From 8b4dc2bd111d667086e17bda517b4c2c6b4df3f2 Mon Sep 17 00:00:00 2001 From: Snakes Date: Sun, 4 Dec 2022 13:24:38 -0500 Subject: [PATCH] cc: punch list code review. Includes: - Use User.can_see consistently to deduplicate. - Constantify truescore limits. - Delete removed modlog kinds in migration. - Restore logged-in requirement for masterbaiters. --- files/classes/user.py | 29 +++++++++++++-------------- files/helpers/const.py | 2 ++ files/routes/front.py | 3 ++- files/routes/subs.py | 16 +++++++-------- migrations/20221204-new-cc-system.sql | 6 ++++-- 5 files changed, 30 insertions(+), 26 deletions(-) diff --git a/files/classes/user.py b/files/classes/user.py index 0850656b4..0149235c9 100644 --- a/files/classes/user.py +++ b/files/classes/user.py @@ -1006,11 +1006,8 @@ class User(Base): if other.is_banned: return False if other.deleted_utc: return False if other.author.shadowbanned and not (user and user.can_see_shadowbanned): return False - if isinstance(other, Submission): - if other.sub in ('chudrama', 'countryclub') and not (user and user.can_see_hole(other.sub)): - return False - else: - if other.parent_submission and not cls.can_see_content(user, other.post): return False + if isinstance(other, Comment): + if other.parent_submission and not cls.can_see(user, other.post): return False return True @classmethod @@ -1036,24 +1033,19 @@ class User(Base): if other.parent_submission and other.post.sub and not cls.can_see(user, other.post.subr): return False # if other.parent_submission and not cls.can_see(user, other.post): return False elif isinstance(other, Sub): - if other.name in ('chudrama', 'countryclub') and not (user and user.can_see_hole(other.name)): - return False + if other.name == 'chudrama': return bool(user) and user.can_see_chudrama + if other.name == 'countryclub': return bool(user) and user.can_see_countryclub + if other.name == 'masterbaiters': return bool(user) and user.can_see_masterbaiters elif isinstance(other, User): return (user and user.id == other.id) or (user and user.can_see_shadowbanned) or not other.shadowbanned return True - @lazy - def can_see_hole(self, hole): - if hole == 'chudrama': return self.can_see_chudrama - if hole == 'countryclub': return self.can_see_countryclub - return True - @property @lazy def can_see_chudrama(self): if self.admin_level >= PERMS['VIEW_CHUDRAMA']: return True if self.client: return True - if self.truescore >= 5000: return True + if self.truescore >= TRUESCORE_CHUDRAMA_MINIMUM: return True if self.agendaposter: return True if self.patron: return True return False @@ -1065,9 +1057,16 @@ class User(Base): if self.is_suspended_permanently: return False if self.agendaposter == 1: return False if self.admin_level >= PERMS['VIEW_CLUB']: return True - if self.truescore >= 1000: return True + if self.truescore >= TRUESCORE_CLUB_MINIMUM: return True return False + @property + @lazy + def can_see_masterbaiters(self): + if self.shadowbanned: return False + if self.is_suspended_permanently: return False + return True + @property @lazy def can_post_in_ghost_threads(self): diff --git a/files/helpers/const.py b/files/helpers/const.py index 3cbac1a6f..5b2e00319 100644 --- a/files/helpers/const.py +++ b/files/helpers/const.py @@ -396,6 +396,8 @@ COSMETIC_AWARD_COIN_AWARD_PCT = 0.10 TRUESCORE_CHAT_MINIMUM = 0 TRUESCORE_DONATE_MINIMUM = 100 TRUESCORE_GHOST_MINIMUM = 0 +TRUESCORE_CHUDRAMA_MINIMUM = 5000 +TRUESCORE_CLUB_MINIMUM = 1000 CHAT_DISPLAY_USER_COUNT_MINIMUM = 0 LOGGEDIN_ACTIVE_TIME = 15 * 60 diff --git a/files/routes/front.py b/files/routes/front.py index 2790d18cc..ec2656c7b 100644 --- a/files/routes/front.py +++ b/files/routes/front.py @@ -18,7 +18,8 @@ from files.__main__ import app, cache, limiter def front_all(v, sub=None, subdomain=None): if sub: sub = get_sub_by_name(sub, graceful=True) - if sub and not User.can_see(v, sub): abort(403, "You need 5000 truescore to be able to see /h/chudrama") + if sub and not User.can_see(v, sub): + abort(403) if (request.path.startswith('/h/') or request.path.startswith('/s/')) and not sub: abort(404) diff --git a/files/routes/subs.py b/files/routes/subs.py index 30338e7d1..c3090159d 100644 --- a/files/routes/subs.py +++ b/files/routes/subs.py @@ -123,7 +123,7 @@ def block_sub(v:User, sub): @auth_required def unblock_sub(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) block = g.db.query(SubBlock).filter_by(user_id=v.id, sub=sub.name).one_or_none() @@ -164,7 +164,7 @@ def unsubscribe_sub(v:User, sub): @auth_required def follow_sub(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) existing = g.db.query(SubSubscription).filter_by(user_id=v.id, sub=sub.name).one_or_none() if not existing: @@ -189,7 +189,7 @@ def unfollow_sub(v:User, sub): @auth_required def mods(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) users = g.db.query(User, Mod).join(Mod).filter_by(sub=sub.name).order_by(Mod.created_utc).all() @@ -200,7 +200,7 @@ def mods(v:User, sub): @auth_required def sub_exilees(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) users = g.db.query(User, Exile).join(Exile, Exile.user_id==User.id) \ .filter_by(sub=sub.name) \ @@ -213,7 +213,7 @@ def sub_exilees(v:User, sub): @auth_required def sub_blockers(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) users = g.db.query(User, SubBlock).join(SubBlock) \ .filter_by(sub=sub.name) \ @@ -227,7 +227,7 @@ def sub_blockers(v:User, sub): @auth_required def sub_followers(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) users = g.db.query(User, SubSubscription).join(SubSubscription) \ .filter_by(sub=sub.name) \ @@ -708,7 +708,7 @@ def mod_unpin(cid, v): @auth_required def hole_log(v:User, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) try: page = max(int(request.values.get("page", 1)), 1) except: page = 1 @@ -749,7 +749,7 @@ def hole_log(v:User, sub): @auth_required def hole_log_item(id, v, sub): sub = get_sub_by_name(sub) - if sub.name in ('chudrama', 'countryclub') and not v.can_see_hole(sub.name): + if not User.can_see(v, sub): abort(403) try: id = int(id) except: abort(404) diff --git a/migrations/20221204-new-cc-system.sql b/migrations/20221204-new-cc-system.sql index 908d3858e..895651437 100644 --- a/migrations/20221204-new-cc-system.sql +++ b/migrations/20221204-new-cc-system.sql @@ -1,2 +1,4 @@ -alter table submissions drop column club; -alter table users drop column club_allowed; +UPDATE submissions SET sub = 'countryclub' WHERE club = true AND sub IS NULL; +DELETE FROM modactions WHERE kind IN ('club_allow','club_ban','club_post','unclub_post'); +ALTER TABLE submissions DROP COLUMN club; +ALTER TABLE users DROP COLUMN club_allowed;