search: split tag_match into user_tag_match / system_tag_match.
When doing a tag search, we have to be careful about which user we're running the search as because the results depend on the current user. Specifically, things like private favorites, private favorite groups, post votes, saved searches, and flagger names depend on the user's permissions, and whether non-safe or deleted posts are filtered out depend on whether the user has safe mode on or the hide deleted posts setting enabled. * Refactor internal searches to explicitly state whether they're running as the system user (DanbooruBot) or as the current user. * Explicitly pass in the current user to PostQueryBuilder instead of implicitly relying on the CurrentUser global. * Get rid of CurrentUser.admin_mode? (used to ignore the hide deleted post setting) and CurrentUser.without_safe_mode (used to ignore safe mode). * Change the /counts/posts.json endpoint to ignore safe mode and the hide deleted posts settings when counting posts. * Fix searches not correctly overriding the hide deleted posts setting when multiple status: metatags were used (e.g. `status:banned status:active`) * Fix fast_count not respecting the hide deleted posts setting when the status:banned metatag was used.
This commit is contained in:
evazion
@@ -80,7 +80,7 @@ class PostsController < ApplicationController
|
||||
end
|
||||
|
||||
def random
|
||||
@post = Post.tag_match(params[:tags]).random
|
||||
@post = Post.user_tag_match(params[:tags]).random
|
||||
raise ActiveRecord::RecordNotFound if @post.nil?
|
||||
authorize @post
|
||||
respond_with(@post) do |format|
|
||||
|
||||
Reference in New Issue
Block a user