Commit Graph

1224 Commits (eb98740f972fe3e87e1b7d6757a0afa6792031a6)

Author SHA1 Message Date
justcool393 87fd8ee57a comment sanity checks and constantization
* make HTML body length a constant and use it
* abort before uploads and other tasks if comment level is too deep
* what a nightmare of two functions, please do better next time
2022-10-09 05:54:46 -07:00
justcool393 c9ab2c515b remove some more vestiges
get_post and get_comment both handle this
2022-10-09 01:25:21 -07:00
justcool393 c4c3d6cf49
Merge branch 'frost' into permissions-refactor 2022-10-06 19:55:36 -07:00
Aevann1 3ecb1b4f9a generate a mod log for CCing or unCCing posts and notify OP 2022-10-07 04:48:31 +02:00
justcool393 e372158729
Merge branch 'frost' into permissions-refactor 2022-10-06 19:05:42 -07:00
Aevann1 3cf838af29 fix thumbnails and add opera-proxy to docker 2022-10-06 21:07:45 +02:00
Snakes 24167b1d09
Fix thumbnail_thread passing uploader to media. 2022-10-06 05:15:21 -04:00
justcool393 8db6b3f7fd improve POST_TO_CHANGELOG check 2022-10-06 02:09:46 -07:00
justcool393 e93e2d9ca9 convert some more >s to >=s 2022-10-06 01:40:21 -07:00
Aevann1 96f4f8499f fix 500 errors 2022-10-06 09:30:38 +02:00
justcool393 06f88e8a4a post based permissions mostly 2022-10-05 21:45:54 -07:00
justcool393 43f137208a bypass pin limit perm and also fix a shadowban perm 2022-10-05 19:51:30 -07:00
justcool393 d8610b34b6 changelog permission and don't query db for badges if admin with perm level 2022-10-05 19:45:05 -07:00
justcool393 2fc3044d5b shadowban perms and stuff 2022-10-05 19:24:37 -07:00
justcool393 591e6342bb editing permissions 2022-10-05 18:24:37 -07:00
justcool393 0dfff1f4f6 editing posts to JL3 (will be constantified soon) 2022-10-05 18:03:23 -07:00
justcool393 04f24cd8fd content moderation permission level
holy crap there's a lot
2022-10-05 17:57:08 -07:00
justcool393 2a66104d8b improve body for edit_post 2022-10-05 16:35:44 -07:00
justcool393 d58351637c use constants 2022-10-05 16:35:44 -07:00
justcool393 093ced7b20 introduce constant for post and title length 2022-10-05 16:35:44 -07:00
justcool393 2a53df20ff consistency in return error and returned status code 2022-10-05 16:35:44 -07:00
justcool393 88ae00deef sanitize raw bodies 2022-10-05 16:35:44 -07:00
justcool393 19b2f71c3b improve raw title sanitization and don't check the same thing like 5 times 2022-10-05 16:35:44 -07:00
Aevann1 2f979b859b generate modlogs when a hole janny toggles nsfw 2022-10-06 01:24:54 +02:00
justcool393 9575e11b8b add get_sub_by_name function 2022-10-05 03:37:29 -07:00
justcool393 d5bd3463e8
disallow permanently banned users from untoggling NSFW
can help i guess prevent abuse and creating a situation where dueling NSFW toggles have to be set
2022-10-04 14:09:25 -07:00
Aevann1 fabbc7a1a3 allow hole jannies to mark posts and comments in their holes as +18 2022-10-04 22:10:59 +02:00
Aevann1 3bf62c6ff0 add missing ban_reason when shadowbanning 2022-10-02 13:31:02 +02:00
Aevann1 da4ade067d make pizza's vote on himself be the first 2022-10-02 12:35:04 +02:00
justcool393 057bc360bf don't duplicate get checks for posts 2022-09-30 15:51:17 -07:00
justcool393 c1ca1a02ac
only attempt to parse HTML content types for titles (#382)
* only attempt to parse HTML content types for titles

also don't try to get submission titles for .gifv, .tif, .tiff

* ratelimit to 3 per minute instead of 6 minutes

no one will ever need more than 3 requests to this endpoint per minute - justcool393

6 per minute is already kinda a lot for this endpoint, i think aggressively ratelimiting this one is fine, especially since it's a minute ratelimit
2022-09-30 14:13:06 +02:00
justcool393 0617bb154c
use get_post to handle getting a post (#381)
why did we ever catch an exception throw it away, then catch an exception (something get_post already does) and then finally get the post
2022-09-30 01:44:32 -04:00
Aevann1 6b0c734254 Revert "make the default for notify True"
This reverts commit c192019a22.
2022-09-29 20:05:35 +02:00
Aevann1 c192019a22 make the default for notify True 2022-09-29 19:58:19 +02:00
Aevann1 c16654c4c7 make sure u dont try to get the title of a file (always times out) 2022-09-29 16:45:59 +02:00
Aevann1 09cc43060d
add hole mod logs (#380) 2022-09-29 11:39:37 +02:00
Aevann1 37e1f25624 make using proxies only happen in 3 circumstances again 2022-09-26 06:01:25 +02:00
Aevann1 dd0f8fbed7 proxy all requests we make 2022-09-25 05:23:50 +02:00
Aevann1 c12f7a5f9a commit before rendering 2022-09-22 22:20:29 +02:00
Aevann1 7d39cdb520 minor auth_desired refactor 2022-09-20 02:51:01 +02:00
Aevann1 ff7a54e842 Revert "test ratelimiting on devrama"
This reverts commit 1d83412545.
2022-09-19 21:43:47 +02:00
Aevann1 1d83412545 test ratelimiting on devrama 2022-09-19 21:35:58 +02:00
Aevann1 f54791cc4c remove categories 2022-09-19 20:04:30 +02:00
Aevann1 2fb4ebdcb0 minor sanitize refactor 2022-09-16 18:30:34 +02:00
Aevann1 4abf75edc0 add error codes 2022-09-12 11:52:07 +02:00
Aevann1 ae90eb1cf2 simplify house checking logic 2022-09-11 03:53:16 +02:00
Aevann1 c1aae95d16 restore "notify followers" checkbox 2022-09-10 09:00:45 +02:00
Aevann1 0f232b264c refactor torture_ap 2022-09-05 22:05:04 +02:00
Aevann1 6727d4005c better stripping syntax 2022-09-05 03:44:38 +02:00
Aevann1 842300ac6e remove code irrelevant now (not broken this time I hope) 2022-09-05 01:21:48 +02:00
Aevann1 0c32d56cd6 casino + style shit 2022-09-05 01:15:37 +02:00
outruncolors 5e1d98a3bf
WIP: Add Casino (Do Not Merge) (#341)
* Add new /casino route and template

* Consolidate lottery into casino and add initial template for slots

* Change /lottery route to /casino and replace icon with usd symbol and change sitewide const to reflect change

* Hook up new slots method to casino

* Enable Marseybux spending in casino slots

* Add UI for playing blackjack in casino

* First connection of blackjack UI to backend

* Add protective clause thanks to help from carpathianflorist.

* Create new Casino_Game relation and persist inside of blackjack

* Connect new slots behavior to Casino_Game table

* Create UI action management logic

* Add blackjack game status checker which adds persistence for blackjack

* Gonna handle this better, hold on

* Reorganize blackjack helper methods

* Reorganize casino.js to account for new changes

* Connect up to frontend

* Little changes ya know

* Display a message when winning in Blackjack

* Fix some issues with double down and insure

* Revert "remove owoify-py from requirements"

This reverts commit 4454648ea2.

* A little casino styling change

* Reorganize into a casino block

* Smallenize the card'

* Remove references to old game data on comments

* Add sql migration file

* Remove logic to drop old columns

* Fix two forgotten conflicts
2022-09-04 22:53:34 +02:00
Aevann1 8ed450e980 fix edge case with pinning child comments 2022-09-02 06:13:40 +02:00
Aevann1 5032a9aec2 fix pinned child comments 2022-09-02 02:46:17 +02:00
Aevann1 083371f20f keep_blank_values 2022-09-01 22:46:57 +02:00
Aevann1 17fd089870 refactor pinning child comments 2022-09-01 22:31:08 +02:00
Aevann1 e4c0f1b4b3 restore pizza autoupvotes on posts 2022-09-01 22:07:08 +02:00
Aevann1 8e74171d9d exclude authorized bots from hole restrictions 2022-09-01 22:01:03 +02:00
Snakes 0e70879598
Fix /h/<sub>/submit header icon.
sub.marsey_url was returning false because the submit.html template,
which then includes header.html, was passed an SQLAlchemy Row instance,
not a files.classes.sub.Sub instance. This worked alright because both
the header and the submit page only accessed the name field; however,
accessing the marsey_url property (rather than the marseyurl column
field) failed because of it.
2022-08-30 19:20:27 -04:00
Aevann1 bcec360f30 sort posts with "megathread" in title by new cuz ppl forget to tick the "new" checkbox 2022-08-30 20:22:15 +02:00
Snakes 8c50047f20
Remove new sort on 'thread' in Submission.title.
Requested by multiple jannies. Rough timeline, as I understand it:
  - Circa 7mo ago, this logic was originally added for threads with
    'megathread' in the title.
  - Some time later, a checkbox on submission which sets the flag
    Submission.new does the same thing.
  - In af680d8a94, change the check from 'megathread' to 'thread'.

There must've been some reason for the change of substring checked.
However, it routinely causes issues for the admins and confuses
users. Solution has been to retroactively update posts that currently
rely on the 'megathread' in title behavior to use the `new` flag and
to remove the logic going forward.
2022-08-30 12:14:19 -04:00
Aevann1 7fbcec3b82 turns out we didnt need a dedicated ajax variable 2022-08-30 07:26:13 +02:00
Aevann1 2aaed858d2 add a #changelog channel in jannycord 2022-08-30 04:03:48 +02:00
Aevann1 7a8eef2b99 in /submit, don't get title for url if it ends with extension 2022-08-30 03:51:09 +02:00
Aevann1 f9b56bd046 fix 500 error on posting 2022-08-27 00:05:40 +02:00
Aevann1 1a47d9a916 fix 500 error that's been happening for like a year (thank you snakes and spidey) 2022-08-27 00:03:15 +02:00
Aevann1 45d5f52388 restore betting 2022-08-26 23:53:17 +02:00
Aevann1 5a106b9f90 Revert "make thumbnail code simpler"
This reverts commit 94e7457965.
2022-08-25 17:26:27 +02:00
Aevann1 94e7457965 make thumbnail code simpler 2022-08-25 17:24:32 +02:00
Aevann1 3a50784239 remove all artificial votes 2022-08-23 21:35:28 +02:00
Aevann1 f6e6d07504 make me autoupvote dad's posts 2022-08-23 17:27:52 +02:00
Aevann1 666b0cb063 comment betting code 2022-08-22 22:48:47 +02:00
Aevann1 c0e9425015 make me not upvote posts in /h/racist 2022-08-21 19:47:59 +02:00
Aevann1 c70ea0eb64 boost informative holes with 3 extra autoupvotes 2022-08-21 19:14:03 +02:00
Aevann1 b5d500a98e add house holes 2022-08-21 17:24:16 +02:00
Aevann1 fb2437574f change ping_limit to be 3 for comments, and 50 for posts 2022-08-21 17:05:32 +02:00
Aevann1 350a6eb878 make me upvote /h/smuggies 2022-08-21 15:58:22 +02:00
Aevann1 f3c487f6de make me upvote /h/braincels instead of /h/foid 2022-08-21 15:14:44 +02:00
Aevann1 550299e6a1 make me upvote shit in chudrama 2022-08-20 13:59:29 +02:00
Aevann1 e1e7258e7a add def can_see(v) 2022-08-20 00:36:28 +02:00
Aevann1 a88b9d59c4 rename /h/chudtopia to /h/chudrama 2022-08-20 00:20:25 +02:00
Aevann1 4a8220d687 make chudtopians immune to chud effects 2022-08-20 00:12:53 +02:00
Aevann1 9e5ddcbd92 large commit: stealth mode, SubJoin, chudtopia
dont read if u value ur sanity
2022-08-19 23:31:26 +02:00
Aevann1 3ac493aa95 exclude /h/smuggies from my autoupvote 2022-08-15 16:24:29 +02:00
Snakes 12d7cfaa6c
Verify admin level before editing others' posts.
Yes, it has been possible for any user to edit any post on the site,
their own or otherwise. Only have to generate the POST /edit_post/
manually: an example exploit was created and tested successfully
prior to patching. However, abuse of this vulnerability would have
generated edit_post modlog entries, the lack of which on prod suggest
it was not abused that we know of -- Lord knows how.
2022-08-11 20:12:35 -04:00
Aevann1 1000f9c45e Merge branch 'frost' of https://github.com/Aevann1/rDrama into frost 2022-08-11 06:05:26 +02:00
Aevann1 9341f2368a make some function names shorter 2022-08-11 06:05:23 +02:00
Snakes 55c1ad859e
Disable showmore logic on posts. 2022-08-10 17:34:15 -04:00
Snakes 6a7a3b1821
Hide shadowed user content in more contexts.
- Search: posts by shadowed user.
  - Search: shadowed users in search for users.
  - Direct links to shadowed user posts display as removed.
  - Other users' profile comments listings hide comments on shadowed
    posts. Users can still see their own comments on shadowed posts.
    Similar to ghosted comment logic.
2022-08-08 18:21:59 -04:00
Snakes 1411018f8d Add post categories.
Implemented for LGB but can likely be used for WPD and other future
sites. Similar to a reddit post flair. Provides:
  - Admin panel for Category management.
  - Category selection on post submission.
  - 'Recategorize' post action.
2022-08-07 02:57:30 -04:00
Snakes 2845e0961b Turn login-gate of 1568ec0162 into admin toggle. 2022-08-05 16:42:22 -04:00
Aevann1 3bc1ee583e make carp autoupvote posts in /h/foid 2022-08-05 20:47:33 +02:00
Aevann1 981692550f fix ping limiting being applies on all instances of "sanitize()" 2022-08-05 17:14:22 +02:00
scitzocel e68c2efb1b
sneed (#328)
* sneed

* schizosneed

soren

* Update posts.py
2022-08-05 05:52:03 -04:00
Aevann1 9a2b80e374 spam carp inbox 2022-08-04 23:20:29 +02:00
Aevann1 6087aebc78 make previous commit a little neater 2022-08-04 22:57:07 +02:00
Aevann1 84f4fc164d make chud editting less annoying 2022-08-04 22:54:24 +02:00
Aevann1 1568ec0162 sneed 2022-08-04 22:33:22 +02:00
Snakes 73b71b2f44
PCM: disable repost detection. 2022-08-04 00:07:17 -04:00
Aevann1 e5a2980d1b normalizing request.full_path 2022-08-01 20:03:29 +02:00