It was observed in prod that the lottery prize as tracked by the DB
had diverged from the amount held in the Lottershe manager account.
This appears to be the result of grant_lottery_tickets_to_user
adding the # of _tickets_ rather than the value of those tickets to
the manager.
- Increment cache version on popover badges.
- Add comments+submission_listing.js to assetcache to support ^.
- Append new words to wordle list.
- Cache bust assorted assets for recent PRs.
The recent commit 9168676f78 expanded schema.sql to contain the
badge_defs table contents. Because seed-db.sql was never properly
maintained, I see it as more desirable to have it exported by our
(slightly janky) server auto-commit pipeline.
Additionally, seed-db.sql had badge_defs INSERTs removed.
While working on the file, the bulk `INSERT INTO marseys...` line was
hard-wrapped for clarity and sanity.
In general, we don't do a great job of length validating body_html
fields. Lots of ways to get 500 errors by providing too long of
input. Really ought to find a way to fix it in the classes/comment.py
and classes/submission.py classes. In the interim, the recent gifts
messages change is salient because the notification can 500 out
mid-way through performing coin transactions.
Recommended to find a better way of truncating or safely bubbling
the exception up. Truncating probably not best long-term solution
because it could hypothetically permit strings that would otherwise
be considered unsanitized.
Assetcache: now supports js/userpage.js & js/userpage_v.js.
The three userpage*.html templates now implement it.
Revising gift messages 16587cdf7cf5:
- routes/users.py: Deduplicate code, more descriptive var name.
- templates/userpage.html: Move post-tax gift line below reasons
box. Ultimately just an aesthetic change.
Some users have complained about performance with the backdrop-filter
on .modal-backdrop.show. Partially as a kludge to avoid adding another
toggle, the 'animations' user setting now also disables the backdrop
filter. In practice, this may turn into a more general setting to
remove performance-intensive UI effects.
A rare case where users receive 0 lotto tickets from a treasure chest
occurs when they received 10 or 11 coins from a chest pre-conversion
to lotto tickets. Rather than change ticket_count to the ceil of
dividing coins by ticket cost, it seems less distortionary to instead
imperceptibly raise the minimum to avoid this case.
Due to presently hitting perpetual 429s after a mishap with lottery
polling on production, among past events where admins have gotten
rate-limited for doing otherwise normal admin behavior, the
flask_limiter.Limiter now has a request filter to whitelist JL2+.
Despite running on every request, I don't anticipate this undermining
the DoS prevention power of the Limiter.
It is yet unknown whether there are edge cases where running
get_logged_in_user in a different spot in the request pipeline might
e.g. subtly break the logged-in counters. This is not expected at
present, however.
Snakes
Aevann1
outruncolors