MarseyWorld/files/routes/comments.py

680 lines
23 KiB
Python
Raw Normal View History

[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
import os
from collections import Counter
from json import loads
from shutil import copyfile
import gevent
from files.classes import *
from files.helpers.actions import *
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.cloudflare import purge_files_in_cache
from files.helpers.config.const import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.get import *
from files.helpers.marsify import marsify
from files.helpers.media import *
from files.helpers.owoify import owoify
from files.helpers.regex import *
2022-05-04 23:09:46 +00:00
from files.helpers.slots import *
from files.helpers.treasure import *
from files.routes.front import comment_idlist
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.routehelpers import execute_shadowban_viewers_and_voters
from files.routes.wrappers import *
from files.__main__ import app, cache, limiter
2022-05-04 23:09:46 +00:00
WORDLE_COLOR_MAPPINGS = {-1: "🟥", 0: "🟨", 1: "🟩"}
@app.get("/comment/<int:cid>")
@app.get("/post/<int:pid>/<anything>/<int:cid>")
@app.get("/h/<sub>/comment/<int:cid>")
@app.get("/h/<sub>/post/<int:pid>/<anything>/<int:cid>")
@limiter.limit(DEFAULT_RATELIMIT)
@auth_desired_with_logingate
2022-05-04 23:09:46 +00:00
def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
2022-05-04 23:09:46 +00:00
comment = get_comment(cid, v=v)
if not User.can_see(v, comment): abort(403)
2022-05-04 23:09:46 +00:00
if v and request.values.get("read"):
notif = g.db.query(Notification).filter_by(comment_id=cid, user_id=v.id, read=False).one_or_none()
if notif:
notif.read = True
g.db.add(notif)
2022-12-05 14:38:24 +00:00
g.db.commit()
2023-01-01 15:44:37 +00:00
if comment.parent_submission:
post = comment.parent_submission
2023-01-01 15:44:37 +00:00
else:
post = NOTIFICATION_THREAD
2023-01-01 11:36:20 +00:00
post = get_post(post, v=v)
2023-02-22 17:27:33 +00:00
2022-05-04 23:09:46 +00:00
if post.over_18 and not (v and v.over_18) and not session.get('over_18', 0) >= int(time.time()):
if v and v.client: abort(403, "This content is not suitable for some users and situations!")
else: return render_template("errors/nsfw.html", v=v), 403
2022-05-04 23:09:46 +00:00
2022-12-18 14:48:48 +00:00
try: context = min(int(request.values.get("context", 8)), 8)
except: context = 8
2022-05-04 23:09:46 +00:00
comment_info = comment
c = comment
while context and c.level > 1:
c = c.parent_comment
context -= 1
top_comment = c
if post.new: defaultsortingcomments = 'new'
elif v: defaultsortingcomments = v.defaultsortingcomments
2022-10-11 16:41:09 +00:00
else: defaultsortingcomments = "hot"
2022-05-04 23:09:46 +00:00
sort=request.values.get("sort", defaultsortingcomments)
if v:
# this is required because otherwise the vote and block
# props won't save properly unless you put them in a list
2023-02-27 16:16:12 +00:00
output = get_comments_v_properties(v, None, Comment.top_comment_id == c.top_comment_id)[1]
2022-05-04 23:09:46 +00:00
post.replies=[top_comment]
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
execute_shadowban_viewers_and_voters(v, post)
execute_shadowban_viewers_and_voters(v, comment)
2023-01-01 11:36:20 +00:00
if v and v.client: return top_comment.json(db=g.db)
2023-01-01 11:36:20 +00:00
else:
if post.is_banned and not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or post.author_id == v.id)): template = "submission_banned.html"
2022-05-04 23:09:46 +00:00
else: template = "submission.html"
return render_template(template, v=v, p=post, sort=sort, comment_info=comment_info, render_replies=True, sub=post.subr)
@app.post("/comment")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
2023-02-26 01:42:39 +00:00
@limiter.limit("20/minute;200/hour;1000/day")
@limiter.limit("20/minute;200/hour;1000/day", key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def comment(v:User):
if v.is_suspended: abort(403, "You can't perform this action while banned!")
2022-05-04 23:09:46 +00:00
parent_fullname = request.values.get("parent_fullname").strip()
2022-10-30 20:08:20 +00:00
if len(parent_fullname) < 3: abort(400)
id = parent_fullname[2:]
parent_comment_id = None
rts = False
2022-11-25 20:36:29 +00:00
post_target = None
parent = None
if parent_fullname.startswith("u_"):
parent = get_account(id, v=v)
post_target = parent
ghost = False
elif parent_fullname.startswith("p_"):
2022-10-30 20:08:20 +00:00
parent = get_post(id, v=v)
post_target = parent
2022-10-30 20:08:20 +00:00
if POLL_THREAD and parent.id == POLL_THREAD and v.admin_level < PERMS['POST_TO_POLL_THREAD']: abort(403)
ghost = parent.ghost
2022-10-30 20:08:20 +00:00
elif parent_fullname.startswith("c_"):
parent = get_comment(id, v=v)
post_target = get_post(parent.parent_submission, v=v, graceful=True) or get_account(parent.wall_user_id, v=v, include_blocks=True)
2022-10-30 20:08:20 +00:00
parent_comment_id = parent.id
if parent.author_id == v.id: rts = True
2023-01-01 11:36:20 +00:00
if not v.can_post_in_ghost_threads and isinstance(post_target, Submission) and post_target.ghost:
abort(403, f"You need {TRUESCORE_GHOST_MINIMUM} truescore to post in ghost threads")
ghost = parent.ghost
else: abort(404)
2022-05-04 23:09:46 +00:00
level = 1 if isinstance(parent, (Submission, User)) else int(parent.level) + 1
parent_user = parent if isinstance(parent, User) else parent.author
posting_to_submission = isinstance(post_target, Submission)
2022-08-21 15:24:16 +00:00
if not User.can_see(v, parent): abort(403)
if not isinstance(parent, User) and parent.deleted_utc != 0:
if isinstance(parent, Submission):
2023-02-18 18:10:44 +00:00
abort(403, "You can't reply to deleted posts!")
else:
2023-02-18 18:10:44 +00:00
abort(403, "You can't reply to deleted comments!")
if posting_to_submission:
sub = post_target.sub
if sub and v.exiled_from(sub): abort(403, f"You're exiled from /h/{sub}")
2022-12-23 22:22:41 +00:00
if sub in {'furry','vampire','racist','femboy'} and not v.client and not v.house.lower().startswith(sub):
abort(403, f"You need to be a member of House {sub.capitalize()} to comment in /h/{sub}")
2022-05-04 23:09:46 +00:00
if level > COMMENT_MAX_DEPTH: abort(400, f"Max comment level is {COMMENT_MAX_DEPTH}")
body = sanitize_raw_body(request.values.get("body", ""), False)
2022-05-04 23:09:46 +00:00
if not posting_to_submission or post_target.id not in ADMIGGER_THREADS:
2022-05-04 23:09:46 +00:00
if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
abort(403, "You have to type more than 280 characters!")
2022-05-04 23:09:46 +00:00
elif v.bird and len(body) > 140:
abort(403, "You have to type less than 140 characters!")
2022-05-04 23:09:46 +00:00
if not body and not request.files.get('file'): abort(400, "You need to actually write something!")
if not v.admin_level >= PERMS['POST_COMMENT_MODERATION'] and parent_user.any_block_exists(v):
abort(403, "You can't reply to users who have blocked you or users that you have blocked!")
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if request.files.get("file") and not g.is_tor:
files = request.files.getlist('file')[:20]
2023-02-22 17:27:33 +00:00
2023-01-25 15:13:24 +00:00
if files:
media_ratelimit(v)
2022-05-04 23:09:46 +00:00
for file in files:
2023-02-27 15:02:35 +00:00
if f'[{file.filename}]' not in body:
body += f'\n[{file.filename}]'
2022-05-04 23:09:46 +00:00
if file.content_type.startswith('image/'):
oldname = f'/images/{time.time()}'.replace('.','') + '.webp'
file.save(oldname)
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
image = process_image(oldname, v)
if image == "": abort(400, "Image upload failed")
if posting_to_submission and v.admin_level >= PERMS['SITE_SETTINGS_SIDEBARS_BANNERS_BADGES']:
def process_sidebar_or_banner(type, resize=0):
li = sorted(os.listdir(f'files/assets/images/{SITE_NAME}/{type}'),
key=lambda e: int(e.split('.webp')[0]))[-1]
num = int(li.split('.webp')[0]) + 1
filename = f'files/assets/images/{SITE_NAME}/{type}/{num}.webp'
2022-05-04 23:09:46 +00:00
copyfile(oldname, filename)
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
process_image(filename, v, resize=resize)
if post_target.id == SIDEBAR_THREAD:
process_sidebar_or_banner('sidebar', 400)
elif post_target.id == BANNER_THREAD:
2022-12-21 12:42:41 +00:00
banner_width = 1200
process_sidebar_or_banner('banners', banner_width)
elif post_target.id == BADGE_THREAD:
2022-05-04 23:09:46 +00:00
try:
2023-03-01 20:57:18 +00:00
json_body = '{' + body.split('{')[1].split('}')[0] + '}'
badge_def = loads(json_body)
2022-05-04 23:09:46 +00:00
name = badge_def["name"]
2022-12-30 16:28:24 +00:00
if len(name) > 50:
abort(400, "Badge name is too long!")
if not badge_name_regex.fullmatch(name):
abort(400, "Invalid badge name!")
2022-05-04 23:09:46 +00:00
existing = g.db.query(BadgeDef).filter_by(name=name).one_or_none()
if existing: abort(409, "A badge with this name already exists!")
2022-05-04 23:09:46 +00:00
badge = BadgeDef(name=name, description=badge_def["description"])
g.db.add(badge)
g.db.flush()
filename = f'files/assets/images/badges/{badge.id}.webp'
copyfile(oldname, filename)
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
process_image(filename, v, resize=300)
2022-10-13 07:27:56 +00:00
purge_files_in_cache(f"https://{SITE}/assets/images/badges/{badge.id}.webp")
2022-05-04 23:09:46 +00:00
except Exception as e:
abort(400, str(e))
2023-02-27 15:02:35 +00:00
body = body.replace(f'[{file.filename}]', f"![]({image})", 1)
2022-05-04 23:09:46 +00:00
elif file.content_type.startswith('video/'):
2023-02-27 15:02:35 +00:00
body = body.replace(f'[{file.filename}]', f"{SITE_FULL}{process_video(file, v)}", 1)
2022-05-22 22:15:29 +00:00
elif file.content_type.startswith('audio/'):
2023-02-27 15:02:35 +00:00
body = body.replace(f'[{file.filename}]', f"{SITE_FULL}{process_audio(file, v)}", 1)
else:
abort(415)
2022-05-04 23:09:46 +00:00
body = body.strip()[:COMMENT_BODY_LENGTH_LIMIT]
2023-01-01 11:36:20 +00:00
2023-01-21 03:08:05 +00:00
if v.admin_level >= PERMS['SITE_SETTINGS_SNAPPY_QUOTES'] and posting_to_submission and post_target.id == SNAPPY_THREAD and level == 1 and body not in SNAPPY_QUOTES:
2022-05-22 10:23:02 +00:00
with open(f"snappy_{SITE_NAME}.txt", "a", encoding="utf-8") as f:
f.write('\n{[para]}\n' + body)
2022-08-27 03:22:57 +00:00
body_for_sanitize = body
if v.owoify: body_for_sanitize = owoify(body_for_sanitize)
if v.marsify: body_for_sanitize = marsify(body_for_sanitize)
2022-08-27 03:22:57 +00:00
2022-12-10 08:26:47 +00:00
torture = (v.agendaposter and not v.marseyawarded and not (posting_to_submission and post_target.sub == 'chudrama') and post_target.id not in ADMIGGER_THREADS)
2022-09-16 16:30:34 +00:00
body_html = sanitize(body_for_sanitize, limit_pings=5, count_marseys=not v.marsify, torture=torture)
2022-05-04 23:09:46 +00:00
if post_target.id not in ADMIGGER_THREADS and '!wordle' not in body.lower() and AGENDAPOSTER_PHRASE not in body.lower():
existing = g.db.query(Comment.id).filter(
Comment.author_id == v.id,
Comment.deleted_utc == 0,
Comment.parent_comment_id == parent_comment_id,
Comment.parent_submission == post_target.id if posting_to_submission else None,
Comment.wall_user_id == post_target.id if not posting_to_submission else None,
Comment.body_html == body_html
).first()
if existing: abort(409, f"You already made that comment: /comment/{existing.id}#context")
2022-05-04 23:09:46 +00:00
2022-10-12 05:11:20 +00:00
execute_antispam_comment_check(body, v)
2022-11-14 03:48:52 +00:00
execute_antispam_duplicate_comment_check(v, body_html)
2022-05-04 23:09:46 +00:00
if v.marseyawarded and posting_to_submission and post_target.id not in ADMIGGER_THREADS and marseyaward_body_regex.search(body_html):
abort(403, "You can only type marseys!")
if len(body_html) > COMMENT_BODY_HTML_LENGTH_LIMIT: abort(400)
2022-08-15 18:11:41 +00:00
2022-12-21 12:42:41 +00:00
is_bot = v.client is not None and v.id not in PRIVILEGED_USER_BOTS
2022-05-04 23:09:46 +00:00
c = Comment(author_id=v.id,
parent_submission=post_target.id if posting_to_submission else None,
wall_user_id=post_target.id if not posting_to_submission else None,
2022-05-04 23:09:46 +00:00
parent_comment_id=parent_comment_id,
level=level,
over_18=post_target.over_18 if posting_to_submission else False,
2022-05-04 23:09:46 +00:00
is_bot=is_bot,
app_id=v.client.application.id if v.client else None,
body_html=body_html,
body=body,
ghost=ghost,
2022-05-04 23:09:46 +00:00
)
c.upvotes = 1
g.db.add(c)
g.db.flush()
process_poll_options(v, c)
2022-10-21 00:28:05 +00:00
execute_blackjack(v, c, c.body, "comment")
2022-11-30 17:37:35 +00:00
execute_under_siege(v, c, c.body, "comment")
2022-05-04 23:09:46 +00:00
if c.level == 1: c.top_comment_id = c.id
else: c.top_comment_id = parent.top_comment_id
2022-12-16 17:45:01 +00:00
if post_target.id not in ADMIGGER_THREADS and v.agendaposter and not v.marseyawarded and AGENDAPOSTER_PHRASE not in c.body.lower() and not (posting_to_submission and post_target.sub == 'chudrama'):
2022-07-13 19:21:13 +00:00
c.is_banned = True
c.ban_reason = "AutoJanny"
g.db.add(c)
2022-05-04 23:09:46 +00:00
2022-07-13 19:21:13 +00:00
body = AGENDAPOSTER_MSG.format(username=v.username, type='comment', AGENDAPOSTER_PHRASE=AGENDAPOSTER_PHRASE)
body_jannied_html = AGENDAPOSTER_MSG_HTML.format(id=v.id, username=v.username, type='comment', AGENDAPOSTER_PHRASE=AGENDAPOSTER_PHRASE)
2022-05-04 23:09:46 +00:00
2022-07-13 19:21:13 +00:00
c_jannied = Comment(author_id=AUTOJANNY_ID,
parent_submission=post_target.id if posting_to_submission else None,
wall_user_id=post_target.id if not posting_to_submission else None,
2022-07-13 19:21:13 +00:00
distinguish_level=6,
parent_comment_id=c.id,
level=level+1,
is_bot=True,
body=body,
body_html=body_jannied_html,
top_comment_id=c.top_comment_id,
ghost=c.ghost
)
2022-05-04 23:09:46 +00:00
2022-07-13 19:21:13 +00:00
g.db.add(c_jannied)
g.db.flush()
2022-05-04 23:09:46 +00:00
if posting_to_submission:
post_target.comment_count += 1
g.db.add(post_target)
2022-07-13 19:21:13 +00:00
n = Notification(comment_id=c_jannied.id, user_id=v.id)
g.db.add(n)
2022-05-04 23:09:46 +00:00
execute_longpostbot(c, level, body, body_html, post_target, v)
execute_zozbot(c, level, post_target, v)
2022-07-13 19:17:17 +00:00
2022-07-13 19:21:13 +00:00
if not v.shadowbanned:
notify_users = NOTIFY_USERS(body, v)
2023-03-02 00:32:51 +00:00
if notify_users == 'everyone':
alert_everyone(c.id)
else:
push_notif(notify_users, f'New mention of you by @{c.author_name}', c.body, c)
2023-03-02 00:32:51 +00:00
if c.level == 1 and posting_to_submission:
subscriber_ids = [x[0] for x in g.db.query(Subscription.user_id).filter(Subscription.submission_id == post_target.id, Subscription.user_id != v.id).all()]
2023-03-02 00:32:51 +00:00
notify_users.update(subscriber_ids)
2022-05-04 23:09:46 +00:00
2023-03-02 00:32:51 +00:00
push_notif(subscriber_ids, f'New comment in subscribed thread by @{c.author_name}', c.body, c)
2023-01-01 11:36:20 +00:00
2023-03-02 00:32:51 +00:00
if parent_user.id != v.id:
notify_users.add(parent_user.id)
2022-07-13 19:17:17 +00:00
2023-03-02 00:32:51 +00:00
for x in notify_users-bots:
n = Notification(comment_id=c.id, user_id=x)
g.db.add(n)
2022-05-04 23:09:46 +00:00
2023-03-02 00:32:51 +00:00
if parent_user.id != v.id and not v.shadowbanned:
if isinstance(parent, User):
title = f"New comment on your wall by @{c.author_name}"
else:
title = f'New reply by @{c.author_name}'
2022-06-27 19:02:24 +00:00
2023-03-02 00:32:51 +00:00
if len(c.body) > PUSH_NOTIF_LIMIT: notifbody = c.body[:PUSH_NOTIF_LIMIT] + '...'
else: notifbody = c.body
2022-06-27 19:02:24 +00:00
2023-03-02 00:32:51 +00:00
push_notif({parent_user.id}, title, notifbody, c)
2022-05-04 23:09:46 +00:00
vote = CommentVote(user_id=v.id,
comment_id=c.id,
vote_type=1,
)
g.db.add(vote)
cache.delete_memoized(comment_idlist)
2022-07-08 11:07:27 +00:00
v.comment_count = g.db.query(Comment).filter(
Comment.author_id == v.id,
or_(Comment.parent_submission != None, Comment.wall_user_id != None),
2022-07-08 11:07:27 +00:00
Comment.deleted_utc == 0
).count()
2022-05-04 23:09:46 +00:00
g.db.add(v)
c.voted = 1
check_for_treasure(c, body)
execute_wordle(c, body)
check_slots_command(c, v, v)
# Increment post count iff not self-reply and not a spammy comment game
# Essentially a measure to make comment counts reflect "real" content
if (posting_to_submission and not rts
and not c.wordle_result and not c.slots_result):
post_target.comment_count += 1
g.db.add(post_target)
2022-10-30 00:36:23 +00:00
if c.level > 5:
n = g.db.query(Notification).filter_by(
comment_id=c.parent_comment.parent_comment.parent_comment.parent_comment_id,
user_id=c.parent_comment.author_id,
).one_or_none()
if n: g.db.delete(n)
g.db.flush()
2022-05-04 23:09:46 +00:00
if v.client: return c.json(db=g.db)
return {"comment": render_template("comments.html", v=v, comments=[c])}
2022-05-04 23:09:46 +00:00
@app.post("/delete/comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def delete_comment(cid, v):
if v.id == 253: abort(403)
2022-05-04 23:09:46 +00:00
c = get_comment(cid, v=v)
if not c.deleted_utc:
if c.author_id != v.id: abort(403)
c.deleted_utc = int(time.time())
g.db.add(c)
cache.delete_memoized(comment_idlist)
2022-07-08 11:07:27 +00:00
g.db.flush()
v.comment_count = g.db.query(Comment).filter(
Comment.author_id == v.id,
or_(Comment.parent_submission != None, Comment.wall_user_id != None),
2022-07-08 11:07:27 +00:00
Comment.deleted_utc == 0
).count()
g.db.add(v)
2022-05-04 23:09:46 +00:00
return {"message": "Comment deleted!"}
@app.post("/undelete/comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def undelete_comment(cid, v):
c = get_comment(cid, v=v)
if c.deleted_utc:
if c.author_id != v.id: abort(403)
c.deleted_utc = 0
g.db.add(c)
cache.delete_memoized(comment_idlist)
2022-07-08 11:07:27 +00:00
g.db.flush()
v.comment_count = g.db.query(Comment).filter(
Comment.author_id == v.id,
or_(Comment.parent_submission != None, Comment.wall_user_id != None),
2022-07-08 11:07:27 +00:00
Comment.deleted_utc == 0
).count()
g.db.add(v)
2022-05-04 23:09:46 +00:00
return {"message": "Comment undeleted!"}
@app.post("/pin_comment/<int:cid>")
2022-10-11 07:29:24 +00:00
@feature_required('PINS')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-11-14 15:11:05 +00:00
@auth_required
2022-05-04 23:09:46 +00:00
def pin_comment(cid, v):
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
comment = get_comment(cid, v=v)
2023-01-01 11:36:20 +00:00
2022-05-26 23:08:23 +00:00
if not comment.stickied:
2022-05-04 23:09:46 +00:00
if v.id != comment.post.author_id: abort(403)
2023-01-01 11:36:20 +00:00
2022-05-26 23:08:23 +00:00
if comment.post.ghost: comment.stickied = "(OP)"
else: comment.stickied = v.username + " (OP)"
2022-05-04 23:09:46 +00:00
g.db.add(comment)
if v.id != comment.author_id:
if comment.post.ghost: message = f"OP has pinned your [comment]({comment.shortlink})"
else: message = f"@{v.username} (OP) has pinned your [comment]({comment.shortlink})"
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
return {"message": "Comment pinned!"}
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
@app.post("/unpin_comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def unpin_comment(cid, v):
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
comment = get_comment(cid, v=v)
2023-01-01 11:36:20 +00:00
2022-05-26 23:08:23 +00:00
if comment.stickied:
2022-05-04 23:09:46 +00:00
if v.id != comment.post.author_id: abort(403)
2023-01-01 11:36:20 +00:00
if not comment.stickied.endswith(" (OP)"):
abort(403, "You can only unpin comments you have pinned!")
2022-05-04 23:09:46 +00:00
2022-05-26 23:08:23 +00:00
comment.stickied = None
2022-05-04 23:09:46 +00:00
g.db.add(comment)
if v.id != comment.author_id:
message = f"@{v.username} (OP) has unpinned your [comment]({comment.shortlink})"
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
return {"message": "Comment unpinned!"}
@app.post("/save_comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def save_comment(cid, v):
comment=get_comment(cid)
save=g.db.query(CommentSaveRelationship).filter_by(user_id=v.id, comment_id=comment.id).one_or_none()
if not save:
new_save=CommentSaveRelationship(user_id=v.id, comment_id=comment.id)
g.db.add(new_save)
return {"message": "Comment saved!"}
@app.post("/unsave_comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def unsave_comment(cid, v):
comment=get_comment(cid)
save=g.db.query(CommentSaveRelationship).filter_by(user_id=v.id, comment_id=comment.id).one_or_none()
if save:
g.db.delete(save)
return {"message": "Comment unsaved!"}
def diff_words(answer, guess):
"""
Return a list of numbers corresponding to the char's relevance.
-1 means char is not in solution or the character appears too many times in the guess
0 means char is in solution but in the wrong spot
1 means char is in the correct spot
"""
diffs = [
1 if cs == cg else -1 for cs, cg in zip(answer, guess)
]
char_freq = Counter(
c_guess for c_guess, diff, in zip(answer, diffs) if diff == -1
)
for i, cg in enumerate(guess):
if diffs[i] == -1 and cg in char_freq and char_freq[cg] > 0:
char_freq[cg] -= 1
diffs[i] = 0
return diffs
@app.post("/wordle/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def handle_wordle_action(cid, v):
comment = get_comment(cid)
2022-08-11 08:15:41 +00:00
if v.id != comment.author_id:
abort(403)
2022-05-04 23:09:46 +00:00
guesses, status, answer = comment.wordle_result.split("_")
count = len(guesses.split(" -> "))
try: guess = request.values.get("thing").strip().lower()
except: abort(400)
if len(guess) != 5: abort(400, "Not a valid guess!")
2022-05-04 23:09:46 +00:00
if status == "active":
guesses += "".join(cg + WORDLE_COLOR_MAPPINGS[diff] for cg, diff in zip(guess, diff_words(answer, guess)))
if (guess == answer): status = "won"
elif (count == 6): status = "lost"
else: guesses += ' -> '
comment.wordle_result = f'{guesses}_{status}_{answer}'
g.db.add(comment)
2023-01-01 11:36:20 +00:00
2022-06-11 14:39:00 +00:00
return {"response" : comment.wordle_html(v)}
@app.post("/toggle_comment_nsfw/<int:cid>")
2023-02-01 18:52:34 +00:00
@feature_required('NSFW_MARKING')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
def toggle_comment_nsfw(cid, v):
comment = get_comment(cid)
if comment.author_id != v.id and not v.admin_level >= PERMS['POST_COMMENT_MODERATION'] and not (comment.post.sub and v.mods(comment.post.sub)):
abort(403)
2023-01-01 11:36:20 +00:00
if comment.over_18 and v.is_suspended_permanently:
abort(403)
comment.over_18 = not comment.over_18
g.db.add(comment)
if comment.author_id != v.id:
if v.admin_level >= PERMS['POST_COMMENT_MODERATION']:
ma = ModAction(
kind = "set_nsfw_comment" if comment.over_18 else "unset_nsfw_comment",
user_id = v.id,
target_comment_id = comment.id,
)
g.db.add(ma)
else:
ma = SubAction(
sub = comment.post.sub,
kind = "set_nsfw_comment" if comment.over_18 else "unset_nsfw_comment",
user_id = v.id,
target_comment_id = comment.id,
)
g.db.add(ma)
if comment.over_18: return {"message": "Comment has been marked as +18!"}
else: return {"message": "Comment has been unmarked as +18!"}
@app.post("/edit_comment/<int:cid>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit("10/minute;100/hour;200/day")
@limiter.limit("10/minute;100/hour;200/day", key_func=get_ID)
@is_not_permabanned
def edit_comment(cid, v):
c = get_comment(cid, v=v)
if time.time() - c.created_utc > 7*24*60*60 and not (c.post and c.post.private):
abort(403, "You can't edit comments older than 1 week!")
if c.author_id != v.id: abort(403)
if not c.parent_submission and not c.wall_user_id:
abort(403)
body = sanitize_raw_body(request.values.get("body", ""), False)
if len(body) < 1 and not (request.files.get("file") and not g.is_tor):
abort(400, "You have to actually type something!")
if body != c.body or request.files.get("file") and not g.is_tor:
if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
abort(403, "You have to type more than 280 characters!")
elif v.bird and len(body) > 140:
abort(403, "You have to type less than 140 characters!")
execute_antispam_comment_check(body, v)
body = process_files(request.files, v, body)
body = body.strip()[:COMMENT_BODY_LENGTH_LIMIT] # process_files potentially adds characters to the post
body_for_sanitize = body
if v.owoify:
body_for_sanitize = owoify(body_for_sanitize)
if v.marsify:
body_for_sanitize = marsify(body_for_sanitize)
torture = (v.agendaposter and not v.marseyawarded and not (c.parent_submission and c.post.sub == 'chudrama'))
body_html = sanitize(body_for_sanitize, golden=False, limit_pings=5, torture=torture)
if len(body_html) > COMMENT_BODY_HTML_LENGTH_LIMIT: abort(400)
if v.marseyawarded and marseyaward_body_regex.search(body_html):
abort(403, "You can only type marseys!")
notify_users = NOTIFY_USERS(body, v, c.body)
if notify_users == 'everyone':
alert_everyone(c.id)
else:
for x in notify_users-bots:
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=x).one_or_none()
if not notif:
n = Notification(comment_id=c.id, user_id=x)
g.db.add(n)
if not v.shadowbanned:
push_notif({x}, f'New mention of you by @{c.author_name}', c.body, c)
c.body = body
process_poll_options(v, c)
c.body_html = body_html
execute_blackjack(v, c, c.body, "comment")
execute_under_siege(v, c, c.body, "comment")
if not (c.parent_submission and c.post.id in ADMIGGER_THREADS) and v.agendaposter and not v.marseyawarded and AGENDAPOSTER_PHRASE not in c.body.lower() and not (c.parent_submission and c.post.sub == 'chudrama'):
abort(403, f'You have to include "{AGENDAPOSTER_PHRASE}" in your comment!')
if int(time.time()) - c.created_utc > 60 * 3: c.edited_utc = int(time.time())
g.db.add(c)
g.db.commit()
return {"body": c.body, "comment": c.realbody(v)}