refactor can_see and use it more

master
Aevann 2023-10-05 12:22:05 +03:00
parent d44bd1241c
commit a0cf583460
16 changed files with 59 additions and 88 deletions

View File

@ -923,7 +923,7 @@ class User(Base):
@property
@lazy
def banner_url(self):
if FEATURES['USERS_PROFILE_BANNER'] and self.bannerurl and self.can_see_my_shit:
if FEATURES['USERS_PROFILE_BANNER'] and self.bannerurl and g.v.can_see(self):
return self.bannerurl
return f"{SITE_FULL_IMAGES}/i/{SITE_NAME}/site_preview.webp?x=6"
@ -942,7 +942,7 @@ class User(Base):
number_of_girl_pfps = 25
pic_num = (self.id % number_of_girl_pfps) + 1
return f"{SITE_FULL}/i/pfps/girls/{pic_num}.webp"
if self.profileurl and self.can_see_my_shit:
if self.profileurl and g.v.can_see(self):
if self.profileurl.startswith('/'): return SITE_FULL + self.profileurl
return self.profileurl
return f"{SITE_FULL_IMAGES}/i/default-profile-pic.webp?x=6"
@ -959,14 +959,12 @@ class User(Base):
@lazy
def real_post_count(self, v):
if not self.shadowbanned: return self.post_count
if v and (v.id == self.id or v.can_see_shadowbanned): return self.post_count
if v.can_see(self): return self.post_count
return 0
@lazy
def real_comment_count(self, v):
if not self.shadowbanned: return self.comment_count
if v and (v.id == self.id or v.can_see_shadowbanned): return self.comment_count
if v.can_see(self): return self.comment_count
return 0
@property
@ -1152,34 +1150,13 @@ class User(Base):
tier_money = TIER_TO_MONEY[self.patron]
return f'{tier_name} - Donates ${tier_money}/month'
@classmethod
def can_see_content(cls, user, other):
'''
Whether a user can see this item (be it a post or comment)'s content.
If False, they won't be able to view its content.
'''
if not cls.can_see(user, other): return False
if user and user.admin_level >= PERMS["POST_COMMENT_MODERATION"]: return True
@lazy
def can_see(self, other):
if isinstance(other, (Post, Comment)):
if user and user.id == other.author_id: return True
if other.is_banned: return False
if other.deleted_utc: return False
if other.author.shadowbanned and not (user and user.can_see_shadowbanned): return False
if isinstance(other, Comment):
if other.parent_post and not cls.can_see(user, other.post): return False
return True
@classmethod
def can_see(cls, user, other):
'''
Whether a user can strictly see this item. can_see_content is used where
content of a thing can be hidden from view
'''
if isinstance(other, (Post, Comment)):
if not cls.can_see(user, other.author): return False
if user and user.id == other.author_id: return True
if not self.can_see(other.author): return False
if self and self.id == other.author_id: return True
if isinstance(other, Post):
if other.sub and not cls.can_see(user, other.subr):
if other.sub and not self.can_see(other.subr):
return False
if request.headers.get("Cf-Ipcountry") == 'NZ':
if 'christchurch' in other.title.lower():
@ -1190,22 +1167,22 @@ class User(Base):
if hasattr(other, 'is_blocking') and other.is_blocking and not request.path.endswith(f'/{other.id}'):
return False
if other.parent_post:
return cls.can_see(user, other.post)
return self.can_see(other.post)
else:
if not user and not other.wall_user_id: return False
if not self and not other.wall_user_id: return False
if other.sentto:
if other.sentto == MODMAIL_ID:
if other.top_comment.author_id == user.id: return True
return user.admin_level >= PERMS['VIEW_MODMAIL']
if other.sentto != user.id:
return user.admin_level >= PERMS['BLACKJACK_NOTIFICATIONS']
if other.top_comment.author_id == self.id: return True
return self.admin_level >= PERMS['VIEW_MODMAIL']
if other.sentto != self.id:
return self.admin_level >= PERMS['BLACKJACK_NOTIFICATIONS']
elif isinstance(other, Sub):
if other.name == 'chudrama': return bool(user) and user.can_see_chudrama
if other.name == 'countryclub': return bool(user) and user.can_see_countryclub
if other.name == 'highrollerclub': return bool(user) and user.can_see_highrollerclub
if other.name == 'chudrama': return bool(user) and self.can_see_chudrama
if other.name == 'countryclub': return bool(user) and self.can_see_countryclub
if other.name == 'highrollerclub': return bool(user) and self.can_see_highrollerclub
elif isinstance(other, User):
return (user and user.id == other.id) or (user and user.can_see_shadowbanned) or not other.shadowbanned
return (self and self.id == other.id) or (self and self.can_see_shadowbanned) or not other.shadowbanned
return True
@property
@ -1369,12 +1346,6 @@ class User(Base):
return output
@property
@lazy
def can_see_my_shit(self):
v = g.v
return not self.shadowbanned or (v and (v.id == self.id or v.can_see_shadowbanned))
@property
@lazy
def ordered_badges(self):

View File

@ -353,7 +353,7 @@ def messagereply(v):
execute_under_siege(v, c, c.body_html, 'message')
if user_id and user_id not in {v.id, MODMAIL_ID} | BOT_IDs:
if User.can_see(user, v):
if user.can_see(v):
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=user_id).one_or_none()
if not notif:
notif = Notification(comment_id=c.id, user_id=user_id)

View File

@ -48,7 +48,7 @@ def post_pid_comment_cid(cid, v, pid=None, anything=None, sub=None):
comment = get_comment(cid, v=v)
if not User.can_see(v, comment): abort(403)
if not v.can_see(comment): abort(403)
if comment.parent_post:
post = comment.parent_post
@ -145,7 +145,7 @@ def comment(v):
parent_user = parent if isinstance(parent, User) else parent.author
posting_to_post = isinstance(post_target, Post)
if posting_to_post and not User.can_see(v, parent):
if posting_to_post and not v.can_see(parent):
abort(403)
if posting_to_post:

View File

@ -18,7 +18,7 @@ from files.__main__ import app, cache, limiter, redis_instance
def front_all(v, sub=None):
if sub:
sub = get_sub_by_name(sub, graceful=True)
if sub and not User.can_see(v, sub):
if sub and not v.can_see(sub):
abort(403)
if request.path.startswith('/h/') and not sub:

View File

@ -132,7 +132,7 @@ def inject_constants():
"SIDEBAR_THREAD":SIDEBAR_THREAD, "BANNER_THREAD":BANNER_THREAD, "BUG_THREAD":BUG_THREAD,
"BADGE_THREAD":BADGE_THREAD, "SNAPPY_THREAD":SNAPPY_THREAD, "CHANGELOG_THREAD":CHANGELOG_THREAD,
"approved_embed_hosts":approved_embed_hosts, "POST_BODY_LENGTH_LIMIT":POST_BODY_LENGTH_LIMIT,
"SITE_SETTINGS":get_settings(), "EMAIL":EMAIL, "max": max, "min": min, "user_can_see":User.can_see,
"SITE_SETTINGS":get_settings(), "EMAIL":EMAIL, "max": max, "min": min,
"TELEGRAM_ID":TELEGRAM_ID, "TRUESCORE_DONATE_MINIMUM":TRUESCORE_DONATE_MINIMUM, "PROGSTACK_ID":PROGSTACK_ID,
"DONATE_LINK":DONATE_LINK, "DONATE_SERVICE":DONATE_SERVICE,
"HOUSE_JOIN_COST":HOUSE_JOIN_COST, "HOUSE_SWITCH_COST":HOUSE_SWITCH_COST, "IMAGE_FORMATS":','.join(IMAGE_FORMATS),

View File

@ -435,7 +435,7 @@ def notifications(v):
def notification(v, cid):
comment = get_comment(cid, v=v)
if not User.can_see(v, comment): abort(403)
if not v.can_see(comment): abort(403)
comment.unread = True

View File

@ -99,7 +99,7 @@ def submit_get(v, sub=None):
@auth_desired_with_logingate
def post_id(pid, v, anything=None, sub=None):
p = get_post(pid, v=v)
if not User.can_see(v, p): abort(403)
if not v.can_see(p): abort(403)
if not g.is_api_or_xhr and p.over_18 and not g.show_over_18:
return render_template("errors/nsfw.html", v=v)
@ -468,7 +468,7 @@ def submit_post(v, sub=None):
sub = g.db.query(Sub).options(load_only(Sub.name)).filter_by(name=sub_name).one_or_none()
if not sub: abort(400, f"/h/{sub_name} not found!")
if not User.can_see(v, sub):
if not v.can_see(sub):
if sub.name == 'highrollerclub':
abort(403, f"Only {patron}s can post in /h/{sub}")
abort(403, f"You're not allowed to post in /h/{sub}")

View File

@ -125,7 +125,7 @@ def block_sub(v, sub):
@auth_required
def unblock_sub(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
block = g.db.query(SubBlock).filter_by(user_id=v.id, sub=sub.name).one_or_none()
@ -173,7 +173,7 @@ def unsubscribe_sub(v, sub):
@auth_required
def follow_sub(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
existing = g.db.query(SubSubscription).filter_by(user_id=v.id, sub=sub.name).one_or_none()
if not existing:
@ -202,7 +202,7 @@ def unfollow_sub(v, sub):
@auth_required
def mods(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
users = g.db.query(User, Mod).join(Mod).filter_by(sub=sub.name).order_by(Mod.created_utc).all()
@ -215,7 +215,7 @@ def mods(v, sub):
@auth_required
def sub_exilees(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
users = g.db.query(User, Exile).join(Exile, Exile.user_id==User.id) \
.filter_by(sub=sub.name) \
@ -230,7 +230,7 @@ def sub_exilees(v, sub):
@auth_required
def sub_blockers(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
users = g.db.query(User, SubBlock).join(SubBlock) \
.filter_by(sub=sub.name) \
@ -246,7 +246,7 @@ def sub_blockers(v, sub):
@auth_required
def sub_followers(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
users = g.db.query(User, SubSubscription).join(SubSubscription) \
.filter_by(sub=sub.name) \
@ -841,7 +841,7 @@ def unpin_comment_mod(cid, v):
@auth_required
def hole_log(v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
page = get_page()
@ -883,7 +883,7 @@ def hole_log(v, sub):
@auth_required
def hole_log_item(id, v, sub):
sub = get_sub_by_name(sub)
if not User.can_see(v, sub):
if not v.can_see(sub):
abort(403)
action = g.db.get(SubAction, id)

View File

@ -665,7 +665,7 @@ def message2(v, username=None, id=None):
execute_under_siege(v, c, c.body_html, 'message')
c.top_comment_id = c.id
if user.id not in BOT_IDs and User.can_see(user, v):
if user.id not in BOT_IDs and user.can_see(v):
g.db.flush()
notif = g.db.query(Notification).filter_by(comment_id=c.id, user_id=user.id).one_or_none()
if not notif:
@ -927,7 +927,7 @@ def u_username_wall(v, username):
def u_username_wall_comment(v, username, cid):
comment = get_comment(cid, v=v)
if not comment.wall_user_id: abort(400)
if not User.can_see(v, comment): abort(403)
if not v.can_see(comment): abort(403)
u = comment.wall_user

View File

@ -29,7 +29,7 @@ def vote_post_comment(target_id, new, v, cls, vote_cls):
else:
abort(404)
if not User.can_see(v, target): abort(403)
if not v.can_see(target): abort(403)
coin_delta = 1
if v.id == target.author.id:

View File

@ -13,7 +13,7 @@
{% macro single_comment(c, level=1, collapse=False) %}
{% if user_can_see(v, c) %}
{% if v.can_see(c) %}
{% set ups=c.upvotes %}
{% set downs=c.downvotes %}

View File

@ -10,7 +10,7 @@
{% include "popover.html" %}
{% for p in listing if user_can_see(v, p) %}
{% for p in listing if v.can_see(p) %}
<input hidden class="twoattrs" value="{{p.id}},{{p.comment_count}}">

View File

@ -32,7 +32,7 @@
<div id="profile--lastactive" class="mt-3">Last active on <span id="profile--lastactive--time" data-time="{{u.last_active}}"></span></div>
{%- endif %}
{% if FEATURES['USERS_PROFILE_BODYTEXT'] and not hide_bios and u.bio_html and u.can_see_my_shit %}
{% if FEATURES['USERS_PROFILE_BODYTEXT'] and not hide_bios and u.bio_html and v.can_see(u) %}
<div class="card-text user-card-bio mt-3">{{u.bio_html | safe}}</div>
{% endif %}
</div>

View File

@ -6,7 +6,7 @@
{% endif %}
{% set ns = namespace() %}
{% set pfp = u.highres if (u.highres and u.can_see_my_shit) else u.profile_url %}
{% set pfp = u.highres if (u.highres and v.can_see(u)) else u.profile_url %}
{% block desktopUserBanner %}
<div class="row d-mob-none">
@ -29,7 +29,7 @@
<div class="d-flex align-items-center mt-1 mb-2">
<h3 class="font-weight-bolder my-0 mr-2" id="profile--name" style="color: #{{u.name_color}}"><span {% if u.patron %}class="patron" style="background-color:#{{u.name_color}}"{% endif %}>{{u.user_name}}</span></h3>
{% if u.can_see_my_shit and u.username != u.original_username %}
{% if v.can_see(u) and u.username != u.original_username %}
{% set ns.og_usernames = 'Original Usernames:<br>@' ~ u.original_username %}
{% if u.prelock_username and u.prelock_username != u.original_username %}
@ -63,11 +63,11 @@
{% endif %}
</div>
{% if FEATURES['PRONOUNS'] and u.can_see_my_shit %}
{% if FEATURES['PRONOUNS'] and v.can_see(u) %}
<p class="font-weight-bolder" id="profile--pronouns" style="color: #{{u.titlecolor}}">{{u.pronouns_display}}</p>
{% endif %}
{% if u.customtitle and u.can_see_my_shit %}
{% if u.customtitle and v.can_see(u) %}
<p class="font-weight-bolder" id="profile--flair" style="color: #{{u.titlecolor}}">{{u.customtitle | safe}}</p>
{% endif %}
@ -111,18 +111,18 @@
</div>
{% if FEATURES['USERS_PROFILE_BODYTEXT'] -%}
{% if u.bio_html and u.can_see_my_shit %}
{% if u.bio_html and v.can_see(u) %}
<div class="text-muted font-weight-bolder mt-1" id="profile--bio">{{u.bio_html | safe}}</div>
{% else %}
<p class="text-muted" id="profile--bio">No bio...</p>
{% endif %}
{% if u.friends_html and u.can_see_my_shit %}
{% if u.friends_html and v.can_see(u) %}
<p class="text-muted font-weight-bold">Friends:</p>
<div id="profile--friends">{{u.friends_html | safe}}</div>
{% endif %}
{% if u.enemies_html and u.can_see_my_shit %}
{% if u.enemies_html and v.can_see(u) %}
<p class="text-muted font-weight-bold">Enemies:</p>
<div id="profile--enemies">{{u.enemies_html | safe}}</div>
{% endif %}
@ -259,7 +259,7 @@
<span id="profile--alts">{{alts|length}} Alt{{macros.plural(alts|length)}}:</span>
{% endif %}
<ul id="profile--alts-list">
{% if u.can_see_my_shit %}
{% if v.can_see(u) %}
{% for account in alts %}
<li><a href="{{account.url}}">@{{account.username}}</a>{% if account._is_manual %} [m]{% endif %}</li>
{% endfor %}
@ -315,7 +315,7 @@
{{userpage_admintools.userBanBlock('mobile')}}
<h5 class=" d-inline-block" id="profile-mobile--name" style="color: #{{u.name_color}}"><span {% if u.patron %}class="patron" style="background-color:#{{u.name_color}}"{% endif %}>{{u.user_name}}</span></h5>
{% if u.can_see_my_shit and u.username != u.original_username %}
{% if v.can_see(u) and u.username != u.original_username %}
<span id="profile-mobile--origname">
<i class="fas fa-user-tag text-info align-middle ml-2" data-bs-toggle="tooltip" data-bs-placement="bottom" data-bs-html="true" title="{{ns.og_usernames}}"></i>
</span>
@ -342,11 +342,11 @@
<span class="followsyou badge badge-secondary text-small align-middle mx-1" id="profile-mobile--follows-you">Follows you</span>
{% endif %}
{% if FEATURES['PRONOUNS'] and u.can_see_my_shit %}
{% if FEATURES['PRONOUNS'] and v.can_see(u) %}
<p style="color: #{{u.titlecolor}}" id="profile-mobile--pronouns">{{u.pronouns_display}}</p>
{% endif %}
{% if u.customtitle and u.can_see_my_shit %}
{% if u.customtitle and v.can_see(u) %}
<p style="color: #{{u.titlecolor}}" id="profile-mobile--flair">{{u.customtitle | safe}}</p>
{% endif %}
@ -394,16 +394,16 @@
</div>
{% if FEATURES['USERS_PROFILE_BODYTEXT'] -%}
{% if u.bio_html and u.can_see_my_shit %}
{% if u.bio_html and v.can_see(u) %}
<div class="text-muted text-break mt-1" id="profile-mobile--bio">{{u.bio_html | safe}}</div>
{% endif %}
{% if u.friends_html and u.can_see_my_shit %}
{% if u.friends_html and v.can_see(u) %}
<p class="text-muted font-weight-bold mt-3">Friends:</p>
<div id="profile-mobile--friends">{{u.friends_html | safe}}</div>
{% endif %}
{% if u.enemies_html and u.can_see_my_shit %}
{% if u.enemies_html and v.can_see(u) %}
<p class="text-muted font-weight-bold mt-3">Enemies:</p>
<div id="profile-mobile--enemies">{{u.enemies_html | safe}}</div>
{% endif %}
@ -547,7 +547,7 @@
<span id="profile-mobile--alts">{{alts|length}} Alt{{macros.plural(alts|length)}}:</span>
{% endif %}
<ul id="profile-mobile--alts-list">
{% if u.can_see_my_shit %}
{% if v.can_see(u) %}
{% for account in alts %}
<li><a href="{{account.url}}">@{{account.username}}</a>{% if account._is_manual %} [m]{% endif %}</li>
{% endfor %}

View File

@ -5,7 +5,7 @@
{% if u and u.profile_background %}
<link rel="stylesheet" href="{{('css/transparent.css') | asset}}">
{% endif %}
{% if u and (u.profilecss or u.profile_background) and not request.values.get('nocss') and u.can_see_my_shit %}
{% if u and (u.profilecss or u.profile_background) and not request.values.get('nocss') and v.can_see(u) %}
<link rel="stylesheet" href="/@{{u.username}}/profilecss">
{% endif %}
{% endblock %}
@ -27,7 +27,7 @@
<div id="username" class="d-none">{{u.username}}</div>
{% endif %}
<script defer src="{{'js/userpage.js' | asset}}"></script>
{% if (not (IS_FISTMAS() or IS_DKD()) or SITE_NAME == 'WPD') and u.can_see_my_shit %}
{% if (not (IS_FISTMAS() or IS_DKD()) or SITE_NAME == 'WPD') and v.can_see(u) %}
<script defer src="{{'js/profile_song.js' | asset}}"></script>
{% endif %}
{% endblock %}

View File

@ -53,7 +53,7 @@
{{0 if u.shadowbanned else u.real_comment_count(v)}}
Comments
{%- endif -%}
{% if u.bio and u.can_see_my_shit %}
{% if u.bio and v.can_see(u) %}
- {{u.bio}}
{% endif %}
{% endset %}