2013-02-05 13:16:51 -06:00
|
|
|
require_dependency 'post_creator'
|
2013-03-18 16:52:29 -05:00
|
|
|
require_dependency 'post_destroyer'
|
2013-07-28 21:25:19 -05:00
|
|
|
require_dependency 'distributed_memoizer'
|
2013-02-05 13:16:51 -06:00
|
|
|
|
|
|
|
class PostsController < ApplicationController
|
|
|
|
|
|
|
|
# Need to be logged in for all actions here
|
2013-08-06 16:42:36 -05:00
|
|
|
before_filter :ensure_logged_in, except: [:show, :replies, :by_number, :short_link, :versions, :reply_history]
|
2013-02-05 13:16:51 -06:00
|
|
|
|
2013-04-24 03:05:35 -05:00
|
|
|
skip_before_filter :store_incoming_links, only: [:short_link]
|
2013-04-30 01:29:57 -05:00
|
|
|
skip_before_filter :check_xhr, only: [:markdown,:short_link]
|
|
|
|
|
|
|
|
def markdown
|
|
|
|
post = Post.where(topic_id: params[:topic_id].to_i, post_number: (params[:post_number] || 1).to_i).first
|
|
|
|
if post && guardian.can_see?(post)
|
|
|
|
render text: post.raw, content_type: 'text/plain'
|
|
|
|
else
|
|
|
|
raise Discourse::NotFound
|
|
|
|
end
|
|
|
|
end
|
2013-04-24 03:05:35 -05:00
|
|
|
|
|
|
|
def short_link
|
|
|
|
post = Post.find(params[:post_id].to_i)
|
2013-04-26 01:18:41 -05:00
|
|
|
IncomingLink.add(request,current_user)
|
2013-04-24 03:05:35 -05:00
|
|
|
redirect_to post.url
|
|
|
|
end
|
2013-02-05 13:16:51 -06:00
|
|
|
|
|
|
|
def create
|
2013-07-28 21:25:19 -05:00
|
|
|
params = create_params
|
2013-05-10 15:58:23 -05:00
|
|
|
|
2013-07-28 21:25:19 -05:00
|
|
|
key = params_key(params)
|
2013-11-25 17:21:41 -06:00
|
|
|
error_json = nil
|
2013-05-10 15:58:23 -05:00
|
|
|
|
2013-11-25 17:21:41 -06:00
|
|
|
payload = DistributedMemoizer.memoize(key, 120) do
|
2013-07-28 21:25:19 -05:00
|
|
|
post_creator = PostCreator.new(current_user, params)
|
|
|
|
post = post_creator.create
|
|
|
|
if post_creator.errors.present?
|
|
|
|
|
|
|
|
# If the post was spam, flag all the user's posts as spam
|
|
|
|
current_user.flag_linked_posts_as_spam if post_creator.spam?
|
|
|
|
|
2013-11-25 17:21:41 -06:00
|
|
|
error_json = MultiJson.dump(errors: post_creator.errors.full_messages)
|
|
|
|
raise Discourse::InvalidPost
|
|
|
|
|
2013-07-28 21:25:19 -05:00
|
|
|
else
|
|
|
|
post_serializer = PostSerializer.new(post, scope: guardian, root: false)
|
|
|
|
post_serializer.topic_slug = post.topic.slug if post.topic.present?
|
|
|
|
post_serializer.draft_sequence = DraftSequence.current(current_user, post.topic.draft_key)
|
2013-11-25 17:21:41 -06:00
|
|
|
MultiJson.dump(post_serializer)
|
2013-07-28 21:25:19 -05:00
|
|
|
end
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
2013-11-25 17:21:41 -06:00
|
|
|
render json: payload
|
2013-07-28 21:25:19 -05:00
|
|
|
|
2013-11-25 17:21:41 -06:00
|
|
|
rescue Discourse::InvalidPost
|
|
|
|
render json: error_json, status: 422
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def update
|
2013-06-06 02:14:32 -05:00
|
|
|
params.require(:post)
|
2013-02-07 09:45:24 -06:00
|
|
|
|
2013-02-21 17:09:56 -06:00
|
|
|
post = Post.where(id: params[:id]).first
|
|
|
|
post.image_sizes = params[:image_sizes] if params[:image_sizes].present?
|
|
|
|
guardian.ensure_can_edit!(post)
|
|
|
|
|
2013-04-10 04:00:50 -05:00
|
|
|
# to stay consistent with the create api,
|
2013-03-27 01:49:23 -05:00
|
|
|
# we should allow for title changes and category changes here
|
|
|
|
# we should also move all of this to a post updater.
|
2013-04-10 04:00:50 -05:00
|
|
|
if post.post_number == 1 && (params[:title] || params[:post][:category])
|
2013-03-27 01:49:23 -05:00
|
|
|
post.topic.title = params[:title] if params[:title]
|
2013-04-10 04:00:50 -05:00
|
|
|
Topic.transaction do
|
2013-03-27 01:49:23 -05:00
|
|
|
post.topic.change_category(params[:post][:category])
|
|
|
|
post.topic.save
|
|
|
|
end
|
|
|
|
|
|
|
|
if post.topic.errors.present?
|
|
|
|
render_json_error(post.topic)
|
|
|
|
return
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2013-02-21 17:09:56 -06:00
|
|
|
revisor = PostRevisor.new(post)
|
2013-11-15 16:28:16 -06:00
|
|
|
if revisor.revise!(current_user, params[:post][:raw], edit_reason: params[:post][:edit_reason])
|
2013-02-21 17:09:56 -06:00
|
|
|
TopicLink.extract_from(post)
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
2013-03-27 01:49:23 -05:00
|
|
|
|
2013-02-21 17:09:56 -06:00
|
|
|
if post.errors.present?
|
|
|
|
render_json_error(post)
|
2013-02-05 13:16:51 -06:00
|
|
|
return
|
|
|
|
end
|
|
|
|
|
2013-02-21 17:09:56 -06:00
|
|
|
post_serializer = PostSerializer.new(post, scope: guardian, root: false)
|
|
|
|
post_serializer.draft_sequence = DraftSequence.current(current_user, post.topic.draft_key)
|
2013-06-05 01:10:26 -05:00
|
|
|
link_counts = TopicLink.counts_for(guardian,post.topic, [post])
|
2013-02-21 17:09:56 -06:00
|
|
|
post_serializer.single_post_link_counts = link_counts[post.id] if link_counts.present?
|
2013-03-28 00:53:11 -05:00
|
|
|
post_serializer.topic_slug = post.topic.slug if post.topic.present?
|
2013-02-21 17:09:56 -06:00
|
|
|
|
|
|
|
result = {post: post_serializer.as_json}
|
|
|
|
if revisor.category_changed.present?
|
2013-05-10 01:47:47 -05:00
|
|
|
result[:category] = BasicCategorySerializer.new(revisor.category_changed, scope: guardian, root: false).as_json
|
2013-02-21 17:09:56 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
render_json_dump(result)
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def by_number
|
|
|
|
@post = Post.where(topic_id: params[:topic_id], post_number: params[:post_number]).first
|
2013-02-07 09:45:24 -06:00
|
|
|
guardian.ensure_can_see!(@post)
|
2013-02-05 13:16:51 -06:00
|
|
|
@post.revert_to(params[:version].to_i) if params[:version].present?
|
2013-07-22 02:48:24 -05:00
|
|
|
render_post_json(@post)
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
2013-08-06 16:42:36 -05:00
|
|
|
def reply_history
|
|
|
|
@post = Post.where(id: params[:id]).first
|
|
|
|
guardian.ensure_can_see!(@post)
|
|
|
|
|
|
|
|
render_serialized(@post.reply_history, PostSerializer)
|
|
|
|
end
|
|
|
|
|
2013-02-05 13:16:51 -06:00
|
|
|
def show
|
2013-02-08 16:49:15 -06:00
|
|
|
@post = find_post_from_params
|
2013-02-05 13:16:51 -06:00
|
|
|
@post.revert_to(params[:version].to_i) if params[:version].present?
|
2013-07-22 02:48:24 -05:00
|
|
|
render_post_json(@post)
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def destroy
|
2013-02-08 16:49:15 -06:00
|
|
|
post = find_post_from_params
|
2013-02-07 14:12:55 -06:00
|
|
|
guardian.ensure_can_delete!(post)
|
2013-03-18 16:52:29 -05:00
|
|
|
|
|
|
|
destroyer = PostDestroyer.new(current_user, post)
|
|
|
|
destroyer.destroy
|
|
|
|
|
2013-02-07 14:12:55 -06:00
|
|
|
render nothing: true
|
|
|
|
end
|
|
|
|
|
|
|
|
def recover
|
2013-02-08 16:49:15 -06:00
|
|
|
post = find_post_from_params
|
2013-02-07 14:12:55 -06:00
|
|
|
guardian.ensure_can_recover_post!(post)
|
2013-07-22 02:48:24 -05:00
|
|
|
destroyer = PostDestroyer.new(current_user, post)
|
|
|
|
destroyer.recover
|
|
|
|
post.reload
|
2013-07-09 11:15:55 -05:00
|
|
|
|
2013-07-22 02:48:24 -05:00
|
|
|
render_post_json(post)
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
def destroy_many
|
|
|
|
|
2013-06-06 02:14:32 -05:00
|
|
|
params.require(:post_ids)
|
2013-02-05 13:16:51 -06:00
|
|
|
|
2013-09-04 10:53:00 -05:00
|
|
|
posts = Post.where(id: post_ids_including_replies)
|
2013-02-05 13:16:51 -06:00
|
|
|
raise Discourse::InvalidParameters.new(:post_ids) if posts.blank?
|
|
|
|
|
|
|
|
# Make sure we can delete the posts
|
|
|
|
posts.each {|p| guardian.ensure_can_delete!(p) }
|
|
|
|
|
|
|
|
Post.transaction do
|
2013-09-04 19:50:58 -05:00
|
|
|
posts.each {|p| PostDestroyer.new(current_user, p).destroy }
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
|
|
|
render nothing: true
|
|
|
|
end
|
|
|
|
|
|
|
|
# Retrieves a list of versions and who made them for a post
|
|
|
|
def versions
|
2013-02-08 16:49:15 -06:00
|
|
|
post = find_post_from_params
|
2013-02-05 13:16:51 -06:00
|
|
|
render_serialized(post.all_versions, VersionSerializer)
|
|
|
|
end
|
|
|
|
|
|
|
|
# Direct replies to this post
|
|
|
|
def replies
|
2013-02-08 16:49:15 -06:00
|
|
|
post = find_post_from_params
|
2013-02-05 13:16:51 -06:00
|
|
|
render_serialized(post.replies, PostSerializer)
|
|
|
|
end
|
|
|
|
|
|
|
|
def bookmark
|
2013-02-08 16:49:15 -06:00
|
|
|
post = find_post_from_params
|
2013-02-07 09:45:24 -06:00
|
|
|
if current_user
|
2013-02-05 13:16:51 -06:00
|
|
|
if params[:bookmarked] == "true"
|
2013-03-01 06:07:44 -06:00
|
|
|
PostAction.act(current_user, post, PostActionType.types[:bookmark])
|
2013-02-05 13:16:51 -06:00
|
|
|
else
|
2013-03-01 06:07:44 -06:00
|
|
|
PostAction.remove_act(current_user, post, PostActionType.types[:bookmark])
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
end
|
2013-03-22 13:08:11 -05:00
|
|
|
render nothing: true
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|
|
|
|
|
2013-02-08 16:49:15 -06:00
|
|
|
|
|
|
|
protected
|
|
|
|
|
|
|
|
def find_post_from_params
|
|
|
|
finder = Post.where(id: params[:id] || params[:post_id])
|
|
|
|
|
2013-05-07 02:56:56 -05:00
|
|
|
# Include deleted posts if the user is staff
|
|
|
|
finder = finder.with_deleted if current_user.try(:staff?)
|
2013-02-08 18:04:14 -06:00
|
|
|
|
|
|
|
post = finder.first
|
|
|
|
guardian.ensure_can_see!(post)
|
|
|
|
post
|
2013-02-25 10:42:20 -06:00
|
|
|
end
|
2013-06-07 02:52:03 -05:00
|
|
|
|
2013-07-22 02:48:24 -05:00
|
|
|
def render_post_json(post)
|
|
|
|
post_serializer = PostSerializer.new(post, scope: guardian, root: false)
|
|
|
|
post_serializer.add_raw = true
|
|
|
|
render_json_dump(post_serializer)
|
|
|
|
end
|
|
|
|
|
2013-06-07 02:52:03 -05:00
|
|
|
private
|
|
|
|
|
2013-07-28 21:25:19 -05:00
|
|
|
def params_key(params)
|
|
|
|
"post##" << Digest::SHA1.hexdigest(params
|
|
|
|
.to_a
|
|
|
|
.concat([["user", current_user.id]])
|
|
|
|
.sort{|x,y| x[0] <=> y[0]}.join do |x,y|
|
|
|
|
"#{x}:#{y}"
|
|
|
|
end)
|
|
|
|
end
|
|
|
|
|
2013-06-07 02:52:03 -05:00
|
|
|
def create_params
|
2013-07-01 21:22:56 -05:00
|
|
|
permitted = [
|
2013-07-11 18:35:52 -05:00
|
|
|
:raw,
|
|
|
|
:topic_id,
|
|
|
|
:title,
|
|
|
|
:archetype,
|
|
|
|
:category,
|
|
|
|
:target_usernames,
|
|
|
|
:reply_to_post_number,
|
2013-11-26 18:06:20 -06:00
|
|
|
:auto_close_time,
|
2013-07-21 20:48:29 -05:00
|
|
|
:auto_track
|
2013-07-01 21:22:56 -05:00
|
|
|
]
|
|
|
|
|
2013-07-21 21:26:02 -05:00
|
|
|
# param munging for WordPress
|
|
|
|
params[:auto_track] = !(params[:auto_track].to_s == "false") if params[:auto_track]
|
|
|
|
|
2013-07-01 21:22:56 -05:00
|
|
|
if api_key_valid?
|
|
|
|
# php seems to be sending this incorrectly, don't fight with it
|
|
|
|
params[:skip_validations] = params[:skip_validations].to_s == "true"
|
|
|
|
permitted << :skip_validations
|
|
|
|
end
|
|
|
|
|
|
|
|
params.require(:raw)
|
|
|
|
params.permit(*permitted).tap do |whitelisted|
|
2013-09-27 03:55:50 -05:00
|
|
|
whitelisted[:image_sizes] = params[:image_sizes]
|
2013-07-01 21:22:56 -05:00
|
|
|
# TODO this does not feel right, we should name what meta_data is allowed
|
2013-06-07 02:52:03 -05:00
|
|
|
whitelisted[:meta_data] = params[:meta_data]
|
|
|
|
end
|
|
|
|
end
|
2013-02-05 13:16:51 -06:00
|
|
|
end
|