fix attr_accessible

app/models/artist.rb

@@ -12,9 +12,8 @@ class Artist < ActiveRecord::Base
   has_one :wiki_page, :foreign_key => "title", :primary_key => "name"
   has_one :tag_alias, :foreign_key => "antecedent_name", :primary_key => "name"
   accepts_nested_attributes_for :wiki_page
-  attr_accessible :name, :url_string, :other_names, :group_name, :wiki_page_attributes, :notes, :is_active
-  attr_accessible :name, :url_string, :other_names, :group_name, :wiki_page_attributes, :notes, :is_active, :as => [:member, :moderator]
-  attr_accessible :name, :url_string, :other_names, :group_name, :wiki_page_attributes, :notes, :is_active, :is_banned, :as => :admin
+  attr_accessible :name, :url_string, :other_names, :group_name, :wiki_page_attributes, :notes, :is_active, :as => [:member, :privileged, :contributor, :janitor, :moderator, :default, :admin]
+  attr_accessible :is_banned, :as => :admin
   scope :url_match, lambda {|string| where(["id in (?)", Artist.find_all_by_url(string).map(&:id)])}
   scope :other_names_match, lambda {|string| where(["other_names_index @@ to_tsquery('danbooru', ?)", Artist.normalize_name(string)])}
   scope :name_equals, lambda {|string| where("name = ?", string)}

app/models/forum_post.rb

@@ -1,7 +1,6 @@
 class ForumPost < ActiveRecord::Base
-  attr_accessible :body, :topic_id
-  attr_accessible :body, :topic_id, :as => [:member]
-  attr_accessible :body, :topic_id, :is_locked, :is_sticky, :as => [:admin, :moderator]
+  attr_accessible :body, :topic_id, :as => [:member, :privileged, :contributor, :janitor, :admin, :moderator, :default]
+  attr_accessible :is_locked, :is_sticky, :as => [:admin, :moderator]
   belongs_to :creator, :class_name => "User"
   belongs_to :topic, :class_name => "ForumTopic"
   before_validation :initialize_creator, :on => :create

app/models/forum_topic.rb

@@ -1,7 +1,6 @@
 class ForumTopic < ActiveRecord::Base
-  attr_accessible :title, :original_post_attributes
-  attr_accessible :title, :original_post_attributes, :as => [:member]
-  attr_accessible :title, :original_post_attributes, :is_sticky, :is_locked, :as => [:admin, :moderator]
+  attr_accessible :title, :original_post_attributes, :as => [:member, :privileged, :contributor, :janitor, :moderator, :admin, :default]
+  attr_accessible :is_sticky, :is_locked, :as => [:admin, :moderator]
   belongs_to :creator, :class_name => "User"
   belongs_to :updater, :class_name => "User"
   has_many :posts, :class_name => "ForumPost", :order => "forum_posts.id asc", :foreign_key => "topic_id", :dependent => :destroy

app/models/post.rb

@@ -30,10 +30,9 @@ class Post < ActiveRecord::Base
   validates_uniqueness_of :md5
   validates_presence_of :parent, :if => lambda {|rec| !rec.parent_id.nil?}
   validate :validate_parent_does_not_have_a_parent
-  attr_accessible :source, :rating, :tag_string, :old_tag_string, :last_noted_at, :parent_id
-  attr_accessible :source, :rating, :tag_string, :old_tag_string, :last_noted_at, :parent_id, :as => [:member]
-  attr_accessible :source, :rating, :tag_string, :old_tag_string, :last_noted_at, :parent_id, :is_rating_locked, :is_note_locked, :as => [:moderator]
-  attr_accessible :source, :rating, :tag_string, :old_tag_string, :last_noted_at, :parent_id, :is_rating_locked, :is_note_locked, :is_status_locked, :as => [:admin]
+  attr_accessible :source, :rating, :tag_string, :old_tag_string, :last_noted_at, :parent_id, :as => [:member, :privileged, :contributor, :janitor, :moderator, :admin, :default]
+  attr_accessible :is_rating_locked, :is_note_locked, :as => [:janitor, :moderator]
+  attr_accessible :is_status_locked, :as => [:admin]
   scope :pending, where(["is_pending = ?", true])
   scope :pending_or_flagged, where(["(is_pending = ? OR is_flagged = ?)", true, true])
   scope :undeleted, where(["is_deleted = ?", false])

app/models/user.rb

@@ -14,9 +14,8 @@ class User < ActiveRecord::Base
   end
   
   attr_accessor :password, :old_password
-  attr_accessible :password, :old_password, :password_confirmation, :password_hash, :email, :last_logged_in_at, :last_forum_read_at, :has_mail, :receive_email_notifications, :comment_threshold, :always_resize_images, :favorite_tags, :blacklisted_tags, :name, :ip_addr, :time_zone, :default_image_size
-  attr_accessible :password, :old_password, :password_confirmation, :password_hash, :email, :last_logged_in_at, :last_forum_read_at, :has_mail, :receive_email_notifications, :comment_threshold, :always_resize_images, :favorite_tags, :blacklisted_tags, :name, :ip_addr, :time_zone, :default_image_size, :as => [:moderator, :member]
-  attr_accessible :password, :old_password, :password_confirmation, :password_hash, :email, :last_logged_in_at, :last_forum_read_at, :has_mail, :receive_email_notifications, :comment_threshold, :always_resize_images, :favorite_tags, :blacklisted_tags, :name, :ip_addr, :time_zone, :default_image_size, :level, :as => :admin
+  attr_accessible :password, :old_password, :password_confirmation, :password_hash, :email, :last_logged_in_at, :last_forum_read_at, :has_mail, :receive_email_notifications, :comment_threshold, :always_resize_images, :favorite_tags, :blacklisted_tags, :name, :ip_addr, :time_zone, :default_image_size, :as => [:moderator, :janitor, :contributor, :privileged, :member, :anonymous, :default, :admin]
+  attr_accessible :level, :as => :admin
   validates_length_of :name, :within => 2..100, :on => :create
   validates_format_of :name, :with => /\A[^\s:]+\Z/, :on => :create, :message => "cannot have whitespace or colons"
   validates_uniqueness_of :name, :case_sensitive => false, :on => :create
@@ -338,11 +337,11 @@ class User < ActiveRecord::Base
     def can_comment?
       if is_privileged?
         true
-      elsif created_at > 1.week.ago
+      elsif created_at > Danbooru.config.member_comment_time_threshold
         false
       else
         Comment.where("creator_id = ? and created_at > ?", id, 1.hour.ago).count < Danbooru.config.member_comment_limit
-      end      
+      end
     end
     
     def can_comment_vote?

config/danbooru_default_config.rb

@@ -138,6 +138,10 @@ module Danbooru
       5.megabytes
     end
     
+    def member_comment_time_threshold
+      1.week.ago
+    end
+    
     # The name of the server the app is hosted on.
     def server_host
       Socket.gethostname

test/factories/note.rb

@@ -7,6 +7,6 @@ Factory.define(:note) do |f|
   f.height 0
   f.is_active true
   f.body {Faker::Lorem.sentences.join}
-  f.updater_id {|x| x.creator_id}
+  f.updater_id {|x| x.association(:user)}
   f.updater_ip_addr "127.0.0.1"
 end

test/unit/comment_test.rb

@@ -8,6 +8,7 @@ class CommentTest < ActiveSupport::TestCase
       CurrentUser.ip_addr = "127.0.0.1"
       MEMCACHE.flush_all
       Danbooru.config.stubs(:member_comment_limit).returns(100)
+      Danbooru.config.stubs(:member_comment_time_threshold).returns(1.week.from_now)
     end
     
     teardown do

test/unit/ip_ban_test.rb

@@ -6,6 +6,7 @@ class IpBanTest < ActiveSupport::TestCase
     CurrentUser.user = @user
     CurrentUser.ip_addr = "127.0.0.1"
     MEMCACHE.flush_all
+    Danbooru.config.stubs(:member_comment_time_threshold).returns(1.week.from_now)
   end
   
   teardown do

test/unit/moderator/ip_addr_search_test.rb

@@ -7,6 +7,7 @@ module Moderator
         @user = Factory.create(:user)
         CurrentUser.user = @user
         CurrentUser.ip_addr = "127.0.0.1"
+        Danbooru.config.stubs(:member_comment_time_threshold).returns(1.week.from_now)
         Factory.create(:comment)
         MEMCACHE.flush_all
       end

test/unit/user_test.rb

@@ -54,6 +54,7 @@ class UserTest < ActiveSupport::TestCase
     end
     
     should "limit comment votes" do
+      Danbooru.config.stubs(:member_comment_time_threshold).returns(1.week.from_now)
       Danbooru.config.stubs(:member_comment_limit).returns(10)
       assert(@user.can_comment_vote?)
       10.times do