From df279fe4bb895fc972f200f75762dc2e1e966f6e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 22 Jan 2020 22:10:26 +0000
Subject: [PATCH 1/3] Bump devise from 3.5.10 to 4.7.1

Bumps [devise](https://github.com/plataformatec/devise) from 3.5.10 to 4.7.1.
- [Release notes](https://github.com/plataformatec/devise/releases)
- [Changelog](https://github.com/heartcombo/devise/blob/master/CHANGELOG.md)
- [Commits](https://github.com/plataformatec/devise/compare/v3.5.10...v4.7.1)

Signed-off-by: dependabot[bot] <support@github.com>
---
 Gemfile      |  2 +-
 Gemfile.lock | 17 ++++++++---------
 2 files changed, 9 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index 9f33fc22..7c855c1d 100644
--- a/Gemfile
+++ b/Gemfile
@@ -21,7 +21,7 @@ gem "simple_form"
 gem "title"
 gem "uglifier"
 gem "unicorn"
-gem "devise", "~> 3.5.2"
+gem "devise", "~> 4.7.1"
 gem "devise_invitable", "~> 1.5.5"
 gem "apartment", "~> 0.26.0"
 gem "pikaday-gem", "~> 1.2.0.0"
diff --git a/Gemfile.lock b/Gemfile.lock
index 4fc0e0f0..be07fe12 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -589,7 +589,7 @@ GEM
       aws-sigv4 (~> 1.0)
     aws-sigv2 (1.0.1)
     aws-sigv4 (1.0.2)
-    bcrypt (3.1.11)
+    bcrypt (3.1.13)
     better_errors (2.5.1)
       coderay (>= 1.0.0)
       erubi (>= 1.0.0)
@@ -645,12 +645,11 @@ GEM
     delayed_job_active_record (4.0.3)
       activerecord (>= 3.0, < 5.0)
       delayed_job (>= 3.0, < 4.1)
-    devise (3.5.10)
+    devise (4.7.1)
       bcrypt (~> 3.0)
       orm_adapter (~> 0.1)
-      railties (>= 3.2.6, < 5)
+      railties (>= 4.1.0)
       responders
-      thread_safe (~> 0.1)
       warden (~> 1.2.3)
     devise_invitable (1.5.5)
       actionmailer (>= 3.2.6, < 5)
@@ -795,15 +794,15 @@ GEM
       rake (>= 0.8.7)
       thor (>= 0.18.1, < 2.0)
     raindrops (0.19.0)
-    rake (12.3.2)
+    rake (13.0.1)
     rbtree3 (0.5.0)
     recipient_interceptor (0.1.2)
       mail
     redcarpet (3.4.0)
     regexp_parser (1.6.0)
-    responders (2.4.0)
-      actionpack (>= 4.2.0, < 5.3)
-      railties (>= 4.2.0, < 5.3)
+    responders (2.4.1)
+      actionpack (>= 4.2.0, < 6.0)
+      railties (>= 4.2.0, < 6.0)
     rspec-core (3.8.0)
       rspec-support (~> 3.8.0)
     rspec-expectations (3.8.2)
@@ -912,7 +911,7 @@ DEPENDENCIES
   dalli
   database_cleaner
   delayed_job_active_record (= 4.0.3)
-  devise (~> 3.5.2)
+  devise (~> 4.7.1)
   devise_invitable (~> 1.5.5)
   dotenv-rails
   email_spec

From 0be62b2d56d99b18c7533d1ec06e402de59ac796 Mon Sep 17 00:00:00 2001
From: Jurre Stender <jurrestender@gmail.com>
Date: Wed, 22 Jan 2020 23:17:30 +0100
Subject: [PATCH 2/3] Update devise invitable

---
 Gemfile                                   |  2 +-
 Gemfile.lock                              |  8 ++++----
 app/controllers/application_controller.rb | 14 +++++++++-----
 3 files changed, 14 insertions(+), 10 deletions(-)

diff --git a/Gemfile b/Gemfile
index 7c855c1d..698cd133 100644
--- a/Gemfile
+++ b/Gemfile
@@ -22,7 +22,7 @@ gem "title"
 gem "uglifier"
 gem "unicorn"
 gem "devise", "~> 4.7.1"
-gem "devise_invitable", "~> 1.5.5"
+gem "devise_invitable"
 gem "apartment", "~> 0.26.0"
 gem "pikaday-gem", "~> 1.2.0.0"
 gem "momentjs-rails"
diff --git a/Gemfile.lock b/Gemfile.lock
index be07fe12..8b40bd71 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -651,9 +651,9 @@ GEM
       railties (>= 4.1.0)
       responders
       warden (~> 1.2.3)
-    devise_invitable (1.5.5)
-      actionmailer (>= 3.2.6, < 5)
-      devise (>= 3.2.0)
+    devise_invitable (1.7.5)
+      actionmailer (>= 4.1.0)
+      devise (>= 4.0.0)
     diff-lcs (1.3)
     docile (1.1.5)
     dotenv (0.11.1)
@@ -912,7 +912,7 @@ DEPENDENCIES
   database_cleaner
   delayed_job_active_record (= 4.0.3)
   devise (~> 4.7.1)
-  devise_invitable (~> 1.5.5)
+  devise_invitable
   dotenv-rails
   email_spec
   email_validator
diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb
index 0bd8fb0c..0b41ff2d 100644
--- a/app/controllers/application_controller.rb
+++ b/app/controllers/application_controller.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 class ApplicationController < ActionController::Base
   # Prevent CSRF attacks by raising an exception.
   # For APIs, you may want to use :null_session instead.
@@ -10,8 +12,8 @@ class ApplicationController < ActionController::Base
   protected
 
   def configure_permitted_parameters
-    devise_parameter_sanitizer.for(:accept_invitation).
-      concat([:first_name, :last_name])
+    devise_parameter_sanitizer.permit(:accept_invitation,
+                                      keys: %i[first_name last_name])
   end
 
   def authenticate_inviter!
@@ -27,8 +29,10 @@ def after_invite_path_for(*)
   helper_method :current_subdomain, :current_user_owner?
 
   def current_subdomain
-    @current_subdomain ||=
-      current_account.subdomain unless Hours.single_tenant_mode?
+    unless Hours.single_tenant_mode?
+      @current_subdomain ||=
+        current_account.subdomain
+    end
   end
 
   def current_user_owner?
@@ -40,7 +44,7 @@ def current_account
   end
 
   def load_schema
-    Apartment::Tenant.switch("public")
+    Apartment::Tenant.switch('public')
     return unless request.subdomain.present?
 
     if current_account

From 88b7d1d6785361e5e0ffa34ebd3b23d28321f772 Mon Sep 17 00:00:00 2001
From: Jurre Stender <jurrestender@gmail.com>
Date: Wed, 22 Jan 2020 23:27:05 +0100
Subject: [PATCH 3/3] Fix sign out

---
 app/controllers/users_controller.rb     | 2 ++
 app/views/application/_navbar.html.haml | 2 +-
 config/initializers/devise.rb           | 2 +-
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/app/controllers/users_controller.rb b/app/controllers/users_controller.rb
index 83b98348..a9e71ce8 100644
--- a/app/controllers/users_controller.rb
+++ b/app/controllers/users_controller.rb
@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 include TimeSeriesInitializer
 
 class UsersController < ApplicationController
diff --git a/app/views/application/_navbar.html.haml b/app/views/application/_navbar.html.haml
index 35428abf..cb9ab6c8 100644
--- a/app/views/application/_navbar.html.haml
+++ b/app/views/application/_navbar.html.haml
@@ -34,4 +34,4 @@
                       %input#modal-1.modal-state{:type => "checkbox"}/
                       = render 'modal'
                 %li.devider
-                %li= link_to t("sign_out"), destroy_user_session_path
+                %li= link_to t("sign_out"), destroy_user_session_path, method: :delete
diff --git a/config/initializers/devise.rb b/config/initializers/devise.rb
index 99d98920..6911255f 100644
--- a/config/initializers/devise.rb
+++ b/config/initializers/devise.rb
@@ -269,7 +269,7 @@
   # config.navigational_formats = ["*/*", :html]
 
   # The default HTTP method used to sign out a resource. Default is :delete.
-  # config.sign_out_via = :get
+  config.sign_out_via = :delete
 
   # ==> OmniAuth
   # Add a new OmniAuth provider. Check the wiki for more information on setting