From fe89c82198e5d0230015767fc19ee41b0a7ab45a Mon Sep 17 00:00:00 2001 From: Aevann1 Date: Fri, 17 Dec 2021 05:25:05 +0200 Subject: [PATCH] sffsd --- files/classes/comment.py | 1 - files/classes/submission.py | 1 - files/helpers/jinja2.py | 8 ---- files/helpers/markdown.py | 12 ------ files/helpers/sanitize.py | 10 ++--- files/helpers/wrappers.py | 40 ++++++----------- files/routes/admin.py | 43 +++++++++++-------- files/routes/login.py | 3 ++ files/routes/posts.py | 6 ++- files/routes/settings.py | 3 +- files/routes/static.py | 1 + files/templates/CHRISTMAS/emoji_modal.html | 3 -- files/templates/CHRISTMAS/header.html | 2 +- .../CHRISTMAS/sidebars/HomeSidebar.html | 2 +- files/templates/header.html | 2 +- schema.sql | 4 +- 16 files changed, 55 insertions(+), 86 deletions(-) diff --git a/files/classes/comment.py b/files/classes/comment.py index 5040df5a1..90c9d5955 100644 --- a/files/classes/comment.py +++ b/files/classes/comment.py @@ -26,7 +26,6 @@ class Comment(Base): created_utc = Column(Integer, default=0) edited_utc = Column(Integer, default=0) is_banned = Column(Boolean, default=False) - removed_by = Column(Integer) bannedfor = Column(Boolean) distinguish_level = Column(Integer, default=0) deleted_utc = Column(Integer, default=0) diff --git a/files/classes/submission.py b/files/classes/submission.py index 897f5985a..9d7e35bd4 100644 --- a/files/classes/submission.py +++ b/files/classes/submission.py @@ -27,7 +27,6 @@ class Submission(Base): created_utc = Column(BigInteger, default=0) thumburl = Column(String) is_banned = Column(Boolean, default=False) - removed_by = Column(Integer) bannedfor = Column(Boolean) views = Column(Integer, default=0) deleted_utc = Column(Integer, default=0) diff --git a/files/helpers/jinja2.py b/files/helpers/jinja2.py index 2a8ee3a2a..e0318c80f 100644 --- a/files/helpers/jinja2.py +++ b/files/helpers/jinja2.py @@ -22,14 +22,6 @@ def post_embed(id, v): return render_template("submission_listing.html", listing=[p], v=v) -@app.template_filter("favorite_emojis") -def favorite_emojis(x): - str = "" - emojis = sorted(x.items(), key=lambda x: x[1], reverse=True)[:25] - for k, v in emojis: - str += f'' - return str - @app.context_processor def inject_constants(): constants = [c for c in dir(const) if not c.startswith("_")] diff --git a/files/helpers/markdown.py b/files/helpers/markdown.py index ef072ae92..ad97fa9aa 100644 --- a/files/helpers/markdown.py +++ b/files/helpers/markdown.py @@ -74,11 +74,6 @@ class CustomRenderer(HTMLRenderer): user = get_user(target, graceful=True) - try: - if g.v.admin_level == 0 and g.v.any_block_exists(user): - return f"{space}@{target}" - except BaseException: pass - if not user: return f"{space}@{target}" return f'''{space}@{user.username}'s profile picture@{user.username}''' @@ -113,13 +108,6 @@ class Renderer(HTMLRenderer): user = get_user(target, graceful=True) - - try: - if g.v.admin_level == 0 and g.v.any_block_exists(user): - return f"{space}@{target}" - except BaseException: - pass - if not user: return f"{space}@{target}" return f'{space}@{user.username}' diff --git a/files/helpers/sanitize.py b/files/helpers/sanitize.py index 3f5d6f94f..529475fab 100644 --- a/files/helpers/sanitize.py +++ b/files/helpers/sanitize.py @@ -183,7 +183,7 @@ def sanitize(sanitized, noimages=False): remoji = emoji if path.isfile(f'files/assets/images/emojis/{remoji}.webp'): - new = re.sub(f'(?', new, flags=re.I) + new = re.sub(f'(?', new, flags=re.I) sanitized = sanitized.replace(old, new) @@ -193,10 +193,10 @@ def sanitize(sanitized, noimages=False): if emoji.startswith("!"): emoji = emoji[1:] if path.isfile(f'files/assets/images/emojis/{emoji}.webp'): - sanitized = re.sub(f'(?', sanitized, flags=re.I) + sanitized = re.sub(f'(?', sanitized, flags=re.I) elif path.isfile(f'files/assets/images/emojis/{emoji}.webp'): - sanitized = re.sub(f'(?', sanitized, flags=re.I) + sanitized = re.sub(f'(?', sanitized, flags=re.I) sanitized = sanitized.replace("https://www.", "https://").replace("https://youtu.be/", "https://youtube.com/watch?v=").replace("https://music.youtube.com/watch?v=", "https://youtube.com/watch?v=").replace("https://open.spotify.com/", "https://open.spotify.com/embed/").replace("https://streamable.com/", "https://streamable.com/e/").replace("https://youtube.com/shorts/", "https://youtube.com/watch?v=").replace("https://mobile.twitter", "https://twitter").replace("https://m.facebook", "https://facebook").replace("https://m.wikipedia", "https://wikipedia").replace("https://m.youtube", "https://youtube") @@ -240,10 +240,10 @@ def filter_emojis_only(title): if emoji.startswith("!"): emoji = emoji[1:] if path.isfile(f'files/assets/images/emojis/{emoji}.webp'): - title = re.sub(f'(?', title, flags=re.I) + title = re.sub(f'(?', title, flags=re.I) elif path.isfile(f'files/assets/images/emojis/{emoji}.webp'): - title = re.sub(f'(?', title, flags=re.I) + title = re.sub(f'(?', title, flags=re.I) if len(title) > 1500: abort(400) else: return title \ No newline at end of file diff --git a/files/helpers/wrappers.py b/files/helpers/wrappers.py index d3fa652c5..021aac2bb 100644 --- a/files/helpers/wrappers.py +++ b/files/helpers/wrappers.py @@ -4,36 +4,26 @@ from files.helpers.const import * def get_logged_in_user(): + token = request.headers.get("Authorization") - if request.headers.get("Authorization"): - token = request.headers.get("Authorization") - if not token: return None - - try: - client = g.db.query(ClientAuth).filter(ClientAuth.access_token == token).first() - x = (client.user, client) if client else (None, None) - except: x = (None, None) - + if token: + client = g.db.query(ClientAuth).filter(ClientAuth.access_token == token).first() + if not client: return None + v = client.user + v.client = client + return v else: - uid = session.get("user_id") nonce = session.get("login_nonce", 0) - if not uid: x= (None, None) - try: - if g.db: v = g.db.query(User).filter_by(id=uid).first() - else: v = None - except: v = None + logged_in = session.get("logged_in") - if v and (nonce < v.login_nonce): - x= (None, None) - else: - x=(v, None) + if not uid or not logged_in or uid != logged_in: return None + v = g.db.query(User).filter_by(id=uid).first() + if not v or nonce < v.login_nonce: return None - if x[0]: x[0].client=x[1] - - return x[0] + return v def check_ban_evade(v): if v and v.ban_evade and v.admin_level == 0 and not v.is_suspended: @@ -71,8 +61,6 @@ def auth_required(f): check_ban_evade(v) - g.v = v - resp = make_response(f(*args, v=v, **kwargs)) return resp @@ -94,8 +82,6 @@ def is_not_banned(f): if v.is_suspended: return {"error": "You can't perform this action while being banned."}, 403 - g.v = v - resp = make_response(f(*args, v=v, **kwargs)) return resp @@ -115,8 +101,6 @@ def admin_level_required(x): if v.admin_level < x: abort(403) - g.v = v - response = f(*args, v=v, **kwargs) if isinstance(response, tuple): resp = make_response(response[0]) diff --git a/files/routes/admin.py b/files/routes/admin.py index 0cdb2e6cb..f09112f5e 100644 --- a/files/routes/admin.py +++ b/files/routes/admin.py @@ -49,28 +49,35 @@ def truescore(v): @app.post("/@/revert_actions") @limiter.limit("1/second") -@admin_level_required(2) +@admin_level_required(3) @validate_formkey def revert_actions(v, username): - if 'pcm' in request.host or (SITE_NAME == 'Drama' and v.admin_level > 2) or ('rama' not in request.host and 'pcm' not in request.host): - user = get_user(username) - if not user: abort(404) + user = get_user(username) + if not user: abort(404) + + cutoff = int(time.time()) - 86400 - items = g.db.query(Submission).filter_by(removed_by=user.id).all() + g.db.query(Comment).filter_by(removed_by=user.id).all() + posts = (x[0] for x in g.db.query(ModAction.target_submission_id).filter(ModAction.user_id == user.id, ModAction.created_utc > cutoff, Mod.action.kind == 'ban_post').all()) + comments = (x[0] for x in g.db.query(ModAction.target_comment_id).filter(ModAction.user_id == user.id, ModAction.created_utc > cutoff, Mod.action.kind == 'ban_comment').all()) + for item in posts + comments: + item.is_banned = False + g.db.add(item) - for item in items: - item.is_banned = False - item.removed_by = None - g.db.add(item) + users = (x[0] for x in g.db.query(ModAction.target_user_id).filter(ModAction.user_id == user.id, ModAction.created_utc > cutoff, Mod.action.kind.in_['shadowban', 'ban_user']).all()) + for user in users: + user.shadowbanned = None + user.is_banned = 0 + user.unban_utc = 0 + user.ban_evade = 0 + g.db.add(user) + for u in user.alts: + u.shadowbanned = None + u.is_banned = 0 + u.unban_utc = 0 + u.ban_evade = 0 + g.db.add(u) - users = g.db.query(User).filter_by(is_banned=user.id).all() - for user in users: - user.is_banned = 0 - user.unban_utc = 0 - user.ban_evade = 0 - g.db.add(user) - - g.db.commit() + g.db.commit() return {"message": "Admin actions reverted!"} @app.post("/@/club_allow") @@ -868,7 +875,6 @@ def ban_post(post_id, v): post.is_approved = 0 post.stickied = None post.is_pinned = False - post.removed_by = v.id post.ban_reason = v.username g.db.add(post) @@ -997,7 +1003,6 @@ def api_ban_comment(c_id, v): comment.is_banned = True comment.is_approved = 0 - comment.removed_by = v.id comment.ban_reason = v.username g.db.add(comment) ma=ModAction( diff --git a/files/routes/login.py b/files/routes/login.py index 3a7bdf41a..064df0372 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -132,6 +132,7 @@ def login_post(): abort(400) session["user_id"] = account.id + session["logged_in"] = account.id session["session_id"] = token_hex(16) session["login_nonce"] = account.login_nonce session.permanent = True @@ -162,6 +163,7 @@ def logout(v): session.pop("user_id", None) session.pop("session_id", None) + session.pop("logged_in", None) return {"message": "Logout successful!"} @@ -350,6 +352,7 @@ def sign_up_post(v): if "rama" in request.host: send_notification(new_user.id, WELCOME_MSG) session["user_id"] = new_user.id + session["logged_in"] = new_user.id session["session_id"] = token_hex(16) g.db.commit() diff --git a/files/routes/posts.py b/files/routes/posts.py index 2d11f2e1b..757c36c1a 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -1146,8 +1146,10 @@ def submit_post(v): rev = new_post.url.replace('https://old.reddit.com/', '') rev = f"* [unddit.com](https://unddit.com/{rev})\n" else: rev = '' - body += f"Snapshots:\n\n{rev}* [archive.org](https://web.archive.org/{new_post.url})\n* [archive.ph](https://archive.ph/?url={quote(new_post.url)}&run=1) (click to archive)\n\n" - gevent.spawn(archiveorg, new_post.url) + newposturl = new_post.url + if newposturl.startswith('/'): newposturl = f"https://{site}{newposturl}" + body += f"Snapshots:\n\n{rev}* [archive.org](https://web.archive.org/{newposturl})\n* [archive.ph](https://archive.ph/?url={quote(newposturl)}&run=1) (click to archive)\n\n" + gevent.spawn(archiveorg, newposturl) url_regex = '([^\"]+)' for url_match in re.finditer(url_regex, new_post.body_html, flags=re.M|re.I): diff --git a/files/routes/settings.py b/files/routes/settings.py index 348fa4504..b35b047b9 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -698,7 +698,8 @@ def settings_log_out_others(v): submitted_password = request.values.get("password", "").strip() - if not v.verifyPass(submitted_password): return render_template("settings_security.html", v=v, error="Incorrect Password"), 401 + if not v.verifyPass(submitted_password): + return render_template("settings_security.html", v=v, error="Incorrect Password"), 401 v.login_nonce += 1 diff --git a/files/routes/static.py b/files/routes/static.py index aef32c5df..16cba5f80 100644 --- a/files/routes/static.py +++ b/files/routes/static.py @@ -289,6 +289,7 @@ def static_service(path): return resp @app.get('/images/') +@app.get('/IMAGES/') @app.get('/hostedimages/') @limiter.exempt def images(path): diff --git a/files/templates/CHRISTMAS/emoji_modal.html b/files/templates/CHRISTMAS/emoji_modal.html index f764dc796..7f3be487a 100644 --- a/files/templates/CHRISTMAS/emoji_modal.html +++ b/files/templates/CHRISTMAS/emoji_modal.html @@ -50,9 +50,6 @@
- {% if session.get("favorite_emojis") %} - {{session.get("favorite_emojis") | favorite_emojis | safe}} - {% endif %}
diff --git a/files/templates/CHRISTMAS/header.html b/files/templates/CHRISTMAS/header.html index 357ba31bc..bfb55fd2a 100644 --- a/files/templates/CHRISTMAS/header.html +++ b/files/templates/CHRISTMAS/header.html @@ -224,6 +224,6 @@ } -{% if v %} +{% if v and not error %}
{{v.formkey}}
{% endif %} \ No newline at end of file diff --git a/files/templates/CHRISTMAS/sidebars/HomeSidebar.html b/files/templates/CHRISTMAS/sidebars/HomeSidebar.html index c637f4794..4d1e0ef60 100644 --- a/files/templates/CHRISTMAS/sidebars/HomeSidebar.html +++ b/files/templates/CHRISTMAS/sidebars/HomeSidebar.html @@ -12,7 +12,7 @@
- rDrama presents: FISTMAS 2021 | Santa Claus is CUMMING to town for the HOLIGAYS :marseysanta: emoji + rDrama presents: FISTMAS 2021 | Santa Claus is CUMMING to town for the HOLIGAYS :marseysanta: posted by @christmaspathianflorist diff --git a/files/templates/header.html b/files/templates/header.html index 7c7b5e6be..d5690c4b1 100644 --- a/files/templates/header.html +++ b/files/templates/header.html @@ -226,6 +226,6 @@ } -{% if v %} +{% if v and not error %}
{{v.formkey}}
{% endif %} \ No newline at end of file diff --git a/schema.sql b/schema.sql index 20a46a1af..d6ff26ab3 100644 --- a/schema.sql +++ b/schema.sql @@ -260,8 +260,7 @@ CREATE TABLE public.comments ( app_id integer, sentto integer, bannedfor boolean, - removed_by integer, - is_pinned character varying(30), += is_pinned character varying(30), body character varying(10000), body_html character varying(40000), ban_reason character varying(25), @@ -574,7 +573,6 @@ CREATE TABLE public.submissions ( is_bot boolean, bannedfor boolean, comment_count integer DEFAULT 0, - removed_by integer, club boolean, stickied character varying(25), title character varying(500),