diff --git a/files/helpers/const.py b/files/helpers/const.py index 9f6bf912f..962e6342f 100644 --- a/files/helpers/const.py +++ b/files/helpers/const.py @@ -1013,7 +1013,13 @@ approved_embed_hosts = { 'substackcdn.com', '9gag.com', 'ifunny.co', - 'wixmp.com' + 'wixmp.com', + 'derpicdn.net', + 'twibooru.org', + 'ponybooru.org', + 'e621.net', + 'ponerpics.org', + 'furaffinity.net' } diff --git a/files/routes/subs.py b/files/routes/subs.py index 33b8f5b3b..e920e89d4 100644 --- a/files/routes/subs.py +++ b/files/routes/subs.py @@ -513,7 +513,7 @@ def subs(v): return render_template('sub/subs.html', v=v, subs=subs) @app.post("/hole_pin/") -@auth_required +@is_not_permabanned def hole_pin(v, pid): p = get_post(pid) @@ -531,7 +531,7 @@ def hole_pin(v, pid): return {"message": f"Post pinned to /h/{p.sub} successfully!"} @app.post("/hole_unpin/") -@auth_required +@is_not_permabanned def hole_unpin(v, pid): p = get_post(pid) diff --git a/files/routes/users.py b/files/routes/users.py index 68bc3a9fe..beb9c142e 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -720,8 +720,10 @@ def song(song): @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @auth_required def subscribe(v, post_id): - new_sub = Subscription(user_id=v.id, submission_id=post_id) - g.db.add(new_sub) + existing = g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).one_or_none() + if not existing: + new_sub = Subscription(user_id=v.id, submission_id=post_id) + g.db.add(new_sub) return {"message": "Subscribed to post successfully!"} @app.post("/unsubscribe/") @@ -729,9 +731,9 @@ def subscribe(v, post_id): @limiter.limit("1/second;30/minute;200/hour;1000/day", key_func=lambda:f'{SITE}-{session.get("lo_user")}') @auth_required def unsubscribe(v, post_id): - sub=g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).one_or_none() - if sub: - g.db.delete(sub) + existing = g.db.query(Subscription).filter_by(user_id=v.id, submission_id=post_id).one_or_none() + if existing: + g.db.delete(existing) return {"message": "Unsubscribed from post successfully!"} @app.post("/@/message")