jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
617211f405c85db561a0b0f709397adf6535af21
danbooru/app/logical/current_user.rb
evazion f38c38f26e search: split tag_match into user_tag_match / system_tag_match. 
When doing a tag search, we have to be careful about which user we're
running the search as because the results depend on the current user.
Specifically, things like private favorites, private favorite groups,
post votes, saved searches, and flagger names depend on the user's
permissions, and whether non-safe or deleted posts are filtered out
depend on whether the user has safe mode on or the hide deleted posts
setting enabled.

* Refactor internal searches to explicitly state whether they're
  running as the system user (DanbooruBot) or as the current user.
* Explicitly pass in the current user to PostQueryBuilder instead of
  implicitly relying on the CurrentUser global.
* Get rid of CurrentUser.admin_mode? (used to ignore the hide deleted
  post setting) and CurrentUser.without_safe_mode (used to ignore safe
  mode).
* Change the /counts/posts.json endpoint to ignore safe mode and the
  hide deleted posts settings when counting posts.
* Fix searches not correctly overriding the hide deleted posts setting
  when multiple status: metatags were used (e.g. `status:banned status:active`)
* Fix fast_count not respecting the hide deleted posts setting when the
  status:banned metatag was used.
2020-05-07 03:29:44 -05:00

84 lines
1.4 KiB
Ruby
Raw Blame History

class CurrentUser
def self.scoped(user, ip_addr = "127.0.0.1")
old_user = self.user
old_ip_addr = self.ip_addr
self.user = user
self.ip_addr = ip_addr
begin
yield
ensure
self.user = old_user
self.ip_addr = old_ip_addr
end
end
def self.as(user_or_id, &block)
if user_or_id.is_a?(String) || user_or_id.is_a?(Integer)
user = ::User.find(user_or_id)
else
user = user_or_id
end
scoped(user, &block)
end
def self.as_system(&block)
if block_given?
scoped(::User.system, "127.0.0.1", &block)
else
self.user = User.system
self.ip_addr = "127.0.0.1"
end
end
def self.user
RequestStore[:current_user]
end
def self.user=(user)
RequestStore[:current_user] = user
end
def self.ip_addr
RequestStore[:current_ip_addr]
end
def self.ip_addr=(ip_addr)
RequestStore[:current_ip_addr] = ip_addr
end
def self.root_url
RequestStore[:current_root_url] || "https://#{Danbooru.config.hostname}"
end
def self.root_url=(root_url)
RequestStore[:current_root_url] = root_url
end
def self.id
if user.nil?
nil
else
user.id
end
end
def self.name
user.name
end
def self.safe_mode?
RequestStore[:safe_mode]
end
def self.safe_mode=(safe_mode)
RequestStore[:safe_mode] = safe_mode
end
def self.method_missing(method, *params, &block)
user.__send__(method, *params, &block)
end
end
Reference in New Issue View Git Blame Copy Permalink