* fix 401-302-401-302-429 loop
* don't logout users on bad form key, just treat the request as unauthenticated
* Handle None/empty case in validate_formkey.
A supplied empty formkey, or the lack of a supplied formkey (None) is not a valid formkey. Handle this inside the function rather than at the call-site.
* Validate as false if no hashstr or string
Co-authored-by: Snakes <104547575+TLSM@users.noreply.github.com>
Ported in from upstream with adjustments for TheMotte, most notably
universal default to 'new' and fixes to 'hot'. Lumped into this PR
because eager comment loading uses it.
Ported in logic from upstream to use SQLAlchemy eager loading instead
of repeated queries when building a submission_listing. Adjusted
loaded relationships to include only those used on TheMotte.
Using test data from seed_db, before and after:
GET /
|----------|--------|--------|--------|--------|--------|------------|
| Database | SELECT | INSERT | UPDATE | DELETE | Totals | Duplicates |
|----------|--------|--------|--------|--------|--------|------------|
| default | 83 | 0 | 0 | 0 | 83 | 72 |
|----------|--------|--------|--------|--------|--------|------------|
Total queries: 83 in 0.031s
GET /
|----------|--------|--------|--------|--------|--------|------------|
| Database | SELECT | INSERT | UPDATE | DELETE | Totals | Duplicates |
|----------|--------|--------|--------|--------|--------|------------|
| default | 14 | 0 | 0 | 0 | 14 | 0 |
|----------|--------|--------|--------|--------|--------|------------|
Total queries: 14 in 0.00718s
Removes the following awards / fields on User:
- flairlock
- progressivestack
- bird
- longpost (pizzashill)
- marseyawarded
- rehab
- deflector
- mute
- unmutable
- eye (All-Seeing Eye)
- alt (Alt-Seeing Eye)
Primarily motivated by starting to remove some un-Mottelike cruft
from core commenting/posting routes. Cleared out other inapplicable
awards while in the process.
Bug accidentally introduced with 70c8a942b6, when a removed clause
in Comment.collapse_for_user was treated as always True, rather than
as always False--which would've removed this entire line, as this
commit does now.
Original intent of the logic was for auto-collapsing game comments
like blackjack and slots that necessarily entailed somewhat spammy
commenting behavior.
The last places coins were visible to non-admins were in user popovers
and, potentially, via direct access of /@<username>/coins. These have
been removed.
Additionally, there are a number of routes which, despite being removed
from the UI, were still operative and usable. These are disabled
pending possible(?) future uses of coins.
Due to use of Submission.{choices, options, bet_options} in realbody,
generating submission_listings resulted in extremely high volume of
SELECT queries.
In local testing with 6 posts, one of which had a poll with 2 options,
the removal of these calls reduced quantity of queries on the homepage
from 84 to 22.
Given that it was previously decided to remove the polls feature after
a regression while adding comment filtering, the remaining dead code
paths for polls were also removed.
Given that coins are not visible in many contexts, the conspicuous
appearance of treasure chests (random coin rewards on 1% of comments)
seems out of place. This removes the logic which rewards treasure,
the visible display of treasure, and drops the column containing
treasure information which has already been awarded to at least one
comment on prod.
Using the new assetcache module, we replace (almost) all instances
of `?v=` cachebusting query parameters in Python and in Jinja templates.
The primary exceptions were: user site backgrounds, and some
infrequently changed graphics referenced literally from .js files.
Fixes#221. Provides custom message behavior for the user DM route
and slightly refactors the `@is_not_permabanned` wrapper to not be
deliberately misleading to users.
In four contexts, Comment.replies(.) was not updated to reflect the
interface changes with comment filtering. This directly caused #170
and #172 (which was a stack trace from the former).
- Updating notifications for DMs (routes/users.py L690)
- Updating notifications for modmail (routes/users.py L729)
- morecomments for logged out users (routes/posts.py L421)
- JSON for API access (classes/comment.py L347)
All four contexts seem to behave correctly after the change. However,
strictly speaking the JSON generation will not include a user's own
filtered or removed comments, though this is hard to remedy without
passing the user object `v` to json_core. Propagating that through the
codebase seems a worse option than leaving it as is.
* #39 Add Flask-Migrate dep
* #39 Make it such that flask db init can run
https://github.com/miguelgrinberg/Flask-Migrate/issues/196#issuecomment-381343393
* Run flask db init, update migrations.env, commit artifacts
* Set up a script such that you can `docker-compose exec files bash -c 'cd /service; FLASK_APP="files/cli:app" flask '` and have it do whatever flask thing you want
* Fix circular dependency
* import * is evil
* Initial alembic migration, has issues with constraints and nullable columns
* Bring alts table up to date with alembic autogenerate
* Rerun flask db revision autogenerate
* Bring award_relationships table up to date with alembic autogenerate
* [#39/alembic] files/classes/__init__.py is evil but is at least explicitly evil now
* #39 fix model in files/classes/badges.py
* #39 fix model in files/classes/domains.py and files/classes/clients.py
* #39 fix models: comment saves, comment flags
* #39 fix models: comments
* Few more imports
* #39 columns that are not nullable should be flagged as not nullable
* #39 Add missing indexes to model defs
* [#39] add missing unique constraints to model defs
* [#39] Temporarily undo any model changes which cause the sqlalchemy model to be out of sync with the actual dump
* #39 Deforeignkeyify the correct column to make alembic happy
* #39 flask db revision --autogenerate now creates an empty migration
* #39 Migration format such that files are listed in creation order
* #39 Better first revision
* #39 Revert the model changes that were required to get to zero differences between db revision --autogenerate and the existing schema
* #39 The first real migration
* #39 Ensure that foreign key constraints are named in migration
* #39 Alembic migrations for FK constraints, column defs
* [#39] Run DB migrations before starting tests
* [#39] New test to ensure migrations are up to date
* [#39] More descriptive test failure message
* Add -T flag to docker-compose exec
* [#39] Run alembic migrations when starting the container
