edshot99/eBooru
1
0
Fork 0
forked from e621ng/e621ng
Code Issues 11 Releases 1 Activity
master2
eBooru/app/controllers/pools_controller.rb

91 lines
2.3 KiB
Ruby
Raw Permalink Normal View History

[RuboCop] Enable `Style/FrozenStringLiteralComment` This reduces allocations on the posts page by about 5%, from basic testing
2024-02-25 12:15:55 -05:00
# frozen_string_literal: true
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
class PoolsController < ApplicationController
Post flags/appeals/replacement update for remote: true
2020-02-14 01:39:57 -05:00
respond_to :html, :json
[Security] Implement read only mode (#821)
2024-12-08 22:28:31 -05:00
before_action :member_only, except: %i[index show gallery]
before_action :janitor_only, only: %i[destroy]
before_action :ensure_lockdown_disabled, except: %i[index show gallery]
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def new
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool = Pool.new
respond_with(@pool)
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def edit
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool = Pool.find(params[:id])
respond_with(@pool)
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def index
Raise error on unpermitted params. Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs
2018-04-02 13:51:26 -04:00
@pools = Pool.search(search_params).paginate(params[:page], :limit => params[:limit], :search_count => params[:search])
fixes #1108
2013-03-29 15:37:28 -04:00
respond_with(@pools) do |format|
eliminate usage of localstorage to cache tag autocomplete results (fixes #3543)
2018-05-16 19:39:31 -04:00
format.json do
fixes #3723
2018-05-24 13:18:16 -04:00
render json: @pools.to_json
add expiry parameter
2018-05-22 17:57:46 -04:00
expires_in params[:expiry].to_i.days if params[:expiry]
eliminate usage of localstorage to cache tag autocomplete results (fixes #3543)
2018-05-16 19:39:31 -04:00
end
fixes #1108
2013-03-29 15:37:28 -04:00
end
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
fixes #2245
2014-08-25 19:41:27 -04:00
def gallery
[Pools] Fix discrepancy between index page count and actual page count One was using `user.per_page`, the other config.posts_per_page. Consolidate this logic to `paginate_posts` to make it more obvious what's going on.
2024-04-04 16:52:49 -04:00
@pools = Pool.search(search_params).paginate_posts(params[:page], limit: params[:limit], search_count: params[:search])
fixes #2245
2014-08-25 19:41:27 -04:00
end
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def show
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool = Pool.find(params[:id])
[Pools] Fix show/gallery for frozen string literals Get rid of the presenters/post sets.
2024-02-25 05:38:55 -05:00
respond_with(@pool) do |format|
format.html do
[Pools] Fix discrepancy between index page count and actual page count One was using `user.per_page`, the other config.posts_per_page. Consolidate this logic to `paginate_posts` to make it more obvious what's going on.
2024-04-04 16:52:49 -04:00
@posts = @pool.posts.paginate_posts(params[:page], limit: params[:limit], total_count: @pool.post_ids.count)
[Pools] Fix show/gallery for frozen string literals Get rid of the presenters/post sets.
2024-02-25 05:38:55 -05:00
end
end
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def create
Raise error on unpermitted params. Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs
2018-04-02 13:51:26 -04:00
@pool = Pool.create(pool_params)
pools: strip leading/trailing, consecutive underscores in names (fix #3263).
2017-08-10 19:16:50 -04:00
flash[:notice] = @pool.valid? ? "Pool created" : @pool.errors.full_messages.join("; ")
fixes #1713
2013-07-11 21:14:18 -04:00
respond_with(@pool)
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def update
fixes #79: When you remove a post from a pool, the post still shows the pool in its left sidebar
2011-09-15 19:15:10 -04:00
# need to do this in order for synchronize! to work correctly
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool = Pool.find(params[:id])
Raise error on unpermitted params. Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs
2018-04-02 13:51:26 -04:00
@pool.attributes = pool_params
fixes #79: When you remove a post from a pool, the post still shows the pool in its left sidebar
2011-09-15 19:15:10 -04:00
@pool.save
fix #2239
2015-05-02 11:12:30 -04:00
unless @pool.errors.any?
flash[:notice] = "Pool updated"
end
fixes #1713
2013-07-11 21:14:18 -04:00
respond_with(@pool)
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def destroy
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool = Pool.find(params[:id])
fixes #131: Unable to delete pools
2011-10-15 22:36:43 -04:00
if !@pool.deletable_by?(CurrentUser.user)
raise User::PrivilegeError
end
fixes #1561
2013-05-20 08:42:15 -04:00
@pool.create_mod_action_for_delete
[Pools] Allow pool deletion And have it actually do something
2020-09-17 19:40:21 -04:00
@pool.destroy
fixes #1713
2013-07-11 21:14:18 -04:00
flash[:notice] = "Pool deleted"
respond_with(@pool)
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Kill trailing whitespace in ruby files
2013-03-19 08:10:10 -04:00
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
def revert
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool = Pool.find(params[:id])
Prevent reverting to foreign versions (fixes #2711).
2016-10-10 06:24:49 -04:00
@version = @pool.versions.find(params[:version_id])
stubbed in pool controller test
2011-01-20 18:30:36 -05:00
@pool.revert_to!(@version)
fixes #1916
2013-09-04 20:34:33 -04:00
flash[:notice] = "Pool reverted"
fixes #1429
2013-04-30 19:54:00 -04:00
respond_with(@pool) do |format|
format.js
end
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Raise error on unpermitted params. Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs
2018-04-02 13:51:26 -04:00
private
def pool_params
application record: add array_attribute method. Add `array_attribute` method that defines helper methods for converting array attributes to or from strings.
2018-11-13 17:25:45 -05:00
permitted_params = %i[name description category is_active post_ids post_ids_string]
pools: store post_ids as array instead of string (fix #3979)
2018-11-08 12:32:58 -05:00
params.require(:pool).permit(*permitted_params, post_ids: [])
Raise error on unpermitted params. Fail loudly if we forget to whitelist a param instead of silently ignoring it. misc models: convert to strong params. artist commentaries: convert to strong params. * Disallow changing or setting post_id to a nonexistent post. artists: convert to strong params. * Disallow setting `is_banned` in create/update actions. Changing it this way instead of with the ban/unban actions would leave the artist in a partially banned state. bans: convert to strong params. * Disallow changing the user_id after the ban has been created. comments: convert to strong params. favorite groups: convert to strong params. news updates: convert to strong params. post appeals: convert to strong params. post flags: convert to strong params. * Disallow users from setting the `is_deleted` / `is_resolved` flags. ip bans: convert to strong params. user feedbacks: convert to strong params. * Disallow users from setting `disable_dmail_notification` when creating feedbacks. * Disallow changing the user_id after the feedback has been created. notes: convert to strong params. wiki pages: convert to strong params. * Also fix non-Builders being able to delete wiki pages. saved searches: convert to strong params. pools: convert to strong params. * Disallow setting `post_count` or `is_deleted` in create/update actions. janitor trials: convert to strong params. post disapprovals: convert to strong params. * Factor out quick-mod bar to shared partial. * Fix quick-mod bar to use `Post#is_approvable?` to determine visibility of Approve button. dmail filters: convert to strong params. password resets: convert to strong params. user name change requests: convert to strong params. posts: convert to strong params. users: convert to strong params. * Disallow setting password_hash, last_logged_in_at, last_forum_read_at, has_mail, and dmail_filter_attributes[user_id]. * Remove initialize_default_image_size (dead code). uploads: convert to strong params. * Remove `initialize_status` because status already defaults to pending in the database. tag aliases/implications: convert to strong params. tags: convert to strong params. forum posts: convert to strong params. * Disallow changing the topic_id after creating the post. * Disallow setting is_deleted (destroy/undelete actions should be used instead). * Remove is_sticky / is_locked (nonexistent attributes). forum topics: convert to strong params. * merges https://github.com/evazion/danbooru/tree/wip-rails-5.1 * lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4) * switch to factorybot and change all references Co-authored-by: r888888888 <r888888888@gmail.com> Co-authored-by: evazion <noizave@gmail.com> add diffs
2018-04-02 13:51:26 -04:00
end
[Security] Implement read only mode (#821)
2024-12-08 22:28:31 -05:00
def ensure_lockdown_disabled
access_denied if Security::Lockdown.pools_disabled? && !CurrentUser.is_staff?
end
stubbed in blank controllers/helpers/functional tests
2010-03-10 18:21:43 -05:00
end
Reference in New Issue Copy Permalink