add /admin/delete_media

2023-02-19 21:31:26 +02:00 · 2023-02-19 21:31:26 +02:00 · 288fcde832
parent 5e68334ff5
commit 288fcde832
6 changed files with 86 additions and 9 deletions
--- a/files/helpers/config/const.py
+++ b/files/helpers/config/const.py
@ -482,15 +482,17 @@ PERMS = { # Minimum admin_level to perform action.

 	'PROGSTACK': 5,

-	'USER_BLACKLIST': 6,
- 	'POST_EDITING': 6,
- 	'VIEW_PATRONS': 6,
- 	'BLACKJACK_NOTIFICATIONS': 6,
- 	'IGNORE_BADGE_BLACKLIST': 6,
-	'UNDO_AWARD_PINS': 6,
- 	'SEE_GHOST_VOTES': 6,
- 	'MODS_EVERY_HOLE': 6,
- 	'VIEW_DM_IMAGES': 6,
+	'DELETE_MEDIA': 6,
+
+	'USER_BLACKLIST': 7,
+ 	'POST_EDITING': 7,
+ 	'VIEW_PATRONS': 7,
+ 	'BLACKJACK_NOTIFICATIONS': 7,
+ 	'IGNORE_BADGE_BLACKLIST': 7,
+	'UNDO_AWARD_PINS': 7,
+ 	'SEE_GHOST_VOTES': 7,
+ 	'MODS_EVERY_HOLE': 7,
+ 	'VIEW_DM_IMAGES': 7,
 }

 FEATURES = {
--- a/files/helpers/config/modaction_types.py
+++ b/files/helpers/config/modaction_types.py
@ -46,6 +46,11 @@ MODACTION_TYPES = {
 		"icon": 'fa-lock',
 		"color": 'bg-danger'
 	},
+	'delete_media': {
+		"str": 'deleted media',
+		"icon": 'fa-trash-alt',
+		"color": 'bg-danger'
+	},
 	'delete_report': {
 		"str": 'deleted report on {self.target_link}',
 		"icon": 'fa-flag',
--- a/files/helpers/regex.py
+++ b/files/helpers/regex.py
@ -196,3 +196,5 @@ discord_username_regex = re.compile("(\s|^|>).{2,32}#[0-9]{4}(?=[^0-9]|$)", flag
 numbered_list_regex = re.compile('((\s|^)[0-9]+)\. ', flags=re.A)

 comment_link_regex = re.compile("/[0-9]+$", flags=re.A)
+
+media_deletion_regex = re.compile(f"{SITE_FULL}\/(chat_)?(images|videos)\/[0-9]{{11,17}}\.(webp|{video_regex_extensions})", flags=re.A)
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@ -1,6 +1,7 @@
 import time
 from urllib.parse import quote, urlencode
 from math import floor
+import os

 from sqlalchemy.exc import IntegrityError
 from psycopg2.errors import UniqueViolation
@ -1649,3 +1650,39 @@ def unblacklist_user(user_id, v):
 	g.db.add(ma)

 	return {"message": f"@{user.username} has been unblacklisted from restricted holes!"}
+
+@app.get('/admin/delete_media')
+@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
+@admin_level_required(PERMS['DELETE_MEDIA'])
+def delete_media_get(v):
+	return render_template("admin/delete_media.html", v=v)
+
+@app.post("/admin/delete_media")
+@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
+@limiter.limit(DEFAULT_RATELIMIT_SLOWER, key_func=get_ID)
+@admin_level_required(PERMS['DELETE_MEDIA'])
+def delete_media_post(v):
+
+	url = request.values.get("url")
+	if not url:
+		return render_template("admin/delete_media.html", v=v, url=url, error="No url provided!")
+
+	if not media_deletion_regex.fullmatch(url):
+		return render_template("admin/delete_media.html", v=v, url=url, error="Invalid url!")
+
+	path = url.split(SITE_FULL)[1]
+
+	if not os.path.isfile(path):
+		return render_template("admin/delete_media.html", v=v, url=url, error="File not found on the server!")
+
+	os.remove(path)
+
+	ma=ModAction(
+		kind="delete_media",
+		user_id=v.id,
+		_note=url,
+		)
+	g.db.add(ma)
+
+	purge_files_in_cache(url)
+	return render_template("admin/delete_media.html", v=v, msg="Media deleted successfully!")
--- a/files/templates/admin/admin_home.html
+++ b/files/templates/admin/admin_home.html
@ -68,6 +68,9 @@

 <h4>Safety</h4>
 <ul>
+	{% if v.admin_level >= PERMS['DELETE_MEDIA'] %}
+		<li><a href="/admin/delete_media">Delete Media</a></li>
+	{% endif %}
 	{% if v.admin_level >= PERMS['DOMAINS_BAN'] %}
 		<li><a href="/admin/banned_domains">Banned Domains</a></li>
 	{% endif %}
--- a/files/templates/admin/delete_media.html
+++ b/files/templates/admin/delete_media.html
@ -0,0 +1,28 @@
+{% extends "default.html" %}
+
+{% block pagetitle %}Delete Media{% endblock %}
+
+{% block content %}
+{% if error %}{{macros.alert(error, true)}}{% endif %}
+{% if msg %}{{macros.alert(msg, false)}}{% endif %}
+<form class="mt-3" action="/admin/delete_media" method="post">
+	<div class="container">
+		<div class="row justify-content-center mb-4 pb-6">
+			<div class="col col-md-6 p-3 py-md-0">
+				<h1 class="d-mob-none">Delete Media</h1>
+				<h3 class=" d-md-none">Delete Media</h3>
+				<div class="body">
+					<input hidden name="formkey" value="{{v|formkey}}">
+					<label>URL</label>
+					<input class="form-control" type="url" name="url" required {% if url %}value="{{url}}"{% endif %}>
+					<div class="footer">
+						<div class="d-flex">
+							<button type="submit" class="btn btn-primary ml-auto">Delete</button>
+						</div>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+</form>
+{% endblock %}