Fix discrepancy between index action and show action. The index
action allowed members to see name changes for undeleted users, but the
show action didn't.
In related tags, remove the (X) button next to artist urls for marking
them as inactive. This was broken because it didn't record the change
to the is_active flag in the artist history.
- Use the current comparison type for post versions instead
- Also add the note versions as a report
- No other versions are meaningful as reports since it is expected
for them to be modified by other users, or they don't have version
numbers as is the case with artist commentaries
- The types are:
-- Previous: The default and the previously used type
-- Subsequent: Compares against the next version
-- Current: Compares against the current version
- Allow switching between comparison types in index and diff views
-- Have links vary depending upon current comparison type
Previously only actions that were marked member_only or above were
subject to IP ban restrictions. This meant that certain actions that
weren't marked member_only, like creating new accounts, could still be
done by IP banned users.
Now IP banned users can't do any non-GET actions, which means they're
not allowed to even login to their accounts.
* Move emails from users table to email_addresses table.
* Validate that addresses are formatted correctly and are unique across
users. Existing invalid emails are grandfathered in.
* Add is_verified flag (the address has been confirmed by the user).
* Add is_deliverable flag (an undeliverable address is an address that bounces).
* Normalize addresses to prevent registering multiple accounts with the
same email address (using tricks like Gmail's plus addressing).
The old password reset flow:
* User requests a password reset.
* Danbooru generates a password reset nonce.
* Danbooru emails user a password reset confirmation link.
* User follows link to password reset confirmation page.
* The link contains a nonce authenticating the user.
* User confirms password reset.
* Danbooru resets user's password to a random string.
* Danbooru emails user their new password in plaintext.
The new password reset flow:
* User requests a password reset.
* Danbooru emails user a password reset link.
* User follows link to password edit page.
* The link contains a signed_user_id param authenticating the user.
* User changes their own password.
* Fix users being redirected back to the change password page after
successfully changing their password.
* Move passwords controller out of /maintenance/ namespace.
* Add tests.
Fix Tag.search to not filter out empty tags by default. Set the default
in the tags controller instead.
Fixes various search pages, namely aliases/implications/wiki pages, that
rely on Tag.search and that don't expect it to filter tags out by default.
Rename is_active to is_deleted. This is for better consistency with
other models, and to reduce confusion over what "active" means for
artists. Sometimes users think active is for whether the artist is
actively producing work.
Regardless of category or query. This meant that the category value
had to be passed in as either null or the value itself for both types
of functions. It also fixes an issue where the category wasn't settable
on the pattern matching type.
* Add options for changing the order of the modqueue (newest first,
oldest first, highest scoring first, lowest scoring first).
* Change the default order from oldest posts first to most recently
flagged or uploaded posts first.
* Add an order:modqueue metatag to order by most recently flagged or
uploaded in standard searches.
Add a sidebar to the modqueue page that shows the following information:
* Number of pending and flagged posts.
* Number of posts disapproved for poor quality or breaking rules.
* Top uploaders in the queue.
* Top artist, copyright, and character tags in the queue.
* Include appeals and flags.
* Avoid an existence query for pools.
* Avoid a query checking if the user has previously approved the post.
This is a rare condition and it will be prevented anyway if the user
tries to reapprove the post.
Remove the nag message when an approver hasn't approved anything
recently. Also remove the modqueue random posts page. As of 3d410398a,
inactive approvers are now warned via dmails.
Refactor tag scripts to fix multiple issues:
* Errors during tag scripting didn't show the actual error message, just
a generic "There was an error updating post #NNN" message.
* The quick edit form didn't show any error messages at all on failure.
* Thumbnails didn't have all their data attributes properly updated
after the post was updated.
This changes it so that thumbnails have their html fully replaced after
updating. This has the side effect of removing event handlers bound
directly to the thumbnail. A `danbooru:post-preview-updated` event is
fired in case userscripts need to detect when thumbnails are updated.
Add a curated posts page at /explore/posts/curated. Curated posts are
the most favorited posts by contributor-level users (users with
unlimited upload permissions).
Also add an order:curated tag using for use in regular searches.
* Fix the next button for the weekly timescale to jump to the next week,
not the next day.
* Show the start and end dates for the weekly timescale.
* Use `Time.zone.today` instead of `Date.today` to respect the user's
timezone setting.
Set the sender name and IP addresses explicitly in the controller rather
than implicitly in the model.
Fixes cases where automated dmails from DanbooruBot had their IP
addresses set to the person who triggered the dmail, even though they
didn't actually send the dmail themselves.
Make searches on the /tags index includes aliases too. Show matching
aliases like this:
Name: gray*
? 75098 grey_hair <- gray_hair
? 35345 grey_eyes <- gray_eyes
Remove the edit, update, and approve endpoints for tag aliases and
implications. These have been useless since individual alias and
implication requests were removed. Aliases and implications could only
be edited or approved if they were in the pending state, which is no
longer possible.
Also remove unused new alias/implication request forms.
