Workaround: bad interaction btw Turbo and stripe iframe

Found this workaround here: https://github.com/hotwired/turbo/issues/270#issuecomment-1068130327

This js hack persists the original iframe object downloaded from stripe in the new body sent by Turbo (instead of using the new one, in the new body)

.dockerignore

@@ -2,4 +2,3 @@
 .gitignore
 log/*
 tmp/*
-node_modules/

.env.development

@@ -5,17 +5,9 @@
 #
 #     cp .env.development .env.local
 
-VERBOSE_QUERY_LOGS=true
-
 SECRET_TOKEN="xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
 
 OFN_REDIS_URL="redis://localhost:6379/1"
 OFN_REDIS_JOBS_URL="redis://localhost:6379/2"
 
 SITE_URL="0.0.0.0:3000"
-
-# Deactivate rack-timeout in development.
-# https://github.com/zombocom/rack-timeout#configuring
-RACK_TIMEOUT_SERVICE_TIMEOUT="0"
-RACK_TIMEOUT_WAIT_TIMEOUT="0"
-RACK_TIMEOUT_WAIT_OVERTIME="0"

.gitattributes

@@ -1,11 +0,0 @@
-# Set default behavior to automatically normalize line endings.
-* text=auto
-
-# Set line endings to LF, even on Windows. Otherwise, execution within Docker fails.
-# See https://docs.github.com/en/get-started/getting-started-with-git/configuring-git-to-handle-line-endings#per-repository-settings
-*.sh text eol=lf
-
-# Same thing for following files, but they don't have an sh extension
-pre-commit eol=lf
-webpack-dev-server eol=lf
-install-bundler eol=lf

.github/ISSUE_TEMPLATE/release.md

@@ -23,7 +23,8 @@ assignees: ''
 
 ## Finish on Tuesday
 
-- [ ] Publish and notify [#global-community] (this is automatically posted with a plugin)
+- [ ] Publish and notify [#global-community]:
+  > The next release is ready: https://github.com/openfoodfoundation/openfoodnetwork/releases/latest
 - [ ] Deploy the new release to all managed instances.
   <details><summary>Command line instructions</summary>
   <pre>

.github/dependabot.yml

@@ -6,12 +6,10 @@ updates:
     schedule:
       interval: "daily"
     open-pull-requests-limit: 10
-    # Only specific requirements are specified in Gemfile, so don't touch it.
     versioning-strategy: lockfile-only
 
   - package-ecosystem: "npm"
     directory: "/"
     schedule:
       interval: "daily"
-    # All versions are specified in package.json, so please update them.
-    versioning-strategy: increase
+    versioning-strategy: lockfile-only

.github/workflows/brakeman-analysis.yml

@@ -33,7 +33,7 @@ jobs:
 
     - name: Setup Brakeman
       env:
-        BRAKEMAN_VERSION: '5.4.0'
+        BRAKEMAN_VERSION: '4.10' # SARIF support is provided in Brakeman version 4.10+
       run: |
         gem install brakeman --version $BRAKEMAN_VERSION
 
@@ -41,7 +41,6 @@ jobs:
     - name: Scan
       continue-on-error: true
       run: |
-        git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
         brakeman -f sarif -o output.sarif.json .
 
     # Upload the SARIF file generated in the previous step

.github/workflows/build.yml

@@ -18,7 +18,7 @@ permissions:
 
 jobs:
   knapsack_rspec_controllers:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -57,7 +57,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
@@ -68,6 +68,7 @@ jobs:
           bundle exec rake db:schema:load
 
       - name: Run tests
+
         env:
           KNAPSACK_PRO_TEST_SUITE_TOKEN_RSPEC: 864ef557d85ea8e603e086c0387d5154
           KNAPSACK_PRO_CI_NODE_TOTAL: ${{ matrix.ci_node_total }}
@@ -81,12 +82,12 @@ jobs:
           # https://knapsackpro.com/faq/question/how-to-split-slow-rspec-test-files-by-test-examples-by-individual-it
           #KNAPSACK_PRO_RSPEC_SPLIT_BY_TEST_EXAMPLES: true
           KNAPSACK_PRO_TEST_FILE_PATTERN: "{spec/controllers/**/*_spec.rb}" 
+        
         run: |
-          git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
           bundle exec rake knapsack_pro:rspec
 
   knapsack_rspec_models:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -125,7 +126,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
@@ -155,7 +156,7 @@ jobs:
           bundle exec rake knapsack_pro:rspec
 
   knapsack_rspec_system_admin:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -194,7 +195,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
@@ -233,7 +234,7 @@ jobs:
           if-no-files-found: ignore
 
   knapsack_rspec_system_consumer:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -272,7 +273,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
@@ -311,7 +312,7 @@ jobs:
           if-no-files-found: ignore
 
   knapsack_rspec_engines:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -350,7 +351,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
@@ -389,7 +390,7 @@ jobs:
           if-no-files-found: ignore
 
   knapsack_rspec_test_the_rest:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -428,7 +429,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile
@@ -459,7 +460,7 @@ jobs:
           bundle exec rake knapsack_pro:rspec
 
   non_knapsack_jest_karma:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-20.04
     services:
       postgres:
         image: postgres:10
@@ -488,7 +489,7 @@ jobs:
 
       - uses: actions/setup-node@v3
         with:
-          node-version-file: .node-version
+          node-version: 16
 
       - name: Install JS dependencies
         run: yarn install --frozen-lockfile

.github/workflows/linters.yml

@@ -9,11 +9,7 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v1
-
       - uses: ruby/setup-ruby@v1
-
-      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-
       - name: rubocop
         uses: reviewdog/action-rubocop@v2
         with:
@@ -28,16 +24,6 @@ jobs:
     steps:
       - name: Check out code
         uses: actions/checkout@v3
-
-      - uses: actions/setup-node@v3
-        with:
-          node-version-file: .node-version
-
-      - name: Install JS dependencies
-        run: yarn install --frozen-lockfile
-
-      - run: git show --no-patch # the commit being tested (which is often a merge due to actions/checkout@v3)
-
       - name: prettier
         uses: EPMatt/reviewdog-action-prettier@v1
         with:

.node-version

@@ -1 +1 @@
-17.9.1
+14.16.1

.prettierignore

@@ -1,5 +1,8 @@
 # Basically, ignore everythings expect app/webpacker/controllers/*.js and app/webpacker/packs/*.js
-
+*.css
+*.scss
+# Except v2
+!/app/webpacker/css/admin/v2/**/*.scss
 *.md
 *.yml
 *.yaml
@@ -9,10 +12,6 @@
 babel.config.js
 postcss.config.js
 
-/app/webpacker/css/darkswarm/
-/app/webpacker/css/mail/
-/app/webpacker/css/shared/
-
 /app/assets/
 /config/
 /coverage/

.prettierrc.json

@@ -1,3 +1 @@
-{
-  "printWidth": 100
-}
+{}

.rubocop_styleguide.yml

@@ -2,8 +2,9 @@
 #
 # These are the rules we agreed upon and we work towards.
 AllCops:
-  NewCops: enable
+  NewCops: disable
   SuggestExtensions: false
+  TargetRailsVersion: 5.0
   Exclude:
     - 'bin/**/*'
     - 'db/**/*'
@@ -40,7 +41,6 @@ Metrics/BlockLength:
     "resources",
     "scenario",
     "shared_examples",
-    "shared_examples_for",
     "xdescribe",
   ]
 

CONTRIBUTING.md

@@ -57,7 +57,6 @@ TL;DR:
 * Maintain a clean commit history
 * Use a style consistent with the rest of the codebase
 * Before submitting, [rebase your work][rebase] on the current master branch
-* After submitting, be sure to check the [CI test results](ci). Click on a ❌ result to view the logged results and investigate.
 
 From here, your pull request will progress through the [Review, Test, Merge & Deploy process][process].
 
@@ -71,5 +70,4 @@ From here, your pull request will progress through the [Review, Test, Merge & De
 [slack-dev]: https://openfoodnetwork.slack.com/messages/C2GQ45KNU
 [ofn-transifex]: https://www.transifex.com/open-food-foundation/open-food-network/
 [i18n]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Internationalisation-%28i18n%29
-[welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/5
-[ci]: https://github.com/openfoodfoundation/openfoodnetwork/wiki/Continuous-Integration
+[welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/2

Dockerfile

@@ -28,18 +28,14 @@ RUN apt-get update && apt-get install -y \
   gnupg
 
 # Setup ENV variables
-ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:/usr/local/src/nodenv/shims:/usr/local/src/nodenv/bin:$PATH
+ENV PATH /usr/local/src/rbenv/shims:/usr/local/src/rbenv/bin:$PATH
 ENV RBENV_ROOT /usr/local/src/rbenv
-ENV NODENV_ROOT /usr/local/src/nodenv
 ENV CONFIGURE_OPTS --disable-install-doc
 ENV BUNDLE_PATH /bundles
 ENV LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so
 
 WORKDIR /usr/src/app
-
-# trim spaces and line return from .ruby-version file
-COPY .ruby-version .ruby-version.raw
-RUN cat .ruby-version.raw | tr -d '\r\t ' > .ruby-version
+COPY .ruby-version .
 
 # Install Rbenv & Ruby
 RUN git clone --depth 1 https://github.com/rbenv/rbenv.git ${RBENV_ROOT} && \
@@ -54,19 +50,10 @@ RUN sh -c "echo 'deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-
     apt-get update && \
     apt-get install -yqq --no-install-recommends postgresql-client-10 libpq-dev
 
-
-# trim spaces and line return from .node-version file
-COPY .node-version .node-version.raw
-RUN cat .node-version.raw | tr -d '\r\t ' > .node-version
-
-# Install Node and Yarn with Nodenv
-RUN git clone --depth 1 https://github.com/nodenv/nodenv.git ${NODENV_ROOT} && \
-    git clone --depth 1 https://github.com/nodenv/node-build.git ${NODENV_ROOT}/plugins/node-build && \
-    git clone --depth 1 https://github.com/pine/nodenv-yarn-install.git ${NODENV_ROOT}/plugins/nodenv-yarn-install && \
-    git clone --depth 1 https://github.com/nodenv/nodenv-package-rehash.git ${NODENV_ROOT}/plugins/nodenv-package-rehash && \
-    echo 'eval "$(nodenv init -)"' >> /etc/profile.d/nodenv.sh && \
-    nodenv install $(cat .node-version) && \
-    nodenv global $(cat .node-version)
+# Install NodeJs and yarn
+RUN curl -sL https://deb.nodesource.com/setup_14.x | bash - \
+    && apt-get install --no-install-recommends -y nodejs \
+    && npm install -g yarn
 
 # Install Chrome
 RUN wget --quiet -O - https://dl-ssl.google.com/linux/linux_signing_key.pub | apt-key add - && \

GETTING_STARTED.md

@@ -11,9 +11,6 @@ Head to our wiki on [Learning Rails](https://github.com/openfoodfoundation/openf
 The fastest way to make it work locally is to use Docker, you only need to setup git, see the [Docker setup guide](docker/README.md).
 Otherwise, for a local setup you will need:
 * Ruby and bundler (check current Ruby version in [.ruby-version](https://github.com/openfoodfoundation/openfoodnetwork/blob/master/.ruby-version) file)
-    - To manage versions, it's recommended to use [rbenv](https://github.com/rbenv/rbenv) or [RVM](https://rvm.io/)
-* Node and yarn (check current Node version in [.node-version](https://github.com/openfoodfoundation/openfoodnetwork/blob/master/.node-version) file)
-    - [nodevn](https://github.com/nodenv/nodenv) is recommended.
 * PostgreSQL database
 * Redis (for background jobs)
 * Chrome (for testing)
@@ -23,13 +20,15 @@ The following guides will provide OS-specific step-by-step instructions to get t
 - [Debian Setup Guide][debian]
 - [OSX Setup Guide][osx]
 
+If you are likely to need to manage multiple version of ruby on your local machine, we recommend version managers such as [rbenv](https://github.com/rbenv/rbenv) or [RVM](https://rvm.io/).
+
 For those new to Rails, the following tutorial will help get you up to speed with configuring a [Rails environment](http://guides.rubyonrails.org/getting_started.html).
 
 ### Get it
 
 So you have set up your local environment according to the requirements listed above. If you're planning on contributing code to the project (which we [LOVE](CONTRIBUTING.md)), it is a good idea to begin by forking this repo using the `Fork` button in the top-right corner of this screen. You should then be able to use `git clone` to copy your fork onto your local machine:
 
-    git clone git@github.com:YOUR_GITHUB_USERNAME_HERE/openfoodnetwork.git
+    git clone https://github.com/YOUR_GITHUB_USERNAME_HERE/openfoodnetwork
 
 Jump into your new local copy of the Open Food Network:
 
@@ -37,7 +36,7 @@ Jump into your new local copy of the Open Food Network:
 
 And then add an `upstream` remote that points to the main repo:
 
-    git remote add upstream git@github.com:openfoodfoundation/openfoodnetwork.git
+    git remote add upstream https://github.com/openfoodfoundation/openfoodnetwork
 
 Fetch the latest version of `master` from `upstream` (ie. the main repo):
 
@@ -48,14 +47,14 @@ Fetch the latest version of `master` from `upstream` (ie. the main repo):
 First, you need to create the database user the app will use by manually typing the following in your terminal:
 
 ```sh
-sudo --login --user=postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"
+$ sudo -u postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"
 ```
 
 This will create the "ofn" user as superuser and allowing it to create databases. If this command fails, check the [troubleshooting section](#creating-the-database) for an alternative.
 
 Next, it is _strongly recommended_ to run the setup script.
 ```sh
-./script/setup
+$ script/setup
 ```
 If the script succeeds you're ready to start developing. If not, take a look at the output as it should be informative enough to help you troubleshoot.
 
@@ -114,13 +113,13 @@ Below are fixes to potential issues that can happen during the installation proc
 
 #### Creating the database
 
-If the `sudo -u postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"` command doesn't work, you can run the following commands instead:
+If the ```$ sudo -u postgres psql -c "CREATE USER ofn WITH SUPERUSER CREATEDB PASSWORD 'f00d'"``` command doesn't work, you can run the following commands instead:
 ```
-createuser --superuser --pwprompt ofn
-# Enter password for new role: f00d
-# Enter it again: f00d
-createdb open_food_network_dev --owner=ofn
-createdb open_food_network_test --owner=ofn
+$ createuser --superuser --pwprompt ofn
+Enter password for new role: f00d
+Enter it again: f00d
+$ createdb open_food_network_dev --owner=ofn
+$ createdb open_food_network_test --owner=ofn
 ```
 If these commands succeed, you should be able to [continue the setup process](#get-it-running).
 

Gemfile

@@ -6,7 +6,7 @@ git_source(:github) { |repo_name| "https://github.com/#{repo_name}.git" }
 
 gem 'dotenv-rails', require: 'dotenv/rails-now' # Load ENV vars before other gems
 
-gem 'rails'
+gem 'rails', '>= 6.1.4'
 
 # Active Storage
 gem "active_storage_validations"
@@ -14,11 +14,11 @@ gem "aws-sdk-s3", require: false
 gem "image_processing"
 
 gem 'activemerchant', '>= 1.78.0'
+gem 'rexml'
 gem 'angular-rails-templates', '>= 0.3.0'
 gem 'awesome_nested_set'
-gem 'ransack', '~> 2.6.0'
+gem 'ransack', '2.4.2'
 gem 'responders'
-gem 'rexml'
 gem 'webpacker', '~> 5'
 
 gem 'i18n'
@@ -27,7 +27,7 @@ gem 'rails-i18n'
 gem 'rails_safe_tasks', '~> 1.0'
 
 gem "activerecord-import"
-gem "db2fog", github: "openfoodfoundation/db2fog", branch: "rails-7"
+gem "db2fog", github: "openfoodfoundation/db2fog", branch: "rails-6"
 gem "fog-aws", "~> 2.0" # db2fog does not support v3
 gem "mime-types" # required by fog
 
@@ -69,9 +69,9 @@ gem 'pagy', '~> 5.1'
 gem 'rswag-api'
 gem 'rswag-ui'
 
-gem 'omniauth_openid_connect'
-gem 'omniauth-rails_csrf_protection'
+gem 'gitlab-omniauth-openid-connect', require: 'omniauth_openid_connect'
 gem 'openid_connect', '~> 1.3'
+gem 'omniauth-rails_csrf_protection'
 
 gem 'angularjs-rails', '1.8.0'
 gem 'bugsnag'
@@ -83,16 +83,16 @@ gem 'actionpack-action_caching'
 #   AMS is deprecated, we will introduce an alternative at some point
 gem "active_model_serializers", "0.8.4"
 gem 'activerecord-session_store'
-gem 'acts-as-taggable-on'
+gem 'acts-as-taggable-on', '~> 8.1'
 gem 'angularjs-file-upload-rails', '~> 2.4.1'
 gem 'bigdecimal', '3.0.2'
 gem 'bootsnap', require: false
 gem 'geocoder'
 gem 'gmaps4rails'
 gem 'mimemagic', '> 0.3.5'
-gem 'paper_trail', '~> 12.1'
+gem 'paper_trail', '~> 12.1.0'
 gem 'rack-rewrite'
-gem 'rack-timeout'
+gem 'rack-ssl', require: 'rack/ssl'
 gem 'roadie-rails'
 
 gem 'hiredis'
@@ -101,16 +101,16 @@ gem 'redis', '>= 4.0', require: ['redis', 'redis/connection/hiredis']
 gem 'sidekiq'
 gem 'sidekiq-scheduler'
 
-gem "cable_ready", "5.0.0.rc2"
-gem "stimulus_reflex", "3.5.0.rc2"
+gem "cable_ready", "5.0.0.pre9"
+gem "stimulus_reflex", "3.5.0.pre9"
 
 gem 'combine_pdf'
 gem 'wicked_pdf'
 gem 'wkhtmltopdf-binary'
 
 gem 'immigrant'
-gem 'roo' # read spreadsheets
-gem 'spreadsheet_architect' # write spreadsheets
+gem 'roo'
+gem 'spreadsheet_architect'
 
 gem 'whenever', require: false
 
@@ -118,7 +118,7 @@ gem 'test-unit', '~> 3.5'
 
 gem 'coffee-rails', '~> 5.0.0'
 
-gem 'mini_racer'
+gem 'mini_racer', '0.4.0'
 
 gem 'angular_rails_csrf'
 
@@ -126,6 +126,8 @@ gem 'jquery-rails', '4.4.0'
 gem 'jquery-ui-rails', '~> 4.2'
 gem "select2-rails", github: "openfoodfoundation/select2-rails", branch: "v349_with_thor_v1"
 
+gem 'ofn-qz', github: 'openfoodfoundation/ofn-qz', branch: 'ofn-rails-4'
+
 gem 'good_migrations'
 
 gem 'flipper'
@@ -137,11 +139,9 @@ gem 'view_component_reflex', '3.1.14.pre9'
 
 gem 'mini_portile2', '~> 2.8'
 
-gem "faraday"
-gem "private_address_check"
-
 group :production, :staging do
   gem 'ddtrace'
+  gem 'rack-timeout'
   gem 'sd_notify' # For better Systemd process management. Used by Puma.
 end
 
@@ -150,7 +150,6 @@ group :test, :development do
   gem 'capybara'
   gem 'cuprite'
   gem 'database_cleaner', require: false
-  gem 'debug', '>= 1.0.0'
   gem "factory_bot_rails", '6.2.0', require: false
   gem 'fuubar', '~> 2.5.1'
   gem 'json_spec', '~> 1.1.4'
@@ -161,6 +160,7 @@ group :test, :development do
   gem 'rswag-specs'
   gem 'shoulda-matchers'
   gem 'timecop'
+  gem 'debug', '>= 1.0.0'
 end
 
 group :test do
@@ -175,16 +175,16 @@ end
 
 group :development do
   gem 'debugger-linecache'
+  gem 'rails-erd'
   gem 'foreman'
   gem 'listen'
   gem 'pry', '~> 0.13.0'
-  gem 'query_count'
-  gem 'rails-erd'
   gem 'rubocop'
   gem 'rubocop-rails'
   gem 'spring'
   gem 'spring-commands-rspec'
   gem 'web-console'
 
+
   gem 'rack-mini-profiler', '< 3.0.0'
 end

Gemfile.lock

@@ -1,12 +1,19 @@
 GIT
   remote: https://github.com/openfoodfoundation/db2fog.git
-  revision: 6e88c0ab9eeb23d7ad9964b27becb1c04a83141f
-  branch: rails-7
+  revision: 5b63343847452f52aa42f7fc169d6ab3af57cda3
+  branch: rails-6
   specs:
     db2fog (0.9.2)
-      activerecord (>= 3.2.0)
+      activerecord (>= 3.2.0, < 7.0)
       fog-core (~> 1.0)
-      rails (>= 3.2.0)
+      rails (>= 3.2.0, < 7.0)
+
+GIT
+  remote: https://github.com/openfoodfoundation/ofn-qz.git
+  revision: 467f6ea1c44529c7c91cac4c8211bbd863588c0b
+  branch: ofn-rails-4
+  specs:
+    ofn-qz (0.1.0)
 
 GIT
   remote: https://github.com/openfoodfoundation/select2-rails.git
@@ -44,49 +51,42 @@ GEM
   remote: https://rubygems.org/
   specs:
     Ascii85 (1.1.0)
-    actioncable (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actioncable (6.1.7)
+      actionpack (= 6.1.7)
+      activesupport (= 6.1.7)
       nio4r (~> 2.0)
       websocket-driver (>= 0.6.1)
-    actionmailbox (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailbox (6.1.7)
+      actionpack (= 6.1.7)
+      activejob (= 6.1.7)
+      activerecord (= 6.1.7)
+      activestorage (= 6.1.7)
+      activesupport (= 6.1.7)
       mail (>= 2.7.1)
-      net-imap
-      net-pop
-      net-smtp
-    actionmailer (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionmailer (6.1.7)
+      actionpack (= 6.1.7)
+      actionview (= 6.1.7)
+      activejob (= 6.1.7)
+      activesupport (= 6.1.7)
       mail (~> 2.5, >= 2.5.4)
-      net-imap
-      net-pop
-      net-smtp
       rails-dom-testing (~> 2.0)
-    actionpack (7.0.4.3)
-      actionview (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      rack (~> 2.0, >= 2.2.0)
+    actionpack (6.1.7)
+      actionview (= 6.1.7)
+      activesupport (= 6.1.7)
+      rack (~> 2.0, >= 2.0.9)
       rack-test (>= 0.6.3)
       rails-dom-testing (~> 2.0)
       rails-html-sanitizer (~> 1.0, >= 1.2.0)
     actionpack-action_caching (1.2.2)
       actionpack (>= 4.0.0)
-    actiontext (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
-      globalid (>= 0.6.0)
+    actiontext (6.1.7)
+      actionpack (= 6.1.7)
+      activerecord (= 6.1.7)
+      activestorage (= 6.1.7)
+      activesupport (= 6.1.7)
       nokogiri (>= 1.8.5)
-    actionview (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    actionview (6.1.7)
+      activesupport (= 6.1.7)
       builder (~> 3.1)
       erubi (~> 1.4)
       rails-dom-testing (~> 2.0)
@@ -98,19 +98,19 @@ GEM
       activemodel (>= 5.2.0)
       activestorage (>= 5.2.0)
       activesupport (>= 5.2.0)
-    activejob (7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activejob (6.1.7)
+      activesupport (= 6.1.7)
       globalid (>= 0.3.6)
     activemerchant (1.123.0)
       activesupport (>= 4.2)
       builder (>= 2.1.2, < 4.0.0)
       i18n (>= 0.6.9)
       nokogiri (~> 1.4)
-    activemodel (7.0.4.3)
-      activesupport (= 7.0.4.3)
-    activerecord (7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activemodel (6.1.7)
+      activesupport (= 6.1.7)
+    activerecord (6.1.7)
+      activemodel (= 6.1.7)
+      activesupport (= 6.1.7)
     activerecord-import (1.4.1)
       activerecord (>= 4.2)
     activerecord-postgresql-adapter (0.0.1)
@@ -121,23 +121,24 @@ GEM
       multi_json (~> 1.11, >= 1.11.2)
       rack (>= 2.0.8, < 3)
       railties (>= 5.2.4.1)
-    activestorage (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    activestorage (6.1.7)
+      actionpack (= 6.1.7)
+      activejob (= 6.1.7)
+      activerecord (= 6.1.7)
+      activesupport (= 6.1.7)
       marcel (~> 1.0)
       mini_mime (>= 1.1.0)
-    activesupport (7.0.4.3)
+    activesupport (6.1.7)
       concurrent-ruby (~> 1.0, >= 1.0.2)
       i18n (>= 1.6, < 2)
       minitest (>= 5.1)
       tzinfo (~> 2.0)
-    acts-as-taggable-on (9.0.1)
-      activerecord (>= 6.0, < 7.1)
+      zeitwerk (~> 2.3)
+    acts-as-taggable-on (8.1.0)
+      activerecord (>= 5.0, < 6.2)
     acts_as_list (1.0.4)
       activerecord (>= 4.2)
-    addressable (2.8.4)
+    addressable (2.8.1)
       public_suffix (>= 2.0.2, < 6.0)
     aes_key_wrap (1.1.0)
     afm (0.2.2)
@@ -157,16 +158,16 @@ GEM
     awesome_nested_set (3.5.0)
       activerecord (>= 4.0.0, < 7.1)
     aws-eventstream (1.2.0)
-    aws-partitions (1.760.0)
-    aws-sdk-core (3.171.1)
+    aws-partitions (1.669.0)
+    aws-sdk-core (3.168.2)
       aws-eventstream (~> 1, >= 1.0.2)
       aws-partitions (~> 1, >= 1.651.0)
       aws-sigv4 (~> 1.5)
       jmespath (~> 1, >= 1.6.1)
-    aws-sdk-kms (1.64.0)
+    aws-sdk-kms (1.60.0)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sigv4 (~> 1.1)
-    aws-sdk-s3 (1.122.0)
+    aws-sdk-s3 (1.117.2)
       aws-sdk-core (~> 3, >= 3.165.0)
       aws-sdk-kms (~> 1)
       aws-sigv4 (~> 1.4)
@@ -174,24 +175,26 @@ GEM
       aws-eventstream (~> 1, >= 1.0.2)
     bcrypt (3.1.18)
     bigdecimal (3.0.2)
-    bindata (2.4.15)
+    bindata (2.4.12)
     bindex (0.8.1)
-    bootsnap (1.16.0)
+    bootsnap (1.15.0)
       msgpack (~> 1.2)
-    bugsnag (6.25.2)
+    bugsnag (6.25.0)
       concurrent-ruby (~> 1.0)
     builder (3.2.4)
     bullet (7.0.7)
       activesupport (>= 3.0.0)
       uniform_notifier (~> 1.11)
-    cable_ready (5.0.0.rc2)
+    cable_ready (5.0.0.pre9)
+      actioncable (>= 5.2)
       actionpack (>= 5.2)
       actionview (>= 5.2)
+      activerecord (>= 5.2)
       activesupport (>= 5.2)
       railties (>= 5.2)
       thread-local (>= 1.1.0)
     cancancan (1.15.0)
-    capybara (3.39.0)
+    capybara (3.38.0)
       addressable
       matrix
       mini_mime (>= 0.1.3)
@@ -215,11 +218,11 @@ GEM
       coffee-script-source
       execjs
     coffee-script-source (1.12.2)
-    combine_pdf (1.0.23)
+    combine_pdf (1.0.22)
       matrix
       ruby-rc4 (>= 0.1.5)
-    concurrent-ruby (1.2.2)
-    connection_pool (2.4.0)
+    concurrent-ruby (1.1.10)
+    connection_pool (2.3.0)
     crack (0.4.5)
       rexml
     crass (1.0.6)
@@ -228,24 +231,21 @@ GEM
     cuprite (0.14.3)
       capybara (~> 3.0)
       ferrum (~> 0.13.0)
-    database_cleaner (2.0.2)
-      database_cleaner-active_record (>= 2, < 3)
-    database_cleaner-active_record (2.1.0)
+    database_cleaner (2.0.1)
+      database_cleaner-active_record (~> 2.0.0)
+    database_cleaner-active_record (2.0.0)
       activerecord (>= 5.a)
       database_cleaner-core (~> 2.0.0)
     database_cleaner-core (2.0.1)
-    date (3.3.3)
-    ddtrace (1.11.1)
-      debase-ruby_core_source (>= 0.10.16, <= 3.2.0)
-      libdatadog (~> 2.0.0.1.0)
-      libddwaf (~> 1.8.2.0.0)
+    ddtrace (0.54.1)
+      debase-ruby_core_source (= 0.10.12)
       msgpack
-    debase-ruby_core_source (3.2.0)
-    debug (1.8.0)
+    debase-ruby_core_source (0.10.12)
+    debug (1.7.1)
       irb (>= 1.5.0)
       reline (>= 0.3.1)
     debugger-linecache (1.2.0)
-    devise (4.9.2)
+    devise (4.8.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
       railties (>= 4.1.0)
@@ -253,8 +253,8 @@ GEM
       warden (~> 1.2.3)
     devise-encryptable (0.2.0)
       devise (>= 2.1.0)
-    devise-i18n (1.11.0)
-      devise (>= 4.9.0)
+    devise-i18n (1.10.2)
+      devise (>= 4.8.0)
     devise-token_authenticatable (1.1.0)
       devise (>= 4.0.0, < 5.0.0)
     diff-lcs (1.5.0)
@@ -264,7 +264,7 @@ GEM
     dotenv-rails (2.8.1)
       dotenv (= 2.8.1)
       railties (>= 3.2)
-    erubi (1.12.0)
+    erubi (1.11.0)
     et-orbi (1.2.7)
       tzinfo
     excon (0.81.0)
@@ -274,12 +274,12 @@ GEM
     factory_bot_rails (6.2.0)
       factory_bot (~> 6.2.0)
       railties (>= 5.0.0)
-    faraday (2.7.4)
+    faraday (2.6.0)
       faraday-net_http (>= 2.0, < 3.1)
       ruby2_keywords (>= 0.0.4)
     faraday-follow_redirects (0.3.0)
       faraday (>= 1, < 3)
-    faraday-net_http (3.0.2)
+    faraday-net_http (3.0.1)
     ferrum (0.13)
       addressable (~> 2.5)
       concurrent-ruby (~> 1.1)
@@ -287,17 +287,15 @@ GEM
       websocket-driver (>= 0.6, < 0.8)
     ffaker (2.21.0)
     ffi (1.15.5)
-    flipper (0.26.2)
-      concurrent-ruby (< 2)
-    flipper-active_record (0.26.2)
-      activerecord (>= 4.2, < 8)
-      flipper (~> 0.26.2)
-    flipper-ui (0.26.2)
+    flipper (0.20.4)
+    flipper-active_record (0.20.4)
+      activerecord (>= 5.0, < 7)
+      flipper (~> 0.20.4)
+    flipper-ui (0.20.4)
       erubi (>= 1.0.0, < 2.0.0)
-      flipper (~> 0.26.2)
+      flipper (~> 0.20.4)
       rack (>= 1.4, < 3)
-      rack-protection (>= 1.5.3, <= 4.0.0)
-      sanitize (< 7)
+      rack-protection (>= 1.5.3, < 2.2.0)
     fog-aws (2.0.1)
       fog-core (~> 1.38)
       fog-json (~> 1.0)
@@ -315,14 +313,18 @@ GEM
       nokogiri (>= 1.5.11, < 2.0.0)
     foreman (0.87.2)
     formatador (0.2.5)
-    fugit (1.8.1)
+    fugit (1.7.1)
       et-orbi (~> 1, >= 1.2.7)
       raabro (~> 1.4)
     fuubar (2.5.1)
       rspec-core (~> 3.0)
       ruby-progressbar (~> 1.4)
     geocoder (1.8.1)
-    globalid (1.1.0)
+    gitlab-omniauth-openid-connect (0.10.0)
+      addressable (~> 2.7)
+      omniauth (>= 1.9, < 3)
+      openid_connect (~> 1.2)
+    globalid (1.0.0)
       activesupport (>= 5.0)
     gmaps4rails (2.1.2)
     good_migrations (0.2.1)
@@ -338,7 +340,7 @@ GEM
     hiredis (0.6.3)
     htmlentities (4.3.4)
     httpclient (2.8.3)
-    i18n (1.13.0)
+    i18n (1.12.0)
       concurrent-ruby (~> 1.0)
     i18n-js (3.9.2)
       i18n (>= 0.6.6)
@@ -349,7 +351,7 @@ GEM
       activerecord (>= 3.0)
     io-console (0.6.0)
     ipaddress (0.8.3)
-    irb (1.6.4)
+    irb (1.6.2)
       reline (>= 0.3.0)
     jmespath (1.6.2)
     jquery-rails (4.4.0)
@@ -359,7 +361,7 @@ GEM
     jquery-ui-rails (4.2.1)
       railties (>= 3.2.16)
     json (2.6.3)
-    json-jwt (1.16.3)
+    json-jwt (1.16.0)
       activesupport (>= 4.2)
       aes_key_wrap
       bindata
@@ -372,28 +374,22 @@ GEM
       rspec (>= 2.0, < 4.0)
     jsonapi-serializer (2.2.0)
       activesupport (>= 4.2)
-    jwt (2.7.0)
-    knapsack_pro (3.11.0)
+    jwt (2.6.0)
+    knapsack_pro (3.7.0)
       rake
     launchy (2.5.0)
       addressable (~> 2.7)
     letter_opener (1.8.1)
       launchy (>= 2.2, < 3)
-    libdatadog (2.0.0.1.0)
-    libddwaf (1.8.2.0.0)
-      ffi (~> 1.0)
-    libv8-node (16.10.0.0)
-    listen (3.8.0)
+    libv8-node (15.14.0.1)
+    listen (3.7.1)
       rb-fsevent (~> 0.10, >= 0.10.3)
       rb-inotify (~> 0.9, >= 0.9.10)
-    loofah (2.20.0)
+    loofah (2.19.1)
       crass (~> 1.0.2)
       nokogiri (>= 1.5.9)
-    mail (2.8.1)
+    mail (2.7.1)
       mini_mime (>= 0.1.1)
-      net-imap
-      net-pop
-      net-smtp
     marcel (1.0.2)
     matrix (0.4.2)
     method_source (1.0.0)
@@ -405,28 +401,23 @@ GEM
       rake
     mini_magick (4.11.0)
     mini_mime (1.1.2)
-    mini_portile2 (2.8.2)
-    mini_racer (0.6.3)
-      libv8-node (~> 16.10.0.0)
-    minitest (5.18.0)
+    mini_portile2 (2.8.1)
+    mini_racer (0.4.0)
+      libv8-node (~> 15.14.0.0)
+    minitest (5.17.0)
     monetize (1.12.0)
       money (~> 6.12)
     money (6.16.0)
       i18n (>= 0.6.4, <= 2)
-    msgpack (1.7.0)
+    msgpack (1.6.0)
     multi_json (1.15.0)
     multi_xml (0.6.0)
-    net-imap (0.3.4)
-      date
-      net-protocol
-    net-pop (0.1.2)
-      net-protocol
-    net-protocol (0.2.1)
+    net-protocol (0.1.3)
       timeout
-    net-smtp (0.3.3)
+    net-smtp (0.3.2)
       net-protocol
-    nio4r (2.5.9)
-    nokogiri (1.14.3)
+    nio4r (2.5.8)
+    nokogiri (1.13.10)
       mini_portile2 (~> 2.8.0)
       racc (~> 1.4)
     oauth2 (1.4.11)
@@ -435,16 +426,13 @@ GEM
       multi_json (~> 1.3)
       multi_xml (~> 0.5)
       rack (>= 1.2, < 4)
-    omniauth (2.1.1)
+    omniauth (2.1.0)
       hashie (>= 3.4.6)
       rack (>= 2.2.3)
       rack-protection
     omniauth-rails_csrf_protection (1.0.1)
       actionpack (>= 4.2)
       omniauth (~> 2.0)
-    omniauth_openid_connect (0.6.1)
-      omniauth (>= 1.9, < 3)
-      openid_connect (~> 1.1)
     openid_connect (1.4.2)
       activemodel
       attr_required (>= 1.0.0)
@@ -459,13 +447,13 @@ GEM
     orm_adapter (0.5.0)
     pagy (5.10.1)
       activesupport
-    paper_trail (12.3.0)
+    paper_trail (12.1.0)
       activerecord (>= 5.2)
       request_store (~> 1.1)
     parallel (1.22.1)
     paranoia (2.6.1)
       activerecord (>= 5.1, < 7.1)
-    parser (3.2.2.0)
+    parser (3.1.3.0)
       ast (~> 2.4.1)
     paypal-sdk-core (0.3.4)
       multi_json (~> 1.0)
@@ -480,19 +468,15 @@ GEM
       ttfunk
     pg (1.2.3)
     power_assert (2.0.2)
-    private_address_check (0.5.0)
     pry (0.13.1)
       coderay (~> 1.1)
       method_source (~> 1.0)
-    public_suffix (5.0.1)
-    puma (6.2.2)
+    public_suffix (5.0.0)
+    puma (5.6.5)
       nio4r (~> 2.0)
-    query_count (1.1.1)
-      activerecord (>= 4.2)
-      railties (>= 4.2)
     raabro (1.4.0)
-    racc (1.6.2)
-    rack (2.2.7)
+    racc (1.6.1)
+    rack (2.2.4)
     rack-mini-profiler (2.3.4)
       rack (>= 1.2.0)
     rack-oauth2 (1.21.3)
@@ -501,28 +485,31 @@ GEM
       httpclient
       json-jwt (>= 1.11.0)
       rack (>= 2.1.0)
-    rack-protection (3.0.5)
+    rack-protection (2.1.0)
       rack
-    rack-proxy (0.7.6)
+    rack-proxy (0.7.0)
       rack
     rack-rewrite (1.5.1)
-    rack-test (2.1.0)
+    rack-ssl (1.4.1)
+      rack
+    rack-test (2.0.2)
       rack (>= 1.3)
     rack-timeout (0.6.3)
-    rails (7.0.4.3)
-      actioncable (= 7.0.4.3)
-      actionmailbox (= 7.0.4.3)
-      actionmailer (= 7.0.4.3)
-      actionpack (= 7.0.4.3)
-      actiontext (= 7.0.4.3)
-      actionview (= 7.0.4.3)
-      activejob (= 7.0.4.3)
-      activemodel (= 7.0.4.3)
-      activerecord (= 7.0.4.3)
-      activestorage (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    rails (6.1.7)
+      actioncable (= 6.1.7)
+      actionmailbox (= 6.1.7)
+      actionmailer (= 6.1.7)
+      actionpack (= 6.1.7)
+      actiontext (= 6.1.7)
+      actionview (= 6.1.7)
+      activejob (= 6.1.7)
+      activemodel (= 6.1.7)
+      activerecord (= 6.1.7)
+      activestorage (= 6.1.7)
+      activesupport (= 6.1.7)
       bundler (>= 1.15.0)
-      railties (= 7.0.4.3)
+      railties (= 6.1.7)
+      sprockets-rails (>= 2.0.0)
     rails-controller-testing (1.0.5)
       actionpack (>= 5.0.1.rc1)
       actionview (>= 5.0.1.rc1)
@@ -535,40 +522,37 @@ GEM
       activesupport (>= 4.2)
       choice (~> 0.2.0)
       ruby-graphviz (~> 1.2)
-    rails-html-sanitizer (1.5.0)
+    rails-html-sanitizer (1.4.4)
       loofah (~> 2.19, >= 2.19.1)
     rails-i18n (7.0.6)
       i18n (>= 0.7, < 2)
       railties (>= 6.0.0, < 8)
     rails_safe_tasks (1.0.0)
-    railties (7.0.4.3)
-      actionpack (= 7.0.4.3)
-      activesupport (= 7.0.4.3)
+    railties (6.1.7)
+      actionpack (= 6.1.7)
+      activesupport (= 6.1.7)
       method_source
       rake (>= 12.2)
       thor (~> 1.0)
-      zeitwerk (~> 2.5)
     rainbow (3.1.1)
     rake (13.0.6)
-    ransack (2.6.0)
-      activerecord (>= 6.0.4)
-      activesupport (>= 6.0.4)
+    ransack (2.4.2)
+      activerecord (>= 5.2.4)
+      activesupport (>= 5.2.4)
       i18n
-    rb-fsevent (0.11.2)
+    rb-fsevent (0.11.0)
     rb-inotify (0.10.1)
       ffi (~> 1.0)
-    redcarpet (3.6.0)
-    redis (4.8.1)
-    redis-client (0.14.1)
-      connection_pool
-    regexp_parser (2.8.0)
-    reline (0.3.3)
+    redcarpet (3.5.1)
+    redis (4.8.0)
+    regexp_parser (2.6.1)
+    reline (0.3.2)
       io-console (~> 0.5)
-    request_store (1.5.1)
+    request_store (1.5.0)
       rack (>= 1.4)
-    responders (3.1.0)
-      actionpack (>= 5.2)
-      railties (>= 5.2)
+    responders (3.0.1)
+      actionpack (>= 5.0)
+      railties (>= 5.0)
     rexml (3.2.5)
     roadie (5.0.1)
       css_parser (~> 1.4)
@@ -579,61 +563,61 @@ GEM
     rodf (1.2.0)
       builder (>= 3.0)
       rubyzip (>= 1.0)
-    roo (2.10.0)
+    roo (2.9.0)
       nokogiri (~> 1)
       rubyzip (>= 1.3.0, < 3.0.0)
-    rspec (3.12.0)
-      rspec-core (~> 3.12.0)
-      rspec-expectations (~> 3.12.0)
-      rspec-mocks (~> 3.12.0)
-    rspec-core (3.12.2)
-      rspec-support (~> 3.12.0)
-    rspec-expectations (3.12.3)
+    rspec (3.10.0)
+      rspec-core (~> 3.10.0)
+      rspec-expectations (~> 3.10.0)
+      rspec-mocks (~> 3.10.0)
+    rspec-core (3.10.2)
+      rspec-support (~> 3.10.0)
+    rspec-expectations (3.10.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-mocks (3.12.5)
+      rspec-support (~> 3.10.0)
+    rspec-mocks (3.10.2)
       diff-lcs (>= 1.2.0, < 2.0)
-      rspec-support (~> 3.12.0)
-    rspec-rails (6.0.2)
-      actionpack (>= 6.1)
-      activesupport (>= 6.1)
-      railties (>= 6.1)
-      rspec-core (~> 3.12)
-      rspec-expectations (~> 3.12)
-      rspec-mocks (~> 3.12)
-      rspec-support (~> 3.12)
+      rspec-support (~> 3.10.0)
+    rspec-rails (5.1.2)
+      actionpack (>= 5.2)
+      activesupport (>= 5.2)
+      railties (>= 5.2)
+      rspec-core (~> 3.10)
+      rspec-expectations (~> 3.10)
+      rspec-mocks (~> 3.10)
+      rspec-support (~> 3.10)
     rspec-retry (0.6.2)
       rspec-core (> 3.3)
-    rspec-support (3.12.0)
-    rswag-api (2.9.0)
+    rspec-support (3.10.3)
+    rswag-api (2.8.0)
       railties (>= 3.1, < 7.1)
-    rswag-specs (2.9.0)
+    rswag-specs (2.8.0)
       activesupport (>= 3.1, < 7.1)
       json-schema (>= 2.2, < 4.0)
       railties (>= 3.1, < 7.1)
       rspec-core (>= 2.14)
-    rswag-ui (2.9.0)
+    rswag-ui (2.8.0)
       actionpack (>= 3.1, < 7.1)
       railties (>= 3.1, < 7.1)
-    rubocop (1.50.2)
+    rubocop (1.42.0)
       json (~> 2.3)
       parallel (~> 1.10)
-      parser (>= 3.2.0.0)
+      parser (>= 3.1.2.1)
       rainbow (>= 2.2.2, < 4.0)
       regexp_parser (>= 1.8, < 3.0)
       rexml (>= 3.2.5, < 4.0)
-      rubocop-ast (>= 1.28.0, < 2.0)
+      rubocop-ast (>= 1.24.1, < 2.0)
       ruby-progressbar (~> 1.7)
-      unicode-display_width (>= 2.4.0, < 3.0)
-    rubocop-ast (1.28.0)
-      parser (>= 3.2.1.0)
-    rubocop-rails (2.19.1)
+      unicode-display_width (>= 1.4.0, < 3.0)
+    rubocop-ast (1.24.1)
+      parser (>= 3.1.1.0)
+    rubocop-rails (2.17.4)
       activesupport (>= 4.2.0)
       rack (>= 1.1)
       rubocop (>= 1.33.0, < 2.0)
     ruby-graphviz (1.2.5)
       rexml
-    ruby-progressbar (1.13.0)
+    ruby-progressbar (1.11.0)
     ruby-rc4 (0.1.5)
     ruby-vips (2.1.4)
       ffi (~> 1.12)
@@ -641,9 +625,6 @@ GEM
     rubyzip (2.3.2)
     rufus-scheduler (3.8.2)
       fugit (~> 1.1, >= 1.1.6)
-    sanitize (6.0.1)
-      crass (~> 1.0.2)
-      nokogiri (>= 1.12.0)
     sass (3.4.25)
     sass-rails (5.0.8)
       railties (>= 5.2.0)
@@ -655,14 +636,14 @@ GEM
     semantic_range (3.0.0)
     shoulda-matchers (5.3.0)
       activesupport (>= 5.2.0)
-    sidekiq (7.1.0)
-      concurrent-ruby (< 2)
-      connection_pool (>= 2.3.0)
-      rack (>= 2.2.4)
-      redis-client (>= 0.14.0)
-    sidekiq-scheduler (5.0.2)
+    sidekiq (6.5.8)
+      connection_pool (>= 2.2.5, < 3)
+      rack (~> 2.0)
+      redis (>= 4.5.0, < 5)
+    sidekiq-scheduler (4.0.3)
+      redis (>= 4.2.0)
       rufus-scheduler (~> 3.2)
-      sidekiq (>= 6, < 8)
+      sidekiq (>= 4, < 7)
       tilt (>= 1.4.0)
     simplecov (0.22.0)
       docile (~> 1.1)
@@ -673,7 +654,7 @@ GEM
     spreadsheet_architect (5.0.0)
       caxlsx (>= 3.3.0, < 4)
       rodf (>= 1.0.0, < 2)
-    spring (4.1.1)
+    spring (4.1.0)
     spring-commands-rspec (1.0.4)
       spring (>= 0.9.1)
     sprockets (3.7.2)
@@ -690,18 +671,18 @@ GEM
     state_machines-activerecord (0.8.0)
       activerecord (>= 5.1)
       state_machines-activemodel (>= 0.8.0)
-    stimulus_reflex (3.5.0.rc2)
-      actioncable (>= 5.2, < 8)
-      actionpack (>= 5.2, < 8)
-      actionview (>= 5.2, < 8)
-      activesupport (>= 5.2, < 8)
-      cable_ready (>= 5.0.0.rc2)
-      nokogiri (~> 1.0)
-      rack (>= 2, < 4)
-      railties (>= 5.2, < 8)
-      redis (>= 4.0, < 6.0)
-    stringex (2.8.6)
-    stripe (8.5.0)
+    stimulus_reflex (3.5.0.pre9)
+      actioncable (>= 5.2)
+      actionpack (>= 5.2)
+      actionview (>= 5.2)
+      activesupport (>= 5.2)
+      cable_ready (>= 5.0.0.pre9)
+      nokogiri
+      rack
+      railties (>= 5.2)
+      redis
+    stringex (2.8.5)
+    stripe (8.0.0)
     swd (1.3.0)
       activesupport (>= 3)
       attr_required (>= 0.0.5)
@@ -711,15 +692,15 @@ GEM
       power_assert
     thor (1.2.1)
     thread-local (1.1.0)
-    tilt (2.1.0)
+    tilt (2.0.11)
     timecop (0.9.6)
-    timeout (0.3.2)
+    timeout (0.3.0)
     ttfunk (1.7.0)
-    tzinfo (2.0.6)
+    tzinfo (2.0.5)
       concurrent-ruby (~> 1.0)
-    unicode-display_width (2.4.2)
+    unicode-display_width (2.3.0)
     uniform_notifier (1.16.0)
-    valid_email2 (4.0.6)
+    valid_email2 (4.0.4)
       activemodel (>= 3.2)
       mail (~> 2.5)
     validate_email (0.1.6)
@@ -729,7 +710,7 @@ GEM
       activemodel (>= 3.0.0)
       public_suffix
     vcr (6.1.0)
-    view_component (3.0.0)
+    view_component (2.80.0)
       activesupport (>= 5.2.0, < 8.0)
       concurrent-ruby (~> 1.0)
       method_source (~> 1.0)
@@ -751,7 +732,7 @@ GEM
       addressable (>= 2.8.0)
       crack (>= 0.3.2)
       hashdiff (>= 0.4.0, < 2.0.0)
-    webpacker (5.4.4)
+    webpacker (5.4.3)
       activesupport (>= 5.2)
       rack-proxy (>= 0.6.1)
       railties (>= 5.2)
@@ -768,7 +749,7 @@ GEM
     xml-simple (1.1.8)
     xpath (3.2.0)
       nokogiri (~> 1.8)
-    zeitwerk (2.6.8)
+    zeitwerk (2.6.6)
 
 PLATFORMS
   ruby
@@ -781,7 +762,7 @@ DEPENDENCIES
   activerecord-import
   activerecord-postgresql-adapter
   activerecord-session_store
-  acts-as-taggable-on
+  acts-as-taggable-on (~> 8.1)
   acts_as_list (= 1.0.4)
   angular-rails-templates (>= 0.3.0)
   angular_rails_csrf
@@ -794,7 +775,7 @@ DEPENDENCIES
   bootsnap
   bugsnag
   bullet
-  cable_ready (= 5.0.0.rc2)
+  cable_ready (= 5.0.0.pre9)
   cancancan (~> 1.15.0)
   capybara
   catalog!
@@ -814,7 +795,6 @@ DEPENDENCIES
   digest
   dotenv-rails
   factory_bot_rails (= 6.2.0)
-  faraday
   ffaker
   flipper
   flipper-active_record
@@ -823,6 +803,7 @@ DEPENDENCIES
   foreman
   fuubar (~> 2.5.1)
   geocoder
+  gitlab-omniauth-openid-connect
   gmaps4rails
   good_migrations
   haml
@@ -844,32 +825,31 @@ DEPENDENCIES
   mime-types
   mimemagic (> 0.3.5)
   mini_portile2 (~> 2.8)
-  mini_racer
+  mini_racer (= 0.4.0)
   monetize (~> 1.11)
   oauth2 (~> 1.4.7)
+  ofn-qz!
   omniauth-rails_csrf_protection
-  omniauth_openid_connect
   openid_connect (~> 1.3)
   order_management!
   pagy (~> 5.1)
-  paper_trail (~> 12.1)
+  paper_trail (~> 12.1.0)
   paranoia (~> 2.4)
   paypal-sdk-merchant (= 1.117.2)
   pdf-reader
   pg (~> 1.2.3)
-  private_address_check
   pry (~> 0.13.0)
   puma
-  query_count
   rack-mini-profiler (< 3.0.0)
   rack-rewrite
+  rack-ssl
   rack-timeout
-  rails
+  rails (>= 6.1.4)
   rails-controller-testing
   rails-erd
   rails-i18n
   rails_safe_tasks (~> 1.0)
-  ransack (~> 2.6.0)
+  ransack (= 2.4.2)
   redcarpet
   redis (>= 4.0)
   responders
@@ -893,7 +873,7 @@ DEPENDENCIES
   spring
   spring-commands-rspec
   state_machines-activerecord
-  stimulus_reflex (= 3.5.0.rc2)
+  stimulus_reflex (= 3.5.0.pre9)
   stringex (~> 2.8.5)
   stripe
   test-unit (~> 3.5)
@@ -914,4 +894,4 @@ RUBY VERSION
    ruby 3.0.3p157
 
 BUNDLED WITH
-   2.4.3
+   2.1.4

Procfile

@@ -1,5 +1,5 @@
 # Foreman Procfile. Start all dev server processes with: `foreman start`
 
-rails:      DEV_CACHING=true bundle exec rails s -p 3000
+rails:      bundle exec rails s -p 3000
 webpack:    ./bin/webpack-dev-server
-sidekiq:    DEV_CACHING=true bundle exec sidekiq -q mailers -q default
+sidekiq:    bundle exec sidekiq -q mailers -q default

README.md

@@ -33,7 +33,7 @@ We also have a [Super Admin Guide][super-admin-guide] to help with configuration
 
 ## Testing
 
-If you'd like to help out with testing, please introduce yourself on the #testing channel on [Slack][slack-invite] and download the [ZenHub browser extension][zenhub] to view the development pipeline. Also, do have a look in our [Welcome New QAs board][welcome-qa] for some good first issues, both on manual and automated testing (RSpec/Capybara).
+If you'd like to help out with testing, please introduce yourself on the #testing channel on [Slack][slack-invite] and download the [ZenHub browser extension][zenhub] to view the development pipeline. Also, do have a look in our [Welcome New QAs board](https://github.com/orgs/openfoodfoundation/projects/1) for some good first issues, both on manual and automated testing (RSpec/Capybara).
 
 We use [BrowserStack](https://www.browserstack.com/) as a manual testing tool. BrowserStack provides open source projects with unlimited and free of charge accounts. A big thanks to them!
 
@@ -52,6 +52,5 @@ Copyright (c) 2012 - 2022 Open Food Foundation, released under the AGPL licence.
 [ofn-handbook]: https://ofn-user-guide.gitbook.io/ofn-handbook/
 [ofn-install]: https://github.com/openfoodfoundation/ofn-install
 [super-admin-guide]: https://ofn-user-guide.gitbook.io/ofn-super-admin-guide
-[welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/5
-[welcome-qa]: https://github.com/orgs/openfoodfoundation/projects/6
+[welcome-dev]: https://github.com/orgs/openfoodfoundation/projects/2
 [zenhub]: https://www.zenhub.com/extension

app/assets/javascripts/admin/admin_ofn.js.coffee

@@ -12,6 +12,5 @@ angular.module("ofn.admin", [
   "admin.orders"
 ]).config ($httpProvider, $locationProvider, $qProvider) ->
   $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"
-  # for the next line, you should also probably check file: app/assets/javascripts/admin/utils/utils.js.coffee
   $locationProvider.hashPrefix('')
   $qProvider.errorOnUnhandledRejections(false)

app/assets/javascripts/admin/enterprises/controllers/enterprise_controller.js.coffee

@@ -55,12 +55,28 @@ angular.module("admin.enterprises")
         else
           alert ("#{manager.email}" + " " + t("is_already_manager"))
 
+    $scope.inviteManager = ->
+      $scope.invite_errors = $scope.invite_success = null
+      email = $scope.newUser
+
+      $http.post("/admin/manager_invitations", {email: email, enterprise_id: $scope.Enterprise.id}).then (response)->
+          $scope.addManager({id: response.data.user, email: email})
+          $scope.invite_success = t('user_invited', email: email)
+        .catch (response) ->
+          $scope.invite_errors = response.data.errors
+
+    $scope.resetModal = ->
+      $scope.newUser = $scope.invite_errors = $scope.invite_success = null
+
     $scope.removeLogo = ->
       $scope.performEnterpriseAction("removeLogo", "immediate_logo_removal_warning", "removed_logo_successfully")
 
     $scope.removePromoImage = ->
       $scope.performEnterpriseAction("removePromoImage", "immediate_promo_image_removal_warning", "removed_promo_image_successfully")
 
+    $scope.removeTermsAndConditions = ->
+      $scope.performEnterpriseAction("removeTermsAndConditions", "immediate_terms_and_conditions_removal_warning", "removed_terms_and_conditions_successfully")
+
     $scope.performEnterpriseAction = (enterpriseActionName, warning_message_key, success_message_key) ->
       return unless confirm($scope.translation(warning_message_key))
 

app/assets/javascripts/admin/enterprises/directives/terms_and_conditions_warning.js.coffee

@@ -0,0 +1,32 @@
+angular.module("admin.enterprises").directive 'termsAndConditionsWarning', ($rootScope, $compile, $templateCache, DialogDefaults, $timeout) ->
+  restrict: 'A'
+  scope: true
+
+  link: (scope, element, attr) ->
+    # This file input click handler will hold the browser file input dialog and show a warning modal
+    scope.hold_file_input_and_show_warning_modal = (event) ->
+      event.preventDefault()
+      scope.template = $compile($templateCache.get('admin/modals/terms_and_conditions_warning.html'))(scope)
+      if scope.template.dialog
+        scope.template.dialog(DialogDefaults)
+        scope.template.dialog('open')
+      $rootScope.$evalAsync()
+
+    element.bind 'click', scope.hold_file_input_and_show_warning_modal
+
+    # When the user presses continue in the warning modal, we open the browser file input dialog
+    scope.continue = ->
+      scope.template.dialog('close')
+      $rootScope.$evalAsync()
+
+      # unbind warning modal handler and click file input again to open the browser file input dialog
+      element.unbind('click').trigger('click')
+      # afterwards, bind warning modal handler again so that the warning is shown the next time
+      $timeout ->
+        element.bind 'click', scope.hold_file_input_and_show_warning_modal
+      return
+
+    scope.close = ->
+      scope.template.dialog('close')
+      $rootScope.$evalAsync()
+      return

app/assets/javascripts/admin/index_utils/services/sort_options.js.coffee

@@ -11,6 +11,5 @@ angular.module("admin.indexUtils").factory 'SortOptions', ->
       sortingExpr
 
     toggle: (predicate) ->
-      # predicate is a string or an array of strings
-      @reverse = (JSON.stringify(@predicate) == JSON.stringify(predicate)) && !@reverse
+      @reverse = (@predicate == predicate) && !@reverse
       @predicate = predicate

app/assets/javascripts/admin/line_items/controllers/line_items_controller.js.coffee

@@ -9,49 +9,41 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   $scope.sharedResource = false
   $scope.columns = Columns.columns
   $scope.sorting = SortOptions
-  $scope.pagination = LineItems.pagination
-  $scope.per_page_options = [
-    {id: 15, name: t('js.admin.orders.index.per_page', results: 15)},
-    {id: 50, name: t('js.admin.orders.index.per_page', results: 50)},
-    {id: 100, name: t('js.admin.orders.index.per_page', results: 100)}
-  ]
-  $scope.page = 1
-  $scope.per_page = $scope.per_page_options[0].id
-  $scope.filterByVariantId = null
-  searchThrough = ["order_distributor_name",
-    "order_bill_address_phone",
-    "order_bill_address_firstname",
-    "order_bill_address_lastname",
-    "variant_product_supplier_name",
-    "order_email",
-    "order_number",
-    "product_name"].join("_or_") + "_cont"
 
   $scope.confirmRefresh = ->
     LineItems.allSaved() || confirm(t("unsaved_changes_warning"))
 
+  $scope.initStartAndEnDate = ->
+    $scope.startDate = moment().startOf('day').subtract(7, 'days').format('YYYY-MM-DD')
+    $scope.endDate = moment().startOf('day').format('YYYY-MM-DD')
+
   $scope.resetFilters = ->
     $scope.distributorFilter = ''
     $scope.supplierFilter = ''
     $scope.orderCycleFilter = ''
-    $scope.query = ''
-    $scope.startDate = undefined
-    $scope.endDate = undefined
-    event = new CustomEvent('flatpickr:clear')
+    $scope.quickSearch = ''
+    $scope.initStartAndEnDate()
+    event = new CustomEvent('flatpickr:change', {
+      detail: { 
+        startDate: $scope.startDate,
+        endDate: $scope.endDate
+      }
+    })
     window.dispatchEvent(event)
 
   $scope.resetSelectFilters = ->
     $scope.resetFilters()
     $scope.refreshData()
 
-  $scope.fetchResults = ->
-    # creates indirection in order to factorize the code between orders and bulk orders
-    # used in app/views/admin/shared/_angular_per_page_controls.html.haml
-    $scope.refreshData()
-
   $scope.refreshData = ->
+    $scope.formattedStartDate = moment($scope.startDate).format()
+    $scope.formattedEndDate = moment($scope.endDate).add(1,'day').format()
+
+    return unless moment($scope.formattedStartDate).isValid() and moment($scope.formattedEndDate).isValid()
+
     return "cancel" unless $scope.confirmRefresh()
 
+    $scope.loadOrders()
     $scope.loadLineItems()
 
     unless $scope.initialized
@@ -59,49 +51,57 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
 
     $scope.dereferenceLoadedData()
 
+  $scope.setOrderCycleDateRange = ->
+    start_date = OrderCycles.byID[$scope.orderCycleFilter].orders_open_at
+    end_date = OrderCycles.byID[$scope.orderCycleFilter].orders_close_at
+    format = "YYYY-MM-DD HH:mm:ss Z"
+    $scope.startDate = moment(start_date, format).format('YYYY-MM-DD')
+    $scope.endDate = moment(end_date, format).startOf('day').format('YYYY-MM-DD')
+     # throw a flatpickr:change event to change the date back in the datepicker
+    event = new CustomEvent('flatpickr:change', {
+      detail: { 
+        startDate: $scope.startDate,
+        endDate: $scope.endDate
+      }
+    })
+    window.dispatchEvent(event)
+
   $scope.loadOrders = ->
     RequestMonitor.load $scope.orders = Orders.index(
-      "q[id_in][]": $scope.line_items.map((line_item) -> line_item.order.id)
+      "q[state_not_eq]": "canceled",
+      "q[shipment_state_not_eq]": "shipped",
+      "q[completed_at_not_null]": "true",
+      "q[distributor_id_eq]": $scope.distributorFilter,
+      "q[order_cycle_id_eq]": $scope.orderCycleFilter,
+      "q[completed_at_gteq]": $scope.formattedStartDate,
+      "q[completed_at_lt]": $scope.formattedEndDate
     )
 
   $scope.loadLineItems = ->
-    [formattedStartDate, formattedEndDate] = $scope.formatDates($scope.startDate, $scope.endDate)
-
     RequestMonitor.load LineItems.index(
-      "q[#{searchThrough}]": $scope.query,
-      "q[variant_id_eq]": $scope.filterByVariantId if $scope.filterByVariantId,
       "q[order_state_not_eq]": "canceled",
       "q[order_shipment_state_not_eq]": "shipped",
       "q[order_completed_at_not_null]": "true",
       "q[order_distributor_id_eq]": $scope.distributorFilter,
       "q[variant_product_supplier_id_eq]": $scope.supplierFilter,
       "q[order_order_cycle_id_eq]": $scope.orderCycleFilter,
-      "q[order_completed_at_gteq]": if formattedStartDate then formattedStartDate else undefined,
-      "q[order_completed_at_lt]": if formattedEndDate then formattedEndDate else undefined,
-      "page": $scope.page,
-      "per_page": $scope.per_page
+      "q[order_completed_at_gteq]": $scope.formattedStartDate,
+      "q[order_completed_at_lt]": $scope.formattedEndDate
     )
 
-  $scope.formatDates = (startDate, endDate) ->
-    formattedStartDate = moment(startDate).format('YYYY-MM-DD') if startDate
-    formattedEndDate = moment(endDate).add(1,'day').format('YYYY-MM-DD') if endDate
-    return [formattedStartDate, formattedEndDate]
-
   $scope.loadAssociatedData = ->
     RequestMonitor.load $scope.distributors = Enterprises.index(action: "visible", ams_prefix: "basic", "q[sells_in][]": ["own", "any"])
     RequestMonitor.load $scope.orderCycles = OrderCycles.index(ams_prefix: "basic", as: "distributor", "q[orders_close_at_gt]": "#{moment().subtract(90,'days').format()}")
     RequestMonitor.load $scope.suppliers = Enterprises.index(action: "visible", ams_prefix: "basic", "q[is_primary_producer_eq]": "true")
 
   $scope.dereferenceLoadedData = ->
-    RequestMonitor.load $q.all([$scope.distributors.$promise, $scope.orderCycles.$promise, $scope.suppliers.$promise, $scope.line_items.$promise]).then ->
+    RequestMonitor.load $q.all([$scope.orders.$promise, $scope.distributors.$promise, $scope.orderCycles.$promise, $scope.suppliers.$promise, $scope.line_items.$promise]).then ->
+      Dereferencer.dereferenceAttr $scope.orders, "distributor", Enterprises.byID
+      Dereferencer.dereferenceAttr $scope.orders, "order_cycle", OrderCycles.byID
       Dereferencer.dereferenceAttr $scope.line_items, "supplier", Enterprises.byID
-      $scope.loadOrders()
-      RequestMonitor.load $q.all([$scope.orders.$promise]).then ->
-        Dereferencer.dereferenceAttr $scope.line_items, "order", Orders.byID  
-        Dereferencer.dereferenceAttr $scope.orders, "distributor", Enterprises.byID
-        Dereferencer.dereferenceAttr $scope.orders, "order_cycle", OrderCycles.byID
-        $scope.bulk_order_form.$setPristine()
-        StatusMessage.clear()
+      Dereferencer.dereferenceAttr $scope.line_items, "order", Orders.byID
+      $scope.bulk_order_form.$setPristine()
+      StatusMessage.clear()
 
       unless $scope.initialized
         $scope.initialized = true
@@ -160,10 +160,6 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
             else
               Promise.all(LineItems.delete(item) for item in items).then(-> $scope.refreshData())
       , "js.admin.deleting_item_will_cancel_order")   
-    else
-      ofnDeleteLineItemsAlert(() ->
-        Promise.all(LineItems.delete(item) for item in lineItemsToDelete).then(-> $scope.refreshData())
-      , lineItemsToDelete.length)
 
   $scope.allBoxesChecked = ->
     checkedCount = $scope.filteredLineItems.reduce (count,lineItem) ->
@@ -178,17 +174,6 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
   $scope.setSelectedUnitsVariant = (unitsProduct,unitsVariant) ->
     $scope.selectedUnitsProduct = unitsProduct
     $scope.selectedUnitsVariant = unitsVariant
-    $scope.filterByVariantId = unitsVariant.id
-    $scope.page = 1
-    $scope.refreshData()
-
-  $scope.resetSelectedUnitsVariant = ->
-    $scope.selectedUnitsProduct = { }
-    $scope.selectedUnitsVariant = { }
-    $scope.filterByVariantId = null
-    $scope.sharedResource = false
-    $scope.page = 1
-    $scope.refreshData()
 
   $scope.getLineItemScale = (lineItem) ->
     if lineItem.units_product && lineItem.units_variant && (lineItem.units_product.variant_unit == "weight" || lineItem.units_product.variant_unit == "volume") 
@@ -234,7 +219,7 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
 
   $scope.getGroupBySizeFormattedValueWithUnitName = (value, unitsProduct, unitsVariant) ->
     scale = $scope.getScale(unitsProduct, unitsVariant)
-    if scale && value
+    if scale
       value = value / scale if scale != 28.35 && scale != 1 && scale != 453.6 # divide by scale if not smallest unit
       $scope.getFormattedValueWithUnitName(value, unitsProduct, unitsVariant, scale)
     else
@@ -278,8 +263,4 @@ angular.module("admin.lineItems").controller 'LineItemsCtrl', ($scope, $timeout,
       lineItem.final_weight_volume = LineItems.pristineByID[lineItem.id].final_weight_volume * lineItem.quantity / LineItems.pristineByID[lineItem.id].quantity
       $scope.weightAdjustedPrice(lineItem)
 
-  $scope.changePage = (newPage) ->
-    $scope.page = newPage
-    $scope.refreshData()
-
   $scope.resetSelectFilters()

app/assets/javascripts/admin/line_items/filters/variant_filter.js.coffee

@@ -0,0 +1,6 @@
+angular.module("admin.lineItems").filter "variantFilter", ->
+    return (lineItems,selectedUnitsProduct,selectedUnitsVariant,sharedResource) ->
+      filtered = []
+      filtered.push lineItem for lineItem in lineItems when (angular.equals(selectedUnitsProduct,{}) ||
+        (lineItem.units_product.id == selectedUnitsProduct.id && (sharedResource || lineItem.units_variant.id == selectedUnitsVariant.id ) ) )
+      filtered

app/assets/javascripts/admin/order_cycles/controllers/edit.js.coffee

@@ -18,6 +18,7 @@ angular.module('admin.orderCycles')
 
     $scope.submit = ($event, destination) ->
       $event.preventDefault()
+      NavigationCheck.clear()
       StatusMessage.display 'progress', t('js.saving')
       OrderCycle.update(destination, $scope.order_cycle_form)
 

app/assets/javascripts/admin/order_cycles/controllers/order_cycle_exchanges_controller.js.coffee

@@ -35,11 +35,7 @@ angular.module('admin.orderCycles')
       OrderCycle.removeExchangeFee(exchange, index)
       $scope.order_cycle_form.$dirty = true
 
-    $scope.setPickupTimeFieldDirty = (index, pickup_time) ->
-      # if the pickup_time is already set we are in edit mode, so no need to set pickup_time field as dirty
-      # to show it is required (it has a red border when set to dirty)
-      return if pickup_time
-
+    $scope.setPickupTimeFieldDirty = (index) ->
       $timeout ->
         pickup_time_field_name = "order_cycle_outgoing_exchange_" + index + "_pickup_time"
         $scope.order_cycle_form[pickup_time_field_name].$setDirty()

app/assets/javascripts/admin/order_cycles/controllers/order_cycles_controller.js.coffee

@@ -33,11 +33,9 @@ angular.module("admin.orderCycles").controller "OrderCyclesCtrl", ($scope, $q, C
     StatusMessage.display 'notice', "You have unsaved changes" if newVal
 
   $scope.showMore = (days) ->
-    orderCycles = OrderCycles.index(ams_prefix: "index", 
-    "q[orders_close_at_gt]": "#{daysFromToday($scope.ordersCloseAtLimit - days)}", 
-    "q[orders_close_at_lteq]": "#{daysFromToday($scope.ordersCloseAtLimit)}"
-    )
     $scope.ordersCloseAtLimit -= days
+    existingIDs = Object.keys(OrderCycles.byID)
+    orderCycles = OrderCycles.index(ams_prefix: "index", "q[orders_close_at_gt]": "#{daysFromToday($scope.ordersCloseAtLimit)}", "q[id_not_in][]": existingIDs)
     orderCycles.$promise.then ->
       $scope.orderCycles.push(orderCycle) for orderCycle in orderCycles
       compileData()

app/assets/javascripts/admin/orders/controllers/bulk_cancel_controller.js.coffee

@@ -0,0 +1,14 @@
+angular.module("admin.orders").controller "bulkCancelCtrl", ($scope, $http, $timeout) ->
+
+  $scope.cancelOrder = (orderIds, sendEmailCancellation, restock_items) ->
+    $http(
+      method: 'post'
+      url: "/admin/orders/bulk_cancel?order_ids=#{orderIds}&send_cancellation_email=#{sendEmailCancellation}&restock_items=#{restock_items}" ).then(->
+        window.location.reload()
+      )
+
+  $scope.cancelSelectedOrders = ->
+    ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) ->
+      if confirm
+        $scope.cancelOrder $scope.selected_orders, sendEmailCancellation, restock_items
+    )

app/assets/javascripts/admin/resources/resources/enterprise_resource.js.coffee

@@ -14,4 +14,7 @@ angular.module("admin.resources").factory 'EnterpriseResource', ($resource) ->
     'removePromoImage':
       url: '/api/v0/enterprises/:id/promo_image.json'
       method: 'DELETE'
+    'removeTermsAndConditions':
+      url: '/api/v0/enterprises/:id/terms_and_conditions.json'
+      method: 'DELETE'
   })

app/assets/javascripts/admin/resources/services/enterprises.js.coffee

@@ -63,3 +63,4 @@ angular.module("admin.resources").factory 'Enterprises', ($q, $filter, Enterpris
 
     removeLogo: performActionOnEnterpriseResource(EnterpriseResource.removeLogo)
     removePromoImage: performActionOnEnterpriseResource(EnterpriseResource.removePromoImage)
+    removeTermsAndConditions: performActionOnEnterpriseResource(EnterpriseResource.removeTermsAndConditions)

app/assets/javascripts/admin/spree/orders/shipments.js.erb

@@ -15,7 +15,7 @@ $(document).ready(function() {
       console.log(msg);
     });
   }
-  $('.admin-order-edit-form a.ship').click(handle_ship_click);
+  $('[data-hook=admin_order_edit_form] a.ship').click(handle_ship_click);
 
   //handle shipping method edit click
   $('a.edit-method').click(toggleMethodEdit);
@@ -37,7 +37,7 @@ $(document).ready(function() {
       console.log(msg);
     });
   }
-  $('.admin-order-edit-form a.save-method').click(handle_shipping_method_save);
+  $('[data-hook=admin_order_edit_form] a.save-method').click(handle_shipping_method_save);
 
   //handle tracking info edit/delete
 
@@ -64,8 +64,8 @@ $(document).ready(function() {
     return Spree.url( Spree.routes.orders_api + "/" + order_number + "/shipments/" + shipmentNumber + ".json");
   }
 
-  $('.admin-order-edit-form a.save-tracking').click(saveTrackingInfo);
-  $('.admin-order-edit-form a.delete-tracking').click(deleteTrackingInfo);
+  $('[data-hook=admin_order_edit_form] a.save-tracking').click(saveTrackingInfo);
+  $('[data-hook=admin_order_edit_form] a.delete-tracking').click(deleteTrackingInfo);
 
   // handle note edit/delete
 
@@ -96,8 +96,8 @@ $(document).ready(function() {
     }); 
   }
 
-  $('.admin-order-edit-form a.save-note').click(saveNote);
-  $('.admin-order-edit-form a.delete-note').click(deleteNote);
+  $('[data-hook=admin_order_edit_form] a.save-note').click(saveNote);
+  $('[data-hook=admin_order_edit_form] a.delete-note').click(deleteNote);
 
   // Makes API call for notes/tracking info
   makeApiCall = function(url, params) {

app/assets/javascripts/admin/spree/orders/variant_autocomplete.js.erb

@@ -4,8 +4,7 @@ $(document).ready(function() {
 
   initAlert()
   initConfirm()
-  initButtonCancel()
-  initLinkCancel()
+  initCancelOrder()
 
   if ($('#variant_autocomplete_template').length > 0) {
     window.variantTemplate = Handlebars.compile($('#variant_autocomplete_template').text());
@@ -251,18 +250,6 @@ ofnCancelOrderAlert = function(callback, i18nKey) {
   $('#custom-confirm').show();
 }
 
-ofnDeleteLineItemsAlert = function(callback, count) {
-  $('#custom-confirm .message').html(`${t("js.admin.orders.delete_line_items_html", {count: count})}`);
-  $('#custom-confirm button.confirm').click(() => {
-    $('#custom-confirm').hide();
-    callback();
-  });
-  $('#custom-confirm button.cancel').click(() => {
-    $('#custom-confirm').hide();
-  });
-  $('#custom-confirm').show();
-}
-
 ofnConfirm = function(callback) {
   $('#custom-confirm .message').html(
       ` ${t("are_you_sure")}
@@ -277,23 +264,17 @@ ofnConfirm = function(callback) {
   $('#custom-confirm').show();
 }
 
-initCancelAction = function(e){
-  ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) => {
-      if (confirm) {
-          var redirectTo = new URL(Spree.routes.cancel_order.toString());
-          redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
-          redirectTo.searchParams.append("restock_items", restock_items);
-          window.location.href = redirectTo.toString();
-      }
+initCancelOrder = function() {
+    $('#cancel_order_form').submit(function(e){
+        ofnCancelOrderAlert((confirm, sendEmailCancellation, restock_items) => {
+            if (confirm) {
+                var redirectTo = new URL(Spree.routes.cancel_order.toString());
+                redirectTo.searchParams.append("send_cancellation_email", sendEmailCancellation);
+                redirectTo.searchParams.append("restock_items", restock_items);
+                window.location.href = redirectTo.toString();
+            }
+        });
+        e.preventDefault();
+        return false;
     });
-  e.preventDefault();
-  return false;
-};
-
-initButtonCancel = function() {
-  $('#cancel_order_form').submit(initCancelAction)
-}
-
-initLinkCancel = function() {
-  $('#links-dropdown a[href$="cancel"]').click(initCancelAction);
 }

app/assets/javascripts/admin/spree/taxons/taxonomy.js.coffee

@@ -8,7 +8,7 @@ handle_move = (e, data) ->
   node = data.rslt.o
   new_parent = data.rslt.np
 
-  url = new URL(Spree.routes.admin_taxonomy_taxons)
+  url = new URL(base_url)
   url.pathname = url.pathname + '/' + node.attr("id") 
   data = {
     _method: "put",

app/assets/javascripts/admin/utils/utils.js.coffee

@@ -1,4 +1,2 @@
-angular.module("admin.utils", ["templates", "ngSanitize"]).config ($httpProvider, $locationProvider) ->
- # for the next line, you should also probably check file: app/assets/javascripts/admin/admin_ofn.js.coffee
- $locationProvider.hashPrefix('')
+angular.module("admin.utils", ["templates", "ngSanitize"]).config ($httpProvider) ->
  $httpProvider.defaults.headers.common["Accept"] = "application/json, text/javascript, */*"

app/assets/javascripts/darkswarm/controllers/registration/registration_form_controller.js.coffee

@@ -7,12 +7,8 @@ angular.module('Darkswarm').controller "RegistrationFormCtrl", ($scope, Registra
     form.$valid
 
   $scope.create = (form) ->
-    if ($scope.valid(form)) 
-      $scope.disableButton()
-      EnterpriseRegistrationService.create().then(() ->
-        $scope.enableButton()
-      )
-    end
+    $scope.disableButton()
+    EnterpriseRegistrationService.create($scope.enableButton) if $scope.valid(form)
 
   $scope.update = (nextStep, form) ->
     EnterpriseRegistrationService.update(nextStep) if $scope.valid(form)

app/assets/javascripts/darkswarm/directives/flash.js.coffee

@@ -17,12 +17,9 @@ angular.module('Darkswarm').directive "ofnFlash", (flash, $timeout, RailsFlashLo
     
     # Callback when a new flash message is pushed to flash service
     show = (message, type)=>
-      return unless message
-      # if same message already exists, don't add it again
-      return if $scope.flashes.some((flash) -> flash.message == message)
-
-      $scope.flashes.push({message: message, type: typePairings[type]})
-      $timeout($scope.delete, 10000)
+      if message
+        $scope.flashes.push({message: message, type: typePairings[type]})
+        $timeout($scope.delete, 10000)
 
     $scope.delete = ->
       $scope.flashes.shift()

app/assets/javascripts/darkswarm/directives/on_hand.js.coffee

@@ -1,4 +1,4 @@
-angular.module('Darkswarm').directive "ofnOnHand", (StockQuantity, Messages) ->
+angular.module('Darkswarm').directive "ofnOnHand", (StockQuantity) ->
   restrict: 'A'
   require: "ngModel"
   scope: true
@@ -16,7 +16,7 @@ angular.module('Darkswarm').directive "ofnOnHand", (StockQuantity, Messages) ->
     ngModel.$parsers.push (viewValue) ->
       available_quantity = scope.available_quantity()
       if parseInt(viewValue) > available_quantity
-        Messages.flash({error: t("js.insufficient_stock", {on_hand: available_quantity})})
+        alert t("js.insufficient_stock", {on_hand: available_quantity})
         viewValue = available_quantity
         ngModel.$setViewValue viewValue
         ngModel.$render()

app/assets/javascripts/darkswarm/services/enterprise_modal.js.coffee

@@ -2,7 +2,6 @@ angular.module('Darkswarm').factory "EnterpriseModal", ($modal, $rootScope, $htt
   # Build a modal popup for an enterprise.
   new class EnterpriseModal
     open: (enterprise)->
-      return if enterprise.visible == 'hidden'
       scope = $rootScope.$new(true) # Spawn an isolate to contain the enterprise
       scope.embedded_layout = window.location.search.indexOf("embedded_shopfront=true") != -1
 

app/assets/javascripts/darkswarm/services/enterprise_registration_service.js.coffee

@@ -55,10 +55,6 @@ angular.module('Darkswarm').factory "EnterpriseRegistrationService", ($http, Reg
       ).catch((response) ->
         Loading.clear()
         alert(t('failed_to_update_enterprise_unknown'))
-        if response.data.errors.instagram
-          igErr = document.querySelector("#instagram-error")
-          igErr.style.display = 'block'
-          igErr.textContent = response.data.errors.instagram[0]
       )
 
     prepare: =>

app/assets/javascripts/iehack.js

@@ -0,0 +1,5 @@
+$( document ).ready(function() {
+  $("#closeie").click(function() {
+    $("#ie-warning").hide(); 
+  });
+})

app/assets/javascripts/templates/admin/columns_dropdown.html.haml

@@ -1,13 +1,11 @@
-.ofn-drop-down.ofn-drop-down-v2.right#columns-dropdown{ ng: { controller: 'ColumnsDropdownCtrl' } }
-  .ofn-drop-down-label
-    = "  #{t('admin.columns')}".html_safe
-    %span{ 'ng-class' => "expanded && 'icon-caret-up' || !expanded && 'icon-caret-down'" }
+.ofn-drop-down.right#columns-dropdown{ ng: { controller: 'ColumnsDropdownCtrl' } }
+  %span{ :class => 'icon-reorder' }= "  #{t('admin.columns')}".html_safe
+  %span{ 'ng-class' => "expanded && 'icon-caret-up' || !expanded && 'icon-caret-down'" }
   %div.menu{ 'ng-show' => "expanded" }
-    .menu_items
-      .menu_item{ ng: { repeat: "column in columns", click: "toggle(column);" } }
-        %input.redesigned-input{ type: "checkbox", ng: { checked: "column.visible" } }
-        {{ column.name }}
-      %hr
-      %div.menu_item.text-center
-        %input.fullwidth.orange{ type: "button", ng: { value: "saved() ? 'Saved': 'Saving'", show: "saved() || saving", disabled: "saved()" } }
-        %input.fullwidth.red{ type: "button", :value => t('admin.column_save_as_default').html_safe, ng: { show: "!saved() && !saving", click: "saveColumnPreferences(action)"} }
+    %div.menu_item{ ng: { repeat: "column in columns", click: "toggle(column)", class: "{selected: column.visible}" } }
+      %span.check
+      %span.name {{ column.name }}
+    %hr
+    %div.menu_item.text-center
+      %input.fullwidth.orange{ type: "button", ng: { value: "saved() ? 'Saved': 'Saving'", show: "saved() || saving", disabled: "saved()" } }
+      %input.fullwidth.red{ type: "button", :value => t('admin.column_save_as_default').html_safe, ng: { show: "!saved() && !saving", click: "saveColumnPreferences(action)"} }

app/assets/javascripts/templates/admin/modals/terms_and_conditions_warning.html.haml

@@ -0,0 +1,14 @@
+%div
+  .margin-bottom-30.text-center
+    .text-big
+      {{ 'js.admin.modals.terms_and_conditions_warning.title' | t }}
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.terms_and_conditions_warning.message_1' | t }}
+  .margin-bottom-30
+    %p
+      {{ 'js.admin.modals.terms_and_conditions_warning.message_2' | t }}
+
+  .text-center
+    %input.button.red{ type: 'button', value: t('js.admin.modals.close'), ng: { click: 'close()' } }
+    %input.button.red{ type: 'button', value: t('js.admin.modals.continue'), ng: { click: 'continue()' } }

app/components/confirm_modal_component.rb

@@ -1,17 +0,0 @@
-# frozen_string_literal: true
-
-class ConfirmModalComponent < ModalComponent
-  def initialize(id:, confirm_actions: nil, controllers: nil, message: nil, confirm_reflexes: nil)
-    super(id: id, close_button: true)
-    @confirm_actions = confirm_actions
-    @confirm_reflexes = confirm_reflexes
-    @controllers = controllers
-    @message = message
-  end
-
-  private
-
-  def close_button_class
-    "secondary"
-  end
-end

app/components/confirm_modal_component/confirm_modal_component.html.haml

@@ -1,10 +0,0 @@
-%div{ id: @id, "data-controller": "modal #{@controllers}", "data-action": "keyup@document->modal#closeIfEscapeKey" }
-  .reveal-modal-bg.fade{ "data-modal-target": "background", "data-action": "click->modal#close" }
-  .reveal-modal.fade.tiny.help-modal{ "data-modal-target": "modal" }
-    = content
-
-    = render @message if @message
-
-    .modal-actions
-      %input{ class: "button icon-plus #{close_button_class}", type: 'button', value: t('js.admin.modals.cancel'), "data-action": "click->modal#close" }
-      %input{ class: "button icon-plus primary", type: 'button', value: t('js.admin.modals.confirm'), "data-action": @confirm_actions, "data-reflex": @confirm_reflexes }

app/components/confirm_modal_component/confirm_modal_component.scss

@@ -1,4 +0,0 @@
-.modal-actions {
-  display: flex;
-  justify-content: space-around;
-}

app/components/help_modal_component.rb

@@ -1,7 +1,26 @@
 # frozen_string_literal: true
 
-class HelpModalComponent < ModalComponent
+class HelpModalComponent < ViewComponent::Base
   def initialize(id:, close_button: true)
-    super(id: id, close_button: close_button)
+    @id = id
+    @close_button = close_button
+  end
+
+  private
+
+  def close_button_class
+    if namespace == "admin"
+      "red"
+    else
+      "primary"
+    end
+  end
+
+  def close_button?
+    !!@close_button
+  end
+
+  def namespace
+    helpers.controller_path.split("/").first
   end
 end

app/components/modal_component.rb

@@ -1,26 +0,0 @@
-# frozen_string_literal: true
-
-class ModalComponent < ViewComponent::Base
-  def initialize(id:, close_button: true)
-    @id = id
-    @close_button = close_button
-  end
-
-  private
-
-  def close_button_class
-    if namespace == "admin"
-      "red"
-    else
-      "primary"
-    end
-  end
-
-  def close_button?
-    !!@close_button
-  end
-
-  def namespace
-    helpers.controller_path.split("/").first
-  end
-end

app/components/product_component.rb

@@ -1,26 +1,18 @@
 # frozen_string_literal: true
 
 class ProductComponent < ViewComponentReflex::Component
-  DATETIME_FORMAT = '%F %T'
-
   def initialize(product:, columns:)
     super
     @product = product
     @image = @product.images[0] if product.images.any?
-    @columns = columns.map do |c|
+    @columns = columns.map { |c|
       {
         id: c[:value],
         value: column_value(c[:value])
       }
-    end
+    }
   end
 
-  # This must be define when using ProductComponent.with_collection()
-  def collection_key
-    @product.id
-  end
-
-  # rubocop:disable Metrics/CyclomaticComplexity, Metrics/MethodLength
   def column_value(column)
     case column
     when 'name'
@@ -33,27 +25,6 @@ class ProductComponent < ViewComponentReflex::Component
       @product.supplier.name
     when 'category'
       @product.taxons.map(&:name).join(', ')
-    when 'sku'
-      @product.sku
-    when 'on_hand'
-      @product.on_hand || 0
-    when 'on_demand'
-      @product.on_demand
-    when 'tax_category'
-      @product.tax_category.name
-    when 'inherits_properties'
-      @product.inherits_properties
-    when 'available_on'
-      format_date(@product.available_on)
-    when 'import_date'
-      format_date(@product.import_date)
     end
   end
-  # rubocop:enable Metrics/CyclomaticComplexity, Metrics/MethodLength
-
-  private
-
-  def format_date(date)
-    date&.strftime(DATETIME_FORMAT) || ''
-  end
 end

app/components/products_table_component.rb

@@ -3,37 +3,27 @@
 class ProductsTableComponent < ViewComponentReflex::Component
   include Pagy::Backend
 
-  SORTABLE_COLUMNS = ['name', 'import_date'].freeze
-  SELECTABLE_COLUMNS = [
-    { label: I18n.t("admin.products_page.columns_selector.price"), value: "price" },
-    { label: I18n.t("admin.products_page.columns_selector.unit"), value: "unit" },
-    { label: I18n.t("admin.products_page.columns_selector.producer"), value: "producer" },
-    { label: I18n.t("admin.products_page.columns_selector.category"), value: "category" },
-    { label: I18n.t("admin.products_page.columns_selector.sku"), value: "sku" },
-    { label: I18n.t("admin.products_page.columns_selector.on_hand"), value: "on_hand" },
-    { label: I18n.t("admin.products_page.columns_selector.on_demand"), value: "on_demand" },
-    { label: I18n.t("admin.products_page.columns_selector.tax_category"), value: "tax_category" },
-    {
-      label: I18n.t("admin.products_page.columns_selector.inherits_properties"),
-      value: "inherits_properties"
-    },
-    { label: I18n.t("admin.products_page.columns_selector.available_on"), value: "available_on" },
-    { label: I18n.t("admin.products_page.columns_selector.import_date"), value: "import_date" }
-  ].sort do |a, b|
+  SORTABLE_COLUMNS = ["name"].freeze
+  SELECTABLE_COMUMNS = [{ label: I18n.t("admin.products_page.columns_selector.price"),
+                          value: "price" },
+                        { label: I18n.t("admin.products_page.columns_selector.unit"),
+                          value: "unit" },
+                        { label: I18n.t("admin.products_page.columns_selector.producer"),
+                          value: "producer" },
+                        { label: I18n.t("admin.products_page.columns_selector.category"),
+                          value: "category" }].sort { |a, b|
     a[:label] <=> b[:label]
-  end.freeze
-
+  }.freeze
   PER_PAGE_VALUE = [10, 25, 50, 100].freeze
   PER_PAGE = PER_PAGE_VALUE.map { |value| { label: value, value: value } }
-  NAME_COLUMN = {
-    label: I18n.t("admin.products_page.columns.name"), value: "name", sortable: true
-  }.freeze
+  NAME_COLUMN = { label: I18n.t("admin.products_page.columns.name"), value: "name",
+                  sortable: true }.freeze
 
   def initialize(user:)
     super
     @user = user
-    @selectable_columns = SELECTABLE_COLUMNS
-    @columns_selected = ['unit', 'price', 'on_hand', 'category', 'import_date']
+    @selectable_columns = SELECTABLE_COMUMNS
+    @columns_selected = ["price", "unit"]
     @per_page = PER_PAGE
     @per_page_selected = [10]
     @categories = [{ label: "All", value: "all" }] +
@@ -50,20 +40,16 @@ class ProductsTableComponent < ViewComponentReflex::Component
     @search_term = ""
   end
 
-  # any change on a "reflex_data_attributes" (defined in the template) will trigger a re render
   def before_render
     fetch_products
     refresh_columns
   end
 
-  # Element refers to the component the data is set on
   def search_term
-    # Element is SearchInputComponent
     @search_term = element.dataset['value']
   end
 
   def toggle_column
-    # Element is SelectorComponent
     column = element.dataset['value']
     @columns_selected = if @columns_selected.include?(column)
                           @columns_selected - [column]
@@ -73,33 +59,26 @@ class ProductsTableComponent < ViewComponentReflex::Component
   end
 
   def click_sort
-    # Element is TableHeaderComponent
-    @sort = {
-      column: element.dataset['sort-value'],
-      direction: element.dataset['sort-direction'] == "asc" ? "desc" : "asc"
-    }
+    @sort = { column: element.dataset['sort-value'],
+              direction: element.dataset['sort-direction'] == "asc" ? "desc" : "asc" }
   end
 
   def toggle_per_page
-    # Element is SelectorComponent
     selected = element.dataset['value'].to_i
     @per_page_selected = [selected] if PER_PAGE_VALUE.include?(selected)
   end
 
   def toggle_category
-    # Element is SelectorWithFilterComponent
     category_clicked = element.dataset['value']
     @categories_selected = toggle_selector_with_filter(category_clicked, @categories_selected)
   end
 
   def toggle_producer
-    # Element is SelectorWithFilterComponent
     producer_clicked = element.dataset['value']
     @producers_selected = toggle_selector_with_filter(producer_clicked, @producers_selected)
   end
 
   def change_page
-    # Element is PaginationComponent
     page = element.dataset['page'].to_i
     @page = page if page > 0
   end
@@ -107,13 +86,10 @@ class ProductsTableComponent < ViewComponentReflex::Component
   private
 
   def refresh_columns
-    @columns = @columns_selected.map do |column|
-      {
-        label: I18n.t("admin.products_page.columns.#{column}"),
-        value: column,
-        sortable: SORTABLE_COLUMNS.include?(column)
-      }
-    end.sort! { |a, b| a[:label] <=> b[:label] }
+    @columns = @columns_selected.map { |column|
+      { label: I18n.t("admin.products_page.columns.#{column}"), value: column,
+        sortable: SORTABLE_COLUMNS.include?(column) }
+    }.sort! { |a, b| a[:label] <=> b[:label] }
     @columns.unshift(NAME_COLUMN)
   end
 
@@ -169,13 +145,8 @@ class ProductsTableComponent < ViewComponentReflex::Component
   def product_query_includes
     [
       master: [:images],
-      variants: [
-        :default_price,
-        :stock_locations,
-        :stock_items,
-        :variant_overrides,
-        { option_values: :option_type }
-      ]
+      variants: [:default_price, :stock_locations, :stock_items, :variant_overrides,
+                 { option_values: :option_type }]
     ]
   end
 end

app/constraints/feature_toggle_constraint.rb

@@ -3,16 +3,11 @@
 require "open_food_network/feature_toggle"
 
 class FeatureToggleConstraint
-  def initialize(feature_name, negate: false)
+  def initialize(feature_name)
     @feature = feature_name
-    @negate = negate
   end
 
   def matches?(request)
-    enabled?(request) ^ @negate
-  end
-
-  def enabled?(request)
     OpenFoodNetwork::FeatureToggle.enabled?(@feature, current_user(request))
   end
 

app/controllers/admin/contents_controller.rb

@@ -18,8 +18,6 @@ module Admin
         end
       end
 
-      ContentConfig.updated_at = Time.zone.now
-
       flash[:success] =
         t(:successfully_updated, resource: I18n.t('admin.contents.edit.your_content'))
 

app/controllers/admin/customers_controller.rb

@@ -2,7 +2,6 @@
 
 require 'open_food_network/address_finder'
 
-# rubocop:disable Metrics/ClassLength
 module Admin
   class CustomersController < Admin::ResourceController
     before_action :load_managed_shops, only: :index, if: :html_request?
@@ -68,7 +67,7 @@ module Admin
 
     def collection
       if json_request? && params[:enterprise_id].present?
-        CustomersWithBalance.new(customers).query.
+        CustomersWithBalance.new(managed_enterprise_id).query.
           includes(
             :enterprise,
             { bill_address: [:state, :country] },
@@ -80,15 +79,6 @@ module Admin
       end
     end
 
-    def customers
-      return @customers if @customers.present?
-
-      @customers = Customer.managed_by(spree_current_user)
-      return @customers if params[:enterprise_id].blank?
-
-      @customers = @customers.where(enterprise_id: params[:enterprise_id])
-    end
-
     def managed_enterprise_id
       @managed_enterprise_id ||= Enterprise.managed_by(spree_current_user).
         select('enterprises.id').find_by(id: params[:enterprise_id])
@@ -130,4 +120,3 @@ module Admin
     end
   end
 end
-# rubocop:enable Metrics/ClassLength

app/controllers/admin/enterprises_controller.rb

@@ -8,12 +8,12 @@ module Admin
   class EnterprisesController < Admin::ResourceController
     include GeocodeEnterpriseAddress
     include CablecarResponses
-    include Pagy::Backend
 
     # These need to run before #load_resource so that @object is initialised with sanitised values
     prepend_before_action :override_owner, only: :create
     prepend_before_action :override_sells, only: :create
 
+    before_action :load_enterprise_set, only: :index
     before_action :load_countries, except: [:index, :register, :check_permalink]
     before_action :load_methods_and_fees, only: [:edit, :update]
     before_action :load_groups, only: [:new, :edit, :update, :create]
@@ -33,8 +33,6 @@ module Admin
     include OrderCyclesHelper
 
     def index
-      load_enterprise_set_on_index
-
       respond_to do |format|
         format.html
         format.json {
@@ -50,7 +48,7 @@ module Admin
       if params[:stimulus]
         @enterprise.is_primary_producer = params[:is_primary_producer]
         @enterprise.sells = params[:enterprise_sells]
-        render cable_ready: cable_car.morph("#side_menu", partial("admin/shared/side_menu"))
+        render operations: cable_car.morph("#side_menu", partial("admin/shared/side_menu"))
           .morph("#permalink", partial("admin/enterprises/form/permalink"))
       end
     end
@@ -102,8 +100,7 @@ module Admin
     end
 
     def bulk_update
-      load_enterprise_set_with_params(bulk_params)
-
+      @enterprise_set = Sets::EnterpriseSet.new(collection, bulk_params)
       if @enterprise_set.save
         flash[:success] = I18n.t(:enterprise_bulk_update_success_notice)
 
@@ -151,15 +148,8 @@ module Admin
 
     private
 
-    def load_enterprise_set_on_index
-      return unless spree_current_user.admin?
-
-      load_enterprise_set_with_params
-    end
-
-    def load_enterprise_set_with_params(params = {})
-      @pagy, @paginated_collection = pagy(@collection)
-      @enterprise_set = Sets::EnterpriseSet.new(@paginated_collection, params)
+    def load_enterprise_set
+      @enterprise_set = Sets::EnterpriseSet.new(collection) if spree_current_user.admin?
     end
 
     def load_countries

app/controllers/admin/invoice_settings_controller.rb

@@ -18,6 +18,7 @@ module Admin
       params.require(:preferences).permit(
         :enable_invoices?,
         :invoice_style2?,
+        :enable_receipt_printing?,
         :enterprise_number_required_on_invoices?,
       )
     end

app/controllers/admin/manager_invitations_controller.rb

@@ -0,0 +1,47 @@
+# frozen_string_literal: true
+
+module Admin
+  class ManagerInvitationsController < Spree::Admin::BaseController
+    authorize_resource class: false
+
+    def create
+      @email = params[:email]
+      @enterprise = Enterprise.find(params[:enterprise_id])
+
+      authorize! :edit, @enterprise
+
+      existing_user = Spree::User.find_by(email: @email)
+
+      if existing_user
+        render json: { errors: t('admin.enterprises.invite_manager.user_already_exists') },
+               status: :unprocessable_entity
+        return
+      end
+
+      new_user = create_new_manager
+
+      if new_user
+        render json: { user: new_user.id }, status: :ok
+      else
+        render json: { errors: t('admin.enterprises.invite_manager.error') },
+               status: :internal_server_error
+      end
+    end
+
+    private
+
+    def create_new_manager
+      password = Devise.friendly_token
+      new_user = Spree::User.create(email: @email, unconfirmed_email: @email, password: password)
+      new_user.reset_password_token = Devise.friendly_token
+      # Same time as used in Devise's lib/devise/models/recoverable.rb.
+      new_user.reset_password_sent_at = Time.now.utc
+      new_user.save!
+
+      @enterprise.users << new_user
+      EnterpriseMailer.manager_invitation(@enterprise, new_user).deliver_later
+
+      new_user
+    end
+  end
+end

app/controllers/admin/order_cycles_controller.rb

@@ -100,13 +100,10 @@ module Admin
       order_cycle.schedules.each do |schedule|
         Subscription.where(schedule_id: schedule.id).each do |subscription|
           shop = Enterprise.managed_by(spree_current_user).find_by(id: subscription.shop_id)
-          fee_calculator = OpenFoodNetwork::EnterpriseFeeCalculator.new(shop, order_cycle)
           subscription.subscription_line_items.nil_price_estimate.each do |line_item|
             variant = OrderManagement::Subscriptions::
                 VariantsList.eligible_variants(shop).find_by(id: line_item.variant_id)
-            # If the variant is not available in the shop, the price estimate will be nil
-            next if variant.nil?
-
+            fee_calculator = OpenFoodNetwork::EnterpriseFeeCalculator.new(shop, order_cycle)
             price = variant.price + fee_calculator.indexed_fees_for(variant)
             line_item.update_column(:price_estimate, price)
           end

app/controllers/admin/reports_controller.rb

@@ -2,7 +2,6 @@
 
 module Admin
   class ReportsController < Spree::Admin::BaseController
-    include ActiveStorage::SetCurrent
     include ReportsActions
     helper ReportsHelper
 
@@ -20,26 +19,23 @@ module Admin
     end
 
     def show
-      @report = report_class.new(spree_current_user, params, render: render_data?)
+      @report = report_class.new(spree_current_user, params, request)
 
-      if params[:report_format].present?
+      if report_format.present?
         export_report
       else
-        show_report
+        render_report
       end
-    rescue Timeout::Error
-      render_timeout_error
     end
 
     private
 
     def export_report
-      send_data render_report_as(report_format), filename: report_filename
+      send_data @report.render_as(report_format, controller: self), filename: report_filename
     end
 
-    def show_report
+    def render_report
       assign_view_data
-      @table = render_report_as(:html) if render_data?
       render "show"
     end
 
@@ -47,54 +43,13 @@ module Admin
       @report_type = report_type
       @report_subtypes = report_subtypes
       @report_subtype = report_subtype
-      @report_title = report_title
+      @report_title = if report_subtype
+                        report_subtype_title
+                      else
+                        I18n.t(:name, scope: [:admin, :reports, @report_type])
+                      end
       @rendering_options = rendering_options
       @data = Reporting::FrontendData.new(spree_current_user)
     end
-
-    def render_data?
-      request.post?
-    end
-
-    def render_report_as(format)
-      if OpenFoodNetwork::FeatureToggle.enabled?(:background_reports, spree_current_user)
-        @blob = ReportBlob.create_for_upload_later!(report_filename)
-        ReportJob.perform_later(
-          report_class, spree_current_user, params, format, @blob
-        )
-        Timeout.timeout(max_wait_time) do
-          sleep 1 until @blob.content_stored?
-        end
-
-        # This result has been rendered by Rails in safe mode already.
-        @blob.result.html_safe # rubocop:disable Rails/OutputSafety
-      else
-        @report.render_as(format)
-      end
-    end
-
-    def render_timeout_error
-      assign_view_data
-      if @blob
-        @error = ".report_taking_longer_html"
-        @error_url = @blob.url
-      else
-        @error = ".report_taking_longer"
-        @error_url = ""
-      end
-      render "show"
-    end
-
-    def max_wait_time
-      # This value is used by rack-timeout and nginx, usually 30 seconds in
-      # staging and production:
-      server_timeout = ENV.fetch("RACK_TIMEOUT_SERVICE_TIMEOUT", "15").to_f
-
-      # Zero disables the timeout:
-      return 0 if server_timeout.zero?
-
-      # We want to time out earlier than nginx:
-      server_timeout - 2.seconds
-    end
   end
 end

app/controllers/admin/subscriptions_controller.rb

@@ -16,8 +16,7 @@ module Admin
       respond_to do |format|
         format.html do
           if view_context.subscriptions_setup_complete?(@shops)
-            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user)
-              .includes([:distributors, :cached_incoming_exchanges])
+            @order_cycles = OrderCycle.joins(:schedules).managed_by(spree_current_user).includes([:distributors, :cached_incoming_exchanges])
             @payment_methods = Spree::PaymentMethod.managed_by(spree_current_user).includes(:taggings)
             @payment_method_tags = payment_method_tags_by_id
             @shipping_methods = Spree::ShippingMethod.managed_by(spree_current_user)
@@ -26,10 +25,7 @@ module Admin
             render :setup_explanation
           end
         end
-        format.json {
-          render_as_json @collection, ams_prefix: params[:ams_prefix],
-                                      payment_method_tags: payment_method_tags_by_id
-        }
+        format.json { render_as_json @collection, ams_prefix: params[:ams_prefix], payment_method_tags: payment_method_tags_by_id }
       end
     end
 

app/controllers/admin/variant_overrides_controller.rb

@@ -63,7 +63,7 @@ module Admin
 
       options = [{ id: '0', name: 'All' }]
       import_dates.collect(&:import_date).map { |i|
-        options.push(id: i.to_date, name: i.to_date.to_fs(:long))
+        options.push(id: i.to_date, name: i.to_date.to_formatted_s(:long))
       }
 
       options

app/controllers/admin/vouchers_controller.rb

@@ -1,36 +0,0 @@
-# frozen_string_literal: true
-
-module Admin
-  class VouchersController < ResourceController
-    before_action :load_enterprise
-
-    def new
-      @voucher = Voucher.new
-    end
-
-    def create
-      voucher_params = permitted_resource_params.merge(enterprise: @enterprise)
-      @voucher = Voucher.create(voucher_params)
-
-      if @voucher.save
-        redirect_to(
-          "#{edit_admin_enterprise_path(@enterprise)}#vouchers_panel",
-          flash: { success: flash_message_for(@voucher, :successfully_created) }
-        )
-      else
-        flash[:error] = @voucher.errors.full_messages.to_sentence
-        render :new
-      end
-    end
-
-    private
-
-    def load_enterprise
-      @enterprise = Enterprise.find_by permalink: params[:enterprise_id]
-    end
-
-    def permitted_resource_params
-      params.require(:voucher).permit(:code)
-    end
-  end
-end

app/controllers/api/v1/base_controller.rb

@@ -106,9 +106,7 @@ module Api
       end
 
       def json_api_error(message, **options)
-        error_options = options.delete(:error_options) || {}
-
-        { errors: [{ detail: message }.merge(error_options)] }.merge(options)
+        { errors: [{ detail: message }] }.merge(options)
       end
 
       def json_api_invalid(message, errors)

app/controllers/api/v1/customers_controller.rb

@@ -6,17 +6,11 @@ module Api
   module V1
     class CustomersController < Api::V1::BaseController
       include AddressTransformation
-      include ExtraFields
 
       skip_authorization_check only: :index
 
       before_action :authorize_action, only: [:show, :update, :destroy]
 
-      # Query parameters
-      before_action only: [:index] do
-        @extra_customer_fields = extra_fields :customer, [:balance]
-      end
-
       def index
         @pagy, customers = pagy(search_customers, pagy_options)
 
@@ -57,11 +51,7 @@ module Api
       private
 
       def customer
-        @customer ||= if action_name == "show"
-                        CustomersWithBalance.new(Customer.where(id: params[:id])).query.first!
-                      else
-                        Customer.find(params[:id])
-                      end
+        @customer ||= Customer.find(params[:id])
       end
 
       def authorize_action
@@ -71,16 +61,13 @@ module Api
       def search_customers
         customers = visible_customers.includes(:bill_address, :ship_address)
         customers = customers.where(enterprise_id: params[:enterprise_id]) if params[:enterprise_id]
-
-        if @extra_customer_fields.include?(:balance)
-          customers = CustomersWithBalance.new(customers).query
-        end
-
-        customers.ransack(params[:q]).result.order(:id)
+        customers.ransack(params[:q]).result
       end
 
       def visible_customers
-        Customer.managed_by(current_api_user)
+        current_api_user.customers.or(
+          Customer.where(enterprise_id: editable_enterprises)
+        )
       end
 
       def customer_params
@@ -104,6 +91,10 @@ module Api
         attributes
       end
 
+      def editable_enterprises
+        OpenFoodNetwork::Permissions.new(current_api_user).editable_enterprises.select(:id)
+      end
+
       def include_options
         fields = [params.fetch(:include, [])].flatten
 

app/controllers/checkout_controller.rb

@@ -5,7 +5,6 @@ require 'open_food_network/address_finder'
 class CheckoutController < ::BaseController
   include OrderStockCheck
   include OrderCompletion
-  include WhiteLabel
 
   layout 'darkswarm'
 
@@ -28,8 +27,6 @@ class CheckoutController < ::BaseController
   before_action :associate_user
   before_action :check_authorization
 
-  before_action :hide_ofn_navigation, only: :edit
-
   helper 'spree/orders'
 
   def edit; end

app/controllers/concerns/extra_fields.rb

@@ -1,32 +0,0 @@
-# frozen_string_literal: true
-
-# To be included in api controllers for handeling query params
-module ExtraFields
-  extend ActiveSupport::Concern
-
-  def invalid_query_param(name, status, msg)
-    render status: status, json: json_api_error(msg, error_options:
-      {
-        title: I18n.t("api.query_param.error.title"),
-        source: { parameter: name },
-        status: status,
-        code: Rack::Utils::SYMBOL_TO_STATUS_CODE[status]
-      })
-  end
-
-  def extra_fields(type, available_fields)
-    fields = params.dig(:extra_fields, type)&.split(',')&.compact&.map(&:to_sym)
-    return [] if fields.blank?
-
-    unknown_fields = fields - available_fields
-
-    if unknown_fields.present?
-      invalid_query_param(
-        "extra_fields[#{type}]", :unprocessable_entity,
-        I18n.t("api.query_param.error.extra_fields", fields: unknown_fields.join(', '))
-      )
-    end
-
-    fields
-  end
-end

app/controllers/concerns/manager_invitations.rb

@@ -1,19 +0,0 @@
-# frozen_string_literal: true
-
-module ManagerInvitations
-  extend ActiveSupport::Concern
-
-  def create_new_manager(email, enterprise)
-    password = Devise.friendly_token
-    new_user = Spree::User.create(email: email, unconfirmed_email: email, password: password)
-    new_user.reset_password_token = Devise.friendly_token
-    # Same time as used in Devise's lib/devise/models/recoverable.rb.
-    new_user.reset_password_sent_at = Time.now.utc
-    if new_user.save
-      enterprise.users << new_user
-      EnterpriseMailer.manager_invitation(enterprise, new_user).deliver_later
-    end
-
-    new_user
-  end
-end

app/controllers/concerns/order_stock_check.rb

@@ -31,7 +31,7 @@ module OrderStockCheck
     flash[:info] = I18n.t('order_cycle_closed')
     respond_to do |format|
       format.cable_ready {
-        render status: :see_other, cable_ready: cable_car.redirect_to(url: main_app.shop_path)
+        render status: :see_other, operations: cable_car.redirect_to(url: main_app.shop_path)
       }
       format.json { render json: { path: main_app.shop_path }, status: :see_other }
       format.html { redirect_to main_app.shop_path, status: :see_other }

app/controllers/concerns/reports_actions.rb

@@ -39,14 +39,6 @@ module ReportsActions
     params[:report_subtype] || report_subtypes_codes.first
   end
 
-  def report_title
-    if report_subtype
-      report_subtype_title
-    else
-      I18n.t(:name, scope: [:admin, :reports, report_type])
-    end
-  end
-
   def report_subtype_title
     report_subtypes.select { |_name, key| key.to_sym == report_subtype.to_sym }.first[0]
   end
@@ -56,7 +48,7 @@ module ReportsActions
   end
 
   def report_format
-    params[:report_format].presence || "html"
+    params[:report_format]
   end
 
   def report_filename

app/controllers/concerns/white_label.rb

@@ -1,21 +0,0 @@
-# frozen_string_literal: true
-
-module WhiteLabel
-  extend ActiveSupport::Concern
-  include EnterprisesHelper
-
-  def hide_ofn_navigation(distributor = current_distributor)
-    return false unless OpenFoodNetwork::FeatureToggle.enabled?(:white_label)
-
-    # if the distributor has the hide_ofn_navigation preference set to true
-    # then we should hide the OFN navigation
-    @hide_ofn_navigation = distributor.hide_ofn_navigation
-
-    # if the distributor has the hide_ofn_navigation preference
-    # set to false, there is no need to check the white_label_logo preference
-    return unless @hide_ofn_navigation
-
-    @white_label_logo = distributor.white_label_logo
-    @white_label_distributor = distributor
-  end
-end

app/controllers/enterprises_controller.rb

@@ -7,7 +7,6 @@ class EnterprisesController < BaseController
   helper Spree::ProductsHelper
   include OrderCyclesHelper
   include SerializerHelper
-  include WhiteLabel
 
   protect_from_forgery except: :check_permalink
 
@@ -15,7 +14,6 @@ class EnterprisesController < BaseController
   prepend_before_action :set_order_cycles, :require_distributor_chosen, :reset_order, only: :shop
 
   before_action :clean_permalink, only: :check_permalink
-  before_action :hide_ofn_navigation, only: :shop
 
   respond_to :js, only: :permalink_checker
 

app/controllers/errors_controller.rb

@@ -4,11 +4,6 @@ class ErrorsController < ApplicationController
   layout "errors"
 
   def not_found
-    Bugsnag.notify("404") do |event|
-      event.severity = "info"
-
-      event.add_metadata(:request, request.env)
-    end
     render status: :not_found
   end
 

app/controllers/split_checkout_controller.rb

@@ -10,7 +10,6 @@ class SplitCheckoutController < ::BaseController
   include CheckoutCallbacks
   include OrderCompletion
   include CablecarResponses
-  include WhiteLabel
 
   helper 'terms_and_conditions'
   helper 'checkout'
@@ -19,7 +18,6 @@ class SplitCheckoutController < ::BaseController
   helper OrderHelper
 
   before_action :set_checkout_redirect
-  before_action :hide_ofn_navigation, only: [:edit, :update]
 
   def edit
     redirect_to_step_based_on_order unless params[:step]
@@ -38,71 +36,20 @@ class SplitCheckoutController < ::BaseController
       advance_order_state
       redirect_to_step
     else
-      render_error
+      flash.now[:error] ||= I18n.t('split_checkout.errors.global')
+
+      render status: :unprocessable_entity, operations: cable_car.
+        replace("#checkout", partial("split_checkout/checkout")).
+        replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
     end
   rescue Spree::Core::GatewayError => e
     flash[:error] = I18n.t(:spree_gateway_error_flash_for_checkout, error: e.message)
     @order.update_column(:state, "payment")
-    render cable_ready: cable_car.redirect_to(url: checkout_step_path(:payment))
+    render operations: cable_car.redirect_to(url: checkout_step_path(:payment))
   end
 
   private
 
-  def render_error
-    flash.now[:error] ||= I18n.t(
-      'split_checkout.errors.saving_failed',
-      messages: order_error_messages
-    )
-
-    render status: :unprocessable_entity, cable_ready: cable_car.
-      replace("#checkout", partial("split_checkout/checkout")).
-      replace("#flashes", partial("shared/flashes", locals: { flashes: flash }))
-  end
-
-  def order_error_messages
-    # Remove ship_address.* errors if no shipping method is not selected
-    remove_ship_address_errors if no_ship_address_needed?
-
-    # Reorder errors to make sure the most important ones are shown first
-    # and finally, return the error messages to sentence
-    reorder_errors.map(&:full_message).to_sentence
-  end
-
-  def no_ship_address_needed?
-    @order.errors[:shipping_method].present? || params[:ship_address_same_as_billing] == "1"
-  end
-
-  def remove_ship_address_errors
-    @order.errors.delete("ship_address.firstname")
-    @order.errors.delete("ship_address.address1")
-    @order.errors.delete("ship_address.city")
-    @order.errors.delete("ship_address.phone")
-    @order.errors.delete("ship_address.lastname")
-    @order.errors.delete("ship_address.zipcode")
-  end
-
-  def reorder_errors
-    @order.errors.sort_by do |e|
-      case e.attribute
-      when /email/i then 0
-      when /phone/i then 1
-      when /bill_address/i then 2 + bill_address_error_order(e)
-      else 20
-      end
-    end
-  end
-
-  def bill_address_error_order(error)
-    case error.attribute
-    when /firstname/i then 0
-    when /lastname/i then 1
-    when /address1/i then 2
-    when /city/i then 3
-    when /zipcode/i then 4
-    else 5
-    end
-  end
-
   def flash_error_when_no_shipping_method_available
     flash[:error] = I18n.t('split_checkout.errors.no_shipping_methods_available')
   end
@@ -132,7 +79,7 @@ class SplitCheckoutController < ::BaseController
     return unless selected_payment_method&.external_gateway?
     return unless (redirect_url = selected_payment_method.external_payment_url(order: @order))
 
-    render cable_ready: cable_car.redirect_to(url: redirect_url)
+    render operations: cable_car.redirect_to(url: redirect_url)
     true
   end
 
@@ -143,10 +90,6 @@ class SplitCheckoutController < ::BaseController
   def update_order
     return if params[:confirm_order] || @order.errors.any?
 
-    # If we have "pick up" shipping method (require_ship_address is set to false), use the
-    # distributor address as shipping address
-    use_shipping_address_from_distributor if shipping_method_ship_address_not_required?
-
     @order.select_shipping_method(params[:shipping_method_id])
     @order.update(order_params)
     @order.updater.update_totals_and_states
@@ -156,29 +99,6 @@ class SplitCheckoutController < ::BaseController
     @order.errors.empty?
   end
 
-  def use_shipping_address_from_distributor
-    @order.ship_address = @order.address_from_distributor
-
-    # Add the missing data
-    bill_address = params[:order][:bill_address_attributes]
-    @order.ship_address.firstname = bill_address[:firstname]
-    @order.ship_address.lastname = bill_address[:lastname]
-    @order.ship_address.phone = bill_address[:phone]
-
-    # Remove shipping address from parameter so we don't override the address we just set
-    params[:order].delete(:ship_address_attributes)
-  end
-
-  def shipping_method_ship_address_not_required?
-    selected_shipping_method = available_shipping_methods&.select do |sm|
-      sm.id.to_s == params[:shipping_method_id]
-    end
-
-    return false if selected_shipping_method.empty?
-
-    selected_shipping_method.first.require_ship_address == false
-  end
-
   def summary_step?
     params[:step] == "summary"
   end

app/controllers/spree/admin/general_settings_controller.rb

@@ -6,6 +6,7 @@ module Spree
       def edit
         @preferences_general = [:site_name, :default_seo_title, :default_meta_keywords,
                                 :default_meta_description, :site_url]
+        @preferences_security = [:allow_ssl_in_production, :allow_ssl_in_staging]
         @preferences_currency = [:display_currency, :hide_cents]
       end
 

app/controllers/spree/admin/orders/customer_details_controller.rb

@@ -65,7 +65,6 @@ module Spree
           params.require(:order).permit(
             :email,
             :use_billing,
-            :customer_id,
             bill_address_attributes: ::PermittedAttributes::Address.attributes,
             ship_address_attributes: ::PermittedAttributes::Address.attributes
           )

app/controllers/spree/admin/orders_controller.rb

@@ -9,30 +9,22 @@ module Spree
       helper CheckoutHelper
 
       before_action :load_order, only: [:edit, :update, :fire, :resend,
-                                        :invoice, :print, :distribution]
-      before_action :load_distribution_choices, only: [:new, :edit, :update, :distribution]
+                                        :invoice, :print, :print_ticket]
+      before_action :load_distribution_choices, only: [:new, :edit, :update]
 
+      # Ensure that the distributor is set for an order when
+      before_action :ensure_distribution, only: :new
       before_action :require_distributor_abn, only: :invoice
 
+      content_security_policy false, only: :print_ticket
+
       respond_to :html, :json
 
       def new
         @order = Order.create
         @order.created_by = spree_current_user
-        @order.generate_order_number
         @order.save
-        redirect_to spree.distribution_admin_order_path(@order)
-      end
-
-      def distribution
-        return if order_params.blank?
-
-        on_update
-
-        @order.assign_attributes(order_params)
-        return unless @order.save(context: :set_distribution_step)
-
-        redirect_to spree.admin_order_customer_path(@order)
+        redirect_to spree.edit_admin_order_url(@order)
       end
 
       def edit
@@ -43,7 +35,12 @@ module Spree
       end
 
       def update
-        on_update
+        @order.recreate_all_fees!
+
+        unless @order.cart?
+          @order.create_tax_charge!
+          @order.update_order!
+        end
 
         if params[:set_distribution_step] && @order.update(order_params)
           return redirect_to spree.admin_order_customer_path(@order)
@@ -70,6 +67,18 @@ module Spree
         load_spree_api_key
       end
 
+      def bulk_cancel
+        order_ids = params[:order_ids].split(',')
+
+        Spree::Order.where(id: order_ids).find_each do |order|
+          order.send_cancellation_email = params[:send_cancellation_email] != "false"
+          order.restock_items = params.fetch(:restock_items, "true") == "true"
+          order.cancel
+        end
+
+        flash[:success] = Spree.t(:order_updated)
+      end
+
       def fire
         event = params[:e]
         @order.send_cancellation_email = params[:send_cancellation_email] != "false"
@@ -108,17 +117,12 @@ module Spree
         render_with_wicked_pdf InvoiceRenderer.new.args(@order)
       end
 
-      private
-
-      def on_update
-        @order.recreate_all_fees!
-
-        return if @order.cart?
-
-        @order.create_tax_charge!
-        @order.update_order!
+      def print_ticket
+        render template: "spree/admin/orders/ticket", layout: false
       end
 
+      private
+
       def order_params
         return params[:order] if params[:order].blank?
 
@@ -156,6 +160,17 @@ module Spree
                         ocs.closed +
                         ocs.undated
       end
+
+      def ensure_distribution
+        unless @order
+          @order = Spree::Order.new
+          @order.generate_order_number
+          @order.save!
+        end
+        return if @order.distribution_set?
+
+        render 'set_distribution', locals: { order: @order }
+      end
     end
   end
 end

app/controllers/spree/admin/payment_methods_controller.rb

@@ -7,6 +7,7 @@ module Spree
       before_action :load_data
       before_action :validate_payment_method_provider, only: [:create]
       before_action :load_hubs, only: [:new, :edit, :update]
+      before_action :validate_calculator_preferred_value, only: [:update]
 
       respond_to :html
 
@@ -16,10 +17,6 @@ module Spree
         @payment_method = payment_method_class.constantize.new(base_params)
         @object = @payment_method
 
-        if !base_params["calculator_type"] && gateway_params["calculator_type"]
-          @payment_method.calculator_type = gateway_params["calculator_type"]
-        end
-
         load_hubs
 
         if @payment_method.save
@@ -47,7 +44,6 @@ module Spree
           redirect_to spree.edit_admin_payment_method_path(@payment_method)
         else
           respond_with(@payment_method)
-          clear_preference_cache
         end
       end
 
@@ -186,23 +182,33 @@ module Spree
             end
           end
 
-          # Ensure the calculator to be updated is the correct type
-          if params_for_update["calculator_type"] && params_for_update["calculator_attributes"]
-            add_type_to_calculator_attributes(params_for_update)
-          end
-
           params_for_update
         end
       end
 
-      def clear_preference_cache
-        @payment_method.calculator.preferences.each_key do |key|
-          Rails.cache.delete(@payment_method.calculator.preference_cache_key(key))
+      def validate_calculator_preferred_value
+        return if calculator_preferred_values.all? do |value|
+          preferred_value_from_params = gateway_params.dig(:calculator_attributes, value)
+          preferred_value_from_params.nil? || Float(preferred_value_from_params,
+                                                    exception: false)
         end
+
+        flash[:error] = I18n.t(:calculator_preferred_value_error)
+        redirect_to spree.edit_admin_payment_method_path(@payment_method)
       end
 
-      def add_type_to_calculator_attributes(hash)
-        hash["calculator_attributes"]["type"] = hash["calculator_type"]
+      def calculator_preferred_values
+        [
+          :preferred_amount,
+          :preferred_flat_percent,
+          :preferred_flat_percent,
+          :preferred_first_item,
+          :preferred_additional_item,
+          :preferred_max_items,
+          :preferred_normal_amount,
+          :preferred_discount_amount,
+          :preferred_minimal_amount
+        ]
       end
     end
   end

app/controllers/spree/admin/products_controller.rb

@@ -177,7 +177,7 @@ module Spree
       def product_import_dates
         options = [{ id: '0', name: '' }]
         product_import_dates_query.collect(&:import_date).
-          map { |i| options.push(id: i.to_date, name: i.to_date.to_fs(:long)) }
+          map { |i| options.push(id: i.to_date, name: i.to_date.to_formatted_s(:long)) }
 
         options
       end

app/controllers/spree/admin/zones_controller.rb

@@ -13,7 +13,7 @@ module Spree
 
       def collection
         params[:q] ||= {}
-        params[:q][:s] ||= "name asc"
+        params[:q][:s] ||= "ascend_by_name"
         @search = super.ransack(params[:q])
         @pagy, @zones = pagy(@search.result, items: Spree::Config[:orders_per_page])
         @zones

app/controllers/spree/orders_controller.rb

@@ -5,7 +5,6 @@ module Spree
     include OrderCyclesHelper
     include Rails.application.routes.url_helpers
     include CablecarResponses
-    include WhiteLabel
 
     layout 'darkswarm'
 
@@ -15,8 +14,7 @@ module Spree
     respond_to :html, :json
 
     before_action :check_authorization
-    before_action :set_order_from_params, only: :show
-    before_action :set_current_order, only: [:edit, :update]
+    before_action :set_current_order, only: :update
     before_action :filter_order_params, only: :update
 
     prepend_before_action :require_order_authentication, only: :show
@@ -25,12 +23,10 @@ module Spree
     before_action :check_hub_ready_for_checkout, only: :edit
     before_action :check_at_least_one_line_item, only: :update
 
-    before_action only: [:show, :edit] do
-      hide_ofn_navigation(@order.distributor)
+    def show
+      @order = Spree::Order.find_by!(number: params[:id])
     end
 
-    def show; end
-
     def empty
       if @order = current_order
         @order.empty!
@@ -41,6 +37,7 @@ module Spree
 
     # Patching to redirect to shop if order is empty
     def edit
+      @order = current_order(true)
       @insufficient_stock_lines = @order.insufficient_stock_lines
       @unavailable_order_variants = OrderCycleDistributedVariants.
         new(current_order_cycle, current_distributor).unavailable_order_variants(@order)
@@ -104,15 +101,11 @@ module Spree
         flash[:error] = I18n.t(:orders_could_not_cancel)
       end
       render status: :found,
-             cable_ready: cable_car.redirect_to(url: request.referer || main_app.order_path(@order))
+             operations: cable_car.redirect_to(url: request.referer || main_app.order_path(@order))
     end
 
     private
 
-    def set_order_from_params
-      @order = Spree::Order.find_by!(number: params[:id])
-    end
-
     def set_current_order
       @order = current_order(true)
     end

app/controllers/spree/user_sessions_controller.rb

@@ -24,11 +24,11 @@ module Spree
       if spree_user_signed_in?
         flash[:success] = t('devise.success.logged_in_succesfully')
 
-        render cable_ready: cable_car.redirect_to(
+        render operations: cable_car.redirect_to(
           url: return_url_or_default(after_sign_in_path_for(spree_current_user))
         )
       else
-        render status: :unauthorized, cable_ready: cable_car.inner_html(
+        render status: :unauthorized, operations: cable_car.inner_html(
           "#login-feedback",
           partial("layouts/alert", locals: { type: "alert", message: t('devise.failure.invalid') })
         )
@@ -60,7 +60,7 @@ module Spree
     end
 
     def render_unconfirmed_response
-      render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
+      render status: :unprocessable_entity, operations: cable_car.inner_html(
         "#login-feedback",
         partial("layouts/alert", locals: { type: "alert", message: t(:email_unconfirmed),
                                            unconfirmed: true, tab: "login" })

app/controllers/spree/users_controller.rb

@@ -30,11 +30,10 @@ module Spree
       registered = Spree::User.find_by(email: params[:email]).present?
 
       if registered
-        render status: :ok, cable_ready: cable_car.
+        render status: :ok, operations: cable_car.
           inner_html(
             "#login-feedback",
-            partial("layouts/alert", 
-              locals: { type: "alert", message: t('devise.failure.already_registered') })
+            partial("layouts/alert", locals: { type: "alert", message: t('devise.failure.already_registered') })
           ).
           dispatch_event(name: "login:modal:open")
       else
@@ -46,14 +45,12 @@ module Spree
       @user = Spree::User.new(user_params)
 
       if @user.save
-        render cable_ready: cable_car.inner_html(
+        render operations: cable_car.inner_html(
           "#signup-feedback",
-          partial("layouts/alert", 
-            locals: { type: "success",
-            message: t('devise.user_registrations.spree_user.signed_up_but_unconfirmed') })
+          partial("layouts/alert", locals: { type: "success", message: t('devise.user_registrations.spree_user.signed_up_but_unconfirmed') })
         )
       else
-        render status: :unprocessable_entity, cable_ready: cable_car.morph(
+        render status: :unprocessable_entity, operations: cable_car.morph(
           "#signup-tab",
           partial("layouts/signup_tab", locals: { signup_form_user: @user })
         )

app/controllers/user_confirmations_controller.rb

@@ -22,10 +22,9 @@ class UserConfirmationsController < DeviseController
         set_flash_message(:error, :confirmation_not_sent)
       end
     else
-      render cable_ready: cable_car.inner_html(
+      render operations: cable_car.inner_html(
         "##{params[:tab] || 'forgot'}-feedback",
-        partial("layouts/alert", 
-          locals: { type: "success", message: t("devise.confirmations.send_instructions") })
+        partial("layouts/alert", locals: { type: "success", message: t("devise.confirmations.send_instructions") })
       )
       return
     end

app/controllers/user_passwords_controller.rb

@@ -11,12 +11,12 @@ class UserPasswordsController < Spree::UserPasswordsController
     self.resource = resource_class.send_reset_password_instructions(raw_params[resource_name])
 
     if resource.errors.empty?
-      render cable_ready: cable_car.inner_html(
+      render operations: cable_car.inner_html(
         "#forgot-feedback",
         partial("layouts/alert", locals: { type: "success", message: t(:password_reset_sent) })
       )
     else
-      render status: :not_found, cable_ready: cable_car.inner_html(
+      render status: :not_found, operations: cable_car.inner_html(
         "#forgot-feedback",
         partial("layouts/alert", locals: { type: "alert", message: t(:email_not_found) })
       )
@@ -26,7 +26,7 @@ class UserPasswordsController < Spree::UserPasswordsController
   private
 
   def render_unconfirmed_response
-    render status: :unprocessable_entity, cable_ready: cable_car.inner_html(
+    render status: :unprocessable_entity, operations: cable_car.inner_html(
       "#forgot-feedback",
       partial("layouts/alert",
               locals: { type: "alert", message: t(:email_unconfirmed),

app/controllers/webhook_endpoints_controller.rb

@@ -1,47 +0,0 @@
-# frozen_string_literal: true
-
-class WebhookEndpointsController < ::BaseController
-  before_action :load_resource, only: :destroy
-
-  def create
-    webhook_endpoint = spree_current_user.webhook_endpoints.new(webhook_endpoint_params)
-
-    if webhook_endpoint.save
-      flash[:success] = t('.success')
-    else
-      flash[:error] = t('.error')
-    end
-
-    redirect_to redirect_path
-  end
-
-  def destroy
-    if @webhook_endpoint.destroy
-      flash[:success] = t('.success')
-    else
-      flash[:error] = t('.error')
-    end
-
-    redirect_to redirect_path
-  end
-
-  def load_resource
-    @webhook_endpoint = spree_current_user.webhook_endpoints.find(params[:id])
-  end
-
-  def webhook_endpoint_params
-    params.require(:webhook_endpoint).permit(:url)
-  end
-
-  def redirect_path
-    if request.referer.blank? || request.referer.include?(spree.account_path)
-      developer_settings_path
-    else
-      request.referer
-    end
-  end
-
-  def developer_settings_path
-    "#{spree.account_path}#/developer_settings"
-  end
-end

app/helpers/admin/enterprises_helper.rb

@@ -22,14 +22,6 @@ module Admin
       show_enterprise_fees = can?(:manage_enterprise_fees,
                                   enterprise) && (is_shop || enterprise.is_primary_producer)
 
-      build_enterprise_side_menu_items(is_shop, show_properties, show_shipping_methods,
-                                       show_payment_methods, show_enterprise_fees)
-    end
-
-    private
-
-    def build_enterprise_side_menu_items(is_shop, show_properties, show_shipping_methods,
-                                         show_payment_methods, show_enterprise_fees)
       [
         { name: 'primary_details', icon_class: "icon-home", show: true, selected: 'selected' },
         { name: 'address', icon_class: "icon-map-marker", show: true },
@@ -42,20 +34,13 @@ module Admin
         { name: 'shipping_methods', icon_class: "icon-truck", show: show_shipping_methods },
         { name: 'payment_methods',  icon_class: "icon-money", show: show_payment_methods },
         { name: 'enterprise_fees',  icon_class: "icon-tasks", show: show_enterprise_fees },
-        { name: 'vouchers', icon_class: "icon-ticket", show: true },
         { name: 'enterprise_permissions', icon_class: "icon-plug", show: true,
           href: admin_enterprise_relationships_path },
         { name: 'inventory_settings', icon_class: "icon-list-ol", show: is_shop },
         { name: 'tag_rules', icon_class: "icon-random", show: is_shop },
         { name: 'shop_preferences', icon_class: "icon-shopping-cart", show: is_shop },
-        { name: 'users', icon_class: "icon-user", show: true },
-      ] + [add_white_label_if_feature_activated].compact
-    end
-
-    def add_white_label_if_feature_activated
-      return nil unless OpenFoodNetwork::FeatureToggle.enabled?(:white_label)
-
-      { name: 'white_label', icon_class: "icon-leaf", show: true }
+        { name: 'users', icon_class: "icon-user", show: true }
+      ]
     end
   end
 end

app/helpers/angular_form_builder.rb

@@ -29,8 +29,7 @@ class AngularFormBuilder < ActionView::Helpers::FormBuilder
                          @template.ng_options_for_select(choices, angular_field), options
   end
 
-  def ng_collection_select(method, collection, value_method,
-                           text_method, angular_field, options = {})
+  def ng_collection_select(method, collection, value_method, text_method, angular_field, options = {})
     options.reverse_merge!('id' => angular_id(method), 'ng-model' => angular_model(method).to_s)
 
     @template.select_tag angular_name(method),

app/helpers/application_helper.rb

@@ -68,14 +68,4 @@ module ApplicationHelper
       wicked_pdf_stylesheet_pack_tag(source)
     end
   end
-
-  def cache_with_locale(key = nil, options = {}, &block)
-    cache(cache_key_with_locale(key, I18n.locale), options) do
-      yield(block)
-    end
-  end
-
-  def cache_key_with_locale(key, locale)
-    Array.wrap(key) + [locale.to_s, I18nDigests.for_locale(locale)]
-  end
 end

app/helpers/checkout_helper.rb

@@ -11,7 +11,6 @@ module CheckoutHelper
 
   def checkout_adjustments_for(order, opts = {})
     exclude = opts[:exclude] || {}
-    reject_zero_amount = opts.fetch(:reject_zero_amount, true)
 
     adjustments = order.all_adjustments.eligible.to_a
 
@@ -33,10 +32,6 @@ module CheckoutHelper
       }
     end
 
-    if reject_zero_amount
-      adjustments.reject! { |a| a.amount == 0 }
-    end
-
     adjustments
   end
 
@@ -139,8 +134,8 @@ module CheckoutHelper
   def stripe_card_options(cards)
     cards.map do |cc|
       [
-        "#{cc.brand} #{cc.last_digits} #{I18n.t(:card_expiry_abbreviation)}:"\
-        "#{cc.month.to_s.rjust(2, '0')}/#{cc.year}", cc.id
+        "#{cc.brand} #{cc.last_digits} #{I18n.t(:card_expiry_abbreviation)}:#{cc.month.to_s.rjust(2, '0')}/#{cc.year}",
+        cc.id
       ]
     end
   end

app/helpers/enterprises_helper.rb

@@ -87,10 +87,4 @@ module EnterprisesHelper
       main_app.producers_url
     end
   end
-
-  def main_logo_link(enterprise)
-    return enterprise.white_label_logo_link if enterprise&.white_label_logo_link.present?
-
-    main_app.root_path
-  end
 end

app/helpers/reports_helper.rb

@@ -3,8 +3,8 @@
 module ReportsHelper
   def report_order_cycle_options(order_cycles)
     order_cycles.map do |oc|
-      orders_open_at = oc.orders_open_at&.to_fs(:short) || 'NA'
-      orders_close_at = oc.orders_close_at&.to_fs(:short) || 'NA'
+      orders_open_at = oc.orders_open_at&.to_s(:short) || 'NA'
+      orders_close_at = oc.orders_close_at&.to_s(:short) || 'NA'
       ["#{oc.name}   (#{orders_open_at} - #{orders_close_at})".html_safe, oc.id]
     end
   end
@@ -26,12 +26,6 @@ module ReportsHelper
     end.uniq
   end
 
-  def customer_email_options(order_customers)
-    order_customers.map do |customer|
-      [customer&.email, customer&.id]
-    end
-  end
-
   def currency_symbol
     Spree::Money.currency_symbol
   end

app/helpers/spree/admin/base_helper.rb

@@ -29,8 +29,8 @@ module Spree
 
       def preference_field_tag(name, value, options)
         case options[:type]
-        when :integer, :decimal
-          number_field_tag(name, value, preference_field_options(options))
+        when :integer
+          text_field_tag(name, value, preference_field_options(options))
         when :boolean
           hidden_field_tag(name, 0) +
             check_box_tag(name, 1, value, preference_field_options(options))
@@ -49,8 +49,8 @@ module Spree
 
       def preference_field_for(form, field, options, object)
         case options[:type]
-        when :integer, :decimal
-          form.number_field(field, preference_field_options(options))
+        when :integer
+          form.text_field(field, preference_field_options(options))
         when :boolean
           form.check_box(field, preference_field_options(options))
         when :string
@@ -80,24 +80,26 @@ module Spree
       end
 
       def preference_field_options(options)
-        field_options =
-          case options[:type]
-          when :integer
-            { size: 10, class: 'input_integer', step: 1 }
-          when :decimal
-            # Allow any number of decimal places
-            { size: 10, class: 'input_integer', step: :any }
-          when :boolean
-            {}
-          when :string
-            { size: 10, class: 'input_string fullwidth' }
-          when :password
-            { size: 10, class: 'password_string fullwidth' }
-          when :text
-            { rows: 15, cols: 85, class: 'fullwidth' }
-          else
-            { size: 10, class: 'input_string fullwidth' }
-          end
+        field_options = case options[:type]
+                        when :integer
+                          { size: 10,
+                            class: 'input_integer' }
+                        when :boolean
+                          {}
+                        when :string
+                          { size: 10,
+                            class: 'input_string fullwidth' }
+                        when :password
+                          { size: 10,
+                            class: 'password_string fullwidth' }
+                        when :text
+                          { rows: 15,
+                            cols: 85,
+                            class: 'fullwidth' }
+                        else
+                          { size: 10,
+                            class: 'input_string fullwidth' }
+                        end
 
         field_options.merge!(
           readonly: options[:readonly],

app/helpers/spree/admin/orders_helper.rb

@@ -27,7 +27,7 @@ module Spree
       private
 
       def complete_order_links
-        [resend_confirmation_link] + invoice_links
+        [resend_confirmation_link] + invoice_links + ticket_links
       end
 
       def invoice_links
@@ -52,6 +52,12 @@ module Spree
         end
       end
 
+      def ticket_links
+        return [] unless Spree::Config[:enable_receipt_printing?]
+
+        [print_ticket_link, select_ticket_printer_link]
+      end
+
       def edit_order_link
         { name: t(:edit_order),
           url: spree.edit_admin_order_path(@order),
@@ -94,6 +100,20 @@ module Spree
           confirm: t(:must_have_valid_business_number, enterprise_name: @order.distributor.name) }
       end
 
+      def print_ticket_link
+        { name: t(:print_ticket),
+          url: print_ticket_admin_order_path(@order),
+          icon: 'icon-print',
+          target: "_blank" }
+      end
+
+      def select_ticket_printer_link
+        { name: t(:select_ticket_printer),
+          url: "#{print_ticket_admin_order_path(@order)}#select-printer",
+          icon: 'icon-print',
+          target: "_blank" }
+      end
+
       def ship_order_link
         { name: t(:ship_order),
           url: spree.fire_admin_order_path(@order, e: 'ship'),
@@ -105,7 +125,8 @@ module Spree
       def cancel_order_link
         { name: t(:cancel_order),
           url: spree.fire_admin_order_path(@order.number, e: 'cancel'),
-          icon: 'icon-trash' }
+          icon: 'icon-trash',
+          confirm: t(:are_you_sure) }
       end
 
       def cancel_event_link

app/helpers/tax_helper.rb

@@ -12,16 +12,6 @@ module TaxHelper
     end
   end
 
-  def display_line_items_taxes(line_item, display_zero: true)
-    if line_item.included_tax.positive?
-      Spree::Money.new(line_item.included_tax, currency: line_item.currency)
-    elsif line_item.added_tax.positive?
-      Spree::Money.new(line_item.added_tax, currency: line_item.currency)
-    elsif display_zero
-      Spree::Money.new(0.00, currency: line_item.currency)
-    end
-  end
-
   def display_total_with_tax(taxable)
     total = taxable.amount + taxable.additional_tax_total
     Spree::Money.new(total, currency: taxable.currency)

app/jobs/application_job.rb

@@ -1,10 +0,0 @@
-# frozen_string_literal: true
-
-# Rails standard class for common job code.
-class ApplicationJob < ActiveJob::Base
-  # Automatically retry jobs that encountered a deadlock
-  # retry_on ActiveRecord::Deadlocked
-
-  # Most jobs are safe to ignore if the underlying records are no longer available
-  # discard_on ActiveJob::DeserializationError
-end

app/jobs/bulk_invoice_job.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class BulkInvoiceJob < ApplicationJob
+class BulkInvoiceJob < ActiveJob::Base
   def perform(order_ids, filepath)
     pdf = CombinePDF.new
 

app/jobs/heartbeat_job.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class HeartbeatJob < ApplicationJob
+class HeartbeatJob < ActiveJob::Base
   def perform
     Spree::Config.last_job_queue_heartbeat_at = Time.now.in_time_zone
   end

app/jobs/order_cycle_closing_job.rb

@@ -1,6 +1,6 @@
 # frozen_string_literal: true
 
-class OrderCycleClosingJob < ApplicationJob
+class OrderCycleClosingJob < ActiveJob::Base
   def perform
     return if recently_closed_order_cycles.empty?
 

app/jobs/order_cycle_notification_job.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 # Delivers an email with a report of the order cycle to each of its suppliers
-class OrderCycleNotificationJob < ApplicationJob
+class OrderCycleNotificationJob < ActiveJob::Base
   def perform(order_cycle_id)
     order_cycle = OrderCycle.find(order_cycle_id)
     order_cycle.suppliers.each do |supplier|