gerudo
/
rDrama
forked from rDrama/rDrama
1
0
Fork 0
Code Pull Requests Activity

Merge branch 'frost' of https://github.com/Aevann1/rDrama into frost

master
Aevann1 2022-10-01 01:38:09 +02:00
parent d9a57cf201 50689c9298
commit 6a0fd03548
11 changed files with 9 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
files/helpers/awards.py
View File

@ -76,6 +76,7 @@ def award_timers(v, bot=False):
v.earlylife = None v.earlylife = None
notify_if_not_bot("Your earlylife status has expired!") notify_if_not_bot("Your earlylife status has expired!")
badge = v.has_badge(169) badge = v.has_badge(169)
if badge: g.db.delete(badge)
if v.marsify and v.marsify < now and v.marsify != 1: if v.marsify and v.marsify < now and v.marsify != 1:
v.marsify = 0 v.marsify = 0
if SITE_NAME != 'rDrama': notify_if_not_bot("Your marsify status has expired!") if SITE_NAME != 'rDrama': notify_if_not_bot("Your marsify status has expired!")

4
files/helpers/jinja2.py
View File

@ -8,10 +8,6 @@ from files.helpers.assetcache import assetcache_path
@app.template_filter("post_embed") @app.template_filter("post_embed")
def post_embed(id, v): def post_embed(id, v):
try: id = int(id)
except: return None
p = get_post(id, v, graceful=True) p = get_post(id, v, graceful=True)
if p: return render_template("submission_listing.html", listing=[p], v=v) if p: return render_template("submission_listing.html", listing=[p], v=v)

24
files/routes/admin.py
View File

@ -300,11 +300,8 @@ def revert_actions(v, username):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2) @admin_level_required(2)
def club_allow(v, username): def club_allow(v, username):
u = get_user(username, v=v) u = get_user(username, v=v)
if not u: abort(404)
if u.admin_level >= v.admin_level: return {"error": "noob"}, 400 if u.admin_level >= v.admin_level: return {"error": "noob"}, 400
u.club_allowed = True u.club_allowed = True
@ -327,11 +324,8 @@ def club_allow(v, username):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2) @admin_level_required(2)
def club_ban(v, username): def club_ban(v, username):
u = get_user(username, v=v) u = get_user(username, v=v)
if not u: abort(404)
if u.admin_level >= v.admin_level: return {"error": "noob"}, 400 if u.admin_level >= v.admin_level: return {"error": "noob"}, 400
u.club_allowed = False u.club_allowed = False
@ -1121,12 +1115,7 @@ def mute_user(v, user_id, mute_status):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2) @admin_level_required(2)
def remove_post(post_id, v): def remove_post(post_id, v):
post = get_post(post_id) post = get_post(post_id)
if not post:
abort(400)
post.is_banned = True post.is_banned = True
post.is_approved = None post.is_approved = None
post.stickied = None post.stickied = None
@ -1164,9 +1153,6 @@ def approve_post(post_id, v):
if post.author.id == v.id and post.author.agendaposter and AGENDAPOSTER_PHRASE not in post.body.lower() and post.sub != 'chudrama': if post.author.id == v.id and post.author.agendaposter and AGENDAPOSTER_PHRASE not in post.body.lower() and post.sub != 'chudrama':
return {"error": "You can't bypass the chud award!"}, 400 return {"error": "You can't bypass the chud award!"}, 400
if not post:
abort(400)
if post.is_banned: if post.is_banned:
ma=ModAction( ma=ModAction(
kind="unban_post", kind="unban_post",
@ -1192,11 +1178,8 @@ def approve_post(post_id, v):
@app.post("/distinguish/<post_id>") @app.post("/distinguish/<post_id>")
@admin_level_required(1) @admin_level_required(1)
def distinguish_post(post_id, v): def distinguish_post(post_id, v):
post = get_post(post_id) post = get_post(post_id)
if not post: abort(404)
if post.author_id != v.id and v.admin_level < 2 : abort(403) if post.author_id != v.id and v.admin_level < 2 : abort(403)
if post.distinguish_level: if post.distinguish_level:
@ -1227,7 +1210,7 @@ def sticky_post(post_id, v):
abort(403) abort(403)
post = get_post(post_id) post = get_post(post_id)
if post and not post.stickied: if not post.stickied:
pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count() pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count()
if pins >= PIN_LIMIT: if pins >= PIN_LIMIT:
if v.admin_level > 2: if v.admin_level > 2:
@ -1255,7 +1238,7 @@ def sticky_post(post_id, v):
def unsticky_post(post_id, v): def unsticky_post(post_id, v):
post = get_post(post_id) post = get_post(post_id)
if post and post.stickied: if post.stickied:
if post.stickied.endswith('(pin award)'): return {"error": "Can't unpin award pins!"}, 403 if post.stickied.endswith('(pin award)'): return {"error": "Can't unpin award pins!"}, 403
post.stickied = None post.stickied = None
@ -1329,10 +1312,7 @@ def unsticky_comment(cid, v):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@admin_level_required(2) @admin_level_required(2)
def remove_comment(c_id, v): def remove_comment(c_id, v):
comment = get_comment(c_id) comment = get_comment(c_id)
if not comment:
abort(404)
comment.is_banned = True comment.is_banned = True
comment.is_approved = None comment.is_approved = None

6
files/routes/awards.py
View File

@ -133,8 +133,6 @@ def award_thing(v, thing_type, id):
if thing_type == 'post': thing = get_post(id) if thing_type == 'post': thing = get_post(id)
else: thing = get_comment(id) else: thing = get_comment(id)
if not thing: return {"error": f"This {thing_type} doesn't exist."}, 404
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500 if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
kind = request.values.get("kind", "").strip() kind = request.values.get("kind", "").strip()
@ -165,7 +163,7 @@ def award_thing(v, thing_type, id):
note = request.values.get("note", "").strip() note = request.values.get("note", "").strip()
author = thing.author author = thing.author
if author.shadowbanned: return {"error": f"This {thing_type} doesn't exist."}, 404 if author.shadowbanned: abort(404)
if SITE == 'rdrama.net' and author.id in (PIZZASHILL_ID, CARP_ID): if SITE == 'rdrama.net' and author.id in (PIZZASHILL_ID, CARP_ID):
return {"error": "This user is immune to awards."}, 403 return {"error": "This user is immune to awards."}, 403
@ -469,7 +467,7 @@ def admin_userawards_post(v):
whitelist = ("shit", "fireflies", "train", "scooter", "wholesome", "tilt", "glowie") whitelist = ("shit", "fireflies", "train", "scooter", "wholesome", "tilt", "glowie")
u = get_user(u, graceful=False, v=v) u = get_user(u, v=v)
notify_awards = {} notify_awards = {}

2
files/routes/posts.py
View File

@ -234,8 +234,6 @@ def post_id(pid, anything=None, v=None, sub=None):
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@auth_desired_with_logingate @auth_desired_with_logingate
def viewmore(v, pid, sort, offset): def viewmore(v, pid, sort, offset):
try: pid = int(pid)
except: abort(400)
post = get_post(pid, v=v) post = get_post(pid, v=v)
if post.club and not (v and (v.paid_dues or v.id == post.author_id)): abort(403) if post.club and not (v and (v.paid_dues or v.id == post.author_id)): abort(403)

2
files/routes/search.py
View File

@ -72,7 +72,6 @@ def searchposts(v):
if 'author' in criteria: if 'author' in criteria:
posts = posts.filter(Submission.ghost == False) posts = posts.filter(Submission.ghost == False)
author = get_user(criteria['author'], v=v, include_shadowbanned=False) author = get_user(criteria['author'], v=v, include_shadowbanned=False)
if not author: return {"error": "User not found"}, 400
if author.is_private and author.id != v.id and v.admin_level < 2 and not v.eye: if author.is_private and author.id != v.id and v.admin_level < 2 and not v.eye:
if request.headers.get("Authorization"): if request.headers.get("Authorization"):
return {"error": f"@{author.username}'s profile is private; You can't use the 'author' syntax on them"}, 400 return {"error": f"@{author.username}'s profile is private; You can't use the 'author' syntax on them"}, 400
@ -209,7 +208,6 @@ def searchcomments(v):
if 'author' in criteria: if 'author' in criteria:
comments = comments.filter(Comment.ghost == False) comments = comments.filter(Comment.ghost == False)
author = get_user(criteria['author'], v=v, include_shadowbanned=False) author = get_user(criteria['author'], v=v, include_shadowbanned=False)
if not author: return {"error": "User not found"}, 400
if author.is_private and author.id != v.id and v.admin_level < 2 and not v.eye: if author.is_private and author.id != v.id and v.admin_level < 2 and not v.eye:
if request.headers.get("Authorization"): if request.headers.get("Authorization"):
return {"error": f"@{author.username}'s profile is private; You can't use the 'author' syntax on them"}, 400 return {"error": f"@{author.username}'s profile is private; You can't use the 'author' syntax on them"}, 400

3
files/routes/subs.py
View File

@ -48,9 +48,6 @@ def exile_post(v, pid):
@is_not_permabanned @is_not_permabanned
def exile_comment(v, cid): def exile_comment(v, cid):
if v.shadowbanned: return {"error": "Internal Server Error"}, 500 if v.shadowbanned: return {"error": "Internal Server Error"}, 500
try: cid = int(cid)
except: abort(400)
c = get_comment(cid) c = get_comment(cid)
sub = c.post.sub sub = c.post.sub
if not sub: abort(400) if not sub: abort(400)

9
files/routes/users.py
View File

@ -458,8 +458,7 @@ def suicide(v, username):
@auth_required @auth_required
def get_coins(v, username): def get_coins(v, username):
user = get_user(username, v=v, include_shadowbanned=False) user = get_user(username, v=v, include_shadowbanned=False)
if user != None: return {"coins": user.coins}, 200 return {"coins": user.coins}
else: return {"error": "invalid_user"}, 404
@app.post("/@<username>/transfer_coins") @app.post("/@<username>/transfer_coins")
@limiter.limit("1/second;30/minute;200/hour;1000/day") @limiter.limit("1/second;30/minute;200/hour;1000/day")
@ -468,8 +467,6 @@ def get_coins(v, username):
def transfer_coins(v, username): def transfer_coins(v, username):
receiver = get_user(username, v=v, include_shadowbanned=False) receiver = get_user(username, v=v, include_shadowbanned=False)
if receiver is None: return {"error": "This user doesn't exist."}, 404
if receiver.id != v.id: if receiver.id != v.id:
amount = request.values.get("amount", "").strip() amount = request.values.get("amount", "").strip()
amount = int(amount) if amount.isdigit() else None amount = int(amount) if amount.isdigit() else None
@ -512,9 +509,7 @@ def transfer_coins(v, username):
@is_not_permabanned @is_not_permabanned
def transfer_bux(v, username): def transfer_bux(v, username):
receiver = get_user(username, v=v, include_shadowbanned=False) receiver = get_user(username, v=v, include_shadowbanned=False)
if not receiver: return {"error": "This user doesn't exist."}, 404
if receiver.id != v.id: if receiver.id != v.id:
amount = request.values.get("amount", "").strip() amount = request.values.get("amount", "").strip()
amount = int(amount) if amount.isdigit() else None amount = int(amount) if amount.isdigit() else None

4
files/routes/votes.py
View File

@ -133,10 +133,6 @@ def vote_comment(comment_id, new, v):
if request.headers.get("Authorization") and v.id != BBBB_ID: abort(403) if request.headers.get("Authorization") and v.id != BBBB_ID: abort(403)
new = int(new) new = int(new)
try: comment_id = int(comment_id)
except: abort(404)
comment = get_comment(comment_id) comment = get_comment(comment_id)
coin_delta = 1 coin_delta = 1

2
files/templates/userpage.html
View File

@ -440,7 +440,7 @@
{% if u.unban_utc %}<h5 class="text-primary" id="profile-mobile--unban">{{u.unban_string}}</h5>{% endif %} {% if u.unban_utc %}<h5 class="text-primary" id="profile-mobile--unban">{{u.unban_string}}</h5>{% endif %}
{% endif %} {% endif %}
{% if u.shadowbanned %} {% if v and v.admin_level >= 2 and u.shadowbanned %}
<h5 class="text-primary" id="profile-mobile--banned">SHADOWBANNED USER{% if u.ban_reason %}: {{u.ban_reason | safe}}{% endif %} (by <a href="/@{{u.shadowbanned}}">@{{u.shadowbanned}}</a>)</h5> <h5 class="text-primary" id="profile-mobile--banned">SHADOWBANNED USER{% if u.ban_reason %}: {{u.ban_reason | safe}}{% endif %} (by <a href="/@{{u.shadowbanned}}">@{{u.shadowbanned}}</a>)</h5>
{% endif %} {% endif %}

1
seed-db.sql
View File

@ -1261,6 +1261,7 @@ INSERT INTO public.marseys (name, author_id, tags, created_utc) VALUES
('marseychonker2',2,'fat obese pig disgusting fatty fattie',NULL), ('marseychonker2',2,'fat obese pig disgusting fatty fattie',NULL),
('marseychonkerbutch',2,'fat obese brap bitch dyke dangerhair lesbian',NULL), ('marseychonkerbutch',2,'fat obese brap bitch dyke dangerhair lesbian',NULL),
('marseychonkerfoid',2,'female woman fds fat obese hambeast landwhale porker pig bleeder birthing person bangs',NULL), ('marseychonkerfoid',2,'female woman fds fat obese hambeast landwhale porker pig bleeder birthing person bangs',NULL),
('marseychonkerfoidpuke',2,'fat huge sick yuck eat barf',1664574968),
('marseychristmas',2,'candy cane santa christmas holiday',NULL), ('marseychristmas',2,'candy cane santa christmas holiday',NULL),
('marseychristmasbulb',2,'ornament christmas happy holiday china',NULL), ('marseychristmasbulb',2,'ornament christmas happy holiday china',NULL),
('marseychristmasbulb2',2,'ornament holiday christmas',NULL), ('marseychristmasbulb2',2,'ornament holiday christmas',NULL),