Beispiel #1
0
def _check_post_settings(board: BoardModel, post_details):
    site_config = site_service.get_site_config()
    if not site_config.posting_enabled:
        raise BadRequestError(MESSAGE_POSTING_DISABLED)

    if post_details.has_file and not site_config.file_posting:
        raise BadRequestError(MESSAGE_FILE_POSTING_DISABLED)

    if board.config.posting_verification_required and not verification_service.is_verified(request):
        method = verification_service.get_method()
        if method.verification_in_request(request):
            try:
                method.verify_request(request)
                verification_service.set_verified(request)
            except ArgumentError as e:
                raise BadRequestError(e)
        else:
            message = 'Please verify here first before posting.'

            if request.is_xhr:
                xhr_response = {
                    'error': True,
                    'message': page_formatting('[{}](_/verify/)'.format(message))
                }

                return jsonify(xhr_response), 400
            else:
                with_refresh = '[{}](_/verify/)\n\n**Refresh this page after verifying.**'.format(message)

                return render_template('error.html', message=with_refresh, with_retry=True), 400
Beispiel #2
0
def verify():
    method = verification_service.get_method()
    verified = False
    verified_message = None

    if request.method == 'POST':
        if not check_csrf_referer(request):
            raise BadRequestError('Bad referer header')

        if verification_service.is_verified(request):
            verified = True
        elif method.verification_in_request(request):
            try:
                method.verify_request(request)
                verification_service.set_verified(request)
                verified = True
            except ArgumentError as e:
                verified_message = e.message
    else:
        verified = verification_service.is_verified(request)

    return render_template('verify.html',
                           method=method,
                           verified=verified,
                           verified_message=verified_message)
Beispiel #3
0
def mod_auth():
    if request.method == 'POST':
        return _mod_auth_post()
    else:
        authed = get_authed()
        moderator = request_moderator() if authed else None

        method = None
        if not authed:
            method = verification_service.get_method()

        return render_template('auth.html', authed=authed, moderator=moderator, method=method)
Beispiel #4
0
def post_manage():
    # We don't have csrf tokens for session-less endpoints like this.
    # Do it another way, with a referer check.
    _check_headers()

    details = _gather_manage_params()

    success_message = 'Success!'
    if details.mode == 'delete':
        details.mode = ManagePostDetails.DELETE
        success_message = 'Post deleted'
    elif details.mode == 'report':
        if not details.post_id:
            raise BadRequestError(post_manage_helper.MESSAGE_NO_POST_ID)

        action = url_for('.post_manage')

        method = verification_service.get_method()

        retry_params = {
            'mode': 'report',
            'board': details.board_name,
            'thread': details.thread_refno,
            'post_id': details.post_id
        }

        if method.verification_in_request(request):
            try:
                method.verify_request(request)
                verification_service.set_verified(request)
            except ArgumentError as e:
                return respond_verification_required(action, e.message, retry_params)
        else:
            return respond_verification_required(action, 'Please verify to report this post', retry_params)

        details.mode = ManagePostDetails.REPORT
        success_message = 'Post reported'
    elif details.mode == 'toggle_sticky':
        details.mode = ManagePostDetails.TOGGLE_STICKY
        success_message = 'Toggled sticky'
    elif details.mode == 'toggle_locked':
        details.mode = ManagePostDetails.TOGGLE_LOCKED
        success_message = 'Toggled locked'
    else:
        abort(400)

    try:
        execute_manage_post_task(details)
    except RequestBannedException:
        raise BadRequestError('You are [banned](/banned/)')

    return render_template('message.html', message=success_message)
Beispiel #5
0
def banned():
    method = verification_service.get_method()
    if request.method == 'GET':
        return render_template('banned.html', method=method)
    else:
        try:
            method.verify_request(request)
        except ArgumentError as e:
            raise BadRequestError(e.message)

        bans = ban_service.get_request_bans(True)

        return render_template('banned.html', is_banned=len(bans) > 0, bans=bans, now=now)
Beispiel #6
0
def mod_auth():
    if request.method == 'POST':
        return _mod_auth_post()
    else:
        authed = get_authed()
        moderator = request_moderator() if authed else None

        method = None
        if not authed:
            method = verification_service.get_method()

        return render_template('auth.html',
                               authed=authed,
                               moderator=moderator,
                               method=method)
Beispiel #7
0
def banned():
    method = verification_service.get_method()
    if request.method == 'GET':
        return render_template('banned.html', method=method)
    else:
        try:
            method.verify_request(request)
        except ArgumentError as e:
            raise BadRequestError(e.message)

        bans = ban_service.get_request_bans(True)

        return render_template('banned.html',
                               is_banned=len(bans) > 0,
                               bans=bans,
                               now=now)
Beispiel #8
0
def verify():
    method = verification_service.get_method()
    verified = False
    verified_message = None

    if request.method == 'POST':
        if not check_csrf_referer(request):
            raise BadRequestError('Bad referer header')

        if verification_service.is_verified(request):
            verified = True
        elif method.verification_in_request(request):
            try:
                method.verify_request(request)
                verification_service.set_verified(request)
                verified = True
            except ArgumentError as e:
                verified_message = e.message
    else:
        verified = verification_service.is_verified(request)

    return render_template('verify.html', method=method, verified=verified, verified_message=verified_message)
Beispiel #9
0
def verify_method():
    method = verification_service.get_method()
    try:
        method.verify_request(request)
    except ArgumentError as e:
        raise BadRequestError(e.message)
Beispiel #10
0
def respond_verification_required(action, message, form_params):
    method = verification_service.get_method()

    return render_template('verification_required.html', action=action, message=message,
                           form_params=form_params, method=method)
Beispiel #11
0
def verify_method():
    method = verification_service.get_method()
    try:
        method.verify_request(request)
    except ArgumentError as e:
        raise BadRequestError(e.message)