MarseyWorld/files/routes/static.py

from files.mail import *
from files.__main__ import app, limiter, mail
from files.helpers.alerts import *
from files.helpers.const import *
from files.classes.award import AWARDS
from sqlalchemy import func
import os
from files.classes.mod_logs import ACTIONTYPES, ACTIONTYPES2
from files.classes.badges import BadgeDef
import files.helpers.stats as statshelper

@app.get("/r/drama/comments/<id>/<title>")
@app.get("/r/Drama/comments/<id>/<title>")
def rdrama(id, title):
	id = ''.join(f'{x}/' for x in id)
	return redirect(f'/archives/drama/comments/{id}{title}.html')


@app.get("/marseys")
@auth_required
def marseys(v):
	if SITE_NAME == 'rDrama':
		marseys = g.db.query(Marsey, User).join(User, User.id==Marsey.author_id)
		sort = request.values.get("sort", "usage")
		if sort == "usage": marseys = marseys.order_by(Marsey.count.desc(), User.username)
		else: marseys = marseys.order_by(User.username, Marsey.count.desc())
	else:
		marseys = g.db.query(Marsey).order_by(Marsey.count.desc())
	return render_template("marseys.html", v=v, marseys=marseys)

@app.get("/marsey_list.json")
@cache.memoize(timeout=600)
def marsey_list():
	# From database
	emojis = [{
		"name": emoji.name,
		"author": author if SITE_NAME == 'rDrama' or author == "anton-d" else None,
		# yikes, I don't really like this DB schema. Next time be better
		"tags": emoji.tags.split(" ") + [emoji.name[len("marsey"):] if emoji.name.startswith("marsey") else emoji.name],
		"count": emoji.count,
		"class": "Marsey"
	} for emoji, author in g.db.query(Marsey, User.username).join(User, User.id==Marsey.author_id).order_by(Marsey.count.desc())]

	# Stastic shit
	shit = open("files/assets/emojis.json", "r", encoding="utf-8")
	emojis = emojis + json.load(shit)
	shit.close()

	if SITE_NAME == 'Cringetopia':
		shit = open("files/assets/emojis.cringetopia.json", "r", encoding="utf-8")
		emojis = emojis + json.load(shit)
		shit.close()

	# return str(marseys).replace("'",'"')
	return jsonify(emojis)

@app.get('/rules')
@app.get('/sidebar')
@app.get('/logged_out/rules')
@app.get('/logged_out/sidebar')
@auth_desired
def sidebar(v):
	if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}")
	if v and request.path.startswith('/logged_out'): return redirect(request.full_path.replace('/logged_out',''))

	return render_template('sidebar.html', v=v)


@app.get("/stats")
@auth_required
def participation_stats(v):
	return render_template("admin/content_stats.html", 
		v=v, title="Content Statistics", data=stats_cached())

@cache.memoize(timeout=86400)
def stats_cached():
	return statshelper.stats(SITE_NAME)

@app.get("/chart")
def chart():
	return redirect('/weekly_chart')

@app.get("/weekly_chart")
@auth_required
def weekly_chart(v):
	return send_file(statshelper.chart_path(kind="weekly", site=SITE))

@app.get("/daily_chart")
@auth_required
def daily_chart(v):
	return send_file(statshelper.chart_path(kind="daily", site=SITE))

@app.get("/patrons")
@app.get("/paypigs")
@admin_level_required(3)
def patrons(v):
	users = g.db.query(User).filter(User.patron > 0).order_by(User.patron.desc(), User.id).all()

	return render_template("patrons.html", v=v, users=users)

@app.get("/admins")
@app.get("/badmins")
@auth_required
def admins(v):
	if v and v.admin_level > 2:
		admins = g.db.query(User).filter(User.admin_level>1).order_by(User.truecoins.desc()).all()
		admins += g.db.query(User).filter(User.admin_level==1).order_by(User.truecoins.desc()).all()
	else: admins = g.db.query(User).filter(User.admin_level>0).order_by(User.truecoins.desc()).all()
	return render_template("admins.html", v=v, admins=admins)


@app.get("/log")
@app.get("/modlog")
@auth_required
def log(v):

	try: page = max(int(request.values.get("page", 1)), 1)
	except: page = 1

	admin = request.values.get("admin")
	if admin: admin_id = get_id(admin)
	else: admin_id = 0

	kind = request.values.get("kind")

	if v and v.admin_level > 1: types = ACTIONTYPES
	else: types = ACTIONTYPES2

	if kind and kind not in types:
		kind = None
		actions = []
	else:
		actions = g.db.query(ModAction)
		if not (v and v.admin_level >= 2): 
			actions = actions.filter(ModAction.kind.notin_(["shadowban","unshadowban"]))

		if admin_id:
			actions = actions.filter_by(user_id=admin_id)
			kinds = set([x.kind for x in actions])
			types2 = {}
			for k,val in types.items():
				if k in kinds: types2[k] = val
			types = types2
		if kind: actions = actions.filter_by(kind=kind)

		actions = actions.order_by(ModAction.id.desc()).offset(25*(page-1)).limit(26).all()
	
	next_exists=len(actions)>25
	actions=actions[:25]
	admins = [x[0] for x in g.db.query(User.username).filter(User.admin_level >= 2).order_by(User.username).all()]

	return render_template("log.html", v=v, admins=admins, types=types, admin=admin, type=kind, actions=actions, next_exists=next_exists, page=page)

@app.get("/log/<id>")
@auth_required
def log_item(id, v):

	try: id = int(id)
	except: abort(404)

	action=g.db.get(ModAction, id)

	if not action: abort(404)

	admins = [x[0] for x in g.db.query(User.username).filter(User.admin_level > 1).all()]

	if v and v.admin_level > 1: types = ACTIONTYPES
	else: types = ACTIONTYPES2

	return render_template("log.html", v=v, actions=[action], next_exists=False, page=1, action=action, admins=admins, types=types)

@app.get("/directory")
@auth_desired
def static_megathread_index(v):
	return render_template("megathread_index.html", v=v)

@app.get("/api")
@auth_required
def api(v):
	return render_template("api.html", v=v)

@app.get("/contact")
@app.get("/press")
@app.get("/media")
@auth_required
def contact(v):

	return render_template("contact.html", v=v)

@app.post("/send_admin")
@limiter.limit("1/second;2/minute;6/hour;10/day")
@limiter.limit("1/second;2/minute;6/hour;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')
@auth_required
def submit_contact(v):
	body = request.values.get("message")
	if not body: abort(400)

	body = f'This message has been sent automatically to all admins via [/contact](/contact)\n\nMessage:\n\n' + body

	body += process_files()

	body = body.strip()
	
	body_html = sanitize(body)

	new_comment = Comment(author_id=v.id,
						  parent_submission=None,
						  level=1,
						  body_html=body_html,
						  sentto=2
						  )
	g.db.add(new_comment)
	g.db.flush()
	new_comment.top_comment_id = new_comment.id
	
	for admin in g.db.query(User).filter(User.admin_level > 2).all():
		notif = Notification(comment_id=new_comment.id, user_id=admin.id)
		g.db.add(notif)


	g.db.commit()
	return render_template("contact.html", v=v, msg="Your message has been sent.")

@app.get('/archives')
def archivesindex():
	return redirect("/archives/index.html")

@app.get('/archives/<path:path>')
def archives(path):
	resp = make_response(send_from_directory('/archives', path))
	if request.path.endswith('.css'): resp.headers.add("Content-Type", "text/css")
	return resp

@app.get('/e/<emoji>')
@limiter.exempt
def emoji(emoji):
	if not emoji.endswith('.webp'): abort(404)
	resp = make_response(send_from_directory('assets/images/emojis', emoji))
	resp.headers.remove("Cache-Control")
	resp.headers.add("Cache-Control", "public, max-age=3153600")
	resp.headers.remove("Content-Type")
	resp.headers.add("Content-Type", "image/webp")
	return resp

@app.get('/assets/<path:path>')
@app.get('/static/assets/<path:path>')
@limiter.exempt
def static_service(path):
	resp = make_response(send_from_directory('assets', path))
	if request.path.endswith('.webp') or request.path.endswith('.gif') or request.path.endswith('.ttf') or request.path.endswith('.woff2'):
		resp.headers.remove("Cache-Control")
		resp.headers.add("Cache-Control", "public, max-age=3153600")

	if request.path.endswith('.webp'):
		resp.headers.remove("Content-Type")
		resp.headers.add("Content-Type", "image/webp")

	return resp

@app.get('/images/<path>')
@app.get('/hostedimages/<path>')
@app.get("/static/images/<path>")
@limiter.exempt
def images(path):
	resp = make_response(send_from_directory('/images', path))
	resp.headers.remove("Cache-Control")
	resp.headers.add("Cache-Control", "public, max-age=3153600")
	resp.headers.remove("Content-Type")
	resp.headers.add("Content-Type" ,"image/webp")
	return resp

@app.get('/videos/<path>')
@limiter.exempt
def videos(path):
	resp = make_response(send_from_directory('/videos', path))
	resp.headers.remove("Cache-Control")
	resp.headers.add("Cache-Control", "public, max-age=3153600")
	return resp

@app.get('/audio/<path>')
@limiter.exempt
def audio(path):
	resp = make_response(send_from_directory('/audio', path))
	resp.headers.remove("Cache-Control")
	resp.headers.add("Cache-Control", "public, max-age=3153600")
	return resp

@app.get("/robots.txt")
def robots_txt():
	try: f = send_file("assets/robots.txt")
	except:
		print('/robots.txt', flush=True)
		abort(404)
	return f

no = (21,22,23,24,25,26,27)

@cache.memoize(timeout=3600)
def badge_list(site):
	badges = g.db.query(BadgeDef).filter(BadgeDef.id.notin_(no)).order_by(BadgeDef.id).all()
	counts_raw = g.db.query(Badge.badge_id, func.count()).group_by(Badge.badge_id).all()
	users = g.db.query(User).count()

	counts = {}
	for c in counts_raw:
		counts[c[0]] = (c[1], float(c[1]) * 100 / max(users, 1))
	
	return badges, counts

@app.get("/badges")
@auth_required
def badges(v):
	badges, counts = badge_list(SITE)
	return render_template("badges.html", v=v, badges=badges, counts=counts)

@app.get("/blocks")
@auth_required
def blocks(v):


	blocks=g.db.query(UserBlock).all()
	users = []
	targets = []
	for x in blocks:
		acc_user = get_account(x.user_id)
		acc_tgt  = get_account(x.target_id)
		if acc_user.shadowbanned or acc_tgt.shadowbanned: continue
		users.append(acc_user)
		targets.append(acc_tgt)

	return render_template("blocks.html", v=v, users=users, targets=targets)

@app.get("/banned")
@auth_required
def banned(v):

	users = g.db.query(User).filter(User.is_banned > 0, User.unban_utc == 0).all()
	return render_template("banned.html", v=v, users=users)

@app.get("/formatting")
@auth_required
def formatting(v):

	return render_template("formatting.html", v=v)

@app.get("/service-worker.js")
def serviceworker():
	with open("files/assets/js/service-worker.js", "r", encoding="utf-8") as f:
		return Response(f.read(), mimetype='application/javascript')

@app.get("/settings/security")
@auth_required
def settings_security(v):

	return render_template("settings_security.html",
						   v=v,
						   mfa_secret=pyotp.random_base32() if not v.mfa_secret else None
						   )


@app.post("/dismiss_mobile_tip")
def dismiss_mobile_tip():
	session["tooltip_last_dismissed"] = int(time.time())
	return "", 204
mn 2022-05-04 23:09:46 +00:00			`from files.mail import *`
			`from files.__main__ import app, limiter, mail`
			`from files.helpers.alerts import *`
			`from files.helpers.const import *`
			`from files.classes.award import AWARDS`
			`from sqlalchemy import func`
fsd 2022-05-18 19:29:07 +00:00			`import os`
mn 2022-05-04 23:09:46 +00:00			`from files.classes.mod_logs import ACTIONTYPES, ACTIONTYPES2`
			`from files.classes.badges import BadgeDef`
cron: Move charts from static to helper. 2022-06-07 12:31:24 +00:00			`import files.helpers.stats as statshelper`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/r/drama/comments/<id>/<title>")`
			`@app.get("/r/Drama/comments/<id>/<title>")`
			`def rdrama(id, title):`
			`id = ''.join(f'{x}/' for x in id)`
			`return redirect(f'/archives/drama/comments/{id}{title}.html')`


			`@app.get("/marseys")`
			`@auth_required`
			`def marseys(v):`
			`if SITE_NAME == 'rDrama':`
			`marseys = g.db.query(Marsey, User).join(User, User.id==Marsey.author_id)`
			`sort = request.values.get("sort", "usage")`
			`if sort == "usage": marseys = marseys.order_by(Marsey.count.desc(), User.username)`
			`else: marseys = marseys.order_by(User.username, Marsey.count.desc())`
			`else:`
			`marseys = g.db.query(Marsey).order_by(Marsey.count.desc())`
			`return render_template("marseys.html", v=v, marseys=marseys)`

Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`@app.get("/marsey_list.json")`
			`@cache.memoize(timeout=600)`
mn 2022-05-04 23:09:46 +00:00			`def marsey_list():`
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`# From database`
			`emojis = [{`
sfd 2022-05-07 04:13:19 +00:00			`"name": emoji.name,`
worst asymptotic behavior (#259) * ditched the log search in favor of the polynomial search otherwise poor carp can't search for xis boyfriend marseysamhyde querying "hyde" and instead of properly tag it ["sam", "hyde"] I had to ditch the search alg made in the image of G-d * le new line * anton-d on all dramaverse 2022-05-11 17:49:27 +00:00			`"author": author if SITE_NAME == 'rDrama' or author == "anton-d" else None,`
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`# yikes, I don't really like this DB schema. Next time be better`
Bussysussy (#256) * improved static emojis descriptions and file readability * perf improv. 2 * some minor tweaks * final tweaks to js and mobile css * very final 2022-05-10 00:58:57 +00:00			`"tags": emoji.tags.split(" ") + [emoji.name[len("marsey"):] if emoji.name.startswith("marsey") else emoji.name],`
sfd 2022-05-07 04:13:19 +00:00			`"count": emoji.count,`
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`"class": "Marsey"`
sfd 2022-05-07 04:13:19 +00:00			`} for emoji, author in g.db.query(Marsey, User.username).join(User, User.id==Marsey.author_id).order_by(Marsey.count.desc())]`
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00
			`# Stastic shit`
Rename 'shit emojis.json' for sanity. 2022-06-02 09:15:41 +00:00			`shit = open("files/assets/emojis.json", "r", encoding="utf-8")`
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`emojis = emojis + json.load(shit)`
			`shit.close()`

			`if SITE_NAME == 'Cringetopia':`
Rename 'shit emojis.json' for sanity. 2022-06-02 09:15:41 +00:00			`shit = open("files/assets/emojis.cringetopia.json", "r", encoding="utf-8")`
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`emojis = emojis + json.load(shit)`
			`shit.close()`
mn 2022-05-04 23:09:46 +00:00
Merge branch 'bussy_refactor' of https://github.com/DrTransmisia/rDrama into frost 2022-05-05 21:12:07 +00:00			`# return str(marseys).replace("'",'"')`
			`return jsonify(emojis)`
mn 2022-05-04 23:09:46 +00:00
			`@app.get('/rules')`
			`@app.get('/sidebar')`
nv 2022-05-06 04:55:15 +00:00			`@app.get('/logged_out/rules')`
			`@app.get('/logged_out/sidebar')`
mn 2022-05-04 23:09:46 +00:00			`@auth_desired`
			`def sidebar(v):`
nv 2022-05-06 04:55:15 +00:00			`if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out{request.full_path}")`
sfd 2022-05-09 08:47:35 +00:00			`if v and request.path.startswith('/logged_out'): return redirect(request.full_path.replace('/logged_out',''))`
nv 2022-05-06 04:55:15 +00:00
mn 2022-05-04 23:09:46 +00:00			`return render_template('sidebar.html', v=v)`


			`@app.get("/stats")`
			`@auth_required`
			`def participation_stats(v):`
Refactor stat timers, award timers. Prior to this comment, the every-1d cron.py command was broken due to lack of proper stats import. However, while refactoring this, it was convenient to move other recurring tasks that had been stuffed in odd places--not least `stats(...)`--into the new cron system. This entailed a number of refactorings of other things. 1. Move stats(...) from static.py to helpers/stats.py. 2. Move hole inactivity purge task from stats(...) to routes/subs.py. 3. Move bot award timer checks from stats(...) to helpers/awards.py. 4. Unify award timer logic formerly in routes/front.py into the new helpers/awards.py. 2022-06-10 09:47:41 +00:00			`return render_template("admin/content_stats.html",`
			`v=v, title="Content Statistics", data=stats_cached())`
mn 2022-05-04 23:09:46 +00:00
			`@cache.memoize(timeout=86400)`
Refactor stat timers, award timers. Prior to this comment, the every-1d cron.py command was broken due to lack of proper stats import. However, while refactoring this, it was convenient to move other recurring tasks that had been stuffed in odd places--not least `stats(...)`--into the new cron system. This entailed a number of refactorings of other things. 1. Move stats(...) from static.py to helpers/stats.py. 2. Move hole inactivity purge task from stats(...) to routes/subs.py. 3. Move bot award timer checks from stats(...) to helpers/awards.py. 4. Unify award timer logic formerly in routes/front.py into the new helpers/awards.py. 2022-06-10 09:47:41 +00:00			`def stats_cached():`
			`return statshelper.stats(SITE_NAME)`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/chart")`
			`def chart():`
			`return redirect('/weekly_chart')`

			`@app.get("/weekly_chart")`
			`@auth_required`
			`def weekly_chart(v):`
cron: Move charts from static to helper. 2022-06-07 12:31:24 +00:00			`return send_file(statshelper.chart_path(kind="weekly", site=SITE))`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/daily_chart")`
			`@auth_required`
			`def daily_chart(v):`
cron: Move charts from static to helper. 2022-06-07 12:31:24 +00:00			`return send_file(statshelper.chart_path(kind="daily", site=SITE))`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/patrons")`
			`@app.get("/paypigs")`
			`@admin_level_required(3)`
			`def patrons(v):`
			`users = g.db.query(User).filter(User.patron > 0).order_by(User.patron.desc(), User.id).all()`

			`return render_template("patrons.html", v=v, users=users)`

			`@app.get("/admins")`
			`@app.get("/badmins")`
			`@auth_required`
			`def admins(v):`
			`if v and v.admin_level > 2:`
			`admins = g.db.query(User).filter(User.admin_level>1).order_by(User.truecoins.desc()).all()`
			`admins += g.db.query(User).filter(User.admin_level==1).order_by(User.truecoins.desc()).all()`
			`else: admins = g.db.query(User).filter(User.admin_level>0).order_by(User.truecoins.desc()).all()`
			`return render_template("admins.html", v=v, admins=admins)`


			`@app.get("/log")`
			`@app.get("/modlog")`
			`@auth_required`
			`def log(v):`

			`try: page = max(int(request.values.get("page", 1)), 1)`
			`except: page = 1`

			`admin = request.values.get("admin")`
			`if admin: admin_id = get_id(admin)`
			`else: admin_id = 0`

			`kind = request.values.get("kind")`

			`if v and v.admin_level > 1: types = ACTIONTYPES`
			`else: types = ACTIONTYPES2`

make log show 0 actions when u filter by a kind that doesn't exist (instead of showing all actions) 2022-06-13 16:41:46 +00:00			`if kind and kind not in types:`
			`kind = None`
			`actions = []`
			`else:`
			`actions = g.db.query(ModAction)`
			`if not (v and v.admin_level >= 2):`
			`actions = actions.filter(ModAction.kind.notin_(["shadowban","unshadowban"]))`

			`if admin_id:`
			`actions = actions.filter_by(user_id=admin_id)`
			`kinds = set([x.kind for x in actions])`
			`types2 = {}`
			`for k,val in types.items():`
			`if k in kinds: types2[k] = val`
			`types = types2`
			`if kind: actions = actions.filter_by(kind=kind)`

			`actions = actions.order_by(ModAction.id.desc()).offset(25*(page-1)).limit(26).all()`

mn 2022-05-04 23:09:46 +00:00			`next_exists=len(actions)>25`
			`actions=actions[:25]`
Fix banned domain info leak in modlog. 2022-06-07 02:18:56 +00:00			`admins = [x[0] for x in g.db.query(User.username).filter(User.admin_level >= 2).order_by(User.username).all()]`
mn 2022-05-04 23:09:46 +00:00
			`return render_template("log.html", v=v, admins=admins, types=types, admin=admin, type=kind, actions=actions, next_exists=next_exists, page=page)`

			`@app.get("/log/<id>")`
			`@auth_required`
			`def log_item(id, v):`

			`try: id = int(id)`
			`except: abort(404)`

replace "g.db.query" on pkeys with the much more efficient "g.db.get" 2022-06-18 00:57:23 +00:00			`action=g.db.get(ModAction, id)`
mn 2022-05-04 23:09:46 +00:00
			`if not action: abort(404)`

			`admins = [x[0] for x in g.db.query(User.username).filter(User.admin_level > 1).all()]`

			`if v and v.admin_level > 1: types = ACTIONTYPES`
			`else: types = ACTIONTYPES2`

			`return render_template("log.html", v=v, actions=[action], next_exists=False, page=1, action=action, admins=admins, types=types)`

Create directory page for sidebar megathreads. The sidebar previously did not prioritize information as well as desired, and the proliferation of megathreads led to a number of icons occupying frontpage visual space despite not often being useful to frontpage use cases. Therefore, they have been moved to a new page. The /directory page is predominantly created with template logic, and it should be within the ability of our semi-technical jannie staff to maintain. 2022-06-15 07:27:04 +00:00			`@app.get("/directory")`
Loosen auth requirement on /directory. 2022-06-17 20:38:30 +00:00			`@auth_desired`
Create directory page for sidebar megathreads. The sidebar previously did not prioritize information as well as desired, and the proliferation of megathreads led to a number of icons occupying frontpage visual space despite not often being useful to frontpage use cases. Therefore, they have been moved to a new page. The /directory page is predominantly created with template logic, and it should be within the ability of our semi-technical jannie staff to maintain. 2022-06-15 07:27:04 +00:00			`def static_megathread_index(v):`
			`return render_template("megathread_index.html", v=v)`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/api")`
fsd 2022-05-22 16:14:32 +00:00			`@auth_required`
			`def api(v):`
			`return render_template("api.html", v=v)`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/contact")`
			`@app.get("/press")`
			`@app.get("/media")`
			`@auth_required`
			`def contact(v):`

			`return render_template("contact.html", v=v)`

			`@app.post("/send_admin")`
			`@limiter.limit("1/second;2/minute;6/hour;10/day")`
			`@limiter.limit("1/second;2/minute;6/hour;10/day", key_func=lambda:f'{request.host}-{session.get("lo_user")}')`
			`@auth_required`
			`def submit_contact(v):`
			`body = request.values.get("message")`
			`if not body: abort(400)`

			`body = f'This message has been sent automatically to all admins via [/contact](/contact)\n\nMessage:\n\n' + body`

make modmail messages use the files refactor 2022-06-18 17:41:24 +00:00			`body += process_files()`
mn 2022-05-04 23:09:46 +00:00
make modmail messages use the files refactor 2022-06-18 17:41:24 +00:00			`body = body.strip()`

			`body_html = sanitize(body)`
mn 2022-05-04 23:09:46 +00:00
			`new_comment = Comment(author_id=v.id,`
			`parent_submission=None,`
			`level=1,`
			`body_html=body_html,`
			`sentto=2`
			`)`
			`g.db.add(new_comment)`
			`g.db.flush()`
			`new_comment.top_comment_id = new_comment.id`

			`for admin in g.db.query(User).filter(User.admin_level > 2).all():`
			`notif = Notification(comment_id=new_comment.id, user_id=admin.id)`
			`g.db.add(notif)`



			`g.db.commit()`
			`return render_template("contact.html", v=v, msg="Your message has been sent.")`

			`@app.get('/archives')`
			`def archivesindex():`
			`return redirect("/archives/index.html")`

			`@app.get('/archives/<path:path>')`
			`def archives(path):`
			`resp = make_response(send_from_directory('/archives', path))`
			`if request.path.endswith('.css'): resp.headers.add("Content-Type", "text/css")`
			`return resp`

			`@app.get('/e/<emoji>')`
sfd 2022-05-22 17:23:52 +00:00			`@limiter.exempt`
mn 2022-05-04 23:09:46 +00:00			`def emoji(emoji):`
			`if not emoji.endswith('.webp'): abort(404)`
			`resp = make_response(send_from_directory('assets/images/emojis', emoji))`
			`resp.headers.remove("Cache-Control")`
			`resp.headers.add("Cache-Control", "public, max-age=3153600")`
			`resp.headers.remove("Content-Type")`
			`resp.headers.add("Content-Type", "image/webp")`
			`return resp`

			`@app.get('/assets/<path:path>')`
			`@app.get('/static/assets/<path:path>')`
sfd 2022-05-22 17:23:52 +00:00			`@limiter.exempt`
mn 2022-05-04 23:09:46 +00:00			`def static_service(path):`
			`resp = make_response(send_from_directory('assets', path))`
			`if request.path.endswith('.webp') or request.path.endswith('.gif') or request.path.endswith('.ttf') or request.path.endswith('.woff2'):`
			`resp.headers.remove("Cache-Control")`
			`resp.headers.add("Cache-Control", "public, max-age=3153600")`

			`if request.path.endswith('.webp'):`
			`resp.headers.remove("Content-Type")`
			`resp.headers.add("Content-Type", "image/webp")`

			`return resp`

			`@app.get('/images/<path>')`
			`@app.get('/hostedimages/<path>')`
			`@app.get("/static/images/<path>")`
sfd 2022-05-22 17:23:52 +00:00			`@limiter.exempt`
mn 2022-05-04 23:09:46 +00:00			`def images(path):`
fds 2022-05-24 15:32:49 +00:00			`resp = make_response(send_from_directory('/images', path))`
mn 2022-05-04 23:09:46 +00:00			`resp.headers.remove("Cache-Control")`
			`resp.headers.add("Cache-Control", "public, max-age=3153600")`
vid refactor 2022-05-22 16:13:19 +00:00			`resp.headers.remove("Content-Type")`
			`resp.headers.add("Content-Type" ,"image/webp")`
			`return resp`

			`@app.get('/videos/<path>')`
sfd 2022-05-22 17:23:52 +00:00			`@limiter.exempt`
vid refactor 2022-05-22 16:13:19 +00:00			`def videos(path):`
fds 2022-05-24 15:32:49 +00:00			`resp = make_response(send_from_directory('/videos', path))`
vid refactor 2022-05-22 16:13:19 +00:00			`resp.headers.remove("Cache-Control")`
			`resp.headers.add("Cache-Control", "public, max-age=3153600")`
mn 2022-05-04 23:09:46 +00:00			`return resp`
big ass commit 2022-05-22 22:15:29 +00:00
			`@app.get('/audio/<path>')`
			`@limiter.exempt`
			`def audio(path):`
fds 2022-05-24 15:32:49 +00:00			`resp = make_response(send_from_directory('/audio', path))`
big ass commit 2022-05-22 22:15:29 +00:00			`resp.headers.remove("Cache-Control")`
			`resp.headers.add("Cache-Control", "public, max-age=3153600")`
			`return resp`
mn 2022-05-04 23:09:46 +00:00
			`@app.get("/robots.txt")`
			`def robots_txt():`
			`try: f = send_file("assets/robots.txt")`
			`except:`
			`print('/robots.txt', flush=True)`
			`abort(404)`
			`return f`

			`no = (21,22,23,24,25,26,27)`

			`@cache.memoize(timeout=3600)`
			`def badge_list(site):`
			`badges = g.db.query(BadgeDef).filter(BadgeDef.id.notin_(no)).order_by(BadgeDef.id).all()`
			`counts_raw = g.db.query(Badge.badge_id, func.count()).group_by(Badge.badge_id).all()`
sf 2022-05-09 11:21:49 +00:00			`users = g.db.query(User).count()`
mn 2022-05-04 23:09:46 +00:00
			`counts = {}`
			`for c in counts_raw:`
			`counts[c[0]] = (c[1], float(c[1]) * 100 / max(users, 1))`

			`return badges, counts`

			`@app.get("/badges")`
			`@auth_required`
			`def badges(v):`
			`badges, counts = badge_list(SITE)`
			`return render_template("badges.html", v=v, badges=badges, counts=counts)`

			`@app.get("/blocks")`
			`@auth_required`
			`def blocks(v):`


			`blocks=g.db.query(UserBlock).all()`
			`users = []`
			`targets = []`
			`for x in blocks:`
Close more shadowbanned user info leaks. 1. Missed the notif for unfollowing a non-fish'd user in fb520034047f. 2. "Get Them Help" button showed username. 3. Gift coins/mbux showed username and allowed a message. 4. Global block list showed username. 5. User profile appeared to logged-out and non-jannies. 2022-06-13 03:03:36 +00:00			`acc_user = get_account(x.user_id)`
			`acc_tgt = get_account(x.target_id)`
			`if acc_user.shadowbanned or acc_tgt.shadowbanned: continue`
			`users.append(acc_user)`
			`targets.append(acc_tgt)`
mn 2022-05-04 23:09:46 +00:00
			`return render_template("blocks.html", v=v, users=users, targets=targets)`

			`@app.get("/banned")`
			`@auth_required`
			`def banned(v):`

fds 2022-05-25 20:16:26 +00:00			`users = g.db.query(User).filter(User.is_banned > 0, User.unban_utc == 0).all()`
mn 2022-05-04 23:09:46 +00:00			`return render_template("banned.html", v=v, users=users)`

			`@app.get("/formatting")`
			`@auth_required`
			`def formatting(v):`

			`return render_template("formatting.html", v=v)`

fix push notifications 2022-06-10 22:14:03 +00:00			`@app.get("/service-worker.js")`
mn 2022-05-04 23:09:46 +00:00			`def serviceworker():`
fix push notifications 2022-06-10 22:14:03 +00:00			`with open("files/assets/js/service-worker.js", "r", encoding="utf-8") as f:`
			`return Response(f.read(), mimetype='application/javascript')`
Added offline service worker (serves a static webpage when no internet connection is present) (#285) based 2022-05-27 19:23:01 +00:00
mn 2022-05-04 23:09:46 +00:00			`@app.get("/settings/security")`
			`@auth_required`
			`def settings_security(v):`

			`return render_template("settings_security.html",`
			`v=v,`
			`mfa_secret=pyotp.random_base32() if not v.mfa_secret else None`
			`)`


			`@app.post("/dismiss_mobile_tip")`
			`def dismiss_mobile_tip():`
			`session["tooltip_last_dismissed"] = int(time.time())`
			`return "", 204`