MarseyWorld/files/routes/users.py

1477 lines
51 KiB
Python
Raw Normal View History

2022-05-04 23:09:46 +00:00
import io
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
import json
2022-05-04 23:09:46 +00:00
import math
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
import time
from collections import Counter
from typing import Literal
import gevent
import qrcode
from sqlalchemy.orm import aliased
from files.classes import *
from files.classes.leaderboard import Leaderboard
2022-09-13 15:22:18 +00:00
from files.classes.transactions import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.classes.views import *
2023-02-07 03:31:49 +00:00
from files.helpers.actions import execute_under_siege
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
from files.helpers.config.const import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.mail import *
from files.helpers.sanitize import *
2022-07-09 10:32:49 +00:00
from files.helpers.sorting_and_time import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.useractions import badge_grant
2022-12-22 21:24:36 +00:00
from files.routes.routehelpers import check_for_alts, add_alt
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.wrappers import *
from files.__main__ import app, cache, limiter
2022-05-04 23:09:46 +00:00
2022-10-09 04:21:25 +00:00
def upvoters_downvoters(v, username, uid, cls, vote_cls, vote_dir, template, standalone):
u = get_user(username, v=v, include_shadowbanned=False)
if not u.is_visible_to(v): abort(403)
if not (v.id == u.id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']): abort(403)
2022-05-04 23:09:46 +00:00
id = u.id
2022-10-16 09:18:23 +00:00
try:
uid = int(uid)
except:
abort(404)
2022-05-04 23:09:46 +00:00
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
2022-05-04 23:09:46 +00:00
listing = g.db.query(cls).join(vote_cls).filter(cls.ghost == False, cls.is_banned == False, cls.deleted_utc == 0, vote_cls.vote_type==vote_dir, cls.author_id==id, vote_cls.user_id==uid).order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-05-04 23:09:46 +00:00
listing = [p.id for p in listing]
next_exists = len(listing) > PAGE_SIZE
listing = listing[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
if cls == Submission:
listing = get_posts(listing, v=v, eager=True)
elif cls == Comment:
listing = get_comments(listing, v=v)
else:
listing = []
2022-05-04 23:09:46 +00:00
2022-10-09 04:21:25 +00:00
return render_template(template, next_exists=next_exists, listing=listing, page=page, v=v, standalone=standalone)
@app.get("/@<username>/upvoters/<int:uid>/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-10-09 04:21:25 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def upvoters_posts(v:User, username, uid):
return upvoters_downvoters(v, username, uid, Submission, Vote, 1, "userpage/voted_posts.html", None)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/upvoters/<int:uid>/comments")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def upvoters_comments(v:User, username, uid):
return upvoters_downvoters(v, username, uid, Comment, CommentVote, 1, "userpage/voted_comments.html", True)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoters/<int:uid>/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def downvoters_posts(v:User, username, uid):
return upvoters_downvoters(v, username, uid, Submission, Vote, -1, "userpage/voted_posts.html", None)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoters/<int:uid>/comments")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def downvoters_comments(v:User, username, uid):
return upvoters_downvoters(v, username, uid, Comment, CommentVote, -1, "userpage/voted_comments.html", True)
2022-10-09 04:21:25 +00:00
def upvoting_downvoting(v, username, uid, cls, vote_cls, vote_dir, template, standalone):
u = get_user(username, v=v, include_shadowbanned=False)
if not u.is_visible_to(v): abort(403)
if not (v.id == u.id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']): abort(403)
2022-05-04 23:09:46 +00:00
id = u.id
2022-10-16 09:18:23 +00:00
try:
uid = int(uid)
except:
abort(404)
2022-05-04 23:09:46 +00:00
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
2022-05-04 23:09:46 +00:00
listing = g.db.query(cls).join(vote_cls).filter(cls.ghost == False, cls.is_banned == False, cls.deleted_utc == 0, vote_cls.vote_type==vote_dir, vote_cls.user_id==id, cls.author_id==uid).order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-05-04 23:09:46 +00:00
2022-10-09 04:21:25 +00:00
listing = [p.id for p in listing]
next_exists = len(listing) > PAGE_SIZE
listing = listing[:PAGE_SIZE]
2023-01-01 11:36:20 +00:00
2022-10-11 13:37:40 +00:00
if cls == Submission:
listing = get_posts(listing, v=v, eager=True)
2022-10-11 13:37:40 +00:00
elif cls == Comment:
listing = get_comments(listing, v=v)
else:
listing = []
2022-05-04 23:09:46 +00:00
2022-10-09 04:21:25 +00:00
return render_template(template, next_exists=next_exists, listing=listing, page=page, v=v, standalone=standalone)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/upvoting/<int:uid>/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def upvoting_posts(v:User, username, uid):
return upvoting_downvoting(v, username, uid, Submission, Vote, 1, "userpage/voted_posts.html", None)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/upvoting/<int:uid>/comments")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def upvoting_comments(v:User, username, uid):
return upvoting_downvoting(v, username, uid, Comment, CommentVote, 1, "userpage/voted_comments.html", True)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoting/<int:uid>/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def downvoting_posts(v:User, username, uid):
return upvoting_downvoting(v, username, uid, Submission, Vote, -1, "userpage/voted_posts.html", None)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoting/<int:uid>/comments")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def downvoting_comments(v:User, username, uid):
return upvoting_downvoting(v, username, uid, Comment, CommentVote, -1, "userpage/voted_comments.html", True)
2022-10-09 04:21:25 +00:00
2022-11-22 21:28:30 +00:00
def user_voted(v, username, cls, vote_cls, template, standalone):
u = get_user(username, v=v, include_shadowbanned=False)
if not u.is_visible_to(v): abort(403)
if not (v.id == u.id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']): abort(403)
2022-05-04 23:09:46 +00:00
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
2022-05-04 23:09:46 +00:00
2022-10-09 04:21:25 +00:00
listing = g.db.query(cls).join(vote_cls).filter(
cls.ghost == False,
cls.is_banned == False,
cls.deleted_utc == 0,
cls.author_id != u.id,
vote_cls.user_id == u.id,
).order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-05-04 23:09:46 +00:00
2023-01-28 14:37:32 +00:00
listing = [i.id for i in listing]
next_exists = len(listing) > PAGE_SIZE
listing = listing[:PAGE_SIZE]
if cls == Submission:
listing = get_posts(listing, v=v, eager=True)
elif cls == Comment:
listing = get_comments(listing, v=v)
else:
listing = []
2022-05-04 23:09:46 +00:00
2023-02-06 05:42:11 +00:00
return render_template(template, next_exists=next_exists, listing=listing, page=page, v=v, standalone=standalone)
2022-05-04 23:09:46 +00:00
2022-11-22 21:28:30 +00:00
@app.get("/@<username>/voted/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
2022-11-26 21:00:03 +00:00
def user_voted_posts(v:User, username):
2022-11-22 21:28:30 +00:00
return user_voted(v, username, Submission, Vote, "userpage/voted_posts.html", None)
2022-11-22 21:28:30 +00:00
@app.get("/@<username>/voted/comments")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
2022-11-26 21:00:03 +00:00
def user_voted_comments(v:User, username):
2022-11-22 21:28:30 +00:00
return user_voted(v, username, Comment, CommentVote, "userpage/voted_comments.html", True)
@app.get("/banned")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
def banned(v:User):
users = g.db.query(User).filter(
2022-12-13 22:02:53 +00:00
User.is_banned != None,
2022-12-10 08:23:56 +00:00
or_(User.unban_utc == 0, User.unban_utc > time.time()),
).order_by(User.ban_reason)
if not v.can_see_shadowbanned:
users = users.filter(User.shadowbanned == None)
users = users.all()
return render_template("banned.html", v=v, users=users)
2022-05-04 23:09:46 +00:00
@app.get("/grassed")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def grassed(v:User):
2022-12-10 08:11:11 +00:00
users = g.db.query(User).filter(
User.ban_reason.like('grass award used by @%'),
2022-12-10 08:23:56 +00:00
User.unban_utc > time.time(),
2022-12-10 08:11:11 +00:00
)
if not v.can_see_shadowbanned:
users = users.filter(User.shadowbanned == None)
users = users.all()
2022-05-04 23:09:46 +00:00
return render_template("grassed.html", v=v, users=users)
2022-10-15 06:55:54 +00:00
@app.get("/chuds")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def chuds(v:User):
users = g.db.query(User).filter(
2022-12-10 08:23:56 +00:00
or_(User.agendaposter == 1, User.agendaposter > time.time()),
)
if v.admin_level >= PERMS['VIEW_LAST_ACTIVE']:
users = users.order_by(User.truescore.desc())
if not v.can_see_shadowbanned:
users = users.filter(User.shadowbanned == None)
users = users.order_by(User.username).all()
2022-10-15 06:55:54 +00:00
return render_template("chuds.html", v=v, users=users)
2022-05-04 23:09:46 +00:00
def all_upvoters_downvoters(v:User, username:str, vote_dir:int, is_who_simps_hates:bool):
2022-12-21 20:14:33 +00:00
if username == 'Snappy':
abort(403, "For performance reasons, you can't see Snappy's statistics!")
2022-10-09 06:41:06 +00:00
vote_str = 'votes'
simps_haters = 'voters'
vote_name = 'Neutral'
if vote_dir == 1:
vote_str = 'upvotes'
simps_haters = 'simps for' if is_who_simps_hates else 'simps'
vote_name = 'Up'
elif vote_dir == -1:
vote_str = 'downvotes'
simps_haters = 'hates' if is_who_simps_hates else 'haters'
vote_name = 'Down'
2022-05-04 23:09:46 +00:00
id = get_user(username, v=v, include_shadowbanned=False).id
if not (v.id == id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']):
abort(403)
2022-10-09 06:42:32 +00:00
votes = []
votes2 = []
2022-10-09 06:41:06 +00:00
if is_who_simps_hates:
votes = g.db.query(Submission.author_id, func.count(Submission.author_id)).join(Vote).filter(Submission.ghost == False, Submission.is_banned == False, Submission.deleted_utc == 0, Vote.vote_type==vote_dir, Vote.user_id==id).group_by(Submission.author_id).order_by(func.count(Submission.author_id).desc()).all()
votes2 = g.db.query(Comment.author_id, func.count(Comment.author_id)).join(CommentVote).filter(Comment.ghost == False, Comment.is_banned == False, Comment.deleted_utc == 0, CommentVote.vote_type==vote_dir, CommentVote.user_id==id).group_by(Comment.author_id).order_by(func.count(Comment.author_id).desc()).all()
2022-10-09 06:41:06 +00:00
else:
votes = g.db.query(Vote.user_id, func.count(Vote.user_id)).join(Submission).filter(Submission.ghost == False, Submission.is_banned == False, Submission.deleted_utc == 0, Vote.vote_type==vote_dir, Submission.author_id==id).group_by(Vote.user_id).order_by(func.count(Vote.user_id).desc()).all()
votes2 = g.db.query(CommentVote.user_id, func.count(CommentVote.user_id)).join(Comment).filter(Comment.ghost == False, Comment.is_banned == False, Comment.deleted_utc == 0, CommentVote.vote_type==vote_dir, Comment.author_id==id).group_by(CommentVote.user_id).order_by(func.count(CommentVote.user_id).desc()).all()
votes = Counter(dict(votes)) + Counter(dict(votes2))
total = sum(votes.values())
users = g.db.query(User).filter(User.id.in_(votes.keys()))
if not v.can_see_shadowbanned:
users = users.filter(User.shadowbanned == None)
2023-01-01 11:36:20 +00:00
users2 = [(user, votes[user.id]) for user in users.all()]
2022-05-04 23:09:46 +00:00
users = sorted(users2, key=lambda x: x[1], reverse=True)
2022-10-09 06:41:06 +00:00
2022-05-04 23:09:46 +00:00
try:
pos = [x[0].id for x in users].index(v.id)
pos = (pos+1, users[pos][1])
except: pos = (len(users)+1, 0)
2022-10-09 06:41:06 +00:00
received_given = 'given' if is_who_simps_hates else 'received'
if total == 1: vote_str = vote_str[:-1] # we want to unpluralize if only 1 vote
total = f'{total} {vote_str} {received_given}'
name2 = f'Who @{username} {simps_haters}' if is_who_simps_hates else f"@{username}'s {simps_haters}"
2022-05-04 23:09:46 +00:00
try: page = int(request.values.get("page", 1))
except: page = 1
2023-01-01 11:36:20 +00:00
users = users[PAGE_SIZE * (page-1):]
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
return render_template("userpage/voters.html", v=v, users=users, pos=pos, name=vote_name, name2=name2, total=total, page=page, next_exists=next_exists)
2022-05-04 23:09:46 +00:00
2022-10-09 06:41:06 +00:00
@app.get("/@<username>/upvoters")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-10-09 06:41:06 +00:00
@auth_required
def upvoters(v:User, username:str):
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, 1, False)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoters")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def downvoters(v:User, username:str):
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, -1, False)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/upvoting")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def upvoting(v:User, username:str):
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, 1, True)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoting")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def downvoting(v:User, username:str):
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, -1, True)
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/suicide")
2022-11-14 15:11:05 +00:00
@feature_required('USERS_SUICIDE')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
2023-02-26 01:42:39 +00:00
@limiter.limit("5/day")
@limiter.limit("5/day", key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def suicide(v:User, username:str):
2022-05-04 23:09:46 +00:00
user = get_user(username)
suicide = f"Hi there,\n\nA [concerned user](/id/{v.id}) reached out to us about you.\n\nWhen you're in the middle of something painful, it may feel like you don't have a lot of options. But whatever you're going through, you deserve help and there are people who are here for you.\n\nThere are resources available in your area that are free, confidential, and available 24/7:\n\n- Call, Text, or Chat with Canada's [Crisis Services Canada](https://www.crisisservicescanada.ca/en/)\n\n- Call, Email, or Visit the UK's [Samaritans](https://www.samaritans.org/)\n\n- Text CHAT to America's [Crisis Text Line](https://www.crisistextline.org/) at 741741.\n\nIf you don't see a resource in your area above, the moderators keep a comprehensive list of resources and hotlines for people organized by location. Find Someone Now\n\nIf you think you may be depressed or struggling in another way, don't ignore it or brush it aside. Take yourself and your feelings seriously, and reach out to someone.\n\nIt may not feel like it, but you have options. There are people available to listen to you, and ways to move forward.\n\nYour fellow users care about you and there are people who want to help."
if not v.shadowbanned:
send_notification(user.id, suicide)
return {"message": f"Help message sent to @{user.username}"}
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/coins")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def get_coins(v:User, username:str):
user = get_user(username, v=v, include_shadowbanned=False)
2022-09-30 22:48:34 +00:00
return {"coins": user.coins}
2022-05-04 23:09:46 +00:00
def transfer_currency(v:User, username:str, currency_name:Literal['coins', 'marseybux'], apply_tax:bool):
MIN_CURRENCY_TRANSFER = 100
TAX_PCT = 0.03
receiver = get_user(username, v=v, include_shadowbanned=False)
if receiver.id == v.id: abort(400, f"You can't transfer {currency_name} to yourself!")
amount = request.values.get("amount", "").strip()
amount = int(amount) if amount.isdigit() else None
if amount is None or amount <= 0: abort(400, f"Invalid number of {currency_name}")
if amount < MIN_CURRENCY_TRANSFER: abort(400, f"You have to gift at least {MIN_CURRENCY_TRANSFER} {currency_name}")
tax = 0
2022-12-22 20:44:37 +00:00
if apply_tax and not v.patron and not receiver.patron:
tax = math.ceil(amount*TAX_PCT)
reason = request.values.get("reason", "").strip()
log_message = f"@{v.username} has transferred {amount} {currency_name} to @{receiver.username}"
notif_text = f":marseycapitalistmanlet: @{v.username} has gifted you {amount-tax} {currency_name}!"
2022-11-01 05:25:19 +00:00
if reason:
2022-12-28 09:50:48 +00:00
if len(reason) > TRANSFER_MESSAGE_LENGTH_LIMIT:
abort(400, f"Reason is too long, max {TRANSFER_MESSAGE_LENGTH_LIMIT} characters")
notif_text += f"\n\n> {reason}"
log_message += f"\n\n> {reason}"
2022-11-01 05:25:19 +00:00
if not v.charge_account(currency_name, amount):
abort(400, f"You don't have enough {currency_name}")
2022-11-01 05:25:19 +00:00
if not v.shadowbanned:
if currency_name == 'marseybux':
receiver.pay_account('marseybux', amount - tax)
2022-11-01 08:54:02 +00:00
elif currency_name == 'coins':
receiver.pay_account('coins', amount - tax)
2022-11-01 08:54:02 +00:00
else:
raise ValueError(f"Invalid currency '{currency_name}' got when transferring {amount} from {v.id} to {receiver.id}")
g.db.add(receiver)
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if GIFT_NOTIF_ID: send_repeatable_notification(GIFT_NOTIF_ID, log_message)
send_repeatable_notification(receiver.id, notif_text)
g.db.add(v)
return {"message": f"{amount - tax} {currency_name} have been transferred to @{receiver.username}"}
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/transfer_coins")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@is_not_permabanned
def transfer_coins(v:User, username:str):
return transfer_currency(v, username, 'coins', True)
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/transfer_bux")
@feature_required('MARSEYBUX')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@is_not_permabanned
def transfer_bux(v:User, username:str):
return transfer_currency(v, username, 'marseybux', False)
2022-05-04 23:09:46 +00:00
@app.get("/leaderboard")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def leaderboard(v:User):
2022-05-04 23:09:46 +00:00
users = g.db.query(User)
if not v.can_see_shadowbanned:
users = users.filter(User.shadowbanned == None)
2022-05-04 23:09:46 +00:00
2022-10-28 09:24:15 +00:00
coins = Leaderboard("Coins", "coins", "coins", "Coins", None, Leaderboard.get_simple_lb, User.coins, v, lambda u:u.coins, g.db, users)
2022-11-27 00:33:55 +00:00
subscribers = Leaderboard("Followers", "followers", "followers", "Followers", "followers", Leaderboard.get_simple_lb, User.stored_subscriber_count, v, lambda u:u.stored_subscriber_count, g.db, users)
2023-02-24 03:58:28 +00:00
posts = Leaderboard("Posts", "post count", "posts", "Posts", "posts", Leaderboard.get_simple_lb, User.post_count, v, lambda u:u.post_count, g.db, users)
comments = Leaderboard("Comments", "comment count", "comments", "Comments", "comments", Leaderboard.get_simple_lb, User.comment_count, v, lambda u:u.comment_count, g.db, users)
2022-10-28 09:24:15 +00:00
received_awards = Leaderboard("Awards", "received awards", "awards", "Awards", None, Leaderboard.get_simple_lb, User.received_award_count, v, lambda u:u.received_award_count, g.db, users)
coins_spent = Leaderboard("Spent in shop", "coins spent in shop", "spent", "Coins", None, Leaderboard.get_simple_lb, User.coins_spent, v, lambda u:u.coins_spent, g.db, users)
2022-11-07 07:03:58 +00:00
truescore = Leaderboard("Truescore", "truescore", "truescore", "Truescore", None, Leaderboard.get_simple_lb, User.truescore, v, lambda u:u.truescore, g.db, users)
badges = Leaderboard("Badges", "badges", "badges", "Badges", None, Leaderboard.get_badge_marsey_lb, Badge.user_id, v, None, g.db, None)
blocks = Leaderboard("Blocked", "most blocked", "blocked", "Blocked By", "blockers", Leaderboard.get_blockers_lb, UserBlock.target_id, v, None, g.db, None)
owned_hats = Leaderboard("Owned hats", "owned hats", "owned-hats", "Owned Hats", None, Leaderboard.get_hat_lb, User.owned_hats, v, None, g.db, None)
leaderboards = [coins, coins_spent, truescore, subscribers, posts, comments, received_awards, badges, blocks, owned_hats]
if SITE == 'rdrama.net':
leaderboards.append(Leaderboard("Designed hats", "designed hats", "designed-hats", "Designed Hats", None, Leaderboard.get_hat_lb, User.designed_hats, v, None, g.db, None))
2022-11-27 01:45:28 +00:00
leaderboards.append(Leaderboard("Marseys", "Marseys made", "marseys", "Marseys", None, Leaderboard.get_badge_marsey_lb, Marsey.author_id, v, None, g.db, None))
return render_template("leaderboard.html", v=v, leaderboards=leaderboards)
2022-05-04 23:09:46 +00:00
@app.get("/<int:id>/css")
@limiter.limit(DEFAULT_RATELIMIT)
2022-06-26 05:26:45 +00:00
def get_css(id):
try: id = int(id)
except: abort(404)
2023-01-01 13:03:55 +00:00
css, bg = g.db.query(User.css, User.background).filter_by(id=id).one_or_none()
if bg:
if not css: css = ''
css += f'''
body {{
2023-01-01 09:59:29 +00:00
background: url("{bg}") center center fixed;
}}
'''
if 'anime/' not in bg and not bg.startswith('/images/'):
css += 'body {background-size: cover}'
2022-06-26 05:26:45 +00:00
if not css: abort(404)
resp = make_response(css)
resp.headers["Content-Type"] = "text/css"
return resp
@app.get("/<int:id>/profilecss")
@limiter.limit(DEFAULT_RATELIMIT)
2022-06-26 05:26:45 +00:00
def get_profilecss(id):
try: id = int(id)
except: abort(404)
css, bg = g.db.query(User.profilecss, User.profile_background).filter_by(id=id).one_or_none()
if bg:
if not css: css = ''
2023-01-01 09:59:29 +00:00
css += f'''
body {{
background: url("{bg}") center center fixed;
background-size: auto;
}}
'''
2022-06-26 05:26:45 +00:00
if not css: abort(404)
resp = make_response(css)
resp.headers["Content-Type"] = "text/css"
return resp
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/song")
@limiter.limit(DEFAULT_RATELIMIT)
def usersong(username:str):
2022-05-04 23:09:46 +00:00
user = get_user(username)
2022-12-10 12:21:52 +00:00
if user.song: return redirect(f"/songs/{user.song}.mp3")
2022-05-04 23:09:46 +00:00
else: abort(404)
@app.post("/subscribe/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def subscribe(v, post_id):
2022-09-27 00:22:06 +00:00
existing = g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).one_or_none()
2022-09-27 00:19:52 +00:00
if not existing:
new_sub = Subscription(user_id=v.id, submission_id=post_id)
g.db.add(new_sub)
return {"message": "Subscribed to post successfully!"}
2023-01-01 11:36:20 +00:00
@app.post("/unsubscribe/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def unsubscribe(v, post_id):
2022-09-27 00:19:52 +00:00
existing = g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).one_or_none()
if existing:
g.db.delete(existing)
return {"message": "Unsubscribed from post successfully!"}
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/message")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
2023-02-26 01:42:39 +00:00
@limiter.limit("10/minute;20/hour;50/day")
@limiter.limit("10/minute;20/hour;50/day", key_func=get_ID)
2022-05-04 23:09:46 +00:00
@is_not_permabanned
def message2(v:User, username:str):
user = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
if user.id == MODMAIL_ID:
abort(403, "Please use /contact to contact the admins")
if hasattr(user, 'is_blocking') and user.is_blocking:
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocking @{user.username}")
2022-05-04 23:09:46 +00:00
if v.admin_level <= PERMS['MESSAGE_BLOCKED_USERS'] and hasattr(user, 'is_blocked') and user.is_blocked:
abort(403, f"@{user.username} is blocking you!")
2022-05-04 23:09:46 +00:00
2022-10-20 23:18:47 +00:00
message = sanitize_raw_body(request.values.get("message"), False)
2023-01-23 09:58:38 +00:00
2023-02-26 12:08:37 +00:00
message = process_dm_images(v, user, message)
2023-01-23 09:58:38 +00:00
if not message: abort(400, "Message is empty!")
2022-10-13 13:26:59 +00:00
2022-05-04 23:09:46 +00:00
body_html = sanitize(message)
2022-12-10 14:00:03 +00:00
existing = g.db.query(Comment.id).filter(
Comment.author_id == v.id,
Comment.sentto == user.id,
Comment.body_html == body_html
).first()
2022-05-04 23:09:46 +00:00
if existing: abort(403, "Message already exists!")
2022-05-04 23:09:46 +00:00
c = Comment(author_id=v.id,
2022-09-04 23:15:37 +00:00
parent_submission=None,
level=1,
sentto=user.id,
2023-02-19 20:02:13 +00:00
body=message,
2022-09-04 23:15:37 +00:00
body_html=body_html
)
2022-05-04 23:09:46 +00:00
g.db.add(c)
g.db.flush()
2022-10-21 00:28:05 +00:00
execute_blackjack(v, c, c.body_html, 'message')
2022-11-30 17:37:35 +00:00
execute_under_siege(v, c, c.body_html, 'message')
2022-05-04 23:09:46 +00:00
c.top_comment_id = c.id
2022-05-28 02:20:31 +00:00
if user.id not in bots:
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=user.id).one_or_none()
if not notif:
notif = Notification(comment_id=c.id, user_id=user.id)
g.db.add(notif)
2022-05-04 23:09:46 +00:00
2023-02-24 01:47:50 +00:00
if not v.shadowbanned:
2023-02-27 13:35:53 +00:00
title = f'New message from @{c.author_name}'
2022-06-27 19:02:24 +00:00
2022-07-08 18:06:54 +00:00
url = f'{SITE_FULL}/notifications/messages'
2022-06-27 19:02:24 +00:00
push_notif({user.id}, title, message, url)
2022-05-04 23:09:46 +00:00
return {"message": "Message sent!"}
@app.post("/reply")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
2023-02-26 01:42:39 +00:00
@limiter.limit("6/minute;50/hour;200/day")
@limiter.limit("6/minute;50/hour;200/day", key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def messagereply(v:User):
2022-10-20 23:24:03 +00:00
body = sanitize_raw_body(request.values.get("body"), False)
2022-05-04 23:09:46 +00:00
2022-10-14 15:29:26 +00:00
id = request.values.get("parent_id")
2022-05-04 23:09:46 +00:00
parent = get_comment(id, v=v)
user_id = parent.author.id
if v.is_suspended_permanently and parent.sentto != MODMAIL_ID:
abort(403, "You are permabanned and may not reply to messages!")
elif v.is_muted and parent.sentto == MODMAIL_ID:
abort(403, "You are forbidden from replying to modmail!")
if parent.sentto == MODMAIL_ID: user_id = None
2022-05-04 23:09:46 +00:00
elif v.id == user_id: user_id = parent.sentto
2023-01-28 08:47:52 +00:00
user = None
2022-11-02 20:22:23 +00:00
if user_id:
user = get_account(user_id, v=v, include_blocks=True)
if hasattr(user, 'is_blocking') and user.is_blocking:
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocking @{user.username}")
2022-11-02 20:22:23 +00:00
elif (v.admin_level <= PERMS['MESSAGE_BLOCKED_USERS']
and hasattr(user, 'is_blocked') and user.is_blocked):
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocked by @{user.username}")
2022-11-02 20:22:23 +00:00
2023-02-26 12:08:37 +00:00
body = process_dm_images(v, user, body)
2022-05-04 23:09:46 +00:00
2023-01-23 09:58:38 +00:00
if not body: abort(400, "Message is empty!")
2022-06-18 17:50:03 +00:00
body_html = sanitize(body)
2022-05-04 23:09:46 +00:00
c = Comment(author_id=v.id,
parent_submission=None,
parent_comment_id=id,
top_comment_id=parent.top_comment_id,
level=parent.level + 1,
sentto=parent.sentto,
2023-02-19 20:02:13 +00:00
body=body,
2022-05-04 23:09:46 +00:00
body_html=body_html,
)
g.db.add(c)
g.db.flush()
2022-10-21 00:28:05 +00:00
execute_blackjack(v, c, c.body_html, 'message')
2022-11-30 17:37:35 +00:00
execute_under_siege(v, c, c.body_html, 'message')
2022-05-04 23:09:46 +00:00
2022-12-23 23:07:51 +00:00
if user_id and user_id not in {v.id, MODMAIL_ID} | bots:
2022-05-04 23:09:46 +00:00
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=user_id).one_or_none()
if not notif:
notif = Notification(comment_id=c.id, user_id=user_id)
g.db.add(notif)
2023-02-24 01:47:50 +00:00
if not v.shadowbanned:
2023-02-27 13:35:53 +00:00
title = f'New message from @{c.author_name}'
2022-06-27 19:02:24 +00:00
2022-07-08 18:06:54 +00:00
url = f'{SITE_FULL}/notifications/messages'
2022-06-27 19:02:24 +00:00
push_notif({user_id}, title, body, url)
2022-06-27 19:02:24 +00:00
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
top_comment = c.top_comment(g.db)
2022-05-04 23:09:46 +00:00
if top_comment.sentto == MODMAIL_ID:
2023-02-23 23:25:47 +00:00
admins = g.db.query(User.id).filter(User.admin_level >= PERMS['NOTIFICATIONS_MODMAIL'], User.id != v.id)
if SITE == 'rdrama.net':
admins = admins.filter(User.id != AEVANN_ID)
2022-09-21 19:38:29 +00:00
admins = [x[0] for x in admins.all()]
if parent.author.id not in admins + [v.id]:
admins.append(parent.author.id)
2022-05-04 23:09:46 +00:00
for admin in admins:
notif = Notification(comment_id=c.id, user_id=admin)
2022-05-04 23:09:46 +00:00
g.db.add(notif)
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
ids = [top_comment.id] + [x.id for x in top_comment.replies(sort="old", v=v, db=g.db)]
notifications = g.db.query(Notification).filter(Notification.comment_id.in_(ids), Notification.user_id.in_(admins))
2022-05-04 23:09:46 +00:00
for n in notifications:
g.db.delete(n)
return {"comment": render_template("comments.html", v=v, comments=[c])}
2022-05-04 23:09:46 +00:00
@app.get("/2faqr/<secret>")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def mfa_qr(v:User, secret:str):
2022-05-04 23:09:46 +00:00
x = pyotp.TOTP(secret)
qr = qrcode.QRCode(
error_correction=qrcode.constants.ERROR_CORRECT_L
)
2022-12-20 21:20:32 +00:00
qr.add_data(x.provisioning_uri(v.username, issuer_name=SITE))
2022-05-04 23:09:46 +00:00
img = qr.make_image(fill_color="#000000", back_color="white")
mem = io.BytesIO()
img.save(mem, format="PNG")
mem.seek(0, 0)
2022-09-11 01:56:47 +00:00
return send_file(mem, mimetype="image/png", as_attachment=False)
2022-05-04 23:09:46 +00:00
@app.get("/is_available/<name>")
2022-09-10 09:37:43 +00:00
@limiter.limit("100/day")
2023-01-21 04:39:46 +00:00
@limiter.limit("100/day", key_func=get_ID)
def is_available(name:str):
2022-05-04 23:09:46 +00:00
name=name.strip()
if len(name)<3 or len(name)>25:
return {name:False}
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
name2 = name.replace('\\', '').replace('_','\_').replace('%','')
2022-09-04 23:15:37 +00:00
x = g.db.query(User).filter(
2022-05-04 23:09:46 +00:00
or_(
User.username.ilike(name2),
User.original_username.ilike(name2)
)
).one_or_none()
if x:
return {name: False}
else:
return {name: True}
@app.get("/id/<int:id>")
@limiter.limit(DEFAULT_RATELIMIT)
2022-08-11 13:00:04 +00:00
def user_id(id):
2022-05-04 23:09:46 +00:00
user = get_account(id)
return redirect(user.url)
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
@app.get("/u/<username>")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def redditor_moment_redirect(v:User, username:str):
2022-05-04 23:09:46 +00:00
return redirect(f"/@{username}")
@app.get("/@<username>/followers")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
def followers(v:User, username:str):
u = get_user(username, v=v, include_shadowbanned=False)
if not (v.id == u.id or v.admin_level >= PERMS['USER_FOLLOWS_VISIBLE']):
abort(403)
try: page = int(request.values.get("page", 1))
except: page = 1
users = g.db.query(Follow, User).join(Follow, Follow.target_id == u.id) \
.filter(Follow.user_id == User.id) \
.order_by(Follow.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
return render_template("userpage/followers.html", v=v, u=u, users=users, page=page, next_exists=next_exists)
2022-09-23 12:58:33 +00:00
@app.get("/@<username>/blockers")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def blockers(v:User, username:str):
u = get_user(username, v=v, include_shadowbanned=False)
2022-09-05 21:52:56 +00:00
try: page = int(request.values.get("page", 1))
except: page = 1
2022-09-23 12:58:33 +00:00
users = g.db.query(UserBlock, User).join(UserBlock, UserBlock.target_id == u.id) \
.filter(UserBlock.user_id == User.id) \
.order_by(UserBlock.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
return render_template("userpage/blockers.html", v=v, u=u, users=users, page=page, next_exists=next_exists)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/following")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def following(v:User, username:str):
u = get_user(username, v=v, include_shadowbanned=False)
if not (v.id == u.id or v.admin_level >= PERMS['USER_FOLLOWS_VISIBLE']):
abort(403)
try: page = int(request.values.get("page", 1))
except: page = 1
2022-07-04 03:41:44 +00:00
users = g.db.query(User).join(Follow, Follow.user_id == u.id) \
.filter(Follow.target_id == User.id) \
.order_by(Follow.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
return render_template("userpage/following.html", v=v, u=u, users=users, page=page, next_exists=next_exists)
2022-05-04 23:09:46 +00:00
2022-11-27 00:20:54 +00:00
@app.get("/@<username>/views")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def visitors(v:User, username:str):
2022-11-27 00:20:54 +00:00
u = get_user(username, v=v, include_shadowbanned=False)
try: page = int(request.values.get("page", 1))
except: page = 1
views = g.db.query(ViewerRelationship).filter_by(user_id=u.id).order_by(ViewerRelationship.last_view_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-11-27 00:20:54 +00:00
next_exists = (len(views) > PAGE_SIZE)
views = views[:PAGE_SIZE]
return render_template("userpage/views.html", v=v, u=u, views=views, next_exists=next_exists, page=page)
2022-05-04 23:09:46 +00:00
@cache.memoize()
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
def userpagelisting(user:User, site=None, v=None, page:int=1, sort="new", t="all"):
if user.shadowbanned and not (v and v.can_see_shadowbanned): return []
posts = g.db.query(Submission.id).filter_by(author_id=user.id, is_pinned=False)
if not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or v.id == user.id)):
posts = posts.filter_by(is_banned=False, private=False, ghost=False, deleted_utc=0)
posts = apply_time_filter(t, posts, Submission)
posts = sort_objects(sort, posts, Submission, include_shadowbanned=v and v.can_see_shadowbanned)
posts = posts.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE+1).all()
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
return [x[0] for x in posts]
2022-05-04 23:09:46 +00:00
@app.get("/@<username>")
@app.get("/@<username>.json")
@limiter.limit(DEFAULT_RATELIMIT)
@auth_desired_with_logingate
def u_username_wall(v:Optional[User], username:str):
2022-12-03 01:49:07 +00:00
u = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
if username != u.username:
2022-12-05 01:33:43 +00:00
return redirect(f"/@{u.username}")
2022-12-03 01:49:07 +00:00
if v and hasattr(u, 'is_blocking') and u.is_blocking:
if g.is_api_or_xhr or request.path.endswith(".json"):
abort(403, f"You are blocking @{u.username}.")
return render_template("userpage/blocking.html", u=u, v=v), 403
is_following = v and u.has_follower(v)
2023-01-25 03:45:23 +00:00
if v and v.id != u.id and not v.admin_level:
g.db.flush()
view = g.db.query(ViewerRelationship).filter_by(viewer_id=v.id, user_id=u.id).one_or_none()
if view: view.last_view_utc = int(time.time())
else: view = ViewerRelationship(viewer_id=v.id, user_id=u.id)
g.db.add(view)
g.db.commit()
2022-12-03 01:49:07 +00:00
try: page = max(int(request.values.get("page", "1")), 1)
except: page = 1
if v:
comments, output = get_comments_v_properties(v, True, None, Comment.wall_user_id == u.id)
else:
comments = g.db.query(Comment).filter(Comment.wall_user_id == u.id)
2022-12-03 01:49:07 +00:00
comments = comments.filter(Comment.level == 1)
if not v or (v.id != u.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']):
comments = comments.filter(
Comment.is_banned == False,
Comment.ghost == False,
Comment.deleted_utc == 0
)
comments = comments.order_by(Comment.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE+1).all()
if v:
comments = [c[0] for c in comments]
2022-12-03 01:49:07 +00:00
next_exists = (len(comments) > PAGE_SIZE)
comments = comments[:PAGE_SIZE]
2023-01-01 11:36:20 +00:00
2022-12-03 01:49:07 +00:00
if (v and v.client) or request.path.endswith(".json"):
return {"data": [c.json(g.db) for c in comments]}
2023-01-01 11:36:20 +00:00
2022-12-05 06:18:37 +00:00
return render_template("userpage/wall.html", u=u, v=v, listing=comments, page=page, next_exists=next_exists, is_following=is_following, standalone=True, render_replies=True, wall=True)
2022-12-03 01:49:07 +00:00
@app.get("/@<username>/wall/comment/<int:cid>")
@app.get("/@<username>/wall/comment/<int:cid>.json")
@limiter.limit(DEFAULT_RATELIMIT)
@auth_desired_with_logingate
def u_username_wall_comment(v:User, username:str, cid):
comment = get_comment(cid, v=v)
if not comment.wall_user_id: abort(400)
if not User.can_see(v, comment): abort(403)
u = comment.wall_user
if v and hasattr(u, 'is_blocking') and u.is_blocking:
if g.is_api_or_xhr or request.path.endswith(".json"):
abort(403, f"You are blocking @{u.username}.")
return render_template("userpage/blocking.html", u=u, v=v), 403
is_following = v and u.has_follower(v)
2023-01-25 03:45:23 +00:00
if v and v.id != u.id and not v.admin_level:
g.db.flush()
view = g.db.query(ViewerRelationship).filter_by(viewer_id=v.id, user_id=u.id).one_or_none()
if view: view.last_view_utc = int(time.time())
else: view = ViewerRelationship(viewer_id=v.id, user_id=u.id)
g.db.add(view)
g.db.commit()
if v and request.values.get("read"):
notif = g.db.query(Notification).filter_by(comment_id=cid, user_id=v.id, read=False).one_or_none()
if notif:
notif.read = True
g.db.add(notif)
2022-12-05 14:38:24 +00:00
g.db.commit()
2022-12-18 14:48:48 +00:00
try: context = min(int(request.values.get("context", 8)), 8)
except: context = 8
comment_info = comment
c = comment
while context and c.level > 1:
c = c.parent_comment
context -= 1
top_comment = c
2023-01-01 11:36:20 +00:00
if v:
# this is required because otherwise the vote and block
# props won't save properly unless you put them in a list
output = get_comments_v_properties(v, False, None, Comment.top_comment_id == c.top_comment_id)[1]
2023-01-01 11:36:20 +00:00
if v and v.client: return top_comment.json(db=g.db)
2022-12-05 06:18:37 +00:00
return render_template("userpage/wall.html", u=u, v=v, listing=[top_comment], page=1, is_following=is_following, standalone=True, render_replies=True, wall=True, comment_info=comment_info)
2022-12-03 01:49:07 +00:00
@app.get("/@<username>/posts")
@app.get("/@<username>/posts.json")
@limiter.limit(DEFAULT_RATELIMIT)
2022-12-03 01:49:07 +00:00
@auth_desired_with_logingate
def u_username(v:Optional[User], username:str):
2022-11-02 20:22:23 +00:00
u = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
2022-05-04 23:09:46 +00:00
if username != u.username:
return redirect(SITE_FULL + request.full_path.replace(username, u.username))
2022-05-04 23:09:46 +00:00
if v and hasattr(u, 'is_blocking') and u.is_blocking:
if g.is_api_or_xhr or request.path.endswith(".json"):
abort(403, f"You are blocking @{u.username}.")
return render_template("userpage/blocking.html", u=u, v=v), 403
2022-05-04 23:09:46 +00:00
is_following = v and u.has_follower(v)
2022-12-05 15:16:11 +00:00
if not u.is_visible_to(v):
if g.is_api_or_xhr or request.path.endswith(".json"):
abort(403, f"@{u.username}'s userpage is private")
return render_template("userpage/private.html", u=u, v=v, is_following=is_following), 403
2023-01-25 03:45:23 +00:00
if v and v.id != u.id and not v.admin_level:
g.db.flush()
view = g.db.query(ViewerRelationship).filter_by(viewer_id=v.id, user_id=u.id).one_or_none()
if view: view.last_view_utc = int(time.time())
else: view = ViewerRelationship(viewer_id=v.id, user_id=u.id)
g.db.add(view)
g.db.commit()
2022-05-04 23:09:46 +00:00
sort = request.values.get("sort", "new")
t = request.values.get("t", "all")
try: page = max(int(request.values.get("page", 1)), 1)
except: page = 1
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
ids = userpagelisting(u, site=SITE, v=v, page=page, sort=sort, t=t)
2022-05-04 23:09:46 +00:00
next_exists = (len(ids) > PAGE_SIZE)
ids = ids[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
if page == 1 and sort == 'new':
2022-05-04 23:09:46 +00:00
sticky = []
sticky = g.db.query(Submission).filter_by(is_pinned=True, author_id=u.id, is_banned=False).all()
2022-05-04 23:09:46 +00:00
if sticky:
for p in sticky:
ids = [p.id] + ids
listing = get_posts(ids, v=v, eager=True)
2022-05-04 23:09:46 +00:00
if u.unban_utc:
if (v and v.client) or request.path.endswith(".json"):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
return {"data": [x.json(g.db) for x in listing]}
2023-01-01 11:36:20 +00:00
return render_template("userpage/submissions.html",
2022-05-04 23:09:46 +00:00
unban=u.unban_string,
u=u,
v=v,
listing=listing,
page=page,
sort=sort,
t=t,
next_exists=next_exists,
is_following=is_following)
2022-05-04 23:09:46 +00:00
if (v and v.client) or request.path.endswith(".json"):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
return {"data": [x.json(g.db) for x in listing]}
2023-01-01 11:36:20 +00:00
return render_template("userpage/submissions.html",
2022-05-04 23:09:46 +00:00
u=u,
v=v,
listing=listing,
page=page,
sort=sort,
t=t,
next_exists=next_exists,
is_following=is_following)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/comments")
@app.get("/@<username>/comments.json")
@limiter.limit(DEFAULT_RATELIMIT)
@auth_desired_with_logingate
2022-05-04 23:09:46 +00:00
def u_username_comments(username, v=None):
2022-11-02 20:22:23 +00:00
u = get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
if username != u.username:
return redirect(f"/@{u.username}/comments")
2022-05-04 23:09:46 +00:00
if v and hasattr(u, 'is_blocking') and u.is_blocking:
if g.is_api_or_xhr or request.path.endswith(".json"):
abort(403, f"You are blocking @{u.username}.")
return render_template("userpage/blocking.html", u=u, v=v), 403
2022-05-04 23:09:46 +00:00
is_following = v and u.has_follower(v)
2022-12-05 15:16:11 +00:00
if not u.is_visible_to(v):
if g.is_api_or_xhr or request.path.endswith(".json"):
abort(403, f"@{u.username}'s userpage is private")
return render_template("userpage/private.html", u=u, v=v, is_following=is_following), 403
2023-01-25 03:45:23 +00:00
if v and v.id != u.id and not v.admin_level:
g.db.flush()
view = g.db.query(ViewerRelationship).filter_by(viewer_id=v.id, user_id=u.id).one_or_none()
if view: view.last_view_utc = int(time.time())
else: view = ViewerRelationship(viewer_id=v.id, user_id=u.id)
g.db.add(view)
g.db.commit()
2022-05-04 23:09:46 +00:00
try: page = max(int(request.values.get("page", "1")), 1)
except: page = 1
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
sort=request.values.get("sort","new")
t=request.values.get("t","all")
comment_post_author = aliased(User)
comments = g.db.query(Comment.id) \
.outerjoin(Comment.post) \
.outerjoin(comment_post_author, Submission.author) \
.filter(
Comment.author_id == u.id,
or_(Comment.parent_submission != None, Comment.wall_user_id != None),
)
2022-05-04 23:09:46 +00:00
if not v or (v.id != u.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']):
comments = comments.filter(
Comment.is_banned == False,
Comment.ghost == False,
2022-10-06 10:37:45 +00:00
Comment.deleted_utc == 0
)
2022-07-09 10:32:49 +00:00
comments = apply_time_filter(t, comments, Comment)
2022-05-04 23:09:46 +00:00
2022-10-12 08:05:26 +00:00
comments = sort_objects(sort, comments, Comment,
2022-10-13 04:10:34 +00:00
include_shadowbanned=(v and v.can_see_shadowbanned))
2022-05-04 23:09:46 +00:00
comments = comments.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE+1).all()
2022-05-04 23:09:46 +00:00
ids = [x.id for x in comments]
next_exists = (len(ids) > PAGE_SIZE)
ids = ids[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
listing = get_comments(ids, v=v)
2022-10-15 11:18:07 +00:00
if (v and v.client) or request.path.endswith(".json"):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
return {"data": [c.json(g.db) for c in listing]}
2023-01-01 11:36:20 +00:00
return render_template("userpage/comments.html", u=u, v=v, listing=listing, page=page, sort=sort, t=t,next_exists=next_exists, is_following=is_following, standalone=True)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/info")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def u_username_info(username, v=None):
user=get_user(username, v=v, include_blocks=True, include_shadowbanned=False)
2022-05-04 23:09:46 +00:00
if hasattr(user, 'is_blocking') and user.is_blocking:
2022-11-12 10:11:46 +00:00
abort(401, f"You're blocking @{user.username}")
2022-05-04 23:09:46 +00:00
elif hasattr(user, 'is_blocked') and user.is_blocked:
abort(403, f"@{user.username} is blocking you!")
2022-05-04 23:09:46 +00:00
return user.json
@app.get("/<int:id>/info")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def u_user_id_info(id, v=None):
user=get_account(id, v=v, include_blocks=True, include_shadowbanned=False)
2022-05-04 23:09:46 +00:00
if hasattr(user, 'is_blocking') and user.is_blocking:
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocking @{user.username}")
2022-05-04 23:09:46 +00:00
elif hasattr(user, 'is_blocked') and user.is_blocked:
abort(403, f"@{user.username} is blocking you!")
2022-05-04 23:09:46 +00:00
return user.json
@app.post("/follow/<username>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def follow_user(username, v):
target = get_user(username, v=v, include_shadowbanned=False)
2022-05-04 23:09:46 +00:00
2022-08-20 19:50:18 +00:00
if target.id==v.id:
abort(400, "You can't follow yourself!")
2022-05-04 23:09:46 +00:00
2022-08-20 19:50:18 +00:00
if g.db.query(Follow).filter_by(user_id=v.id, target_id=target.id).one_or_none():
return {"message": f"@{target.username} has been followed!"}
2022-05-04 23:09:46 +00:00
new_follow = Follow(user_id=v.id, target_id=target.id)
g.db.add(new_follow)
g.db.flush()
2022-05-09 11:21:49 +00:00
target.stored_subscriber_count = g.db.query(Follow).filter_by(target_id=target.id).count()
2022-05-04 23:09:46 +00:00
g.db.add(target)
if not v.shadowbanned:
send_notification(target.id, f"@{v.username} has followed you!")
2022-05-04 23:09:46 +00:00
return {"message": f"@{target.username} has been followed!"}
2022-05-04 23:09:46 +00:00
@app.post("/unfollow/<username>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def unfollow_user(username, v):
target = get_user(username)
if target.fish:
if not v.shadowbanned:
send_notification(target.id, f"@{v.username} has tried to unfollow you and failed because of your fish award!")
2022-11-12 10:11:46 +00:00
abort(400, f"You can't unfollow @{target.username}")
2022-05-04 23:09:46 +00:00
follow = g.db.query(Follow).filter_by(user_id=v.id, target_id=target.id).one_or_none()
if follow:
g.db.delete(follow)
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
g.db.flush()
2022-05-09 11:21:49 +00:00
target.stored_subscriber_count = g.db.query(Follow).filter_by(target_id=target.id).count()
2022-05-04 23:09:46 +00:00
g.db.add(target)
if not v.shadowbanned:
send_notification(target.id, f"@{v.username} has unfollowed you!")
2022-05-04 23:09:46 +00:00
else:
2023-02-27 00:48:19 +00:00
abort(400, f"You're not even following @{target.username} to begin with!")
2022-05-04 23:09:46 +00:00
return {"message": f"@{target.username} has been unfollowed!"}
2022-05-04 23:09:46 +00:00
@app.post("/remove_follow/<username>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
def remove_follow(username, v):
target = get_user(username)
follow = g.db.query(Follow).filter_by(user_id=target.id, target_id=v.id).one_or_none()
if not follow: return {"message": f"@{target.username} has been removed as a follower!"}
2022-05-04 23:09:46 +00:00
g.db.delete(follow)
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
g.db.flush()
2022-05-09 11:21:49 +00:00
v.stored_subscriber_count = g.db.query(Follow).filter_by(target_id=v.id).count()
2022-05-04 23:09:46 +00:00
g.db.add(v)
send_repeatable_notification(target.id, f"@{v.username} has removed your follow!")
return {"message": f"@{target.username} has been removed as a follower!"}
2022-05-04 23:09:46 +00:00
2023-01-25 03:18:17 +00:00
@app.get("/pp/<int:id>")
@app.get("/uid/<int:id>/pic")
@app.get("/uid/<int:id>/pic/profile")
2022-05-22 17:23:52 +00:00
@limiter.exempt
def user_profile_uid(id):
2023-01-25 03:18:17 +00:00
return redirect(get_profile_picture(id))
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/pic")
2022-05-22 17:23:52 +00:00
@limiter.exempt
def user_profile_name(username):
2023-01-25 03:18:17 +00:00
return redirect(get_profile_picture(username))
2022-05-04 23:09:46 +00:00
def get_saves_and_subscribes(v, template, relationship_cls, page:int, standalone=False):
if relationship_cls in {SaveRelationship, Subscription}:
query = relationship_cls.submission_id
join = relationship_cls.post
cls = Submission
2022-11-01 17:19:21 +00:00
elif relationship_cls is CommentSaveRelationship:
query = relationship_cls.comment_id
join = relationship_cls.comment
cls = Comment
else:
raise TypeError("Relationships supported is SaveRelationship, Subscription, CommentSaveRelationship")
ids = [x[0] for x in g.db.query(query).join(join).filter(relationship_cls.user_id == v.id).order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()]
next_exists = len(ids) > PAGE_SIZE
ids = ids[:PAGE_SIZE]
2022-11-25 21:43:35 +00:00
extra = None
2023-01-01 11:36:20 +00:00
if not v.admin_level >= PERMS['POST_COMMENT_MODERATION']:
2022-11-25 21:43:35 +00:00
extra = lambda q:q.filter(cls.is_banned == False, cls.deleted_utc == 0)
if cls is Submission:
2022-11-25 21:43:35 +00:00
listing = get_posts(ids, v=v, eager=True, extra=extra)
elif cls is Comment:
2022-11-25 21:43:35 +00:00
listing = get_comments(ids, v=v, extra=extra)
else:
raise TypeError("Only supports Submissions and Comments. This is probably the result of a bug with *this* function")
2023-01-01 11:36:20 +00:00
2022-11-15 09:28:39 +00:00
if v.client: return {"data": [x.json(g.db) for x in listing]}
return render_template(template, u=v, v=v, listing=listing, page=page, next_exists=next_exists, standalone=standalone)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/saved/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def saved_posts(v:User, username):
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
return get_saves_and_subscribes(v, "userpage/submissions.html", SaveRelationship, page, False)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/saved/comments")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def saved_comments(v:User, username):
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
return get_saves_and_subscribes(v, "userpage/comments.html", CommentSaveRelationship, page, True)
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/subscribed/posts")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@auth_required
2022-11-26 21:00:03 +00:00
def subscribed_posts(v:User, username):
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
return get_saves_and_subscribes(v, "userpage/submissions.html", Subscription, page, False)
2022-05-04 23:09:46 +00:00
@app.post("/fp/<fp>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-05-04 23:09:46 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def fp(v:User, fp):
2022-05-04 23:09:46 +00:00
v.fp = fp
users = g.db.query(User).filter(User.fp == fp, User.id != v.id).all()
2022-05-22 22:45:04 +00:00
if users: print(f'{v.username}: fp', flush=True)
2022-05-04 23:09:46 +00:00
if v.email and v.is_activated:
alts = g.db.query(User).filter(User.email == v.email, User.is_activated, User.id != v.id).all()
if alts:
2022-05-22 22:45:04 +00:00
print(f'{v.username}: email', flush=True)
2022-05-04 23:09:46 +00:00
users += alts
for u in users:
li = [v.id, u.id]
existing = g.db.query(Alt).filter(Alt.user1.in_(li), Alt.user2.in_(li)).one_or_none()
if existing: continue
2022-12-22 21:24:36 +00:00
add_alt(user1=v.id, user2=u.id)
2022-05-22 22:45:04 +00:00
print(v.username + ' + ' + u.username, flush=True)
2023-01-01 11:36:20 +00:00
2023-01-25 02:53:52 +00:00
check_for_alts(v, include_current_session=True)
2022-05-04 23:09:46 +00:00
g.db.add(v)
return '', 204
2022-07-13 17:31:35 +00:00
2022-07-13 19:32:28 +00:00
@app.get("/toggle_pins/<sort>")
@limiter.limit(DEFAULT_RATELIMIT)
2022-07-13 19:32:28 +00:00
def toggle_pins(sort):
if sort == 'hot': default = True
else: default = False
pins = session.get(sort, default)
session[sort] = not pins
2022-07-13 17:31:35 +00:00
if is_site_url(request.referrer):
return redirect(request.referrer)
return redirect('/')
2022-09-05 20:23:35 +00:00
2022-11-07 00:44:31 +00:00
@app.get("/toggle_holes")
@limiter.limit(DEFAULT_RATELIMIT)
2022-11-07 00:44:31 +00:00
def toggle_holes():
if SITE_NAME == 'WPD':
abort(404)
2022-11-07 00:44:31 +00:00
holes = session.get('holes', True)
session["holes"] = not holes
if is_site_url(request.referrer):
return redirect(request.referrer)
return redirect('/')
@app.get("/badge_owners/<int:bid>")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-09-05 20:23:35 +00:00
@auth_required
2022-11-26 21:00:03 +00:00
def bid_list(v:User, bid):
2022-09-05 20:23:35 +00:00
try: bid = int(bid)
except: abort(400)
try: page = int(request.values.get("page", 1))
except: page = 1
users = g.db.query(User).join(User.badges).filter(Badge.badge_id==bid).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-09-05 20:23:35 +00:00
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
2022-09-05 20:23:35 +00:00
return render_template("user_cards.html",
v=v,
users=users,
next_exists=next_exists,
page=page,
[DO NOT MERGE] titlesssssssssss (#468) * titles * testing * self * Revert "self" This reverts commit d6c12d5a5ba125feb44673f55e1fdac75f151cb5. * Revert "testing" This reverts commit 86d800f9fd552196b31f0e0b3891d4fc072a9bc0. * testing on devrama * rewrite the html head * reference error or smth idk * tempalte debug * template debug redux * default2 * rename default2 -> root, page title * fix settings2 * include the set_variables block * root scope variables 2 * test 3 * remove unnecessary set * add pagetitles to all settings2 pages * add pagetitle to casino * remove bloat * remove duplicate site name thingy * page titles 2 * page titles 3 * remove duplicate imports and add page titles everywhere iirc * ok but actually this time * remove unnecessary newlines * fix title lol * > * fsdfsfsfsfsfs * fsfs * template configurations * fix 500 * reduce login template bloat * move files and add status codes where needful * move authfroms to login * remove 2fa bloat * verification code * sign up fixes * readability * fssfsfsfs * move forgot password to login/ * readability * don't emit comments * add page titles where needful * gsgsgs * modals: move to respective pages * testing on devrama * get home garbage out of title * remove insane amount of icon duplication * sign up text * add votes pagetitle * fix blank lines * Revert "fix blank lines" This reverts commit b2c54339970725d00b6fc82bb458c1757909952c. * Fix blank lines on sign_up.html. * title: votes.html more meaningful identifier. * titles: Lottery, Directory, Notifications * head final in submission.html * fix missing comma * > * test * title: /comments * fsfsfsfsf * titles: user_cards * head: only load video and audio meta attributes if they actually exist * titlessssss: /admin/lottery/participants * titlessssssss: extra quote in search.html * titlessssss: userpage voters. * titties: /h/<sub>/{followers,blockers,exilees[sic]} * test banner * Revert "test banner" This reverts commit c3d875d03f3e60d72a60dab7d28bf108554a5826. * make submit.html inherit from default.html Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-21 08:52:22 +00:00
user_cards_title="Badge Owners",
2022-09-05 20:23:35 +00:00
)
2023-01-23 08:42:38 +00:00
tiers={
2023-01-23 10:19:32 +00:00
3: 1,
2023-01-23 08:42:38 +00:00
5: 1,
10: 2,
20: 3,
50: 4,
100: 5,
2023-02-25 22:07:26 +00:00
151: 5,
2023-01-23 08:42:38 +00:00
200: 6
}
def claim_rewards(v):
g.db.flush()
transactions = g.db.query(Transaction).filter_by(email=v.email, claimed=None).all()
highest_tier = 0
marseybux = 0
for transaction in transactions:
tier = tiers[transaction.amount]
2023-01-23 08:42:38 +00:00
marseybux += marseybux_li[tier]
2023-01-23 10:26:47 +00:00
if tier > highest_tier:
2023-01-23 08:42:38 +00:00
highest_tier = tier
transaction.claimed = True
g.db.add(transaction)
v.pay_account('marseybux', marseybux)
2023-02-01 18:41:52 +00:00
send_repeatable_notification(v.id, f"You have received {marseybux} Marseybux! You can use them to buy awards or hats in the [shop](/shop) or gamble them in the [casino](/casino).")
2023-01-23 08:42:38 +00:00
g.db.add(v)
2023-02-09 06:24:03 +00:00
v.patron_utc = time.time() + 2937600
2023-01-23 08:42:38 +00:00
if highest_tier > v.patron:
v.patron = highest_tier
for badge in g.db.query(Badge).filter(Badge.user_id == v.id, Badge.badge_id > 20, Badge.badge_id < 28).all():
g.db.delete(badge)
badge_grant(badge_id=20+highest_tier, user=v)
2023-02-03 03:05:16 +00:00
print(f'@{v.username} rewards claimed successfully!', flush=True)
2023-02-02 19:28:23 +00:00
def claim_rewards_all_users():
emails = [x[0] for x in g.db.query(Transaction.email).filter_by(claimed=None).all()]
users = g.db.query(User).filter(User.email.in_(emails)).all()
for user in users:
2023-02-02 20:09:08 +00:00
claim_rewards(user)
2023-02-02 19:28:23 +00:00
2023-02-01 19:49:39 +00:00
KOFI_TOKEN = environ.get("KOFI_TOKEN", "").strip()
if KOFI_TOKEN:
@app.post("/kofi")
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-01 19:49:39 +00:00
def kofi():
data = json.loads(request.values['data'])
verification_token = data['verification_token']
if verification_token != KOFI_TOKEN: abort(400)
id = data['kofi_transaction_id']
created_utc = int(time.mktime(time.strptime(data['timestamp'].split('.')[0], "%Y-%m-%dT%H:%M:%SZ")))
type = data['type']
amount = 0
try:
amount = int(float(data['amount']))
except:
abort(400, 'invalid amount')
email = data['email']
transaction = Transaction(
id=id,
created_utc=created_utc,
type=type,
amount=amount,
email=email
)
2023-01-23 08:42:38 +00:00
2023-02-01 19:49:39 +00:00
g.db.add(transaction)
2023-01-23 08:42:38 +00:00
2023-02-02 19:28:23 +00:00
claim_rewards_all_users()
2023-01-23 08:42:38 +00:00
2023-02-01 19:49:39 +00:00
return ''
2022-09-13 16:53:19 +00:00
@app.post("/gumroad")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
def gumroad():
data = request.values
ip = request.headers.get('CF-Connecting-IP')
2023-02-06 03:39:44 +00:00
if ip != '34.193.146.117':
print(f'\n\n\n★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★\n\n\n/gumroad fail: {ip}\n\n\n★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★★\n\n\n', flush=True)
abort(400)
id = data['sale_id']
created_utc = time.time()
type = data['recurrence']
2023-01-27 13:33:09 +00:00
amount = int(data['price']) / 100
email = data['email']
2023-02-22 17:27:33 +00:00
transaction = Transaction(
id=id,
created_utc=created_utc,
type=type,
amount=amount,
email=email
)
g.db.add(transaction)
2023-02-02 19:28:23 +00:00
claim_rewards_all_users()
return ''
2022-09-13 16:53:19 +00:00
2023-02-01 19:04:15 +00:00
@app.post("/settings/claim_rewards")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit(DEFAULT_RATELIMIT)
2023-02-26 01:42:39 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-09-13 16:53:19 +00:00
@auth_required
2023-02-02 19:28:23 +00:00
def settings_claim_rewards(v:User):
2022-09-13 16:53:19 +00:00
if not (v.email and v.is_activated):
abort(400, f"You must have a verified email to verify {patron} status and claim your rewards!")
2022-12-01 01:24:38 +00:00
2022-12-01 01:26:47 +00:00
transactions = g.db.query(Transaction).filter_by(email=v.email, claimed=None).all()
2023-01-01 11:36:20 +00:00
2022-12-01 01:24:38 +00:00
if not transactions:
2023-01-23 10:30:34 +00:00
abort(400, f"{patron} rewards already claimed!")
2022-09-13 16:53:19 +00:00
2023-01-23 08:42:38 +00:00
claim_rewards(v)
2022-09-18 00:28:09 +00:00
return {"message": f"{patron} rewards claimed!"}
2023-01-01 14:52:16 +00:00
@app.get("/users")
@limiter.limit(DEFAULT_RATELIMIT)
2023-01-21 04:39:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2023-01-01 14:52:16 +00:00
@auth_required
def users_list(v):
try: page = int(request.values.get("page", 1))
except: page = 1
users = g.db.query(User).order_by(User.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
return render_template("user_cards.html",
v=v,
users=users,
next_exists=next_exists,
page=page,
user_cards_title="Users Feed",
)