disasllow ppl from publishing drafts while banned
parent
3c0e406f90
commit
a2106d191a
|
@ -86,10 +86,8 @@ def post_pid_comment_cid(cid, v, pid=None, anything=None, sub=None):
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit("20/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit("20/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit("20/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit("20/minute;200/hour;1000/day", deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@auth_required
|
@is_not_banned
|
||||||
def comment(v:User):
|
def comment(v:User):
|
||||||
if v.is_suspended: abort(403, "You can't perform this action while banned!")
|
|
||||||
|
|
||||||
parent_fullname = request.values.get("parent_fullname").strip()
|
parent_fullname = request.values.get("parent_fullname").strip()
|
||||||
if len(parent_fullname) < 3: abort(400)
|
if len(parent_fullname) < 3: abort(400)
|
||||||
id = parent_fullname[2:]
|
id = parent_fullname[2:]
|
||||||
|
|
|
@ -35,7 +35,7 @@ from files.__main__ import app, limiter, redis_instance
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@auth_required
|
@is_not_banned
|
||||||
def publish(pid, v):
|
def publish(pid, v):
|
||||||
p = get_post(pid)
|
p = get_post(pid)
|
||||||
if not p.private: return {"message": "Post published!"}
|
if not p.private: return {"message": "Post published!"}
|
||||||
|
@ -455,7 +455,7 @@ def is_repost(v):
|
||||||
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
@limiter.limit('1/second', scope=rpath, key_func=get_ID)
|
||||||
@limiter.limit(POST_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
@limiter.limit(POST_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
|
||||||
@limiter.limit(POST_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
@limiter.limit(POST_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
|
||||||
@auth_required
|
@is_not_banned
|
||||||
def submit_post(v:User, sub=None):
|
def submit_post(v:User, sub=None):
|
||||||
url = request.values.get("url", "").strip()
|
url = request.values.get("url", "").strip()
|
||||||
|
|
||||||
|
@ -496,8 +496,6 @@ def submit_post(v:User, sub=None):
|
||||||
if not sub and HOLE_REQUIRED:
|
if not sub and HOLE_REQUIRED:
|
||||||
abort(400, f"You must choose a {HOLE_NAME} for your post!")
|
abort(400, f"You must choose a {HOLE_NAME} for your post!")
|
||||||
|
|
||||||
if v.is_suspended: abort(400, "You can't perform this action while banned!")
|
|
||||||
|
|
||||||
if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
|
if v.longpost and (len(body) < 280 or ' [](' in body or body.startswith('[](')):
|
||||||
abort(400, "You have to type more than 280 characters!")
|
abort(400, "You have to type more than 280 characters!")
|
||||||
elif v.bird and len(body) > 140:
|
elif v.bird and len(body) > 140:
|
||||||
|
|
|
@ -155,11 +155,20 @@ def auth_required(f):
|
||||||
wrapper.__name__ = f.__name__
|
wrapper.__name__ = f.__name__
|
||||||
return wrapper
|
return wrapper
|
||||||
|
|
||||||
|
def is_not_banned(f):
|
||||||
|
def wrapper(*args, **kwargs):
|
||||||
|
v = get_logged_in_user()
|
||||||
|
if not v: abort(401)
|
||||||
|
if v.is_suspended: abort(403, "You can't perform this action while banned!")
|
||||||
|
return make_response(f(*args, v=v, **kwargs))
|
||||||
|
wrapper.__name__ = f.__name__
|
||||||
|
return wrapper
|
||||||
|
|
||||||
def is_not_permabanned(f):
|
def is_not_permabanned(f):
|
||||||
def wrapper(*args, **kwargs):
|
def wrapper(*args, **kwargs):
|
||||||
v = get_logged_in_user()
|
v = get_logged_in_user()
|
||||||
if not v: abort(401)
|
if not v: abort(401)
|
||||||
if v.is_permabanned: abort(403)
|
if v.is_permabanned: abort(403, "You can't perform this action while permabanned!")
|
||||||
return make_response(f(*args, v=v, **kwargs))
|
return make_response(f(*args, v=v, **kwargs))
|
||||||
wrapper.__name__ = f.__name__
|
wrapper.__name__ = f.__name__
|
||||||
return wrapper
|
return wrapper
|
||||||
|
|
Loading…
Reference in New Issue