carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity

disasllow ppl from publishing drafts while banned

master
Aevann 2023-07-22 17:40:23 +03:00
parent 3c0e406f90
commit a2106d191a
3 changed files with 13 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
files/routes/comments.py
View File

@ -86,10 +86,8 @@ def post_pid_comment_cid(cid, v, pid=None, anything=None, sub=None):
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit("20/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("20/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@auth_required
@is_not_banned
def comment(v:User):
if v.is_suspended: abort(403, "You can't perform this action while banned!")
parent_fullname = request.values.get("parent_fullname").strip()
if len(parent_fullname) < 3: abort(400)
id = parent_fullname[2:]

6
files/routes/posts.py
View File

@ -35,7 +35,7 @@ from files.__main__ import app, limiter, redis_instance
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@auth_required
@is_not_banned
def publish(pid, v):
p = get_post(pid)
if not p.private: return {"message": "Post published!"}
@ -455,7 +455,7 @@ def is_repost(v):
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(POST_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(POST_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@auth_required
@is_not_banned
def submit_post(v:User, sub=None):
url = request.values.get("url", "").strip()
@ -496,8 +496,6 @@ def submit_post(v:User, sub=None):
if not sub and HOLE_REQUIRED:
abort(400, f"You must choose a {HOLE_NAME} for your post!")
if v.is_suspended: abort(400, "You can't perform this action while banned!")
if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
abort(400, "You have to type more than 280 characters!")
elif v.bird and len(body) > 140:

11
files/routes/wrappers.py
View File

@ -155,11 +155,20 @@ def auth_required(f):
wrapper.__name__ = f.__name__
return wrapper
def is_not_banned(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not v: abort(401)
if v.is_suspended: abort(403, "You can't perform this action while banned!")
return make_response(f(*args, v=v, **kwargs))
wrapper.__name__ = f.__name__
return wrapper
def is_not_permabanned(f):
def wrapper(*args, **kwargs):
v = get_logged_in_user()
if not v: abort(401)
if v.is_permabanned: abort(403)
if v.is_permabanned: abort(403, "You can't perform this action while permabanned!")
return make_response(f(*args, v=v, **kwargs))
wrapper.__name__ = f.__name__
return wrapper