fix: use find_by! to return 404 for invalid tokens

- Changed find_by to find_by! in before_action set_* methods to raise
  ActiveRecord::RecordNotFound (which Rails converts to 404) instead of
  returning nil and causing NoMethodError

High priority (production crash):
- workshop_invitation_concerns.rb - WorkshopInvitation lookup
- admin/meeting_invitations_controller.rb - MeetingInvitation lookup
- admin/invitations_controller.rb - workshop invitation lookup

Medium priority (potential 500 errors):
- admin/meetings_controller.rb - Meeting lookup by slug
- events_controller.rb - Event lookup by slug
- admin/events_controller.rb - Event lookup by slug

Lower priority:
- invitations_controller.rb:80 - MeetingInvitation lookup in cancel_meeting
- contact_preferences_controller.rb:11 - Contact lookup in update
- feedback_controller.rb:22 - FeedbackRequest lookup in submit

Author: mroderick

.worktrees/n1-queries-events

@@ -0,0 +1 @@
+Subproject commit ed6e150f9dacaae089b2f24612ccc2e96eb008d0

app/controllers/admin/events_controller.rb

@@ -27,7 +27,7 @@ def show
     @attending_students = InvitationPresenter.decorate_collection(@original_event.attending_students)
     @attending_coaches = InvitationPresenter.decorate_collection(@original_event.attending_coaches)
 
-    return render plain: @event.attendees_csv if request.format.csv?
+    render plain: @event.attendees_csv if request.format.csv?
   end
 
   def update
@@ -67,7 +67,7 @@ def attendees_emails
   private
 
   def set_event
-    @original_event = Event.find_by(slug: params[:id])
+    @original_event = Event.find_by!(slug: params[:id])
     @event = EventPresenter.new(@original_event)
   end
 

app/controllers/admin/invitations_controller.rb

@@ -73,7 +73,7 @@ def update_to_not_attending
   end
 
   def set_invitation
-    @invitation = @workshop.invitations.find_by(token: invitation_id)
+    @invitation = @workshop.invitations.find_by!(token: invitation_id)
   end
 
   def invitation_id

app/controllers/admin/meeting_invitations_controller.rb

@@ -34,7 +34,7 @@ def create
   private
 
   def set_invitation
-    @invitation = MeetingInvitation.find_by(token: id)
+    @invitation = MeetingInvitation.find_by!(token: id)
   end
 
   def id

app/controllers/admin/meetings_controller.rb

@@ -21,7 +21,7 @@ def create
   def show
     @invitations = @meeting.invitations.accepted.includes(:member).order(:created_at)
 
-    return render plain: @meeting.attendees_csv if request.format.csv?
+    render plain: @meeting.attendees_csv if request.format.csv?
   end
 
   def edit; end
@@ -54,7 +54,7 @@ def invite
   private
 
   def set_meeting
-    @meeting = Meeting.find_by(slug: slug)
+    @meeting = Meeting.find_by!(slug: slug)
   end
 
   def slug

app/controllers/concerns/workshop_invitation_concerns.rb

@@ -19,7 +19,7 @@ def back_with_message(message)
     end
 
     def set_invitation
-      @invitation = WorkshopInvitation.find_by(token: token)
+      @invitation = WorkshopInvitation.find_by!(token: token)
     end
   end
 end

app/controllers/contact_preferences_controller.rb

@@ -8,7 +8,7 @@ def show
   end
 
   def update
-    contact = Contact.find_by(token: contact_preferences[:token])
+    contact = Contact.find_by!(token: contact_preferences[:token])
     contact.update(mailing_list_consent: mailing_list_consent)
     audit_contact_subscription(contact)
 

app/controllers/events_controller.rb

@@ -13,16 +13,17 @@ def index
     events << Event.past.includes(:venue, :sponsors).limit(RECENT_EVENTS_DISPLAY_LIMIT)
     events = events.compact.flatten.sort_by(&:date_and_time).reverse.first(RECENT_EVENTS_DISPLAY_LIMIT)
     events_hash_grouped_by_date = events.group_by(&:date)
-    @past_events = events_hash_grouped_by_date.map.inject({}) do |hash, (key, value)|
+    @past_events = events_hash_grouped_by_date.map.each_with_object({}) do |(key, value), hash|
       hash[key] = EventPresenter.decorate_collection(value)
-      hash
     end
 
     events = [Workshop.includes(:chapter).upcoming.joins(:chapter).merge(Chapter.active)]
     events << Meeting.upcoming.all
     events << Event.upcoming.includes(:venue, :sponsors).all
     events = events.compact.flatten.sort_by(&:date_and_time).group_by(&:date)
-    @events = events.map.inject({}) { |hash, (key, value)| hash[key] = EventPresenter.decorate_collection(value); hash }
+    @events = events.map.each_with_object({}) do |(key, value), hash|
+ hash[key] = EventPresenter.decorate_collection(value)
+    end
   end
 
   def show
@@ -34,7 +35,7 @@ def show
     return unless logged_in?
 
     invitation = Invitation.find_by(member: current_user, event: event, attending: true)
-    return redirect_to event_invitation_path(@event, invitation) if invitation
+    redirect_to event_invitation_path(@event, invitation) if invitation
   end
 
   def student
@@ -74,6 +75,6 @@ def find_invitation_and_redirect_to_event(role)
   end
 
   def set_event
-    @event = Event.find_by(slug: params[:event_id])
+    @event = Event.find_by!(slug: params[:event_id])
   end
 end

app/controllers/feedback_controller.rb

@@ -19,7 +19,7 @@ def submit
 
       redirect_to root_path
     else
-      feedback_request = FeedbackRequest.find_by(token: params[:id], submited: false)
+      feedback_request = FeedbackRequest.find_by!(token: params[:id], submited: false)
       set_coaches(feedback_request.workshop)
 
       @workshop = feedback_request.workshop

app/controllers/invitations_controller.rb

@@ -77,7 +77,7 @@ def rsvp_meeting
   end
 
   def cancel_meeting
-    @invitation = MeetingInvitation.find_by(token: params[:token])
+    @invitation = MeetingInvitation.find_by!(token: params[:token])
 
     @invitation.update_attribute(:attending, false)