forked from rDrama/rDrama
use error handlers in cases where we can
parent
fe9064a9b7
commit
ee85b5577a
|
@ -85,8 +85,8 @@ def before_request():
|
||||||
with open('/site_settings.json', 'r', encoding='utf_8') as f:
|
with open('/site_settings.json', 'r', encoding='utf_8') as f:
|
||||||
app.config['SETTINGS'] = json.load(f)
|
app.config['SETTINGS'] = json.load(f)
|
||||||
|
|
||||||
if request.host != app.config["SERVER_NAME"]: return {"error":"Unauthorized host provided."}, 401
|
if request.host != app.config["SERVER_NAME"]: abort(403, "Unauthorized host provided.")
|
||||||
if request.headers.get("CF-Worker"): return {"error":"Cloudflare workers are not allowed to access this website."}, 401
|
if request.headers.get("CF-Worker"): abort(403, "Cloudflare workers are not allowed to access this website.")
|
||||||
|
|
||||||
if not app.config['SETTINGS']['Bots'] and request.headers.get("Authorization"): abort(403)
|
if not app.config['SETTINGS']['Bots'] and request.headers.get("Authorization"): abort(403)
|
||||||
|
|
||||||
|
|
|
@ -219,7 +219,7 @@ def roulette_player_placed_bet(v):
|
||||||
currency = request.values.get("currency")
|
currency = request.values.get("currency")
|
||||||
|
|
||||||
if amount < 5:
|
if amount < 5:
|
||||||
return {"error": f"Minimum bet is 5 {currency}."}
|
abort(400, f"Minimum bet is 5 {currency}.")
|
||||||
|
|
||||||
gambler_placed_roulette_bet(v, bet, which, amount, currency)
|
gambler_placed_roulette_bet(v, bet, which, amount, currency)
|
||||||
|
|
||||||
|
|
|
@ -251,7 +251,7 @@ def comment(v):
|
||||||
Comment.parent_submission == parent_submission,
|
Comment.parent_submission == parent_submission,
|
||||||
Comment.body_html == body_html
|
Comment.body_html == body_html
|
||||||
).first()
|
).first()
|
||||||
if existing: return {"error": f"You already made that comment: /comment/{existing.id}"}, 409
|
if existing: abort(409, f"You already made that comment: /comment/{existing.id}")
|
||||||
|
|
||||||
if parent.author.any_block_exists(v) and v.admin_level < PERMS['POST_COMMENT_MODERATION']:
|
if parent.author.any_block_exists(v) and v.admin_level < PERMS['POST_COMMENT_MODERATION']:
|
||||||
abort(403, "You can't reply to users who have blocked you or users that you have blocked.")
|
abort(403, "You can't reply to users who have blocked you or users that you have blocked.")
|
||||||
|
@ -605,7 +605,7 @@ def unpin_comment(cid, v):
|
||||||
if v.id != comment.post.author_id: abort(403)
|
if v.id != comment.post.author_id: abort(403)
|
||||||
|
|
||||||
if not comment.stickied.endswith(" (OP)"):
|
if not comment.stickied.endswith(" (OP)"):
|
||||||
return {"error": "You can only unpin comments you have pinned!"}, 400
|
abort(403, "You can only unpin comments you have pinned!")
|
||||||
|
|
||||||
comment.stickied = None
|
comment.stickied = None
|
||||||
g.db.add(comment)
|
g.db.add(comment)
|
||||||
|
|
|
@ -572,13 +572,13 @@ if SITE == 'pcmemes.net':
|
||||||
else:
|
else:
|
||||||
text = requests.get(link, cookies={'CONSENT': 'YES+1'}, timeout=5).text
|
text = requests.get(link, cookies={'CONSENT': 'YES+1'}, timeout=5).text
|
||||||
try: id = id_regex.search(text).group(1)
|
try: id = id_regex.search(text).group(1)
|
||||||
except: return {"error": "Invalid ID"}
|
except: abort(400, "Invalid ID")
|
||||||
|
|
||||||
live = cache.get('live') or []
|
live = cache.get('live') or []
|
||||||
offline = cache.get('offline') or []
|
offline = cache.get('offline') or []
|
||||||
|
|
||||||
if not id or len(id) != 24:
|
if not id or len(id) != 24:
|
||||||
return {"error": "Invalid ID"}
|
abort(400, "Invalid ID")
|
||||||
|
|
||||||
existing = g.db.get(Streamer, id)
|
existing = g.db.get(Streamer, id)
|
||||||
if not existing:
|
if not existing:
|
||||||
|
|
|
@ -280,7 +280,7 @@ def transfer_coins(v, username):
|
||||||
notif_text = f":marseycapitalistmanlet: @{v.username} has gifted you {amount-tax} coins!"
|
notif_text = f":marseycapitalistmanlet: @{v.username} has gifted you {amount-tax} coins!"
|
||||||
|
|
||||||
if reason:
|
if reason:
|
||||||
if len(reason) > TRANSFER_MESSAGE_LENGTH_LIMIT: return {"error": f"Reason is too long, max {TRANSFER_MESSAGE_LENGTH_LIMIT} characters"},400
|
if len(reason) > TRANSFER_MESSAGE_LENGTH_LIMIT: abort(400, f"Reason is too long, max {TRANSFER_MESSAGE_LENGTH_LIMIT} characters")
|
||||||
notif_text += f"\n\n> {reason}"
|
notif_text += f"\n\n> {reason}"
|
||||||
log_message += f"\n\n> {reason}"
|
log_message += f"\n\n> {reason}"
|
||||||
|
|
||||||
|
@ -319,7 +319,7 @@ def transfer_bux(v, username):
|
||||||
notif_text = f":marseycapitalistmanlet: @{v.username} has gifted you {amount} marseybux!"
|
notif_text = f":marseycapitalistmanlet: @{v.username} has gifted you {amount} marseybux!"
|
||||||
|
|
||||||
if reason:
|
if reason:
|
||||||
if len(reason) > 200: return {"error": "Reason is too long, max 200 characters"},400
|
if len(reason) > 200: abort(400, "Reason is too long, max 200 characters")
|
||||||
notif_text += f"\n\n> {reason}"
|
notif_text += f"\n\n> {reason}"
|
||||||
log_message += f"\n\n> {reason}"
|
log_message += f"\n\n> {reason}"
|
||||||
|
|
||||||
|
@ -773,7 +773,7 @@ def u_username(username, v=None):
|
||||||
|
|
||||||
if u.reserved:
|
if u.reserved:
|
||||||
if request.headers.get("Authorization") or request.headers.get("xhr") or request.path.endswith(".json"):
|
if request.headers.get("Authorization") or request.headers.get("xhr") or request.path.endswith(".json"):
|
||||||
return {"error": f"This username is reserved for: {u.reserved}"}, 418
|
abort(418, f"This username is reserved for: {u.reserved}")
|
||||||
|
|
||||||
return render_template("userpage_reserved.html", u=u, v=v)
|
return render_template("userpage_reserved.html", u=u, v=v)
|
||||||
|
|
||||||
|
@ -870,7 +870,7 @@ def u_username_comments(username, v=None):
|
||||||
|
|
||||||
if u.reserved:
|
if u.reserved:
|
||||||
if request.headers.get("Authorization") or request.headers.get("xhr") or request.path.endswith(".json"):
|
if request.headers.get("Authorization") or request.headers.get("xhr") or request.path.endswith(".json"):
|
||||||
return {"error": f"This username is reserved for: {u.reserved}"}, 418
|
abort(418, f"This username is reserved for: {u.reserved}")
|
||||||
return render_template("userpage_reserved.html", u=u, v=v)
|
return render_template("userpage_reserved.html", u=u, v=v)
|
||||||
|
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue