allow skipping the validations on creation if its an api call AND skip_validations is specified

this allows wordpress plugin to post very very short titles or titles that would otherwise be disallowed
2013-07-02 12:22:56 +10:00 · 2013-07-02 12:22:56 +10:00 · f6b850e7a4
parent 68d98ec94e
commit f6b850e7a4
5 changed files with 31 additions and 15 deletions
--- a/app/controllers/posts_controller.rb
+++ b/app/controllers/posts_controller.rb
@ -189,18 +189,27 @@ class PostsController < ApplicationController
  private

    def create_params
-      params.require(:raw)
-      params.permit(
-          :raw, 
-          :topic_id, 
-          :title, 
-          :archetype, 
-          :category, 
-          :target_usernames, 
-          :reply_to_post_number, 
-          :image_sizes, 
+      permitted = [
+          :raw,
+          :topic_id,
+          :title,
+          :archetype,
+          :category,
+          :target_usernames,
+          :reply_to_post_number,
+          :image_sizes,
          :auto_close_days
-        ).tap do |whitelisted|
+      ]
+
+      if api_key_valid?
+        # php seems to be sending this incorrectly, don't fight with it
+        params[:skip_validations] = params[:skip_validations].to_s == "true"
+        permitted << :skip_validations
+      end
+
+      params.require(:raw)
+      params.permit(*permitted).tap do |whitelisted|
+          # TODO this does not feel right, we should name what meta_data is allowed
          whitelisted[:meta_data] = params[:meta_data]
      end
    end
--- a/app/models/topic.rb
+++ b/app/models/topic.rb
@ -35,8 +35,6 @@ class Topic < ActiveRecord::Base
  rate_limit :limit_topics_per_day
  rate_limit :limit_private_messages_per_day

-  before_validation :sanitize_title
-
  validates :title, :presence => true,
                    :topic_title_length => true,
                    :quality_title => { :unless => :private_message? },
@ -47,6 +45,7 @@ class Topic < ActiveRecord::Base
                                        :collection => Proc.new{ Topic.listable_topics } }

  before_validation do
+    self.sanitize_title
    self.title = TextCleaner.clean_title(TextSentinel.title_sentinel(title).text) if errors[:title].empty?
  end

--- a/lib/post_creator.rb
+++ b/lib/post_creator.rb
@ -208,7 +208,7 @@ class PostCreator
  end

  def save_post
-    unless @post.save
+    unless @post.save(validate: !@opts[:skip_validations])
      @errors = @post.errors
      raise ActiveRecord::Rollback.new
    end
--- a/lib/topic_creator.rb
+++ b/lib/topic_creator.rb
@ -56,7 +56,7 @@ class TopicCreator
  end

  def save_topic
-    unless @topic.save
+    unless @topic.save(validate: !@opts[:skip_validations])
      @errors = @topic.errors
      raise ActiveRecord::Rollback.new
    end
--- a/spec/components/post_creator_spec.rb
+++ b/spec/components/post_creator_spec.rb
@ -341,5 +341,13 @@ describe PostCreator do
      post.created_at.should be_within(10.seconds).of(created_at)
    end
  end
+
+  context 'disable validations' do
+    it 'can save a post' do
+      creator = PostCreator.new(user, raw: 'q', title: 'q', skip_validations: true)
+      post = creator.create
+      creator.errors.should be_nil
+    end
+  end
 end