Esempio n. 1
0
def ban(event):
    r = event.request
    ip_ban = queries.list_bans(ip = r.remote_addr)

    if 'logged_in' in r.session:
        username_ban = queries.list_bans(username = queries.get_user_by_id(r.session['users.id']).name)
    else:
        username_ban = False

    if ip_ban or username_ban:
        raise httpexceptions.HTTPForbidden
Esempio n. 2
0
def ban(request):
    r = request
    s = request.session
    p = s['safe_post']

    if 'logged_in_admin' not in s:
        return HTTPNotFound()

    if 'ip' in p:
        if p['ip'].strip() == '':
            ip = None
        else:
            ip = p['ip']

        if p['username'].strip() == '':
            username = None
            user_id = None
        else:
            username = p['username']

        if p['duration'].strip() == 'infinite':
            duration = None
        else:
            duration = "timedelta({0})".format(p['duration'])
            duration = eval(duration)

        if username:
            user_id = queries.get_user_by_name(username).id

        b = Ban(ip = ip, username = username, duration = duration, user_id = user_id, added_by = s['users.id'])
        dbsession = DBSession()
        dbsession.add(b)

    bans = queries.list_bans()
    return {'bans': bans}