secure the links on the topic pages, eliminated deleted topics as well.

2025-02-25 18:55:32 -06:00 · 2013-06-05 16:10:26 +10:00
parent 913a607528
commit 870e59883b
9 changed files with 137 additions and 70 deletions
--- a/app/controllers/posts_controller.rb
+++ b/app/controllers/posts_controller.rb
@@ -90,7 +90,7 @@ class PostsController < ApplicationController

    post_serializer = PostSerializer.new(post, scope: guardian, root: false)
    post_serializer.draft_sequence = DraftSequence.current(current_user, post.topic.draft_key)
-    link_counts = TopicLinkClick.counts_for(post.topic, [post])
+    link_counts = TopicLink.counts_for(guardian,post.topic, [post])
    post_serializer.single_post_link_counts = link_counts[post.id] if link_counts.present?
    post_serializer.topic_slug = post.topic.slug if post.topic.present?

--- a/app/models/category.rb
+++ b/app/models/category.rb
@@ -42,6 +42,8 @@ class Category < ActiveRecord::Base

  delegate :post_template, to: 'self.class'

+  attr_accessor :displayable_topics
+
  # Internal: Update category stats: # of topics in past year, month, week for
  # all categories.
  def self.update_stats
@@ -62,8 +64,6 @@ class Category < ActiveRecord::Base
                         topics_week = (#{topics_week})")
  end

-  attr_accessor :displayable_topics
-
  # Internal: Generate the text of post prompting to enter category
  # description.
  def self.post_template
--- a/app/models/topic.rb
+++ b/app/models/topic.rb
@@ -209,8 +209,6 @@ class Topic < ActiveRecord::Base
    meta_data[key.to_s]
  end

-
-
  def self.listable_count_per_day(sinceDaysAgo=30)
    listable_topics.where('created_at > ?', sinceDaysAgo.days.ago).group('date(created_at)').order('date(created_at)').count
  end
@@ -219,22 +217,6 @@ class Topic < ActiveRecord::Base
    archetype == Archetype.private_message
  end

-  def links_grouped
-    exec_sql("SELECT ftl.url,
-                     ft.title,
-                     ftl.link_topic_id,
-                     ftl.reflection,
-                     ftl.internal,
-                     MIN(ftl.user_id) AS user_id,
-                     SUM(clicks) AS clicks
-              FROM topic_links AS ftl
-                LEFT OUTER JOIN topics AS ft ON ftl.link_topic_id = ft.id
-              WHERE ftl.topic_id = ?
-              GROUP BY ftl.url, ft.title, ftl.link_topic_id, ftl.reflection, ftl.internal
-              ORDER BY clicks DESC",
-              id).to_a
-  end
-
  # Search for similar topics
  def self.similar_to(title, raw)
    return [] unless title.present?
--- a/app/models/topic_link.rb
+++ b/app/models/topic_link.rb
@@ -22,6 +22,66 @@ class TopicLink < ActiveRecord::Base
    errors.add(:base, "can't link to the same topic") if (topic_id == link_topic_id)
  end

+  def self.topic_summary(guardian, topic_id)
+
+    # Sam: complicated reports are really hard in AR
+    builder = SqlBuilder.new("SELECT ftl.url,
+                     ft.title,
+                     ftl.link_topic_id,
+                     ftl.reflection,
+                     ftl.internal,
+                     MIN(ftl.user_id) AS user_id,
+                     SUM(clicks) AS clicks
+              FROM topic_links AS ftl
+              LEFT JOIN topics AS ft ON ftl.link_topic_id = ft.id
+              LEFT JOIN categories AS c ON c.id = ft.category_id
+              /*where*/
+              GROUP BY ftl.url, ft.title, ftl.link_topic_id, ftl.reflection, ftl.internal
+              ORDER BY clicks DESC")
+
+    builder.where('ftl.topic_id = :topic_id', topic_id: topic_id)
+    builder.where('ft.deleted_at IS NULL')
+
+    builder.secure_category(guardian.secure_category_ids)
+
+    builder.exec.to_a
+
+  end
+
+  def self.counts_for(guardian,topic, posts)
+    return {} if posts.blank?
+
+    # Sam: I don't know how to write this cleanly in AR,
+    #   in particular the securing logic is tricky and would fallback to SQL anyway
+    builder = SqlBuilder.new("SELECT
+                      l.post_id,
+                      l.url,
+                      l.clicks,
+                      t.title,
+                      l.internal,
+                      l.reflection
+              FROM topic_links l
+              LEFT JOIN topics t ON t.id = l.link_topic_id
+              LEFT JOIN categories AS c ON c.id = t.category_id
+              /*where*/
+              ORDER BY reflection ASC, clicks DESC")
+
+    builder.where('t.deleted_at IS NULL')
+
+    # not certain if pluck is right, cause it may interfere with caching
+    builder.where('l.post_id IN (:post_ids)', post_ids: posts.map(&:id))
+    builder.secure_category(guardian.secure_category_ids)
+
+    builder.map_exec(OpenStruct).each_with_object({}) do |l,result|
+      result[l.post_id] ||= []
+      result[l.post_id] << {url: l.url,
+                            clicks: l.clicks,
+                            title: l.title,
+                            internal: l.internal,
+                            reflection: l.reflection}
+    end
+  end
+
  # Extract any urls in body
  def self.extract_from(post)
    return unless post.present?
--- a/app/models/topic_link_click.rb
+++ b/app/models/topic_link_click.rb
@@ -34,25 +34,6 @@ class TopicLinkClick < ActiveRecord::Base
    args[:url]
  end

-  def self.counts_for(topic, posts)
-    return {} if posts.blank?
-    links = TopicLink
-              .includes(:link_topic)
-              .where(topic_id: topic.id, post_id: posts.map(&:id))
-              .order('reflection asc, clicks desc')
-
-    result = {}
-    links.each do |l|
-      result[l.post_id] ||= []
-      result[l.post_id] << {url: l.url,
-                            clicks: l.clicks,
-                            title: l.link_topic.try(:title),
-                            internal: l.internal,
-                            reflection: l.reflection}
-    end
-
-    result
-  end
 end

 # == Schema Information