[NUOPEN-14] Remove deprecated urlsafe_csrf_tokens setting (#5718)

diebas · web-flow · commit cac9d97f5101 · 2025-10-16T12:23:25.000-03:00
* Remove deprecated urlsafe_csrf_tokens setting

* Remove order creation from transaction on order row importer

* Fix rubocop warning

* Refactor solution
diff --git a/app/models/order_import.rb b/app/models/order_import.rb
@@ -14,8 +14,8 @@ class OrderImport < ApplicationRecord
 
   delegate :download_url, to: :error_file, prefix: true, allow_nil: true
 
-  def fetch_or_create_order!(row_importer)
-    order_cache[row_importer.order_key] || create_order_from_imported_row!(row_importer)
+  def fetch_or_create_order(row_importer)
+    order_cache[row_importer.order_key] || create_order_from_imported_row(row_importer)
   end
 
   #
@@ -74,8 +74,8 @@ def to_s
 
   private
 
-  def create_order_from_imported_row!(row_importer)
-    Order.create!(
+  def create_order_from_imported_row(row_importer)
+    Order.create(
       facility:,
       account: row_importer.account,
       user: row_importer.user,
diff --git a/app/services/order_row_importer.rb b/app/services/order_row_importer.rb
@@ -141,7 +141,7 @@ def add_error(message, options = {})
   def add_to_order
     ActiveRecord::Base.transaction do
       begin
-        @order = field(:order_number).present? ? existing_order : @order_import.fetch_or_create_order!(self)
+        @order = field(:order_number).present? ? existing_order : @order_import.fetch_or_create_order(self)
 
         # The order adding feature has some quirky behavior because of the "order form"
         # feature: if you add multiple of a timed service, it creates multiple line items
diff --git a/config/environments/production.rb b/config/environments/production.rb
@@ -15,8 +15,6 @@
   # Full error reports are disabled and caching is turned on.
   config.consider_all_requests_local       = false
   config.action_controller.perform_caching = true
-  # https://github.com/rails/rails/compare/v5.2.5...v5.2.6#diff-6617298c89de9a6367092e0e98578354d77c5d2dac4316a8447c4ea1c33be0edR14
-  config.action_controller.urlsafe_csrf_tokens = true
 
   # Ensures that a master key has been made available in either ENV["RAILS_MASTER_KEY"]
   # or in config/master.key. This key is used to decrypt credentials (and other encrypted files).
