jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
5,999 Commits 1 Branch 0 Tags
41b9a8a0443c3f0aa116d73794de273b490c2675
Commit Graph

1910 Commits

Author SHA1 Message Date
evazion
6645847857 Simplify User#role. 2016-12-29 15:56:48 -06:00
evazion
d2e9ff363b Fix bug preventing Platinum users from commenting. 
Bug:

Platinum users get this error when commenting:

    No route matches {:action=>"show", :controller=>"posts", :id=>nil}
    missing required keys: [:id]

Fix:

The issue was that `CurrentUser.role` was nil for Platinum users, which
caused `Comment.create(create_params, :as => CurrentUser.role)` to
silently ignore the create_params because the nil role wasn't in the
attr_accessible whitelist.

Despite this, things worked accidentally for other models because they
had `attr_accessible ..., :as => [:default]` in their whitelists where
the comment model didn't.
 2016-12-29 15:45:23 -06:00
Albert Yi
0ea7d78584 remove usage of vcr cassettes; delete unused fixtures; fix some broken unit tests 2016-12-28 15:47:28 -08:00
evazion
8d714820a4 Fix undefined method is_deleted?' for nil` on /post_appeals. 
Fix this exception:

    undefined method `is_deleted?' for nil:NilClass
    app/models/post_appeal.rb:72:in `resolved?'
    app/views/post_appeals/index.html.erb:23:in `block in _app_views_post_appeals_index_html_erb__2678117644687662585_70170674603580'
    app/views/post_appeals/index.html.erb:17:in `_app_views_post_appeals_index_html_erb__2678117644687662585_70170674603580'
    app/controllers/post_appeals_controller.rb:13:in `index'

that occurs on these pages:

    http://danbooru.donmai.us/post_appeals?limit=1&page=a2928
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2929
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2930
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2931
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2934
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2936
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2937
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2945
    http://danbooru.donmai.us/post_appeals?limit=1&page=a2949
 2016-12-27 21:33:44 -06:00
Albert Yi
2fef0cdef9 Merge pull request #2804 from evazion/feat-comment-as-mod 
Add option to comment as moderator (fix #2799)
 2016-12-27 11:49:36 -08:00
Albert Yi
0293d1d01c Update comment.rb 
allow Comment#for_creator to handle null user id case
 2016-12-27 11:32:41 -08:00
evazion
82e93b3c12 Allow downvoting admin comments. 2016-12-26 23:52:45 -06:00
evazion
1257639109 Add 'post as moderator' option for comments. 
* Add 'post as moderator' option to comment form. This creates a so-called sticky comment.
* Downvotes have no effect on stickied comments; they're always visible, regardless of comment thresholds.
* Only mods may sticky comments.
* Mods may sticky comments by other users.
 2016-12-26 23:52:45 -06:00
evazion
1b05d5068a Simplify Comment.for_creator_name. 2016-12-26 23:52:27 -06:00
evazion
9347f27059 /comments.json: add id param; allow id and post_id to take lists of ids. 2016-12-26 23:52:27 -06:00
evazion
69c50290a8 Include updater_name in /comments/1.json. 2016-12-26 23:52:27 -06:00
evazion
85011c9192 Fix "'archive_development' database is not configured." exception. 2016-12-26 23:52:27 -06:00
r888888888
2584646017 add additional formatting for delayed job listing 2016-12-24 18:00:40 -08:00
Albert Yi
5a1ac41450 eliminate transaction log items table 2016-12-21 15:00:59 -08:00
Albert Yi
62956be384 hide saved search functionality if not enabled 2016-12-21 14:53:39 -08:00
Albert Yi
ee4ebce4d7 support pool version archive 2016-12-21 11:43:46 -08:00
evazion
a92120e873 Fix #2785: Allow changing API key; require password to view or change key. 2016-12-18 06:30:48 -06:00
Albert Yi
dfb7a000a5 assign approver on failed bulk update requests to fix nil error 2016-12-08 11:49:38 -08:00
Albert Yi
deb62e0cdb smarter updates on saved searches on tag batch changes #2674 2016-12-05 17:22:07 -08:00
Albert Yi
bfa1ac63a4 fixes #2677: secure way of sharing dmails 2016-12-05 16:28:05 -08:00
Albert Yi
eddf2e59f0 change formatting for modactions on alias/implication update + add mod action for tag batch changes 2016-12-05 14:46:02 -08:00
Albert Yi
2605da1037 lower requirements for janitor trial 2016-12-05 12:09:50 -08:00
evazion
5302b804f1 Fix #2779: Erroneous pixiv_id parsed for novel/background/profile images 2016-12-04 02:04:44 -06:00
Albert Yi
d7c4c1f714 fix references to https for listbooru 2016-12-02 13:28:13 -08:00
Albert Yi
7aab50f726 remove old iqdb code 2016-12-02 13:21:56 -08:00
Albert Yi
ebedea99c1 fix urls for iqdb service 2016-11-30 15:20:26 -08:00
Albert Yi
428d4689d6 stub in support for iqdbs 2016-11-28 17:14:25 -08:00
Albert Yi
8ccc7c2251 Merge pull request #2777 from evazion/feat-normalize-yandere-sources 
Normalize yande.re sources from image URL -> html page URL.
 2016-11-28 12:03:40 -08:00
Albert Yi
5c761d4a60 Merge pull request #2775 from evazion/fix-user-feedbacks 
Prevent mods from editing/deleting feedbacks given to themselves.
 2016-11-28 12:02:47 -08:00
Albert Yi
4c0e44806c Merge pull request #2774 from evazion/fix-2771 
Fix #2771: Approving deleted image doesn't create mod action.
 2016-11-28 11:56:40 -08:00
evazion
1cce721114 Fix #2772: Topics set as mod+ can't be reverted to public ones. 2016-11-28 05:50:46 -06:00
evazion
f9aeb875db Normalize yande.re sources from image URL -> html page URL. 2016-11-28 05:04:02 -06:00
evazion
fa74c71b6d Prevent mods from editing/deleting feedbacks given to themselves. 2016-11-28 03:57:24 -06:00
evazion
0697af6d23 Fix #2771: Approving deleted image doesn't create mod action. 2016-11-28 02:50:07 -06:00
evazion
daf1324ab2 Refactor available_min_user_levels to view helper. 2016-11-28 01:36:59 -06:00
Albert Yi
67c374f272 fix relative links in at mentions 2016-11-18 11:42:49 -08:00
Albert Yi
0b9c1e1156 Merge pull request #2759 from evazion/fix-dmail-filters 
Don't filter dmails from moderators; fix dmail filter exploit.
 2016-11-14 16:27:17 -08:00
Albert Yi
536ba3c7ee fixes #2756: Have @Mentions Use Relative Instead of Absolute Links 2016-11-14 10:15:11 -08:00
evazion
47f663e002 Don't filter dmails from moderators (fix #2757). 2016-11-12 01:11:40 -06:00
evazion
a16b91e2bf Fix exploit allowing dmail filters to be set on other users. 
Exploit:

    curl \
      -u $USERNAME:$API_KEY \
      -X PUT "http://danbooru.donmai.us/maintenance/user/dmail_filter.json?dmail_id=1" \
      -d "dmail_filter[words]=owned&dmail_filter[user_id]=2"

...where dmail_id is any dmail you own (doesn't matter which) and user_id is the victim.
 2016-11-12 01:10:14 -06:00
Albert Yi
30899b7d3b Merge pull request #2753 from evazion/feat-autotag-cosplay 
Autotag character_(cosplay) -> character, cosplay.
 2016-11-11 16:48:30 -08:00
Albert Yi
ed6b48b0bc Merge pull request #2754 from evazion/fix-comment-selfvotes 
Prevent users from upvoting their own comments.
 2016-11-11 16:46:50 -08:00
Albert Yi
eb6746a8a8 additional checks on forum topic visibility 2016-11-07 10:48:04 -08:00
evazion
1047d7c96b Prevent users from upvoting their own comments. 2016-11-06 01:32:54 -06:00
evazion
f02a31a447 Autotag character_(cosplay) -> character, cosplay. 
Make e.g. hatsune_miku_(cosplay) automatically add hatsune_miku and cosplay.

Perform autotagging after aliasing so that *_(cosplay) aliases (e.g.
hestia_(dungeon)_(cosplay) -> hestia_(danmachi)_(cosplay)) can take
effect first.
 2016-11-04 23:37:28 -05:00
Albert Yi
4e48e80e1f stub in preview for bulk revert 2016-11-02 13:53:01 -07:00
Albert Yi
91793fff82 fixes #2731: Expunged posts should clear favorite groups 2016-11-01 13:44:36 -07:00
Albert Yi
2dbb869188 keep track of post approvals to prevent approval cycles 2016-10-31 17:51:44 -07:00
evazion
f46d055218 Fix AmbiguousColumn exception in /forum_posts?search[creator_id]=1 2016-10-31 17:11:52 -05:00
evazion
18d2d0b6b8 Fix private forum topic bumping for users below min level. 2016-10-30 18:00:26 -05:00