Merge branch 'frost' of https://github.com/Aevann1/rDrama into frost

master
Aevann1 2022-10-10 11:06:32 +02:00
commit 30813fc719
13 changed files with 76 additions and 117 deletions

View File

@ -307,6 +307,7 @@ DAD_ID = 0
MOM_ID = 0 MOM_ID = 0
DONGER_ID = 0 DONGER_ID = 0
GEESE_ID = 0 GEESE_ID = 0
BLACKJACKBTZ_ID = 0
POLL_THREAD = 0 POLL_THREAD = 0
POLL_BET_COINS = 200 POLL_BET_COINS = 200
@ -323,6 +324,8 @@ BANNER_THREAD = 0
BADGE_THREAD = 0 BADGE_THREAD = 0
SNAPPY_THREAD = 0 SNAPPY_THREAD = 0
GIFT_NOTIF_ID = 5 GIFT_NOTIF_ID = 5
SIGNUP_FOLLOW_ID = 0
NOTIFICATION_THREAD = 1
if SITE == 'rdrama.net': if SITE == 'rdrama.net':
FEATURES['PRONOUNS'] = True FEATURES['PRONOUNS'] = True
@ -333,6 +336,7 @@ if SITE == 'rdrama.net':
BANNER_THREAD = 37697 BANNER_THREAD = 37697
BADGE_THREAD = 37833 BADGE_THREAD = 37833
SNAPPY_THREAD = 37749 SNAPPY_THREAD = 37749
NOTIFICATION_THREAD = 6489
HOLE_COST = 50000 HOLE_COST = 50000
HOLE_INACTIVITY_DELETION = True HOLE_INACTIVITY_DELETION = True
@ -363,6 +367,7 @@ if SITE == 'rdrama.net':
MOM_ID = 4588 MOM_ID = 4588
DONGER_ID = 541 DONGER_ID = 541
GEESE_ID = 1710 GEESE_ID = 1710
BLACKJACKBTZ_ID = 12732
GIFT_NOTIF_ID = CARP_ID GIFT_NOTIF_ID = CARP_ID
@ -395,7 +400,9 @@ elif SITE == 'pcmemes.net':
BASEDBOT_ID = 800 BASEDBOT_ID = 800
KIPPY_ID = 1592 KIPPY_ID = 1592
GIFT_NOTIF_ID = 1592 GIFT_NOTIF_ID = KIPPY_ID
SIGNUP_FOLLOW_ID = KIPPY_ID
NOTIFICATION_THREAD = 2487
CARP_ID = 13 CARP_ID = 13
AEVANN_ID = 1 AEVANN_ID = 1
SNAKES_ID = 2279 SNAKES_ID = 2279
@ -431,6 +438,7 @@ elif SITE == 'watchpeopledie.co':
SNAKES_ID = 32 SNAKES_ID = 32
GIFT_NOTIF_ID = CARP_ID GIFT_NOTIF_ID = CARP_ID
SIGNUP_FOLLOW_ID = CARP_ID
else: # localhost or testing environment implied else: # localhost or testing environment implied
FEATURES['PRONOUNS'] = True FEATURES['PRONOUNS'] = True

View File

@ -164,6 +164,17 @@ def admin_level_required(x):
return wrapper_maker return wrapper_maker
def feature_required(x):
def wrapper_maker(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not FEATURES[x]: abort(404)
return make_response(f(*args, v=v, **kwargs))
wrapper.__name__ = f.__name__
return wrapper
return wrapper_maker
def casino_required(f): def casino_required(f):
def wrapper(*args, **kwargs): def wrapper(*args, **kwargs):
v = get_logged_in_user() v = get_logged_in_user()

View File

@ -521,10 +521,8 @@ def under_attack(v):
@app.get("/admin/badge_grant") @app.get("/admin/badge_grant")
@admin_level_required(PERMS['USER_BADGES']) @admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_grant_get(v): def badge_grant_get(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all() badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
return render_template("admin/badge_grant.html", v=v, badge_types=badges) return render_template("admin/badge_grant.html", v=v, badge_types=badges)
@ -532,10 +530,8 @@ def badge_grant_get(v):
@app.post("/admin/badge_grant") @app.post("/admin/badge_grant")
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(PERMS['USER_BADGES']) @admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_grant_post(v): def badge_grant_post(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all() badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
user = get_user(request.values.get("username").strip(), graceful=True) user = get_user(request.values.get("username").strip(), graceful=True)
@ -582,22 +578,17 @@ def badge_grant_post(v):
@app.get("/admin/badge_remove") @app.get("/admin/badge_remove")
@admin_level_required(PERMS['USER_BADGES']) @admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_remove_get(v): def badge_remove_get(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all() badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
return render_template("admin/badge_remove.html", v=v, badge_types=badges) return render_template("admin/badge_remove.html", v=v, badge_types=badges)
@app.post("/admin/badge_remove") @app.post("/admin/badge_remove")
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(PERMS['USER_BADGES']) @admin_level_required(PERMS['USER_BADGES'])
@feature_required('BADGES')
def badge_remove_post(v): def badge_remove_post(v):
if not FEATURES['BADGES']:
abort(404)
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all() badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
user = get_user(request.values.get("username").strip(), graceful=True) user = get_user(request.values.get("username").strip(), graceful=True)
@ -1212,10 +1203,8 @@ def distinguish_post(post_id, v):
@app.post("/sticky/<post_id>") @app.post("/sticky/<post_id>")
@admin_level_required(PERMS['POST_COMMENT_MODERATION']) @admin_level_required(PERMS['POST_COMMENT_MODERATION'])
@feature_required('PINS')
def sticky_post(post_id, v): def sticky_post(post_id, v):
if not FEATURES['PINS']:
abort(403)
post = get_post(post_id) post = get_post(post_id)
if not post.stickied: if not post.stickied:
pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count() pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count()

View File

@ -17,10 +17,8 @@ from copy import deepcopy
@app.get("/shop") @app.get("/shop")
@app.get("/settings/shop") @app.get("/settings/shop")
@auth_required @auth_required
@feature_required('AWARDS')
def shop(v): def shop(v):
if not FEATURES['AWARDS']:
abort(404)
AWARDS = deepcopy(AWARDS2) AWARDS = deepcopy(AWARDS2)
if v.house: if v.house:
@ -44,10 +42,8 @@ def shop(v):
@app.post("/buy/<award>") @app.post("/buy/<award>")
@limiter.limit("100/minute;200/hour;1000/day") @limiter.limit("100/minute;200/hour;1000/day")
@auth_required @auth_required
@feature_required('AWARDS')
def buy(v, award): def buy(v, award):
if not FEATURES['AWARDS']:
abort(404)
if award == 'benefactor' and not request.values.get("mb"): if award == 'benefactor' and not request.values.get("mb"):
return {"error": "You can only buy the Benefactor award with marseybux."}, 403 return {"error": "You can only buy the Benefactor award with marseybux."}, 403
@ -127,10 +123,8 @@ def buy(v, award):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@is_not_permabanned @is_not_permabanned
@feature_required('AWARDS')
def award_thing(v, thing_type, id): def award_thing(v, thing_type, id):
if not FEATURES['AWARDS']:
abort(404)
if thing_type == 'post': thing = get_post(id) if thing_type == 'post': thing = get_post(id)
else: thing = get_comment(id) else: thing = get_comment(id)

View File

@ -14,10 +14,9 @@ from files.helpers.lottery import *
@app.get("/casino") @app.get("/casino")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def casino(v): def casino(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return render_template("casino/rehab.html", v=v) return render_template("casino/rehab.html", v=v)
return render_template("casino.html", v=v) return render_template("casino.html", v=v)
@ -26,10 +25,9 @@ def casino(v):
@app.get("/casino/<game>") @app.get("/casino/<game>")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def casino_game_page(v, game): def casino_game_page(v, game):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return render_template("casino/rehab.html", v=v) return render_template("casino/rehab.html", v=v)
elif game not in CASINO_GAME_KINDS: elif game not in CASINO_GAME_KINDS:
abort(404) abort(404)
@ -55,10 +53,9 @@ def casino_game_page(v, game):
@app.get("/casino/<game>/feed") @app.get("/casino/<game>/feed")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def casino_game_feed(v, game): def casino_game_feed(v, game):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
elif game not in CASINO_GAME_KINDS: elif game not in CASINO_GAME_KINDS:
abort(404) abort(404)
@ -71,10 +68,9 @@ def casino_game_feed(v, game):
@app.get("/lottershe") @app.get("/lottershe")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def lottershe(v): def lottershe(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return render_template("casino/rehab.html", v=v) return render_template("casino/rehab.html", v=v)
participants = get_users_participating_in_lottery() participants = get_users_participating_in_lottery()
@ -84,10 +80,9 @@ def lottershe(v):
@app.post("/casino/slots") @app.post("/casino/slots")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def pull_slots(v): def pull_slots(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:
@ -115,10 +110,9 @@ def pull_slots(v):
@app.post("/casino/twentyone/deal") @app.post("/casino/twentyone/deal")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def blackjack_deal_to_player(v): def blackjack_deal_to_player(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:
@ -136,10 +130,9 @@ def blackjack_deal_to_player(v):
@app.post("/casino/twentyone/hit") @app.post("/casino/twentyone/hit")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def blackjack_player_hit(v): def blackjack_player_hit(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:
@ -153,10 +146,9 @@ def blackjack_player_hit(v):
@app.post("/casino/twentyone/stay") @app.post("/casino/twentyone/stay")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def blackjack_player_stay(v): def blackjack_player_stay(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:
@ -170,10 +162,9 @@ def blackjack_player_stay(v):
@app.post("/casino/twentyone/double-down") @app.post("/casino/twentyone/double-down")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def blackjack_player_doubled_down(v): def blackjack_player_doubled_down(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:
@ -187,10 +178,9 @@ def blackjack_player_doubled_down(v):
@app.post("/casino/twentyone/buy-insurance") @app.post("/casino/twentyone/buy-insurance")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def blackjack_player_bought_insurance(v): def blackjack_player_bought_insurance(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:
@ -204,10 +194,9 @@ def blackjack_player_bought_insurance(v):
@app.get("/casino/roulette/bets") @app.get("/casino/roulette/bets")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def roulette_get_bets(v): def roulette_get_bets(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
bets = get_roulette_bets() bets = get_roulette_bets()
@ -218,10 +207,9 @@ def roulette_get_bets(v):
@app.post("/casino/roulette/place-bet") @app.post("/casino/roulette/place-bet")
@limiter.limit("100/minute;2000/hour;12000/day") @limiter.limit("100/minute;2000/hour;12000/day")
@auth_required @auth_required
@feature_required('GAMBLING')
def roulette_player_placed_bet(v): def roulette_player_placed_bet(v):
if not FEATURES['GAMBLING']: if v.rehab:
abort(404)
elif v.rehab:
return {"error": "You are under Rehab award effect!"}, 400 return {"error": "You are under Rehab award effect!"}, 400
try: try:

View File

@ -51,9 +51,7 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
if not pid: if not pid:
if comment.parent_submission: pid = comment.parent_submission if comment.parent_submission: pid = comment.parent_submission
elif SITE_NAME == 'rDrama': pid = 6489 else: pid = NOTIFICATION_THREAD
elif SITE == 'pcmemes.net': pid = 2487
else: pid = 1
post = get_post(pid, v=v) post = get_post(pid, v=v)
@ -647,9 +645,8 @@ def undelete_comment(cid, v):
@app.post("/pin_comment/<cid>") @app.post("/pin_comment/<cid>")
@auth_required @auth_required
@feature_required('PINS')
def pin_comment(cid, v): def pin_comment(cid, v):
if not FEATURES['PINS']:
abort(403)
comment = get_comment(cid, v=v) comment = get_comment(cid, v=v)
if not comment.stickied: if not comment.stickied:

View File

@ -8,9 +8,8 @@ from flask import g
@app.get("/hats") @app.get("/hats")
@auth_required @auth_required
@feature_required('HATS')
def hats(v): def hats(v):
if not FEATURES['HATS']: abort(404)
owned_hat_ids = [x.hat_id for x in v.owned_hats] owned_hat_ids = [x.hat_id for x in v.owned_hats]
if request.values.get("sort") == 'author_asc': if request.values.get("sort") == 'author_asc':
@ -34,9 +33,8 @@ def hats(v):
@app.post("/buy_hat/<hat_id>") @app.post("/buy_hat/<hat_id>")
@auth_required @auth_required
@feature_required('HATS')
def buy_hat(v, hat_id): def buy_hat(v, hat_id):
if not FEATURES['HATS']: abort(404)
try: hat_id = int(hat_id) try: hat_id = int(hat_id)
except: return {"error": "Hat not found!"}, 400 except: return {"error": "Hat not found!"}, 400
@ -85,9 +83,8 @@ def buy_hat(v, hat_id):
@app.post("/equip_hat/<hat_id>") @app.post("/equip_hat/<hat_id>")
@auth_required @auth_required
@feature_required('HATS')
def equip_hat(v, hat_id): def equip_hat(v, hat_id):
if not FEATURES['HATS']: abort(404)
try: hat_id = int(hat_id) try: hat_id = int(hat_id)
except: return {"error": "Hat not found!"}, 400 except: return {"error": "Hat not found!"}, 400
@ -101,9 +98,8 @@ def equip_hat(v, hat_id):
@app.post("/unequip_hat/<hat_id>") @app.post("/unequip_hat/<hat_id>")
@auth_required @auth_required
@feature_required('HATS')
def unequip_hat(v, hat_id): def unequip_hat(v, hat_id):
if not FEATURES['HATS']: abort(404)
try: hat_id = int(hat_id) try: hat_id = int(hat_id)
except: return {"error": "Hat not found!"}, 400 except: return {"error": "Hat not found!"}, 400

View File

@ -374,22 +374,15 @@ def sign_up_post(v):
session["lo_user"] = new_user.id session["lo_user"] = new_user.id
if SITE == 'rdrama.net': if SIGNUP_FOLLOW_ID:
signup_autofollow = get_account(SIGNUP_FOLLOW_ID)
new_follow = Follow(user_id=new_user.id, target_id=signup_autofollow.id)
g.db.add(new_follow)
signup_autofollow.stored_subscriber_count += 1
g.db.add(signup_autofollow)
send_notification(signup_autofollow.id, f"A new user - @{new_user.username} - has followed you automatically!")
elif CARP_ID:
send_notification(CARP_ID, f"A new user - @{new_user.username} - has signed up!") send_notification(CARP_ID, f"A new user - @{new_user.username} - has signed up!")
if SITE == 'watchpeopledie.co':
carp = get_account(CARP_ID)
new_follow = Follow(user_id=new_user.id, target_id=carp.id)
g.db.add(new_follow)
carp.stored_subscriber_count += 1
g.db.add(carp)
send_notification(carp.id, f"A new user - @{new_user.username} - has followed you automatically!")
if SITE == 'pcmemes.net':
kippy = get_account(KIPPY_ID)
new_follow = Follow(user_id=new_user.id, target_id=kippy.id)
g.db.add(new_follow)
kippy.stored_subscriber_count += 1
g.db.add(kippy)
send_notification(kippy.id, f"A new user - @{new_user.username} - has followed you automatically!")
redir = request.values.get("redirect") redir = request.values.get("redirect")
if redir: if redir:

View File

@ -30,10 +30,8 @@ titleheaders = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWe
@app.post("/club_post/<pid>") @app.post("/club_post/<pid>")
@auth_required @auth_required
@feature_required('COUNTRY_CLUB')
def club_post(pid, v): def club_post(pid, v):
if not FEATURES['COUNTRY_CLUB']:
abort(403)
post = get_post(pid) post = get_post(pid)
if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403) if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403)
@ -56,10 +54,8 @@ def club_post(pid, v):
@app.post("/unclub_post/<pid>") @app.post("/unclub_post/<pid>")
@auth_required @auth_required
@feature_required('COUNTRY_CLUB')
def unclub_post(pid, v): def unclub_post(pid, v):
if not FEATURES['COUNTRY_CLUB']:
abort(403)
post = get_post(pid) post = get_post(pid)
if post.author_id != v.id and v.admin_level < 2: abort(403) if post.author_id != v.id and v.admin_level < 2: abort(403)

View File

@ -547,10 +547,8 @@ def settings_images_profile(v):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required @auth_required
@feature_required('USERS_PROFILE_BANNER')
def settings_images_banner(v): def settings_images_banner(v):
if not FEATURES['USERS_PROFILE_BANNER']:
abort(403)
if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403 if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
file = request.files["banner"] file = request.files["banner"]
@ -755,10 +753,8 @@ def settings_name_change(v):
@limiter.limit("3/second;10/day") @limiter.limit("3/second;10/day")
@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required @auth_required
@feature_required('USERS_PROFILE_BANNER')
def settings_song_change_mp3(v): def settings_song_change_mp3(v):
if not FEATURES['USERS_PROFILE_SONG']:
abort(403)
file = request.files['file'] file = request.files['file']
if file.content_type != 'audio/mpeg': if file.content_type != 'audio/mpeg':
return render_template("settings_profile.html", v=v, error="Not a valid MP3 file") return render_template("settings_profile.html", v=v, error="Not a valid MP3 file")
@ -787,10 +783,8 @@ def settings_song_change_mp3(v):
@limiter.limit("3/second;10/day") @limiter.limit("3/second;10/day")
@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required @auth_required
@feature_required('USERS_PROFILE_BANNER')
def settings_song_change(v): def settings_song_change(v):
if not FEATURES['USERS_PROFILE_SONG']:
abort(403)
song=request.values.get("song").strip() song=request.values.get("song").strip()
if song == "" and v.song: if song == "" and v.song:
@ -892,10 +886,8 @@ def settings_title_change(v):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required @auth_required
@feature_required('PRONOUNS')
def settings_pronouns_change(v): def settings_pronouns_change(v):
if not FEATURES['PRONOUNS']:
abort(403)
pronouns = request.values.get("pronouns").replace("𒐪","").strip() pronouns = request.values.get("pronouns").replace("𒐪","").strip()
if len(pronouns) > 11: if len(pronouns) > 11:

View File

@ -348,10 +348,8 @@ def badge_list(site):
@app.get("/badges") @app.get("/badges")
@auth_required @auth_required
@feature_required('BADGES')
def badges(v): def badges(v):
if not FEATURES['BADGES']:
abort(404)
badges, counts = badge_list(SITE) badges, counts = badge_list(SITE)
return render_template("badges.html", v=v, badges=badges, counts=counts) return render_template("badges.html", v=v, badges=badges, counts=counts)

View File

@ -653,9 +653,8 @@ def sub_stealth(v, sub):
@app.post("/mod_pin/<cid>") @app.post("/mod_pin/<cid>")
@is_not_permabanned @is_not_permabanned
@feature_required('PINS')
def mod_pin(cid, v): def mod_pin(cid, v):
if not FEATURES['PINS']:
abort(403)
comment = get_comment(cid, v=v) comment = get_comment(cid, v=v)
if not comment.stickied: if not comment.stickied:

View File

@ -230,10 +230,8 @@ def downvoting(v, username):
@limiter.limit("1/second;5/day") @limiter.limit("1/second;5/day")
@limiter.limit("1/second;5/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;5/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@auth_required @auth_required
@feature_required('USERS_SUICIDE')
def suicide(v, username): def suicide(v, username):
if not FEATURES['USERS_SUICIDE']:
abort(403)
user = get_user(username) user = get_user(username)
suicide = f"Hi there,\n\nA [concerned user](/id/{v.id}) reached out to us about you.\n\nWhen you're in the middle of something painful, it may feel like you don't have a lot of options. But whatever you're going through, you deserve help and there are people who are here for you.\n\nThere are resources available in your area that are free, confidential, and available 24/7:\n\n- Call, Text, or Chat with Canada's [Crisis Services Canada](https://www.crisisservicescanada.ca/en/)\n- Call, Email, or Visit the UK's [Samaritans](https://www.samaritans.org/)\n- Text CHAT to America's [Crisis Text Line](https://www.crisistextline.org/) at 741741.\nIf you don't see a resource in your area above, the moderators keep a comprehensive list of resources and hotlines for people organized by location. Find Someone Now\n\nIf you think you may be depressed or struggling in another way, don't ignore it or brush it aside. Take yourself and your feelings seriously, and reach out to someone.\n\nIt may not feel like it, but you have options. There are people available to listen to you, and ways to move forward.\n\nYour fellow users care about you and there are people who want to help." suicide = f"Hi there,\n\nA [concerned user](/id/{v.id}) reached out to us about you.\n\nWhen you're in the middle of something painful, it may feel like you don't have a lot of options. But whatever you're going through, you deserve help and there are people who are here for you.\n\nThere are resources available in your area that are free, confidential, and available 24/7:\n\n- Call, Text, or Chat with Canada's [Crisis Services Canada](https://www.crisisservicescanada.ca/en/)\n- Call, Email, or Visit the UK's [Samaritans](https://www.samaritans.org/)\n- Text CHAT to America's [Crisis Text Line](https://www.crisistextline.org/) at 741741.\nIf you don't see a resource in your area above, the moderators keep a comprehensive list of resources and hotlines for people organized by location. Find Someone Now\n\nIf you think you may be depressed or struggling in another way, don't ignore it or brush it aside. Take yourself and your feelings seriously, and reach out to someone.\n\nIt may not feel like it, but you have options. There are people available to listen to you, and ways to move forward.\n\nYour fellow users care about you and there are people who want to help."
if not v.shadowbanned: if not v.shadowbanned:
@ -508,7 +506,7 @@ def message2(v, username):
body_html = sanitize(message) body_html = sanitize(message)
if not (SITE == 'rdrama.net' and user.id == 12732): if not (SITE == 'rdrama.net' and user.id == BLACKJACKBTZ_ID):
existing = g.db.query(Comment.id).filter(Comment.author_id == v.id, existing = g.db.query(Comment.id).filter(Comment.author_id == v.id,
Comment.sentto == user.id, Comment.sentto == user.id,
Comment.body_html == body_html, Comment.body_html == body_html,