Raise error on unpermitted params.

Fail loudly if we forget to whitelist a param instead of silently
ignoring it.

misc models: convert to strong params.

artist commentaries: convert to strong params.

* Disallow changing or setting post_id to a nonexistent post.

artists: convert to strong params.

* Disallow setting `is_banned` in create/update actions. Changing it
  this way instead of with the ban/unban actions would leave the artist in
  a partially banned state.

bans: convert to strong params.

* Disallow changing the user_id after the ban has been created.

comments: convert to strong params.

favorite groups: convert to strong params.

news updates: convert to strong params.

post appeals: convert to strong params.

post flags: convert to strong params.

* Disallow users from setting the `is_deleted` / `is_resolved` flags.

ip bans: convert to strong params.

user feedbacks: convert to strong params.

* Disallow users from setting `disable_dmail_notification` when creating feedbacks.
* Disallow changing the user_id after the feedback has been created.

notes: convert to strong params.

wiki pages: convert to strong params.

* Also fix non-Builders being able to delete wiki pages.

saved searches: convert to strong params.

pools: convert to strong params.

* Disallow setting `post_count` or `is_deleted` in create/update actions.

janitor trials: convert to strong params.

post disapprovals: convert to strong params.

* Factor out quick-mod bar to shared partial.
* Fix quick-mod bar to use `Post#is_approvable?` to determine visibility
  of Approve button.

dmail filters: convert to strong params.

password resets: convert to strong params.

user name change requests: convert to strong params.

posts: convert to strong params.

users: convert to strong params.

* Disallow setting password_hash, last_logged_in_at, last_forum_read_at,
  has_mail, and dmail_filter_attributes[user_id].

* Remove initialize_default_image_size (dead code).

uploads: convert to strong params.

* Remove `initialize_status` because status already defaults to pending
  in the database.

tag aliases/implications: convert to strong params.

tags: convert to strong params.

forum posts: convert to strong params.

* Disallow changing the topic_id after creating the post.
* Disallow setting is_deleted (destroy/undelete actions should be used instead).
* Remove is_sticky / is_locked (nonexistent attributes).

forum topics: convert to strong params.

* merges https://github.com/evazion/danbooru/tree/wip-rails-5.1
* lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4)
* switch to factorybot and change all references

Co-authored-by: r888888888 <r888888888@gmail.com>
Co-authored-by: evazion <noizave@gmail.com>

add diffs

app/models/post.rb

@@ -41,10 +41,10 @@ class Post < ApplicationRecord
   after_commit :update_iqdb_async, :on => :create
   after_commit :notify_pubsub
 
-  belongs_to :updater, :class_name => "User"
-  belongs_to :approver, :class_name => "User"
+  belongs_to :updater, :class_name => "User", optional: true # this is handled in versions
+  belongs_to :approver, class_name: "User", optional: true
   belongs_to :uploader, :class_name => "User", :counter_cache => "post_upload_count"
-  belongs_to :parent, :class_name => "Post"
+  belongs_to :parent, class_name: "Post", optional: true
   has_one :upload, :dependent => :destroy
   has_one :artist_commentary, :dependent => :destroy
   has_one :pixiv_ugoira_frame_data, :class_name => "PixivUgoiraFrameData", :dependent => :destroy
@@ -60,14 +60,6 @@ class Post < ApplicationRecord
   has_many :replacements, class_name: "PostReplacement", :dependent => :destroy
 
   serialize :keeper_data, JSON
-
-  if PostArchive.enabled?
-    has_many :versions, lambda {order("post_versions.updated_at ASC")}, :class_name => "PostArchive", :dependent => :destroy
-  end
-
-  attr_accessible :source, :rating, :tag_string, :old_tag_string, :old_parent_id, :old_source, :old_rating, :parent_id, :has_embedded_notes, :as => [:member, :builder, :gold, :platinum, :moderator, :admin, :default]
-  attr_accessible :is_rating_locked, :is_note_locked, :has_cropped, :keeper_data, :as => [:builder, :moderator, :admin]
-  attr_accessible :is_status_locked, :keeper_data, :as => [:admin]
   attr_accessor :old_tag_string, :old_parent_id, :old_source, :old_rating, :has_constraints, :disable_versioning, :view_count
 
   concerning :KeeperMethods do
@@ -82,7 +74,7 @@ class Post < ApplicationRecord
         uploader_id
       end
     end
-
+  
     def keeper
       User.find(keeper_id)
     end
@@ -92,6 +84,12 @@ class Post < ApplicationRecord
     end
   end
 
+  if PostArchive.enabled?
+    has_many :versions, lambda {order("post_versions.updated_at ASC")}, :class_name => "PostArchive", :dependent => :destroy
+  end
+
+  attr_accessor :old_tag_string, :old_parent_id, :old_source, :old_rating, :has_constraints, :disable_versioning, :view_count
+
   module FileMethods
     extend ActiveSupport::Concern
 
@@ -521,7 +519,7 @@ class Post < ApplicationRecord
     end
 
     def tag_array_was
-      @tag_array_was ||= Tag.scan_tags(tag_string_was)
+      @tag_array_was ||= Tag.scan_tags(tag_string_before_last_save || tag_string_was)
     end
 
     def tags
@@ -606,15 +604,15 @@ class Post < ApplicationRecord
         old_parent_id = old_parent_id.to_i
       end
       if old_parent_id == parent_id
-        self.parent_id = parent_id_was
+        self.parent_id = parent_id_before_last_save || parent_id_was
       end
 
       if old_source == source.to_s
-        self.source = source_was
+        self.source = source_before_last_save || source_was
       end
 
       if old_rating == rating
-        self.rating = rating_was
+        self.rating = rating_before_last_save || rating_was
       end
     end
 
@@ -838,13 +836,13 @@ class Post < ApplicationRecord
           self.rating = $1
 
         when /^(-?)locked:notes?$/i
-          assign_attributes({ is_note_locked: $1 != "-" }, as: CurrentUser.role)
+          self.is_note_locked = ($1 != "-" ) if CurrentUser.is_builder?
 
         when /^(-?)locked:rating$/i
-          assign_attributes({ is_rating_locked: $1 != "-" }, as: CurrentUser.role)
+          self.is_rating_locked = ($1 != "-" ) if CurrentUser.is_builder?
 
         when /^(-?)locked:status$/i
-          assign_attributes({ is_status_locked: $1 != "-" }, as: CurrentUser.role)
+          self.is_status_locked = ($1 != "-" ) if CurrentUser.is_admin?
 
         end
       end
@@ -977,7 +975,7 @@ class Post < ApplicationRecord
     end
 
     def remove_from_favorites
-      Favorite.delete_all(post_id: id)
+      Favorite.where(post_id: id).delete_all
       user_ids = fav_string.scan(/\d+/)
       User.where(:id => user_ids).update_all("favorite_count = favorite_count - 1")
       PostVote.where(post_id: id).delete_all
@@ -1175,7 +1173,7 @@ class Post < ApplicationRecord
 
     def fix_post_counts(post)
       post.set_tag_counts(false)
-      if post.changed?
+      if post.changes_saved?
         args = Hash[TagCategory.categories.map {|x| ["tag_count_#{x}",post.send("tag_count_#{x}")]}].update(:tag_count => post.tag_count)
         post.update_columns(args)
       end
@@ -1220,7 +1218,7 @@ class Post < ApplicationRecord
     # - Reparent all children to the first child.
 
     def update_has_children_flag
-      update({has_children: children.exists?, has_active_children: children.undeleted.exists?}, without_protection: true)
+      update(has_children: children.exists?, has_active_children: children.undeleted.exists?)
     end
 
     def blank_out_nonexistent_parents
@@ -1252,10 +1250,10 @@ class Post < ApplicationRecord
     end
 
     def update_parent_on_save
-      return unless parent_id_changed? || is_deleted_changed?
+      return unless saved_change_to_parent_id? || saved_change_to_is_deleted?
 
       parent.update_has_children_flag if parent.present?
-      Post.find(parent_id_was).update_has_children_flag if parent_id_was.present?
+      Post.find(parent_id_before_last_save).update_has_children_flag if parent_id_before_last_save.present?
     end
 
     def give_favorites_to_parent(options = {})
@@ -1337,12 +1335,12 @@ class Post < ApplicationRecord
       Post.transaction do
         flag!(reason, is_deletion: true)
 
-        update({
+        update(
           is_deleted: true,
           is_pending: false,
           is_flagged: false,
           is_banned: is_banned || options[:ban] || has_tag?("banned_artist")
-        }, without_protection: true)
+        )
 
         # XXX This must happen *after* the `is_deleted` flag is set to true (issue #3419).
         give_favorites_to_parent(options) if options[:move_favorites]
@@ -1385,11 +1383,15 @@ class Post < ApplicationRecord
 
   module VersionMethods
     def create_version(force = false)
-      if new_record? || rating_changed? || source_changed? || parent_id_changed? || tag_string_changed? || force
+      if new_record? || saved_change_to_watched_attributes? || force
         create_new_version
       end
     end
 
+    def saved_change_to_watched_attributes?
+      saved_change_to_rating? || saved_change_to_source? || saved_change_to_parent_id? || saved_change_to_tag_string?
+    end
+
     def merge_version?
       prev = versions.last
       prev && prev.updater_id == CurrentUser.user.id && prev.updated_at > 1.hour.ago