2 | Now that you are a member you can invite people you think would be a good fit.
3 | This is available anytime from your settings page.
4 |
5 |
6 | <%= render :partial => "users/invitationform",
7 | :locals => { :return_home => true } %>
8 |
9 |
4 | <%= f.label :category, 'Name', class: 'required' %>
5 | <%= f.text_field :category %>
6 |
7 |
8 | <%= f.submit category.persisted? ? 'Update Category' : 'Create Category' %>
9 | <% end %>
10 |
--------------------------------------------------------------------------------
/app/views/invitation_mailer/invitation.text.erb:
--------------------------------------------------------------------------------
1 | Hello <%= @invitation.email %>,
2 |
3 | The user <%= @invitation.user.username %> has invited you to <%= Rails.application.name %> (<%= Rails.application.root_url %>)<%= @invitation.memo.present? ? raw("\n\n #{@invitation.memo}") : "" %>
4 |
5 | To accept this invitation and create an account, visit the URL below:
6 |
7 | <%= Rails.application.root_url %>invitations/<%= @invitation.code %>
8 |
--------------------------------------------------------------------------------
/db/migrate/20240208024935_remove_twitter.rb:
--------------------------------------------------------------------------------
1 | class RemoveTwitter < ActiveRecord::Migration[7.1]
2 | def change
3 | User.where("settings like '%twitter_%'").find_each do |user|
4 | user.settings.delete :twitter_oauth_token
5 | user.settings.delete :twitter_oauth_token_secret
6 | user.settings.delete :twitter_username
7 | user.save!
8 | end
9 | remove_index :stories, :twitter_id
10 | end
11 | end
12 |
--------------------------------------------------------------------------------
/db/migrate/20130622021035_add_user_list_id.rb:
--------------------------------------------------------------------------------
1 | class AddUserListId < ActiveRecord::Migration
2 | def up
3 | add_column :users, :mailing_list_token, :string
4 | add_column :users, :mailing_list_enabled, :boolean, default: false
5 |
6 | add_index "users", ["mailing_list_enabled"]
7 | end
8 |
9 | def down
10 | remove_column :users, :mailing_list_token
11 | remove_column :users, :mailing_list_enabled
12 | end
13 | end
14 |
--------------------------------------------------------------------------------
/db/migrate/20180130235553_add_read_notification_support.rb:
--------------------------------------------------------------------------------
1 | class AddReadNotificationSupport < ActiveRecord::Migration[5.1]
2 | def change
3 | create_table :read_ribbons do |t|
4 | t.boolean :is_following, default: true
5 | t.timestamps
6 | end
7 |
8 | add_reference :read_ribbons, :user, index: true
9 | add_reference :read_ribbons, :story, index: true
10 |
11 | create_view :replying_comments
12 | end
13 | end
14 |
--------------------------------------------------------------------------------
/db/migrate/20220806200248_set_is_tracker_as_banned_to_domains.rb:
--------------------------------------------------------------------------------
1 | class SetIsTrackerAsBannedToDomains < ActiveRecord::Migration[7.0]
2 | def up
3 | banned_by_user = User.find_by(username: "pushcx")
4 | Domain.where(is_tracker: true).each do |domain|
5 | domain.ban_by_user_for_reason!(banned_by_user, "Used for link shortening and ad tracking")
6 | end
7 |
8 | remove_column :domains, :is_tracker, :boolean
9 | end
10 | end
11 |
--------------------------------------------------------------------------------
/hatchbox/aliases:
--------------------------------------------------------------------------------
1 | # See man 5 aliases for format
2 |
3 | # do not include 'lobsters' here - main.cf has ingress configured for mailing list
4 |
5 | # system
6 | root: ADMIN_EMAIL
7 | abuse: root
8 | admin: root
9 | contact: root
10 | deploy: root
11 | help: root
12 | postmaster: root
13 | security: root
14 | support: root
15 | webmaster: root
16 |
17 | # personal
18 | peter: ADMIN_EMAIL
19 | pushcx: ADMIN_EMAIL
20 |
21 | nobody: /dev/null
22 |
--------------------------------------------------------------------------------
/app/helpers/cabinet_helper.rb:
--------------------------------------------------------------------------------
1 | module CabinetHelper
2 | def debug_render *args
3 | capture do
4 | concat content_tag(:details,
5 | content_tag(:summary, "header") +
6 | content_tag(:pre, word_wrap("render #{args.inspect}")),
7 | style: "margin-left: 20px")
8 | concat render(*args)
9 | end
10 | end
11 |
12 | def as_user user
13 | @user = user
14 | yield
15 | @user = nil
16 | end
17 | end
18 |
--------------------------------------------------------------------------------
/app/views/mod/flagged_comments.html.erb:
--------------------------------------------------------------------------------
1 | <%= render partial: 'subnav', locals: { periods: @periods } %>
2 |
3 | <% if @comments.present? %>
4 |
11 | <% else %>
12 | ",
10 | replyto: "#{@banner.username} <#{@banner.email}>",
11 | to: user.email,
12 | subject: "[#{Rails.application.name}] You have been banned"
13 | )
14 | end
15 | end
16 |
--------------------------------------------------------------------------------
/app/views/comments/_too_deep.html.erb:
--------------------------------------------------------------------------------
1 | <%# locals: () -%>
2 |
12 |
--------------------------------------------------------------------------------
/db/migrate/20200210125425_add_domain_banning.rb:
--------------------------------------------------------------------------------
1 | class AddDomainBanning < ActiveRecord::Migration[5.2]
2 | def change
3 | add_column :domains, :banned_at, :datetime, null: true, default: nil
4 | add_column :domains, :banned_by_user_id, :integer, null: true, default: nil
5 | add_column :domains, :banned_reason, :string, limit: 200
6 | add_column :moderations, :domain_id, :integer, null: true, default: nil
7 | add_index :moderations, :domain_id
8 | end
9 | end
10 |
--------------------------------------------------------------------------------
/db/migrate/20131018201413_add_invitation_requests.rb:
--------------------------------------------------------------------------------
1 | class AddInvitationRequests < ActiveRecord::Migration
2 | def up
3 | create_table :invitation_requests do |t|
4 | t.string :code
5 | t.boolean :is_verified, default: false
6 | t.string :email
7 | t.string :name
8 | t.text :memo
9 | t.string :ip_address
10 | t.timestamps null: false
11 | end
12 | end
13 |
14 | def down
15 | drop_table :invitation_requests
16 | end
17 | end
18 |
--------------------------------------------------------------------------------
/app/views/login/forgot_password.html.erb:
--------------------------------------------------------------------------------
1 |
2 | If you've forgotten your password, enter your e-mail address or username
3 | below and instructions will be e-mailed to you.
4 |
5 |
6 | <%= form_with url: reset_password_path do |f| %>
7 |
8 | <%= f.label :email, "E-mail or Username" %>
9 | <%= f.text_field :email, :size => 30, :autofocus => "autofocus", :inputmode => "email" %>
10 |
11 |
12 | <%= f.submit "Reset Password" %>
13 | <% end %>
14 |
--------------------------------------------------------------------------------
/db/migrate/20220331165136_message_author_nullable.rb:
--------------------------------------------------------------------------------
1 | class MessageAuthorNullable < ActiveRecord::Migration[6.1]
2 | def up
3 | change_column_null :messages, :author_user_id, true
4 | Story.connection.execute("UPDATE messages SET author_user_id = NULL WHERE author_user_id = 0")
5 | end
6 |
7 | def down
8 | Story.connection.execute("UPDATE messages SET author_user_id = 0 WHERE author_user_id IS NULL")
9 | change_column_null :messages, :author_user_id, false
10 | end
11 | end
12 |
--------------------------------------------------------------------------------
/public/504.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Lobsters HTTP 504 status: puma timeout
5 |
6 |
7 | Lobsters HTTP 504 status: server error
8 |
9 | The puma worker timed out responding to your request.
10 |
11 |
12 | If this persists, please come to the
13 | IRC channel
14 | (webchat).
15 |
16 |
17 |
18 |
--------------------------------------------------------------------------------
/config/initializers/backtrace_silencers.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # You can add backtrace silencers for libraries that you're using but don't
6 | # wish to see in your backtraces.
7 | # Rails.backtrace_cleaner.add_silencer { |line| line =~ /my_noisy_library/ }
8 |
9 | # You can also remove all the silencers if you're trying to debug a problem
10 | # that might stem from framework code.
11 | # Rails.backtrace_cleaner.remove_silencers!
12 |
--------------------------------------------------------------------------------
/db/migrate/20200828015742_fix_comment_flags_default.rb:
--------------------------------------------------------------------------------
1 | class FixCommentFlagsDefault < ActiveRecord::Migration[6.0]
2 | def change
3 | change_column :comments, :flags, :integer, default: 0, null: false, unsigned: true
4 | ActiveRecord::Base.connection.execute <<~SQL
5 | update comments
6 | set flags = coalesce((
7 | select count(vote)
8 | from votes
9 | where comment_id = comments.id
10 | and vote = -1
11 | ), 0)
12 | SQL
13 | end
14 | end
15 |
--------------------------------------------------------------------------------
/hatchbox/opendkim.service:
--------------------------------------------------------------------------------
1 | [Unit]
2 | Description=OpenDKIM Milter
3 | Documentation=man:opendkim(8) man:opendkim.conf(5) man:opendkim-lua(3) man:opendkim-genkey(8) man:opendkim-genzone(8) man:opendkim-testkey(8) http://www.opendkim.org/docs.html
4 | After=network.target nss-lookup.target
5 |
6 | [Service]
7 | User=opendkim
8 | Group=opendkim
9 | Type=forking
10 | ExecStart=/usr/sbin/opendkim
11 | ExecReload=/bin/kill -USR1 $MAINPID
12 | Restart=on-failure
13 |
14 | [Install]
15 | WantedBy=multi-user.target
16 |
--------------------------------------------------------------------------------
/db/migrate/20120902143549_add_moderation_log.rb:
--------------------------------------------------------------------------------
1 | class AddModerationLog < ActiveRecord::Migration
2 | def up
3 | add_column "users", "is_moderator", :boolean, default: false
4 |
5 | create_table "moderations" do |t|
6 | t.timestamps null: false
7 | t.integer "moderator_user_id"
8 | t.integer "story_id"
9 | t.integer "comment_id"
10 | t.integer "user_id"
11 | t.text "action"
12 | t.text "reason"
13 | end
14 | end
15 |
16 | def down
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/hatchbox/bash_aliases:
--------------------------------------------------------------------------------
1 | export EDITOR=vim
2 | export HISTFILESIZE=$HISTSIZE
3 | export HISTIGNORE=[fb]g
4 | export HISTSIZE=100000
5 | export PAGER="less -R"
6 |
7 | alias be="bundle exec"
8 | alias c="curl"
9 | alias cl="clear"
10 | alias con="cd ~deploy/lobsters/current; bundle exec rails console"
11 | alias db="cd ~deploy/lobsters/current; bundle exec rails db -p"
12 | alias e="exa"
13 | alias et="exa -snew"
14 | alias fd="fdfind"
15 | alias gerp="grep"
16 | alias g="git"
17 | alias vi="vim"
18 |
19 | set -o vi
20 |
--------------------------------------------------------------------------------
/spec/routing/origin_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe "origin routing" do
6 | it "routes a single origin" do
7 | assert_recognizes({controller: "home", action: "for_origin", identifier: "github.com/alice"}, "/origins/github.com/alice")
8 | end
9 |
10 | it "redirects attempts to load an identifier from a domain url", type: :request do
11 | get "/domains/github.com/alice"
12 | expect(response).to redirect_to("/origins/github.com/alice")
13 | end
14 | end
15 |
--------------------------------------------------------------------------------
/config/initializers/session_store.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # match this in caddy config for bypassing the file cache
6 | Lobsters::Application.config.session_store :cookie_store,
7 | key: "lobster_trap",
8 | expire_after: 1.month,
9 | httponly: true,
10 | same_site: :strict
11 | # :secure commented out because it's redundant with config.force_ssl
12 | # https://api.rubyonrails.org/v5.2.8.1/classes/ActionDispatch/SSL.html
13 | # secure: true
14 |
--------------------------------------------------------------------------------
/db/migrate/20240717155412_hydrate_links.rb:
--------------------------------------------------------------------------------
1 | class HydrateLinks < ActiveRecord::Migration[7.1]
2 | def up
3 | Comment.where("comment like '%https://%' or comment like '%http://%'").find_each do |c|
4 | Link.recreate_from_comment! c
5 | end
6 | Story.where("id >= 40621").where("url is not null or (description like '%https://%' or description like '%http://%')").find_each do |s|
7 | Link.recreate_from_story! s
8 | end
9 | end
10 |
11 | def down
12 | Link.delete_all
13 | end
14 | end
15 |
--------------------------------------------------------------------------------
/app/helpers/stories_helper.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | module StoriesHelper
4 | def show_guidelines?(user)
5 | if !user
6 | return true
7 | end
8 |
9 | if user.stories_submitted_count <= 5
10 | return true
11 | end
12 |
13 | if Moderation.joins(:story)
14 | .where(
15 | "stories.user_id = ? AND moderations.created_at > ?",
16 | user.id,
17 | 5.days.ago
18 | ).exists?
19 | return true
20 | end
21 |
22 | false
23 | end
24 | end
25 |
--------------------------------------------------------------------------------
/app/views/login/twofa.html.erb:
--------------------------------------------------------------------------------
1 | <%= form_with url: twofa_login_url do |f| %>
2 |
3 | Enter the current TOTP code from your TOTP application:
4 |
5 |
6 |
7 | <%= f.label :totp_code, "TOTP Code" %>
8 | <%= f.text_field :totp_code,
9 | :inputmode => "numeric",
10 | :pattern => "[0-9]+",
11 | :autocomplete => "one-time-code",
12 | :autofocus => true,
13 | :class => "totp_code" %>
14 |
15 |
16 | <%= f.submit "Login" %>
17 | <% end %>
18 |
19 |
--------------------------------------------------------------------------------
/db/migrate/20170225201811_delete_old_settings.rb:
--------------------------------------------------------------------------------
1 | class DeleteOldSettings < ActiveRecord::Migration
2 | def change
3 | [
4 | :email_notifications,
5 | :email_replies,
6 | :pushover_replies,
7 | :pushover_user_key,
8 | :email_messages,
9 | :pushover_messages,
10 | :email_mentions,
11 | :show_avatars,
12 | :show_story_previews,
13 | :show_submitted_story_threads
14 | ].each do |col|
15 | remove_column :users, "old_#{col}"
16 | end
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/db/migrate/20240907171330_fix_links_in_invite_notes.rb:
--------------------------------------------------------------------------------
1 | class FixLinksInInviteNotes < ActiveRecord::Migration[7.1]
2 | def up
3 | ModNote.where("note LIKE '%another user tried to redeem%'").find_each do |mod_note|
4 | mod_note.note = mod_note.note.gsub(/attempted redeemer: \[(.*)\].*\)/) do |match|
5 | "attempted redeemer: [#{$1}](https://#{Rails.application.domain}/~#{$1})"
6 | end
7 | mod_note.save!
8 | end
9 | end
10 |
11 | def down
12 | # time to roll forward
13 | end
14 | end
15 |
--------------------------------------------------------------------------------
/spec/helpers/cabinet_helper_spec.rb:
--------------------------------------------------------------------------------
1 | require "rails_helper"
2 |
3 | # Specs in this file have access to a helper object that includes
4 | # the CabinetHelper. For example:
5 | #
6 | # describe CabinetHelper do
7 | # describe "string concat" do
8 | # it "concats two strings with spaces" do
9 | # expect(helper.concat_strings("this","that")).to eq("this that")
10 | # end
11 | # end
12 | # end
13 | RSpec.describe CabinetHelper, type: :helper do
14 | pending "add some examples to (or delete) #{__FILE__}"
15 | end
16 |
--------------------------------------------------------------------------------
/public/500.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Lobsters HTTP 500 status: server error
5 |
6 |
7 | Lobsters HTTP 500 status: server error
8 | The page you requested cannot be displayed.
9 | The site operators have been notified of this error. You're welcome to and encouraged to also report it in the IRC channel (also accessible via webchat).
10 |
11 |
12 |
--------------------------------------------------------------------------------
/app/views/hats/edit.html.erb:
--------------------------------------------------------------------------------
1 | <%= form_with model: @hat, url: update_in_place_hat_path(@hat), method: :post do |f| %>
2 |
3 | <%= f.label :user_id, "User" %>
4 | <%= styled_user_link @hat.user %>
5 |
6 | <%= f.label :hat, "Hat" %>
7 | <%= f.text_field :hat %>
8 |
9 |
10 |
11 | <%= f.submit "Edit In-Place", formaction: update_in_place_hat_path(@hat) %>
12 | <%= f.submit "Doff & Create", formaction: update_by_recreating_hat_path(@hat) %>
13 |
14 | <% end %>
15 |
--------------------------------------------------------------------------------
/spec/factories/domain.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | FactoryBot.define do
4 | factory :domain do
5 | sequence(:domain) { |n| Faker::Internet.domain_name }
6 |
7 | trait(:banned) do
8 | banned_by_user { association(:user) }
9 | banned_at { Time.current }
10 | banned_reason { "some reason" }
11 | end
12 |
13 | trait(:github_with_selector) do
14 | domain { "github.com" }
15 | selector { "\\Ahttps?://github.com/+([^/]+).*\\z" }
16 | replacement { "github.com/\\1" }
17 | end
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/app/views/hats/doff.html.erb:
--------------------------------------------------------------------------------
1 | <%= form_with url: doff_by_user_hat_path(@hat) do |f| %>
2 |
3 | <%= f.label :user_id, "User" %>
4 | <%= styled_user_link @hat.user %>
5 |
6 | <%= f.label :hat, "Hat" %>
7 | <%= @hat.to_html_label %>
8 |
9 | <%= f.label :reason, "Reason" %>
10 |
11 | <%= f.text_field :reason %>
12 |
13 | Short public explanation, like "Left project"
14 |
15 |
16 |
17 |
18 | <%= submit_tag "Doff Hat" %>
19 | <% end %>
20 |
--------------------------------------------------------------------------------
/hatchbox/Caddyfile:
--------------------------------------------------------------------------------
1 | # Must manually copy this into the 'Caddyfile' text area on hatchbox's web panel
2 | # and click 'Update Caddy'.
3 | #
4 | # The regular app deploy does not update Caddy config.
5 | import /home/deploy/lobsters/current/hatchbox/Caddyfile.pre*
6 | import /home/deploy/lobsters/shared/etc/Caddyfile.pre*
7 |
8 | # {encode}
9 | %{encode}
10 |
11 | # {file_server}
12 | %{file_server}
13 |
14 | # {default}
15 | %{default}
16 |
17 | import /home/deploy/lobsters/current/hatchbox/Caddyfile.post*
18 | import /home/deploy/lobsters/shared/etc/Caddyfile.post*
19 |
--------------------------------------------------------------------------------
/db/migrate/20150211170052_move_hidden_votes_to_hidden_story.rb:
--------------------------------------------------------------------------------
1 | class MoveHiddenVotesToHiddenStory < ActiveRecord::Migration
2 | def up
3 | create_table :hidden_stories do |t|
4 | t.integer :user_id
5 | t.integer :story_id
6 | end
7 |
8 | add_index "hidden_stories", ["user_id", "story_id"], unique: true
9 |
10 | Vote.where(vote: 0).each do |v|
11 | hs = HiddenStory.new
12 | hs.user_id = v.user_id
13 | hs.story_id = v.story_id
14 | hs.save!
15 | end
16 |
17 | Vote.where(vote: 0).delete_all
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/db/migrate/20240717144412_create_links.rb:
--------------------------------------------------------------------------------
1 | class CreateLinks < ActiveRecord::Migration[7.1]
2 | def change
3 | create_table :links do |t|
4 | t.string :url, null: false
5 | t.string :normalized_url, null: false
6 | t.index :normalized_url
7 | t.string :title, null: true
8 |
9 | t.bigint :from_story_id, null: true, index: true
10 | t.bigint :from_comment_id, null: true, index: true
11 | t.bigint :to_story_id, null: true, index: true
12 | t.bigint :to_comment_id, null: true, index: true
13 | end
14 | end
15 | end
16 |
--------------------------------------------------------------------------------
/app/views/origins/for_domain.html.erb:
--------------------------------------------------------------------------------
1 |
2 | Domain <%= link_to @domain.domain, @domain %> has <%= "#{number_with_delimiter @origins.count} origin".pluralize(@origins.count) %>
3 |
4 |
5 |
6 | <% @origins.each do |origin| %>
7 | -
8 | <%= link_to origin.identifier, origin_path(origin) %> <%= "#{origin.stories_count} story".pluralize(origin.stories_count) %>
9 | <% if origin.banned? %>
10 | banned
11 | <% end %>
12 | <%= link_to 'Edit', edit_origin_path(origin) if @user&.is_moderator? %>
13 |
14 | <% end %>
15 |
16 |
--------------------------------------------------------------------------------
/script/lobsters-cron:
--------------------------------------------------------------------------------
1 | #!/bin/bash
2 |
3 | err=0
4 | report() {
5 | err=1
6 | echo -n "error at line ${BASH_LINENO[0]}, in call to "
7 | sed -n ${BASH_LINENO[0]}p $0
8 | } >&2
9 | trap report ERR
10 |
11 | cd /home/deploy/lobsters/current
12 | source /home/deploy/.asdf/asdf.sh
13 | eval "$(/home/deploy/.asdf/bin/asdf vars)"
14 |
15 | if [ -f public/maintenance.html ];
16 | then
17 | exit 0
18 | fi
19 |
20 | bundle exec ruby script/mail_new_activity.rb &
21 | bundle exec ruby script/mastodon_post.rb &
22 | bundle exec ruby script/send_new_webmentions &
23 |
24 | exit $err
25 |
--------------------------------------------------------------------------------
/db/migrate/20180506045709_timestamp_votes.rb:
--------------------------------------------------------------------------------
1 | class TimestampVotes < ActiveRecord::Migration[5.1]
2 | def change
3 | add_column :votes, :updated_at, :datetime, null: true
4 | ActiveRecord::Base.connection.execute("update votes, comments set votes.updated_at = comments.created_at where comments.id = votes.comment_id and votes.updated_at is null")
5 | ActiveRecord::Base.connection.execute("update votes, stories set votes.updated_at = stories.created_at where stories.id = votes.story_id and votes.updated_at is null")
6 | change_column_null :votes, :updated_at, false
7 | end
8 | end
9 |
--------------------------------------------------------------------------------
/config/initializers/assets.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # Version of your assets, change this if you want to expire all your assets.
6 | Rails.application.config.assets.version = "1.0"
7 |
8 | # Add additional assets to the asset load path.
9 | # Rails.application.config.assets.paths << Emoji.images_path
10 |
11 | # Precompile additional assets.
12 | # application.js, application.css, and all non-JS/CSS in the app/assets
13 | # folder are already added.
14 | # Rails.application.config.assets.precompile += %w( admin.js admin.css )
15 |
--------------------------------------------------------------------------------
/config/initializers/wrap_parameters.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # This file contains settings for ActionController::ParamsWrapper which
6 | # is enabled by default.
7 |
8 | # Enable parameter wrapping for JSON. You can disable this by setting :format to an empty array.
9 | ActiveSupport.on_load(:action_controller) do
10 | wrap_parameters format: [:json]
11 | end
12 |
13 | # To enable root element in JSON for ActiveRecord objects.
14 | # ActiveSupport.on_load(:active_record) do
15 | # self.include_root_in_json = true
16 | # end
17 |
--------------------------------------------------------------------------------
/.github/pull_request_template.md:
--------------------------------------------------------------------------------
1 |
9 |
--------------------------------------------------------------------------------
/spec/models/hat_request_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe HatRequest do
6 | it "has a limit on the hat field" do
7 | hat_request = build(:hat_request, hat: "a" * 256)
8 | expect(hat_request).to_not be_valid
9 | end
10 |
11 | it "has a limit on the link field" do
12 | hat_request = build(:hat_request, link: "a" * 256)
13 | expect(hat_request).to_not be_valid
14 | end
15 |
16 | it "has a limit on the comment field" do
17 | hat_request = build(:hat_request, comment: "a" * 65_536)
18 | expect(hat_request).to_not be_valid
19 | end
20 | end
21 |
--------------------------------------------------------------------------------
/config/importmap.rb:
--------------------------------------------------------------------------------
1 | # Pin npm packages by running ./bin/importmap
2 |
3 | pin "application"
4 | pin_all_from "app/javascript"
5 | # pin_all_from "vendor/javascripts"
6 |
7 | pin "autosize", to: "autosize.js"
8 |
9 | pin "TomSelect", to: "TomSelect_base.js"
10 | pin "TomSelect_caret_position", to: "TomSelect_caret_position.js"
11 | pin "TomSelect_input_autogrow", to: "TomSelect_input_autogrow.js"
12 | pin "TomSelect_remove_button", to: "TomSelect_remove_button.js"
13 |
14 | pin "tom-select", to: "./vendor/assets/stylesheets/tom-select.css"
15 | pin "tom-remove", to: "./vendor/assets/stylesheets/TomSelect_remove_button.css"
16 |
--------------------------------------------------------------------------------
/db/migrate/20250428193204_typeid_fix_token_name.rb:
--------------------------------------------------------------------------------
1 | class TypeidFixTokenName < ActiveRecord::Migration[8.0]
2 | disable_ddl_transaction!
3 |
4 | def change
5 | [
6 | Category,
7 | Comment,
8 | Domain,
9 | Hat,
10 | HatRequest,
11 | HiddenStory,
12 | Invitation,
13 | InvitationRequest,
14 | Link,
15 | Message,
16 | Moderation,
17 | ModNote,
18 | Origin,
19 | SavedStory,
20 | Story,
21 | Tag,
22 | User
23 | ].each do |model|
24 | rename_column model.table_name, :slug, :token
25 | end
26 | end
27 | end
28 |
--------------------------------------------------------------------------------
/docker-compose.yaml:
--------------------------------------------------------------------------------
1 |
2 | services:
3 | app:
4 | stdin_open: true
5 | tty: true
6 | build:
7 | context: .
8 | dockerfile: Dockerfile.dev
9 | args:
10 | RUBY_VERSION: ${RUBY_VERSION}
11 | volumes:
12 | - .:/lobsters
13 | ports:
14 | - "3000:3000"
15 | depends_on:
16 | - db
17 | db:
18 | image: "docker.io/library/mariadb:11"
19 | restart: always
20 | environment:
21 | MARIADB_ROOT_PASSWORD: localdev
22 | ports:
23 | - 127.0.0.1:3306:3306
24 | volumes:
25 | - db_data:/var/lib/mysql
26 |
27 | volumes:
28 | db_data: {}
29 |
--------------------------------------------------------------------------------
/spec/requests/signup_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe "signup", type: :request do
6 | let!(:inactive_user) { create(:user, :inactive) }
7 | let(:sender) { create(:user) }
8 | let(:invitation) { create(:invitation, user: sender) }
9 |
10 | describe "tattling on logged-in users who visit invite URLs" do
11 | before { sign_in sender }
12 |
13 | it "creates a ModNote" do
14 | expect {
15 | get "/invitations/#{invitation.code}"
16 | }.to change { ModNote.count }.by(2) # one on inviter, one on invitee (though redundnant here)
17 | end
18 | end
19 | end
20 |
--------------------------------------------------------------------------------
/app/models/story_repository.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | class StoryRepository
4 | def initialize(user = nil, params = {})
5 | @user = user
6 | @params = params
7 | end
8 |
9 | def categories(cats)
10 | tagged_story_ids = Tagging.select(:story_id).where(tag_id: Tag.where(category: cats).select(:id))
11 |
12 | Story.base(@user).positive_ranked.where(id: tagged_story_ids).order(created_at: :desc)
13 | end
14 |
15 | def top(length)
16 | top = Story.base(@user).where("created_at >= (NOW() - INTERVAL " \
17 | "#{length[:dur]} #{length[:intv].upcase})")
18 | top.order(score: :desc)
19 | end
20 | end
21 |
--------------------------------------------------------------------------------
/db/migrate/20241104215430_add_comment_stats.rb:
--------------------------------------------------------------------------------
1 | class AddCommentStats < ActiveRecord::Migration[7.2]
2 | def up
3 | create_table :comment_stats do |t|
4 | t.date :date, null: false
5 | t.integer :average, null: false
6 | end
7 | add_index :comment_stats, :date, unique: true
8 |
9 | Comment.connection.execute <<~SQL
10 | insert low_priority into comment_stats (`date`, `average`)
11 | select date(created_at - interval 5 hour) as date, avg(score) from comments group by date(created_at - interval 5 hour)
12 | SQL
13 | end
14 |
15 | def down
16 | drop_table :comment_stats
17 | end
18 | end
19 |
--------------------------------------------------------------------------------
/db/migrate/20230823150648_materialize_confidence_order.rb:
--------------------------------------------------------------------------------
1 | class MaterializeConfidenceOrder < ActiveRecord::Migration[7.0]
2 | def up
3 | add_column :comments, :confidence_order, "binary(3)", null: true, after: :story_id
4 | ActiveRecord::Base.connection.execute <<~SQL
5 | UPDATE comments
6 | SET confidence_order =
7 | concat(lpad(char(65536 - floor(((confidence - -0.2) * 65535) / 1.2) using binary), 2, '0'), char(id & 0xff using binary));
8 | SQL
9 | change_column_null :comments, :confidence_order, false
10 | end
11 |
12 | def down
13 | remove_column :stories, :confidence_order
14 | end
15 | end
16 |
--------------------------------------------------------------------------------
/app/views/users/_flag_warning.html.erb:
--------------------------------------------------------------------------------
1 | <%# locals: (showing_user:, interval:) -%>
2 |
3 | Your comments have been heavily flagged across several stories in the last <%= interval[:human] %>.
4 | Review <%= link_to 'your standing', user_standing_path(@user.username) %> for context on how unusual this is.
5 | Reconsider your behavior or
take a break.
6 |
7 |
8 | You could also talk to <%= link_to 'a mod', moderators_path %> about what went wrong, or
9 | delete your account from the bottom of your <%= link_to 'settings', settings_path %> if you prefer to leave.
10 |
7 | <%= f.label :username, "Username" %>
8 | <%= @reset_user.username %>
9 |
10 | <%= f.label :password, "New Password" %>
11 | <%= f.password_field :password %>
12 |
13 | <%= f.label :password_confirmation, "(Again)" %>
14 | <%= f.password_field :password_confirmation %>
15 |
16 |
17 | <%= f.submit "Set New Password" %>
18 | <% end %>
19 |
--------------------------------------------------------------------------------
/app/views/mod/_subnav.html.erb:
--------------------------------------------------------------------------------
1 | <%# locals: (periods:) -%>
2 | <% content_for :subnav do %>
3 |
4 | <%= link_to_different_page 'Dashboard', mod_path %>
5 | <%= link_to_different_page 'Notes', mod_notes_path(period: '2w') %>
6 | F-Stories: <% periods.each do |p| %><%= link_to_different_page(p, mod_flagged_stories_path(period: p)) %> <% end %>
7 | F-Comments: <% periods.each do |p| %><%= link_to_different_page(p, mod_flagged_comments_path(period: p)) %> <% end %>
8 | Commenters: <% %w{1m 2m 3m 6m}.each do |p| %><%= link_to_different_page(p, mod_commenters_path(period: p)) %> <% end %>
9 | <% end %>
10 |
--------------------------------------------------------------------------------
/app/views/suggestions/new.html.erb:
--------------------------------------------------------------------------------
1 |
2 |
3 | <%= form_with model: @story, url: story_suggestions_path(@story.short_id), method: :post, html: { id: 'edit_story' } do |f| %>
4 | <%= render :partial => "stories/form", :locals => { :story => @story,
5 | :f => f, :suggesting => true } %>
6 |
7 |
8 |
9 |
10 |
11 | <%= f.submit "Suggest Changes" %>
12 | or
cancel
13 |
14 |
15 | <% end %>
16 |
17 |
2 | <% if Rails.application.open_signups? %>
3 |
4 | Not a user yet? Sign up here.
5 |
6 | <% else %>
7 |
8 | Signup is currently by invitation only to combat spam and increase
9 | accountability. If you know <%= link_to 'a current user', users_tree_path %>
10 | of the site, ask them for an invitation, or
11 | <% if Rails.application.allow_invitation_requests? %>
12 | request one publicly.
13 | <% else %>
14 | request one in chat.
15 | <% end %>
16 |
17 | <% end %>
18 |
3 |
4 | | Mod → User/When |
5 | Note |
6 |
7 | <% mod_notes.each do |note| %>
8 |
9 |
10 | <% if note.moderator != InactiveUser.inactive_user %>
11 | <%= note.moderator.username %>
12 | →
13 | <% end %>
14 | <%= link_to note.user.username, user_path(note.user) %>
15 |
16 | <%= raw note.created_at.strftime("%Y-%m-%d %H:%M %z") %>
17 | |
18 | <%= raw note.markeddown_note %> |
19 |
20 | <% end %>
21 |
22 |
--------------------------------------------------------------------------------
/db/migrate/20120705145520_move_markdown_into_sql.rb:
--------------------------------------------------------------------------------
1 | class MoveMarkdownIntoSql < ActiveRecord::Migration
2 | def up
3 | add_column :comments, :markeddown_comment, :text
4 | add_column :stories, :markeddown_description, :text
5 |
6 | Comment.all.each do |c|
7 | c.markeddown_comment = c.generated_markeddown_comment
8 | Comment.record_timestamps = false
9 | c.save(validate: false)
10 | end
11 |
12 | Story.all.each do |s|
13 | if s.description.present?
14 | s.markeddown_description = s.generated_markeddown_description
15 | Story.record_timestamps = false
16 | s.save(validate: false)
17 | end
18 | end
19 | end
20 |
21 | def down
22 | end
23 | end
24 |
--------------------------------------------------------------------------------
/lib/tasks/privacy_wipe.rake:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | desc "Wipe private data if site is changing hands"
4 | task privacy_wipe: :environment do
5 | fail "Refusing to wipe. Read and edit this task if your site is really changing hands"
6 |
7 | # It'll be really easy for this rarely-used code to slip out-of-sync,
8 | # you MUST review how users are banned/deleted before you run this.
9 | # At the least, check User#delete! and LoginController.
10 | # User.where.not(deleted_at: nil)
11 | # .update_all("password_digest = '*', email = concat(username, '@lobsters.example')")
12 |
13 | # wipe all moderator notes:
14 | # ModNote.delete_all
15 |
16 | # wipe all private messages:
17 | # Message.delete_all
18 | end
19 |
--------------------------------------------------------------------------------
/app/controllers/concerns/story_finder.rb:
--------------------------------------------------------------------------------
1 | module StoryFinder
2 | extend ActiveSupport::Concern
3 |
4 | def find_story
5 | story = Story.find_by(short_id: params[:story_id] || params[:id])
6 | # convenience to use PK (from external queries) without generally permitting enumeration:
7 | story ||= Story.find(params[:id]) if @user&.is_admin?
8 |
9 | if @user && story
10 | story.current_vote = Vote.find_by(
11 | user: @user,
12 | story: story.id,
13 | comment: nil
14 | ).try(:vote)
15 | end
16 |
17 | story
18 | end
19 |
20 | def find_story!
21 | @story = find_story
22 | if !@story
23 | raise ActiveRecord::RecordNotFound
24 | end
25 | end
26 | end
27 |
--------------------------------------------------------------------------------
/public/502.html:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Lobsters HTTP 502 status: puma timeout
5 |
6 |
7 | Lobsters HTTP 502 status: server error
8 |
9 | nginx tried to pass your request to puma but failed.
10 | This probably means we're in the middle of a deploy.
11 | If this persists for more than 120 seconds, please come hassle us in the
12 | IRC channel
13 | (webchat).
14 |
15 |
16 |
17 | It is safe to reload until the page loads and resubmit a POST request,
18 | you won't double-post a comment or anything.
19 |
20 |
21 |
22 |
--------------------------------------------------------------------------------
/spec/fixtures/inbound_emails/3.eml:
--------------------------------------------------------------------------------
1 | Date: Tue, 16 Jul 2013 10:37:11 -0500
2 | From: joshua stein
3 | To: ##SHORTNAME##-##MAILING_LIST_TOKEN##@lobste.rs
4 | Subject: Re: Lobsters by mail [announce]
5 | Message-ID: <20130716103519.78e3be260a@5d7607215bd9704>
6 | References:
7 |
8 | MIME-Version: 1.0
9 | Content-Type: text/plain; charset=us-ascii
10 | Content-Disposition: inline
11 | In-Reply-To:
12 | X-No-Archive: Yes
13 |
14 | It hasn't decreased any measurable amount but since the traffic to
15 | the site is increasing a bit each week, it's hard to tell.
16 |
17 | --
18 | this is my signature
19 |
--------------------------------------------------------------------------------
/db/migrate/20140109034338_move_comment_counts_to_story.rb:
--------------------------------------------------------------------------------
1 | class MoveCommentCountsToStory < ActiveRecord::Migration
2 | def up
3 | add_column :stories, :comments_count, :integer, default: 0,
4 | null: false
5 |
6 | Keystore.transaction do
7 | Story.lock(true).select(:id).each do |s|
8 | s.update_comments_count!
9 | end
10 |
11 | Keystore.where(
12 | Keystore.arel_table[:key].matches("story:%:comment_count")
13 | ).delete_all
14 | end
15 | end
16 |
17 | def down
18 | Keystore.transaction do
19 | Story.select(:id).each do |s|
20 | s.update_comments_count!
21 | end
22 | end
23 |
24 | remove_column :stories, :comments_count
25 | end
26 | end
27 |
--------------------------------------------------------------------------------
/spec/jobs/notify_message_job_spec.rb:
--------------------------------------------------------------------------------
1 | require "rails_helper"
2 |
3 | RSpec.describe NotifyMessageJob, type: :job do
4 | describe "message notifications" do
5 | it "creates & sends a message notification" do
6 | recipient = build(:user)
7 | recipient.settings["email_messages"] = true
8 | recipient.save!
9 | message = create(:message, recipient: recipient)
10 | NotifyMessageJob.perform_now(message)
11 | expect(recipient.notifications.count).to eq(1)
12 | expect(recipient.notifications.first.notifiable).to eq(message)
13 | expect(sent_emails.size).to eq(1)
14 | expect(sent_emails[0].subject).to match(/Private Message from #{message.author_username}/)
15 | end
16 | end
17 | end
18 |
--------------------------------------------------------------------------------
/db/migrate/20140804005415_add_weblogs.rb:
--------------------------------------------------------------------------------
1 | class AddWeblogs < ActiveRecord::Migration
2 | def change
3 | create_table :weblogs do |t|
4 | t.timestamps
5 | t.integer :user_id
6 | t.string :title, limit: 512
7 | t.string :url, limit: 512
8 | t.string :site_title, limit: 512
9 | t.string :site_url, limit: 512
10 | t.text :content, limit: 16777215 # mediumtext
11 | t.text :tags
12 | t.string :uuid
13 | end
14 |
15 | # why can't the charset be specified in the create_table?
16 | execute("ALTER TABLE weblogs MODIFY `uuid` varchar(200) CHARACTER SET utf8")
17 |
18 | add_index "weblogs", ["user_id", "uuid"], name: "user_and_uuid",
19 | unique: true
20 | end
21 | end
22 |
--------------------------------------------------------------------------------
/app/models/replying_comment.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | class ReplyingComment < ApplicationRecord
4 | attribute :is_unread, :boolean
5 |
6 | belongs_to :comment
7 |
8 | scope :for_user, ->(user_id) {
9 | where(user_id: user_id)
10 | .order(comment_created_at: :desc)
11 | .preload(comment: [:hat, {story: :user}, :user])
12 | }
13 | scope :unread_replies_for, ->(user_id) { for_user(user_id).where(is_unread: true) }
14 | scope :comment_replies_for,
15 | ->(user_id) { for_user(user_id).where.not(parent_comment_id: nil) }
16 | scope :story_replies_for, ->(user_id) { for_user(user_id).where(parent_comment_id: nil) }
17 |
18 | protected
19 |
20 | # This is a view, not a real table
21 | def readonly?
22 | true
23 | end
24 | end
25 |
--------------------------------------------------------------------------------
/app/views/messages/_subnav.html.erb:
--------------------------------------------------------------------------------
1 | <%# locals: () -%>
2 | <% content_for :subnav do %>
3 | <%= link_to_different_page('Unread', replies_unread_path) %>
4 | <%= link_to_different_page('All', replies_path) %>
5 | <%= link_to_different_page('Comments', replies_comments_path) %>
6 | <%= link_to_different_page('Stories', replies_stories_path) %>
7 | |
8 | <%= link_to_different_page 'Messages', messages_path %>
9 | <%= link_to_different_page 'Sent', messages_sent_path %>
10 | <% if controller_name == 'notifications' || @user&.is_moderator? %>
11 | |
12 | <%= link_to_different_page 'All Notifications', notifications_path %>
13 | <%= link_to_different_page 'Unread Notifications', notifications_unread_path %>
14 | <% end %>
15 | <% end %>
16 |
--------------------------------------------------------------------------------
/config/initializers/inflections.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | # Be sure to restart your server when you modify this file.
4 |
5 | # Add new inflection rules using the following format. Inflections
6 | # are locale specific, and you may define rules for as many different
7 | # locales as you wish. All of these examples are active by default:
8 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
9 | # inflect.plural /^(ox)$/i, "\\1en"
10 | # inflect.singular /^(ox)en/i, "\\1"
11 | # inflect.irregular "person", "people"
12 | # inflect.uncountable %w( fish sheep )
13 | # end
14 |
15 | # These inflection rules are supported but not enabled by default:
16 | # ActiveSupport::Inflector.inflections(:en) do |inflect|
17 | # inflect.acronym "RESTful"
18 | # end
19 |
--------------------------------------------------------------------------------
/app/controllers/csp_controller.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | class CspController < ApplicationController
4 | skip_before_action :verify_authenticity_token
5 | skip_before_action :authenticate_user
6 |
7 | def violation_report
8 | body = request.body.read
9 | json = JSON.parse(body)
10 |
11 | return head :bad_request unless
12 | request.content_type == "application/csp-report" && json&.is_a?(Hash) && json["csp-report"].is_a?(Hash)
13 |
14 | report = json["csp-report"]
15 | Telebugs.context :report, report
16 | Telebugs.message body, fingerprint: ["csp-violation", report.dig("blocked-uri"), report.dig("effective-directive")]
17 |
18 | head :ok
19 | rescue JSON::ParserError
20 | head :bad_request
21 | nil
22 | end
23 | end
24 |
--------------------------------------------------------------------------------
/app/views/stories/_missing.html.erb:
--------------------------------------------------------------------------------
1 | <%# locals: (story:, moderation: nil) -%>
2 |
3 | <% if !@user %>
4 | <%
5 | # Logged-out visitors don't get details so we don't make a convenient
6 | # public monument to content that was so bad or bizarre we removed it.
7 | %>
8 | Story was removed.
9 | <% elsif story.is_moderated? %>
10 | <% if moderation %>
11 | Story removed by moderator: <%= moderation.reason %>
12 | <% else %>
13 | Story removed by moderator but no log message was found.
14 | Please report this bug.
15 | <% end %>
16 | <% else %>
17 | Story was removed by submitter<% if @user %> <%= link_to story.user.username, user_path(story.user) %><% end %>.
18 | <% end %>
19 |
2 |
3 |
4 |
5 | <% if message.author %>
6 | <%= inline_avatar_for @user, message.author %> <%= styled_user_link message.author %>
7 | <% else %>
8 | <%= message.author_username %>
9 | <% end %>
10 |
<%= how_long_ago_label(message.created_at) %>
11 | <% if is_unread %><% end %>
12 |
13 |
14 | <%= message.subject %>
15 |
16 |
17 | <%= message.body %>
18 |
19 |
20 |
3 | <%= origin.identifier %> (part of <%= link_to origin.domain.domain, origin.domain %>):
4 | <%= "#{number_with_delimiter origin.stories_count} story".pluralize(origin.stories_count) %> from
5 | <%= "#{number_with_delimiter origin.n_submitters} submitter".pluralize(origin.n_submitters) %>
6 |
7 | <%= link_to 'Edit', edit_origin_path(origin) if @user&.is_moderator? %>
8 |
9 |
10 |
11 |
12 | <% if origin.banned? %>
13 |
14 | Banned
15 | <%= how_long_ago_label(origin.banned_at) %>
16 | <% if origin.banned_by_user %>
17 | by <%= link_to origin.banned_by_user.try(:username), origin.banned_by_user %>:
18 | <%= origin.banned_reason %>
19 | <% end %>
20 |
21 | <% end %>
22 |
23 |
--------------------------------------------------------------------------------
/db/migrate/20240920115957_create_action_mailbox_tables.action_mailbox.rb:
--------------------------------------------------------------------------------
1 | # This migration comes from action_mailbox (originally 20180917164000)
2 | class CreateActionMailboxTables < ActiveRecord::Migration[6.0]
3 | def change
4 | create_table :action_mailbox_inbound_emails, id: primary_key_type do |t|
5 | t.integer :status, default: 0, null: false
6 | t.string :message_id, null: false
7 | t.string :message_checksum, null: false
8 |
9 | t.timestamps
10 |
11 | t.index [:message_id, :message_checksum], name: "index_action_mailbox_inbound_emails_uniqueness", unique: true
12 | end
13 | end
14 |
15 | private
16 |
17 | def primary_key_type
18 | config = Rails.configuration.generators
19 | config.options[config.orm][:primary_key_type] || :primary_key
20 | end
21 | end
22 |
--------------------------------------------------------------------------------
/config/initializers/scenic.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | scenic_multidb_adapter = Class.new do
4 | def initialize
5 | @mysql = Scenic::Adapters::MySQL.new
6 | @sqlite = Scenic::Adapters::Sqlite.new
7 | end
8 |
9 | def method_missing(...)
10 | adapter.__send__(...)
11 | end
12 |
13 | def respond_to_missing? name, include_private
14 | adapter.respond_to? name
15 | end
16 |
17 | private
18 |
19 | def adapter
20 | case ActiveRecord::Base.connection
21 | when ActiveRecord::ConnectionAdapters::TrilogyAdapter
22 | @mysql
23 | when ActiveRecord::ConnectionAdapters::SQLite3Adapter
24 | @sqlite
25 | else
26 | raise "Unsupported adapter"
27 | end
28 | end
29 | end
30 |
31 | Scenic.configure do |config|
32 | config.database = scenic_multidb_adapter.new
33 | end
34 |
--------------------------------------------------------------------------------
/spec/models/hat_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe Hat do
6 | it "has a hat field" do
7 | hat = Hat.new(hat: nil)
8 | expect(hat).to_not be_valid
9 | end
10 |
11 | it "has a limit on the hat field" do
12 | hat = build(:hat, hat: "a" * 256)
13 | expect(hat).to_not be_valid
14 | end
15 |
16 | it "has a limit on the link field" do
17 | hat = build(:hat, link: "a" * 256)
18 | expect(hat).to_not be_valid
19 | end
20 |
21 | it "santizes email addresses" do
22 | hat = build(:hat, link: "foo@bar.com")
23 | expect(hat.sanitized_link).to eq("bar.com")
24 | end
25 |
26 | it "doesn't sanitize links that aren't email addressees" do
27 | hat = build(:hat, link: "google.com")
28 | expect(hat.sanitized_link).to eq("google.com")
29 | end
30 | end
31 |
--------------------------------------------------------------------------------
/app/views/home/_single_tag.html.erb:
--------------------------------------------------------------------------------
1 | <%# locals: (tag:, related:) -%>
2 |
3 |
4 | Stories tagged as
5 | <%= tag_link(tag) %>
6 | <%= tag.description %>
7 |
8 | <% if tag.hotness_mod != 0.0 %>
9 | Hotness modifier <%= tag.hotness_mod %>
10 | (<%= tag.hotness_mod > 0 ? 'raises' : 'lowers' %> a story's rank).
11 | <% end %>
12 | <% if tag.privileged %>
13 | Only mods can use this tag.
14 | <% elsif !tag.permit_by_new_users %>
15 | Tag is not permitted on stories submitted by new users.
16 | <% end %>
17 |
18 |
19 |
20 |
21 | Most often also tagged with
22 | <% related.each do |tag| %>
23 | <%= tag_link(tag) %>
24 | <% end %>
25 |
26 |
2 |
3 | <%= form_with model: @story do |f| %>
4 | <%= render :partial => "stories/form", :locals => { :story => @story, :f => f } %>
5 |
6 |
7 |
8 |
9 |
10 | <%= render :partial => "global/markdownhelp",
11 | :locals => { allow_images: @story.can_have_images? } %>
12 |
13 | <%= f.submit "Submit" %>
14 |
15 |
16 | <%= f.submit "Preview", class: 'story-preview', name: 'preview' %>
17 |
18 |
19 | <% end %>
20 |
21 |
24 | <% if @story.previewing && @story.valid? %>
25 | <%= render :template => "stories/show" %>
26 | <% end %>
27 |
28 |
--------------------------------------------------------------------------------
/bin/byebug:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'byebug' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("byebug", "byebug")
28 |
--------------------------------------------------------------------------------
/bin/ldiff:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'ldiff' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("diff-lcs", "ldiff")
28 |
--------------------------------------------------------------------------------
/bin/listen:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'listen' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("listen", "listen")
28 |
--------------------------------------------------------------------------------
/bin/oauth:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'oauth' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("oauth-tty", "oauth")
28 |
--------------------------------------------------------------------------------
/bin/pumactl:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'pumactl' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("puma", "pumactl")
28 |
--------------------------------------------------------------------------------
/bin/rackup:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'rackup' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("rack", "rackup")
28 |
--------------------------------------------------------------------------------
/bin/rspec:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'rspec' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("rspec-core", "rspec")
28 |
--------------------------------------------------------------------------------
/app/views/settings/twofa_verify.html.erb:
--------------------------------------------------------------------------------
1 | <% content_for :subnav do %>
2 | Back to Settings
3 | <% end %>
4 |
5 |
6 | <%= form_with url: twofa_update_url do |f| %>
7 |
8 | To enable Two-Factor Authentication on your account using your new TOTP
9 | secret, enter the six-digit code from your TOTP application:
10 |
11 |
12 |
13 | <%= f.label :totp_code, "TOTP Code:", :class => "required" %>
14 | <%= f.text_field :totp_code,
15 | :inputmode => "numeric",
16 | :pattern => "[0-9]+",
17 | :size => 10,
18 | :autocomplete => "one-time-code",
19 | :autofocus => true,
20 | :class => "totp_code" %>
21 |
22 |
23 |
24 | <%= f.submit "Verify and Enable" %>
25 |
26 | <% end %>
27 |
3 | <%= domain.domain %>:
4 | <%= "#{number_with_delimiter domain.stories_count} story".pluralize(domain.stories_count) %> from
5 | <%= "#{number_with_delimiter domain.n_submitters} submitter".pluralize(domain.n_submitters) %>
6 | <% if domain.origins.count > 0 %>
7 | with <%= link_to "#{number_with_delimiter domain.origins.count} origins", domain_origins_path(domain) %>
8 | <% end %>
9 |
10 | <%= link_to 'Edit', edit_domain_path(domain) if @user&.is_moderator? %>
11 |
12 |
13 | <% if domain.banned? %>
14 |
15 | Banned
16 | <%= how_long_ago_label(domain.banned_at) %>
17 | <% if domain.banned_by_user %>
18 | by <%= link_to domain.banned_by_user.try(:username), domain.banned_by_user %>:
19 | <%= domain.banned_reason %>
20 | <% end %>
21 |
22 | <% end %>
23 |
24 |
--------------------------------------------------------------------------------
/bin/ruby-memory-profiler:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'ruby-memory-profiler' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("memory_profiler", "ruby-memory-profiler")
28 |
--------------------------------------------------------------------------------
/bin/stackprof-gprof2dot.py:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'stackprof-gprof2dot.py' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("stackprof", "stackprof-gprof2dot.py")
28 |
--------------------------------------------------------------------------------
/bin/stackprof-flamegraph.pl:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'stackprof-flamegraph.pl' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../Gemfile", __dir__)
12 |
13 | bundle_binstub = File.expand_path("bundle", __dir__)
14 |
15 | if File.file?(bundle_binstub)
16 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
17 | load(bundle_binstub)
18 | else
19 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
20 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
21 | end
22 | end
23 |
24 | require "rubygems"
25 | require "bundler/setup"
26 |
27 | load Gem.bin_path("stackprof", "stackprof-flamegraph.pl")
28 |
--------------------------------------------------------------------------------
/.github/workflows/check/credentials.yml.enc:
--------------------------------------------------------------------------------
1 | zcS5WjQmGyGNQx3HkAKuLBq5IA8Fvn4WUBNxDIs5H+WldnNvnknuFny1BhBOmqwxPm0cepASiWKlAOyqCtSLXHyVVfxKn7QolWc7XakXh5jneSZR5lENRfdv518vSH81zIBMjeodsjvO7qu219yLjK5C5bXJNTfZDJl5P4LUYUgQadMRUnSIyLuWao5Plh4nN/iavcOcPKsxIXDIdbDtVX/yMJ00HtkK08GbUS6R5i7tMyi2Q6l+g4UuuCh3GJYtRbAxGKuNW0HvxXUZc72vALLxI+JHeNC2ldP4xb/r4HtjJWjVdDWXMyxZfGvh3TN4kUNWmV5UKqPXfuTSdCCCjxdID0Efh0+gaIejlFAsaXO9r3ydpGzFmeZCg85UpIKzgJ7TEDmdEPVUaYhKnkIhmPD3HKaaKinalBcSvyot5ig7csCJCA0DNtLT3XwBMlqCUebbWZNFWhVUqsynDXAd7QbChYKNL03rao8ahMvYHwf7mC+GJ0Uz/1bBT/NmpJP8RdcFan+xngD6hX6CGYTwho+gD01k1af24T0UF0MsEOi5ewZAREU3lZ6XSQbTUpTt822Zmq35pULi88MMa08xs7pBkvwIq0MDBJZufwm2APNzz/6Ura6aZlGNu6TNRVLqLCL7tBrzXgN9nPwNvrWTbgVQWSSaXWBTwOsd2aI/iRBAy96w7MLn27l+FfRj0LE7NvfC8Zq909sIATzrAJIxppXmig0ExnAv/6Pfy2Af5j/9QEQebcEhSN+xwcjt33uX0pMpgDupS/aQSpan1SHu621p0ZJjfPRvY5OUL5rGm3B17sC22YHkvSFw8lt847o1sUP310lKwwyVcfZp9FECN79rLZc=--nHG/SUA/akl2b6Hz--xYdN8CMc0C3RumXq093utg==
--------------------------------------------------------------------------------
/config/credentials.yml.enc.sample:
--------------------------------------------------------------------------------
1 | # See README.md for instructions.
2 |
3 | # Used as the base secret for all MessageVerifiers in Rails, including the one protecting cookies.
4 | secret_key_base: "secret"
5 |
6 | diffbot:
7 | api_key: null
8 |
9 | github:
10 | client_id: null
11 | client_secret: null
12 |
13 | mastodon:
14 | # mastodon bot posting setup (not needed for account linking)
15 | # 1. visit instance to register your desired username
16 | # 2. run `rails credentials:edit` to enter instance name and username
17 | instance_name: "mastodon.social"
18 | bot_name: "lobsters"
19 | # 3. run Mastodon.get_bot_credentials! in the prod rails console for these three values
20 | client_id: null
21 | client_secret: null
22 | token: null
23 | # 4. create a list in the web ui, see the ID in the URL when you edit
24 | list_id: null
25 |
26 | pushover:
27 | api_token: null
28 | subscription_code: null
29 |
--------------------------------------------------------------------------------
/spec/models/mastodon_app_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | RSpec.describe MastodonApp, type: :model do
6 | describe "#sanitized_instance_name" do
7 | it "accepts an instance name" do
8 | expect(MastodonApp.sanitized_instance_name("example.com")).to eq("example.com")
9 | end
10 |
11 | it "accepts urls" do
12 | expect(MastodonApp.sanitized_instance_name("https://example.com")).to eq("example.com")
13 | expect(MastodonApp.sanitized_instance_name("https://example.com/")).to eq("example.com")
14 | expect(MastodonApp.sanitized_instance_name("https://example.com/@user")).to eq("example.com")
15 | end
16 |
17 | it "accepts a user id" do
18 | expect(MastodonApp.sanitized_instance_name("user@example.com")).to eq("example.com")
19 | expect(MastodonApp.sanitized_instance_name("@user@example.com")).to eq("example.com")
20 | end
21 | end
22 | end
23 |
--------------------------------------------------------------------------------
/spec/helpers/interval_helper_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe IntervalHelper do
6 | describe "#time_interval" do
7 | let(:placeholder) { IntervalHelper::PLACEHOLDER }
8 |
9 | it "replaces empty input with placeholder" do
10 | expect(helper.time_interval("")).to eq(placeholder)
11 | expect(helper.time_interval(nil)).to eq(placeholder)
12 | end
13 |
14 | # concerned with xss and sql injection
15 | it "replaces invalid input with placeholder" do
16 | expect(helper.time_interval("0h")).to eq(placeholder)
17 | expect(helper.time_interval("1'h")).to eq(placeholder)
18 | expect(helper.time_interval("1h'")).to eq(placeholder)
19 | expect(helper.time_interval("-1w")).to eq(placeholder)
20 | expect(helper.time_interval("2")).to eq(placeholder)
21 | expect(helper.time_interval("m")).to eq(placeholder)
22 | end
23 | end
24 | end
25 |
--------------------------------------------------------------------------------
/bin/safe_yaml:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby2.7
2 | # frozen_string_literal: true
3 |
4 | #
5 | # This file was generated by Bundler.
6 | #
7 | # The application 'safe_yaml' is installed as part of a gem, and
8 | # this file is here to facilitate running it.
9 | #
10 |
11 | require "pathname"
12 | ENV["BUNDLE_GEMFILE"] ||= File.expand_path("../../Gemfile",
13 | Pathname.new(__FILE__).realpath)
14 |
15 | bundle_binstub = File.expand_path("../bundle", __FILE__)
16 |
17 | if File.file?(bundle_binstub)
18 | if File.read(bundle_binstub, 300) =~ /This file was generated by Bundler/
19 | load(bundle_binstub)
20 | else
21 | abort("Your `bin/bundle` was not generated by Bundler, so this binstub cannot run.
22 | Replace `bin/bundle` by running `bundle binstubs bundler --force`, then run this command again.")
23 | end
24 | end
25 |
26 | require "rubygems"
27 | require "bundler/setup"
28 |
29 | load Gem.bin_path("safe_yaml", "safe_yaml")
30 |
--------------------------------------------------------------------------------
/app/models/invitation.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | class Invitation < ApplicationRecord
4 | belongs_to :user
5 | belongs_to :new_user, class_name: "User", inverse_of: nil, optional: true
6 |
7 | scope :used, -> { where.not(used_at: nil) }
8 | scope :unused, -> { where(used_at: nil) }
9 |
10 | include Token
11 |
12 | validate do
13 | unless /\A[^@ ]+@[^ @]+\.[^ @]+\z/.match?(email.to_s)
14 | errors.add(:email, "is not valid")
15 | end
16 | end
17 |
18 | validates :code, :email, length: {maximum: 255}
19 | validates :memo, length: {maximum: 375}
20 |
21 | before_validation :create_code, on: :create
22 |
23 | def create_code
24 | 10.times do
25 | self.code = Utils.random_str(15)
26 | return unless Invitation.exists?(code: code)
27 | end
28 | raise "too many hash collisions"
29 | end
30 |
31 | def send_email
32 | InvitationMailer.invitation(self).deliver_now
33 | end
34 | end
35 |
--------------------------------------------------------------------------------
/spec/models/invitation_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe Invitation do
6 | it "has a valid factory" do
7 | invitation = build(:invitation)
8 | expect(invitation).to be_valid
9 | end
10 |
11 | it "has a limit on the email field" do
12 | invitation = build(:invitation, email: "a" * 256 + "@b.b")
13 | invitation.valid?
14 | expect(invitation.errors[:email]).to eq(["is too long (maximum is 255 characters)"])
15 | end
16 |
17 | it "creates a code before validation" do
18 | invitation = build(:invitation)
19 | invitation.code = "my code"
20 | invitation.valid?
21 | expect(invitation.code).to_not eq("my_code")
22 | end
23 |
24 | it "has a limit on the memo field" do
25 | invitation = build(:invitation, memo: "a" * 376)
26 | invitation.valid?
27 | expect(invitation.errors[:memo]).to eq(["is too long (maximum is 375 characters)"])
28 | end
29 | end
30 |
--------------------------------------------------------------------------------
/app/models/short_id.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | class ShortId
4 | attr_accessor :klass, :generation_attempts
5 |
6 | def initialize(klass)
7 | self.klass = klass
8 | self.generation_attempts = 0
9 | end
10 |
11 | def generate
12 | until (generated_id = candidate_id) && generated_id.valid?
13 | self.generation_attempts += 1
14 | raise "too many hash collisions" if generation_attempts == 10
15 | end
16 | generated_id.to_s
17 | end
18 |
19 | def candidate_id
20 | CandidateId.new(klass)
21 | end
22 |
23 | class CandidateId
24 | attr_accessor :klass, :id
25 |
26 | def initialize(klass)
27 | self.klass = klass
28 | self.id = generate_id
29 | end
30 |
31 | def to_s
32 | id
33 | end
34 |
35 | def generate_id
36 | Utils.random_str(6).downcase
37 | end
38 |
39 | def valid?
40 | !klass.exists?(short_id: id)
41 | end
42 | end
43 | end
44 |
--------------------------------------------------------------------------------
/spec/fixtures/inbound_emails/4.eml:
--------------------------------------------------------------------------------
1 | Date: Tue, 16 Jul 2013 10:37:11 -0500
2 | From: joshua stein
3 | To: ##SHORTNAME##-##MAILING_LIST_TOKEN##@lobste.rs
4 | Subject: Re: Lobsters by mail [announce]
5 | Message-ID: <20130716103519.78e3be260a@5d7607215bd9704>
6 | References:
7 |
8 | MIME-Version: 1.0
9 | Content-Type: text/plain; charset=us-ascii
10 | Content-Disposition: inline
11 | In-Reply-To:
12 | X-No-Archive: Yes
13 |
14 | On Sun, Feb 2, 2014 at 11:51 PM, blah wrote:
15 |
16 | > This is some quoted text.
17 | > With an attribution line
18 |
19 | It hasn't decreased any measurable amount but since the traffic to
20 | the site is increasing a bit each week, it's hard to tell.
21 |
22 | On Mon, Feb 3, 2014 at 3:36 PM, someone else wrote:
23 | > This is some terrible reply-on-top text
24 |
25 |
--------------------------------------------------------------------------------
/lib/time_ago_in_words.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | module TimeAgoInWords
4 | def how_long_ago(time)
5 | secs = (Time.current - time).to_i
6 | if secs <= 5
7 | "just now"
8 | elsif secs < 60
9 | "less than a minute ago"
10 | elsif secs < (60 * 60)
11 | mins = (secs / 60.0).floor
12 | "#{mins} #{"minute".pluralize(mins)} ago"
13 | elsif secs < (60 * 60 * 48)
14 | hours = (secs / 60.0 / 60.0).floor
15 | "#{hours} #{"hour".pluralize(hours)} ago"
16 | elsif secs < (60 * 60 * 24 * 30)
17 | days = (secs / 60.0 / 60.0 / 24.0).floor
18 | "#{days} #{"day".pluralize(days)} ago"
19 | elsif secs < (60 * 60 * 24 * 365)
20 | months = (secs / 60.0 / 60.0 / 24.0 / 30.0).floor
21 | "#{months} #{"month".pluralize(months)} ago"
22 | else
23 | years = (secs / 60.0 / 60.0 / 24.0 / 365.0).floor
24 | "#{years} #{"year".pluralize(years)} ago"
25 | end
26 | end
27 | end
28 |
--------------------------------------------------------------------------------
/bin/update:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env ruby
2 | require 'fileutils'
3 | include FileUtils
4 |
5 | # path to your application root.
6 | APP_ROOT = File.expand_path('..', __dir__)
7 |
8 | def system!(*args)
9 | system(*args) || abort("\n== Command #{args} failed ==")
10 | end
11 |
12 | chdir APP_ROOT do
13 | # This script is a way to update your development environment automatically.
14 | # Add necessary update steps to this file.
15 |
16 | puts '== Installing dependencies =='
17 | system! 'gem install bundler --conservative'
18 | system('bundle check') || system!('bundle install')
19 |
20 | # Install JavaScript dependencies if using Yarn
21 | # system('bin/yarn')
22 |
23 | puts "\n== Updating database =="
24 | system! 'bin/rails db:migrate'
25 |
26 | puts "\n== Removing old logs and tempfiles =="
27 | system! 'bin/rails log:clear tmp:clear'
28 |
29 | puts "\n== Restarting application server =="
30 | system! 'bin/rails restart'
31 | end
32 |
--------------------------------------------------------------------------------
/db/migrate/20250424165830_add_typeid.rb:
--------------------------------------------------------------------------------
1 | class AddTypeid < ActiveRecord::Migration[8.0]
2 | disable_ddl_transaction! # took ~75 min in dev, prod will be similar
3 |
4 | def up
5 | [
6 | Category,
7 | Comment,
8 | Domain,
9 | Hat,
10 | HatRequest,
11 | HiddenStory,
12 | Invitation,
13 | InvitationRequest,
14 | Link,
15 | Message,
16 | Moderation,
17 | ModNote,
18 | Origin,
19 | SavedStory,
20 | Story,
21 | Tag,
22 | User
23 | ].each do |model|
24 | add_column model.table_name, :slug, :string, default: nil
25 | model.find_each { |m| m.update_column :slug, TypeID.new(model.to_s.parameterize) }
26 | change_column model.table_name, :slug, :string, default: nil, null: false
27 | add_index model.table_name, :slug, unique: true
28 | end
29 | end
30 |
31 | def down
32 | raise ActiveRecord::IrreversibleMigration
33 | end
34 | end
35 |
--------------------------------------------------------------------------------
/spec/requests/authenticatable_spec.rb:
--------------------------------------------------------------------------------
1 | # typed: false
2 |
3 | require "rails_helper"
4 |
5 | describe "login", type: :request do
6 | let(:user) { create(:user, password: "asdf") }
7 | let(:moderator) { create(:user, :moderator, password: "asdf") }
8 |
9 | describe "mod-only routes" do
10 | it "loads for a mod" do
11 | sign_in user
12 | get "/mod"
13 | expect(flash[:error]).to include("authorized")
14 | expect(response).to redirect_to("/")
15 | end
16 |
17 | it "doesn't load for a non-mod user" do
18 | sign_in moderator
19 | get "/mod"
20 | expect(flash[:error]).to be_nil
21 | expect(response).to be_successful
22 | end
23 |
24 | # visitors hit the require_logged_in_user path first;
25 | # this is a more useful error for mods who are logged out
26 | it "doesn't load for a visitor" do
27 | get "/mod"
28 | expect(response).to redirect_to("/login")
29 | end
30 | end
31 | end
32 |
--------------------------------------------------------------------------------
/app/views/settings/mastodon_authentication.html.erb:
--------------------------------------------------------------------------------
1 | <% content_for :subnav do %>
2 | Back to Settings
3 | <% end %>
4 |
5 |
6 | <%= form_with url: "/settings/mastodon_auth", method: :get do |f| %>
7 |
8 | Enter the name or URL of your Mastodon instance (for example, mastodon.social):
9 |
10 |
11 |
12 | <%= f.label :mastodon_instance_name, "Name or URL:", :class => "required" %>
13 | <%= f.text_field :mastodon_instance_name, :autofocus => true %>
14 |
15 |
16 |
17 | <%= f.submit "Continue" %>
18 |
19 |
20 |
21 | We request the
22 | read:accounts scope to confirm your username,
23 | which includes basic profile info.
24 |
25 |
26 | <% end %>
27 |
6 | <%= form_with model: @user, url: twofa_auth_url, method: :post do |f| %>
7 |
8 | <% if @user.has_2fa? %>
9 | To turn off two-factor authentication for your account, enter your
10 | current password:
11 | <% else %>
12 | To begin the two-factor authentication enrollment for your account,
13 | enter your current password:
14 | <% end %>
15 |
16 |
17 |
18 | <%= f.label :password, "Current Password:", :class => "required" %>
19 | <%= f.password_field :password, :size => 40, :autocomplete => "off" %>
20 |
21 |
22 |
23 | <% if @user.has_2fa? %>
24 | <%= f.submit "Disable Two-Factor Authentication" %>
25 | <% else %>
26 | <%= f.submit "Continue" %>
27 | <% end %>
28 |
29 | <% end %>
30 |
Reparent <%= @reparent_user.username %>
2 |
3 | <%= form_with url: mod_reparents_path({}, id: @reparent_user), method: :post do |f| %>
4 |
5 | This will reparent <%= @reparent_user.username %> to you in the invite tree, create a mod note on the user with their old inviter, and put an entry in the moderation log with the given reason.
6 |
7 |
8 |
9 | This should be used rarely because it makes it harder to investigate sockpuppets and voting rings.
10 | Currently the only known purpose is if this user was abused off-site by their inviter and we can't really do anything about it here except try to disassociate them.
11 | Write a good reason here, it's going to get attention by virtue of being rare.
12 |
13 |
14 |
15 | <%= f.label :reason, "Reason:", :class => "required" %>
16 | <%= f.text_field :reason, :size => 80 %>
17 |
18 | <%= f.submit "Reparent" %>
19 | <% end %>
20 |
21 |
--------------------------------------------------------------------------------
/app/views/settings/twofa_enroll.html.erb:
--------------------------------------------------------------------------------
1 | <% content_for :subnav do %>
2 | Back to Settings
3 | <% end %>
4 |
5 |
6 |
7 | Scan the QR code below or click on it to open in your TOTP application of choice:
10 |
11 |
12 |
13 | <%= raw @qr_svg %>
14 |
15 |
16 |
17 | Or to add to a device manually enter the secret:
18 |
19 | Reveal Secret
20 | <%= raw @qr_secret %>
21 |
22 |
23 |
24 |
25 | Once you have finished registering with your TOTP application, proceed to
26 | the next screen to verify your current TOTP code and actually enable
27 | Two-Factor Authentication on your account.
28 |
29 |
30 |
31 | <%= button_to "Verify and Enable", twofa_verify_url, :method => :get %>
32 |
33 |
7 | 8 | (We have a max reply depth for technical reasons. 9 | But also, at this depth, previous discussions have always gone off the rails 10 | in topic or tone.) 11 |