carpathianflorist
/
MarseyWorld
forked from MarseyWorld/MarseyWorld
1
0
Fork 0
Code Pull Requests Activity
15,974 Commits
1 Branch
0 Tags
2.3 GiB
Commit Graph

1421 Commits (152315f73e2250fb5d7376b7b4b5abb68e7b81bb)

Author SHA1 Message Date
Snakes 152315f73e cron: Move charts from static to helper. 2022-06-07 08:31:24 -04:00
Snakes ace0a62f69 cron: Add lottery as scheduled task. 2022-06-07 07:36:55 -04:00
Snakes acb3a0b338 Enable flask command, add cron target. 
Adding an empty __init__.py, the imports-only cli.py, and setting
FLASK_APP in the environment are enough to get the `flask` command
to work. This will enable future changes, including database
migrations.

The proximate reason for the fix is to add a `flask cron` command
to run scheduled tasks within the application from cron. Specifically,
the lottery should be run from cron.
 2022-06-07 06:57:26 -04:00
Aevann1 4a98c2a639 don't whitelist fagmins 2022-06-07 12:34:46 +02:00
Aevann1 4a1e6cc726 a 500 error is much better than an XSS, bro 2022-06-07 12:03:51 +02:00
Snakes dece3fd460 Add user title coin cost parameter. 2022-06-06 19:02:23 -04:00
Snakes 7556fe8988 Add lottershe badge logic, badge helper. 2022-06-06 00:07:38 -04:00
Snakes 5fb358a32a Add more TLDs to sanitize. 2022-06-03 17:01:32 -04:00
Snakes b306d113ad Lottery: Fix treasure adding coins to manager. 
It was observed in prod that the lottery prize as tracked by the DB
had diverged from the amount held in the Lottershe manager account.
This appears to be the result of grant_lottery_tickets_to_user
adding the # of _tickets_ rather than the value of those tickets to
the manager.
 2022-06-03 02:24:32 -04:00
Snakes 843ff51ace Make post rate limit site-specific. 2022-06-02 22:10:59 -04:00
Snakes 379ae664a3 Make PIN_LIMIT a per-site constant. 2022-06-02 19:45:33 -04:00
Snakes 6b9a133204 Kitchen sink commit, misc. content updates. 
- Increment cache version on popover badges.
- Add comments+submission_listing.js to assetcache to support ^.
- Append new words to wordle list.
- Cache bust assorted assets for recent PRs.
 2022-06-02 19:32:13 -04:00
outruncolors dfd521b652 Add quantity field to purchasing tickets / Make Chapose the beneficiary (#302) 
* Add quantity field to purchasing tickets

* Remove height requirement for div (manlets  seething)
 2022-06-02 19:19:49 -04:00
float-trip 58c4b62163 Some fixes (#300) 
* Narrow emoji_regex

* Fix mirrored pat emojis

* Fix ban icon on posts/comments
 2022-06-02 19:18:10 -04:00
Snakes 2008c09136 Add 'filter' to allowed_styles. 2022-06-02 06:14:20 -04:00
Snakes 227ddbec0e Truncate notifs with too-long bodies. 
In general, we don't do a great job of length validating body_html
fields. Lots of ways to get 500 errors by providing too long of
input. Really ought to find a way to fix it in the classes/comment.py
and classes/submission.py classes. In the interim, the recent gifts
messages change is salient because the notification can 500 out
mid-way through performing coin transactions.

Recommended to find a better way of truncating or safely bubbling
the exception up. Truncating probably not best long-term solution
because it could hypothetically permit strings that would otherwise
be considered unsanitized.
 2022-06-01 00:54:05 -04:00
Snakes 49622b3268 Lottery: add admin participants listing. 2022-05-31 23:20:39 -04:00
Snakes 79e338de38 Treasure: raise minimum reward 10 -> 12. 
A rare case where users receive 0 lotto tickets from a treasure chest
occurs when they received 10 or 11 coins from a chest pre-conversion
to lotto tickets. Rather than change ticket_count to the ceil of
dividing coins by ticket cost, it seems less distortionary to instead
imperceptibly raise the minimum to avoid this case.
 2022-05-31 20:23:19 -04:00
Snakes 5d56e71cc9 Rate limiter: fix 81e2a5a for logged-out. 2022-05-30 23:50:56 -04:00
Snakes 4ba2098612 Rate limiter: whitelist admins. 
Due to presently hitting perpetual 429s after a mishap with lottery
polling on production, among past events where admins have gotten
rate-limited for doing otherwise normal admin behavior, the
flask_limiter.Limiter now has a request filter to whitelist JL2+.
Despite running on every request, I don't anticipate this undermining
the DoS prevention power of the Limiter.

It is yet unknown whether there are edge cases where running
get_logged_in_user in a different spot in the request pipeline might
e.g. subtly break the logged-in counters. This is not expected at
present, however.
 2022-05-30 23:01:18 -04:00
Snakes 81e19b1aed Add can_gamble user setting. 
Users now have a toggleable can_gamble setting which disables their
ability to use all chance-based gains on the site: viz. slots,
blackjack, the lottery, and treasure chests.

This only applies on invocation of commands that start gambling
games, so it should cause no bugs when toggled with e.g. active
blackjack games.

This was added for the benefit of users with actual problems with
gambling, be they past addiction or religious conviction. All future
gambling features are humbly requested to respect it.
 2022-05-30 05:32:45 -04:00
outruncolors 0abf890575 Make a few styling changes for mobile lottery modal (#293) 2022-05-30 01:40:55 -04:00
Snakes cf46b8b3fe Refactor e81edb711d for modularity. 2022-05-30 00:30:10 -04:00
Aevann1 e81edb711d fixed this https://rdrama.net/post/72013/-/2010109?context=8#context 2022-05-30 06:12:51 +02:00
Outrun Colors, LLC ef7da60432 Remove new schema changes from file and replace account ids for lottery system 2022-05-29 22:17:31 -05:00
Outrun Colors, LLC db13e0976c Have tickets show up in treasure chests 2022-05-29 21:59:22 -05:00
Outrun Colors, LLC b9dc28e6d1 Don't show lotteries on the sister sites 2022-05-29 20:43:16 -05:00
Outrun Colors, LLC a0cc7e1cf6 Move more stuff to proper location 2022-05-29 19:49:14 -05:00
Outrun Colors, LLC 562202b38d Reorganize route logic 2022-05-29 01:06:39 -05:00
Outrun Colors, LLC bef0b0ff6d Add participants and field updating 2022-05-29 01:01:45 -05:00
Outrun Colors, LLC 1a55a7670e Send notifications to winners and losers 2022-05-28 23:23:20 -05:00
Outrun Colors, LLC 469c39dca6 Configure admin section and purchasing a ticket full flow 2022-05-28 22:33:44 -05:00
Aevann1 709c756660 fds 2022-05-28 16:55:22 +02:00
Aevann1 cd2380fb33 fds 2022-05-28 04:20:31 +02:00
Aevann1 3f04c69cb8 fds 2022-05-28 01:50:33 +02:00
Aevann1 6b6e2e8253 sfd 2022-05-27 20:28:54 +02:00
Aevann1 db98b4e140 sfd 2022-05-27 19:19:12 +02:00
Aevann1 384afb125a fsd 2022-05-27 17:28:30 +02:00
Snakes 2bde3650d4 Awards: enable lootbox on WPD, refactor AWARDS2 logic. 2022-05-26 22:12:53 -04:00
Aevann1 758a30e166 fsd 2022-05-26 22:53:24 +02:00
Aevann1 d4f7f5497b fds 2022-05-26 22:49:36 +02:00
Aevann1 630996faee gfd 2022-05-26 22:31:08 +02:00
Aevann1 f72015382a crgd is a king 2022-05-26 22:04:39 +02:00
Aevann1 64c3b489e3 fds 2022-05-26 20:37:10 +02:00
Aevann1 2595706b49 fsd 2022-05-26 20:36:37 +02:00
Aevann1 e4893c617e fd 2022-05-26 02:54:05 +02:00
Aevann1 163267c88c Revert "Add Y'all Seein' Eye award." 
This reverts commit a0f441a67d.
 2022-05-26 02:51:42 +02:00
Snakes a0f441a67d Add Y'all Seein' Eye award. 
Adds award to enable viewing profile visitors for non-mops and
non-patrons. This commit should encompass all frontend, backend, and
database changes necessary. Perhaps usable as a model for other
user upgrade flag awards.
 2022-05-25 19:44:34 -04:00
Aevann1 50b995d3a0 fds 2022-05-25 22:16:26 +02:00
Aevann1 49c53cb2ff fds 2022-05-25 20:59:24 +02:00