Fixes parallel tests failing because uploads for different tests were
stored in the same directory and uploads got clobbered when cleaning up
this directory.
`User.find_or_create_by!` calls `User.name_matches` during username
validation, which triggers a deprecation warning for some reason:
DEPRECATION WARNING: Class level methods will no longer inherit scoping
from `create!` in Rails 6.1. To continue using the scoped relation,
pass it into the block directly. To instead access the full set of
models, as Rails 6.1 will, use `User.default_scoped`.
Add minitest-reporters gem. Replace the default output of `bin/rails
test` with a progress bar. The default output just emits periods for
passed tests, which makes it hard to tell how long tests will take and
causes test runner output on Github to appear to hang. The web console
on Github is line buffered, but the default test runner doesn't normally
emit newlines (unless a test fails), so the output can hang for a long
time.
Store the app in /home/danbooru/app instead of in /app so that we have
permission to write inside the app dir. /app was owned by root, which
prevented the danbooru user from writing to it.
Bug: Replacing posts hosted on cdn.donmai.us didn't work.
Cause: Original files on cdn.donmai.us are hosted under /var/www/danbooru/original/, but replacements
were trying to store them directly under /var/www/danbooru, which failed with a permission error.
We were trying to store them in the wrong directory because we didn't respect the `original_subdir`
option when generating file paths.
Refactor models so that we define attribute API permissions in policy
files instead of directly in models.
This is cleaner because a) permissions are better handled by policies
and b) which attributes are visible to the API is an API-level concern
that models shouldn't have to care about.
This fixes an issue with not being able to precompile CSS/JS assets
unless the database was up and running. This was a problem when building
Docker images because we don't have a database at build time. We needed
the database because `api_attributes` was a class-level macro in some
places, which meant it ran at boot time, but this triggered a database
call because api_attributes used database introspection to get the list
of allowed API attributes.
Notes are not given percent coordinates when created, however moving
or resizing would update the coordinates to percentage. This is why
it was appearing as if the type of coordinates given were random.
* Inline Javascript in the <head> is a minor bottleneck because it
blocks page rendering.
* Fix antiproxying protection (proxy sites like to strip <script> tags
from the header).
Don't embed config options directly in Javascript. Including them in the
Javascript forces us to recompile the Javascript whenever these options
change, which requires us to redeploy the entire site instead of just
restarting the app server.
* Remove `banned_ip_for_download?` config option. This isn't something that usually needs
to be configured.
* Replace the `ipaddress` gem with `ipaddress_2`. The `ipaddress` gem has several methods
we need (`link_local?`, etc) that are only available in master because the gem hasn't had
an official release in several years. `ipaddress_2` is a fork that is more actively
maintained.
