With this PR, when JS is activated and WASM supported, the article editor will be dynamically replaced with `contenteditable`s elements. This makes the editing interface simpler and less like a regular form. It will also allow us to easily add visual formatting with native browser APIs (and to insert images or videos directly). Here is a little demo:
![peek 05-03-2019 16-12](https://user-images.githubusercontent.com/16254623/53815536-1dc05680-3f62-11e9-94d3-b363ed84eb97.gif)
There is still a lot to do, but it is a good first step.
Fixes#255
* Slightly improve the media experience
- Use a grid to display the list of media
- Add icons for non-image media preview
- Paginate the gallery
- Add links to the gallery in the editor and in the profile settings to make it more discoverable when you need it
Fixes#432
* Allow video and audio tags in SafeString
Otherwise we can't display their preview, nor show them in articles
Also show controls by default for these two elements
* Show fallback images for audio and unknown files, to make them more visible
* Add a new constructor to SafeString when the input is trusted and doesn't need to be escaped.
And use it to generate media previews.
* Make it possible to insert video/audio in articles
* Allow customizing max form size from env vars
* Add error page for unprocessable entities
And change default http port to 7878
* Improve char counter: under the editor, more discrete, and give it a default value
Rust can compile to WASM, so let's use it for front-end code as well.
To compile the front-end:
```
cargo install cargo-web
cargo web deploy -p plume-front
```
Add some support for comment visibility, fix#217
This add a new column to comment, denoting if they are public or not, and a new table linking private comments to those allowed to read them. There is currently no way to write a private comment from Plume.
Git is having a hard time what happened in Comment::from_activity, but most of it is just re-indentation because a new block was needed to please the borrow checker. I've marked with comments where things actually changed.
At this point only mentioned users can see private comments, even when posted as "follower only" or equivalent.
What should we do when someone isn't allowed to see a comment? Hide the whole thread, or just the comment? If hiding just the comment, should we mark there is a comment one can't see, but answers they can, or put other comments like if they answered to the same comment the hidden one do?
* Count items in database as much as possible
* Fix the tests
* Remove two useless queries
* Run pragma directive before each sqlite connection
* Pragma for tests too
* Remove debug messages
Use uri! to generate links instead of hardcoded urls
Fix#110
Fix invalid links needing to be POST forms
Translate login message for boost and like directly from template
Put js for search in its own file
All the template are now compiled at compile-time with the `ructe` crate.
I preferred to use it instead of askama because it allows more complex Rust expressions, where askama only supports a small subset of expressions and doesn't allow them everywhere (for instance, `{{ macro!() | filter }}` would result in a parsing error).
The diff is quite huge, but there is normally no changes in functionality.
Fixes#161 and unblocks #110 and #273
GET routes are not protected against CSRF. This commit changes the needed URLs to
POST and replace simple links with forms.
Thanks @fdb-hiroshima for noticing it!
For now it might be enough to only reword 'reshare' to 'boost' in the
frontend. The code can continue to use 'reshare'.
Includes the most recent German translation.
Fixes#74