apply rails 4 todos and fix specs after rebase

app/controllers/admins_controller.rb

@@ -101,12 +101,10 @@ DATA
   end
 
 
-  # TODO action needed after rails4 update
   class UserSearch
-    #include ActiveModel::Model  # rails4
+    include ActiveModel::Model
     include ActiveModel::Conversion
     include ActiveModel::Validations
-    include ActiveModel::MassAssignmentSecurity
 
     attr_accessor :username, :email, :guid, :under13
 
@@ -117,26 +115,20 @@ DATA
       yield(self) if block_given?
     end
 
-    def assign_attributes(values, options={})
-      sanitize_for_mass_assignment(values, options[:as]).each do |k, v|
-        send("#{k}=", v)
+    def assign_attributes(values)
+      values.each do |k, v|
+        public_send("#{k}=", v)
       end
     end
 
-    # TODO remove this once ActiveModel is included
-    def persisted?
-      false
-    end
-
     def any_searchfield_present?
-      if %w(username email guid under13).all? { |attr| self.send(attr).blank? }
+      if %w(username email guid under13).all? { |attr| public_send(attr).blank? }
         errors.add :base, "no fields for search set"
       end
     end
 
     def perform
-      #return User.none unless valid?  # rails4
-      return [] unless valid?
+      return User.none unless valid?
 
       users = User.arel_table
       people = Person.arel_table

config/initializers/json_escape.rb

 # From http://jfire.io/blog/2012/04/30/how-to-securely-bootstrap-json-in-a-rails-view/
-# Review on Rails 4 update, might be built in by then!
+# Remove on Rails 4.1 update
 
 class ActionView::Base
   def json_escape(s)

lib/diaspora/federated/signed_retraction.rb

@@ -4,7 +4,7 @@
 
 class SignedRetraction
   include Diaspora::Federated::Base
-  
+
   include Diaspora::Encryptable
 
   xml_name :signed_retraction
@@ -78,7 +78,7 @@ class SignedRetraction
       onward_retraction.sender = receiving_user.person
       Postzord::Dispatcher.build(receiving_user, onward_retraction).post
     end
-    if target
+    if target && !target.destroyed?
       self.target.destroy
     end
     Rails.logger.info("event=retraction status =complete target_type=#{self.target_type} guid =#{self.target_guid}")

lib/diaspora/message_renderer.rb

@@ -36,12 +36,9 @@ module Diaspora
         message << options[:append_after_truncate].to_s
       end
 
-      include ActionView::Helpers::TagHelper
       def escape
         if options[:escape]
-          # TODO: On Rails 4 port change this to ERB::Util.html_escape_once
-          # and remove the include
-          @message = escape_once message
+          @message = ERB::Util.html_escape_once message
 
           # Special case Hex entities since escape_once
           # doesn't catch them.