jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4,903 Commits 1 Branch 0 Tags
4c1949f1c853b60e6fbbb7f74641f19d5004a4a8
Commit Graph

4903 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Albert Yi
4c1949f1c8 add PATCH 2016-10-19 14:41:59 -07:00
Albert Yi
25028f0c7f increase api limit for platinum 2016-10-19 13:00:36 -07:00
Albert Yi
af55e6cf8a fix api limit display 2016-10-19 10:39:01 -07:00
Albert Yi
fb1cf5edbc Merge pull request #2726 from evazion/feat-log-tag-aliases+implications 
Log tag aliases+implications
 2016-10-19 10:07:08 -07:00
Albert Yi
4b8d014b2f fixes #2718: Twitter artist finding should not be case sensitive 2016-10-18 16:51:59 -07:00
Albert Yi
7cad4a3f68 normalized artist urls are always downcased 2016-10-18 16:32:35 -07:00
Albert Yi
e78b7d2a8c fixes #2716: Wiki pages should be undeletable 2016-10-18 15:45:50 -07:00
Albert Yi
2a5343b8cf add more intelligent js for artist forms 2016-10-18 14:56:40 -07:00
Albert Yi
2424f24fcd return 429 for too many requests instead of 421 2016-10-18 13:33:04 -07:00
Albert Yi
b17cd5bffc fix for sessionless api limits 2016-10-18 13:04:50 -07:00
evazion
29f3aef6b6 Log all tag alias/implication changes. 
Creates a mod action any time an alias or implication is changed. This
includes creations, edits to pending aliases/implications, deletions,
and approvals. Also it logs each status change from pending -> queued
-> processing -> approved.

Call are changed from `update_column` to `update` so that the
create_mod_action callback will run at every point in the lifecycle.
 2016-10-18 05:23:27 -05:00
evazion
5743166e25 Add a test case for implication requests. 2016-10-18 05:22:44 -05:00
r888888888
afa0dcae20 potential fix for alias/implication status bug 2016-10-18 00:25:55 -07:00
Albert Yi
87447a51c3 work on #2693 Separate API Limits by Writes/Reads 2016-10-17 16:37:11 -07:00
Albert Yi
ced7a34afa additional fixes for install script 2016-10-17 16:15:12 -07:00
Albert Yi
86af580445 increase random post mod queue length to 12 2016-10-17 15:53:51 -07:00
Albert Yi
c36d58f5f5 Merge pull request #2722 from evazion/fix-2721 
Fix missing JSON/XML templates, make more pages public (#2721)
 2016-10-17 14:47:01 -07:00
evazion
7c8557dbac Make more pages publicly accessible to logged out users. 
* /artist_commentaries
* /note_versions
* /post_appeals
* /post_flags
* /posts/1/events
* /super_voters
 2016-10-17 05:57:05 -05:00
evazion
7c6ba6a7c0 Add /delayed_jobs.json. 
Leave out `handler` because it's sensitive.
 2016-10-17 05:57:05 -05:00
evazion
af7abc2b38 Add missing JSON/XML responses. 
* GET    /bans.json
* GET    /bans/1.json
* GET    /ip_bans.json
* POST   /ip_bans.json
* DELETE /ip_bans.json
* GET    /mod_actions.json
* GET    /posts/1/events.json
* POST   /saved_searches.json
* DELETE /saved_searches/1.json
* GET    /super_voters.json
 2016-10-17 05:57:05 -05:00
Albert Yi
1d8341e1ac Merge pull request #2720 from evazion/fix-member-voting 
Prevent anon/banned/member users from voting (fix #2719)
 2016-10-13 22:13:08 -07:00
evazion
bd6ebceda3 Refactor post_approvers_only to approver_only. 
Don't duplicate code with post_approvers_only; use the approver_only?
method dynamically defined in `User::Roles.each do ... end`.
 2016-10-14 05:04:40 +00:00
evazion
d84184b5f1 Prevent anon/banned/member users from voting (fix #2719). 
There was a regression in 6d6d00b; `before_filter :voter_only` was a
no-op in the post vote controller because it merely returned false,
which does not halt the request. The fix is to arrange for a voter_only
method to be defined that properly redirects to the access denied page.
 2016-10-14 04:47:51 +00:00
evazion
5e75dcecea Add test cases for anon/banned/member voting. 2016-10-14 04:47:51 +00:00
Albert Yi
903eff5c24 update rails gem 2016-10-12 17:06:50 -07:00
Albert Yi
8d8511dc08 update rbenv ruby version 2016-10-12 16:46:29 -07:00
Albert Yi
11f911fd32 remove gctools dependency 2016-10-12 16:45:14 -07:00
Albert Yi
eaa0426c36 Merge pull request #2714 from evazion/fix-2704 
Fix mass assignment vuln to tag alias/implication status (partial fix for #2704).
 2016-10-11 17:48:26 -07:00
Albert Yi
3479ad89c6 readd postgresql-contrib package; add conditional check for postgresql version before compiling test_parser extension #2707 2016-10-11 17:46:37 -07:00
Albert Yi
2aae95623d Merge pull request #2713 from evazion/fix-2711 
Prevent reverting to foreign versions (fixes #2711).
 2016-10-11 17:28:44 -07:00
Albert Yi
6900efebd3 rename rbenv-version 2016-10-11 17:27:42 -07:00
evazion
7e3284c87f Fix mass assignment vuln to tag alias/implication status (2704). 2016-10-11 08:20:28 +00:00
evazion
789dede893 Tag aliases/implications: validate status and forum_topic_id. 
* Validates that status is active/pending/deleted/etc. Not strictly
  necessary, the controller prevents users from setting the status, but
  it doesn't hurt.
* Validates that forum_topic_id is a valid topic if it's present.
* Validates that approver_id and creator_id are valid users (not
  strictly necessary either, users can't set these values).
 2016-10-11 08:20:28 +00:00
evazion
101771adb8 Aliases/implications: Add tests for status and foreign keys. 2016-10-11 08:19:52 +00:00
evazion
c46b31aa9c Prevent reverting to foreign versions (fixes #2711). 2016-10-11 06:57:46 +00:00
evazion
80895ef46e Add tests for reverting to foreign versions. 2016-10-11 06:57:05 +00:00
Albert Yi
23ad02fa9c fix super voter test 2016-10-10 18:14:49 -07:00
Albert Yi
d5f02abf8c fix saved search test 2016-10-10 17:29:49 -07:00
Albert Yi
bf4397cbe4 update install script for ruby 2.3.1 2016-10-10 16:46:59 -07:00
Albert Yi
46beb247ea update ruby version to 2.3.1 2016-10-10 16:45:37 -07:00
Albert Yi
e496ac1ed6 adjustments to install script 2016-10-10 16:29:19 -07:00
Albert Yi
bdbc20cab4 Merge pull request #2710 from evazion/fix/2709 
Post#unvote!: Return correct score (fixes #2709).
 2016-10-10 12:20:51 -07:00
evazion
3838167dc0 Post#unvote!: Return correct score (fixes #2709). 
vote.destroy sets the score in the database but not on the in-memory
post. So just reload the post from the db to get the updated score,
don't duplicate the logic of setting it again.
 2016-10-08 09:07:41 +00:00
Type-kun
cc7d76b168 Fix ownership of secret files in install script (mentioned in #2705, #2515) 2016-10-07 17:03:06 +05:00
Albert Yi
d776f00003 create default preview + sample directories in install script 2016-10-06 11:20:42 -07:00
Albert Yi
c8f4508924 Merge pull request #2706 from evazion/fix-2704 
Partial fixes for #2704
 2016-10-06 10:37:42 -07:00
evazion
cb1e1d3a94 Prevent commenting on nonexistent posts (#2704). 2016-10-06 09:39:57 +00:00
evazion
8c8f4a6a8f Fix mass assignment vuln in comment update action (#2704). 
Prevents mass assignment of `post_id`, `do_not_bump_post`, and
`is_deleted`.
 2016-10-06 09:39:57 +00:00
evazion
ab5fd48280 Prevent mass assignment to Post#last_noted_at (#2704). 2016-10-06 09:39:57 +00:00
Albert Yi
6b6f78da57 Merge pull request #2703 from evazion/fix/bogus-twitter-artists 
Artist finder: Don't return bogus results for non-matching twitter artists
 2016-10-05 12:58:12 -07:00