diff --git a/files/helpers/get.py b/files/helpers/get.py index 51267ce4b..f3504f8bf 100644 --- a/files/helpers/get.py +++ b/files/helpers/get.py @@ -92,7 +92,6 @@ def get_account(id, v=None): except: abort(404) user = g.db.get(User, id) - if not user: abort(404) if v: @@ -116,18 +115,22 @@ def get_account(id, v=None): def get_post(i, v=None, graceful=False): + if not i: + if graceful: return None + else: abort(404) + if v: vt = g.db.query(Vote).filter_by( user_id=v.id, submission_id=i).subquery() blocking = v.blocking.subquery() - items = g.db.query( + post = g.db.query( Submission, vt.c.vote_type, blocking.c.target_id, ) - items=items.filter(Submission.id == i + post=post.filter(Submission.id == i ).join( vt, vt.c.submission_id == Submission.id, @@ -138,21 +141,21 @@ def get_post(i, v=None, graceful=False): isouter=True ) - items=items.one_or_none() + post=post.one_or_none() - if not items: + if not post: if graceful: return None else: abort(404) - x = items[0] - x.voted = items[1] or 0 - x.is_blocking = items[2] or 0 + x = post[0] + x.voted = post[1] or 0 + x.is_blocking = post[2] or 0 else: - items = g.db.get(Submission, i) - if not items: + post = g.db.get(Submission, i) + if not post: if graceful: return None else: abort(404) - x=items + x=post return x @@ -202,12 +205,16 @@ def get_posts(pids, v=None): def get_comment(i, v=None, graceful=False): + if not i: + if graceful: return None + else: abort(404) + + comment=g.db.get(Comment, i) + if not comment: + if graceful: return None + else: abort(404) + if v: - - comment=g.db.get(Comment, i) - - if not comment and not graceful: abort(404) - block = g.db.query(UserBlock).filter( or_( and_( @@ -227,10 +234,6 @@ def get_comment(i, v=None, graceful=False): comment.is_blocked = block and block.target_id == v.id comment.voted = vt.vote_type if vt else 0 - else: - comment = g.db.get(Comment, i) - if not comment and not graceful:abort(404) - return comment diff --git a/files/helpers/wrappers.py b/files/helpers/wrappers.py index 600ff69b0..d62ea6b7e 100644 --- a/files/helpers/wrappers.py +++ b/files/helpers/wrappers.py @@ -1,6 +1,7 @@ from .get import * from .alerts import * from files.helpers.const import * +from files.helpers.get import * from files.__main__ import db_session, limiter from random import randint import user_agents @@ -23,7 +24,7 @@ def get_logged_in_user(): lo_user = session.get("lo_user") if lo_user: id = int(lo_user) - v = g.db.get(User, id) + v = get_account(id) if v: nonce = session.get("login_nonce", 0) if nonce < v.login_nonce or v.id != id: abort(401) diff --git a/files/routes/admin.py b/files/routes/admin.py index 049b79202..30e26a1c2 100644 --- a/files/routes/admin.py +++ b/files/routes/admin.py @@ -54,7 +54,7 @@ def give_monthly_marseybux_task(): @app.post('/kippy') @admin_level_required(3) def kippy(v): - kippy = g.db.get(User, KIPPY_ID) + kippy = get_account(KIPPY_ID) kippy.procoins += 10000 g.db.add(kippy) g.db.commit() @@ -258,13 +258,13 @@ def remove_admin(v, username): @limiter.limit("1/second;30/minute;200/hour;1000/day") @admin_level_required(3) def distribute(v, comment): - autobetter = g.db.get(User, AUTOBETTER_ID) + autobetter = get_account(AUTOBETTER_ID) if autobetter.coins == 0: return {"error": "@AutoBetter has 0 coins"} try: comment = int(comment) except: abort(400) post = g.db.query(Comment.parent_submission).filter_by(id=comment).one_or_none()[0] - post = g.db.get(Submission, post) + post = get_post(post) pool = 0 for option in post.bet_options: pool += option.upvotes @@ -846,7 +846,7 @@ def admin_link_accounts(v): g.db.add(ma) g.db.commit() - return redirect(f"/admin/alt_votes?u1={g.db.get(User, u1).username}&u2={g.db.get(User, u2).username}") + return redirect(f"/admin/alt_votes?u1={get_account(u1).username}&u2={get_account(u2).username}") @app.get("/admin/removed/posts") @@ -904,7 +904,7 @@ def admin_removed_comments(v): @app.post("/agendaposter/") @admin_level_required(2) def agendaposter(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) days = request.values.get("days") if not days: days = 30.0 @@ -939,7 +939,7 @@ def agendaposter(user_id, v): @app.post("/unagendaposter/") @admin_level_required(2) def unagendaposter(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) user.agendaposter = 0 g.db.add(user) @@ -969,7 +969,7 @@ def unagendaposter(user_id, v): @limiter.limit("1/second;30/minute;200/hour;1000/day") @admin_level_required(2) def shadowban(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) if user.admin_level != 0: abort(403) user.shadowbanned = v.username g.db.add(user) @@ -996,7 +996,7 @@ def shadowban(user_id, v): @limiter.limit("1/second;30/minute;200/hour;1000/day") @admin_level_required(2) def unshadowban(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) user.shadowbanned = None user.ban_evade = 0 g.db.add(user) @@ -1024,7 +1024,7 @@ def unshadowban(user_id, v): @admin_level_required(2) def admin_title_change(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) if CARP_ID > 0 and user.id == CARP_ID: abort(403) @@ -1034,7 +1034,7 @@ def admin_title_change(user_id, v): user.customtitleplain=new_name new_name = filter_emojis_only(new_name) - user=g.db.get(User, user.id) + user=get_account(user.id) user.customtitle=new_name if request.values.get("locked"): user.flairchanged = int(time.time()) + 2629746 else: @@ -1063,7 +1063,7 @@ def admin_title_change(user_id, v): @admin_level_required(2) def ban_user(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) if not user: abort(404) @@ -1136,7 +1136,7 @@ def ban_user(user_id, v): @admin_level_required(2) def unban_user(user_id, v): - user = g.db.get(User, user_id) + user = get_account(user_id) if not user or not user.is_banned: abort(400) @@ -1174,7 +1174,7 @@ def unban_user(user_id, v): @admin_level_required(2) def ban_post(post_id, v): - post = g.db.get(Submission, post_id) + post = get_post(post_id) if not post: abort(400) @@ -1215,7 +1215,7 @@ def ban_post(post_id, v): @admin_level_required(2) def unban_post(post_id, v): - post = g.db.get(Submission, post_id) + post = get_post(post_id) if post.author.id == v.id and post.author.agendaposter and AGENDAPOSTER_PHRASE not in post.body.lower(): return {"error": "You can't bypass the chud award!"} @@ -1254,7 +1254,7 @@ def unban_post(post_id, v): @admin_level_required(1) def api_distinguish_post(post_id, v): - post = g.db.get(Submission, post_id) + post = get_post(post_id) if not post: abort(404) @@ -1286,7 +1286,7 @@ def api_distinguish_post(post_id, v): @admin_level_required(2) def sticky_post(post_id, v): - post = g.db.get(Submission, post_id) + post = get_post(post_id) if post and not post.stickied: pins = g.db.query(Submission).filter(Submission.stickied != None, Submission.is_banned == False).count() if pins >= PIN_LIMIT: @@ -1315,7 +1315,7 @@ def sticky_post(post_id, v): @admin_level_required(2) def unsticky_post(post_id, v): - post = g.db.get(Submission, post_id) + post = get_post(post_id) if post and post.stickied: if post.stickied.endswith('(pin award)'): return {"error": "Can't unpin award pins!"}, 403 @@ -1394,7 +1394,7 @@ def unsticky_comment(cid, v): @admin_level_required(2) def api_ban_comment(c_id, v): - comment = g.db.get(Comment, c_id) + comment = get_comment(c_id) if not comment: abort(404) @@ -1421,7 +1421,7 @@ def api_ban_comment(c_id, v): @admin_level_required(2) def api_unban_comment(c_id, v): - comment = g.db.get(Comment, c_id) + comment = get_comment(c_id) if not comment: abort(404) if comment.author.id == v.id and comment.author.agendaposter and AGENDAPOSTER_PHRASE not in comment.body.lower(): diff --git a/files/routes/awards.py b/files/routes/awards.py index aec93675c..b924b3046 100644 --- a/files/routes/awards.py +++ b/files/routes/awards.py @@ -107,8 +107,8 @@ def buy(v, award): @is_not_permabanned def award_thing(v, thing_type, id): - if thing_type == 'post': thing = g.db.get(Submission, id) - else: thing = g.db.get(Comment, id) + if thing_type == 'post': thing = get_post(id) + else: thing = get_comment(id) if not thing: return {"error": f"That {thing_type} doesn't exist."}, 404 diff --git a/files/routes/comments.py b/files/routes/comments.py index ecb2ff874..19b74add8 100644 --- a/files/routes/comments.py +++ b/files/routes/comments.py @@ -6,6 +6,7 @@ from files.helpers.slots import * from files.helpers.blackjack import * from files.helpers.treasure import * from files.helpers.actions import * +from files.helpers.get import * from files.classes import * from files.routes.front import comment_idlist from files.routes.static import marsey_list @@ -513,7 +514,7 @@ def api_comment(v): g.db.add(c2) - longpostbot = g.db.get(User, LONGPOSTBOT_ID) + longpostbot = get_account(LONGPOSTBOT_ID) longpostbot.comment_count += 1 longpostbot.coins += 1 g.db.add(longpostbot) @@ -574,7 +575,7 @@ def api_comment(v): g.db.add(c4) - zozbot = g.db.get(User, ZOZBOT_ID) + zozbot = get_account(ZOZBOT_ID) zozbot.comment_count += 3 zozbot.coins += 3 g.db.add(zozbot) diff --git a/files/routes/login.py b/files/routes/login.py index 8170bdfba..afa4f4b5a 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -3,6 +3,7 @@ from files.mail import * from files.__main__ import app, limiter from files.helpers.const import * from files.helpers.actions import * +from files.helpers.get import * import requests @app.get("/login") @@ -257,7 +258,7 @@ def sign_up_post(v): args = {"error": error} if request.values.get("referred_by"): - user = g.db.get(User, request.values.get("referred_by")) + user = get_account(request.values.get("referred_by")) if user: args["ref"] = user.username return redirect(f"/signup?{urlencode(args)}") @@ -333,7 +334,7 @@ def sign_up_post(v): g.db.add(new_user) if ref_id: - ref_user = g.db.get(User, ref_id) + ref_user = get_account(ref_id) if ref_user: badge_grant(user=ref_user, badge_id=10) @@ -420,7 +421,7 @@ def get_reset(): title="Password reset link expired", error="That password reset link has expired.") - user = g.db.get(User, user_id) + user = get_account(user_id) if not user: abort(400) @@ -460,7 +461,7 @@ def post_reset(v): title="Password reset expired", error="That password reset form has expired.") - user = g.db.get(User, user_id) + user = get_account(user_id) if not validate_hash(f"{user_id}+{timestamp}+reset+{user.login_nonce}", token): abort(400) diff --git a/files/routes/posts.py b/files/routes/posts.py index b7e835058..b7b629671 100644 --- a/files/routes/posts.py +++ b/files/routes/posts.py @@ -7,6 +7,7 @@ from files.helpers.alerts import * from files.helpers.discord import send_discord_message from files.helpers.const import * from files.helpers.slots import * +from files.helpers.get import * from files.classes import * from files.routes.subs import on_post_hole_entered from flask import * @@ -383,7 +384,7 @@ def morecomments(v, cid): else: dump.append(comment) comments = output else: - c = g.db.get(Comment, cid) + c = get_comment(cid) comments = c.replies(None) if comments: p = comments[0].post @@ -1086,7 +1087,7 @@ def submit_post(v, sub=None): n = Notification(comment_id=c_jannied.id, user_id=v.id) g.db.add(n) - snappy = g.db.get(User, SNAPPY_ID) + snappy = get_account(SNAPPY_ID) if not (post.sub and g.db.query(Exile.user_id).filter_by(user_id=SNAPPY_ID, sub=post.sub).one_or_none()): if post.sub == 'dankchristianmemes' or post.sub == 'truth': @@ -1277,7 +1278,7 @@ def undelete_post_pid(pid, v): @app.post("/toggle_comment_nsfw/") @auth_required def toggle_comment_nsfw(cid, v): - comment = g.db.get(Comment, cid) + comment = get_comment(cid) if comment.author_id != v.id and not v.admin_level > 1: abort(403) @@ -1357,7 +1358,7 @@ def unsave_post(pid, v): @auth_required def api_pin_post(post_id, v): - post = g.db.get(Submission, post_id) + post = get_post(post_id) if post: if v.id != post.author_id: return {"error": "Only the post author's can do that!"} post.is_pinned = not post.is_pinned diff --git a/files/routes/settings.py b/files/routes/settings.py index 928e3834e..f30a18941 100644 --- a/files/routes/settings.py +++ b/files/routes/settings.py @@ -4,6 +4,7 @@ from files.helpers.sanitize import * from files.helpers.discord import remove_user, set_nick from files.helpers.const import * from files.helpers.actions import * +from files.helpers.get import * from files.mail import * from files.__main__ import app, cache, limiter import youtube_dl @@ -767,7 +768,7 @@ def settings_name_change(v): v=v, error=f"Username `{new_name}` is already in use.") - v=g.db.get(User, v.id) + v=get_account(v.id) v.username=new_name v.name_changed_utc=int(time.time()) diff --git a/files/routes/subs.py b/files/routes/subs.py index 0a903991a..90d8fb847 100644 --- a/files/routes/subs.py +++ b/files/routes/subs.py @@ -1,6 +1,7 @@ from files.__main__ import app, limiter, mail from files.helpers.alerts import * from files.helpers.wrappers import * +from files.helpers.get import * from files.classes import * from .front import frontlist import tldextract @@ -244,7 +245,7 @@ def remove_mod(v, sub): try: uid = int(uid) except: abort(400) - user = g.db.get(User, uid) + user = get_account(uid) if not user: abort(404) diff --git a/files/routes/votes.py b/files/routes/votes.py index 09cd0af50..82d2694d8 100644 --- a/files/routes/votes.py +++ b/files/routes/votes.py @@ -254,7 +254,7 @@ def bet(comment_id, v): v.coins -= 200 g.db.add(v) - autobetter = g.db.get(User, AUTOBETTER_ID) + autobetter = get_account(AUTOBETTER_ID) autobetter.coins += 200 g.db.add(autobetter)