Add a dedicated queue for bulk update requests and process it using a
single worker. This prevents bulk updates from consuming all available
workers and preventing other job types from running.
This also effectively serializes bulk updates so that they're processed
one-at-a-time instead of in parallel. This will be slower overall but
may avoid some of the issues with indeterminate update order under
parallel updates.
Re-enable post view counts, post search counts, and missed search
counts. These were disabled in 89adf88d5 because of a bug caused by the
upgrade to rack-2.0.8 in a58dd83ad.
The bug was that rack-2.0.8 changed `session.id` to return a value of a
new wrapper type that doesn't respond to `to_s`. Previously it just
returned a string. Now we have to call `session[:session_id]` or
`session.id.public_id` to get a plain string. This was an undocumented
breaking change in rack-2.0.8 to fix CVE-2019-16782.
* Change minimum activity threshold to 30 approvals in 45 days.
* Exclude mods from losing privileges, not just admins.
* Fix undeletions of old posts not counting towards the activity threshold.
* Warn when renaming a wiki that still has links from other wikis.
* When renaming a wiki that still has posts, just show a warning instead
of returning an error and making the user confirm the rename.
Bug: Post.fast_count failed when Danbooru.config.estimate_post_counts
was enabled but the database didn't have any posts. This normally
happened only during testing.
Hide IP ban creation and deletion actions from non-mods in the
/mod_actions listing.
The previous approach of just filtering out the IP from the description
was hacky and didn't work with the `only` param (/mod_actions.json?only=id
still included the description field).
* Switch CloudflareService from HttpartyCache to Danbooru::Http.
* Purge cached urls from Cloudflare when a post is replaced and the md5
doesn't change. This happens when a corrupted image is replaced or
thumbnails are regenerated. Before we purged urls when a post was
expunged, which was unneeded because those urls can expire naturally.
It was also wrong because the subdomains were hardcoded, the urls used
http:// instead of https://, and we didn't account for tagged urls.
Remove the login reminder page. The meaning of "login reminder" wasn't
clear (it's for recovering a forgotten username) and the functionality
was redundant. The password reset page can already be used to recover
forgotten usernames.
There was also a privacy leak, since the login reminder page could be
used to find out whether a given email is in use on Danbooru.
* Replace /session/new with /login and /session/sign_out with /logout.
* Rename 'sign in' to 'login'.
This changes are to make urls cleaner and terminology more consistent.
The twitter gem had several problems:
* It's been unmaintained for over a year.
* It pulled in a lot of dependencies, many of which were outdated. In
particular, it locked the `http` gem to version 3.3, preventing us
from upgrading to 4.2.
* It raised exceptions on normal error conditions, like for deleted
tweets or suspended users, which we really don't want.
* We had to wrap it to provide caching.
Changes:
* Fixes#4226 (Exception when creating new artists entries for suspended
Twitter accounts)
* Drop support for scraping images from summary cards. Summary cards
are the previews you get when you link to a website in a tweet. These
preview images aren't always the best image.
