add get_sub_by_name function

master
justcool393 2022-10-05 03:30:44 -07:00
parent 4037eed228
commit 9575e11b8b
4 changed files with 38 additions and 77 deletions

View File

@ -298,6 +298,19 @@ def get_comments(cids, v=None, load_parent=False):
return sorted(output, key=lambda x: cids.index(x.id)) return sorted(output, key=lambda x: cids.index(x.id))
def get_sub_by_name(sub, v=None, graceful=False):
if not sub:
if graceful: return None
else: abort(404)
sub = sub.replace('/h/', '').strip().lower()
if not sub:
if graceful: return None
else: abort(404)
sub = g.db.get(Sub, sub)
if not sub:
if graceful: return None
else: abort(404)
return sub
def get_domain(s): def get_domain(s):

View File

@ -22,7 +22,7 @@ def front_all(v, sub=None, subdomain=None):
if sub: if sub:
sub = sub.strip().lower() sub = sub.strip().lower()
if sub == 'chudrama' and not (v and v.can_see_chudrama): abort(403) if sub == 'chudrama' and not (v and v.can_see_chudrama): abort(403)
sub = g.db.get(Sub, sub) sub = get_sub_by_name(sub, graceful=True)
if (request.path.startswith('/h/') or request.path.startswith('/s/')) and not sub: abort(404) if (request.path.startswith('/h/') or request.path.startswith('/s/')) and not sub: abort(404)

View File

@ -87,8 +87,7 @@ def publish(pid, v):
@app.get("/h/<sub>/submit") @app.get("/h/<sub>/submit")
@auth_required @auth_required
def submit_get(v, sub=None): def submit_get(v, sub=None):
if sub: sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub, graceful=True)
if request.path.startswith('/h/') and not sub: abort(404) if request.path.startswith('/h/') and not sub: abort(404)
SUBS = [x[0] for x in g.db.query(Sub.name).order_by(Sub.name).all()] SUBS = [x[0] for x in g.db.query(Sub.name).order_by(Sub.name).all()]

View File

@ -109,10 +109,7 @@ def unexile(v, sub, uid):
@app.post("/h/<sub>/block") @app.post("/h/<sub>/block")
@auth_required @auth_required
def block_sub(v, sub): def block_sub(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub).name
if not sub: abort(404)
sub = sub.name
existing = g.db.query(SubBlock).filter_by(user_id=v.id, sub=sub).one_or_none() existing = g.db.query(SubBlock).filter_by(user_id=v.id, sub=sub).one_or_none()
if not existing: if not existing:
@ -126,10 +123,7 @@ def block_sub(v, sub):
@app.post("/h/<sub>/unblock") @app.post("/h/<sub>/unblock")
@auth_required @auth_required
def unblock_sub(v, sub): def unblock_sub(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub).name
if not sub: abort(404)
sub = sub.name
block = g.db.query(SubBlock).filter_by(user_id=v.id, sub=sub).one_or_none() block = g.db.query(SubBlock).filter_by(user_id=v.id, sub=sub).one_or_none()
if block: if block:
@ -142,10 +136,7 @@ def unblock_sub(v, sub):
@app.post("/h/<sub>/subscribe") @app.post("/h/<sub>/subscribe")
@auth_required @auth_required
def subscribe_sub(v, sub): def subscribe_sub(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub).name
if not sub: abort(404)
sub = sub.name
existing = g.db.query(SubJoin).filter_by(user_id=v.id, sub=sub).one_or_none() existing = g.db.query(SubJoin).filter_by(user_id=v.id, sub=sub).one_or_none()
if not existing: if not existing:
@ -158,10 +149,7 @@ def subscribe_sub(v, sub):
@app.post("/h/<sub>/unsubscribe") @app.post("/h/<sub>/unsubscribe")
@auth_required @auth_required
def unsubscribe_sub(v, sub): def unsubscribe_sub(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub).name
if not sub: abort(404)
sub = sub.name
subscribe = g.db.query(SubJoin).filter_by(user_id=v.id, sub=sub).one_or_none() subscribe = g.db.query(SubJoin).filter_by(user_id=v.id, sub=sub).one_or_none()
if subscribe: if subscribe:
@ -173,11 +161,8 @@ def unsubscribe_sub(v, sub):
@app.post("/h/<sub>/follow") @app.post("/h/<sub>/follow")
@auth_required @auth_required
def follow_sub(v, sub): def follow_sub(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
existing = g.db.query(SubSubscription).filter_by(user_id=v.id, sub=sub.name).one_or_none() existing = g.db.query(SubSubscription).filter_by(user_id=v.id, sub=sub.name).one_or_none()
if not existing: if not existing:
subscription = SubSubscription(user_id=v.id, sub=sub.name) subscription = SubSubscription(user_id=v.id, sub=sub.name)
g.db.add(subscription) g.db.add(subscription)
@ -188,11 +173,8 @@ def follow_sub(v, sub):
@app.post("/h/<sub>/unfollow") @app.post("/h/<sub>/unfollow")
@auth_required @auth_required
def unfollow_sub(v, sub): def unfollow_sub(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
subscription = g.db.query(SubSubscription).filter_by(user_id=v.id, sub=sub.name).one_or_none() subscription = g.db.query(SubSubscription).filter_by(user_id=v.id, sub=sub.name).one_or_none()
if subscription: if subscription:
g.db.delete(subscription) g.db.delete(subscription)
cache.delete_memoized(frontlist) cache.delete_memoized(frontlist)
@ -202,9 +184,7 @@ def unfollow_sub(v, sub):
@app.get("/h/<sub>/mods") @app.get("/h/<sub>/mods")
@auth_required @auth_required
def mods(v, sub): def mods(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
users = g.db.query(User, Mod).join(Mod).filter_by(sub=sub.name).order_by(Mod.created_utc).all() users = g.db.query(User, Mod).join(Mod).filter_by(sub=sub.name).order_by(Mod.created_utc).all()
return render_template("sub/mods.html", v=v, sub=sub, users=users) return render_template("sub/mods.html", v=v, sub=sub, users=users)
@ -213,9 +193,7 @@ def mods(v, sub):
@app.get("/h/<sub>/exilees") @app.get("/h/<sub>/exilees")
@auth_required @auth_required
def sub_exilees(v, sub): def sub_exilees(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
users = g.db.query(User, Exile).join(Exile, Exile.user_id==User.id) \ users = g.db.query(User, Exile).join(Exile, Exile.user_id==User.id) \
.filter_by(sub=sub.name) \ .filter_by(sub=sub.name) \
.order_by(nullslast(Exile.created_utc.desc()), User.username).all() .order_by(nullslast(Exile.created_utc.desc()), User.username).all()
@ -226,9 +204,7 @@ def sub_exilees(v, sub):
@app.get("/h/<sub>/blockers") @app.get("/h/<sub>/blockers")
@auth_required @auth_required
def sub_blockers(v, sub): def sub_blockers(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
users = g.db.query(User).join(SubBlock) \ users = g.db.query(User).join(SubBlock) \
.filter_by(sub=sub.name) \ .filter_by(sub=sub.name) \
.order_by(nullslast(SubBlock.created_utc.desc()), User.username).all() .order_by(nullslast(SubBlock.created_utc.desc()), User.username).all()
@ -240,9 +216,7 @@ def sub_blockers(v, sub):
@app.get("/h/<sub>/followers") @app.get("/h/<sub>/followers")
@auth_required @auth_required
def sub_followers(v, sub): def sub_followers(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
users = g.db.query(User).join(SubSubscription) \ users = g.db.query(User).join(SubSubscription) \
.filter_by(sub=sub.name) \ .filter_by(sub=sub.name) \
.order_by(nullslast(SubSubscription.created_utc.desc()), User.username).all() .order_by(nullslast(SubSubscription.created_utc.desc()), User.username).all()
@ -257,11 +231,7 @@ def sub_followers(v, sub):
@is_not_permabanned @is_not_permabanned
def add_mod(v, sub): def add_mod(v, sub):
if SITE_NAME == 'WPD': abort(403) if SITE_NAME == 'WPD': abort(403)
sub = get_sub_by_name(sub).name
sub = g.db.get(Sub, sub.strip().lower())
if not sub: abort(404)
sub = sub.name
if not v.mods(sub): abort(403) if not v.mods(sub): abort(403)
if v.shadowbanned: return redirect(f'/h/{sub}/mods') if v.shadowbanned: return redirect(f'/h/{sub}/mods')
@ -297,10 +267,8 @@ def add_mod(v, sub):
@app.post("/h/<sub>/remove_mod") @app.post("/h/<sub>/remove_mod")
@is_not_permabanned @is_not_permabanned
def remove_mod(v, sub): def remove_mod(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub).name
if not sub: abort(404)
sub = sub.name
if not v.mods(sub): abort(403) if not v.mods(sub): abort(403)
if v.shadowbanned: return redirect(f'/h/{sub}/mods') if v.shadowbanned: return redirect(f'/h/{sub}/mods')
@ -356,7 +324,7 @@ def create_sub2(v):
if not valid_sub_regex.fullmatch(name): if not valid_sub_regex.fullmatch(name):
return render_template("sub/create_hole.html", v=v, cost=HOLE_COST, error=f"{HOLE_NAME.capitalize()} name not allowed."), 400 return render_template("sub/create_hole.html", v=v, cost=HOLE_COST, error=f"{HOLE_NAME.capitalize()} name not allowed."), 400
sub = g.db.get(Sub, name) sub = get_sub_by_name(sub, graceful=True)
if not sub: if not sub:
if v.coins < HOLE_COST: if v.coins < HOLE_COST:
return render_template("sub/create_hole.html", v=v, cost=HOLE_COST, error="You don't have enough coins!"), 403 return render_template("sub/create_hole.html", v=v, cost=HOLE_COST, error="You don't have enough coins!"), 403
@ -425,11 +393,8 @@ def kick(v, pid):
@app.get('/h/<sub>/settings') @app.get('/h/<sub>/settings')
@is_not_permabanned @is_not_permabanned
def sub_settings(v, sub): def sub_settings(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
if not v.mods(sub.name): abort(403) if not v.mods(sub.name): abort(403)
return render_template('sub/settings.html', v=v, sidebar=sub.sidebar, sub=sub) return render_template('sub/settings.html', v=v, sidebar=sub.sidebar, sub=sub)
@ -438,9 +403,7 @@ def sub_settings(v, sub):
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@is_not_permabanned @is_not_permabanned
def post_sub_sidebar(v, sub): def post_sub_sidebar(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
if not v.mods(sub.name): abort(403) if not v.mods(sub.name): abort(403)
if v.shadowbanned: return redirect(f'/h/{sub}/settings') if v.shadowbanned: return redirect(f'/h/{sub}/settings')
@ -465,7 +428,7 @@ def post_sub_sidebar(v, sub):
@limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
@is_not_permabanned @is_not_permabanned
def post_sub_css(v, sub): def post_sub_css(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
css = request.values.get('css', '').strip() css = request.values.get('css', '').strip()
if not sub: abort(404) if not sub: abort(404)
@ -509,9 +472,7 @@ def get_sub_css(sub):
def sub_banner(v, sub): def sub_banner(v, sub):
if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403 if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
sub = g.db.get(Sub, sub.lower().strip()) sub = get_sub_by_name(sub)
if not sub: abort(404)
if not v.mods(sub.name): abort(403) if not v.mods(sub.name): abort(403)
if v.shadowbanned: return redirect(f'/h/{sub}/settings') if v.shadowbanned: return redirect(f'/h/{sub}/settings')
@ -544,9 +505,7 @@ def sub_banner(v, sub):
def sub_sidebar(v, sub): def sub_sidebar(v, sub):
if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403 if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
sub = g.db.get(Sub, sub.lower().strip()) sub = get_sub_by_name(sub)
if not sub: abort(404)
if not v.mods(sub.name): abort(403) if not v.mods(sub.name): abort(403)
if v.shadowbanned: return redirect(f'/h/{sub}/settings') if v.shadowbanned: return redirect(f'/h/{sub}/settings')
@ -578,9 +537,7 @@ def sub_sidebar(v, sub):
def sub_marsey(v, sub): def sub_marsey(v, sub):
if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403 if request.headers.get("cf-ipcountry") == "T1": return {"error":"Image uploads are not allowed through TOR."}, 403
sub = g.db.get(Sub, sub.lower().strip()) sub = get_sub_by_name(sub)
if not sub: abort(404)
if not v.mods(sub.name): abort(403) if not v.mods(sub.name): abort(403)
if v.shadowbanned: return redirect(f'/h/{sub}/settings') if v.shadowbanned: return redirect(f'/h/{sub}/settings')
@ -667,9 +624,7 @@ def hole_unpin(v, pid):
@app.post('/h/<sub>/stealth') @app.post('/h/<sub>/stealth')
@is_not_permabanned @is_not_permabanned
def sub_stealth(v, sub): def sub_stealth(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
if sub.name == 'braincels': abort(403) if sub.name == 'braincels': abort(403)
if not v.mods(sub.name): abort(403) if not v.mods(sub.name): abort(403)
@ -754,10 +709,7 @@ def mod_unpin(cid, v):
@app.get("/h/<sub>/modlog") @app.get("/h/<sub>/modlog")
@auth_required @auth_required
def hole_log(v, sub): def hole_log(v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
sub = sub
try: page = max(int(request.values.get("page", 1)), 1) try: page = max(int(request.values.get("page", 1)), 1)
except: page = 1 except: page = 1
@ -796,10 +748,7 @@ def hole_log(v, sub):
@app.get("/h/<sub>/log/<id>") @app.get("/h/<sub>/log/<id>")
@auth_required @auth_required
def hole_log_item(id, v, sub): def hole_log_item(id, v, sub):
sub = g.db.get(Sub, sub.strip().lower()) sub = get_sub_by_name(sub)
if not sub: abort(404)
sub = sub
try: id = int(id) try: id = int(id)
except: abort(404) except: abort(404)