Having a distinct level for user verification proved to be rather
problematic for code flow and introduced an extra level below
blocked. Since it makes the account unusable until activated
it made sense to use an extra field and stop messing with user
levels explicitly.
This should also make tests a lot easier to deal with because it
doesn't require any changing of the user level.
This replaces the old simple versioning helper that existed on
e621. The implementaiton is roughly the same but has been updated
to use newer rails methods.
No, it's not very flexible, but it didn't need to be.
While the logic was not particularly complex or spread out it was
made more complicated by the models being dependant on one another.
This creates a central entry point for voting and favorites and
coordinates all transactions.
TODO: upvote/downvote/fav metatags in tag section result in an error
because they attempt to change the transaction isolation mode during
an outer transaction.
Add links to report items to all of the reportable areas of the
site.
Fix a lot of errors surrounding views and bad expectations from
the old codebase.
Change how dmails can be viewed to match the old logic. This prevents
users from creating links to their own dmails that can be shared with
moderators, and instead forces them to be reported.
Sets are still not implemented, so the reporting area for them has
not been tested or revised. That will happen at a later phase when
sets go in.
The distinction between file deletion and banning is pretty weird
and there are a bunch of edge cases that make this not worth
trying to maintain a distinction.
Left in the automatic implication code on banned artists because
it looked useful for automating some of the basic tasks that are
done surrounding DNP artists.
It is desirable for administrators to be able to shape what tags
can and can not be applied to specific posts to cut down on how
many tickets need to be handled about tag vandalism.
TODO: Tell users which tags were not updated if they hit any
locked tags.
Fail loudly if we forget to whitelist a param instead of silently
ignoring it.
misc models: convert to strong params.
artist commentaries: convert to strong params.
* Disallow changing or setting post_id to a nonexistent post.
artists: convert to strong params.
* Disallow setting `is_banned` in create/update actions. Changing it
this way instead of with the ban/unban actions would leave the artist in
a partially banned state.
bans: convert to strong params.
* Disallow changing the user_id after the ban has been created.
comments: convert to strong params.
favorite groups: convert to strong params.
news updates: convert to strong params.
post appeals: convert to strong params.
post flags: convert to strong params.
* Disallow users from setting the `is_deleted` / `is_resolved` flags.
ip bans: convert to strong params.
user feedbacks: convert to strong params.
* Disallow users from setting `disable_dmail_notification` when creating feedbacks.
* Disallow changing the user_id after the feedback has been created.
notes: convert to strong params.
wiki pages: convert to strong params.
* Also fix non-Builders being able to delete wiki pages.
saved searches: convert to strong params.
pools: convert to strong params.
* Disallow setting `post_count` or `is_deleted` in create/update actions.
janitor trials: convert to strong params.
post disapprovals: convert to strong params.
* Factor out quick-mod bar to shared partial.
* Fix quick-mod bar to use `Post#is_approvable?` to determine visibility
of Approve button.
dmail filters: convert to strong params.
password resets: convert to strong params.
user name change requests: convert to strong params.
posts: convert to strong params.
users: convert to strong params.
* Disallow setting password_hash, last_logged_in_at, last_forum_read_at,
has_mail, and dmail_filter_attributes[user_id].
* Remove initialize_default_image_size (dead code).
uploads: convert to strong params.
* Remove `initialize_status` because status already defaults to pending
in the database.
tag aliases/implications: convert to strong params.
tags: convert to strong params.
forum posts: convert to strong params.
* Disallow changing the topic_id after creating the post.
* Disallow setting is_deleted (destroy/undelete actions should be used instead).
* Remove is_sticky / is_locked (nonexistent attributes).
forum topics: convert to strong params.
* merges https://github.com/evazion/danbooru/tree/wip-rails-5.1
* lock pg gem to 0.21 (1.0.0 is incompatible with rails 5.1.4)
* switch to factorybot and change all references
Co-authored-by: r888888888 <r888888888@gmail.com>
Co-authored-by: evazion <noizave@gmail.com>
add diffs
Create the DanbooruBot account in db/seeds.rb instead of in an
initializer. Move the old db/seeds.rb to db/populate.rb.
Fixes a bug introduced in e2eb45a. Creating DanbooruBot in an
initializer was wrong because in a fresh install the users table doesn't
exist yet. This caused `rake db:migrate` to fail.
