MarseyWorld/files/routes/admin.py

2244 lines
70 KiB
Python
Raw Normal View History

2022-05-04 23:09:46 +00:00
import time
2023-01-23 12:40:44 +00:00
from math import floor
2023-02-19 19:31:26 +00:00
import os
2023-10-03 07:43:39 +00:00
import ffmpeg
2024-01-07 21:46:22 +00:00
from random import randint
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
2023-05-05 03:52:53 +00:00
from sqlalchemy.orm import load_only
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.__main__ import app, cache, limiter
from files.classes import *
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
from files.classes.orgy import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.actions import *
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.cloudflare import *
from files.helpers.config.const import *
from files.helpers.slurs_and_profanities import censor_slurs_profanities
2022-05-04 23:09:46 +00:00
from files.helpers.get import *
2022-05-22 16:13:19 +00:00
from files.helpers.media import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.sanitize import *
from files.helpers.security import *
from files.helpers.settings import *
from files.helpers.useractions import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.routehelpers import check_for_alts
from files.routes.wrappers import *
from files.routes.routehelpers import get_alt_graph, get_alt_graph_ids
from files.routes.users import claim_rewards_all_users
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
2023-01-25 11:35:37 +00:00
from .front import frontlist, comment_idlist
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
2022-05-25 20:16:26 +00:00
@app.get('/admin/loggedin')
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
2022-05-25 20:16:26 +00:00
def loggedin_list(v):
2023-03-25 20:57:27 +00:00
ids = [x for x,val in cache.get('loggedin').items() if time.time()-val < LOGGEDIN_ACTIVE_TIME]
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.id.in_(ids)).order_by(User.admin_level.desc(), User.truescore.desc()).all()
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedin.html", v=v, users=users)
2022-05-25 20:16:26 +00:00
2022-05-26 20:31:08 +00:00
@app.get('/admin/loggedout')
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
2022-05-26 20:31:08 +00:00
def loggedout_list(v):
2023-03-25 20:57:27 +00:00
users = sorted([val[1] for x,val in cache.get('loggedout').items() if time.time()-val[0] < LOGGEDIN_ACTIVE_TIME])
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedout.html", v=v, users=users)
2022-05-04 23:09:46 +00:00
2023-05-12 15:27:46 +00:00
@app.get('/admin/dm_media')
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-05-12 15:27:46 +00:00
@admin_level_required(PERMS['ENABLE_DM_MEDIA'])
def dm_media(v):
2023-09-14 23:19:44 +00:00
with open(f"{LOG_DIRECTORY}/dm_media.log", "r") as f:
2023-01-27 12:24:39 +00:00
items=f.read().split("\n")[:-1]
total = len(items)
2023-01-27 12:24:39 +00:00
items = [x.split(", ") for x in items]
2023-02-22 14:36:52 +00:00
items.reverse()
2023-01-27 12:24:39 +00:00
2023-02-22 14:36:52 +00:00
try: page = int(request.values.get('page', 1))
except: page = 1
firstrange = PAGE_SIZE * (page - 1)
2023-05-05 00:50:36 +00:00
secondrange = firstrange + PAGE_SIZE
2023-02-22 14:43:39 +00:00
items = items[firstrange:secondrange]
2023-02-22 14:36:52 +00:00
2023-05-12 15:27:46 +00:00
return render_template("admin/dm_media.html", v=v, items=items, total=total, page=page)
@app.get('/admin/edit_rules')
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['EDIT_RULES'])
def edit_rules_get(v):
try:
2023-09-14 23:19:44 +00:00
with open(f'files/templates/rules_{SITE_NAME}.html', 'r') as f:
rules = f.read()
except:
rules = None
return render_template('admin/edit_rules.html', v=v, rules=rules)
@app.post('/admin/edit_rules')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
2023-08-06 07:30:34 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['EDIT_RULES'])
def edit_rules_post(v):
rules = request.values.get('rules', '').strip()
rules = sanitize(rules, blackjack="rules")
2023-09-14 23:19:44 +00:00
with open(f'files/templates/rules_{SITE_NAME}.html', 'w+') as f:
f.write(rules)
2023-08-11 21:50:23 +00:00
ma = ModAction(
kind="edit_rules",
user_id=v.id,
)
g.db.add(ma)
return {"message": "Rules edited successfully!"}
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/make_admin")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_ADD'])
2023-07-30 00:42:06 +00:00
def make_admin(v, username):
2022-05-04 23:09:46 +00:00
user = get_user(username)
2023-01-29 08:28:29 +00:00
user.admin_level = 1
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="make_admin",
user_id=v.id,
target_user_id=user.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) added you as an admin!")
return {"message": f"@{user.username} has been made admin!"}
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/remove_admin")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_REMOVE'])
2023-07-30 00:42:06 +00:00
def remove_admin(v, username):
2022-12-27 04:01:57 +00:00
if SITE == 'devrama.net':
abort(403, "You can't remove admins on devrama!")
2022-05-04 23:09:46 +00:00
user = get_user(username)
2022-12-09 05:58:44 +00:00
2023-01-20 01:31:51 +00:00
if user.admin_level > v.admin_level:
abort(403)
if user.admin_level:
user.admin_level = 0
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="remove_admin",
user_id=v.id,
target_user_id=user.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) removed you as an admin!")
return {"message": f"@{user.username} has been removed as admin!"}
2022-05-04 23:09:46 +00:00
2023-03-12 17:36:35 +00:00
@app.post("/distribute/<kind>/<int:option_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_BETS_DISTRIBUTE'])
2023-07-30 00:42:06 +00:00
def distribute(v, kind, option_id):
2023-06-07 23:26:32 +00:00
if kind == 'post': cls = PostOption
2023-03-12 17:36:35 +00:00
else: cls = CommentOption
2023-03-16 06:27:58 +00:00
option = g.db.get(cls, option_id)
2022-08-26 21:53:17 +00:00
2022-09-08 18:25:45 +00:00
if option.exclusive != 2: abort(403)
option.exclusive = 3
2023-03-16 06:27:58 +00:00
g.db.add(option)
2022-09-08 18:25:45 +00:00
2023-03-12 17:36:35 +00:00
parent = option.parent
2022-08-26 21:53:17 +00:00
pool = 0
2023-03-12 17:36:35 +00:00
for o in parent.options:
2022-09-30 15:38:47 +00:00
if o.exclusive >= 2: pool += o.upvotes
pool *= POLL_BET_COINS
2022-08-26 21:53:17 +00:00
votes = option.votes
2023-08-24 06:22:10 +00:00
if not votes:
abort(400, "Nobody voted on that, it can't be the winner!")
2022-08-26 21:53:17 +00:00
coinsperperson = int(pool / len(votes))
2023-03-12 17:36:35 +00:00
text = f"You won {coinsperperson} coins betting on {parent.permalink} :marseyparty:"
2023-02-24 02:28:10 +00:00
cid = notif_comment(text)
2022-08-26 21:53:17 +00:00
for vote in votes:
u = vote.user
u.pay_account('coins', coinsperperson)
2023-08-16 23:04:56 +00:00
add_notif(cid, u.id, text, pushnotif_url=parent.permalink)
2022-08-26 21:53:17 +00:00
2023-03-12 17:36:35 +00:00
text = f"You lost the {POLL_BET_COINS} coins you bet on {parent.permalink} :marseylaugh:"
2023-02-24 02:28:10 +00:00
cid = notif_comment(text)
2022-08-26 21:53:17 +00:00
losing_voters = []
2023-03-12 17:36:35 +00:00
for o in parent.options:
2022-09-23 12:09:33 +00:00
if o.exclusive == 2:
2022-08-26 21:53:17 +00:00
losing_voters.extend([x.user_id for x in o.votes])
for uid in losing_voters:
2023-08-16 23:04:56 +00:00
add_notif(cid, uid, text, pushnotif_url=parent.permalink)
2023-01-01 11:36:20 +00:00
2023-06-07 23:26:32 +00:00
if isinstance(parent, Post):
2023-03-12 17:36:35 +00:00
ma = ModAction(
kind="distribute",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=parent.id
2023-03-12 17:36:35 +00:00
)
else:
ma = ModAction(
kind="distribute",
user_id=v.id,
target_comment_id=parent.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-08-26 21:53:17 +00:00
return {"message": f"Each winner has received {coinsperperson} coins!"}
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/revert_actions")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['ADMIN_ACTIONS_REVERT'])
2023-07-30 00:42:06 +00:00
def revert_actions(v, username):
revertee = get_user(username)
2023-01-20 01:31:51 +00:00
if revertee.admin_level > v.admin_level:
abort(403)
ma = ModAction(
kind="revert",
user_id=v.id,
target_user_id=revertee.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
cutoff = int(time.time()) - 86400
2023-08-11 13:15:34 +00:00
posts = [x[0] for x in g.db.query(ModAction.target_post_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_post')]
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).filter(Post.id.in_(posts)).all()
2023-08-11 13:15:34 +00:00
comments = [x[0] for x in g.db.query(ModAction.target_comment_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_comment')]
2023-03-16 06:27:58 +00:00
comments = g.db.query(Comment).filter(Comment.id.in_(comments)).all()
for item in posts + comments:
item.is_banned = False
item.ban_reason = None
item.is_approved = v.id
2023-03-16 06:27:58 +00:00
g.db.add(item)
2023-08-11 13:15:34 +00:00
users = (x[0] for x in g.db.query(ModAction.target_user_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind.in_(('shadowban', 'ban_user'))))
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.id.in_(users)).all()
for user in users:
user.shadowbanned = None
2024-02-02 22:39:02 +00:00
user.unban_utc = None
user.ban_reason = None
user.shadowban_reason = None
if user.is_banned:
2022-12-13 22:02:53 +00:00
user.is_banned = None
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unbanned you!")
2023-03-16 06:27:58 +00:00
g.db.add(user)
for u in get_alt_graph(user.id):
u.shadowbanned = None
2024-02-02 22:39:02 +00:00
u.unban_utc = None
u.ban_reason = None
u.shadowban_reason = None
if u.is_banned:
2022-12-13 22:02:53 +00:00
u.is_banned = None
send_repeatable_notification(u.id, f"@{v.username} (a site admin) has unbanned you!")
2023-03-16 06:27:58 +00:00
g.db.add(u)
return {"message": f"@{revertee.username}'s admin actions have been reverted!"}
2022-05-04 23:09:46 +00:00
@app.get("/admin/shadowbanned")
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
2022-10-12 06:53:32 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
2022-05-04 23:09:46 +00:00
def shadowbanned(v):
2024-02-02 23:15:12 +00:00
sort = request.values.get("sort")
2024-02-02 23:15:12 +00:00
page = get_page()
users = g.db.query(User).filter(User.shadowbanned != None)
total = users.count()
if sort == "name":
key = User.username
elif sort == "truescore":
key = User.truescore.desc()
elif sort == "shadowban_reason":
key = User.ban_reason
elif sort == "shadowbanned_by":
key = User.shadowbanned
else:
sort = "last_active"
2024-02-02 23:26:26 +00:00
key = User.last_active.desc()
2024-02-02 23:15:12 +00:00
users = users.order_by(key).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
return render_template("admin/shadowbanned.html", v=v, users=users, sort=sort, total=total, page=page)
2022-05-04 23:09:46 +00:00
@app.get("/admin/image_posts")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def image_posts_listing(v):
try: page = int(request.values.get('page', 1))
except: page = 1
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).options(
load_only(Post.id, Post.url)
).order_by(Post.id.desc())
2023-05-05 03:52:53 +00:00
posts = [x.id for x in posts if x.is_image]
total = len(posts)
2022-05-04 23:09:46 +00:00
firstrange = PAGE_SIZE * (page - 1)
2023-05-05 03:52:53 +00:00
secondrange = firstrange + PAGE_SIZE
posts = posts[firstrange:secondrange]
posts = get_posts(posts, v=v)
2022-05-04 23:09:46 +00:00
return render_template("admin/image_posts.html", v=v, listing=posts, total=total, page=page, sort="new")
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/posts")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def reported_posts(v):
2023-05-05 05:23:59 +00:00
page = get_page()
2022-05-04 23:09:46 +00:00
listing = g.db.query(Post).distinct(Post.id).options(load_only(Post.id)).filter_by(
2023-05-05 05:14:03 +00:00
is_approved=None,
is_banned=False,
deleted_utc=0
2023-06-23 16:49:23 +00:00
).join(Post.reports)
2023-05-05 05:14:03 +00:00
total = listing.count()
2022-05-04 23:09:46 +00:00
2023-06-07 23:26:32 +00:00
listing = listing.order_by(Post.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
2022-05-04 23:09:46 +00:00
listing = [p.id for p in listing]
listing = get_posts(listing, v=v)
return render_template("admin/reported_posts.html",
total=total, listing=listing, page=page, v=v)
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/comments")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def reported_comments(v):
2023-05-05 05:23:59 +00:00
page = get_page()
2022-05-04 23:09:46 +00:00
listing = g.db.query(Comment).distinct(Comment.id).options(load_only(Comment.id)).filter_by(
2023-05-05 05:26:53 +00:00
is_approved=None,
is_banned=False,
deleted_utc=0
2023-06-23 16:49:23 +00:00
).join(Comment.reports)
2023-05-05 05:26:53 +00:00
total = listing.count()
2022-05-04 23:09:46 +00:00
2023-05-05 05:26:53 +00:00
listing = listing.order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
2022-05-04 23:09:46 +00:00
listing = [c.id for c in listing]
listing = get_comments(listing, v=v)
return render_template("admin/reported_comments.html",
total=total,
2022-09-04 23:15:37 +00:00
listing=listing,
page=page,
v=v,
standalone=True)
2022-05-04 23:09:46 +00:00
@app.get("/admin")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['ADMIN_HOME_VISIBLE'])
2022-05-04 23:09:46 +00:00
def admin_home(v):
2024-01-31 23:27:01 +00:00
if CLOUDFLARE_AVAILABLE:
under_attack = (requests.get(f"{CLOUDFLARE_API_URL}/zones/{CF_ZONE}/settings/security_level", headers=CF_HEADERS, timeout=CLOUDFLARE_REQUEST_TIMEOUT_SECS).json()['result']['value'] == "under_attack")
set_setting('under_attack', under_attack)
return render_template("admin/admin_home.html", v=v)
2022-05-04 23:09:46 +00:00
@app.post("/admin/site_settings/<setting>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['SITE_SETTINGS'])
2023-07-30 00:42:06 +00:00
def change_settings(v, setting):
2022-11-30 17:37:35 +00:00
if setting not in get_settings().keys():
abort(404, f"Setting '{setting}' not found")
2023-03-25 21:35:13 +00:00
if setting == "offline_mode" and v.admin_level < PERMS["SITE_OFFLINE_MODE"]:
abort(403, "You can't change this setting!")
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
val = toggle_setting(setting)
if val: word = 'enable'
2022-05-04 23:09:46 +00:00
else: word = 'disable'
2023-01-24 05:48:27 +00:00
if setting == "under_attack":
new_security_level = 'under_attack' if val else 'high'
if not set_security_level(new_security_level):
2023-02-09 04:00:37 +00:00
abort(400, f'Failed to {word} under attack mode')
2023-03-01 20:45:42 +00:00
ma = ModAction(
kind=f"{word}_{setting}",
user_id=v.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-01-24 05:48:27 +00:00
2022-11-30 17:37:35 +00:00
return {'message': f"{setting.replace('_', ' ').title()} {word}d successfully!"}
2022-05-04 23:09:46 +00:00
2022-11-06 05:28:44 +00:00
@app.post("/admin/clear_cloudflare_cache")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
2022-11-06 05:28:44 +00:00
def clear_cloudflare_cache(v):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if not clear_entire_cache():
2022-11-06 05:28:44 +00:00
abort(400, 'Failed to clear cloudflare cache!')
2022-05-04 23:09:46 +00:00
ma = ModAction(
2022-11-06 05:28:44 +00:00
kind="clear_cloudflare_cache",
2022-05-04 23:09:46 +00:00
user_id=v.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-11-06 05:28:44 +00:00
return {"message": "Cloudflare cache cleared!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/claim_rewards_all_users")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CLAIM_REWARDS_ALL_USERS'])
def admin_claim_rewards_all_users(v):
claim_rewards_all_users()
return {"message": "User rewards claimed!"}
def admin_badges_grantable_list(v):
2023-03-16 06:27:58 +00:00
query = g.db.query(BadgeDef)
2022-11-30 21:15:07 +00:00
2023-01-22 08:04:49 +00:00
if BADGE_BLACKLIST and v.admin_level < PERMS['IGNORE_BADGE_BLACKLIST']:
2022-12-07 19:03:06 +00:00
query = query.filter(BadgeDef.id.notin_(BADGE_BLACKLIST))
2022-11-30 21:15:07 +00:00
badge_types = query.order_by(BadgeDef.id).all()
return badge_types
@app.get("/admin/badge_grant")
@app.get("/admin/badge_remove")
@feature_required('BADGES')
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_BADGES'])
def badge_grant_get(v):
grant = request.path.endswith("grant")
badge_types = admin_badges_grantable_list(v)
return render_template("admin/badge_admin.html", v=v,
badge_types=badge_types, grant=grant)
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_grant")
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
2022-05-04 23:09:46 +00:00
def badge_grant_post(v):
badges = admin_badges_grantable_list(v)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
usernames = request.values.get("usernames", "").strip()
if not usernames:
2023-08-11 21:50:23 +00:00
abort(400, "You must enter usernames!")
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
for username in usernames.split():
user = get_user(username)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
try: badge_id = int(request.values.get("badge_id"))
except: abort(400)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
if badge_id not in [b.id for b in badges]:
abort(403, "You can't grant this badge!")
2023-08-03 04:42:58 +00:00
description = request.values.get("description")
2023-08-05 19:36:32 +00:00
url = request.values.get("url", "").strip()
if badge_id in {63,74,149,178,180,240,241,242,248,286,291,293} and not url:
2023-08-05 19:36:32 +00:00
abort(400, "This badge requires a url!")
2023-08-03 04:42:58 +00:00
if url:
if '\\' in url: abort(400)
if url.startswith(f'{SITE_FULL}/'):
url = url.split(SITE_FULL, 1)[1]
2023-08-05 19:51:01 +00:00
else:
url = None
2023-03-17 17:59:55 +00:00
2023-08-03 04:42:58 +00:00
existing = user.has_badge(badge_id)
if existing:
if url or description:
existing.url = url
existing.description = description
g.db.add(existing)
2023-08-04 13:16:05 +00:00
continue
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
new_badge = Badge(
badge_id=badge_id,
user_id=user.id,
url=url,
description=description
)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
g.db.add(new_badge)
g.db.flush()
2023-01-01 11:36:20 +00:00
2023-08-03 04:42:58 +00:00
if v.id != user.id:
text = f"@{v.username} (a site admin) has given you the following profile badge:\n\n{new_badge.path}\n\n**{new_badge.name}**\n\n{new_badge.badge.description}"
2023-10-13 20:02:17 +00:00
if new_badge.description:
2023-10-13 20:07:14 +00:00
text += f'\n\n> {new_badge.description}'
2023-10-13 20:02:17 +00:00
if new_badge.url:
2023-10-13 20:07:14 +00:00
text += f'\n\n> {new_badge.url}'
2023-08-03 04:42:58 +00:00
send_repeatable_notification(user.id, text)
2023-10-13 19:49:09 +00:00
note = new_badge.name
if new_badge.description:
note += f' - {new_badge.description}'
2023-10-13 20:02:17 +00:00
if new_badge.url:
note += f' - {new_badge.url}'
2023-10-13 19:49:09 +00:00
2023-08-03 04:42:58 +00:00
ma = ModAction(
kind="badge_grant",
user_id=v.id,
target_user_id=user.id,
2023-10-13 19:49:09 +00:00
_note=note,
2023-08-03 04:42:58 +00:00
)
g.db.add(ma)
2023-08-11 21:50:23 +00:00
return {"message": "Badge granted to users successfully!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_remove")
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
2022-05-04 23:09:46 +00:00
def badge_remove_post(v):
badges = admin_badges_grantable_list(v)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
usernames = request.values.get("usernames", "").strip()
if not usernames:
2023-08-11 21:50:23 +00:00
abort(400, "You must enter usernames!")
2023-08-03 04:42:58 +00:00
for username in usernames.split():
user = get_user(username)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
try: badge_id = int(request.values.get("badge_id"))
except: abort(400)
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
if badge_id not in [b.id for b in badges]:
abort(403)
2023-08-03 04:42:58 +00:00
badge = user.has_badge(badge_id)
2023-08-04 16:15:51 +00:00
if not badge: continue
2022-05-04 23:09:46 +00:00
2023-08-03 04:42:58 +00:00
if v.id != user.id:
text = f"@{v.username} (a site admin) has removed the following profile badge from you:\n\n{badge.path}\n\n**{badge.name}**\n\n{badge.badge.description}"
send_repeatable_notification(user.id, text)
2022-09-13 10:27:09 +00:00
2023-08-03 04:42:58 +00:00
ma = ModAction(
kind="badge_remove",
user_id=v.id,
target_user_id=user.id,
_note=badge.name
)
g.db.add(ma)
g.db.delete(badge)
2023-08-11 21:50:23 +00:00
return {"message": "Badge removed from users successfully!"}
2022-05-04 23:09:46 +00:00
@app.get("/admin/alt_votes")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['VIEW_ALT_VOTES'])
2022-05-04 23:09:46 +00:00
def alt_votes_get(v):
u1 = request.values.get("u1")
u2 = request.values.get("u2")
if not u1 or not u2:
return render_template("admin/alt_votes.html", v=v)
u1 = get_user(u1)
u2 = get_user(u2)
2023-03-16 06:27:58 +00:00
u1_post_ups = g.db.query(
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
2022-05-04 23:09:46 +00:00
user_id=u1.id,
vote_type=1).all()
2023-03-16 06:27:58 +00:00
u1_post_downs = g.db.query(
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
2022-05-04 23:09:46 +00:00
user_id=u1.id,
vote_type=-1).all()
2023-03-16 06:27:58 +00:00
u1_comment_ups = g.db.query(
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=1).all()
2023-03-16 06:27:58 +00:00
u1_comment_downs = g.db.query(
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=-1).all()
2023-03-16 06:27:58 +00:00
u2_post_ups = g.db.query(
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
2022-05-04 23:09:46 +00:00
user_id=u2.id,
vote_type=1).all()
2023-03-16 06:27:58 +00:00
u2_post_downs = g.db.query(
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
2022-05-04 23:09:46 +00:00
user_id=u2.id,
vote_type=-1).all()
2023-03-16 06:27:58 +00:00
u2_comment_ups = g.db.query(
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=1).all()
2023-03-16 06:27:58 +00:00
u2_comment_downs = g.db.query(
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=-1).all()
data = {}
data['u1_only_post_ups'] = len(
[x for x in u1_post_ups if x not in u2_post_ups])
data['u2_only_post_ups'] = len(
[x for x in u2_post_ups if x not in u1_post_ups])
data['both_post_ups'] = len(list(set(u1_post_ups) & set(u2_post_ups)))
data['u1_only_post_downs'] = len(
[x for x in u1_post_downs if x not in u2_post_downs])
data['u2_only_post_downs'] = len(
[x for x in u2_post_downs if x not in u1_post_downs])
data['both_post_downs'] = len(
list(set(u1_post_downs) & set(u2_post_downs)))
data['u1_only_comment_ups'] = len(
[x for x in u1_comment_ups if x not in u2_comment_ups])
data['u2_only_comment_ups'] = len(
[x for x in u2_comment_ups if x not in u1_comment_ups])
data['both_comment_ups'] = len(
list(set(u1_comment_ups) & set(u2_comment_ups)))
data['u1_only_comment_downs'] = len(
[x for x in u1_comment_downs if x not in u2_comment_downs])
data['u2_only_comment_downs'] = len(
[x for x in u2_comment_downs if x not in u1_comment_downs])
data['both_comment_downs'] = len(
list(set(u1_comment_downs) & set(u2_comment_downs)))
data['u1_post_ups_unique'] = 100 * \
data['u1_only_post_ups'] // len(u1_post_ups) if u1_post_ups else 0
data['u2_post_ups_unique'] = 100 * \
data['u2_only_post_ups'] // len(u2_post_ups) if u2_post_ups else 0
data['u1_post_downs_unique'] = 100 * \
data['u1_only_post_downs'] // len(
u1_post_downs) if u1_post_downs else 0
data['u2_post_downs_unique'] = 100 * \
data['u2_only_post_downs'] // len(
u2_post_downs) if u2_post_downs else 0
data['u1_comment_ups_unique'] = 100 * \
data['u1_only_comment_ups'] // len(
u1_comment_ups) if u1_comment_ups else 0
data['u2_comment_ups_unique'] = 100 * \
data['u2_only_comment_ups'] // len(
u2_comment_ups) if u2_comment_ups else 0
data['u1_comment_downs_unique'] = 100 * \
data['u1_only_comment_downs'] // len(
u1_comment_downs) if u1_comment_downs else 0
data['u2_comment_downs_unique'] = 100 * \
data['u2_only_comment_downs'] // len(
u2_comment_downs) if u2_comment_downs else 0
return render_template("admin/alt_votes.html",
2022-09-04 23:15:37 +00:00
u1=u1,
u2=u2,
v=v,
data=data
)
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.get("/admin/alts/")
@app.get("/@<username>/alts/")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@admin_level_required(PERMS['USER_LINK'])
2023-07-30 00:42:06 +00:00
def admin_view_alts(v, username=None):
2023-01-24 10:32:06 +00:00
u = get_user(username or request.values.get('username'), graceful=True)
return render_template('admin/alts.html', v=v, u=u, alts=u.alts if u else None)
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.post('/@<username>/alts/')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['USER_LINK'])
2023-07-30 00:42:06 +00:00
def admin_add_alt(v, username):
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user1 = get_user(username)
user2 = get_user(request.values.get('other_username'))
if user1.id == user2.id: abort(400, "Can't add the same account as alts of each other")
ids = [user1.id, user2.id]
2023-03-16 06:27:58 +00:00
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
2023-02-18 15:19:14 +00:00
if a: abort(409, f"@{user1.username} and @{user2.username} are already known alts!")
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
a = Alt(
user1=user1.id,
user2=user2.id,
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
is_manual=True,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(a)
2022-05-04 23:09:46 +00:00
cache.delete_memoized(get_alt_graph_ids, user1.id)
cache.delete_memoized(get_alt_graph_ids, user2.id)
2023-01-25 02:53:52 +00:00
check_for_alts(user1)
check_for_alts(user2)
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
ma = ModAction(
2023-02-18 15:19:14 +00:00
kind=f"link_accounts",
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user_id=v.id,
target_user_id=user1.id,
2023-02-18 15:19:14 +00:00
_note=f'with @{user2.username}'
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-02-18 15:19:14 +00:00
return {"message": f"Linked @{user1.username} and @{user2.username} successfully!"}
2023-02-18 14:55:18 +00:00
@app.post('/@<username>/alts/<int:other>/deleted')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@admin_level_required(PERMS['USER_LINK'])
2023-07-30 00:42:06 +00:00
def admin_delink_relink_alt(v, username, other):
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user1 = get_user(username)
user2 = get_account(other)
ids = [user1.id, user2.id]
2023-03-16 06:27:58 +00:00
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
if not a: abort(404)
2023-03-16 06:27:58 +00:00
g.db.delete(a)
2022-05-04 23:09:46 +00:00
2023-06-23 11:45:17 +00:00
cache.delete_memoized(get_alt_graph_ids, user1.id)
cache.delete_memoized(get_alt_graph_ids, user2.id)
check_for_alts(user1)
check_for_alts(user2)
2022-05-04 23:09:46 +00:00
ma = ModAction(
2023-02-18 14:55:18 +00:00
kind=f"delink_accounts",
2022-05-04 23:09:46 +00:00
user_id=v.id,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
target_user_id=user1.id,
2023-02-18 14:55:18 +00:00
_note=f'from @{user2.username}'
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
2023-02-18 14:55:18 +00:00
return {"message": f"Delinked @{user1.username} and @{user2.username} successfully!"}
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/posts")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_removed(v):
2023-05-05 05:23:59 +00:00
page = get_page()
2022-05-04 23:09:46 +00:00
2023-06-07 23:26:32 +00:00
listing = g.db.query(Post).options(load_only(Post.id)).join(Post.author).filter(
or_(Post.is_banned==True, User.shadowbanned != None))
2023-05-05 21:45:25 +00:00
total = listing.count()
2023-06-07 23:26:32 +00:00
listing = listing.order_by(Post.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
listing = [x.id for x in listing]
posts = get_posts(listing, v=v)
2022-05-04 23:09:46 +00:00
return render_template("admin/removed_posts.html",
2022-09-04 23:15:37 +00:00
v=v,
listing=posts,
page=page,
total=total
2022-09-04 23:15:37 +00:00
)
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/comments")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_removed_comments(v):
2023-05-05 05:23:59 +00:00
page = get_page()
2023-01-01 11:36:20 +00:00
listing = g.db.query(Comment).options(load_only(Comment.id)).join(Comment.author).filter(
or_(Comment.is_banned==True, User.shadowbanned != None))
2023-05-05 21:45:25 +00:00
total = listing.count()
listing = listing.order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
listing = [x.id for x in listing]
comments = get_comments(listing, v=v)
2023-05-05 21:45:25 +00:00
2022-05-04 23:09:46 +00:00
return render_template("admin/removed_comments.html",
2022-09-04 23:15:37 +00:00
v=v,
listing=comments,
page=page,
total=total
2022-09-04 23:15:37 +00:00
)
2022-05-04 23:09:46 +00:00
2023-07-11 17:57:59 +00:00
@app.post("/unchud_user/<fullname>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-06-23 11:07:47 +00:00
@admin_level_required(PERMS['USER_CHUD'])
2023-07-11 17:57:59 +00:00
def unchud(fullname, v):
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
user = post.author
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
user = comment.author
else:
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
2022-05-04 23:09:46 +00:00
if not user.chudded_by:
2023-10-13 19:01:04 +00:00
abort(403, "Jannies can't undo chud awards!")
2023-06-23 11:07:47 +00:00
user.chud = 0
user.chud_phrase = None
user.chudded_by = None
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-05-04 23:09:46 +00:00
ma = ModAction(
2022-11-07 01:47:27 +00:00
kind="unchud",
2022-05-04 23:09:46 +00:00
user_id=v.id,
target_user_id=user.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
2023-05-03 16:06:14 +00:00
badge = user.has_badge(58)
2023-03-16 06:27:58 +00:00
if badge: g.db.delete(badge)
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unchudded you.")
2022-05-04 23:09:46 +00:00
2022-11-05 02:01:45 +00:00
return {"message": f"@{user.username} has been unchudded!"}
2022-05-04 23:09:46 +00:00
@app.post("/shadowban/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_SHADOWBAN'])
2022-05-04 23:09:46 +00:00
def shadowban(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
if user.admin_level > v.admin_level:
abort(403)
2022-12-13 18:50:38 +00:00
user.shadowbanned = v.id
reason = request.values.get("reason", "").strip()
2022-12-28 09:31:27 +00:00
if not reason:
abort(400, "You need to submit a reason for shadowbanning!")
if len(reason) > 256:
abort(400, "Shadowban reason is too long (max 256 characters)")
2022-12-27 04:24:25 +00:00
reason = filter_emojis_only(reason)
if len(reason) > 256:
2024-02-14 09:34:49 +00:00
abort(400, "Ban reason is too long (max 256 characters)")
user.shadowban_reason = reason
2023-03-16 06:27:58 +00:00
g.db.add(user)
2023-01-25 02:53:52 +00:00
check_for_alts(user)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="shadowban",
user_id=v.id,
target_user_id=user.id,
_note=f'reason: "{reason}"'
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
return {"message": f"@{user.username} has been shadowbanned!"}
2022-05-04 23:09:46 +00:00
@app.post("/unshadowban/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_SHADOWBAN'])
2022-05-04 23:09:46 +00:00
def unshadowban(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
2022-05-04 23:09:46 +00:00
user.shadowbanned = None
user.shadowban_reason = None
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-12-22 20:03:40 +00:00
for alt in get_alt_graph(user.id):
2022-05-04 23:09:46 +00:00
alt.shadowbanned = None
alt.shadowban_reason = None
2023-03-16 06:27:58 +00:00
g.db.add(alt)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="unshadowban",
user_id=v.id,
target_user_id=user.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
return {"message": f"@{user.username} has been unshadowbanned!"}
2022-05-04 23:09:46 +00:00
2023-10-04 12:29:41 +00:00
@app.post("/admin/change_flair/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-10-04 12:29:41 +00:00
@admin_level_required(PERMS['USER_CHANGE_FLAIR'])
def admin_change_flair(user_id, v):
2022-05-04 23:09:46 +00:00
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
2022-05-04 23:09:46 +00:00
new_flair = request.values.get("flair", "").strip()
if len(new_flair) > 256:
abort(400, "New flair is too long (max 256 characters)")
2022-05-04 23:09:46 +00:00
2023-10-05 10:39:12 +00:00
user.flair = new_flair
2023-10-04 12:29:41 +00:00
new_flair = filter_emojis_only(new_flair)
new_flair = censor_slurs_profanities(new_flair, None)
2022-05-04 23:09:46 +00:00
2023-07-27 19:47:46 +00:00
user = get_account(user.id)
2023-10-05 10:39:12 +00:00
user.flair_html = new_flair
2023-05-13 04:53:14 +00:00
if request.values.get("locked"):
user.flairchanged = int(time.time()) + 2629746
badge_grant(user=user, badge_id=96)
2022-05-04 23:09:46 +00:00
else:
2023-05-13 02:00:54 +00:00
user.flairchanged = 0
2022-05-04 23:09:46 +00:00
badge = user.has_badge(96)
2023-03-16 06:27:58 +00:00
if badge: g.db.delete(badge)
2022-05-04 23:09:46 +00:00
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-05-04 23:09:46 +00:00
if user.flairchanged: kind = "set_flair_locked"
else: kind = "set_flair_notlocked"
2023-01-01 11:36:20 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind=kind,
user_id=v.id,
target_user_id=user.id,
2023-10-04 12:29:41 +00:00
_note=f'"{new_flair}"'
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if user.flairchanged:
2023-10-05 10:39:12 +00:00
message = f"@{v.username} (a site admin) has locked your flair to `{user.flair}`."
else:
2023-10-05 10:39:12 +00:00
message = f"@{v.username} (a site admin) has changed your flair to `{user.flair}`. You can change it back in the settings."
2023-02-22 17:27:33 +00:00
send_repeatable_notification(user.id, message)
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s flair has been changed!"}
2022-05-04 23:09:46 +00:00
2023-07-11 17:57:59 +00:00
@app.post("/ban_user/<fullname>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
2023-07-11 17:57:59 +00:00
def ban_user(fullname, v):
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
user = post.author
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
user = comment.author
else:
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
2022-05-04 23:09:46 +00:00
2022-10-11 13:48:49 +00:00
if user.admin_level > v.admin_level:
abort(403)
2022-05-04 23:09:46 +00:00
2023-06-29 19:51:32 +00:00
if user.is_permabanned:
abort(403, f"@{user.username} is already banned permanently!")
2022-10-15 11:02:02 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
2022-05-04 23:09:46 +00:00
if days < 0:
abort(400, "You can't bans people for negative days!")
reason = request.values.get("reason", "").strip()
2022-12-28 09:31:27 +00:00
if not reason:
abort(400, "You need to submit a reason for banning!")
2022-05-04 23:09:46 +00:00
if len(reason) > 256:
abort(400, "Ban reason is too long (max 256 characters)")
2022-12-27 04:32:53 +00:00
reason = filter_emojis_only(reason)
if len(reason) > 256:
abort(400, "Rendered ban reason is too long!")
2022-12-27 04:32:53 +00:00
reason = reason_regex_post.sub(r'<a href="\1">\1</a>', reason)
reason = reason_regex_comment.sub(r'<a href="\1#context">\1</a>', reason)
2022-12-30 16:10:29 +00:00
2022-10-15 11:02:02 +00:00
duration = "permanently"
2022-05-04 23:09:46 +00:00
if days:
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
2022-10-15 11:02:02 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
if reason: text = f"@{v.username} (a site admin) has banned you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (a site admin) has banned you for **{days_txt}** days."
2022-05-04 23:09:46 +00:00
else:
if reason: text = f"@{v.username} (a site admin) has banned you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (a site admin) has banned you permanently."
2022-05-04 23:09:46 +00:00
user.ban(admin=v, reason=reason, days=days)
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, text)
if request.values.get("alts"):
for x in get_alt_graph(user.id):
if x.admin_level > v.admin_level:
continue
x.ban(admin=v, reason=reason, days=days)
send_repeatable_notification(x.id, text)
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}, reason: "{reason}"'
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="ban_user",
user_id=v.id,
target_user_id=user.id,
_note=note
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if 'reason' in request.values:
2023-09-08 19:51:59 +00:00
reason = request.values["reason"]
if reason.startswith("/post/"):
2023-09-08 19:57:15 +00:00
try: post_id = int(reason.split("/post/")[1].split(None, 1)[0])
2022-07-28 14:23:38 +00:00
except: abort(400)
2023-09-08 19:57:15 +00:00
actual_reason = reason.split(str(post_id))[1].strip()
post = get_post(post_id)
2023-10-07 17:55:50 +00:00
if post.hole != 'chudrama':
2023-03-15 02:13:39 +00:00
post.bannedfor = f'{duration} by @{v.username}'
2023-09-08 19:57:15 +00:00
if actual_reason:
post.bannedfor += f' for "{actual_reason}"'
2023-03-16 06:27:58 +00:00
g.db.add(post)
2023-09-08 19:51:59 +00:00
elif reason.startswith("/comment/"):
2023-09-08 19:57:15 +00:00
try: comment_id = int(reason.split("/comment/")[1].split(None, 1)[0])
2022-07-28 14:23:38 +00:00
except: abort(400)
2023-09-08 19:57:15 +00:00
actual_reason = reason.split(str(comment_id))[1].strip()
comment = get_comment(comment_id)
comment.bannedfor = f'{duration} by @{v.username}'
2023-09-08 19:57:15 +00:00
if actual_reason:
comment.bannedfor += f' for "{actual_reason}"'
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
return {"message": f"@{user.username} has been banned {duration}!"}
2022-05-04 23:09:46 +00:00
2023-07-11 17:57:59 +00:00
@app.post("/chud_user/<fullname>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-06-23 11:07:47 +00:00
@admin_level_required(PERMS['USER_CHUD'])
2023-07-11 17:57:59 +00:00
def chud(fullname, v):
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
user = post.author
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
comment.chudded = True
g.db.add(comment)
user = comment.author
else:
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
2022-11-05 02:12:17 +00:00
if user.admin_level > v.admin_level:
abort(403)
2023-06-23 11:07:47 +00:00
if user.chud == 1:
abort(403, f"@{user.username} is already chudded permanently!")
2022-11-05 02:12:17 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
if days < 0:
abort(400, "You can't chud people for negative days!")
2022-11-05 02:12:17 +00:00
reason = request.values.get("reason", "").strip()
2022-12-27 04:32:53 +00:00
reason = filter_emojis_only(reason)
reason = reason_regex_post.sub(r'<a href="\1">\1</a>', reason)
reason = reason_regex_comment.sub(r'<a href="\1#context">\1</a>', reason)
2022-12-30 16:10:29 +00:00
2022-11-05 02:12:17 +00:00
if days:
2023-06-23 11:07:47 +00:00
if user.chud:
user.chud += days * 86400
else:
2023-06-23 11:07:47 +00:00
user.chud = int(time.time()) + (days * 86400)
2023-03-24 11:51:25 +00:00
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
2022-11-05 02:12:17 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
else:
2023-06-23 11:07:47 +00:00
user.chud = 1
2023-03-24 11:51:25 +00:00
duration = "permanently"
2022-11-05 02:12:17 +00:00
2024-02-14 16:02:34 +00:00
user.chud_phrase = request.values.get("chud_phrase").strip().lower()
2023-03-21 11:03:27 +00:00
2023-03-24 11:51:25 +00:00
text = f"@{v.username} (a site admin) has chudded you **{duration}**"
if reason: text += f" for the following reason:\n\n> {reason}"
2023-06-23 11:07:47 +00:00
text += f"\n\n**You now have to say this phrase in all posts and comments you make {duration}:**\n\n> {user.chud_phrase}"
user.chudded_by = v.id
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-11-08 03:37:14 +00:00
2022-11-05 02:12:17 +00:00
send_repeatable_notification(user.id, text)
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}'
if reason: note += f', reason: "{reason}"'
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-11-07 01:47:27 +00:00
kind="chud",
2022-11-05 02:12:17 +00:00
user_id=v.id,
target_user_id=user.id,
_note=note
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-11-05 02:12:17 +00:00
badge_grant(user=user, badge_id=58)
2022-11-07 05:43:25 +00:00
2022-11-05 02:12:17 +00:00
if 'reason' in request.values:
2023-09-08 19:51:59 +00:00
reason = request.values["reason"]
if reason.startswith("/post/"):
try: post = int(reason.split("/post/")[1].split(None, 1)[0])
2022-11-05 02:12:17 +00:00
except: abort(400)
post = get_post(post)
2023-10-07 17:55:50 +00:00
if post.hole == 'chudrama':
2022-12-10 13:06:30 +00:00
abort(403, "You can't chud people in /h/chudrama")
2022-11-05 02:12:17 +00:00
post.chuddedfor = f'{duration} by @{v.username}'
2023-03-16 06:27:58 +00:00
g.db.add(post)
2023-09-08 19:51:59 +00:00
elif reason.startswith("/comment/"):
try: comment = int(reason.split("/comment/")[1].split(None, 1)[0])
2022-11-05 02:12:17 +00:00
except: abort(400)
comment = get_comment(comment)
2023-11-20 16:25:18 +00:00
if comment.parent_post and comment.post.hole == 'chudrama':
2022-12-10 13:06:30 +00:00
abort(403, "You can't chud people in /h/chudrama")
2022-11-05 02:12:17 +00:00
comment.chuddedfor = f'{duration} by @{v.username}'
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-11-05 02:12:17 +00:00
return {"message": f"@{user.username} has been chudded {duration}!"}
2022-11-05 02:12:17 +00:00
2023-07-11 17:57:59 +00:00
@app.post("/unban_user/<fullname>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
2023-07-11 17:57:59 +00:00
def unban_user(fullname, v):
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
user = post.author
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
user = comment.author
else:
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
if not user.is_banned:
abort(400)
2022-05-04 23:09:46 +00:00
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and user.ban_reason and user.ban_reason.startswith('1-Day ban award'):
abort(403, "You can't undo a ban award!")
2022-12-13 22:02:53 +00:00
user.is_banned = None
2024-02-02 22:39:02 +00:00
user.unban_utc = None
user.ban_reason = None
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unbanned you!")
2023-03-16 06:27:58 +00:00
g.db.add(user)
2022-05-04 23:09:46 +00:00
for x in get_alt_graph(user.id):
if x.is_banned: send_repeatable_notification(x.id, f"@{v.username} (a site admin) has unbanned you!")
2022-12-13 22:02:53 +00:00
x.is_banned = None
2024-02-02 22:39:02 +00:00
x.unban_utc = None
x.ban_reason = None
2023-03-16 06:27:58 +00:00
g.db.add(x)
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="unban_user",
user_id=v.id,
target_user_id=user.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
return {"message": f"@{user.username} has been unbanned!"}
2022-05-04 23:09:46 +00:00
2022-11-12 09:11:31 +00:00
@app.post("/mute_user/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_BAN'])
2023-07-30 00:42:06 +00:00
def mute_user(v, user_id):
user = get_account(user_id)
2022-11-12 09:11:31 +00:00
if not user.is_muted:
user.is_muted = True
2022-11-12 09:11:31 +00:00
ma = ModAction(
2023-08-03 21:07:57 +00:00
kind='mute_user',
2022-11-12 09:11:31 +00:00
user_id=v.id,
target_user_id=user.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(user)
g.db.add(ma)
2023-01-24 04:53:07 +00:00
check_for_alts(user)
2022-11-12 09:11:31 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has muted you!")
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been muted!"}
@app.post("/unmute_user/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-11-12 09:11:31 +00:00
@admin_level_required(PERMS['USER_BAN'])
2023-07-30 00:42:06 +00:00
def unmute_user(v, user_id):
2022-11-12 09:11:31 +00:00
user = get_account(user_id)
if user.is_muted:
user.is_muted = False
2022-11-12 09:11:31 +00:00
ma = ModAction(
2023-08-03 21:07:57 +00:00
kind='unmute_user',
2022-11-12 09:11:31 +00:00
user_id=v.id,
target_user_id=user.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(user)
g.db.add(ma)
for x in get_alt_graph(user.id):
if x.is_muted:
x.is_muted = False
g.db.add(x)
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unmuted you!")
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been unmuted!"}
2023-01-25 11:35:37 +00:00
@app.post("/admin/progstack/post/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-01-23 12:40:44 +00:00
@admin_level_required(PERMS['PROGSTACK'])
2023-01-25 11:35:37 +00:00
def progstack_post(post_id, v):
2023-01-23 12:40:44 +00:00
post = get_post(post_id)
post.is_approved = PROGSTACK_ID
2023-01-23 12:44:30 +00:00
post.realupvotes = floor(post.realupvotes * PROGSTACK_MUL)
2023-03-16 06:27:58 +00:00
g.db.add(post)
2023-01-25 11:35:37 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2023-01-25 11:35:37 +00:00
kind="progstack_post",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
2023-01-25 11:35:37 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-01-25 11:35:37 +00:00
2023-01-23 12:40:44 +00:00
cache.delete_memoized(frontlist)
2023-01-25 11:35:37 +00:00
return {"message": "Progressive stack applied on post!"}
2023-02-19 14:02:30 +00:00
@app.post("/admin/unprogstack/post/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-02-19 14:02:30 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def unprogstack_post(post_id, v):
post = get_post(post_id)
post.is_approved = None
2023-03-16 06:27:58 +00:00
g.db.add(post)
2023-02-19 14:02:30 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2023-02-19 14:02:30 +00:00
kind="unprogstack_post",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
2023-02-19 14:02:30 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-02-19 14:02:30 +00:00
return {"message": "Progressive stack removed from post!"}
2023-01-25 11:35:37 +00:00
@app.post("/admin/progstack/comment/<int:comment_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-01-25 11:35:37 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def progstack_comment(comment_id, v):
comment = get_comment(comment_id)
comment.is_approved = PROGSTACK_ID
comment.realupvotes = floor(comment.realupvotes * PROGSTACK_MUL)
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2023-01-25 11:35:37 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2023-01-25 11:35:37 +00:00
kind="progstack_comment",
user_id=v.id,
target_comment_id=comment.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-01-25 11:35:37 +00:00
cache.delete_memoized(comment_idlist)
return {"message": "Progressive stack applied on comment!"}
2022-05-04 23:09:46 +00:00
2023-02-19 14:02:30 +00:00
@app.post("/admin/unprogstack/comment/<int:comment_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-02-19 14:02:30 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def unprogstack_comment(comment_id, v):
comment = get_comment(comment_id)
comment.is_approved = None
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2023-02-19 14:02:30 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2023-02-19 14:02:30 +00:00
kind="unprogstack_comment",
user_id=v.id,
target_comment_id=comment.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-02-19 14:02:30 +00:00
return {"message": "Progressive stack removed from comment!"}
@app.post("/remove_post/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
def remove_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.is_approved = None
2023-09-29 01:24:36 +00:00
2022-11-19 14:24:32 +00:00
if not FEATURES['AWARDS'] or not post.stickied or not post.stickied.endswith(PIN_AWARD_TEXT):
post.stickied = None
2023-09-29 01:24:36 +00:00
post.stickied_utc = None
2022-10-24 17:43:14 +00:00
post.is_pinned = False
2022-05-04 23:09:46 +00:00
post.ban_reason = v.username
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="ban_post",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
cache.delete(f'post_{post.id}_{sort}')
2022-05-04 23:09:46 +00:00
return {"message": "Post removed!"}
@app.post("/approve_post/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
def approve_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-05-04 23:09:46 +00:00
2023-10-31 18:15:10 +00:00
if post.chudded and post.ban_reason == 'AutoJanny':
abort(400, "You can't bypass the chud award!")
2022-05-04 23:09:46 +00:00
if post.is_banned:
2024-01-31 21:56:32 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="unban_post",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
post.is_banned = False
post.ban_reason = None
post.is_approved = v.id
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
cache.delete(f'post_{post.id}_{sort}')
2022-05-04 23:09:46 +00:00
return {"message": "Post approved!"}
@app.post("/distinguish/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 04:19:11 +00:00
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
2022-08-11 04:05:23 +00:00
def distinguish_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-05-04 23:09:46 +00:00
if post.distinguish_level:
post.distinguish_level = 0
kind = 'undistinguish_post'
else:
post.distinguish_level = v.admin_level
kind = 'distinguish_post'
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind=kind,
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if post.distinguish_level: return {"message": "Post distinguished!"}
else: return {"message": "Post undistinguished!"}
@app.post("/sticky/<int:post_id>")
2022-10-11 07:29:24 +00:00
@feature_required('PINS')
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-11-14 15:11:05 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def sticky_post(post_id, v):
post = get_post(post_id)
2023-01-24 10:24:27 +00:00
if post.is_banned:
abort(403, "Can't sticky removed posts!")
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and post.stickied and post.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
abort(403, "Can't pin award pins!")
2023-06-07 23:26:32 +00:00
pins = g.db.query(Post).filter(Post.stickied != None, Post.is_banned == False).count()
2022-10-14 18:28:20 +00:00
if not post.stickied_utc:
post.stickied_utc = int(time.time()) + 3600
2022-10-14 18:28:20 +00:00
pin_time = 'for 1 hour'
code = 200
if v.id != post.author_id:
2024-02-12 16:34:06 +00:00
send_repeatable_notification(post.author_id, f"@{v.username} (a site admin) has pinned [{post.title}]({post.shortlink})")
2022-10-14 18:28:20 +00:00
else:
if pins >= PIN_LIMIT + 1:
abort(403, f"Can't exceed {PIN_LIMIT} pinned posts limit!")
post.stickied_utc = None
2022-10-14 18:28:46 +00:00
pin_time = 'permanently'
code = 201
2022-10-14 18:28:20 +00:00
post.stickied = v.username
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-10-14 18:28:20 +00:00
kind="pin_post",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
2022-10-14 18:28:20 +00:00
_note=pin_time
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-10-14 18:28:20 +00:00
cache.delete_memoized(frontlist)
2022-05-04 23:09:46 +00:00
return {"message": f"Post pinned {pin_time}!"}, code
2022-05-04 23:09:46 +00:00
@app.post("/unsticky/<int:post_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def unsticky_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-09-30 22:40:02 +00:00
if post.stickied:
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and post.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
2023-01-24 10:24:27 +00:00
abort(403, "Can't unpin award pins!")
2022-05-04 23:09:46 +00:00
post.stickied = None
post.stickied_utc = None
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
2024-01-31 21:56:32 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="unpin_post",
user_id=v.id,
2023-06-07 23:26:32 +00:00
target_post_id=post.id
2022-05-04 23:09:46 +00:00
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if v.id != post.author_id:
2024-02-12 16:34:06 +00:00
send_repeatable_notification(post.author_id, f"@{v.username} (a site admin) has unpinned [{post.title}]({post.shortlink})")
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
return {"message": "Post unpinned!"}
@app.post("/sticky_comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def sticky_comment(cid, v):
comment = get_comment(cid, v=v)
2023-01-24 10:24:27 +00:00
if comment.is_banned:
abort(403, "Can't sticky removed comments!")
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and comment.stickied and comment.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
2023-01-24 10:24:27 +00:00
abort(403, "Can't pin award pins!")
2022-05-04 23:09:46 +00:00
2022-05-26 23:08:23 +00:00
if not comment.stickied:
comment.stickied = v.username
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
2024-01-31 21:56:32 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="pin_comment",
user_id=v.id,
target_comment_id=comment.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if v.id != comment.author_id:
message = f"@{v.username} (a site admin) has pinned your [comment]({comment.shortlink})"
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
2023-12-04 13:29:57 +00:00
comment.pin_parents()
2022-05-04 23:09:46 +00:00
return {"message": "Comment pinned!"}
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
@app.post("/unsticky_comment/<int:cid>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def unsticky_comment(cid, v):
comment = get_comment(cid, v=v)
2023-01-01 11:36:20 +00:00
2022-05-26 23:08:23 +00:00
if comment.stickied:
2023-01-25 01:07:49 +00:00
if FEATURES['AWARDS'] and comment.stickied.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
2023-01-24 10:24:27 +00:00
abort(403, "Can't unpin award pins!")
2022-05-04 23:09:46 +00:00
2022-05-26 23:08:23 +00:00
comment.stickied = None
2023-09-29 01:24:36 +00:00
comment.stickied_utc = None
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
2024-01-31 21:56:32 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="unpin_comment",
user_id=v.id,
target_comment_id=comment.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if v.id != comment.author_id:
message = f"@{v.username} (a site admin) has unpinned your [comment]({comment.shortlink})"
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
2023-12-04 13:29:57 +00:00
comment.unpin_parents()
2022-05-04 23:09:46 +00:00
return {"message": "Comment unpinned!"}
@app.post("/remove_comment/<int:c_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-08-11 04:05:23 +00:00
def remove_comment(c_id, v):
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
2022-05-04 23:09:46 +00:00
comment.is_banned = True
comment.is_approved = None
comment.ban_reason = v.username
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="ban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
if comment.parent_post:
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
cache.delete(f'post_{comment.parent_post}_{sort}')
2022-05-04 23:09:46 +00:00
return {"message": "Comment removed!"}
@app.post("/approve_comment/<int:c_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-08-11 04:05:23 +00:00
def approve_comment(c_id, v):
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
2023-01-01 11:36:20 +00:00
2023-10-31 18:15:10 +00:00
if comment.chudded and comment.ban_reason == 'AutoJanny':
abort(400, "You can't bypass the chud award!")
2022-05-04 23:09:46 +00:00
if comment.is_banned:
2024-01-31 21:56:32 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="unban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
comment.is_banned = False
comment.ban_reason = None
comment.is_approved = v.id
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
if comment.parent_post:
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
cache.delete(f'post_{comment.parent_post}_{sort}')
2022-05-04 23:09:46 +00:00
return {"message": "Comment approved!"}
@app.post("/distinguish_comment/<int:c_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-10-06 04:19:11 +00:00
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
2022-05-04 23:09:46 +00:00
def admin_distinguish_comment(c_id, v):
comment = get_comment(c_id, v=v)
if comment.distinguish_level:
comment.distinguish_level = 0
kind = 'undistinguish_comment'
else:
comment.distinguish_level = v.admin_level
kind = 'distinguish_comment'
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind=kind,
user_id=v.id,
target_comment_id=comment.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
if comment.distinguish_level: return {"message": "Comment distinguished!"}
else: return {"message": "Comment undistinguished!"}
@app.get("/admin/banned_domains/")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['DOMAINS_BAN'])
2022-05-04 23:09:46 +00:00
def admin_banned_domains(v):
2023-03-16 06:27:58 +00:00
banned_domains = g.db.query(BannedDomain) \
2023-09-02 07:35:27 +00:00
.order_by(BannedDomain.created_utc).all()
2023-08-11 21:50:23 +00:00
return render_template("admin/banned_domains.html", v=v, banned_domains=banned_domains)
2022-05-04 23:09:46 +00:00
2022-12-30 16:24:20 +00:00
@app.post("/admin/ban_domain")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-12-30 16:24:20 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
def ban_domain(v):
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
domain = request.values.get("domain", "").strip().lower()
2022-12-30 16:24:20 +00:00
if not domain: abort(400)
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
reason = request.values.get("reason", "").strip()
2022-12-30 16:24:20 +00:00
if not reason: abort(400, 'Reason is required!')
2022-12-30 16:24:20 +00:00
if len(reason) > 100:
2024-02-14 09:34:49 +00:00
abort(400, 'Reason is too long (max 100 characters)')
2023-03-16 06:27:58 +00:00
existing = g.db.get(BannedDomain, domain)
2022-12-30 16:24:20 +00:00
if not existing:
d = BannedDomain(domain=domain, reason=reason)
2023-03-16 06:27:58 +00:00
g.db.add(d)
2022-12-30 16:24:20 +00:00
ma = ModAction(
kind="ban_domain",
user_id=v.id,
_note=filter_emojis_only(f'{domain}, reason: {reason}')
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
2023-08-11 21:50:23 +00:00
return {"message": "Domain banned successfully!"}
2022-05-04 23:09:46 +00:00
2022-10-20 22:14:25 +00:00
2022-12-30 16:24:20 +00:00
@app.post("/admin/unban_domain/<path:domain>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2022-12-30 16:24:20 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
2023-07-30 00:42:06 +00:00
def unban_domain(v, domain):
2023-03-16 06:27:58 +00:00
existing = g.db.get(BannedDomain, domain)
2022-12-30 16:24:20 +00:00
if not existing: abort(400, 'Domain is not banned!')
2023-01-01 11:36:20 +00:00
2023-03-16 06:27:58 +00:00
g.db.delete(existing)
2022-12-30 16:24:20 +00:00
ma = ModAction(
kind="unban_domain",
user_id=v.id,
_note=filter_emojis_only(domain)
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-12-30 16:24:20 +00:00
return {"message": f"{domain} has been unbanned!"}
2022-10-20 22:14:25 +00:00
2022-05-04 23:09:46 +00:00
@app.post("/admin/nuke_user")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_nuke_user(v):
2023-08-23 21:57:39 +00:00
user = get_user(request.values.get("user"))
2022-05-04 23:09:46 +00:00
2023-08-05 19:26:42 +00:00
for post in g.db.query(Post).filter_by(author_id=user.id):
2022-05-04 23:09:46 +00:00
if post.is_banned:
continue
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.ban_reason = v.username
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
2023-08-05 19:26:42 +00:00
for comment in g.db.query(Comment).filter_by(author_id=user.id):
2022-05-04 23:09:46 +00:00
if comment.is_banned:
continue
comment.is_banned = True
comment.ban_reason = v.username
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="nuke_user",
user_id=v.id,
target_user_id=user.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been removed!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/unnuke_user")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_nunuke_user(v):
2023-08-23 21:57:39 +00:00
user = get_user(request.values.get("user"))
2022-05-04 23:09:46 +00:00
2023-08-05 19:26:42 +00:00
for post in g.db.query(Post).filter_by(author_id=user.id):
2022-05-04 23:09:46 +00:00
if not post.is_banned:
continue
2023-01-01 11:36:20 +00:00
2022-05-04 23:09:46 +00:00
post.is_banned = False
post.ban_reason = None
2022-07-12 20:00:19 +00:00
post.is_approved = v.id
2023-03-16 06:27:58 +00:00
g.db.add(post)
2022-05-04 23:09:46 +00:00
2023-08-05 19:26:42 +00:00
for comment in g.db.query(Comment).filter_by(author_id=user.id):
2022-05-04 23:09:46 +00:00
if not comment.is_banned:
continue
comment.is_banned = False
comment.ban_reason = None
2022-07-12 20:00:19 +00:00
comment.is_approved = v.id
2023-03-16 06:27:58 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2022-05-04 23:09:46 +00:00
kind="unnuke_user",
user_id=v.id,
target_user_id=user.id,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2022-05-04 23:09:46 +00:00
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been approved!"}
@app.post("/blacklist/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_BLACKLIST'])
def blacklist_user(user_id, v):
user = get_account(user_id)
if user.admin_level > v.admin_level:
abort(403)
user.blacklisted_by = v.id
2023-03-16 06:27:58 +00:00
g.db.add(user)
check_for_alts(user)
ma = ModAction(
kind="blacklist_user",
user_id=v.id,
target_user_id=user.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
return {"message": f"@{user.username} has been blacklisted from restricted holes!"}
@app.post("/unblacklist/<int:user_id>")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['USER_BLACKLIST'])
def unblacklist_user(user_id, v):
user = get_account(user_id)
user.blacklisted_by = None
2023-03-16 06:27:58 +00:00
g.db.add(user)
for alt in get_alt_graph(user.id):
alt.blacklisted_by = None
2023-03-16 06:27:58 +00:00
g.db.add(alt)
ma = ModAction(
kind="unblacklist_user",
user_id=v.id,
target_user_id=user.id
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
return {"message": f"@{user.username} has been unblacklisted from restricted holes!"}
2023-02-19 19:31:26 +00:00
@app.get('/admin/delete_media')
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-02-19 19:31:26 +00:00
@admin_level_required(PERMS['DELETE_MEDIA'])
def delete_media_get(v):
return render_template("admin/delete_media.html", v=v)
@app.post("/admin/delete_media")
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit("50/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("50/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-02-19 19:31:26 +00:00
@admin_level_required(PERMS['DELETE_MEDIA'])
def delete_media_post(v):
url = request.values.get("url")
if not url:
2023-08-11 21:50:23 +00:00
abort(400, "No url provided!")
2023-02-19 19:31:26 +00:00
2023-08-17 00:07:13 +00:00
if not image_link_regex.fullmatch(url) and not video_link_regex.fullmatch(url) and not asset_image_link_regex.fullmatch(url):
2023-08-17 00:07:29 +00:00
abort(400, "Invalid url")
2023-02-19 19:31:26 +00:00
2023-03-25 15:07:12 +00:00
path = url.split(SITE)[1]
2023-02-19 19:31:26 +00:00
2023-06-26 18:02:15 +00:00
if path.startswith('/1'):
path = '/videos' + path
2023-08-17 00:07:13 +00:00
if path.startswith('/assets/images'):
path = 'files' + path.split('?x=')[0]
2023-02-19 19:31:26 +00:00
if not os.path.isfile(path):
2023-08-11 21:50:23 +00:00
abort(400, "File not found on the server!")
2023-02-19 19:31:26 +00:00
2023-03-25 15:07:12 +00:00
os.remove(path)
2023-02-19 19:31:26 +00:00
2023-10-17 18:11:57 +00:00
to_delete = g.db.query(Post.thumburl, Post.posterurl).filter_by(url=url).all()
2023-10-17 18:19:41 +00:00
for tup in to_delete:
for extra_url in tup:
if extra_url:
remove_media_using_link(extra_url)
purge_files_in_cloudflare_cache(extra_url)
2023-10-17 18:11:57 +00:00
2023-08-23 21:57:39 +00:00
ma = ModAction(
2023-02-19 19:31:26 +00:00
kind="delete_media",
user_id=v.id,
_note=url,
)
2023-03-16 06:27:58 +00:00
g.db.add(ma)
2023-02-19 19:31:26 +00:00
2023-09-15 00:07:17 +00:00
purge_files_in_cloudflare_cache(url)
2023-08-11 21:50:23 +00:00
return {"message": "Media deleted successfully!"}
2023-06-30 16:39:24 +00:00
@app.post("/admin/reset_password/<int:user_id>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
2023-06-30 16:39:24 +00:00
@admin_level_required(PERMS['USER_RESET_PASSWORD'])
def admin_reset_password(user_id, v):
user = get_account(user_id)
2024-01-07 21:46:22 +00:00
new_password = secrets.token_urlsafe(randint(27, 33))
2023-06-30 16:39:24 +00:00
user.passhash = hash_password(new_password)
g.db.add(user)
ma = ModAction(
kind="reset_password",
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
text = f"At your request, @{v.username} (a site admin) has reset your password to `{new_password}`, please change this to something else for personal security reasons. And be sure to save it this time, retard."
send_repeatable_notification(user.id, text)
2023-12-18 19:34:38 +00:00
text = f"@{user.username}'s new password is `{new_password}`"
2023-12-18 19:31:29 +00:00
send_repeatable_notification(v.id, text)
2024-01-02 18:22:50 +00:00
return {"message": f"@{user.username}'s password has been reset! The new password has been messaged to them and to you!"}
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
2023-10-13 15:56:12 +00:00
@app.get("/admin/orgies")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@admin_level_required(PERMS['ORGIES'])
def orgy_control(v):
2023-10-13 15:56:12 +00:00
orgies = g.db.query(Orgy).order_by(Orgy.start_utc).all()
return render_template("admin/orgy_control.html", v=v, orgies=orgies)
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@app.post("/admin/schedule_orgy")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@admin_level_required(PERMS['ORGIES'])
def schedule_orgy(v):
2023-08-16 20:13:24 +00:00
link = request.values.get("link", "").strip()
title = request.values.get("title", "").strip()
start_utc = request.values.get("start_utc", "").strip()
2023-08-16 20:13:24 +00:00
if not link:
abort(400, "A link is required!")
if not title:
abort(400, "A title is required!")
normalized_link = normalize_url(link)
if start_utc:
start_utc = int(start_utc)
2023-10-13 15:56:12 +00:00
redir = '/admin/orgies'
else:
start_utc = int(time.time())
2023-10-13 14:59:44 +00:00
redir = '/chat'
2023-10-17 20:56:27 +00:00
end_utc = None
2023-09-29 03:59:38 +00:00
if bare_youtube_regex.match(normalized_link):
2023-08-16 20:13:24 +00:00
orgy_type = 'youtube'
data, _ = get_youtube_id_and_t(normalized_link)
2023-09-29 03:59:38 +00:00
elif rumble_regex.match(normalized_link):
2023-08-16 20:13:24 +00:00
orgy_type = 'rumble'
data = normalized_link
2023-09-29 03:59:38 +00:00
elif twitch_regex.match(normalized_link):
2023-08-16 20:13:24 +00:00
orgy_type = 'twitch'
2023-09-29 03:59:38 +00:00
data = twitch_regex.search(normalized_link).group(3)
2023-09-13 17:44:19 +00:00
elif any((normalized_link.lower().endswith(f'.{x}') for x in VIDEO_FORMATS)):
2023-08-16 20:13:24 +00:00
orgy_type = 'file'
data = normalized_link
2023-10-18 13:28:01 +00:00
video_info = ffmpeg.probe(data, headers=f'referer:{SITE_FULL}/chat')
2023-10-17 20:56:27 +00:00
duration = float(video_info['streams'][0]['duration'])
if duration == 2.0: raise
2023-10-14 19:31:52 +00:00
if duration > 3000:
duration += 300 #account for break
end_utc = int(start_utc + duration)
else:
2023-10-17 20:56:27 +00:00
abort(400)
2023-08-16 20:13:24 +00:00
orgy = Orgy(
title=title,
type=orgy_type,
2023-10-03 07:43:39 +00:00
data=data,
start_utc=start_utc,
2023-10-03 07:43:39 +00:00
end_utc=end_utc,
2023-08-16 20:13:24 +00:00
)
g.db.add(orgy)
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
2023-10-05 16:28:17 +00:00
ma = ModAction(
kind="schedule_orgy",
2023-10-05 16:28:17 +00:00
user_id=v.id,
_note=data,
)
g.db.add(ma)
2023-10-13 14:59:44 +00:00
return redirect(redir)
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
2023-10-13 15:56:12 +00:00
@app.post("/admin/remove_orgy/<int:created_utc>")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@admin_level_required(PERMS['ORGIES'])
2023-10-13 15:56:12 +00:00
def remove_orgy(v, created_utc):
orgy = g.db.query(Orgy).filter_by(created_utc=created_utc).one()
2023-10-05 16:28:17 +00:00
ma = ModAction(
2023-10-13 15:56:12 +00:00
kind="remove_orgy",
2023-10-05 16:28:17 +00:00
user_id=v.id,
_note=orgy.data,
)
g.db.add(ma)
2023-10-13 15:56:12 +00:00
started = orgy.started
2023-10-12 21:20:53 +00:00
g.db.delete(orgy)
g.db.commit()
2023-10-13 15:56:12 +00:00
if started:
requests.post('http://localhost:5001/refresh_chat', headers={"Host": SITE})
2023-10-05 16:28:17 +00:00
2023-08-11 21:50:23 +00:00
return {"message": "Orgy stopped successfully!"}
2023-10-18 18:17:50 +00:00
@app.get("/admin/insert_transaction")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['INSERT_TRANSACTION'])
def insert_transaction(v):
return render_template("admin/insert_transaction.html", v=v)
@app.post("/admin/insert_transaction")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['INSERT_TRANSACTION'])
def insert_transaction_post(v):
type = request.values.get("type", "").strip()
id = request.values.get("id", "").strip()
amount = request.values.get("amount", "").strip()
username = request.values.get("username", "").strip()
2024-02-03 03:13:35 +00:00
if type not in {'BMAC', 'BTC', 'ETH', 'XMR'}:
2023-10-18 18:17:50 +00:00
abort(400, "Invalid transaction currency!")
2024-02-03 03:13:35 +00:00
if type == 'BMAC':
id = 'BMAC-' + str(int(time.time()))
2023-10-18 18:17:50 +00:00
if not id:
abort(400, "A transaction ID is required!")
if not amount:
abort(400, "A transaction amount is required!")
if not username:
abort(400, "A username is required!")
amount = int(amount)
existing = g.db.get(Transaction, id)
if existing:
abort(400, "This transaction is already registered!")
2023-10-18 18:17:50 +00:00
user = get_user(username)
if not user.email:
abort(400, f"@{user.username} doesn't have an email tied to their account!")
transaction = Transaction(
id=id,
created_utc=time.time(),
type=type,
amount=amount,
email=user.email,
)
g.db.add(transaction)
ma = ModAction(
kind="insert_transaction",
user_id=v.id,
target_user_id=user.id,
_note=f'Transaction ID: {id}',
)
g.db.add(ma)
claim_rewards_all_users()
return {"message": "Transaction inserted successfully!"}
2024-01-31 23:27:01 +00:00
@app.get("/admin/under_siege")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CHANGE_UNDER_SIEGE'])
def change_under_siege(v):
thresholds = cache.get("under_siege_thresholds")
if not thresholds:
thresholds = DEFAULT_UNDER_SIEGE_THRESHOLDS
cache.set("under_siege_thresholds", thresholds)
return render_template('admin/under_siege.html', v=v, thresholds=thresholds)
@app.post("/admin/under_siege")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CHANGE_UNDER_SIEGE'])
def change_under_siege_post(v):
thresholds = {}
for key in DEFAULT_UNDER_SIEGE_THRESHOLDS.keys():
thresholds[key] = int(request.values.get(key))
cache.set("under_siege_thresholds", thresholds)
ma = ModAction(
kind="change_under_siege",
user_id=v.id,
)
g.db.add(ma)
2024-01-31 23:27:01 +00:00
return {"message": "Thresholds changed successfully!"}
2024-02-06 01:19:38 +00:00
if FEATURES['IP_LOGGING']:
@app.get("/@<username>/ips/")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['VIEW_IPS'])
def view_user_ips(v, username):
u = get_user(username, v=v)
ip_logs = g.db.query(IPLog).filter_by(user_id=u.id).order_by(IPLog.last_used.desc())
return render_template('admin/user_ips.html', v=v, u=u, ip_logs=ip_logs)
@app.get("/ip_users/<ip>")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['VIEW_IPS'])
def view_ip_users(v, ip):
ip_logs = g.db.query(IPLog).filter_by(ip=ip).order_by(IPLog.last_used.desc())
return render_template('admin/ip_users.html', v=v, ip=ip, ip_logs=ip_logs)
2024-02-06 22:04:43 +00:00
@app.post("/mark_effortpost/<int:pid>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['MARK_EFFORTPOST'])
def mark_effortpost(pid, v):
p = get_post(pid)
if p.effortpost:
abort(400, "Post is already marked as an effortpost!")
p.effortpost = True
g.db.add(p)
ma = ModAction(
kind = "mark_effortpost",
user_id = v.id,
target_post_id = p.id,
)
g.db.add(ma)
if SITE_NAME == 'WPD':
2024-02-07 23:47:02 +00:00
mul = 7
2024-02-06 22:04:43 +00:00
else:
2024-02-07 23:47:02 +00:00
mul = 3
2024-02-06 22:04:43 +00:00
coins = (p.upvotes + p.downvotes) * mul
2024-02-06 23:45:30 +00:00
p.author.pay_account('coins', coins)
2024-02-06 22:04:43 +00:00
send_repeatable_notification(p.author_id, f":marseyclapping: @{v.username} (a site admin) has marked [{p.title}](/post/{p.id}) as an effortpost, it now gets x{mul} coins from votes. You have received {coins} coins retroactively, thanks! :!marseyclapping:")
return {"message": "Post has been marked as an effortpost!"}
@app.post("/unmark_effortpost/<int:pid>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['MARK_EFFORTPOST'])
def unmark_effortpost(pid, v):
p = get_post(pid)
if not p.effortpost:
abort(400, "Post is already not marked as an effortpost!")
p.effortpost = False
g.db.add(p)
ma = ModAction(
kind = "unmark_effortpost",
user_id = v.id,
target_post_id = p.id,
)
g.db.add(ma)
if SITE_NAME == 'WPD':
2024-02-07 23:47:02 +00:00
mul = 7
2024-02-06 22:04:43 +00:00
else:
2024-02-07 23:47:02 +00:00
mul = 3
2024-02-06 22:04:43 +00:00
coins = (p.upvotes + p.downvotes) * mul
2024-02-06 23:45:30 +00:00
p.author.charge_account('coins', coins)
2024-02-06 22:04:43 +00:00
send_repeatable_notification(p.author_id, f":marseyitsover: @{v.username} (a site admin) has unmarked [{p.title}](/post/{p.id}) as an effortpost. {coins} coins have been deducted from you. :!marseyitsover:")
return {"message": "Post has been unmarked as an effortpost!"}