" <<
+ "
404
" <<
+ "Resource not found" <<
+ "
- A hat is a formal, verified, way of posting a comment while speaking for a - project, organization, or company. Each user may have multiple hats, one of - which may be worn at any time when posting a comment or sending a private - message. -
-- Hats are intended for core project developers and company employees that are - authorized to make comments on behalf of those organizations, and are usually - reserved for notable projects and organizations. Hats are not intended to - list every contribution a person has made to any software project. -
-- Hats will not be authorized for occasional contributors to projects, - developers of projects which are not widely known, past employees of - companies, or other situations where it cannot be verified that one is - authorized to represent that organization. In general, unless one has an - e-mail address at a compay domain or have commit access to a project, a hat - will not be authorized. -
-- To request a hat for your account, provide a short description of the hat - (e.g., "OpenBSD Developer"), a public link that will be shown when hovering - over the hat that users can see, such as your e-mail address at that project - or company, or a link to a company website showing your employment, and - private comments that will be seen only by moderators during approval. -
-- Once your hat is requested, a moderator will verify your request by e-mailing - the address you submitted as the link, or doing some other manual - verification of project association. -
+ <%= raw(t('.description')) %> <%= form_for @hat_request, :url => create_hat_request_path do |f| %>- <%= f.label :hat, "Hat:" %> + <%= f.label :hat, t('.hat') %> <%= f.text_field :hat, :size => 20, - :placeholder => "XYZ Project Member" %> + :placeholder => t('.hatplaceholder') %>
- <%= f.label :link, "Link:" %> + <%= f.label :link, t('.link') %> <%= f.text_field :link, :size => 50, - :placeholder => "user@project.org, or a URL to an employment page" %> + :placeholder => t('.linkplaceholder') %>
- <%= f.label :comment, "Comment:" %> + <%= f.label :comment, t('.comment') %> <%= f.text_area :comment, :rows => 4, - :placeholder => "Will only be shown to moderators during approval" %> + :placeholder => t('.commentplaceholder') %>
- <%= submit_tag "Request Hat" %> + <%= submit_tag t('.requesthatbutton') %>
<% end %>- A hat is a formal, verified, way of posting a comment while speaking for a - project, organization, or company. Each user may have multiple hats, one of - which may be selected to be worn when posting a comment or sending a private - message. + <%= t('.description') %>
")) %>
- <%= submit_tag "Approve Hat Request" %> + <%= submit_tag t('.approve') %>
<% end %>- or + <%= t('.hator') %>
<%= form_for hr, :url => reject_hat_request_url(:id => hr), :method => :post do |f| %>- <%= submit_tag "Reject Hat Request" %> + <%= submit_tag t('.reject') %>
<% end %> <% end %> diff --git a/app/views/invitations/build.html.erb b/app/views/invitations/build.html.erb index 5d068de..ce03086 100644 --- a/app/views/invitations/build.html.erb +++ b/app/views/invitations/build.html.erb @@ -13,7 +13,7 @@<%= f.label :email, t('.buildinvemail') %> - <%= f.text_field :email, :size => 30 %> + <%= f.email_field :email, :size => 30 %>
<%= f.label :memo, t('.buildinvurl') %> diff --git a/app/views/layouts/application.html.erb b/app/views/layouts/application.html.erb index e718a09..69b546f 100644 --- a/app/views/layouts/application.html.erb +++ b/app/views/layouts/application.html.erb @@ -9,7 +9,6 @@ - <% if @meta_tags %> @@ -97,9 +96,6 @@ raw("class=\"cur_url\"") : "" %>><%= @user.username %> (<%= @user.karma %>) - <%= link_to t('.logoutlink'), { :controller => "login", :action => "logout" }, - :data => { :confirm => t('.confirmlogoutlink') }, - :method => "post" %> <% else %> <%= t('.loginlink') %> <% end %> @@ -119,21 +115,27 @@ <%= yield %>
+ <%= t('.logintotpcode') %> +
+ ++ <%= label_tag :totp_code, t('.totpcode') %> + <%= number_field_tag :totp_code, "", :size => 10, :autocomplete => "off", + :autofocus => true, :class => "totp_code" %> +
+ ++
+ <%= submit_tag t('.loginbutton') %> +
+ <% end %> +<%= f.submit t('.saveallsettings') %> @@ -201,6 +216,58 @@
+
+
+
+ <% if @user.has_2fa? %> + <%= t('.turnoff') %> + <% else %> + <%= t('.turnon') %> + <% end %> +
+ ++ <% if @user.has_2fa? %> + <%= submit_tag t('.disable2fa') %> + <% else %> + <%= submit_tag t('.continue') %> + <% end %> + <% end %> +
+ <%= raw(t('.scanqrcode')) %> +
+ + <%= raw @qr_svg %> + ++ <%= t('.registring') %> +
+ ++ <%= button_to t('.verifyenable'), twofa_verify_url, :method => :get %> +
+ <%= t('.enablecode') %> +
+ ++ <%= submit_tag t('.verifyenable') %> + <% end %> +
@@ -28,7 +27,7 @@ <%= f.label :username, "Username:", :class => "required" %> <%= f.text_field :username, :size => 30 %> - <%= User.username_regex %> + <%= User.username_regex_s %>
diff --git a/app/views/stories/_form.html.erb b/app/views/stories/_form.html.erb index 6eb32bb..288d2d1 100644 --- a/app/views/stories/_form.html.erb +++ b/app/views/stories/_form.html.erb @@ -38,7 +38,7 @@
<% end %> - <% if @showing_user.hats.any? %> - - - <% @showing_user.hats.each do |hat| %> - <%= hat.to_html_label %> - <% end %> - -
- <% end %> - <% if @showing_user.deleted_at? %> @@ -117,6 +105,38 @@
+ <% if @showing_user.hats.any? %> + +
+ <% end %> + + <% if @showing_user.twitter_username.present? %> + + + + @<%= h(@showing_user.twitter_username) %> + +
+ <% end %> + <% if @showing_user.is_active? %> diff --git a/app/views/users/tree.html.erb b/app/views/users/tree.html.erb index 17843cf..99625cf 100644 --- a/app/views/users/tree.html.erb +++ b/app/views/users/tree.html.erb @@ -3,21 +3,23 @@ <%= @title %> (<%= @user_count %>) -
- <%= t('.newestusers') %> - <%= raw @newest.map{|u| "#{u.username} " << - "(#{u.karma})" }.join(", ") %> -
+ <% if @newest %> ++ <%= t('.newestusers') %> + <%= raw @newest.map{|u| "#{u.username} " << + "(#{u.karma})" }.join(", ") %> +
+ <% end %> -+
<% subtree = @users_by_parent[nil] %> <% ancestors = [] %> <% while subtree %> <% if (user = subtree.pop) %> --
+
- ">
class="inactive_user"
@@ -27,11 +29,10 @@
><%= user.username %>
<% if user.is_admin? %>
<%= t('.administrator') %>
+ <% elsif user.is_moderator? %>
+ <%= t('.moderator') %>
<% else %>
(<%= user.karma %>)
- <% if user.is_moderator? %>
- <%= t('.moderator') %>(moderator)
- <% end %>
<% end %>
<% if (children = @users_by_parent[user.id]) %>
<% # drill down deeper in the tree %>
diff --git a/config/application.rb b/config/application.rb
index e0b69f0..3401516 100644
--- a/config/application.rb
+++ b/config/application.rb
@@ -26,7 +26,15 @@ module Lobsters
# Raise an exception when using mass assignment with unpermitted attributes
config.action_controller.action_on_unpermitted_parameters = :raise
+ config.active_record.raise_in_transactional_callbacks = true
+
config.cache_store = :file_store, "#{config.root}/tmp/cache/"
+
+ config.exceptions_app = self.routes
+
+ config.after_initialize do
+ require "#{Rails.root}/lib/monkey.rb"
+ end
end
end
@@ -68,5 +76,3 @@ class << Rails.application
true
end
end
-
-require "#{Rails.root}/lib/monkey"
diff --git a/config/environments/production.rb b/config/environments/production.rb
index b4ee2c7..102dc15 100644
--- a/config/environments/production.rb
+++ b/config/environments/production.rb
@@ -20,7 +20,7 @@ Lobsters::Application.configure do
# config.action_dispatch.rack_cache = true
# Disable Rails's static asset server (Apache or nginx will already do this).
- config.serve_static_assets = false
+ config.serve_static_files = false
# Compress JavaScripts and CSS.
config.assets.js_compressor = :uglifier
@@ -76,3 +76,7 @@ Lobsters::Application.configure do
# Do not dump schema after migrations.
config.active_record.dump_schema_after_migration = false
end
+
+%w{render_template render_partial render_collection}.each do |event|
+ ActiveSupport::Notifications.unsubscribe "#{event}.action_view"
+end
diff --git a/config/environments/test.rb b/config/environments/test.rb
index e21872a..635a19d 100644
--- a/config/environments/test.rb
+++ b/config/environments/test.rb
@@ -13,7 +13,7 @@ Lobsters::Application.configure do
config.eager_load = false
# Configure static asset server for tests with Cache-Control for performance.
- config.serve_static_assets = true
+ config.serve_static_files = true
config.static_cache_control = 'public, max-age=3600'
# Show full error reports and disable caching.
@@ -35,5 +35,7 @@ Lobsters::Application.configure do
config.active_support.deprecation = :stderr
# Raises error for missing translations
- # config.action_view.raise_on_missing_translations = true
+ config.action_view.raise_on_missing_translations = true
end
+
+RSpec::Expectations.configuration.on_potential_false_positives = :nothing
diff --git a/config/locales/en.yml b/config/locales/en.yml
index fe366c4..60c701e 100644
--- a/config/locales/en.yml
+++ b/config/locales/en.yml
@@ -22,6 +22,9 @@ en:
storyidcannotbeblank: "A story ID cannot be blank."
deletedcomment: "deleted comment"
threadremovedby: "Thread removed by moderator %{modoname} : %{modreason}"
+ turnedintodragon: "turned into a dragon"
+ slayeddragon: "slayed dragon"
+ metooerror: "Please just upvote the parent post instead."
moderation:
storyeditedby: "Your story has been edited by "
usersuggestions: "user suggestions"
@@ -61,11 +64,11 @@ en:
messageslink: "Messages"
loginlink: "Login"
logoutlink: "Logout"
- confirmlogoutlink: "Are you sure you want to logout?"
moderationloglink: "Moderation Log"
invitationqueuelink: "Invitation Queue"
chatlink: "Chat"
hatrequestlink: "Hat Requests"
+ hatslink: "Hats"
privacylink: "Privacy"
aboutlink: "About"
blog: "Blog"
@@ -102,6 +105,8 @@ en:
delete: "delete"
reply: "reply"
about: "on:"
+ dragon: "dragon"
+ undragon: "undragon"
email_message:
notification.text:
replyat: "Reply at "
@@ -120,6 +125,41 @@ en:
pretextdesc: "prefix text with at least 4 spaces"
inlineimage: "(inline image)"
inlineimagedesc: " (only allowed in story text)"
+ hats:
+ build_request:
+ title: "Request a Hat"
+ description: "
![]()
tags
- # opts[:disable_profile_links] disables @username -> /u/username links
def self.to_html(text, opts = {})
if text.blank?
return ""
end
- args = [ :smart, :autolink, :safelink, :filter_styles, :filter_html,
- :strict ]
- if !opts[:allow_images]
- args.push :no_image
- end
+ exts = [:tagfilter, :autolink, :strikethrough]
+ root = CommonMarker.render_doc(text.to_s, [:SMART], exts)
- ng = Nokogiri::HTML(RDiscount.new(text.to_s, *args).to_html)
+ walk_text_nodes(root){|n| postprocess_text_node(n) }
+
+ ng = Nokogiri::HTML(root.to_html([:SAFE], exts))
# change test").should ==
@@ -25,4 +35,17 @@ describe Markdowner do
"
A hat is a formal, verified, way of posting a comment while speaking for a project, organization, or company. Each user may have multiple hats, one of which may be worn at any time when posting a comment or sending a private message.
Hats are intended for core project developers and company employees that are authorized to make comments on behalf of those organizations, and are usually reserved for notable projects and organizations. Hats are not intended to list every contribution a person has made to any software project.
Hats will not be authorized for occasional contributors to projects, developers of projects which are not widely known, past employees of companies, or other situations where it cannot be verified that one is authorized to represent that organization. In general, unless one has an e-mail address at a compay domain or have commit access to a project, a hat will not be authorized.
To request a hat for your account, provide a short description of the hat (e.g., \"OpenBSD Developer\"), a public link that will be shown when hovering over the hat that users can see, such as your e-mail address at that project or company, or a link to a company website showing your employment, and private comments that will be seen only by moderators during approval.
Once your hat is requested, a moderator will verify your request by e-mailing the address you submitted as the link, or doing some other manual verification of project association.
" + hat: "Hat:" + hatplaceholder: "XYZ Project Member" + link: "Link:" + linkplaceholder: "user@project.org, or a URL to an employment page" + comment: "Comment:" + commentplaceholder: "Will only be shown to moderators during approval" + requesthatbutton: "Request Hat" + create_request: + submittedhatrequest: "Successfully submitted hat request." + index: + title: "Hats" + description: "A hat is a formal, verified, way of posting a comment while speaking for a project, organization, or company. Each user may have multiple hats, one of which may be selected to be worn when posting a comment or sending a private message." + request: "Request Hat" + user: "User" + hat: "Hat" + link: "Link" + reject_request: + requestedhatrequest: "Successfully rejected hat request." + requests_index: + title: "Requested Hats" + nohatrequests: "No hat requests." + user: "User:" + hat: "Hat:" + link: "Link:" + comment: "Comment:" + approve: Approve Hat Request" + reason: "Reason:" + reject: "Reject Hat Request" + hator: "or" + approve_request: + approvedhatrequest: "Successfully approved hat request." home: index: homerecentsdesc: "The newest stories with a random sampling of recently submitted stories that have not yet reached the front page." @@ -180,6 +220,16 @@ en: password: "New Password:" again: "(Again):" setpassbutton: "Set New Password" + passwordreset: "Your password has been reset." + couldnotresetpassword: "Could not reset password." + invalidresettoken: "Invalid reset token. It may have already been used or you may have copied it incorrectly." + twofa: + login2fa: "Login - Two Factor Authentication" + logintotpcode: "Enter the current TOTP code from your TOTP application:" + loginbutton: "Login" + totpcode: "TOTP Code:" + twofa_verify: + totpcodenotmatch: "Your TOTP code did not match. Please try again." messages: index: viewreceived: "View Received" @@ -245,10 +295,13 @@ en: deleteaccountflash: "Your account has been deleted." verifypasswordflash: "Your password could not be verified." index: + logoutlink: "Logout" + confirmlogoutlink: "Are you sure you want to logout?" viewprofile: "View Profile" accountsettings: "Account Settings" username: "Username:" password: "New Password:" + currentpassword: "Current Password:" confirmpassword: "Confirm Password:" emailaddress: "E-mail Address:" gravatarized: "Gravatar'ized" @@ -263,7 +316,7 @@ en: commentreplynotificationsettings: "Comment Reply Notification Settings" receiveemail: "Receive E-mail:" receivepushover: "Receive Pushover Alert:" - requirepushover: "Requires Pushover subscription above" + requirepushover: "Requires Pushover subscription below" commentmentionnotificationsettings: "Comment Mention Notification Settings" privatemessagenotificationsettings: "Private Message Notification Settings" submittedstorycommentsettings: "Submitted Story Comment Settings" @@ -278,6 +331,7 @@ en: miscsettings: "Miscellaneous Settings" storypreview: "Show Story Previews:" useravatars: "Show User Avatars:" + hidedragons: "Hide Dragons:" saveallsettings: "Save All Settings" inviteuser: "Invite a New User" cannotsendinvitations: "You cannot send invitations." @@ -285,6 +339,12 @@ en: deleteaccounttext: "To permanently delete your account, verify your current password below. Your account will be put into a deleted state, your comments will be marked as deleted and no longer readable by any other users, and your private messages will be deleted. Your submitted stories will not be deleted. Your username will remain reserved and will not be available to be used on any other account." verifypassword: "Verify Password:" deleteaccountconfirmation: "Yes, Delete My Account" + securitysettings: "Security Settings" + twofactorauth: "Two-Factor Auth:" + disable2fa: "Disable" + enroll2fa: "Enroll" + disabled2fa: "Disabled" + enabled2fa: "Enabled" pushover: pushovernotconfigured: "This site is not configured for Pushover" pushover_callback: @@ -292,8 +352,36 @@ en: pushovernorandomtokenurl: "No random token present in URL" accountsetuppushover: "Your account is now setup for Pushover notifications." accountnolongersetuppushover: "Your account is no longer setup for Pushover notifications." + twofa: + title: "Two-Factor Authentication" + backtosettings: "Back to Settings" + disable2fa: "Disable Two-Factor Authentication" + continue: "Continue" + currentpassword: "Current Password:" + turnoff: "To turn off two-factor authentication for your account, enter your current password:" + turnon: "To begin the two-factor authentication enrollment for your account, enter your current password:" + twofa_auth: + 2fahasbeendisabled: "Two-Factor Authentication has been disabled on your account." + 2fapassnotcorrect: "Your password was not correct." + twofa_enroll: + title: "Two-Factor Authentication" + backtosettings: "Back to Settings" + enrollmenttimeout: "Your enrollment period timed out." + scanqrcode: "Scan the QR code below or click on it to open in your TOTP application of choice:" + registring: "Once you have finished registering with your TOTP application, proceed to the next screen to verify your current TOTP code and actually enable Two-Factor Authentication on your account." + verifyenable: "Verify and Enable" + twofa_update: + enrollmenttimeout: "Your enrollment period timed out." + 2fahasbeenenabled: "Two-Factor Authentication has been enabled on your account." + totpinvalid: "Your TOTP code was invalid, please verify the current code in your TOTP application." + twofa_verify: + title: "Two-Factor Authentication" + enrollmenttimeout: "Your enrollment period timed out." + enablecode: "To enable Two-Factor Authentication on your account using your new TOTP secret, enter the six-digit code from your TOTP application:" + verifyenable: "Verify and Enable" update: updatesettingsflash: "Successfully updated settings." + passwordnotcorrect: "Your current password was not entered correctly." stories: edit: edit: "Edit Story" @@ -355,6 +443,8 @@ en: preview: "Preview" submit: "Submit a Story" submitbutton: "Submit" + show: + toggledragons: "— here be dragons —" users: list: administrator: "administrator" @@ -372,7 +462,7 @@ en: storysubmissions: "with story submissions" disabled: "disabled" joined: "Joined:" - byinvitationfrom: "by invitation from" + byinvitationfrom: "by invitation from" banneduser: "Banned:" bannedby: "by" hats: "Hats:" @@ -439,6 +529,9 @@ en: flashsuccessdeleteinvit: "Successfully deleted invitation request from %{name}" login_controller: flashlogininvalid: "Invalid e-mail address and/or password." + totpinvalid: "Your TOTP code was invalid." + deletedaccount: "Your account has been deleted." + bannedaccount: "Your account has been banned." messages_controller: messagestitle: "Messages" messagessenttitle: "Messages Sent" @@ -449,6 +542,7 @@ en: flashdeletedmessage: "Deleted message." search_controller: searchtitle: "Search" + flasherrorsearchcontroller: "Sorry, but the search engine is currently out of order" stories_controller: submitstorytitle: "Submit Story" editstorytitle: "Edit Story" diff --git a/config/locales/fr.yml b/config/locales/fr.yml index 84f19f4..9a9231f 100644 --- a/config/locales/fr.yml +++ b/config/locales/fr.yml @@ -34,6 +34,9 @@ fr: storyidcannotbeblank: "Un ID d'info ne peut pas être vide." deletedcomment: "commentaire supprimé" threadremovedby: "Fil supprimé par le modérateur %{modoname} : %{modreason}" + turnedintodragon: "transformé en dragon" + slayeddragon: "le dragon a été terrassé" + metooerror: "Merci de voter pour le commentaire à la place." moderation: storyeditedby: "Votre info a été éditée par " usersuggestions: "suggestions d'utilisateur" @@ -78,6 +81,7 @@ fr: invitationqueuelink: "File d'invitation" chatlink: "Chat" hatrequestlink: "Porter le chapeau" + hatslink: "Chapeaux" privacylink: "Confidentialité" aboutlink: "À propos" blog: "Blog" @@ -104,6 +108,8 @@ fr: delete: "supprimer" reply: "répondre" about: "sur :" + dragon: "dragon" + undragon: "non-dragon" global: markdownhelp: emphasizedtext: "italique" @@ -120,6 +126,41 @@ fr: pretextdesc: "précéder le texte avec au moins 4 espaces" inlineimage: "(image en ligne)" inlineimagedesc: " (autorisé seulement dans les articles)" + hats: + build_request: + title: "Demander un chapeau" + description: "Un chapeau est un moyen formel, vérifié de poster un commentaire au nom d'un projet, d'une organisation ou d'une entreprise. Chaque utilisateur peut avoir plusieurs chapeaux, l'un d'eux pouvant être choisi d'être porté au moment de poster un commentaire ou d'envoyer un message privé.
Les chapeaux sont destinés aux développeurs principaux d'un projet et les employés d'entreprise qui sont autorisés à faire des commentaires au nom de leurs organisations, et sont habituellement réservés pour les projets notables et les organisations. Les chapeaux ne sont pas destinés à lister toutes les contributions d'une personne à des projets logiciels.
Les chapeaux ne vont pas être autorisés pour les contributeurs occasionnels d'un projet, développeurs d'un projet qui n'est pas largement connu, pas non plus pour les anciens employés d'une entreprise ou autres situations où il n'est pas possible de vérifier que quelqu'un est autorisé à représenter une organisation. En général à moins d'avoir un e-mail avec le nom de domaine de l'entreprise ou du projet ou les droits d'accès aux sources d'un projet, un chapeau ne sera pas autorisé.
Pour demander un chapeau pour votre compte, merci de fournir une courte description du chapeau (exemple \"développeur OpenBSD\"), un lien public qui sera affiché quand on passe la souris au-dessus du chapeau que les utilisateurs peuvent voir, comme votre adresse e-mail du projet ou de l'entreprise ou un lien vers le site web de l'entreprise puis une description privée qui sera seulement vue par les modérateurs durant le processus d'approbation.
Une fois qu'un chapeau a été demandé, un modérateur va vérifier votre demande en envoyant un e-mail à l'adresse soumise comme lien et/ou en effectuant d'autres vérifications manuelles de votre association au projet.
" + hat: "Chapeau:" + hatplaceholder: "Membre du projet XYZ" + link: "Lien :" + linkplaceholder: "membre@projet.org, ou l'URL de la page de l'employeur" + comment: "Commentaire :" + commentplaceholder: "Sera seulement montré aux modérateurs devant le processus d'approbation" + requesthatbutton: "Demander un chapeau" + create_request: + submittedhatrequest: "Demande de chapeau transmise avec succès." + index: + title: "Chapeaux" + description: "Un chapeau est un moyen formel, vérifié de poster un commentaire au nom d'un projet, d'une organisation ou d'une entreprise. Chaque utilisateur peut avoir plusieurs chapeaux, l'un d'eux pouvant être choisi d'être porté au moment de poster un commentaire ou d'envoyer un message privé." + request: "Demander un chapeau" + user: "Utilisateur" + hat: "Chapeau" + link: "Lien" + reject_request: + rejectedhatrequest: "Demande de chapeau rejetée avec succès." + requests_index: + title: "Chapeaux demandés" + nohatrequests: "Aucune demande de chapeau." + user: "Utilisateur :" + hat: "Chapeau :" + link: "Lien :" + comment: "Commentaire :" + approve: "Approuver la demande de chapeau" + reason: "Raison :" + reject: "Rejeter la demande de chapeau" + hator: "ou" + approve_request: + approvedhatrequest: "La demande de chapeau a été approuvée." home: index: homerecentsdesc: "Les plus récentes infos avec un panaché aléatoire des infos récentes soumises qui n'ont pas encore atteint la page principale." @@ -180,6 +221,16 @@ fr: password: "Mot de passe :" again: "(encore):" setpassbutton: "Changer le mot de passe" + passwordreset: "Votre mot de passe a été changé" + couldnotresetpassword: "Le mot de passe n'a pas pu être changé." + invalidresettoken: "Jeton de changement invalide. Il a pu déjà être utilisé ou mal copié." + twofa: + login2fa: "Identification par authentification à deux facteurs" + logintotpcode: "Entrez le code TOTP affiché par votre application :" + loginbutton: "S'identifier" + totpcode: "Code TOTP :" + twofa_verify: + totpcodenotmatch: "Code TOTP incorrect. Merci de ré-essayer." filters: index: filteredtags: "Marques filtrées" @@ -255,10 +306,13 @@ fr: deleteaccountflash: "Votre compte a été supprimé." verifypasswordflash: "Votre mot de passe n'a pas pu être vérifié." index: + logoutlink: "Se déconnecter" + confirmlogoutlink: "Êtes-vous sûr de vouloir vous déconnecter?" viewprofile: "Voir le profil" accountsettings: "Paramètres du compte" username: "Utilisateur :" password: "Nouveau mot de passe :" + currentpassword: "Mot de passe actuel :" confirmpassword: "Confirmer le mot de passe :" emailaddress: "Adresse e-mail :" gravatarized: "Gravatarisé" @@ -273,7 +327,7 @@ fr: commentreplynotificationsettings: "Paramètres de notification de réponse à un commentaire" receiveemail: "Recevoir un e-mail :" receivepushover: "Recevoir une alerte Pushover :" - requirepushover: "Requière un abonnement Pushover ci-dessus" + requirepushover: "Requière un abonnement Pushover ci-dessous" commentmentionnotificationsettings: "Paramètres de notification de mention d'un commentaire" privatemessagenotificationsettings: "Paramètres de notification de message privé" submittedstorycommentsettings: "Paramètres de commentaires relatifs à vos infos" @@ -288,6 +342,7 @@ fr: miscsettings: "Paramètres variés" storypreview: "Montrer les aperçus des infos: " useravatars: "Montrer les avatars des utilisateurs :" + hidedragons: "Cacher les dragons :" saveallsettings: "Sauver tous les paramètres" inviteuser: "Inviter un nouvel utilisateur" cannotsendinvitations: "Vous ne pouvez pas envoyer d'invitations." @@ -295,6 +350,12 @@ fr: deleteaccounttext: "Pour supprimer définitivement votre compte, vérifiez votre mot de passe actuel ci-dessous. Votre compte sera passé à l'état supprimé, vos commentaires seront marqués comme supprimés et ne seront plus lisibles par les autres utilisateurs, vos messages privés seront également supprimés. Vos infos proposées ne seront pas supprimées. Votre nom d'utilisateur restera réservé et ne sera pas disponible pour un autre compte." verifypassword: "Vérification du mot de passe :" deleteaccountconfirmation: "Oui, supprimez mon compte" + securitysettings: "Paramètres de sécurité" + twofactorauth: "Authentification à deux facteurs :" + disable2fa: "Désactiver" + enroll2fa: "Activer" + disabled2fa: "Désactivée" + enabled2fa: "Activée" pushover: pushovernotconfigured: "Ce site n'est pas configuré pour le Pushover" pushover_callback: @@ -302,8 +363,36 @@ fr: pushovernorandomtokenurl: "Pas de jeton alétoire présent dans l'url" accountsetuppushover: "Votre compte est maintenant configuré pour les notifications Pushover." accountnolongersetuppushover: "Votre compte n'est plus configuré pour les notifications Pushover." + twofa: + title: "Authentification à deux facteurs" + backtosettings: "Retour aux paramètres" + disable2fa: "Désactiver l'authentification à deux facteurs" + continue: "Continuer" + currentpassword: "Mot de passe actuel :" + turnoff: "Pour désactiver l'authentification à deux facteurs, entrez votre mot de passe actuel :" + turnon: "Pour activer l'authentification à deux facteurs pour votre compte, entrez votre mot de passe actuel :" + twofa_auth: + 2fahasbeendisabled: "L'authentification à deux facteurs a été désactivée sur votre compte" + 2fapassnotcorrect: "Mot de passe incorrect" + twofa_enroll: + title: "Authentification à deux facteurs" + backtosettings: "Retour aux paramètres" + enrollmenttimeout: "Le délai d'attente est dépassé" + scanqrcode: "Scannez le QR code ci-dessous ou cliquez dessus pour l'ouvrir dans l'application TOTP de votre choix :" + registring: "Une fois le processus d'enregistrement de vos applications TOTP achevé, passez à l'écran suivant pour vérifier et activer l'authentification à deux facteurs pour votre compte." + verifyenable: "Vérifier et Activer" + twofa_update: + enrollmenttimeout: "Le délai d'attente est dépassé" + 2fahasbeenenabled: "L'authentification à deux facteurs a été activée sur votre compte" + totpinvalid: "Votre code TOTP est invalide, merci de vérifier le code actuellement affiché par votre application TOTP" + twofa_verify: + title: "Authentification à deux facteurs" + enrollmenttimeout: "Le délai d'attente est dépassé" + enablecode: "Afin d'activer l'authentification à deux facteurs pour votre compte en utilisant votre nouveau secret TOTP, entrez le code à 6 chiffres de votre application :" + verifyenable: "Vérifier et Activer" update: updatesettingsflash: "Paramètres mis à jour avec succès." + passwordnotcorrect: "Le mot de passe courant n'a pas été entré correctement." stories: edit: edit: "Éditer l'info" @@ -365,6 +454,8 @@ fr: preview: "Aperçu" submit: "Soumettre une info" submitbutton: "Soumettre" + show: + toggledragons: "— voici les dragons —" users: list: administrator: "administrateur" @@ -382,7 +473,7 @@ fr: storysubmissions: "avec propositions d'infos" disabled: "désactivé" joined: "Inscrit :" - byinvitationfrom: "par invitation de" + byinvitationfrom: "par invitation de" banneduser: "Banni :" bannedby: "par" hats: "Chapeaux :" @@ -449,6 +540,10 @@ fr: flashsuccessdeleteinvit: "Demande d'invitation de %{name} supprimée avec succès" login_controller: flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide." + flashlogininvalid: "Adresse e-mail et/ou mot de passe invalide." + totpinvalid: "Votre code TOTP est invalide." + deletedaccount: "Votre compte a été supprimé." + bannedaccount: "Votre compte a été banni." messages_controller: messagestitle: "Messages" messagessenttitle: "Messages envoyés" @@ -459,6 +554,7 @@ fr: flashdeletedmessage: "Message effacé." search_controller: searchtitle: "Rechercher" + flasherrorsearchcontroller: "Désolé mais le moteur de recherche est actuellement cassé" stories_controller: submitstorytitle: "Soumettre une info" editstorytitle: "Éditer une info" diff --git a/config/routes.rb b/config/routes.rb index e2320d3..5d47fe2 100644 --- a/config/routes.rb +++ b/config/routes.rb @@ -4,6 +4,8 @@ Lobsters::Application.routes.draw do :protocol => (Rails.application.config.force_ssl ? "https://" : "http://"), :as => "root" + get "/404" => "home#four_oh_four", :via => :all + get "/rss" => "home#index", :format => "rss" get "/hottest" => "home#index", :format => "json" @@ -30,8 +32,10 @@ Lobsters::Application.routes.draw do get "/threads/:user" => "comments#threads" get "/login" => "login#index" - post "/login" => "login#login" + post "/login" => "login#login", :format => /html|json/ post "/logout" => "login#logout" + get "/login/2fa" => "login#twofa" + post "/login/2fa_verify" => "login#twofa_verify", :as => "twofa_login" get "/signup" => "signup#index" post "/signup" => "signup#signup" @@ -72,6 +76,9 @@ Lobsters::Application.routes.draw do post "delete" post "undelete" + + post "dragon" + post "undragon" end end get "/comments/page/:page" => "comments#index" @@ -84,12 +91,14 @@ Lobsters::Application.routes.draw do post "keep_as_new" end - get "/s/:id/:title/comments/:comment_short_id" => "stories#show" - get "/s/:id/(:title)" => "stories#show", :format => /html|json/ - get "/c/:id" => "comments#redirect_from_short_id" get "/c/:id.json" => "comments#show_short_id", :format => "json" + # deprecated + get "/s/:story_id/:title/comments/:id" => "comments#redirect_from_short_id" + + get "/s/:id/(:title)" => "stories#show", :format => /html|json/ + get "/u" => "users#tree" get "/u/:username" => "users#show", :as => "user", :format => /html|json/ @@ -100,10 +109,25 @@ Lobsters::Application.routes.draw do get "/settings" => "settings#index" post "/settings" => "settings#update" - post "/settings/pushover" => "settings#pushover" - get "/settings/pushover_callback" => "settings#pushover_callback" post "/settings/delete_account" => "settings#delete_account", :as => "delete_account" + get "/settings/2fa" => "settings#twofa", :as => "twofa" + post "/settings/2fa_auth" => "settings#twofa_auth", :as => "twofa_auth" + get "/settings/2fa_enroll" => "settings#twofa_enroll", + :as => "twofa_enroll" + get "/settings/2fa_verify" => "settings#twofa_verify", + :as => "twofa_verify" + post "/settings/2fa_update" => "settings#twofa_update", + :as => "twofa_update" + + post "/settings/pushover_auth" => "settings#pushover_auth" + get "/settings/pushover_callback" => "settings#pushover_callback" + get "/settings/github_auth" => "settings#github_auth" + get "/settings/github_callback" => "settings#github_callback" + post "/settings/github_disconnect" => "settings#github_disconnect" + get "/settings/twitter_auth" => "settings#twitter_auth" + get "/settings/twitter_callback" => "settings#twitter_callback" + post "/settings/twitter_disconnect" => "settings#twitter_disconnect" get "/filters" => "filters#index" post "/filters" => "filters#update" diff --git a/db/migrate/20170119172852_move_user_settings.rb b/db/migrate/20170119172852_move_user_settings.rb new file mode 100644 index 0000000..a0a19eb --- /dev/null +++ b/db/migrate/20170119172852_move_user_settings.rb @@ -0,0 +1,58 @@ +class MoveUserSettings < ActiveRecord::Migration + def up + add_column :users, :settings, :text + + [ + :email_notifications, + :email_replies, + :pushover_replies, + :pushover_user_key, + :email_messages, + :pushover_messages, + :email_mentions, + :show_avatars, + :show_story_previews, + :show_submitted_story_threads, + ].each do |col| + rename_column :users, col, "old_#{col}" + end + + User.find_each do |u| + [ + :email_notifications, + :email_replies, + :pushover_replies, + :pushover_user_key, + :email_messages, + :pushover_messages, + :email_mentions, + :show_avatars, + :show_story_previews, + :show_submitted_story_threads, + ].each do |k| + u.settings[k] = u.send("old_#{k}") + end + + u.save(:validate => false) + end + end + + def down + remove_column :users, :settings + + [ + :email_notifications, + :email_replies, + :pushover_replies, + :pushover_user_key, + :email_messages, + :pushover_messages, + :email_mentions, + :show_avatars, + :show_story_previews, + :show_submitted_story_threads, + ].each do |col| + rename_column :users, "old#{col}", col + end + end +end diff --git a/db/migrate/20170119192703_add_dragons.rb b/db/migrate/20170119192703_add_dragons.rb new file mode 100644 index 0000000..ed03dd0 --- /dev/null +++ b/db/migrate/20170119192703_add_dragons.rb @@ -0,0 +1,5 @@ +class AddDragons < ActiveRecord::Migration + def change + add_column :comments, :is_dragon, :boolean, :default => false + end +end diff --git a/db/migrate/20170225201811_delete_old_settings.rb b/db/migrate/20170225201811_delete_old_settings.rb new file mode 100644 index 0000000..05d51ef --- /dev/null +++ b/db/migrate/20170225201811_delete_old_settings.rb @@ -0,0 +1,18 @@ +class DeleteOldSettings < ActiveRecord::Migration + def change + [ + :email_notifications, + :email_replies, + :pushover_replies, + :pushover_user_key, + :email_messages, + :pushover_messages, + :email_mentions, + :show_avatars, + :show_story_previews, + :show_submitted_story_threads, + ].each do |col| + remove_column :users, "old_#{col}" + end + end +end diff --git a/db/migrate/20170413161450_add_indexes.rb b/db/migrate/20170413161450_add_indexes.rb new file mode 100644 index 0000000..85b2a69 --- /dev/null +++ b/db/migrate/20170413161450_add_indexes.rb @@ -0,0 +1,7 @@ +class AddIndexes < ActiveRecord::Migration + def change + add_index :votes, [ :comment_id ] + add_index :comments, [ :user_id ] + add_index :stories, [ :created_at ] + end +end diff --git a/db/schema.rb b/db/schema.rb index fe2d5ef..2389c98 100644 --- a/db/schema.rb +++ b/db/schema.rb @@ -11,88 +11,90 @@ # # It's strongly recommended that you check this file into your version control system. -ActiveRecord::Schema.define(version: 20160704022756) do +ActiveRecord::Schema.define(version: 20170413161450) do - create_table "comments", force: true do |t| + create_table "comments", force: :cascade do |t| t.datetime "created_at", null: false t.datetime "updated_at" t.string "short_id", limit: 10, default: "", null: false - t.integer "story_id", null: false - t.integer "user_id", null: false - t.integer "parent_comment_id" - t.integer "thread_id" + t.integer "story_id", limit: 4, null: false + t.integer "user_id", limit: 4, null: false + t.integer "parent_comment_id", limit: 4 + t.integer "thread_id", limit: 4 t.text "comment", limit: 16777215, null: false - t.integer "upvotes", default: 0, null: false - t.integer "downvotes", default: 0, null: false + t.integer "upvotes", limit: 4, default: 0, null: false + t.integer "downvotes", limit: 4, default: 0, null: false t.decimal "confidence", precision: 20, scale: 19, default: 0.0, null: false t.text "markeddown_comment", limit: 16777215 t.boolean "is_deleted", default: false t.boolean "is_moderated", default: false t.boolean "is_from_email", default: false - t.integer "hat_id" + t.integer "hat_id", limit: 4 + t.boolean "is_dragon", default: false end add_index "comments", ["confidence"], name: "confidence_idx", using: :btree add_index "comments", ["short_id"], name: "short_id", unique: true, using: :btree add_index "comments", ["story_id", "short_id"], name: "story_id_short_id", using: :btree add_index "comments", ["thread_id"], name: "thread_id", using: :btree + add_index "comments", ["user_id"], name: "index_comments_on_user_id", using: :btree - create_table "hat_requests", force: true do |t| + create_table "hat_requests", force: :cascade do |t| t.datetime "created_at" t.datetime "updated_at" - t.integer "user_id" - t.string "hat" - t.string "link" - t.text "comment" + t.integer "user_id", limit: 4 + t.string "hat", limit: 255 + t.string "link", limit: 255 + t.text "comment", limit: 65535 end - create_table "hats", force: true do |t| + create_table "hats", force: :cascade do |t| t.datetime "created_at" t.datetime "updated_at" - t.integer "user_id" - t.integer "granted_by_user_id" - t.string "hat" - t.string "link" + t.integer "user_id", limit: 4 + t.integer "granted_by_user_id", limit: 4 + t.string "hat", limit: 255 + t.string "link", limit: 255 end - create_table "hidden_stories", force: true do |t| - t.integer "user_id" - t.integer "story_id" + create_table "hidden_stories", force: :cascade do |t| + t.integer "user_id", limit: 4 + t.integer "story_id", limit: 4 end add_index "hidden_stories", ["user_id", "story_id"], name: "index_hidden_stories_on_user_id_and_story_id", unique: true, using: :btree - create_table "invitation_requests", force: true do |t| - t.string "code" - t.boolean "is_verified", default: false - t.string "email" - t.string "name" - t.text "memo" - t.string "ip_address" - t.datetime "created_at", null: false - t.datetime "updated_at", null: false + create_table "invitation_requests", force: :cascade do |t| + t.string "code", limit: 255 + t.boolean "is_verified", default: false + t.string "email", limit: 255 + t.string "name", limit: 255 + t.text "memo", limit: 65535 + t.string "ip_address", limit: 255 + t.datetime "created_at", null: false + t.datetime "updated_at", null: false end - create_table "invitations", force: true do |t| - t.integer "user_id" - t.string "email" - t.string "code" + create_table "invitations", force: :cascade do |t| + t.integer "user_id", limit: 4 + t.string "email", limit: 255 + t.string "code", limit: 255 t.datetime "created_at", null: false t.datetime "updated_at", null: false t.text "memo", limit: 16777215 end - create_table "keystores", id: false, force: true do |t| + create_table "keystores", id: false, force: :cascade do |t| t.string "key", limit: 50, default: "", null: false t.integer "value", limit: 8 end add_index "keystores", ["key"], name: "key", unique: true, using: :btree - create_table "messages", force: true do |t| + create_table "messages", force: :cascade do |t| t.datetime "created_at" - t.integer "author_user_id" - t.integer "recipient_user_id" + t.integer "author_user_id", limit: 4 + t.integer "recipient_user_id", limit: 4 t.boolean "has_been_read", default: false t.string "subject", limit: 100 t.text "body", limit: 16777215 @@ -103,39 +105,40 @@ ActiveRecord::Schema.define(version: 20160704022756) do add_index "messages", ["short_id"], name: "random_hash", unique: true, using: :btree - create_table "moderations", force: true do |t| + create_table "moderations", force: :cascade do |t| t.datetime "created_at", null: false t.datetime "updated_at", null: false - t.integer "moderator_user_id" - t.integer "story_id" - t.integer "comment_id" - t.integer "user_id" + t.integer "moderator_user_id", limit: 4 + t.integer "story_id", limit: 4 + t.integer "comment_id", limit: 4 + t.integer "user_id", limit: 4 t.text "action", limit: 16777215 t.text "reason", limit: 16777215 t.boolean "is_from_suggestions", default: false end - create_table "stories", force: true do |t| + create_table "stories", force: :cascade do |t| t.datetime "created_at" - t.integer "user_id" + t.integer "user_id", limit: 4 t.string "url", limit: 250, default: "" t.string "title", limit: 150, default: "", null: false t.text "description", limit: 16777215 t.string "short_id", limit: 6, default: "", null: false t.boolean "is_expired", default: false, null: false - t.integer "upvotes", default: 0, null: false - t.integer "downvotes", default: 0, null: false + t.integer "upvotes", limit: 4, default: 0, null: false + t.integer "downvotes", limit: 4, default: 0, null: false t.boolean "is_moderated", default: false, null: false t.decimal "hotness", precision: 20, scale: 10, default: 0.0, null: false t.text "markeddown_description", limit: 16777215 t.text "story_cache", limit: 16777215 - t.integer "comments_count", default: 0, null: false - t.integer "merged_story_id" + t.integer "comments_count", limit: 4, default: 0, null: false + t.integer "merged_story_id", limit: 4 t.datetime "unavailable_at" t.string "twitter_id", limit: 20 t.boolean "user_is_author", default: false end + add_index "stories", ["created_at"], name: "index_stories_on_created_at", using: :btree add_index "stories", ["hotness"], name: "hotness_idx", using: :btree add_index "stories", ["is_expired", "is_moderated"], name: "is_idxes", using: :btree add_index "stories", ["merged_story_id"], name: "index_stories_on_merged_story_id", using: :btree @@ -143,35 +146,35 @@ ActiveRecord::Schema.define(version: 20160704022756) do add_index "stories", ["twitter_id"], name: "index_stories_on_twitter_id", using: :btree add_index "stories", ["url"], name: "url", length: {"url"=>191}, using: :btree - create_table "suggested_taggings", force: true do |t| - t.integer "story_id" - t.integer "tag_id" - t.integer "user_id" + create_table "suggested_taggings", force: :cascade do |t| + t.integer "story_id", limit: 4 + t.integer "tag_id", limit: 4 + t.integer "user_id", limit: 4 end - create_table "suggested_titles", force: true do |t| - t.integer "story_id" - t.integer "user_id" + create_table "suggested_titles", force: :cascade do |t| + t.integer "story_id", limit: 4 + t.integer "user_id", limit: 4 t.string "title", limit: 150, null: false end - create_table "tag_filters", force: true do |t| - t.datetime "created_at", null: false - t.datetime "updated_at", null: false - t.integer "user_id" - t.integer "tag_id" + create_table "tag_filters", force: :cascade do |t| + t.datetime "created_at", null: false + t.datetime "updated_at", null: false + t.integer "user_id", limit: 4 + t.integer "tag_id", limit: 4 end add_index "tag_filters", ["user_id", "tag_id"], name: "user_tag_idx", using: :btree - create_table "taggings", force: true do |t| - t.integer "story_id", null: false - t.integer "tag_id", null: false + create_table "taggings", force: :cascade do |t| + t.integer "story_id", limit: 4, null: false + t.integer "tag_id", limit: 4, null: false end add_index "taggings", ["story_id", "tag_id"], name: "story_id_tag_id", unique: true, using: :btree - create_table "tags", force: true do |t| + create_table "tags", force: :cascade do |t| t.string "tag", limit: 25, default: "", null: false t.string "description", limit: 100 t.boolean "privileged", default: false @@ -182,39 +185,30 @@ ActiveRecord::Schema.define(version: 20160704022756) do add_index "tags", ["tag"], name: "tag", unique: true, using: :btree - create_table "users", force: true do |t| - t.string "username", limit: 50 - t.string "email", limit: 100 - t.string "password_digest", limit: 75 + create_table "users", force: :cascade do |t| + t.string "username", limit: 50 + t.string "email", limit: 100 + t.string "password_digest", limit: 75 t.datetime "created_at" - t.boolean "email_notifications", default: false - t.boolean "is_admin", default: false - t.string "password_reset_token", limit: 75 - t.string "session_token", limit: 75, default: "", null: false - t.text "about", limit: 16777215 - t.integer "invited_by_user_id" - t.boolean "email_replies", default: false - t.boolean "pushover_replies", default: false - t.string "pushover_user_key" - t.boolean "email_messages", default: true - t.boolean "pushover_messages", default: true - t.boolean "is_moderator", default: false - t.boolean "email_mentions", default: false - t.boolean "pushover_mentions", default: false - t.string "rss_token", limit: 75 - t.string "mailing_list_token", limit: 75 - t.integer "mailing_list_mode", default: 0 - t.integer "karma", default: 0, null: false + t.boolean "is_admin", default: false + t.string "password_reset_token", limit: 75 + t.string "session_token", limit: 75, default: "", null: false + t.text "about", limit: 16777215 + t.integer "invited_by_user_id", limit: 4 + t.boolean "is_moderator", default: false + t.boolean "pushover_mentions", default: false + t.string "rss_token", limit: 75 + t.string "mailing_list_token", limit: 75 + t.integer "mailing_list_mode", limit: 4, default: 0 + t.integer "karma", limit: 4, default: 0, null: false t.datetime "banned_at" - t.integer "banned_by_user_id" - t.string "banned_reason", limit: 200 + t.integer "banned_by_user_id", limit: 4 + t.string "banned_reason", limit: 200 t.datetime "deleted_at" - t.boolean "show_avatars", default: false - t.boolean "show_story_previews", default: false - t.boolean "show_submitted_story_threads", default: true t.datetime "disabled_invite_at" - t.integer "disabled_invite_by_user_id" - t.string "disabled_invite_reason", limit: 200 + t.integer "disabled_invite_by_user_id", limit: 4 + t.string "disabled_invite_reason", limit: 200 + t.text "settings", limit: 65535 end add_index "users", ["mailing_list_mode"], name: "mailing_list_enabled", using: :btree @@ -224,14 +218,15 @@ ActiveRecord::Schema.define(version: 20160704022756) do add_index "users", ["session_token"], name: "session_hash", unique: true, using: :btree add_index "users", ["username"], name: "username", unique: true, using: :btree - create_table "votes", force: true do |t| - t.integer "user_id", null: false - t.integer "story_id", null: false - t.integer "comment_id" + create_table "votes", force: :cascade do |t| + t.integer "user_id", limit: 4, null: false + t.integer "story_id", limit: 4, null: false + t.integer "comment_id", limit: 4 t.integer "vote", limit: 1, null: false t.string "reason", limit: 1 end + add_index "votes", ["comment_id"], name: "index_votes_on_comment_id", using: :btree add_index "votes", ["user_id", "comment_id"], name: "user_id_comment_id", using: :btree add_index "votes", ["user_id", "story_id"], name: "user_id_story_id", using: :btree diff --git a/extras/github.rb b/extras/github.rb new file mode 100644 index 0000000..5904dae --- /dev/null +++ b/extras/github.rb @@ -0,0 +1,40 @@ +class Github + cattr_accessor :CLIENT_ID, :CLIENT_SECRET + + # these need to be overridden in config/initializers/production.rb + @@CLIENT_ID = nil + @@CLIENT_SECRET = nil + + def self.enabled? + self.CLIENT_ID.present? + end + + def self.oauth_consumer + OAuth::Consumer.new(self.CLIENT_ID, self.CLIENT_SECRET, + { :site => "https://api.github.com" }) + end + + def self.token_and_user_from_code(code) + s = Sponge.new + res = s.fetch("https://github.com/login/oauth/access_token", :post, + { :client_id => self.CLIENT_ID, :client_secret => self.CLIENT_SECRET, + :code => code }) + ps = CGI.parse(res) + tok = ps["access_token"].first + + if tok.present? + res = s.fetch("https://api.github.com/user?access_token=#{tok}") + js = JSON.parse(res) + if js && js["login"].present? + return [ tok, js["login"] ] + end + end + + return [ nil, nil ] + end + + def self.oauth_auth_url(state) + "https://github.com/login/oauth/authorize?client_id=#{self.CLIENT_ID}&" << + "state=#{state}" + end +end diff --git a/extras/markdowner.rb b/extras/markdowner.rb index 095238d..1be448a 100644 --- a/extras/markdowner.rb +++ b/extras/markdowner.rb @@ -1,55 +1,74 @@ class Markdowner # opts[:allow_images] allows,
, etc. headings to just bold tags ng.css("h1, h2, h3, h4, h5, h6").each do |h| h.name = "strong" end + if !opts[:allow_images] + ng.css("img").remove + end + # make links have rel=nofollow ng.css("a").each do |h| - h[:rel] = "nofollow" + h[:rel] = "nofollow" unless (URI.parse(h[:href]).host.nil? rescue false) end - # XXX: t.replace(tx) unescapes HTML, so disable for now. this probably - # needs to split text into separate nodes and then replace the @username - # with a proper 'a' node -if false - unless opts[:disable_profile_links] - # make @username link to that user's profile - ng.search("//text()").each do |t| - if t.parent && t.parent.name.downcase == "a" - # don't replace inside s - next - end - - tx = t.text.gsub(/\B\@([\w\-]+)/) do |u| - if User.exists?(:username => u[1 .. -1]) - "#{u}" - else - u - end - end - - t.replace(tx) - end - end -end - ng.at_css("body").inner_html end + + def self.walk_text_nodes(node, &block) + return if node.type == :link + return block.call(node) if node.type == :text + + node.each do |child| + walk_text_nodes(child, &block) + end + end + + def self.postprocess_text_node(node) + while node + return unless node.string_content =~ /\B(@#{User::VALID_USERNAME})/ + before, user, after = $`, $1, $' + + node.string_content = before + + if User.exists?(:username => user[1..-1]) + link = CommonMarker::Node.new(:link) + link.url = "/u/#{user[1..-1]}" + node.insert_after(link) + + link_text = CommonMarker::Node.new(:text) + link_text.string_content = user + link.append_child(link_text) + + node = link + else + node.string_content += user + end + + if after.length > 0 + remainder = CommonMarker::Node.new(:text) + remainder.string_content = after + node.insert_after(remainder) + + node = remainder + else + node = nil + end + end + end end diff --git a/extras/pushover.rb b/extras/pushover.rb index ad1cb5d..163f325 100644 --- a/extras/pushover.rb +++ b/extras/pushover.rb @@ -3,8 +3,12 @@ class Pushover cattr_accessor :API_TOKEN cattr_accessor :SUBSCRIPTION_CODE + def self.enabled? + self.API_TOKEN.present? + end + def self.push(user, params) - if !@@API_TOKEN + if !self.enabled? return end @@ -15,7 +19,7 @@ class Pushover s = Sponge.new s.fetch("https://api.pushover.net/1/messages.json", :post, { - :token => @@API_TOKEN, + :token => self.API_TOKEN, :user => user, }.merge(params)) rescue => e @@ -24,7 +28,7 @@ class Pushover end def self.subscription_url(params) - u = "https://pushover.net/subscribe/#{@@SUBSCRIPTION_CODE}" + u = "https://pushover.net/subscribe/#{self.SUBSCRIPTION_CODE}" u << "?success=#{CGI.escape(params[:success])}" u << "&failure=#{CGI.escape(params[:failure])}" u diff --git a/extras/story_cacher.rb b/extras/story_cacher.rb index a1f344e..21cea43 100644 --- a/extras/story_cacher.rb +++ b/extras/story_cacher.rb @@ -6,18 +6,18 @@ class StoryCacher DIFFBOT_API_URL = "http://www.diffbot.com/api/article" - def self.get_story_text(url) + def self.get_story_text(story) if !@@DIFFBOT_API_KEY return end # XXX: diffbot tries to read pdfs as text, so disable for now - if url.to_s.match(/\.pdf$/i) + if story.url.to_s.match(/\.pdf$/i) return nil end db_url = "#{DIFFBOT_API_URL}?token=#{@@DIFFBOT_API_KEY}&url=" << - CGI.escape(url) + CGI.escape(story.url) begin s = Sponge.new @@ -44,7 +44,7 @@ class StoryCacher begin s = Sponge.new s.timeout = 45 - s.fetch("https://archive.is/#{db_url}") + s.fetch(story.archive_url) rescue => e Rails.logger.error "error caching #{db_url}: #{e.message}" end diff --git a/extras/twitter.rb b/extras/twitter.rb index 6a7f5db..8650b07 100644 --- a/extras/twitter.rb +++ b/extras/twitter.rb @@ -4,6 +4,9 @@ class Twitter # these need to be overridden in config/initializers/production.rb @@CONSUMER_KEY = nil @@CONSUMER_SECRET = nil + + # these are set for the account used to post updates in + # script/post_to_twitter (needs read/write access) @@AUTH_TOKEN = nil @@AUTH_SECRET = nil @@ -12,6 +15,10 @@ class Twitter # https://t.co/eyW1U2HLtP TCO_LEN = 23 + def self.enabled? + self.CONSUMER_KEY.present? + end + def self.oauth_consumer OAuth::Consumer.new(self.CONSUMER_KEY, self.CONSUMER_SECRET, { :site => "https://api.twitter.com" }) @@ -47,4 +54,28 @@ class Twitter end end end + + def self.token_secret_and_user_from_token_and_verifier(tok, verifier) + rt = OAuth::RequestToken.from_hash(self.oauth_consumer, + { :oauth_token => tok }) + at = rt.get_access_token({ :oauth_verifier => verifier }) + + res = at.get("/1.1/account/verify_credentials.json") + js = JSON.parse(res.body) + + if !js["screen_name"].present? + return nil + end + + [ at.token, at.secret, js["screen_name"] ] + end + + def self.oauth_request_token(state) + self.oauth_consumer.get_request_token(:oauth_callback => + Rails.application.root_url + "settings/twitter_callback?state=#{state}") + end + + def self.oauth_auth_url(state) + self.oauth_request_token(state).authorize_url + end end diff --git a/public/404.html b/public/404.html deleted file mode 100644 index 86724f7..0000000 --- a/public/404.html +++ /dev/null @@ -1,9 +0,0 @@ - - - -404
-
-
-
gone fishin'
- - diff --git a/public/robots.txt b/public/robots.txt index aa94cad..87a97c0 100644 --- a/public/robots.txt +++ b/public/robots.txt @@ -1,19 +1,2 @@ -# block all spiders by default -User-agent: * -Disallow: / - -# but allow major ones -User-agent: Googlebot -Allow: / - -User-agent: Slurp -Allow: / - -User-Agent: msnbot -Disallow: - -User-agent: Baiduspider -Disallow: / - User-agent: * Disallow: /search diff --git a/script/mail_new_activity b/script/mail_new_activity index 1214263..a084264 100755 --- a/script/mail_new_activity +++ b/script/mail_new_activity @@ -140,7 +140,7 @@ last_comment_id = (Keystore.value_for(LAST_COMMENT_KEY) || Comment.where("id > ? AND (is_deleted = ? AND is_moderated = ?)", last_comment_id, false, false).order(:id).each do |c| # allow some time for newer comments to be edited before sending them out - if (Time.now - c.created_at) < 2.minutes + if (Time.now - (c.updated_at || c.created_at)) < 2.minutes break end diff --git a/script/post_to_twitter b/script/post_to_twitter index aea3583..d59f495 100755 --- a/script/post_to_twitter +++ b/script/post_to_twitter @@ -7,9 +7,9 @@ require File.expand_path('../../config/boot', __FILE__) require APP_PATH Rails.application.require_environment! -MIN_STORY_SCORE = 2 +MIN_STORY_SCORE = 3 -Story.where("is_expired = ? AND #{Story.score_sql} > ? AND " << +Story.where("is_expired = ? AND #{Story.score_sql} >= ? AND " << "twitter_id IS NULL AND created_at >= ?", false, MIN_STORY_SCORE, Time.now - 1.days).order(:id).each_with_index do |s,x| if s.tags.map(&:tag).include?("meta") @@ -25,12 +25,18 @@ Time.now - 1.days).order(:id).each_with_index do |s,x| tags += ' #' + tagging.tag.tag end - tco_status = "\n" + + via = "" + if s.user.twitter_username.present? + via = "\n" + (s.user_is_author? ? "by" : "via") + + " @#{s.user.twitter_username}" + end + + tco_status = via + "\n" + (s.url.present?? ("X" * Twitter::TCO_LEN) + "\n" : "") + ("X" * Twitter::TCO_LEN) + tags - status = "\n" + + status = via + "\n" + (s.url.present?? s.url + "\n" : "") + s.short_id_url + tags diff --git a/spec/models/markdowner_spec.rb b/spec/models/markdowner_spec.rb index 63c3eee..81776c6 100644 --- a/spec/models/markdowner_spec.rb +++ b/spec/models/markdowner_spec.rb @@ -6,6 +6,16 @@ describe Markdowner do "hello there italics and bold!
" end + it "turns @username into a link if @username exists" do + User.make!(:username => "blahblah") + + Markdowner.to_html("hi @blahblah test").should == + "hi @blahblah test
" + + Markdowner.to_html("hi @flimflam test").should == + "hi @flimflam test
" + end + # bug#209 it "keeps punctuation inside of auto-generated links when using brackets" do Markdowner.to_html("hihi " << "test
" end + + it "correctly adds nofollow" do + Markdowner.to_html("[ex](http://example.com)").should == + "" << + "ex
" + + Markdowner.to_html("[ex](//example.com)").should == + "" << + "ex
" + + Markdowner.to_html("[ex](/u/abc)").should == + "ex
" + end end