# Be sure to restart your web server when you modify this file.

# Uncomment below to force Rails into production mode when 
# you don't control web/app server and can't set it the proper way
# ENV['RAILS_ENV'] ||= 'production'

# Rails Gem Version
RAILS_GEM_VERSION = '1.2.6' unless defined? RAILS_GEM_VERSION

# Bootstrap the Rails environment, frameworks, and default configuration
require File.join(File.dirname(__FILE__), 'boot')

Rails::Initializer.run do |config|
  # Settings in config/environments/* take precedence those specified here
  
  # Skip frameworks you're not going to use (only works if using vendor/rails)
  config.frameworks -= [ :action_web_service ]

  # Add additional load paths for your own custom dirs
  # config.load_paths += %W( #{RAILS_ROOT}/extras )

  # Force all environments to use the same logger level 
  # (by default production uses :info, the others :debug)
  config.log_level = :warn

  # Use the database for sessions instead of the file system
  # (create the session table with 'rake db:sessions:create')
  config.action_controller.session_store = :active_record_store

  # Use SQL instead of Active Record's schema dumper when creating the test database.
  # This is necessary if your schema can't be completely dumped by the schema dumper, 
  # like if you have constraints or database-specific column types
  # config.active_record.schema_format = :sql

  # Activate observers that should always be running
  # config.active_record.observers = :cacher, :garbage_collector

  # Make Active Record use UTC-base instead of local time
  config.active_record.default_timezone = :utc
  
  # See Rails::Configuration for more options
end

# Add new inflection rules using the following format 
# (all these examples are active by default):
# Inflector.inflections do |inflect|
#   inflect.plural /^(ox)$/i, '\1en'
#   inflect.singular /^(ox)en/i, '\1'
#   inflect.irregular 'person', 'people'
#   inflect.uncountable %w( fish sheep )
# end

# Include your application configuration below

ActionController::CgiRequest::DEFAULT_SESSION_OPTIONS[:session_key] = 'beastapp_session_id'

PASSWORD_SALT = '59f34ac7f486c440ab342d26eff45531' unless Object.const_defined?(:PASSWORD_SALT)

Module.class_eval do
  def expiring_attr_reader(method_name, value)
    class_eval(<<-EOS, __FILE__, __LINE__)
      def #{method_name}
        class << self; attr_reader :#{method_name}; end
        @#{method_name} = eval(%(#{value}))
      end
    EOS
  end
end

# 2013-09-04 (ADH): A custom vendor/plugins/white_list implementation
# allows for empty attributes lists, meaning "pass all". We use its
# block parameter to pass a custom block too. This checks the bad_tags
# list set up below and returns the HTML escaped result. Otherwise it
# lets it through. That way, we turn white listing into black listing,
# as in general forum users are trusted, but in the last year or so a
# number of spammers have got through the Hub captcha and shown that
# users aren't quite as trustworthy as they used to be.

WhiteListHelper.attributes = Set.new()
WhiteListHelper.tags       = Set.new() # So everything is passed to the custom block as if 'bad'

WhiteListHelper.bad_tags.merge(%w(object param embed frame iframe))