diff --git a/app/controllers/application_controller.rb b/app/controllers/application_controller.rb index afc0ffcce..1a1fc5e26 100644 --- a/app/controllers/application_controller.rb +++ b/app/controllers/application_controller.rb @@ -8,7 +8,8 @@ class ApplicationController < ActionController::Base before_filter :normalize_search before_filter :set_started_at_session before_filter :api_check - # before_filter :secure_cookies_check + before_filter :set_safe_mode + before_filter :secure_cookies_check layout "default" rescue_from User::PrivilegeError, :with => :access_denied @@ -104,13 +105,15 @@ protected end end + def set_safe_mode + CurrentUser.set_safe_mode(request) + end + def secure_cookies_check - if true || request.ssl? + if request.ssl? Danbooru::Application.config.session_store :cookie_store, :key => '_danbooru_session', :secure => true else Danbooru::Application.config.session_store :cookie_store, :key => '_danbooru_session', :secure => false end - ap cookies - true end end diff --git a/app/logical/current_user.rb b/app/logical/current_user.rb index 09f56a924..8fff13fdd 100644 --- a/app/logical/current_user.rb +++ b/app/logical/current_user.rb @@ -42,6 +42,18 @@ class CurrentUser user.name end + def self.safe_mode? + Thread.current[:safe_mode] + end + + def self.set_safe_mode(req) + if req.host =~ /safe/ + Thread.current[:safe_mode] = true + else + Thread.current[:safe_mode] = false + end + end + def self.method_missing(method, *params, &block) if user.respond_to?(method) user.__send__(method, *params, &block) diff --git a/app/logical/post_query_builder.rb b/app/logical/post_query_builder.rb index 55c832ac9..46b8613e1 100644 --- a/app/logical/post_query_builder.rb +++ b/app/logical/post_query_builder.rb @@ -112,6 +112,11 @@ class PostQueryBuilder raise ::Post::SearchError.new("You cannot search for more than #{Danbooru.config.tag_query_limit} tags at a time") end + if CurrentUser.safe_mode? + relation = relation.where(:rating => "s") + relation = relation.where("created_at <= ?", 3.months.ago) + end + relation = add_range_relation(q[:post_id], "posts.id", relation) relation = add_range_relation(q[:mpixels], "posts.image_width * posts.image_height / 1000000.0", relation) relation = add_range_relation(q[:width], "posts.image_width", relation) diff --git a/db/structure.sql b/db/structure.sql index c6d301fe2..810d06d49 100644 --- a/db/structure.sql +++ b/db/structure.sql @@ -2697,7 +2697,8 @@ CREATE TABLE users ( per_page integer DEFAULT 20 NOT NULL, hide_deleted_posts boolean DEFAULT false NOT NULL, style_usernames boolean DEFAULT false NOT NULL, - enable_auto_complete boolean DEFAULT true NOT NULL + enable_auto_complete boolean DEFAULT true NOT NULL, + custom_style text ); @@ -6424,4 +6425,6 @@ INSERT INTO schema_migrations (version) VALUES ('20130606224559'); INSERT INTO schema_migrations (version) VALUES ('20130618230158'); -INSERT INTO schema_migrations (version) VALUES ('20130620215658'); \ No newline at end of file +INSERT INTO schema_migrations (version) VALUES ('20130620215658'); + +INSERT INTO schema_migrations (version) VALUES ('20130712162600'); \ No newline at end of file diff --git a/test/unit/current_user_test.rb b/test/unit/current_user_test.rb index 26235e1b5..6d49a9ac1 100644 --- a/test/unit/current_user_test.rb +++ b/test/unit/current_user_test.rb @@ -6,6 +6,20 @@ class CurrentUserTest < ActiveSupport::TestCase CurrentUser.ip_addr = nil end + context ".safe_mode?" do + should "return true if the host contains the string host" do + req = mock(:host => "safebooru") + CurrentUser.set_safe_mode(req) + assert_equal(true, CurrentUser.safe_mode?) + end + + should "return false if the host does not contain the string host" do + req = mock(:host => "danbooru") + CurrentUser.set_safe_mode(req) + assert_equal(false, CurrentUser.safe_mode?) + end + end + context "The current user" do should "be set only within the scope of the block" do user = FactoryGirl.create(:user)