jaculabilis/danbooru
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Files
e4e79c027efcb6bfbcbb85b382bf5f54291900fd
danbooru/app/models/artist_commentary.rb
r888888888 abce4d2551 Raise error on unpermitted params. 
Fail loudly if we forget to whitelist a param instead of silently
ignoring it.

misc models: convert to strong params.

artist commentaries: convert to strong params.

* Disallow changing or setting post_id to a nonexistent post.

artists: convert to strong params.

* Disallow setting `is_banned` in create/update actions. Changing it
  this way instead of with the ban/unban actions would leave the artist in
  a partially banned state.

bans: convert to strong params.

* Disallow changing the user_id after the ban has been created.

comments: convert to strong params.

favorite groups: convert to strong params.

news updates: convert to strong params.

post appeals: convert to strong params.

post flags: convert to strong params.

* Disallow users from setting the `is_deleted` / `is_resolved` flags.

ip bans: convert to strong params.

user feedbacks: convert to strong params.

* Disallow users from setting `disable_dmail_notification` when creating feedbacks.
* Disallow changing the user_id after the feedback has been created.

notes: convert to strong params.

wiki pages: convert to strong params.

* Also fix non-Builders being able to delete wiki pages.

saved searches: convert to strong params.

pools: convert to strong params.

* Disallow setting `post_count` or `is_deleted` in create/update actions.

janitor trials: convert to strong params.

post disapprovals: convert to strong params.

* Factor out quick-mod bar to shared partial.
* Fix quick-mod bar to use `Post#is_approvable?` to determine visibility
  of Approve button.

dmail filters: convert to strong params.

password resets: convert to strong params.

user name change requests: convert to strong params.

posts: convert to strong params.

users: convert to strong params.

* Disallow setting password_hash, last_logged_in_at, last_forum_read_at,
  has_mail, and dmail_filter_attributes[user_id].

* Remove initialize_default_image_size (dead code).

uploads: convert to strong params.

* Remove `initialize_status` because status already defaults to pending
  in the database.

tag aliases/implications: convert to strong params.

tags: convert to strong params.

forum posts: convert to strong params.

* Disallow changing the topic_id after creating the post.
* Disallow setting is_deleted (destroy/undelete actions should be used instead).
* Remove is_sticky / is_locked (nonexistent attributes).

forum topics: convert to strong params.

* merges https://github.com/evazion/danbooru/tree/wip-rails-5.1
* lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4)
* switch to factorybot and change all references

Co-authored-by: r888888888 <r888888888@gmail.com>
Co-authored-by: evazion <noizave@gmail.com>

add diffs
2018-04-06 18:09:57 -07:00

167 lines
5.2 KiB
Ruby
Raw Blame History

class ArtistCommentary < ApplicationRecord
class RevertError < Exception ; end
attr_accessor :remove_commentary_tag, :remove_commentary_request_tag, :remove_commentary_check_tag
attr_accessor :add_commentary_tag, :add_commentary_request_tag, :add_commentary_check_tag
before_validation :trim_whitespace
validates_uniqueness_of :post_id
belongs_to :post, required: true
has_many :versions, lambda {order("artist_commentary_versions.id ASC")}, :class_name => "ArtistCommentaryVersion", :dependent => :destroy, :foreign_key => :post_id, :primary_key => :post_id
has_one :previous_version, lambda {order(id: :desc)}, :class_name => "ArtistCommentaryVersion", :foreign_key => :post_id, :primary_key => :post_id
after_save :create_version
after_commit :tag_post
module SearchMethods
def text_matches(query)
query = "*#{query}*" unless query =~ /\*/
escaped_query = query.to_escaped_for_sql_like
where("original_title ILIKE ? ESCAPE E'\\\\' OR original_description ILIKE ? ESCAPE E'\\\\' OR translated_title ILIKE ? ESCAPE E'\\\\' OR translated_description ILIKE ? ESCAPE E'\\\\'", escaped_query, escaped_query, escaped_query, escaped_query)
end
def post_tags_match(query)
PostQueryBuilder.new(query).build(self.joins(:post)).reorder("")
end
def deleted
where(original_title: "", original_description: "", translated_title: "", translated_description: "")
end
def undeleted
where("original_title != '' OR original_description != '' OR translated_title != '' OR translated_description != ''")
end
def search(params)
q = super
if params[:text_matches].present?
q = q.text_matches(params[:text_matches])
end
if params[:post_id].present?
q = q.where(post_id: params[:post_id].split(",").map(&:to_i))
end
if params[:original_present] == "yes"
q = q.where("(original_title != '') or (original_description != '')")
elsif params[:original_present] == "no"
q = q.where("(original_title = '') and (original_description = '')")
end
if params[:translated_present] == "yes"
q = q.where("(translated_title != '') or (translated_description != '')")
elsif params[:translated_present] == "no"
q = q.where("(translated_title = '') and (translated_description = '')")
end
if params[:post_tags_match].present?
q = q.post_tags_match(params[:post_tags_match])
end
q = q.deleted if params[:is_deleted] == "yes"
q = q.undeleted if params[:is_deleted] == "no"
q.apply_default_order(params)
end
end
def trim_whitespace
self.original_title = original_title.gsub(/\A[[:space:]]+|[[:space:]]+\z/, "")
self.translated_title = translated_title.gsub(/\A[[:space:]]+|[[:space:]]+\z/, "")
self.original_description = original_description.gsub(/\A[[:space:]]+|[[:space:]]+\z/, "")
self.translated_description = translated_description.gsub(/\A[[:space:]]+|[[:space:]]+\z/, "")
end
def original_present?
original_title.present? || original_description.present?
end
def translated_present?
translated_title.present? || translated_description.present?
end
def any_field_present?
original_present? || translated_present?
end
def tag_post
if remove_commentary_tag == "1"
post.remove_tag("commentary")
end
if add_commentary_tag == "1"
post.add_tag("commentary")
end
if remove_commentary_request_tag == "1"
post.remove_tag("commentary_request")
end
if add_commentary_request_tag == "1"
post.add_tag("commentary_request")
end
if remove_commentary_check_tag == "1"
post.remove_tag("check_commentary")
end
if add_commentary_check_tag == "1"
post.add_tag("check_commentary")
end
post.save if post.saved_change_to_tag_string?
end
module VersionMethods
def create_version
return unless saved_changes?
if merge_version?
merge_version
else
create_new_version
end
end
def merge_version?
previous_version && previous_version.updater == CurrentUser.user && previous_version.updated_at > 1.hour.ago
end
def merge_version
previous_version.update(
original_title: original_title,
original_description: original_description,
translated_title: translated_title,
translated_description: translated_description,
)
end
def create_new_version
versions.create(
:original_title => original_title,
:original_description => original_description,
:translated_title => translated_title,
:translated_description => translated_description
)
end
def revert_to(version)
if post_id != version.post_id
raise RevertError.new("You cannot revert to a previous artist commentary of another post.")
end
self.original_description = version.original_description
self.original_title = version.original_title
self.translated_description = version.translated_description
self.translated_title = version.translated_title
end
def revert_to!(version)
revert_to(version)
save!
end
end
extend SearchMethods
include VersionMethods
end
Reference in New Issue View Git Blame Copy Permalink