We currently use Flask-Limiter 2.7.0. Upgrading to 3.1.0 breaks
because of a breaking change to keyword order. Yes, seriously:
https://flask-limiter.readthedocs.io/en/stable/changelog.html#v3-0-0
Not updating the lockfile here, pending @ZorbaTHut testing some infra
updates; however, this is necessary to be able to do so, and it still
works in 2.7.0.
Ports in lightly modified logic from the upstream which tracks active
sessions to provide counters and listings to understand site traffic
in the admin panel.
Recently, unrelated changes led to enabling logging for flask-limiter
accidentally, at which point it was discovered that it wasn't actually
limiting requests due to Limiter.key_func = get_CF not being proper
for either prod (not behind Cloudflare) or localhost (likewise).
We instead use the remote_addr attached directly to the request using
the existing flask-limiter function to do so.
Detailed troubleshooting at:
https://github.com/themotte/rDrama/issues/222#issuecomment-1229489062
This change disables multimedia embedding:
- In comments and comments replies.
- In new submissions.
- In comment & submission preview
And it's all toggle-able via an envvar, except for the JS bits,
but I linked those to the github issue, so should be easy to find
in the future.
The way it works is:
- removes markdown image/video syntax,
eg. `` into ``
- changes link text into anchors, eg.
`https://example.org/someimage.jpg` into
`[https://example.org/someimage.jpg](https://example.org/someimage.jpg)`
- removes html img/video/audio tags, eg.
`<img href="https://example.org/someimage.jpg" />` into ``
- when embedding gifs via the giphy modal in "new submission", it will
insert only an anchor to the gif
- when attaching an image, it will upload the image, then add only an
anchor to the post/comment body
I tested this manually, but not sure if I got all the test cases. What I
checked was:
- create comment w/ image/video/audio media using markdown -> success
- create comment reply w/ image/video/audio media using markdown ->
success
- create comment w/ link to img/imgur/youtube/audio -> success
- create comment w/ attachment -> success
- create comment reply w/ attachment -> success
- create comment w/ img/video tag -> success
- create comment reply w/ image/video tag -> success
- create post submission w/ image/video/media using markdown -> success
- create post submission w/ link to img/imgur/youtube/audio -> success
- create post submission w/ attachment -> success
- create post submission w/ giphy gif -> success
Also, updated the formatting page.
Co-authored-by: Ben Rog-Wilhelm <zorba-github@pavlovian.net>
This caps the number of mentions in a submission or comment to
MENTION_LIMIT, which is set to 100 by default. When limit is exceeded,
returns a helpful message to the user.
* #39 Add Flask-Migrate dep
* #39 Make it such that flask db init can run
https://github.com/miguelgrinberg/Flask-Migrate/issues/196#issuecomment-381343393
* Run flask db init, update migrations.env, commit artifacts
* Set up a script such that you can `docker-compose exec files bash -c 'cd /service; FLASK_APP="files/cli:app" flask '` and have it do whatever flask thing you want
* Fix circular dependency
* import * is evil
* Initial alembic migration, has issues with constraints and nullable columns
* Bring alts table up to date with alembic autogenerate
* Rerun flask db revision autogenerate
* Bring award_relationships table up to date with alembic autogenerate
* [#39/alembic] files/classes/__init__.py is evil but is at least explicitly evil now
* #39 fix model in files/classes/badges.py
* #39 fix model in files/classes/domains.py and files/classes/clients.py
* #39 fix models: comment saves, comment flags
* #39 fix models: comments
* Few more imports
* #39 columns that are not nullable should be flagged as not nullable
* #39 Add missing indexes to model defs
* [#39] add missing unique constraints to model defs
* [#39] Temporarily undo any model changes which cause the sqlalchemy model to be out of sync with the actual dump
* #39 Deforeignkeyify the correct column to make alembic happy
* #39 flask db revision --autogenerate now creates an empty migration
* #39 Migration format such that files are listed in creation order
* #39 Better first revision
* #39 Revert the model changes that were required to get to zero differences between db revision --autogenerate and the existing schema
* #39 The first real migration
* #39 Ensure that foreign key constraints are named in migration
* #39 Alembic migrations for FK constraints, column defs
* [#39] Run DB migrations before starting tests
* [#39] New test to ensure migrations are up to date
* [#39] More descriptive test failure message
* Add -T flag to docker-compose exec
* [#39] Run alembic migrations when starting the container
I created a new theme, "TheMotte" in /assests/css. Someone with any design
skill at all should try improving this. Currently it is a copy of light.css
__main__.py defines the experience for a user without an account. I removed the
check for an OS environment variable, and defaulted to the new theme.
/classes/user.py defines the default for a new account. I removed the check for an OS
environment variable, and defaulted to the new theme.
/routes/settings.py has a list of the themes that checks them for... something.
I added the new one here, just in case.
/templates/settings_profile.html has a hardcoded list that controls which
themes appear in the user settings page. Added the new theme here, so you can
select it.
