jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
4,889 Commits 1 Branch 0 Tags
ced7a34afad07f1d446bed24e37844a8ce964708
Commit Graph

1533 Commits

Author SHA1 Message Date
evazion
bd6ebceda3 Refactor post_approvers_only to approver_only. 
Don't duplicate code with post_approvers_only; use the approver_only?
method dynamically defined in `User::Roles.each do ... end`.
 2016-10-14 05:04:40 +00:00
evazion
d84184b5f1 Prevent anon/banned/member users from voting (fix #2719). 
There was a regression in 6d6d00b; `before_filter :voter_only` was a
no-op in the post vote controller because it merely returned false,
which does not halt the request. The fix is to arrange for a voter_only
method to be defined that properly redirects to the access denied page.
 2016-10-14 04:47:51 +00:00
evazion
5e75dcecea Add test cases for anon/banned/member voting. 2016-10-14 04:47:51 +00:00
Albert Yi
eaa0426c36 Merge pull request #2714 from evazion/fix-2704 
Fix mass assignment vuln to tag alias/implication status (partial fix for #2704).
 2016-10-11 17:48:26 -07:00
evazion
7e3284c87f Fix mass assignment vuln to tag alias/implication status (2704). 2016-10-11 08:20:28 +00:00
evazion
789dede893 Tag aliases/implications: validate status and forum_topic_id. 
* Validates that status is active/pending/deleted/etc. Not strictly
  necessary, the controller prevents users from setting the status, but
  it doesn't hurt.
* Validates that forum_topic_id is a valid topic if it's present.
* Validates that approver_id and creator_id are valid users (not
  strictly necessary either, users can't set these values).
 2016-10-11 08:20:28 +00:00
evazion
c46b31aa9c Prevent reverting to foreign versions (fixes #2711). 2016-10-11 06:57:46 +00:00
evazion
3838167dc0 Post#unvote!: Return correct score (fixes #2709). 
vote.destroy sets the score in the database but not on the in-memory
post. So just reload the post from the db to get the updated score,
don't duplicate the logic of setting it again.
 2016-10-08 09:07:41 +00:00
evazion
cb1e1d3a94 Prevent commenting on nonexistent posts (#2704). 2016-10-06 09:39:57 +00:00
evazion
ab5fd48280 Prevent mass assignment to Post#last_noted_at (#2704). 2016-10-06 09:39:57 +00:00
Albert Yi
6b6f78da57 Merge pull request #2703 from evazion/fix/bogus-twitter-artists 
Artist finder: Don't return bogus results for non-matching twitter artists
 2016-10-05 12:58:12 -07:00
Albert Yi
4bdca44f2e Merge pull request #2702 from evazion/fix/set-admin-permissions 
Give full permissions to the starting admin.
 2016-10-05 12:46:26 -07:00
evazion
98f16b7105 Artist finder: Don't return bogus results for non-matching twitter artists. 2016-10-05 08:13:27 +00:00
evazion
e86a7ae957 Give approve/upload/supervoter permissions to first admin. 2016-10-05 02:15:04 +00:00
evazion
c3b55e80c5 Make default user level and settings configurable. 
Remove start_as_gold? and start_as_contributor? from default config
because they don't actually do anything. `git log -G start_as` indicates
they never have done anything.

Add a more general customize_new_user method for setting the starting
user level, permissions and defaults for any other settings.
 2016-10-05 01:39:08 +00:00
evazion
d38e83cd00 Refactor Post#parse_pixiv_id to use illust_id_from_url (fix #2695). 
* Make illust_id_from_url a public class method instead of a protected
  instance method so that Post#parse_pixiv_id can use it.
* Also make illust_id_from_url swallow the exception that
  illust_id_from_url! throws so that parse_pixiv_id can use it.
 2016-10-03 02:29:45 +00:00
r888888888
7bc8104304 remove ref to is_janitor 2016-09-29 11:54:17 -07:00
r888888888
859efe026c Merge branch 'pixiv-whitecube' 2016-09-28 11:36:32 -07:00
r888888888
fc7afd44ea refactor source pixiv test 
refactor pixiv download tests
refactor upload test
refactor nico seiga test
refactor twitter tests
 2016-09-28 11:25:29 -07:00
Albert Yi
d86e7b1065 Merge pull request #2679 from r888888888/quoted_source 
Allow quoted source: metatag, allow source: metatag when editing posts
 2016-09-27 15:33:45 -07:00
r888888888
20779d52d0 final fix for #2688: Artists are uneditable 2016-09-26 12:02:35 -07:00
r888888888
46b8ce06bc increase super voter limit 2016-09-25 14:56:19 -07:00
Albert Yi
c776fb478a Revert "Index and form for bit preferences" 2016-09-23 16:21:09 -07:00
Type-kun
e7586f4e4a Add is_banned to user search params 2016-09-23 11:52:43 -07:00
Type-kun
2e4385b6cd Change user prefs search logic to use index (#2644) 
Sadly, array index failed to cover "unset bits" case,
so excluded bits are merged into bigint, and &'d with column,
which turned out more readable and simpler than bit string.
 2016-09-23 11:52:43 -07:00
r888888888
09ec2dfc08 remove anti voters, extend post vote lifetime to 90 days, add minimum score threshold for super voters 2016-09-23 11:03:09 -07:00
r888888888
b2e6a8f031 add antivoters (no behavior yet) 2016-09-19 16:47:55 -07:00
r888888888
bf2246f895 move vote similarity code into danbooru, add listing for super voters 2016-09-19 16:43:29 -07:00
Type-kun
02b8f37515 Allow source:"text with spaces", also allow source: for post edit 2016-09-19 19:33:21 +05:00
Type-kun
a718560554 Initial support for #2677 2016-09-17 16:42:00 +05:00
r888888888
ab6b5e49fe addresses #2674: aliases+updates should migrate saved searches 2016-09-14 18:48:45 -07:00
r888888888
70fef49e81 add saved search category change ui 2016-09-11 01:37:10 -07:00
r888888888
1f3515817c fix bug with empty string saved search categories 2016-09-11 01:10:09 -07:00
Type-kun
42f3a4a554 Initial support for #2644 2016-09-11 01:06:27 +05:00
r888888888
20cd6076a1 fixes #2660: Support approver:any and approver:none metatags 2016-09-09 14:30:35 -07:00
Type-kun
8998babd41 Fix #2665: nil exception in /artist_versions 2016-09-10 00:40:17 +05:00
r888888888
c10176e64d add upvote and downvote metatags 2016-09-08 17:48:50 -07:00
r888888888
e56d71a7d2 change super voter to look at recent votes instead 2016-09-08 17:21:46 -07:00
Type-kun
62773852f7 Add automatic APNG detection (#2237) 2016-09-08 00:48:39 +05:00
Type-kun
66f0e71c3d Fix duplicate saved search categories in user profile 2016-08-31 00:18:41 +05:00
Type-kun
23f4232bd2 Style obsolete artist changes (fixes #1171) 2016-08-28 23:12:35 +05:00
Type-kun
92b5e5e00d Display supervoter pref in API and CSS (#2641) 2016-08-27 16:11:48 +05:00
Type-kun
d5fb37f675 Display flag creator ID in API for Mod+ 
Completely fixes #2640
 2016-08-26 23:18:11 +05:00
Type-kun
ffbf6b6fa0 Display user permissions in API results 
Fixes #2640
 2016-08-26 21:51:33 +05:00
r888888888
f41c362bf4 keep better track of per-user ip addrs 2016-08-24 15:58:22 -07:00
r888888888
c3b78b1752 add user searches 2016-08-23 18:20:21 -07:00
r888888888
52a2add18c add check if google apis are enabled 2016-08-22 16:10:20 -07:00
r888888888
0a65302f12 remove uniqueness constraint on postupdates 2016-08-22 16:09:20 -07:00
r888888888
d0bbe27217 include saved searches section in user profiles 2016-08-22 14:59:43 -07:00
r888888888
1eb335474c fix saved search method 2016-08-22 13:57:09 -07:00