Fix #4544: Show limited view of other user's uploads on the upload index.
* Show completed uploads to other users. * Don't show failed or incomplete uploads to other users. * Don't show tags to other users. * Delete completed uploads after 1 hour. * Delete incomplete uploads after 1 day. * Delete failed uploads after 3 days.
This commit is contained in:
evazion
@@ -2,11 +2,11 @@ module DanbooruMaintenance
|
|||||||
module_function
|
module_function
|
||||||
|
|
||||||
def hourly
|
def hourly
|
||||||
|
safely { Upload.prune! }
|
||||||
end
|
end
|
||||||
|
|
||||||
def daily
|
def daily
|
||||||
safely { PostPruner.new.prune! }
|
safely { PostPruner.new.prune! }
|
||||||
safely { Upload.prune! }
|
|
||||||
safely { Delayed::Job.where('created_at < ?', 45.days.ago).delete_all }
|
safely { Delayed::Job.where('created_at < ?', 45.days.ago).delete_all }
|
||||||
safely { PostDisapproval.prune! }
|
safely { PostDisapproval.prune! }
|
||||||
safely { regenerate_post_counts! }
|
safely { regenerate_post_counts! }
|
||||||
|
|||||||
@@ -75,6 +75,7 @@ class Upload < ApplicationRecord
|
|||||||
|
|
||||||
scope :pending, -> { where(status: "pending") }
|
scope :pending, -> { where(status: "pending") }
|
||||||
scope :preprocessed, -> { where(status: "preprocessed") }
|
scope :preprocessed, -> { where(status: "preprocessed") }
|
||||||
|
scope :completed, -> { where(status: "completed") }
|
||||||
scope :uploaded_by, ->(user_id) { where(uploader_id: user_id) }
|
scope :uploaded_by, ->(user_id) { where(uploader_id: user_id) }
|
||||||
|
|
||||||
def initialize_attributes
|
def initialize_attributes
|
||||||
@@ -83,17 +84,19 @@ class Upload < ApplicationRecord
|
|||||||
self.server = Socket.gethostname
|
self.server = Socket.gethostname
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.prune!(date = 1.day.ago)
|
def self.prune!
|
||||||
where("created_at < ?", date).lock.destroy_all
|
completed.where("created_at < ?", 1.hour.ago).lock.destroy_all
|
||||||
|
preprocessed.where("created_at < ?", 1.day.ago).lock.destroy_all
|
||||||
|
where("created_at < ?", 3.days.ago).lock.destroy_all
|
||||||
end
|
end
|
||||||
|
|
||||||
def self.visible(user)
|
def self.visible(user)
|
||||||
if user.is_admin?
|
if user.is_admin?
|
||||||
all
|
all
|
||||||
elsif user.is_member?
|
elsif user.is_member?
|
||||||
where(uploader: user)
|
completed.or(where(uploader: user))
|
||||||
else
|
else
|
||||||
none
|
completed
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
|
||||||
@@ -108,7 +111,7 @@ class Upload < ApplicationRecord
|
|||||||
return
|
return
|
||||||
end
|
end
|
||||||
|
|
||||||
DanbooruLogger.info("Uploads: Deleting files for upload md5=#{md5}", upload: as_json)
|
DanbooruLogger.info("Uploads: Deleting files for upload md5=#{md5}")
|
||||||
Danbooru.config.storage_manager.delete_file(nil, md5, file_ext, :original)
|
Danbooru.config.storage_manager.delete_file(nil, md5, file_ext, :original)
|
||||||
Danbooru.config.storage_manager.delete_file(nil, md5, file_ext, :large)
|
Danbooru.config.storage_manager.delete_file(nil, md5, file_ext, :large)
|
||||||
Danbooru.config.storage_manager.delete_file(nil, md5, file_ext, :preview)
|
Danbooru.config.storage_manager.delete_file(nil, md5, file_ext, :preview)
|
||||||
|
|||||||
@@ -1,6 +1,6 @@
|
|||||||
class UploadPolicy < ApplicationPolicy
|
class UploadPolicy < ApplicationPolicy
|
||||||
def show?
|
def show?
|
||||||
user.is_admin? || record.uploader_id == user.id
|
record.is_completed? || user.is_admin? || record.uploader_id == user.id
|
||||||
end
|
end
|
||||||
|
|
||||||
def batch?
|
def batch?
|
||||||
@@ -15,9 +15,19 @@ class UploadPolicy < ApplicationPolicy
|
|||||||
unbanned?
|
unbanned?
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def can_view_tags?
|
||||||
|
user.is_admin? || record.uploader_id == user.id
|
||||||
|
end
|
||||||
|
|
||||||
def permitted_attributes
|
def permitted_attributes
|
||||||
%i[file source tag_string rating status parent_id artist_commentary_title
|
%i[file source tag_string rating status parent_id artist_commentary_title
|
||||||
artist_commentary_desc referer_url
|
artist_commentary_desc referer_url
|
||||||
md5_confirmation as_pending translated_commentary_title translated_commentary_desc]
|
md5_confirmation as_pending translated_commentary_title translated_commentary_desc]
|
||||||
end
|
end
|
||||||
|
|
||||||
|
def api_attributes
|
||||||
|
attributes = super
|
||||||
|
attributes -= [:tag_string] unless can_view_tags?
|
||||||
|
attributes
|
||||||
|
end
|
||||||
end
|
end
|
||||||
|
|||||||
@@ -44,10 +44,12 @@
|
|||||||
<br>
|
<br>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|
||||||
<span class="info">
|
<% if policy(upload).can_view_tags? %>
|
||||||
<strong>Tags</strong>
|
<span class="info">
|
||||||
<%= TagSetPresenter.new(upload.tag_string.split).inline_tag_list_html %>
|
<strong>Tags</strong>
|
||||||
</span>
|
<%= TagSetPresenter.new(upload.tag_string.split).inline_tag_list_html %>
|
||||||
|
</span>
|
||||||
|
<% end %>
|
||||||
<% end %>
|
<% end %>
|
||||||
<% t.column "Uploader" do |upload| %>
|
<% t.column "Uploader" do |upload| %>
|
||||||
<%= link_to_user upload.uploader %>
|
<%= link_to_user upload.uploader %>
|
||||||
|
|||||||
@@ -5,7 +5,9 @@
|
|||||||
<ul>
|
<ul>
|
||||||
<li>Date: <%= @upload.created_at %></li>
|
<li>Date: <%= @upload.created_at %></li>
|
||||||
<li>Source: <%= @upload.source %></li>
|
<li>Source: <%= @upload.source %></li>
|
||||||
<li>Tags: <%= @upload.tag_string %></li>
|
<% if policy(@upload).can_view_tags? %>
|
||||||
|
<li>Tags: <%= @upload.tag_string %></li>
|
||||||
|
<% end %>
|
||||||
<% if @upload.md5.present? %>
|
<% if @upload.md5.present? %>
|
||||||
<li>MD5: <%= @upload.md5 %>
|
<li>MD5: <%= @upload.md5 %>
|
||||||
<% end %>
|
<% end %>
|
||||||
|
|||||||
@@ -947,8 +947,9 @@ class UploadServiceTest < ActiveSupport::TestCase
|
|||||||
|
|
||||||
should "delete stale upload records" do
|
should "delete stale upload records" do
|
||||||
@upload = as(@user) { UploadService.new(file: upload_file("test/files/test.jpg")).start! }
|
@upload = as(@user) { UploadService.new(file: upload_file("test/files/test.jpg")).start! }
|
||||||
|
@upload.update!(created_at: 1.month.ago)
|
||||||
|
|
||||||
assert_difference("Upload.count", -1) { Upload.prune!(0.seconds.ago) }
|
assert_difference("Upload.count", -1) { Upload.prune! }
|
||||||
end
|
end
|
||||||
|
|
||||||
should "delete unused files after deleting the upload" do
|
should "delete unused files after deleting the upload" do
|
||||||
|
|||||||
Reference in New Issue
Block a user