carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity
MarseyWorld/files/routes/users.py

1519 lines
55 KiB
Python
Raw Normal View History

mn
2022-05-04 23:09:46 +00:00
import io
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
import json
mn
2022-05-04 23:09:46 +00:00
import math
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
import time
from collections import Counter
import gevent
import qrcode
implement new pagination system in profile pages
2023-05-05 01:04:07 +00:00
from sqlalchemy.orm import aliased, load_only
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.classes import *
leaderboards: refactor leaderboards to their own class right now, leaderboards are complex enough that they ought to be upgraded to at least a second class thing. this commit provides an *okay* implementation of a per-request leaderboard there are many things to be done, including caching, persistence, etc i don't like this like 80 parameter __init__ but it's what i've got without overengineering it imo this is potentially already overdoing it
2022-10-28 08:42:02 +00:00
from files.classes.leaderboard import Leaderboard
kofi integration (testing on devrama)
2022-09-13 15:22:18 +00:00
from files.classes.transactions import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.classes.views import *
expand blackjack
2023-02-07 03:31:49 +00:00
from files.helpers.actions import execute_under_siege
mn
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
[DO NOT MERGE] multiple sub banners (#59) allows multiple sub banners Snakes note: By request of Carp, especially for WPD. Co-authored-by: justcool393 <justcool393@gmail.com> Co-authored-by: Snakes <duolsm@outlook.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/59 Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net> Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
from files.helpers.config.const import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.mail import *
from files.helpers.sanitize import *
refactor sorting and time filter
2022-07-09 10:32:49 +00:00
from files.helpers.sorting_and_time import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.useractions import badge_grant
better caching for get_alt_graph
2022-12-22 21:24:36 +00:00
from files.routes.routehelpers import check_for_alts, add_alt
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.wrappers import *
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
from files.routes.comments import _mark_comment_as_read
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.__main__ import app, cache, limiter
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
def _add_profile_view(vid, uid):
db = db_session()
only query the columns u need
2023-07-26 12:31:44 +00:00
view = db.query(ViewerRelationship).options(load_only(ViewerRelationship.viewer_id)).filter_by(viewer_id=vid, user_id=uid).one_or_none()
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
if view: view.last_view_utc = int(time.time())
else: view = ViewerRelationship(viewer_id=vid, user_id=uid)
db.add(view)
db.commit()
db.close()
stdout.flush()
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
def claim_rewards_all_users():
same as last commit
2023-08-11 13:15:34 +00:00
emails = [x[0] for x in g.db.query(Transaction.email).filter_by(claimed=None)]
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
users = g.db.query(User).filter(User.email.in_(emails)).order_by(User.truescore.desc()).all()
for user in users:
transactions = g.db.query(Transaction).filter_by(email=user.email, claimed=None).all()
highest_tier = 0
marseybux = 0
for transaction in transactions:
for t, money in TIER_TO_MONEY.items():
tier = t
if transaction.amount <= money: break
marseybux += TIER_TO_MBUX[tier]
if tier > highest_tier:
highest_tier = tier
transaction.claimed = True
g.db.add(transaction)
if marseybux:
user.pay_account('marseybux', marseybux)
send_repeatable_notification(user.id, f"You have received {marseybux} Marseybux! You can use them to buy awards or hats in the [shop](/shop/awards) or gamble them in the [casino](/casino).")
g.db.add(user)
user.patron_utc = int(time.time()) + 2937600
if highest_tier > user.patron:
user.patron = highest_tier
badge_id = 20 + highest_tier
badges_to_remove = g.db.query(Badge).filter(
Badge.user_id == user.id,
Badge.badge_id > badge_id,
Badge.badge_id < 29,
).all()
for badge in badges_to_remove:
g.db.delete(badge)
for x in range(22, badge_id+1):
badge_grant(badge_id=x, user=user)
fix top 10 patrons badge
2023-08-01 07:16:47 +00:00
user.lifetimedonated = g.db.query(func.sum(Transaction.amount)).filter_by(email=user.email).scalar()
if user.lifetimedonated >= 100:
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
badge_grant(badge_id=257, user=user)
fix top 10 patrons badge
2023-08-01 07:16:47 +00:00
if user.lifetimedonated >= 500:
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
badge_grant(badge_id=258, user=user)
fix top 10 patrons badge
2023-08-01 07:16:47 +00:00
if user.lifetimedonated >= 2500:
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
badge_grant(badge_id=259, user=user)
fix top 10 patrons badge
2023-08-01 07:16:47 +00:00
if user.lifetimedonated >= 5000:
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
badge_grant(badge_id=260, user=user)
fix top 10 patrons badge
2023-08-01 07:16:47 +00:00
if user.lifetimedonated >= 10000:
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
badge_grant(badge_id=261, user=user)
print(f'@{user.username} rewards claimed successfully!', flush=True)
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for user in g.db.query(User).options(load_only(User.id)).order_by(User.lifetimedonated.desc()).limit(10):
fix top 10 patrons badge
2023-08-01 07:16:47 +00:00
badge_grant(badge_id=294, user=user)
add badge to top 10 patrons by lifetime_donated
2023-08-01 06:43:50 +00:00
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def transfer_currency(v, username, currency_name, apply_tax):
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
MIN_CURRENCY_TRANSFER = 100
TAX_PCT = 0.03
receiver = get_user(username, v=v)
if receiver.id == v.id: abort(400, f"You can't transfer {currency_name} to yourself!")
amount = request.values.get("amount", "").strip()
amount = int(amount) if amount.isdigit() else None
if amount is None or amount <= 0: abort(400, f"Invalid number of {currency_name}")
if amount < MIN_CURRENCY_TRANSFER: abort(400, f"You have to gift at least {MIN_CURRENCY_TRANSFER} {currency_name}")
tax = 0
if apply_tax and not v.patron and not receiver.patron:
tax = math.ceil(amount*TAX_PCT)
reason = request.values.get("reason", "").strip()
log_message = f"@{v.username} has transferred {amount} {currency_name} to @{receiver.username}"
notif_text = f":marseycapitalistmanlet: @{v.username} has gifted you {amount-tax} {currency_name}!"
if reason:
if len(reason) > TRANSFER_MESSAGE_LENGTH_LIMIT:
abort(400, f"Reason is too long, max {TRANSFER_MESSAGE_LENGTH_LIMIT} characters")
notif_text += f"\n\n> {reason}"
log_message += f"\n\n> {reason}"
if not v.charge_account(currency_name, amount)[0]:
abort(400, f"You don't have enough {currency_name}")
if not v.shadowbanned:
if currency_name == 'marseybux':
fix this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4691321#context
2023-07-31 23:12:42 +00:00
receiver.pay_account('marseybux', amount - tax)
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
elif currency_name == 'coins':
fix this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4691321#context
2023-07-31 23:12:42 +00:00
receiver.pay_account('coins', amount - tax)
move some functions to the top to help with making the next commit
2023-07-25 20:06:18 +00:00
else:
raise ValueError(f"Invalid currency '{currency_name}' got when transferring {amount} from {v.id} to {receiver.id}")
if GIFT_NOTIF_ID: send_repeatable_notification(GIFT_NOTIF_ID, log_message)
send_repeatable_notification(receiver.id, notif_text)
g.db.add(v)
return {"message": f"{amount - tax} {currency_name} have been transferred to @{receiver.username}"}
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def upvoters_downvoters(v, username, username2, cls, vote_cls, vote_dir, template, standalone):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
users: add is_visible_to function for checking user visibility to a certain other user
2022-10-30 07:31:21 +00:00
if not u.is_visible_to(v): abort(403)
LGB: Permission block, follow, voters visibility.
2022-07-18 07:17:45 +00:00
if not (v.id == u.id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']): abort(403)
mn
2022-05-04 23:09:46 +00:00
id = u.id
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
uid = get_user(username2, id_only=True).id
mn
2022-05-04 23:09:46 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = g.db.query(cls).options(load_only(cls.id)).join(vote_cls).filter(
cls.ghost == False,
cls.is_banned == False,
cls.deleted_utc == 0,
vote_cls.vote_type==vote_dir,
cls.author_id==id,
vote_cls.user_id==uid,
)
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = listing.order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
listing = [x.id for x in listing]
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
if cls == Post:
try random bullshit to fix timeouts
2023-07-17 14:49:26 +00:00
listing = get_posts(listing, v=v)
fix upvoters/downvoters for comments and user voted
2022-10-16 08:17:20 +00:00
elif cls == Comment:
listing = get_comments(listing, v=v)
else:
listing = []
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template(template, total=total, listing=listing, page=page, v=v, standalone=standalone)
remove duplicate code in the template
2022-10-09 04:21:25 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/upvoters/@<username2>/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
remove duplicate code in the template
2022-10-09 04:21:25 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def upvoters_posts(v, username, username2):
return upvoters_downvoters(v, username, username2, Post, Vote, 1, "userpage/voted_posts.html", None)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/upvoters/@<username2>/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def upvoters_comments(v, username, username2):
return upvoters_downvoters(v, username, username2, Comment, CommentVote, 1, "userpage/voted_comments.html", True)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/downvoters/@<username2>/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def downvoters_posts(v, username, username2):
return upvoters_downvoters(v, username, username2, Post, Vote, -1, "userpage/voted_posts.html", None)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/downvoters/@<username2>/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def downvoters_comments(v, username, username2):
return upvoters_downvoters(v, username, username2, Comment, CommentVote, -1, "userpage/voted_comments.html", True)
remove duplicate code in the template
2022-10-09 04:21:25 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def upvoting_downvoting(v, username, username2, cls, vote_cls, vote_dir, template, standalone):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
users: add is_visible_to function for checking user visibility to a certain other user
2022-10-30 07:31:21 +00:00
if not u.is_visible_to(v): abort(403)
LGB: Permission block, follow, voters visibility.
2022-07-18 07:17:45 +00:00
if not (v.id == u.id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']): abort(403)
mn
2022-05-04 23:09:46 +00:00
id = u.id
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
uid = get_user(username2, id_only=True).id
mn
2022-05-04 23:09:46 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = g.db.query(cls).options(load_only(cls.id)).join(vote_cls).filter(
cls.ghost == False,
cls.is_banned == False,
cls.deleted_utc == 0,
vote_cls.vote_type==vote_dir,
vote_cls.user_id==id,
cls.author_id==uid,
)
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = listing.order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
listing = [x.id for x in listing]
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
if cls == Post:
try random bullshit to fix timeouts
2023-07-17 14:49:26 +00:00
listing = get_posts(listing, v=v)
use proper get function
2022-10-11 13:37:40 +00:00
elif cls == Comment:
listing = get_comments(listing, v=v)
else:
listing = []
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template(template, total=total, listing=listing, page=page, v=v, standalone=standalone)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/upvoting/@<username2>/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def upvoting_posts(v, username, username2):
return upvoting_downvoting(v, username, username2, Post, Vote, 1, "userpage/voted_posts.html", None)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/upvoting/@<username2>/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def upvoting_comments(v, username, username2):
return upvoting_downvoting(v, username, username2, Comment, CommentVote, 1, "userpage/voted_comments.html", True)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/downvoting/@<username2>/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def downvoting_posts(v, username, username2):
return upvoting_downvoting(v, username, username2, Post, Vote, -1, "userpage/voted_posts.html", None)
mn
2022-05-04 23:09:46 +00:00
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
@app.get("/@<username>/downvoting/@<username2>/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
use usernames instead of ids in GET urls visible to users whenever u can
2023-08-05 16:03:14 +00:00
def downvoting_comments(v, username, username2):
return upvoting_downvoting(v, username, username2, Comment, CommentVote, -1, "userpage/voted_comments.html", True)
remove duplicate code in the template
2022-10-09 04:21:25 +00:00
repurpose "upvoted" to "voted"
2022-11-22 21:28:30 +00:00
def user_voted(v, username, cls, vote_cls, template, standalone):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
users: add is_visible_to function for checking user visibility to a certain other user
2022-10-30 07:31:21 +00:00
if not u.is_visible_to(v): abort(403)
LGB: Permission block, follow, voters visibility.
2022-07-18 07:17:45 +00:00
if not (v.id == u.id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']): abort(403)
mn
2022-05-04 23:09:46 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
listing = g.db.query(cls).join(vote_cls).filter(
remove duplicate code in the template
2022-10-09 04:21:25 +00:00
cls.ghost == False,
cls.is_banned == False,
cls.deleted_utc == 0,
cls.author_id != u.id,
vote_cls.user_id == u.id,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
)
total = listing.count()
remove useless tabs
2023-05-05 21:45:25 +00:00
order votes by vote creation
2023-08-10 17:23:33 +00:00
listing = listing.order_by(vote_cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = [x.id for x in listing]
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
if cls == Post:
try random bullshit to fix timeouts
2023-07-17 14:49:26 +00:00
listing = get_posts(listing, v=v)
fix upvoters/downvoters for comments and user voted
2022-10-16 08:17:20 +00:00
elif cls == Comment:
listing = get_comments(listing, v=v)
else:
listing = []
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template(template, total=total, listing=listing, page=page, v=v, standalone=standalone)
mn
2022-05-04 23:09:46 +00:00
repurpose "upvoted" to "voted"
2022-11-22 21:28:30 +00:00
@app.get("/@<username>/voted/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Add "Upvoted" post/comment lists on profile.
2022-09-23 21:33:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def user_voted_posts(v, username):
rename submissions to posts
2023-06-07 23:26:32 +00:00
return user_voted(v, username, Post, Vote, "userpage/voted_posts.html", None)
Add "Upvoted" post/comment lists on profile.
2022-09-23 21:33:46 +00:00
repurpose "upvoted" to "voted"
2022-11-22 21:28:30 +00:00
@app.get("/@<username>/voted/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Add "Upvoted" post/comment lists on profile.
2022-09-23 21:33:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def user_voted_comments(v, username):
repurpose "upvoted" to "voted"
2022-11-22 21:28:30 +00:00
return user_voted(v, username, Comment, CommentVote, "userpage/voted_comments.html", True)
Add "Upvoted" post/comment lists on profile.
2022-09-23 21:33:46 +00:00
Sort banned, chudded, etc listings by activity. The listings of users affected by jannied states are long. To make them more useful, sort by recent user activity (when v is allowed to view last_active) to know which accounts are still in use.
2022-12-10 04:46:19 +00:00
@app.get("/banned")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Sort banned, chudded, etc listings by activity. The listings of users affected by jannied states are long. To make them more useful, sort by recent user activity (when v is allowed to view last_active) to know which accounts are still in use.
2022-12-10 04:46:19 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def banned(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
User.is_banned != None,
punished users listing fixes
2022-12-10 08:23:56 +00:00
or_(User.unban_utc == 0, User.unban_utc > time.time()),
order /banned and /admin/shadowbanned by ban reason
2023-01-21 05:50:48 +00:00
).order_by(User.ban_reason)
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
Sort banned, chudded, etc listings by activity. The listings of users affected by jannied states are long. To make them more useful, sort by recent user activity (when v is allowed to view last_active) to know which accounts are still in use.
2022-12-10 04:46:19 +00:00
users = users.all()
return render_template("banned.html", v=v, users=users)
mn
2022-05-04 23:09:46 +00:00
@app.get("/grassed")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def grassed(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(
minor fix for /grassed
2022-12-10 08:11:11 +00:00
User.ban_reason.like('grass award used by @%'),
punished users listing fixes
2022-12-10 08:23:56 +00:00
User.unban_utc > time.time(),
minor fix for /grassed
2022-12-10 08:11:11 +00:00
)
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
user lists: don't show shadowbanned users on grassed and agendaposter page to people who can't see them
2022-11-03 08:33:37 +00:00
users = users.all()
mn
2022-05-04 23:09:46 +00:00
return render_template("grassed.html", v=v, users=users)
rename /agendaposters to /chuds
2022-10-15 06:55:54 +00:00
@app.get("/chuds")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def chuds(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
or_(User.chud == 1, User.chud > time.time()),
Sort banned, chudded, etc listings by activity. The listings of users affected by jannied states are long. To make them more useful, sort by recent user activity (when v is allowed to view last_active) to know which accounts are still in use.
2022-12-10 04:46:19 +00:00
)
if v.admin_level >= PERMS['VIEW_LAST_ACTIVE']:
order punished listings by truescore instead
2022-12-15 18:31:51 +00:00
users = users.order_by(User.truescore.desc())
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
user lists: don't show shadowbanned users on grassed and agendaposter page to people who can't see them
2022-11-03 08:33:37 +00:00
users = users.order_by(User.username).all()
rename /agendaposters to /chuds
2022-10-15 06:55:54 +00:00
return render_template("chuds.html", v=v, users=users)
mn
2022-05-04 23:09:46 +00:00
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def all_upvoters_downvoters(v, username, vote_dir, is_who_simps_hates):
prevent DDOS
2022-12-21 20:14:33 +00:00
if username == 'Snappy':
default ratelimit doesnt apply implicitly if theres other @limiter.limit before the function, so add it explicity before all functions
2023-02-26 08:41:04 +00:00
abort(403, "For performance reasons, you can't see Snappy's statistics!")
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
vote_str = 'votes'
simps_haters = 'voters'
vote_name = 'Neutral'
if vote_dir == 1:
vote_str = 'upvotes'
simps_haters = 'simps for' if is_who_simps_hates else 'simps'
vote_name = 'Up'
elif vote_dir == -1:
vote_str = 'downvotes'
simps_haters = 'hates' if is_who_simps_hates else 'haters'
vote_name = 'Down'
mn
2022-05-04 23:09:46 +00:00
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
id = get_user(username, v=v).id
LGB: Permission block, follow, voters visibility.
2022-07-18 07:17:45 +00:00
if not (v.id == id or v.admin_level >= PERMS['USER_VOTERS_VISIBLE']):
abort(403)
scope variables properly 🤤
2022-10-09 06:42:32 +00:00
votes = []
votes2 = []
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
if is_who_simps_hates:
rename submissions to posts
2023-06-07 23:26:32 +00:00
votes = g.db.query(Post.author_id, func.count(Post.author_id)).join(Vote).filter(Post.ghost == False, Post.is_banned == False, Post.deleted_utc == 0, Vote.vote_type==vote_dir, Vote.user_id==id).group_by(Post.author_id).order_by(func.count(Post.author_id).desc()).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
votes2 = g.db.query(Comment.author_id, func.count(Comment.author_id)).join(CommentVote).filter(Comment.ghost == False, Comment.is_banned == False, Comment.deleted_utc == 0, CommentVote.vote_type==vote_dir, CommentVote.user_id==id).group_by(Comment.author_id).order_by(func.count(Comment.author_id).desc()).all()
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
else:
rename submissions to posts
2023-06-07 23:26:32 +00:00
votes = g.db.query(Vote.user_id, func.count(Vote.user_id)).join(Post).filter(Post.ghost == False, Post.is_banned == False, Post.deleted_utc == 0, Vote.vote_type==vote_dir, Post.author_id==id).group_by(Vote.user_id).order_by(func.count(Vote.user_id).desc()).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
votes2 = g.db.query(CommentVote.user_id, func.count(CommentVote.user_id)).join(Comment).filter(Comment.ghost == False, Comment.is_banned == False, Comment.deleted_utc == 0, CommentVote.vote_type==vote_dir, Comment.author_id==id).group_by(CommentVote.user_id).order_by(func.count(CommentVote.user_id).desc()).all()
restores simps and haters for comments and /voted/comments
2023-02-22 17:30:09 +00:00
votes = Counter(dict(votes)) + Counter(dict(votes2))
same as prev commit
2023-05-07 18:35:11 +00:00
total_items = sum(votes.values())
fix this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4106096#context
2023-05-07 18:25:37 +00:00
fix this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4113483#context
2023-05-09 20:39:30 +00:00
users = g.db.query(User).filter(User.id.in_(votes.keys()))
same as last commit
2023-08-11 13:15:34 +00:00
users = [(user, votes[user.id]) for user in users]
fix this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4113483#context
2023-05-09 20:39:30 +00:00
users = sorted(users, key=lambda x: x[1], reverse=True)
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
mn
2022-05-04 23:09:46 +00:00
try:
pos = [x[0].id for x in users].index(v.id)
pos = (pos+1, users[pos][1])
except: pos = (len(users)+1, 0)
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
received_given = 'given' if is_who_simps_hates else 'received'
same as prev commit
2023-05-07 18:35:11 +00:00
if total_items == 1: vote_str = vote_str[:-1] # we want to unpluralize if only 1 vote
total_items = f'{total_items} {vote_str} {received_given}'
add total counter for simps, haters, simping for, hates
2022-06-24 23:22:20 +00:00
add pagination to simps/haters/simps for/hates lists and remove loop.index
2022-11-28 01:45:20 +00:00
name2 = f'Who @{username} {simps_haters}' if is_who_simps_hates else f"@{username}'s {simps_haters}"
mn
2022-05-04 23:09:46 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
same as prev commit
2023-05-07 18:35:11 +00:00
total = len(users)
fix this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4113483#context
2023-05-09 20:39:30 +00:00
users = users[PAGE_SIZE*(page-1):]
users = users[:PAGE_SIZE]
add pagination to simps/haters/simps for/hates lists and remove loop.index
2022-11-28 01:45:20 +00:00
same as prev commit
2023-05-07 18:35:11 +00:00
return render_template("userpage/voters.html", v=v, users=users, pos=pos, name=vote_name, name2=name2, page=page, total_items=total_items, total=total)
mn
2022-05-04 23:09:46 +00:00
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
@app.get("/@<username>/upvoters")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def upvoters(v, username):
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, 1, False)
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoters")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def downvoters(v, username):
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, -1, False)
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/upvoting")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def upvoting(v, username):
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, 1, True)
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/downvoting")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def downvoting(v, username):
deduplicate more of this page's code
2022-10-09 06:41:06 +00:00
return all_upvoters_downvoters(v, username, -1, True)
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/suicide")
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@feature_required('USERS_SUICIDE')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit("5/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("5/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def suicide(v, username):
mn
2022-05-04 23:09:46 +00:00
user = get_user(username)
revert back from \n to \n\n for easier to read source and making linefeeds work when theres <pre> or ```
2023-02-26 10:20:32 +00:00
suicide = f"Hi there,\n\nA [concerned user](/id/{v.id}) reached out to us about you.\n\nWhen you're in the middle of something painful, it may feel like you don't have a lot of options. But whatever you're going through, you deserve help and there are people who are here for you.\n\nThere are resources available in your area that are free, confidential, and available 24/7:\n\n- Call, Text, or Chat with Canada's [Crisis Services Canada](https://www.crisisservicescanada.ca/en/)\n\n- Call, Email, or Visit the UK's [Samaritans](https://www.samaritans.org/)\n\n- Text CHAT to America's [Crisis Text Line](https://www.crisistextline.org/) at 741741.\n\nIf you don't see a resource in your area above, the moderators keep a comprehensive list of resources and hotlines for people organized by location. Find Someone Now\n\nIf you think you may be depressed or struggling in another way, don't ignore it or brush it aside. Take yourself and your feelings seriously, and reach out to someone.\n\nIt may not feel like it, but you have options. There are people available to listen to you, and ways to move forward.\n\nYour fellow users care about you and there are people who want to help."
Close more shadowbanned user info leaks. 1. Missed the notif for unfollowing a non-fish'd user in fb520034047f. 2. "Get Them Help" button showed username. 3. Gift coins/mbux showed username and allowed a message. 4. Global block list showed username. 5. User profile appeared to logged-out and non-jannies.
2022-06-13 03:03:36 +00:00
if not v.shadowbanned:
send_notification(user.id, suicide)
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"Help message sent to @{user.username}"}
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/coins")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def get_coins(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
user = get_user(username, v=v)
don't duplicate checks for users
2022-09-30 22:48:34 +00:00
return {"coins": user.coins}
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/transfer_coins")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@is_not_permabanned
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def transfer_coins(v, username):
users: fix bug that would steal coins or mbux if they entered a reason that was too long users: refactor transfer_currency into its own thing
2022-10-30 07:05:02 +00:00
return transfer_currency(v, username, 'coins', True)
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/transfer_bux")
sneed (rename procoins to marseybux) (#472) * sneed (rename procoins to marseybux) * literally unusable Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-21 23:08:29 +00:00
@feature_required('MARSEYBUX')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@is_not_permabanned
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def transfer_bux(v, username):
sneed (rename procoins to marseybux) (#472) * sneed (rename procoins to marseybux) * literally unusable Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-21 23:08:29 +00:00
return transfer_currency(v, username, 'marseybux', False)
mn
2022-05-04 23:09:46 +00:00
Revert "fix wrong coin and mbux count in /leaderboard" This reverts commit 13593845604ca3c55ab0f0cd1cf6324730f6f102.
2023-07-13 13:02:59 +00:00
@app.get("/leaderboard")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Revert "fix wrong coin and mbux count in /leaderboard" This reverts commit 13593845604ca3c55ab0f0cd1cf6324730f6f102.
2023-07-13 13:02:59 +00:00
@auth_required
testing complete
2023-08-03 22:01:34 +00:00
@cache.memoize()
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def leaderboard(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User)
mn
2022-05-04 23:09:46 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
coins = Leaderboard("Coins", "coins", "coins", "Coins", None, Leaderboard.get_simple_lb, User.coins, v, lambda u:u.coins, users)
marseybux = Leaderboard("Marseybux", "marseybux", "marseybux", "Marseybux", None, Leaderboard.get_simple_lb, User.marseybux, v, lambda u:u.marseybux, users)
subscribers = Leaderboard("Followers", "followers", "followers", "Followers", "followers", Leaderboard.get_simple_lb, User.stored_subscriber_count, v, lambda u:u.stored_subscriber_count, users)
posts = Leaderboard("Posts", "post count", "posts", "Posts", "posts", Leaderboard.get_simple_lb, User.post_count, v, lambda u:u.post_count, users)
comments = Leaderboard("Comments", "comment count", "comments", "Comments", "comments", Leaderboard.get_simple_lb, User.comment_count, v, lambda u:u.comment_count, users)
received_awards = Leaderboard("Received awards", "received awards", "received-awards", "Received Awards", None, Leaderboard.get_simple_lb, User.received_award_count, v, lambda u:u.received_award_count, users)
coins_spent = Leaderboard("Coins spent on awards", "coins spent on awards", "spent", "Coins", None, Leaderboard.get_simple_lb, User.coins_spent, v, lambda u:u.coins_spent, users)
truescore = Leaderboard("Truescore", "truescore", "truescore", "Truescore", None, Leaderboard.get_simple_lb, User.truescore, v, lambda u:u.truescore, users)
leaderboards: refactor leaderboards to their own class right now, leaderboards are complex enough that they ought to be upgraded to at least a second class thing. this commit provides an *okay* implementation of a per-request leaderboard there are many things to be done, including caching, persistence, etc i don't like this like 80 parameter __init__ but it's what i've got without overengineering it imo this is potentially already overdoing it
2022-10-28 08:42:02 +00:00
update emoji leaderboard description
2023-06-24 14:50:44 +00:00
badges = Leaderboard("Badges", "badges", "badges", "Badges", None, Leaderboard.get_badge_emoji_lb, Badge.user_id, v, None, None)
leaderboards: refactor leaderboards to their own class right now, leaderboards are complex enough that they ought to be upgraded to at least a second class thing. this commit provides an *okay* implementation of a per-request leaderboard there are many things to be done, including caching, persistence, etc i don't like this like 80 parameter __init__ but it's what i've got without overengineering it imo this is potentially already overdoing it
2022-10-28 08:42:02 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
blocks = Leaderboard("Most blocked", "most blocked", "most-blocked", "Blocked By", "blockers", Leaderboard.get_blockers_lb, UserBlock.target_id, v, None, None)
leaderboards: refactor leaderboards to their own class right now, leaderboards are complex enough that they ought to be upgraded to at least a second class thing. this commit provides an *okay* implementation of a per-request leaderboard there are many things to be done, including caching, persistence, etc i don't like this like 80 parameter __init__ but it's what i've got without overengineering it imo this is potentially already overdoing it
2022-10-28 08:42:02 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
owned_hats = Leaderboard("Owned hats", "owned hats", "owned-hats", "Owned Hats", None, Leaderboard.get_hat_lb, User.owned_hats, v, None, None)
leaderboards: refactor leaderboards to their own class right now, leaderboards are complex enough that they ought to be upgraded to at least a second class thing. this commit provides an *okay* implementation of a per-request leaderboard there are many things to be done, including caching, persistence, etc i don't like this like 80 parameter __init__ but it's what i've got without overengineering it imo this is potentially already overdoing it
2022-10-28 08:42:02 +00:00
Add marseybux leaderboard
2023-05-13 23:23:09 +00:00
leaderboards = [coins, marseybux, coins_spent, truescore, subscribers, posts, comments, received_awards, badges, blocks, owned_hats]
limited designed hats loserboard to rdrama.net
2022-11-27 00:27:33 +00:00
if SITE == 'rdrama.net':
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
leaderboards.append(Leaderboard("Designed hats", "designed hats", "designed-hats", "Designed Hats", None, Leaderboard.get_hat_lb, User.designed_hats, v, None, None))
fix capitalization
2023-08-03 21:38:36 +00:00
leaderboards.append(Leaderboard("Emojis made", "emojis made", "emojis-made", "Emojis", None, Leaderboard.get_badge_emoji_lb, Emoji.author_id, v, None, None))
leaderboards: refactor leaderboards to their own class right now, leaderboards are complex enough that they ought to be upgraded to at least a second class thing. this commit provides an *okay* implementation of a per-request leaderboard there are many things to be done, including caching, persistence, etc i don't like this like 80 parameter __init__ but it's what i've got without overengineering it imo this is potentially already overdoing it
2022-10-28 08:42:02 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
leaderboards.append(Leaderboard("Upvotes given", "upvotes given", "upvotes-given", "Upvotes Given", "upvoting", Leaderboard.get_upvotes_lb, None, v, None, None))
put "upvotes given" at the bottom
2023-04-25 09:38:42 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
leaderboards.append(Leaderboard("Downvotes received", "downvotes received", "downvotes-received", "Downvotes Received", "downvoters", Leaderboard.get_downvotes_lb, None, v, None, None))
restore "downvotes received" leaderboard
2023-04-25 09:50:47 +00:00
minor fix to winnings leaderboards
2023-08-03 22:14:16 +00:00
leaderboards.append(Leaderboard("Casino winnings (top)", "casino winnings", "casino-winnings-top", "Casino Winnings", None, Leaderboard.get_winnings_lb, CasinoGame.winnings, v, None, None))
leaderboards.append(Leaderboard("Casino winnings (bottom)", "casino winnings", "casino-winnings-bottom", "Casino Winnings", None, Leaderboard.get_winnings_lb, CasinoGame.winnings, v, None, None, 25, False))
restore winnings leaderboards (testing on staging)
2023-08-03 21:57:50 +00:00
Revert "fix wrong coin and mbux count in /leaderboard" This reverts commit 13593845604ca3c55ab0f0cd1cf6324730f6f102.
2023-07-13 13:02:59 +00:00
return render_template("leaderboard.html", v=v, leaderboards=leaderboards)
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.get("/<int:id>/css")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
rework custom css a little
2022-06-26 05:26:45 +00:00
def get_css(id):
try: id = int(id)
except: abort(404)
Revert "put custom CSS into HTML templates" This reverts commit 19c82b7ea13bfa636c79aab31d35f0617629d808.
2022-06-26 05:07:28 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
css, bg = g.db.query(User.css, User.background).filter_by(id=id).one_or_none()
stop using inline style/script elements
2022-12-29 14:20:27 +00:00
if bg:
if not css: css = ''
css += f'''
body {{
background improvements
2023-01-01 09:59:29 +00:00
background: url("{bg}") center center fixed;
stop using inline style/script elements
2022-12-29 14:20:27 +00:00
}}
'''
if 'anime/' not in bg and not bg.startswith('/images/'):
css += 'body {background-size: cover}'
rework custom css a little
2022-06-26 05:26:45 +00:00
if not css: abort(404)
stop using inline style/script elements
2022-12-29 14:20:27 +00:00
resp = make_response(css)
Revert "put custom CSS into HTML templates" This reverts commit 19c82b7ea13bfa636c79aab31d35f0617629d808.
2022-06-26 05:07:28 +00:00
resp.headers["Content-Type"] = "text/css"
return resp
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.get("/<int:id>/profilecss")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
rework custom css a little
2022-06-26 05:26:45 +00:00
def get_profilecss(id):
try: id = int(id)
except: abort(404)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
css, bg = g.db.query(User.profilecss, User.profile_background).filter_by(id=id).one_or_none()
stop using inline style/script elements
2022-12-29 14:20:27 +00:00
if bg:
if not css: css = ''
background improvements
2023-01-01 09:59:29 +00:00
css += f'''
body {{
background: url("{bg}") center center fixed;
background-size: auto;
}}
'''
rework custom css a little
2022-06-26 05:26:45 +00:00
if not css: abort(404)
stop using inline style/script elements
2022-12-29 14:20:27 +00:00
resp = make_response(css)
Revert "put custom CSS into HTML templates" This reverts commit 19c82b7ea13bfa636c79aab31d35f0617629d808.
2022-06-26 05:07:28 +00:00
resp.headers["Content-Type"] = "text/css"
return resp
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/song")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def usersong(username):
mn
2022-05-04 23:09:46 +00:00
user = get_user(username)
don't cache profile song redirect
2023-05-04 19:24:47 +00:00
if not user.song:
abort(404)
resp = make_response(redirect(f"/songs/{user.song}.mp3"))
resp.headers["Cache-Control"] = "no-store"
return resp
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/subscribe/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
def subscribe(v, post_id):
rename submissions to posts
2023-06-07 23:26:32 +00:00
existing = g.db.query(Subscription).filter_by(user_id=v.id, post_id=post_id).one_or_none()
check for existing subscription
2022-09-27 00:19:52 +00:00
if not existing:
rename submissions to posts
2023-06-07 23:26:32 +00:00
new_sub = Subscription(user_id=v.id, post_id=post_id)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(new_sub)
add "saves" and "subscriptions" sorts everywhere
2023-06-08 01:56:12 +00:00
cache.delete_memoized(userpagelisting)
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": "Subscribed to post successfully!"}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/unsubscribe/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
def unsubscribe(v, post_id):
rename submissions to posts
2023-06-07 23:26:32 +00:00
existing = g.db.query(Subscription).filter_by(user_id=v.id, post_id=post_id).one_or_none()
check for existing subscription
2022-09-27 00:19:52 +00:00
if existing:
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(existing)
add "saves" and "subscriptions" sorts everywhere
2023-06-08 01:56:12 +00:00
cache.delete_memoized(userpagelisting)
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": "Unsubscribed from post successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/message")
make it possible to message someone by id
2023-07-11 14:36:46 +00:00
@app.post("/id/<int:id>/message")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit("10/minute;20/hour;50/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("10/minute;20/hour;50/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@is_not_permabanned
make it possible to message someone by id
2023-07-11 14:36:46 +00:00
def message2(v, username=None, id=None):
if id:
user = get_account(id, v=v, include_blocks=True)
else:
user = get_user(username, v=v, include_blocks=True)
Fix DMs improperly treating all users as blocked. The changes to helpers/get.py @ get_user(...) in a6b7fed2fcb4 resulted in `is_blocking` no longer being present on all User objects retrieved via `get_user`. This triggered a latent identifier shadow where the property method `User.is_blocking` on the User model caused checks for blocks on objects retrieved via `get_user` to always return True. Notably: when the get_user return value left `is_blocking` unset and thus implied False, the following expression yielded True due to the presence of the first-class function at the same identifier: hasattr(user, 'is_blocking') and user.is_blocking
2022-07-03 17:55:25 +00:00
security: fix mute bypass modmail: constantify user ID
2022-11-17 22:50:06 +00:00
if user.id == MODMAIL_ID:
abort(403, "Please use /contact to contact the admins")
Fix DMs improperly treating all users as blocked. The changes to helpers/get.py @ get_user(...) in a6b7fed2fcb4 resulted in `is_blocking` no longer being present on all User objects retrieved via `get_user`. This triggered a latent identifier shadow where the property method `User.is_blocking` on the User model caused checks for blocks on objects retrieved via `get_user` to always return True. Notably: when the get_user return value left `is_blocking` unset and thus implied False, the following expression yielded True due to the presence of the first-class function at the same identifier: hasattr(user, 'is_blocking') and user.is_blocking
2022-07-03 17:55:25 +00:00
if hasattr(user, 'is_blocking') and user.is_blocking:
same as last commit
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocking @{user.username}")
mn
2022-05-04 23:09:46 +00:00
view sorted admin list and message blocked users
2022-10-06 05:16:09 +00:00
if v.admin_level <= PERMS['MESSAGE_BLOCKED_USERS'] and hasattr(user, 'is_blocked') and user.is_blocked:
use exlamation marks instead of dots in responses to users
2023-01-27 11:57:29 +00:00
abort(403, f"@{user.username} is blocking you!")
mn
2022-05-04 23:09:46 +00:00
remove a bunch of unnecessary/confusing garbage
2023-07-29 19:13:37 +00:00
body = request.values.get("message", "")
restore needful .strip()
2023-07-29 19:17:50 +00:00
body = body[:COMMENT_BODY_LENGTH_LIMIT].strip()
add dm images
2023-01-23 09:58:38 +00:00
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
if not g.is_tor and get_setting("dm_media"):
don't use pomf for DM images anymore and allow for video and audio in DMs
2023-05-04 21:52:37 +00:00
body = process_files(request.files, v, body, is_dm=True, dm_user=user)
strip after not before
2023-07-30 06:20:02 +00:00
body = body[:COMMENT_BODY_LENGTH_LIMIT].strip() #process_files potentially adds characters to the post
add dm images
2023-01-23 09:58:38 +00:00
don't use pomf for DM images anymore and allow for video and audio in DMs
2023-05-04 21:52:37 +00:00
if not body: abort(400, "Message is empty!")
disallow discord links in DMs
2022-10-13 13:26:59 +00:00
don't use pomf for DM images anymore and allow for video and audio in DMs
2023-05-04 21:52:37 +00:00
body_html = sanitize(body)
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
existing = g.db.query(Comment.id).filter(
cleanup user ids in const.py
2022-12-10 14:00:03 +00:00
Comment.author_id == v.id,
Comment.sentto == user.id,
Comment.body_html == body_html
).first()
mn
2022-05-04 23:09:46 +00:00
use exlamation marks instead of dots in responses to users
2023-01-27 11:57:29 +00:00
if existing: abort(403, "Message already exists!")
mn
2022-05-04 23:09:46 +00:00
c = Comment(author_id=v.id,
complement 32fa466e6aa1df8df56a63635e5defd5c23acc4f
2023-06-23 13:46:42 +00:00
parent_post=None,
casino + style shit
2022-09-04 23:15:37 +00:00
level=1,
sentto=user.id,
don't use pomf for DM images anymore and allow for video and audio in DMs
2023-05-04 21:52:37 +00:00
body=body,
casino + style shit
2022-09-04 23:15:37 +00:00
body_html=body_html
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(c)
g.db.flush()
refactor blackjack a bit
2022-10-21 00:28:05 +00:00
execute_blackjack(v, c, c.body_html, 'message')
antispam: under siege mode
2022-11-30 17:37:35 +00:00
execute_under_siege(v, c, c.body_html, 'message')
mn
2022-05-04 23:09:46 +00:00
c.top_comment_id = c.id
replace "bots" with "BOT_IDs"
2023-05-12 22:29:34 +00:00
if user.id not in BOT_IDs:
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=user.id).one_or_none()
fds
2022-05-28 02:20:31 +00:00
if not notif:
notif = Notification(comment_id=c.id, user_id=user.id)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(notif)
mn
2022-05-04 23:09:46 +00:00
remove redundant if condition
2023-02-24 01:47:50 +00:00
if not v.shadowbanned:
hide ghosts in push notifs
2023-02-27 13:35:53 +00:00
title = f'New message from @{c.author_name}'
refactor push notifs
2022-06-27 19:02:24 +00:00
notifications rework
2022-07-08 18:06:54 +00:00
url = f'{SITE_FULL}/notifications/messages'
refactor push notifs
2022-06-27 19:02:24 +00:00
don't use pomf for DM images anymore and allow for video and audio in DMs
2023-05-04 21:52:37 +00:00
push_notif({user.id}, title, body, url)
mn
2022-05-04 23:09:46 +00:00
return {"message": "Message sent!"}
@app.post("/reply")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit("6/minute;50/hour;200/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("6/minute;50/hour;200/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def messagereply(v):
remove a bunch of unnecessary/confusing garbage
2023-07-29 19:13:37 +00:00
body = request.values.get("body", "")
restore needful .strip()
2023-07-29 19:17:50 +00:00
body = body[:COMMENT_BODY_LENGTH_LIMIT].strip()
mn
2022-05-04 23:09:46 +00:00
fix 500 error
2022-10-14 15:29:26 +00:00
id = request.values.get("parent_id")
mn
2022-05-04 23:09:46 +00:00
parent = get_comment(id, v=v)
dont allow ppl to reply to normal comments like they're a message, @ThousandBestLives did this
2023-07-22 19:43:25 +00:00
if parent.parent_post or parent.wall_user_id:
abort(403, "You can only reply to messages!")
mn
2022-05-04 23:09:46 +00:00
user_id = parent.author.id
rename variable
2023-06-29 19:51:32 +00:00
if v.is_permabanned and parent.sentto != MODMAIL_ID:
use exlamation marks instead of dots in responses to users
2023-01-27 11:57:29 +00:00
abort(403, "You are permabanned and may not reply to messages!")
security: fix mute bypass modmail: constantify user ID
2022-11-17 22:50:06 +00:00
elif v.is_muted and parent.sentto == MODMAIL_ID:
use exlamation marks instead of dots in responses to users
2023-01-27 11:57:29 +00:00
abort(403, "You are forbidden from replying to modmail!")
Prevent permabanned users from replying to DMs. Permabanning already prevents users from initiating new DMs, and we complete this by preventing replying to existing DM chains. New modmails may still be initiated, and existing modmails may still be replied to.
2022-09-01 20:19:07 +00:00
security: fix mute bypass modmail: constantify user ID
2022-11-17 22:50:06 +00:00
if parent.sentto == MODMAIL_ID: user_id = None
mn
2022-05-04 23:09:46 +00:00
elif v.id == user_id: user_id = parent.sentto
fix images in modmail
2023-01-28 08:47:52 +00:00
user = None
Fix DMs not checking blocks.
2022-11-02 20:22:23 +00:00
if user_id:
user = get_account(user_id, v=v, include_blocks=True)
if hasattr(user, 'is_blocking') and user.is_blocking:
same as last commit
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocking @{user.username}")
Fix DMs not checking blocks.
2022-11-02 20:22:23 +00:00
elif (v.admin_level <= PERMS['MESSAGE_BLOCKED_USERS']
and hasattr(user, 'is_blocked') and user.is_blocked):
same as last commit
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocked by @{user.username}")
Fix DMs not checking blocks.
2022-11-02 20:22:23 +00:00
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
if not g.is_tor and get_setting("dm_media"):
don't use pomf for DM images anymore and allow for video and audio in DMs
2023-05-04 21:52:37 +00:00
body = process_files(request.files, v, body, is_dm=True, dm_user=user)
strip after not before
2023-07-30 06:20:02 +00:00
body = body[:COMMENT_BODY_LENGTH_LIMIT].strip() #process_files potentially adds characters to the post
fix 500 errors
2023-04-29 13:33:29 +00:00
add dm images
2023-01-23 09:58:38 +00:00
if not body: abort(400, "Message is empty!")
fix 500 error related to variables
2022-06-18 17:50:03 +00:00
body_html = sanitize(body)
mn
2022-05-04 23:09:46 +00:00
fix 500 errors
2023-04-29 13:33:29 +00:00
if len(body_html) > COMMENT_BODY_HTML_LENGTH_LIMIT:
abort(400, "Message too long!")
fix not being able to see ur own replies in DMs
2023-02-28 20:52:43 +00:00
if parent.sentto == MODMAIL_ID:
sentto = MODMAIL_ID
else:
sentto = user_id
mn
2022-05-04 23:09:46 +00:00
c = Comment(author_id=v.id,
complement 32fa466e6aa1df8df56a63635e5defd5c23acc4f
2023-06-23 13:46:42 +00:00
parent_post=None,
mn
2022-05-04 23:09:46 +00:00
parent_comment_id=id,
top_comment_id=parent.top_comment_id,
level=parent.level + 1,
fix not being able to see ur own replies in DMs
2023-02-28 20:52:43 +00:00
sentto=sentto,
fix for future messages
2023-02-19 20:02:13 +00:00
body=body,
mn
2022-05-04 23:09:46 +00:00
body_html=body_html,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(c)
g.db.flush()
refactor blackjack a bit
2022-10-21 00:28:05 +00:00
execute_blackjack(v, c, c.body_html, 'message')
antispam: under siege mode
2022-11-30 17:37:35 +00:00
execute_under_siege(v, c, c.body_html, 'message')
mn
2022-05-04 23:09:46 +00:00
replace "bots" with "BOT_IDs"
2023-05-12 22:29:34 +00:00
if user_id and user_id not in {v.id, MODMAIL_ID} | BOT_IDs:
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=user_id).one_or_none()
mn
2022-05-04 23:09:46 +00:00
if not notif:
notif = Notification(comment_id=c.id, user_id=user_id)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(notif)
mn
2022-05-04 23:09:46 +00:00
remove redundant if condition
2023-02-24 01:47:50 +00:00
if not v.shadowbanned:
hide ghosts in push notifs
2023-02-27 13:35:53 +00:00
title = f'New message from @{c.author_name}'
refactor push notifs
2022-06-27 19:02:24 +00:00
notifications rework
2022-07-08 18:06:54 +00:00
url = f'{SITE_FULL}/notifications/messages'
refactor push notifs
2022-06-27 19:02:24 +00:00
try not limiting push notifs body size and see what happens
2023-02-25 18:16:28 +00:00
push_notif({user_id}, title, body, url)
refactor push notifs
2022-06-27 19:02:24 +00:00
remove jc insanity
2023-03-05 22:50:06 +00:00
top_comment = c.top_comment
mn
2022-05-04 23:09:46 +00:00
security: fix mute bypass modmail: constantify user ID
2022-11-17 22:50:06 +00:00
if top_comment.sentto == MODMAIL_ID:
same as last commit
2023-08-11 13:15:34 +00:00
admin_ids = [x[0] for x in g.db.query(User.id).filter(User.admin_level >= PERMS['NOTIFICATIONS_MODMAIL'], User.id != v.id)]
fix 500 error
2023-05-20 00:16:45 +00:00
if SITE == 'watchpeopledie.tv' and AEVANN_ID in admin_ids:
fix wrong logic for modmail notifs
2023-05-15 09:36:52 +00:00
admin_ids.remove(AEVANN_ID)
restore modmail notifs for myself
2023-02-23 23:25:47 +00:00
dont give me modmail notifs on WPD (if its important they'll tell me)
2023-05-12 19:37:26 +00:00
if parent.author.id not in admin_ids + [v.id]:
admin_ids.append(parent.author.id)
expand 593b74c969d4bdc01d8877116d6811ba7692e308 + make AEVANN_ID default 0
2022-08-13 03:11:44 +00:00
stop modmail notif spam
2023-06-08 03:52:23 +00:00
#Don't delete unread notifications, so the replies don't get collapsed and they get highlighted
remove unnecessary v shit
2023-07-08 13:32:14 +00:00
ids = [top_comment.id] + [x.id for x in top_comment.replies(sort="old")]
stop modmail notif spam
2023-06-08 03:52:23 +00:00
notifications = g.db.query(Notification).filter(Notification.read == True, Notification.comment_id.in_(ids), Notification.user_id.in_(admin_ids))
for n in notifications:
g.db.delete(n)
dont give me modmail notifs on WPD (if its important they'll tell me)
2023-05-12 19:37:26 +00:00
for admin in admin_ids:
fix replies to modmail not notifying the sender
2022-06-30 22:41:11 +00:00
notif = Notification(comment_id=c.id, user_id=admin)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(notif)
mn
2022-05-04 23:09:46 +00:00
turns out we didnt need a dedicated ajax variable
2022-08-30 05:26:13 +00:00
return {"comment": render_template("comments.html", v=v, comments=[c])}
mn
2022-05-04 23:09:46 +00:00
@app.get("/2faqr/<secret>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def mfa_qr(v, secret):
mn
2022-05-04 23:09:46 +00:00
x = pyotp.TOTP(secret)
qr = qrcode.QRCode(
error_correction=qrcode.constants.ERROR_CORRECT_L
)
2fa minor change
2022-12-20 21:20:32 +00:00
qr.add_data(x.provisioning_uri(v.username, issuer_name=SITE))
mn
2022-05-04 23:09:46 +00:00
img = qr.make_image(fill_color="#000000", back_color="white")
mem = io.BytesIO()
img.save(mem, format="PNG")
mem.seek(0, 0)
stop the print spam
2022-09-11 01:56:47 +00:00
return send_file(mem, mimetype="image/png", as_attachment=False)
mn
2022-05-04 23:09:46 +00:00
@app.get("/is_available/<name>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit("100/day", deduct_when=lambda response: response.status_code < 400)
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def is_available(name):
mn
2022-05-04 23:09:46 +00:00
name=name.strip()
if len(name)<3 or len(name)>25:
return {name:False}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
name2 = name.replace('\\', '').replace('_','\_').replace('%','')
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
x = g.db.query(User).filter(
mn
2022-05-04 23:09:46 +00:00
or_(
User.username.ilike(name2),
add namelock award
2023-05-13 04:53:14 +00:00
User.original_username.ilike(name2),
User.prelock_username.ilike(name2),
mn
2022-05-04 23:09:46 +00:00
)
).one_or_none()
if x:
return {name: False}
else:
return {name: True}
another fix
2023-07-12 01:07:58 +00:00
@app.get("/id/<int:id>")
Revert "Revert "make it possible to message someone by id"" This reverts commit fd17dab06c38ac2e675a3d83da57a1b318f83486.
2023-07-11 17:55:38 +00:00
@app.route("/id/<int:id>/<path:path>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
consistency
2023-07-12 01:11:47 +00:00
@auth_required
combine endpoints
2023-07-12 01:13:40 +00:00
def user_id(v, id, path=''):
mn
2022-05-04 23:09:46 +00:00
user = get_account(id)
combine endpoints
2023-07-12 01:13:40 +00:00
if path:
return redirect(f'/@{user.username}/{path}')
return redirect(f'/@{user.username}')
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.get("/u/<username>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
consistency
2023-07-12 01:11:47 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def redditor_moment_redirect(v, username):
mn
2022-05-04 23:09:46 +00:00
return redirect(f"/@{username}")
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
@app.get("/@<username>/blockers")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
i accidentially removed the /followers route lol
2022-09-23 18:30:17 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def blockers(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
i accidentially removed the /followers route lol
2022-09-23 18:30:17 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
users = g.db.query(UserBlock, User).join(UserBlock, UserBlock.target_id == u.id) \
.filter(UserBlock.user_id == User.id)
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = users.count()
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
users = users.order_by(UserBlock.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE ).all()
i accidentially removed the /followers route lol
2022-09-23 18:30:17 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/blockers.html", v=v, u=u, users=users, page=page, total=total)
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
@app.get("/@<username>/blocking")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def blocking(v, username):
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
u = get_user(username, v=v)
page = get_page()
users = g.db.query(UserBlock, User).join(UserBlock, UserBlock.user_id == u.id) \
.filter(UserBlock.target_id == User.id)
total = users.count()
users = users.order_by(UserBlock.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE ).all()
return render_template("userpage/blocking.html", v=v, u=u, users=users, page=page, total=total)
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
@app.get("/@<username>/followers")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def followers(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
show follow time
2022-09-05 21:52:56 +00:00
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
if not (v.id == u.id or v.admin_level >= PERMS['USER_FOLLOWS_VISIBLE']):
abort(403)
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
users = g.db.query(Follow, User).join(Follow, Follow.target_id == u.id) \
.filter(Follow.user_id == User.id)
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = users.count()
use new pagination system in /@<username>/blockers
2023-05-05 05:57:02 +00:00
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
users = users.order_by(Follow.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/followers.html", v=v, u=u, users=users, page=page, total=total)
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/following")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def following(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
LGB: Permission block, follow, voters visibility.
2022-07-18 07:17:45 +00:00
if not (v.id == u.id or v.admin_level >= PERMS['USER_FOLLOWS_VISIBLE']):
abort(403)
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).join(Follow, Follow.user_id == u.id) \
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
.filter(Follow.target_id == User.id)
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = users.count()
use new pagination system in /followers and /following
2023-05-05 06:01:14 +00:00
users = users.order_by(Follow.created_utc.desc()) \
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
add pages to /followers /following /blockers and order them all by most recent first
2022-11-27 00:59:16 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/following.html", v=v, u=u, users=users, page=page, total=total)
mn
2022-05-04 23:09:46 +00:00
unpaywall profile views
2022-11-27 00:20:54 +00:00
@app.get("/@<username>/views")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def visitors(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v)
unpaywall profile views
2022-11-27 00:20:54 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
unpaywall profile views
2022-11-27 00:20:54 +00:00
use new pagination system in profile views
2023-05-05 01:08:40 +00:00
views = g.db.query(ViewerRelationship).filter_by(user_id=u.id)
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = views.count()
use new pagination system in profile views
2023-05-05 01:08:40 +00:00
views = views.order_by(ViewerRelationship.last_view_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
unpaywall profile views
2022-11-27 00:20:54 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/views.html", v=v, u=u, views=views, total=total, page=page)
mn
2022-05-04 23:09:46 +00:00
remove unnecessary timeouts in cache.memoize
2023-02-02 00:42:47 +00:00
@cache.memoize()
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def userpagelisting(user, v=None, page=1, sort="new", t="all"):
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).filter_by(author_id=user.id, is_pinned=False).options(load_only(Post.id))
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if not (v and (v.admin_level >= PERMS['POST_COMMENT_MODERATION'] or v.id == user.id)):
posts = posts.filter_by(is_banned=False, private=False, ghost=False, deleted_utc=0)
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = apply_time_filter(t, posts, Post)
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = posts.count()
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = sort_objects(sort, posts, Post)
implement new pagination system in profile pages
2023-05-05 01:04:07 +00:00
posts = posts.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return [x.id for x in posts], total
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
lock user profiles from logged-out-cels
2023-05-03 14:50:42 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def u_username_wall(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v, include_blocks=True)
add profile wall
2022-12-03 01:49:07 +00:00
if username != u.username:
fix wrong username direct
2022-12-05 01:33:43 +00:00
return redirect(f"/@{u.username}")
add profile wall
2022-12-03 01:49:07 +00:00
if v and hasattr(u, 'is_blocking') and u.is_blocking:
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if g.is_api_or_xhr:
add profile wall
2022-12-03 01:49:07 +00:00
abort(403, f"You are blocking @{u.username}.")
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
return render_template("userpage/blocked.html", u=u, v=v), 403
add profile wall
2022-12-03 01:49:07 +00:00
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
is_following = v and u.has_follower(v)
improve GLOBAL
2023-07-05 18:44:57 +00:00
if v and v.id != u.id and not v.admin_level and not session.get("GLOBAL"):
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
gevent.spawn(_add_profile_view, v.id, u.id)
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
add profile wall
2022-12-03 01:49:07 +00:00
Fix userpage walls for logged-out viewers.
2022-12-05 01:23:48 +00:00
if v:
fix comments not appearing
2023-02-27 16:16:12 +00:00
comments, output = get_comments_v_properties(v, None, Comment.wall_user_id == u.id)
Fix userpage walls for logged-out viewers.
2022-12-05 01:23:48 +00:00
else:
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comments = g.db.query(Comment).filter(Comment.wall_user_id == u.id)
add profile wall
2022-12-03 01:49:07 +00:00
comments = comments.filter(Comment.level == 1)
if not v or (v.id != u.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']):
comments = comments.filter(
Comment.is_banned == False,
Comment.ghost == False,
Comment.deleted_utc == 0
)
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = comments.count()
Fix userpage walls for logged-out viewers.
2022-12-05 01:23:48 +00:00
comments = comments.order_by(Comment.created_utc.desc()) \
implement new pagination system in profile pages
2023-05-05 01:04:07 +00:00
.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
Fix userpage walls for logged-out viewers.
2022-12-05 01:23:48 +00:00
if v:
comments = [c[0] for c in comments]
add profile wall
2022-12-03 01:49:07 +00:00
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if v and v.client:
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
return {"data": [c.json for c in comments]}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/wall.html", u=u, v=v, listing=comments, page=page, total=total, is_following=is_following, standalone=True, render_replies=True, wall=True)
add profile wall
2022-12-03 01:49:07 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.get("/@<username>/wall/comment/<int:cid>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
lock user profiles from logged-out-cels
2023-05-03 14:50:42 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def u_username_wall_comment(v, username, cid):
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
comment = get_comment(cid, v=v)
if not comment.wall_user_id: abort(400)
make can_see give 403 error instead of 404
2023-01-25 10:59:45 +00:00
if not User.can_see(v, comment): abort(403)
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
u = comment.wall_user
if v and hasattr(u, 'is_blocking') and u.is_blocking:
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if g.is_api_or_xhr:
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
abort(403, f"You are blocking @{u.username}.")
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
return render_template("userpage/blocked.html", u=u, v=v), 403
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
is_following = v and u.has_follower(v)
improve GLOBAL
2023-07-05 18:44:57 +00:00
if v and v.id != u.id and not v.admin_level and not session.get("GLOBAL"):
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
gevent.spawn(_add_profile_view, v.id, u.id)
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
if v and request.values.get("read"):
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
gevent.spawn(_mark_comment_as_read, comment.id, v.id)
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
make ?context=8 default
2022-12-18 14:48:48 +00:00
try: context = min(int(request.values.get("context", 8)), 8)
except: context = 8
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
comment_info = comment
c = comment
while context and c.level > 1:
c = c.parent_comment
context -= 1
top_comment = c
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
if v:
# this is required because otherwise the vote and block
# props won't save properly unless you put them in a list
fix comments not appearing
2023-02-27 16:16:12 +00:00
output = get_comments_v_properties(v, None, Comment.top_comment_id == c.top_comment_id)[1]
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
if v and v.client: return top_comment.json
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/wall.html", u=u, v=v, listing=[top_comment], page=1, is_following=is_following, standalone=True, render_replies=True, wall=True, comment_info=comment_info, total=1)
add links to individuals comments in walls + fix awards for wall comments
2022-12-05 03:01:50 +00:00
add profile wall
2022-12-03 01:49:07 +00:00
@app.get("/@<username>/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
lock user profiles from logged-out-cels
2023-05-03 14:50:42 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def u_username(v, username):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v, include_blocks=True)
mn
2022-05-04 23:09:46 +00:00
if username != u.username:
remove retarded bullshit I wasn't consulted about
2022-10-27 17:53:08 +00:00
return redirect(SITE_FULL + request.full_path.replace(username, u.username))
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
mn
2022-05-04 23:09:46 +00:00
if v and hasattr(u, 'is_blocking') and u.is_blocking:
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if g.is_api_or_xhr:
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
abort(403, f"You are blocking @{u.username}.")
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
return render_template("userpage/blocked.html", u=u, v=v), 403
mn
2022-05-04 23:09:46 +00:00
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
is_following = v and u.has_follower(v)
fix 500 errors
2022-12-05 15:16:11 +00:00
if not u.is_visible_to(v):
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if g.is_api_or_xhr:
fix 500 errors
2022-12-05 15:16:11 +00:00
abort(403, f"@{u.username}'s userpage is private")
return render_template("userpage/private.html", u=u, v=v, is_following=is_following), 403
improve GLOBAL
2023-07-05 18:44:57 +00:00
if v and v.id != u.id and not v.admin_level and not session.get("GLOBAL"):
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
gevent.spawn(_add_profile_view, v.id, u.id)
mn
2022-05-04 23:09:46 +00:00
sort = request.values.get("sort", "new")
t = request.values.get("t", "all")
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
ids, total = userpagelisting(u, v=v, page=page, sort=sort, t=t)
mn
2022-05-04 23:09:46 +00:00
only show profile-pinned posts in the default sort
2022-11-07 11:27:40 +00:00
if page == 1 and sort == 'new':
mn
2022-05-04 23:09:46 +00:00
sticky = []
rename submissions to posts
2023-06-07 23:26:32 +00:00
sticky = g.db.query(Post).filter_by(is_pinned=True, author_id=u.id, is_banned=False).all()
mn
2022-05-04 23:09:46 +00:00
if sticky:
for p in sticky:
ids = [p.id] + ids
try random bullshit to fix timeouts
2023-07-17 14:49:26 +00:00
listing = get_posts(ids, v=v)
mn
2022-05-04 23:09:46 +00:00
if u.unban_utc:
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if v and v.client:
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
return {"data": [x.json for x in listing]}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
return render_template("userpage/posts.html",
mn
2022-05-04 23:09:46 +00:00
unban=u.unban_string,
u=u,
v=v,
listing=listing,
page=page,
sort=sort,
t=t,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total,
Move user hat properties for userpage to model.
2022-10-08 20:30:27 +00:00
is_following=is_following)
mn
2022-05-04 23:09:46 +00:00
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if v and v.client:
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
return {"data": [x.json for x in listing]}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
return render_template("userpage/posts.html",
mn
2022-05-04 23:09:46 +00:00
u=u,
v=v,
listing=listing,
page=page,
sort=sort,
t=t,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total,
Move user hat properties for userpage to model.
2022-10-08 20:30:27 +00:00
is_following=is_following)
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
lock user profiles from logged-out-cels
2023-05-03 14:50:42 +00:00
@auth_required
remove unnecessary v shit
2023-07-08 13:32:14 +00:00
def u_username_comments(username, v):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
u = get_user(username, v=v, include_blocks=True)
users: add the previous improvements to comments
2022-10-30 07:36:50 +00:00
if username != u.username:
return redirect(f"/@{u.username}/comments")
mn
2022-05-04 23:09:46 +00:00
if v and hasattr(u, 'is_blocking') and u.is_blocking:
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if g.is_api_or_xhr:
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
abort(403, f"You are blocking @{u.username}.")
add /blockers and /blocking to profile pages
2023-06-24 17:39:50 +00:00
return render_template("userpage/blocked.html", u=u, v=v), 403
mn
2022-05-04 23:09:46 +00:00
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
is_following = v and u.has_follower(v)
fix 500 errors
2022-12-05 15:16:11 +00:00
if not u.is_visible_to(v):
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if g.is_api_or_xhr:
fix 500 errors
2022-12-05 15:16:11 +00:00
abort(403, f"@{u.username}'s userpage is private")
return render_template("userpage/private.html", u=u, v=v, is_following=is_following), 403
improve GLOBAL
2023-07-05 18:44:57 +00:00
if v and v.id != u.id and not v.admin_level and not session.get("GLOBAL"):
make the site faster by not having GET endpoints waiting for UPDATE statements to finish (they can take really long bc of locks)
2023-07-25 21:26:34 +00:00
gevent.spawn(_add_profile_view, v.id, u.id)
fix https://stupidpol.site/h/changelog/post/128866/changelog-added-profile-walls-profile-views/3188365?context=8#context
2022-12-05 14:51:47 +00:00
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
sort=request.values.get("sort","new")
t=request.values.get("t","all")
Hide shadowed user content in more contexts. - Search: posts by shadowed user. - Search: shadowed users in search for users. - Direct links to shadowed user posts display as removed. - Other users' profile comments listings hide comments on shadowed posts. Users can still see their own comments on shadowed posts. Similar to ghosted comment logic.
2022-08-08 22:21:59 +00:00
comment_post_author = aliased(User)
implement new pagination system in profile pages
2023-05-05 01:04:07 +00:00
comments = g.db.query(Comment).options(load_only(Comment.id)) \
do this https://stupidpol.site/h/countryclub/post/79285/tired-of-some-cute-twink-jannies/3194721?context=8#context (#53) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/53
2022-12-07 16:51:51 +00:00
.outerjoin(Comment.post) \
rename submissions to posts
2023-06-07 23:26:32 +00:00
.outerjoin(comment_post_author, Post.author) \
Hide shadowed user content in more contexts. - Search: posts by shadowed user. - Search: shadowed users in search for users. - Direct links to shadowed user posts display as removed. - Other users' profile comments listings hide comments on shadowed posts. Users can still see their own comments on shadowed posts. Similar to ghosted comment logic.
2022-08-08 22:21:59 +00:00
.filter(
Comment.author_id == u.id,
complement 32fa466e6aa1df8df56a63635e5defd5c23acc4f
2023-06-23 13:46:42 +00:00
or_(Comment.parent_post != None, Comment.wall_user_id != None),
Hide shadowed user content in more contexts. - Search: posts by shadowed user. - Search: shadowed users in search for users. - Direct links to shadowed user posts display as removed. - Other users' profile comments listings hide comments on shadowed posts. Users can still see their own comments on shadowed posts. Similar to ghosted comment logic.
2022-08-08 22:21:59 +00:00
)
mn
2022-05-04 23:09:46 +00:00
global moderation perm and add some more checks for const perm
2022-10-06 01:16:52 +00:00
if not v or (v.id != u.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']):
Hide shadowed user content in more contexts. - Search: posts by shadowed user. - Search: shadowed users in search for users. - Direct links to shadowed user posts display as removed. - Other users' profile comments listings hide comments on shadowed posts. Users can still see their own comments on shadowed posts. Similar to ghosted comment logic.
2022-08-08 22:21:59 +00:00
comments = comments.filter(
Comment.is_banned == False,
Comment.ghost == False,
conflict resolution 2
2022-10-06 10:37:45 +00:00
Comment.deleted_utc == 0
Hide shadowed user content in more contexts. - Search: posts by shadowed user. - Search: shadowed users in search for users. - Direct links to shadowed user posts display as removed. - Other users' profile comments listings hide comments on shadowed posts. Users can still see their own comments on shadowed posts. Similar to ghosted comment logic.
2022-08-08 22:21:59 +00:00
)
hide deleted posts and comments from userpages (frequently requested)
2022-06-18 23:55:45 +00:00
refactor sorting and time filter
2022-07-09 10:32:49 +00:00
comments = apply_time_filter(t, comments, Comment)
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = comments.count()
implement new pagination system in profile pages
2023-05-05 01:04:07 +00:00
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
comments = sort_objects(sort, comments, Comment)
mn
2022-05-04 23:09:46 +00:00
implement new pagination system in profile pages
2023-05-05 01:04:07 +00:00
comments = comments.offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
revert the new comments system
2023-03-25 18:25:38 +00:00
ids = [x.id for x in comments]
improve /@<user>/comments
2023-03-22 19:53:59 +00:00
revert the new comments system
2023-03-25 18:25:38 +00:00
listing = get_comments(ids, v=v)
mn
2022-05-04 23:09:46 +00:00
remove the .json endpoints
2023-03-03 01:53:04 +00:00
if v and v.client:
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
return {"data": [c.json for c in listing]}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("userpage/comments.html", u=u, v=v, listing=listing, page=page, sort=sort, t=t,total=total, is_following=is_following, standalone=True)
dont barf up the whole comment chain when clicking "more comments" in /@<username>/comments
2023-03-24 16:08:55 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/info")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove unnecessary v shit
2023-07-08 13:32:14 +00:00
def u_username_info(username, v):
mn
2022-05-04 23:09:46 +00:00
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
user=get_user(username, v=v, include_blocks=True)
mn
2022-05-04 23:09:46 +00:00
if hasattr(user, 'is_blocking') and user.is_blocking:
same as last commit
2022-11-12 10:11:46 +00:00
abort(401, f"You're blocking @{user.username}")
mn
2022-05-04 23:09:46 +00:00
elif hasattr(user, 'is_blocked') and user.is_blocked:
use exlamation marks instead of dots in responses to users
2023-01-27 11:57:29 +00:00
abort(403, f"@{user.username} is blocking you!")
mn
2022-05-04 23:09:46 +00:00
return user.json
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.get("/<int:id>/info")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove unnecessary v shit
2023-07-08 13:32:14 +00:00
def u_user_id_info(id, v):
mn
2022-05-04 23:09:46 +00:00
add spaces
2023-07-27 19:47:46 +00:00
user = get_account(id, v=v, include_blocks=True)
mn
2022-05-04 23:09:46 +00:00
if hasattr(user, 'is_blocking') and user.is_blocking:
same as last commit
2022-11-12 10:11:46 +00:00
abort(403, f"You're blocking @{user.username}")
mn
2022-05-04 23:09:46 +00:00
elif hasattr(user, 'is_blocked') and user.is_blocked:
use exlamation marks instead of dots in responses to users
2023-01-27 11:57:29 +00:00
abort(403, f"@{user.username} is blocking you!")
mn
2022-05-04 23:09:46 +00:00
return user.json
@app.post("/follow/<username>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
def follow_user(username, v):
destroy the shadow realm (#135) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/135
2023-02-27 15:38:12 +00:00
target = get_user(username, v=v)
mn
2022-05-04 23:09:46 +00:00
check nofollow in the backend
2022-08-20 19:50:18 +00:00
if target.id==v.id:
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
abort(400, "You can't follow yourself!")
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
if g.db.query(Follow).filter_by(user_id=v.id, target_id=target.id).one_or_none():
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{target.username} has been followed!"}
mn
2022-05-04 23:09:46 +00:00
new_follow = Follow(user_id=v.id, target_id=target.id)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(new_follow)
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
target.stored_subscriber_count = g.db.query(Follow).filter_by(target_id=target.id).count()
g.db.add(target)
mn
2022-05-04 23:09:46 +00:00
Hide block & follow notifs from shadowed.
2022-06-13 02:11:55 +00:00
if not v.shadowbanned:
send_notification(target.id, f"@{v.username} has followed you!")
mn
2022-05-04 23:09:46 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{target.username} has been followed!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/unfollow/<username>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
def unfollow_user(username, v):
target = get_user(username)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
follow = g.db.query(Follow).filter_by(user_id=v.id, target_id=target.id).one_or_none()
mn
2022-05-04 23:09:46 +00:00
if follow:
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(follow)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
target.stored_subscriber_count = g.db.query(Follow).filter_by(target_id=target.id).count()
g.db.add(target)
mn
2022-05-04 23:09:46 +00:00
Close more shadowbanned user info leaks. 1. Missed the notif for unfollowing a non-fish'd user in fb520034047f. 2. "Get Them Help" button showed username. 3. Gift coins/mbux showed username and allowed a message. 4. Global block list showed username. 5. User profile appeared to logged-out and non-jannies.
2022-06-13 03:03:36 +00:00
if not v.shadowbanned:
send_notification(target.id, f"@{v.username} has unfollowed you!")
mn
2022-05-04 23:09:46 +00:00
Pointless bullshit checks for people who like to use mitmproxy a bit too much (#134) Does it do anything meaningful? No Does it do anything harmful? No Did I test it? uhhhhhm Co-authored-by: Perjury <perjury@sabotaged.email> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/134 Co-authored-by: Perjury <perjury@noreply.fsdfsd.net> Co-committed-by: Perjury <perjury@noreply.fsdfsd.net>
2023-02-27 00:47:51 +00:00
else:
consistency
2023-02-27 00:48:19 +00:00
abort(400, f"You're not even following @{target.username} to begin with!")
Pointless bullshit checks for people who like to use mitmproxy a bit too much (#134) Does it do anything meaningful? No Does it do anything harmful? No Did I test it? uhhhhhm Co-authored-by: Perjury <perjury@sabotaged.email> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/134 Co-authored-by: Perjury <perjury@noreply.fsdfsd.net> Co-committed-by: Perjury <perjury@noreply.fsdfsd.net>
2023-02-27 00:47:51 +00:00
mn
2022-05-04 23:09:46 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{target.username} has been unfollowed!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/remove_follow/<username>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
def remove_follow(username, v):
target = get_user(username)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
follow = g.db.query(Follow).filter_by(user_id=target.id, target_id=v.id).one_or_none()
mn
2022-05-04 23:09:46 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
if not follow: return {"message": f"@{target.username} has been removed as a follower!"}
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(follow)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
v.stored_subscriber_count = g.db.query(Follow).filter_by(target_id=v.id).count()
g.db.add(v)
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(target.id, f"@{v.username} has removed your follow!")
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{target.username} has been removed as a follower!"}
mn
2022-05-04 23:09:46 +00:00
fix pfp caching
2023-01-25 03:18:17 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.get("/pp/<int:id>")
@app.get("/uid/<int:id>/pic")
@app.get("/uid/<int:id>/pic/profile")
sfd
2022-05-22 17:23:52 +00:00
@limiter.exempt
cache profile pics for 1 day to prevent DDOS
2022-06-17 19:21:26 +00:00
def user_profile_uid(id):
fix pfp caching
2023-01-25 03:18:17 +00:00
return redirect(get_profile_picture(id))
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/pic")
sfd
2022-05-22 17:23:52 +00:00
@limiter.exempt
cache profile pics for 1 day to prevent DDOS
2022-06-17 19:21:26 +00:00
def user_profile_name(username):
fix pfp caching
2023-01-25 03:18:17 +00:00
return redirect(get_profile_picture(username))
mn
2022-05-04 23:09:46 +00:00
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def get_saves_and_subscribes(v, template, relationship_cls, page, standalone=False):
use sets instead of lists in some statements
2022-11-26 04:52:47 +00:00
if relationship_cls in {SaveRelationship, Subscription}:
rename submissions to posts
2023-06-07 23:26:32 +00:00
query = relationship_cls.post_id
move get_saves_and_subscribes to their own thing
2022-10-29 03:04:09 +00:00
join = relationship_cls.post
rename submissions to posts
2023-06-07 23:26:32 +00:00
cls = Post
commentsaverelationship
2022-11-01 17:19:21 +00:00
elif relationship_cls is CommentSaveRelationship:
move get_saves_and_subscribes to their own thing
2022-10-29 03:04:09 +00:00
query = relationship_cls.comment_id
join = relationship_cls.comment
cls = Comment
else:
raise TypeError("Relationships supported is SaveRelationship, Subscription, CommentSaveRelationship")
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = g.db.query(query).join(join).filter(relationship_cls.user_id == v.id)
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
listing = listing.order_by(cls.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
ids = [x[0] for x in listing]
fix saved subscribers stuff
2022-11-25 21:43:35 +00:00
extra = None
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
if not v.admin_level >= PERMS['POST_COMMENT_MODERATION']:
fix saved subscribers stuff
2022-11-25 21:43:35 +00:00
extra = lambda q:q.filter(cls.is_banned == False, cls.deleted_utc == 0)
rename submissions to posts
2023-06-07 23:26:32 +00:00
if cls is Post:
try random bullshit to fix timeouts
2023-07-17 14:49:26 +00:00
listing = get_posts(ids, v=v, extra=extra)
move get_saves_and_subscribes to their own thing
2022-10-29 03:04:09 +00:00
elif cls is Comment:
fix saved subscribers stuff
2022-11-25 21:43:35 +00:00
listing = get_comments(ids, v=v, extra=extra)
move get_saves_and_subscribes to their own thing
2022-10-29 03:04:09 +00:00
else:
rename submissions to posts
2023-06-07 23:26:32 +00:00
raise TypeError("Only supports Posts and Comments. This is probably the result of a bug with *this* function")
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
dont pass db session as an argument unless necessary
2023-06-08 00:49:37 +00:00
if v.client: return {"data": [x.json for x in listing]}
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template(template, u=v, v=v, listing=listing, page=page, total=total, standalone=standalone)
move get_saves_and_subscribes to their own thing
2022-10-29 03:04:09 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/saved/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def saved_posts(v, username):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
give user an error when they give invalid page input
2022-11-07 21:34:40 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
return get_saves_and_subscribes(v, "userpage/posts.html", SaveRelationship, page, False)
mn
2022-05-04 23:09:46 +00:00
@app.get("/@<username>/saved/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def saved_comments(v, username):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
give user an error when they give invalid page input
2022-11-07 21:34:40 +00:00
organize templates (#435) dude file management lmao
2022-11-09 06:11:46 +00:00
return get_saves_and_subscribes(v, "userpage/comments.html", CommentSaveRelationship, page, True)
mn
2022-05-04 23:09:46 +00:00
add a "subscribed" tab in ur profile page to show posts u subscribed to
2022-07-03 02:43:49 +00:00
@app.get("/@<username>/subscribed/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add a "subscribed" tab in ur profile page to show posts u subscribed to
2022-07-03 02:43:49 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def subscribed_posts(v, username):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
give user an error when they give invalid page input
2022-11-07 21:34:40 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
return get_saves_and_subscribes(v, "userpage/posts.html", Subscription, page, False)
mn
2022-05-04 23:09:46 +00:00
@app.post("/fp/<fp>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
mn
2022-05-04 23:09:46 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def fp(v, fp):
add session["GLOBAL"]
2023-03-02 20:29:22 +00:00
if session.get("GLOBAL"):
return '', 204
mn
2022-05-04 23:09:46 +00:00
v.fp = fp
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.fp == fp, User.id != v.id).all()
rename is_activated to email_verified
2023-08-03 08:02:31 +00:00
if v.email and v.email_verified:
alts = g.db.query(User).filter(User.email == v.email, User.email_verified, User.id != v.id).all()
mn
2022-05-04 23:09:46 +00:00
if alts:
users += alts
for u in users:
li = [v.id, u.id]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
existing = g.db.query(Alt).filter(Alt.user1.in_(li), Alt.user2.in_(li)).one_or_none()
mn
2022-05-04 23:09:46 +00:00
if existing: continue
better caching for get_alt_graph
2022-12-22 21:24:36 +00:00
add_alt(user1=v.id, user2=u.id)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
fix muting linking alts
2023-01-25 02:53:52 +00:00
check_for_alts(v, include_current_session=True)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(v)
show gift reason in public transfer log
2022-06-15 13:36:33 +00:00
return '', 204
add "pins" toggle to the frontpage
2022-07-13 17:31:35 +00:00
fix the last line of this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4609716#context
2023-07-22 19:20:00 +00:00
@app.post("/toggle_pins/<sub>/<sort>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
fix the last line of this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4609716#context
2023-07-22 19:20:00 +00:00
def toggle_pins(sub, sort):
make pins toggle sort-specific
2022-07-13 19:32:28 +00:00
if sort == 'hot': default = True
else: default = False
fix the last line of this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4609716#context
2023-07-22 19:20:00 +00:00
pins = session.get(f'{sub}_{sort}', default)
session[f'{sub}_{sort}'] = not pins
make pins toggle sort-specific
2022-07-13 19:32:28 +00:00
add "pins" toggle to the frontpage
2022-07-13 17:31:35 +00:00
if is_site_url(request.referrer):
return redirect(request.referrer)
Redirect cuts off end of url for username redirect (#326) * Redirect cuts off end of url for username redirect username redirect cuts off end of url, For example: Username: faygo_sucks Old_username: geese_suck Behavior: "https://rdrama.net/@geese_suck" -> "https://rdrama.net/@faygo_suck" Expected Behavior: "https://rdrama.net/@geese_suck" -> "https://rdrama.net/@faygo_sucks" * Update users.py
2022-08-02 23:09:35 +00:00
return redirect('/')
show a list of blockers
2022-09-05 20:23:35 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.get("/badge_owners/<int:bid>")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
show a list of blockers
2022-09-05 20:23:35 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def bid_list(v, bid):
show a list of blockers
2022-09-05 20:23:35 +00:00
try: bid = int(bid)
except: abort(400)
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
show a list of blockers
2022-09-05 20:23:35 +00:00
per carp request, dont use user_cards for badge owners and hat owners
2023-08-08 14:49:00 +00:00
users = g.db.query(User, Badge.created_utc).join(User.badges).filter(Badge.badge_id==bid)
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = users.count()
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
users = users.order_by(Badge.created_utc.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
show a list of blockers
2022-09-05 20:23:35 +00:00
per carp request, dont use user_cards for badge owners and hat owners
2023-08-08 14:49:00 +00:00
return render_template("owners.html", v=v, users=users, page=page, total=total, kind="Badge")
show a list of blockers
2022-09-05 20:23:35 +00:00
refactor donation code
2023-02-01 19:49:39 +00:00
KOFI_TOKEN = environ.get("KOFI_TOKEN", "").strip()
if KOFI_TOKEN:
@app.post("/kofi")
dont ratelimit /gumroad and /kofi
2023-04-27 15:54:42 +00:00
@limiter.exempt
refactor donation code
2023-02-01 19:49:39 +00:00
def kofi():
data = json.loads(request.values['data'])
verification_token = data['verification_token']
if verification_token != KOFI_TOKEN: abort(400)
move location in /kofi
2023-04-28 10:02:10 +00:00
print(request.headers.get('CF-Connecting-IP'), flush=True)
refactor donation code
2023-02-01 19:49:39 +00:00
id = data['kofi_transaction_id']
created_utc = int(time.mktime(time.strptime(data['timestamp'].split('.')[0], "%Y-%m-%dT%H:%M:%SZ")))
type = data['type']
amount = 0
try:
amount = int(float(data['amount']))
except:
abort(400, 'invalid amount')
email = data['email']
transaction = Transaction(
id=id,
created_utc=created_utc,
type=type,
amount=amount,
email=email
)
make patron rewards automatic in WPD
2023-01-23 08:42:38 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(transaction)
make patron rewards automatic in WPD
2023-01-23 08:42:38 +00:00
fix automatic patron rewards
2023-02-02 19:28:23 +00:00
claim_rewards_all_users()
make patron rewards automatic in WPD
2023-01-23 08:42:38 +00:00
refactor donation code
2023-02-01 19:49:39 +00:00
return ''
kofi integration
2022-09-13 16:53:19 +00:00
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
@app.post("/gumroad")
dont ratelimit /gumroad and /kofi
2023-04-27 15:54:42 +00:00
@limiter.exempt
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
def gumroad():
data = request.values
ip = request.headers.get('CF-Connecting-IP')
make gumroad warnings more prominent
2023-02-06 03:39:44 +00:00
if ip != '34.193.146.117':
use STARS const
2023-03-06 20:49:01 +00:00
print(STARS, flush=True)
print(f'/gumroad fail: {ip}')
print(STARS, flush=True)
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
abort(400)
id = data['sale_id']
check for existing in /gumroad
2023-03-23 13:33:57 +00:00
existing = g.db.get(Transaction, id)
if existing: return ''
more accurate created_utc from gumroad tx
2023-04-27 16:17:00 +00:00
created_utc = int(time.mktime(time.strptime(data['sale_timestamp'].split('.')[0], "%Y-%m-%dT%H:%M:%SZ")))
fix one-time donations not getting registered
2023-06-13 22:21:49 +00:00
fix typo
2023-07-13 10:50:31 +00:00
if data.get('recurrence'):
fix one-time donations not getting registered
2023-06-13 22:21:49 +00:00
type = "monthly"
else:
type = "one-time"
fix /gumroad
2023-01-27 13:33:09 +00:00
amount = int(data['price']) / 100
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
email = data['email']
remove unnecessary tabs
2023-02-22 17:27:33 +00:00
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
transaction = Transaction(
id=id,
created_utc=created_utc,
type=type,
amount=amount,
email=email
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(transaction)
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
fix automatic patron rewards
2023-02-02 19:28:23 +00:00
claim_rewards_all_users()
use transactions table in rdrama (#99) Co-authored-by: Aevann <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/99
2023-01-26 11:25:28 +00:00
return ''
kofi integration
2022-09-13 16:53:19 +00:00
use transactions table in rdrama
2023-02-01 19:04:15 +00:00
@app.post("/settings/claim_rewards")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
kofi integration
2022-09-13 16:53:19 +00:00
@auth_required
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def settings_claim_rewards(v):
rename is_activated to email_verified
2023-08-03 08:02:31 +00:00
if not (v.email and v.email_verified):
abort a bunch of stuff where we manually returned JSON
2022-10-11 13:01:39 +00:00
abort(400, f"You must have a verified email to verify {patron} status and claim your rewards!")
better kofi claiming
2022-12-01 01:24:38 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
transactions = g.db.query(Transaction).filter_by(email=v.email, claimed=None).all()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
better kofi claiming
2022-12-01 01:24:38 +00:00
if not transactions:
add exclamation mark
2023-01-23 10:30:34 +00:00
abort(400, f"{patron} rewards already claimed!")
kofi integration
2022-09-13 16:53:19 +00:00
use claim_rewards_all_users everywhere
2023-07-10 01:17:31 +00:00
claim_rewards_all_users()
fix kofi
2022-09-18 00:28:09 +00:00
Add trailing final newlines to source files. Touched a ton of files to finally standardize on having trailing final newlines, as best practice recommends and so our devs stop accidentally fighting each other over it. This was performed automatically with the following: git ls-files -z '*.py' | while IFS= read -rd '' f; \ do tail -c1 < "$f" | read -r _ || echo >> "$f"; done git ls-files -z '*.css' | while IFS= read -rd '' f; \ do tail -c1 < "$f" | read -r _ || echo >> "$f"; done
2022-09-29 05:43:29 +00:00
return {"message": f"{patron} rewards claimed!"}
make users list viewable by everypony
2023-01-01 14:52:16 +00:00
@app.get("/users")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
make users list viewable by everypony
2023-01-01 14:52:16 +00:00
@auth_required
def users_list(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
make users list viewable by everypony
2023-01-01 14:52:16 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
users = g.db.query(User)
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = users.count()
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
users = users.order_by(User.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
make users list viewable by everypony
2023-01-01 14:52:16 +00:00
return render_template("user_cards.html",
v=v,
users=users,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total,
make users list viewable by everypony
2023-01-01 14:52:16 +00:00
page=page,
user_cards_title="Users Feed",
)