Upgrade Rails to version 5.2.1 and adopt code & specs where necessary

Signed-off-by: Sebastian Serth <Sebastian.Serth@student.hpi.de>
2018-09-13 12:21:53 +02:00
parent 108190c242
commit de52db89f0
128 changed files with 786 additions and 422 deletions
--- a/app/assets/javascripts/application.js
+++ b/app/assets/javascripts/application.js
@@ -11,16 +11,23 @@
 // about supported directives.
 //
 //= require jquery
-//
-//= require ace/ace
-//= require chosen.jquery.min
-//= require jquery-ui.min
-//= require d3
 //= require jquery.turbolinks
 //= require jquery_ujs
-//= require jstree/jstree.min
-//= require turbolinks
-//= require_tree ../../../lib
-//= require_tree .
 //= require bootstrap_pagedown
-//= require ace/ext-language_tools
+//= require d3
+//= require turbolinks
+//
+// lib/assets
+//= require flash
+//= require url
+//
+// vendor/assets
+//= require ace/ace
+//= require ace/ext-language_tools
+//= require jstree/jstree.min
+//= require bootstrap.min
+//= require chosen.jquery.min
+//= require jquery-ui.min
+//= require underscore.min
+//= require vis.min
+//= require_tree .
--- a/app/assets/javascripts/dashboard.js
+++ b/app/assets/javascripts/dashboard.js
@@ -51,6 +51,7 @@ $(function() {
    } else {
      var jqxhr = $.ajax({
        dataType: 'json',
+        url: 'dashboard',
        method: 'GET'
      });
      jqxhr.done(function(response) {
--- a/app/assets/stylesheets/application.css
+++ b/app/assets/stylesheets/application.css
@@ -10,9 +10,19 @@
 * defined in the other CSS/SCSS files in this directory. It is generally better to create a new
 * file per style scope.
 *
- *= require_tree .
- *= require_tree ../../../lib
- *= require_tree ../../../vendor/assets/stylesheets/
- *= require_self
 *= require bootstrap_pagedown
+ *
+ * lib/assets
+ *= require flash
+ *
+ * vendor/assets
+ *= require bootstrap.min
+ *= require chosen.min
+ *= require font-awesome.min
+ *= require google_opensans
+ *= require jquery-ui.min
+ *= require jquery-ui.structure.min
+ *= require style.min
+ *= require vis.min
+ *= require_tree .
 */
--- a/app/controllers/code_ocean/files_controller.rb
+++ b/app/controllers/code_ocean/files_controller.rb
@@ -41,7 +41,7 @@ module CodeOcean
    end

    def file_params
-      params[:code_ocean_file].permit(file_attributes).merge(context_type: 'Submission', role: 'user_defined_file')
+      params[:code_ocean_file].permit(file_attributes).merge(context_type: 'Submission', role: 'user_defined_file') if params[:code_ocean_file].present?
    end
    private :file_params
  end
--- a/app/controllers/concerns/lti.rb
+++ b/app/controllers/concerns/lti.rb
@@ -23,9 +23,9 @@ module Lti
      session.delete(:consumer_id)
      session.delete(:external_user_id)
    else
-      LtiParameter.destroy_all(consumers_id: consumer_id,
-                               external_users_id: user_id,
-                               exercises_id: exercise_id)
+      LtiParameter.where(consumers_id: consumer_id,
+                         external_users_id: user_id,
+                         exercises_id: exercise_id).destroy_all
    end
  end
  private :clear_lti_session_data
@@ -138,7 +138,7 @@ module Lti
                                                    external_users_id: @current_user.id,
                                                    exercises_id: @exercise.id)

-    lti_parameters.lti_parameters = options[:parameters].slice(*SESSION_PARAMETERS).to_json
+    lti_parameters.lti_parameters = options[:parameters].slice(*SESSION_PARAMETERS).permit!.to_h
    lti_parameters.save!
    @lti_parameters = lti_parameters

--- a/app/controllers/concerns/remote_evaluation_parameters.rb
+++ b/app/controllers/concerns/remote_evaluation_parameters.rb
@@ -2,7 +2,7 @@ module RemoteEvaluationParameters
  include FileParameters

  def remote_evaluation_params
-    remote_evaluation_params = params[:remote_evaluation].permit(:validation_token, files_attributes: file_attributes)
+    remote_evaluation_params = params[:remote_evaluation].permit(:validation_token, files_attributes: file_attributes) if params[:remote_evaluation].present?
  end
  private :remote_evaluation_params
 end
--- a/app/controllers/concerns/submission_parameters.rb
+++ b/app/controllers/concerns/submission_parameters.rb
@@ -16,7 +16,7 @@ module SubmissionParameters
      current_user_id = current_user.id
      current_user_class_name = current_user.class.name
    end
-    submission_params = params[:submission].permit(:cause, :exercise_id, files_attributes: file_attributes).merge(user_id: current_user_id, user_type: current_user_class_name)
+    submission_params = params[:submission].present? ? params[:submission].permit(:cause, :exercise_id, files_attributes: file_attributes).merge(user_id: current_user_id, user_type: current_user_class_name) : {}
    reject_illegal_file_attributes!(submission_params)
    submission_params
  end
--- a/app/controllers/consumers_controller.rb
+++ b/app/controllers/consumers_controller.rb
@@ -22,7 +22,7 @@ class ConsumersController < ApplicationController
  end

  def consumer_params
-    params[:consumer].permit(:name, :oauth_key, :oauth_secret)
+    params[:consumer].permit(:name, :oauth_key, :oauth_secret) if params[:consumer].present?
  end
  private :consumer_params

--- a/app/controllers/error_template_attributes_controller.rb
+++ b/app/controllers/error_template_attributes_controller.rb
@@ -81,6 +81,6 @@ class ErrorTemplateAttributesController < ApplicationController

    # Never trust parameters from the scary internet, only allow the white list through.
    def error_template_attribute_params
-      params[:error_template_attribute].permit(:key, :description, :regex, :important)
+      params[:error_template_attribute].permit(:key, :description, :regex, :important) if params[:error_template_attribute].present?
    end
 end
--- a/app/controllers/error_templates_controller.rb
+++ b/app/controllers/error_templates_controller.rb
@@ -99,6 +99,6 @@ class ErrorTemplatesController < ApplicationController

    # Never trust parameters from the scary internet, only allow the white list through.
    def error_template_params
-      params[:error_template].permit(:name, :execution_environment_id, :signature, :description, :hint)
+      params[:error_template].permit(:name, :execution_environment_id, :signature, :description, :hint) if params[:error_template].present?
    end
 end
--- a/app/controllers/errors_controller.rb
+++ b/app/controllers/errors_controller.rb
@@ -15,14 +15,14 @@ class ErrorsController < ApplicationController
        if hint
          render(json: {hint: hint})
        else
-          render(nothing: true, status: @error.save ? :created : :unprocessable_entity)
+          head (@error.save ? :created : :unprocessable_entity)
        end
      end
    end
  end

  def error_params
-    params[:error].permit(:message, :submission_id).merge(execution_environment_id: @execution_environment.id)
+    params[:error].permit(:message, :submission_id).merge(execution_environment_id: @execution_environment.id) if params[:error].present?
  end
  private :error_params

--- a/app/controllers/execution_environments_controller.rb
+++ b/app/controllers/execution_environments_controller.rb
@@ -86,11 +86,11 @@ class ExecutionEnvironmentsController < ApplicationController
    working_time_statistics = {}
    user_statistics = {}

-    ActiveRecord::Base.connection.execute(working_time_query).each do |tuple|
+    ApplicationRecord.connection.execute(working_time_query).each do |tuple|
      working_time_statistics[tuple["exercise_id"].to_i] = tuple
    end

-    ActiveRecord::Base.connection.execute(user_query).each do |tuple|
+    ApplicationRecord.connection.execute(user_query).each do |tuple|
      user_statistics[tuple["exercise_id"].to_i] = tuple
    end

@@ -101,7 +101,7 @@ class ExecutionEnvironmentsController < ApplicationController
  end

  def execution_environment_params
-    params[:execution_environment].permit(:docker_image, :exposed_ports, :editor_mode, :file_extension, :file_type_id, :help, :indent_size, :memory_limit, :name, :network_enabled, :permitted_execution_time, :pool_size, :run_command, :test_command, :testing_framework).merge(user_id: current_user.id, user_type: current_user.class.name)
+    params[:execution_environment].permit(:docker_image, :exposed_ports, :editor_mode, :file_extension, :file_type_id, :help, :indent_size, :memory_limit, :name, :network_enabled, :permitted_execution_time, :pool_size, :run_command, :test_command, :testing_framework).merge(user_id: current_user.id, user_type: current_user.class.name) if params[:execution_environment].present?
  end
  private :execution_environment_params

--- a/app/controllers/exercise_collections_controller.rb
+++ b/app/controllers/exercise_collections_controller.rb
@@ -51,7 +51,7 @@ class ExerciseCollectionsController < ApplicationController
  end

  def exercise_collection_params
-    sanitized_params = params[:exercise_collection].permit(:name, :use_anomaly_detection, :user_id, :user_type, :exercise_ids => []).merge(user_type: InternalUser.name)
+    sanitized_params = params[:exercise_collection].present? ? params[:exercise_collection].permit(:name, :use_anomaly_detection, :user_id, :user_type, :exercise_ids => []).merge(user_type: InternalUser.name) : {}
    sanitized_params[:exercise_ids] = sanitized_params[:exercise_ids].reject {|v| v.nil? or v == ''}
    sanitized_params.tap {|p| p[:exercise_collection_items] = p[:exercise_ids].map.with_index {|_id, index| ExerciseCollectionItem.find_or_create_by(exercise_id: _id, exercise_collection_id: @exercise_collection.id, position: index)}; p.delete(:exercise_ids)}
  end
--- a/app/controllers/exercises_controller.rb
+++ b/app/controllers/exercises_controller.rb
@@ -12,9 +12,9 @@ class ExercisesController < ApplicationController
  before_action :set_file_types, only: [:create, :edit, :new, :update]
  before_action :set_course_token, only: [:implement]

-  skip_before_filter :verify_authenticity_token, only: [:import_proforma_xml]
+  skip_before_action :verify_authenticity_token, only: [:import_proforma_xml]
  skip_after_action :verify_authorized, only: [:import_proforma_xml]
-  skip_after_action :verify_policy_scoped, only: [:import_proforma_xml]
+  skip_after_action :verify_policy_scoped, only: [:import_proforma_xml], raise: false

  def authorize!
    authorize(@exercise || @exercises)
@@ -77,7 +77,7 @@ class ExercisesController < ApplicationController
  def create
    @exercise = Exercise.new(exercise_params)
    collect_set_and_unset_exercise_tags
-    myparam = exercise_params
+    myparam = exercise_params.present? ? exercise_params : { }
    checked_exercise_tags = @exercise_tags.select { | et | myparam[:tag_ids].include? et.tag.id.to_s }
    removed_exercise_tags = @exercise_tags.reject { | et | myparam[:tag_ids].include? et.tag.id.to_s }

@@ -160,19 +160,21 @@ class ExercisesController < ApplicationController
  private :user_by_code_harbor_token

  def exercise_params
-    params[:exercise].permit(:description, :execution_environment_id, :file_id, :instructions, :public, :hide_file_tree, :allow_file_creation, :allow_auto_completion, :title, :expected_difficulty, files_attributes: file_attributes, :tag_ids => []).merge(user_id: current_user.id, user_type: current_user.class.name)
+    params[:exercise].permit(:description, :execution_environment_id, :file_id, :instructions, :public, :hide_file_tree, :allow_file_creation, :allow_auto_completion, :title, :expected_difficulty, files_attributes: file_attributes, :tag_ids => []).merge(user_id: current_user.id, user_type: current_user.class.name) if params[:exercise].present?
  end
  private :exercise_params

  def handle_file_uploads
-    exercise_params[:files_attributes].try(:each) do |index, file_attributes|
-      if file_attributes[:content].respond_to?(:read)
-        file_params = params[:exercise][:files_attributes][index]
-        if FileType.find_by(id: file_attributes[:file_type_id]).try(:binary?)
-          file_params[:content] = nil
-          file_params[:native_file] = file_attributes[:content]
-        else
-          file_params[:content] = file_attributes[:content].read
+    if exercise_params
+      exercise_params[:files_attributes].try(:each) do |index, file_attributes|
+        if file_attributes[:content].respond_to?(:read)
+          file_params = params[:exercise][:files_attributes][index]
+          if FileType.find_by(id: file_attributes[:file_type_id]).try(:binary?)
+            file_params[:content] = nil
+            file_params[:native_file] = file_attributes[:content]
+          else
+            file_params[:content] = file_attributes[:content].read
+          end
        end
      end
    end
@@ -364,7 +366,7 @@ class ExercisesController < ApplicationController
      query = "SELECT user_id, MAX(score) AS maximum_score, COUNT(id) AS runs
              FROM submissions WHERE exercise_id = #{@exercise.id} GROUP BY
              user_id;"
-      ActiveRecord::Base.connection.execute(query).each do |tuple|
+      ApplicationRecord.connection.execute(query).each do |tuple|
        user_statistics[tuple["user_id"].to_i] = tuple
      end
      render locals: {
--- a/app/controllers/external_users_controller.rb
+++ b/app/controllers/external_users_controller.rb
@@ -57,7 +57,7 @@ class ExternalUsersController < ApplicationController

    statistics = {}

-    ActiveRecord::Base.connection.execute(working_time_query(params[:tag])).each do |tuple|
+    ApplicationRecord.connection.execute(working_time_query(params[:tag])).each do |tuple|
      statistics[tuple["exercise_id"].to_i] = tuple
    end

--- a/app/controllers/file_templates_controller.rb
+++ b/app/controllers/file_templates_controller.rb
@@ -89,6 +89,6 @@ class FileTemplatesController < ApplicationController

    # Never trust parameters from the scary internet, only allow the white list through.
    def file_template_params
-      params[:file_template].permit(:name, :file_type_id, :content)
+      params[:file_template].permit(:name, :file_type_id, :content) if params[:file_template].present?
    end
 end
--- a/app/controllers/file_types_controller.rb
+++ b/app/controllers/file_types_controller.rb
@@ -23,7 +23,7 @@ class FileTypesController < ApplicationController
  end

  def file_type_params
-    params[:file_type].permit(:binary, :editor_mode, :executable, :file_extension, :name, :indent_size, :renderable).merge(user_id: current_user.id, user_type: current_user.class.name)
+    params[:file_type].permit(:binary, :editor_mode, :executable, :file_extension, :name, :indent_size, :renderable).merge(user_id: current_user.id, user_type: current_user.class.name) if params[:file_type].present?
  end
  private :file_type_params

--- a/app/controllers/hints_controller.rb
+++ b/app/controllers/hints_controller.rb
@@ -23,7 +23,7 @@ class HintsController < ApplicationController
  end

  def hint_params
-    params[:hint].permit(:locale, :message, :name, :regular_expression).merge(execution_environment_id: @execution_environment.id)
+    params[:hint].permit(:locale, :message, :name, :regular_expression).merge(execution_environment_id: @execution_environment.id) if params[:hint].present?
  end
  private :hint_params

--- a/app/controllers/internal_users_controller.rb
+++ b/app/controllers/internal_users_controller.rb
@@ -21,7 +21,7 @@ class InternalUsersController < ApplicationController
      if @user.update(params[:internal_user].permit(:password, :password_confirmation))
        @user.change_password!(params[:internal_user][:password])
        format.html { redirect_to(sign_in_path, notice: t('.success')) }
-        format.json { render(nothing: true, status: :ok) }
+        format.json { head :ok }
      else
        respond_with_invalid_object(format, object: @user, template: :reset_password)
      end
@@ -66,7 +66,7 @@ class InternalUsersController < ApplicationController
  end

  def internal_user_params
-    params[:internal_user].permit(:consumer_id, :email, :name, :role)
+    params[:internal_user].permit(:consumer_id, :email, :name, :role) if params[:internal_user].present?
  end
  private :internal_user_params

@@ -105,7 +105,7 @@ class InternalUsersController < ApplicationController
      if @user.update(params[:internal_user].permit(:password, :password_confirmation))
        @user.activate!
        format.html { redirect_to(sign_in_path, notice: t('.success')) }
-        format.json { render(nothing: true, status: :ok) }
+        format.json { head :ok }
      else
        respond_with_invalid_object(format, object: @user, template: :activate)
      end
--- a/app/controllers/interventions_controller.rb
+++ b/app/controllers/interventions_controller.rb
@@ -22,7 +22,7 @@ class InterventionsController < ApplicationController
  end

  def intervention_params
-    params[:intervention].permit(:name)
+    params[:intervention].permit(:name) if params[:intervention].present?
  end
  private :intervention_params

--- a/app/controllers/proxy_exercises_controller.rb
+++ b/app/controllers/proxy_exercises_controller.rb
@@ -39,7 +39,7 @@ class ProxyExercisesController < ApplicationController
  end

  def proxy_exercise_params
-    params[:proxy_exercise].permit(:description, :title, :exercise_ids  => [])
+    params[:proxy_exercise].permit(:description, :title, :exercise_ids  => []) if params[:proxy_exercise].present?
  end
  private :proxy_exercise_params

--- a/app/controllers/submissions_controller.rb
+++ b/app/controllers/submissions_controller.rb
@@ -115,7 +115,7 @@ class SubmissionsController < ApplicationController
    if @file.native_file?
      send_file(@file.native_file.path, disposition: 'inline')
    else
-      render(text: @file.content)
+      render(plain: @file.content)
    end
  end

@@ -140,7 +140,7 @@ class SubmissionsController < ApplicationController
      # probably add:
      # ensure
      #   #guarantee that the thread is releasing the DB connection after it is done
-      #   ActiveRecord::Base.connectionpool.releaseconnection
+      #   ApplicationRecord.connectionpool.releaseconnection
      # end
      Thread.new { EventMachine.run } unless EventMachine.reactor_running? && EventMachine.reactor_thread.alive?

@@ -329,7 +329,7 @@ class SubmissionsController < ApplicationController

  def set_file
    @file = @files.detect { |file| file.name_with_extension == params[:filename] }
-    render(nothing: true, status: 404) unless @file
+    head :not_found unless @file
  end
  private :set_file

@@ -362,7 +362,7 @@ class SubmissionsController < ApplicationController
    DockerClient.destroy_container(container)
  rescue Docker::Error::NotFoundError
  ensure
-    render(nothing: true)
+    head :ok
  end

  def store_error(stderr)
--- a/app/controllers/subscriptions_controller.rb
+++ b/app/controllers/subscriptions_controller.rb
@@ -56,7 +56,7 @@ class SubscriptionsController < ApplicationController
  def subscription_params
    current_user_id = current_user.try(:id)
    current_user_class_name = current_user.try(:class).try(:name)
-    params[:subscription].permit(:request_for_comment_id, :subscription_type).merge(user_id: current_user_id, user_type: current_user_class_name, deleted: false)
+    params[:subscription].permit(:request_for_comment_id, :subscription_type).merge(user_id: current_user_id, user_type: current_user_class_name, deleted: false) if params[:subscription].present?
  end
  private :subscription_params
 end
--- a/app/controllers/tags_controller.rb
+++ b/app/controllers/tags_controller.rb
@@ -22,7 +22,7 @@ class TagsController < ApplicationController
  end

  def tag_params
-    params[:tag].permit(:name)
+    params[:tag].permit(:name) if params[:tag].present?
  end
  private :tag_params

--- a/app/controllers/user_exercise_feedbacks_controller.rb
+++ b/app/controllers/user_exercise_feedbacks_controller.rb
@@ -112,7 +112,7 @@ class UserExerciseFeedbacksController < ApplicationController
  end

  def uef_params
-    params[:user_exercise_feedback].permit(:feedback_text, :difficulty, :exercise_id, :user_estimated_worktime).merge(user_id: current_user.id, user_type: current_user.class.name)
+    params[:user_exercise_feedback].permit(:feedback_text, :difficulty, :exercise_id, :user_estimated_worktime).merge(user_id: current_user.id, user_type: current_user.class.name) if params[:user_exercise_feedback].present?
  end

  def validate_inputs(uef_params)
--- a/app/helpers/lti_helper.rb
+++ b/app/helpers/lti_helper.rb
@@ -1,3 +1,5 @@
+require 'oauth/request_proxy/action_controller_request'
+
 module LtiHelper
  def lti_outcome_service?(exercise_id, external_user_id, consumer_id)
    return false if external_user_id == '' || consumer_id == ''
--- a/app/models/anomaly_notification.rb
+++ b/app/models/anomaly_notification.rb
@@ -1,4 +1,4 @@
-class AnomalyNotification < ActiveRecord::Base
+class AnomalyNotification < ApplicationRecord
  belongs_to :user, polymorphic: true
  belongs_to :exercise
  belongs_to :exercise_collection
--- a/app/models/application_record.rb
+++ b/app/models/application_record.rb
@@ -0,0 +1,3 @@
+class ApplicationRecord < ActiveRecord::Base
+  self.abstract_class = true
+end
--- a/app/models/code_harbor_link.rb
+++ b/app/models/code_harbor_link.rb
@@ -1,4 +1,4 @@
-class CodeHarborLink < ActiveRecord::Base
+class CodeHarborLink < ApplicationRecord
  validates :oauth2token, presence: true
  validates :user_id, presence: true

--- a/app/models/code_ocean/file.rb
+++ b/app/models/code_ocean/file.rb
@@ -15,7 +15,7 @@ module CodeOcean
    end
  end

-  class File < ActiveRecord::Base
+  class File < ApplicationRecord
    include DefaultValues

    DEFAULT_WEIGHT = 1.0
@@ -28,12 +28,11 @@ module CodeOcean
    before_validation :set_ancestor_values, if: :incomplete_descendent?

    belongs_to :context, polymorphic: true
-    belongs_to :execution_environment
-    belongs_to :file
+    belongs_to :file, class_name: 'CodeOcean::File', optional: true # This is only required for submissions and is validated below
    alias_method :ancestor, :file
    belongs_to :file_type

-    has_many :files
+    has_many :files, class_name: 'CodeOcean::File'
    has_many :testruns
    has_many :comments
    alias_method :descendants, :files
@@ -59,6 +58,7 @@ module CodeOcean
    validates :role, inclusion: {in: ROLES}
    validates :weight, if: :teacher_defined_test?, numericality: true, presence: true
    validates :weight, absence: true, unless: :teacher_defined_test?
+    validates :file, presence: true if :context.is_a?(Submission)

    validates_with FileNameValidator, fields: [:name, :path, :file_type_id]

--- a/app/models/comment.rb
+++ b/app/models/comment.rb
@@ -1,4 +1,4 @@
-class Comment < ActiveRecord::Base
+class Comment < ApplicationRecord
  # inherit the creation module: encapsulates that this is a polymorphic user, offers some aliases and makes sure that all necessary attributes are set.
  include Creation
  attr_accessor :username, :date, :updated, :editable
--- a/app/models/consumer.rb
+++ b/app/models/consumer.rb
@@ -1,4 +1,4 @@
-class Consumer < ActiveRecord::Base
+class Consumer < ApplicationRecord
  has_many :users

  scope :with_users, -> { where('id IN (SELECT consumer_id FROM internal_users)') }
--- a/app/models/error.rb
+++ b/app/models/error.rb
@@ -1,4 +1,4 @@
-class Error < ActiveRecord::Base
+class Error < ApplicationRecord
  belongs_to :execution_environment

  scope :for_execution_environment, ->(execution_environment) { where(execution_environment_id: execution_environment.id) }
--- a/app/models/error_template.rb
+++ b/app/models/error_template.rb
@@ -1,4 +1,4 @@
-class ErrorTemplate < ActiveRecord::Base
+class ErrorTemplate < ApplicationRecord
  belongs_to :execution_environment
  has_and_belongs_to_many :error_template_attributes

--- a/app/models/error_template_attribute.rb
+++ b/app/models/error_template_attribute.rb
@@ -1,4 +1,4 @@
-class ErrorTemplateAttribute < ActiveRecord::Base
+class ErrorTemplateAttribute < ApplicationRecord
  has_and_belongs_to_many :error_template

  def to_s
--- a/app/models/event.rb
+++ b/app/models/event.rb
@@ -1,7 +1,7 @@
-class Event < ActiveRecord::Base
+class Event < ApplicationRecord
  belongs_to :user, polymorphic: true
  belongs_to :exercise
-  belongs_to :file
+  belongs_to :file, class_name: 'CodeOcean::File'

  validates :category, presence: true
  validates :data, presence: true
--- a/app/models/execution_environment.rb
+++ b/app/models/execution_environment.rb
@@ -1,6 +1,6 @@
 require File.expand_path('../../../lib/active_model/validations/boolean_presence_validator', __FILE__)

-class ExecutionEnvironment < ActiveRecord::Base
+class ExecutionEnvironment < ApplicationRecord
  include Creation
  include DefaultValues

--- a/app/models/exercise.rb
+++ b/app/models/exercise.rb
@@ -1,7 +1,7 @@
 require 'nokogiri'
 require File.expand_path('../../../lib/active_model/validations/boolean_presence_validator', __FILE__)

-class Exercise < ActiveRecord::Base
+class Exercise < ApplicationRecord
  include Context
  include Creation
  include DefaultValues
@@ -23,8 +23,8 @@ class Exercise < ActiveRecord::Base
  accepts_nested_attributes_for :exercise_tags
  has_many :user_exercise_feedbacks

-  has_many :external_users, source: :user, source_type: ExternalUser, through: :submissions
-  has_many :internal_users, source: :user, source_type: InternalUser, through: :submissions
+  has_many :external_users, source: :user, source_type: 'ExternalUser', through: :submissions
+  has_many :internal_users, source: :user, source_type: 'InternalUser', through: :submissions
  alias_method :users, :external_users

  scope :with_submissions, -> { where('id IN (SELECT exercise_id FROM submissions)') }
--- a/app/models/exercise_collection.rb
+++ b/app/models/exercise_collection.rb
@@ -1,4 +1,4 @@
-class ExerciseCollection < ActiveRecord::Base
+class ExerciseCollection < ApplicationRecord
  include TimeHelper

  has_many :exercise_collection_items, dependent: :delete_all
--- a/app/models/exercise_collection_item.rb
+++ b/app/models/exercise_collection_item.rb
@@ -1,4 +1,4 @@
-class ExerciseCollectionItem < ActiveRecord::Base
+class ExerciseCollectionItem < ApplicationRecord
  belongs_to :exercise_collection
  belongs_to :exercise
 end
--- a/app/models/exercise_tag.rb
+++ b/app/models/exercise_tag.rb
@@ -1,4 +1,4 @@
-class ExerciseTag < ActiveRecord::Base
+class ExerciseTag < ApplicationRecord

  belongs_to :tag
  belongs_to :exercise
--- a/app/models/external_user.rb
+++ b/app/models/external_user.rb
@@ -1,4 +1,4 @@
-class ExternalUser < ActiveRecord::Base
+class ExternalUser < ApplicationRecord
  include User

  validates :consumer_id, presence: true
--- a/app/models/file_template.rb
+++ b/app/models/file_template.rb
@@ -1,4 +1,4 @@
-class FileTemplate < ActiveRecord::Base
+class FileTemplate < ApplicationRecord

  belongs_to :file_type

--- a/app/models/file_type.rb
+++ b/app/models/file_type.rb
@@ -1,6 +1,6 @@
 require File.expand_path('../../../lib/active_model/validations/boolean_presence_validator', __FILE__)

-class FileType < ActiveRecord::Base
+class FileType < ApplicationRecord
  include Creation
  include DefaultValues

@@ -11,7 +11,7 @@ class FileType < ActiveRecord::Base
  after_initialize :set_default_values

  has_many :execution_environments
-  has_many :files
+  has_many :files, class_name: 'CodeOcean::File'
  has_many :file_templates

  validates :binary, boolean_presence: true
--- a/app/models/hint.rb
+++ b/app/models/hint.rb
@@ -1,4 +1,4 @@
-class Hint < ActiveRecord::Base
+class Hint < ApplicationRecord
  belongs_to :execution_environment

  validates :execution_environment_id, presence: true
--- a/app/models/internal_user.rb
+++ b/app/models/internal_user.rb
@@ -1,4 +1,4 @@
-class InternalUser < ActiveRecord::Base
+class InternalUser < ApplicationRecord
  include User

  authenticates_with_sorcery!
--- a/app/models/intervention.rb
+++ b/app/models/intervention.rb
@@ -1,7 +1,7 @@
-class Intervention < ActiveRecord::Base
+class Intervention < ApplicationRecord

  has_many :user_exercise_interventions
-  has_many :users, through: :user_exercise_interventions, source_type: "ExternalUser"
+  has_many :users, through: :user_exercise_interventions, source_type: 'ExternalUser'

  def to_s
    name
--- a/app/models/lti_parameter.rb
+++ b/app/models/lti_parameter.rb
@@ -1,4 +1,4 @@
-class LtiParameter < ActiveRecord::Base
+class LtiParameter < ApplicationRecord
  belongs_to :consumer, foreign_key: "consumers_id"
  belongs_to :exercise, foreign_key: "exercises_id"
  belongs_to :external_user, foreign_key: "external_users_id"
--- a/app/models/proxy_exercise.rb
+++ b/app/models/proxy_exercise.rb
@@ -1,4 +1,4 @@
-class ProxyExercise < ActiveRecord::Base
+class ProxyExercise < ApplicationRecord

    after_initialize :generate_token
    after_initialize :set_reason
--- a/app/models/remote_evaluation_mapping.rb
+++ b/app/models/remote_evaluation_mapping.rb
@@ -1,5 +1,5 @@
 # todo: reference to lti_param_model
-class RemoteEvaluationMapping < ActiveRecord::Base
+class RemoteEvaluationMapping < ApplicationRecord
  before_create :generate_token, unless: :validation_token?
  belongs_to :exercise
  belongs_to :user
--- a/app/models/request_for_comment.rb
+++ b/app/models/request_for_comment.rb
@@ -1,4 +1,4 @@
-class RequestForComment < ActiveRecord::Base
+class RequestForComment < ApplicationRecord
  include Creation
  belongs_to :submission
  belongs_to :exercise
--- a/app/models/search.rb
+++ b/app/models/search.rb
@@ -1,4 +1,4 @@
-class Search < ActiveRecord::Base
+class Search < ApplicationRecord
  belongs_to :user, polymorphic: true
  belongs_to :exercise
 end
--- a/app/models/structured_error.rb
+++ b/app/models/structured_error.rb
@@ -1,7 +1,6 @@
-class StructuredError < ActiveRecord::Base
+class StructuredError < ApplicationRecord
  belongs_to :error_template
  belongs_to :submission
-  belongs_to :file, class_name: 'CodeOcean::File'

  has_many :structured_error_attributes

--- a/app/models/structured_error_attribute.rb
+++ b/app/models/structured_error_attribute.rb
@@ -1,4 +1,4 @@
-class StructuredErrorAttribute < ActiveRecord::Base
+class StructuredErrorAttribute < ApplicationRecord
  belongs_to :structured_error
  belongs_to :error_template_attribute

--- a/app/models/submission.rb
+++ b/app/models/submission.rb
@@ -1,4 +1,4 @@
-class Submission < ActiveRecord::Base
+class Submission < ApplicationRecord
  include Context
  include Creation

--- a/app/models/subscription.rb
+++ b/app/models/subscription.rb
@@ -1,4 +1,4 @@
-class Subscription < ActiveRecord::Base
+class Subscription < ApplicationRecord
  belongs_to :user, polymorphic: true
  belongs_to :request_for_comment
 end
--- a/app/models/tag.rb
+++ b/app/models/tag.rb
@@ -1,4 +1,4 @@
-class Tag < ActiveRecord::Base
+class Tag < ApplicationRecord

  has_many :exercise_tags
  has_many :exercises, through: :exercise_tags
--- a/app/models/testrun.rb
+++ b/app/models/testrun.rb
@@ -1,4 +1,4 @@
-class Testrun < ActiveRecord::Base
+class Testrun < ApplicationRecord
    belongs_to :file, class_name: 'CodeOcean::File'
    belongs_to :submission
 end
--- a/app/models/user_exercise_feedback.rb
+++ b/app/models/user_exercise_feedback.rb
@@ -1,4 +1,4 @@
-class UserExerciseFeedback < ActiveRecord::Base
+class UserExerciseFeedback < ApplicationRecord
  include Creation

  belongs_to :exercise
--- a/app/models/user_exercise_intervention.rb
+++ b/app/models/user_exercise_intervention.rb
@@ -1,4 +1,4 @@
-class UserExerciseIntervention < ActiveRecord::Base
+class UserExerciseIntervention < ApplicationRecord

  belongs_to :user, polymorphic: true
  belongs_to :intervention
--- a/app/models/user_proxy_exercise_exercise.rb
+++ b/app/models/user_proxy_exercise_exercise.rb
@@ -1,4 +1,4 @@
-class UserProxyExerciseExercise < ActiveRecord::Base
+class UserProxyExerciseExercise < ApplicationRecord

  belongs_to :user, polymorphic: true
  belongs_to :exercise
--- a/app/views/admin/dashboard/show.html.slim
+++ b/app/views/admin/dashboard/show.html.slim
@@ -1,7 +1,3 @@
- content_for :head do
-  = javascript_include_tag(asset_path('vis.min.js', type: :javascript))
-  = stylesheet_link_tag(asset_path('vis.min.css', type: :stylesheet))
-
 h1 = t('breadcrumbs.dashboard.show')

 h2 Version
--- a/app/views/application/_locale_selector.html.slim
+++ b/app/views/application/_locale_selector.html.slim
@@ -4,4 +4,4 @@ li.dropdown
    span.caret
  ul.dropdown-menu role='menu'
    - I18n.available_locales.sort_by { |locale| t("locales.#{locale}") }.each do |locale|
-      li = link_to(t("locales.#{locale}"), url_for(params.merge(locale: locale)))
+      li = link_to(t("locales.#{locale}"), url_for(params.permit!.merge(locale: locale)))
--- a/app/views/layouts/application.html.slim
+++ b/app/views/layouts/application.html.slim
@@ -5,12 +5,8 @@ html lang='en'
    meta name='viewport' content='width=device-width, initial-scale=1'
    title = application_name
    link href=asset_path('favicon.png') rel='icon' type='image/png'
-    = stylesheet_link_tag(asset_path('bootstrap.min.css', type: :stylesheet))
-    = stylesheet_link_tag(asset_path('font-awesome.min.css', type: :stylesheet))
    = stylesheet_link_tag('application', media: 'all', 'data-turbolinks-track' => true)
    = javascript_include_tag('application', 'data-turbolinks-track' => true)
-    = javascript_include_tag(asset_path('underscore-min.js', type: :javascript))
-    = javascript_include_tag(asset_path('bootstrap.min.js', type: :javascript))
    = yield(:head)
    = csrf_meta_tags
  body
--- a/app/views/statistics/activity_history.html.slim
+++ b/app/views/statistics/activity_history.html.slim
@@ -1,7 +1,3 @@
- content_for :head do
-  = javascript_include_tag(asset_path('vis.min.js', type: :javascript))
-  = stylesheet_link_tag(asset_path('vis.min.css', type: :stylesheet))
-
 .group
  .title
    h1 = t("statistics.graphs.#{resource}_activity")
--- a/app/views/statistics/graphs.html.slim
+++ b/app/views/statistics/graphs.html.slim
@@ -1,7 +1,3 @@
- content_for :head do
-  = javascript_include_tag(asset_path('vis.min.js', type: :javascript))
-  = stylesheet_link_tag(asset_path('vis.min.css', type: :stylesheet))
-
 .group
  .title
    h1 = t('.user_activity')