carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity

Merge branch 'frost' of https://github.com/Aevann1/rDrama into frost

master
Aevann1 2022-10-10 09:06:43 +00:00
parent 3589e6fa43 30813fc719
commit 044d4b87e8
21 changed files with 156 additions and 197 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docker-compose.yml
View File

@ -7,11 +7,6 @@ services:
- "./:/rDrama"
- "./nginx.conf:/etc/nginx/sites-enabled/1"
- "./nginx-serve-static.conf:/etc/nginx/includes/serve-static"
env_file: env
environment:
- DATABASE_URL=postgresql://postgres@postgres:5432
- REDIS_URL=redis://redis
- PROXY_URL=http://opera-proxy:18080
links:
- "redis"
- "postgres"

78
env
View File

@ -1,38 +1,40 @@
FLASK_APP=/rDrama/files/cli:app
SITE=localhost
SITE_NAME=rDrama
MASTER_KEY=blahblahblah
PROXY_URL=http://localhost:18080
GIPHY_KEY=blahblahblah
DISCORD_SERVER_ID=blahblahblah
DISCORD_CLIENT_ID=blahblahblah
DISCORD_CLIENT_SECRET=blahblahblah
DISCORD_BOT_TOKEN=blahblahblah
HCAPTCHA_SITEKEY=blahblahblah
HCAPTCHA_SECRET=blahblahblah
YOUTUBE_KEY=blahblahblah
PUSHER_ID=blahblahblah
PUSHER_KEY=blahblahblah
IMGUR_KEY=blahblahblah
SPAM_SIMILARITY_THRESHOLD=0.5
SPAM_URL_SIMILARITY_THRESHOLD=0.1
SPAM_SIMILAR_COUNT_THRESHOLD=10
COMMENT_SPAM_SIMILAR_THRESHOLD=0.5
COMMENT_SPAM_COUNT_THRESHOLD=10
DEFAULT_TIME_FILTER=all
GUMROAD_TOKEN=blahblahblah
GUMROAD_LINK=https://marsey1.gumroad.com/l/rdrama
GUMROAD_ID=rdrama
CARD_VIEW=0
DISABLE_DOWNVOTES=0
DUES=0
DEFAULT_THEME=midnight
DEFAULT_COLOR=805ad5
EMAIL=blahblahblah@gmail.com
MAILGUN_KEY=blahblahblah
DESCRIPTION=rdrama.net caters to drama in all forms such as: Real life, videos, photos, gossip, rumors, news sites, Reddit, and Beyond™. There isn't drama we won't touch, and we want it all!
CF_KEY=blahblahblah
CF_ZONE=blahblahblah
DEBIAN_FRONTEND=noninteractive
NODE_VERSION=16.13.0
NVM_DIR=/root/.nvm
export FLASK_APP="/rDrama/files/cli:app"
export SITE="localhost"
export SITE_NAME="rDrama"
export SECRET_KEY="blahblahblah"
export DATABASE_URL="postgresql://postgres@localhost:5432"
export REDIS_URL="redis://localhost:6379"
export PROXY_URL="http://localhost:18080"
export GIPHY_KEY="blahblahblah"
export DISCORD_SERVER_ID="blahblahblah"
export DISCORD_CLIENT_ID="blahblahblah"
export DISCORD_CLIENT_SECRET="blahblahblah"
export DISCORD_BOT_TOKEN="blahblahblah"
export HCAPTCHA_SITEKEY="blahblahblah"
export HCAPTCHA_SECRET="blahblahblah"
export YOUTUBE_KEY="blahblahblah"
export PUSHER_ID="blahblahblah"
export PUSHER_KEY="blahblahblah"
export IMGUR_KEY="blahblahblah"
export SPAM_SIMILARITY_THRESHOLD="0.5"
export SPAM_URL_SIMILARITY_THRESHOLD="0.1"
export SPAM_SIMILAR_COUNT_THRESHOLD="10"
export COMMENT_SPAM_SIMILAR_THRESHOLD="0.5"
export COMMENT_SPAM_COUNT_THRESHOLD="10"
export DEFAULT_TIME_FILTER="all"
export GUMROAD_TOKEN="blahblahblah"
export GUMROAD_LINK="https://marsey1.gumroad.com/l/rdrama"
export GUMROAD_ID="rdrama"
export CARD_VIEW="0"
export DISABLE_DOWNVOTES="0"
export DUES="0"
export DEFAULT_THEME="midnight"
export DEFAULT_COLOR="805ad5"
export EMAIL="blahblahblah@gmail.com"
export MAILGUN_KEY="blahblahblah"
export DESCRIPTION="rdrama.net caters to drama in all forms such as: Real life, videos, photos, gossip, rumors, news sites, Reddit, and Beyond™. There isn't drama we won't touch, and we want it all!"
export CF_KEY="blahblahblah"
export CF_ZONE="blahblahblah"
export DEBIAN_FRONTEND="noninteractive"
export NODE_VERSION="16.13.0"
export NVM_DIR="/root/.nvm"

8
files/__main__.py
View File

@ -24,7 +24,7 @@ app.jinja_env.auto_reload = True
app.jinja_env.add_extension('jinja2.ext.do')
faulthandler.enable()
app.config['SECRET_KEY'] = environ.get('MASTER_KEY')
app.config['SECRET_KEY'] = environ.get('SECRET_KEY').strip()
app.config["SERVER_NAME"] = environ.get("SITE").strip()
app.config['SEND_FILE_MAX_AGE_DEFAULT'] = 3153600
app.config["SESSION_COOKIE_NAME"] = "session_" + environ.get("SITE_NAME").strip().lower()
@ -35,15 +35,15 @@ app.config["PERMANENT_SESSION_LIFETIME"] = 60 * 60 * 24 * 365
app.config['SESSION_REFRESH_EACH_REQUEST'] = False
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config['SQLALCHEMY_DATABASE_URL'] = environ.get("DATABASE_URL", "postgresql://postgres@localhost:5432")
app.config['SQLALCHEMY_DATABASE_URL'] = environ.get("DATABASE_URL").strip()
app.config["CACHE_TYPE"] = "RedisCache"
app.config["CACHE_REDIS_URL"] = environ.get("REDIS_URL", "redis://localhost")
app.config["CACHE_REDIS_URL"] = environ.get("REDIS_URL").strip()
app.config['SETTINGS'] = {}
r=redis.Redis(host=environ.get("REDIS_URL", "redis://localhost"), decode_responses=True, ssl_cert_reqs=None)
r=redis.Redis(host=environ.get("REDIS_URL").strip(), decode_responses=True, ssl_cert_reqs=None)
def get_CF():
with app.app_context():

12
files/helpers/const.py
View File

@ -12,7 +12,7 @@ from os import path
SITE = environ.get("SITE").strip()
SITE_NAME = environ.get("SITE_NAME").strip()
MASTER_KEY = environ.get("MASTER_KEY").strip()
SECRET_KEY = environ.get("SECRET_KEY").strip()
PROXY_URL = environ.get("PROXY_URL").strip()
GIPHY_KEY = environ.get('GIPHY_KEY').strip()
DISCORD_SERVER_ID = environ.get("DISCORD_SERVER_ID").strip()
@ -307,6 +307,7 @@ DAD_ID = 0
MOM_ID = 0
DONGER_ID = 0
GEESE_ID = 0
BLACKJACKBTZ_ID = 0
POLL_THREAD = 0
POLL_BET_COINS = 200
@ -323,6 +324,8 @@ BANNER_THREAD = 0
BADGE_THREAD = 0
SNAPPY_THREAD = 0
GIFT_NOTIF_ID = 5
SIGNUP_FOLLOW_ID = 0
NOTIFICATION_THREAD = 1
if SITE == 'rdrama.net':
FEATURES['PRONOUNS'] = True
@ -333,6 +336,7 @@ if SITE == 'rdrama.net':
BANNER_THREAD = 37697
BADGE_THREAD = 37833
SNAPPY_THREAD = 37749
NOTIFICATION_THREAD = 6489
HOLE_COST = 50000
HOLE_INACTIVITY_DELETION = True
@ -363,6 +367,7 @@ if SITE == 'rdrama.net':
MOM_ID = 4588
DONGER_ID = 541
GEESE_ID = 1710
BLACKJACKBTZ_ID = 12732
GIFT_NOTIF_ID = CARP_ID
@ -395,7 +400,9 @@ elif SITE == 'pcmemes.net':
BASEDBOT_ID = 800
KIPPY_ID = 1592
GIFT_NOTIF_ID = 1592
GIFT_NOTIF_ID = KIPPY_ID
SIGNUP_FOLLOW_ID = KIPPY_ID
NOTIFICATION_THREAD = 2487
CARP_ID = 13
AEVANN_ID = 1
SNAKES_ID = 2279
@ -431,6 +438,7 @@ elif SITE == 'watchpeopledie.co':
SNAKES_ID = 32
GIFT_NOTIF_ID = CARP_ID
SIGNUP_FOLLOW_ID = CARP_ID
else: # localhost or testing environment implied
FEATURES['PRONOUNS'] = True

2
files/helpers/security.py
View File

@ -6,7 +6,7 @@ def generate_hash(string):
msg = bytes(string, "utf-16")
return hmac.new(key=bytes(MASTER_KEY, "utf-16"),
return hmac.new(key=bytes(SECRET_KEY, "utf-16"),
msg=msg,
digestmod='md5'
).hexdigest()

11
files/helpers/wrappers.py
View File

@ -164,6 +164,17 @@ def admin_level_required(x):
return wrapper_maker
def feature_required(x):
def wrapper_maker(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not FEATURES[x]: abort(404)
return make_response(f(*args, v=v, **kwargs))
wrapper.__name__ = f.__name__
return wrapper
return wrapper_maker
def casino_required(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()

57
files/routes/admin.py
View File

@ -283,7 +283,7 @@ def revert_actions(v, username):
user.ban_reason = None
if user.is_banned:
user.is_banned = 0
send_repeatable_notification(user.id, f"@{v.username} has unbanned you!")
send_repeatable_notification(user.id, f"@{v.username} (Admin) has unbanned you!")
g.db.add(user)
for u in user.alts:
@ -292,7 +292,7 @@ def revert_actions(v, username):
u.ban_reason = None
if u.is_banned:
u.is_banned = 0
send_repeatable_notification(u.id, f"@{v.username} has unbanned you!")
send_repeatable_notification(u.id, f"@{v.username} (Admin) has unbanned you!")
g.db.add(u)
return {"message": f"@{user.username}'s admin actions have been reverted!"}
@ -319,7 +319,7 @@ def club_allow(v, username):
)
g.db.add(ma)
send_repeatable_notification(u.id, f"@{v.username} (admin) has inducted you into the {CC_TITLE}!")
send_repeatable_notification(u.id, f"@{v.username} (Admin) has inducted you into the {CC_TITLE}!")
return {"message": f"@{u.username} has been allowed into the {CC_TITLE}!"}
@ -344,7 +344,7 @@ def club_ban(v, username):
)
g.db.add(ma)
send_repeatable_notification(u.id, f"@{v.username} (admin) has disallowed you from the {CC_TITLE}!")
send_repeatable_notification(u.id, f"@{v.username} (Admin) has disallowed you from the {CC_TITLE}!")
return {"message": f"@{u.username} has been disallowed from the {CC_TITLE}. Deserved."}
@ -521,10 +521,8 @@ def under_attack(v):
@app.get("/admin/badge_grant")
@admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_grant_get(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
return render_template("admin/badge_grant.html", v=v, badge_types=badges)
@ -532,10 +530,8 @@ def badge_grant_get(v):
@app.post("/admin/badge_grant")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_grant_post(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
user = get_user(request.values.get("username").strip(), graceful=True)
@ -565,7 +561,7 @@ def badge_grant_post(v):
g.db.flush()
if v.id != user.id:
text = f"@{v.username} has given you the following profile badge:\n\n![]({new_badge.path})\n\n**{new_badge.name}**\n\n{new_badge.badge.description}"
text = f"@{v.username} (Admin) has given you the following profile badge:\n\n![]({new_badge.path})\n\n**{new_badge.name}**\n\n{new_badge.badge.description}"
send_repeatable_notification(user.id, text)
ma = ModAction(
@ -582,22 +578,17 @@ def badge_grant_post(v):
@app.get("/admin/badge_remove")
@admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_remove_get(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
return render_template("admin/badge_remove.html", v=v, badge_types=badges)
@app.post("/admin/badge_remove")
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_remove_post(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
user = get_user(request.values.get("username").strip(), graceful=True)
@ -612,7 +603,7 @@ def badge_remove_post(v):
return render_template("admin/badge_remove.html", v=v, badge_types=badges, error="User doesn't have that badge.")
if v.id != user.id:
text = f"@{v.username} has removed the following profile badge from you:\n\n![]({badge.path})\n\n**{badge.name}**\n\n{badge.badge.description}"
text = f"@{v.username} (Admin) has removed the following profile badge from you:\n\n![]({badge.path})\n\n**{badge.name}**\n\n{badge.badge.description}"
send_repeatable_notification(user.id, text)
ma = ModAction(
@ -868,7 +859,7 @@ def agendaposter(user_id, v):
badge_grant(user=user, badge_id=28)
send_repeatable_notification(user.id, f"@{v.username} has marked you as a chud ({note}).")
send_repeatable_notification(user.id, f"@{v.username} (Admin) has marked you as a chud ({note}).")
return redirect(user.url)
@ -898,7 +889,7 @@ def unagendaposter(user_id, v):
badge = user.has_badge(28)
if badge: g.db.delete(badge)
send_repeatable_notification(user.id, f"@{v.username} has unmarked you as a chud.")
send_repeatable_notification(user.id, f"@{v.username} (Admin) has unmarked you as a chud.")
return {"message": f"@{user.username}'s chud theme has been disabled!"}
@ -1018,11 +1009,11 @@ def ban_user(user_id, v):
if days:
days_txt = str(days).rstrip('.0')
if reason: text = f"@{v.username} has banned you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} has banned you for **{days_txt}** days."
if reason: text = f"@{v.username} (Admin) has banned you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (Admin) has banned you for **{days_txt}** days."
else:
if reason: text = f"@{v.username} has banned you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} has banned you permanently."
if reason: text = f"@{v.username} (Admin) has banned you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (Admin) has banned you permanently."
send_repeatable_notification(user.id, text)
@ -1068,11 +1059,11 @@ def unban_user(user_id, v):
user.is_banned = 0
user.unban_utc = 0
user.ban_reason = None
send_repeatable_notification(user.id, f"@{v.username} has unbanned you!")
send_repeatable_notification(user.id, f"@{v.username} (Admin) has unbanned you!")
g.db.add(user)
for x in user.alts:
if x.is_banned: send_repeatable_notification(x.id, f"@{v.username} has unbanned you!")
if x.is_banned: send_repeatable_notification(x.id, f"@{v.username} (Admin) has unbanned you!")
x.is_banned = 0
x.unban_utc = 0
x.ban_reason = None
@ -1212,10 +1203,8 @@ def distinguish_post(post_id, v):
@app.post("/sticky/<post_id>")
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@feature_required('PINS')
def sticky_post(post_id, v):
if not FEATURES['PINS']:
abort(403)
post = get_post(post_id)
if not post.stickied:
pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count()
@ -1235,7 +1224,7 @@ def sticky_post(post_id, v):
g.db.add(ma)
if v.id != post.author_id:
send_repeatable_notification(post.author_id, f"@{v.username} has pinned [{post.title}](/post/{post_id})!")
send_repeatable_notification(post.author_id, f"@{v.username} (Admin) has pinned [{post.title}](/post/{post_id})!")
cache.delete_memoized(frontlist)
return {"message": "Post pinned!"}
@ -1260,7 +1249,7 @@ def unsticky_post(post_id, v):
g.db.add(ma)
if v.id != post.author_id:
send_repeatable_notification(post.author_id, f"@{v.username} has unpinned [{post.title}](/post/{post_id})!")
send_repeatable_notification(post.author_id, f"@{v.username} (Admin) has unpinned [{post.title}](/post/{post_id})!")
cache.delete_memoized(frontlist)
return {"message": "Post unpinned!"}
@ -1283,7 +1272,7 @@ def sticky_comment(cid, v):
g.db.add(ma)
if v.id != comment.author_id:
message = f"@{v.username} has pinned your [comment]({comment.shortlink})!"
message = f"@{v.username} (Admin) has pinned your [comment]({comment.shortlink})!"
send_repeatable_notification(comment.author_id, message)
return {"message": "Comment pinned!"}
@ -1309,7 +1298,7 @@ def unsticky_comment(cid, v):
g.db.add(ma)
if v.id != comment.author_id:
message = f"@{v.username} has unpinned your [comment]({comment.shortlink})!"
message = f"@{v.username} (Admin) has unpinned your [comment]({comment.shortlink})!"
send_repeatable_notification(comment.author_id, message)
return {"message": "Comment unpinned!"}

6
files/routes/asset_submissions.py
View File

@ -147,11 +147,11 @@ if SITE not in ('pcmemes.net', 'watchpeopledie.co'):
author.coins += 250
g.db.add(author)
msg = f"@{v.username} has approved a marsey you made: :{marsey.name}:\nYou have received 250 coins as a reward!"
msg = f"@{v.username} (Admin) has approved a marsey you made: :{marsey.name}:\nYou have received 250 coins as a reward!"
send_repeatable_notification(author.id, msg)
if v.id not in (author.id, marsey.submitter_id):
msg = f"@{v.username} has approved a marsey you submitted: :{marsey.name}:"
msg = f"@{v.username} (Admin) has approved a marsey you submitted: :{marsey.name}:"
send_repeatable_notification(marsey.submitter_id, msg)
marsey.submitter_id = None
@ -306,7 +306,7 @@ if SITE not in ('pcmemes.net', 'watchpeopledie.co'):
if v.id != hat.submitter_id:
msg = f"@{v.username} has approved a hat you submitted: '{hat.name}'"
msg = f"@{v.username} (Admin) has approved a hat you submitted: '{hat.name}'"
send_repeatable_notification(hat.submitter_id, msg)
hat.submitter_id = None

12
files/routes/awards.py
View File

@ -17,10 +17,8 @@ from copy import deepcopy
@app.get("/shop")
@app.get("/settings/shop")
@auth_required
@feature_required('AWARDS')
def shop(v):
if not FEATURES['AWARDS']:
abort(404)
AWARDS = deepcopy(AWARDS2)
if v.house:
@ -44,10 +42,8 @@ def shop(v):
@app.post("/buy/<award>")
@limiter.limit("100/minute;200/hour;1000/day")
@auth_required
@feature_required('AWARDS')
def buy(v, award):
if not FEATURES['AWARDS']:
abort(404)
if award == 'benefactor' and not request.values.get("mb"):
return {"error": "You can only buy the Benefactor award with marseybux."}, 403
@ -127,10 +123,8 @@ def buy(v, award):
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@is_not_permabanned
@feature_required('AWARDS')
def award_thing(v, thing_type, id):
if not FEATURES['AWARDS']:
abort(404)
if thing_type == 'post': thing = get_post(id)
else: thing = get_comment(id)

60
files/routes/casino.py
View File

@ -14,10 +14,9 @@ from files.helpers.lottery import *
@app.get("/casino")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def casino(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return render_template("casino/rehab.html", v=v)
return render_template("casino.html", v=v)
@ -26,10 +25,9 @@ def casino(v):
@app.get("/casino/<game>")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def casino_game_page(v, game):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return render_template("casino/rehab.html", v=v)
elif game not in CASINO_GAME_KINDS:
abort(404)
@ -55,10 +53,9 @@ def casino_game_page(v, game):
@app.get("/casino/<game>/feed")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def casino_game_feed(v, game):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
elif game not in CASINO_GAME_KINDS:
abort(404)
@ -71,10 +68,9 @@ def casino_game_feed(v, game):
@app.get("/lottershe")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def lottershe(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return render_template("casino/rehab.html", v=v)
participants = get_users_participating_in_lottery()
@ -84,10 +80,9 @@ def lottershe(v):
@app.post("/casino/slots")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def pull_slots(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:
@ -115,10 +110,9 @@ def pull_slots(v):
@app.post("/casino/twentyone/deal")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def blackjack_deal_to_player(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:
@ -136,10 +130,9 @@ def blackjack_deal_to_player(v):
@app.post("/casino/twentyone/hit")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def blackjack_player_hit(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:
@ -153,10 +146,9 @@ def blackjack_player_hit(v):
@app.post("/casino/twentyone/stay")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def blackjack_player_stay(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:
@ -170,10 +162,9 @@ def blackjack_player_stay(v):
@app.post("/casino/twentyone/double-down")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def blackjack_player_doubled_down(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:
@ -187,10 +178,9 @@ def blackjack_player_doubled_down(v):
@app.post("/casino/twentyone/buy-insurance")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def blackjack_player_bought_insurance(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:
@ -204,10 +194,9 @@ def blackjack_player_bought_insurance(v):
@app.get("/casino/roulette/bets")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def roulette_get_bets(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
bets = get_roulette_bets()
@ -218,10 +207,9 @@ def roulette_get_bets(v):
@app.post("/casino/roulette/place-bet")
@limiter.limit("100/minute;2000/hour;12000/day")
@auth_required
@feature_required('GAMBLING')
def roulette_player_placed_bet(v):
if not FEATURES['GAMBLING']:
abort(404)
elif v.rehab:
if v.rehab:
return {"error": "You are under Rehab award effect!"}, 400
try:

7
files/routes/comments.py
View File

@ -51,9 +51,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
if not pid:
if comment.parent_submission: pid = comment.parent_submission
elif SITE_NAME == 'rDrama': pid = 6489
elif SITE == 'pcmemes.net': pid = 2487
else: pid = 1
else: pid = NOTIFICATION_THREAD
post = get_post(pid, v=v)
@ -647,9 +645,8 @@ def undelete_comment(cid, v):
@app.post("/pin_comment/<cid>")
@auth_required
@feature_required('PINS')
def pin_comment(cid, v):
if not FEATURES['PINS']:
abort(403)
comment = get_comment(cid, v=v)
if not comment.stickied:

12
files/routes/hats.py
View File

@ -8,9 +8,8 @@ from flask import g
@app.get("/hats")
@auth_required
@feature_required('HATS')
def hats(v):
if not FEATURES['HATS']: abort(404)
owned_hat_ids = [x.hat_id for x in v.owned_hats]
if request.values.get("sort") == 'author_asc':
@ -34,9 +33,8 @@ def hats(v):
@app.post("/buy_hat/<hat_id>")
@auth_required
@feature_required('HATS')
def buy_hat(v, hat_id):
if not FEATURES['HATS']: abort(404)
try: hat_id = int(hat_id)
except: return {"error": "Hat not found!"}, 400
@ -85,9 +83,8 @@ def buy_hat(v, hat_id):
@app.post("/equip_hat/<hat_id>")
@auth_required
@feature_required('HATS')
def equip_hat(v, hat_id):
if not FEATURES['HATS']: abort(404)
try: hat_id = int(hat_id)
except: return {"error": "Hat not found!"}, 400
@ -101,9 +98,8 @@ def equip_hat(v, hat_id):
@app.post("/unequip_hat/<hat_id>")
@auth_required
@feature_required('HATS')
def unequip_hat(v, hat_id):
if not FEATURES['HATS']: abort(404)
try: hat_id = int(hat_id)
except: return {"error": "Hat not found!"}, 400

27
files/routes/login.py
View File

@ -219,7 +219,7 @@ def sign_up_get(v):
formkey_hashstr = str(now) + token + g.agent
formkey = hmac.new(key=bytes(MASTER_KEY, "utf-16"),
formkey = hmac.new(key=bytes(SECRET_KEY, "utf-16"),
msg=bytes(formkey_hashstr, "utf-16"),
digestmod='md5'
).hexdigest()
@ -258,7 +258,7 @@ def sign_up_post(v):
correct_formkey_hashstr = form_timestamp + submitted_token + g.agent
correct_formkey = hmac.new(key=bytes(MASTER_KEY, "utf-16"),
correct_formkey = hmac.new(key=bytes(SECRET_KEY, "utf-16"),
msg=bytes(correct_formkey_hashstr, "utf-16"),
digestmod='md5'
).hexdigest()
@ -374,22 +374,15 @@ def sign_up_post(v):
session["lo_user"] = new_user.id
if SITE == 'rdrama.net':
if SIGNUP_FOLLOW_ID:
signup_autofollow = get_account(SIGNUP_FOLLOW_ID)
new_follow = Follow(user_id=new_user.id, target_id=signup_autofollow.id)
g.db.add(new_follow)
signup_autofollow.stored_subscriber_count += 1
g.db.add(signup_autofollow)
send_notification(signup_autofollow.id, f"A new user - @{new_user.username} - has followed you automatically!")
elif CARP_ID:
send_notification(CARP_ID, f"A new user - @{new_user.username} - has signed up!")
if SITE == 'watchpeopledie.co':
carp = get_account(CARP_ID)
new_follow = Follow(user_id=new_user.id, target_id=carp.id)
g.db.add(new_follow)
carp.stored_subscriber_count += 1
g.db.add(carp)
send_notification(carp.id, f"A new user - @{new_user.username} - has followed you automatically!")
if SITE == 'pcmemes.net':
kippy = get_account(KIPPY_ID)
new_follow = Follow(user_id=new_user.id, target_id=kippy.id)
g.db.add(new_follow)
kippy.stored_subscriber_count += 1
g.db.add(kippy)
send_notification(kippy.id, f"A new user - @{new_user.username} - has followed you automatically!")
redir = request.values.get("redirect")
if redir:

6
files/routes/oauth.py
View File

@ -158,7 +158,7 @@ def admin_app_approve(v, aid):
g.db.add(new_auth)
send_repeatable_notification(user.id, f"@{v.username} has approved your application `{app.app_name}`. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next, and join this [discord server](/discord) if you need help!")
send_repeatable_notification(user.id, f"@{v.username} (Admin) has approved your application `{app.app_name}`. Here's your access token: `{access_token}`\nPlease check the guide [here](/api) if you don't know what to do next, and join this [discord server](/discord) if you need help!")
ma = ModAction(
kind="approve_app",
@ -181,7 +181,7 @@ def admin_app_revoke(v, aid):
for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)
if v.id != app.author.id:
send_repeatable_notification(app.author.id, f"@{v.username} has revoked your application `{app.app_name}`.")
send_repeatable_notification(app.author.id, f"@{v.username} (Admin) has revoked your application `{app.app_name}`.")
g.db.delete(app)
@ -207,7 +207,7 @@ def admin_app_reject(v, aid):
for auth in g.db.query(ClientAuth).filter_by(oauth_client=app.id).all(): g.db.delete(auth)
if v.id != app.author.id:
send_repeatable_notification(app.author.id, f"@{v.username} has rejected your application `{app.app_name}`.")
send_repeatable_notification(app.author.id, f"@{v.username} (Admin) has rejected your application `{app.app_name}`.")
g.db.delete(app)

12
files/routes/posts.py
View File

@ -30,10 +30,8 @@ titleheaders = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWe
@app.post("/club_post/<pid>")
@auth_required
@feature_required('COUNTRY_CLUB')
def club_post(pid, v):
if not FEATURES['COUNTRY_CLUB']:
abort(403)
post = get_post(pid)
if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403)
@ -49,17 +47,15 @@ def club_post(pid, v):
)
g.db.add(ma)
message = f"@{v.username} (admin) has moved [{post.title}]({post.shortlink}) to the {CC_TITLE}!"
message = f"@{v.username} (Admin) has moved [{post.title}]({post.shortlink}) to the {CC_TITLE}!"
send_repeatable_notification(post.author_id, message)
return {"message": f"Post has been moved to the {CC_TITLE}!"}
@app.post("/unclub_post/<pid>")
@auth_required
@feature_required('COUNTRY_CLUB')
def unclub_post(pid, v):
if not FEATURES['COUNTRY_CLUB']:
abort(403)
post = get_post(pid)
if post.author_id != v.id and v.admin_level < 2: abort(403)
@ -75,7 +71,7 @@ def unclub_post(pid, v):
)
g.db.add(ma)
message = f"@{v.username} (admin) has removed [{post.title}]({post.shortlink}) from the {CC_TITLE}!"
message = f"@{v.username} (Admin) has removed [{post.title}]({post.shortlink}) from the {CC_TITLE}!"
send_repeatable_notification(post.author_id, message)
return {"message": f"Post has been removed from the {CC_TITLE}!"}

16
files/routes/settings.py
View File

@ -547,10 +547,8 @@ def settings_images_profile(v):
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required
@feature_required('USERS_PROFILE_BANNER')
def settings_images_banner(v):
if not FEATURES['USERS_PROFILE_BANNER']:
abort(403)
if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
file = request.files["banner"]
@ -755,10 +753,8 @@ def settings_name_change(v):
@limiter.limit("3/second;10/day")
@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required
@feature_required('USERS_PROFILE_BANNER')
def settings_song_change_mp3(v):
if not FEATURES['USERS_PROFILE_SONG']:
abort(403)
file = request.files['file']
if file.content_type != 'audio/mpeg':
return render_template("settings_profile.html", v=v, error="Not a valid MP3 file")
@ -787,10 +783,8 @@ def settings_song_change_mp3(v):
@limiter.limit("3/second;10/day")
@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required
@feature_required('USERS_PROFILE_BANNER')
def settings_song_change(v):
if not FEATURES['USERS_PROFILE_SONG']:
abort(403)
song=request.values.get("song").strip()
if song == "" and v.song:
@ -892,10 +886,8 @@ def settings_title_change(v):
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required
@feature_required('PRONOUNS')
def settings_pronouns_change(v):
if not FEATURES['PRONOUNS']:
abort(403)
pronouns = request.values.get("pronouns").replace("𒐪","").strip()
if len(pronouns) > 11:

8
files/routes/static.py
View File

@ -348,10 +348,8 @@ def badge_list(site):
@app.get("/badges")
@auth_required
@feature_required('BADGES')
def badges(v):
if not FEATURES['BADGES']:
abort(404)
badges, counts = badge_list(SITE)
return render_template("badges.html", v=v, badges=badges, counts=counts)
@ -586,7 +584,7 @@ if SITE == 'pcmemes.net':
g.db.add(streamer)
g.db.flush()
if v.id != KIPPY_ID:
send_repeatable_notification(KIPPY_ID, f"@{v.username} has added a [new YouTube channel](https://www.youtube.com/channel/{streamer.id})")
send_repeatable_notification(KIPPY_ID, f"@{v.username} (Admin) has added a [new YouTube channel](https://www.youtube.com/channel/{streamer.id})")
processed = process_streamer(id)
if processed:
@ -609,7 +607,7 @@ if SITE == 'pcmemes.net':
streamer = g.db.get(Streamer, id)
if streamer:
if v.id != KIPPY_ID:
send_repeatable_notification(KIPPY_ID, f"@{v.username} has removed a [YouTube channel](https://www.youtube.com/channel/{streamer.id})")
send_repeatable_notification(KIPPY_ID, f"@{v.username} (Admin) has removed a [YouTube channel](https://www.youtube.com/channel/{streamer.id})")
g.db.delete(streamer)
live = cache.get('live') or []

3
files/routes/subs.py
View File

@ -653,9 +653,8 @@ def sub_stealth(v, sub):
@app.post("/mod_pin/<cid>")
@is_not_permabanned
@feature_required('PINS')
def mod_pin(cid, v):
if not FEATURES['PINS']:
abort(403)
comment = get_comment(cid, v=v)
if not comment.stickied:

6
files/routes/users.py
View File

@ -230,10 +230,8 @@ def downvoting(v, username):
@limiter.limit("1/second;5/day")
@limiter.limit("1/second;5/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required
@feature_required('USERS_SUICIDE')
def suicide(v, username):
if not FEATURES['USERS_SUICIDE']:
abort(403)
user = get_user(username)
suicide = f"Hi there,\n\nA [concerned user](/id/{v.id}) reached out to us about you.\n\nWhen you're in the middle of something painful, it may feel like you don't have a lot of options. But whatever you're going through, you deserve help and there are people who are here for you.\n\nThere are resources available in your area that are free, confidential, and available 24/7:\n\n- Call, Text, or Chat with Canada's [Crisis Services Canada](https://www.crisisservicescanada.ca/en/)\n- Call, Email, or Visit the UK's [Samaritans](https://www.samaritans.org/)\n- Text CHAT to America's [Crisis Text Line](https://www.crisistextline.org/) at 741741.\nIf you don't see a resource in your area above, the moderators keep a comprehensive list of resources and hotlines for people organized by location. Find Someone Now\n\nIf you think you may be depressed or struggling in another way, don't ignore it or brush it aside. Take yourself and your feelings seriously, and reach out to someone.\n\nIt may not feel like it, but you have options. There are people available to listen to you, and ways to move forward.\n\nYour fellow users care about you and there are people who want to help."
if not v.shadowbanned:
@ -508,7 +506,7 @@ def message2(v, username):
body_html = sanitize(message)
if not (SITE == 'rdrama.net' and user.id == 12732):
if not (SITE == 'rdrama.net' and user.id == BLACKJACKBTZ_ID):
existing = g.db.query(Comment.id).filter(Comment.author_id == v.id,
Comment.sentto == user.id,
Comment.body_html == body_html,

4
startup_docker.sh
View File

@ -1,3 +1,7 @@
. ./env
export DATABASE_URL="postgresql://postgres@postgres:5432"
export REDIS_URL="redis://redis:6379"
export PROXY_URL="http://opera-proxy:18080"
/etc/init.d/nginx start
cd ./chat
yarn install

1
ubuntu_setup.sh
View File

@ -6,7 +6,6 @@ apt -y install git redis-server python3-pip ffmpeg imagemagick tmux nginx snapd
git config --global credential.helper store
cd /rDrama
cp ./env /env
sed -i 's/^/export /g;s/=/="/g;s/$/"/g' /env
. /env
mkdir /scripts