Commit graph

839 commits

Author SHA1 Message Date
Matchu
df629368d3 Rename ClosetList.public -> publicly_visible
This removes a conflict with a new Rails method `.public` on the model!
2023-07-29 11:55:26 -07:00
Matchu
d1fbc1b178 Use strong parameters for ClosetHanger 2023-07-29 11:25:25 -07:00
Matchu
a2bd538bb4 Use strong parameters for ClosetList 2023-07-29 11:22:15 -07:00
Matchu
32b1608346 Drop NewsPosts model
We never ended up really using this lol, and it has an attr_accessible I want to be rid of so let's just fully trash it while we're at it!
2023-07-29 11:19:37 -07:00
Matchu
59580ab47b Use strong parameters for User 2023-07-29 11:07:14 -07:00
Matchu
4250e009d7 Use strong parameters for Outfit 2023-07-29 10:52:23 -07:00
Matchu
1ffcb59f4a Auto log in as test user in development mode
I want to test some logged-in stuff, but the whole openneo_id app is a mess to integrate with (and I want to eliminate it down the line anyway), so here's a simple hacky thing that just gets you into a test user for development!
2023-07-29 10:39:07 -07:00
Matchu
39a722600c Use strong parameters for Donation 2023-07-29 10:29:09 -07:00
Matchu
abf08bb7e7 Delete attr_accessible from Campaign
idk what these were even doing here, I never built a UI to edit campaigns?
2023-07-29 10:18:42 -07:00
Matchu
a0de57bed9 Backfill globalize's find_by_name method
This method was removed in globalize 4, which we upgraded to for compatibility with Rails 4! Let's add back in a similar thing for now!
2023-07-28 15:33:46 -07:00
Matchu
24511e5cfe Oops, fix item search crash in wardrobe
Oh right, these aren't the weird item proxy thing anymore, stop calling these methods!
2023-07-28 15:16:06 -07:00
Matchu
4b891b1a91 Improve zones.json performance
Idk I'm working on a mobile hotspot rn and not including the translations was making this slow, hey may as well fix while we're here right? lol
2023-07-28 15:08:54 -07:00
Matchu
ca6a573c0a Add user:owns/wants back to item search
Not so bad, using a condition on `has_many` `through` was a cute trick!!
2023-07-28 15:06:33 -07:00
Matchu
070599e2ca Add fits and not_fits back to item search
Some fun stuff here to figure out how to API this out well, but I'm pretty pleased with where it ended up!
2023-07-28 14:45:10 -07:00
Matchu
4ac1304c74 Improve not_occupied solution
Not being a subquery is better! I realized later that a LEFT JOIN would probably do it even betterer? with like `HAVING count(x) = 0`? but the `left_outer_joins` method doesn't seem to be in Rails 4, and I don't want to do stringy joins, so this is fine for now!
2023-07-28 14:10:13 -07:00
Matchu
ab015db461 Oops, fix not_occupies logic error
Right, previously we were querying "has *at least one asset* that is not in zone X" instead of "has NO assets that are in zone X".

I don't know a fast way to query for that, this will have to do for now!
2023-07-26 13:18:19 -07:00
Matchu
5c119abcd8 Add restricts filter back to item search 2023-07-26 12:41:37 -07:00
Matchu
db9e3dfb53 Add occupies filter back to item search
Mostly adapting what was already there!
2023-07-26 12:28:25 -07:00
Matchu
da508ab33a Use arel for item translation joins
Just a bit defensive so we aren't setting up the possibility of an ambiguous query someday!
2023-07-26 11:58:05 -07:00
Matchu
d12b21896c Add is:pb back to item search 2023-07-26 11:51:52 -07:00
Matchu
4d722dd5c5 Simplify filter API a bit
Not doing the tricks with `is_positive` anymore, instead just calling different functions altogether at the call site.

Also, instead of classes, I feel like this is a lot more concise to just write as class methods that create certain instances of a trivial `Filter` data class. Without the tricks of `is_positive` in play, the value of classes goes way down imo.
2023-07-26 11:47:00 -07:00
Matchu
2ac806333d Move Item name search logic to model scope 2023-07-26 11:15:35 -07:00
Matchu
c04bab55d0 Improve is:X failure message 2023-07-26 11:06:36 -07:00
Matchu
20bedf8f59 Start building new item search
Just name field right now, more to come! A lot deleted lol
2023-07-22 19:01:40 -07:00
Matchu
f997513e87 Update to new scope syntax
Ohh ok, without this change all of our `scope`s were just immediately evaluating the argument and fetching _all_ such matching records immediately, instead of waiting to actually be called. This led to bugs like `pet_type.as_json` returning ALL pet states in the whole db, because the `PetState.emotion_order` scope was being treated as a single predefined query, rather than a query fragment to merge into the current context.

This also explains what happened in 724ed83: that's why things before the scope in the query were being ignored.
2023-07-22 14:04:01 -07:00
Matchu
f234513976 Fix SASS @extend of non-existant class
This used to just be ignored, but SASS crashes on it now, reasonable ty!
2023-07-22 13:47:56 -07:00
Matchu
989d12050b Remove unused JSX pragma in modeling React code
lol again this is hard to test so uhh I hope this didn't break it all!! though tbh I feel like we removed this feature or something anyway? idk it stopped working in some way
2023-07-22 13:35:41 -07:00
Matchu
5d5830c3b1 Fix modeling_i18n_tag crash
Tbh I'm not 100% sure this is a fix, I'm not sure what `haml_concat` was doing here, and the page is still crashing so it's hard to say. But fingers crossed!
2023-07-22 13:34:08 -07:00
Matchu
724ed83833 Fix select bug in Item.all_by_ids_or_children
Idk why, but when the `select` was the first thing in the query, it was getting ignored. I wonder if there's something about the `object_assets` scope that I'm not understanding that's overwriting it? Or the `joins`? But whatever, this works, I'm not worried about it for now!
2023-07-22 13:32:29 -07:00
Matchu
a705bfc34e Fix caching crashes in localized_cache
The controller was like "oh yeah we have that cached" (from previous renders of the app on Rails 3 I think?), but the view disagreed, bc it was appending a template digest to the cache key. That's a smart feature, but not compatible with how we skip queries in the controller, so disable it for now!
2023-07-22 12:52:53 -07:00
Matchu
3020def570 Update to new set_table_name syntax 2023-07-22 12:36:04 -07:00
Matchu
8ce5fd7c3e Update syntax for set_inheritance_column 2023-07-22 12:23:14 -07:00
Matchu
7d20204940 Remove flex from the app (breaks search!)
We'll need to replace the item search query stuff with direct MySQL queries, but that's not ready yet bc the app still isn't booting, so we're committing this in a known broken state for now!
2023-07-22 12:18:53 -07:00
Matchu
7f8f7e624d Remove references to the Stripe gem
Rather than figure out how to upgrade the Stripe gem to be compatible with future Rails, I'd rather just delete the references, since it's currently unused.

I'm not so bold as to go in and fully trash all our donation code; I just want to ensure we're not sending people down broken codepaths, and that if they reach them, the error messages are clear enough.
2023-07-21 18:54:15 -07:00
4f357c2f9c
Use images without awaiting conversion anymore
We set up `impress-asset-images.openneo.net` to redirect to the right asset, without needing to depend on AWS anymore for HTML5-converted items!

Our quick fix for this: always serve `has_image: true` to the frontend, so it always tries to use the image, regardless of whether we've marked it as converted in the database. (We've turned off the converters too!)
2022-10-15 16:26:12 -07:00
Emi Dunn-Rankin
515b089b3b
Update terms link to point to DTI 2020
There's a new terms page over there! Use that instead, and update the lil footer to change the date it was last modified (8 years wow!)
2022-09-25 06:11:34 -07:00
Emi Dunn-Rankin
fe9adb5766
Oops, fix mall spider bug, added by our HTTPS fix
Oh, yeah, shit, okay, when we set `self.url` like that, it's supposed to be the _canonical_ URL for the SWF, not our proxied one—this is the URL that's gonna go in the database.

We do proxying late in the process, like when we're actually setting up to download something, but for just referencing where the asset lives, we use `images.neopets.com`.

In this change, we revert the use of `NEOPETS_IMAGES_URL_ORIGIN`, but we _do_ update this to `https` for good measure. (We currently have both HTTP and HTTPS urls in the database, I guess neopets.com started serving different URLs at some point, this is probably the future! And anything interpreting these URLs will need to handle both cases anyway, unless we do some kind of migration update situation thing.)

We're migrating the incorrect assets with the following query (with the limit changed to match the number we currently see in the DB, just as a safety check):
```
UPDATE swf_assets SET url = REPLACE(url, 'http://images.neopets-asset-proxy.openneo.net', 'https://images.neopets.com') WHERE url LIKE 'http://images.neopets-asset-proxy.openneo.net%' ORDER BY id LIMIT 2000;
```
2022-08-23 03:04:54 -07:00
Emi Dunn-Rankin
bc64164d69
Sigh, fix HTTPS for images AGAIN with a proxy now
Okay, like in the previous commit, we're dealing with forced HTTPS, on a server that isn't going to cooperate with our dependencies' HTTPS version. And this time, I don't think there's a secret origin server that will accept `http://` requests for us.

Thankfully, we have the perfect hack in our back pocket: our own pre-existing images.neopets.com proxy server! I set the following in our secret `.env` file, and now we're good:

```
NEOPETS_IMAGES_URL_ORIGIN=http://images.neopets-asset-proxy.openneo.net
```
2022-08-02 21:17:52 -07:00
Emi Dunn-Rankin
c9117fb318
Merge pull request #3 from openneo:neopets-url-origin
Use secret NEOPETS_URL_ORIGIN to bypass HTTPS
2022-08-02 20:47:34 -07:00
Emi Dunn-Rankin
568a3645de
Use secret NEOPETS_URL_ORIGIN to bypass HTTPS
Oops, neopets.com finally stopped accepting `http://` connections, so our AMFPHP requests stopped working! And our current dependencies make it hard to make modern HTTPS requests :(

Instead, we're doing this quick-fix: we have a connection who knows the internal address for the Neopets origin server behind their CDN, which *does* still accept `http://` requests!

So, when `NEOPETS_URL_ORIGIN` is specified in the secret `.env` file (not committed to the repository), we'll use it instead of `http://www.neopets.com`. However, we still have that in the code as a fallback, just to be a bit less surprising to some theoretical future dev so they can see the real error message, and to self-document a bit of what that value is semantically doing! (The documentation angle is more of why it's there, rather than an actual expectation that any actual person in the future will run the code and get the fallback.)
2022-08-02 20:46:47 -07:00
9540e2122b
Disable HTTPS for SWF asset downloads
Whoops, everything broke because the world is far ahead of us on security! Oh well.
2022-07-23 21:44:17 -07:00
aa75e2496f
Use outfits.openneo-assets.net, bc petpage bug
There's a bug on Neopets.com that breaks links and images for *.openneo.net, on petpages specifically.

So, we've registered a new domain, and we're using that to serve outfit images now.

I'm a bit hesitant to add a new domain name to our like, permanent URL surface area, lol… but I'm not hearing back from TNT, and I already closed the doors on S3, so… here we are, whatever 😅
2021-06-19 09:10:25 -07:00
aceffc56ab
Fix SWF downloading for HTTPS URLs
TNT started using HTTPS URLs! And our old Ruby version (lol 😬) still requires explicit invocation to perform SSL during a request, so requests were failing!

Now, we explicitly build the `Net::HTTPS` object, and turn on `use_ssl` if it's an HTTPS URL! (The shorthand invocation didn't seem to have an option for this, that I could find!)
2021-06-12 02:23:18 -07:00
8d29f50392
Stop saving outfit images, use new URLs everywhere
Here, we turn off the hooks that enqueue outfit image updates, and we disconnect the `OutfitImageUploader` that manages uploaded S3 URLs, instead replacing it with an `image` method that simulates the same basic API.

This should cause _all_ views on Classic DTI to use the new outfit URLs. Some notable examples:
- The user's Outfits page
- The donations page
- The outfit page, and its sharing metadata

I hope I didn't miss anything in the views that will make this crash stuff! I tested the new model code in the Rails console, and checked it against invocations that I noticed when searching the codebase for `outfit.image` 🤞
2021-05-24 20:05:25 -07:00
3e8020cc73
Use impress-outfit-images.openneo.net outfit URLs
Oops, right, I meant to use the new `impress-outfit-images.openneo.net` host for this! It works just fine from `impress-2020.openneo.net` as the backing source right now, but I want these semi-permanent URLs to be a bit more decoupled.
2021-05-20 20:56:21 -07:00
b31a22d4a1
Start serving outfit images via Impress 2020
As part of our project to get off S3 and dramatically reduce costs, we're gonna start serving outfit images that Impress 2020 generates, fronted by Vercel's CDN cache! This should hopefully be just as fast in practice, without requiring an S3 storage cost. (Outfits whose thumbnails are pretty much unused will be evicted from the cache, or never stored in the first place—and regenerated back into the cache on-demand if needed.)

One important note is that the image at the URL will no longer be guaranteed to auto-update to reflect the changes to the outfit, because we're including `updated_at` in the URL for caching. (It also isn't guaranteed to _not_ auto-update, though 😅) Our hope is that people aren't using it for that use case so much! If so, though, we have some ways we could build live URLs without putting too much pressure on image generation, e.g. redirects 🤔

This change does _not_ disable actual outfit generation, because I want to keep that running until we see these new URLs succeed for folks. Gonna wait a bit and see if we get bug reports on them! Then, if all goes well, we'll stop enqueueing outfit image jobs altogether, and maybe wind down some of the infrastructure accordingly.
2021-05-20 20:52:19 -07:00
238a458131
Fix body ID bug saving SwfAsset outside modeling
Oops, if you saved `SwfAsset` outside of modeling code, the `item` field would be empty, and so `item.body_specific?` wouldn't happen.

This would trigger when you even just report a broken image!

Now, we always run the SQL query to check for that flag.
2021-03-16 10:40:01 -07:00
Matt Dunn-Rankin
6697b15413 More generously catch errors on userlookup
Okay so, userlookup stuff hasn't worked in years, because it requires a login now.

But apparently, somewhere recently, the code inside our `neopets` gem started hard crashing, because of assumptions we made about the document we'd get back.

I'm not sure why it only recently started crashing? or if I'm even necessarily right about that?

But anyway, I'm just doing the easiest safest (🤞🏻) change possible: being more generous with the errors we swallow.

Test Plan:
Deploy and cross fingers.
2019-10-27 14:24:21 -07:00
Matt Dunn-Rankin
c7d60e3e41 Add db field to override special color
Okay, fine, finally making this controllable from the db without requiring a deploy :P Setting this new field will cause `item.special_color` to return the corresponding color. This mainly affects what we show on the item page, and what colors we request for modeling on the homepage.
2018-05-09 14:10:20 -07:00
Matt Dunn-Rankin
7707580ed5
Update Neopia URLs to use HTTPS
We recently flipped the switch for various hosts to force HTTPS, yay! This includes `neopia.openneo.net`.

However, I forgot to change the URL scheme in this file. This meant that the form submit from the homepage would go to `http://neopia.openneo.net/`, then redirect to `https://neopia.openneo.net/`, but only preserve the form data in certain browsers. This change should fix that!

Note: This probably breaks the dev environment, where we don't have a cert for `https://neopia.dev.openneo.net`. I'll fix that some other time!
2018-04-16 20:36:50 -07:00