Release 2026-01-07 02:23:04 +0000

.circleci/config.yml

@@ -10,6 +10,10 @@ jobs:
       - image: cimg/ruby:3.4.3-node
     steps:
       - checkout
+      - run:
+          name: Configure Bundler
+          command: |
+            bundle lock --add-platform ruby
       - ruby/install-deps
       - node/install:
           install-yarn: true
@@ -21,6 +25,10 @@ jobs:
       - image: 'cimg/ruby:3.4.3-node'
     steps:
       - checkout
+      - run:
+          name: Configure Bundler
+          command: |
+            bundle lock --add-platform ruby
       - ruby/install-deps
       - ruby/rubocop-check:
           format: progress
@@ -75,7 +83,6 @@ jobs:
       - run:
           name: Configure Bundler
           command: |
-            bundle config set --local force_ruby_platform true
             bundle lock --add-platform ruby
       - ruby/install-deps:
           clean-bundle: true

.cloudbuild/cloudbuild-staging.yaml

@@ -250,6 +250,7 @@ steps:
       - '--set-env-vars=DISCORD_AUTHENTICATION_URL=$_DISCORD_AUTHENTICATION_URL'
       - '--set-env-vars=PUBSUB_AUDIENCE=$_PUBSUB_AUDIENCE'
       - '--set-env-vars=PUBSUB_SERVICE_ACCOUNT_EMAIL=$_PUBSUB_SERVICE_ACCOUNT_EMAIL'
+      - '--set-env-vars=PUBSUB_TOPIC=$_PUBSUB_TOPIC'
       - '--set-env-vars=$_ENVS'
       - >-
         --labels=managed-by=gcp-cloud-build-deploy-cloud-run,commit-sha=$COMMIT_SHA,gcb-build-id=$BUILD_ID,gcb-trigger-id=$_TRIGGER_ID,$_LABELS

.cloudbuild/cloudbuild.yaml

@@ -121,6 +121,7 @@ steps:
       - '--set-env-vars=DISCORD_AUTHENTICATION_URL=$_DISCORD_AUTHENTICATION_URL'
       - '--set-env-vars=PUBSUB_AUDIENCE=$_PUBSUB_AUDIENCE'
       - '--set-env-vars=PUBSUB_SERVICE_ACCOUNT_EMAIL=$_PUBSUB_SERVICE_ACCOUNT_EMAIL'
+      - '--set-env-vars=PUBSUB_TOPIC=$_PUBSUB_TOPIC'
       - '--set-env-vars=$_ENVS'
       - >-
         --labels=managed-by=gcp-cloud-build-deploy-cloud-run,commit-sha=$COMMIT_SHA,gcb-build-id=$BUILD_ID,gcb-trigger-id=$_TRIGGER_ID,$_LABELS

Gemfile

@@ -36,6 +36,8 @@ gem 'discordrb', '~> 3.5', require: false
 gem 'doorkeeper'
 gem 'good_job', '~> 4.5'
 gem 'google-cloud-storage', '~> 1.25', require: false
+gem 'google-cloud-video-transcoder'
+gem 'google-id-token'
 gem 'holiday_jp'
 gem 'icalendar', '~> 2.8'
 gem 'interactor', '~> 3.0'
@@ -58,6 +60,7 @@ gem 'omniauth-discord'
 gem 'omniauth-github', '~> 2.0.1'
 gem 'omniauth-rails_csrf_protection'
 gem 'opengraph_parser'
+gem 'openssl'
 gem 'parser', '3.2.2.4'
 gem 'pg', '~> 1.4.6'
 gem 'postmark-rails'

Gemfile.lock

@@ -199,6 +199,9 @@ GEM
       multipart-post (~> 2.0)
     faraday-net_http (3.4.2)
       net-http (~> 0.5)
+    faraday-retry (2.3.2)
+      faraday (~> 2.0)
+    ffi (1.17.1)
     ffi (1.17.1-aarch64-linux-gnu)
     ffi (1.17.1-aarch64-linux-musl)
     ffi (1.17.1-arm-linux-gnu)
@@ -212,6 +215,16 @@ GEM
     fugit (1.12.1)
       et-orbi (~> 1.4)
       raabro (~> 1.4)
+    gapic-common (1.1.0)
+      faraday (>= 1.9, < 3.a)
+      faraday-retry (>= 1.0, < 3.a)
+      google-cloud-env (~> 2.2)
+      google-logging-utils (~> 0.1)
+      google-protobuf (>= 3.25, < 5.a)
+      googleapis-common-protos (~> 1.6)
+      googleapis-common-protos-types (~> 1.15)
+      googleauth (~> 1.12)
+      grpc (~> 1.66)
     globalid (1.3.0)
       activesupport (>= 6.1)
     good_job (4.12.1)
@@ -249,7 +262,30 @@ GEM
       google-cloud-core (~> 1.6)
       googleauth (~> 1.9)
       mini_mime (~> 1.0)
+    google-cloud-video-transcoder (2.0.1)
+      google-cloud-core (~> 1.6)
+      google-cloud-video-transcoder-v1 (~> 2.0)
+    google-cloud-video-transcoder-v1 (2.2.0)
+      gapic-common (~> 1.0)
+      google-cloud-errors (~> 1.0)
+    google-id-token (1.4.2)
+      jwt (>= 1)
     google-logging-utils (0.2.0)
+    google-protobuf (4.32.0)
+      bigdecimal
+      rake (>= 13)
+    google-protobuf (4.32.0-arm64-darwin)
+      bigdecimal
+      rake (>= 13)
+    google-protobuf (4.32.0-x86_64-linux-gnu)
+      bigdecimal
+      rake (>= 13)
+    googleapis-common-protos (1.8.0)
+      google-protobuf (>= 3.18, < 5.a)
+      googleapis-common-protos-types (~> 1.20)
+      grpc (~> 1.41)
+    googleapis-common-protos-types (1.20.0)
+      google-protobuf (>= 3.18, < 5.a)
     googleauth (1.15.1)
       faraday (>= 1.0, < 3.a)
       google-cloud-env (~> 2.2)
@@ -258,6 +294,15 @@ GEM
       multi_json (~> 1.11)
       os (>= 0.9, < 2.0)
       signet (>= 0.16, < 2.a)
+    grpc (1.74.1)
+      google-protobuf (>= 3.25, < 5.0)
+      googleapis-common-protos-types (~> 1.0)
+    grpc (1.74.1-arm64-darwin)
+      google-protobuf (>= 3.25, < 5.0)
+      googleapis-common-protos-types (~> 1.0)
+    grpc (1.74.1-x86_64-linux-gnu)
+      google-protobuf (>= 3.25, < 5.0)
+      googleapis-common-protos-types (~> 1.0)
     hashdiff (1.2.1)
     hashie (5.0.0)
     holiday_jp (0.8.1)
@@ -426,6 +471,7 @@ GEM
     opengraph_parser (0.2.5)
       addressable
       nokogiri
+    openssl (4.0.0)
     opus-ruby (1.0.1)
       ffi
     os (1.1.4)
@@ -743,6 +789,8 @@ DEPENDENCIES
   foreman
   good_job (~> 4.5)
   google-cloud-storage (~> 1.25)
+  google-cloud-video-transcoder
+  google-id-token
   holiday_jp
   icalendar (~> 2.8)
   image_processing (~> 1.12)
@@ -772,6 +820,7 @@ DEPENDENCIES
   omniauth-github (~> 2.0.1)
   omniauth-rails_csrf_protection
   opengraph_parser
+  openssl
   parser (= 3.2.2.4)
   pg (~> 1.4.6)
   postmark-rails

app/components/users/micro_reports/micro_report_component.html.slim

@@ -1,20 +1,20 @@
 .micro-report(id="micro_report_#{@micro_report.id}" data-micro_report_id="#{@micro_report.id}" data-micro_report_content="#{@micro_report.content}")
   .micro-report__start
-    = render 'users/icon', user: @user, link_class: 'micro-report__user-link', image_class: 'micro-report_user-icon'
+    = render 'users/icon', user: comment_user, link_class: 'micro-report__user-link', image_class: 'micro-report_user-icon'
   .micro-report__end
     .is-micro-report.micro-report-display
       header.micro-report__header
         h2.micro-report__title
-          = link_to user_path(@user), class: 'micro-report__title-link a-text-link' do
-            = @user.login_name
+          = link_to user_path(comment_user), class: 'micro-report__title-link a-text-link' do
+            = comment_user.login_name
         time.micro-report__created-at
           = posted_datetime
       .micro-report__body
         .a-short-text.is-sm.js-markdown-view
           = @micro_report.content
       .micro-report__footer
-        - if @micro_report.user == @current_user || admin_login?
-          .micro-report-actions
+        .micro-report-actions
+          - if @micro_report.comment_user == @current_user || @current_user&.admin?
             ul.micro-report-actions__items
               li.micro-report-actions__item
                 button.micro-report-actions__action.is-edit.js-editor-button

app/components/users/micro_reports/micro_report_component.rb

@@ -7,6 +7,10 @@ def initialize(user:, current_user:, micro_report:)
     @micro_report = micro_report
   end
 
+  def comment_user
+    @micro_report.comment_user
+  end
+
   def posted_datetime
     time = @micro_report.created_at
     if time.to_date == Time.zone.today
@@ -18,5 +22,7 @@ def posted_datetime
     end
   end
 
-  delegate :admin_login?, to: :helpers
+  def owner_post?
+    comment_user == @user
+  end
 end

app/controllers/api/bookmarks_controller.rb

@@ -1,7 +1,7 @@
 # frozen_string_literal: true
 
 class API::BookmarksController < API::BaseController
-  PAGER_NUMBER = 25
+  PAGER_NUMBER = 20
 
   def index
     per = params[:per] || PAGER_NUMBER

app/controllers/api/micro_reports_controller.rb

@@ -14,7 +14,12 @@ def update
   private
 
   def set_micro_report
-    @micro_report = current_user.admin? ? MicroReport.find(params[:id]) : current_user.micro_reports.find(params[:id])
+    @micro_report =
+      if current_user.admin?
+        MicroReport.find(params[:id])
+      else
+        current_user.authored_micro_reports.find(params[:id])
+      end
   end
 
   def micro_report_params

app/controllers/api/pub_sub_controller.rb

@@ -0,0 +1,48 @@
+# frozen_string_literal: true
+
+class API::PubSubController < API::BaseController
+  skip_before_action :verify_authenticity_token
+  skip_before_action :require_login_for_api
+  skip_before_action :basic_auth
+  before_action :authenticate_pubsub_token
+
+  def create
+    result = ProcessTranscodingNotification.call(body: request.body.read)
+
+    if result.success?
+      head :ok
+    else
+      Rails.logger.error("Failed to process transcoding notification: #{result.error}")
+
+      if result.retryable == false
+        head :ok # 200系のステータスコードを返すとPub/Subは再送しない
+      else
+        head :internal_server_error
+      end
+    end
+  end
+
+  private
+
+  def authenticate_pubsub_token
+    authz = request.headers['Authorization'].to_s
+    token = authz[/\ABearer\s+(.+)\z/i, 1]
+    return if token && valid_pubsub_token?(token)
+
+    Rails.logger.warn('Unauthorized Pub/Sub request')
+    head :unauthorized
+  end
+
+  def valid_pubsub_token?(token)
+    validator = GoogleIDToken::Validator.new
+    expected_audience = "#{request.base_url}#{request.path}"
+    payload = validator.check(token, expected_audience)
+
+    expected_sa_email = ENV['PUBSUB_SERVICE_ACCOUNT_EMAIL']
+    sa_email_claim = payload['email']
+    sa_email_claim == expected_sa_email
+  rescue GoogleIDToken::ValidationError => e
+    Rails.logger.warn("Invalid JWT: #{e.message}")
+    false
+  end
+end

app/controllers/billing_portal_controller.rb

@@ -3,6 +3,6 @@
 class BillingPortalController < ApplicationController
   def create
     session = Stripe::BillingPortal::Session.create(customer: current_user.customer_id)
-    redirect_to session.url
+    redirect_to session.url, allow_other_host: true
   end
 end

app/controllers/current_user/bookmarks_controller.rb

@@ -1,7 +1,20 @@
 # frozen_string_literal: true
 
 class CurrentUser::BookmarksController < ApplicationController
-  def index
-    @user = current_user
+  PAGER_NUMBER = 20
+
+  before_action :set_bookmarks, only: [:index]
+
+  def index; end
+
+  def destroy
+    current_user.bookmarks.find(params[:id]).destroy
+    head :no_content
+  end
+
+  private
+
+  def set_bookmarks
+    @bookmarks = current_user.bookmarks.preload(bookmarkable: :user).order(created_at: :desc, id: :desc).page(params[:page]).per(PAGER_NUMBER)
   end
 end

app/controllers/notifications_controller.rb

@@ -5,6 +5,11 @@ class NotificationsController < ApplicationController
 
   def index
     @target = params[:target]
+    @notifications = UserNotificationsQuery.new(
+      user: current_user,
+      target: params[:target],
+      status: params[:status]
+    ).call.page(params[:page])
   end
 
   def show

app/controllers/training_completion_controller.rb

@@ -15,7 +15,7 @@ def create
       user = current_user
       current_user.cancel_participation_from_regular_events
       current_user.delete_and_assign_new_organizer
-      Newspaper.publish(:training_completion_create, { user: })
+      ActiveSupport::Notifications.instrument('training_completion.create', user:)
       user.clear_github_data
       notify_to_user(user)
       notify_to_admins(user)

app/controllers/users/micro_reports_controller.rb

@@ -13,22 +13,28 @@ def index
 
   def create
     @micro_report = @user.micro_reports.build(micro_report_params)
+    @micro_report.comment_user = current_user
 
-    if current_user == @user && @micro_report.save
+    if @micro_report.save
       flash[:notice] = '分報を投稿しました。'
     else
       flash[:alert] = '分報の投稿に失敗しました。'
     end
 
-    redirect_to user_micro_reports_path(@user, page: @user.latest_micro_report_page)
+    redirect_to user_micro_reports_path(@user, page: @user.latest_micro_report_page(per_page: PAGER_NUMBER))
   end
 
   def destroy
+    if !current_user.admin? && @micro_report.comment_user != current_user
+      redirect_to user_micro_reports_path(@user), alert: '権限がありません。'
+      return
+    end
+
     @micro_report.destroy!
 
     referer_path = request.referer
     if page_out_of_range?(referer_path)
-      redirect_to user_micro_reports_path(@user, page: @user.latest_micro_report_page)
+      redirect_to user_micro_reports_path(@user, page: @user.latest_micro_report_page(per_page: PAGER_NUMBER))
     else
       redirect_to referer_path
     end
@@ -42,7 +48,12 @@ def set_user
   end
 
   def set_micro_report
-    @micro_report = current_user.admin? ? MicroReport.find(params[:id]) : current_user.micro_reports.find(params[:id])
+    @micro_report =
+      if current_user.admin?
+        MicroReport.find(params[:id])
+      else
+        current_user.authored_micro_reports.find(params[:id])
+      end
   end
 
   def micro_report_params
@@ -53,6 +64,6 @@ def page_out_of_range?(referer_path)
     matched_page_number = referer_path.match(/page=(\d+)/)
     page_number = matched_page_number ? matched_page_number[1] : FIRST_PAGE
 
-    MicroReport.page(page_number).out_of_range?
+    @user.micro_reports.page(page_number).out_of_range?
   end
 end