The gold-button submits the form at the same time that setGildingProperties is
called, so this disables the submit function and manually calls submit for
buttons that have a form parent (creddits and PayPal). This should prevent the
locked payment blob errors.
This adds in two redirects - `event_click` and `event_redirect` - `event_click`
to allow appending in a user ID to an event before redirect, if we require one,
and `event_redirect` to service a local evented redirect, similar to ad clicks.
`event_click` is necessary for tracking clicks from users on embeds, which are
served via redditmedia, and therefore are always anonymous. When a user clicks
through, we want to know who they were and redirect them on their way. Because
of the way we're using nginx to store events as an access log right now, this
means we'll need to use two redirects: one to append the session ID and
another to store the event with the proper session ID.
If the tracker URL isn't configured, we shouldn't include the header in
the response. This uses the same criteria (truthiness of g.tracker_url)
as the templates to determine whether or not to include the URL.
New subreddit fields for mobile, hidden behind feature flag.
Basic functionality with limited validation.
* community rules - list, no markdown
* related subreddits - list, no markdown
* key color - hex color
These fields are optional for `/api/site_admin`.
Upload and delete endpoints for new mobile subreddit icon and banner.
* icon - square, exactly 240x240px
* banner - 16:9 aspect ratio, min 640x360px, max 1280x720px
Users that have gold (or gold charter status) will be able to create and access
gold_only subreddits. Mods will be able to access gold_only status regardless of
their gold status. Approved submitters will not be able to access these subreddits.
To have a gold only subreddit, it must be created as gold only by a gold user or
have admin mode to convert it to gold only (requested via modmail to /r/reddit.com.
There is a default style (gold-only) applied to each gold_only subreddit.
Mods can choose to hide the sidebar adbox for gold-only subreddits. A "reddit gold"
('/subreddits/gold') tab is in '/subreddits' so that gold users can see all of the
gold only subreddits.
Being added as an approved submitter in gold_only and employee_only subreddits
don't allow you to see the subreddit. This will remove the link and ability to
edit the approved submitters so as to not confuse the mods.
Multis set to "hidden" will no longer be shown on the
user's sidebar. Instead, they'll be shown in a box
on their user page (only visible to that user).
Named multireddit objects now show additional fields:
* description_md
* description_html (read only)
* display_name
* key_color
* icon_url (read only)
* weighting_scheme
* copied_from (read only, requires owner)
The "visibility" field can now also be set to "hidden" via the API. Hidden
multireddits will not be shown on a user's sidebar on reddit.com, but will
still be visible to API consumers.
The "copied_from" field shows the multi's owner which multireddit
they copied from.
A "weighting_scheme" of "fresh" will favor newer content, rather than
forcing there to be at least 1 post from each subreddit. "classic"
weighting will use the old format. Note: "fresh" weighting will be enabled
in a future commit.
"key_color" must be an RGB color of the form #AABBCC. API consumers can
choose to set and make use of the key_color field for style purposes.
"icon_url" may contain a URL to an icon for this multireddit. API
consumers can choose to make use of this icon for style purposes.
"display_name" is a human-friendly name for this multireddit. API
consumers can choose to make use of this field to set/display friendlier
names for this multireddit.
Description fields are now included in the base multireddit object, and
"description_md" can be updated directly on the multireddit object.
The separate description endpoint is still available.
All of the above fields can be modified via the existing endpoint,
PUT /api/multi/<multipath>, except for fields marked read only.
Due to the number of new fields and the absence of an existing PATCH
endpoint for /api/multi/<multipath>, the existing PUT endpoint
has been updated to NOT clobber fields that aren't included in the
multi JSON, and to accept "partial" multireddit objects. This is to
prevent fields from getting clobbered by clients that haven't been
updated to send all the new data.
This will pull the people able to view/contribute from the employee list in
liveconfig. Mods are not automatically removed when removed from the liveconfig
and neither are approved submitters that are manually added. When a user is
removed from the employees_only list, they won't be able to see what they've
contributed in their history.
This also create an employees ('/subreddits/employees') tab in '/subreddits' so
that employees can view all of the employees only subreddits.
Only employees can create a subreddit that's employees_only. To change a subreddit
type from employees_only to something else, admin mode is required.
Firefox was returning a height of 0 when an iframe was hidden.
This was causing unnecessary reflows when toggling between the
options for comment embeds. There doesn't seem to be a good
reason to broadcast a 0 height up to the parent window, so
i've added a guard for that.
Safari respects `X-Frame-Options` on 304s, causing embeds to break
if `c.allow_framing` is not set before we return a 304. This splits
embed prepping into two stages so that we can set `c.allow_framing`
before we check modified headers.
When constucting urls to 3rd party cnames, for example,
"thecutelist.com" -> /r/aww, this forces the removal of the
`sr_path`. This was unintentionally affecting pages served by
the `media_domain`, eg. comment & live embeds.
Similar to `can_save`, `can_embed` controls the visibility of the
embed button. This needs to be apart of the `Comment` or else
the rendercache will use the wrong version on heavily cached
comments.
