gerudo
/
rDrama
forked from rDrama/rDrama
1
0
Fork 0
Code Pull Requests Activity
15,973 Commits
1 Branch
0 Tags
1.8 GiB
Commit Graph

12552 Commits (ace0a62f69ce426fa5e36c8d661dd52eb81c1113)

Author SHA1 Message Date
Snakes ace0a62f69 cron: Add lottery as scheduled task. 2022-06-07 07:36:55 -04:00
Aevann1 690d4d72ed Merge branch 'frost' of https://github.com/Aevann1/Drama into frost 2022-06-07 13:34:59 +02:00
Snakes e217335b3a Make pat anims unaffected by anim setting. 2022-06-07 07:29:07 -04:00
Aevann1 d431ae1ecd re-prioitize effortposts (with a lot of links) in the frontpage 2022-06-07 13:26:39 +02:00
Snakes b187b72746 Remove backdrop blur on modals. 
By direct command of Benevolent rDrama Caliph for Life, his
exaltedness Aevann. Was causing performance issues on a large
number of users' systems.
 2022-06-07 07:23:46 -04:00
Snakes acb3a0b338 Enable flask command, add cron target. 
Adding an empty __init__.py, the imports-only cli.py, and setting
FLASK_APP in the environment are enough to get the `flask` command
to work. This will enable future changes, including database
migrations.

The proximate reason for the fix is to add a `flask cron` command
to run scheduled tasks within the application from cron. Specifically,
the lottery should be run from cron.
 2022-06-07 06:57:26 -04:00
Aevann1 aaeb09fd91 add me to WPD discord too 2022-06-07 12:55:50 +02:00
Aevann1 ecc121bf93 fix gigantic wholesome award size on mobile 2022-06-07 12:52:48 +02:00
Aevann1 4a98c2a639 don't whitelist fagmins 2022-06-07 12:34:46 +02:00
Aevann1 1bce1c273f no more 500 error 2022-06-07 12:32:48 +02:00
Aevann1 4a1e6cc726 a 500 error is much better than an XSS, bro 2022-06-07 12:03:51 +02:00
Snakes cb5f9d05c6 templates: Fix improper plurals, create helpers. 
Previously, the three instances of 'Report[s]' and one instance of
'Coin[s]' in the UI templates were always pluralized, even when they
referred to a singular instance. This has been corrected by creating
a `plural` helper macro.

Additionally, this was used as impetus to create `utils/helpers.html`
to eventually move more recurring template logic into macros.
 2022-06-07 05:26:22 -04:00
Aevann1 f966262b97 Merge branch 'frost' of https://github.com/Aevann1/Drama into frost 2022-06-07 11:18:12 +02:00
Aevann1 d761fc27cd Revert "Make CARP_ID's flair uneditable by others." 
This reverts commit c2266985b7.
 2022-06-07 11:18:09 +02:00
Snakes 70b96162a7 Fix banned domain info leak in modlog. 2022-06-06 22:18:56 -04:00
Snakes dece3fd460 Add user title coin cost parameter. 2022-06-06 19:02:23 -04:00
Aevann1 4aeb438c6b extend removal notifs from only me to all Lvl3 jannies 2022-06-06 07:50:38 +02:00
Aevann1 282f8d885c Merge branch 'frost' of https://github.com/Aevann1/Drama into frost 2022-06-06 07:42:21 +02:00
Aevann1 b2ec368a7e give me a better discord role 2022-06-06 07:42:19 +02:00
Snakes 7556fe8988 Add lottershe badge logic, badge helper. 2022-06-06 00:07:38 -04:00
Aevann1 43dbcadc6b add me into jannycord 2022-06-05 17:05:43 +02:00
Snakes 0e0a8d391b Amend 20b136909: string comparison bug. 
Fixes logic which failed because user_id was a string which I
improperly treated as an integer for comparisons.
 2022-06-04 23:58:03 -04:00
Snakes c2266985b7 Make CARP_ID's flair uneditable by others. 
This is a kludge solution that sticks special case logic in places
it shouldn't be. However, community management demands necessitate it
quickly. Of the three ways to change a flair (customtitle), this
prevents using flairlocks and admin flair editing on the user with
CARP_ID. Only the user himself may change his flair through settings.
 2022-06-04 23:34:44 -04:00
Snakes 5fb358a32a Add more TLDs to sanitize. 2022-06-03 17:01:32 -04:00
Snakes 998a8f462e Add links to orphan endpoints. 2022-06-03 06:29:35 -04:00
Snakes b306d113ad Lottery: Fix treasure adding coins to manager. 
It was observed in prod that the lottery prize as tracked by the DB
had diverged from the amount held in the Lottershe manager account.
This appears to be the result of grant_lottery_tickets_to_user
adding the # of _tickets_ rather than the value of those tickets to
the manager.
 2022-06-03 02:24:32 -04:00
Snakes 843ff51ace Make post rate limit site-specific. 2022-06-02 22:10:59 -04:00
Snakes 379ae664a3 Make PIN_LIMIT a per-site constant. 2022-06-02 19:45:33 -04:00
Snakes 6b9a133204 Kitchen sink commit, misc. content updates. 
- Increment cache version on popover badges.
- Add comments+submission_listing.js to assetcache to support ^.
- Append new words to wordle list.
- Cache bust assorted assets for recent PRs.
 2022-06-02 19:32:13 -04:00
outruncolors dfd521b652 Add quantity field to purchasing tickets / Make Chapose the beneficiary (#302) 
* Add quantity field to purchasing tickets

* Remove height requirement for div (manlets  seething)
 2022-06-02 19:19:49 -04:00
float-trip 58c4b62163 Some fixes (#300) 
* Narrow emoji_regex

* Fix mirrored pat emojis

* Fix ban icon on posts/comments
 2022-06-02 19:18:10 -04:00
Snakes 2008c09136 Add 'filter' to allowed_styles. 2022-06-02 06:14:20 -04:00
Snakes df3127785a Rename 'shit emojis.json' for sanity. 2022-06-02 05:15:41 -04:00
Snakes 9bb84baf61 theme: Fix dramblr readability. 2022-06-01 20:01:26 -04:00
Snakes aa9b59e1cb Improve lottery UI theme compat. 2022-06-01 18:07:02 -04:00
Snakes fd1429a82f PCM content: swap banner. 2022-06-01 16:08:33 -04:00
float-trip d1fd7d4cc3 Remove margin-bottom on header tags in blockquotes (#299) 2022-06-01 02:31:34 -04:00
Snakes 227ddbec0e Truncate notifs with too-long bodies. 
In general, we don't do a great job of length validating body_html
fields. Lots of ways to get 500 errors by providing too long of
input. Really ought to find a way to fix it in the classes/comment.py
and classes/submission.py classes. In the interim, the recent gifts
messages change is salient because the notification can 500 out
mid-way through performing coin transactions.

Recommended to find a better way of truncating or safely bubbling
the exception up. Truncating probably not best long-term solution
because it could hypothetically permit strings that would otherwise
be considered unsanitized.
 2022-06-01 00:54:05 -04:00
Snakes 1d49012c16 Revise 16587cdf7cf5, expand assetcache. 
Assetcache: now supports js/userpage.js & js/userpage_v.js.
The three userpage*.html templates now implement it.

Revising gift messages 16587cdf7cf5:
  - routes/users.py: Deduplicate code, more descriptive var name.
  - templates/userpage.html: Move post-tax gift line below reasons
    box. Ultimately just an aesthetic change.
 2022-06-01 00:11:23 -04:00
Ubuntu 453d5f57a3 added a gift message to go with coin and bux transfers 2022-06-01 00:10:33 -04:00
Snakes 49622b3268 Lottery: add admin participants listing. 2022-05-31 23:20:39 -04:00
Snakes 193adb82d2 Lottery: fix page ready listener. 2022-05-31 22:55:31 -04:00
Snakes 8ae84214a3 Disable modal backdrop when !animations setting. 
Some users have complained about performance with the backdrop-filter
on .modal-backdrop.show. Partially as a kludge to avoid adding another
toggle, the 'animations' user setting now also disables the backdrop
filter. In practice, this may turn into a more general setting to
remove performance-intensive UI effects.
 2022-05-31 21:03:04 -04:00
Snakes 79e338de38 Treasure: raise minimum reward 10 -> 12. 
A rare case where users receive 0 lotto tickets from a treasure chest
occurs when they received 10 or 11 coins from a chest pre-conversion
to lotto tickets. Rather than change ticket_count to the ceil of
dividing coins by ticket cost, it seems less distortionary to instead
imperceptibly raise the minimum to avoid this case.
 2022-05-31 20:23:19 -04:00
Snakes b63e7c3d36 Cachebust badge images. 2022-05-31 13:07:08 -04:00
Snakes 5d56e71cc9 Rate limiter: fix 81e2a5a for logged-out. 2022-05-30 23:50:56 -04:00
Snakes 4ba2098612 Rate limiter: whitelist admins. 
Due to presently hitting perpetual 429s after a mishap with lottery
polling on production, among past events where admins have gotten
rate-limited for doing otherwise normal admin behavior, the
flask_limiter.Limiter now has a request filter to whitelist JL2+.
Despite running on every request, I don't anticipate this undermining
the DoS prevention power of the Limiter.

It is yet unknown whether there are edge cases where running
get_logged_in_user in a different spot in the request pipeline might
e.g. subtly break the logged-in counters. This is not expected at
present, however.
 2022-05-30 23:01:18 -04:00
Snakes c73f97c183 Finalize assets for lottery page. 2022-05-30 22:44:32 -04:00
outruncolors c2f598a17f Move lottery to own page (#296) 2022-05-30 22:40:38 -04:00
Snakes b85f23becb assetcache: Bust 2dda7529a4, expand. 2022-05-30 20:20:14 -04:00