* Move old post archive tests to post version tests.
* Fix pool tests that assumed that multiple edits by the same user
weren't merged.
* Fix references to `is_active` and `notes` on artist model.
* Fix the pool version SQS service to always be mocked before every
test. Before we had to manually set it up before every test dealing
with pool versions.
* Fix it so that we reconnect to the post/pool version databases before
every test. Before using $ARCHIVE_DATABASE_URL to set the database url
failed because environment variables weren't loaded by dotenv yet when
connections were first established.
Side effects:
* The data-current-user-is-voter <body> attribute has been removed.
* {{upvote:self}} no longer works. {{upvote:<name>}} should be used instead.
Fix discrepancy between index action and show action. The index
action allowed members to see name changes for undeleted users, but the
show action didn't.
Also remove non-nullable and default options from migration. The column
didn't originally have these options so they shouldn't be added if the
migration is reverted.
Previously only actions that were marked member_only or above were
subject to IP ban restrictions. This meant that certain actions that
weren't marked member_only, like creating new accounts, could still be
done by IP banned users.
Now IP banned users can't do any non-GET actions, which means they're
not allowed to even login to their accounts.
* Move emails from users table to email_addresses table.
* Validate that addresses are formatted correctly and are unique across
users. Existing invalid emails are grandfathered in.
* Add is_verified flag (the address has been confirmed by the user).
* Add is_deliverable flag (an undeliverable address is an address that bounces).
* Normalize addresses to prevent registering multiple accounts with the
same email address (using tricks like Gmail's plus addressing).
The old password reset flow:
* User requests a password reset.
* Danbooru generates a password reset nonce.
* Danbooru emails user a password reset confirmation link.
* User follows link to password reset confirmation page.
* The link contains a nonce authenticating the user.
* User confirms password reset.
* Danbooru resets user's password to a random string.
* Danbooru emails user their new password in plaintext.
The new password reset flow:
* User requests a password reset.
* Danbooru emails user a password reset link.
* User follows link to password edit page.
* The link contains a signed_user_id param authenticating the user.
* User changes their own password.
