rDrama
/
rDrama
9
10
Fork 8
Code Issues Pull Requests Packages Releases Wiki Activity
rDrama/files/routes/admin.py

2250 lines
71 KiB
Python
Raw Normal View History

mn
2022-05-04 23:09:46 +00:00
import time
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
from math import floor
add /admin/delete_media
2023-02-19 19:31:26 +00:00
import os
add end_utc to manual file orgies too
2023-10-03 07:43:39 +00:00
import ffmpeg
import consistency
2024-02-21 20:08:33 +00:00
import random
sync nonlive youtube orgy and make it end automatically
2024-03-02 20:03:21 +00:00
import isodate
dont use subprocess
2024-03-05 03:02:39 +00:00
import yt_dlp
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
paginate /admin/image_posts
2023-05-05 03:52:53 +00:00
from sqlalchemy.orm import load_only
Sort banned, chudded, etc listings by activity. The listings of users affected by jannied states are long. To make them more useful, sort by recent user activity (when v is allowed to view last_active) to know which accounts are still in use.
2022-12-10 04:46:19 +00:00
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.__main__ import app, cache, limiter
from files.classes import *
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
from files.classes.orgy import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.actions import *
mn
2022-05-04 23:09:46 +00:00
from files.helpers.alerts import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.cloudflare import *
[DO NOT MERGE] multiple sub banners (#59) allows multiple sub banners Snakes note: By request of Carp, especially for WPD. Co-authored-by: justcool393 <justcool393@gmail.com> Co-authored-by: Snakes <duolsm@outlook.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/59 Co-authored-by: justcool393 <justcool393@noreply.fsdfsd.net> Co-committed-by: justcool393 <justcool393@noreply.fsdfsd.net>
2022-12-11 23:44:34 +00:00
from files.helpers.config.const import *
refactor slurs and profanities and put them in their own file
2023-09-22 17:01:30 +00:00
from files.helpers.slurs_and_profanities import censor_slurs_profanities
mn
2022-05-04 23:09:46 +00:00
from files.helpers.get import *
vid refactor
2022-05-22 16:13:19 +00:00
from files.helpers.media import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.helpers.sanitize import *
from files.helpers.security import *
sync under_attack setting with cloudflare everytime a janny visits /admin
2024-01-12 11:29:40 +00:00
from files.helpers.settings import *
actions: move user-only actions to useractions, which gets rid of a circular dependency
2022-11-01 23:46:56 +00:00
from files.helpers.useractions import *
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
from files.routes.routehelpers import check_for_alts
from files.routes.wrappers import *
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
from files.routes.routehelpers import get_alt_graph, get_alt_graph_ids
add button to claim paypig rewards for all users
2023-08-01 01:28:29 +00:00
from files.routes.users import claim_rewards_all_users
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
add progstack btn to comments
2023-01-25 11:35:37 +00:00
from .front import frontlist, comment_idlist
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
fds
2022-05-25 20:16:26 +00:00
@app.get('/admin/loggedin')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
view active users perm
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
fds
2022-05-25 20:16:26 +00:00
def loggedin_list(v):
use SITE as a prefix for flask_cache
2023-03-25 20:57:27 +00:00
ids = [x for x,val in cache.get('loggedin').items() if time.time()-val < LOGGEDIN_ACTIVE_TIME]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.id.in_(ids)).order_by(User.admin_level.desc(), User.truescore.desc()).all()
admin: move admin pages to admin dir
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedin.html", v=v, users=users)
fds
2022-05-25 20:16:26 +00:00
gfd
2022-05-26 20:31:08 +00:00
@app.get('/admin/loggedout')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
view active users perm
2022-10-06 03:29:14 +00:00
@admin_level_required(PERMS['VIEW_ACTIVE_USERS'])
gfd
2022-05-26 20:31:08 +00:00
def loggedout_list(v):
use SITE as a prefix for flask_cache
2023-03-25 20:57:27 +00:00
users = sorted([val[1] for x,val in cache.get('loggedout').items() if time.time()-val[0] < LOGGEDIN_ACTIVE_TIME])
admin: move admin pages to admin dir
2022-11-15 19:08:41 +00:00
return render_template("admin/loggedout.html", v=v, users=users)
mn
2022-05-04 23:09:46 +00:00
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
@app.get('/admin/dm_media')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
@admin_level_required(PERMS['ENABLE_DM_MEDIA'])
def dm_media(v):
remove unnecessary shit
2023-09-14 23:19:44 +00:00
with open(f"{LOG_DIRECTORY}/dm_media.log", "r") as f:
make a UI for /admin/dm_images
2023-01-27 12:24:39 +00:00
items=f.read().split("\n")[:-1]
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = len(items)
make a UI for /admin/dm_images
2023-01-27 12:24:39 +00:00
items = [x.split(", ") for x in items]
paginate /admin/dm_images
2023-02-22 14:36:52 +00:00
items.reverse()
make a UI for /admin/dm_images
2023-01-27 12:24:39 +00:00
paginate /admin/dm_images
2023-02-22 14:36:52 +00:00
try: page = int(request.values.get('page', 1))
except: page = 1
firstrange = PAGE_SIZE * (page - 1)
use new pagination system
2023-05-05 00:50:36 +00:00
secondrange = firstrange + PAGE_SIZE
fix last commit
2023-02-22 14:43:39 +00:00
items = items[firstrange:secondrange]
paginate /admin/dm_images
2023-02-22 14:36:52 +00:00
rename dm_images to dm_media
2023-05-12 15:27:46 +00:00
return render_template("admin/dm_media.html", v=v, items=items, total=total, page=page)
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
@app.get('/admin/edit_rules')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
@admin_level_required(PERMS['EDIT_RULES'])
def edit_rules_get(v):
try:
remove unnecessary shit
2023-09-14 23:19:44 +00:00
with open(f'files/templates/rules_{SITE_NAME}.html', 'r') as f:
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
rules = f.read()
except:
rules = None
return render_template('admin/edit_rules.html', v=v, rules=rules)
@app.post('/admin/edit_rules')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dedup DEFAULT_RATELIMIT
2023-08-06 07:30:34 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
@admin_level_required(PERMS['EDIT_RULES'])
def edit_rules_post(v):
rules = request.values.get('rules', '').strip()
limit the "show more" button to comments only
2023-06-08 01:36:41 +00:00
rules = sanitize(rules, blackjack="rules")
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
remove unnecessary shit
2023-09-14 23:19:44 +00:00
with open(f'files/templates/rules_{SITE_NAME}.html', 'w+') as f:
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
f.write(rules)
kitchen sink commit
2023-08-11 21:50:23 +00:00
ma = ModAction(
kind="edit_rules",
user_id=v.id,
)
g.db.add(ma)
return {"message": "Rules edited successfully!"}
allow JL3 to edit rules (#39) Co-authored-by: Aevann1 <randomname42029@gmail.com> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/39 Co-authored-by: Aevann <aevann@noreply.fsdfsd.net> Co-committed-by: Aevann <aevann@noreply.fsdfsd.net>
2022-12-05 05:22:08 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/make_admin")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add and remove admin permissions
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_ADD'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def make_admin(v, username):
mn
2022-05-04 23:09:46 +00:00
user = get_user(username)
Remove redundant `if not user: abort()` checks.
2022-09-01 21:44:40 +00:00
tweak admin perms
2023-01-29 08:28:29 +00:00
user.admin_level = 1
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="make_admin",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) added you as an admin!")
add notification for make_admin and remove_admin
2022-12-21 14:38:02 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{user.username} has been made admin!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/@<username>/remove_admin")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add and remove admin permissions
2022-10-06 03:37:18 +00:00
@admin_level_required(PERMS['ADMIN_REMOVE'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def remove_admin(v, username):
disable removing jannies in devrama
2022-12-27 04:01:57 +00:00
if SITE == 'devrama.net':
abort(403, "You can't remove admins on devrama!")
mn
2022-05-04 23:09:46 +00:00
user = get_user(username)
dont allow admins to remove themselves
2022-12-09 05:58:44 +00:00
same as last commit
2023-01-20 01:31:51 +00:00
if user.admin_level > v.admin_level:
add clearer error messages
2024-02-16 13:23:48 +00:00
abort(403, "You can't remove an admin with higher level than you.")
same as last commit
2023-01-20 01:31:51 +00:00
clicking twice shouldn't generate a mod log
2022-12-16 20:17:03 +00:00
if user.admin_level:
user.admin_level = 0
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
clicking twice shouldn't generate a mod log
2022-12-16 20:17:03 +00:00
ma = ModAction(
kind="remove_admin",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) removed you as an admin!")
add notification for make_admin and remove_admin
2022-12-21 14:38:02 +00:00
more detailed success message description
2022-09-11 14:32:00 +00:00
return {"message": f"@{user.username} has been removed as admin!"}
mn
2022-05-04 23:09:46 +00:00
allow making bets in comments
2023-03-12 17:36:35 +00:00
@app.post("/distribute/<kind>/<int:option_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Revert "make it so only the post author can declare winner and not all admins" This reverts commit 9e1425d93e7d8457a09c8c94b3660f707b148446.
2022-12-02 22:08:46 +00:00
@admin_level_required(PERMS['POST_BETS_DISTRIBUTE'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def distribute(v, kind, option_id):
rename submissions to posts
2023-06-07 23:26:32 +00:00
if kind == 'post': cls = PostOption
allow making bets in comments
2023-03-12 17:36:35 +00:00
else: cls = CommentOption
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
option = g.db.get(cls, option_id)
restore betting
2022-08-26 21:53:17 +00:00
add clearer error messages
2024-02-16 13:23:48 +00:00
if option.exclusive != 2:
abort(400, "This is not a bet.")
make bets better
2022-09-08 18:25:45 +00:00
option.exclusive = 3
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(option)
make bets better
2022-09-08 18:25:45 +00:00
allow making bets in comments
2023-03-12 17:36:35 +00:00
parent = option.parent
restore betting
2022-08-26 21:53:17 +00:00
pool = 0
allow making bets in comments
2023-03-12 17:36:35 +00:00
for o in parent.options:
fix betting rewards
2022-09-30 15:38:47 +00:00
if o.exclusive >= 2: pool += o.upvotes
use constant instead of literal 200 for poll bets
2022-10-05 06:07:53 +00:00
pool *= POLL_BET_COINS
restore betting
2022-08-26 21:53:17 +00:00
votes = option.votes
handle 500 error
2023-08-24 06:22:10 +00:00
if not votes:
abort(400, "Nobody voted on that, it can't be the winner!")
restore betting
2022-08-26 21:53:17 +00:00
coinsperperson = int(pool / len(votes))
use textlink more
2024-02-20 00:01:10 +00:00
text = f"You won {coinsperperson} coins betting on {parent.textlink} :marseyparty:"
add push notifs to add_notif()
2023-02-24 02:28:10 +00:00
cid = notif_comment(text)
restore betting
2022-08-26 21:53:17 +00:00
for vote in votes:
u = vote.user
capitalize
2024-03-02 17:24:07 +00:00
u.pay_account('coins', coinsperperson, f"Bet winnings on {parent.textlink}")
add missing pushnotif_url
2023-08-16 23:04:56 +00:00
add_notif(cid, u.id, text, pushnotif_url=parent.permalink)
restore betting
2022-08-26 21:53:17 +00:00
use textlink more
2024-02-20 00:01:10 +00:00
text = f"You lost the {POLL_BET_COINS} coins you bet on {parent.textlink} :marseylaugh:"
add push notifs to add_notif()
2023-02-24 02:28:10 +00:00
cid = notif_comment(text)
restore betting
2022-08-26 21:53:17 +00:00
losing_voters = []
allow making bets in comments
2023-03-12 17:36:35 +00:00
for o in parent.options:
remove unnecessary check
2022-09-23 12:09:33 +00:00
if o.exclusive == 2:
restore betting
2022-08-26 21:53:17 +00:00
losing_voters.extend([x.user_id for x in o.votes])
for uid in losing_voters:
add missing pushnotif_url
2023-08-16 23:04:56 +00:00
add_notif(cid, uid, text, pushnotif_url=parent.permalink)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
if isinstance(parent, Post):
allow making bets in comments
2023-03-12 17:36:35 +00:00
ma = ModAction(
kind="distribute",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=parent.id
allow making bets in comments
2023-03-12 17:36:35 +00:00
)
else:
ma = ModAction(
kind="distribute",
user_id=v.id,
target_comment_id=parent.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
restore betting
2022-08-26 21:53:17 +00:00
return {"message": f"Each winner has received {coinsperperson} coins!"}
mn
2022-05-04 23:09:46 +00:00
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
@app.post("/@<username>/revert_actions")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
@admin_level_required(PERMS['ADMIN_ACTIONS_REVERT'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def revert_actions(v, username):
fix reverting admin actions showing wrong username in toast
2022-12-28 09:47:30 +00:00
revertee = get_user(username)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
same as last commit
2023-01-20 01:31:51 +00:00
if revertee.admin_level > v.admin_level:
add clearer error messages
2024-02-16 13:23:48 +00:00
abort(403, "You can't revert the actions of an admin with higher level that you.")
same as last commit
2023-01-20 01:31:51 +00:00
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
ma = ModAction(
kind="revert",
user_id=v.id,
fix reverting admin actions showing wrong username in toast
2022-12-28 09:47:30 +00:00
target_user_id=revertee.id
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
cutoff = int(time.time()) - 86400
same as last commit
2023-08-11 13:15:34 +00:00
posts = [x[0] for x in g.db.query(ModAction.target_post_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_post')]
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).filter(Post.id.in_(posts)).all()
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
same as last commit
2023-08-11 13:15:34 +00:00
comments = [x[0] for x in g.db.query(ModAction.target_comment_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind == 'ban_comment')]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comments = g.db.query(Comment).filter(Comment.id.in_(comments)).all()
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
for item in posts + comments:
item.is_banned = False
item.ban_reason = None
item.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(item)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
same as last commit
2023-08-11 13:15:34 +00:00
users = (x[0] for x in g.db.query(ModAction.target_user_id).filter(ModAction.user_id == revertee.id, ModAction.created_utc > cutoff, ModAction.kind.in_(('shadowban', 'ban_user'))))
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
users = g.db.query(User).filter(User.id.in_(users)).all()
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
for user in users:
user.shadowbanned = None
order unban_utc properly
2024-02-02 22:39:02 +00:00
user.unban_utc = None
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
user.ban_reason = None
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
user.shadowban_reason = None
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
if user.is_banned:
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
user.is_banned = None
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unbanned you!")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for u in get_alt_graph(user.id):
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
u.shadowbanned = None
order unban_utc properly
2024-02-02 22:39:02 +00:00
u.unban_utc = None
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
u.ban_reason = None
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
u.shadowban_reason = None
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
if u.is_banned:
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
u.is_banned = None
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(u.id, f"@{v.username} (a site admin) has unbanned you!")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(u)
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
fix reverting admin actions showing wrong username in toast
2022-12-28 09:47:30 +00:00
return {"message": f"@{revertee.username}'s admin actions have been reverted!"}
re-add revert admin actions function and also fix a bug with it
2022-10-08 04:07:44 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/shadowbanned")
stop /admin/shadowbanned from taking so long
2023-08-23 11:13:35 +00:00
@limiter.limit(DEFAULT_RATELIMIT)
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
more shadowban refactor
2022-10-12 06:53:32 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
mn
2022-05-04 23:09:46 +00:00
def shadowbanned(v):
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
sort = request.values.get("sort")
order /admin/shadowbanned by ban reason
2023-06-24 18:18:17 +00:00
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
page = get_page()
users = g.db.query(User).filter(User.shadowbanned != None)
total = users.count()
if sort == "name":
try smth
2024-02-20 19:59:27 +00:00
key = User.username
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
elif sort == "truescore":
try smth
2024-02-20 19:59:27 +00:00
key = User.truescore.desc()
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
elif sort == "shadowban_reason":
try smth
2024-02-20 19:59:27 +00:00
users1 = users.filter(User.shadowban_reason == 'Under Siege').all()
users2 = users.filter(User.shadowban_reason != 'Under Siege').order_by(User.shadowban_reason).all()
users = users1 + users2
users = users[PAGE_SIZE*(page-1):]
users = users[:PAGE_SIZE]
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
elif sort == "shadowbanned_by":
try smth
2024-02-20 19:59:27 +00:00
key = User.shadowbanned
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
else:
sort = "last_active"
try smth
2024-02-20 19:59:27 +00:00
key = User.last_active.desc()
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
try smth
2024-02-20 19:59:27 +00:00
if not isinstance(users, list):
users = users.order_by(key).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
paginate /admin/shadowbanned
2024-02-02 23:15:12 +00:00
return render_template("admin/shadowbanned.html", v=v, users=users, sort=sort, total=total, page=page)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/image_posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def image_posts_listing(v):
try: page = int(request.values.get('page', 1))
except: page = 1
rename submissions to posts
2023-06-07 23:26:32 +00:00
posts = g.db.query(Post).options(
load_only(Post.id, Post.url)
).order_by(Post.id.desc())
paginate /admin/image_posts
2023-05-05 03:52:53 +00:00
posts = [x.id for x in posts if x.is_image]
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = len(posts)
mn
2022-05-04 23:09:46 +00:00
listings: constantify PAGE_SIZE as 25 magic numbers are bad, do better next time
2022-10-29 03:20:48 +00:00
firstrange = PAGE_SIZE * (page - 1)
paginate /admin/image_posts
2023-05-05 03:52:53 +00:00
secondrange = firstrange + PAGE_SIZE
posts = posts[firstrange:secondrange]
posts = get_posts(posts, v=v)
mn
2022-05-04 23:09:46 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
return render_template("admin/image_posts.html", v=v, listing=posts, total=total, page=page, sort="new")
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def reported_posts(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
fix /reported/posts having much less than PAGE_SIZE
2024-02-03 03:01:58 +00:00
listing = g.db.query(Post).distinct(Post.id).options(load_only(Post.id)).filter_by(
test smth in staging
2023-05-05 05:14:03 +00:00
is_approved=None,
is_banned=False,
deleted_utc=0
make wpd report queue usable
2024-02-16 21:58:27 +00:00
).join(Post.reports).join(User, User.id == Report.user_id).filter(User.shadowbanned == None, User.is_muted == False)
test smth in staging
2023-05-05 05:14:03 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = listing.order_by(Post.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
mn
2022-05-04 23:09:46 +00:00
listing = [p.id for p in listing]
listing = get_posts(listing, v=v)
return render_template("admin/reported_posts.html",
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total, listing=listing, page=page, v=v)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/reported/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def reported_comments(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
fix /reported/posts having much less than PAGE_SIZE
2024-02-03 03:01:58 +00:00
listing = g.db.query(Comment).distinct(Comment.id).options(load_only(Comment.id)).filter_by(
paginate reported/comments
2023-05-05 05:26:53 +00:00
is_approved=None,
is_banned=False,
deleted_utc=0
fix 500 error
2024-02-16 21:59:29 +00:00
).join(Comment.reports).join(User, User.id == CommentReport.user_id).filter(User.shadowbanned == None, User.is_muted == False)
paginate reported/comments
2023-05-05 05:26:53 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
mn
2022-05-04 23:09:46 +00:00
paginate reported/comments
2023-05-05 05:26:53 +00:00
listing = listing.order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE)
mn
2022-05-04 23:09:46 +00:00
listing = [c.id for c in listing]
listing = get_comments(listing, v=v)
return render_template("admin/reported_comments.html",
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total,
casino + style shit
2022-09-04 23:15:37 +00:00
listing=listing,
page=page,
v=v,
standalone=True)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
use ban permission for muting and also add a user home permission (wonder if should be the same as mop perm)
2022-10-06 05:54:48 +00:00
@admin_level_required(PERMS['ADMIN_HOME_VISIBLE'])
mn
2022-05-04 23:09:46 +00:00
def admin_home(v):
fix /admin in localhost
2024-01-31 23:27:01 +00:00
if CLOUDFLARE_AVAILABLE:
under_attack = (requests.get(f"{CLOUDFLARE_API_URL}/zones/{CF_ZONE}/settings/security_level", headers=CF_HEADERS, timeout=CLOUDFLARE_REQUEST_TIMEOUT_SECS).json()['result']['value'] == "under_attack")
set_setting('under_attack', under_attack)
make under_attack a setting and use it in /submit for WPD
2023-02-09 03:50:30 +00:00
return render_template("admin/admin_home.html", v=v)
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/site_settings/<setting>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
settings, cache, and domain ban permissions
2022-10-06 04:26:15 +00:00
@admin_level_required(PERMS['SITE_SETTINGS'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def change_settings(v, setting):
antispam: under siege mode
2022-11-30 17:37:35 +00:00
if setting not in get_settings().keys():
abort(404, f"Setting '{setting}' not found")
add "offline mode"
2023-03-25 21:35:13 +00:00
if setting == "offline_mode" and v.admin_level < PERMS["SITE_OFFLINE_MODE"]:
abort(403, "You can't change this setting!")
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
val = toggle_setting(setting)
if val: word = 'enable'
mn
2022-05-04 23:09:46 +00:00
else: word = 'disable'
disable modaction for login_required
2023-01-24 05:48:27 +00:00
make under_attack a setting and use it in /submit for WPD
2023-02-09 03:50:30 +00:00
if setting == "under_attack":
new_security_level = 'under_attack' if val else 'high'
if not set_security_level(new_security_level):
fix typo
2023-02-09 04:00:37 +00:00
abort(400, f'Failed to {word} under attack mode')
make under_attack a setting and use it in /submit for WPD
2023-02-09 03:50:30 +00:00
restore login_required mod log
2023-03-01 20:45:42 +00:00
ma = ModAction(
kind=f"{word}_{setting}",
user_id=v.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
disable modaction for login_required
2023-01-24 05:48:27 +00:00
antispam: under siege mode
2022-11-30 17:37:35 +00:00
return {'message': f"{setting.replace('_', ' ').title()} {word}d successfully!"}
mn
2022-05-04 23:09:46 +00:00
change clearing cache terminology
2022-11-06 05:28:44 +00:00
@app.post("/admin/clear_cloudflare_cache")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename cache purge things to include prefix
2022-10-06 06:21:04 +00:00
@admin_level_required(PERMS['SITE_CACHE_PURGE_CDN'])
change clearing cache terminology
2022-11-06 05:28:44 +00:00
def clear_cloudflare_cache(v):
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
if not clear_entire_cache():
change clearing cache terminology
2022-11-06 05:28:44 +00:00
abort(400, 'Failed to clear cloudflare cache!')
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
change clearing cache terminology
2022-11-06 05:28:44 +00:00
kind="clear_cloudflare_cache",
mn
2022-05-04 23:09:46 +00:00
user_id=v.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
change clearing cache terminology
2022-11-06 05:28:44 +00:00
return {"message": "Cloudflare cache cleared!"}
mn
2022-05-04 23:09:46 +00:00
add button to claim paypig rewards for all users
2023-08-01 01:28:29 +00:00
@app.post("/admin/claim_rewards_all_users")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CLAIM_REWARDS_ALL_USERS'])
def admin_claim_rewards_all_users(v):
claim_rewards_all_users()
return {"message": "User rewards claimed!"}
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
def admin_badges_grantable_list(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
query = g.db.query(BadgeDef)
badge perm shit
2022-11-30 21:15:07 +00:00
add jl5 (for me)
2023-01-22 08:04:49 +00:00
if BADGE_BLACKLIST and v.admin_level < PERMS['IGNORE_BADGE_BLACKLIST']:
simplify badge granting/removal
2022-12-07 19:03:06 +00:00
query = query.filter(BadgeDef.id.notin_(BADGE_BLACKLIST))
badge perm shit
2022-11-30 21:15:07 +00:00
WPD: constantify badge whitelist, extend set.
2022-11-27 21:49:20 +00:00
badge_types = query.order_by(BadgeDef.id).all()
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
return badge_types
@app.get("/admin/badge_grant")
@app.get("/admin/badge_remove")
@feature_required('BADGES')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
@admin_level_required(PERMS['USER_BADGES'])
def badge_grant_get(v):
add "give badge" button to profiles for easier badging
2023-08-05 10:24:37 +00:00
grant = request.path.endswith("grant")
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
badge_types = admin_badges_grantable_list(v)
WPD: constantify badge whitelist, extend set.
2022-11-27 21:49:20 +00:00
return render_template("admin/badge_admin.html", v=v,
badge_types=badge_types, grant=grant)
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_grant")
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user badge permissions
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
mn
2022-05-04 23:09:46 +00:00
def badge_grant_post(v):
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
badges = admin_badges_grantable_list(v)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
usernames = request.values.get("usernames", "").strip()
if not usernames:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "You must enter usernames!")
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
for username in usernames.split():
remove unnecessary graceful=True from get_user() usages
2023-09-06 18:13:32 +00:00
user = get_user(username)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
try: badge_id = int(request.values.get("badge_id"))
add clearer error messages
2024-02-16 13:23:48 +00:00
except: abort(400, "Invalid badge id.")
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if badge_id not in [b.id for b in badges]:
abort(403, "You can't grant this badge!")
make it possible to edit badge attributes without removing and re-granting them
2022-12-23 01:01:24 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
description = request.values.get("description")
add url requirement to 8 badges
2023-08-05 19:36:32 +00:00
url = request.values.get("url", "").strip()
remove url requirement for sk8r boi badge
2023-08-18 21:06:57 +00:00
if badge_id in {63,74,149,178,180,240,241,242,248,286,291,293} and not url:
add url requirement to 8 badges
2023-08-05 19:36:32 +00:00
abort(400, "This badge requires a url!")
make it possible to edit badge attributes without removing and re-granting them
2022-12-23 01:01:24 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if url:
add clearer error messages
2024-02-16 13:23:48 +00:00
if '\\' in url: abort(400, "Nice try nigger.")
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if url.startswith(f'{SITE_FULL}/'):
url = url.split(SITE_FULL, 1)[1]
make sure url is null not ''
2023-08-05 19:51:01 +00:00
else:
url = None
fix badge_grant errors for the api
2023-03-17 17:59:55 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
existing = user.has_badge(badge_id)
if existing:
if url or description:
existing.url = url
existing.description = description
g.db.add(existing)
fix badge flow
2023-08-04 13:16:05 +00:00
continue
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
new_badge = Badge(
badge_id=badge_id,
user_id=user.id,
url=url,
description=description
)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
g.db.add(new_badge)
g.db.flush()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if v.id != user.id:
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
text = f"@{v.username} (a site admin) has given you the following profile badge:\n\n{new_badge.path}\n\n**{new_badge.name}**\n\n{new_badge.badge.description}"
improve notifications
2023-10-13 20:02:17 +00:00
if new_badge.description:
minor improvement to notif
2023-10-13 20:07:14 +00:00
text += f'\n\n> {new_badge.description}'
improve notifications
2023-10-13 20:02:17 +00:00
if new_badge.url:
minor improvement to notif
2023-10-13 20:07:14 +00:00
text += f'\n\n> {new_badge.url}'
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
send_repeatable_notification(user.id, text)
improvement to note
2023-10-13 19:49:09 +00:00
note = new_badge.name
if new_badge.description:
note += f' - {new_badge.description}'
improve notifications
2023-10-13 20:02:17 +00:00
if new_badge.url:
note += f' - {new_badge.url}'
improvement to note
2023-10-13 19:49:09 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
ma = ModAction(
kind="badge_grant",
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=note,
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
)
g.db.add(ma)
make it possible to edit badge attributes without removing and re-granting them
2022-12-23 01:01:24 +00:00
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Badge granted to users successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/badge_remove")
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@feature_required('BADGES')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user badge permissions
2022-10-06 03:50:02 +00:00
@admin_level_required(PERMS['USER_BADGES'])
mn
2022-05-04 23:09:46 +00:00
def badge_remove_post(v):
Unify admin badge page listings source.
2022-11-27 22:02:18 +00:00
badges = admin_badges_grantable_list(v)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
usernames = request.values.get("usernames", "").strip()
if not usernames:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "You must enter usernames!")
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
for username in usernames.split():
remove unnecessary graceful=True from get_user() usages
2023-09-06 18:13:32 +00:00
user = get_user(username)
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
try: badge_id = int(request.values.get("badge_id"))
add clearer error messages
2024-02-16 13:23:48 +00:00
except: abort(400, "Invalid badge id.")
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if badge_id not in [b.id for b in badges]:
add clearer error messages
2024-02-16 13:23:48 +00:00
abort(403, "You're not allowed to remove this badge.")
add whitelist of badge_granting on WPD, and disallow removing award badges
2022-10-14 17:11:39 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
badge = user.has_badge(badge_id)
fix 500 error
2023-08-04 16:15:51 +00:00
if not badge: continue
mn
2022-05-04 23:09:46 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
if v.id != user.id:
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
text = f"@{v.username} (a site admin) has removed the following profile badge from you:\n\n{badge.path}\n\n**{badge.name}**\n\n{badge.badge.description}"
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
send_repeatable_notification(user.id, text)
give notif on bagde removal
2022-09-13 10:27:09 +00:00
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
ma = ModAction(
kind="badge_remove",
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=badge.name
add mass badge granting and removal
2023-08-03 04:42:58 +00:00
)
g.db.add(ma)
g.db.delete(badge)
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Badge removed from users successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/alt_votes")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
some admin perms and also fix search
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['VIEW_ALT_VOTES'])
mn
2022-05-04 23:09:46 +00:00
def alt_votes_get(v):
u1 = request.values.get("u1")
u2 = request.values.get("u2")
if not u1 or not u2:
return render_template("admin/alt_votes.html", v=v)
u1 = get_user(u1)
u2 = get_user(u2)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_post_ups = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u1.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_post_downs = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u1.id,
vote_type=-1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_comment_ups = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u1_comment_downs = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u1.id,
vote_type=-1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_post_ups = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u2.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_post_downs = g.db.query(
rename submissions to posts
2023-06-07 23:26:32 +00:00
Vote.post_id).filter_by(
mn
2022-05-04 23:09:46 +00:00
user_id=u2.id,
vote_type=-1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_comment_ups = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=1).all()
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
u2_comment_downs = g.db.query(
mn
2022-05-04 23:09:46 +00:00
CommentVote.comment_id).filter_by(
user_id=u2.id,
vote_type=-1).all()
data = {}
data['u1_only_post_ups'] = len(
[x for x in u1_post_ups if x not in u2_post_ups])
data['u2_only_post_ups'] = len(
[x for x in u2_post_ups if x not in u1_post_ups])
data['both_post_ups'] = len(list(set(u1_post_ups) & set(u2_post_ups)))
data['u1_only_post_downs'] = len(
[x for x in u1_post_downs if x not in u2_post_downs])
data['u2_only_post_downs'] = len(
[x for x in u2_post_downs if x not in u1_post_downs])
data['both_post_downs'] = len(
list(set(u1_post_downs) & set(u2_post_downs)))
data['u1_only_comment_ups'] = len(
[x for x in u1_comment_ups if x not in u2_comment_ups])
data['u2_only_comment_ups'] = len(
[x for x in u2_comment_ups if x not in u1_comment_ups])
data['both_comment_ups'] = len(
list(set(u1_comment_ups) & set(u2_comment_ups)))
data['u1_only_comment_downs'] = len(
[x for x in u1_comment_downs if x not in u2_comment_downs])
data['u2_only_comment_downs'] = len(
[x for x in u2_comment_downs if x not in u1_comment_downs])
data['both_comment_downs'] = len(
list(set(u1_comment_downs) & set(u2_comment_downs)))
data['u1_post_ups_unique'] = 100 * \
data['u1_only_post_ups'] // len(u1_post_ups) if u1_post_ups else 0
data['u2_post_ups_unique'] = 100 * \
data['u2_only_post_ups'] // len(u2_post_ups) if u2_post_ups else 0
data['u1_post_downs_unique'] = 100 * \
data['u1_only_post_downs'] // len(
u1_post_downs) if u1_post_downs else 0
data['u2_post_downs_unique'] = 100 * \
data['u2_only_post_downs'] // len(
u2_post_downs) if u2_post_downs else 0
data['u1_comment_ups_unique'] = 100 * \
data['u1_only_comment_ups'] // len(
u1_comment_ups) if u1_comment_ups else 0
data['u2_comment_ups_unique'] = 100 * \
data['u2_only_comment_ups'] // len(
u2_comment_ups) if u2_comment_ups else 0
data['u1_comment_downs_unique'] = 100 * \
data['u1_only_comment_downs'] // len(
u1_comment_downs) if u1_comment_downs else 0
data['u2_comment_downs_unique'] = 100 * \
data['u2_only_comment_downs'] // len(
u2_comment_downs) if u2_comment_downs else 0
return render_template("admin/alt_votes.html",
casino + style shit
2022-09-04 23:15:37 +00:00
u1=u1,
u2=u2,
v=v,
data=data
)
mn
2022-05-04 23:09:46 +00:00
no extra backslash
2024-03-06 22:04:35 +00:00
@app.get("/admin/alts")
@app.get("/@<username>/alts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@admin_level_required(PERMS['USER_LINK'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def admin_view_alts(v, username=None):
fix /admin/alts
2023-01-24 10:32:06 +00:00
u = get_user(username or request.values.get('username'), graceful=True)
return render_template('admin/alts.html', v=v, u=u, alts=u.alts if u else None)
mn
2022-05-04 23:09:46 +00:00
no extra backslash
2024-03-06 22:04:35 +00:00
@app.post('/@<username>/alts')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
some admin perms and also fix search
2022-10-06 05:37:50 +00:00
@admin_level_required(PERMS['USER_LINK'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def admin_add_alt(v, username):
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user1 = get_user(username)
user2 = get_user(request.values.get('other_username'))
if user1.id == user2.id: abort(400, "Can't add the same account as alts of each other")
ids = [user1.id, user2.id]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
if a: abort(409, f"@{user1.username} and @{user2.username} are already known alts!")
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
a = Alt(
user1=user1.id,
user2=user2.id,
[DO NOT MERGE] import detanglation (#442) * move Base definition to files.classes.__init__.py * fix ImportError * move userpage listing to users.py * don't import the app from classes * consts: set default values to avoid crashes consts: warn if the secret key is the default config value * card view: sneed (user db schema) * cloudflare: use DEFAULT_CONFIG_VALUE * const: set default values * decouple media.py from __main__ * pass database to avoid imports * import cleanup and import request not in const, but in the requests mega import * move asset_submissions site check to __init__ * asset submissions feature flag * flag * g.is_tor * don't import request where it's not needed * i think this is fine * mail: move to own routes and helper * wrappers * required wrappers move * unfuck wrappers a bit * move snappy quotes and marseys to stateful consts * marsify * :pepodrool: * fix missing import * import cache * ...and settings.py * and static.py * static needs cache * route * lmao all of the jinja shit was in feeds.py amazing * classes should only import what they need from flask * import Response * hdjbjdhbhjf * ... * dfdfdfdf * make get a non-required import * isort imports (mostly) * but actually * configs * reload config on import * fgfgfgfg * config * config * initialize snappy and test * cookie of doom debug * edfjnkf * xikscdfd * debug config * set session cookie domain, i think this fixes the can't login bug * sdfbgnhvfdsghbnjfbdvvfghnn * hrsfxgf * dump the entire config on a request * kyskyskyskyskyskyskyskyskys * duifhdskfjdfd * dfdfdfdfdfdfdfdfdfdfdfdf * dfdfdfdf * imoprt all of the consts beacuse fuck it * 😭 * dfdfdfdfdfdfsdasdf * print the entire session * rffdfdfjkfksj * fgbhffh * not the secret keys * minor bug fixes * be helpful in the warning * gfgfgfg * move warning lower * isort main imports (i hope this doesn't fuck something up) * test * session cookie domain redux * dfdfdfd * try only importing Flask * formkeys fix * y * :pepodrool: * route helper * remove before flight * dfdfdfdfdf * isort classes * isort helpers * move check_for_alts to routehelpers and also sort imports and get rid of unused ones * that previous commit but actkally * readd the cache in a dozen places they were implicitly imported * use g.is_tor instead of request.headers. bla bla bla * upgrade streamers to their own route file * get rid of unused imports in __main__ * fgfgf * don't pull in the entire ORM where we don't need it * features * explicit imports for the get helper * explicit imports for the get helper redux * testing allroutes * remove unused import * decouple flask from classes * syntax fix also remember these have side fx for some reason (why?) * move side effects out of the class * posts * testing on devrama * settings * reloading * settingssdsdsds * streamer features * site settings * testing settings on devrama * import * fix modlog * remove debug stuff * revert commit 67275b21ab6e2f2520819e84d10bfc1c746a15b6 * archiveorg to _archiveorg * skhudkfkjfd * fix cron for PCM * fix bugs that snekky wants me to * Fix call to realbody passing db, standardize kwarg * test * import check_for_alts from the right place * cloudflare * testing on devrama * fix cron i think * shadow properly * tasks * Remove print which will surely be annoying in prod. * v and create new session * use files.classes * make errors import little and fix rare 500 in /allow_nsfw * Revert "use files.classes" This reverts commit 98c10b876cf86ce058b7fb955cf1ec0bfb9996c6. * pass v to media functions rather than using g * fix * dfdfdfdfd * cleanup, py type checking is dumb so don't use it where it causes issues * Fix some merge bugs, add DEFAULT_RATELIMIT to main. * Fix imports on sqlalchemy expressions. * `from random import random` is an error. * Fix replies db param. * errors: fix missing import * fix rare 500: only send to GIFT_NOTIF_ID if it exists, and send them the right text * Fix signup formkey. * fix 2 500s * propagate db to submissions * fix replies * dfdfdfdf * Fix verifiedcolor. * is_manual * can't use getters outside of an app context * don't attempt to do gumroad on sites where it's not enabled * don't attempt to do gumraod on sites's where it's unnecessary * Revert "don't attempt to do gumroad on sites where it's not enabled" This reverts commit 6f8a6331878655492dfaf1907b27f8be513c14d3. * fix 500 * validate media type Co-authored-by: TLSM <duolsm@outlook.com>
2022-11-15 09:19:08 +00:00
is_manual=True,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(a)
mn
2022-05-04 23:09:46 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
cache.delete_memoized(get_alt_graph_ids, user1.id)
cache.delete_memoized(get_alt_graph_ids, user2.id)
fix muting linking alts
2023-01-25 02:53:52 +00:00
check_for_alts(user1)
check_for_alts(user2)
mn
2022-05-04 23:09:46 +00:00
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
ma = ModAction(
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
kind=f"link_accounts",
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user_id=v.id,
target_user_id=user1.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=f'with @{user2.username}'
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
remove .deleted column for alts
2023-02-18 15:19:14 +00:00
return {"message": f"Linked @{user1.username} and @{user2.username} successfully!"}
integrate check_ban_evade into check_for_alts
2022-09-23 12:33:58 +00:00
remove relinking
2023-02-18 14:55:18 +00:00
@app.post('/@<username>/alts/<int:other>/deleted')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
@admin_level_required(PERMS['USER_LINK'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def admin_delink_relink_alt(v, username, other):
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
user1 = get_user(username)
user2 = get_account(other)
ids = [user1.id, user2.id]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
a = g.db.query(Alt).filter(Alt.user1.in_(ids), Alt.user2.in_(ids)).one_or_none()
add clearer error messages
2024-02-16 13:23:48 +00:00
if not a: abort(404, "Alt doesn't exist.")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(a)
mn
2022-05-04 23:09:46 +00:00
delete alt cache when delinking alts
2023-06-23 11:45:17 +00:00
cache.delete_memoized(get_alt_graph_ids, user1.id)
cache.delete_memoized(get_alt_graph_ids, user2.id)
check_for_alts(user1)
check_for_alts(user2)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
remove relinking
2023-02-18 14:55:18 +00:00
kind=f"delink_accounts",
mn
2022-05-04 23:09:46 +00:00
user_id=v.id,
account linking improvements (#448) currently account delinking is very messy and can sometimes just not work we do codey stuff so it's not as bad also we create a pretty page for mops to mop up borked account links * alts: allow proper delinking * fix prev commit * url fix * fix 500 * fixes * :pepodrool: * flag * :pepodrool: redux * sdsdsdsds * correct endpoint * fix html page * alts: only adjust session history if flag is set * fix 500 * allow relinking * fsdsds * :pepodrool: redux * alts: don't fail if an alt isn't history * use postToastSwitch + some API changes * remove unnecessary variables * d-none * delink accounts mod action * fa-link-slash * alts: add form to create alt * remove copied and pasted template * rounded section * UI improvement + fix * \n * fix status * admin: remove duplicate route admin: do a permissions check on 2 pages that need it admin: set the manual flag for manually flagged alts * variable change * fix 500 * alts * add shadowban icon to alt link tool * shadowbanned tooltip * add user info section * fix 500, remove unnecessary form, and add alt votes button * trans and also link to page * margin * sdsdsd * stop the count * fix prev commit * with ctx * plural * alts * don't show shadowbanned users to those who can't see them this is... extremely rare and won't ever be seen in production however if perms were ever rearranged in the future, this keeps permissions correct * shadowban check in alt list * let shadow realm enthusiasts see shadowban alts * sdsdsds * test * be graceful where needed * sdsdsdsds * alts: don't allow adding the same account alts: clarify wording * rename and reorder on admin panel * EOL * remove frankly unnecessary check * try with a set * test * Revert "try with a set" This reverts commit 72be353fba5ffa39b37590cc5d3bf584c94ee06e. * Revert "Revert "try with a set"" This reverts commit 81e41890a192e8b46d0463477998e905fddf56ba. * Revert "Revert "Revert "try with a set""" This reverts commit be51592135a3c09848f993f0154bd2ac862ae505. * clean up test
2022-11-14 17:32:13 +00:00
target_user_id=user1.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=f'from @{user2.username}'
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
remove relinking
2023-02-18 14:55:18 +00:00
return {"message": f"Delinked @{user1.username} and @{user2.username} successfully!"}
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/posts")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_removed(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
mn
2022-05-04 23:09:46 +00:00
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = g.db.query(Post).options(load_only(Post.id)).join(Post.author).filter(
or_(Post.is_banned==True, User.shadowbanned != None))
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
rename submissions to posts
2023-06-07 23:26:32 +00:00
listing = listing.order_by(Post.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
listing = [x.id for x in listing]
posts = get_posts(listing, v=v)
mn
2022-05-04 23:09:46 +00:00
return render_template("admin/removed_posts.html",
casino + style shit
2022-09-04 23:15:37 +00:00
v=v,
listing=posts,
page=page,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total
casino + style shit
2022-09-04 23:15:37 +00:00
)
mn
2022-05-04 23:09:46 +00:00
@app.get("/admin/removed/comments")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_removed_comments(v):
dedup page defining
2023-05-05 05:23:59 +00:00
page = get_page()
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
listing = g.db.query(Comment).options(load_only(Comment.id)).join(Comment.author).filter(
or_(Comment.is_banned==True, User.shadowbanned != None))
remove useless tabs
2023-05-05 21:45:25 +00:00
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total = listing.count()
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
listing = listing.order_by(Comment.id.desc()).offset(PAGE_SIZE * (page - 1)).limit(PAGE_SIZE).all()
listing = [x.id for x in listing]
comments = get_comments(listing, v=v)
remove useless tabs
2023-05-05 21:45:25 +00:00
mn
2022-05-04 23:09:46 +00:00
return render_template("admin/removed_comments.html",
casino + style shit
2022-09-04 23:15:37 +00:00
v=v,
listing=comments,
page=page,
use new pagination system everywhere it isnt used
2023-05-05 21:44:24 +00:00
total=total
casino + style shit
2022-09-04 23:15:37 +00:00
)
mn
2022-05-04 23:09:46 +00:00
use new pagination system in removed posts and comments
2023-05-05 05:38:08 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/unchud_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
@admin_level_required(PERMS['USER_CHUD'])
consistency
2023-07-11 17:57:59 +00:00
def unchud(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
mn
2022-05-04 23:09:46 +00:00
disallow jannoids from undoing chud awards
2022-12-26 02:38:32 +00:00
if not user.chudded_by:
remove "anymore"
2023-10-13 19:01:04 +00:00
abort(403, "Jannies can't undo chud awards!")
disallow jannoids from undoing chud awards
2022-12-26 02:38:32 +00:00
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud = 0
user.chud_phrase = None
make it possible for jannies to stack chuds and bans
2023-02-19 13:23:08 +00:00
user.chudded_by = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
rename 2 modlog actions
2022-11-07 01:47:27 +00:00
kind="unchud",
mn
2022-05-04 23:09:46 +00:00
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
minor fixes to last couple of commits
2023-05-03 16:06:14 +00:00
badge = user.has_badge(58)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
if badge: g.db.delete(badge)
mn
2022-05-04 23:09:46 +00:00
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unchudded you.")
mn
2022-05-04 23:09:46 +00:00
change chud theme terminology
2022-11-05 02:01:45 +00:00
return {"message": f"@{user.username} has been unchudded!"}
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/shadowban/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add some perm requirements and add agendaposter thing
2022-10-06 03:04:38 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
mn
2022-05-04 23:09:46 +00:00
def shadowban(user_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
make "unshadowban" button work instantly
2022-11-05 02:16:39 +00:00
if user.admin_level > v.admin_level:
add clearer error messages
2024-02-16 13:23:48 +00:00
abort(403, "You can't shadowban an admin with higher level than you.")
minor bugfix
2022-12-13 18:50:38 +00:00
user.shadowbanned = v.id
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
reason = request.values.get("reason", "").strip()
require reason for banning
2022-12-28 09:31:27 +00:00
if not reason:
abort(400, "You need to submit a reason for shadowbanning!")
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
if len(reason) > 256:
abort(400, "Shadowban reason is too long (max 256 characters)")
fixes
2022-12-27 04:24:25 +00:00
reason = filter_emojis_only(reason)
check for ban_reason length after sanitizing
2023-02-21 14:30:31 +00:00
if len(reason) > 256:
fix error message
2024-02-15 18:36:01 +00:00
abort(400, "Rendered shadowban reason is too long!")
check for ban_reason length after sanitizing
2023-02-21 14:30:31 +00:00
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
user.shadowban_reason = reason
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
fix muting linking alts
2023-01-25 02:53:52 +00:00
check_for_alts(user)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="shadowban",
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=f'reason: "{reason}"'
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
make shadowbanned, banning, chudding from the userpage work without refreshing the page
2022-11-07 06:08:50 +00:00
return {"message": f"@{user.username} has been shadowbanned!"}
mn
2022-05-04 23:09:46 +00:00
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/unshadowban/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add some perm requirements and add agendaposter thing
2022-10-06 03:04:38 +00:00
@admin_level_required(PERMS['USER_SHADOWBAN'])
mn
2022-05-04 23:09:46 +00:00
def unshadowban(user_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
mn
2022-05-04 23:09:46 +00:00
user.shadowbanned = None
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
user.shadowban_reason = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
alt graph
2022-12-22 20:03:40 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for alt in get_alt_graph(user.id):
mn
2022-05-04 23:09:46 +00:00
alt.shadowbanned = None
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
alt.shadowban_reason = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(alt)
mn
2022-05-04 23:09:46 +00:00
ma = ModAction(
kind="unshadowban",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
make "unshadowban" button work instantly
2022-11-05 02:16:39 +00:00
return {"message": f"@{user.username} has been unshadowbanned!"}
mn
2022-05-04 23:09:46 +00:00
new_name->new_flair, title->flair
2023-10-04 12:29:41 +00:00
@app.post("/admin/change_flair/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
new_name->new_flair, title->flair
2023-10-04 12:29:41 +00:00
@admin_level_required(PERMS['USER_CHANGE_FLAIR'])
def admin_change_flair(user_id, v):
mn
2022-05-04 23:09:46 +00:00
actually use the get functions
2022-06-24 13:19:53 +00:00
user = get_account(user_id)
mn
2022-05-04 23:09:46 +00:00
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
new_flair = request.values.get("flair", "").strip()
if len(new_flair) > 256:
abort(400, "New flair is too long (max 256 characters)")
mn
2022-05-04 23:09:46 +00:00
rename customtitle to flair
2023-10-05 10:39:12 +00:00
user.flair = new_flair
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
new_flair = filter_emojis_only(new_flair, link=True)
new_name->new_flair, title->flair
2023-10-04 12:29:41 +00:00
new_flair = censor_slurs_profanities(new_flair, None)
mn
2022-05-04 23:09:46 +00:00
add spaces
2023-07-27 19:47:46 +00:00
user = get_account(user.id)
rename customtitle to flair
2023-10-05 10:39:12 +00:00
user.flair_html = new_flair
add namelock award
2023-05-13 04:53:14 +00:00
if request.values.get("locked"):
user.flairchanged = int(time.time()) + 2629746
give ppl flairlocked by jannies the flairlock badge
2023-07-07 21:01:47 +00:00
badge_grant(user=user, badge_id=96)
mn
2022-05-04 23:09:46 +00:00
else:
move award timers to cron
2023-05-13 02:00:54 +00:00
user.flairchanged = 0
mn
2022-05-04 23:09:46 +00:00
badge = user.has_badge(96)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
if badge: g.db.delete(badge)
mn
2022-05-04 23:09:46 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
if user.flairchanged: kind = "set_flair_locked"
else: kind = "set_flair_notlocked"
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind=kind,
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=f'"{new_flair}"'
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
notify users when their flair gets changed by jannies
2023-02-22 17:00:38 +00:00
if user.flairchanged:
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
message = f"@{v.username} (a site admin) has locked your flair to `{user.flair}`."
notify users when their flair gets changed by jannies
2023-02-22 17:00:38 +00:00
else:
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
message = f"@{v.username} (a site admin) has changed your flair to `{user.flair}`. You can change it back in the settings."
remove unnecessary tabs
2023-02-22 17:27:33 +00:00
notify users when their flair gets changed by jannies
2023-02-22 17:00:38 +00:00
send_repeatable_notification(user.id, message)
make 3 more buttons instant
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s flair has been changed!"}
mn
2022-05-04 23:09:46 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/ban_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['USER_BAN'])
consistency
2023-07-11 17:57:59 +00:00
def ban_user(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
mn
2022-05-04 23:09:46 +00:00
allow me to ban (((🐟)))
2022-10-11 13:48:49 +00:00
if user.admin_level > v.admin_level:
add clearer error messages
2024-02-16 13:23:48 +00:00
abort(403, "You can't ban an admin with higher level than you.")
mn
2022-05-04 23:09:46 +00:00
rename variable
2023-06-29 19:51:32 +00:00
if user.is_permabanned:
give error when jannies attempt to chud a perma-chudded user or ban a permabanned-user
2023-02-22 17:11:29 +00:00
abort(403, f"@{user.username} is already banned permanently!")
fix a couple of potentially rare 500s
2022-10-15 11:02:02 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
mn
2022-05-04 23:09:46 +00:00
disallow chudding and banning ppl for negative days
2023-01-01 00:58:37 +00:00
if days < 0:
abort(400, "You can't bans people for negative days!")
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
reason = request.values.get("reason", "").strip()
require reason for banning
2022-12-28 09:31:27 +00:00
if not reason:
abort(400, "You need to submit a reason for banning!")
mn
2022-05-04 23:09:46 +00:00
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
if len(reason) > 256:
abort(400, "Ban reason is too long (max 256 characters)")
fix
2022-12-27 04:32:53 +00:00
reason = filter_emojis_only(reason)
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
check for ban_reason length after sanitizing
2023-02-21 14:30:31 +00:00
if len(reason) > 256:
give error message instead of quietly stripping
2024-01-02 18:54:08 +00:00
abort(400, "Rendered ban reason is too long!")
fix
2022-12-27 04:32:53 +00:00
make sure all comment links have #context
2023-02-07 02:34:11 +00:00
reason = reason_regex_post.sub(r'<a href="\1">\1</a>', reason)
reason = reason_regex_comment.sub(r'<a href="\1#context">\1</a>', reason)
fix mod log links
2022-12-30 16:10:29 +00:00
fix a couple of potentially rare 500s
2022-10-15 11:02:02 +00:00
duration = "permanently"
mn
2022-05-04 23:09:46 +00:00
if days:
fix 0.0001 days being displayed as "0 days"
2022-11-05 03:06:33 +00:00
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
fix a couple of potentially rare 500s
2022-10-15 11:02:02 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
if reason: text = f"@{v.username} (a site admin) has banned you for **{days_txt}** days for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (a site admin) has banned you for **{days_txt}** days."
mn
2022-05-04 23:09:46 +00:00
else:
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
if reason: text = f"@{v.username} (a site admin) has banned you permanently for the following reason:\n\n> {reason}"
else: text = f"@{v.username} (a site admin) has banned you permanently."
mn
2022-05-04 23:09:46 +00:00
fix this https://rdrama.net/post/226713/-/5506793#context (read report)
2024-02-12 18:24:37 +00:00
user.ban(admin=v, reason=reason, days=days)
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(user.id, text)
fix this https://rdrama.net/post/226713/-/5506793#context (read report)
2024-02-12 18:24:37 +00:00
if request.values.get("alts"):
for x in get_alt_graph(user.id):
if x.admin_level > v.admin_level:
continue
x.ban(admin=v, reason=reason, days=days)
send_repeatable_notification(x.id, text)
only add reason if there's a reason
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}, reason: "{reason}"'
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="ban_user",
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=note
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if 'reason' in request.values:
dedup reason variable
2023-09-08 19:51:59 +00:00
reason = request.values["reason"]
if reason.startswith("/post/"):
add ban reason to bannedfor tooltip
2023-09-08 19:57:15 +00:00
try: post_id = int(reason.split("/post/")[1].split(None, 1)[0])
fix 500 errors
2022-07-28 14:23:38 +00:00
except: abort(400)
add ban reason to bannedfor tooltip
2023-09-08 19:57:15 +00:00
actual_reason = reason.split(str(post_id))[1].strip()
post = get_post(post_id)
sub -> hole
2023-10-07 17:55:50 +00:00
if post.hole != 'chudrama':
minor fix
2023-03-15 02:13:39 +00:00
post.bannedfor = f'{duration} by @{v.username}'
add ban reason to bannedfor tooltip
2023-09-08 19:57:15 +00:00
if actual_reason:
post.bannedfor += f' for "{actual_reason}"'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
dedup reason variable
2023-09-08 19:51:59 +00:00
elif reason.startswith("/comment/"):
add ban reason to bannedfor tooltip
2023-09-08 19:57:15 +00:00
try: comment_id = int(reason.split("/comment/")[1].split(None, 1)[0])
fix 500 errors
2022-07-28 14:23:38 +00:00
except: abort(400)
add ban reason to bannedfor tooltip
2023-09-08 19:57:15 +00:00
actual_reason = reason.split(str(comment_id))[1].strip()
comment = get_comment(comment_id)
show the username of the janny who banned
2022-06-28 00:59:08 +00:00
comment.bannedfor = f'{duration} by @{v.username}'
add ban reason to bannedfor tooltip
2023-09-08 19:57:15 +00:00
if actual_reason:
comment.bannedfor += f' for "{actual_reason}"'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
more detailed toast on banning/chudding
2022-12-24 22:45:01 +00:00
return {"message": f"@{user.username} has been banned {duration}!"}
mn
2022-05-04 23:09:46 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/chud_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
@admin_level_required(PERMS['USER_CHUD'])
consistency
2023-07-11 17:57:59 +00:00
def chud(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
make chudding affect the comment its applied on
2023-06-23 17:47:57 +00:00
comment.chudded = True
g.db.add(comment)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
if user.admin_level > v.admin_level:
abort(403)
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
if user.chud == 1:
give error when jannies attempt to chud a perma-chudded user or ban a permabanned-user
2023-02-22 17:11:29 +00:00
abort(403, f"@{user.username} is already chudded permanently!")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
days = 0.0
try:
days = float(request.values.get("days"))
except:
pass
disallow chudding and banning ppl for negative days
2023-01-01 00:58:37 +00:00
if days < 0:
abort(400, "You can't chud people for negative days!")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
reason = request.values.get("reason", "").strip()
fix
2022-12-27 04:32:53 +00:00
reason = filter_emojis_only(reason)
make sure all comment links have #context
2023-02-07 02:34:11 +00:00
reason = reason_regex_post.sub(r'<a href="\1">\1</a>', reason)
reason = reason_regex_comment.sub(r'<a href="\1#context">\1</a>', reason)
fix mod log links
2022-12-30 16:10:29 +00:00
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
if days:
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
if user.chud:
user.chud += days * 86400
make it possible for jannies to stack chuds and bans
2023-02-19 13:23:08 +00:00
else:
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud = int(time.time()) + (days * 86400)
clearer chud message to chudded user
2023-03-24 11:51:25 +00:00
fix 0.0001 days being displayed as "0 days"
2022-11-05 03:06:33 +00:00
days_txt = str(days)
if days_txt.endswith('.0'): days_txt = days_txt[:-2]
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
duration = f"for {days_txt} day"
if days != 1: duration += "s"
else:
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
user.chud = 1
clearer chud message to chudded user
2023-03-24 11:51:25 +00:00
duration = "permanently"
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
fix 500 error
2024-02-21 18:22:18 +00:00
user.chud_phrase = request.values.get("chud_phrase", "Trans lives matter").strip().lower()
fix 500 error
2023-03-21 11:03:27 +00:00
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
text = f"@{v.username} (a site admin) has chudded you **{duration}**"
do this https://rdrama.net/post/18459/marseycapywalking-megathread-for-bugs-and-suggestions/4151551#context
2023-05-14 16:13:00 +00:00
if reason: text += f" for the following reason:\n\n> {reason}"
rename "agendaposter" to "chud"
2023-06-23 11:07:47 +00:00
text += f"\n\n**You now have to say this phrase in all posts and comments you make {duration}:**\n\n> {user.chud_phrase}"
include "trans lives matter" in janny chud message
2023-03-23 18:53:07 +00:00
disallow jannoids from undoing chud awards
2022-12-26 02:38:32 +00:00
user.chudded_by = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
fix permachudding
2022-11-08 03:37:14 +00:00
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
send_repeatable_notification(user.id, text)
only add reason if there's a reason
2022-11-05 02:48:02 +00:00
note = f'duration: {duration}'
if reason: note += f', reason: "{reason}"'
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
rename 2 modlog actions
2022-11-07 01:47:27 +00:00
kind="chud",
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=note
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
add new patron tier for benefactor-cels
2023-05-03 15:29:31 +00:00
badge_grant(user=user, badge_id=58)
fix chud badge not being given
2022-11-07 05:43:25 +00:00
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
if 'reason' in request.values:
dedup reason variable
2023-09-08 19:51:59 +00:00
reason = request.values["reason"]
if reason.startswith("/post/"):
try: post = int(reason.split("/post/")[1].split(None, 1)[0])
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
except: abort(400)
post = get_post(post)
sub -> hole
2023-10-07 17:55:50 +00:00
if post.hole == 'chudrama':
disable janny chudding in /h/chudrama
2022-12-10 13:06:30 +00:00
abort(403, "You can't chud people in /h/chudrama")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
post.chuddedfor = f'{duration} by @{v.username}'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
dedup reason variable
2023-09-08 19:51:59 +00:00
elif reason.startswith("/comment/"):
try: comment = int(reason.split("/comment/")[1].split(None, 1)[0])
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
except: abort(400)
comment = get_comment(comment)
fix 500 error
2023-11-20 16:25:18 +00:00
if comment.parent_post and comment.post.hole == 'chudrama':
disable janny chudding in /h/chudrama
2022-12-10 13:06:30 +00:00
abort(403, "You can't chud people in /h/chudrama")
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
comment.chuddedfor = f'{duration} by @{v.username}'
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
more detailed toast on banning/chudding
2022-12-24 22:45:01 +00:00
return {"message": f"@{user.username} has been chudded {duration}!"}
improve ban modal and add chud modal
2022-11-05 02:12:17 +00:00
consistency
2023-07-11 17:57:59 +00:00
@app.post("/unban_user/<fullname>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['USER_BAN'])
consistency
2023-07-11 17:57:59 +00:00
def unban_user(fullname, v):
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
consistency
2023-07-11 17:57:59 +00:00
if fullname.startswith('p_'):
post_id = fullname.split('p_')[1]
rename submissions to posts
2023-06-07 23:26:32 +00:00
post = g.db.get(Post, post_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = post.author
consistency
2023-07-11 17:57:59 +00:00
elif fullname.startswith('c_'):
comment_id = fullname.split('c_')[1]
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
comment = g.db.get(Comment, comment_id)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
user = comment.author
else:
consistency
2023-07-11 17:57:59 +00:00
user = get_account(fullname)
hide ghost identity leak in dev console
2022-12-30 16:22:57 +00:00
Remove redundant `if not user: abort()` checks.
2022-09-01 21:44:40 +00:00
if not user.is_banned:
abort(400)
mn
2022-05-04 23:09:46 +00:00
pins: fix removal behavior
2022-11-19 14:24:32 +00:00
if FEATURES['AWARDS'] and user.ban_reason and user.ban_reason.startswith('1-Day ban award'):
disallow jannies from undoing ban awards
2022-10-31 23:05:02 +00:00
abort(403, "You can't undo a ban award!")
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
user.is_banned = None
order unban_utc properly
2024-02-02 22:39:02 +00:00
user.unban_utc = None
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
user.ban_reason = None
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unbanned you!")
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
mn
2022-05-04 23:09:46 +00:00
Revert "get rid of get_alt_graph" This reverts commit e2e3da4bda4e6f6a946697e796c63ab588c9794e.
2023-01-25 02:51:48 +00:00
for x in get_alt_graph(user.id):
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
if x.is_banned: send_repeatable_notification(x.id, f"@{v.username} (a site admin) has unbanned you!")
make is_banned fkey on user id
2022-12-13 22:02:53 +00:00
x.is_banned = None
order unban_utc properly
2024-02-02 22:39:02 +00:00
x.unban_utc = None
add shadowban_reason column to stop the endless confusion and overwriting
2024-02-11 14:40:22 +00:00
x.ban_reason = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(x)
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="unban_user",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
make "unban user" button in userpage work instantly
2022-11-05 02:07:29 +00:00
return {"message": f"@{user.username} has been unbanned!"}
mn
2022-05-04 23:09:46 +00:00
split off muting and unmuting
2022-11-12 09:11:31 +00:00
@app.post("/mute_user/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['USER_BAN'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def mute_user(v, user_id):
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
user = get_account(user_id)
split off muting and unmuting
2022-11-12 09:11:31 +00:00
if not user.is_muted:
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
user.is_muted = True
split off muting and unmuting
2022-11-12 09:11:31 +00:00
ma = ModAction(
rename 2 modactions
2023-08-03 21:07:57 +00:00
kind='mute_user',
split off muting and unmuting
2022-11-12 09:11:31 +00:00
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
g.db.add(ma)
fix 500 error on muting
2023-01-24 04:53:07 +00:00
check_for_alts(user)
split off muting and unmuting
2022-11-12 09:11:31 +00:00
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has muted you!")
notify ppl when they're muted or unmuted
2023-08-05 10:27:03 +00:00
split off muting and unmuting
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been muted!"}
@app.post("/unmute_user/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
split off muting and unmuting
2022-11-12 09:11:31 +00:00
@admin_level_required(PERMS['USER_BAN'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def unmute_user(v, user_id):
split off muting and unmuting
2022-11-12 09:11:31 +00:00
user = get_account(user_id)
if user.is_muted:
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
user.is_muted = False
split off muting and unmuting
2022-11-12 09:11:31 +00:00
ma = ModAction(
rename 2 modactions
2023-08-03 21:07:57 +00:00
kind='unmute_user',
split off muting and unmuting
2022-11-12 09:11:31 +00:00
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
g.db.add(ma)
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
unmute alts too so the mute doesnt propagate back
2023-08-03 21:27:59 +00:00
for x in get_alt_graph(user.id):
if x.is_muted:
x.is_muted = False
g.db.add(x)
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
send_repeatable_notification(user.id, f"@{v.username} (a site admin) has unmuted you!")
notify ppl when they're muted or unmuted
2023-08-05 10:27:03 +00:00
split off muting and unmuting
2022-11-12 09:11:31 +00:00
return {"message": f"@{user.username} has been unmuted!"}
Add admin mute for user reports and modmail.
2022-09-01 21:29:27 +00:00
add progstack btn to comments
2023-01-25 11:35:37 +00:00
@app.post("/admin/progstack/post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
@admin_level_required(PERMS['PROGSTACK'])
add progstack btn to comments
2023-01-25 11:35:37 +00:00
def progstack_post(post_id, v):
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
post = get_post(post_id)
post.is_approved = PROGSTACK_ID
fix 500 error
2023-01-23 12:44:30 +00:00
post.realupvotes = floor(post.realupvotes * PROGSTACK_MUL)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
add progstack btn to comments
2023-01-25 11:35:37 +00:00
kind="progstack_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
add progstack btn to comments
2023-01-25 11:35:37 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
allow admins to apply progstack
2023-01-23 12:40:44 +00:00
cache.delete_memoized(frontlist)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
return {"message": "Progressive stack applied on post!"}
add button to remove progstack
2023-02-19 14:02:30 +00:00
@app.post("/admin/unprogstack/post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to remove progstack
2023-02-19 14:02:30 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def unprogstack_post(post_id, v):
post = get_post(post_id)
post.is_approved = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
add button to remove progstack
2023-02-19 14:02:30 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
add button to remove progstack
2023-02-19 14:02:30 +00:00
kind="unprogstack_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
add button to remove progstack
2023-02-19 14:02:30 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to remove progstack
2023-02-19 14:02:30 +00:00
return {"message": "Progressive stack removed from post!"}
add progstack btn to comments
2023-01-25 11:35:37 +00:00
@app.post("/admin/progstack/comment/<int:comment_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def progstack_comment(comment_id, v):
comment = get_comment(comment_id)
comment.is_approved = PROGSTACK_ID
comment.realupvotes = floor(comment.realupvotes * PROGSTACK_MUL)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
add progstack btn to comments
2023-01-25 11:35:37 +00:00
kind="progstack_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add progstack btn to comments
2023-01-25 11:35:37 +00:00
cache.delete_memoized(comment_idlist)
return {"message": "Progressive stack applied on comment!"}
mn
2022-05-04 23:09:46 +00:00
add button to remove progstack
2023-02-19 14:02:30 +00:00
@app.post("/admin/unprogstack/comment/<int:comment_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to remove progstack
2023-02-19 14:02:30 +00:00
@admin_level_required(PERMS['PROGSTACK'])
def unprogstack_comment(comment_id, v):
comment = get_comment(comment_id)
comment.is_approved = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
add button to remove progstack
2023-02-19 14:02:30 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
add button to remove progstack
2023-02-19 14:02:30 +00:00
kind="unprogstack_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to remove progstack
2023-02-19 14:02:30 +00:00
return {"message": "Progressive stack removed from comment!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/remove_post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
rename some retarded ruqqus terminology
2022-08-11 04:04:41 +00:00
def remove_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
mn
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.is_approved = None
make sure to wipe stickied_utc too
2023-09-29 01:24:36 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if not FEATURES['AWARDS'] or not post.pinned or not post.pinned.endswith(PIN_AWARD_TEXT):
post.pinned = None
post.pinned_utc = None
make sure to wipe stickied_utc too
2023-09-29 01:24:36 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
post.profile_pinned = False
mn
2022-05-04 23:09:46 +00:00
post.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="ban_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
dedup sorting in the jinja templates
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
delete redis cache on post deletion/removal/undeletion/unremoval
2023-07-28 22:45:45 +00:00
cache.delete(f'post_{post.id}_{sort}')
mn
2022-05-04 23:09:46 +00:00
return {"message": "Post removed!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/approve_post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
rename some retarded ruqqus terminology
2022-08-11 04:04:41 +00:00
def approve_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
mn
2022-05-04 23:09:46 +00:00
fix this https://rdrama.net/h/music/post/246274/mozart-leck-mich-im-arsch-canon/5950545#context
2024-02-15 21:47:00 +00:00
if post.chudded and post.author.chud and post.ban_reason == 'AutoJanny':
disallow jannies from bypassing the chud award
2023-10-29 14:36:28 +00:00
abort(400, "You can't bypass the chud award!")
mn
2022-05-04 23:09:46 +00:00
if post.is_banned:
add spaces
2024-01-31 21:56:32 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="unban_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
post.is_banned = False
post.ban_reason = None
post.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
dedup sorting in the jinja templates
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
delete redis cache on post deletion/removal/undeletion/unremoval
2023-07-28 22:45:45 +00:00
cache.delete(f'post_{post.id}_{sort}')
mn
2022-05-04 23:09:46 +00:00
return {"message": "Post approved!"}
rename a bunch of columns
2024-02-18 15:29:53 +00:00
@app.post("/pin_post/<int:post_id>")
replace "if not FEATURES" with wrapper
2022-10-11 07:29:24 +00:00
@feature_required('PINS')
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
move feature_required wrappers up
2022-11-14 15:11:05 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
rename a bunch of columns
2024-02-18 15:29:53 +00:00
def pin_post(post_id, v):
fix roundabout way of jannies getting pin awards undone (not exploited so far AFAIK)
2022-10-23 21:36:38 +00:00
post = get_post(post_id)
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
if post.is_banned:
rename a bunch of columns
2024-02-18 15:29:53 +00:00
abort(403, "Can't pin removed posts!")
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if FEATURES['AWARDS'] and post.pinned and post.pinned.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
fix roundabout way of jannies getting pin awards undone (not exploited so far AFAIK)
2022-10-23 21:36:38 +00:00
abort(403, "Can't pin award pins!")
rename a bunch of columns
2024-02-18 15:29:53 +00:00
pins = g.db.query(Post).filter(Post.pinned != None, Post.is_banned == False).count()
Revert "feature required wrapper" This reverts commit 8700bcc5ee9003efdd6fe739c116842d5786d3e2.
2022-10-10 09:51:29 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if not post.pinned_utc:
post.pinned_utc = int(time.time()) + 3600
add tiered pins
2022-10-14 18:28:20 +00:00
pin_time = 'for 1 hour'
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
code = 200
minor tweak to avoid double-notifying ppl
2022-10-14 18:35:13 +00:00
if v.id != post.author_id:
rename to textlink
2024-02-20 00:00:21 +00:00
send_repeatable_notification(post.author_id, f"@{v.username} (a site admin) has pinned {post.textlink}")
add tiered pins
2022-10-14 18:28:20 +00:00
else:
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
if pins >= PIN_LIMIT + 1:
abort(403, f"Can't exceed {PIN_LIMIT} pinned posts limit!")
rename a bunch of columns
2024-02-18 15:29:53 +00:00
post.pinned_utc = None
fix typo
2022-10-14 18:28:46 +00:00
pin_time = 'permanently'
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
code = 201
add tiered pins
2022-10-14 18:28:20 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
post.pinned = v.username
add tiered pins
2022-10-14 18:28:20 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
add tiered pins
2022-10-14 18:28:20 +00:00
kind="pin_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=pin_time
add tiered pins
2022-10-14 18:28:20 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add tiered pins
2022-10-14 18:28:20 +00:00
cache.delete_memoized(frontlist)
mn
2022-05-04 23:09:46 +00:00
restore pinning to how it was before JC raped it
2022-11-19 15:36:34 +00:00
return {"message": f"Post pinned {pin_time}!"}, code
mn
2022-05-04 23:09:46 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
@app.post("/unpin_post/<int:post_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
rename a bunch of columns
2024-02-18 15:29:53 +00:00
def unpin_post(post_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
post = get_post(post_id)
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if post.pinned:
if FEATURES['AWARDS'] and post.pinned.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
abort(403, "Can't unpin award pins!")
rename a bunch of columns
2024-02-18 15:29:53 +00:00
post.pinned = None
post.pinned_utc = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
add spaces
2024-01-31 21:56:32 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="unpin_post",
user_id=v.id,
rename submissions to posts
2023-06-07 23:26:32 +00:00
target_post_id=post.id
mn
2022-05-04 23:09:46 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if v.id != post.author_id:
rename to textlink
2024-02-20 00:00:21 +00:00
send_repeatable_notification(post.author_id, f"@{v.username} (a site admin) has unpinned {post.textlink}")
mn
2022-05-04 23:09:46 +00:00
cache.delete_memoized(frontlist)
return {"message": "Post unpinned!"}
fix 502 error
2024-02-18 15:33:56 +00:00
@app.post("/pin_comment_admin/<int:cid>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
fix 502 error
2024-02-18 15:33:56 +00:00
def pin_comment_admin(cid, v):
mn
2022-05-04 23:09:46 +00:00
comment = get_comment(cid, v=v)
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
make it not possible to sticky removed comments
2023-01-24 10:23:19 +00:00
if comment.is_banned:
rename a bunch of columns
2024-02-18 15:29:53 +00:00
abort(403, "Can't pin removed comments!")
make it not possible to sticky removed comments
2023-01-24 10:23:19 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if FEATURES['AWARDS'] and comment.pinned and comment.pinned.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
abort(403, "Can't pin award pins!")
mn
2022-05-04 23:09:46 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if not comment.pinned:
comment.pinned = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
add spaces
2024-01-31 21:56:32 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="pin_comment",
user_id=v.id,
target_comment_id=comment.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if v.id != comment.author_id:
rename to textlink
2024-02-20 00:00:21 +00:00
message = f"@{v.username} (a site admin) has pinned {comment.textlink}"
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
dedup
2023-12-04 13:29:57 +00:00
comment.pin_parents()
make sure stickied child comments are always at the top place they can be
2022-11-26 04:01:20 +00:00
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment pinned!"}
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
fix 502 error
2024-02-18 15:33:56 +00:00
@app.post("/unpin_comment_admin/<int:cid>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
fix 502 error
2024-02-18 15:33:56 +00:00
def unpin_comment_admin(cid, v):
mn
2022-05-04 23:09:46 +00:00
comment = get_comment(cid, v=v)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
if comment.pinned:
if FEATURES['AWARDS'] and comment.pinned.endswith(PIN_AWARD_TEXT) and v.admin_level < PERMS["UNDO_AWARD_PINS"]:
allow JL4 to unpin award pins
2023-01-24 10:24:27 +00:00
abort(403, "Can't unpin award pins!")
mn
2022-05-04 23:09:46 +00:00
rename a bunch of columns
2024-02-18 15:29:53 +00:00
comment.pinned = None
comment.pinned_utc = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
add spaces
2024-01-31 21:56:32 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="unpin_comment",
user_id=v.id,
target_comment_id=comment.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
if v.id != comment.author_id:
rename to textlink
2024-02-20 00:00:21 +00:00
message = f"@{v.username} (a site admin) has unpinned {comment.textlink}"
mn
2022-05-04 23:09:46 +00:00
send_repeatable_notification(comment.author_id, message)
dedup
2023-12-04 13:29:57 +00:00
comment.unpin_parents()
make sure stickied child comments are always at the top place they can be
2022-11-26 04:01:20 +00:00
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment unpinned!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/remove_comment/<int:c_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
make some function names shorter
2022-08-11 04:05:23 +00:00
def remove_comment(c_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
mn
2022-05-04 23:09:46 +00:00
comment.is_banned = True
comment.is_approved = None
comment.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="ban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
Give me a notification whenever one of the other jannies removes a post or comment
2022-05-30 03:01:03 +00:00
fix this https://rdrama.net/post/197158/pov-you-are-a-coyote-you/4809394#context
2023-08-15 22:02:02 +00:00
if comment.parent_post:
dedup sorting in the jinja templates
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
fix this https://rdrama.net/post/197158/pov-you-are-a-coyote-you/4809394#context
2023-08-15 22:02:02 +00:00
cache.delete(f'post_{comment.parent_post}_{sort}')
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment removed!"}
use a cool flask feature i didnt know about
2022-12-29 10:39:10 +00:00
@app.post("/approve_comment/<int:c_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
content moderation permission level holy crap there's a lot
2022-10-06 00:57:08 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
make some function names shorter
2022-08-11 04:05:23 +00:00
def approve_comment(c_id, v):
actually use the get functions
2022-06-24 13:19:53 +00:00
comment = get_comment(c_id)
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
fix this https://rdrama.net/h/music/post/246274/mozart-leck-mich-im-arsch-canon/5950545#context
2024-02-15 21:47:00 +00:00
if comment.chudded and comment.author.chud and comment.ban_reason == 'AutoJanny':
disallow jannies from bypassing the chud award
2023-10-29 14:36:28 +00:00
abort(400, "You can't bypass the chud award!")
mn
2022-05-04 23:09:46 +00:00
if comment.is_banned:
add spaces
2024-01-31 21:56:32 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="unban_comment",
user_id=v.id,
target_comment_id=comment.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
comment.is_banned = False
comment.ban_reason = None
comment.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
fix this https://rdrama.net/post/197158/pov-you-are-a-coyote-you/4809394#context
2023-08-15 22:02:02 +00:00
if comment.parent_post:
dedup sorting in the jinja templates
2023-09-05 14:32:36 +00:00
for sort in COMMENT_SORTS.keys():
fix this https://rdrama.net/post/197158/pov-you-are-a-coyote-you/4809394#context
2023-08-15 22:02:02 +00:00
cache.delete(f'post_{comment.parent_post}_{sort}')
mn
2022-05-04 23:09:46 +00:00
return {"message": "Comment approved!"}
no extra backslash
2024-03-06 22:04:35 +00:00
@app.get("/admin/banned_domains")
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
settings, cache, and domain ban permissions
2022-10-06 04:26:15 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
mn
2022-05-04 23:09:46 +00:00
def admin_banned_domains(v):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
banned_domains = g.db.query(BannedDomain) \
order banned domains by time banned
2023-09-02 07:35:27 +00:00
.order_by(BannedDomain.created_utc).all()
kitchen sink commit
2023-08-11 21:50:23 +00:00
return render_template("admin/banned_domains.html", v=v, banned_domains=banned_domains)
mn
2022-05-04 23:09:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
@app.post("/admin/ban_domain")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
restore banning domains
2022-12-30 16:24:20 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
def ban_domain(v):
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
domain = request.values.get("domain", "").strip().lower()
restore banning domains
2022-12-30 16:24:20 +00:00
if not domain: abort(400)
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
reason = request.values.get("reason", "").strip()
restore banning domains
2022-12-30 16:24:20 +00:00
if not reason: abort(400, 'Reason is required!')
fix xss on banning domains (only admins could use it)
2022-12-27 05:18:46 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
if len(reason) > 100:
consistency in error messages
2024-02-14 09:34:49 +00:00
abort(400, 'Reason is too long (max 100 characters)')
give error when domain ban reason too long
2022-12-27 05:02:14 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
existing = g.db.get(BannedDomain, domain)
restore banning domains
2022-12-30 16:24:20 +00:00
if not existing:
d = BannedDomain(domain=domain, reason=reason)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(d)
restore banning domains
2022-12-30 16:24:20 +00:00
ma = ModAction(
kind="ban_domain",
user_id=v.id,
bleach all mod log notes
2024-03-05 19:18:13 +00:00
_note=f'{domain}, reason: {reason}'
restore banning domains
2022-12-30 16:24:20 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Domain banned successfully!"}
mn
2022-05-04 23:09:46 +00:00
refactor banned domains a little bit
2022-10-20 22:14:25 +00:00
restore banning domains
2022-12-30 16:24:20 +00:00
@app.post("/admin/unban_domain/<path:domain>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
restore banning domains
2022-12-30 16:24:20 +00:00
@admin_level_required(PERMS['DOMAINS_BAN'])
remove typing (useless code bloat)
2023-07-30 00:42:06 +00:00
def unban_domain(v, domain):
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
existing = g.db.get(BannedDomain, domain)
restore banning domains
2022-12-30 16:24:20 +00:00
if not existing: abort(400, 'Domain is not banned!')
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.delete(existing)
restore banning domains
2022-12-30 16:24:20 +00:00
ma = ModAction(
kind="unban_domain",
user_id=v.id,
bleach all mod log notes
2024-03-05 19:18:13 +00:00
_note=domain
restore banning domains
2022-12-30 16:24:20 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
restore banning domains
2022-12-30 16:24:20 +00:00
return {"message": f"{domain} has been unbanned!"}
refactor banned domains a little bit
2022-10-20 22:14:25 +00:00
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/nuke_user")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_nuke_user(v):
add spaces for consistency
2023-08-23 21:57:39 +00:00
user = get_user(request.values.get("user"))
mn
2022-05-04 23:09:46 +00:00
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for post in g.db.query(Post).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if post.is_banned:
continue
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
post.is_banned = True
post.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for comment in g.db.query(Comment).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if comment.is_banned:
continue
comment.is_banned = True
comment.ban_reason = v.username
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="nuke_user",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
make 3 more buttons instant
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been removed!"}
mn
2022-05-04 23:09:46 +00:00
@app.post("/admin/unnuke_user")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
user ban and also fix global hole mod a bit i hope i didn't screw up the templates
2022-10-06 01:58:43 +00:00
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
mn
2022-05-04 23:09:46 +00:00
def admin_nunuke_user(v):
add spaces for consistency
2023-08-23 21:57:39 +00:00
user = get_user(request.values.get("user"))
mn
2022-05-04 23:09:46 +00:00
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for post in g.db.query(Post).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if not post.is_banned:
continue
get rid of useless tabs and spaces
2023-01-01 11:36:20 +00:00
mn
2022-05-04 23:09:46 +00:00
post.is_banned = False
post.ban_reason = None
tweaking bannedfor column
2022-07-12 20:00:19 +00:00
post.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(post)
mn
2022-05-04 23:09:46 +00:00
remove unnecessary .all()
2023-08-05 19:26:42 +00:00
for comment in g.db.query(Comment).filter_by(author_id=user.id):
mn
2022-05-04 23:09:46 +00:00
if not comment.is_banned:
continue
comment.is_banned = False
comment.ban_reason = None
tweaking bannedfor column
2022-07-12 20:00:19 +00:00
comment.is_approved = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(comment)
mn
2022-05-04 23:09:46 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
mn
2022-05-04 23:09:46 +00:00
kind="unnuke_user",
user_id=v.id,
target_user_id=user.id,
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
mn
2022-05-04 23:09:46 +00:00
make 3 more buttons instant
2022-11-07 06:26:41 +00:00
return {"message": f"@{user.username}'s content has been approved!"}
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
@app.post("/blacklist/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
@admin_level_required(PERMS['USER_BLACKLIST'])
def blacklist_user(user_id, v):
user = get_account(user_id)
if user.admin_level > v.admin_level:
abort(403)
user.blacklisted_by = v.id
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
check_for_alts(user)
ma = ModAction(
kind="blacklist_user",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
return {"message": f"@{user.username} has been blacklisted from restricted holes!"}
@app.post("/unblacklist/<int:user_id>")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
@admin_level_required(PERMS['USER_BLACKLIST'])
def unblacklist_user(user_id, v):
user = get_account(user_id)
user.blacklisted_by = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(user)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
for alt in get_alt_graph(user.id):
alt.blacklisted_by = None
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(alt)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
ma = ModAction(
kind="unblacklist_user",
user_id=v.id,
target_user_id=user.id
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add button to blacklist users from restricted holes
2023-01-25 15:41:46 +00:00
return {"message": f"@{user.username} has been unblacklisted from restricted holes!"}
add /admin/delete_media
2023-02-19 19:31:26 +00:00
@app.get('/admin/delete_media')
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
@admin_level_required(PERMS['DELETE_MEDIA'])
def delete_media_get(v):
return render_template("admin/delete_media.html", v=v)
@app.post("/admin/delete_media")
blackjack fix exploit
2023-02-27 05:33:45 +00:00
@limiter.limit('1/second', scope=rpath)
add 1/1 second ratelimiter for user ids to fix blackjack exploit
2023-04-02 06:52:26 +00:00
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit("50/day", deduct_when=lambda response: response.status_code < 400)
@limiter.limit("50/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
@admin_level_required(PERMS['DELETE_MEDIA'])
def delete_media_post(v):
url = request.values.get("url")
if not url:
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "No url provided!")
add /admin/delete_media
2023-02-19 19:31:26 +00:00
allow carp to delete image assets
2023-08-17 00:07:13 +00:00
if not image_link_regex.fullmatch(url) and not video_link_regex.fullmatch(url) and not asset_image_link_regex.fullmatch(url):
remove annoying !
2023-08-17 00:07:29 +00:00
abort(400, "Invalid url")
add /admin/delete_media
2023-02-19 19:31:26 +00:00
fix deleting media
2023-03-25 15:07:12 +00:00
path = url.split(SITE)[1]
add /admin/delete_media
2023-02-19 19:31:26 +00:00
same as last commit
2023-06-26 18:02:15 +00:00
if path.startswith('/1'):
path = '/videos' + path
allow carp to delete image assets
2023-08-17 00:07:13 +00:00
if path.startswith('/assets/images'):
path = 'files' + path.split('?x=')[0]
add /admin/delete_media
2023-02-19 19:31:26 +00:00
if not os.path.isfile(path):
kitchen sink commit
2023-08-11 21:50:23 +00:00
abort(400, "File not found on the server!")
add /admin/delete_media
2023-02-19 19:31:26 +00:00
fix deleting media
2023-03-25 15:07:12 +00:00
os.remove(path)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
remove thumburl and posterurl too
2023-10-17 18:11:57 +00:00
to_delete = g.db.query(Post.thumburl, Post.posterurl).filter_by(url=url).all()
fix
2023-10-17 18:19:41 +00:00
for tup in to_delete:
fix url not being added to modlog when deleting media
2024-02-03 02:55:08 +00:00
for extra_url in tup:
if extra_url:
remove_media_using_link(extra_url)
purge_files_in_cloudflare_cache(extra_url)
remove thumburl and posterurl too
2023-10-17 18:11:57 +00:00
add spaces for consistency
2023-08-23 21:57:39 +00:00
ma = ModAction(
add /admin/delete_media
2023-02-19 19:31:26 +00:00
kind="delete_media",
user_id=v.id,
linkify some notes
2024-03-02 21:07:05 +00:00
_note=f'<a href="{url}">{url}</a>',
add /admin/delete_media
2023-02-19 19:31:26 +00:00
)
revert sqlalchemy changes
2023-03-16 06:27:58 +00:00
g.db.add(ma)
add /admin/delete_media
2023-02-19 19:31:26 +00:00
more accurate function name
2023-09-15 00:07:17 +00:00
purge_files_in_cloudflare_cache(url)
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Media deleted successfully!"}
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
@app.post("/admin/reset_password/<int:user_id>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
dont count failed requests towards ratelimit
2023-07-13 13:50:46 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
@admin_level_required(PERMS['USER_RESET_PASSWORD'])
def admin_reset_password(user_id, v):
user = get_account(user_id)
import consistency
2024-02-21 20:08:33 +00:00
new_password = secrets.token_urlsafe(random.randint(27, 33))
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
user.passhash = hash_password(new_password)
g.db.add(user)
ma = ModAction(
kind="reset_password",
user_id=v.id,
target_user_id=user.id
)
g.db.add(ma)
revert janny protection in WPD
2024-02-18 16:10:24 +00:00
text = f"At your request, @{v.username} (a site admin) has reset your password to `{new_password}`, please change this to something else for personal security reasons. And be sure to save it this time, retard."
add "reset password' button to JL-5
2023-06-30 16:39:24 +00:00
send_repeatable_notification(user.id, text)
fix last commit
2023-12-18 19:34:38 +00:00
text = f"@{user.username}'s new password is `{new_password}`"
stop the 12345678 approach
2023-12-18 19:31:29 +00:00
send_repeatable_notification(v.id, text)
add text blurp
2024-01-02 18:22:50 +00:00
return {"message": f"@{user.username}'s password has been reset! The new password has been messaged to them and to you!"}
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
add more orgy controls
2023-10-13 15:56:12 +00:00
@app.get("/admin/orgies")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@admin_level_required(PERMS['ORGIES'])
def orgy_control(v):
add more orgy controls
2023-10-13 15:56:12 +00:00
orgies = g.db.query(Orgy).order_by(Orgy.start_utc).all()
return render_template("admin/orgy_control.html", v=v, orgies=orgies)
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
@app.post("/admin/schedule_orgy")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@admin_level_required(PERMS['ORGIES'])
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
def schedule_orgy(v):
add file orgies
2023-08-16 20:13:24 +00:00
link = request.values.get("link", "").strip()
title = request.values.get("title", "").strip()
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
start_utc = request.values.get("start_utc", "").strip()
add file orgies
2023-08-16 20:13:24 +00:00
if not link:
abort(400, "A link is required!")
if not title:
abort(400, "A title is required!")
normalized_link = normalize_url(link)
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
if start_utc:
start_utc = int(start_utc)
else:
schedule after last orgy
2024-03-04 00:56:16 +00:00
last_orgy = g.db.query(Orgy).order_by(Orgy.start_utc.desc()).first()
if last_orgy and last_orgy.end_utc:
start_utc = last_orgy.end_utc
else:
start_utc = int(time.time())
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
dynamic duration
2023-10-17 20:56:27 +00:00
end_utc = None
better regex syntax
2023-09-29 03:59:38 +00:00
if bare_youtube_regex.match(normalized_link):
add file orgies
2023-08-16 20:13:24 +00:00
orgy_type = 'youtube'
data, _ = get_youtube_id_and_t(normalized_link)
sync nonlive youtube orgy and make it end automatically
2024-03-02 20:03:21 +00:00
if YOUTUBE_KEY != DEFAULT_CONFIG_VALUE:
req = requests.get(f"https://www.googleapis.com/youtube/v3/videos?id={data}&key={YOUTUBE_KEY}&part=contentDetails", headers=HEADERS, timeout=5).json()
duration = req['items'][0]['contentDetails']['duration']
if duration != 'P0D':
duration = isodate.parse_duration(duration).total_seconds()
end_utc = int(start_utc + duration)
nothing beats a direct link
2024-03-04 00:06:12 +00:00
orgy_type = 'file'
dont use subprocess
2024-03-05 03:02:39 +00:00
ydl_opts = {
"quiet": True,
"simulate": True,
"forceurl": True,
'format': 'b',
'proxy': PROXY_URL
}
with yt_dlp.YoutubeDL(ydl_opts) as ydl:
info = ydl.extract_info(f"https://www.youtube.com/watch?v={data}")
data = info["url"]
better regex syntax
2023-09-29 03:59:38 +00:00
elif rumble_regex.match(normalized_link):
add file orgies
2023-08-16 20:13:24 +00:00
orgy_type = 'rumble'
data = normalized_link
better regex syntax
2023-09-29 03:59:38 +00:00
elif twitch_regex.match(normalized_link):
add file orgies
2023-08-16 20:13:24 +00:00
orgy_type = 'twitch'
better regex syntax
2023-09-29 03:59:38 +00:00
data = twitch_regex.search(normalized_link).group(3)
allow all video formats in orgies
2023-09-13 17:44:19 +00:00
elif any((normalized_link.lower().endswith(f'.{x}') for x in VIDEO_FORMATS)):
add file orgies
2023-08-16 20:13:24 +00:00
orgy_type = 'file'
data = normalized_link
use SITE_FULL
2023-10-18 13:28:01 +00:00
video_info = ffmpeg.probe(data, headers=f'referer:{SITE_FULL}/chat')
dynamic duration
2023-10-17 20:56:27 +00:00
duration = float(video_info['streams'][0]['duration'])
if duration == 2.0: raise
account for break
2023-10-14 19:31:52 +00:00
if duration > 3000:
duration += 300 #account for break
add duration field cuz the probing shit is an unfixable mess
2023-10-13 14:53:41 +00:00
end_utc = int(start_utc + duration)
else:
dynamic duration
2023-10-17 20:56:27 +00:00
abort(400)
add duration field cuz the probing shit is an unfixable mess
2023-10-13 14:53:41 +00:00
fix 500 error
2024-03-05 02:45:39 +00:00
data = data.strip()
add file orgies
2023-08-16 20:13:24 +00:00
orgy = Orgy(
title=title,
type=orgy_type,
add end_utc to manual file orgies too
2023-10-03 07:43:39 +00:00
data=data,
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
start_utc=start_utc,
add end_utc to manual file orgies too
2023-10-03 07:43:39 +00:00
end_utc=end_utc,
add file orgies
2023-08-16 20:13:24 +00:00
)
g.db.add(orgy)
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
add orgy modactions
2023-10-05 16:28:17 +00:00
ma = ModAction(
automate more aspects of mn + allow scheduling orgies
2023-10-12 21:09:38 +00:00
kind="schedule_orgy",
add orgy modactions
2023-10-05 16:28:17 +00:00
user_id=v.id,
fix 500 error
2024-03-05 02:45:39 +00:00
_note=f'<a href="{data}" rel="nofollow noopener">{title}</a>',
add orgy modactions
2023-10-05 16:28:17 +00:00
)
g.db.add(ma)
schedule after last orgy
2024-03-04 00:56:16 +00:00
return redirect('/admin/orgies')
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
add more orgy controls
2023-10-13 15:56:12 +00:00
@app.post("/admin/remove_orgy/<int:created_utc>")
Bring back orgies (watchparties), now controllable by admins, and generally better in all ways (#165) This PR adds orgies back into rdrama. Long ago, snakes made the original orgy code, and it was super fun. But he had to rush it out, and ended up making it a bit unsustainable, and had a couple questionable coding decisions, which meant that it had to be removed. Hey, the man literally did it in a few hours before the DB trial continued, lmao. Anyways, I took my own approach to it. I do not use iframes, i just just repurpose code from /chat window. Because I had that freedom, I also moved things around to make the user experience a bit better. I also added a title to give users some context about what's happening. Check it out ![image](/attachments/6719146c-4922-4d75-967d-8d424a09b198) Most importantly, this is all configurable from the site. Admins with the permission "ORGIES" will see this in their control panel ![image](/attachments/423d6046-a11d-4e84-bd2c-a2a641afd552) Nigga, idk where to put it, so I made my own category. If there is no orgy in progress, admins will see this: ![image](/attachments/7c64b9fa-cdf4-4986-a0c4-f2324878062e) Click the button, and, viola, the orgy begins. If there is an orgy in progress, the page will look like this: ![image](/attachments/b65be4b3-5db1-43cb-8857-7d3a8ea24ca7) Click the button, and the orgy stops. If an orgy is in progress, navigating to /chat will take the user to the orgy seemlessly. But what if they don't want to participate, liek some kind of spoilsport? Just navigate to /old_chat. That's just about it, it's really that simple. I have lots of ideas for the future, but I'll let that wait til later :). A few notes about implementation: - I moved some functionality out of /templates/chat.html and into /templates/util/macros.html. This is just so I could reference the code directly from my new template, /templates/orgy.html. - The orgy is stored as a single row in the new table "orgies". Okay, I know this is a little silly, but you know what they say: "if it's stupid and it works, it's not stupid". (tbf the oceangate ceo also said that) Co-authored-by: Chuck Sneed <sneed@formerlychucks.net> Reviewed-on: https://fsdfsd.net/rDrama/rDrama/pulls/165 Co-authored-by: HeyMoon <heymoon@noreply.fsdfsd.net> Co-committed-by: HeyMoon <heymoon@noreply.fsdfsd.net>
2023-07-02 23:55:37 +00:00
@admin_level_required(PERMS['ORGIES'])
add more orgy controls
2023-10-13 15:56:12 +00:00
def remove_orgy(v, created_utc):
orgy = g.db.query(Orgy).filter_by(created_utc=created_utc).one()
add orgy modactions
2023-10-05 16:28:17 +00:00
ma = ModAction(
add more orgy controls
2023-10-13 15:56:12 +00:00
kind="remove_orgy",
add orgy modactions
2023-10-05 16:28:17 +00:00
user_id=v.id,
bleach all mod log notes
2024-03-05 19:18:13 +00:00
_note=f'<a href="{orgy.data}" rel="nofollow noopener">{orgy.title}</a>',
add orgy modactions
2023-10-05 16:28:17 +00:00
)
g.db.add(ma)
add more orgy controls
2023-10-13 15:56:12 +00:00
started = orgy.started
fix stopping orgy
2023-10-12 21:20:53 +00:00
g.db.delete(orgy)
g.db.commit()
add more orgy controls
2023-10-13 15:56:12 +00:00
if started:
requests.post('http://localhost:5001/refresh_chat', headers={"Host": SITE})
add orgy modactions
2023-10-05 16:28:17 +00:00
kitchen sink commit
2023-08-11 21:50:23 +00:00
return {"message": "Orgy stopped successfully!"}
add "insert transaction" form
2023-10-18 18:17:50 +00:00
@app.get("/admin/insert_transaction")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['INSERT_TRANSACTION'])
def insert_transaction(v):
return render_template("admin/insert_transaction.html", v=v)
@app.post("/admin/insert_transaction")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['INSERT_TRANSACTION'])
def insert_transaction_post(v):
type = request.values.get("type", "").strip()
id = request.values.get("id", "").strip()
amount = request.values.get("amount", "").strip()
username = request.values.get("username", "").strip()
add SOL, DOGE, LTC options in /insert_transactions
2024-02-18 17:42:54 +00:00
if type not in {'BMAC', 'BTC', 'ETH', 'XMR', 'SOL', 'DOGE', 'LTC'}:
add "insert transaction" form
2023-10-18 18:17:50 +00:00
abort(400, "Invalid transaction currency!")
add BMAC TX type to rdrama
2024-02-03 03:13:35 +00:00
if type == 'BMAC':
id = 'BMAC-' + str(int(time.time()))
add "insert transaction" form
2023-10-18 18:17:50 +00:00
if not id:
abort(400, "A transaction ID is required!")
if not amount:
abort(400, "A transaction amount is required!")
if not username:
abort(400, "A username is required!")
amount = int(amount)
handle someone registering an existing transaction
2023-10-18 18:30:11 +00:00
existing = g.db.get(Transaction, id)
if existing:
abort(400, "This transaction is already registered!")
add "insert transaction" form
2023-10-18 18:17:50 +00:00
user = get_user(username)
if not user.email:
abort(400, f"@{user.username} doesn't have an email tied to their account!")
transaction = Transaction(
id=id,
created_utc=time.time(),
type=type,
amount=amount,
email=user.email,
)
g.db.add(transaction)
ma = ModAction(
kind="insert_transaction",
user_id=v.id,
target_user_id=user.id,
Revert "bleach all mod notes just in case (and also for easier linkfying)" This reverts commit 22e5890bcd871006c6d404c615e0edaf1d74cd49.
2024-03-02 21:01:29 +00:00
_note=f'Transaction ID: {id}',
add "insert transaction" form
2023-10-18 18:17:50 +00:00
)
g.db.add(ma)
claim_rewards_all_users()
return {"message": "Transaction inserted successfully!"}
fix /admin in localhost
2024-01-31 23:27:01 +00:00
@app.get("/admin/under_siege")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CHANGE_UNDER_SIEGE'])
def change_under_siege(v):
thresholds = cache.get("under_siege_thresholds")
if not thresholds:
thresholds = DEFAULT_UNDER_SIEGE_THRESHOLDS
cache.set("under_siege_thresholds", thresholds)
return render_template('admin/under_siege.html', v=v, thresholds=thresholds)
@app.post("/admin/under_siege")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['CHANGE_UNDER_SIEGE'])
def change_under_siege_post(v):
thresholds = {}
for key in DEFAULT_UNDER_SIEGE_THRESHOLDS.keys():
thresholds[key] = int(request.values.get(key))
cache.set("under_siege_thresholds", thresholds)
make modaction when under siege is changed
2024-02-05 05:47:26 +00:00
ma = ModAction(
kind="change_under_siege",
user_id=v.id,
)
g.db.add(ma)
fix /admin in localhost
2024-01-31 23:27:01 +00:00
return {"message": "Thresholds changed successfully!"}
add ip templates
2024-02-06 01:19:38 +00:00
if FEATURES['IP_LOGGING']:
no extra backslash
2024-03-06 22:04:35 +00:00
@app.get("/@<username>/ips")
add ip templates
2024-02-06 01:19:38 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['VIEW_IPS'])
def view_user_ips(v, username):
u = get_user(username, v=v)
ip_logs = g.db.query(IPLog).filter_by(user_id=u.id).order_by(IPLog.last_used.desc())
return render_template('admin/user_ips.html', v=v, u=u, ip_logs=ip_logs)
@app.get("/ip_users/<ip>")
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['VIEW_IPS'])
def view_ip_users(v, ip):
ip_logs = g.db.query(IPLog).filter_by(ip=ip).order_by(IPLog.last_used.desc())
return render_template('admin/ip_users.html', v=v, ip=ip, ip_logs=ip_logs)
add effortpost marking
2024-02-06 22:04:43 +00:00
@app.post("/mark_effortpost/<int:pid>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['MARK_EFFORTPOST'])
def mark_effortpost(pid, v):
p = get_post(pid)
if p.effortpost:
abort(400, "Post is already marked as an effortpost!")
count lines
2024-03-02 10:40:34 +00:00
if SITE_NAME == 'WPD':
min_chars = 2000
min_lines = 10
else:
min_chars = 3000
reduce to 40
2024-03-02 17:42:50 +00:00
min_lines = 40
wpd 2000 chars
2024-02-29 13:42:03 +00:00
count lines
2024-03-02 10:40:34 +00:00
if len(p.body) < min_chars or p.body.count('\n') < min_lines:
abort(403, "Post is too short!")
restore rdrama jannies ability to mark effortposts
2024-02-28 18:17:03 +00:00
add effortpost marking
2024-02-06 22:04:43 +00:00
p.effortpost = True
g.db.add(p)
fix badge logic
2024-02-18 18:39:57 +00:00
if p.author.effortposts_made >= 99:
badge_grant(badge_id=330, user=p.author)
elif p.author.effortposts_made >= 9:
badge_grant(badge_id=329, user=p.author)
auto-grant effortpost badges
2024-02-18 18:08:06 +00:00
else:
fix badge logic
2024-02-18 18:39:57 +00:00
badge_grant(badge_id=328, user=p.author)
auto-grant effortpost badges
2024-02-18 18:08:06 +00:00
add effortpost marking
2024-02-06 22:04:43 +00:00
ma = ModAction(
kind = "mark_effortpost",
user_id = v.id,
target_post_id = p.id,
)
g.db.add(ma)
if SITE_NAME == 'WPD':
fix bad math
2024-02-07 23:47:02 +00:00
mul = 7
add effortpost marking
2024-02-06 22:04:43 +00:00
else:
fix bad math
2024-02-07 23:47:02 +00:00
mul = 3
add effortpost marking
2024-02-06 22:04:43 +00:00
coins = (p.upvotes + p.downvotes) * mul
fix 500 error
2024-03-02 17:43:56 +00:00
p.author.pay_account('coins', coins, f"Retroactive efortpost gains of {p.textlink}")
actually give them the coins
2024-02-06 23:45:30 +00:00
dont notify urself
2024-02-17 13:34:38 +00:00
if v.id != p.author_id:
use textlink
2024-02-28 16:01:48 +00:00
send_repeatable_notification(p.author_id, f":marseyclapping: @{v.username} (a site admin) has marked {p.textlink} as an effortpost, it now gets x{mul} coins from votes. You have received {coins} coins retroactively, thanks! :!marseyclapping:")
add effortpost marking
2024-02-06 22:04:43 +00:00
return {"message": "Post has been marked as an effortpost!"}
@app.post("/unmark_effortpost/<int:pid>")
@limiter.limit('1/second', scope=rpath)
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
@admin_level_required(PERMS['MARK_EFFORTPOST'])
def unmark_effortpost(pid, v):
p = get_post(pid)
if not p.effortpost:
abort(400, "Post is already not marked as an effortpost!")
p.effortpost = False
g.db.add(p)
ma = ModAction(
kind = "unmark_effortpost",
user_id = v.id,
target_post_id = p.id,
)
g.db.add(ma)
if SITE_NAME == 'WPD':
fix bad math
2024-02-07 23:47:02 +00:00
mul = 7
add effortpost marking
2024-02-06 22:04:43 +00:00
else:
fix bad math
2024-02-07 23:47:02 +00:00
mul = 3
add effortpost marking
2024-02-06 22:04:43 +00:00
coins = (p.upvotes + p.downvotes) * mul
fix 500 error
2024-03-03 18:05:45 +00:00
p.author.charge_account('coins', coins, f"Revocation of efortpost gains of {p.textlink}")
actually give them the coins
2024-02-06 23:45:30 +00:00
dont notify urself
2024-02-17 13:34:38 +00:00
if v.id != p.author_id:
use textlink
2024-02-28 16:01:48 +00:00
send_repeatable_notification(p.author_id, f":marseyitsover: @{v.username} (a site admin) has unmarked {p.textlink} as an effortpost. {coins} coins have been deducted from you. :!marseyitsover:")
add effortpost marking
2024-02-06 22:04:43 +00:00
return {"message": "Post has been unmarked as an effortpost!"}
add edit logs
2024-03-07 22:52:55 +00:00
use versions verbiage
2024-03-08 01:56:24 +00:00
@app.get("/versions/<link>")
add edit logs
2024-03-07 22:52:55 +00:00
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
do this https://rdrama.net/h/meta/post/251669/rdrama-now-has-edit-logs-was/6071469#context
2024-03-08 00:50:05 +00:00
@auth_required
use versions verbiage
2024-03-08 01:56:24 +00:00
def VIEW_VERSIONs(v, link):
add edit logs
2024-03-07 22:52:55 +00:00
try:
if "p_" in link: obj = get_post(int(link.split("p_")[1]), v=v)
elif "c_" in link: obj = get_comment(int(link.split("c_")[1]), v=v)
else: abort(400)
except: abort(400)
use versions verbiage
2024-03-08 01:56:24 +00:00
if v.id != obj.author_id and v.admin_level < PERMS['VIEW_VERSIONS']:
do this https://rdrama.net/h/meta/post/251669/rdrama-now-has-edit-logs-was/6071469#context
2024-03-08 00:50:05 +00:00
abort(403, "You can't view other people's edits!")
add edit logs
2024-03-07 22:52:55 +00:00
return render_template("edits.html", v=v, obj=obj)