diff --git a/.gitignore b/.gitignore index 62f93df61..901c3face 100644 --- a/.gitignore +++ b/.gitignore @@ -3,8 +3,6 @@ video.mp4 video.webm cache/ __pycache__/ -disable_signups -under_attack .idea/ **/.pytest_cache/ venv/ diff --git a/files/routes/admin.py b/files/routes/admin.py index df99d53ec..5d9d20fc4 100644 --- a/files/routes/admin.py +++ b/files/routes/admin.py @@ -342,36 +342,29 @@ def reported_comments(v): @app.get("/admin") @admin_level_required(2) def admin_home(v): - - with open('disable_signups', 'r') as f: x = f.read() - with open('under_attack', 'r') as f: x2 = f.read() - - return render_template("admin/admin_home.html", v=v, x=x, x2=x2) + return render_template("admin/admin_home.html", v=v) @app.post("/admin/disable_signups") @admin_level_required(3) def disable_signups(v): - with open('disable_signups', 'r') as f: content = f.read() - - with open('disable_signups', 'w') as f: - if content == "yes": - f.write("no") - ma = ModAction( - kind="enable_signups", - user_id=v.id, - ) - g.db.add(ma) - g.db.commit() - return {"message": "Signups enabled!"} - else: - f.write("yes") - ma = ModAction( - kind="disable_signups", - user_id=v.id, - ) - g.db.add(ma) - g.db.commit() - return {"message": "Signups disabled!"} + if environ.get('disable_signups'): + environ["disable_signups"] = "" + ma = ModAction( + kind="enable_signups", + user_id=v.id, + ) + g.db.add(ma) + g.db.commit() + return {"message": "Signups enabled!"} + else: + environ["disable_signups"] = "1" + ma = ModAction( + kind="disable_signups", + user_id=v.id, + ) + g.db.add(ma) + g.db.commit() + return {"message": "Signups disabled!"} @app.post("/admin/purge_cache") @@ -386,33 +379,30 @@ def purge_cache(v): @app.post("/admin/under_attack") @admin_level_required(2) def under_attack(v): - with open('under_attack', 'r') as f: content = f.read() + if environ.get('under_attack'): + environ["under_attack"] = "" + ma = ModAction( + kind="disable_under_attack", + user_id=v.id, + ) + g.db.add(ma) + g.db.commit() - with open('under_attack', 'w') as f: - if content == "yes": - f.write("no") - ma = ModAction( - kind="disable_under_attack", - user_id=v.id, - ) - g.db.add(ma) - g.db.commit() + response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"medium"}')) + if response == "": return {"message": "Under attack mode disabled!"} + return {"error": "Failed to disable under attack mode."} + else: + environ["under_attack"] = "1" + ma = ModAction( + kind="enable_under_attack", + user_id=v.id, + ) + g.db.add(ma) + g.db.commit() - response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"medium"}')) - if response == "": return {"message": "Under attack mode disabled!"} - return {"error": "Failed to disable under attack mode."} - else: - f.write("yes") - ma = ModAction( - kind="enable_under_attack", - user_id=v.id, - ) - g.db.add(ma) - g.db.commit() - - response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"under_attack"}')) - if response == "": return {"message": "Under attack mode enabled!"} - return {"error": "Failed to enable under attack mode."} + response = str(requests.patch(f'https://api.cloudflare.com/client/v4/zones/{CF_ZONE}/settings/security_level', headers=CF_HEADERS, data='{"value":"under_attack"}')) + if response == "": return {"message": "Under attack mode enabled!"} + return {"error": "Failed to enable under attack mode."} @app.get("/admin/badge_grant") @admin_level_required(2) diff --git a/files/routes/login.py b/files/routes/login.py index 0f75b55df..2b32365cb 100644 --- a/files/routes/login.py +++ b/files/routes/login.py @@ -170,8 +170,8 @@ def logout(v): @app.get("/signup") @auth_desired def sign_up_get(v): - with open('disable_signups', 'r') as f: - if f.read() == "yes": return {"error": "New account registration is currently closed. Please come back later."}, 403 + if environ.get('disable_signups'): + return {"error": "New account registration is currently closed. Please come back later."}, 403 if v: return redirect(f"{SITE_FULL}/") @@ -214,8 +214,8 @@ def sign_up_get(v): @limiter.limit("1/minute;5/day") @auth_desired def sign_up_post(v): - with open('disable_signups', 'r') as f: - if f.read() == "yes": return {"error": "New account registration is currently closed. Please come back later."}, 403 + if environ.get('disable_signups'): + return {"error": "New account registration is currently closed. Please come back later."}, 403 if v: abort(403) diff --git a/files/templates/admin/admin_home.html b/files/templates/admin/admin_home.html index 7213c8265..facc6c0db 100644 --- a/files/templates/admin/admin_home.html +++ b/files/templates/admin/admin_home.html @@ -59,14 +59,14 @@ {% if v.admin_level > 2 %}
- +
{% endif %} {% if v.admin_level == 3 %}
- +
diff --git a/files/templates/submission_listing.html b/files/templates/submission_listing.html index 9ed4f9f66..cb3a5877b 100644 --- a/files/templates/submission_listing.html +++ b/files/templates/submission_listing.html @@ -288,11 +288,9 @@ {% if v.id != p.author_id and not p.ghost %} - Unblock user + Unblock user - Are you sure? - - Block user + Block user {% endif %} {% if v.id==p.author_id or v.admin_level > 1 %}