Commit graph

1652 commits

Author SHA1 Message Date
Matchu
ca858f1350 Remove unused Devise initializer settings
I guess the APIs changed here, but these were placeholder settings we weren't actually using anyway (cuz we use the OpenNeo ID integration), so I just commented them out and it seems fine for now!
2023-10-23 19:05:02 -07:00
Matchu
72a08901c8 Upgrade to Ruby 2.2.4, Rails 4.0.13
NOTE: This doesn't boot yet! There's something changed in the `devise` API that we'll need to fix!

```
/vagrant/config/initializers/devise.rb:46:in `block in <top (required)>': undefined method `encryptor=' for Devise:Module (NoMethodError)
```

But yeah, we navigated the gem upgrades, and also I ran `rake rails:update` and hand-processed the suggestions it had for our config files.
2023-10-23 19:05:02 -07:00
a3b07b1e53 Update our license
Copied to be up-to-date with the impress-2020 repository!
2023-10-23 19:04:56 -07:00
Matchu
7f8f7e624d Remove references to the Stripe gem
Rather than figure out how to upgrade the Stripe gem to be compatible with future Rails, I'd rather just delete the references, since it's currently unused.

I'm not so bold as to go in and fully trash all our donation code; I just want to ensure we're not sending people down broken codepaths, and that if they reach them, the error messages are clear enough.
2023-07-21 18:54:15 -07:00
Matchu
9cb71da77c Upgrade to Rails 3.2.22.5
I'm just giving the app a very quick scan on critical pages, it's possible I'm missing some issues on paths that are harder to test rn like openneo_id auth, but I'll check in on that later I think?
2023-07-21 18:33:04 -07:00
Matchu
2112e74884 Add port forwarding to Vagrantfile
Now, `rails server` should make the dev server available at `localhost:3000` on the host machine too!
2023-07-21 18:19:24 -07:00
Matchu
e7ec7147ea Update gems
Ha, I forgot we're including all the vendored gems in the git repo. Maybe that's worth changing? But fine to leave as-is for now.
2023-07-21 18:07:36 -07:00
Matchu
c5cc9cc295 Add required dev packages to Vagrantfile
These are necessary for installing some of our gems!

Note the tricky bit where we need an older OpenSSL package when building Ruby 1.9.3, but need to uninstall before `libmysqlclient-dev`, which requires a more recent version of `libssl-dev`. I thiiiink this is safe to do, but we'll find out!
2023-07-21 18:07:12 -07:00
Matchu
4da4f40c82 Replace git:// with https:// in Gemfile
None of these are private repos, so there's no reason to use the authenticated git protocol to download the stuff. (I guess this used to work because I had github creds set up on the machine that was running the app, whereas right now it's running in Vagrant, so yeah makes sense that it wasn't an issue before!)
2023-07-21 17:57:37 -07:00
Matchu
1684c844ab Remove empty assets group from Gemfile
lol, lmao
2023-07-21 17:55:06 -07:00
Matchu
2155b9de4c Delete development_async gems from Gemfile
I'm pretttty sure we fully do not need these, they were an attempt to solve the "contacting neopets.com is slow" problem, which we now solve by having other processes who are better at concurrency handle that request.
2023-07-21 17:54:29 -07:00
Matchu
3e23543ab4 Add .ruby-version file
Generated by running `rbenv local 1.9.3-p551` in the vagrant box! (The output is simple but just fyi :p)
2023-07-21 17:48:33 -07:00
Matchu
d74f35b6bc Add Vagrantfile for installing Ruby 1.9.3
The intent is to set up for an upgrade of Ruby and Rails to the modern versions, but I want to start by having a stable running copy that we can incrementally pull up to new versions of things!

And it turns out getting Ruby 1.9.3 to build on modern platforms is hard! I started by trying on macOS and just couldn't get there, the instructions I found for workarounds didn't seem to work anymore.

So the solution I landed on was to set up an Ubuntu VM, and follow some instructions from https://stackoverflow.com/q/51986932 to patch Ruby to work with the version of OpenSSL we have access to!

And it was enough of a challenge that I figured that, rather than setting up the Vagrantfile elsewhere, it would be helpful documentation to do it here, even if we scrap the Vagrantfile etc later once we're in a new stable environment.
2023-07-21 17:44:49 -07:00
Matchu
8d691803ea Remove another stray file
Haha what a world.
2023-07-21 16:47:36 -07:00
Matchu
aaf52df9dc Remove silly stray file
Been there uhhh MANY years lmao
2023-07-21 16:25:02 -07:00
4f357c2f9c
Use images without awaiting conversion anymore
We set up `impress-asset-images.openneo.net` to redirect to the right asset, without needing to depend on AWS anymore for HTML5-converted items!

Our quick fix for this: always serve `has_image: true` to the frontend, so it always tries to use the image, regardless of whether we've marked it as converted in the database. (We've turned off the converters too!)
2022-10-15 16:26:12 -07:00
Emi Dunn-Rankin
515b089b3b
Update terms link to point to DTI 2020
There's a new terms page over there! Use that instead, and update the lil footer to change the date it was last modified (8 years wow!)
2022-09-25 06:11:34 -07:00
Emi Dunn-Rankin
9bd2b27a4d
Merge pull request #5 from openneo:https-swf-asset-url-bug
Oops, fix mall spider bug, added by our HTTPS fix
2022-08-23 03:06:28 -07:00
Emi Dunn-Rankin
fe9adb5766
Oops, fix mall spider bug, added by our HTTPS fix
Oh, yeah, shit, okay, when we set `self.url` like that, it's supposed to be the _canonical_ URL for the SWF, not our proxied one—this is the URL that's gonna go in the database.

We do proxying late in the process, like when we're actually setting up to download something, but for just referencing where the asset lives, we use `images.neopets.com`.

In this change, we revert the use of `NEOPETS_IMAGES_URL_ORIGIN`, but we _do_ update this to `https` for good measure. (We currently have both HTTP and HTTPS urls in the database, I guess neopets.com started serving different URLs at some point, this is probably the future! And anything interpreting these URLs will need to handle both cases anyway, unless we do some kind of migration update situation thing.)

We're migrating the incorrect assets with the following query (with the limit changed to match the number we currently see in the DB, just as a safety check):
```
UPDATE swf_assets SET url = REPLACE(url, 'http://images.neopets-asset-proxy.openneo.net', 'https://images.neopets.com') WHERE url LIKE 'http://images.neopets-asset-proxy.openneo.net%' ORDER BY id LIMIT 2000;
```
2022-08-23 03:04:54 -07:00
Emi Dunn-Rankin
4446209ec4
Merge pull request #4 from openneo:proxy-for-https-images
Sigh, fix HTTPS for images AGAIN with a proxy now
2022-08-02 21:18:11 -07:00
Emi Dunn-Rankin
bc64164d69
Sigh, fix HTTPS for images AGAIN with a proxy now
Okay, like in the previous commit, we're dealing with forced HTTPS, on a server that isn't going to cooperate with our dependencies' HTTPS version. And this time, I don't think there's a secret origin server that will accept `http://` requests for us.

Thankfully, we have the perfect hack in our back pocket: our own pre-existing images.neopets.com proxy server! I set the following in our secret `.env` file, and now we're good:

```
NEOPETS_IMAGES_URL_ORIGIN=http://images.neopets-asset-proxy.openneo.net
```
2022-08-02 21:17:52 -07:00
Emi Dunn-Rankin
c9117fb318
Merge pull request #3 from openneo:neopets-url-origin
Use secret NEOPETS_URL_ORIGIN to bypass HTTPS
2022-08-02 20:47:34 -07:00
Emi Dunn-Rankin
568a3645de
Use secret NEOPETS_URL_ORIGIN to bypass HTTPS
Oops, neopets.com finally stopped accepting `http://` connections, so our AMFPHP requests stopped working! And our current dependencies make it hard to make modern HTTPS requests :(

Instead, we're doing this quick-fix: we have a connection who knows the internal address for the Neopets origin server behind their CDN, which *does* still accept `http://` requests!

So, when `NEOPETS_URL_ORIGIN` is specified in the secret `.env` file (not committed to the repository), we'll use it instead of `http://www.neopets.com`. However, we still have that in the code as a fallback, just to be a bit less surprising to some theoretical future dev so they can see the real error message, and to self-document a bit of what that value is semantically doing! (The documentation angle is more of why it's there, rather than an actual expectation that any actual person in the future will run the code and get the fallback.)
2022-08-02 20:46:47 -07:00
822684a671
Upgrade Parallel
Okay this one was weird, the reference to the Parallel gem in `pet.rb` just, stopped working? Is that some weird downstream consequence of something we changed today, or has it just been broken for a long time and we just never ran that codepath? Seems… odd if we hadn't? But ok?

In any case, upgrading the gem seemed to fix whatever was causing it to not load in for whatever reason. Ok!
2022-07-23 21:46:13 -07:00
9540e2122b
Disable HTTPS for SWF asset downloads
Whoops, everything broke because the world is far ahead of us on security! Oh well.
2022-07-23 21:44:17 -07:00
aa75e2496f
Use outfits.openneo-assets.net, bc petpage bug
There's a bug on Neopets.com that breaks links and images for *.openneo.net, on petpages specifically.

So, we've registered a new domain, and we're using that to serve outfit images now.

I'm a bit hesitant to add a new domain name to our like, permanent URL surface area, lol… but I'm not hearing back from TNT, and I already closed the doors on S3, so… here we are, whatever 😅
2021-06-19 09:10:25 -07:00
aceffc56ab
Fix SWF downloading for HTTPS URLs
TNT started using HTTPS URLs! And our old Ruby version (lol 😬) still requires explicit invocation to perform SSL during a request, so requests were failing!

Now, we explicitly build the `Net::HTTPS` object, and turn on `use_ssl` if it's an HTTPS URL! (The shorthand invocation didn't seem to have an option for this, that I could find!)
2021-06-12 02:23:18 -07:00
8d29f50392
Stop saving outfit images, use new URLs everywhere
Here, we turn off the hooks that enqueue outfit image updates, and we disconnect the `OutfitImageUploader` that manages uploaded S3 URLs, instead replacing it with an `image` method that simulates the same basic API.

This should cause _all_ views on Classic DTI to use the new outfit URLs. Some notable examples:
- The user's Outfits page
- The donations page
- The outfit page, and its sharing metadata

I hope I didn't miss anything in the views that will make this crash stuff! I tested the new model code in the Rails console, and checked it against invocations that I noticed when searching the codebase for `outfit.image` 🤞
2021-05-24 20:05:25 -07:00
3e8020cc73
Use impress-outfit-images.openneo.net outfit URLs
Oops, right, I meant to use the new `impress-outfit-images.openneo.net` host for this! It works just fine from `impress-2020.openneo.net` as the backing source right now, but I want these semi-permanent URLs to be a bit more decoupled.
2021-05-20 20:56:21 -07:00
b31a22d4a1
Start serving outfit images via Impress 2020
As part of our project to get off S3 and dramatically reduce costs, we're gonna start serving outfit images that Impress 2020 generates, fronted by Vercel's CDN cache! This should hopefully be just as fast in practice, without requiring an S3 storage cost. (Outfits whose thumbnails are pretty much unused will be evicted from the cache, or never stored in the first place—and regenerated back into the cache on-demand if needed.)

One important note is that the image at the URL will no longer be guaranteed to auto-update to reflect the changes to the outfit, because we're including `updated_at` in the URL for caching. (It also isn't guaranteed to _not_ auto-update, though 😅) Our hope is that people aren't using it for that use case so much! If so, though, we have some ways we could build live URLs without putting too much pressure on image generation, e.g. redirects 🤔

This change does _not_ disable actual outfit generation, because I want to keep that running until we see these new URLs succeed for folks. Gonna wait a bit and see if we get bug reports on them! Then, if all goes well, we'll stop enqueueing outfit image jobs altogether, and maybe wind down some of the infrastructure accordingly.
2021-05-20 20:52:19 -07:00
3ae8a265b2
Use Fastly to cache our PNG assets from S3
We've been serving images directly from `impress-asset-images.s3.amazonaws.com` for a long time. While they serve with long-lasting HTTP cache headers, and the app requests them with the `updated_at` timestamp in the query string; each GET request still executes a full S3 ReadObject operation to get the latest version.

In the past, this was only relevant to users on Image Mode, not Flash Mode. But now that everyone's on Image Mode, this matters a lot more!

Now, we've configured a Fastly host at `impress-asset-images.openneo.net`, to sit in front of our S3 bucket. This should dramatically reduce the GET requests to S3 itself, as our cache warms up and gains copies of the most common asset PNGs.

That said, I'm not sure how much actual cost impact this change will have. Our AWS console isn't configured to differentiate cost by bucket yet—I've started this process, but it might take a few days to propagate. All I know is that our current costs are $35/mo data transfer + $20/mo storage, and that outfit images are responsible for most of the storage cost. I hypothesize that `impress-asset-images` is responsible for most of the reads and data transfers, but I'm not sure!

In the future, I think we'll be able to bring our AWS costs to near-zero, by:
- Obsolete `impress-asset-images`, by using the official Neopets PNGs instead, after the HTML5 conversion completes.
- Obsolete `impress-outfit-images`, by using a Node endpoint to generate the images, fronted by a CDN cache. (Transfer the actual data to a long-term storage backup, and replace the S3 objects with redirects, so that old S3 URLs will still work.)

I hope this will be a big slice of the costs though! 🤞

(Note: I'll be deploying this on a bit of a delay, because I want to see the DNS propagate across the globe before flipping to a new domain!)
2021-05-12 22:50:05 -07:00
238a458131
Fix body ID bug saving SwfAsset outside modeling
Oops, if you saved `SwfAsset` outside of modeling code, the `item` field would be empty, and so `item.body_specific?` wouldn't happen.

This would trigger when you even just report a broken image!

Now, we always run the SQL query to check for that flag.
2021-03-16 10:40:01 -07:00
Matt Dunn-Rankin
6697b15413 More generously catch errors on userlookup
Okay so, userlookup stuff hasn't worked in years, because it requires a login now.

But apparently, somewhere recently, the code inside our `neopets` gem started hard crashing, because of assumptions we made about the document we'd get back.

I'm not sure why it only recently started crashing? or if I'm even necessarily right about that?

But anyway, I'm just doing the easiest safest (🤞🏻) change possible: being more generous with the errors we swallow.

Test Plan:
Deploy and cross fingers.
2019-10-27 14:24:21 -07:00
Matt Dunn-Rankin
c7d60e3e41 Add db field to override special color
Okay, fine, finally making this controllable from the db without requiring a deploy :P Setting this new field will cause `item.special_color` to return the corresponding color. This mainly affects what we show on the item page, and what colors we request for modeling on the homepage.
2018-05-09 14:10:20 -07:00
Matt Dunn-Rankin
7707580ed5
Update Neopia URLs to use HTTPS
We recently flipped the switch for various hosts to force HTTPS, yay! This includes `neopia.openneo.net`.

However, I forgot to change the URL scheme in this file. This meant that the form submit from the homepage would go to `http://neopia.openneo.net/`, then redirect to `https://neopia.openneo.net/`, but only preserve the form data in certain browsers. This change should fix that!

Note: This probably breaks the dev environment, where we don't have a cert for `https://neopia.dev.openneo.net`. I'll fix that some other time!
2018-04-16 20:36:50 -07:00
Matt Dunn-Rankin
711aca0008 hardcode more baby IDs :P
Interestingly, these items *are* correctly detecting their special
color on the homepage for model progress. So, we *do* have the ability
to detect this. But I don't have good item data locally, so it would
be hard to test this, so I'm just gonna go with the cheap solution
again, sorry XP
2018-02-25 14:45:13 -08:00
Matt Dunn-Rankin
9771ec834d whoops, accept 1-digit donation amounts! 2018-01-20 17:55:21 -08:00
Matt Dunn-Rankin
55477baa15 new donate layout for post-2017 campaign 2018-01-18 17:14:02 -08:00
Matt Dunn-Rankin
5cae876c46 ugh, one more bug fix? 2017-10-29 15:18:53 -07:00
Matt Dunn-Rankin
80e74da84f whoops, re-add check for explicitly_body_specific?
In bfd825d, we refactored the "is item body-specific?" check. In the process, we dropped the check for the manual override flag, `explicitly_body_specific?`. Not sure if it was an accident or if I was just _so_ confident that it was gonna work :P In any case, re-add the check!
2017-10-29 15:08:22 -07:00
Matt Dunn-Rankin
bd3b75c675 hardcode some color-specific items 😬 2017-10-21 13:32:01 -07:00
Matt Dunn-Rankin
d6ab0e71b3 new JN items URL format 2017-06-17 12:28:07 -07:00
Matt Dunn-Rankin
daa831e2b0 show gear image when no thumbnail URL present
Okay, surprise, the bug was unrelated to Camo config (though I'm glad I cleaned
that up anyway :P). We now, at a low level, serve a placeholder image for item
thumbnail URL if, for some reason, we don't have a good thumbnail URL on hand.
2017-04-01 10:29:12 -07:00
Matt Dunn-Rankin
f54683464f stop appending ?NO_CAMO_CONFIG when image proxying is disabled
One time I did a thing called Camo to try to get our HTTPS pages working,
because images.neopets.com not supporting HTTPS is crazy >_> I've diasbled it
these days, but it had debug behavior to append `?NO_CAMO_CONFIG` to all
proxied URLs when Camo was not configured.

When an item had no thumbnail URL for some reason (mall spider needs fixing,
maybe?), this caused Rails to try to map that empty string into the path
`/assets/?NO_CAMO_CONFIG`, which made Rails complain that it was trying to load
an asset that doesn't exist. This is probably a sign that using `image_tag` for
URLs that *should* be external URLs, but aren't strictly *guaranteed* to be, is
unwise - but, for now, I've just disabled that behavior. I hope Rails has a
better escape hatch for the empty string :P
2017-04-01 10:04:54 -07:00
Matt Dunn-Rankin
512b64a104 update campaign final stretch copy 2017-01-09 11:35:55 -08:00
Matt Dunn-Rankin
17f289f68f whoops, dont trigger autofilter checkbox if we *only* collapsed spaces 2017-01-09 11:16:42 -08:00
Matt Dunn-Rankin
0679d60c82 quote the "fits" filter string if the color/species contains spaces 2017-01-08 12:14:38 -08:00
Matt Dunn-Rankin
0fac707157 Merge branch 'master' of github.com:openneo/impress 2017-01-07 19:19:54 -08:00
Matt Dunn-Rankin
dc582e5980 donation error handling 2017-01-07 19:19:44 -08:00
Matt Dunn-Rankin
822efede84 undo accidental commit
These credentials were never used, and are now revoked. Awkward!
2017-01-06 19:54:17 -08:00