2021-08-03 17:55:02 +00:00
|
|
|
import traceback
|
|
|
|
|
import sys
|
|
|
|
|
|
2021-08-04 15:35:10 +00:00
|
|
|
from files.helpers.wrappers import *
|
|
|
|
|
from files.helpers.filters import *
|
|
|
|
|
from files.helpers.alerts import *
|
|
|
|
|
from files.helpers.images import *
|
|
|
|
|
from files.helpers.session import *
|
2021-08-21 11:06:28 +00:00
|
|
|
from files.helpers.const import *
|
2021-08-04 15:35:10 +00:00
|
|
|
from files.classes import *
|
|
|
|
|
from files.routes.front import comment_idlist
|
2021-08-11 02:54:52 +00:00
|
|
|
from pusher_push_notifications import PushNotifications
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
from flask import *
|
2021-08-04 15:35:10 +00:00
|
|
|
from files.__main__ import app, limiter
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-05 14:41:32 +00:00
|
|
|
site = environ.get("DOMAIN").strip()
|
2021-08-02 14:27:20 +00:00
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
beams_client = PushNotifications(
|
2021-08-21 11:06:28 +00:00
|
|
|
instance_id=PUSHER_INSTANCE_ID,
|
2021-07-21 01:12:26 +00:00
|
|
|
secret_key=PUSHER_KEY,
|
|
|
|
|
)
|
|
|
|
|
|
2021-07-27 22:31:28 +00:00
|
|
|
@app.get("/comment/<cid>")
|
|
|
|
|
@app.get("/post/<pid>/<anything>/<cid>")
|
2021-08-13 01:38:51 +00:00
|
|
|
@app.get("/logged_out/comment/<cid>")
|
2021-08-13 02:55:52 +00:00
|
|
|
@app.get("/logged_out/post/<pid>/<anything>/<cid>")
|
2021-07-21 01:12:26 +00:00
|
|
|
@auth_desired
|
|
|
|
|
def post_pid_comment_cid(cid, pid=None, anything=None, v=None):
|
|
|
|
|
|
2021-09-13 17:10:03 +00:00
|
|
|
if not v and not request.path.startswith('/logged_out'): return redirect(f"/logged_out/comment/{cid}")
|
2021-08-13 01:38:51 +00:00
|
|
|
|
2021-09-13 17:10:03 +00:00
|
|
|
if v and request.full_path.startswith('/logged_out'): v = None
|
2021-08-13 18:53:11 +00:00
|
|
|
|
2021-07-30 06:17:38 +00:00
|
|
|
try: cid = int(cid)
|
2021-07-31 06:59:18 +00:00
|
|
|
except:
|
|
|
|
|
try: cid = int(cid, 36)
|
|
|
|
|
except: abort(404)
|
2021-07-30 06:17:38 +00:00
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
comment = get_comment(cid, v=v)
|
|
|
|
|
|
2021-09-13 21:43:34 +00:00
|
|
|
if comment.post and comment.post.club and not (v and v.paid_dues): abort(403)
|
2021-09-12 01:57:48 +00:00
|
|
|
|
2021-08-19 18:32:37 +00:00
|
|
|
if not comment.parent_submission and not (v and (comment.author.id == v.id or comment.sentto == v.id)) and not (v and v.admin_level == 6) : abort(403)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if not pid:
|
|
|
|
|
if comment.parent_submission: pid = comment.parent_submission
|
2021-09-05 09:37:05 +00:00
|
|
|
elif "rdrama" in request.host: pid = 6489
|
2021-09-13 17:03:46 +00:00
|
|
|
elif 'pcmemes.net' in request.host: pid = 382
|
2021-09-05 09:37:05 +00:00
|
|
|
else: pid = 1
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
try: pid = int(pid)
|
|
|
|
|
except: abort(404)
|
|
|
|
|
|
|
|
|
|
post = get_post(pid, v=v)
|
|
|
|
|
|
2021-07-26 17:47:52 +00:00
|
|
|
if post.over_18 and not (v and v.over_18) and not session.get('over_18', 0) >= int(time.time()):
|
2021-07-31 05:28:05 +00:00
|
|
|
if request.headers.get("Authorization"): return {'error': f'This content is not suitable for some users and situations.'}
|
|
|
|
|
else: render_template("errors/nsfw.html", v=v)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-07 23:23:10 +00:00
|
|
|
post._preloaded_comments = [comment]
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# context improver
|
2021-07-22 14:54:19 +00:00
|
|
|
try: context = int(request.args.get("context", 0))
|
|
|
|
|
except: context = 0
|
2021-08-07 23:14:32 +00:00
|
|
|
comment_info = comment
|
2021-08-07 23:23:10 +00:00
|
|
|
c = comment
|
|
|
|
|
while context > 0 and c.level > 1:
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-07 23:23:10 +00:00
|
|
|
parent = get_comment(c.parent_comment_id, v=v)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-07 23:23:10 +00:00
|
|
|
post._preloaded_comments += [parent]
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-07 23:23:10 +00:00
|
|
|
c = parent
|
2021-07-21 01:12:26 +00:00
|
|
|
context -= 1
|
2021-08-07 23:23:10 +00:00
|
|
|
top_comment = c
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if v: defaultsortingcomments = v.defaultsortingcomments
|
|
|
|
|
else: defaultsortingcomments = "top"
|
|
|
|
|
sort=request.args.get("sort", defaultsortingcomments)
|
|
|
|
|
|
2021-08-07 23:14:32 +00:00
|
|
|
post.replies=[top_comment]
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-11 03:24:13 +00:00
|
|
|
if v:
|
2021-09-17 12:07:17 +00:00
|
|
|
votes = g.db.query(CommentVote).options(lazyload('*')).filter_by(user_id=v.id).subquery()
|
2021-08-11 03:24:13 +00:00
|
|
|
|
2021-09-17 12:07:17 +00:00
|
|
|
blocking = v.blocking.subquery()
|
2021-08-11 03:24:13 +00:00
|
|
|
|
2021-09-17 12:07:17 +00:00
|
|
|
blocked = v.blocked.subquery()
|
2021-08-11 03:24:13 +00:00
|
|
|
|
|
|
|
|
comments = g.db.query(
|
|
|
|
|
Comment,
|
|
|
|
|
votes.c.vote_type,
|
|
|
|
|
blocking.c.id,
|
|
|
|
|
blocked.c.id,
|
|
|
|
|
)
|
2021-09-14 18:23:47 +00:00
|
|
|
|
|
|
|
|
if not (v and v.shadowbanned) and not (v and v.admin_level == 6):
|
|
|
|
|
comments = comments.join(Comment.author).filter(User.shadowbanned == False)
|
|
|
|
|
|
2021-08-11 03:24:13 +00:00
|
|
|
if v.admin_level >=4:
|
|
|
|
|
comments=comments.options(joinedload(Comment.oauth_app))
|
|
|
|
|
|
|
|
|
|
comments=comments.filter(
|
|
|
|
|
Comment.parent_submission == post.id
|
|
|
|
|
).join(
|
|
|
|
|
votes,
|
|
|
|
|
votes.c.comment_id == Comment.id,
|
|
|
|
|
isouter=True
|
|
|
|
|
).join(
|
|
|
|
|
blocking,
|
|
|
|
|
blocking.c.target_id == Comment.author_id,
|
|
|
|
|
isouter=True
|
|
|
|
|
).join(
|
|
|
|
|
blocked,
|
|
|
|
|
blocked.c.user_id == Comment.author_id,
|
|
|
|
|
isouter=True
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
for c in comments:
|
|
|
|
|
comment = c[0]
|
|
|
|
|
comment.voted = c[1] or 0
|
2021-09-09 14:15:27 +00:00
|
|
|
comment._is_blocking = c[2] or 0
|
|
|
|
|
comment._is_blocked = c[3] or 0
|
2021-08-11 03:24:13 +00:00
|
|
|
|
2021-08-07 23:14:32 +00:00
|
|
|
if request.headers.get("Authorization"): return top_comment.json
|
|
|
|
|
else: return post.rendered_page(v=v, sort=sort, comment=top_comment, comment_info=comment_info)
|
2021-07-31 05:59:25 +00:00
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-31 06:55:22 +00:00
|
|
|
@app.post("/comment")
|
2021-07-21 01:12:26 +00:00
|
|
|
@limiter.limit("6/minute")
|
|
|
|
|
@is_not_banned
|
|
|
|
|
@validate_formkey
|
|
|
|
|
def api_comment(v):
|
|
|
|
|
|
2021-07-30 05:31:38 +00:00
|
|
|
parent_submission = request.form.get("submission")
|
2021-07-21 01:12:26 +00:00
|
|
|
parent_fullname = request.form.get("parent_fullname")
|
|
|
|
|
|
|
|
|
|
# get parent item info
|
|
|
|
|
parent_id = parent_fullname.split("_")[1]
|
|
|
|
|
if parent_fullname.startswith("t2"):
|
|
|
|
|
parent_post = get_post(parent_id, v=v)
|
2021-09-17 14:07:08 +00:00
|
|
|
if parent_post.club and not (v and v.paid_dues): abort(403)
|
2021-07-21 01:12:26 +00:00
|
|
|
parent = parent_post
|
|
|
|
|
parent_comment_id = None
|
|
|
|
|
level = 1
|
2021-07-30 05:31:38 +00:00
|
|
|
parent_submission = parent_id
|
2021-07-21 01:12:26 +00:00
|
|
|
elif parent_fullname.startswith("t3"):
|
|
|
|
|
parent = get_comment(parent_id, v=v)
|
|
|
|
|
parent_comment_id = parent.id
|
|
|
|
|
level = parent.level + 1
|
|
|
|
|
parent_id = parent.parent_submission
|
|
|
|
|
parent_submission = parent_id
|
2021-07-30 05:31:38 +00:00
|
|
|
parent_post = get_post(parent_id)
|
2021-07-21 01:12:26 +00:00
|
|
|
else:
|
|
|
|
|
abort(400)
|
|
|
|
|
|
|
|
|
|
#process and sanitize
|
2021-08-02 07:37:46 +00:00
|
|
|
body = request.form.get("body", "")[:10000]
|
2021-07-21 01:12:26 +00:00
|
|
|
body = body.strip()
|
|
|
|
|
|
2021-08-11 17:01:19 +00:00
|
|
|
if not body and not request.files.get('file'): return {"error":"You need to actually write something!"}, 400
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-17 15:52:00 +00:00
|
|
|
for i in re.finditer('^(https:\/\/.*\.(png|jpg|jpeg|gif|webp|PNG|JPG|JPEG|GIF|WEBP|9999))', body, re.MULTILINE):
|
2021-09-15 12:43:46 +00:00
|
|
|
if "wikipedia" not in i.group(1): body = body.replace(i.group(1), f'})')
|
2021-09-03 17:09:42 +00:00
|
|
|
body = body.replace("\n", "\n\n").replace("\n\n\n\n\n\n", "\n\n").replace("\n\n\n\n", "\n\n").replace("\n\n\n", "\n\n")
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# Run safety filter
|
|
|
|
|
bans = filter_comment_html(body_html)
|
|
|
|
|
|
|
|
|
|
if bans:
|
|
|
|
|
ban = bans[0]
|
|
|
|
|
reason = f"Remove the {ban.domain} link from your comment and try again."
|
|
|
|
|
if ban.reason:
|
2021-08-03 12:20:40 +00:00
|
|
|
reason += f" {ban.reason}"
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
#auto ban for digitally malicious content
|
|
|
|
|
if any([x.reason==4 for x in bans]):
|
|
|
|
|
v.ban(days=30, reason="Digitally malicious content")
|
|
|
|
|
if any([x.reason==7 for x in bans]):
|
|
|
|
|
v.ban( reason="Sexualizing minors")
|
2021-08-11 17:01:19 +00:00
|
|
|
return {"error": reason}, 401
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# check existing
|
2021-09-17 08:29:05 +00:00
|
|
|
existing = g.db.query(Comment).join(CommentAux).options(lazyload('*')).filter(Comment.author_id == v.id,
|
2021-07-21 01:12:26 +00:00
|
|
|
Comment.deleted_utc == 0,
|
|
|
|
|
Comment.parent_comment_id == parent_comment_id,
|
|
|
|
|
Comment.parent_submission == parent_submission,
|
|
|
|
|
CommentAux.body == body
|
|
|
|
|
).options(contains_eager(Comment.comment_aux)).first()
|
|
|
|
|
if existing:
|
2021-08-11 17:01:19 +00:00
|
|
|
return {"error": f"You already made that comment: {existing.permalink}"}, 409
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if parent.author.any_block_exists(v) and not v.admin_level>=3:
|
2021-08-11 17:01:19 +00:00
|
|
|
return {"error": "You can't reply to users who have blocked you, or users you have blocked."}, 403
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# get bot status
|
|
|
|
|
is_bot = request.headers.get("X-User-Type","")=="Bot"
|
|
|
|
|
|
|
|
|
|
# check spam - this should hopefully be faster
|
|
|
|
|
if not is_bot:
|
|
|
|
|
now = int(time.time())
|
|
|
|
|
cutoff = now - 60 * 60 * 24
|
|
|
|
|
|
|
|
|
|
similar_comments = g.db.query(Comment
|
|
|
|
|
).options(
|
|
|
|
|
lazyload('*')
|
|
|
|
|
).join(Comment.comment_aux
|
|
|
|
|
).filter(
|
|
|
|
|
Comment.author_id == v.id,
|
|
|
|
|
CommentAux.body.op(
|
|
|
|
|
'<->')(body) < app.config["COMMENT_SPAM_SIMILAR_THRESHOLD"],
|
|
|
|
|
Comment.created_utc > cutoff
|
|
|
|
|
).options(contains_eager(Comment.comment_aux)).all()
|
|
|
|
|
|
|
|
|
|
threshold = app.config["COMMENT_SPAM_COUNT_THRESHOLD"]
|
|
|
|
|
if v.age >= (60 * 60 * 24 * 7):
|
|
|
|
|
threshold *= 3
|
|
|
|
|
elif v.age >= (60 * 60 * 24):
|
|
|
|
|
threshold *= 2
|
|
|
|
|
|
|
|
|
|
if len(similar_comments) > threshold:
|
2021-08-04 16:00:57 +00:00
|
|
|
text = "Your account has been suspended for 1 day for the following reason:\n\n> Too much spam!"
|
2021-08-21 11:06:28 +00:00
|
|
|
send_notification(NOTIFICATIONS_ACCOUNT, v, text)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
v.ban(reason="Spamming.",
|
|
|
|
|
days=1)
|
|
|
|
|
|
|
|
|
|
for alt in v.alts:
|
|
|
|
|
if not alt.is_suspended:
|
2021-07-30 08:37:55 +00:00
|
|
|
alt.ban(reason="Spamming.", days=1)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
for comment in similar_comments:
|
|
|
|
|
comment.is_banned = True
|
|
|
|
|
comment.ban_reason = "Automatic spam removal. This happened because the post's creator submitted too much similar content too quickly."
|
|
|
|
|
g.db.add(comment)
|
|
|
|
|
ma=ModAction(
|
2021-08-21 11:06:28 +00:00
|
|
|
user_id=AUTOJANNY_ACCOUNT,
|
2021-07-21 01:12:26 +00:00
|
|
|
target_comment_id=comment.id,
|
|
|
|
|
kind="ban_comment",
|
|
|
|
|
note="spam"
|
|
|
|
|
)
|
|
|
|
|
g.db.add(ma)
|
|
|
|
|
|
2021-08-11 17:01:19 +00:00
|
|
|
return {"error": "Too much spam!"}, 403
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# check badlinks
|
|
|
|
|
soup = BeautifulSoup(body_html, features="html.parser")
|
|
|
|
|
links = [x['href'] for x in soup.find_all('a') if x.get('href')]
|
|
|
|
|
|
|
|
|
|
for link in links:
|
|
|
|
|
parse_link = urlparse(link)
|
|
|
|
|
check_url = ParseResult(scheme="https",
|
|
|
|
|
netloc=parse_link.netloc,
|
|
|
|
|
path=parse_link.path,
|
|
|
|
|
params=parse_link.params,
|
|
|
|
|
query=parse_link.query,
|
|
|
|
|
fragment='')
|
|
|
|
|
check_url = urlunparse(check_url)
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
badlink = g.db.query(BadLink).options(lazyload('*')).filter(
|
2021-07-21 01:12:26 +00:00
|
|
|
literal(check_url).contains(
|
|
|
|
|
BadLink.link)).first()
|
|
|
|
|
|
2021-08-11 17:01:19 +00:00
|
|
|
if badlink: return {"error": f"Remove the following link and try again: `{check_url}`. Reason: {badlink.reason}"}, 403
|
2021-07-21 01:12:26 +00:00
|
|
|
# create comment
|
2021-07-25 23:59:02 +00:00
|
|
|
parent_id = parent_fullname.split("_")[1]
|
2021-07-21 01:12:26 +00:00
|
|
|
c = Comment(author_id=v.id,
|
|
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
parent_comment_id=parent_comment_id,
|
|
|
|
|
level=level,
|
2021-07-26 03:26:57 +00:00
|
|
|
over_18=parent_post.over_18 or request.form.get("over_18","")=="true",
|
2021-07-21 01:12:26 +00:00
|
|
|
is_bot=is_bot,
|
2021-08-23 19:23:31 +00:00
|
|
|
app_id=v.client.application.id if v.client else None
|
2021-07-21 01:12:26 +00:00
|
|
|
)
|
2021-08-22 11:29:00 +00:00
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
g.db.add(c)
|
|
|
|
|
g.db.flush()
|
2021-08-22 11:29:00 +00:00
|
|
|
|
2021-07-31 09:00:56 +00:00
|
|
|
if request.files.get("file") and request.headers.get("cf-ipcountry") != "T1":
|
2021-07-27 21:35:50 +00:00
|
|
|
file=request.files["file"]
|
2021-08-11 17:01:19 +00:00
|
|
|
if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
|
2021-09-10 04:49:36 +00:00
|
|
|
if request.content_length > 16 * 1024 * 1024:
|
|
|
|
|
g.db.rollback()
|
|
|
|
|
abort(413)
|
|
|
|
|
|
2021-09-15 00:58:45 +00:00
|
|
|
url = upload_ibb(file=file)
|
2021-07-27 21:35:50 +00:00
|
|
|
|
|
|
|
|
body = request.form.get("body") + f"\n"
|
2021-09-03 17:09:42 +00:00
|
|
|
body = body.replace("\n", "\n\n").replace("\n\n\n\n\n\n", "\n\n").replace("\n\n\n\n", "\n\n").replace("\n\n\n", "\n\n")
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-02 14:38:33 +00:00
|
|
|
if len(body_html) > 20000: abort(400)
|
2021-07-21 01:12:26 +00:00
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c.id,
|
2021-09-02 14:38:33 +00:00
|
|
|
body_html=body_html,
|
2021-08-31 17:34:05 +00:00
|
|
|
body=body[:10000]
|
2021-07-21 01:12:26 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
2021-09-13 17:03:46 +00:00
|
|
|
if 'pcmemes.net' in request.host and c_aux.body.lower().startswith("based"):
|
2021-09-03 22:24:25 +00:00
|
|
|
pill = re.match("based and (.{1,20}?)(-| )pilled", body, re.IGNORECASE)
|
2021-09-03 22:21:47 +00:00
|
|
|
|
2021-09-03 21:10:32 +00:00
|
|
|
c_based = Comment(author_id=BASEDBOT_ACCOUNT,
|
2021-09-03 21:04:04 +00:00
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
distinguish_level=6,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c_based)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
2021-09-03 21:49:08 +00:00
|
|
|
if level == 1: basedguy = get_account(c.post.author_id)
|
2021-09-03 21:45:30 +00:00
|
|
|
else: basedguy = get_account(c.parent_comment.author_id)
|
2021-09-03 21:04:04 +00:00
|
|
|
basedguy.basedcount += 1
|
2021-09-03 22:27:55 +00:00
|
|
|
if pill: basedguy.pills += f"{pill.group(1)}, "
|
2021-09-03 21:04:04 +00:00
|
|
|
g.db.add(basedguy)
|
|
|
|
|
|
2021-09-03 22:21:47 +00:00
|
|
|
body2 = BASED_MSG.format(username=basedguy.username, basedcount=basedguy.basedcount, pills=basedguy.pills)
|
2021-09-03 21:04:04 +00:00
|
|
|
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body2))
|
2021-09-03 21:04:04 +00:00
|
|
|
|
|
|
|
|
body_based_html = sanitize(body_md)
|
|
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c_based.id,
|
|
|
|
|
body_html=body_based_html,
|
|
|
|
|
body=body2
|
|
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
2021-09-03 21:08:53 +00:00
|
|
|
|
2021-09-03 21:04:04 +00:00
|
|
|
n = Notification(comment_id=c_based.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
if "rdrama" in request.host and "ivermectin" in c_aux.body.lower():
|
2021-09-01 20:51:47 +00:00
|
|
|
|
|
|
|
|
c.is_banned = True
|
|
|
|
|
c.ban_reason = "ToS Violation"
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
|
|
|
|
|
|
|
|
|
c_jannied = Comment(author_id=AUTOJANNY_ACCOUNT,
|
|
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
distinguish_level=6,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c_jannied)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
2021-09-02 00:03:44 +00:00
|
|
|
body2 = VAXX_MSG.format(username=v.username)
|
2021-09-01 20:51:47 +00:00
|
|
|
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body2))
|
2021-09-01 20:51:47 +00:00
|
|
|
|
|
|
|
|
body_jannied_html = sanitize(body_md)
|
|
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c_jannied.id,
|
|
|
|
|
body_html=body_jannied_html,
|
2021-09-02 00:03:44 +00:00
|
|
|
body=body2
|
2021-09-01 20:51:47 +00:00
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
n = Notification(comment_id=c_jannied.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
2021-07-21 21:36:46 +00:00
|
|
|
if v.agendaposter and "trans lives matter" not in c_aux.body_html.lower():
|
|
|
|
|
|
|
|
|
|
c.is_banned = True
|
|
|
|
|
c.ban_reason = "ToS Violation"
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
|
|
|
|
|
2021-08-21 11:06:28 +00:00
|
|
|
c_jannied = Comment(author_id=AUTOJANNY_ACCOUNT,
|
2021-07-21 21:36:46 +00:00
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
distinguish_level=6,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c_jannied)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
2021-08-21 11:06:28 +00:00
|
|
|
body = AGENDAPOSTER_MSG.format(username=v.username)
|
2021-07-21 21:36:46 +00:00
|
|
|
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-07-21 21:36:46 +00:00
|
|
|
|
|
|
|
|
body_jannied_html = sanitize(body_md)
|
|
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c_jannied.id,
|
|
|
|
|
body_html=body_jannied_html,
|
|
|
|
|
body=body
|
|
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
n = Notification(comment_id=c_jannied.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
2021-08-19 19:22:10 +00:00
|
|
|
if "rdrama" in request.host and len(body) >= 1000 and v.username != "Snappy" and "</blockquote>" not in body_html:
|
2021-08-21 11:06:28 +00:00
|
|
|
c2 = Comment(author_id=LONGPOSTBOT_ACCOUNT,
|
2021-07-21 01:12:26 +00:00
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c2)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
2021-08-21 11:06:28 +00:00
|
|
|
body = random.choice(LONGPOST_REPLIES)
|
2021-09-03 17:09:42 +00:00
|
|
|
body = body.replace("\n", "\n\n").replace("\n\n\n\n\n\n", "\n\n").replace("\n\n\n\n", "\n\n").replace("\n\n\n", "\n\n")
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html2 = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c2.id,
|
|
|
|
|
body_html=body_html2,
|
|
|
|
|
body=body
|
|
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
n = Notification(comment_id=c2.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-08-19 19:22:10 +00:00
|
|
|
if "rdrama" in request.host and random.random() < 0.001 and v.username != "Snappy" and v.username != "zozbot":
|
2021-07-21 01:12:26 +00:00
|
|
|
c2 = Comment(author_id=1833,
|
|
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c2)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
|
|
|
|
body = "zoz"
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html2 = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c2.id,
|
|
|
|
|
body_html=body_html2,
|
|
|
|
|
body=body
|
|
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
n = Notification(comment_id=c2.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
c3 = Comment(author_id=1833,
|
|
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
parent_comment_id=c2.id,
|
|
|
|
|
level=level+2,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c3)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
|
|
|
|
body = "zle"
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html2 = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c3.id,
|
|
|
|
|
body_html=body_html2,
|
|
|
|
|
body=body
|
|
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
c4 = Comment(author_id=1833,
|
|
|
|
|
parent_submission=parent_submission,
|
|
|
|
|
parent_comment_id=c3.id,
|
|
|
|
|
level=level+3,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c4)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
|
|
|
|
body = "zozzle"
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html2 = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c4.id,
|
|
|
|
|
body_html=body_html2,
|
|
|
|
|
body=body
|
|
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-07-26 02:45:35 +00:00
|
|
|
if not v.shadowbanned:
|
2021-07-22 11:32:47 +00:00
|
|
|
# queue up notification for parent author
|
|
|
|
|
notify_users = set()
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
for x in g.db.query(Subscription.user_id).options(lazyload('*')).filter_by(submission_id=c.parent_submission).all():
|
2021-08-25 17:42:35 +00:00
|
|
|
notify_users.add(x[0])
|
2021-07-22 11:32:47 +00:00
|
|
|
|
|
|
|
|
if parent.author.id != v.id: notify_users.add(parent.author.id)
|
|
|
|
|
|
|
|
|
|
soup = BeautifulSoup(body_html, features="html.parser")
|
|
|
|
|
mentions = soup.find_all("a", href=re.compile("^/@(\w+)"))
|
|
|
|
|
for mention in mentions:
|
|
|
|
|
username = mention["href"].split("@")[1]
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
user = g.db.query(User).options(lazyload('*')).filter_by(username=username).first()
|
2021-07-22 11:32:47 +00:00
|
|
|
|
|
|
|
|
if user:
|
|
|
|
|
if v.any_block_exists(user):
|
|
|
|
|
continue
|
|
|
|
|
if user.id != v.id:
|
|
|
|
|
notify_users.add(user.id)
|
|
|
|
|
for x in notify_users:
|
|
|
|
|
n = Notification(comment_id=c.id, user_id=x)
|
|
|
|
|
g.db.add(n)
|
2021-08-25 17:38:37 +00:00
|
|
|
g.db.flush()
|
2021-07-22 11:32:47 +00:00
|
|
|
|
|
|
|
|
if parent.author.id != v.id:
|
2021-08-03 17:55:02 +00:00
|
|
|
try:
|
|
|
|
|
beams_client.publish_to_interests(
|
|
|
|
|
interests=[str(parent.author.id)],
|
|
|
|
|
publish_body={
|
|
|
|
|
'web': {
|
|
|
|
|
'notification': {
|
|
|
|
|
'title': f'New reply by @{v.username}',
|
|
|
|
|
'body': c.body,
|
|
|
|
|
'deep_link': f'https://{site}{c.permalink}?context=5#context',
|
|
|
|
|
},
|
|
|
|
|
},
|
2021-07-22 11:32:47 +00:00
|
|
|
},
|
2021-08-03 17:55:02 +00:00
|
|
|
)
|
2021-08-11 02:54:52 +00:00
|
|
|
except Exception as e:
|
|
|
|
|
print(e)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
# create auto upvote
|
|
|
|
|
vote = CommentVote(user_id=v.id,
|
|
|
|
|
comment_id=c.id,
|
|
|
|
|
vote_type=1
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(vote)
|
|
|
|
|
|
|
|
|
|
cache.delete_memoized(comment_idlist)
|
|
|
|
|
|
2021-07-28 03:55:47 +00:00
|
|
|
v.comment_count = v.comments.filter(Comment.parent_submission != None).filter_by(is_banned=False, deleted_utc=0).count()
|
|
|
|
|
g.db.add(v)
|
2021-07-31 06:51:58 +00:00
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
parent_post.comment_count = g.db.query(Comment).options(lazyload('*')).filter_by(parent_submission=parent_post.id).count()
|
2021-08-22 11:58:41 +00:00
|
|
|
g.db.add(parent_post)
|
2021-07-31 06:51:58 +00:00
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-07-31 06:55:22 +00:00
|
|
|
if request.headers.get("Authorization"): return c.json
|
|
|
|
|
else: return jsonify({"html": render_template("comments.html",
|
|
|
|
|
v=v,
|
|
|
|
|
comments=[c],
|
|
|
|
|
render_replies=False,
|
|
|
|
|
)})
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2021-07-27 22:31:28 +00:00
|
|
|
@app.post("/edit_comment/<cid>")
|
2021-08-22 20:31:12 +00:00
|
|
|
@auth_required
|
2021-07-31 06:27:21 +00:00
|
|
|
@validate_formkey
|
2021-07-21 01:12:26 +00:00
|
|
|
def edit_comment(cid, v):
|
|
|
|
|
|
|
|
|
|
c = get_comment(cid, v=v)
|
|
|
|
|
|
|
|
|
|
if not c.author_id == v.id: abort(403)
|
|
|
|
|
|
|
|
|
|
if c.is_banned or c.deleted_utc > 0: abort(403)
|
|
|
|
|
|
2021-08-02 07:37:46 +00:00
|
|
|
body = request.form.get("body", "")[:10000]
|
2021-09-17 15:52:00 +00:00
|
|
|
for i in re.finditer('^(https:\/\/.*\.(png|jpg|jpeg|gif|webp|PNG|JPG|JPEG|GIF|WEBP|9999))', body, re.MULTILINE):
|
2021-09-15 12:43:46 +00:00
|
|
|
if "wikipedia" not in i.group(1): body = body.replace(i.group(1), f'})')
|
2021-09-03 17:09:42 +00:00
|
|
|
body = body.replace("\n", "\n\n").replace("\n\n\n\n\n\n", "\n\n").replace("\n\n\n\n", "\n\n").replace("\n\n\n", "\n\n")
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
bans = filter_comment_html(body_html)
|
|
|
|
|
|
|
|
|
|
if bans:
|
|
|
|
|
|
|
|
|
|
ban = bans[0]
|
|
|
|
|
reason = f"Remove the {ban.domain} link from your comment and try again."
|
|
|
|
|
|
|
|
|
|
#auto ban for digitally malicious content
|
|
|
|
|
if any([x.reason==4 for x in bans]):
|
|
|
|
|
v.ban(days=30, reason="Digitally malicious content is not allowed.")
|
2021-07-31 05:28:05 +00:00
|
|
|
return {"error":"Digitally malicious content is not allowed."}
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if ban.reason:
|
2021-08-03 12:20:40 +00:00
|
|
|
reason += f" {ban.reason}"
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-31 05:59:25 +00:00
|
|
|
if request.headers.get("Authorization"): return {'error': f'A blacklisted domain was used.'}, 400
|
|
|
|
|
else: return render_template("comment_failed.html",
|
2021-07-30 05:31:38 +00:00
|
|
|
action=f"/edit_comment/{c.id}",
|
2021-07-21 01:12:26 +00:00
|
|
|
badlinks=[
|
|
|
|
|
x.domain for x in bans],
|
|
|
|
|
body=body,
|
|
|
|
|
v=v
|
2021-07-31 05:59:25 +00:00
|
|
|
)
|
2021-07-21 01:12:26 +00:00
|
|
|
# check badlinks
|
|
|
|
|
soup = BeautifulSoup(body_html, features="html.parser")
|
|
|
|
|
links = [x['href'] for x in soup.find_all('a') if x.get('href')]
|
|
|
|
|
|
|
|
|
|
for link in links:
|
|
|
|
|
parse_link = urlparse(link)
|
|
|
|
|
check_url = ParseResult(scheme="https",
|
|
|
|
|
netloc=parse_link.netloc,
|
|
|
|
|
path=parse_link.path,
|
|
|
|
|
params=parse_link.params,
|
|
|
|
|
query=parse_link.query,
|
|
|
|
|
fragment='')
|
|
|
|
|
check_url = urlunparse(check_url)
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
badlink = g.db.query(BadLink).options(lazyload('*')).filter(
|
2021-07-21 01:12:26 +00:00
|
|
|
literal(check_url).contains(
|
|
|
|
|
BadLink.link)).first()
|
|
|
|
|
|
|
|
|
|
if badlink:
|
2021-08-03 12:20:40 +00:00
|
|
|
return {"error": f"Remove the following link and try again: `{check_url}`. Reason: {badlink.reason}"}, 403
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# check spam - this should hopefully be faster
|
|
|
|
|
now = int(time.time())
|
|
|
|
|
cutoff = now - 60 * 60 * 24
|
|
|
|
|
|
|
|
|
|
similar_comments = g.db.query(Comment
|
|
|
|
|
).options(
|
|
|
|
|
lazyload('*')
|
|
|
|
|
).join(Comment.comment_aux
|
|
|
|
|
).filter(
|
|
|
|
|
Comment.author_id == v.id,
|
|
|
|
|
CommentAux.body.op(
|
|
|
|
|
'<->')(body) < app.config["SPAM_SIMILARITY_THRESHOLD"],
|
|
|
|
|
Comment.created_utc > cutoff
|
|
|
|
|
).options(contains_eager(Comment.comment_aux)).all()
|
|
|
|
|
|
|
|
|
|
threshold = app.config["SPAM_SIMILAR_COUNT_THRESHOLD"]
|
|
|
|
|
if v.age >= (60 * 60 * 24 * 30):
|
|
|
|
|
threshold *= 4
|
|
|
|
|
elif v.age >= (60 * 60 * 24 * 7):
|
|
|
|
|
threshold *= 3
|
|
|
|
|
elif v.age >= (60 * 60 * 24):
|
|
|
|
|
threshold *= 2
|
|
|
|
|
|
|
|
|
|
if len(similar_comments) > threshold:
|
2021-08-04 16:00:57 +00:00
|
|
|
text = "Your account has been suspended for 1 day for the following reason:\n\n> Too much spam!"
|
2021-08-21 11:06:28 +00:00
|
|
|
send_notification(NOTIFICATIONS_ACCOUNT, v, text)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
v.ban(reason="Spamming.",
|
|
|
|
|
days=1)
|
|
|
|
|
|
|
|
|
|
for comment in similar_comments:
|
|
|
|
|
comment.is_banned = True
|
|
|
|
|
comment.ban_reason = "Automatic spam removal. This happened because the post's creator submitted too much similar content too quickly."
|
|
|
|
|
g.db.add(comment)
|
|
|
|
|
|
2021-07-31 05:28:05 +00:00
|
|
|
return {"error": "Too much spam!"}, 403
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-31 09:00:56 +00:00
|
|
|
if request.files.get("file") and request.headers.get("cf-ipcountry") != "T1":
|
2021-07-27 21:35:50 +00:00
|
|
|
file=request.files["file"]
|
2021-07-31 05:28:05 +00:00
|
|
|
if not file.content_type.startswith('image/'): return {"error": "That wasn't an image!"}, 400
|
2021-09-10 04:49:36 +00:00
|
|
|
if request.content_length > 16 * 1024 * 1024:
|
|
|
|
|
g.db.rollback()
|
|
|
|
|
abort(413)
|
|
|
|
|
|
2021-09-15 00:53:45 +00:00
|
|
|
url = upload_ibb(file=file)
|
2021-07-27 21:35:50 +00:00
|
|
|
|
|
|
|
|
body += f"\n"
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-08-21 12:57:16 +00:00
|
|
|
body_html = sanitize(body_md)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-02 14:38:33 +00:00
|
|
|
if len(body_html) > 20000: abort(400)
|
|
|
|
|
|
2021-08-31 17:34:05 +00:00
|
|
|
c.body = body[:10000]
|
2021-09-02 14:38:33 +00:00
|
|
|
c.body_html = body_html
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-02 00:03:44 +00:00
|
|
|
if "rdrama" in request.host and "ivermectin" in c.body_html.lower():
|
2021-09-01 20:51:47 +00:00
|
|
|
|
|
|
|
|
c.is_banned = True
|
|
|
|
|
c.ban_reason = "ToS Violation"
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
|
|
|
|
|
|
|
|
|
c_jannied = Comment(author_id=AUTOJANNY_ACCOUNT,
|
|
|
|
|
parent_submission=c.parent_submission,
|
|
|
|
|
distinguish_level=6,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=c.level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c_jannied)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
|
|
|
|
body = VAXX_MSG.format(username=v.username)
|
|
|
|
|
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-09-01 20:51:47 +00:00
|
|
|
|
|
|
|
|
body_jannied_html = sanitize(body_md)
|
|
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c_jannied.id,
|
2021-09-02 14:38:33 +00:00
|
|
|
body_html=body_jannied_html,
|
|
|
|
|
body=body
|
2021-09-01 20:51:47 +00:00
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
n = Notification(comment_id=c_jannied.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
|
|
|
|
|
2021-07-21 21:36:46 +00:00
|
|
|
if v.agendaposter and "trans lives matter" not in c.body_html.lower():
|
|
|
|
|
|
|
|
|
|
c.is_banned = True
|
|
|
|
|
c.ban_reason = "ToS Violation"
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
|
|
|
|
|
2021-08-21 11:06:28 +00:00
|
|
|
c_jannied = Comment(author_id=AUTOJANNY_ACCOUNT,
|
2021-07-21 21:36:46 +00:00
|
|
|
parent_submission=c.parent_submission,
|
|
|
|
|
distinguish_level=6,
|
|
|
|
|
parent_comment_id=c.id,
|
|
|
|
|
level=c.level+1,
|
|
|
|
|
is_bot=True,
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
g.db.add(c_jannied)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
|
2021-08-21 11:06:28 +00:00
|
|
|
body = AGENDAPOSTER_MSG.format(username=v.username)
|
2021-07-21 21:36:46 +00:00
|
|
|
|
2021-09-13 11:54:20 +00:00
|
|
|
body_md = CustomRenderer().render(mistletoe.Document(body))
|
2021-07-21 21:36:46 +00:00
|
|
|
|
|
|
|
|
body_jannied_html = sanitize(body_md)
|
|
|
|
|
c_aux = CommentAux(
|
|
|
|
|
id=c_jannied.id,
|
2021-09-02 14:38:33 +00:00
|
|
|
body_html=body_jannied_html,
|
|
|
|
|
body=body
|
2021-07-21 21:36:46 +00:00
|
|
|
)
|
|
|
|
|
g.db.add(c_aux)
|
|
|
|
|
g.db.flush()
|
|
|
|
|
n = Notification(comment_id=c_jannied.id, user_id=v.id)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
if int(time.time()) - c.created_utc > 60 * 3: c.edited_utc = int(time.time())
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
|
|
|
|
|
2021-08-11 17:01:19 +00:00
|
|
|
g.db.flush()
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
# queue up notifications for username mentions
|
|
|
|
|
notify_users = set()
|
|
|
|
|
soup = BeautifulSoup(body_html, features="html.parser")
|
|
|
|
|
mentions = soup.find_all("a", href=re.compile("^/@(\w+)"))
|
|
|
|
|
|
|
|
|
|
if len(mentions) > 0:
|
|
|
|
|
notifs = g.db.query(Notification)
|
|
|
|
|
for mention in mentions:
|
|
|
|
|
username = mention["href"].split("@")[1]
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
user = g.db.query(User).options(lazyload('*')).filter_by(username=username).first()
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if user:
|
|
|
|
|
if v.any_block_exists(user):
|
|
|
|
|
continue
|
|
|
|
|
if user.id != v.id:
|
|
|
|
|
notify_users.add(user.id)
|
|
|
|
|
|
|
|
|
|
for x in notify_users:
|
|
|
|
|
notif = notifs.filter_by(comment_id=c.id, user_id=x).first()
|
|
|
|
|
if not notif:
|
|
|
|
|
n = Notification(comment_id=c.id, user_id=x)
|
|
|
|
|
g.db.add(n)
|
|
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-07-31 06:55:22 +00:00
|
|
|
return jsonify({"html": c.body_html})
|
|
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-28 03:55:47 +00:00
|
|
|
@app.post("/delete/comment/<cid>")
|
2021-07-21 01:12:26 +00:00
|
|
|
@auth_required
|
|
|
|
|
@validate_formkey
|
|
|
|
|
def delete_comment(cid, v):
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
c = g.db.query(Comment).options(lazyload('*')).filter_by(id=cid).first()
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if not c:
|
|
|
|
|
abort(404)
|
|
|
|
|
|
|
|
|
|
if not c.author_id == v.id:
|
|
|
|
|
abort(403)
|
|
|
|
|
|
|
|
|
|
c.deleted_utc = int(time.time())
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
2021-07-27 22:24:06 +00:00
|
|
|
|
2021-08-11 17:01:19 +00:00
|
|
|
cache.delete_memoized(comment_idlist)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-09-08 10:57:56 +00:00
|
|
|
return {"message": "Comment deleted!"}
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-27 22:31:28 +00:00
|
|
|
@app.post("/undelete/comment/<cid>")
|
2021-07-21 01:12:26 +00:00
|
|
|
@auth_required
|
|
|
|
|
@validate_formkey
|
|
|
|
|
def undelete_comment(cid, v):
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
c = g.db.query(Comment).options(lazyload('*')).filter_by(id=cid).first()
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if not c:
|
|
|
|
|
abort(404)
|
|
|
|
|
|
|
|
|
|
if not c.author_id == v.id:
|
|
|
|
|
abort(403)
|
|
|
|
|
|
|
|
|
|
c.deleted_utc = 0
|
|
|
|
|
|
|
|
|
|
g.db.add(c)
|
|
|
|
|
|
2021-08-11 17:01:19 +00:00
|
|
|
cache.delete_memoized(comment_idlist)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-09-08 10:57:56 +00:00
|
|
|
return {"message": "Comment undeleted!"}
|
2021-07-31 05:28:05 +00:00
|
|
|
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-27 22:31:28 +00:00
|
|
|
@app.post("/comment_pin/<cid>")
|
2021-07-21 01:12:26 +00:00
|
|
|
@auth_required
|
|
|
|
|
@validate_formkey
|
2021-07-25 21:59:20 +00:00
|
|
|
def toggle_comment_pin(cid, v):
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
comment = get_comment(cid, v=v)
|
|
|
|
|
|
2021-07-28 22:11:18 +00:00
|
|
|
if v.admin_level < 1 and v.id != comment.post.author_id:
|
2021-07-21 01:12:26 +00:00
|
|
|
abort(403)
|
|
|
|
|
|
|
|
|
|
comment.is_pinned = not comment.is_pinned
|
|
|
|
|
|
|
|
|
|
g.db.add(comment)
|
2021-08-11 17:01:19 +00:00
|
|
|
g.db.flush()
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
if v.admin_level == 6:
|
|
|
|
|
ma=ModAction(
|
|
|
|
|
kind="pin_comment" if comment.is_pinned else "unpin_comment",
|
|
|
|
|
user_id=v.id,
|
|
|
|
|
target_comment_id=comment.id
|
|
|
|
|
)
|
|
|
|
|
g.db.add(ma)
|
|
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-09-08 22:09:45 +00:00
|
|
|
if comment.is_pinned: return {"message": "Comment pinned!"}
|
|
|
|
|
else: return {"message": "Comment unpinned!"}
|
2021-07-21 01:12:26 +00:00
|
|
|
|
|
|
|
|
|
2021-07-27 22:31:28 +00:00
|
|
|
@app.post("/save_comment/<cid>")
|
2021-07-21 01:12:26 +00:00
|
|
|
@auth_required
|
|
|
|
|
@validate_formkey
|
|
|
|
|
def save_comment(cid, v):
|
|
|
|
|
|
|
|
|
|
comment=get_comment(cid)
|
|
|
|
|
|
|
|
|
|
new_save=SaveRelationship(user_id=v.id, submission_id=comment.id, type=2)
|
|
|
|
|
|
|
|
|
|
g.db.add(new_save)
|
|
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-09-08 11:05:31 +00:00
|
|
|
return {"message": "Comment saved!"}
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-07-27 22:31:28 +00:00
|
|
|
@app.post("/unsave_comment/<cid>")
|
2021-07-21 01:12:26 +00:00
|
|
|
@auth_required
|
|
|
|
|
@validate_formkey
|
|
|
|
|
def unsave_comment(cid, v):
|
|
|
|
|
|
|
|
|
|
comment=get_comment(cid)
|
|
|
|
|
|
2021-09-17 08:29:05 +00:00
|
|
|
save=g.db.query(SaveRelationship).options(lazyload('*')).filter_by(user_id=v.id, submission_id=comment.id, type=2).first()
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-08-11 18:30:25 +00:00
|
|
|
if save: g.db.delete(save)
|
2021-07-21 01:12:26 +00:00
|
|
|
|
2021-09-16 17:02:58 +00:00
|
|
|
g.db.commit()
|
|
|
|
|
|
2021-09-08 11:05:31 +00:00
|
|
|
return {"message": "Comment unsaved!"}
|
