From 3e26b1f59afb7d5ce7a6b3ca060b50b5327197ce Mon Sep 17 00:00:00 2001
From: Aevann <randomname42029@gmail.com>
Date: Wed, 18 Oct 2023 21:17:50 +0300
Subject: [PATCH] add "insert transaction" form

---
 files/helpers/config/const.py                 |  1 +
 files/helpers/config/modaction_types.py       |  6 ++
 files/routes/admin.py                         | 58 +++++++++++++++++++
 files/routes/users.py                         |  3 +-
 files/templates/admin/admin_home.html         |  7 +++
 files/templates/admin/insert_transaction.html | 44 ++++++++++++++
 6 files changed, 118 insertions(+), 1 deletion(-)
 create mode 100644 files/templates/admin/insert_transaction.html

diff --git a/files/helpers/config/const.py b/files/helpers/config/const.py
index 62bbb1d92..e68ee4ce5 100644
--- a/files/helpers/config/const.py
+++ b/files/helpers/config/const.py
@@ -383,6 +383,7 @@ PERMS = { # Minimum admin_level to perform action.
 	'USER_RESET_PASSWORD': 4,
 	'CLAIM_REWARDS_ALL_USERS': 4,
 	'IGNORE_AWARD_IMMUNITY': 4,
+	'INSERT_TRANSACTION': 4,
 }
 
 FEATURES = {
diff --git a/files/helpers/config/modaction_types.py b/files/helpers/config/modaction_types.py
index 56d454050..8045293ac 100644
--- a/files/helpers/config/modaction_types.py
+++ b/files/helpers/config/modaction_types.py
@@ -181,6 +181,11 @@ MODACTION_TYPES = {
 		"icon": 'fa-tag',
 		"color": 'bg-primary'
 	},
+	'insert_transaction': {
+		"str": 'Inserted transaction made by {self.target_link}',
+		"icon": 'fa-dollar-sign',
+		"color": 'bg-success'
+	},
 	'link_accounts': {
 		"str": 'linked {self.target_link}',
 		"icon": 'fa-link',
@@ -436,6 +441,7 @@ MODACTION_PRIVILEGED_TYPES = {
 								'enable_login_required',
 								'reset_password',
 								'schedule_orgy', 'remove_orgy',
+								'insert_transaction',
 							}
 MODACTION_PRIVILEGED__TYPES = {'progstack_post', 'progstack_comment',
 							'unprogstack_post', 'unprogstack_comment'}
diff --git a/files/routes/admin.py b/files/routes/admin.py
index 8312f7112..7871bac4e 100644
--- a/files/routes/admin.py
+++ b/files/routes/admin.py
@@ -2044,3 +2044,61 @@ def remove_orgy(v, created_utc):
 		requests.post('http://localhost:5001/refresh_chat', headers={"Host": SITE})
 
 	return {"message": "Orgy stopped successfully!"}
+
+@app.get("/admin/insert_transaction")
+@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
+@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
+@admin_level_required(PERMS['INSERT_TRANSACTION'])
+def insert_transaction(v):
+	return render_template("admin/insert_transaction.html", v=v)
+
+@app.post("/admin/insert_transaction")
+@limiter.limit('1/second', scope=rpath)
+@limiter.limit('1/second', scope=rpath, key_func=get_ID)
+@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400)
+@limiter.limit(DEFAULT_RATELIMIT, deduct_when=lambda response: response.status_code < 400, key_func=get_ID)
+@admin_level_required(PERMS['INSERT_TRANSACTION'])
+def insert_transaction_post(v):
+	type = request.values.get("type", "").strip()
+	id = request.values.get("id", "").strip()
+	amount = request.values.get("amount", "").strip()
+	username = request.values.get("username", "").strip()
+
+	if type not in {'BTC', 'ETH'}:
+		abort(400, "Invalid transaction currency!")
+
+	if not id:
+		abort(400, "A transaction ID is required!")
+
+	if not amount:
+		abort(400, "A transaction amount is required!")
+
+	if not username:
+		abort(400, "A username is required!")
+
+	amount = int(amount)
+
+	user = get_user(username)
+
+	if not user.email:
+		abort(400, f"@{user.username} doesn't have an email tied to their account!")
+
+	transaction = Transaction(
+		id=id,
+		created_utc=time.time(),
+		type=type,
+		amount=amount,
+		email=user.email,
+	)
+	g.db.add(transaction)
+
+	ma = ModAction(
+		kind="insert_transaction",
+		user_id=v.id,
+		target_user_id=user.id,
+		_note=f'Transaction ID: {id}',
+	)
+	g.db.add(ma)
+
+	claim_rewards_all_users()
+	return {"message": "Transaction inserted successfully!"}
diff --git a/files/routes/users.py b/files/routes/users.py
index ce6b99d0d..6b2cedf89 100644
--- a/files/routes/users.py
+++ b/files/routes/users.py
@@ -47,6 +47,7 @@ def _add_profile_view(vid, uid):
 	stdout.flush()
 
 def claim_rewards_all_users():
+	g.db.flush()
 	emails = [x[0] for x in g.db.query(Transaction.email).filter_by(claimed=None)]
 	users = g.db.query(User).filter(User.email.in_(emails)).order_by(User.truescore.desc()).all()
 	for user in users:
@@ -58,8 +59,8 @@ def claim_rewards_all_users():
 
 		for transaction in transactions:
 			for t, money in TIER_TO_MONEY.items():
+				if transaction.amount < money: break
 				tier = t
-				if transaction.amount <= money: break
 
 			marseybux += transaction.amount * 500
 			if tier > highest_tier:
diff --git a/files/templates/admin/admin_home.html b/files/templates/admin/admin_home.html
index 9662aab68..1401e09f5 100644
--- a/files/templates/admin/admin_home.html
+++ b/files/templates/admin/admin_home.html
@@ -4,6 +4,13 @@
 {% block content %}
 <h3 class="py-2">Admin Tools</h3>
 
+{% if v.admin_level >= PERMS['INSERT_TRANSACTION'] %}
+	<h4>Transactions</h4>
+	<ul>
+		<li><a href="/admin/insert_transaction">Insert Transaction</a></li>
+	</ul>
+{%- endif %}
+
 {% if v.admin_level >= PERMS['ORGIES'] %}
 	<h4>Orgies</h4>
 	<ul>
diff --git a/files/templates/admin/insert_transaction.html b/files/templates/admin/insert_transaction.html
new file mode 100644
index 000000000..70f61de96
--- /dev/null
+++ b/files/templates/admin/insert_transaction.html
@@ -0,0 +1,44 @@
+{% extends "default.html" %}
+
+{% block pagetitle %}Insert Transaction{% endblock %}
+
+{% block content %}
+	<div class="row my-5">
+		<div class="col">
+			<div class="settings mx-3">
+				<h2>Insert Transaction</h2>
+				<div class="body d-lg-flex">
+					<div class="w-lg-100">
+						<form action="/admin/insert_transaction" method="post" data-nonce="{{g.nonce}}" data-onsubmit="sendFormXHR(this)">
+							<input hidden name="formkey" value="{{v|formkey}}">
+
+							<label class="mt-3" for="type">Transaction Currency</label>
+							<div class="input-group">
+								<select autocomplete="off" id='type' class="form-control" name="type" required>
+									<option hidden disabled selected value>-- select an option --</option>
+									<option value="BTC">BTC</option>
+									<option value="ETH">ETH</option>
+								</select>
+							</div>
+
+							<label class="mt-3" for="id">Transaction ID</label>
+							<input autocomplete="off" type="text" id="id" class="form-control" name="id" maxlength="66" placeholder="Required" required>
+
+							<label class="mt-3" for="amount">Transaction Amount</label>
+							<input autocomplete="off" type="number" id="amount" class="form-control" name="amount" min="1" placeholder="Required" required>
+
+							<label class="mt-3" for="username">Username (must have an email set)</label>
+							<input autocomplete="off" type="text" id="username" class="form-control" maxlength="30" name="username" placeholder="Required" required>
+
+							<div class="footer mt-4">
+								<div class="d-flex">
+									<input id="submit-btn" type="submit" class="btn btn-primary ml-auto" value="Submit">
+								</div>
+							</div>
+						</form>
+					</div>
+				</div>
+			</div>
+		</div>
+	</div>
+{% endblock %}