carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity
MarseyWorld/files/routes/admin.py

1958 lines
61 KiB
Python
Raw Normal View History

mn
2022-05-04 23:09:46 +00:00
import time
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
from math import floor
add /admin/delete_media
2023-02-19 19:31:26 +00:00
import os
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
expand moving account shit
2022-12-25 04:02:33 +00:00
from sqlalchemy.exc import IntegrityError
paginate /admin/image_posts
2023-05-05 03:52:53 +00:00
from sqlalchemy.orm import load_only
expand moving account shit
2022-12-25 04:02:33 +00:00
from psycopg2.errors import UniqueViolation
Sort banned, chudded, etc listings by activity. The listings of users affected by jannied states are long. To make them more useful, sort by recent user activity (when v is allowed to view last_active) to know which accounts are still in use.
2022-12-10 04:46:19 +00:00
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.__main__ import app, cache, limiter
from files.classes import *
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
from files.classes.orgy import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.actions import *
mn
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.cloudflare import *
[DO NOT MERGE] multiple sub banners (#59) allows multiple sub banners Snakes note: By request of Carp, especially for WPD. Co-authored-by: justcool393 <justcool393@gmail.com> Co-authored-by: Snakes <duolsm@outlook.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/59 Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net> Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
from files.helpers.config.const import *
mn
2022-05-04 23:09:46 +00:00
from files.helpers.get import *
vid refactor
2022-05-22 16:13:19 +00:00
from files.helpers.media import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.sanitize import *
from files.helpers.security import *
antispam: under siege mode
2022-11-30 17:37:35 +00:00
from files.helpers.settings import get_settings, toggle_setting
actions: move user-only actions to useractions, which gets rid of a circular dependency
2022-11-01 23:46:56 +00:00
from files.helpers.useractions import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.routehelpers import check_for_alts
from files.routes.wrappers import *
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
from files.routes.routehelpers import get_alt_graph, get_alt_graph_ids
add button to claim paypig rewards for all users
2023-08-01 01:28:29 +00:00
from files.routes.users import claim_rewards_all_users
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
add progstack btn to comments
2023-01-25 11:35:37 +00:00
from .front import frontlist, comment_idlist
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
fds
2022-05-25 20:16:26 +00:00
@app.get('/admin/loggedin')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
view active users perm
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
fds
2022-05-25 20:16:26 +00:00
def loggedin_list(v):
use SITE as a prefix for flask_cache
2023-03-25 20:57:27 +00:00
ids = [x for x,val in cache.get('loggedin').items() if time.time()-val < LOGGEDIN_ACTIVE_TIME]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.id.in_(ids)).order_by(User.admin_level.desc(), User.truescore.desc()).all()
admin: move admin pages to admin dir
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedin.html", v=v, users=users)
fds
2022-05-25 20:16:26 +00:00
gfd
2022-05-26 20:31:08 +00:00
@app.get('/admin/loggedout')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
view active users perm
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
gfd
2022-05-26 20:31:08 +00:00
def loggedout_list(v):
use SITE as a prefix for flask_cache
2023-03-25 20:57:27 +00:00
users = sorted([val[1] for x,val in cache.get('loggedout').items() if time.time()-val[0] < LOGGEDIN_ACTIVE_TIME])
admin: move admin pages to admin dir
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedout.html", v=v, users=users)
mn
2022-05-04 23:09:46 +00:00
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
@app.get('/admin/dm_media')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
@admin_level_required(PERMS['ENABLE_DM_MEDIA'])
def dm_media(v):
with open(f"{LOG_DIRECTORY}/dm_media.log", "r", encoding="utf-8") as f:
make a UI for /admin/dm_images
2023-01-27 12:24:39 +00:00
items=f.read().split("\n")[:-1]
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = len(items)
make a UI for /admin/dm_images
2023-01-27 12:24:39 +00:00
items = [x.split(", ") for x in items]
paginate /admin/dm_images
2023-02-22 14:36:52 +00:00
items.reverse()
make a UI for /admin/dm_images
2023-01-27 12:24:39 +00:00
paginate /admin/dm_images
2023-02-22 14:36:52 +00:00
try: page = int(request.values.get('page', 1))
except: page = 1
firstrange = PAGE_SIZE * (page - 1)
use new pagination system
2023-05-05 00:50:36 +00:00
secondrange = firstrange + PAGE_SIZE
fix last commit
2023-02-22 14:43:39 +00:00
items = items[firstrange:secondrange]
paginate /admin/dm_images
2023-02-22 14:36:52 +00:00
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
return render_template("admin/dm_media.html", v=v, items=items, total=total, page=page)
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
@app.get('/admin/edit_rules')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
@admin_level_required(PERMS['EDIT_RULES'])
def edit_rules_get(v):
try:
with open(f'files/templates/rules_{SITE_NAME}.html', 'r', encoding="utf-8") as f:
rules = f.read()
except:
rules = None
return render_template('admin/edit_rules.html', v=v, rules=rules)
@app.post('/admin/edit_rules')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dedup DEFAULT_RATELIMIT
2023-08-06 07:30:34 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
@admin_level_required(PERMS['EDIT_RULES'])
def edit_rules_post(v):
rules = request.values.get('rules', '').strip()
limit the "show more" button to comments only
2023-06-08 01:36:41 +00:00
rules = sanitize(rules, blackjack="rules")
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
with open(f'files/templates/rules_{SITE_NAME}.html', 'w+', encoding="utf-8") as f:
f.write(rules)
kitchen sink commit
2023-08-11 21:50:23 +00:00
ma = ModAction(
kind="edit_rules",
user_id=v.id,
)
g.db.add(ma)
return {"message": "Rules edited successfully!"}
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/make_admin")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add and remove admin permissions
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_ADD'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def make_admin(v, username):
mn
2022-05-04 23:09:46 +00:00
user = get_user(username)
Remove redundant `if not user: abort()` checks.
2022-09-01 21:44:40 +00:00
tweak admin perms
2023-01-29 08:28:29 +00:00
user.admin_level = 1
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="make_admin",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
add forgotten clarification in notification
2023-06-30 16:21:18 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) added you as an admin!")
add notification for make_admin and remove_admin
2022-12-21 14:38:02 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{user.username} has been made admin!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/remove_admin")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add and remove admin permissions
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_REMOVE'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def remove_admin(v, username):
disable removing jannies in devrama
2022-12-27 04:01:57 +00:00
if SITE == 'devrama.net':
abort(403, "You can't remove admins on devrama!")
mn
2022-05-04 23:09:46 +00:00
user = get_user(username)
dont allow admins to remove themselves
2022-12-09 05:58:44 +00:00
same as last commit
2023-01-20 01:31:51 +00:00
if user.admin_level > v.admin_level:
abort(403)
clicking twice shouldn't generate a mod log
2022-12-16 20:17:03 +00:00
if user.admin_level:
user.admin_level = 0
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
clicking twice shouldn't generate a mod log
2022-12-16 20:17:03 +00:00
ma = ModAction(
kind="remove_admin",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
add forgotten clarification in notification
2023-06-30 16:21:18 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) removed you as an admin!")
add notification for make_admin and remove_admin
2022-12-21 14:38:02 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{user.username} has been removed as admin!"}
mn
2022-05-04 23:09:46 +00:00
allow making bets in comments
2023-03-12 17:36:35 +00:00
@app.post("/distribute/<kind>/<int:option_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Revert "make it so only the post author can declare winner and not all admins" This reverts commit 9e1425d93e7d8457a09c8c94b3660f707b148446.
2022-12-02 22:08:46 +00:00
@admin_level_required(PERMS['POST_BETS_DISTRIBUTE'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def distribute(v, kind, option_id):
restore betting
2022-08-26 21:53:17 +00:00
autojanny = get_account(AUTOJANNY_ID)
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
if autojanny.coins == 0: abort(400, "@AutoJanny has 0 coins")
restore betting
2022-08-26 21:53:17 +00:00
try: option_id = int(option_id)
except: abort(400)
rename submissions to posts
2023-06-07 23:26:32 +00:00
if kind == 'post': cls = PostOption
allow making bets in comments
2023-03-12 17:36:35 +00:00
else: cls = CommentOption
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
option = g.db.get(cls, option_id)
restore betting
2022-08-26 21:53:17 +00:00
make bets better
2022-09-08 18:25:45 +00:00
if option.exclusive != 2: abort(403)
option.exclusive = 3
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(option)
make bets better
2022-09-08 18:25:45 +00:00
allow making bets in comments
2023-03-12 17:36:35 +00:00
parent = option.parent
restore betting
2022-08-26 21:53:17 +00:00
pool = 0
allow making bets in comments
2023-03-12 17:36:35 +00:00
for o in parent.options:
fix betting rewards
2022-09-30 15:38:47 +00:00
if o.exclusive >= 2: pool += o.upvotes
use constant instead of literal 200 for poll bets
2022-10-05 06:07:53 +00:00
pool *= POLL_BET_COINS
restore betting
2022-08-26 21:53:17 +00:00
use charge_account everywhere
2022-10-12 16:33:00 +00:00
autojanny.charge_account('coins', pool)
restore betting
2022-08-26 21:53:17 +00:00
if autojanny.coins < 0: autojanny.coins = 0
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(autojanny)
restore betting
2022-08-26 21:53:17 +00:00
votes = option.votes
coinsperperson = int(pool / len(votes))
allow making bets in comments
2023-03-12 17:36:35 +00:00
text = f"You won {coinsperperson} coins betting on {parent.permalink} :marseyparty:"
add push notifs to add_notif()
2023-02-24 02:28:10 +00:00
cid = notif_comment(text)
restore betting
2022-08-26 21:53:17 +00:00
for vote in votes:
u = vote.user
User.pay_account everywhere, fix lottery payout.
2022-11-20 10:50:02 +00:00
u.pay_account('coins', coinsperperson)
add push notifs to add_notif()
2023-02-24 02:28:10 +00:00
add_notif(cid, u.id, text)
restore betting
2022-08-26 21:53:17 +00:00
allow making bets in comments
2023-03-12 17:36:35 +00:00
text = f"You lost the {POLL_BET_COINS} coins you bet on {parent.permalink} :marseylaugh:"
add push notifs to add_notif()
2023-02-24 02:28:10 +00:00
cid = notif_comment(text)
restore betting
2022-08-26 21:53:17 +00:00
losing_voters = []
allow making bets in comments
2023-03-12 17:36:35 +00:00
for o in parent.options:
remove unnecessary check
2022-09-23 12:09:33 +00:00
if o.exclusive == 2:
restore betting
2022-08-26 21:53:17 +00:00
losing_voters.extend([x.user_id for x in o.votes])
for uid in losing_voters:
add push notifs to add_notif()
2023-02-24 02:28:10 +00:00
add_notif(cid, uid, text)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
if isinstance(parent, Post):
allow making bets in comments
2023-03-12 17:36:35 +00:00
ma = ModAction(
kind="distribute",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=parent.id
allow making bets in comments
2023-03-12 17:36:35 +00:00
)
else:
ma = ModAction(
kind="distribute",
user_id=v.id,
target_comment_id=parent.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
restore betting
2022-08-26 21:53:17 +00:00
return {"message": f"Each winner has received {coinsperperson} coins!"}
mn
2022-05-04 23:09:46 +00:00
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
@app.post("/@<username>/revert_actions")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
@admin_level_required(PERMS['ADMIN_ACTIONS_REVERT'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def revert_actions(v, username):
fix reverting admin actions showing wrong username in toast
2022-12-28 09:47:30 +00:00
revertee = get_user(username)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
same as last commit
2023-01-20 01:31:51 +00:00
if revertee.admin_level > v.admin_level:
abort(403)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
ma = ModAction(
kind="revert",
user_id=v.id,
fix reverting admin actions showing wrong username in toast
2022-12-28 09:47:30 +00:00
target_user_id=revertee.id
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
cutoff = int(time.time()) - 86400
same as last commit
2023-08-11 13:15:34 +00:00
posts = [x[0] for x in g.db.query(ModAction.target_post_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_post')]
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).filter(Post.id.in_(posts)).all()
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
same as last commit
2023-08-11 13:15:34 +00:00
comments = [x[0] for x in g.db.query(ModAction.target_comment_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_comment')]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comments = g.db.query(Comment).filter(Comment.id.in_(comments)).all()
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
for item in posts + comments:
item.is_banned = False
item.ban_reason = None
item.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(item)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
same as last commit
2023-08-11 13:15:34 +00:00
users = (x[0] for x in g.db.query(ModAction.target_user_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind.in_(('shadowban', 'ban_user'))))
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.id.in_(users)).all()
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
for user in users:
user.shadowbanned = None
user.unban_utc = 0
user.ban_reason = None
if user.is_banned:
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
user.is_banned = None
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unbanned you!")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for u in get_alt_graph(user.id):
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
u.shadowbanned = None
u.unban_utc = 0
u.ban_reason = None
if u.is_banned:
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
u.is_banned = None
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
send_repeatable_notification(u.id, f"@{v.username} (a site admin) has unbanned you!")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(u)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
fix reverting admin actions showing wrong username in toast
2022-12-28 09:47:30 +00:00
return {"message": f"@{revertee.username}'s admin actions have been reverted!"}
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/shadowbanned")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
more shadowban refactor
2022-10-12 06:53:32 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
mn
2022-05-04 23:09:46 +00:00
def shadowbanned(v):
hide alts in /admin/shadowbanned
2023-06-24 18:02:25 +00:00
users = g.db.query(User).filter(
punished users listing fixes
2022-12-10 08:23:56 +00:00
User.shadowbanned != None,
hide alts in /admin/shadowbanned
2023-06-24 18:02:25 +00:00
).order_by(User.truescore.desc()).all()
cleanup in aisle 4
2023-07-03 00:26:20 +00:00
hide alts in /admin/shadowbanned
2023-06-24 18:02:25 +00:00
collected_users = []
collected_alts = set()
for u in users:
if u.id in collected_alts:
continue
collected_users.append(u)
collected_alts = collected_alts | get_alt_graph_ids(u.id)
order /admin/shadowbanned by ban reason
2023-06-24 18:18:17 +00:00
collected_users = sorted(collected_users, key=lambda x: x.ban_reason)
hide alts in /admin/shadowbanned
2023-06-24 18:02:25 +00:00
return render_template("admin/shadowbanned.html", v=v, users=collected_users)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/image_posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def image_posts_listing(v):
try: page = int(request.values.get('page', 1))
except: page = 1
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).options(
load_only(Post.id, Post.url)
).order_by(Post.id.desc())
paginate /admin/image_posts
2023-05-05 03:52:53 +00:00
posts = [x.id for x in posts if x.is_image]
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = len(posts)
mn
2022-05-04 23:09:46 +00:00
listings: constantify PAGE_SIZE as 25 magic numbers are bad, do better next time
2022-10-29 03:20:48 +00:00
firstrange = PAGE_SIZE * (page - 1)
paginate /admin/image_posts
2023-05-05 03:52:53 +00:00
secondrange = firstrange + PAGE_SIZE
posts = posts[firstrange:secondrange]
posts = get_posts(posts, v=v)
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("admin/image_posts.html", v=v, listing=posts, total=total, page=page, sort="new")
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def reported_posts(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = g.db.query(Post).options(load_only(Post.id)).filter_by(
test smth in staging
2023-05-05 05:14:03 +00:00
is_approved=None,
is_banned=False,
deleted_utc=0
rename flags to reports
2023-06-23 16:49:23 +00:00
).join(Post.reports)
test smth in staging
2023-05-05 05:14:03 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = listing.order_by(Post.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
mn
2022-05-04 23:09:46 +00:00
listing = [p.id for p in listing]
listing = get_posts(listing, v=v)
return render_template("admin/reported_posts.html",
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total, listing=listing, page=page, v=v)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def reported_comments(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
paginate reported/comments
2023-05-05 05:26:53 +00:00
listing = g.db.query(Comment).options(load_only(Comment.id)).filter_by(
is_approved=None,
is_banned=False,
deleted_utc=0
rename flags to reports
2023-06-23 16:49:23 +00:00
).join(Comment.reports)
paginate reported/comments
2023-05-05 05:26:53 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
mn
2022-05-04 23:09:46 +00:00
paginate reported/comments
2023-05-05 05:26:53 +00:00
listing = listing.order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
mn
2022-05-04 23:09:46 +00:00
listing = [c.id for c in listing]
listing = get_comments(listing, v=v)
return render_template("admin/reported_comments.html",
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total,
casino + style shit
2022-09-04 23:15:37 +00:00
listing=listing,
page=page,
v=v,
standalone=True)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
use ban permission for muting and also add a user home permission (wonder if should be the same as mop perm)
2022-10-06 05:54:48 +00:00
@admin_level_required(PERMS['ADMIN_HOME_VISIBLE'])
mn
2022-05-04 23:09:46 +00:00
def admin_home(v):
make under_attack a setting and use it in /submit for WPD
2023-02-09 03:50:30 +00:00
return render_template("admin/admin_home.html", v=v)
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/site_settings/<setting>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
settings, cache, and domain ban permissions
2022-10-06 04:26:15 +00:00
@admin_level_required(PERMS['SITE_SETTINGS'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def change_settings(v, setting):
antispam: under siege mode
2022-11-30 17:37:35 +00:00
if setting not in get_settings().keys():
abort(404, f"Setting '{setting}' not found")
add "offline mode"
2023-03-25 21:35:13 +00:00
if setting == "offline_mode" and v.admin_level < PERMS["SITE_OFFLINE_MODE"]:
abort(403, "You can't change this setting!")
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
val = toggle_setting(setting)
if val: word = 'enable'
mn
2022-05-04 23:09:46 +00:00
else: word = 'disable'
disable modaction for login_required
2023-01-24 05:48:27 +00:00
make under_attack a setting and use it in /submit for WPD
2023-02-09 03:50:30 +00:00
if setting == "under_attack":
new_security_level = 'under_attack' if val else 'high'
if not set_security_level(new_security_level):
fix typo
2023-02-09 04:00:37 +00:00
abort(400, f'Failed to {word} under attack mode')
make under_attack a setting and use it in /submit for WPD
2023-02-09 03:50:30 +00:00
restore login_required mod log
2023-03-01 20:45:42 +00:00
ma = ModAction(
kind=f"{word}_{setting}",
user_id=v.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
disable modaction for login_required
2023-01-24 05:48:27 +00:00
antispam: under siege mode
2022-11-30 17:37:35 +00:00
return {'message': f"{setting.replace('_', ' ').title()} {word}d successfully!"}
mn
2022-05-04 23:09:46 +00:00
change clearing cache terminology
2022-11-06 05:28:44 +00:00
@app.post("/admin/clear_cloudflare_cache")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename cache purge things to include prefix
2022-10-06 06:21:04 +00:00
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
change clearing cache terminology
2022-11-06 05:28:44 +00:00
def clear_cloudflare_cache(v):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if not clear_entire_cache():
change clearing cache terminology
2022-11-06 05:28:44 +00:00
abort(400, 'Failed to clear cloudflare cache!')
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
change clearing cache terminology
2022-11-06 05:28:44 +00:00
kind="clear_cloudflare_cache",
mn
2022-05-04 23:09:46 +00:00
user_id=v.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
change clearing cache terminology
2022-11-06 05:28:44 +00:00
return {"message": "Cloudflare cache cleared!"}
mn
2022-05-04 23:09:46 +00:00
add button to claim paypig rewards for all users
2023-08-01 01:28:29 +00:00
@app.post("/admin/claim_rewards_all_users")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CLAIM_REWARDS_ALL_USERS'])
def admin_claim_rewards_all_users(v):
claim_rewards_all_users()
return {"message": "User rewards claimed!"}
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
def admin_badges_grantable_list(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
query = g.db.query(BadgeDef)
badge perm shit
2022-11-30 21:15:07 +00:00
add jl5 (for me)
2023-01-22 08:04:49 +00:00
if BADGE_BLACKLIST and v.admin_level < PERMS['IGNORE_BADGE_BLACKLIST']:
simplify badge granting/removal
2022-12-07 19:03:06 +00:00
query = query.filter(BadgeDef.id.notin_(BADGE_BLACKLIST))
badge perm shit
2022-11-30 21:15:07 +00:00
WPD: constantify badge whitelist, extend set.
2022-11-27 21:49:20 +00:00
badge_types = query.order_by(BadgeDef.id).all()
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
return badge_types
@app.get("/admin/badge_grant")
@app.get("/admin/badge_remove")
@feature_required('BADGES')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
@admin_level_required(PERMS['USER_BADGES'])
def badge_grant_get(v):
add "give badge" button to profiles for easier badging
2023-08-05 10:24:37 +00:00
grant = request.path.endswith("grant")
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
badge_types = admin_badges_grantable_list(v)
WPD: constantify badge whitelist, extend set.
2022-11-27 21:49:20 +00:00
return render_template("admin/badge_admin.html", v=v,
badge_types=badge_types, grant=grant)
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_grant")
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user badge permissions
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
mn
2022-05-04 23:09:46 +00:00
def badge_grant_post(v):
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
badges = admin_badges_grantable_list(v)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
usernames = request.values.get("usernames", "").strip()
if not usernames:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "You must enter usernames!")
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
for username in usernames.split():
user = get_user(username, graceful=True)
if not user:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "User not found!")
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
try: badge_id = int(request.values.get("badge_id"))
except: abort(400)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if badge_id not in [b.id for b in badges]:
abort(403, "You can't grant this badge!")
make it possible to edit badge attributes without removing and re-granting them
2022-12-23 01:01:24 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
description = request.values.get("description")
add url requirement to 8 badges
2023-08-05 19:36:32 +00:00
url = request.values.get("url", "").strip()
url limit 3 more badges
2023-08-05 21:05:10 +00:00
if badge_id in {63,66,74,149,178,180,240,241,242,248,286,291,293} and not url:
add url requirement to 8 badges
2023-08-05 19:36:32 +00:00
abort(400, "This badge requires a url!")
make it possible to edit badge attributes without removing and re-granting them
2022-12-23 01:01:24 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if url:
if '\\' in url: abort(400)
if url.startswith(f'{SITE_FULL}/'):
url = url.split(SITE_FULL, 1)[1]
make sure url is null not ''
2023-08-05 19:51:01 +00:00
else:
url = None
fix badge_grant errors for the api
2023-03-17 17:59:55 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
existing = user.has_badge(badge_id)
if existing:
if url or description:
existing.url = url
existing.description = description
g.db.add(existing)
fix badge flow
2023-08-04 13:16:05 +00:00
continue
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
new_badge = Badge(
badge_id=badge_id,
user_id=user.id,
url=url,
description=description
)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
g.db.add(new_badge)
g.db.flush()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if v.id != user.id:
text = f"@{v.username} (a site admin) has given you the following profile badge:\n\n{new_badge.path}\n\n**{new_badge.name}**\n\n{new_badge.badge.description}"
send_repeatable_notification(user.id, text)
ma = ModAction(
kind="badge_grant",
user_id=v.id,
target_user_id=user.id,
_note=new_badge.name
)
g.db.add(ma)
make it possible to edit badge attributes without removing and re-granting them
2022-12-23 01:01:24 +00:00
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Badge granted to users successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_remove")
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user badge permissions
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
mn
2022-05-04 23:09:46 +00:00
def badge_remove_post(v):
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
badges = admin_badges_grantable_list(v)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
usernames = request.values.get("usernames", "").strip()
if not usernames:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "You must enter usernames!")
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
for username in usernames.split():
user = get_user(username, graceful=True)
if not user:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "User not found!")
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
try: badge_id = int(request.values.get("badge_id"))
except: abort(400)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if badge_id not in [b.id for b in badges]:
abort(403)
add whitelist of badge_granting on WPD, and disallow removing award badges
2022-10-14 17:11:39 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
badge = user.has_badge(badge_id)
fix 500 error
2023-08-04 16:15:51 +00:00
if not badge: continue
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if v.id != user.id:
text = f"@{v.username} (a site admin) has removed the following profile badge from you:\n\n{badge.path}\n\n**{badge.name}**\n\n{badge.badge.description}"
send_repeatable_notification(user.id, text)
give notif on bagde removal
2022-09-13 10:27:09 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
ma = ModAction(
kind="badge_remove",
user_id=v.id,
target_user_id=user.id,
_note=badge.name
)
g.db.add(ma)
g.db.delete(badge)
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Badge removed from users successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/alt_votes")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
some admin perms and also fix search
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['VIEW_ALT_VOTES'])
mn
2022-05-04 23:09:46 +00:00
def alt_votes_get(v):
u1 = request.values.get("u1")
u2 = request.values.get("u2")
if not u1 or not u2:
return render_template("admin/alt_votes.html", v=v)
u1 = get_user(u1)
u2 = get_user(u2)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_post_ups = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u1.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_post_downs = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u1.id,
vote_type=-1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_comment_ups = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_comment_downs = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=-1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_post_ups = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u2.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_post_downs = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u2.id,
vote_type=-1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_comment_ups = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_comment_downs = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=-1).all()
data = {}
data['u1_only_post_ups'] = len(
[x for x in u1_post_ups if x not in u2_post_ups])
data['u2_only_post_ups'] = len(
[x for x in u2_post_ups if x not in u1_post_ups])
data['both_post_ups'] = len(list(set(u1_post_ups) & set(u2_post_ups)))
data['u1_only_post_downs'] = len(
[x for x in u1_post_downs if x not in u2_post_downs])
data['u2_only_post_downs'] = len(
[x for x in u2_post_downs if x not in u1_post_downs])
data['both_post_downs'] = len(
list(set(u1_post_downs) & set(u2_post_downs)))
data['u1_only_comment_ups'] = len(
[x for x in u1_comment_ups if x not in u2_comment_ups])
data['u2_only_comment_ups'] = len(
[x for x in u2_comment_ups if x not in u1_comment_ups])
data['both_comment_ups'] = len(
list(set(u1_comment_ups) & set(u2_comment_ups)))
data['u1_only_comment_downs'] = len(
[x for x in u1_comment_downs if x not in u2_comment_downs])
data['u2_only_comment_downs'] = len(
[x for x in u2_comment_downs if x not in u1_comment_downs])
data['both_comment_downs'] = len(
list(set(u1_comment_downs) & set(u2_comment_downs)))
data['u1_post_ups_unique'] = 100 * \
data['u1_only_post_ups'] // len(u1_post_ups) if u1_post_ups else 0
data['u2_post_ups_unique'] = 100 * \
data['u2_only_post_ups'] // len(u2_post_ups) if u2_post_ups else 0
data['u1_post_downs_unique'] = 100 * \
data['u1_only_post_downs'] // len(
u1_post_downs) if u1_post_downs else 0
data['u2_post_downs_unique'] = 100 * \
data['u2_only_post_downs'] // len(
u2_post_downs) if u2_post_downs else 0
data['u1_comment_ups_unique'] = 100 * \
data['u1_only_comment_ups'] // len(
u1_comment_ups) if u1_comment_ups else 0
data['u2_comment_ups_unique'] = 100 * \
data['u2_only_comment_ups'] // len(
u2_comment_ups) if u2_comment_ups else 0
data['u1_comment_downs_unique'] = 100 * \
data['u1_only_comment_downs'] // len(
u1_comment_downs) if u1_comment_downs else 0
data['u2_comment_downs_unique'] = 100 * \
data['u2_only_comment_downs'] // len(
u2_comment_downs) if u2_comment_downs else 0
return render_template("admin/alt_votes.html",
casino + style shit
2022-09-04 23:15:37 +00:00
u1=u1,
u2=u2,
v=v,
data=data
)
mn
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.get("/admin/alts/")
@app.get("/@<username>/alts/")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@admin_level_required(PERMS['USER_LINK'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def admin_view_alts(v, username=None):
fix /admin/alts
2023-01-24 10:32:06 +00:00
u = get_user(username or request.values.get('username'), graceful=True)
return render_template('admin/alts.html', v=v, u=u, alts=u.alts if u else None)
mn
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.post('/@<username>/alts/')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
some admin perms and also fix search
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['USER_LINK'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def admin_add_alt(v, username):
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user1 = get_user(username)
user2 = get_user(request.values.get('other_username'))
if user1.id == user2.id: abort(400, "Can't add the same account as alts of each other")
ids = [user1.id, user2.id]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
if a: abort(409, f"@{user1.username} and @{user2.username} are already known alts!")
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
a = Alt(
user1=user1.id,
user2=user2.id,
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
is_manual=True,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(a)
mn
2022-05-04 23:09:46 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
cache.delete_memoized(get_alt_graph_ids, user1.id)
cache.delete_memoized(get_alt_graph_ids, user2.id)
fix muting linking alts
2023-01-25 02:53:52 +00:00
check_for_alts(user1)
check_for_alts(user2)
mn
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
ma = ModAction(
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
kind=f"link_accounts",
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user_id=v.id,
target_user_id=user1.id,
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
_note=f'with @{user2.username}'
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
return {"message": f"Linked @{user1.username} and @{user2.username} successfully!"}
integrate check_ban_evade into check_for_alts
2022-09-23 12:33:58 +00:00
remove relinking
2023-02-18 14:55:18 +00:00
@app.post('/@<username>/alts/<int:other>/deleted')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@admin_level_required(PERMS['USER_LINK'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def admin_delink_relink_alt(v, username, other):
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user1 = get_user(username)
user2 = get_account(other)
ids = [user1.id, user2.id]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
if not a: abort(404)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(a)
mn
2022-05-04 23:09:46 +00:00
delete alt cache when delinking alts
2023-06-23 11:45:17 +00:00
cache.delete_memoized(get_alt_graph_ids, user1.id)
cache.delete_memoized(get_alt_graph_ids, user2.id)
check_for_alts(user1)
check_for_alts(user2)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
remove relinking
2023-02-18 14:55:18 +00:00
kind=f"delink_accounts",
mn
2022-05-04 23:09:46 +00:00
user_id=v.id,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
target_user_id=user1.id,
remove relinking
2023-02-18 14:55:18 +00:00
_note=f'from @{user2.username}'
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
remove relinking
2023-02-18 14:55:18 +00:00
return {"message": f"Delinked @{user1.username} and @{user2.username} successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_removed(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = g.db.query(Post).options(load_only(Post.id)).join(Post.author).filter(
or_(Post.is_banned==True, User.shadowbanned != None))
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = listing.order_by(Post.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
listing = [x.id for x in listing]
posts = get_posts(listing, v=v)
mn
2022-05-04 23:09:46 +00:00
return render_template("admin/removed_posts.html",
casino + style shit
2022-09-04 23:15:37 +00:00
v=v,
listing=posts,
page=page,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total
casino + style shit
2022-09-04 23:15:37 +00:00
)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_removed_comments(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
listing = g.db.query(Comment).options(load_only(Comment.id)).join(Comment.author).filter(
or_(Comment.is_banned==True, User.shadowbanned != None))
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
listing = listing.order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
listing = [x.id for x in listing]
comments = get_comments(listing, v=v)
remove useless tabs
2023-05-05 21:45:25 +00:00
mn
2022-05-04 23:09:46 +00:00
return render_template("admin/removed_comments.html",
casino + style shit
2022-09-04 23:15:37 +00:00
v=v,
listing=comments,
page=page,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total
casino + style shit
2022-09-04 23:15:37 +00:00
)
mn
2022-05-04 23:09:46 +00:00
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/unchud_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
@admin_level_required(PERMS['USER_CHUD'])
consistency
2023-07-11 17:57:59 +00:00
def unchud(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
mn
2022-05-04 23:09:46 +00:00
disallow jannoids from undoing chud awards
2022-12-26 02:38:32 +00:00
if not user.chudded_by:
abort(403, "Jannies can't undo chud awards anymore!")
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud = 0
user.chud_phrase = None
make it possible for jannies to stack chuds and bans
2023-02-19 13:23:08 +00:00
user.chudded_by = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
rename 2 modlog actions
2022-11-07 01:47:27 +00:00
kind="unchud",
mn
2022-05-04 23:09:46 +00:00
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
minor fixes to last couple of commits
2023-05-03 16:06:14 +00:00
badge = user.has_badge(58)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
if badge: g.db.delete(badge)
mn
2022-05-04 23:09:46 +00:00
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unchudded you.")
mn
2022-05-04 23:09:46 +00:00
change chud theme terminology
2022-11-05 02:01:45 +00:00
return {"message": f"@{user.username} has been unchudded!"}
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/shadowban/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add some perm requirements and add agendaposter thing
2022-10-06 03:04:38 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
mn
2022-05-04 23:09:46 +00:00
def shadowban(user_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
make "unshadowban" button work instantly
2022-11-05 02:16:39 +00:00
if user.admin_level > v.admin_level:
abort(403)
minor bugfix
2022-12-13 18:50:38 +00:00
user.shadowbanned = v.id
strip after not before
2023-07-30 06:20:02 +00:00
reason = request.values.get("reason", "")[:256].strip()
require reason for banning
2022-12-28 09:31:27 +00:00
if not reason:
abort(400, "You need to submit a reason for shadowbanning!")
fixes
2022-12-27 04:24:25 +00:00
reason = filter_emojis_only(reason)
check for ban_reason length after sanitizing
2023-02-21 14:30:31 +00:00
if len(reason) > 256:
abort(400, "Ban reason too long!")
use ban_reason column as a reason for shadowbanning too
2022-09-29 06:36:59 +00:00
user.ban_reason = reason
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
fix muting linking alts
2023-01-25 02:53:52 +00:00
check_for_alts(user)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="shadowban",
user_id=v.id,
target_user_id=user.id,
use ban_reason column as a reason for shadowbanning too
2022-09-29 06:36:59 +00:00
_note=f'reason: "{reason}"'
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
make shadowbanned, banning, chudding from the userpage work without refreshing the page
2022-11-07 06:08:50 +00:00
return {"message": f"@{user.username} has been shadowbanned!"}
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/unshadowban/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add some perm requirements and add agendaposter thing
2022-10-06 03:04:38 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
mn
2022-05-04 23:09:46 +00:00
def unshadowban(user_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
mn
2022-05-04 23:09:46 +00:00
user.shadowbanned = None
use ban_reason column as a reason for shadowbanning too
2022-09-29 06:36:59 +00:00
if not user.is_banned: user.ban_reason = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
alt graph
2022-12-22 20:03:40 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for alt in get_alt_graph(user.id):
mn
2022-05-04 23:09:46 +00:00
alt.shadowbanned = None
use ban_reason column as a reason for shadowbanning too
2022-09-29 06:36:59 +00:00
if not alt.is_banned: alt.ban_reason = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(alt)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="unshadowban",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
make "unshadowban" button work instantly
2022-11-05 02:16:39 +00:00
return {"message": f"@{user.username} has been unshadowbanned!"}
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/admin/title_change/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
title change permission
2022-10-06 05:45:44 +00:00
@admin_level_required(PERMS['USER_TITLE_CHANGE'])
mn
2022-05-04 23:09:46 +00:00
def admin_title_change(user_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
mn
2022-05-04 23:09:46 +00:00
strip after not before
2023-07-30 06:20:02 +00:00
new_name=request.values.get("title")[:256].strip()
mn
2022-05-04 23:09:46 +00:00
user.customtitleplain=new_name
new_name = filter_emojis_only(new_name)
fix this https://rdrama.life/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/3007141?context=8#context
2022-11-02 03:22:16 +00:00
new_name = censor_slurs(new_name, None)
mn
2022-05-04 23:09:46 +00:00
add spaces
2023-07-27 19:47:46 +00:00
user = get_account(user.id)
mn
2022-05-04 23:09:46 +00:00
user.customtitle=new_name
add namelock award
2023-05-13 04:53:14 +00:00
if request.values.get("locked"):
user.flairchanged = int(time.time()) + 2629746
give ppl flairlocked by jannies the flairlock badge
2023-07-07 21:01:47 +00:00
badge_grant(user=user, badge_id=96)
mn
2022-05-04 23:09:46 +00:00
else:
move award timers to cron
2023-05-13 02:00:54 +00:00
user.flairchanged = 0
mn
2022-05-04 23:09:46 +00:00
badge = user.has_badge(96)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
if badge: g.db.delete(badge)
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
if user.flairchanged: kind = "set_flair_locked"
else: kind = "set_flair_notlocked"
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind=kind,
user_id=v.id,
target_user_id=user.id,
patch another janny xss
2022-12-27 06:11:44 +00:00
_note=f'"{new_name}"'
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
notify users when their flair gets changed by jannies
2023-02-22 17:00:38 +00:00
if user.flairchanged:
message = f"@{v.username} (a site admin) has locked your flair to `{user.customtitleplain}`."
else:
message = f"@{v.username} (a site admin) has changed your flair to `{user.customtitleplain}`. You can change it back in the settings."
remove unnecessary tabs
2023-02-22 17:27:33 +00:00
notify users when their flair gets changed by jannies
2023-02-22 17:00:38 +00:00
send_repeatable_notification(user.id, message)
make 3 more buttons instant
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s flair has been changed!"}
mn
2022-05-04 23:09:46 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/ban_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['USER_BAN'])
consistency
2023-07-11 17:57:59 +00:00
def ban_user(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
mn
2022-05-04 23:09:46 +00:00
allow me to ban (((🐟)))
2022-10-11 13:48:49 +00:00
if user.admin_level > v.admin_level:
abort(403)
mn
2022-05-04 23:09:46 +00:00
rename variable
2023-06-29 19:51:32 +00:00
if user.is_permabanned:
give error when jannies attempt to chud a perma-chudded user or ban a permabanned-user
2023-02-22 17:11:29 +00:00
abort(403, f"@{user.username} is already banned permanently!")
fix a couple of potentially rare 500s
2022-10-15 11:02:02 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
mn
2022-05-04 23:09:46 +00:00
disallow chudding and banning ppl for negative days
2023-01-01 00:58:37 +00:00
if days < 0:
abort(400, "You can't bans people for negative days!")
strip after not before
2023-07-30 06:20:02 +00:00
reason = request.values.get("reason", "")[:256].strip()
require reason for banning
2022-12-28 09:31:27 +00:00
if not reason:
abort(400, "You need to submit a reason for banning!")
mn
2022-05-04 23:09:46 +00:00
fix
2022-12-27 04:32:53 +00:00
reason = filter_emojis_only(reason)
check for ban_reason length after sanitizing
2023-02-21 14:30:31 +00:00
if len(reason) > 256:
abort(400, "Ban reason too long!")
fix
2022-12-27 04:32:53 +00:00
make sure all comment links have #context
2023-02-07 02:34:11 +00:00
reason = reason_regex_post.sub(r'<a href="\1">\1</a>', reason)
reason = reason_regex_comment.sub(r'<a href="\1#context">\1</a>', reason)
fix mod log links
2022-12-30 16:10:29 +00:00
make sure the post/comment for which someone was banned is linked everywhere (for convenience)
2022-05-30 02:55:51 +00:00
user.ban(admin=v, reason=reason, days=days)
mn
2022-05-04 23:09:46 +00:00
if request.values.get("alts"):
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for x in get_alt_graph(user.id):
allow me to ban (((🐟)))
2022-10-11 13:48:49 +00:00
if x.admin_level > v.admin_level:
continue
make sure the post/comment for which someone was banned is linked everywhere (for convenience)
2022-05-30 02:55:51 +00:00
x.ban(admin=v, reason=reason, days=days)
mn
2022-05-04 23:09:46 +00:00
fix a couple of potentially rare 500s
2022-10-15 11:02:02 +00:00
duration = "permanently"
mn
2022-05-04 23:09:46 +00:00
if days:
fix 0.0001 days being displayed as "0 days"
2022-11-05 03:06:33 +00:00
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
fix a couple of potentially rare 500s
2022-10-15 11:02:02 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
if reason: text = f"@{v.username} (a site admin) has banned you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (a site admin) has banned you for **{days_txt}** days."
mn
2022-05-04 23:09:46 +00:00
else:
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
if reason: text = f"@{v.username} (a site admin) has banned you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (a site admin) has banned you permanently."
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, text)
only add reason if there's a reason
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}, reason: "{reason}"'
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="ban_user",
user_id=v.id,
target_user_id=user.id,
_note=note
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if 'reason' in request.values:
Some fixes (#300) * Narrow emoji_regex * Fix mirrored pat emojis * Fix ban icon on posts/comments
2022-06-02 23:18:10 +00:00
if request.values["reason"].startswith("/post/"):
fix 500 errors
2022-07-28 14:23:38 +00:00
try: post = int(request.values["reason"].split("/post/")[1].split(None, 1)[0])
except: abort(400)
show duration on ban icon tooltip
2022-06-25 00:11:00 +00:00
post = get_post(post)
minor fix
2023-03-15 02:13:39 +00:00
if post.sub != 'chudrama':
post.bannedfor = f'{duration} by @{v.username}'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
Some fixes (#300) * Narrow emoji_regex * Fix mirrored pat emojis * Fix ban icon on posts/comments
2022-06-02 23:18:10 +00:00
elif request.values["reason"].startswith("/comment/"):
fix 500 errors
2022-07-28 14:23:38 +00:00
try: comment = int(request.values["reason"].split("/comment/")[1].split(None, 1)[0])
except: abort(400)
show duration on ban icon tooltip
2022-06-25 00:11:00 +00:00
comment = get_comment(comment)
show the username of the janny who banned
2022-06-28 00:59:08 +00:00
comment.bannedfor = f'{duration} by @{v.username}'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
more detailed toast on banning/chudding
2022-12-24 22:45:01 +00:00
return {"message": f"@{user.username} has been banned {duration}!"}
mn
2022-05-04 23:09:46 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/chud_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
@admin_level_required(PERMS['USER_CHUD'])
consistency
2023-07-11 17:57:59 +00:00
def chud(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
make chudding affect the comment its applied on
2023-06-23 17:47:57 +00:00
comment.chudded = True
g.db.add(comment)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
if user.admin_level > v.admin_level:
abort(403)
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
if user.chud == 1:
give error when jannies attempt to chud a perma-chudded user or ban a permabanned-user
2023-02-22 17:11:29 +00:00
abort(403, f"@{user.username} is already chudded permanently!")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
disallow chudding and banning ppl for negative days
2023-01-01 00:58:37 +00:00
if days < 0:
abort(400, "You can't chud people for negative days!")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
reason = request.values.get("reason", "").strip()
fix
2022-12-27 04:32:53 +00:00
reason = filter_emojis_only(reason)
make sure all comment links have #context
2023-02-07 02:34:11 +00:00
reason = reason_regex_post.sub(r'<a href="\1">\1</a>', reason)
reason = reason_regex_comment.sub(r'<a href="\1#context">\1</a>', reason)
fix mod log links
2022-12-30 16:10:29 +00:00
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
if days:
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
if user.chud:
user.chud += days * 86400
make it possible for jannies to stack chuds and bans
2023-02-19 13:23:08 +00:00
else:
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud = int(time.time()) + (days * 86400)
clearer chud message to chudded user
2023-03-24 11:51:25 +00:00
fix 0.0001 days being displayed as "0 days"
2022-11-05 03:06:33 +00:00
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
else:
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud = 1
clearer chud message to chudded user
2023-03-24 11:51:25 +00:00
duration = "permanently"
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud_phrase = "trans lives matter"
fix 500 error
2023-03-21 11:03:27 +00:00
clearer chud message to chudded user
2023-03-24 11:51:25 +00:00
text = f"@{v.username} (a site admin) has chudded you **{duration}**"
do this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4151551#context
2023-05-14 16:13:00 +00:00
if reason: text += f" for the following reason:\n\n> {reason}"
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
text += f"\n\n**You now have to say this phrase in all posts and comments you make {duration}:**\n\n> {user.chud_phrase}"
include "trans lives matter" in janny chud message
2023-03-23 18:53:07 +00:00
disallow jannoids from undoing chud awards
2022-12-26 02:38:32 +00:00
user.chudded_by = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
fix permachudding
2022-11-08 03:37:14 +00:00
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
send_repeatable_notification(user.id, text)
only add reason if there's a reason
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}'
if reason: note += f', reason: "{reason}"'
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
ma=ModAction(
rename 2 modlog actions
2022-11-07 01:47:27 +00:00
kind="chud",
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
user_id=v.id,
target_user_id=user.id,
_note=note
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
add new patron tier for benefactor-cels
2023-05-03 15:29:31 +00:00
badge_grant(user=user, badge_id=58)
fix chud badge not being given
2022-11-07 05:43:25 +00:00
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
if 'reason' in request.values:
if request.values["reason"].startswith("/post/"):
try: post = int(request.values["reason"].split("/post/")[1].split(None, 1)[0])
except: abort(400)
post = get_post(post)
disable janny chudding in /h/chudrama
2022-12-10 13:06:30 +00:00
if post.sub == 'chudrama':
abort(403, "You can't chud people in /h/chudrama")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
post.chuddedfor = f'{duration} by @{v.username}'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
elif request.values["reason"].startswith("/comment/"):
try: comment = int(request.values["reason"].split("/comment/")[1].split(None, 1)[0])
except: abort(400)
comment = get_comment(comment)
disable janny chudding in /h/chudrama
2022-12-10 13:06:30 +00:00
if comment.post.sub == 'chudrama':
abort(403, "You can't chud people in /h/chudrama")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
comment.chuddedfor = f'{duration} by @{v.username}'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
more detailed toast on banning/chudding
2022-12-24 22:45:01 +00:00
return {"message": f"@{user.username} has been chudded {duration}!"}
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/unban_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['USER_BAN'])
consistency
2023-07-11 17:57:59 +00:00
def unban_user(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
Remove redundant `if not user: abort()` checks.
2022-09-01 21:44:40 +00:00
if not user.is_banned:
abort(400)
mn
2022-05-04 23:09:46 +00:00
pins: fix removal behavior
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and user.ban_reason and user.ban_reason.startswith('1-Day ban award'):
disallow jannies from undoing ban awards
2022-10-31 23:05:02 +00:00
abort(403, "You can't undo a ban award!")
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
user.is_banned = None
mn
2022-05-04 23:09:46 +00:00
user.unban_utc = 0
fix ban_reason getting wiped accidentially
2023-06-22 11:24:03 +00:00
if not user.shadowbanned:
user.ban_reason = None
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unbanned you!")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for x in get_alt_graph(user.id):
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
if x.is_banned: send_repeatable_notification(x.id, f"@{v.username} (a site admin) has unbanned you!")
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
x.is_banned = None
mn
2022-05-04 23:09:46 +00:00
x.unban_utc = 0
fix ban_reason getting wiped accidentially
2023-06-22 11:24:03 +00:00
if not x.shadowbanned:
x.ban_reason = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(x)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="unban_user",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
make "unban user" button in userpage work instantly
2022-11-05 02:07:29 +00:00
return {"message": f"@{user.username} has been unbanned!"}
mn
2022-05-04 23:09:46 +00:00
split off muting and unmuting
2022-11-12 09:11:31 +00:00
@app.post("/mute_user/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['USER_BAN'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def mute_user(v, user_id):
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
user = get_account(user_id)
split off muting and unmuting
2022-11-12 09:11:31 +00:00
if not user.is_muted:
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
user.is_muted = True
split off muting and unmuting
2022-11-12 09:11:31 +00:00
ma = ModAction(
rename 2 modactions
2023-08-03 21:07:57 +00:00
kind='mute_user',
split off muting and unmuting
2022-11-12 09:11:31 +00:00
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
g.db.add(ma)
fix 500 error on muting
2023-01-24 04:53:07 +00:00
check_for_alts(user)
split off muting and unmuting
2022-11-12 09:11:31 +00:00
notify ppl when they're muted or unmuted
2023-08-05 10:27:03 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has muted you!")
split off muting and unmuting
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been muted!"}
@app.post("/unmute_user/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
split off muting and unmuting
2022-11-12 09:11:31 +00:00
@admin_level_required(PERMS['USER_BAN'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def unmute_user(v, user_id):
split off muting and unmuting
2022-11-12 09:11:31 +00:00
user = get_account(user_id)
if user.is_muted:
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
user.is_muted = False
split off muting and unmuting
2022-11-12 09:11:31 +00:00
ma = ModAction(
rename 2 modactions
2023-08-03 21:07:57 +00:00
kind='unmute_user',
split off muting and unmuting
2022-11-12 09:11:31 +00:00
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
g.db.add(ma)
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
unmute alts too so the mute doesnt propagate back
2023-08-03 21:27:59 +00:00
for x in get_alt_graph(user.id):
if x.is_muted:
x.is_muted = False
g.db.add(x)
notify ppl when they're muted or unmuted
2023-08-05 10:27:03 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unmuted you!")
split off muting and unmuting
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been unmuted!"}
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
add progstack btn to comments
2023-01-25 11:35:37 +00:00
@app.post("/admin/progstack/post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
@admin_level_required(PERMS['PROGSTACK'])
add progstack btn to comments
2023-01-25 11:35:37 +00:00
def progstack_post(post_id, v):
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
post = get_post(post_id)
post.is_approved = PROGSTACK_ID
fix 500 error
2023-01-23 12:44:30 +00:00
post.realupvotes = floor(post.realupvotes * PROGSTACK_MUL)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
ma=ModAction(
kind="progstack_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
add progstack btn to comments
2023-01-25 11:35:37 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
cache.delete_memoized(frontlist)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
return {"message": "Progressive stack applied on post!"}
add button to remove progstack
2023-02-19 14:02:30 +00:00
@app.post("/admin/unprogstack/post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to remove progstack
2023-02-19 14:02:30 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def unprogstack_post(post_id, v):
post = get_post(post_id)
post.is_approved = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
add button to remove progstack
2023-02-19 14:02:30 +00:00
ma=ModAction(
kind="unprogstack_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
add button to remove progstack
2023-02-19 14:02:30 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to remove progstack
2023-02-19 14:02:30 +00:00
return {"message": "Progressive stack removed from post!"}
add progstack btn to comments
2023-01-25 11:35:37 +00:00
@app.post("/admin/progstack/comment/<int:comment_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def progstack_comment(comment_id, v):
comment = get_comment(comment_id)
comment.is_approved = PROGSTACK_ID
comment.realupvotes = floor(comment.realupvotes * PROGSTACK_MUL)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
ma=ModAction(
kind="progstack_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
cache.delete_memoized(comment_idlist)
return {"message": "Progressive stack applied on comment!"}
mn
2022-05-04 23:09:46 +00:00
add button to remove progstack
2023-02-19 14:02:30 +00:00
@app.post("/admin/unprogstack/comment/<int:comment_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to remove progstack
2023-02-19 14:02:30 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def unprogstack_comment(comment_id, v):
comment = get_comment(comment_id)
comment.is_approved = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
add button to remove progstack
2023-02-19 14:02:30 +00:00
ma=ModAction(
kind="unprogstack_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to remove progstack
2023-02-19 14:02:30 +00:00
return {"message": "Progressive stack removed from comment!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/remove_post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
rename some retarded ruqqus terminology
2022-08-11 04:04:41 +00:00
def remove_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
mn
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.is_approved = None
pins: fix removal behavior
2022-11-19 14:24:32 +00:00
if not FEATURES['AWARDS'] or not post.stickied or not post.stickied.endswith(PIN_AWARD_TEXT):
Revert "this is stupid": no fighting in the commit log. This reverts commit 1f1ace3d664698ca50c4effb9c35da53341c4dc3.
2022-10-25 15:32:32 +00:00
post.stickied = None
i am a pro carp hero
2022-10-24 17:43:14 +00:00
post.is_pinned = False
mn
2022-05-04 23:09:46 +00:00
post.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="ban_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
User.pay_account everywhere, fix lottery payout.
2022-11-20 10:50:02 +00:00
v.pay_account('coins', 1)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(v)
delete redis cache on post deletion/removal/undeletion/unremoval
2023-07-28 22:45:45 +00:00
for sort in COMMENT_SORTS:
cache.delete(f'post_{post.id}_{sort}')
mn
2022-05-04 23:09:46 +00:00
return {"message": "Post removed!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/approve_post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
rename some retarded ruqqus terminology
2022-08-11 04:04:41 +00:00
def approve_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
mn
2022-05-04 23:09:46 +00:00
dedup chud-checking logic
2023-03-23 12:50:01 +00:00
if not complies_with_chud(post):
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
abort(400, "You can't bypass the chud award!")
af
2022-05-09 14:07:29 +00:00
mn
2022-05-04 23:09:46 +00:00
if post.is_banned:
ma=ModAction(
kind="unban_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
post.is_banned = False
post.ban_reason = None
post.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
use charge_account everywhere
2022-10-12 16:33:00 +00:00
v.charge_account('coins', 1)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(v)
mn
2022-05-04 23:09:46 +00:00
delete redis cache on post deletion/removal/undeletion/unremoval
2023-07-28 22:45:45 +00:00
for sort in COMMENT_SORTS:
cache.delete(f'post_{post.id}_{sort}')
mn
2022-05-04 23:09:46 +00:00
return {"message": "Post approved!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/distinguish/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
distinguish stuff
2022-10-06 04:19:11 +00:00
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
make some function names shorter
2022-08-11 04:05:23 +00:00
def distinguish_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
mn
2022-05-04 23:09:46 +00:00
if post.distinguish_level:
post.distinguish_level = 0
kind = 'undistinguish_post'
else:
post.distinguish_level = v.admin_level
kind = 'distinguish_post'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind=kind,
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if post.distinguish_level: return {"message": "Post distinguished!"}
else: return {"message": "Post undistinguished!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/sticky/<int:post_id>")
replace "if not FEATURES" with wrapper
2022-10-11 07:29:24 +00:00
@feature_required('PINS')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def sticky_post(post_id, v):
fix roundabout way of jannies getting pin awards undone (not exploited so far AFAIK)
2022-10-23 21:36:38 +00:00
post = get_post(post_id)
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
if post.is_banned:
abort(403, "Can't sticky removed posts!")
fix missing perm
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and post.stickied and post.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
fix roundabout way of jannies getting pin awards undone (not exploited so far AFAIK)
2022-10-23 21:36:38 +00:00
abort(403, "Can't pin award pins!")
rename submissions to posts
2023-06-07 23:26:32 +00:00
pins = g.db.query(Post).filter(Post.stickied != None, Post.is_banned == False).count()
Revert "feature required wrapper" This reverts commit 8700bcc5ee9003efdd6fe739c116842d5786d3e2.
2022-10-10 09:51:29 +00:00
add tiered pins
2022-10-14 18:28:20 +00:00
if not post.stickied_utc:
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
post.stickied_utc = int(time.time()) + 3600
add tiered pins
2022-10-14 18:28:20 +00:00
pin_time = 'for 1 hour'
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
code = 200
minor tweak to avoid double-notifying ppl
2022-10-14 18:35:13 +00:00
if v.id != post.author_id:
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
send_repeatable_notification(post.author_id, f"@{v.username} (a site admin) has pinned [{post.title}](/post/{post_id})")
add tiered pins
2022-10-14 18:28:20 +00:00
else:
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
if pins >= PIN_LIMIT + 1:
abort(403, f"Can't exceed {PIN_LIMIT} pinned posts limit!")
post.stickied_utc = None
fix typo
2022-10-14 18:28:46 +00:00
pin_time = 'permanently'
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
code = 201
add tiered pins
2022-10-14 18:28:20 +00:00
post.stickied = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
add tiered pins
2022-10-14 18:28:20 +00:00
ma=ModAction(
kind="pin_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
add tiered pins
2022-10-14 18:28:20 +00:00
_note=pin_time
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add tiered pins
2022-10-14 18:28:20 +00:00
cache.delete_memoized(frontlist)
mn
2022-05-04 23:09:46 +00:00
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
return {"message": f"Post pinned {pin_time}!"}, code
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/unsticky/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def unsticky_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
don't duplicate get checks for posts
2022-09-30 22:40:02 +00:00
if post.stickied:
fix missing perm
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and post.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
abort(403, "Can't unpin award pins!")
if post.author_id == LAWLZ_ID and post.stickied_utc and SITE_NAME == 'rDrama':
abort(403, "Can't unpin lawlzposts!")
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
post.stickied = None
post.stickied_utc = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="unpin_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if v.id != post.author_id:
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
send_repeatable_notification(post.author_id, f"@{v.username} (a site admin) has unpinned [{post.title}](/post/{post_id})")
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
return {"message": "Post unpinned!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/sticky_comment/<int:cid>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def sticky_comment(cid, v):
comment = get_comment(cid, v=v)
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
make it not possible to sticky removed comments
2023-01-24 10:23:19 +00:00
if comment.is_banned:
abort(403, "Can't sticky removed comments!")
fix missing perm
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and comment.stickied and comment.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
abort(403, "Can't pin award pins!")
mn
2022-05-04 23:09:46 +00:00
award refactor
2022-05-26 23:08:23 +00:00
if not comment.stickied:
comment.stickied = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="pin_comment",
user_id=v.id,
target_comment_id=comment.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if v.id != comment.author_id:
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
message = f"@{v.username} (a site admin) has pinned your [comment]({comment.shortlink})"
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
make sure stickied child comments are always at the top place they can be
2022-11-26 04:01:20 +00:00
c = comment
while c.level > 2:
c = c.parent_comment
c.stickied_child_id = comment.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(c)
make sure stickied child comments are always at the top place they can be
2022-11-26 04:01:20 +00:00
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment pinned!"}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/unsticky_comment/<int:cid>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def unsticky_comment(cid, v):
comment = get_comment(cid, v=v)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
award refactor
2022-05-26 23:08:23 +00:00
if comment.stickied:
fix missing perm
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and comment.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
abort(403, "Can't unpin award pins!")
mn
2022-05-04 23:09:46 +00:00
award refactor
2022-05-26 23:08:23 +00:00
comment.stickied = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="unpin_comment",
user_id=v.id,
target_comment_id=comment.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if v.id != comment.author_id:
clearer notifications for hole and admin actions
2022-12-13 17:11:26 +00:00
message = f"@{v.username} (a site admin) has unpinned your [comment]({comment.shortlink})"
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
cleanup = g.db.query(Comment).filter_by(stickied_child_id=comment.id).all()
make sure stickied child comments are always at the top place they can be
2022-11-26 04:01:20 +00:00
for c in cleanup:
c.stickied_child_id = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(c)
make sure stickied child comments are always at the top place they can be
2022-11-26 04:01:20 +00:00
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment unpinned!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/remove_comment/<int:c_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
make some function names shorter
2022-08-11 04:05:23 +00:00
def remove_comment(c_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
mn
2022-05-04 23:09:46 +00:00
comment.is_banned = True
comment.is_approved = None
comment.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="ban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
Give me a notification whenever one of the other jannies removes a post or comment
2022-05-30 03:01:03 +00:00
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment removed!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/approve_comment/<int:c_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
make some function names shorter
2022-08-11 04:05:23 +00:00
def approve_comment(c_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
dedup chud-checking logic
2023-03-23 12:50:01 +00:00
if not complies_with_chud(comment):
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
abort(400, "You can't bypass the chud award!")
mn
2022-05-04 23:09:46 +00:00
if comment.is_banned:
ma=ModAction(
kind="unban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
comment.is_banned = False
comment.ban_reason = None
comment.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment approved!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/distinguish_comment/<int:c_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
distinguish stuff
2022-10-06 04:19:11 +00:00
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
mn
2022-05-04 23:09:46 +00:00
def admin_distinguish_comment(c_id, v):
comment = get_comment(c_id, v=v)
if comment.distinguish_level:
comment.distinguish_level = 0
kind = 'undistinguish_comment'
else:
comment.distinguish_level = v.admin_level
kind = 'distinguish_comment'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind=kind,
user_id=v.id,
target_comment_id=comment.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if comment.distinguish_level: return {"message": "Comment distinguished!"}
else: return {"message": "Comment undistinguished!"}
@app.get("/admin/banned_domains/")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
settings, cache, and domain ban permissions
2022-10-06 04:26:15 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
mn
2022-05-04 23:09:46 +00:00
def admin_banned_domains(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
banned_domains = g.db.query(BannedDomain) \
Sort banned_domains deterministically.
2022-11-29 21:24:13 +00:00
.order_by(BannedDomain.reason).all()
kitchen sink commit
2023-08-11 21:50:23 +00:00
return render_template("admin/banned_domains.html", v=v, banned_domains=banned_domains)
mn
2022-05-04 23:09:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
@app.post("/admin/ban_domain")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
restore banning domains
2022-12-30 16:24:20 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
def ban_domain(v):
mn
2022-05-04 23:09:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
domain=request.values.get("domain", "").strip().lower()
if not domain: abort(400)
mn
2022-05-04 23:09:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
reason=request.values.get("reason", "").strip()
if not reason: abort(400, 'Reason is required!')
fix xss on banning domains (only admins could use it)
2022-12-27 05:18:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
if len(reason) > 100:
abort(400, 'Reason is too long (max 100 characters)!')
fix xss on banning domains (only admins could use it)
2022-12-27 05:18:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
if len(reason) > 100:
abort(400, 'Reason is too long!')
give error when domain ban reason too long
2022-12-27 05:02:14 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
existing = g.db.get(BannedDomain, domain)
restore banning domains
2022-12-30 16:24:20 +00:00
if not existing:
d = BannedDomain(domain=domain, reason=reason)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(d)
restore banning domains
2022-12-30 16:24:20 +00:00
ma = ModAction(
kind="ban_domain",
user_id=v.id,
_note=filter_emojis_only(f'{domain}, reason: {reason}')
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Domain banned successfully!"}
mn
2022-05-04 23:09:46 +00:00
refactor banned domains a little bit
2022-10-20 22:14:25 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
@app.post("/admin/unban_domain/<path:domain>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
restore banning domains
2022-12-30 16:24:20 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def unban_domain(v, domain):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
existing = g.db.get(BannedDomain, domain)
restore banning domains
2022-12-30 16:24:20 +00:00
if not existing: abort(400, 'Domain is not banned!')
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(existing)
restore banning domains
2022-12-30 16:24:20 +00:00
ma = ModAction(
kind="unban_domain",
user_id=v.id,
_note=filter_emojis_only(domain)
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
restore banning domains
2022-12-30 16:24:20 +00:00
return {"message": f"{domain} has been unbanned!"}
refactor banned domains a little bit
2022-10-20 22:14:25 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/nuke_user")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_nuke_user(v):
user=get_user(request.values.get("user"))
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for post in g.db.query(Post).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if post.is_banned:
continue
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for comment in g.db.query(Comment).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if comment.is_banned:
continue
comment.is_banned = True
comment.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="nuke_user",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
make 3 more buttons instant
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been removed!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/unnuke_user")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_nunuke_user(v):
user=get_user(request.values.get("user"))
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for post in g.db.query(Post).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if not post.is_banned:
continue
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
post.is_banned = False
post.ban_reason = None
tweaking bannedfor column
2022-07-12 20:00:19 +00:00
post.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for comment in g.db.query(Comment).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if not comment.is_banned:
continue
comment.is_banned = False
comment.ban_reason = None
tweaking bannedfor column
2022-07-12 20:00:19 +00:00
comment.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="unnuke_user",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
make 3 more buttons instant
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been approved!"}
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
@app.post("/blacklist/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
@admin_level_required(PERMS['USER_BLACKLIST'])
def blacklist_user(user_id, v):
user = get_account(user_id)
if user.admin_level > v.admin_level:
abort(403)
user.blacklisted_by = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
check_for_alts(user)
ma = ModAction(
kind="blacklist_user",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
return {"message": f"@{user.username} has been blacklisted from restricted holes!"}
@app.post("/unblacklist/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
@admin_level_required(PERMS['USER_BLACKLIST'])
def unblacklist_user(user_id, v):
user = get_account(user_id)
user.blacklisted_by = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
for alt in get_alt_graph(user.id):
alt.blacklisted_by = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(alt)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
ma = ModAction(
kind="unblacklist_user",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
return {"message": f"@{user.username} has been unblacklisted from restricted holes!"}
add /admin/delete_media
2023-02-19 19:31:26 +00:00
@app.get('/admin/delete_media')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
@admin_level_required(PERMS['DELETE_MEDIA'])
def delete_media_get(v):
return render_template("admin/delete_media.html", v=v)
@app.post("/admin/delete_media")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit("50/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("50/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
@admin_level_required(PERMS['DELETE_MEDIA'])
def delete_media_post(v):
url = request.values.get("url")
if not url:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "No url provided!")
add /admin/delete_media
2023-02-19 19:31:26 +00:00
fix deleting media
2023-03-25 15:07:12 +00:00
if not image_link_regex.fullmatch(url) and not video_link_regex.fullmatch(url):
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "Invalid url!")
add /admin/delete_media
2023-02-19 19:31:26 +00:00
fix deleting media
2023-03-25 15:07:12 +00:00
path = url.split(SITE)[1]
add /admin/delete_media
2023-02-19 19:31:26 +00:00
same as last commit
2023-06-26 18:02:15 +00:00
if path.startswith('/1'):
path = '/videos' + path
add /admin/delete_media
2023-02-19 19:31:26 +00:00
if not os.path.isfile(path):
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "File not found on the server!")
add /admin/delete_media
2023-02-19 19:31:26 +00:00
fix deleting media
2023-03-25 15:07:12 +00:00
os.remove(path)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
ma=ModAction(
kind="delete_media",
user_id=v.id,
_note=url,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
purge_files_in_cache(url)
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Media deleted successfully!"}
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
@app.post("/admin/reset_password/<int:user_id>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
@admin_level_required(PERMS['USER_RESET_PASSWORD'])
def admin_reset_password(user_id, v):
user = get_account(user_id)
shorten password length
2023-06-30 16:51:59 +00:00
new_password = secrets.token_urlsafe(39)
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
user.passhash = hash_password(new_password)
g.db.add(user)
ma = ModAction(
kind="reset_password",
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
text = f"At your request, @{v.username} (a site admin) has reset your password to `{new_password}`, please change this to something else for personal security reasons. And be sure to save it this time, retard."
send_repeatable_notification(user.id, text)
return {"message": f"@{user.username}'s password has been reset! The new password has been messaged to them!"}
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@app.get("/admin/orgy")
@admin_level_required(PERMS['ORGIES'])
def orgy_control(v):
cleanup in aisle 4
2023-07-03 00:26:20 +00:00
return render_template("admin/orgy_control.html", v=v, orgy=get_orgy())
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@app.post("/admin/start_orgy")
@admin_level_required(PERMS['ORGIES'])
def start_orgy(v):
Orgies: Support Rumble and Twitch and Mobile Viewing (#169) Hell yeah - Rumble.com, basically youtube for rightoids (so you can do more edgy streams) - Twitch - Mobile orgy support, it's pretty bad thoever - Button to switch back to normalchat for phonefags Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/169 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-10 00:38:02 +00:00
link = request.values.get("link")
cleanup in aisle 4
2023-07-03 00:26:20 +00:00
title = request.values.get("title")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
Orgies: Support Rumble and Twitch and Mobile Viewing (#169) Hell yeah - Rumble.com, basically youtube for rightoids (so you can do more edgy streams) - Twitch - Mobile orgy support, it's pretty bad thoever - Button to switch back to normalchat for phonefags Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/169 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-10 00:38:02 +00:00
assert link
cleanup in aisle 4
2023-07-03 00:26:20 +00:00
assert title
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
Orgies: Support Rumble and Twitch and Mobile Viewing (#169) Hell yeah - Rumble.com, basically youtube for rightoids (so you can do more edgy streams) - Twitch - Mobile orgy support, it's pretty bad thoever - Button to switch back to normalchat for phonefags Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/169 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-10 00:38:02 +00:00
create_orgy(link, title)
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Orgy started successfully!"}
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@app.post("/admin/stop_orgy")
@admin_level_required(PERMS['ORGIES'])
def stop_orgy(v):
cleanup in aisle 4
2023-07-03 00:26:20 +00:00
end_orgy()
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Orgy stopped successfully!"}