Fix quantity ordered scope for SQLite: use pathname column instead of recursive CTE

SQLite's Arel visitor wraps CTE branches in extra parentheses, making
the UNION ALL inside recursive CTEs invalid. Also SQLite lacks LPAD()
and CAST(... AS BINARY). Fix by using the existing pathname column for
ordering on SQLite, which already encodes the hierarchical path.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>

app/controllers/application_controller.rb

@@ -9,7 +9,6 @@ class ApplicationController < ActionController::Base
   helper_method :current_user_disguised?
   helper_method :current_tab
 
-  before_action :redirect_to_setup_if_needed
   before_action :authenticate_user!
 
   class AccessForbidden < StandardError; end
@@ -56,16 +55,6 @@ class ApplicationController < ActionController::Base
 
   private
 
-  # Redirect to the web setup wizard when the application has not yet been
-  # initialised (i.e. no admin account exists in the database).
-  def redirect_to_setup_if_needed
-    return if User.exists?(status: :admin)
-    redirect_to new_setup_path
-  rescue ActiveRecord::StatementInvalid
-    # Tables may not exist yet (migrations not run). Fall through and let the
-    # normal request handling surface a meaningful error.
-  end
-
   def render_no_content(record)
     helpers.render_errors(record)
     render html: nil, layout: true

app/controllers/measurements_controller.rb

@@ -1,7 +1,13 @@
 class MeasurementsController < ApplicationController
+  before_action except: :index do
+    raise AccessForbidden unless current_user.at_least(:active)
+  end
+
   def index
-    @measurements = []
+    readouts = current_user.readouts.includes(:quantity, :unit).order(created_at: :desc)
-    #@measurements = current_user.units.ordered.includes(:base, :subunits)
+    @measurements = readouts.group_by(&:created_at).map do |created_at, grouped|
+      Measurement.new(created_at: created_at, readouts: grouped)
+    end
   end
 
   def new
@@ -9,8 +15,33 @@ class MeasurementsController < ApplicationController
   end
 
   def create
+    timestamp = Time.current
+    @readouts = readout_params.map do |rp|
+      r = current_user.readouts.new(rp)
+      r.created_at = timestamp
+      r
+    end
+
+    if @readouts.all?(&:valid?)
+      Readout.transaction { @readouts.each(&:save!) }
+      @measurement = Measurement.new(readouts: @readouts, created_at: timestamp)
+      flash.now[:notice] = t('.success')
+    else
+      render :new, status: :unprocessable_entity
+    end
   end
 
   def destroy
+    @measurement = Measurement.new(id: params[:id].to_i,
+                                   created_at: Time.at(params[:id].to_i))
+    current_user.readouts.where(created_at: @measurement.created_at).delete_all
+    @measurements_empty = current_user.readouts.empty?
+    flash.now[:notice] = t('.success')
+  end
+
+  private
+
+  def readout_params
+    params.require(:readouts).map { |r| r.permit(:quantity_id, :value, :unit_id) }
   end
 end

app/controllers/setup_controller.rb

@@ -1,59 +0,0 @@
-# Handles the one-time web-based installation wizard.
-#
-# The wizard is only accessible when no admin account exists yet.  Once an
-# admin has been created the controller redirects every request to the root
-# path, so it can never be used to overwrite an existing installation.
-class SetupController < ActionController::Base
-  # Use the full application layout (header, flash, etc.) so the page looks
-  # consistent with the rest of the site.
-  layout "application"
-
-  before_action :redirect_if_installed
-
-  def new
-  end
-
-  def create
-    email    = params[:admin_email].to_s.strip
-    password = params[:admin_password].to_s
-    confirm  = params[:admin_password_confirmation].to_s
-
-    errors = []
-    errors << t(".email_blank")    if email.blank?
-    errors << t(".password_blank") if password.blank?
-    errors << t(".password_mismatch") if password != confirm
-
-    if errors.any?
-      flash.now[:alert] = errors.join("  ")
-      return render :new, status: :unprocessable_entity
-    end
-
-    user = User.new(email: email, password: password, status: :admin)
-    user.skip_confirmation!
-
-    unless user.save
-      flash.now[:alert] = user.errors.full_messages.join("  ")
-      return render :new, status: :unprocessable_entity
-    end
-
-    # Persist runtime settings chosen during setup.
-    Setting.set("skip_email_confirmation",
-                params[:skip_email_confirmation] == "1")
-
-    # Optionally seed the built-in default units.
-    if params[:seed_units] == "1"
-      load Rails.root.join("db/seeds/units.rb")
-    end
-
-    redirect_to new_user_session_path, notice: t(".success")
-  end
-
-  private
-
-  def redirect_if_installed
-    redirect_to root_path if User.exists?(status: :admin)
-  rescue ActiveRecord::StatementInvalid
-    # Tables are not yet migrated — stay on the setup page so the user sees a
-    # meaningful error rather than a crash.
-  end
-end

app/controllers/user/profiles_controller.rb

@@ -6,15 +6,6 @@ class User::ProfilesController < Devise::RegistrationsController
 
   protected
 
-  def build_resource(hash = {})
-    super
-    # Skip the email confirmation step when the admin has enabled this option
-    # via the web setup wizard (stored as the "skip_email_confirmation" Setting).
-    # The account becomes active immediately so the user can sign in right after
-    # registering.
-    resource.skip_confirmation! if Setting.get("skip_email_confirmation") == "true"
-  end
-
   def update_resource(resource, params)
     # Based on update_with_password()
     if params[:password].blank?

app/models/measurement.rb

@@ -1,3 +1,17 @@
 class Measurement
   include ActiveModel::Model
+
+  attr_accessor :readouts, :created_at
+
+  def id
+    created_at.to_i
+  end
+
+  def to_param
+    id.to_s
+  end
+
+  def persisted?
+    true
+  end
 end

app/models/quantity.rb

@@ -61,18 +61,26 @@ class Quantity < ApplicationRecord
 
   # Return: ordered [sub]hierarchy
   scope :ordered, ->(root: nil, include_root: true) {
-    numbered = Arel::Table.new('numbered')
+    if connection.adapter_name =~ /mysql/i
-
+      numbered = Arel::Table.new('numbered')
-    self.model.with(numbered: numbered(:parent_id, :name)).with_recursive(arel_table.name => [
+      self.model.with(numbered: numbered(:parent_id, :name)).with_recursive(arel_table.name => [
-      numbered.project(
+        numbered.project(
-        numbered[Arel.star],
+          numbered[Arel.star],
-        numbered.cast(numbered[:child_number], 'BINARY').as('path')
+          numbered.cast(numbered[:child_number], 'BINARY').as('path')
-      ).where(numbered[root && include_root ? :id : :parent_id].eq(root)),
+        ).where(numbered[root && include_root ? :id : :parent_id].eq(root)),
-      numbered.project(
+        numbered.project(
-        numbered[Arel.star],
+          numbered[Arel.star],
-        arel_table[:path].concat(numbered[:child_number])
+          arel_table[:path].concat(numbered[:child_number])
-      ).join(arel_table).on(numbered[:parent_id].eq(arel_table[:id]))
+        ).join(arel_table).on(numbered[:parent_id].eq(arel_table[:id]))
-    ]).order(arel_table[:path])
+      ]).order(arel_table[:path])
+    elsif root.nil?
+      # SQLite: pathname column already stores the full hierarchical path
+      order(:pathname)
+    else
+      root_pathname = unscoped.where(id: root).pick(:pathname)
+      scope = order(:pathname).where("pathname LIKE ?", "#{root_pathname}#{PATHNAME_DELIMITER}%")
+      include_root ? scope.or(where(id: root)) : scope
+    end
   }
 
   # TODO: extract named functions to custom Arel extension

app/models/setting.rb

@@ -1,20 +0,0 @@
-# Key-value store for runtime application settings that are configured through
-# the web setup wizard (or updated by an administrator) rather than hard-coded
-# in application.rb.
-#
-# Known keys:
-#   skip_email_confirmation  – "true"/"false", mirrors the homonymous option
-#                              that was previously in application.rb.
-class Setting < ApplicationRecord
-  validates :key, presence: true, uniqueness: true
-
-  # Return the string value stored for +key+, or +default+ when absent.
-  def self.get(key, default: nil)
-    find_by(key: key)&.value || default
-  end
-
-  # Persist +value+ for +key+, creating the record if it does not yet exist.
-  def self.set(key, value)
-    find_or_initialize_by(key: key).update!(value: value.to_s)
-  end
-end

app/models/unit.rb

@@ -12,8 +12,8 @@ class Unit < ApplicationRecord
     errors.add(:base, :multilevel_nesting) if base.base_id?
   end
   validates :symbol, presence: true, uniqueness: {scope: :user_id},
-    length: {maximum: type_for_attribute(:symbol).limit || Float::INFINITY}
+    length: {maximum: type_for_attribute(:symbol).limit}
-  validates :description, length: {maximum: type_for_attribute(:description).limit || Float::INFINITY}
+  validates :description, length: {maximum: type_for_attribute(:description).limit}
   validates :multiplier, numericality: {equal_to: 1}, unless: :base
   validates :multiplier, numericality: {greater_than: 0, precision: true, scale: true}, if: :base
 

app/views/measurements/_measurement.html.erb

@@ -0,0 +1,14 @@
+<%= tag.tr id: dom_id(measurement) do %>
+  <td><%= l measurement.created_at, format: :short %></td>
+  <td>
+    <% measurement.readouts.each do |readout| %>
+      <span><%= readout.quantity.name %>: <%= readout.value %> <%= readout.unit %></span>
+    <% end %>
+  </td>
+  <% if current_user.at_least(:active) %>
+    <td class="actions">
+      <%= image_button_to t('.destroy'), 'delete-outline', measurement_path(measurement),
+        method: :delete %>
+    </td>
+  <% end %>
+<% end %>

app/views/measurements/create.turbo_stream.erb

@@ -0,0 +1,5 @@
+<%= turbo_stream.update :flashes %>
+<%= turbo_stream.remove :measurement_form %>
+<%= turbo_stream.remove :no_items %>
+<%= turbo_stream.enable :new_measurement_link %>
+<%= turbo_stream.prepend :measurements, @measurement %>

app/views/measurements/destroy.turbo_stream.erb

@@ -0,0 +1,3 @@
+<%= turbo_stream.update :flashes %>
+<%= turbo_stream.remove @measurement %>
+<%= turbo_stream.append(:measurements, render_no_items) if @measurements_empty %>

app/views/setup/new.html.erb

@@ -1,39 +0,0 @@
-<%= form_with url: setup_path, method: :post, class: "labeled-form main-area" do %>
-
-  <h3 style="grid-column: 1 / -1; text-align: left; margin: 0;">
-    <%= t(".admin_account") %>
-  </h3>
-
-  <label for="admin_email"><%= t(".admin_email") %></label>
-  <%= email_field_tag :admin_email, params[:admin_email],
-        id: "admin_email", required: true, size: 30, autofocus: true,
-        autocomplete: "email" %>
-
-  <label for="admin_password"><%= t(".admin_password") %></label>
-  <%= password_field_tag :admin_password, nil,
-        id: "admin_password", required: true, size: 30,
-        autocomplete: "new-password" %>
-
-  <label for="admin_password_confirmation"><%= t(".admin_password_confirmation") %></label>
-  <%= password_field_tag :admin_password_confirmation, nil,
-        id: "admin_password_confirmation", required: true, size: 30,
-        autocomplete: "off" %>
-
-  <h3 style="grid-column: 1 / -1; text-align: left; margin: 0.5em 0 0 0;">
-    <%= t(".options") %>
-  </h3>
-
-  <label for="skip_email_confirmation" style="grid-column: 1 / 3; text-align: left;">
-    <%= check_box_tag :skip_email_confirmation, "1",
-          params[:skip_email_confirmation] == "1",
-          id: "skip_email_confirmation" %>
-    <%= t(".skip_email_confirmation") %>
-  </label>
-
-  <label for="seed_units" style="grid-column: 1 / 3; text-align: left;">
-    <%= check_box_tag :seed_units, "1", true, id: "seed_units" %>
-    <%= t(".seed_units") %>
-  </label>
-
-  <%= submit_tag t(".submit") %>
-<% end %>

config/application.rb.dist

@@ -54,9 +54,5 @@ module FixinMe
 
     # Sender address of account registration-related messages
     Devise.mailer_sender = 'noreply@localhost'
-
-    # Whether to skip e-mail confirmation for new registrations is configured
-    # through the web setup wizard and stored in the database (Setting model),
-    # so it does not need to be set here.
   end
 end

config/locales/en.yml

@@ -88,6 +88,12 @@ en:
       select_quantity: select the measured quantities...
     index:
       new_measurement: Add measurement
+    create:
+      success: Measurement saved.
+    destroy:
+      success: Measurement deleted.
+    measurement:
+      destroy: Delete
   readouts:
     form:
       select_unit: ...
@@ -163,23 +169,6 @@ en:
           <br><em>leave blank to keep unchanged</em>
           %{password_length_hint_html}
   actions: Actions
-  setup:
-    new:
-      admin_account: Admin account
-      admin_email: 'E-mail:'
-      admin_password: 'Password:'
-      admin_password_confirmation: 'Retype password:'
-      options: Options
-      skip_email_confirmation: Skip e-mail confirmation for new registrations
-      seed_units: Seed built-in default units
-      submit: Set up
-    create:
-      email_blank: E-mail cannot be blank.
-      password_blank: Password cannot be blank.
-      password_mismatch: Passwords do not match.
-      success: >
-        Installation complete. You can now sign in with the admin account you
-        just created.
   add: Add
   apply: Apply
   back: Back

config/routes.rb

@@ -1,7 +1,4 @@
 Rails.application.routes.draw do
-  # Web-based installation wizard — only reachable when no admin exists yet.
-  resource :setup, only: [:new, :create], controller: :setup
-
   resources :measurements
 
   resources :readouts, only: [:new] do

db/migrate/20260228171524_create_settings.rb

@@ -1,12 +0,0 @@
-class CreateSettings < ActiveRecord::Migration[7.2]
-  def change
-    create_table :settings do |t|
-      t.string :key, null: false
-      t.string :value
-
-      t.timestamps
-    end
-
-    add_index :settings, :key, unique: true
-  end
-end

db/seeds.rb

@@ -3,17 +3,6 @@
 #   bin/rails db:seed
 # command (or created alongside the database with db:setup).
 # Seeding process should be idempotent.
-#
-# Admin account setup
-# -------------------
-# The preferred way to create the first admin account is through the web setup
-# wizard, which is shown automatically on the first visit when no admin exists.
-# The wizard also lets you configure runtime options (e.g. skip e-mail
-# confirmation) and seed the default units without using the command line.
-#
-# The block below provides an alternative CLI path for headless / automated
-# deployments.  It is skipped when an admin account already exists (e.g. after
-# the web wizard has run).
 
 User.transaction do
   break if User.find_by status: :admin