carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity

Unify admin badge page listings source.

master
Snakes 2022-11-27 17:02:18 -05:00
parent 427f54175c
commit 7551add5d8
Signed by: Snakes
GPG Key ID: E745A82778055C7E
1 changed files with 14 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
files/routes/admin.py
View File

@ -508,19 +508,22 @@ def under_attack(v):
g.db.add(ma) g.db.add(ma)
return {"message": f"Under attack mode {enable_disable_str}d!"} return {"message": f"Under attack mode {enable_disable_str}d!"}
@app.get("/admin/badge_grant") def admin_badges_grantable_list(v):
@app.get("/admin/badge_remove")
@feature_required('BADGES')
@admin_level_required(PERMS['USER_BADGES'])
def badge_grant_get(v):
grant = request.url.endswith("grant")
query = g.db.query(BadgeDef) query = g.db.query(BadgeDef)
if BADGE_BLACKLIST and v.id != AEVANN_ID and SITE != 'pcmemes.net': if BADGE_BLACKLIST and v.id != AEVANN_ID and SITE != 'pcmemes.net':
query = query.filter(BadgeDef.id.notin_(BADGE_BLACKLIST)) query = query.filter(BadgeDef.id.notin_(BADGE_BLACKLIST))
if BADGE_WHITELIST: if BADGE_WHITELIST:
query = query.filter(BadgeDef.id.in_(BADGE_WHITELIST)) query = query.filter(BadgeDef.id.in_(BADGE_WHITELIST))
badge_types = query.order_by(BadgeDef.id).all() badge_types = query.order_by(BadgeDef.id).all()
return badge_types
@app.get("/admin/badge_grant")
@app.get("/admin/badge_remove")
@feature_required('BADGES')
@admin_level_required(PERMS['USER_BADGES'])
def badge_grant_get(v):
grant = request.url.endswith("grant")
badge_types = admin_badges_grantable_list(v)
return render_template("admin/badge_admin.html", v=v, return render_template("admin/badge_admin.html", v=v,
badge_types=badge_types, grant=grant) badge_types=badge_types, grant=grant)
@ -530,7 +533,7 @@ def badge_grant_get(v):
@limiter.limit(DEFAULT_RATELIMIT_SLOWER) @limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_BADGES']) @admin_level_required(PERMS['USER_BADGES'])
def badge_grant_post(v): def badge_grant_post(v):
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all() badges = admin_badges_grantable_list(v)
user = get_user(request.values.get("username").strip(), graceful=True) user = get_user(request.values.get("username").strip(), graceful=True)
if not user: if not user:
@ -539,10 +542,7 @@ def badge_grant_post(v):
try: badge_id = int(request.values.get("badge_id")) try: badge_id = int(request.values.get("badge_id"))
except: abort(400) except: abort(400)
if BADGE_WHITELIST and badge_id not in BADGE_WHITELIST: if badge_id not in [b.id for b in badges]:
abort(403)
elif (BADGE_BLACKLIST and badge_id in BADGE_BLACKLIST
and v.id != AEVANN_ID and SITE != 'pcmemes.net'):
abort(403) abort(403)
if user.has_badge(badge_id): if user.has_badge(badge_id):
@ -581,7 +581,7 @@ def badge_grant_post(v):
@limiter.limit(DEFAULT_RATELIMIT_SLOWER) @limiter.limit(DEFAULT_RATELIMIT_SLOWER)
@admin_level_required(PERMS['USER_BADGES']) @admin_level_required(PERMS['USER_BADGES'])
def badge_remove_post(v): def badge_remove_post(v):
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all() badges = admin_badges_grantable_list(v)
user = get_user(request.values.get("username").strip(), graceful=True) user = get_user(request.values.get("username").strip(), graceful=True)
if not user: if not user:
@ -590,7 +590,7 @@ def badge_remove_post(v):
try: badge_id = int(request.values.get("badge_id")) try: badge_id = int(request.values.get("badge_id"))
except: abort(400) except: abort(400)
if badge_id in {67,68,83,84,87,90,140} and v.id != AEVANN_ID and SITE != 'pcmemes.net': if badge_id not in [b.id for b in badges]:
abort(403) abort(403)
badge = user.has_badge(badge_id) badge = user.has_badge(badge_id)