23 files changed, 504 insertions, 702 deletions

diff --git a/config/application.rb b/config/application.rb
new file mode 100644
index 000000000..f5b525a36
--- /dev/null
+++ b/config/application.rb
@@ -0,0 +1,72 @@
+require File.expand_path('../boot', __FILE__)
+
+require 'rails/all'
+
+require File.dirname(__FILE__) + '/../lib/configuration'
+
+# If you have a Gemfile, require the gems listed there, including any gems
+# you've limited to :test, :development, or :production.
+Bundler.require(:default, Rails.env) if defined?(Bundler)
+
+module Alaveteli
+  class Application < Rails::Application
+    # Settings in config/environments/* take precedence over those specified here.
+    # Application configuration should go into files in config/initializers
+    # -- all .rb files in that directory are automatically loaded.
+
+    # Custom directories with classes and modules you want to be autoloadable.
+    # config.autoload_paths += %W(#{config.root}/extras)
+
+    # Only load the plugins named here, in the order given (default is alphabetical).
+    # :all can be used as a placeholder for all plugins not explicitly named.
+    # config.plugins = [ :exception_notification, :ssl_requirement, :all ]
+
+    # Activate observers that should always be running.
+    # config.active_record.observers = :cacher, :garbage_collector, :forum_observer
+
+    # Set Time.zone default to the specified zone and make Active Record auto-convert to this zone.
+    # Run "rake -D time" for a list of tasks for finding time zone names. Default is UTC.
+    # config.time_zone = 'Central Time (US & Canada)'
+
+    # The default locale is :en and all translations from config/locales/*.rb,yml are auto loaded.
+    # config.i18n.load_path += Dir[Rails.root.join('my', 'locales', '*.{rb,yml}').to_s]
+    # config.i18n.default_locale = :de
+
+    # JavaScript files you want as :defaults (application.js is always included).
+    # config.action_view.javascript_expansions[:defaults] = %w(jquery rails)
+
+    # Configure the default encoding used in templates for Ruby 1.9.
+    config.encoding = "utf-8"
+
+    # Configure sensitive parameters which will be filtered from the log file.
+    config.filter_parameters += [:password]
+
+    # Use SQL instead of Active Record's schema dumper when creating the test database.
+    # This is necessary if your schema can't be completely dumped by the schema dumper,
+    # like if you have constraints or database-specific column types
+    config.active_record.schema_format = :sql
+
+    # Make Active Record use UTC-base instead of local time
+    config.active_record.default_timezone = :utc
+
+    # This is the timezone that times and dates are displayed in
+    # Note that having set a zone, the Active Record
+    # time_zone_aware_attributes flag is on, so times from models
+    # will be in this time zone
+    config.time_zone = ::AlaveteliConfiguration::time_zone
+
+    config.after_initialize do
+       require 'routing_filters.rb'
+    end
+
+    config.autoload_paths << "#{Rails.root.to_s}/lib/mail_handler"
+
+    # See Rails::Configuration for more options
+    ENV['RECAPTCHA_PUBLIC_KEY'] = ::AlaveteliConfiguration::recaptcha_public_key
+    ENV['RECAPTCHA_PRIVATE_KEY'] = ::AlaveteliConfiguration::recaptcha_private_key
+
+    # Insert a bit of middleware code to prevent uneeded cookie setting.
+    require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions"
+    config.middleware.insert_before ActionDispatch::Session::CookieStore, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true
+  end
+end
diff --git a/config/boot.rb b/config/boot.rb
index 906a2bace..a810be358 100644
--- a/config/boot.rb
+++ b/config/boot.rb
@@ -1,135 +1,15 @@
-# Don't change this file!
-# Configure your app in config/environment.rb and config/environments/*.rb
+require 'rubygems'
 
-# Hmmm, that's a bit daft - 'production' needs setting not only in the web
-# server, it also needs setting in all the scripts, so a central place seems
-# better. Look for a config/rails_env file, and read stuff from there if 
+# Set up gems listed in the Gemfile.
+ENV['BUNDLE_GEMFILE'] ||= File.expand_path('../../Gemfile', __FILE__)
+
+require 'bundler/setup' if File.exists?(ENV['BUNDLE_GEMFILE'])
+
+# TODO: Remove this. This is a hacky system for having a default environment.
+# It looks for a config/rails_env.rb file, and reads stuff from there if
 # it exists. Put just a line like this in there:
 #   ENV['RAILS_ENV'] = 'production'
 rails_env_file = File.expand_path(File.join(File.dirname(__FILE__), 'rails_env.rb'))
 if File.exists?(rails_env_file)
     require rails_env_file
 end
-
-RAILS_ROOT = "#{File.dirname(__FILE__)}/.." unless defined?(RAILS_ROOT)
-
-module Rails
-  class << self
-    def boot!
-      unless booted?
-        preinitialize
-        pick_boot.run
-      end
-    end
-
-    def booted?
-      defined? Rails::Initializer
-    end
-
-    def pick_boot
-      (vendor_rails? ? VendorBoot : GemBoot).new
-    end
-
-    def vendor_rails?
-      File.exist?("#{RAILS_ROOT}/vendor/rails/Rakefile")
-    end
-
-    def preinitialize
-      load(preinitializer_path) if File.exist?(preinitializer_path)
-    end
-
-    def preinitializer_path
-      "#{RAILS_ROOT}/config/preinitializer.rb"
-    end
-  end
-
-  class Boot
-    def run
-      load_initializer
-
-      Rails::Initializer.class_eval do
-        def load_gems
-          @bundler_loaded ||= Bundler.require :default, Rails.env
-        end
-      end
-
-      Rails::Initializer.run(:set_load_path)
-    end
-  end
-
-  class VendorBoot < Boot
-    def load_initializer
-      require "#{RAILS_ROOT}/vendor/rails/railties/lib/initializer"
-      Rails::Initializer.run(:install_gem_spec_stubs)
-      Rails::GemDependency.add_frozen_gem_path
-    end
-  end
-
-  class GemBoot < Boot
-    def load_initializer
-      self.class.load_rubygems
-      load_rails_gem
-      require 'initializer'
-    end
-
-    def load_rails_gem
-      if version = self.class.gem_version
-        gem 'rails', version
-      else
-        gem 'rails'
-      end
-    rescue Gem::LoadError => load_error
-      if load_error.message =~ /Could not find RubyGem rails/
-        STDERR.puts %(Missing the Rails #{version} gem. Please `gem install -v=#{version} rails`, update your RAILS_GEM_VERSION setting in config/environment.rb for the Rails version you do have installed, or comment out RAILS_GEM_VERSION to use the latest version installed.)
-        exit 1
-      else
-        raise
-      end
-    end
-
-    class << self
-      def rubygems_version
-        Gem::RubyGemsVersion rescue nil
-      end
-
-      def gem_version
-        if defined? RAILS_GEM_VERSION
-          RAILS_GEM_VERSION
-        elsif ENV.include?('RAILS_GEM_VERSION')
-          ENV['RAILS_GEM_VERSION']
-        else
-          parse_gem_version(read_environment_rb)
-        end
-      end
-
-      def load_rubygems
-        min_version = '1.3.2'
-        require 'rubygems'
-
-        unless rubygems_version >= min_version
-          $stderr.puts %Q(Rails requires RubyGems >= #{min_version} (you have #{rubygems_version}). Please `gem update --system` and try again.)
-          exit 1
-        end
-
-      rescue LoadError
-        $stderr.puts %Q(Rails requires RubyGems >= #{min_version}. Please install RubyGems and try again: http://rubygems.rubyforge.org)
-        exit 1
-      end
-
-      def parse_gem_version(text)
-        $1 if text =~ /^[^#]*RAILS_GEM_VERSION\s*=\s*["']([!~<>=]*\s*[\d.]+)["']/
-      end
-
-      private
-        def read_environment_rb
-          File.read("#{RAILS_ROOT}/config/environment.rb")
-        end
-    end
-  end
-end
-
-
-
-# All that for this:
-Rails.boot!
-
diff --git a/config/crontab.ugly b/config/crontab.ugly
index ef3455113..d33450df4 100644
--- a/config/crontab.ugly
+++ b/config/crontab.ugly
@@ -2,7 +2,7 @@
 # Timed tasks for FOI site. Template file.
 #
 # Copyright (c) 2008 UK Citizens Online Democracy. All rights reserved.
-# Email: francis@mysociety.org. WWW: http://www.mysociety.org/
+# Email: hello@mysociety.org. WWW: http://www.mysociety.org/
 
 PATH=/usr/local/bin:/usr/bin:/bin
 MAILTO=cron-!!(*= $site *)!!@mysociety.org
diff --git a/config/deploy.yml.example b/config/deploy.yml.example
index aea045dff..61931e50e 100644
--- a/config/deploy.yml.example
+++ b/config/deploy.yml.example
@@ -1,12 +1,12 @@
 # Site-specific deployment configuration lives in this file
 production:
-  repository: git://github.com:mysociety/alaveteli.git
+  repository: git://github.com/mysociety/alaveteli.git
   branch: master
   server: www.example.com
   user: deploy
   deploy_to: /srv/www/alaveteli_production
 staging:
-  repository: git://github.com:mysociety/alaveteli.git
+  repository: git://github.com/mysociety/alaveteli.git
   branch: develop
   server: test.example.com
   user: deploy
diff --git a/config/environment.rb b/config/environment.rb
index da4bd984a..196680b23 100644
--- a/config/environment.rb
+++ b/config/environment.rb
@@ -1,154 +1,5 @@
-# Be sure to restart your web server when you modify this file.
-if RUBY_VERSION.to_f >= 1.9
-    # the default encoding for IO is utf-8, and we use utf-8 internally
-    Encoding.default_external = Encoding.default_internal = Encoding::UTF_8
-    # Suppress warning messages and require inflector to avoid iconv deprecation message
-    # "iconv will be deprecated in the future, use String#encode instead." when loading
-    # it as part of rails
-    original_verbose, $VERBOSE = $VERBOSE, nil
-    require 'active_support/inflector'
-    # Activate warning messages again.
-    $VERBOSE = original_verbose
-    require 'yaml'
-    YAML::ENGINE.yamler = "syck"
-end
+# Load the rails application
+require File.expand_path('../application', __FILE__)
 
-# Uncomment below to force Rails into production mode when
-# you don't control web/app server and can't set it the proper way
-# ENV['RAILS_ENV'] ||= 'production'
-
-# Specifies gem version of Rails to use when vendor/rails is not present
-RAILS_GEM_VERSION = '2.3.18' unless defined? RAILS_GEM_VERSION
-
-# Bootstrap the Rails environment, frameworks, and default configuration
-require File.join(File.dirname(__FILE__), 'boot')
-
-# MySociety specific helper functions
-$:.push(File.join(File.dirname(__FILE__), '../commonlib/rblib'))
-# ... if these fail to include, you need the commonlib submodule from git
-# (type "git submodule update --init" in the whatdotheyknow directory)
-
-$:.unshift(File.join(File.dirname(__FILE__), '../vendor/plugins/globalize2/lib'))
-
-load "validate.rb"
-load "config.rb"
-load "format.rb"
-load "debug_helpers.rb"
-load "util.rb"
-# Patch Rails::GemDependency to cope with older versions of rubygems, e.g. in Debian Lenny
-# Restores override removed in https://github.com/rails/rails/commit/c20a4d18e36a13b5eea3155beba36bb582c0cc87
-# without effecting method behaviour
-# and adds fallback gem call removed in https://github.com/rails/rails/commit/4c3725723f15fab0a424cb1318b82b460714b72f
-require File.join(File.dirname(__FILE__), '../lib/old_rubygems_patch')
-require 'configuration'
-
-# Application version
-ALAVETELI_VERSION = '0.9'
-
-Rails::Initializer.run do |config|
-  # Load intial mySociety config
-  if ENV["RAILS_ENV"] == "test"
-      MySociety::Config.set_file(File.join(config.root_path, 'config', 'test'), true)
-  else
-      MySociety::Config.set_file(File.join(config.root_path, 'config', 'general'), true)
-  end
-  MySociety::Config.load_default
-
-  # Settings in config/environments/* take precedence over those specified here
-
-  # Skip frameworks you're not going to use (only works if using vendor/rails)
-  # config.frameworks -= [ :action_web_service, :action_mailer ]
-
-  # Only load the plugins named here, by default all plugins in vendor/plugins are loaded
-  # config.plugins = %W( exception_notification ssl_requirement )
-
-  # Add additional load paths for your own custom dirs
-  # config.load_paths += %W( #{Rails.root}/extras )
-
-  # Force all environments to use the same logger level
-  # (by default production uses :info, the others :debug)
-  # TEMP: uncomment this to turn on logging in production environments
-  # config.log_level = :debug
-  #
-  # Specify gems that this application depends on and have them installed with rake gems:install
-  #GettextI18nRails.translations_are_html_safe = true
-
-  # Use SQL instead of Active Record's schema dumper when creating the test database.
-  # This is necessary if your schema can't be completely dumped by the schema dumper,
-  # like if you have constraints or database-specific column types
-  config.active_record.schema_format = :sql
-
-  # Activate observers that should always be running
-  # config.active_record.observers = :cacher, :garbage_collector
-
-  # Make Active Record use UTC-base instead of local time
-  config.active_record.default_timezone = :utc
-
-  # This is the timezone that times and dates are displayed in
-  # Note that having set a zone, the Active Record
-  # time_zone_aware_attributes flag is on, so times from models
-  # will be in this time zone
-  config.time_zone = Configuration::time_zone
-
-  config.after_initialize do
-     require 'routing_filters.rb'
-  end
-
-  config.autoload_paths << "#{RAILS_ROOT}/lib/mail_handler"
-
-  # See Rails::Configuration for more options
-  ENV['RECAPTCHA_PUBLIC_KEY'] = Configuration::recaptcha_public_key
-  ENV['RECAPTCHA_PRIVATE_KEY'] = Configuration::recaptcha_private_key
-end
-
-# Add new inflection rules using the following format
-# (all these examples are active by default):
-# Inflector.inflections do |inflect|
-#   inflect.plural /^(ox)$/i, '\1en'
-#   inflect.singular /^(ox)en/i, '\1'
-#   inflect.irregular 'person', 'people'
-#   inflect.uncountable %w( fish sheep )
-# end
-
-# Add new mime types for use in respond_to blocks:
-# Mime::Type.register "text/richtext", :rtf
-# Mime::Type.register "application/x-mobile", :mobile
-
-# Domain for URLs (so can work for scripts, not just web pages)
-ActionMailer::Base.default_url_options[:host] = Configuration::domain
-if Configuration::force_ssl
-  ActionMailer::Base.default_url_options[:protocol] = "https"
-end
-
-# fallback locale and available locales
-available_locales = Configuration::available_locales.split(/ /)
-default_locale = Configuration::default_locale
-
-FastGettext.default_available_locales = available_locales
-I18n.locale = default_locale
-I18n.available_locales = available_locales.map {|locale_name| locale_name.to_sym}
-I18n.default_locale = default_locale
-
-# Customise will_paginate URL generation
-WillPaginate::ViewHelpers.pagination_options[:renderer] = 'WillPaginateExtension::LinkRenderer'
-
-# Load monkey patches and other things from lib/
-require 'ruby19.rb'
-require 'activesupport_cache_extensions.rb'
-require 'timezone_fixes.rb'
-require 'use_spans_for_errors.rb'
-require 'activerecord_errors_extensions.rb'
-require 'willpaginate_extension.rb'
-require 'sendmail_return_path.rb'
-require 'i18n_fixes.rb'
-require 'rack_quote_monkeypatch.rb'
-require 'world_foi_websites.rb'
-require 'alaveteli_external_command.rb'
-require 'quiet_opener.rb'
-require 'mail_handler'
-require "cookie_store_with_line_break_fix"
-
-if !Configuration.exception_notifications_from.blank? && !Configuration.exception_notifications_to.blank?
-  ExceptionNotification::Notifier.sender_address = Configuration::exception_notifications_from
-  ExceptionNotification::Notifier.exception_recipients = Configuration::exception_notifications_to
-end
+# Initialize the rails application
+Alaveteli::Application.initialize!
diff --git a/config/environments/development.rb b/config/environments/development.rb
index c43cdb049..54ab2977f 100644
--- a/config/environments/development.rb
+++ b/config/environments/development.rb
@@ -1,29 +1,30 @@
-# Settings specified here will take precedence over those in config/environment.rb
+Alaveteli::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
 
-config.log_level = :info
+  # In the development environment your application's code is reloaded on
+  # every request.  This slows down response time but is perfect for development
+  # since you don't have to restart the webserver when you make code changes.
+  config.cache_classes = false
 
-# In the development environment your application's code is reloaded on
-# every request.  This slows down response time but is perfect for development
-# since you don't have to restart the webserver when you make code changes.
-config.cache_classes = false
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
 
-# Log error messages when you accidentally call methods on nil.
-config.whiny_nils = true
+  # Show full error reports and disable caching
+  config.consider_all_requests_local = true
+  config.action_controller.perform_caching = false
 
-# Show full error reports and disable caching
-config.action_controller.consider_all_requests_local = true
-config.action_controller.perform_caching             = false
-config.action_view.debug_rjs                         = true
+  # Don't care if the mailer can't send
+  config.action_mailer.raise_delivery_errors = false
+  config.action_mailer.perform_deliveries = true
+  # Use mailcatcher in development
+  config.action_mailer.delivery_method = :smtp # so is queued, rather than giving immediate errors
+  config.action_mailer.smtp_settings = { :address => "localhost", :port => 1025 }
 
-# Don't care if the mailer can't send
-config.action_mailer.raise_delivery_errors = false
-config.action_mailer.perform_deliveries = true
-# Use mailcatcher in development
-config.action_mailer.delivery_method = :smtp # so is queued, rather than giving immediate errors
-config.action_mailer.smtp_settings = { :address => "localhost", :port => 1025 }
+  # Writes useful log files to debug memory leaks, of the sort where have
+  # unintentionally kept references to objects, especially strings.
+  # require 'memory_profiler'
+  # MemoryProfiler.start :string_debug => true, :delay => 10
 
-
-# Writes useful log files to debug memory leaks, of the sort where have
-# unintentionally kept references to objects, especially strings.
-# require 'memory_profiler'
-# MemoryProfiler.start :string_debug => true, :delay => 10
+  # Print deprecation notices to the Rails logger
+  config.active_support.deprecation = :log
+end
diff --git a/config/environments/production.rb b/config/environments/production.rb
index 097944196..0c1929366 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -1,26 +1,34 @@
-# Settings specified here will take precedence over those in config/environment.rb
+Alaveteli::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
 
-# The production environment is meant for finished, "live" apps.
-# Code is not reloaded between requests
-config.cache_classes = true
+  # The production environment is meant for finished, "live" apps.
+  # Code is not reloaded between requests
+  config.cache_classes = true
 
-# Use a different logger for distributed setups
-# config.logger = SyslogLogger.new
+  # Use a different logger for distributed setups
+  # config.logger = SyslogLogger.new
 
-# Full error reports are disabled and caching is turned on
-config.action_controller.consider_all_requests_local = false
-config.action_controller.perform_caching             = true
+  # Full error reports are disabled and caching is turned on
+  config.consider_all_requests_local = false
+  config.action_controller.perform_caching = true
 
-# Enable serving of images, stylesheets, and javascripts from an asset server
-# config.action_controller.asset_host                  = "http://assets.example.com"
+  # Enable serving of images, stylesheets, and javascripts from an asset server
+  # config.action_controller.asset_host                  = "http://assets.example.com"
 
-# Disable delivery errors, bad email addresses will be ignored
-# config.action_mailer.raise_delivery_errors = false
-config.action_mailer.delivery_method = :sendmail # so is queued, rather than giving immediate errors
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+  config.action_mailer.delivery_method = :sendmail # so is queued, rather than giving immediate errors
 
-require 'rack/ssl'
-if ::Configuration::force_ssl
-  config.middleware.insert_after ActionController::Failsafe, ::Rack::SSL
-  # For Rails 3.x this will need to change to
-  #config.middleware.insert_before ActionDispatch::Cookies, ::Rack::SSL
+  config.active_support.deprecation = :notify
+
+  if !AlaveteliConfiguration.exception_notifications_from.blank? && !AlaveteliConfiguration.exception_notifications_to.blank?
+    middleware.use ExceptionNotifier,
+      :sender_address => AlaveteliConfiguration::exception_notifications_from,
+      :exception_recipients => AlaveteliConfiguration::exception_notifications_to
+  end
+
+  require 'rack/ssl'
+  if AlaveteliConfiguration::force_ssl
+    config.middleware.insert_before ActionDispatch::Cookies, ::Rack::SSL
+  end
 end
diff --git a/config/environments/staging.rb b/config/environments/staging.rb
index 84a8f5965..0bb0db71a 100644
--- a/config/environments/staging.rb
+++ b/config/environments/staging.rb
@@ -1,19 +1,21 @@
-# Settings specified here will take precedence over those in config/environment.rb
+Alaveteli::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
 
-# The production environment is meant for finished, "live" apps.
-# Code is not reloaded between requests
-config.cache_classes = true
+  # The production environment is meant for finished, "live" apps.
+  # Code is not reloaded between requests
+  config.cache_classes = true
 
-# Use a different logger for distributed setups
-# config.logger = SyslogLogger.new
+  # Use a different logger for distributed setups
+  # config.logger = SyslogLogger.new
 
-# Full error reports are disabled and caching is turned on
-config.action_controller.consider_all_requests_local = false
-config.action_controller.perform_caching             = true
+  # Full error reports are disabled and caching is turned on
+  config.action_controller.consider_all_requests_local = false
+  config.action_controller.perform_caching             = true
 
-# Enable serving of images, stylesheets, and javascripts from an asset server
-# config.action_controller.asset_host                  = "http://assets.example.com"
+  # Enable serving of images, stylesheets, and javascripts from an asset server
+  # config.action_controller.asset_host                  = "http://assets.example.com"
 
-# Disable delivery errors, bad email addresses will be ignored
-# config.action_mailer.raise_delivery_errors = false
-config.action_mailer.delivery_method = :sendmail # so is queued, rather than giving immediate errors
+  # Disable delivery errors, bad email addresses will be ignored
+  # config.action_mailer.raise_delivery_errors = false
+  config.action_mailer.delivery_method = :sendmail # so is queued, rather than giving immediate errors
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
index 784ea18d3..df39e8873 100644
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -1,25 +1,27 @@
-# Settings specified here will take precedence over those in config/environment.rb
+Alaveteli::Application.configure do
+  # Settings specified here will take precedence over those in config/environment.rb
 
-require 'patches/fixtures_constraint_disabling'
+  # The test environment is used exclusively to run your application's
+  # test suite.  You never need to work with it otherwise.  Remember that
+  # your test database is "scratch space" for the test suite and is wiped
+  # and recreated between test runs.  Don't rely on the data there!
+  config.cache_classes = true
 
-# The test environment is used exclusively to run your application's
-# test suite.  You never need to work with it otherwise.  Remember that
-# your test database is "scratch space" for the test suite and is wiped
-# and recreated between test runs.  Don't rely on the data there!
-config.cache_classes = true
+  # Log error messages when you accidentally call methods on nil.
+  config.whiny_nils = true
 
-# Log error messages when you accidentally call methods on nil.
-config.whiny_nils = true
+  # Show full error reports and disable caching
+  config.consider_all_requests_local = true
+  config.action_controller.perform_caching = false
 
-# Show full error reports and disable caching
-config.action_controller.consider_all_requests_local = true
-config.action_controller.perform_caching             = false
+  # Tell ActionMailer not to deliver emails to the real world.
+  # The :test delivery method accumulates sent emails in the
+  # ActionMailer::Base.deliveries array.
+  config.action_mailer.delivery_method = :test
 
-# Tell ActionMailer not to deliver emails to the real world.
-# The :test delivery method accumulates sent emails in the
-# ActionMailer::Base.deliveries array.
-config.action_mailer.delivery_method = :test
-
-# Disable request forgery protection in test environment 
-config.action_controller.allow_forgery_protection    = false
+  # Disable request forgery protection in test environment
+  config.action_controller.allow_forgery_protection = false
 
+  # Print deprecation notices to the stderr
+  config.active_support.deprecation = :stderr
+end
diff --git a/config/httpd.conf b/config/httpd.conf
index acf37d97c..e468a1e96 100644
--- a/config/httpd.conf
+++ b/config/httpd.conf
@@ -4,7 +4,7 @@
 # Ruby on Rails application.
 #
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
-# Email: francis@mysociety.org; WWW: http://www.mysociety.org
+# Email: hello@mysociety.org; WWW: http://www.mysociety.org
 
 # This is needed for the PHP spell checker
 <Location /fcgi>
diff --git a/config/initializers/alaveteli.rb b/config/initializers/alaveteli.rb
new file mode 100644
index 000000000..35d486837
--- /dev/null
+++ b/config/initializers/alaveteli.rb
@@ -0,0 +1,61 @@
+# MySociety specific helper functions
+$:.push(File.join(File.dirname(__FILE__), '../../commonlib/rblib'))
+# ... if these fail to include, you need the commonlib submodule from git
+# (type "git submodule update --init" in the whatdotheyknow directory)
+
+load "validate.rb"
+load "config.rb"
+load "format.rb"
+load "debug_helpers.rb"
+load "util.rb"
+
+# Application version
+ALAVETELI_VERSION = '0.10'
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register "application/x-mobile", :mobile
+
+# The Rails cache is set up by the Interlock plugin to use memcached
+
+# Domain for URLs (so can work for scripts, not just web pages)
+ActionMailer::Base.default_url_options[:host] = AlaveteliConfiguration::domain
+# https links in emails if forcing SSL
+if AlaveteliConfiguration::force_ssl
+  ActionMailer::Base.default_url_options[:protocol] = "https"
+end
+
+# fallback locale and available locales
+available_locales = AlaveteliConfiguration::available_locales.split(/ /)
+default_locale = AlaveteliConfiguration::default_locale
+
+FastGettext.default_available_locales = available_locales
+I18n.locale = default_locale
+I18n.available_locales = available_locales.map {|locale_name| locale_name.to_sym}
+I18n.default_locale = default_locale
+
+# Customise will_paginate URL generation
+WillPaginate::ViewHelpers.pagination_options[:renderer] = 'WillPaginateExtension::LinkRenderer'
+
+# Load monkey patches and other things from lib/
+require 'ruby19.rb'
+require 'activesupport_cache_extensions.rb'
+require 'use_spans_for_errors.rb'
+require 'activerecord_errors_extensions.rb'
+require 'willpaginate_extension.rb'
+require 'i18n_fixes.rb'
+require 'world_foi_websites.rb'
+require 'alaveteli_external_command.rb'
+require 'quiet_opener.rb'
+require 'mail_handler'
+require 'public_body_categories'
+require 'ability'
diff --git a/config/initializers/backtrace_silencers.rb b/config/initializers/backtrace_silencers.rb
new file mode 100644
index 000000000..59385cdf3
--- /dev/null
+++ b/config/initializers/backtrace_silencers.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# You can add backtrace silencers for libraries that you're using but don't wish to see in your backtraces.
+# Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
+
+# You can also remove all the silencers if you're trying to debug a problem that might stem from framework code.
+# Rails.backtrace_cleaner.remove_silencers!
diff --git a/config/initializers/fast_gettext.rb b/config/initializers/fast_gettext.rb
index 1cd6440e4..752448a41 100644
--- a/config/initializers/fast_gettext.rb
+++ b/config/initializers/fast_gettext.rb
@@ -3,4 +3,4 @@ FastGettext.default_text_domain = 'app'
 
 I18n::Backend::Simple.send(:include, I18n::Backend::Fallbacks)
 
-RoutingFilter::Locale.include_default_locale = Configuration::include_default_locale_in_urls
\ No newline at end of file
+RoutingFilter::Locale.include_default_locale = AlaveteliConfiguration::include_default_locale_in_urls
diff --git a/config/initializers/gettext_i18n_rails.rb b/config/initializers/gettext_i18n_rails.rb
new file mode 100644
index 000000000..ef306682b
--- /dev/null
+++ b/config/initializers/gettext_i18n_rails.rb
@@ -0,0 +1,3 @@
+# FIXME: Audit the translations for XSS opportunities. Ultimately it would be
+# good to get rid of this and explicitly mark strings as html_safe
+GettextI18nRails.translations_are_html_safe = true
diff --git a/config/initializers/inflections.rb b/config/initializers/inflections.rb
new file mode 100644
index 000000000..9e8b0131f
--- /dev/null
+++ b/config/initializers/inflections.rb
@@ -0,0 +1,10 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new inflection rules using the following format
+# (all these examples are active by default):
+# ActiveSupport::Inflector.inflections do |inflect|
+#   inflect.plural /^(ox)$/i, '\1en'
+#   inflect.singular /^(ox)en/i, '\1'
+#   inflect.irregular 'person', 'people'
+#   inflect.uncountable %w( fish sheep )
+# end
diff --git a/config/initializers/mime_types.rb b/config/initializers/mime_types.rb
new file mode 100644
index 000000000..72aca7e44
--- /dev/null
+++ b/config/initializers/mime_types.rb
@@ -0,0 +1,5 @@
+# Be sure to restart your server when you modify this file.
+
+# Add new mime types for use in respond_to blocks:
+# Mime::Type.register "text/richtext", :rtf
+# Mime::Type.register_alias "text/html", :iphone
diff --git a/config/initializers/secret_token.rb b/config/initializers/secret_token.rb
new file mode 100644
index 000000000..f82348169
--- /dev/null
+++ b/config/initializers/secret_token.rb
@@ -0,0 +1,7 @@
+# Be sure to restart your server when you modify this file.
+
+# Your secret key for verifying the integrity of signed cookies.
+# If you change this key, all old signed cookies will become invalid!
+# Make sure the secret is at least 30 characters and all random,
+# no regular words or you'll be exposed to dictionary attacks.
+Alaveteli::Application.config.secret_token = AlaveteliConfiguration::cookie_store_session_secret
diff --git a/config/initializers/session_store.rb b/config/initializers/session_store.rb
index 8cfa333f2..ca283d4e0 100644
--- a/config/initializers/session_store.rb
+++ b/config/initializers/session_store.rb
@@ -1,17 +1,2 @@
 # Be sure to restart your server when you modify this file.
-
-# Your secret key for verifying cookie session data integrity.
-# If you change this key, all old sessions will become invalid!
-# Make sure the secret is at least 30 characters and all random,
-# no regular words or you'll be exposed to dictionary attacks.
-
-ActionController::Base.session = {
-  :key => '_wdtk_cookie_session',
-  :secret => Configuration::cookie_store_session_secret
-}
-ActionController::Base.session_store = :cookie_store
-
-# Insert a bit of middleware code to prevent uneeded cookie setting.
-require "#{Rails.root}/lib/whatdotheyknow/strip_empty_sessions"
-ActionController::Dispatcher.middleware.insert_before ActionController::Base.session_store, WhatDoTheyKnow::StripEmptySessions, :key => '_wdtk_cookie_session', :path => "/", :httponly => true
-
+Rails.application.config.session_store :cookie_store, :key => '_wdtk_cookie_session'
diff --git a/config/initializers/single_quote_escape_workaround.rb b/config/initializers/single_quote_escape_workaround.rb
deleted file mode 100644
index 2e713b982..000000000
--- a/config/initializers/single_quote_escape_workaround.rb
+++ /dev/null
@@ -1,31 +0,0 @@
-class ERB

-  module Util

-

-    if "html_safe exists".respond_to?(:html_safe)

-      def html_escape(s)

-        s = s.to_s

-        if s.html_safe?

-          s

-        else

-          Rack::Utils.escape_html(s).html_safe

-        end

-      end

-    else

-      def html_escape(s)

-        s = s.to_s

-        Rack::Utils.escape_html(s).html_safe

-      end

-    end

-

-    remove_method :h

-    alias h html_escape

-

-    class << self

-      remove_method :html_escape

-      remove_method :h

-    end

-

-    module_function :html_escape

-    module_function :h

-  end

-end

diff --git a/config/initializers/strip_nil_parameters_patch.rb b/config/initializers/strip_nil_parameters_patch.rb
deleted file mode 100644
index 35d0a28c5..000000000
--- a/config/initializers/strip_nil_parameters_patch.rb
+++ /dev/null
@@ -1,51 +0,0 @@
-# Stolen from https://raw.github.com/mysociety/fixmytransport/fa9b014eb2628c300693e055f129cb8959772082/config/initializers/strip_nil_parameters_patch.rb
-
-# Monkey patch for CVE-2012-2660 on Rails 2.3.14
-
-# Strip [nil] from parameters hash
-# based on a pull request from @sebbacon
-# https://github.com/rails/rails/pull/6580
-
-module ActionController
-  class Request < Rack::Request
-    protected
-      def deep_munge(hash)
-        hash.each_value do |v|
-          case v
-          when Array
-            v.grep(Hash) { |x| deep_munge(x) }
-          when Hash
-            deep_munge(v)
-          end
-        end
-
-        keys = hash.keys.find_all { |k| hash[k] == [nil] }
-        keys.each { |k| hash[k] = nil }
-        hash
-      end
-
-    private
-
-      def normalize_parameters(value)
-        case value
-        when Hash
-          if value.has_key?(:tempfile)
-            upload = value[:tempfile]
-            upload.extend(UploadedFile)
-            upload.original_path = value[:filename]
-            upload.content_type = value[:type]
-            upload
-          else
-            h = {}
-            value.each { |k, v| h[k] = normalize_parameters(v) }
-            deep_munge(h.with_indifferent_access)
-          end
-        when Array
-          value.map { |e| normalize_parameters(e) }
-        else
-          value
-        end
-      end
-
-  end
-end
diff --git a/config/initializers/theme_loader.rb b/config/initializers/theme_loader.rb
index 877149e9d..4c8967c97 100644
--- a/config/initializers/theme_loader.rb
+++ b/config/initializers/theme_loader.rb
@@ -3,7 +3,7 @@
 $alaveteli_route_extensions = []
 
 if ENV["RAILS_ENV"] != "test" # Don't let the themes interfere with Alaveteli specs
-    for url in Configuration::theme_urls.reverse
+    for url in AlaveteliConfiguration::theme_urls.reverse
         theme_name = url.sub(/.*\/(.*).git/, "\\1")
         theme_main_include = File.expand_path "../../../vendor/plugins/#{theme_name}/lib/alavetelitheme.rb", __FILE__
         if File.exists? theme_main_include
diff --git a/config/routes.rb b/config/routes.rb
index 15e62bc53..10f6a3284 100644
--- a/config/routes.rb
+++ b/config/routes.rb
@@ -2,254 +2,244 @@
 # Mapping URLs to controllers for FOIFA.
 #
 # Copyright (c) 2007 UK Citizens Online Democracy. All rights reserved.
-# Email: francis@mysociety.org; WWW: http://www.mysociety.org/
+# Email: hello@mysociety.org; WWW: http://www.mysociety.org/
 
 # Allow easy extension from themes. Note these will have the highest priority.
 $alaveteli_route_extensions.each do |f|
     load File.join('config', f)
 end
 
-ActionController::Routing::Routes.draw do |map|
-
-    # The priority is based upon order of creation: first created -> highest priority.
-
-    # Sample of regular route:
-    # map.connect 'products/:id', :controller => 'catalog', :action => 'view'
-    # Keep in mind you can assign values other than :controller and :action
-
-    map.with_options :controller => 'general' do |general|
-        general.frontpage           '/',            :action => 'frontpage'
-        general.blog '/blog', :action => 'blog'
-        general.custom_css '/stylesheets/custom.css', :action => 'custom_css'
-        general.search_redirect '/search',      :action => 'search_redirect'
-        general.search_redirect '/search/all',      :action => 'search_redirect'
-        # XXX combined is the search query, and then if sorted a "/newest" at the end.
-        # Couldn't find a way to do this in routes which also picked up multiple other slashes
-        # and dots and other characters that can appear in search query. So we sort it all
-        # out in the controller.
-        general.search_general '/search/*combined/all', :action => 'search', :view => 'all'
-        general.search_general '/search/*combined', :action => 'search'
-        general.advanced_search '/advancedsearch', :action => 'search_redirect', :advanced => true
-
-        general.random_request '/random', :action => 'random_request'
-    end
-
-    map.with_options :controller => 'request' do |request|
-        request.request_list_recent   '/list/recent',        :action => 'list', :view => 'recent'
-        request.request_list_all   '/list/all',        :action => 'list', :view => 'all'
-        request.request_list_successful   '/list/successful',        :action => 'list', :view => 'successful'
-        request.request_list_unsuccessful   '/list/unsuccessful',        :action => 'list', :view => 'unsuccessful'
-        request.request_list_awaiting   '/list/awaiting',        :action => 'list', :view => 'awaiting'
-        request.request_list   '/list',        :action => 'list'
-
-        request.select_authority     '/select_authority',     :action => 'select_authority'
-
-        request.new_request    '/new',         :action => 'new'
-        request.new_request_to_body    '/new/:url_name',         :action => 'new'
-
-        request.search_ahead '/request/search_ahead',      :action => 'search_typeahead'
-
-        request.show_request     '/request/:url_title.:format', :action => 'show'
-        request.show_new_request     '/request/:url_title/new', :action => 'show'
-        request.details_request     '/details/request/:url_title', :action => 'details'
-        request.similar_request     '/similar/request/:url_title', :action => 'similar'
-
-        request.describe_state   '/request/:id/describe', :action => 'describe_state'
-        request.describe_state_message   '/request/:url_title/describe/:described_state', :action => 'describe_state_message'
-        request.show_response_no_followup    '/request/:id/response', :action => 'show_response'
-        request.show_response    '/request/:id/response/:incoming_message_id', :action => 'show_response'
-        request.get_attachment_as_html   '/request/:id/response/:incoming_message_id/attach/html/:part/*file_name', :action => 'get_attachment_as_html'
-        request.get_attachment   '/request/:id/response/:incoming_message_id/attach/:part/*file_name', :action => 'get_attachment'
-
-        request.info_request_event '/request_event/:info_request_event_id', :action => 'show_request_event'
-
-        request.upload_response "/upload/request/:url_title", :action => 'upload_response'
-        request.download_entire_request '/request/:url_title/download',      :action => 'download_entire_request'
-
-        # It would be nice to add :conditions => { :method => :post } to this next one,
-        # because it ought not really to be available as a GET request since it changes
-        # the server state. Unfortunately this doesn’t play well with the PostRedirect
-        # mechanism, which assumes all post-login actions are available via GET, so we
-        # refrain.
-        request.report '/request/:url_title/report', :action => 'report_request'
-
-    end
-
+Alaveteli::Application.routes.draw do
+    #### General contoller
+    match '/' => 'general#frontpage', :as => :frontpage
+    match '/blog' => 'general#blog', :as => :blog
+    match '/stylesheets/custom.css' => 'general#custom_css', :as => :custom_css
+    match '/search' => 'general#search_redirect', :as => :search_redirect
+    match '/search/all' => 'general#search_redirect', :as => :search_redirect
+    # XXX combined is the search query, and then if sorted a "/newest" at the end.
+    # Couldn't find a way to do this in routes which also picked up multiple other slashes
+    # and dots and other characters that can appear in search query. So we sort it all
+    # out in the controller.
+    match '/search/*combined/all' => 'general#search', :as => :search_general, :view => 'all'
+    match '/search(/*combined)' => 'general#search', :as => :search_general
+    match '/advancedsearch' => 'general#search_redirect', :as => :advanced_search, :advanced => true
+
+    match '/random' => 'general#random_request', :as => :random_request
+    #####
+
+    ##### Request controller
+    match '/list/recent' => 'request#list', :as => :request_list_recent, :view => 'recent'
+    match '/list/all' => 'request#list', :as => :request_list_all, :view => 'all'
+    match '/list/successful' => 'request#list', :as => :request_list_successful, :view => 'successful'
+    match '/list/unsuccessful' => 'request#list', :as => :request_list_unsuccessful, :view => 'unsuccessful'
+    match '/list/awaiting' => 'request#list', :as => :request_list_awaiting, :view => 'awaiting'
+    match '/list' => 'request#list', :as => :request_list
+
+    match '/select_authority' => 'request#select_authority', :as => :select_authority
+
+    match '/new' => 'request#new', :as => :new_request
+    match '/new/:url_name' => 'request#new', :as => :new_request_to_body
+
+    match '/request/search_ahead' => 'request#search_typeahead', :as => :search_ahead
+
+    match '/request/:url_title' => 'request#show', :as => :show_request
+    match '/request/:url_title/new' => 'request#show', :as => :show_new_request
+    match '/details/request/:url_title' => 'request#details', :as => :details_request
+    match '/similar/request/:url_title' => 'request#similar', :as => :similar_request
+
+    match '/request/:id/describe' => 'request#describe_state', :as => :describe_state
+    match '/request/:url_title/describe/:described_state' => 'request#describe_state_message', :as => :describe_state_message
+    match '/request/:id/response' => 'request#show_response', :as => :show_response_no_followup
+    match '/request/:id/response/:incoming_message_id' => 'request#show_response', :as => :show_response
+    match '/request/:id/response/:incoming_message_id/attach/html/:part/*file_name' => 'request#get_attachment_as_html', :as => :get_attachment_as_html
+    match '/request/:id/response/:incoming_message_id/attach/:part(/*file_name)' => 'request#get_attachment', :as => :get_attachment
+
+    match '/request_event/:info_request_event_id' => 'request#show_request_event', :as => :info_request_event
+
+    match '/upload/request/:url_title' => 'request#upload_response', :as => :upload_response
+    match '/request/:url_title/download' => 'request#download_entire_request', :as => :download_entire_request
+
+    # It would be nice to add :conditions => { :method => :post } to this next one,
+    # because it ought not really to be available as a GET request since it changes
+    # the server state. Unfortunately this doesn’t play well with the PostRedirect
+    # mechanism, which assumes all post-login actions are available via GET, so we
+    # refrain.
+    match '/request/:url_title/report' => 'request#report_request', :as => :report
+    ####
+
+    #### User controller
     # Use /profile for things to do with the currently signed in user.
     # Use /user/XXXX for things that anyone can see about that user.
     # Note that /profile isn't indexed by search (see robots.txt)
-    map.with_options :controller => 'user' do |user|
-        user.signin '/profile/sign_in',        :action => 'signin'
-        user.signup '/profile/sign_up',        :action => 'signup'
-        user.signout '/profile/sign_out',      :action => 'signout'
-
-        user.confirm '/c/:email_token', :action => 'confirm'
-        user.show_user '/user/:url_name.:format', :action => 'show'
-        user.show_user_profile '/user/:url_name/profile.:format', :action => 'show', :view => 'profile'
-        user.show_user_requests '/user/:url_name/requests.:format', :action => 'show', :view => 'requests'
-        user.show_user_wall '/user/:url_name/wall.:format', :action => 'wall'
-        user.contact_user '/user/contact/:id', :action => 'contact'
-
-        user.signchangepassword '/profile/change_password',      :action => 'signchangepassword'
-        user.signchangeemail '/profile/change_email',      :action => 'signchangeemail'
-
-        user.set_profile_photo '/profile/set_photo', :action => 'set_profile_photo'
-        user.clear_profile_photo '/profile/clear_photo', :action => 'clear_profile_photo'
-        user.get_profile_photo '/user/:url_name/photo.png', :action => 'get_profile_photo'
-        user.get_draft_profile_photo '/profile/draft_photo/:id.png', :action => 'get_draft_profile_photo'
-        user.set_profile_about_me '/profile/set_about_me', :action => 'set_profile_about_me'
-        user.set_receive_email_alerts '/profile/set_receive_alerts', :action => 'set_receive_email_alerts'
-        user.river '/profile/river', :action => 'river'
-    end
-
-    map.with_options :controller => 'public_body' do |body|
-        body.search_ahead_bodies '/body/search_ahead',      :action => 'search_typeahead'
-        body.list_public_bodies "/body", :action => 'list'
-        body.list_public_bodies_default "/body/list/all", :action => 'list'
-        body.list_public_bodies "/body/list/:tag", :action => 'list'
-        body.list_public_bodies_redirect "/local/:tag", :action => 'list_redirect'
-        body.all_public_bodies_csv "/body/all-authorities.csv", :action => 'list_all_csv'
-        body.show_public_body "/body/:url_name.:format", :action => 'show', :view => 'all'
-        body.show_public_body_all "/body/:url_name/all", :action => 'show', :view => 'all'
-        body.show_public_body_successful "/body/:url_name/successful", :action => 'show', :view => "successful"
-        body.show_public_body_unsuccessful "/body/:url_name/unsuccessful", :action => 'show', :view => "unsuccessful"
-        body.show_public_body_awaiting "/body/:url_name/awaiting", :action => 'show', :view => "awaiting"
-        body.view_public_body_email "/body/:url_name/view_email", :action => 'view_email'
-        body.show_public_body_tag "/body/:url_name/:tag", :action => 'show'
-        body.show_public_body_tag_view "/body/:url_name/:tag/:view", :action => 'show'
-    end
-
-    map.with_options :controller => 'comment' do |comment|
-        comment.new_comment "/annotate/request/:url_title", :action => 'new', :type => 'request'
-    end
-
-    map.with_options :controller => 'services' do |service|
-        service.other_country_message "/country_message", :action => 'other_country_message'
-        service.hidden_user_explanation "/hidden_user_explanation", :action => 'hidden_user_explanation'
-    end
-
-    map.with_options :controller => 'track' do |track|
-        # /track/ is for setting up an email alert for the item
-        # /feed/ is a direct RSS feed of the item
-        track.track_request '/:feed/request/:url_title.:format', :action => 'track_request', :feed => /(track|feed)/
-        track.track_list '/:feed/list/:view.:format', :action => 'track_list', :view => nil, :feed => /(track|feed)/
-        track.track_public_body "/:feed/body/:url_name.:format", :action => 'track_public_body', :feed => /(track|feed)/
-        track.track_user "/:feed/user/:url_name.:format", :action => 'track_user', :feed => /(track|feed)/
-        # XXX must be better way of getting dots and slashes in search queries to work than this *query_array
-        # Also, the :format doesn't work. See hacky code in the controller that makes up for this.
-        track.track_search "/:feed/search/*query_array.:format", :action => 'track_search_query' , :feed => /(track|feed)/
-
-        track.update '/track/update/:track_id', :action => 'update'
-        track.delete_all_type '/track/delete_all_type', :action => 'delete_all_type'
-        track.atom_feed '/track/feed/:track_id', :action => 'atom_feed'
-    end
-
-    map.with_options :controller => 'help' do |help|
-      help.help_unhappy '/help/unhappy/:url_title', :action => 'unhappy'
-      help.help_about '/help/about', :action => 'about'
-      help.help_alaveteli '/help/alaveteli', :action => 'alaveteli'
-      help.help_contact '/help/contact', :action => 'contact'
-      help.help_officers '/help/officers', :action => 'officers'
-      help.help_requesting '/help/requesting', :action => 'requesting'
-      help.help_privacy '/help/privacy', :action => 'privacy'
-      help.help_api '/help/api', :action => 'api'
-      help.help_credits '/help/credits', :action => 'credits'
-      help.help_general '/help/:action', :action => :action
-    end
-
-    map.with_options :controller => 'holiday' do |holiday|
-        holiday.due_date "/due_date/:holiday", :action => 'due_date'
-    end
-
-    map.with_options :controller => 'request_game' do |game|
-        game.categorise_play '/categorise/play', :action => 'play'
-        game.categorise_request '/categorise/request/:url_title', :action => 'show'
-        game.categorise_stop '/categorise/stop', :action => 'stop'
-    end
-
-    map.with_options :controller => 'admin_public_body' do |body|
-        body.admin_body_missing '/admin/missing_scheme', :action => 'missing_scheme'
-        body.admin_body_index '/admin/body', :action => 'index'
-        body.admin_body_list '/admin/body/list', :action => 'list'
-        body.admin_body_show '/admin/body/show/:id', :action => 'show'
-        body.admin_body_new '/admin/body/new', :action => 'new'
-        body.admin_body_edit '/admin/body/edit/:id', :action => 'edit'
-        body.admin_body_update '/admin/body/update/:id', :action => 'update'
-        body.admin_body_create '/admin/body/create', :action => 'create'
-        body.admin_body_destroy '/admin/body/destroy/:id', :action => 'destroy'
-        body.admin_body_import_csv '/admin/body/import_csv', :action => 'import_csv'
-        body.admin_body_mass_tag_add '/admin/body/mass_tag_add', :action => 'mass_tag_add'
-    end
-
-    map.with_options :controller => 'admin_general' do |admin|
-        admin.admin_general_index '/admin', :action => 'index'
-        admin.admin_timeline '/admin/timeline', :action => 'timeline'
-        admin.admin_debug '/admin/debug', :action => 'debug'
-        admin.admin_stats '/admin/stats', :action => 'stats'
-        admin.admin_js '/admin/javascripts/admin.js', :action => 'admin_js'
-    end
-
-    map.with_options :controller => 'admin_request' do |admin|
-        admin.admin_request_index '/admin/request', :action => 'index'
-        admin.admin_request_list '/admin/request/list', :action => 'list'
-        admin.admin_request_show '/admin/request/show/:id', :action => 'show'
-        admin.admin_request_resend '/admin/request/resend', :action => 'resend'
-        admin.admin_request_edit '/admin/request/edit/:id', :action => 'edit'
-        admin.admin_request_update '/admin/request/update/:id', :action => 'update'
-        admin.admin_request_destroy '/admin/request/destroy/:id', :action => 'fully_destroy'
-        admin.admin_request_edit_outgoing '/admin/request/edit_outgoing/:id', :action => 'edit_outgoing'
-        admin.admin_request_destroy_outgoing '/admin/request/destroy_outgoing', :action => 'destroy_outgoing'
-        admin.admin_request_update_outgoing '/admin/request/update_outgoing/:id', :action => 'update_outgoing'
-        admin.admin_request_edit_comment '/admin/request/edit_comment/:id', :action => 'edit_comment'
-        admin.admin_request_update_comment '/admin/request/update_comment/:id', :action => 'update_comment'
-        admin.admin_request_destroy_incoming '/admin/request/destroy_incoming', :action => 'destroy_incoming'
-        admin.admin_request_redeliver_incoming '/admin/request/redeliver_incoming', :action => 'redeliver_incoming'
-        admin.admin_request_move_request '/admin/request/move_request', :action => 'move_request'
-        admin.admin_request_generate_upload_url '/admin/request/generate_upload_url/:id', :action => 'generate_upload_url'
-        admin.admin_request_show_raw_email '/admin/request/show_raw_email/:id', :action => 'show_raw_email'
-        admin.admin_request_download_raw_email '/admin/request/download_raw_email/:id', :action => 'download_raw_email'
-        admin.admin_request_clarification '/admin/request/mark_event_as_clarification', :action => 'mark_event_as_clarification'
-        admin.admin_request_hide '/admin/request/hide/:id', :action => 'hide_request'
-    end
-
-    map.with_options :controller => 'admin_user' do |user|
-        user.admin_user_index '/admin/user', :action => 'index'
-        user.admin_user_list '/admin/user/list', :action => 'list'
-        user.admin_user_list_banned '/admin/user/banned', :action => 'list_banned'
-        user.admin_user_show '/admin/user/show/:id', :action => 'show'
-        user.admin_user_edit '/admin/user/edit/:id', :action => 'edit'
-        user.admin_user_show_bounce '/admin/user/show_bounce_message/:id', :action => 'show_bounce_message'
-        user.admin_user_update '/admin/user/update/:id', :action => 'update'
-        user.admin_user_clear_bounce '/admin/user/clear_bounce/:id', :action => 'clear_bounce'
-        user.admin_user_destroy_track '/admin/user/destroy_track', :action => 'destroy_track'
-        user.admin_user_login_as '/admin/user/login_as/:id', :action => 'login_as'
-        user.admin_clear_profile_photo '/admin/user/clear_profile_photo/:id', :action => 'clear_profile_photo'
-    end
-
-    map.with_options :controller => 'admin_track' do |track|
-        track.admin_track_list '/admin/track/list', :action => 'list'
-    end
-
-    map.with_options :controller => 'admin_censor_rule' do |rule|
-        rule.admin_rule_new '/admin/censor/new', :action => 'new'
-        rule.admin_rule_create '/admin/censor/create', :action => 'create'
-        rule.admin_rule_edit '/admin/censor/edit/:id', :action => 'edit'
-        rule.admin_rule_update '/admin/censor/update/:id', :action => 'update'
-        rule.admin_rule_destroy '/admin/censor/destroy/:censor_rule_id', :action => 'destroy'
-    end
-
-    map.with_options :controller => 'api' do |api|
-        api.api_create_request '/api/v2/request.json', :action => 'create_request', :conditions => { :method => :post }
-
-        api.api_show_request '/api/v2/request/:id.json', :action => 'show_request', :conditions => { :method => :get }
-        api.api_add_correspondence '/api/v2/request/:id.json', :action => 'add_correspondence', :conditions => { :method => :post }
-
-        api.api_body_request_events '/api/v2/body/:id/request_events.:feed_type', :action => 'body_request_events', :feed_type => '^(json|atom)$'
-    end
-
-    map.filter('conditionallyprependlocale')
-
-    # Allow downloading Web Service WSDL as a file with an extension
-    # instead of a file named 'wsdl'
-    # map.connect ':controller/service.wsdl', :action => 'wsdl'
+    match '/profile/sign_in' => 'user#signin', :as => :signin
+    match '/profile/sign_up' => 'user#signup', :as => :signup
+    match '/profile/sign_out' => 'user#signout', :as => :signout
+
+    match '/c/:email_token' => 'user#confirm', :as => :confirm
+    match '/user/:url_name' => 'user#show', :as => :show_user
+    match '/user/:url_name/profile' => 'user#show', :as => :show_user_profile, :view => 'profile'
+    match '/user/:url_name/requests' => 'user#show', :as => :show_user_requests, :view => 'requests'
+    match '/user/:url_name/wall' => 'user#wall', :as => :show_user_wall
+    match '/user/contact/:id' => 'user#contact', :as => :contact_user
+
+    match '/profile/change_password' => 'user#signchangepassword', :as => :signchangepassword
+    match '/profile/change_email' => 'user#signchangeemail', :as => :signchangeemail
+
+    match '/profile/set_photo' => 'user#set_profile_photo', :as => :set_profile_photo
+    match '/profile/clear_photo' => 'user#clear_profile_photo', :as => :clear_profile_photo
+    match '/user/:url_name/photo.png' => 'user#get_profile_photo', :as => :get_profile_photo
+    match '/profile/draft_photo/:id.png' => 'user#get_draft_profile_photo', :as => :get_draft_profile_photo
+    match '/profile/set_about_me' => 'user#set_profile_about_me', :as => :set_profile_about_me
+    match '/profile/set_receive_alerts' => 'user#set_receive_email_alerts', :as => :set_receive_email_alerts
+    match '/profile/river' => 'user#river', :as => :river
+    ####
+
+    #### PublicBody controller
+    match '/body/search_ahead' => 'public_body#search_typeahead', :as => :search_ahead_bodies
+    match '/body' => 'public_body#list', :as => :list_public_bodies
+    match '/body/list/all' => 'public_body#list', :as => :list_public_bodies_default
+    match '/body/list/:tag' => 'public_body#list', :as => :list_public_bodies
+    match '/local/:tag' => 'public_body#list_redirect', :as => :list_public_bodies_redirect
+    match '/body/all-authorities.csv' => 'public_body#list_all_csv', :as => :all_public_bodies_csv
+    match '/body/:url_name' => 'public_body#show', :as => :show_public_body, :view => 'all'
+    match '/body/:url_name/all' => 'public_body#show', :as => :show_public_body_all, :view => 'all'
+    match '/body/:url_name/successful' => 'public_body#show', :as => :show_public_body_successful, :view => 'successful'
+    match '/body/:url_name/unsuccessful' => 'public_body#show', :as => :show_public_body_unsuccessful, :view => 'unsuccessful'
+    match '/body/:url_name/awaiting' => 'public_body#show', :as => :show_public_body_awaiting, :view => 'awaiting'
+    match '/body/:url_name/view_email' => 'public_body#view_email', :as => :view_public_body_email
+    match '/body/:url_name/:tag' => 'public_body#show', :as => :show_public_body_tag
+    match '/body/:url_name/:tag/:view' => 'public_body#show', :as => :show_public_body_tag_view
+    ####
+
+    #### Comment controller
+    match '/annotate/request/:url_title' => 'comment#new', :as => :new_comment, :type => 'request'
+    ####
+
+    #### Services controller
+    match '/country_message' => 'services#other_country_message', :as => :other_country_message
+    match '/hidden_user_explanation' => 'services#hidden_user_explanation', :as => :hidden_user_explanation
+    ####
+
+    #### Track controller
+    # /track/ is for setting up an email alert for the item
+    # /feed/ is a direct RSS feed of the item
+    match '/:feed/request/:url_title' => 'track#track_request', :as => :track_request, :feed => /(track|feed)/
+    match '/:feed/list/:view' => 'track#track_list', :as => :track_list, :view => nil, :feed => /(track|feed)/
+    match '/:feed/body/:url_name' => 'track#track_public_body', :as => :track_public_body, :feed => /(track|feed)/
+    match '/:feed/user/:url_name' => 'track#track_user', :as => :track_user, :feed => /(track|feed)/
+    # XXX :format doesn't work. See hacky code in the controller that makes up for this.
+    match '/:feed/search/:query_array' => 'track#track_search_query',
+          :as => :track_search,
+          :feed => /(track|feed)/,
+          :constraints => { :query_array => /.*/ }
+
+    match '/track/update/:track_id' => 'track#update', :as => :update
+    match '/track/delete_all_type' => 'track#delete_all_type', :as => :delete_all_type
+    match '/track/feed/:track_id' => 'track#atom_feed', :as => :atom_feed
+    ####
+
+    #### Help controller
+    match '/help/unhappy/:url_title' => 'help#unhappy', :as => :help_unhappy
+    match '/help/about' => 'help#about', :as => :help_about
+    match '/help/alaveteli' => 'help#alaveteli', :as => :help_alaveteli
+    match '/help/contact' => 'help#contact', :as => :help_contact
+    match '/help/officers' => 'help#officers', :as => :help_officers
+    match '/help/requesting' => 'help#requesting', :as => :help_requesting
+    match '/help/privacy' => 'help#privacy', :as => :help_privacy
+    match '/help/api' => 'help#api', :as => :help_api
+    match '/help/credits' => 'help#credits', :as => :help_credits
+    match '/help/:action' => 'help#action', :as => :help_general
+    ####
+
+    #### Holiday controller
+    match '/due_date/:holiday' => 'holiday#due_date', :as => :due_date
+    ####
+
+    #### RequestGame controller
+    match '/categorise/play' => 'request_game#play', :as => :categorise_play
+    match '/categorise/request/:url_title' => 'request_game#show', :as => :categorise_request
+    match '/categorise/stop' => 'request_game#stop', :as => :categorise_stop
+    ####
+
+    #### AdminPublicBody controller
+    match '/admin/missing_scheme' => 'admin_public_body#missing_scheme', :as => :admin_body_missing
+    match '/admin/body' => 'admin_public_body#index', :as => :admin_body_index
+    match '/admin/body/list' => 'admin_public_body#list', :as => :admin_body_list
+    match '/admin/body/show/:id' => 'admin_public_body#show', :as => :admin_body_show
+    match '/admin/body/new' => 'admin_public_body#new', :as => :admin_body_new
+    match '/admin/body/edit/:id' => 'admin_public_body#edit', :as => :admin_body_edit
+    match '/admin/body/update/:id' => 'admin_public_body#update', :as => :admin_body_update
+    match '/admin/body/create' => 'admin_public_body#create', :as => :admin_body_create
+    match '/admin/body/destroy/:id' => 'admin_public_body#destroy', :as => :admin_body_destroy
+    match '/admin/body/import_csv' => 'admin_public_body#import_csv', :as => :admin_body_import_csv
+    match '/admin/body/mass_tag_add' => 'admin_public_body#mass_tag_add', :as => :admin_body_mass_tag_add
+    ####
+
+    #### AdminGeneral controller
+    match '/admin' => 'admin_general#index', :as => :admin_general_index
+    match '/admin/timeline' => 'admin_general#timeline', :as => :admin_timeline
+    match '/admin/debug' => 'admin_general#debug', :as => :admin_debug
+    match '/admin/stats' => 'admin_general#stats', :as => :admin_stats
+    match '/admin/javascripts/admin.js' => 'admin_general#admin_js', :as => :admin_js
+    ####
+
+    #### AdminRequest controller
+    match '/admin/request' => 'admin_request#index', :as => :admin_request_index
+    match '/admin/request/list' => 'admin_request#list', :as => :admin_request_list
+    match '/admin/request/show/:id' => 'admin_request#show', :as => :admin_request_show
+    match '/admin/request/resend' => 'admin_request#resend', :as => :admin_request_resend
+    match '/admin/request/edit/:id' => 'admin_request#edit', :as => :admin_request_edit
+    match '/admin/request/update/:id' => 'admin_request#update', :as => :admin_request_update
+    match '/admin/request/destroy/:id' => 'admin_request#fully_destroy', :as => :admin_request_destroy
+    match '/admin/request/edit_outgoing/:id' => 'admin_request#edit_outgoing', :as => :admin_request_edit_outgoing
+    match '/admin/request/destroy_outgoing/:id' => 'admin_request#destroy_outgoing', :as => :admin_request_destroy_outgoing
+    match '/admin/request/update_outgoing/:id' => 'admin_request#update_outgoing', :as => :admin_request_update_outgoing
+    match '/admin/request/edit_comment/:id' => 'admin_request#edit_comment', :as => :admin_request_edit_comment
+    match '/admin/request/update_comment/:id' => 'admin_request#update_comment', :as => :admin_request_update_comment
+    match '/admin/request/destroy_incoming' => 'admin_request#destroy_incoming', :as => :admin_request_destroy_incoming
+    match '/admin/request/redeliver_incoming' => 'admin_request#redeliver_incoming', :as => :admin_request_redeliver_incoming
+    match '/admin/request/move_request' => 'admin_request#move_request', :as => :admin_request_move_request
+    match '/admin/request/generate_upload_url/:id' => 'admin_request#generate_upload_url', :as => :admin_request_generate_upload_url
+    match '/admin/request/show_raw_email/:id' => 'admin_request#show_raw_email', :as => :admin_request_show_raw_email
+    match '/admin/request/download_raw_email/:id' => 'admin_request#download_raw_email', :as => :admin_request_download_raw_email
+    match '/admin/request/mark_event_as_clarification' => 'admin_request#mark_event_as_clarification', :as => :admin_request_clarification
+    match '/admin/request/hide/:id' => 'admin_request#hide_request', :as => :admin_request_hide
+    ####
+
+    #### AdminUser controller
+    match '/admin/user' => 'admin_user#index', :as => :admin_user_index
+    match '/admin/user/list' => 'admin_user#list', :as => :admin_user_list
+    match '/admin/user/banned' => 'admin_user#list_banned', :as => :admin_user_list_banned
+    match '/admin/user/show/:id' => 'admin_user#show', :as => :admin_user_show
+    match '/admin/user/edit/:id' => 'admin_user#edit', :as => :admin_user_edit
+    match '/admin/user/show_bounce_message/:id' => 'admin_user#show_bounce_message', :as => :admin_user_show_bounce
+    match '/admin/user/update/:id' => 'admin_user#update', :as => :admin_user_update
+    match '/admin/user/clear_bounce/:id' => 'admin_user#clear_bounce', :as => :admin_user_clear_bounce
+    match '/admin/user/destroy_track' => 'admin_user#destroy_track', :as => :admin_user_destroy_track
+    match '/admin/user/login_as/:id' => 'admin_user#login_as', :as => :admin_user_login_as
+    match '/admin/user/clear_profile_photo/:id' => 'admin_user#clear_profile_photo', :as => :admin_clear_profile_photo
+    ####
+
+    #### AdminTrack controller
+    match '/admin/track/list' => 'admin_track#list', :as => :admin_track_list
+    ####
+
+    #### AdminCensorRule controller
+    match '/admin/censor/new' => 'admin_censor_rule#new', :as => :admin_rule_new
+    match '/admin/censor/create' => 'admin_censor_rule#create', :as => :admin_rule_create
+    match '/admin/censor/edit/:id' => 'admin_censor_rule#edit', :as => :admin_rule_edit
+    match '/admin/censor/update/:id' => 'admin_censor_rule#update', :as => :admin_rule_update
+    match '/admin/censor/destroy/:censor_rule_id' => 'admin_censor_rule#destroy', :as => :admin_rule_destroy
+    ####
+
+    #### Api controller
+    match '/api/v2/request.json' => 'api#create_request', :as => :api_create_request, :via => :post
+
+    match '/api/v2/request/:id.json' => 'api#show_request', :as => :api_show_request, :via => :get
+    match '/api/v2/request/:id.json' => 'api#add_correspondence', :as => :api_add_correspondence, :via => :post
+
+    match '/api/v2/body/:id/request_events.:feed_type' => 'api#body_request_events', :as => :api_body_request_events, :feed_type => '^(json|atom)$'
+    ####
+
+    filter :conditionallyprependlocale
 end
diff --git a/config/test.yml b/config/test.yml
index bc9ec099a..5c08e928b 100644
--- a/config/test.yml
+++ b/config/test.yml
@@ -1,7 +1,7 @@
 # test.yml
 # Test values for the "general" config file.
 #
-# Configuration parameters, in YAML syntax.
+# AlaveteliConfiguration parameters, in YAML syntax.
 #
 # These may be values expected by the test suite; changing them may
 # break tests.