move feature_required wrappers up
parent
d3aea510f8
commit
41ab1f313c
|
@ -520,17 +520,17 @@ def under_attack(v):
|
|||
|
||||
@app.get("/admin/badge_grant")
|
||||
@app.get("/admin/badge_remove")
|
||||
@admin_level_required(PERMS['USER_BADGES'])
|
||||
@feature_required('BADGES')
|
||||
@admin_level_required(PERMS['USER_BADGES'])
|
||||
def badge_grant_get(v):
|
||||
grant = request.url.endswith("grant")
|
||||
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
|
||||
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=grant)
|
||||
|
||||
@app.post("/admin/badge_grant")
|
||||
@feature_required('BADGES')
|
||||
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
|
||||
@admin_level_required(PERMS['USER_BADGES'])
|
||||
@feature_required('BADGES')
|
||||
def badge_grant_post(v):
|
||||
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
|
||||
|
||||
|
@ -577,9 +577,9 @@ def badge_grant_post(v):
|
|||
return render_template("admin/badge_admin.html", v=v, badge_types=badges, grant=True, msg=f"{new_badge.name} Badge granted to @{user.username} successfully!")
|
||||
|
||||
@app.post("/admin/badge_remove")
|
||||
@feature_required('BADGES')
|
||||
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
|
||||
@admin_level_required(PERMS['USER_BADGES'])
|
||||
@feature_required('BADGES')
|
||||
def badge_remove_post(v):
|
||||
badges = g.db.query(BadgeDef).order_by(BadgeDef.id).all()
|
||||
|
||||
|
@ -1221,8 +1221,8 @@ def distinguish_post(post_id, v):
|
|||
|
||||
|
||||
@app.post("/sticky/<post_id>")
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
@feature_required('PINS')
|
||||
@admin_level_required(PERMS['POST_COMMENT_MODERATION'])
|
||||
def sticky_post(post_id, v):
|
||||
post = get_post(post_id)
|
||||
if post.is_banned: abort(403, "Can't sticky removed posts!")
|
||||
|
|
|
@ -16,8 +16,8 @@ from copy import deepcopy
|
|||
|
||||
@app.get("/shop")
|
||||
@app.get("/settings/shop")
|
||||
@auth_required
|
||||
@feature_required('AWARDS')
|
||||
@auth_required
|
||||
def shop(v):
|
||||
AWARDS = deepcopy(AWARDS2)
|
||||
|
||||
|
@ -40,9 +40,9 @@ def shop(v):
|
|||
|
||||
|
||||
@app.post("/buy/<award>")
|
||||
@feature_required('AWARDS')
|
||||
@limiter.limit("100/minute;200/hour;1000/day")
|
||||
@auth_required
|
||||
@feature_required('AWARDS')
|
||||
def buy(v, award):
|
||||
if award == 'benefactor' and not request.values.get("mb"):
|
||||
abort(403, "You can only buy the Benefactor award with marseybux.")
|
||||
|
|
|
@ -12,9 +12,9 @@ from files.helpers.lottery import *
|
|||
|
||||
|
||||
@app.get("/casino")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def casino(v):
|
||||
if v.rehab:
|
||||
return render_template("casino/rehab.html", v=v)
|
||||
|
@ -23,9 +23,9 @@ def casino(v):
|
|||
|
||||
|
||||
@app.get("/casino/<game>")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def casino_game_page(v, game):
|
||||
if v.rehab:
|
||||
return render_template("casino/rehab.html", v=v)
|
||||
|
@ -51,9 +51,9 @@ def casino_game_page(v, game):
|
|||
|
||||
|
||||
@app.get("/casino/<game>/feed")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def casino_game_feed(v, game):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -66,9 +66,9 @@ def casino_game_feed(v, game):
|
|||
|
||||
# Lottershe
|
||||
@app.get("/lottershe")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def lottershe(v):
|
||||
if v.rehab:
|
||||
return render_template("casino/rehab.html", v=v)
|
||||
|
@ -78,9 +78,9 @@ def lottershe(v):
|
|||
|
||||
# Slots
|
||||
@app.post("/casino/slots")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def pull_slots(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -109,9 +109,9 @@ def pull_slots(v):
|
|||
|
||||
# 21
|
||||
@app.post("/casino/twentyone/deal")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("1/second;100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def blackjack_deal_to_player(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -129,9 +129,9 @@ def blackjack_deal_to_player(v):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/hit")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("1/second;100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def blackjack_player_hit(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -145,9 +145,9 @@ def blackjack_player_hit(v):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/stay")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("1/second;100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def blackjack_player_stay(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -161,9 +161,9 @@ def blackjack_player_stay(v):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/double-down")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("1/second;100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def blackjack_player_doubled_down(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -177,9 +177,9 @@ def blackjack_player_doubled_down(v):
|
|||
|
||||
|
||||
@app.post("/casino/twentyone/buy-insurance")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("1/second;100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def blackjack_player_bought_insurance(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -193,9 +193,9 @@ def blackjack_player_bought_insurance(v):
|
|||
|
||||
# Roulette
|
||||
@app.get("/casino/roulette/bets")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def roulette_get_bets(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
@ -206,9 +206,9 @@ def roulette_get_bets(v):
|
|||
|
||||
|
||||
@app.post("/casino/roulette/place-bet")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("100/minute;2000/hour;12000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def roulette_player_placed_bet(v):
|
||||
if v.rehab:
|
||||
abort(403, "You are under Rehab award effect!")
|
||||
|
|
|
@ -514,8 +514,8 @@ def undelete_comment(cid, v):
|
|||
|
||||
|
||||
@app.post("/pin_comment/<cid>")
|
||||
@auth_required
|
||||
@feature_required('PINS')
|
||||
@auth_required
|
||||
def pin_comment(cid, v):
|
||||
|
||||
comment = get_comment(cid, v=v)
|
||||
|
|
|
@ -7,8 +7,8 @@ from files.helpers.useractions import *
|
|||
from flask import g
|
||||
|
||||
@app.get("/hats")
|
||||
@auth_required
|
||||
@feature_required('HATS')
|
||||
@auth_required
|
||||
def hats(v):
|
||||
owned_hat_ids = [x.hat_id for x in v.owned_hats]
|
||||
|
||||
|
@ -32,9 +32,9 @@ def hats(v):
|
|||
return render_template("hats.html", owned_hat_ids=owned_hat_ids, hats=hats, v=v, sales=sales, num_of_hats=num_of_hats)
|
||||
|
||||
@app.post("/buy_hat/<hat_id>")
|
||||
@feature_required('HATS')
|
||||
@limiter.limit('100/minute;1000/3 days')
|
||||
@auth_required
|
||||
@feature_required('HATS')
|
||||
def buy_hat(v, hat_id):
|
||||
try: hat_id = int(hat_id)
|
||||
except: abort(404, "Hat not found!")
|
||||
|
@ -84,8 +84,8 @@ def buy_hat(v, hat_id):
|
|||
|
||||
|
||||
@app.post("/equip_hat/<hat_id>")
|
||||
@auth_required
|
||||
@feature_required('HATS')
|
||||
@auth_required
|
||||
def equip_hat(v, hat_id):
|
||||
try: hat_id = int(hat_id)
|
||||
except: abort(404, "Hat not found!")
|
||||
|
@ -99,8 +99,8 @@ def equip_hat(v, hat_id):
|
|||
return {"message": f"'{hat.name}' equipped!"}
|
||||
|
||||
@app.post("/unequip_hat/<hat_id>")
|
||||
@auth_required
|
||||
@feature_required('HATS')
|
||||
@auth_required
|
||||
def unequip_hat(v, hat_id):
|
||||
try: hat_id = int(hat_id)
|
||||
except: abort(404, "Hat not found!")
|
||||
|
|
|
@ -8,25 +8,25 @@ from files.helpers.lottery import *
|
|||
import requests
|
||||
|
||||
@app.post("/lottery/end")
|
||||
@admin_level_required(PERMS['LOTTERY_ADMIN'])
|
||||
@feature_required('GAMBLING')
|
||||
@admin_level_required(PERMS['LOTTERY_ADMIN'])
|
||||
def lottery_end(v):
|
||||
success, message = end_lottery_session()
|
||||
return {"message": message} if success else {"error": message}
|
||||
|
||||
|
||||
@app.post("/lottery/start")
|
||||
@admin_level_required(PERMS['LOTTERY_ADMIN'])
|
||||
@feature_required('GAMBLING')
|
||||
@admin_level_required(PERMS['LOTTERY_ADMIN'])
|
||||
def lottery_start(v):
|
||||
start_new_lottery_session()
|
||||
return {"message": "Lottery started."}
|
||||
|
||||
|
||||
@app.post("/lottery/buy")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("3/second;100/minute;500/hour;1000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def lottery_buy(v):
|
||||
try: quantity = int(request.values.get("quantity"))
|
||||
except: abort(400, "Invalid ticket quantity.")
|
||||
|
@ -42,17 +42,17 @@ def lottery_buy(v):
|
|||
|
||||
|
||||
@app.get("/lottery/active")
|
||||
@feature_required('GAMBLING')
|
||||
@limiter.limit("3/second;100/minute;500/hour;1000/day")
|
||||
@auth_required
|
||||
@feature_required('GAMBLING')
|
||||
def lottery_active(v):
|
||||
lottery, participants = get_active_lottery_stats()
|
||||
|
||||
return {"message": "", "stats": {"user": v.lottery_stats, "lottery": lottery, "participants": participants}}
|
||||
|
||||
@app.get("/admin/lottery/participants")
|
||||
@admin_level_required(PERMS['LOTTERY_VIEW_PARTICIPANTS'])
|
||||
@feature_required('GAMBLING')
|
||||
@admin_level_required(PERMS['LOTTERY_VIEW_PARTICIPANTS'])
|
||||
def lottery_admin(v):
|
||||
participants = get_users_participating_in_lottery()
|
||||
return render_template("admin/lottery.html", v=v, participants=participants)
|
||||
|
|
|
@ -29,8 +29,8 @@ titleheaders = {"User-Agent": "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWe
|
|||
|
||||
|
||||
@app.post("/club_post/<pid>")
|
||||
@auth_required
|
||||
@feature_required('COUNTRY_CLUB')
|
||||
@auth_required
|
||||
def club_post(pid, v):
|
||||
post = get_post(pid)
|
||||
if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403)
|
||||
|
@ -53,8 +53,8 @@ def club_post(pid, v):
|
|||
return {"message": f"Post has been marked as {CC_TITLE}!"}
|
||||
|
||||
@app.post("/unclub_post/<pid>")
|
||||
@auth_required
|
||||
@feature_required('COUNTRY_CLUB')
|
||||
@auth_required
|
||||
def unclub_post(pid, v):
|
||||
post = get_post(pid)
|
||||
if post.author_id != v.id and v.admin_level < PERMS['POST_COMMENT_MODERATION']: abort(403)
|
||||
|
|
|
@ -506,10 +506,10 @@ def settings_images_profile(v):
|
|||
|
||||
|
||||
@app.post("/settings/images/banner")
|
||||
@feature_required('USERS_PROFILE_BANNER')
|
||||
@limiter.limit(DEFAULT_RATELIMIT_SLOWER)
|
||||
@auth_required
|
||||
@ratelimit_user()
|
||||
@feature_required('USERS_PROFILE_BANNER')
|
||||
def settings_images_banner(v):
|
||||
if request.headers.get("cf-ipcountry") == "T1": abort(403, "Image uploads are not allowed through TOR.")
|
||||
|
||||
|
@ -659,10 +659,10 @@ def settings_name_change(v):
|
|||
return redirect("/settings/personal")
|
||||
|
||||
@app.post("/settings/song_change_mp3")
|
||||
@feature_required('USERS_PROFILE_SONG')
|
||||
@limiter.limit("3/second;10/day")
|
||||
@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
|
||||
@auth_required
|
||||
@feature_required('USERS_PROFILE_SONG')
|
||||
def settings_song_change_mp3(v):
|
||||
file = request.files['file']
|
||||
if file.content_type != 'audio/mpeg':
|
||||
|
@ -687,10 +687,10 @@ def settings_song_change_mp3(v):
|
|||
return redirect("/settings/personal")
|
||||
|
||||
@app.post("/settings/song_change")
|
||||
@feature_required('USERS_PROFILE_SONG')
|
||||
@limiter.limit("3/second;10/day")
|
||||
@limiter.limit("3/second;10/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
|
||||
@auth_required
|
||||
@feature_required('USERS_PROFILE_SONG')
|
||||
def settings_song_change(v):
|
||||
song=request.values.get("song").strip()
|
||||
|
||||
|
|
|
@ -324,8 +324,8 @@ def badge_list(site):
|
|||
return badges, counts
|
||||
|
||||
@app.get("/badges")
|
||||
@auth_required
|
||||
@feature_required('BADGES')
|
||||
@auth_required
|
||||
def badges(v):
|
||||
badges, counts = badge_list(SITE)
|
||||
return render_template("badges.html", v=v, badges=badges, counts=counts)
|
||||
|
|
|
@ -640,8 +640,8 @@ def sub_stealth(v, sub):
|
|||
|
||||
|
||||
@app.post("/mod_pin/<cid>")
|
||||
@is_not_permabanned
|
||||
@feature_required('PINS')
|
||||
@is_not_permabanned
|
||||
def mod_pin(cid, v):
|
||||
|
||||
comment = get_comment(cid, v=v)
|
||||
|
|
|
@ -251,10 +251,10 @@ def downvoting(v, username):
|
|||
return all_upvoters_downvoters(v, username, -1, True)
|
||||
|
||||
@app.post("/@<username>/suicide")
|
||||
@feature_required('USERS_SUICIDE')
|
||||
@limiter.limit("1/second;5/day")
|
||||
@limiter.limit("1/second;5/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}')
|
||||
@auth_required
|
||||
@feature_required('USERS_SUICIDE')
|
||||
def suicide(v, username):
|
||||
|
||||
|
||||
|
|
Loading…
Reference in New Issue