Embedded local posts (posts which link to posts on the same site)
embed the linked post using submission_listing.html via
helpers/jinja2:post_embed. This suffered from much the same issue
recently fixed in submission.html through the addition of
`v_forbid_deleted` in the template before outputting privileged
information. A similar fix has been applied to submission_listing.
Unfortunately, this is not the most elegant fix. Surely this would be
better resolved more centrally in the submission model. However, I am
not clear at present about the precise interaction between deletion,
removal, and realbody & realurl in all of the different places they
are used. This commit fixes the problem, but it also highlights a
potential future refactoring target.
In light of the fact that all searching against the database is done
using ILIKE pattern matching, the only truly case-sensitive part of
the search query was search operator keys. Rather than lowercase the
keys in `criteria` before returning, we instead lowercase the entire
search string at the beginning of parsing. This will further enforce
case-insensitivity on the design of search going forward.
Previously, Markdown ordered lists in user content (in posts,
comments, previews, etc) would display like this:
1.
Foo bar baz.
This is because sanitize populates them as <li><p>Foo bar baz.</p></li>
Rather than mess with the Markdown engine and still not have backwards
compatibility, this has been solved in the frontend using CSS to force
the <p> to display inline.
Draft posts have already been excluded from the edit time limit for
obvious reasons--drafts are intended to be edited, and people use them
as personal megathreads on their profiles. Largely for the latter
use case, this commit also excludes comments on drafts from the limit.
Previously, cli.py ran in <repo-root>/files. However, our relative
paths assume the working directory is <repo-root>. This resulted in
sanitize.render_emoji L153 to improperly return false when checking
for the presence of 'files/assets/images/emojis/{emoji}.webp',
leading to emojis in notifications sent by cli.py-invoked tasks to
not be rendered to HTML.
This bug was discovered when lottery.check_if_end_lottery_task was
failing due to a stack trace thru end_lottery session < badge_grant
< send_repeatable_notifications < sanitize L208. In particular, when
`flask cron` (helpers/cron.py) executes, it does not set g.v, whereas
this code previously assumed that g.v : (None + User) and did not
check for its presence.
The previous fix to shadowbanned users not being able to view their
own profile broke userpages for logged out users (and filled the log
up with 500s) due to sloppy logic around accessing v.id. This has
been remedied.
These are all minor and uncontroversial enough it just felt gross
making multiple commits.
- Adds marseymummified.
- Changes the new `raise ValueError(...)` in badge_grant to
an `assert`.
- Expands assetcache to a convenient grab bag of JS files.
First, the apparent errors with >= 9 and 99 in the Marseys and
referrals code after the refactor are not actually bugs: they were
bug fixes mixed in with the refactor to fix an off-by-one.
Next, instead of failing silently on the `not user` branch in
badge_grant, we throw a ValueError. This retains the current
behavior where users get 500s to report while also enforcing the
assertion near the edge of the function.
Kitchen sink commit of semi-related things:
- `#profile--bio a` tags didn't properly wrap on mobile with some
browsers. Changing overflow-wrap may fix this.
- Userpage markup for mobile tried to place profile_bio inside a
<p> tag. Nesting paragraphs is invalid HTML. It has been made a
<div> to match desktop and even nearby sections on mobile.
- Fedi icon in mobile dropdown had the wrong classes, which broke
consistent styling with its neighbors.
- fa-square-share-nodes improperly wound up with the fa-share-nodes
character code when committed.
The sidebar previously did not prioritize information as well as
desired, and the proliferation of megathreads led to a number of
icons occupying frontpage visual space despite not often being
useful to frontpage use cases. Therefore, they have been moved to
a new page.
The /directory page is predominantly created with template logic,
and it should be within the ability of our semi-technical jannie
staff to maintain.
Previously, notification bell linking & color logic was interspersed
between templates and the user model. It doesn't _really_ belong in
the user model, but it's been moved out of the templates to there to
at least centralize it. This was also used as an opportunity to make
the modactions inbox color the bell appropriately.