Merge upstream/css-cleanup into master

Resolves conflicts between upstream/master and upstream/css-cleanup:
- CSS: take css-cleanup versions (button/link style unification, comment cleanup,
  table .button styles, [name=cancel]/.auxiliary styles)
- application_helper.rb: use SVG icon for flash message close button (css-cleanup)
- users_test.rb: use single-quote style (css-cleanup), keep sole-admin test (master)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

app/controllers/application_controller.rb

@@ -26,6 +26,18 @@ class ApplicationController < ActionController::Base
   #   Turbo will reload 2nd time with HTML format and flashes will be lost.
   rescue_from *ActionDispatch::ExceptionWrapper.rescue_responses.keys, with: :rescue_turbo
 
+  # Required by #respond_with (gem `responders`) used by Devise controllers.
+  respond_to :html, :turbo_stream
+
+  def after_sign_in_path_for(resource)
+    # TODO: allow setting path per-user or save last path in session and restore
+    units_path
+  end
+
+  def after_sign_out_path_for(resource)
+    new_user_session_path
+  end
+
   protected
 
   def current_user_disguised?

app/controllers/user/profiles_controller.rb

@@ -1,6 +1,4 @@
-class RegistrationsController < Devise::RegistrationsController
-  before_action :authenticate_user!, only: [:edit, :update, :destroy]
-
+class User::ProfilesController < Devise::RegistrationsController
   def destroy
     if current_user.sole_admin?
       redirect_back fallback_location: edit_user_registration_path,

app/controllers/users_controller.rb

@@ -37,7 +37,7 @@ class UsersController < ApplicationController
   end
 
   # NOTE: limited actions availabe to :admin by design. Users are meant to
-  # manage their accounts by themselves through registrations. :admin
+  # manage their accounts by themselves through profiles. :admin
   # is allowed to sign-in (disguise) as user and make changes from there.
 
   protected