MarseyWorld/files/routes/admin.py

1526 lines
43 KiB
Python
Raw Normal View History

2022-05-04 23:09:46 +00:00
import time
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from urllib.parse import quote, urlencode
from files.__main__ import app, cache, limiter
from files.classes import *
from files.helpers.actions import *
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.cloudflare import *
from files.helpers.const import *
2022-05-04 23:09:46 +00:00
from files.helpers.get import *
2022-05-22 16:13:19 +00:00
from files.helpers.media import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.sanitize import *
from files.helpers.security import *
2022-11-30 17:37:35 +00:00
from files.helpers.settings import get_settings, toggle_setting
from files.helpers.useractions import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.routehelpers import check_for_alts
from files.routes.wrappers import *
2022-05-04 23:09:46 +00:00
from .front import frontlist
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
2022-05-04 23:09:46 +00:00
@app.post('/kippy')
2022-10-06 03:26:39 +00:00
@admin_level_required(PERMS['PRINT_MARSEYBUX_FOR_KIPPY_ON_PCMEMES'])
def kippy(v):
if SITE != 'pcmemes.net': abort(404)
2022-06-24 13:19:53 +00:00
kippy = get_account(KIPPY_ID)
kippy.pay_account('marseybux', 50000)
g.db.add(kippy)
return '50k marseybux printed!'
2022-05-25 20:16:26 +00:00
@app.get('/admin/loggedin')
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
2022-05-25 20:16:26 +00:00
def loggedin_list(v):
2022-06-20 20:25:03 +00:00
ids = [x for x,val in cache.get(f'{SITE}_loggedin').items() if time.time()-val < LOGGEDIN_ACTIVE_TIME]
2022-11-07 07:03:58 +00:00
users = g.db.query(User).filter(User.id.in_(ids)).order_by(User.admin_level.desc(), User.truescore.desc()).all()
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedin.html", v=v, users=users)
2022-05-25 20:16:26 +00:00
2022-05-26 20:31:08 +00:00
@app.get('/admin/loggedout')
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
2022-05-26 20:31:08 +00:00
def loggedout_list(v):
2022-06-20 20:25:03 +00:00
users = sorted([val[1] for x,val in cache.get(f'{SITE}_loggedout').items() if time.time()-val[0] < LOGGEDIN_ACTIVE_TIME])
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedout.html", v=v, users=users)
2022-05-04 23:09:46 +00:00
@app.get('/admin/merge/<id1>/<id2>')
@admin_level_required(PERMS['USER_MERGE'])
2022-05-04 23:09:46 +00:00
def merge(v, id1, id2):
if v.id != AEVANN_ID: abort(403)
if time.time() - session.get('verified', 0) > 3:
session.pop("lo_user", None)
path = request.path
qs = urlencode(dict(request.values))
argval = quote(f"{path}?{qs}", safe='')
return redirect(f"/login?redirect={argval}")
user1 = get_account(id1)
user2 = get_account(id2)
awards = g.db.query(AwardRelationship).filter_by(user_id=user2.id)
comments = g.db.query(Comment).filter_by(author_id=user2.id)
submissions = g.db.query(Submission).filter_by(author_id=user2.id)
badges = g.db.query(Badge).filter_by(user_id=user2.id)
mods = g.db.query(Mod).filter_by(user_id=user2.id)
exiles = g.db.query(Exile).filter_by(user_id=user2.id)
for award in awards:
award.user_id = user1.id
g.db.add(award)
for comment in comments:
comment.author_id = user1.id
g.db.add(comment)
for submission in submissions:
submission.author_id = user1.id
g.db.add(submission)
for badge in badges:
if not user1.has_badge(badge.badge_id):
badge.user_id = user1.id
g.db.add(badge)
g.db.flush()
2022-05-04 23:09:46 +00:00
for mod in mods:
if not user1.mods(mod.sub):
mod.user_id = user1.id
g.db.add(mod)
g.db.flush()
2022-05-04 23:09:46 +00:00
for exile in exiles:
if not user1.exiled_from(exile.sub):
exile.user_id = user1.id
g.db.add(exile)
g.db.flush()
2022-05-04 23:09:46 +00:00
for kind in ('comment_count', 'post_count', 'winnings', 'received_award_count', 'coins_spent', 'lootboxes_bought', 'coins', 'truescore', 'marseybux'):
2022-05-04 23:09:46 +00:00
amount = getattr(user1, kind) + getattr(user2, kind)
setattr(user1, kind, amount)
setattr(user2, kind, 0)
g.db.add(user1)
g.db.add(user2)
2022-09-01 23:59:56 +00:00
online = cache.get(CHAT_ONLINE_CACHE_KEY)
2022-05-04 23:09:46 +00:00
cache.clear()
cache.set(CHAT_ONLINE_CACHE_KEY, online)
2022-09-01 23:59:56 +00:00
2022-05-04 23:09:46 +00:00
return redirect(user1.url)
@app.get('/admin/merge_all/<id>')
@admin_level_required(PERMS['USER_MERGE'])
2022-05-04 23:09:46 +00:00
def merge_all(v, id):
if v.id != AEVANN_ID: abort(403)
if time.time() - session.get('verified', 0) > 3:
session.pop("lo_user", None)
path = request.path
qs = urlencode(dict(request.values))
argval = quote(f"{path}?{qs}", safe='')
return redirect(f"/login?redirect={argval}")
user = get_account(id)
alt_ids = [x.id for x in user.alts_unique]
things = g.db.query(AwardRelationship).filter(AwardRelationship.user_id.in_(alt_ids)).all() + g.db.query(Mod).filter(Mod.user_id.in_(alt_ids)).all() + g.db.query(Exile).filter(Exile.user_id.in_(alt_ids)).all()
for thing in things:
thing.user_id = user.id
g.db.add(thing)
things = g.db.query(Submission).filter(Submission.author_id.in_(alt_ids)).all() + g.db.query(Comment).filter(Comment.author_id.in_(alt_ids)).all()
for thing in things:
thing.author_id = user.id
g.db.add(thing)
badges = g.db.query(Badge).filter(Badge.user_id.in_(alt_ids)).all()
for badge in badges:
if not user.has_badge(badge.badge_id):
badge.user_id = user.id
g.db.add(badge)
g.db.flush()
2022-05-04 23:09:46 +00:00
for alt in user.alts_unique:
for kind in ('comment_count', 'post_count', 'winnings', 'received_award_count', 'coins_spent', 'lootboxes_bought', 'coins', 'truescore', 'marseybux'):
2022-05-04 23:09:46 +00:00
amount = getattr(user, kind) + getattr(alt, kind)
setattr(user, kind, amount)
setattr(alt, kind, 0)
g.db.add(alt)
g.db.add(user)
2022-09-01 23:59:56 +00:00
online = cache.get(CHAT_ONLINE_CACHE_KEY)
2022-05-04 23:09:46 +00:00
cache.clear()
cache.set(CHAT_ONLINE_CACHE_KEY, online)
2022-09-01 23:59:56 +00:00
2022-05-04 23:09:46 +00:00
return redirect(user.url)
@app.post("/@<username>/make_admin")
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_ADD'])
2022-05-04 23:09:46 +00:00
def make_admin(v, username):
2022-11-11 13:52:18 +00:00
if SITE == 'rdrama.net': abort(403)
2022-05-29 18:36:51 +00:00
2022-05-04 23:09:46 +00:00
user = get_user(username)
2022-10-06 03:37:18 +00:00
user.admin_level = PERMS['ADMIN_ADD_PERM_LEVEL']
2022-05-04 23:09:46 +00:00
g.db.add(user)
ma = ModAction(
kind="make_admin",
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
return {"message": f"@{user.username} has been made admin!"}
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/remove_admin")
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_REMOVE'])
2022-05-04 23:09:46 +00:00
def remove_admin(v, username):
user = get_user(username)
user.admin_level = 0
g.db.add(user)
ma = ModAction(
kind="remove_admin",
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
return {"message": f"@{user.username} has been removed as admin!"}
2022-05-04 23:09:46 +00:00
2022-08-26 21:53:17 +00:00
@app.post("/distribute/<option_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_BETS_DISTRIBUTE'])
2022-08-26 21:53:17 +00:00
def distribute(v, option_id):
autojanny = get_account(AUTOJANNY_ID)
if autojanny.coins == 0: abort(400, "@AutoJanny has 0 coins")
2022-08-26 21:53:17 +00:00
try: option_id = int(option_id)
except: abort(400)
try: option = g.db.get(SubmissionOption, option_id)
except: abort(404)
2022-09-08 18:25:45 +00:00
if option.exclusive != 2: abort(403)
option.exclusive = 3
g.db.add(option)
2022-08-26 21:53:17 +00:00
post = option.post
pool = 0
for o in post.options:
2022-09-30 15:38:47 +00:00
if o.exclusive >= 2: pool += o.upvotes
pool *= POLL_BET_COINS
2022-08-26 21:53:17 +00:00
2022-10-12 16:33:00 +00:00
autojanny.charge_account('coins', pool)
2022-08-26 21:53:17 +00:00
if autojanny.coins < 0: autojanny.coins = 0
g.db.add(autojanny)
votes = option.votes
coinsperperson = int(pool / len(votes))
cid = notif_comment(f"You won {coinsperperson} coins betting on [{post.title}]({post.shortlink}) :marseyparty:")
for vote in votes:
u = vote.user
u.pay_account('coins', coinsperperson)
2022-08-26 21:53:17 +00:00
add_notif(cid, u.id)
cid = notif_comment(f"You lost the {POLL_BET_COINS} coins you bet on [{post.title}]({post.shortlink}) :marseylaugh:")
2022-08-26 21:53:17 +00:00
losing_voters = []
for o in post.options:
2022-09-23 12:09:33 +00:00
if o.exclusive == 2:
2022-08-26 21:53:17 +00:00
losing_voters.extend([x.user_id for x in o.votes])
for uid in losing_voters:
add_notif(cid, uid)
2022-05-04 23:09:46 +00:00
2022-08-26 21:53:17 +00:00
ma = ModAction(
kind="distribute",
user_id=v.id,
target_submission_id=post.id
)
g.db.add(ma)
return {"message": f"Each winner has received {coinsperperson} coins!"}
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/revert_actions")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['ADMIN_ACTIONS_REVERT'])
def revert_actions(v, username):
user = get_user(username)
ma = ModAction(
kind="revert",
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
cutoff = int(time.time()) - 86400
posts = [x[0] for x in g.db.query(ModAction.target_submission_id).filter(ModAction.user_id == user.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_post').all()]
posts = g.db.query(Submission).filter(Submission.id.in_(posts)).all()
comments = [x[0] for x in g.db.query(ModAction.target_comment_id).filter(ModAction.user_id == user.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_comment').all()]
comments = g.db.query(Comment).filter(Comment.id.in_(comments)).all()
for item in posts + comments:
item.is_banned = False
item.ban_reason = None
item.is_approved = v.id
g.db.add(item)
users = (x[0] for x in g.db.query(ModAction.target_user_id).filter(ModAction.user_id == user.id, ModAction.created_utc > cutoff, ModAction.kind.in_(('shadowban', 'ban_user'))).all())
users = g.db.query(User).filter(User.id.in_(users)).all()
for user in users:
user.shadowbanned = None
user.unban_utc = 0
user.ban_reason = None
if user.is_banned:
user.is_banned = 0
send_repeatable_notification(user.id, f"@{v.username} (Admin) has unbanned you!")
g.db.add(user)
for u in user.alts:
u.shadowbanned = None
u.unban_utc = 0
u.ban_reason = None
if u.is_banned:
u.is_banned = 0
send_repeatable_notification(u.id, f"@{v.username} (Admin) has unbanned you!")
g.db.add(u)
2022-10-08 06:08:45 +00:00
return {"message": f"@{user.username}'s admin actions have been reverted!"}
2022-05-04 23:09:46 +00:00
@app.get("/admin/shadowbanned")
2022-10-12 06:53:32 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
2022-05-04 23:09:46 +00:00
def shadowbanned(v):
2022-05-25 20:16:26 +00:00
users = g.db.query(User).filter(User.shadowbanned != None).order_by(User.shadowbanned).all()
2022-11-15 19:08:41 +00:00
return render_template("admin/shadowbanned.html", v=v, users=users)
2022-05-04 23:09:46 +00:00
@app.get("/admin/image_posts")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def image_posts_listing(v):
try: page = int(request.values.get('page', 1))
except: page = 1
posts = g.db.query(Submission).order_by(Submission.id.desc())
firstrange = PAGE_SIZE * (page - 1)
secondrange = firstrange + PAGE_SIZE + 1
2022-05-04 23:09:46 +00:00
posts = [x.id for x in posts if x.is_image][firstrange:secondrange]
next_exists = (len(posts) > PAGE_SIZE)
posts = get_posts(posts[:PAGE_SIZE], v=v)
2022-05-04 23:09:46 +00:00
return render_template("admin/image_posts.html", v=v, listing=posts, next_exists=next_exists, page=page, sort="new")
@app.get("/admin/reported/posts")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def reported_posts(v):
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
2022-05-04 23:09:46 +00:00
listing = g.db.query(Submission).filter_by(
is_approved=None,
2022-10-23 16:24:17 +00:00
is_banned=False,
deleted_utc=0
).join(Submission.flags).order_by(Submission.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE+1)
2022-05-04 23:09:46 +00:00
listing = [p.id for p in listing]
next_exists = len(listing) > PAGE_SIZE
listing = listing[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
listing = get_posts(listing, v=v)
return render_template("admin/reported_posts.html",
2022-09-04 23:15:37 +00:00
next_exists=next_exists, listing=listing, page=page, v=v)
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/comments")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def reported_comments(v):
try: page = max(1, int(request.values.get("page", 1)))
except: abort(400, "Invalid page input!")
2022-05-04 23:09:46 +00:00
listing = g.db.query(Comment
2022-09-04 23:15:37 +00:00
).filter_by(
2022-05-04 23:09:46 +00:00
is_approved=None,
2022-10-23 16:24:17 +00:00
is_banned=False,
deleted_utc=0
).join(Comment.flags).order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE+1).all()
2022-05-04 23:09:46 +00:00
listing = [c.id for c in listing]
next_exists = len(listing) > PAGE_SIZE
listing = listing[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
listing = get_comments(listing, v=v)
return render_template("admin/reported_comments.html",
2022-09-04 23:15:37 +00:00
next_exists=next_exists,
listing=listing,
page=page,
v=v,
standalone=True)
2022-05-04 23:09:46 +00:00
@app.get("/admin")
@admin_level_required(PERMS['ADMIN_HOME_VISIBLE'])
2022-05-04 23:09:46 +00:00
def admin_home(v):
2022-07-01 18:19:21 +00:00
under_attack = False
if v.admin_level >= PERMS['SITE_SETTINGS_UNDER_ATTACK']:
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
under_attack = (get_security_level() or 'high') == 'under_attack'
2022-05-04 23:09:46 +00:00
gitref = admin_git_head()
return render_template("admin/admin_home.html", v=v,
2022-07-01 18:19:21 +00:00
under_attack=under_attack,
gitref=gitref)
def admin_git_head():
short_len = 12
# Note: doing zero sanitization. Git branch names are extremely permissive.
# However, they forbid '..', so I don't see an obvious dir traversal attack.
# Also, a malicious branch name would mean someone already owned the server
# or repo, so I think this isn't a weak link.
try:
with open('.git/HEAD', encoding='utf_8') as head_f:
head_txt = head_f.read()
2022-07-06 11:49:13 +00:00
head_path = git_regex.match(head_txt).group(1)
with open('.git/' + head_path, encoding='utf_8') as ref_f:
gitref = ref_f.read()[0:short_len]
except:
return '<unable to read>', ''
return (gitref, head_txt)
2022-05-04 23:09:46 +00:00
@app.post("/admin/site_settings/<setting>")
@admin_level_required(PERMS['SITE_SETTINGS'])
2022-05-04 23:09:46 +00:00
def change_settings(v, setting):
2022-11-30 17:37:35 +00:00
if setting not in get_settings().keys():
abort(404, f"Setting '{setting}' not found")
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
val = toggle_setting(setting)
if val: word = 'enable'
2022-05-04 23:09:46 +00:00
else: word = 'disable'
ma = ModAction(
kind=f"{word}_{setting}",
user_id=v.id,
)
g.db.add(ma)
2022-11-30 17:37:35 +00:00
return {'message': f"{setting.replace('_', ' ').title()} {word}d successfully!"}
2022-05-04 23:09:46 +00:00
2022-11-06 05:28:44 +00:00
@app.post("/admin/clear_cloudflare_cache")
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
2022-11-06 05:28:44 +00:00
def clear_cloudflare_cache(v):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if not clear_entire_cache():
2022-11-06 05:28:44 +00:00
abort(400, 'Failed to clear cloudflare cache!')
2022-05-04 23:09:46 +00:00
ma = ModAction(
2022-11-06 05:28:44 +00:00
kind="clear_cloudflare_cache",
2022-05-04 23:09:46 +00:00
user_id=v.id
)
g.db.add(ma)
2022-11-06 05:28:44 +00:00
return {"message": "Cloudflare cache cleared!"}
2022-05-04 23:09:46 +00:00
2022-11-06 05:28:44 +00:00
@app.post("/admin/clear_internal_cache")
@admin_level_required(PERMS['SITE_CACHE_DUMP_INTERNAL'])
2022-11-06 05:28:44 +00:00
def admin_clear_internal_cache(v):
online = cache.get(CHAT_ONLINE_CACHE_KEY)
cache.clear()
cache.set(CHAT_ONLINE_CACHE_KEY, online)
ma = ModAction(
2022-11-06 05:28:44 +00:00
kind="clear_internal_cache",
user_id=v.id
)
g.db.add(ma)
return {"message": "Internal cache cleared!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/under_attack")
@admin_level_required(PERMS['SITE_SETTINGS_UNDER_ATTACK'])
2022-05-04 23:09:46 +00:00
def under_attack(v):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
response = get_security_level()
2022-10-13 07:27:56 +00:00
if not response:
abort(400, 'Could not retrieve the current security level')
old_under_attack_mode = response == 'under_attack'
enable_disable_str = 'disable' if old_under_attack_mode else 'enable'
new_security_level = 'high' if old_under_attack_mode else 'under_attack'
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if not set_security_level(new_security_level):
2022-10-13 07:27:56 +00:00
abort(400, f'Failed to {enable_disable_str} under attack mode')
ma = ModAction(
kind=f"{enable_disable_str}_under_attack",
user_id=v.id,
)
g.db.add(ma)
2022-10-13 07:54:30 +00:00
return {"message": f"Under attack mode {enable_disable_str}d!"}
2022-05-04 23:09:46 +00:00
def admin_badges_grantable_list(v):
query = g.db.query(BadgeDef)
2022-11-30 21:15:07 +00:00
if v.id not in {AEVANN_ID, SNAKES_ID} and SITE != 'pcmemes.net':
if BADGE_BLACKLIST:
query = query.filter(BadgeDef.id.notin_(BADGE_BLACKLIST))
elif BADGE_WHITELIST and v.id != CARP_ID:
query = query.filter(BadgeDef.id.in_(BADGE_WHITELIST))
badge_types = query.order_by(BadgeDef.id).all()
return badge_types
@app.get("/admin/badge_grant")
@app.get("/admin/badge_remove")
@feature_required('BADGES')
@admin_level_required(PERMS['USER_BADGES'])
def badge_grant_get(v):
grant = request.url.endswith("grant")
badge_types = admin_badges_grantable_list(v)
return render_template("admin/badge_admin.html", v=v,
badge_types=badge_types, grant=grant)
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_grant")
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
2022-05-04 23:09:46 +00:00
def badge_grant_post(v):
badges = admin_badges_grantable_list(v)
2022-05-04 23:09:46 +00:00
user = get_user(request.values.get("username").strip(), graceful=True)
if not user:
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=True, error="User not found.")
2022-05-04 23:09:46 +00:00
try: badge_id = int(request.values.get("badge_id"))
except: abort(400)
if badge_id not in [b.id for b in badges]:
2022-05-04 23:09:46 +00:00
abort(403)
if user.has_badge(badge_id):
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=True, error="User already has that badge.")
2022-05-04 23:09:46 +00:00
new_badge = Badge(badge_id=badge_id, user_id=user.id)
desc = request.values.get("description")
if desc: new_badge.description = desc
url = request.values.get("url")
if url:
if '\\' in url: abort(400)
if url.startswith(SITE_FULL):
url = url.split(SITE_FULL, 1)[1]
new_badge.url = url
2022-05-04 23:09:46 +00:00
g.db.add(new_badge)
2022-08-17 17:57:32 +00:00
g.db.flush()
2022-05-04 23:09:46 +00:00
if v.id != user.id:
text = f"@{v.username} (Admin) has given you the following profile badge:\n\n![]({new_badge.path})\n\n**{new_badge.name}**\n\n{new_badge.badge.description}"
2022-09-13 10:27:09 +00:00
send_repeatable_notification(user.id, text)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="badge_grant",
user_id=v.id,
target_user_id=user.id,
_note=new_badge.name
)
g.db.add(ma)
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=True, msg=f"{new_badge.name} Badge granted to @{user.username} successfully!")
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_remove")
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
2022-05-04 23:09:46 +00:00
def badge_remove_post(v):
badges = admin_badges_grantable_list(v)
2022-05-04 23:09:46 +00:00
user = get_user(request.values.get("username").strip(), graceful=True)
if not user:
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=False, error="User not found.")
2022-05-04 23:09:46 +00:00
try: badge_id = int(request.values.get("badge_id"))
except: abort(400)
if badge_id not in [b.id for b in badges]:
abort(403)
2022-05-04 23:09:46 +00:00
badge = user.has_badge(badge_id)
if not badge:
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=False, error="User doesn't have that badge.")
2022-05-04 23:09:46 +00:00
2022-09-13 10:27:09 +00:00
if v.id != user.id:
text = f"@{v.username} (Admin) has removed the following profile badge from you:\n\n![]({badge.path})\n\n**{badge.name}**\n\n{badge.badge.description}"
2022-09-13 10:27:09 +00:00
send_repeatable_notification(user.id, text)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="badge_remove",
user_id=v.id,
target_user_id=user.id,
_note=badge.name
)
g.db.add(ma)
g.db.delete(badge)
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=False, msg=f"{badge.name} Badge removed from @{user.username} successfully!")
2022-05-04 23:09:46 +00:00
@app.get("/admin/users")
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['VIEW_ALL_USERS'])
2022-05-04 23:09:46 +00:00
def users_list(v):
try: page = int(request.values.get("page", 1))
except: page = 1
users = g.db.query(User).order_by(User.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-05-04 23:09:46 +00:00
next_exists = (len(users) > PAGE_SIZE)
users = users[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
2022-09-05 20:23:35 +00:00
return render_template("user_cards.html",
2022-09-04 23:15:37 +00:00
v=v,
users=users,
next_exists=next_exists,
page=page,
[DO NOT MERGE] titlesssssssssss (#468) * titles * testing * self * Revert "self" This reverts commit d6c12d5a5ba125feb44673f55e1fdac75f151cb5. * Revert "testing" This reverts commit 86d800f9fd552196b31f0e0b3891d4fc072a9bc0. * testing on devrama * rewrite the html head * reference error or smth idk * tempalte debug * template debug redux * default2 * rename default2 -> root, page title * fix settings2 * include the set_variables block * root scope variables 2 * test 3 * remove unnecessary set * add pagetitles to all settings2 pages * add pagetitle to casino * remove bloat * remove duplicate site name thingy * page titles 2 * page titles 3 * remove duplicate imports and add page titles everywhere iirc * ok but actually this time * remove unnecessary newlines * fix title lol * > * fsdfsfsfsfsfs * fsfs * template configurations * fix 500 * reduce login template bloat * move files and add status codes where needful * move authfroms to login * remove 2fa bloat * verification code * sign up fixes * readability * fssfsfsfs * move forgot password to login/ * readability * don't emit comments * add page titles where needful * gsgsgs * modals: move to respective pages * testing on devrama * get home garbage out of title * remove insane amount of icon duplication * sign up text * add votes pagetitle * fix blank lines * Revert "fix blank lines" This reverts commit b2c54339970725d00b6fc82bb458c1757909952c. * Fix blank lines on sign_up.html. * title: votes.html more meaningful identifier. * titles: Lottery, Directory, Notifications * head final in submission.html * fix missing comma * > * test * title: /comments * fsfsfsfsf * titles: user_cards * head: only load video and audio meta attributes if they actually exist * titlessssss: /admin/lottery/participants * titlessssssss: extra quote in search.html * titlessssss: userpage voters. * titties: /h/<sub>/{followers,blockers,exilees[sic]} * test banner * Revert "test banner" This reverts commit c3d875d03f3e60d72a60dab7d28bf108554a5826. * make submit.html inherit from default.html Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-21 08:52:22 +00:00
user_cards_title="Users Feed",
2022-09-04 23:15:37 +00:00
)
2022-05-04 23:09:46 +00:00
@app.get("/admin/alt_votes")
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['VIEW_ALT_VOTES'])
2022-05-04 23:09:46 +00:00
def alt_votes_get(v):
u1 = request.values.get("u1")
u2 = request.values.get("u2")
if not u1 or not u2:
return render_template("admin/alt_votes.html", v=v)
u1 = get_user(u1)
u2 = get_user(u2)
u1_post_ups = g.db.query(
Vote.submission_id).filter_by(
user_id=u1.id,
vote_type=1).all()
u1_post_downs = g.db.query(
Vote.submission_id).filter_by(
user_id=u1.id,
vote_type=-1).all()
u1_comment_ups = g.db.query(
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=1).all()
u1_comment_downs = g.db.query(
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=-1).all()
u2_post_ups = g.db.query(
Vote.submission_id).filter_by(
user_id=u2.id,
vote_type=1).all()
u2_post_downs = g.db.query(
Vote.submission_id).filter_by(
user_id=u2.id,
vote_type=-1).all()
u2_comment_ups = g.db.query(
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=1).all()
u2_comment_downs = g.db.query(
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=-1).all()
data = {}
data['u1_only_post_ups'] = len(
[x for x in u1_post_ups if x not in u2_post_ups])
data['u2_only_post_ups'] = len(
[x for x in u2_post_ups if x not in u1_post_ups])
data['both_post_ups'] = len(list(set(u1_post_ups) & set(u2_post_ups)))
data['u1_only_post_downs'] = len(
[x for x in u1_post_downs if x not in u2_post_downs])
data['u2_only_post_downs'] = len(
[x for x in u2_post_downs if x not in u1_post_downs])
data['both_post_downs'] = len(
list(set(u1_post_downs) & set(u2_post_downs)))
data['u1_only_comment_ups'] = len(
[x for x in u1_comment_ups if x not in u2_comment_ups])
data['u2_only_comment_ups'] = len(
[x for x in u2_comment_ups if x not in u1_comment_ups])
data['both_comment_ups'] = len(
list(set(u1_comment_ups) & set(u2_comment_ups)))
data['u1_only_comment_downs'] = len(
[x for x in u1_comment_downs if x not in u2_comment_downs])
data['u2_only_comment_downs'] = len(
[x for x in u2_comment_downs if x not in u1_comment_downs])
data['both_comment_downs'] = len(
list(set(u1_comment_downs) & set(u2_comment_downs)))
data['u1_post_ups_unique'] = 100 * \
data['u1_only_post_ups'] // len(u1_post_ups) if u1_post_ups else 0
data['u2_post_ups_unique'] = 100 * \
data['u2_only_post_ups'] // len(u2_post_ups) if u2_post_ups else 0
data['u1_post_downs_unique'] = 100 * \
data['u1_only_post_downs'] // len(
u1_post_downs) if u1_post_downs else 0
data['u2_post_downs_unique'] = 100 * \
data['u2_only_post_downs'] // len(
u2_post_downs) if u2_post_downs else 0
data['u1_comment_ups_unique'] = 100 * \
data['u1_only_comment_ups'] // len(
u1_comment_ups) if u1_comment_ups else 0
data['u2_comment_ups_unique'] = 100 * \
data['u2_only_comment_ups'] // len(
u2_comment_ups) if u2_comment_ups else 0
data['u1_comment_downs_unique'] = 100 * \
data['u1_only_comment_downs'] // len(
u1_comment_downs) if u1_comment_downs else 0
data['u2_comment_downs_unique'] = 100 * \
data['u2_only_comment_downs'] // len(
u2_comment_downs) if u2_comment_downs else 0
return render_template("admin/alt_votes.html",
2022-09-04 23:15:37 +00:00
u1=u1,
u2=u2,
v=v,
data=data
)
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.get("/admin/alts/")
@app.get("/@<username>/alts/")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_LINK'])
def admin_view_alts(v, username=None):
u = get_user(username or request.values.get('username'), graceful=True)
return render_template('admin/alts.html', v=v, u=u, alts=u.alts_unique if u else None)
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.post('/@<username>/alts/')
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['USER_LINK'])
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
def admin_add_alt(v, username):
user1 = get_user(username)
user2 = get_user(request.values.get('other_username'))
if user1.id == user2.id: abort(400, "Can't add the same account as alts of each other")
deleted = request.values.get('deleted', False, bool) or False
ids = [user1.id, user2.id]
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
if a: abort(409, f"@{user1.username} and @{user2.username} are already known {'linked' if not a.deleted else 'delinked'} alts")
a = Alt(
user1=user1.id,
user2=user2.id,
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
is_manual=True,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
deleted=deleted
)
g.db.add(a)
g.db.flush()
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
check_for_alts(user1, include_current_session=False)
check_for_alts(user2, include_current_session=False)
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
word = 'Delinked' if deleted else 'Linked'
ma_word = 'delink' if deleted else 'link'
note = f'from {user2.id}' if deleted else f'with {user2.id}'
ma = ModAction(
kind=f"{ma_word}_accounts",
user_id=v.id,
target_user_id=user1.id,
_note=note
)
g.db.add(ma)
return {"message": f"{word} @{user1.username} and @{user2.username} successfully!"}
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@app.route('/@<username>/alts/<int:other>/deleted', methods=["PUT", "DELETE"])
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_LINK'])
def admin_delink_relink_alt(v, username, other):
is_delinking = request.method == 'PUT' # we're adding the 'deleted' state if a PUT request
user1 = get_user(username)
user2 = get_account(other)
ids = [user1.id, user2.id]
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
if not a: abort(404)
a.deleted = is_delinking
g.db.add(a)
g.db.flush()
check_for_alts(user1, include_current_session=False)
check_for_alts(user2, include_current_session=False)
word = 'Delinked' if is_delinking else 'Relinked'
ma_word = 'delink' if is_delinking else 'link'
note = f'from {user2.id}' if is_delinking else f'with {user2.id} (relinked)'
2022-05-04 23:09:46 +00:00
ma = ModAction(
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
kind=f"{ma_word}_accounts",
2022-05-04 23:09:46 +00:00
user_id=v.id,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
target_user_id=user1.id,
_note=note
2022-05-04 23:09:46 +00:00
)
g.db.add(ma)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
return {"message": f"{word} @{user1.username} and @{user2.username} successfully!"}
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/posts")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_removed(v):
try: page = int(request.values.get("page", 1))
except: page = 1
if page < 1: abort(400)
ids = g.db.query(Submission.id).join(Submission.author).filter(or_(Submission.is_banned==True, User.shadowbanned != None)).order_by(Submission.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-05-04 23:09:46 +00:00
ids=[x[0] for x in ids]
next_exists = len(ids) > PAGE_SIZE
ids = ids[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
posts = get_posts(ids, v=v)
return render_template("admin/removed_posts.html",
2022-09-04 23:15:37 +00:00
v=v,
listing=posts,
page=page,
next_exists=next_exists
)
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/comments")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_removed_comments(v):
try: page = int(request.values.get("page", 1))
except: page = 1
2022-11-27 00:19:50 +00:00
ids = g.db.query(Comment.id).join(Comment.author).filter(or_(Comment.is_banned==True, User.shadowbanned != None)).order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE + 1).all()
2022-05-04 23:09:46 +00:00
ids=[x[0] for x in ids]
next_exists = len(ids) > PAGE_SIZE
ids = ids[:PAGE_SIZE]
2022-05-04 23:09:46 +00:00
comments = get_comments(ids, v=v)
return render_template("admin/removed_comments.html",
2022-09-04 23:15:37 +00:00
v=v,
listing=comments,
page=page,
next_exists=next_exists
)
2022-05-04 23:09:46 +00:00
@app.post("/unagendaposter/<user_id>")
@admin_level_required(PERMS['USER_AGENDAPOSTER'])
2022-05-04 23:09:46 +00:00
def unagendaposter(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
2022-05-04 23:09:46 +00:00
user.agendaposter = 0
g.db.add(user)
for alt in user.alts:
alt.agendaposter = 0
g.db.add(alt)
ma = ModAction(
2022-11-07 01:47:27 +00:00
kind="unchud",
2022-05-04 23:09:46 +00:00
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
badge = user.has_badge(28)
if badge: g.db.delete(badge)
2022-11-07 05:44:09 +00:00
send_repeatable_notification(user.id, f"@{v.username} (Admin) has unchudded you.")
2022-05-04 23:09:46 +00:00
2022-11-05 02:01:45 +00:00
return {"message": f"@{user.username} has been unchudded!"}
2022-05-04 23:09:46 +00:00
@app.post("/shadowban/<user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_SHADOWBAN'])
2022-05-04 23:09:46 +00:00
def shadowban(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
if user.admin_level > v.admin_level:
abort(403)
2022-05-04 23:09:46 +00:00
user.shadowbanned = v.username
reason = request.values.get("reason").strip()[:256]
user.ban_reason = reason
2022-05-04 23:09:46 +00:00
g.db.add(user)
check_for_alts(user, False)
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="shadowban",
user_id=v.id,
target_user_id=user.id,
_note=f'reason: "{reason}"'
2022-05-04 23:09:46 +00:00
)
g.db.add(ma)
cache.delete_memoized(frontlist)
return {"message": f"@{user.username} has been shadowbanned!"}
2022-05-04 23:09:46 +00:00
@app.post("/unshadowban/<user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_SHADOWBAN'])
2022-05-04 23:09:46 +00:00
def unshadowban(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
2022-05-04 23:09:46 +00:00
user.shadowbanned = None
if not user.is_banned: user.ban_reason = None
2022-05-04 23:09:46 +00:00
g.db.add(user)
for alt in user.alts:
alt.shadowbanned = None
if not alt.is_banned: alt.ban_reason = None
2022-05-04 23:09:46 +00:00
g.db.add(alt)
ma = ModAction(
kind="unshadowban",
user_id=v.id,
target_user_id=user.id,
)
g.db.add(ma)
cache.delete_memoized(frontlist)
return {"message": f"@{user.username} has been unshadowbanned!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/title_change/<user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
2022-10-06 05:45:44 +00:00
@admin_level_required(PERMS['USER_TITLE_CHANGE'])
2022-05-04 23:09:46 +00:00
def admin_title_change(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
2022-05-04 23:09:46 +00:00
new_name=request.values.get("title").strip()[:256]
user.customtitleplain=new_name
new_name = filter_emojis_only(new_name)
new_name = censor_slurs(new_name, None)
2022-05-04 23:09:46 +00:00
2022-06-24 13:19:53 +00:00
user=get_account(user.id)
2022-05-04 23:09:46 +00:00
user.customtitle=new_name
if request.values.get("locked"): user.flairchanged = int(time.time()) + 2629746
else:
user.flairchanged = None
badge = user.has_badge(96)
if badge: g.db.delete(badge)
g.db.add(user)
if user.flairchanged: kind = "set_flair_locked"
else: kind = "set_flair_notlocked"
ma=ModAction(
kind=kind,
user_id=v.id,
target_user_id=user.id,
_note=f'"{user.customtitleplain}"'
)
g.db.add(ma)
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s flair has been changed!"}
2022-05-04 23:09:46 +00:00
@app.post("/ban_user/<user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_BAN'])
2022-05-04 23:09:46 +00:00
def ban_user(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
2022-05-04 23:09:46 +00:00
2022-10-11 13:48:49 +00:00
if user.admin_level > v.admin_level:
abort(403)
2022-05-04 23:09:46 +00:00
2022-10-15 11:02:02 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
2022-05-04 23:09:46 +00:00
reason = request.values.get("reason").strip()[:256]
reason = filter_emojis_only(reason)
2022-05-04 23:09:46 +00:00
if reason.startswith("/") and '\\' not in reason:
reason = f'<a href="{reason.split()[0]}">{reason}</a>'
2022-05-04 23:09:46 +00:00
user.ban(admin=v, reason=reason, days=days)
2022-05-04 23:09:46 +00:00
if request.values.get("alts"):
for x in user.alts:
2022-10-11 13:48:49 +00:00
if x.admin_level > v.admin_level:
continue
x.ban(admin=v, reason=reason, days=days)
2022-05-04 23:09:46 +00:00
2022-10-15 11:02:02 +00:00
duration = "permanently"
2022-05-04 23:09:46 +00:00
if days:
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
2022-10-15 11:02:02 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
if reason: text = f"@{v.username} (Admin) has banned you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (Admin) has banned you for **{days_txt}** days."
2022-05-04 23:09:46 +00:00
else:
if reason: text = f"@{v.username} (Admin) has banned you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (Admin) has banned you permanently."
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, text)
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}, reason: "{reason}"'
2022-05-04 23:09:46 +00:00
ma=ModAction(
kind="ban_user",
user_id=v.id,
target_user_id=user.id,
_note=note
)
g.db.add(ma)
if 'reason' in request.values:
if request.values["reason"].startswith("/post/"):
2022-07-28 14:23:38 +00:00
try: post = int(request.values["reason"].split("/post/")[1].split(None, 1)[0])
except: abort(400)
2022-06-25 00:11:00 +00:00
post = get_post(post)
post.bannedfor = f'{duration} by @{v.username}'
2022-06-25 00:11:00 +00:00
g.db.add(post)
elif request.values["reason"].startswith("/comment/"):
2022-07-28 14:23:38 +00:00
try: comment = int(request.values["reason"].split("/comment/")[1].split(None, 1)[0])
except: abort(400)
2022-06-25 00:11:00 +00:00
comment = get_comment(comment)
comment.bannedfor = f'{duration} by @{v.username}'
2022-06-25 00:11:00 +00:00
g.db.add(comment)
2022-05-04 23:09:46 +00:00
return {"message": f"@{user.username} has been banned!"}
2022-05-04 23:09:46 +00:00
2022-11-05 02:12:17 +00:00
@app.post("/agendaposter/<user_id>")
@admin_level_required(PERMS['USER_AGENDAPOSTER'])
def agendaposter(user_id, v):
user = get_account(user_id)
if user.admin_level > v.admin_level:
abort(403)
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
reason = request.values.get("reason", "").strip()
if reason and reason.startswith("/") and '\\' not in reason:
reason = f'<a href="{reason.split()[0]}">{reason}</a>'
duration = "permanently"
if days:
2022-11-08 03:37:14 +00:00
user.agendaposter = int(time.time()) + (days * 86400)
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
2022-11-05 02:12:17 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
if reason: text = f"@{v.username} (Admin) has chudded you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (Admin) has chudded you for **{days_txt}** days."
else:
2022-11-08 03:37:14 +00:00
user.agendaposter = 1
2022-11-05 02:12:17 +00:00
if reason: text = f"@{v.username} (Admin) has chudded you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (Admin) has chudded you permanently."
2022-11-08 03:37:14 +00:00
g.db.add(user)
2022-11-05 02:12:17 +00:00
send_repeatable_notification(user.id, text)
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}'
if reason: note += f', reason: "{reason}"'
2022-11-05 02:12:17 +00:00
ma=ModAction(
2022-11-07 01:47:27 +00:00
kind="chud",
2022-11-05 02:12:17 +00:00
user_id=v.id,
target_user_id=user.id,
_note=note
)
g.db.add(ma)
2022-11-07 05:43:25 +00:00
badge_grant(user=user, badge_id=28)
2022-11-05 02:12:17 +00:00
if 'reason' in request.values:
if request.values["reason"].startswith("/post/"):
try: post = int(request.values["reason"].split("/post/")[1].split(None, 1)[0])
except: abort(400)
post = get_post(post)
post.chuddedfor = f'{duration} by @{v.username}'
g.db.add(post)
elif request.values["reason"].startswith("/comment/"):
try: comment = int(request.values["reason"].split("/comment/")[1].split(None, 1)[0])
except: abort(400)
comment = get_comment(comment)
comment.chuddedfor = f'{duration} by @{v.username}'
g.db.add(comment)
return {"message": f"@{user.username} has been chudded!"}
2022-11-05 02:12:17 +00:00
2022-05-04 23:09:46 +00:00
@app.post("/unban_user/<user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_BAN'])
2022-05-04 23:09:46 +00:00
def unban_user(user_id, v):
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
if not user.is_banned:
abort(400)
2022-05-04 23:09:46 +00:00
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and user.ban_reason and user.ban_reason.startswith('1-Day ban award'):
abort(403, "You can't undo a ban award!")
2022-05-04 23:09:46 +00:00
user.is_banned = 0
user.unban_utc = 0
user.ban_reason = None
send_repeatable_notification(user.id, f"@{v.username} (Admin) has unbanned you!")
2022-05-04 23:09:46 +00:00
g.db.add(user)
for x in user.alts:
if x.is_banned: send_repeatable_notification(x.id, f"@{v.username} (Admin) has unbanned you!")
2022-05-04 23:09:46 +00:00
x.is_banned = 0
x.unban_utc = 0
x.ban_reason = None
g.db.add(x)
ma=ModAction(
kind="unban_user",
user_id=v.id,
target_user_id=user.id,
)
g.db.add(ma)
return {"message": f"@{user.username} has been unbanned!"}
2022-05-04 23:09:46 +00:00
2022-11-12 09:11:31 +00:00
@app.post("/mute_user/<int:user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_BAN'])
2022-11-12 09:11:31 +00:00
def mute_user(v, user_id):
user = get_account(user_id)
2022-11-12 09:11:31 +00:00
if not user.is_muted:
user.is_muted = True
2022-11-12 09:11:31 +00:00
ma = ModAction(
kind='mod_mute_user',
user_id=v.id,
target_user_id=user.id,
)
g.db.add(user)
g.db.add(ma)
return {"message": f"@{user.username} has been muted!"}
@app.post("/unmute_user/<int:user_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
2022-11-12 09:11:31 +00:00
@admin_level_required(PERMS['USER_BAN'])
def unmute_user(v, user_id):
user = get_account(user_id)
if user.is_muted:
user.is_muted = False
2022-11-12 09:11:31 +00:00
ma = ModAction(
kind='mod_unmute_user',
user_id=v.id,
target_user_id=user.id,
)
g.db.add(user)
g.db.add(ma)
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been unmuted!"}
2022-05-04 23:09:46 +00:00
@app.post("/remove_post/<post_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
def remove_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.is_approved = None
2022-11-19 14:24:32 +00:00
if not FEATURES['AWARDS'] or not post.stickied or not post.stickied.endswith(PIN_AWARD_TEXT):
post.stickied = None
2022-10-24 17:43:14 +00:00
post.is_pinned = False
2022-05-04 23:09:46 +00:00
post.ban_reason = v.username
g.db.add(post)
ma=ModAction(
kind="ban_post",
user_id=v.id,
target_submission_id=post.id,
)
g.db.add(ma)
cache.delete_memoized(frontlist)
v.pay_account('coins', 1)
2022-05-04 23:09:46 +00:00
g.db.add(v)
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
purge_files_in_cache(f"https://{SITE}/")
2022-05-04 23:09:46 +00:00
return {"message": "Post removed!"}
@app.post("/approve_post/<post_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
def approve_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-05-04 23:09:46 +00:00
2022-08-19 22:20:25 +00:00
if post.author.id == v.id and post.author.agendaposter and AGENDAPOSTER_PHRASE not in post.body.lower() and post.sub != 'chudrama':
abort(400, "You can't bypass the chud award!")
2022-05-09 14:07:29 +00:00
2022-05-04 23:09:46 +00:00
if post.is_banned:
ma=ModAction(
kind="unban_post",
user_id=v.id,
target_submission_id=post.id,
)
g.db.add(ma)
post.is_banned = False
post.ban_reason = None
post.is_approved = v.id
g.db.add(post)
cache.delete_memoized(frontlist)
2022-10-12 16:33:00 +00:00
v.charge_account('coins', 1)
2022-05-04 23:09:46 +00:00
g.db.add(v)
return {"message": "Post approved!"}
@app.post("/distinguish/<post_id>")
2022-10-06 04:19:11 +00:00
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
2022-08-11 04:05:23 +00:00
def distinguish_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-05-04 23:09:46 +00:00
if post.distinguish_level:
post.distinguish_level = 0
kind = 'undistinguish_post'
else:
post.distinguish_level = v.admin_level
kind = 'distinguish_post'
g.db.add(post)
ma = ModAction(
kind=kind,
user_id=v.id,
target_submission_id=post.id
)
g.db.add(ma)
if post.distinguish_level: return {"message": "Post distinguished!"}
else: return {"message": "Post undistinguished!"}
@app.post("/sticky/<post_id>")
2022-10-11 07:29:24 +00:00
@feature_required('PINS')
2022-11-14 15:11:05 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def sticky_post(post_id, v):
post = get_post(post_id)
if post.is_banned: abort(403, "Can't sticky removed posts!")
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and post.stickied and post.stickied.endswith(PIN_AWARD_TEXT):
abort(403, "Can't pin award pins!")
2022-10-14 18:28:20 +00:00
pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count()
2022-10-14 18:28:20 +00:00
if not post.stickied_utc:
post.stickied_utc = int(time.time()) + 3600
2022-10-14 18:28:20 +00:00
pin_time = 'for 1 hour'
code = 200
if v.id != post.author_id:
send_repeatable_notification(post.author_id, f"@{v.username} (Admin) has pinned [{post.title}](/post/{post_id})")
2022-10-14 18:28:20 +00:00
else:
if pins >= PIN_LIMIT + 1:
abort(403, f"Can't exceed {PIN_LIMIT} pinned posts limit!")
post.stickied_utc = None
2022-10-14 18:28:46 +00:00
pin_time = 'permanently'
code = 201
2022-10-14 18:28:20 +00:00
post.stickied = v.username
g.db.add(post)
2022-05-04 23:09:46 +00:00
2022-10-14 18:28:20 +00:00
ma=ModAction(
kind="pin_post",
user_id=v.id,
target_submission_id=post.id,
_note=pin_time
)
g.db.add(ma)
cache.delete_memoized(frontlist)
2022-05-04 23:09:46 +00:00
return {"message": f"Post pinned {pin_time}!"}, code
2022-05-04 23:09:46 +00:00
@app.post("/unsticky/<post_id>")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def unsticky_post(post_id, v):
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
2022-09-30 22:40:02 +00:00
if post.stickied:
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and post.stickied.endswith(PIN_AWARD_TEXT): abort(403, "Can't unpin award pins!")
2022-10-23 18:28:51 +00:00
if post.author_id == LAWLZ_ID and post.stickied_utc and SITE_NAME == 'rDrama': abort(403, "Can't unpin lawlzposts!")
2022-05-04 23:09:46 +00:00
post.stickied = None
post.stickied_utc = None
g.db.add(post)
ma=ModAction(
kind="unpin_post",
user_id=v.id,
target_submission_id=post.id
)
g.db.add(ma)
if v.id != post.author_id:
send_repeatable_notification(post.author_id, f"@{v.username} (Admin) has unpinned [{post.title}](/post/{post_id})")
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
return {"message": "Post unpinned!"}
@app.post("/sticky_comment/<cid>")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def sticky_comment(cid, v):
comment = get_comment(cid, v=v)
2022-05-26 23:08:23 +00:00
if not comment.stickied:
comment.stickied = v.username
2022-05-04 23:09:46 +00:00
g.db.add(comment)
ma=ModAction(
kind="pin_comment",
user_id=v.id,
target_comment_id=comment.id
)
g.db.add(ma)
if v.id != comment.author_id:
message = f"@{v.username} (Admin) has pinned your [comment]({comment.shortlink})"
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
c = comment
while c.level > 2:
c = c.parent_comment
c.stickied_child_id = comment.id
g.db.add(c)
2022-05-04 23:09:46 +00:00
return {"message": "Comment pinned!"}
@app.post("/unsticky_comment/<cid>")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def unsticky_comment(cid, v):
comment = get_comment(cid, v=v)
2022-05-26 23:08:23 +00:00
if comment.stickied:
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and comment.stickied.endswith(PIN_AWARD_TEXT): abort(403, "Can't unpin award pins!")
2022-05-04 23:09:46 +00:00
2022-05-26 23:08:23 +00:00
comment.stickied = None
2022-05-04 23:09:46 +00:00
g.db.add(comment)
ma=ModAction(
kind="unpin_comment",
user_id=v.id,
target_comment_id=comment.id
)
g.db.add(ma)
if v.id != comment.author_id:
message = f"@{v.username} (Admin) has unpinned your [comment]({comment.shortlink})"
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
cleanup = g.db.query(Comment).filter_by(stickied_child_id=comment.id).all()
for c in cleanup:
c.stickied_child_id = None
g.db.add(c)
2022-05-04 23:09:46 +00:00
return {"message": "Comment unpinned!"}
@app.post("/remove_comment/<c_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-08-11 04:05:23 +00:00
def remove_comment(c_id, v):
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
2022-05-04 23:09:46 +00:00
comment.is_banned = True
comment.is_approved = None
comment.ban_reason = v.username
g.db.add(comment)
ma=ModAction(
kind="ban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
g.db.add(ma)
2022-05-04 23:09:46 +00:00
return {"message": "Comment removed!"}
@app.post("/approve_comment/<c_id>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-08-11 04:05:23 +00:00
def approve_comment(c_id, v):
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
2022-05-04 23:09:46 +00:00
2022-12-05 03:08:06 +00:00
if comment.author.id == v.id and comment.author.agendaposter and AGENDAPOSTER_PHRASE not in comment.body.lower() and not (comment.parent_submission and comment.post.sub == 'chudrama'):
abort(400, "You can't bypass the chud award!")
2022-05-04 23:09:46 +00:00
if comment.is_banned:
ma=ModAction(
kind="unban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
g.db.add(ma)
comment.is_banned = False
comment.ban_reason = None
comment.is_approved = v.id
g.db.add(comment)
return {"message": "Comment approved!"}
@app.post("/distinguish_comment/<c_id>")
2022-10-06 04:19:11 +00:00
@admin_level_required(PERMS['POST_COMMENT_DISTINGUISH'])
2022-05-04 23:09:46 +00:00
def admin_distinguish_comment(c_id, v):
comment = get_comment(c_id, v=v)
if comment.distinguish_level:
comment.distinguish_level = 0
kind = 'undistinguish_comment'
else:
comment.distinguish_level = v.admin_level
kind = 'distinguish_comment'
g.db.add(comment)
ma = ModAction(
kind=kind,
user_id=v.id,
target_comment_id=comment.id
)
g.db.add(ma)
if comment.distinguish_level: return {"message": "Comment distinguished!"}
else: return {"message": "Comment undistinguished!"}
@app.get("/admin/banned_domains/")
@admin_level_required(PERMS['DOMAINS_BAN'])
2022-05-04 23:09:46 +00:00
def admin_banned_domains(v):
2022-11-29 21:24:13 +00:00
banned_domains = g.db.query(BannedDomain) \
.order_by(BannedDomain.reason).all()
return render_template("admin/banned_domains.html", v=v,
banned_domains=banned_domains)
2022-05-04 23:09:46 +00:00
2022-10-20 22:14:25 +00:00
@app.post("/admin/ban_domain")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['DOMAINS_BAN'])
2022-10-20 22:14:25 +00:00
def ban_domain(v):
2022-05-04 23:09:46 +00:00
2022-10-31 14:33:11 +00:00
domain=request.values.get("domain", "").strip().lower()
2022-05-04 23:09:46 +00:00
if not domain: abort(400)
reason=request.values.get("reason").strip()
2022-10-20 22:14:25 +00:00
if not reason: abort(400, 'Reason is required!')
2022-05-04 23:09:46 +00:00
2022-10-20 22:14:25 +00:00
existing = g.db.get(BannedDomain, domain)
if not existing:
2022-05-04 23:09:46 +00:00
d = BannedDomain(domain=domain, reason=reason)
g.db.add(d)
ma = ModAction(
kind="ban_domain",
user_id=v.id,
_note=f'{domain}, reason: {reason}'
)
g.db.add(ma)
return redirect("/admin/banned_domains/")
2022-10-20 22:14:25 +00:00
@app.post("/admin/unban_domain/<domain>")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
2022-10-20 22:14:25 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
def unban_domain(v, domain):
existing = g.db.get(BannedDomain, domain)
if not existing: abort(400, 'Domain is not banned!')
g.db.delete(existing)
ma = ModAction(
kind="unban_domain",
user_id=v.id,
_note=domain
)
g.db.add(ma)
return {"message": f"{domain} has been unbanned!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/nuke_user")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_nuke_user(v):
user=get_user(request.values.get("user"))
for post in g.db.query(Submission).filter_by(author_id=user.id).all():
if post.is_banned:
continue
post.is_banned = True
post.ban_reason = v.username
g.db.add(post)
for comment in g.db.query(Comment).filter_by(author_id=user.id).all():
if comment.is_banned:
continue
comment.is_banned = True
comment.ban_reason = v.username
g.db.add(comment)
ma=ModAction(
kind="nuke_user",
user_id=v.id,
target_user_id=user.id,
)
g.db.add(ma)
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been removed!"}
2022-05-04 23:09:46 +00:00
@app.post("/admin/unnuke_user")
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
2022-05-04 23:09:46 +00:00
def admin_nunuke_user(v):
user=get_user(request.values.get("user"))
for post in g.db.query(Submission).filter_by(author_id=user.id).all():
if not post.is_banned:
continue
post.is_banned = False
post.ban_reason = None
2022-07-12 20:00:19 +00:00
post.is_approved = v.id
2022-05-04 23:09:46 +00:00
g.db.add(post)
for comment in g.db.query(Comment).filter_by(author_id=user.id).all():
if not comment.is_banned:
continue
comment.is_banned = False
comment.ban_reason = None
2022-07-12 20:00:19 +00:00
comment.is_approved = v.id
2022-05-04 23:09:46 +00:00
g.db.add(comment)
ma=ModAction(
kind="unnuke_user",
user_id=v.id,
target_user_id=user.id,
)
g.db.add(ma)
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been approved!"}