7.0)
       fog-core (~> 1.0)
-      rails (>= 3.2.0)
+      rails (>= 3.2.0, < 7.0)
 
 GIT
   remote: https://github.com/openfoodfoundation/select2-rails.git
@@ -44,49 +44,42 @@ GEM
   remote: https://rubygems.org/
   specs:
     Ascii85 (1.1.0)
-    actioncable (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actioncable (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailbox (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      activejob (= 6.1.7.2)
+      activerecord (= 6.1.7.2)
+      activestorage (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       mail (>= 2.7.1)
-      net-imap
-      net-pop
-      net-smtp
-    actionmailer (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailer (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      actionview (= 6.1.7.2)
+      activejob (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       mail (~> 2.5, >= 2.5.4)
-      net-imap
-      net-pop
-      net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (7.0.4.3)
-      actionview (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      rack (~> 2.0, >= 2.2.0)
+    actionpack (6.1.7.2)
+      actionview (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
     actionpack-action_caching (1.2.2)
       actionpack (>= 4.0.0)
-    actiontext (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      globalid (>= 0.6.0)
+    actiontext (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      activerecord (= 6.1.7.2)
+      activestorage (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       nokogiri (>= 1.8.5)
-    actionview (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionview (6.1.7.2)
+      activesupport (= 6.1.7.2)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -98,19 +91,19 @@ GEM
       activemodel (>= 5.2.0)
       activestorage (>= 5.2.0)
       activesupport (>= 5.2.0)
-    activejob (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activejob (6.1.7.2)
+      activesupport (= 6.1.7.2)
       globalid (>= 0.3.6)
     activemerchant (1.123.0)
       activesupport (>= 4.2)
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
       nokogiri (~> 1.4)
-    activemodel (7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activerecord (7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activemodel (6.1.7.2)
+      activesupport (= 6.1.7.2)
+    activerecord (6.1.7.2)
+      activemodel (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
     activerecord-import (1.4.1)
       activerecord (>= 4.2)
     activerecord-postgresql-adapter (0.0.1)
@@ -121,23 +114,24 @@ GEM
       multi_json (~> 1.11, >= 1.11.2)
       rack (>= 2.0.8, < 3)
       railties (>= 5.2.4.1)
-    activestorage (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activestorage (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      activejob (= 6.1.7.2)
+      activerecord (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (7.0.4.3)
+    activesupport (6.1.7.2)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
+      zeitwerk (~> 2.3)
     acts-as-taggable-on (9.0.1)
       activerecord (>= 6.0, < 7.1)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
-    addressable (2.8.2)
+    addressable (2.8.1)
       public_suffix (>= 2.0.2, < 6.0)
     aes_key_wrap (1.1.0)
     afm (0.2.2)
@@ -157,16 +151,16 @@ GEM
     awesome_nested_set (3.5.0)
       activerecord (>= 4.0.0, < 7.1)
     aws-eventstream (1.2.0)
-    aws-partitions (1.750.0)
-    aws-sdk-core (3.171.0)
+    aws-partitions (1.711.0)
+    aws-sdk-core (3.170.0)
       aws-eventstream (~> 1, >= 1.0.2)
       aws-partitions (~> 1, >= 1.651.0)
       aws-sigv4 (~> 1.5)
       jmespath (~> 1, >= 1.6.1)
-    aws-sdk-kms (1.63.0)
+    aws-sdk-kms (1.62.0)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.121.0)
+    aws-sdk-s3 (1.119.1)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.4)
@@ -184,14 +178,16 @@ GEM
     bullet (7.0.7)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
-    cable_ready (5.0.0.rc2)
+    cable_ready (5.0.0.pre9)
+      actioncable (>= 5.2)
       actionpack (>= 5.2)
       actionview (>= 5.2)
+      activerecord (>= 5.2)
       activesupport (>= 5.2)
       railties (>= 5.2)
       thread-local (>= 1.1.0)
     cancancan (1.15.0)
-    capybara (3.39.0)
+    capybara (3.38.0)
       addressable
       matrix
       mini_mime (>= 0.1.3)
@@ -215,11 +211,11 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    combine_pdf (1.0.23)
+    combine_pdf (1.0.22)
       matrix
       ruby-rc4 (>= 0.1.5)
     concurrent-ruby (1.2.2)
-    connection_pool (2.4.0)
+    connection_pool (2.3.0)
     crack (0.4.5)
       rexml
     crass (1.0.6)
@@ -228,9 +224,9 @@ GEM
     cuprite (0.14.3)
       capybara (~> 3.0)
       ferrum (~> 0.13.0)
-    database_cleaner (2.0.2)
-      database_cleaner-active_record (>= 2, < 3)
-    database_cleaner-active_record (2.1.0)
+    database_cleaner (2.0.1)
+      database_cleaner-active_record (~> 2.0.0)
+    database_cleaner-active_record (2.0.0)
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
@@ -241,11 +237,11 @@ GEM
       libddwaf (~> 1.6.2.0.0)
       msgpack
     debase-ruby_core_source (3.2.0)
-    debug (1.7.2)
+    debug (1.7.1)
       irb (>= 1.5.0)
       reline (>= 0.3.1)
     debugger-linecache (1.2.0)
-    devise (4.9.2)
+    devise (4.8.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -253,8 +249,8 @@ GEM
       warden (~> 1.2.3)
     devise-encryptable (0.2.0)
       devise (>= 2.1.0)
-    devise-i18n (1.11.0)
-      devise (>= 4.9.0)
+    devise-i18n (1.10.3)
+      devise (>= 4.8.0)
     devise-token_authenticatable (1.1.0)
       devise (>= 4.0.0, < 5.0.0)
     diff-lcs (1.5.0)
@@ -287,17 +283,15 @@ GEM
       websocket-driver (>= 0.6, < 0.8)
     ffaker (2.21.0)
     ffi (1.15.5)
-    flipper (0.26.2)
-      concurrent-ruby (< 2)
-    flipper-active_record (0.26.2)
-      activerecord (>= 4.2, < 8)
-      flipper (~> 0.26.2)
-    flipper-ui (0.26.2)
+    flipper (0.20.4)
+    flipper-active_record (0.20.4)
+      activerecord (>= 5.0, < 7)
+      flipper (~> 0.20.4)
+    flipper-ui (0.20.4)
       erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 0.26.2)
+      flipper (~> 0.20.4)
       rack (>= 1.4, < 3)
-      rack-protection (>= 1.5.3, <= 4.0.0)
-      sanitize (< 7)
+      rack-protection (>= 1.5.3, < 2.2.0)
     fog-aws (2.0.1)
       fog-core (~> 1.38)
       fog-json (~> 1.0)
@@ -349,7 +343,7 @@ GEM
       activerecord (>= 3.0)
     io-console (0.6.0)
     ipaddress (0.8.3)
-    irb (1.6.3)
+    irb (1.6.2)
       reline (>= 0.3.0)
     jmespath (1.6.2)
     jquery-rails (4.4.0)
@@ -373,7 +367,7 @@ GEM
     jsonapi-serializer (2.2.0)
       activesupport (>= 4.2)
     jwt (2.7.0)
-    knapsack_pro (3.9.0)
+    knapsack_pro (3.8.0)
       rake
     launchy (2.5.0)
       addressable (~> 2.7)
@@ -386,7 +380,7 @@ GEM
     listen (3.8.0)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.20.0)
+    loofah (2.19.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
     mail (2.8.1)
@@ -408,7 +402,7 @@ GEM
     mini_portile2 (2.8.1)
     mini_racer (0.6.3)
       libv8-node (~> 16.10.0.0)
-    minitest (5.18.0)
+    minitest (5.17.0)
     monetize (1.12.0)
       money (~> 6.12)
     money (6.16.0)
@@ -425,8 +419,8 @@ GEM
       timeout
     net-smtp (0.3.3)
       net-protocol
-    nio4r (2.5.9)
-    nokogiri (1.14.3)
+    nio4r (2.5.8)
+    nokogiri (1.14.2)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     oauth2 (1.4.11)
@@ -465,7 +459,7 @@ GEM
     parallel (1.22.1)
     paranoia (2.6.1)
       activerecord (>= 5.1, < 7.1)
-    parser (3.2.2.0)
+    parser (3.2.1.1)
       ast (~> 2.4.1)
     paypal-sdk-core (0.3.4)
       multi_json (~> 1.0)
@@ -480,16 +474,15 @@ GEM
       ttfunk
     pg (1.2.3)
     power_assert (2.0.2)
-    private_address_check (0.5.0)
     pry (0.13.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
     public_suffix (5.0.1)
-    puma (6.2.2)
+    puma (6.1.1)
       nio4r (~> 2.0)
     raabro (1.4.0)
     racc (1.6.2)
-    rack (2.2.6.4)
+    rack (2.2.6.3)
     rack-mini-profiler (2.3.4)
       rack (>= 1.2.0)
     rack-oauth2 (1.21.3)
@@ -498,28 +491,29 @@ GEM
       httpclient
       json-jwt (>= 1.11.0)
       rack (>= 2.1.0)
-    rack-protection (3.0.5)
+    rack-protection (2.1.0)
       rack
     rack-proxy (0.7.6)
       rack
     rack-rewrite (1.5.1)
-    rack-test (2.1.0)
+    rack-test (2.0.2)
       rack (>= 1.3)
     rack-timeout (0.6.3)
-    rails (7.0.4.3)
-      actioncable (= 7.0.4.3)
-      actionmailbox (= 7.0.4.3)
-      actionmailer (= 7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actiontext (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    rails (6.1.7.2)
+      actioncable (= 6.1.7.2)
+      actionmailbox (= 6.1.7.2)
+      actionmailer (= 6.1.7.2)
+      actionpack (= 6.1.7.2)
+      actiontext (= 6.1.7.2)
+      actionview (= 6.1.7.2)
+      activejob (= 6.1.7.2)
+      activemodel (= 6.1.7.2)
+      activerecord (= 6.1.7.2)
+      activestorage (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       bundler (>= 1.15.0)
-      railties (= 7.0.4.3)
+      railties (= 6.1.7.2)
+      sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -538,13 +532,12 @@ GEM
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 8)
     rails_safe_tasks (1.0.0)
-    railties (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    railties (6.1.7.2)
+      actionpack (= 6.1.7.2)
+      activesupport (= 6.1.7.2)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
-      zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.0.6)
     ransack (2.6.0)
@@ -556,10 +549,10 @@ GEM
       ffi (~> 1.0)
     redcarpet (3.6.0)
     redis (4.8.1)
-    redis-client (0.14.1)
+    redis-client (0.13.0)
       connection_pool
-    regexp_parser (2.8.0)
-    reline (0.3.3)
+    regexp_parser (2.7.0)
+    reline (0.3.2)
       io-console (~> 0.5)
     request_store (1.5.1)
       rack (>= 1.4)
@@ -612,19 +605,19 @@ GEM
     rswag-ui (2.8.0)
       actionpack (>= 3.1, < 7.1)
       railties (>= 3.1, < 7.1)
-    rubocop (1.50.2)
+    rubocop (1.48.1)
       json (~> 2.3)
       parallel (~> 1.10)
       parser (>= 3.2.0.0)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.26.0, < 2.0)
       ruby-progressbar (~> 1.7)
       unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.0)
+    rubocop-ast (1.27.0)
       parser (>= 3.2.1.0)
-    rubocop-rails (2.19.1)
+    rubocop-rails (2.18.0)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.33.0, < 2.0)
@@ -638,9 +631,6 @@ GEM
     rubyzip (2.3.2)
     rufus-scheduler (3.8.2)
       fugit (~> 1.1, >= 1.1.6)
-    sanitize (6.0.1)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
     sass (3.4.25)
     sass-rails (5.0.8)
       railties (>= 5.2.0)
@@ -652,7 +642,7 @@ GEM
     semantic_range (3.0.0)
     shoulda-matchers (5.3.0)
       activesupport (>= 5.2.0)
-    sidekiq (7.0.9)
+    sidekiq (7.0.6)
       concurrent-ruby (< 2)
       connection_pool (>= 2.3.0)
       rack (>= 2.2.4)
@@ -687,18 +677,18 @@ GEM
     state_machines-activerecord (0.8.0)
       activerecord (>= 5.1)
       state_machines-activemodel (>= 0.8.0)
-    stimulus_reflex (3.5.0.rc2)
-      actioncable (>= 5.2, < 8)
-      actionpack (>= 5.2, < 8)
-      actionview (>= 5.2, < 8)
-      activesupport (>= 5.2, < 8)
-      cable_ready (>= 5.0.0.rc2)
-      nokogiri (~> 1.0)
-      rack (>= 2, < 4)
-      railties (>= 5.2, < 8)
-      redis (>= 4.0, < 6.0)
-    stringex (2.8.6)
-    stripe (8.5.0)
+    stimulus_reflex (3.5.0.pre9)
+      actioncable (>= 5.2)
+      actionpack (>= 5.2)
+      actionview (>= 5.2)
+      activesupport (>= 5.2)
+      cable_ready (>= 5.0.0.pre9)
+      nokogiri
+      rack
+      railties (>= 5.2)
+      redis
+    stringex (2.8.5)
+    stripe (8.3.0)
     swd (1.3.0)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
@@ -716,7 +706,7 @@ GEM
       concurrent-ruby (~> 1.0)
     unicode-display_width (2.4.2)
     uniform_notifier (1.16.0)
-    valid_email2 (4.0.6)
+    valid_email2 (4.0.5)
       activemodel (>= 3.2)
       mail (~> 2.5)
     validate_email (0.1.6)
@@ -791,7 +781,7 @@ DEPENDENCIES
   bootsnap
   bugsnag
   bullet
-  cable_ready (= 5.0.0.rc2)
+  cable_ready (= 5.0.0.pre9)
   cancancan (~> 1.15.0)
   capybara
   catalog!
@@ -811,7 +801,6 @@ DEPENDENCIES
   digest
   dotenv-rails
   factory_bot_rails (= 6.2.0)
-  faraday
   ffaker
   flipper
   flipper-active_record
@@ -854,13 +843,12 @@ DEPENDENCIES
   paypal-sdk-merchant (= 1.117.2)
   pdf-reader
   pg (~> 1.2.3)
-  private_address_check
   pry (~> 0.13.0)
   puma
   rack-mini-profiler (< 3.0.0)
   rack-rewrite
   rack-timeout
-  rails
+  rails (>= 6.1.4)
   rails-controller-testing
   rails-erd
   rails-i18n
@@ -889,7 +877,7 @@ DEPENDENCIES
   spring
   spring-commands-rspec
   state_machines-activerecord
-  stimulus_reflex (= 3.5.0.rc2)
+  stimulus_reflex (= 3.5.0.pre9)
   stringex (~> 2.8.5)
   stripe
   test-unit (~> 3.5)

Procfile

@@ -1,5 +1,5 @@
 # Foreman Procfile. Start all dev server processes with: `foreman start`
 
-rails:      DEV_CACHING=true bundle exec rails s -p 3000
+rails:      bundle exec rails s -p 3000
 webpack:    ./bin/webpack-dev-server
-sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default
+sidekiq:    bundle exec sidekiq -q mailers -q default

app/assets/javascripts/admin/admin_ofn.js.coffee

@@ -12,6 +12,5 @@ angular.module("ofn.admin", [
   "admin.orders"
 ]).config ($httpProvider, $locationProvider, $qProvider) ->
   $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"
-  # for the next line, you should also probably check file: app/assets/javascripts/admin/utils/utils.js.coffee
   $locationProvider.hashPrefix('')
   $qProvider.errorOnUnhandledRejections(false)

app/assets/javascripts/admin/enterprises/controllers/enterprise_controller.js.coffee

@@ -61,6 +61,9 @@ angular.module("admin.enterprises")
     $scope.removePromoImage = ->
       $scope.performEnterpriseAction("removePromoImage", "immediate_promo_image_removal_warning", "removed_promo_image_successfully")
 
+    $scope.removeTermsAndConditions = ->
+      $scope.performEnterpriseAction("removeTermsAndConditions", "immediate_terms_and_conditions_removal_warning", "removed_terms_and_conditions_successfully")
+
     $scope.performEnterpriseAction = (enterpriseActionName, warning_message_key, success_message_key) ->
       return unless confirm($scope.translation(warning_message_key))
 

app/assets/javascripts/admin/enterprises/directives/terms_and_conditions_warning.js.coffee

@@ -0,0 +1,32 @@
+angular.module("admin.enterprises").directive 'termsAndConditionsWarning', ($rootScope, $compile, $templateCache, DialogDefaults, $timeout) ->
+  restrict: 'A'
+  scope: true
+
+  link: (scope, element, attr) ->
+    # This file input click handler will hold the browser file input dialog and show a warning modal
+    scope.hold_file_input_and_show_warning_modal = (event) ->
+      event.preventDefault()
+      scope.template = $compile($templateCache.get('admin/modals/terms_and_conditions_warning.html'))(scope)
+      if scope.template.dialog
+        scope.template.dialog(DialogDefaults)
+        scope.template.dialog('open')
+      $rootScope.$evalAsync()
+
+    element.bind 'click', scope.hold_file_input_and_show_warning_modal
+
+    # When the user presses continue in the warning modal, we open the browser file input dialog
+    scope.continue = ->
+      scope.template.dialog('close')
+      $rootScope.$evalAsync()
+
+      # unbind warning modal handler and click file input again to open the browser file input dialog
+      element.unbind('click').trigger('click')
+      # afterwards, bind warning modal handler again so that the warning is shown the next time
+      $timeout ->
+        element.bind 'click', scope.hold_file_input_and_show_warning_modal
+      return
+
+    scope.close = ->
+      scope.template.dialog('close')
+      $rootScope.$evalAsync()
+      return

app/assets/javascripts/admin/index_utils/services/sort_options.js.coffee

@@ -11,6 +11,5 @@ angular.module("admin.indexUtils").factory 'SortOptions', ->
       sortingExpr
 
     toggle: (predicate) ->
-      # predicate is a string or an array of strings
-      @reverse = (JSON.stringify(@predicate) == JSON.stringify(predicate)) && !@reverse
+      @reverse = (@predicate == predicate) && !@reverse
       @predicate = predicate

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -17,15 +17,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   ]
   $scope.page = 1
   $scope.per_page = $scope.per_page_options[0].id
-  $scope.filterByVariantId = null
-  searchThrough = ["order_distributor_name",
-    "order_bill_address_phone",
-    "order_bill_address_firstname",
-    "order_bill_address_lastname",
-    "variant_product_supplier_name",
-    "order_email",
-    "order_number",
-    "product_name"].join("_or_") + "_cont"
+  
 
   $scope.confirmRefresh = ->
     LineItems.allSaved() || confirm(t("unsaved_changes_warning"))
@@ -34,7 +26,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     $scope.distributorFilter = ''
     $scope.supplierFilter = ''
     $scope.orderCycleFilter = ''
-    $scope.query = ''
+    $scope.quickSearch = ''
     $scope.startDate = undefined
     $scope.endDate = undefined
     event = new CustomEvent('flatpickr:clear')
@@ -68,8 +60,6 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
     [formattedStartDate, formattedEndDate] = $scope.formatDates($scope.startDate, $scope.endDate)
 
     RequestMonitor.load LineItems.index(
-      "q[#{searchThrough}]": $scope.query,
-      "q[variant_id_eq]": $scope.filterByVariantId if $scope.filterByVariantId,
       "q[order_state_not_eq]": "canceled",
       "q[order_shipment_state_not_eq]": "shipped",
       "q[order_completed_at_not_null]": "true",
@@ -178,17 +168,6 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   $scope.setSelectedUnitsVariant = (unitsProduct,unitsVariant) ->
     $scope.selectedUnitsProduct = unitsProduct
     $scope.selectedUnitsVariant = unitsVariant
-    $scope.filterByVariantId = unitsVariant.id
-    $scope.page = 1
-    $scope.refreshData()
-
-  $scope.resetSelectedUnitsVariant = ->
-    $scope.selectedUnitsProduct = { }
-    $scope.selectedUnitsVariant = { }
-    $scope.filterByVariantId = null
-    $scope.sharedResource = false
-    $scope.page = 1
-    $scope.refreshData()
 
   $scope.getLineItemScale = (lineItem) ->
     if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume") 

app/assets/javascripts/admin/line_items/filters/variant_filter.js.coffee

@@ -0,0 +1,6 @@
+angular.module("admin.lineItems").filter "variantFilter", ->
+    return (lineItems,selectedUnitsProduct,selectedUnitsVariant,sharedResource) ->
+      filtered = []
+      filtered.push lineItem for lineItem in lineItems when (angular.equals(selectedUnitsProduct,{}) ||
+        (lineItem.units_product.id == selectedUnitsProduct.id && (sharedResource || lineItem.units_variant.id == selectedUnitsVariant.id ) ) )
+      filtered

app/assets/javascripts/admin/order_cycles/controllers/edit.js.coffee

@@ -18,6 +18,7 @@ angular.module('admin.orderCycles')
 
     $scope.submit = ($event, destination) ->
       $event.preventDefault()
+      NavigationCheck.clear()
       StatusMessage.display 'progress', t('js.saving')
       OrderCycle.update(destination, $scope.order_cycle_form)
 

app/assets/javascripts/admin/order_cycles/controllers/order_cycles_controller.js.coffee

@@ -33,11 +33,9 @@ angular.module("admin.orderCycles").controller "OrderCyclesCtrl", ($scope, $q, C
     StatusMessage.display 'notice', "You have unsaved changes" if newVal
 
   $scope.showMore = (days) ->
-    orderCycles = OrderCycles.index(ams_prefix: "index", 
-    "q[orders_close_at_gt]": "#{daysFromToday($scope.ordersCloseAtLimit - days)}", 
-    "q[orders_close_at_lteq]": "#{daysFromToday($scope.ordersCloseAtLimit)}"
-    )
     $scope.ordersCloseAtLimit -= days
+    existingIDs = Object.keys(OrderCycles.byID)
+    orderCycles = OrderCycles.index(ams_prefix: "index", "q[orders_close_at_gt]": "#{daysFromToday($scope.ordersCloseAtLimit)}", "q[id_not_in][]": existingIDs)
     orderCycles.$promise.then ->
       $scope.orderCycles.push(orderCycle) for orderCycle in orderCycles
       compileData()

app/assets/javascripts/admin/resources/resources/enterprise_resource.js.coffee

@@ -14,4 +14,7 @@ angular.module("admin.resources").factory 'EnterpriseResource', ($resource) ->
     'removePromoImage':
       url: '/api/v0/enterprises/:id/promo_image.json'
       method: 'DELETE'
+    'removeTermsAndConditions':
+      url: '/api/v0/enterprises/:id/terms_and_conditions.json'
+      method: 'DELETE'
   })

app/assets/javascripts/admin/resources/services/enterprises.js.coffee

@@ -63,3 +63,4 @@ angular.module("admin.resources").factory 'Enterprises', ($q, $filter, Enterpris
 
     removeLogo: performActionOnEnterpriseResource(EnterpriseResource.removeLogo)
     removePromoImage: performActionOnEnterpriseResource(EnterpriseResource.removePromoImage)
+    removeTermsAndConditions: performActionOnEnterpriseResource(EnterpriseResource.removeTermsAndConditions)

app/assets/javascripts/admin/spree/taxons/taxonomy.js.coffee

@@ -8,7 +8,7 @@ handle_move = (e, data) ->
   node = data.rslt.o
   new_parent = data.rslt.np
 
-  url = new URL(Spree.routes.admin_taxonomy_taxons)
+  url = new URL(base_url)
   url.pathname = url.pathname + '/' + node.attr("id") 
   data = {
     _method: "put",

app/assets/javascripts/admin/utils/utils.js.coffee

@@ -1,4 +1,3 @@
 angular.module("admin.utils", ["templates", "ngSanitize"]).config ($httpProvider, $locationProvider) ->
- # for the next line, you should also probably check file: app/assets/javascripts/admin/admin_ofn.js.coffee
  $locationProvider.hashPrefix('')
  $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"

app/assets/javascripts/darkswarm/services/enterprise_modal.js.coffee

@@ -2,7 +2,6 @@ angular.module('Darkswarm').factory "EnterpriseModal", ($modal, $rootScope, $htt
   # Build a modal popup for an enterprise.
   new class EnterpriseModal
     open: (enterprise)->
-      return if enterprise.visible == 'hidden'
       scope = $rootScope.$new(true) # Spawn an isolate to contain the enterprise
       scope.embedded_layout = window.location.search.indexOf("embedded_shopfront=true") != -1
 

app/assets/javascripts/darkswarm/services/enterprise_registration_service.js.coffee

@@ -55,10 +55,6 @@ angular.module('Darkswarm').factory "EnterpriseRegistrationService", ($http, Reg
       ).catch((response) ->
         Loading.clear()
         alert(t('failed_to_update_enterprise_unknown'))
-        if response.data.errors.instagram
-          igErr = document.querySelector("#instagram-error")
-          igErr.style.display = 'block'
-          igErr.textContent = response.data.errors.instagram[0]
       )
 
     prepare: =>

app/assets/javascripts/templates/admin/modals/terms_and_conditions_warning.html.haml

@@ -0,0 +1,14 @@
+%div
+  .margin-bottom-30.text-center
+    .text-big
+      {{ 'js.admin.modals.terms_and_conditions_warning.title' | t }}
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.terms_and_conditions_warning.message_1' | t }}
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.terms_and_conditions_warning.message_2' | t }}
+
+  .text-center
+    %input.button.red{ type: 'button', value: t('js.admin.modals.close'), ng: { click: 'close()' } }
+    %input.button.red{ type: 'button', value: t('js.admin.modals.continue'), ng: { click: 'continue()' } }

app/components/confirm_modal_component.rb

@@ -1,10 +1,9 @@
 # frozen_string_literal: true
 
 class ConfirmModalComponent < ModalComponent
-  def initialize(id:, confirm_actions: nil, controllers: nil, message: nil, confirm_reflexes: nil)
+  def initialize(id:, confirm_actions: nil, controllers: nil, message: nil)
     super(id: id, close_button: true)
     @confirm_actions = confirm_actions
-    @confirm_reflexes = confirm_reflexes
     @controllers = controllers
     @message = message
   end

app/components/confirm_modal_component/confirm_modal_component.html.haml

@@ -7,4 +7,4 @@
 
     .modal-actions
       %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.cancel'), "data-action": "click->modal#close" }
-      %input{ class: "button icon-plus primary", type: 'button', value: t('js.admin.modals.confirm'), "data-action": @confirm_actions, "data-reflex": @confirm_reflexes }
+      %input{ class: "button icon-plus primary", type: 'button', value: t('js.admin.modals.confirm'), "data-action": @confirm_actions }

app/controllers/admin/customers_controller.rb

@@ -2,7 +2,6 @@
 
 require 'open_food_network/address_finder'
 
-# rubocop:disable Metrics/ClassLength
 module Admin
   class CustomersController < Admin::ResourceController
     before_action :load_managed_shops, only: :index, if: :html_request?
@@ -68,7 +67,7 @@ module Admin
 
     def collection
       if json_request? && params[:enterprise_id].present?
-        CustomersWithBalance.new(customers).query.
+        CustomersWithBalance.new(managed_enterprise_id).query.
           includes(
             :enterprise,
             { bill_address: [:state, :country] },
@@ -80,15 +79,6 @@ module Admin
       end
     end
 
-    def customers
-      return @customers if @customers.present?
-
-      @customers = Customer.managed_by(spree_current_user)
-      return @customers if params[:enterprise_id].blank?
-
-      @customers = @customers.where(enterprise_id: params[:enterprise_id])
-    end
-
     def managed_enterprise_id
       @managed_enterprise_id ||= Enterprise.managed_by(spree_current_user).
         select('enterprises.id').find_by(id: params[:enterprise_id])
@@ -130,4 +120,3 @@ module Admin
     end
   end
 end
-# rubocop:enable Metrics/ClassLength

app/controllers/admin/enterprises_controller.rb

@@ -50,7 +50,7 @@ module Admin
       if params[:stimulus]
         @enterprise.is_primary_producer = params[:is_primary_producer]
         @enterprise.sells = params[:enterprise_sells]
-        render cable_ready: cable_car.morph("#side_menu", partial("admin/shared/side_menu"))
+        render operations: cable_car.morph("#side_menu", partial("admin/shared/side_menu"))
           .morph("#permalink", partial("admin/enterprises/form/permalink"))
       end
     end

app/controllers/admin/reports_controller.rb

@@ -2,7 +2,6 @@
 
 module Admin
   class ReportsController < Spree::Admin::BaseController
-    include ActiveStorage::SetCurrent
     include ReportsActions
     helper ReportsHelper
 
@@ -22,13 +21,11 @@ module Admin
     def show
       @report = report_class.new(spree_current_user, params, render: render_data?)
 
-      if params[:report_format].present?
+      if report_format.present?
         export_report
       else
         show_report
       end
-    rescue Timeout::Error
-      render_timeout_error
     end
 
     private
@@ -39,7 +36,6 @@ module Admin
 
     def show_report
       assign_view_data
-      @table = render_report_as(:html) if render_data?
       render "show"
     end
 
@@ -49,6 +45,7 @@ module Admin
       @report_subtype = report_subtype
       @report_title = report_title
       @rendering_options = rendering_options
+      @table = render_report_as(:html) if render_data?
       @data = Reporting::FrontendData.new(spree_current_user)
     end
 
@@ -58,43 +55,17 @@ module Admin
 
     def render_report_as(format)
       if OpenFoodNetwork::FeatureToggle.enabled?(:background_reports, spree_current_user)
-        @blob = ReportBlob.create_for_upload_later!(report_filename)
-        ReportJob.perform_later(
-          report_class, spree_current_user, params, format, @blob
+        job = ReportJob.new
+        JobProcessor.perform_forked(
+          job,
+          report_class, spree_current_user, params, format
         )
-        Timeout.timeout(max_wait_time) do
-          sleep 1 until @blob.content_stored?
-        end
 
         # This result has been rendered by Rails in safe mode already.
-        @blob.result.html_safe # rubocop:disable Rails/OutputSafety
+        job.result.html_safe # rubocop:disable Rails/OutputSafety
       else
         @report.render_as(format)
       end
     end
-
-    def render_timeout_error
-      assign_view_data
-      if @blob
-        @error = ".report_taking_longer_html"
-        @error_url = @blob.url
-      else
-        @error = ".report_taking_longer"
-        @error_url = ""
-      end
-      render "show"
-    end
-
-    def max_wait_time
-      # This value is used by rack-timeout and nginx, usually 30 seconds in
-      # staging and production:
-      server_timeout = ENV.fetch("RACK_TIMEOUT_SERVICE_TIMEOUT", "15").to_f
-
-      # Zero disables the timeout:
-      return 0 if server_timeout.zero?
-
-      # We want to time out earlier than nginx:
-      server_timeout - 2.seconds
-    end
   end
 end

app/controllers/admin/subscriptions_controller.rb

@@ -16,8 +16,7 @@ module Admin
       respond_to do |format|
         format.html do
           if view_context.subscriptions_setup_complete?(@shops)
-            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user)
-              .includes([:distributors, :cached_incoming_exchanges])
+            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user).includes([:distributors, :cached_incoming_exchanges])
             @payment_methods = Spree::PaymentMethod.managed_by(spree_current_user).includes(:taggings)
             @payment_method_tags = payment_method_tags_by_id
             @shipping_methods = Spree::ShippingMethod.managed_by(spree_current_user)
@@ -26,10 +25,7 @@ module Admin
             render :setup_explanation
           end
         end
-        format.json {
-          render_as_json @collection, ams_prefix: params[:ams_prefix],
-                                      payment_method_tags: payment_method_tags_by_id
-        }
+        format.json { render_as_json @collection, ams_prefix: params[:ams_prefix], payment_method_tags: payment_method_tags_by_id }
       end
     end
 

app/controllers/admin/variant_overrides_controller.rb

@@ -63,7 +63,7 @@ module Admin
 
       options = [{ id: '0', name: 'All' }]
       import_dates.collect(&:import_date).map { |i|
-        options.push(id: i.to_date, name: i.to_date.to_fs(:long))
+        options.push(id: i.to_date, name: i.to_date.to_formatted_s(:long))
       }
 
       options

app/controllers/admin/vouchers_controller.rb

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class VouchersController < ResourceController
-    before_action :load_enterprise
-
-    def new
-      @voucher = Voucher.new
-    end
-
-    def create
-      voucher_params = permitted_resource_params.merge(enterprise: @enterprise)
-      @voucher = Voucher.create(voucher_params)
-
-      if @voucher.save
-        redirect_to(
-          "#{edit_admin_enterprise_path(@enterprise)}#vouchers_panel",
-          flash: { success: flash_message_for(@voucher, :successfully_created) }
-        )
-      else
-        flash[:error] = @voucher.errors.full_messages.to_sentence
-        render :new
-      end
-    end
-
-    private
-
-    def load_enterprise
-      @enterprise = Enterprise.find_by permalink: params[:enterprise_id]
-    end
-
-    def permitted_resource_params
-      params.require(:voucher).permit(:code)
-    end
-  end
-end

app/controllers/api/v1/base_controller.rb

@@ -106,9 +106,7 @@ module Api
       end
 
       def json_api_error(message, **options)
-        error_options = options.delete(:error_options) || {}
-
-        { errors: [{ detail: message }.merge(error_options)] }.merge(options)
+        { errors: [{ detail: message }] }.merge(options)
       end
 
       def json_api_invalid(message, errors)

app/controllers/api/v1/customers_controller.rb

@@ -6,17 +6,11 @@ module Api
   module V1
     class CustomersController < Api::V1::BaseController
       include AddressTransformation
-      include ExtraFields
 
       skip_authorization_check only: :index
 
       before_action :authorize_action, only: [:show, :update, :destroy]
 
-      # Query parameters
-      before_action only: [:index] do
-        @extra_customer_fields = extra_fields :customer, [:balance]
-      end
-
       def index
         @pagy, customers = pagy(search_customers, pagy_options)
 
@@ -57,11 +51,7 @@ module Api
       private
 
       def customer
-        @customer ||= if action_name == "show"
-                        CustomersWithBalance.new(Customer.where(id: params[:id])).query.first!
-                      else
-                        Customer.find(params[:id])
-                      end
+        @customer ||= Customer.find(params[:id])
       end
 
       def authorize_action
@@ -71,16 +61,13 @@ module Api
       def search_customers
         customers = visible_customers.includes(:bill_address, :ship_address)
         customers = customers.where(enterprise_id: params[:enterprise_id]) if params[:enterprise_id]
-
-        if @extra_customer_fields.include?(:balance)
-          customers = CustomersWithBalance.new(customers).query
-        end
-
         customers.ransack(params[:q]).result.order(:id)
       end
 
       def visible_customers
-        Customer.managed_by(current_api_user)
+        current_api_user.customers.or(
+          Customer.where(enterprise_id: editable_enterprises)
+        )
       end
 
       def customer_params
@@ -104,6 +91,10 @@ module Api
         attributes
       end
 
+      def editable_enterprises
+        OpenFoodNetwork::Permissions.new(current_api_user).editable_enterprises.select(:id)
+      end
+
       def include_options
         fields = [params.fetch(:include, [])].flatten
 

app/controllers/checkout_controller.rb

@@ -5,7 +5,6 @@ require 'open_food_network/address_finder'
 class CheckoutController < ::BaseController
   include OrderStockCheck
   include OrderCompletion
-  include WhiteLabel
 
   layout 'darkswarm'
 
@@ -28,8 +27,6 @@ class CheckoutController < ::BaseController
   before_action :associate_user
   before_action :check_authorization
 
-  before_action :hide_ofn_navigation, only: :edit
-
   helper 'spree/orders'
 
   def edit; end

app/controllers/concerns/checkout_callbacks.rb

@@ -15,7 +15,9 @@ module CheckoutCallbacks
     prepend_before_action :require_distributor_chosen
 
     before_action :load_order, :associate_user, :load_saved_addresses, :load_saved_credit_cards
-    before_action :load_shipping_methods, if: -> { params[:step] == "details" }
+    before_action :allowed_shipping_methods, if: -> {
+                                                   params[:step] == "details"
+                                                 }
 
     before_action :ensure_order_not_completed
     before_action :ensure_checkout_allowed
@@ -46,8 +48,22 @@ module CheckoutCallbacks
     @selected_card = nil
   end
 
-  def load_shipping_methods
-    @shipping_methods = available_shipping_methods.sort { |a, b| a.name.casecmp(b.name) }
+  def allowed_shipping_methods
+    @allowed_shipping_methods ||= sorted_available_shipping_methods.filter(
+      &method(:supports_all_products_shipping_categories?)
+    )
+  end
+
+  def sorted_available_shipping_methods
+    available_shipping_methods.sort { |a, b| a.name.casecmp(b.name) }
+  end
+
+  def supports_all_products_shipping_categories?(shipping_method)
+    (products_shipping_categories - shipping_method.shipping_categories.pluck(:id)).empty?
+  end
+
+  def products_shipping_categories
+    @products_shipping_categories ||= @order.products.pluck(:shipping_category_id).uniq
   end
 
   def redirect_to_shop?

app/controllers/concerns/extra_fields.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-# To be included in api controllers for handeling query params
-module ExtraFields
-  extend ActiveSupport::Concern
-
-  def invalid_query_param(name, status, msg)
-    render status: status, json: json_api_error(msg, error_options:
-      {
-        title: I18n.t("api.query_param.error.title"),
-        source: { parameter: name },
-        status: status,
-        code: Rack::Utils::SYMBOL_TO_STATUS_CODE[status]
-      })
-  end
-
-  def extra_fields(type, available_fields)
-    fields = params.dig(:extra_fields, type)&.split(',')&.compact&.map(&:to_sym)
-    return [] if fields.blank?
-
-    unknown_fields = fields - available_fields
-
-    if unknown_fields.present?
-      invalid_query_param(
-        "extra_fields[#{type}]", :unprocessable_entity,
-        I18n.t("api.query_param.error.extra_fields", fields: unknown_fields.join(', '))
-      )
-    end
-
-    fields
-  end
-end

app/controllers/concerns/manager_invitations.rb

@@ -9,10 +9,12 @@ module ManagerInvitations
     new_user.reset_password_token = Devise.friendly_token
     # Same time as used in Devise's lib/devise/models/recoverable.rb.
     new_user.reset_password_sent_at = Time.now.utc
-    if new_user.save
-      enterprise.users << new_user
-      EnterpriseMailer.manager_invitation(enterprise, new_user).deliver_later
-    end
+    new_user.save
+
+    return new_user unless new_user.valid? # Return early if user is invalid.
+
+    enterprise.users << new_user
+    EnterpriseMailer.manager_invitation(@enterprise, new_user).deliver_later
 
     new_user
   end

app/controllers/concerns/order_stock_check.rb

@@ -31,7 +31,7 @@ module OrderStockCheck
     flash[:info] = I18n.t('order_cycle_closed')
     respond_to do |format|
       format.cable_ready {
-        render status: :see_other, cable_ready: cable_car.redirect_to(url: main_app.shop_path)
+        render status: :see_other, operations: cable_car.redirect_to(url: main_app.shop_path)
       }
       format.json { render json: { path: main_app.shop_path }, status: :see_other }
       format.html { redirect_to main_app.shop_path, status: :see_other }

app/controllers/concerns/reports_actions.rb

@@ -56,7 +56,7 @@ module ReportsActions
   end
 
   def report_format
-    params[:report_format].presence || "html"
+    params[:report_format]
   end
 
   def report_filename

app/controllers/concerns/white_label.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-module WhiteLabel
-  extend ActiveSupport::Concern
-  include EnterprisesHelper
-
-  def hide_ofn_navigation(distributor = current_distributor)
-    return false unless OpenFoodNetwork::FeatureToggle.enabled?(:white_label)
-
-    # if the distributor has the hide_ofn_navigation preference set to true
-    # then we should hide the OFN navigation
-    @hide_ofn_navigation = distributor.hide_ofn_navigation
-
-    # if the distributor has the hide_ofn_navigation preference
-    # set to false, there is no need to check the white_label_logo preference
-    return unless @hide_ofn_navigation
-
-    @white_label_logo = distributor.white_label_logo
-    @white_label_distributor = distributor
-  end
-end

app/controllers/enterprises_controller.rb

@@ -7,7 +7,6 @@ class EnterprisesController < BaseController
   helper Spree::ProductsHelper
   include OrderCyclesHelper
   include SerializerHelper
-  include WhiteLabel
 
   protect_from_forgery except: :check_permalink
 
@@ -15,7 +14,6 @@ class EnterprisesController < BaseController
   prepend_before_action :set_order_cycles, :require_distributor_chosen, :reset_order, only: :shop
 
   before_action :clean_permalink, only: :check_permalink
-  before_action :hide_ofn_navigation, only: :shop
 
   respond_to :js, only: :permalink_checker
 

app/controllers/split_checkout_controller.rb

@@ -10,7 +10,6 @@ class SplitCheckoutController < ::BaseController
   include CheckoutCallbacks
   include OrderCompletion
   include CablecarResponses
-  include WhiteLabel
 
   helper 'terms_and_conditions'
   helper 'checkout'
@@ -19,14 +18,13 @@ class SplitCheckoutController < ::BaseController
   helper OrderHelper
 
   before_action :set_checkout_redirect
-  before_action :hide_ofn_navigation, only: [:edit, :update]
 
   def edit
     redirect_to_step_based_on_order unless params[:step]
     check_step if params[:step]
     recalculate_tax if params[:step] == "summary"
 
-    flash_error_when_no_shipping_method_available if available_shipping_methods.none?
+    flash_error_when_no_shipping_method_available if allowed_shipping_methods.none?
   end
 
   def update
@@ -43,7 +41,7 @@ class SplitCheckoutController < ::BaseController
   rescue Spree::Core::GatewayError => e
     flash[:error] = I18n.t(:spree_gateway_error_flash_for_checkout, error: e.message)
     @order.update_column(:state, "payment")
-    render cable_ready: cable_car.redirect_to(url: checkout_step_path(:payment))
+    render operations: cable_car.redirect_to(url: checkout_step_path(:payment))
   end
 
   private
@@ -54,7 +52,7 @@ class SplitCheckoutController < ::BaseController
       messages: order_error_messages
     )
 
-    render status: :unprocessable_entity, cable_ready: cable_car.
+    render status: :unprocessable_entity, operations: cable_car.
       replace("#checkout", partial("split_checkout/checkout")).
       replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
   end
@@ -132,7 +130,7 @@ class SplitCheckoutController < ::BaseController
     return unless selected_payment_method&.external_gateway?
     return unless (redirect_url = selected_payment_method.external_payment_url(order: @order))
 
-    render cable_ready: cable_car.redirect_to(url: redirect_url)
+    render operations: cable_car.redirect_to(url: redirect_url)
     true
   end
 
@@ -170,7 +168,7 @@ class SplitCheckoutController < ::BaseController
   end
 
   def shipping_method_ship_address_not_required?
-    selected_shipping_method = available_shipping_methods&.select do |sm|
+    selected_shipping_method = allowed_shipping_methods&.select do |sm|
       sm.id.to_s == params[:shipping_method_id]
     end
 

app/controllers/spree/admin/products_controller.rb

@@ -177,7 +177,7 @@ module Spree
       def product_import_dates
         options = [{ id: '0', name: '' }]
         product_import_dates_query.collect(&:import_date).
-          map { |i| options.push(id: i.to_date, name: i.to_date.to_fs(:long)) }
+          map { |i| options.push(id: i.to_date, name: i.to_date.to_formatted_s(:long)) }
 
         options
       end

app/controllers/spree/admin/zones_controller.rb

@@ -13,7 +13,7 @@ module Spree
 
       def collection
         params[:q] ||= {}
-        params[:q][:s] ||= "name asc"
+        params[:q][:s] ||= "ascend_by_name"
         @search = super.ransack(params[:q])
         @pagy, @zones = pagy(@search.result, items: Spree::Config[:orders_per_page])
         @zones

app/controllers/spree/orders_controller.rb

@@ -5,7 +5,6 @@ module Spree
     include OrderCyclesHelper
     include Rails.application.routes.url_helpers
     include CablecarResponses
-    include WhiteLabel
 
     layout 'darkswarm'
 
@@ -15,8 +14,7 @@ module Spree
     respond_to :html, :json
 
     before_action :check_authorization
-    before_action :set_order_from_params, only: :show
-    before_action :set_current_order, only: [:edit, :update]
+    before_action :set_current_order, only: :update
     before_action :filter_order_params, only: :update
 
     prepend_before_action :require_order_authentication, only: :show
@@ -25,12 +23,10 @@ module Spree
     before_action :check_hub_ready_for_checkout, only: :edit
     before_action :check_at_least_one_line_item, only: :update
 
-    before_action only: [:show, :edit] do
-      hide_ofn_navigation(@order.distributor)
+    def show
+      @order = Spree::Order.find_by!(number: params[:id])
     end
 
-    def show; end
-
     def empty
       if @order = current_order
         @order.empty!
@@ -41,6 +37,7 @@ module Spree
 
     # Patching to redirect to shop if order is empty
     def edit
+      @order = current_order(true)
       @insufficient_stock_lines = @order.insufficient_stock_lines
       @unavailable_order_variants = OrderCycleDistributedVariants.
         new(current_order_cycle, current_distributor).unavailable_order_variants(@order)
@@ -104,15 +101,11 @@ module Spree
         flash[:error] = I18n.t(:orders_could_not_cancel)
       end
       render status: :found,
-             cable_ready: cable_car.redirect_to(url: request.referer || main_app.order_path(@order))
+             operations: cable_car.redirect_to(url: request.referer || main_app.order_path(@order))
     end
 
     private
 
-    def set_order_from_params
-      @order = Spree::Order.find_by!(number: params[:id])
-    end
-
     def set_current_order
       @order = current_order(true)
     end

app/controllers/spree/user_sessions_controller.rb

@@ -24,11 +24,11 @@ module Spree
       if spree_user_signed_in?
         flash[:success] = t('devise.success.logged_in_succesfully')
 
-        render cable_ready: cable_car.redirect_to(
+        render operations: cable_car.redirect_to(
           url: return_url_or_default(after_sign_in_path_for(spree_current_user))
         )
       else
-        render status: :unauthorized, cable_ready: cable_car.inner_html(
+        render status: :unauthorized, operations: cable_car.inner_html(
           "#login-feedback",
           partial("layouts/alert", locals: { type: "alert", message: t('devise.failure.invalid') })
         )
@@ -60,7 +60,7 @@ module Spree
     end
 
     def render_unconfirmed_response
-      render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
+      render status: :unprocessable_entity, operations: cable_car.inner_html(
         "#login-feedback",
         partial("layouts/alert", locals: { type: "alert", message: t(:email_unconfirmed),
                                            unconfirmed: true, tab: "login" })

app/controllers/spree/users_controller.rb

@@ -30,11 +30,10 @@ module Spree
       registered = Spree::User.find_by(email: params[:email]).present?
 
       if registered
-        render status: :ok, cable_ready: cable_car.
+        render status: :ok, operations: cable_car.
           inner_html(
             "#login-feedback",
-            partial("layouts/alert", 
-              locals: { type: "alert", message: t('devise.failure.already_registered') })
+            partial("layouts/alert", locals: { type: "alert", message: t('devise.failure.already_registered') })
           ).
           dispatch_event(name: "login:modal:open")
       else
@@ -46,14 +45,12 @@ module Spree
       @user = Spree::User.new(user_params)
 
       if @user.save
-        render cable_ready: cable_car.inner_html(
+        render operations: cable_car.inner_html(
           "#signup-feedback",
-          partial("layouts/alert", 
-            locals: { type: "success",
-            message: t('devise.user_registrations.spree_user.signed_up_but_unconfirmed') })
+          partial("layouts/alert", locals: { type: "success", message: t('devise.user_registrations.spree_user.signed_up_but_unconfirmed') })
         )
       else
-        render status: :unprocessable_entity, cable_ready: cable_car.morph(
+        render status: :unprocessable_entity, operations: cable_car.morph(
           "#signup-tab",
           partial("layouts/signup_tab", locals: { signup_form_user: @user })
         )

app/controllers/user_confirmations_controller.rb

@@ -22,10 +22,9 @@ class UserConfirmationsController < DeviseController
         set_flash_message(:error, :confirmation_not_sent)
       end
     else
-      render cable_ready: cable_car.inner_html(
+      render operations: cable_car.inner_html(
         "##{params[:tab] || 'forgot'}-feedback",
-        partial("layouts/alert", 
-          locals: { type: "success", message: t("devise.confirmations.send_instructions") })
+        partial("layouts/alert", locals: { type: "success", message: t("devise.confirmations.send_instructions") })
       )
       return
     end

app/controllers/user_passwords_controller.rb

@@ -11,12 +11,12 @@ class UserPasswordsController < Spree::UserPasswordsController
     self.resource = resource_class.send_reset_password_instructions(raw_params[resource_name])
 
     if resource.errors.empty?
-      render cable_ready: cable_car.inner_html(
+      render operations: cable_car.inner_html(
         "#forgot-feedback",
         partial("layouts/alert", locals: { type: "success", message: t(:password_reset_sent) })
       )
     else
-      render status: :not_found, cable_ready: cable_car.inner_html(
+      render status: :not_found, operations: cable_car.inner_html(
         "#forgot-feedback",
         partial("layouts/alert", locals: { type: "alert", message: t(:email_not_found) })
       )
@@ -26,7 +26,7 @@ class UserPasswordsController < Spree::UserPasswordsController
   private
 
   def render_unconfirmed_response
-    render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
+    render status: :unprocessable_entity, operations: cable_car.inner_html(
       "#forgot-feedback",
       partial("layouts/alert",
               locals: { type: "alert", message: t(:email_unconfirmed),

app/controllers/webhook_endpoints_controller.rb

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-class WebhookEndpointsController < ::BaseController
-  before_action :load_resource, only: :destroy
-
-  def create
-    webhook_endpoint = spree_current_user.webhook_endpoints.new(webhook_endpoint_params)
-
-    if webhook_endpoint.save
-      flash[:success] = t('.success')
-    else
-      flash[:error] = t('.error')
-    end
-
-    redirect_to redirect_path
-  end
-
-  def destroy
-    if @webhook_endpoint.destroy
-      flash[:success] = t('.success')
-    else
-      flash[:error] = t('.error')
-    end
-
-    redirect_to redirect_path
-  end
-
-  def load_resource
-    @webhook_endpoint = spree_current_user.webhook_endpoints.find(params[:id])
-  end
-
-  def webhook_endpoint_params
-    params.require(:webhook_endpoint).permit(:url)
-  end
-
-  def redirect_path
-    if request.referer.blank? || request.referer.include?(spree.account_path)
-      developer_settings_path
-    else
-      request.referer
-    end
-  end
-
-  def developer_settings_path
-    "#{spree.account_path}#/developer_settings"
-  end
-end

app/helpers/admin/enterprises_helper.rb

@@ -22,14 +22,6 @@ module Admin
       show_enterprise_fees = can?(:manage_enterprise_fees,
                                   enterprise) && (is_shop || enterprise.is_primary_producer)
 
-      build_enterprise_side_menu_items(is_shop, show_properties, show_shipping_methods,
-                                       show_payment_methods, show_enterprise_fees)
-    end
-
-    private
-
-    def build_enterprise_side_menu_items(is_shop, show_properties, show_shipping_methods,
-                                         show_payment_methods, show_enterprise_fees)
       [
         { name: 'primary_details', icon_class: "icon-home", show: true, selected: 'selected' },
         { name: 'address', icon_class: "icon-map-marker", show: true },
@@ -42,20 +34,13 @@ module Admin
         { name: 'shipping_methods', icon_class: "icon-truck", show: show_shipping_methods },
         { name: 'payment_methods',  icon_class: "icon-money", show: show_payment_methods },
         { name: 'enterprise_fees',  icon_class: "icon-tasks", show: show_enterprise_fees },
-        { name: 'vouchers', icon_class: "icon-ticket", show: true },
         { name: 'enterprise_permissions', icon_class: "icon-plug", show: true,
           href: admin_enterprise_relationships_path },
         { name: 'inventory_settings', icon_class: "icon-list-ol", show: is_shop },
         { name: 'tag_rules', icon_class: "icon-random", show: is_shop },
         { name: 'shop_preferences', icon_class: "icon-shopping-cart", show: is_shop },
-        { name: 'users', icon_class: "icon-user", show: true },
-      ] + [add_white_label_if_feature_activated].compact
-    end
-
-    def add_white_label_if_feature_activated
-      return nil unless OpenFoodNetwork::FeatureToggle.enabled?(:white_label)
-
-      { name: 'white_label', icon_class: "icon-leaf", show: true }
+        { name: 'users', icon_class: "icon-user", show: true }
+      ]
     end
   end
 end

app/helpers/angular_form_builder.rb

@@ -29,8 +29,7 @@ class AngularFormBuilder < ActionView::Helpers::FormBuilder
                          @template.ng_options_for_select(choices, angular_field), options
   end
 
-  def ng_collection_select(method, collection, value_method,
-                           text_method, angular_field, options = {})
+  def ng_collection_select(method, collection, value_method, text_method, angular_field, options = {})
     options.reverse_merge!('id' => angular_id(method), 'ng-model' => angular_model(method).to_s)
 
     @template.select_tag angular_name(method),

app/helpers/checkout_helper.rb

@@ -139,8 +139,8 @@ module CheckoutHelper
   def stripe_card_options(cards)
     cards.map do |cc|
       [
-        "#{cc.brand} #{cc.last_digits} #{I18n.t(:card_expiry_abbreviation)}:"\
-        "#{cc.month.to_s.rjust(2, '0')}/#{cc.year}", cc.id
+        "#{cc.brand} #{cc.last_digits} #{I18n.t(:card_expiry_abbreviation)}:#{cc.month.to_s.rjust(2, '0')}/#{cc.year}",
+        cc.id
       ]
     end
   end

app/helpers/reports_helper.rb

@@ -3,8 +3,8 @@
 module ReportsHelper
   def report_order_cycle_options(order_cycles)
     order_cycles.map do |oc|
-      orders_open_at = oc.orders_open_at&.to_fs(:short) || 'NA'
-      orders_close_at = oc.orders_close_at&.to_fs(:short) || 'NA'
+      orders_open_at = oc.orders_open_at&.to_s(:short) || 'NA'
+      orders_close_at = oc.orders_close_at&.to_s(:short) || 'NA'
       ["#{oc.name}   (#{orders_open_at} - #{orders_close_at})".html_safe, oc.id]
     end
   end

app/jobs/order_cycle_opened_job.rb

@@ -1,27 +0,0 @@
-# frozen_string_literal: true
-
-# Trigger jobs for any order cycles that recently opened
-class OrderCycleOpenedJob < ApplicationJob
-  def perform
-    ActiveRecord::Base.transaction do
-      recently_opened_order_cycles.find_each do |order_cycle|
-        OrderCycleWebhookService.create_webhook_job(order_cycle, 'order_cycle.opened')
-      end
-      mark_as_opened(recently_opened_order_cycles)
-    end
-  end
-
-  private
-
-  def recently_opened_order_cycles
-    @recently_opened_order_cycles ||= OrderCycle
-      .where(opened_at: nil)
-      .where(orders_open_at: 1.hour.ago..Time.zone.now)
-      .lock.order(:id)
-  end
-
-  def mark_as_opened(order_cycles)
-    now = Time.zone.now
-    order_cycles.update_all(opened_at: now, updated_at: now)
-  end
-end

app/jobs/report_job.rb

@@ -1,10 +1,34 @@
 # frozen_string_literal: true
 
-# Renders a report and stores it in a given blob.
-class ReportJob < ApplicationJob
-  def perform(report_class, user, params, format, blob)
+# Renders a report and saves it to a temporary file.
+class ReportJob < ActiveJob::Base
+  def perform(report_class, user, params, format)
     report = report_class.new(user, params, render: true)
     result = report.render_as(format)
-    blob.store(result)
+    write(result)
+  end
+
+  def done?
+    @done ||= File.file?(filename)
+  end
+
+  def result
+    @result ||= read_result
+  end
+
+  private
+
+  def write(result)
+    File.write(filename, result, mode: "wb")
+  end
+
+  def read_result
+    File.read(filename)
+  ensure
+    File.unlink(filename)
+  end
+
+  def filename
+    Rails.root.join("tmp/report-#{job_id}")
   end
 end

app/jobs/webhook_delivery_job.rb

@@ -1,50 +0,0 @@
-# frozen_string_literal: true
-
-require "faraday"
-require "private_address_check"
-require "private_address_check/tcpsocket_ext"
-
-# Deliver a webhook payload
-# As a delayed job, it can run asynchronously and handle retries.
-class WebhookDeliveryJob < ApplicationJob
-  # General failed request error that we're going to use to signal
-  # the job runner to retry our webhook worker.
-  class FailedWebhookRequestError < StandardError; end
-
-  queue_as :default
-
-  def perform(url, event, payload)
-    body = {
-      id: job_id,
-      at: Time.zone.now.to_s,
-      event: event,
-      data: payload,
-    }
-
-    # Request user-submitted url, preventing any private connections being made
-    # (SSRF).
-    # This method may allow the socket to open, but is necessary in order to
-    # protect from TOC/TOU.
-    # Note that private_address_check provides some methods for pre-validating,
-    # but they're not as comprehensive and so unnecessary here. Simply
-    # momentarily opening sockets probably can't cause DoS or other damage.
-    PrivateAddressCheck.only_public_connections do
-      notify_endpoint(url, body)
-    end
-  end
-
-  def notify_endpoint(url, body)
-    connection = Faraday.new(
-      request: { timeout: 30 },
-      headers: {
-        'User-Agent' => 'openfoodnetwork_webhook/1.0',
-        'Content-Type' => 'application/json',
-      }
-    )
-    response = connection.post(url, body.to_json)
-
-    # Raise a failed request error and let job runner handle retrying.
-    # In theory, only 5xx errors should be retried, but who knows.
-    raise FailedWebhookRequestError, response.status.to_s unless response.success?
-  end
-end

app/json_schemas/customer_schema.rb

@@ -61,9 +61,4 @@ class CustomerSchema < JsonApiSchema
   def self.relationships
     [:enterprise]
   end
-
-  # Optional attributes included with eg: CustomerSchema.schema(extra_fields: :balance)
-  def self.balance
-    { balance: { type: :number, format: :double } }
-  end
 end

app/json_schemas/json_api_schema.rb

@@ -19,77 +19,84 @@ class JsonApiSchema
     end
 
     def schema(options = {})
-      Structure.schema(data_properties(**options))
+      {
+        type: :object,
+        properties: {
+          data: {
+            type: :object,
+            properties: data_properties(**options)
+          },
+          meta: { type: :object },
+          links: { type: :object }
+        },
+        required: [:data]
+      }
     end
 
     def collection(options)
-      Structure.collection(data_properties(**options))
+      {
+        type: :object,
+        properties: {
+          data: {
+            type: :array,
+            items: {
+              type: :object,
+              properties: data_properties(**options)
+            }
+          },
+          meta: {
+            type: :object,
+            properties: {
+              pagination: {
+                type: :object,
+                properties: {
+                  results: { type: :integer, example: 250 },
+                  pages: { type: :integer, example: 5 },
+                  page: { type: :integer, example: 2 },
+                  per_page: { type: :integer, example: 50 },
+                }
+              }
+            },
+            required: [:pagination]
+          },
+          links: {
+            type: :object,
+            properties: {
+              self: { type: :string },
+              first: { type: :string },
+              prev: { type: :string, nullable: true },
+              next: { type: :string, nullable: true },
+              last: { type: :string }
+            }
+          }
+        },
+        required: [:data, :meta, :links]
+      }
     end
 
     private
 
-    def data_properties(require_all: false, extra_fields: nil)
-      extra_fields_result = get_extra_fields(extra_fields)
-      attributes = get_attributes(extra_fields_result)
-      required = get_required(require_all, extra_fields, extra_fields_result)
-
-      Structure.data_properties(object_name, attributes, required, relationship_properties)
-    end
-
-    def relationship_properties
-      relationships.index_with { |name| relationship_schema(name) }
-    end
-
-    # Example
-    # MySchema.schema(extra_fields: :my_method)
-    # => extra_fields_result = MySchema.my_method
-    # => attributes = attributes.merge(extra_fields_result)
-    #
-    # MySchema.schema(extra_fields: {name: :my_method, required: true, opts: {method_opt: true}})
-    # => extra_fields_result = MySchema.my_method(method_opt: true)
-    # => attributes = attributes.merge(extra_fields_result)
-    # => required += extra_fields_result.keys
-    #
-    # MySchema.schema(extra_fields: [:my_method, :another_method])
-    # => extra_fields_result = MySchema.my_method.merge(another_method)
-    # => attributes = attribtues.merge(extra_fields_result)
-    #
-    # To test use eg:
-    # MySchema.schema(extra_fields: :my_method)
-    #   .dig(:properties, :data, :properties, :attributes)
-    def get_extra_fields(extra_fields)
-      case extra_fields
-      when Symbol
-        public_send(extra_fields)
-      when Hash
-        public_send(extra_fields[:name], **extra_fields[:opts].to_h)
-      when Array
-        obj = {}
-
-        extra_fields.each do |w|
-          obj.merge!(get_extra_fields(w))
-        end
-
-        obj
-      end
-    end
-
-    def get_required(require_all, extra_fields, extra_fields_result)
+    def data_properties(require_all: false)
       required = require_all ? all_attributes : required_attributes
 
-      if extra_fields.is_a?(Hash) && extra_fields[:required] == true && extra_fields_result.present?
-        required += extra_fields_result.keys
-      end
-
-      required
-    end
-
-    def get_attributes(extra_fields_result)
-      if [extra_fields_result, attributes].all?{ |obj| obj.respond_to?(:merge) }
-        attributes.merge(extra_fields_result)
-      else
-        attributes
-      end
+      {
+        id: { type: :string, example: "1" },
+        type: { type: :string, example: object_name },
+        attributes: {
+          type: :object,
+          properties: attributes,
+          required: required
+        },
+        relationships: {
+          type: :object,
+          properties: relationships.to_h do |name|
+            [
+              name,
+              relationship_schema(name)
+            ]
+          end
+        }
+      }
     end
 
     def relationship_schema(name)

app/json_schemas/json_api_schema/structure.rb

@@ -1,83 +0,0 @@
-# frozen_string_literal: true
-
-# rubocop:disable Metrics/MethodLength
-
-class JsonApiSchema
-  module Structure
-    extend self
-
-    def schema(data_properties)
-      {
-        type: :object,
-        properties: {
-          data: {
-            type: :object,
-            properties: data_properties
-          },
-          meta: { type: :object },
-          links: { type: :object }
-        },
-        required: [:data]
-      }
-    end
-
-    def collection(data_properties)
-      {
-        type: :object,
-        properties: {
-          data: {
-            type: :array,
-            items: {
-              type: :object,
-              properties: data_properties
-            }
-          },
-          meta: {
-            type: :object,
-            properties: {
-              pagination: {
-                type: :object,
-                properties: {
-                  results: { type: :integer, example: 250 },
-                  pages: { type: :integer, example: 5 },
-                  page: { type: :integer, example: 2 },
-                  per_page: { type: :integer, example: 50 },
-                }
-              }
-            },
-            required: [:pagination]
-          },
-          links: {
-            type: :object,
-            properties: {
-              self: { type: :string },
-              first: { type: :string },
-              prev: { type: :string, nullable: true },
-              next: { type: :string, nullable: true },
-              last: { type: :string }
-            }
-          }
-        },
-        required: [:data, :meta, :links]
-      }
-    end
-
-    def data_properties(object_name, attributes, required, relationship_properties)
-      {
-        id: { type: :string, example: "1" },
-        type: { type: :string, example: object_name },
-        attributes: {
-          type: :object,
-          properties: attributes,
-          required: required
-        },
-        relationships: {
-          type: :object,
-          properties: relationship_properties
-        }
-      }
-    end
-  end
-end
-
-# rubocop:enable Metrics/MethodLength

app/mailers/application_mailer.rb

@@ -1,23 +0,0 @@
-# frozen_string_literal: true
-
-class ApplicationMailer < ActionMailer::Base
-  # Inline stylesheets
-  include Roadie::Rails::Automatic
-
-  helper TermsAndConditionsHelper
-
-  default from: -> { Spree::Config[:mails_from] }
-  layout 'mailer'
-
-  def money(amount)
-    Spree::Money.new(amount).to_s
-  end
-  helper_method :money
-
-  protected
-
-  def roadie_options
-    # This lets us specify assets using relative paths in email templates
-    super.merge(url_options: { host: URI(main_app.root_url).host })
-  end
-end

app/mailers/enterprise_mailer.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 require 'devise/mailers/helpers'
-class EnterpriseMailer < ApplicationMailer
+class EnterpriseMailer < Spree::BaseMailer
   include Devise::Mailers::Helpers
   include I18nHelper
 
@@ -12,6 +12,7 @@ class EnterpriseMailer < ApplicationMailer
                   enterprise: @enterprise.name,
                   sitename: Spree::Config[:site_name])
       mail(to: enterprise.contact.email,
+           from: from_address,
            subject: subject)
     end
   end
@@ -19,10 +20,12 @@ class EnterpriseMailer < ApplicationMailer
   def manager_invitation(enterprise, user)
     @enterprise = enterprise
     @instance = Spree::Config[:site_name]
+    @instance_email = from_address
 
     I18n.with_locale valid_locale(@enterprise.owner) do
       subject = t('enterprise_mailer.invite_manager.subject', enterprise: @enterprise.name)
       mail(to: user.email,
+           from: from_address,
            subject: subject)
     end
   end

app/mailers/payment_mailer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class PaymentMailer < ApplicationMailer
+class PaymentMailer < Spree::BaseMailer
   include I18nHelper
 
   def authorize_payment(payment)
@@ -8,7 +8,7 @@ class PaymentMailer < ApplicationMailer
     subject = I18n.t('spree.payment_mailer.authorize_payment.subject',
                      distributor: @payment.order.distributor.name)
     I18n.with_locale valid_locale(@payment.order.user) do
-      mail(to: payment.order.email, subject: subject)
+      mail(to: payment.order.email, from: from_address, subject: subject)
     end
   end
 
@@ -19,6 +19,7 @@ class PaymentMailer < ApplicationMailer
                      order: @payment.order)
     I18n.with_locale valid_locale(shop_owner) do
       mail(to: shop_owner.email,
+           from: from_address,
            subject: subject)
     end
   end

app/mailers/producer_mailer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class ProducerMailer < ApplicationMailer
+class ProducerMailer < Spree::BaseMailer
   include I18nHelper
 
   def order_cycle_report(producer, order_cycle)
@@ -14,6 +14,7 @@ class ProducerMailer < ApplicationMailer
 
       mail(
         to: @producer.contact.email,
+        from: from_address,
         subject: subject,
         reply_to: @coordinator.contact.email,
         cc: @coordinator.contact.email

app/mailers/spree/base_mailer.rb

@@ -0,0 +1,28 @@
+# frozen_string_literal: true
+
+module Spree
+  class BaseMailer < ActionMailer::Base
+    # Inline stylesheets
+    include Roadie::Rails::Automatic
+
+    helper TermsAndConditionsHelper
+
+    layout 'mailer'
+
+    def from_address
+      Spree::Config[:mails_from]
+    end
+
+    def money(amount)
+      Spree::Money.new(amount).to_s
+    end
+    helper_method :money
+
+    protected
+
+    def roadie_options
+      # This lets us specify assets using relative paths in email templates
+      super.merge(url_options: { host: URI(main_app.root_url).host })
+    end
+  end
+end

app/mailers/spree/order_mailer.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 module Spree
-  class OrderMailer < ApplicationMailer
+  class OrderMailer < BaseMailer
     helper 'checkout'
     helper SpreeCurrencyHelper
     helper Spree::PaymentMethodsHelper
@@ -13,6 +13,7 @@ module Spree
       @order = find_order(order_or_order_id)
       I18n.with_locale valid_locale(@order.user) do
         mail(to: @order.email,
+             from: from_address,
              subject: mail_subject(t('spree.order_mailer.cancel_email.subject'), resend))
       end
     end
@@ -22,6 +23,7 @@ module Spree
       I18n.with_locale valid_locale(@order.distributor.owner) do
         subject = I18n.t('spree.order_mailer.cancel_email_for_shop.subject')
         mail(to: @order.distributor.contact.email,
+             from: from_address,
              subject: subject)
       end
     end
@@ -31,6 +33,7 @@ module Spree
       I18n.with_locale valid_locale(@order.user) do
         subject = mail_subject(t('spree.order_mailer.confirm_email.subject'), resend)
         mail(to: @order.email,
+             from: from_address,
              subject: subject,
              reply_to: @order.distributor.contact.email)
       end
@@ -41,6 +44,7 @@ module Spree
       I18n.with_locale valid_locale(@order.user) do
         subject = mail_subject(t('spree.order_mailer.confirm_email.subject'), resend)
         mail(to: @order.distributor.contact.email,
+             from: from_address,
              subject: subject)
       end
     end
@@ -52,6 +56,7 @@ module Spree
       attach_file("invoice-#{@order.number}.pdf", pdf)
       I18n.with_locale valid_locale(@order.user) do
         mail(to: @order.email,
+             from: from_address,
              subject: mail_subject(t(:invoice), false),
              reply_to: @order.distributor.contact.email)
       end

app/mailers/spree/shipment_mailer.rb

@@ -1,12 +1,12 @@
 # frozen_string_literal: true
 
 module Spree
-  class ShipmentMailer < ApplicationMailer
+  class ShipmentMailer < BaseMailer
     def shipped_email(shipment, delivery:)
       @shipment = shipment.respond_to?(:id) ? shipment : Spree::Shipment.find(shipment)
       @delivery = delivery
       subject = base_subject
-      mail(to: @shipment.order.email, subject: subject)
+      mail(to: @shipment.order.email, from: from_address, subject: subject)
     end
 
     private

app/mailers/spree/test_mailer.rb

@@ -1,11 +1,11 @@
 # frozen_string_literal: true
 
 module Spree
-  class TestMailer < ApplicationMailer
+  class TestMailer < BaseMailer
     def test_email(user)
       recipient = user.respond_to?(:id) ? user : Spree::User.find(user)
       subject = "#{Spree::Config[:site_name]} #{t('spree.test_mailer.test_email.subject')}"
-      mail(to: recipient.email, subject: subject)
+      mail(to: recipient.email, from: from_address, subject: subject)
     end
   end
 end

app/mailers/spree/user_mailer.rb

@@ -3,7 +3,7 @@
 # This mailer is configured to be the Devise mailer
 # Some methods here override Devise::Mailer methods
 module Spree
-  class UserMailer < ApplicationMailer
+  class UserMailer < BaseMailer
     include I18nHelper
 
     helper MailerHelper
@@ -16,7 +16,7 @@ module Spree
         "#{I18n.t('spree.user_mailer.reset_password_instructions.subject')}"
 
       I18n.with_locale valid_locale(user) do
-        mail(to: user.email, subject: subject)
+        mail(to: user.email, from: from_address, subject: subject)
       end
     end
 
@@ -24,7 +24,7 @@ module Spree
     def signup_confirmation(user)
       @user = user
       I18n.with_locale valid_locale(@user) do
-        mail(to: user.email,
+        mail(to: user.email, from: from_address,
              subject: t(:welcome_to) + ' ' + Spree::Config[:site_name])
       end
     end
@@ -39,6 +39,7 @@ module Spree
       I18n.with_locale valid_locale(@user) do
         subject = t('spree.user_mailer.confirmation_instructions.subject')
         mail(to: confirmation_email_address,
+             from: from_address,
              subject: subject)
       end
     end

app/mailers/subscription_mailer.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class SubscriptionMailer < ApplicationMailer
+class SubscriptionMailer < Spree::BaseMailer
   helper 'checkout'
   helper MailerHelper
   helper ShopMailHelper
@@ -37,6 +37,7 @@ class SubscriptionMailer < ApplicationMailer
     @shop = Enterprise.find(summary.shop_id)
     @summary = summary
     mail(to: @shop.contact.email,
+         from: from_address,
          subject: "#{Spree::Config[:site_name]} #{t('subscription_mailer.placement_summary_email.subject')}")
   end
 
@@ -44,6 +45,7 @@ class SubscriptionMailer < ApplicationMailer
     @shop = Enterprise.find(summary.shop_id)
     @summary = summary
     mail(to: @shop.contact.email,
+         from: from_address,
          subject: "#{Spree::Config[:site_name]} #{t('subscription_mailer.confirmation_summary_email.subject')}")
   end
 
@@ -54,6 +56,7 @@ class SubscriptionMailer < ApplicationMailer
       confirm_email_subject = t('spree.order_mailer.confirm_email.subject')
       subject = "#{Spree::Config[:site_name]} #{confirm_email_subject} ##{order.number}"
       mail(to: order.email,
+           from: from_address,
            subject: subject,
            reply_to: order.distributor.contact.email)
     end

app/models/concerns/address_display.rb

@@ -4,8 +4,4 @@ module AddressDisplay
   def full_name_reverse
     [lastname, firstname].reject(&:blank?).join(" ")
   end
-
-  def full_name_for_sorting
-    [last_name, first_name].reject(&:blank?).join(", ")
-  end
 end

app/models/customer.rb

@@ -35,7 +35,6 @@ class Customer < ApplicationRecord
                     uniqueness: { scope: :enterprise_id, message: I18n.t('validation_msg_is_associated_with_an_exising_customer') }
 
   scope :of, ->(enterprise) { where(enterprise_id: enterprise) }
-  scope :managed_by, ->(user) { user&.persisted? ? where(user: user).or(of(Enterprise.managed_by(user))) : none }
 
   before_create :associate_user
 

app/models/enterprise.rb

@@ -15,13 +15,9 @@ class Enterprise < ApplicationRecord
     medium: { resize_to_fill: [720, 156] },
     large: { resize_to_fill: [1200, 260] },
   }.freeze
-  WHITE_LABEL_LOGO_SIZES = {
-    default: { gravity: "Center", resize_to_fill: [217, 44] },
-    mobile: { gravity: "Center", resize_to_fill: [75, 26] },
-  }.freeze
   VALID_INSTAGRAM_REGEX = %r{\A[a-zA-Z0-9._]{1,30}([^/-]*)\z}
 
-  searchable_attributes :sells, :is_primary_producer, :name
+  searchable_attributes :sells, :is_primary_producer
   searchable_associations :properties
   searchable_scopes :is_primary_producer, :is_distributor, :is_hub, :activated, :visible,
                     :ready_for_checkout, :not_ready_for_checkout
@@ -69,7 +65,6 @@ class Enterprise < ApplicationRecord
   has_many :inventory_items
   has_many :tag_rules
   has_one :stripe_account, dependent: :destroy
-  has_many :vouchers
 
   delegate :latitude, :longitude, :city, :state_name, to: :address
 
@@ -88,14 +83,9 @@ class Enterprise < ApplicationRecord
   has_one_attached :logo
   has_one_attached :promo_image
   has_one_attached :terms_and_conditions
-  has_one_attached :white_label_logo
 
-  validates :logo,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
-  validates :promo_image,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :logo, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :promo_image, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
   validates :terms_and_conditions, content_type: {
     in: "application/pdf",
     message: I18n.t(:enterprise_terms_and_conditions_type_error),
@@ -110,11 +100,7 @@ class Enterprise < ApplicationRecord
   validate :shopfront_taxons
   validate :shopfront_producers
   validate :enforce_ownership_limit, if: lambda { owner_id_changed? && !owner_id.nil? }
-  validates :instagram, 
-    format: {
-      with: VALID_INSTAGRAM_REGEX,
-      message: Spree.t('errors.messages.invalid_instagram_url')
-    }, allow_blank: true
+  validates :instagram, format: { with: VALID_INSTAGRAM_REGEX, message: Spree.t('errors.messages.invalid_instagram_url') }, allow_blank: true
 
   before_validation :initialize_permalink, if: lambda { permalink.nil? }
   before_validation :set_unused_address_fields
@@ -276,7 +262,7 @@ class Enterprise < ApplicationRecord
 
   def plus_parents_and_order_cycle_producers(order_cycles)
     oc_producer_ids = Exchange.in_order_cycle(order_cycles).incoming.pluck :sender_id
-    Enterprise.is_primary_producer.parents_of_one_union_others(id, oc_producer_ids | [id])
+    Enterprise.not_hidden.is_primary_producer.parents_of_one_union_others(id, oc_producer_ids | [id])
   end
 
   def relatives_including_self
@@ -307,14 +293,6 @@ class Enterprise < ApplicationRecord
     )
   end
 
-  def white_label_logo_url(name = :default)
-    return unless white_label_logo.variable?
-
-    Rails.application.routes.url_helpers.url_for(
-      white_label_logo.variant(WHITE_LABEL_LOGO_SIZES[name])
-    )
-  end
-
   def website
     strip_url self[:website]
   end
@@ -472,8 +450,7 @@ class Enterprise < ApplicationRecord
   end
 
   def strip_url(url)
-    # Strip protocol and trailing slash
-    url&.sub(%r{(https?://)?}, '')&.sub(%r{/\z}, '')
+    url&.sub(%r{(https?://)?}, '')
   end
 
   def correct_whatsapp_url(phone_number)
@@ -481,11 +458,11 @@ class Enterprise < ApplicationRecord
   end
 
   def correct_instagram_url(url)
-    url && strip_url(url.downcase).sub(%r{(www\.)?instagram.com/}, '').delete("@")
+    url && strip_url(url.downcase).sub(%r{www.instagram.com/}, '').sub(%r{instagram.com/}, '').delete("@")
   end
 
   def correct_twitter_url(url)
-    url && strip_url(url).sub(%r{(www\.)?twitter.com/}, '').delete("@")
+    url && strip_url(url).sub(%r{www.twitter.com/}, '').delete("@")
   end
 
   def set_unused_address_fields

app/models/enterprise_group.rb

@@ -28,12 +28,8 @@ class EnterpriseGroup < ApplicationRecord
   has_one_attached :logo
   has_one_attached :promo_image
 
-  validates :logo,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
-  validates :promo_image,
-            processable_image: true,
-            content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :logo, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+  validates :promo_image, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
 
   scope :by_position, -> { order('position ASC') }
   scope :on_front_page, -> { where(on_front_page: true) }

app/models/enterprise_relationship.rb

@@ -13,7 +13,6 @@ class EnterpriseRelationship < ApplicationRecord
 
   after_save :update_permissions_of_child_variant_overrides
   before_destroy :revoke_all_child_variant_overrides
-  before_destroy :destroy_related_exchanges
 
   scope :with_enterprises, -> {
     joins("
@@ -103,10 +102,6 @@ class EnterpriseRelationship < ApplicationRecord
     child_variant_overrides.update_all(permission_revoked_at: Time.zone.now)
   end
 
-  def destroy_related_exchanges
-    Exchange.where(sender: parent, receiver: child, incoming: true).destroy_all
-  end
-
   def child_variant_overrides
     VariantOverride.unscoped.for_hubs(child)
       .joins(variant: :product).where("spree_products.supplier_id IN (?)", parent)

app/models/enterprise_relationship_permission.rb

@@ -1,15 +1,5 @@
 # frozen_string_literal: true
 
 class EnterpriseRelationshipPermission < ApplicationRecord
-  belongs_to :enterprise_relationship
   default_scope { order('name') }
-  before_destroy :destroy_related_exchanges
-
-  def destroy_related_exchanges
-    return if name != "add_to_order_cycle"
-
-    Exchange
-      .where(sender: enterprise_relationship.parent,
-             receiver: enterprise_relationship.child, incoming: true).destroy_all
-  end
 end

app/models/exchange_variant.rb

@@ -3,9 +3,4 @@
 class ExchangeVariant < ApplicationRecord
   belongs_to :exchange
   belongs_to :variant, class_name: 'Spree::Variant'
-  after_destroy :destroy_related_outgoing_variants
-
-  def destroy_related_outgoing_variants
-    VariantDeleter.new.destroy_related_outgoing_variants(variant_id, exchange.order_cycle)
-  end
 end

app/models/order_cycle.rb

@@ -34,7 +34,6 @@ class OrderCycle < ApplicationRecord
 
   attr_accessor :incoming_exchanges, :outgoing_exchanges
 
-  before_update :reset_opened_at, if: :will_save_change_to_orders_open_at?
   before_update :reset_processed_at, if: :will_save_change_to_orders_close_at?
   after_save :sync_subscriptions, if: :opening?
 
@@ -334,14 +333,6 @@ class OrderCycle < ApplicationRecord
     errors.add(:orders_close_at, :after_orders_open_at)
   end
 
-  def reset_opened_at
-    # Reset only if order cycle is opening again at a later date
-    return unless orders_open_at.present? && orders_open_at_was.present?
-    return unless orders_open_at > orders_open_at_was
-
-    self.opened_at = nil
-  end
-
   def reset_processed_at
     return unless orders_close_at.present? && orders_close_at_was.present?
     return unless orders_close_at > orders_close_at_was

app/models/product_import/entry_processor.rb

@@ -10,8 +10,7 @@ module ProductImport
                 :variants_created, :variants_updated, :enterprise_products,
                 :total_enterprise_products, :products_reset_count
 
-    def initialize(importer, validator, import_settings, spreadsheet_data,
-                   editable_enterprises, import_time, updated_ids)
+    def initialize(importer, validator, import_settings, spreadsheet_data, editable_enterprises, import_time, updated_ids)
       @importer = importer
       @validator = validator
       @settings = Settings.new(import_settings)

app/models/product_import/entry_validator.rb

@@ -39,8 +39,6 @@ module ProductImport
         enterprise_validation(entry)
         unit_fields_validation(entry)
         variant_of_product_validation(entry)
-        price_validation(entry)
-        on_hand_on_demand_validation(entry)
 
         next if entry.enterprise_id.blank?
 
@@ -172,11 +170,6 @@ module ProductImport
                                error: I18n.t('admin.product_import.model.blank'))
       end
 
-      unless is_numeric(entry.units) && entry.units.to_f > 0
-        mark_as_invalid(entry, attribute: 'units',
-                               error: I18n.t('admin.product_import.model.incorrect_value'))
-      end
-
       return if import_into_inventory?
 
       # unit_type must be valid type
@@ -196,42 +189,6 @@ module ProductImport
                              error: I18n.t('admin.product_import.model.conditional_blank'))
     end
 
-    def is_numeric(value)
-      return true unless Float(value, exception: false).nil?
-    end
-
-    def price_validation(entry)
-      return if is_numeric(entry.price)
-
-      error_string = if empty_or_placeholder_value(entry.price)
-                       'admin.product_import.model.blank'
-                     else
-                       'admin.product_import.model.incorrect_value'
-                     end
-      mark_as_invalid(entry, attribute: 'price', error: I18n.t(error_string))
-    end
-
-    def on_hand_on_demand_validation(entry)
-      on_hand_present_numeric = !empty_or_placeholder_value(entry.on_hand) &&
-                                is_numeric(entry.on_hand)
-      on_hand_value = entry.on_hand&.to_i
-      on_demand_present_numeric = !empty_or_placeholder_value(entry.on_demand) &&
-                                  is_numeric(entry.on_demand)
-      on_demand_value = entry.on_demand&.to_i
-
-      return if (on_hand_present_numeric && on_hand_value >= 0) ||
-                (on_demand_present_numeric && on_demand_value == 1)
-
-      mark_as_invalid(entry, attribute: 'on_hand',
-                             error: I18n.t('admin.product_import.model.incorrect_value'))
-      mark_as_invalid(entry, attribute: 'on_demand',
-                             error: I18n.t('admin.product_import.model.incorrect_value'))
-    end
-
-    def empty_or_placeholder_value(value)
-      value.blank? || value.to_s.strip == "-"
-    end
-
     def variant_of_product_validation(entry)
       return if entry.producer.blank? || entry.name.blank?
 
@@ -336,7 +293,8 @@ module ProductImport
         entry.primary_taxon_id = @spreadsheet_data.categories_index[category_name]
       else
         mark_as_invalid(entry, attribute: "category",
-                               error: I18n.t('admin.product_import.model.category_not_found'))
+                               error: I18n.t(:error_not_found_in_database,
+                                             name: category_name))
       end
     end
 

app/models/report_blob.rb

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-# Stores a generated report.
-class ReportBlob < ActiveStorage::Blob
-  def self.create_for_upload_later!(filename)
-    # ActiveStorage discourages modifying a blob later but we need a blob
-    # before we know anything about the report file. It enables us to use the
-    # same blob in the controller to read the result.
-    create_before_direct_upload!(
-      filename: filename,
-      byte_size: 0,
-      checksum: "0",
-      content_type: content_type(filename),
-    ).tap do |blob|
-      ActiveStorage::PurgeJob.set(wait: 1.month).perform_later(blob)
-    end
-  end
-
-  def self.content_type(filename)
-    MIME::Types.of(filename).first&.to_s || "application/octet-stream"
-  end
-
-  def store(content)
-    io = StringIO.new(content)
-    upload(io, identify: false)
-    save!
-  end
-
-  def content_stored?
-    @content_stored ||= reload.checksum != "0"
-  end
-
-  def result
-    @result ||= download
-  end
-end

app/models/spree/ability.rb

@@ -179,8 +179,6 @@ module Spree
       can [:admin, :create], :manager_invitation
 
       can [:admin, :index], :oidc_setting
-
-      can [:admin, :create], Voucher
     end
 
     def add_product_management_abilities(user)

app/models/spree/address.rb

@@ -4,7 +4,7 @@ module Spree
   class Address < ApplicationRecord
     include AddressDisplay
 
-    searchable_attributes :firstname, :lastname, :phone
+    searchable_attributes :firstname, :lastname
     searchable_associations :country, :state
 
     belongs_to :country, class_name: "Spree::Country"

app/models/spree/image.rb

@@ -11,10 +11,7 @@ module Spree
 
     has_one_attached :attachment
 
-    validates :attachment,
-              attached: true,
-              processable_image: true,
-              content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
+    validates :attachment, attached: true, content_type: %r{\Aimage/(png|jpeg|gif|jpg|svg\+xml|webp)\Z}
     validate :no_attachment_errors
 
     def variant(name)

app/models/spree/order.rb

@@ -14,7 +14,7 @@ module Spree
 
     searchable_attributes :number, :state, :shipment_state, :payment_state, :distributor_id,
                           :order_cycle_id, :email, :total, :customer_id
-    searchable_associations :shipping_method, :bill_address, :distributor
+    searchable_associations :shipping_method, :bill_address
     searchable_scopes :complete, :incomplete
 
     checkout_flow do
@@ -311,8 +311,7 @@ module Spree
     # Creates new tax charges if there are any applicable rates. If prices already
     # include taxes then price adjustments are created instead.
     def create_tax_charge!
-      return if state.in?(["cart", "address", "delivery"]) &&
-        OpenFoodNetwork::FeatureToggle.enabled?(:split_checkout)
+      return if state.in?(["cart", "address", "delivery"]) && OpenFoodNetwork::FeatureToggle.enabled?(:split_checkout)
 
       clear_legacy_taxes!
 

app/models/spree/product.rb

@@ -114,7 +114,6 @@ module Spree
               presence: { if: ->(p) { %w(weight volume).include? p.variant_unit } }
     validates :variant_unit_name,
               presence: { if: ->(p) { p.variant_unit == 'items' } }
-    validate :validate_image_for_master
 
     attr_accessor :option_values_hash
 
@@ -475,11 +474,5 @@ module Spree
       requested = permalink.presence || permalink_was.presence || name.presence || 'product'
       self.permalink = create_unique_permalink(requested.parameterize)
     end
-
-    def validate_image_for_master
-      return if master.images.all?(&:valid?)
-
-      errors.add(:base, I18n.t('spree.admin.products.image_not_processable'))
-    end
   end
 end

app/models/spree/user.rb

@@ -38,10 +38,7 @@ module Spree
     has_many :customers
     has_many :credit_cards
     has_many :report_rendering_options, class_name: "::ReportRenderingOptions", dependent: :destroy
-    has_many :webhook_endpoints, dependent: :destroy
-
     accepts_nested_attributes_for :enterprise_roles, allow_destroy: true
-    accepts_nested_attributes_for :webhook_endpoints
 
     accepts_nested_attributes_for :bill_address
     accepts_nested_attributes_for :ship_address
@@ -151,6 +148,10 @@ module Spree
       spree_orders.incomplete.where(created_by_id: id).order('created_at DESC').first
     end
 
+    def flipper_id
+      "#{self.class.name};#{id}"
+    end
+
     def disabled
       disabled_at.present?
     end

app/models/spree/variant.rb

@@ -20,7 +20,7 @@ module Spree
     belongs_to :product, -> { with_deleted }, touch: true, class_name: 'Spree::Product'
 
     delegate_belongs_to :product, :name, :description, :permalink, :available_on,
-                        :tax_category_id, :shipping_category_id,
+                        :tax_category_id, :shipping_category_id, :meta_description,
                         :meta_keywords, :tax_category, :shipping_category
 
     has_many :inventory_units, inverse_of: :variant

app/models/voucher.rb

@@ -1,15 +0,0 @@
-# frozen_string_literal: false
-
-class Voucher < ApplicationRecord
-  belongs_to :enterprise
-
-  validates :code, presence: true, uniqueness: { scope: :enterprise_id }
-
-  def value
-    10
-  end
-
-  def display_value
-    Spree::Money.new(value)
-  end
-end

app/models/webhook_endpoint.rb

@@ -1,6 +0,0 @@
-# frozen_string_literal: true
-
-# Records a webhook url to send notifications to
-class WebhookEndpoint < ApplicationRecord
-  validates :url, presence: true
-end

app/queries/customers_with_balance.rb

@@ -1,22 +1,28 @@
 # frozen_string_literal: true
 
-# Adds an aggregated 'balance_value' to each customer based on their order history
-#
+# Fetches the customers of the specified enterprise including the aggregated balance across the
+# customer's orders. That is, we get the total balance for each customer with this enterprise.
 class CustomersWithBalance
-  def initialize(customers)
-    @customers = customers
+  def initialize(enterprise)
+    @enterprise = enterprise
   end
 
   def query
-    @customers.
+    Customer.of(enterprise).
       joins(left_join_complete_orders).
       group("customers.id").
       select("customers.*").
-      select("#{outstanding_balance_sum} AS balance_value")
+      select(outstanding_balance_sum)
   end
 
   private
 
+  attr_reader :enterprise
+
+  def outstanding_balance_sum
+    "SUM(#{OutstandingBalance.new.statement}) AS balance_value"
+  end
+
   # The resulting orders are in states that belong after the checkout. Only these can be considered
   # for a customer's balance.
   def left_join_complete_orders
@@ -30,8 +36,4 @@ class CustomersWithBalance
     states = Spree::Order::FINALIZED_STATES.map { |state| Arel::Nodes.build_quoted(state) }
     Arel::Nodes::In.new(Spree::Order.arel_table[:state], states)
   end
-
-  def outstanding_balance_sum
-    "SUM(#{OutstandingBalance.new.statement})::float"
-  end
 end

app/reflexes/bulk_actions_in_orders_list_reflex.rb

@@ -1,35 +0,0 @@
-# frozen_string_literal: true
-
-class BulkActionsInOrdersListReflex < ApplicationReflex
-  def resend_confirmation_email(order_ids)
-    orders(order_ids).find_each do |o|
-      Spree::OrderMailer.confirm_email_for_customer(o.id, true).deliver_later if can? :resend, o
-    end
-
-    success("admin.resend_confirmation_emails_feedback", order_ids.count)
-  end
-
-  def send_invoice(order_ids)
-    count = 0
-    orders(order_ids).find_each do |o|
-      next unless o.distributor.can_invoice? && (o.resumed? || o.complete?)
-
-      Spree::OrderMailer.invoice_email(o.id).deliver_later
-      count += 1
-    end
-
-    success("admin.send_invoice_feedback", count)
-  end
-
-  private
-
-  def success(i18n_key, count)
-    flash[:success] = I18n.t(i18n_key, count: count)
-    cable_ready.dispatch_event(name: "modal:close")
-    morph "#flashes", render(partial: "shared/flashes", locals: { flashes: flash })
-  end
-
-  def orders(order_ids)
-    Spree::Order.where(id: order_ids)
-  end
-end

app/reflexes/concerns/enterprise_concern.rb

@@ -1,12 +0,0 @@
-# frozen_string_literal: true
-
-module EnterpriseConcern
-  extend ActiveSupport::Concern
-
-  included do
-    before_reflex do
-      @enterprise = Enterprise.find_by(permalink: params[:id])
-      authorize! :update, @enterprise
-    end
-  end
-end

app/reflexes/enterprise_edit_reflex.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: false
-
-class EnterpriseEditReflex < ApplicationReflex
-  def remove_terms_and_conditions
-    @enterprise = Enterprise.find(element.dataset['enterprise-id'])
-    throw :forbidden unless can?(:remove_terms_and_conditions, @enterprise)
-
-    @enterprise.terms_and_conditions.purge_later
-  end
-end

app/reflexes/invite_manager_reflex.rb

@@ -22,10 +22,11 @@ class InviteManagerReflex < ApplicationReflex
 
     new_user = create_new_manager(email, enterprise)
 
-    if new_user.errors.empty?
+    if new_user.valid?
       locals[:success] = true
     else
-      locals[:error] = new_user.errors.full_messages.to_sentence
+      locals[:error] = new_user.errors.full_messages.to_sentence ||
+                       I18n.t('admin.enterprises.invite_manager.error')
     end
 
     return_morph(locals)