make under_attack a setting and use it in /submit for WPD

2023-02-09 05:50:30 +02:00 · 2023-02-09 05:50:30 +02:00 · 44a80f0492
parent f19f34bc49
commit 44a80f0492
6 changed files with 8 additions and 42 deletions
--- a/files/helpers/cloudflare.py
+++ b/files/helpers/cloudflare.py
@ -18,14 +18,6 @@ def _request_from_cloudflare(url:str, method:str, post_data_str) -> bool:
 		return False
 	return res == "<Response [200]>"

-def get_security_level() -> Optional[str]:
-	res = None
-	try:
-		res = requests.get(f'{CLOUDFLARE_API_URL}/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, timeout=CLOUDFLARE_REQUEST_TIMEOUT_SECS).json()['result']['value']
-	except:
-		pass
-	return res
-
 def set_security_level(under_attack="high") -> bool:
 	return _request_from_cloudflare("settings/security_level", "PATCH", f'{{"value":"{under_attack}"}}')

--- a/files/helpers/config/const.py
+++ b/files/helpers/config/const.py
@ -465,7 +465,6 @@ PERMS = { # Minimum admin_level to perform action.
 	'SITE_SETTINGS': 3,
 	'SITE_SETTINGS_SIDEBARS_BANNERS_BADGES': 3,
 	'SITE_SETTINGS_SNAPPY_QUOTES': 3,
- 	'SITE_SETTINGS_UNDER_ATTACK': 3,
 	'SITE_CACHE_PURGE_CDN': 3,
 	'NOTIFICATIONS_FROM_SHADOWBANNED_USERS': 3,
 	'APPS_MODERATION': 3,
--- a/files/helpers/settings.py
+++ b/files/helpers/settings.py
@ -14,6 +14,7 @@ _SETTINGS = {
 	"login_required": False,
 	"under_siege": False,
 	"dm_images": True,
+	"under_attack": False,
 }

 def get_setting(setting:str):
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@ -326,13 +326,7 @@ def reported_comments(v):
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@admin_level_required(PERMS['ADMIN_HOME_VISIBLE'])
 def admin_home(v):
-	under_attack = False
-
-	if v.admin_level >= PERMS['SITE_SETTINGS_UNDER_ATTACK']:
-		under_attack = (get_security_level() or 'high') == 'under_attack'
-
-	return render_template("admin/admin_home.html", v=v,
-		under_attack=under_attack)
+	return render_template("admin/admin_home.html", v=v)

@app.post("/admin/site_settings/<setting>")
@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
@ -347,6 +341,11 @@ def change_settings(v:User, setting):
 	if val: word = 'enable'
 	else: word = 'disable'

+	if setting == "under_attack":
+		new_security_level = 'under_attack' if val else 'high'
+		if not set_security_level(new_security_level):
+			abort(400, f'Failed to {wprd} under attack mode')
+
 	if setting != 'login_required':
 		ma = ModAction(
 			kind=f"{word}_{setting}",
@ -369,25 +368,6 @@ def clear_cloudflare_cache(v):
 	g.db.add(ma)
 	return {"message": "Cloudflare cache cleared!"}

-@app.post("/admin/under_attack")
-@limiter.limit(DEFAULT_RATELIMIT, key_func=get_ID)
-@admin_level_required(PERMS['SITE_SETTINGS_UNDER_ATTACK'])
-def under_attack(v):
-	response = get_security_level()
-	if not response:
-		abort(400, 'Could not retrieve the current security level')
-	old_under_attack_mode = response == 'under_attack'
-	enable_disable_str = 'disable' if old_under_attack_mode else 'enable'
-	new_security_level = 'high' if old_under_attack_mode else 'under_attack'
-	if not set_security_level(new_security_level):
-		abort(400, f'Failed to {enable_disable_str} under attack mode')
-	ma = ModAction(
-		kind=f"{enable_disable_str}_under_attack",
-		user_id=v.id,
-	)
-	g.db.add(ma)
-	return {"message": f"Under attack mode {enable_disable_str}d!"}
-
 def admin_badges_grantable_list(v):
 	query = g.db.query(BadgeDef)

--- a/files/templates/admin/admin_home.html
+++ b/files/templates/admin/admin_home.html
@ -115,12 +115,6 @@
 		<label class="custom-control-label" for="settings-{{setting}}-checkbox">{{setting.replace('_', ' ').title()}}</label>
 	</div>
 	{% endfor %}
-	{% if v.admin_level >= PERMS['SITE_SETTINGS_UNDER_ATTACK'] %}
-		<div class="custom-control custom-switch" id="settings-under_attack-container">
-			<input autocomplete="off" type="checkbox" class="custom-control-input" id="under_attack" name="under_attack" {% if under_attack%}checked{% endif %} data-nonce="{{g.nonce}}" data-onchange="postToastSwitch(this,'/admin/under_attack');">
-			<label class="custom-control-label" for="under_attack">Under Attack Mode</label>
-		</div>
-	{% endif %}
 {% endif %}

 {% if v.admin_level >= PERMS['SITE_CACHE_PURGE_CDN'] %}
--- a/files/templates/submit.html
+++ b/files/templates/submit.html
@ -12,7 +12,7 @@
 {% block content %}
 		{% block form %}
 		<div class="submit-grid-view">
-			<form id="submitform" action="{% if SITE == 'watchpeopledie.tv' %}https://videos.watchpeopledie.tv{% elif sub %}/h/{{sub}}{% endif %}/submit" method="post" enctype="multipart/form-data" style="grid-column: 2" data-nonce="{{g.nonce}}" data-onsubmit="submit(this)">
+			<form id="submitform" action="{% if SITE == 'watchpeopledie.tv' and not SITE_SETTINGS['under_attack'] %}https://videos.watchpeopledie.tv{% elif sub %}/h/{{sub}}{% endif %}/submit" method="post" enctype="multipart/form-data" style="grid-column: 2" data-nonce="{{g.nonce}}" data-onsubmit="submit(this)">
 				<div class="container">
 						<div class="row justify-content-center mb-5">
 								<div class="col p-3 py-md-0">