def add_ban(ban: BanModel) -> BanModel:
if ban.length > MAX_BAN_TIME:
raise ArgumentError(MESSAGE_BAN_TOO_LONG)
if ban.ip4_end is not None and ban.ip4_end <= ban.ip4:
raise ArgumentError(MESSAGE_IP4_ILLEGAL_RANGE)
if ban.board:
board = board_service.find_board(ban.board)
if not board:
raise ArgumentError(MESSAGE_BOARD_NOT_FOUND)
if ban.reason and len(ban.reason) > MAX_REASON_LENGTH:
raise ArgumentError(MESSAGE_BAN_TEXT_TOO_LONG)
ban.date = now()
ban = bans.create_ban(ban)
for_board_text = ' on {}'.format(ban.board) if ban.board else ''
ip4_end_text = ip4_to_str(ban.ip4_end) if ban.ip4_end is not None else '-'
f = 'ban add {} from {} to {}{} for {} hours reason {}'
text = f.format(ban.id, ip4_to_str(ban.ip4), ip4_end_text, for_board_text, ban.length / 60 / 60 / 1000, ban.reason)
mod_log(text)
return ban
def add_ban(ban: BanModel) -> BanModel:
if ban.length > MAX_BAN_TIME:
raise ArgumentError(MESSAGE_BAN_TOO_LONG)
if ban.ip4_end is not None and ban.ip4_end <= ban.ip4:
raise ArgumentError(MESSAGE_IP4_ILLEGAL_RANGE)
if ban.board:
board = board_service.find_board(ban.board)
if not board:
raise ArgumentError(MESSAGE_BOARD_NOT_FOUND)
if ban.reason and len(ban.reason) > MAX_REASON_LENGTH:
raise ArgumentError(MESSAGE_BAN_TEXT_TOO_LONG)
ban.date = now()
ban = bans.create_ban(ban)
for_board_text = ' on {}'.format(ban.board) if ban.board else ''
ip4_end_text = ip4_to_str(ban.ip4_end) if ban.ip4_end is not None else '-'
f = 'ban add {} from {} to {}{} for {} hours reason {}'
text = f.format(ban.id, ip4_to_str(ban.ip4), ip4_end_text, for_board_text,
ban.length / 60 / 60 / 1000, ban.reason)
mod_log(text)
return ban
def _manage_report(details: ManagePostDetails, moderator: ModeratorModel, post: PostModel):
action_authorizer.authorize_post_action(moderator, PostAction.POST_REPORT, post, details)
report_service.report_post(post)
message = 'post {} reported'.format(post.id)
mod_log(message, ip4_str=ip4_to_str(details.ip4), moderator=moderator)
def _manage_locked_toggle(thread: ThreadModel, details: ManagePostDetails, moderator: ModeratorModel):
action_authorizer.authorize_post_action(moderator, PostAction.THREAD_LOCKED_TOGGLE, board=thread.board)
posts.update_thread_locked(thread, not thread.locked)
message = 'lock on /{}/{} {}'.format(thread.board.name, thread.id, 'disabled' if thread.locked else 'enabled')
mod_log(message, ip4_str=ip4_to_str(details.ip4), moderator=moderator)
def _log_post(post_details: PostDetails, result: PostResultModel, insert_time, cache_time):
total = insert_time + cache_time + post_details.file_time
file_time_str = 'file: {}ms, '.format(post_details.file_time) if post_details.file_time else ''
s = '{}db: {}ms, caches: {}ms, total: {}ms'
timings = s.format(file_time_str, insert_time, cache_time, total)
post_type = 'thread' if result.post_refno == 1 else 'reply'
log = 'new {} /{}/{}#{} ({})'.format(post_type, result.board_name, result.thread_refno, result.post_refno, timings)
mod_log(log, ip4_str=ip4_to_str(post_details.ip4))
def _mod_auth_deauth():
if request.form.get('deauth') == 'yes':
if not check_csrf_token(request.form.get('token')):
abort(400)
mod_log('logged out')
unset_mod_authed()
session.clear()
def _mod_auth_deauth():
if request.form.get('deauth') == 'yes':
if not check_csrf_token(request.form.get('token')):
abort(400)
mod_log('logged out')
unset_mod_authed()
session.clear()
def mod_board_delete():
board = board_service.find_board(request.form['board_name'])
try:
moderator_service.user_delete_board(request_moderator(), board)
flash('Board deleted')
mod_log('delete board /{}/'.format(board.name))
except ArgumentError as e:
flash(e.message)
return redirect(url_for('.mod_boards'))
def mod_board_delete():
board = board_service.find_board(request.form['board_name'])
try:
moderator_service.user_delete_board(request_moderator(), board)
flash('Board deleted')
mod_log('delete board /{}/'.format(board.name))
except ArgumentError as e:
flash(e.message)
return redirect(url_for('.mod_boards'))
def _log_post(post_details: PostDetails, result: PostResultModel, insert_time,
cache_time):
total = insert_time + cache_time + post_details.file_time
file_time_str = 'file: {}ms, '.format(
post_details.file_time) if post_details.file_time else ''
s = '{}db: {}ms, caches: {}ms, total: {}ms'
timings = s.format(file_time_str, insert_time, cache_time, total)
post_type = 'thread' if result.post_refno == 1 else 'reply'
log = 'new {} /{}/{}#{} ({})'.format(post_type, result.board_name,
result.thread_refno,
result.post_refno, timings)
mod_log(log, ip4_str=ip4_to_str(post_details.ip4))
def user_create_board(moderator: ModeratorModel, board_name: str):
action_authorizer.authorize_action(moderator, action_authorizer.ModeratorAction.BOARD_CREATE)
# TODO: make this atomic
board = BoardModel.from_name(board_name)
board = board_service.add_board(board)
board_service.add_moderator(board, moderator)
board_moderators.add_board_role(moderator, board, roles.BOARD_ROLE_CREATOR)
board_moderators.add_board_role(moderator, board, roles.BOARD_ROLE_FULL_PERMISSION)
mod_log('Board {} created'.format(board.name))
return board
def _manage_delete(details: ManagePostDetails, moderator: ModeratorModel, post: PostModel):
try:
action_authorizer.authorize_post_action(moderator, PostAction.POST_DELETE, post, details)
message = 'post {} delete'.format(details.post_id)
mod_log(message, ip4_str=ip4_to_str(details.ip4), moderator=moderator)
posts.delete_post(post)
except NoPermissionError as e:
message = 'post {} delete failed, {}'.format(details.post_id, str(e))
mod_log(message, ip4_str=ip4_to_str(details.ip4), moderator=moderator)
raise BadRequestError(MESSAGE_DELETE_NO_PERMISSION)
def mod_moderator(moderator: ModeratorModel):
all_roles = ', '.join(roles.ALL_ROLES)
all_board_roles = ', '.join(roles.ALL_BOARD_ROLES)
add_moderator_board_form = AddModeratorBoardForm(request.form)
add_moderator_board_form.action_url = url_for('.mod_moderator',
moderator=moderator)
if request.method == 'POST' and request.form.get(
'board_add') is not None and add_moderator_board_form.validate():
try:
board = board_service.find_board(
add_moderator_board_form.board.data)
board_service.add_moderator(board, moderator)
flash('Assigned ' + board.name)
mod_log('add board to {} /{}/'.format(moderator.username,
board.name))
except ArgumentError as e:
flash(e.message)
if request.method == 'POST' and request.form.get('board_remove'):
# HTML checkboxes are fun!
board_names_to_remove = request.form.getlist('board_remove')
boards_to_remove = []
for board_name in board_names_to_remove:
board = board_service.find_board(board_name)
if not board:
# we coded the name in the html, can't be an user error
abort(400)
boards_to_remove.append(board)
for board in boards_to_remove:
try:
board_service.remove_moderator(board, moderator)
flash('Revoked ' + board.name)
mod_log('remove board from {} /{}/'.format(
moderator.username, board.name))
except ArgumentError as e:
flash(e.message)
if request.method == 'POST' and request.form.get('role_remove'):
pass
moderating_boards = moderator_service.get_all_moderating_boards(moderator)
return render_template('mod_moderator.html',
moderator=moderator,
moderating_boards=moderating_boards,
all_roles=all_roles,
all_board_roles=all_board_roles,
add_moderator_board_form=add_moderator_board_form)
def mod_ban_delete():
ban_id = request.form.get('ban_id', type=int)
if not ban_id or ban_id < 0:
abort(400)
ban = ban_service.find_ban_id(ban_id)
if not ban:
abort(404)
ban_service.delete_ban(ban)
flash('Ban lifted')
mod_log('ban delete {}'.format(ban_id))
return redirect(url_for('.mod_bans'))
def mod_moderator_role_remove(moderator):
role = request.form['role']
if not moderator_service.role_exists(role):
flash('That role does not exist')
else:
try:
moderator_service.remove_role(moderator, role)
flash('Role removed')
mod_log('remove role {} from {}'.format(role, moderator.username))
except ArgumentError as e:
flash(e.message)
return redirect(url_for('.mod_moderator', moderator=moderator))
def mod_ban_delete():
ban_id = request.form.get('ban_id', type=int)
if not ban_id or ban_id < 0:
abort(400)
ban = ban_service.find_ban_id(ban_id)
if not ban:
abort(404)
ban_service.delete_ban(ban)
flash('Ban lifted')
mod_log('ban delete {}'.format(ban_id))
return redirect(url_for('.mod_bans'))
def mod_moderator_password(moderator):
new_password = request.form['new_password']
if not validation.check_password_validity(new_password):
flash('Invalid password')
return redirect(url_for('.mod_moderator', moderator_id=moderator.id))
try:
moderator_service.set_password(moderator, new_password)
flash('Changed password')
mod_log('changed password for {}'.format(moderator.username))
except ArgumentError as e:
flash(e.message)
return redirect(url_for('.mod_moderator', moderator=moderator))
def user_create_board(moderator: ModeratorModel, board_name: str):
action_authorizer.authorize_action(
moderator, action_authorizer.ModeratorAction.BOARD_CREATE)
# TODO: make this atomic
board = BoardModel.from_name(board_name)
board = board_service.add_board(board)
board_service.add_moderator(board, moderator)
board_moderators.add_board_role(moderator, board, roles.BOARD_ROLE_CREATOR)
board_moderators.add_board_role(moderator, board,
roles.BOARD_ROLE_FULL_PERMISSION)
mod_log('Board {} created'.format(board.name))
return board
def mod_self():
moderator = request_moderator()
change_password_form = ChangePasswordForm(request.form)
if request.method == 'POST' and change_password_form.validate():
try:
moderator_service.check_and_set_password(
moderator, change_password_form.old_password.data, change_password_form.new_password.data)
flash('Changed password')
mod_log('password changed')
except ArgumentError as e:
flash(e.message)
moderating_boards = moderator_service.get_all_moderating_boards(moderator)
board_links = map(lambda b: (b.name, url_for('board', board_name=b.name)), moderating_boards)
return render_template('mod_self.html', change_password_form=change_password_form, moderator=moderator,
board_links=board_links)
def mod_moderator_delete():
moderator = moderator_service.find_moderator_id(
request.form.get('moderator_id', type=int))
username = moderator.username
authed_moderator = request_moderator()
self_delete = authed_moderator == moderator
# moderator_service.delete_moderator(moderator)
# if self_delete:
# unset_mod_authed()
flash('Moderator deleted')
mod_log('moderator delete username {}'.format(username),
moderator_name=authed_moderator.username)
if self_delete:
return redirect(url_for('.mod_auth'))
else:
return redirect(url_for('.mod_moderators'))
def mod_moderators():
add_moderator_form = AddModeratorForm(request.form)
if request.method == 'POST' and add_moderator_form.validate():
try:
moderator = moderator_service.user_register(
add_moderator_form.username.data,
add_moderator_form.password.data,
add_moderator_form.password.data)
flash('Moderator created')
mod_log('moderator add {} username {}'.format(
moderator.id, moderator.username))
except ArgumentError as e:
flash(e.message)
all_moderators = moderator_service.get_all_moderators(include_boards=True)
return render_template('mod_moderators.html',
add_moderator_form=add_moderator_form,
moderators=all_moderators)
def user_register(username: str, password: str, password_repeat: str):
"""
Register a moderator with the given passwords. The created moderator has no roles and no relationships to boards.
:param username: username to register with
:param password: password to register with
:param password_repeat: repeated version of password, used for the error message.
:raises ArgumentError if the two passwords don't match.
:raises ArgumentError any error defined in :meth:`uchan.lib.repository.moderators.create_with_password`
:return: the created moderator
"""
if password != password_repeat:
raise ArgumentError(MESSAGE_PASSWORD_INCORRECT)
moderator = ModeratorModel.from_username(username)
moderator = moderators.create_with_password(moderator, password)
mod_log('User {} registered'.format(username))
return moderator
def user_register(username: str, password: str, password_repeat: str):
"""
Register a moderator with the given passwords. The created moderator has no roles and no relationships to boards.
:param username: username to register with
:param password: password to register with
:param password_repeat: repeated version of password, used for the error message.
:raises ArgumentError if the two passwords don't match.
:raises ArgumentError any error defined in :meth:`uchan.lib.repository.moderators.create_with_password`
:return: the created moderator
"""
if password != password_repeat:
raise ArgumentError(MESSAGE_PASSWORD_INCORRECT)
moderator = ModeratorModel.from_username(username)
moderator = moderators.create_with_password(moderator, password)
mod_log('User {} registered'.format(username))
return moderator
def _mod_auth_auth():
if not check_csrf_referer(request):
raise BadRequestError('Bad referer header')
verify_method()
username = request.form['username']
password = request.form['password']
if not validation.check_username_validity(
username) or not validation.check_password_validity(password):
raise BadRequestError('Invalid username or password')
else:
moderator = moderator_service.find_moderator_username(username)
if not moderator:
mod_log('log in with invalid username')
raise BadRequestError('Invalid username or password')
else:
try:
moderator_service.check_password(moderator, password)
set_mod_authed(moderator)
flash('Logged in')
mod_log('logged in')
except ArgumentError:
mod_log('log in with invalid password for username {}'.format(
moderator.username))
raise BadRequestError('Invalid username or password')
def _mod_auth_auth():
if not check_csrf_referer(request):
raise BadRequestError('Bad referer header')
verify_method()
username = request.form['username']
password = request.form['password']
if not validation.check_username_validity(username) or not validation.check_password_validity(password):
raise BadRequestError('Invalid username or password')
else:
moderator = moderator_service.find_moderator_username(username)
if not moderator:
mod_log('log in with invalid username')
raise BadRequestError('Invalid username or password')
else:
try:
moderator_service.check_password(moderator, password)
set_mod_authed(moderator)
flash('Logged in')
mod_log('logged in')
except ArgumentError:
mod_log('log in with invalid password for username {}'.format(moderator.username))
raise BadRequestError('Invalid username or password')
def mod_self():
moderator = request_moderator()
change_password_form = ChangePasswordForm(request.form)
if request.method == 'POST' and change_password_form.validate():
try:
moderator_service.check_and_set_password(
moderator, change_password_form.old_password.data,
change_password_form.new_password.data)
flash('Changed password')
mod_log('password changed')
except ArgumentError as e:
flash(e.message)
moderating_boards = moderator_service.get_all_moderating_boards(moderator)
board_links = map(lambda b: (b.name, url_for('board', board_name=b.name)),
moderating_boards)
return render_template('mod_self.html',
change_password_form=change_password_form,
moderator=moderator,
board_links=board_links)
def user_delete_board(moderator, board):
action_authorizer.authorize_action(
moderator, action_authorizer.ModeratorAction.BOARD_DELETE)
board_name = board.name
board_service.delete_board(board)
mod_log('Board {} deleted'.format(board_name))
def delete_page(page: PageModel):
pages.delete(page)
mod_log('page {} deleted'.format(page.link_name))
def update_page(page: PageModel):
pages.update(page)
mod_log('page {} updated'.format(page.link_name))
def reset_sessions():
mod_log('reset sessions')
site_service.reset_sessions()
return redirect(url_for('.mod_site'))
def user_delete_board(moderator, board):
action_authorizer.authorize_action(moderator, action_authorizer.ModeratorAction.BOARD_DELETE)
board_name = board.name
board_service.delete_board(board)
mod_log('Board {} deleted'.format(board_name))
def reset_sessions():
mod_log('reset sessions')
site_service.reset_sessions()
return redirect(url_for('.mod_site'))
def create_page(page: PageModel) -> PageModel:
r = pages.create(page)
mod_log('page {} created'.format(page.link_name))
return r
