コード例 #1
0
def remove_admin_entry(task_data, num, override_log=False, no_redirect=False):
    session = model.Session()
    table = model.admin
    sql = table.select().where(table.c.num == num)
    row = session.execute(sql).fetchone()

    if not row:
        raise WakaError('Entry not found. Deleted?')

    ival1 = row['ival1']
    ip = misc.dec_to_dot(ival1) if ival1 else ''
    string_val = row['sval1']

    if row['total']:
        remove_htaccess_entry(ip)

    sql = table.delete().where(table.c.num == num)
    session.execute(sql)
    task_data.action = row['type'] + '_remove'
    if string_val:
        task_data.contents.append(row['sval1'])
    else:
        task_data.contents.append(ip + ' (' + misc.dec_to_dot(row['ival2']) \
                                  + ')')

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='bans', board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #2
0
def edit_staff_proxy(admin, mpass, username, newpassword=None, newclass=None,
                     originalpassword='', reign=None, disable=None):

    user = staff.check_password(admin)

    if user.username == username:
        if misc.hide_critical_data(originalpassword, config.SECRET) \
           != user.password:
            raise WakaError(strings.WRONGPASS)
        newclass = None
        reign = None
    elif user.account == staff.ADMIN:
        edited_user = staff.StaffMember.get(username)
        if edited_user.account == staff.ADMIN and mpass != config.ADMIN_PASS:
            raise WakaError('Incorrect management password.')
    else:
        raise WakaError(strings.INUSUFFICENTPRIVLEDGES)

    staff.edit_staff(username, clear_pass=newpassword, new_class=newclass,
                     reign=reign, disable=disable)

    board = local.environ['waka.board']

    forward_task = 'admin' if user.username == username else 'staff'

    return make_http_forward(misc.make_script_url(task=forward_task,
        board=board.name), config.ALTERNATE_REDIRECT)
コード例 #3
0
ファイル: interboard.py プロジェクト: k-anon/wakarimasen
def remove_admin_entry(task_data, num, override_log=False, no_redirect=False):
    session = model.Session()
    table = model.admin
    sql = table.select().where(table.c.num == num)
    row = session.execute(sql).fetchone()

    if not row:
        raise WakaError('Entry not found. Deleted?')

    ival1 = row['ival1']
    ip = misc.dec_to_dot(ival1) if ival1 else ''
    string_val = row['sval1']

    if row['total']:
        remove_htaccess_entry(ip)

    sql = table.delete().where(table.c.num == num)
    session.execute(sql)
    task_data.action = row['type'] + '_remove'
    if string_val:
        task_data.contents.append(row['sval1'])
    else:
        task_data.contents.append(ip + ' (' + misc.dec_to_dot(row['ival2']) \
                                  + ')')

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='bans', board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #4
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
def edit_staff_proxy(
    cookie, mpass, username, newpassword=None, newclass=None, originalpassword="", reign=None, disable=None
):

    user = staff.StaffMember.get_from_cookie(cookie)

    if user.username == username:
        if misc.hide_critical_data(originalpassword, config.SECRET) != user.password:
            raise WakaError(strings.WRONGPASS)
        newclass = None
        reign = None
    elif user.account == staff.ADMIN:
        edited_user = staff.StaffMember.get(username)
        if edited_user.account == staff.ADMIN and mpass != config.ADMIN_PASS:
            raise WakaError("Incorrect management password.")
    else:
        raise WakaError(strings.INSUFFICIENTPRIVILEGES)

    staff.edit_staff(username, clear_pass=newpassword, new_class=newclass, reign=reign, disable=disable)

    board = local.environ["waka.board"]

    forward_task = "admin" if user.username == username else "staff"

    return make_http_forward(misc.make_script_url(task=forward_task, board=board.name), config.ALTERNATE_REDIRECT)
コード例 #5
0
ファイル: interboard.py プロジェクト: dequis/wakarimasen
def remove_admin_entry(task_data, num, override_log=False, no_redirect=False):
    session = model.Session()
    table = model.admin
    sql = table.select().where(table.c.num == num)
    row = session.execute(sql).fetchone()

    if not row:
        raise WakaError("Entry not found. Deleted?")

    ival1 = row["ival1"]
    ip = misc.dec_to_dot(ival1) if ival1 else ""
    string_val = row["sval1"]

    if row["total"]:
        remove_htaccess_entry(ip)

    sql = table.delete().where(table.c.num == num)
    session.execute(sql)
    task_data.action = row["type"] + "_remove"
    if string_val:
        task_data.contents.append(row["sval1"])
    else:
        task_data.contents.append(ip + " (" + misc.dec_to_dot(row["ival2"]) + ")")

    board = local.environ["waka.board"]
    forward_url = misc.make_script_url(task="bans", board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #6
0
    def make_admin_post_search_panel(self, search, text, caller='internal'):
        board = self.board
        session = model.Session()
        table = board.table

        board.check_access(self.user)

        popup = caller != 'board'

        if search.find('IP Address') != -1:
            try:
                sql = table.select()\
                           .where(table.c.ip == misc.dot_to_dec(text))
            except ValueError:
                raise WakaError('Please enter a valid IP.')
            search_type = 'IP'
        elif search.find('Text String') != -1:
            sql = table.select().where(table.c.comment.like('%'+text+'%'))
            search_type = 'text string'
        elif search.find('Author') != -1:
            sql = table.select().where(or_(table.c.name.like('%'+text+'%'),
                table.c.trip.like('%'+text+'%')))
            search_type = 'author'
        else:
            sql = table.select().where(table.c.num == text)
            search_type = 'ID'

        if search_type != 'ID':
            page = model.Page(sql, self.page, self.perpage)
            rowcount = page.total_entries
            total_pages = page.total_pages
            posts = page.rows
            if not posts:
                raise WakaError("No posts found for %s %s" % (search_type, text))
        else:
            rowcount = total_pages = 1
            row = session.execute(sql).fetchone()
            if not row:
                raise WakaError("Post not found. (It may have just been"
                                " deleted.)")
            posts = [row]


        inputs = [
            {'name': 'board', 'value': board.name},
            {'name' : 'task', 'value' : 'searchposts'},
            {'name' : 'text', 'value' : text},
            {'name': 'caller', 'value': caller},
            {'name' : 'search', 'value': search}
        ]

        rooturl = misc.make_script_url(task='searchposts', board=board.name,
            caller=caller, search=search, text=text, _amp=True)

        Template.__init__(self, 'post_search', num=id,
                          posts=posts, search=search, text=text,
                          inputs=inputs, number_of_pages=total_pages,
                          rooturl=rooturl, rowcount=rowcount, popup=popup)
コード例 #7
0
ファイル: interboard.py プロジェクト: TSterling76/wakarimasen
def remove_proxy_entry(task_data, num):
    session = model.Session()
    table = model.proxy

    query = table.delete().where(table.c.num == num)
    session.execute(query)

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='proxy', board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #8
0
    def make_admin_report_panel(self, sortby='date', order='desc'):
        sortby_type = sortby
        sortby_dir = order

        session = model.Session()
        table = model.report
        sql = table.select()

        # Enforce limited moderation reign.
        if self.user.account == staff.MODERATOR:
            sql = sql.where(table.c.board.in_(self.user.reign))

        # Determine order.
        if sortby_type in ('board', 'postnum', 'date'):
            try:
                column = getattr(table.c, sortby_type)
            except AttributeError:
                raise WakaError('Sort-by column is absent from table.')
            sort = column.desc
            if sortby_dir == 'asc':
                sort = column.asc
            sql = sql.order_by(sort(), table.c.date.desc())
        else:
            sql = sql.order_by(table.c.date.desc())

        # Paginate.
        res = model.Page(sql, self.page, self.perpage)

        # Hidden input fields.
        inputs = [{
            'name': 'task',
            'value': 'reports'
        }, {
            'name': 'order',
            'value': sortby_dir
        }, {
            'name': 'sortby',
            'value': sortby_type
        }]

        rooturl = misc.make_script_url(task='reports',
                                       sortby=sortby_type,
                                       order=sortby_dir,
                                       _amp=True)

        Template.__init__(self,
                          'report_panel_template',
                          reports=res.rows,
                          sortby=sortby_type,
                          order=sortby_dir,
                          number_of_pages=res.total_pages,
                          rowcount=res.total_entries,
                          inputs=inputs,
                          rooturl=rooturl)
コード例 #9
0
ファイル: interboard.py プロジェクト: k-anon/wakarimasen
def update_spam_file(task_data, spam):
    if task_data.user.account == staff.MODERATOR:
        raise WakaError(strings.INUSUFFICENTPRIVLEDGES)

    # Dump all contents to first spam file.
    with open(config.SPAM_FILES[0], 'w') as f:
        f.write(spam)

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='spam', board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #10
0
def update_spam_file(task_data, spam):
    if task_data.user.account == staff.MODERATOR:
        raise WakaError(strings.INUSUFFICENTPRIVLEDGES)

    # Dump all contents to first spam file.
    with open(config.SPAM_FILES[0], 'w') as f:
        f.write(spam)

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='spam', board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #11
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
def do_logout(cookie):
    # Clear login cache.
    try:
        user = staff.StaffMember.get_from_cookie(cookie)
        user.logout_user()
    except staff.LoginError:
        pass

    clear_login_cookies()

    board = local.environ["waka.board"]
    return make_http_forward(misc.make_script_url(task="admin", board=board.name), config.ALTERNATE_REDIRECT)
コード例 #12
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
def do_first_time_setup(cookie, username, password):
    # Checks.
    if cookie != staff.crypt_pass(config.ADMIN_PASS, local.environ["REMOTE_ADDR"]):
        return make_first_time_setup_gateway()
    if not username:
        raise WakaError("Missing username.")
    if not password:
        raise WakaError("Missing password.")

    staff.add_staff(username, password, staff.ADMIN, [])

    board = local.environ["waka.board"]
    return make_http_forward(misc.make_script_url(task="loginpanel", board=board.name), config.ALTERNATE_REDIRECT)
コード例 #13
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
def add_staff_proxy(cookie, mpass, usertocreate, passtocreate, account, reign):
    user = staff.StaffMember.get_from_cookie(cookie)

    if user.account != staff.ADMIN:
        raise WakaError(strings.INSUFFICIENTPRIVILEGES)

    if account == staff.ADMIN and mpass != config.ADMIN_PASS:
        raise WakaError("Incorrect management password.")

    staff.add_staff(usertocreate, passtocreate, account, reign)

    board = local.environ["waka.board"]
    return make_http_forward(misc.make_script_url(task="staff", board=board.name), config.ALTERNATE_REDIRECT)
コード例 #14
0
def do_logout(admin):
    # Clear login cache.
    try:
        user = staff.check_password(admin)
        user.logout_user()
    except staff.LoginError:
        pass

    clear_login_cookies()

    board = local.environ['waka.board']
    return make_http_forward(misc.make_script_url(task='admin',
        board=board.name), config.ALTERNATE_REDIRECT)
コード例 #15
0
def add_staff_proxy(admin, mpass, usertocreate, passtocreate, account, reign):
    user = staff.check_password(admin)

    if user.account != staff.ADMIN:
        raise WakaError(strings.INUSUFFICENTPRIVLEDGES)

    if account == staff.ADMIN and mpass != config.ADMIN_PASS:
        raise WakaError('Incorrect management password.')

    staff.add_staff(usertocreate, passtocreate, account, reign)

    board = local.environ['waka.board']
    return make_http_forward(misc.make_script_url(task='staff',
        board=board.name), config.ALTERNATE_REDIRECT)
コード例 #16
0
def do_logout(admin):
    # Clear login cache.
    try:
        user = staff.check_password(admin)
        user.logout_user()
    except staff.LoginError:
        pass

    clear_login_cookies()

    board = local.environ['waka.board']
    return make_http_forward(
        misc.make_script_url(task='admin', board=board.name),
        config.ALTERNATE_REDIRECT)
コード例 #17
0
def do_first_time_setup(admin, username, password):
    # Checks.
    if admin != staff.crypt_pass(config.ADMIN_PASS,
                                 local.environ['REMOTE_ADDR']):
        return make_first_time_setup_gateway()
    if not username:
        raise WakaError('Missing username.')
    if not password:
        raise WakaError('Missing password.')

    staff.add_staff(username, password, staff.ADMIN, [])

    board = local.environ['waka.board']
    return make_http_forward(misc.make_script_url(task='loginpanel',
        board=board.name), config.ALTERNATE_REDIRECT)
コード例 #18
0
def add_staff_proxy(admin, mpass, usertocreate, passtocreate, account, reign):
    user = staff.check_password(admin)

    if user.account != staff.ADMIN:
        raise WakaError(strings.INSUFFICIENTPRIVILEGES)

    if account == staff.ADMIN and mpass != config.ADMIN_PASS:
        raise WakaError('Incorrect management password.')

    staff.add_staff(usertocreate, passtocreate, account, reign)

    board = local.environ['waka.board']
    return make_http_forward(
        misc.make_script_url(task='staff', board=board.name),
        config.ALTERNATE_REDIRECT)
コード例 #19
0
def del_staff_proxy(admin, mpass, username):
    user = staff.check_password(admin)

    if user.account != staff.ADMIN:
        raise WakaError(strings.INUSUFFICENTPRIVLEDGES)

    user_to_kill = staff.StaffMember.get(username)
    if user_to_kill.account == staff.ADMIN and mpass != config.ADMIN_PASS:
        raise WakaError('Incorrect management password.')

    staff.del_staff(username)

    board = local.environ['waka.board']
    return make_http_forward(misc.make_script_url(task='staff',
        board=board.name), config.ALTERNATE_REDIRECT)
コード例 #20
0
def do_first_time_setup(admin, username, password):
    # Checks.
    if admin != staff.crypt_pass(config.ADMIN_PASS,
                                 local.environ['REMOTE_ADDR']):
        return make_first_time_setup_gateway()
    if not username:
        raise WakaError('Missing username.')
    if not password:
        raise WakaError('Missing password.')

    staff.add_staff(username, password, staff.ADMIN, [])

    board = local.environ['waka.board']
    return make_http_forward(
        misc.make_script_url(task='loginpanel', board=board.name),
        config.ALTERNATE_REDIRECT)
コード例 #21
0
ファイル: interboard.py プロジェクト: dequis/wakarimasen
def delete_by_ip(task_data, ip, mask="255.255.255.255", caller=""):
    task_data.contents.append(ip)
    user = task_data.user

    if user.account == staff.MODERATOR:
        reign = user.reign
    else:
        reign = [x["board_entry"] for x in get_all_boards()]

    Popen([sys.executable, sys.argv[0], "delete_by_ip", ip, ",".join(reign)], env=util.proxy_environ())

    board_name = local.environ["waka.board"].name
    redir = misc.make_script_url(task="mpanel", board=board_name)

    if caller != "internal":
        return util.make_http_forward(redir, config.ALTERNATE_REDIRECT)
コード例 #22
0
def del_staff_proxy(admin, mpass, username):
    user = staff.check_password(admin)

    if user.account != staff.ADMIN:
        raise WakaError(strings.INSUFFICIENTPRIVILEGES)

    user_to_kill = staff.StaffMember.get(username)
    if user_to_kill.account == staff.ADMIN and mpass != config.ADMIN_PASS:
        raise WakaError('Incorrect management password.')

    staff.del_staff(username)

    board = local.environ['waka.board']
    return make_http_forward(
        misc.make_script_url(task='staff', board=board.name),
        config.ALTERNATE_REDIRECT)
コード例 #23
0
def delete_by_ip(task_data, ip, mask='255.255.255.255'):
    task_data.contents.append(ip)
    user = task_data.user

    if user.account == staff.MODERATOR:
        reign = user.reign
    else:
        reign = [x['board_entry'] for x in get_all_boards()]

    Popen([sys.executable, sys.argv[0], 'delete_by_ip', ip, ','.join(reign)],
          env=util.proxy_environ())

    board_name = local.environ['waka.board'].name
    redir = misc.make_script_url(task='mpanel', board=board_name)

    return util.make_http_forward(redir, config.ALTERNATE_REDIRECT)
コード例 #24
0
ファイル: interboard.py プロジェクト: tsanah/wakarimasen
def delete_by_ip(task_data, ip, mask='255.255.255.255'):
    task_data.contents.append(ip)
    user = task_data.user

    if user.account == staff.MODERATOR:
        reign = user.reign
    else:
        reign = [x['board_entry'] for x in get_all_boards()]

    Popen([sys.executable, sys.argv[0], 'delete_by_ip', ip, ','.join(reign)],
        env=util.proxy_environ())

    board_name = local.environ['waka.board'].name
    redir = misc.make_script_url(task='mpanel', board=board_name)

    return util.make_http_forward(redir, config.ALTERNATE_REDIRECT)
コード例 #25
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
    def make_admin_report_panel(self, sortby="date", order="desc"):
        sortby_type = sortby
        sortby_dir = order

        table = model.report
        sql = table.select()

        # Enforce limited moderation reign.
        if self.user.account == staff.MODERATOR:
            sql = sql.where(table.c.board.in_(self.user.reign))

        # Determine order.
        if sortby_type in ("board", "postnum", "date"):
            try:
                column = getattr(table.c, sortby_type)
            except AttributeError:
                raise WakaError("Sort-by column is absent from table.")
            sort = column.desc
            if sortby_dir == "asc":
                sort = column.asc
            sql = sql.order_by(sort(), table.c.date.desc())
        else:
            sql = sql.order_by(table.c.date.desc())

        # Paginate.
        res = model.Page(sql, self.page, self.perpage)

        # Hidden input fields.
        inputs = [
            {"name": "task", "value": "reports"},
            {"name": "order", "value": sortby_dir},
            {"name": "sortby", "value": sortby_type},
        ]

        rooturl = misc.make_script_url(task="reports", sortby=sortby_type, order=sortby_dir, _amp=True)

        Template.__init__(
            self,
            "report_panel_template",
            reports=res.rows,
            sortby=sortby_type,
            order=sortby_dir,
            number_of_pages=res.total_pages,
            rowcount=res.total_entries,
            inputs=inputs,
            rooturl=rooturl,
        )
コード例 #26
0
    def make_admin_report_panel(self, sortby='date', order='desc'):
        sortby_type = sortby
        sortby_dir = order

        session = model.Session()
        table = model.report
        sql = table.select()

        # Enforce limited moderation reign.
        if self.user.account == staff.MODERATOR:
            sql = sql.where(table.c.board.in_(self.user.reign))

        # Determine order.
        if sortby_type in ('board', 'postnum', 'date'):
            try:
                column = getattr(table.c, sortby_type)
            except AttributeError:
                raise WakaError('Sort-by column is absent from table.')
            sort = column.desc
            if sortby_dir == 'asc':
                sort = column.asc
            sql = sql.order_by(sort(), table.c.date.desc())
        else:
            sql = sql.order_by(table.c.date.desc())

        # Paginate.
        res = model.Page(sql, self.page, self.perpage)

        # Hidden input fields.
        inputs = [{'name' : 'task', 'value' : 'reports'},
                  {'name' : 'order', 'value' : sortby_dir},
                  {'name' : 'sortby', 'value' : sortby_type}]

        rooturl = misc.make_script_url(task='reports', sortby=sortby_type,
            order=sortby_dir, _amp=True)

        Template.__init__(self, 'report_panel_template',
                          reports=res.rows,
                          sortby=sortby_type,
                          order=sortby_dir,
                          number_of_pages=res.total_pages,
                          rowcount=res.total_entries,
                          inputs=inputs,
                          rooturl=rooturl)
コード例 #27
0
def edit_staff_proxy(admin,
                     mpass,
                     username,
                     newpassword=None,
                     newclass=None,
                     originalpassword='',
                     reign=None,
                     disable=None):

    user = staff.check_password(admin)

    if user.username == username:
        if misc.hide_critical_data(originalpassword, config.SECRET) \
           != user.password:
            raise WakaError(strings.WRONGPASS)
        newclass = None
        reign = None
    elif user.account == staff.ADMIN:
        edited_user = staff.StaffMember.get(username)
        if edited_user.account == staff.ADMIN and mpass != config.ADMIN_PASS:
            raise WakaError('Incorrect management password.')
    else:
        raise WakaError(strings.INSUFFICIENTPRIVILEGES)

    staff.edit_staff(username,
                     clear_pass=newpassword,
                     new_class=newclass,
                     reign=reign,
                     disable=disable)

    board = local.environ['waka.board']

    forward_task = 'admin' if user.username == username else 'staff'

    return make_http_forward(
        misc.make_script_url(task=forward_task, board=board.name),
        config.ALTERNATE_REDIRECT)
コード例 #28
0
ファイル: interboard.py プロジェクト: TSterling76/wakarimasen
def add_proxy_entry(task_data, type, ip, timestamp):
    session = model.Session()
    table = model.proxy

    if not misc.validate_ip(ip):
        raise WakaError(strings.BADIP)

    age = config.PROXY_WHITE_AGE if type == 'white' else config.PROXY_BLACK_AGE
    timestamp = int(timestamp or '0') - age + time.time()
    date = misc.make_date(time.time(), style=config.DATE_STYLE)

    query = table.delete().where(table.c.ip == ip)
    session.execute(query)

    query = table.insert().values(type=type,
                                  ip=ip,
                                  timestamp=timestamp,
                                  date=date)
    session.execute(query)

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='proxy', board=board.name)

    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #29
0
ファイル: interboard.py プロジェクト: k-anon/wakarimasen
def move_thread(task_data, parent, src_brd_obj, dest_brd_obj):
    if not parent:
        raise WakaError('No thread specified.')
    if src_brd_obj.name == dest_brd_obj.name:
        raise WakaError('Source and destination boards match.')

    # Check administrative access rights to both boards.
    user = task_data.user
    src_brd_obj.check_access(user)
    dest_brd_obj.check_access(user)

    session = model.Session()
    src_table = src_brd_obj.table
    dest_table = dest_brd_obj.table

    sql = select([src_table.c.parent], src_table.c.num == parent)
    row = session.execute(sql).fetchone()

    if not row:
        raise WakaError('Thread not found.')
    elif row[0]:
        # Automatically correct if reply instead of thread was given.
        parent = row[0]

    sql = src_table.select().where(or_(src_table.c.num == parent,
                                       src_table.c.parent == parent))\
                            .order_by(src_table.c.num.asc())
    thread = [dict(x.items()) for x in session.execute(sql).fetchall()]

    # Indicate OP post number after insertion.
    new_parent = 0

    # List of images/thumbs to move around.
    image_move = []
    thumb_move = []

    lasthit = time.time()

    # DB operations
    for post in thread:
        # Grab post contents as dictionary of updates. Remove primary key.
        del post['num']

        post['lasthit'] = lasthit
        image = post['image']
        thumbnail = post['thumbnail']

        if image:
            image_move.append(image)
        if re.match(src_brd_obj.options['THUMB_DIR'], thumbnail):
            thumb_move.append(thumbnail)

        # Update post reference links.
        if new_parent:
            post['parent'] = new_parent

            new_comment = re.sub(r'a href="(.*?)'
                + os.path.join(src_brd_obj.path,
                               src_brd_obj.options['RES_DIR'],
                               '%d%s' % (int(parent)), config.PAGE_EXT),
                r'a href="\1' + os.path.join(\
                               dest_brd_obj.path,
                               dest_brd_obj.options['RES_DIR'],
                               '%d%s' % (int((new_parent), config.PAGE_EXT))),
                post['comment'])

            post['comment'] = new_comment

        sql = dest_table.insert().values(**post)
        result = session.execute(sql)

        if not new_parent:
            new_parent = result.inserted_primary_key[0]

    # Nested associate for moving files in bulk.
    def rename_files(filename_list, dir_type):
        for filename in filename_list:
            src_filename = os.path.join(src_brd_obj.path, filename)
            dest_filename = re.sub('^/?' + src_brd_obj.options[dir_type],
                                   dest_brd_obj.options[dir_type],
                                   filename)
            dest_filename = os.path.join(dest_brd_obj.path, dest_filename)
            os.rename(src_filename, dest_filename)

    # File transfer operations.
    rename_files(image_move, 'IMG_DIR')
    rename_files(thumb_move, 'THUMB_DIR')

    dest_brd_obj.build_cache()
    dest_brd_obj.build_thread_cache(new_parent)

    src_brd_obj.delete_stuff([parent], '', False, False, caller='internal')

    forward_url = misc.make_script_url(task='mpanel',
        board=dest_brd_obj.name, page=('t%s' % new_parent))

    # Log.
    task_data.contents.append('/%s/%d to /%s/%d' \
                              % (src_brd_obj.name, int(parent),
                                 dest_brd_obj.name, int(new_parent)))

    return util.make_http_forward(forward_url)
コード例 #30
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
    def make_admin_post_search_panel(self, search, text, caller="internal"):
        board = self.board
        session = model.Session()
        table = board.table

        self.user.check_access(board.name)

        popup = caller != "board"

        if search.find("IP Address") != -1:
            try:
                sql = table.select().where(table.c.ip == misc.dot_to_dec(text))
            except ValueError:
                raise WakaError("Please enter a valid IP.")
            search_type = "IP"
        elif search.find("Text String") != -1:
            sql = table.select().where(table.c.comment.like("%" + text + "%"))
            search_type = "text string"
        elif search.find("Author") != -1:
            sql = table.select().where(or_(table.c.name.like("%" + text + "%"), table.c.trip.like("%" + text + "%")))
            search_type = "author"
        else:
            sql = table.select().where(table.c.num == text)
            search_type = "ID"

        if search_type != "ID":
            page = model.Page(sql, self.page, self.perpage)
            rowcount = page.total_entries
            total_pages = page.total_pages
            posts = page.rows
            if not posts:
                raise WakaError("No posts found for %s %s" % (search_type, text))
        else:
            rowcount = total_pages = 1
            row = session.execute(sql).fetchone()
            if not row:
                raise WakaError("Post not found. (It may have just been" " deleted.)")
            posts = [row]

        inputs = [
            {"name": "board", "value": board.name},
            {"name": "task", "value": "searchposts"},
            {"name": "text", "value": text},
            {"name": "caller", "value": caller},
            {"name": "search", "value": search},
        ]

        rooturl = misc.make_script_url(
            task="searchposts", board=board.name, caller=caller, search=search, text=text, _amp=True
        )

        Template.__init__(
            self,
            "post_search",
            num=id,
            posts=posts,
            search=search,
            text=text,
            inputs=inputs,
            number_of_pages=total_pages,
            rooturl=rooturl,
            rowcount=rowcount,
            popup=popup,
        )
コード例 #31
0
ファイル: staff_interface.py プロジェクト: dequis/wakarimasen
    def make_admin_activity_panel(
        self,
        view="",
        user_to_view=None,
        action_to_view=None,
        ip_to_view=None,
        post_to_view=None,
        sortby_name="date",
        sortby_dir="desc",
    ):

        board = self.board

        template_view = "staff_activity_unfiltered"
        action_name = action_content = ""

        table = model.activity
        account_table = model.account

        dual_table_select = [
            account_table.c.username,
            account_table.c.account,
            account_table.c.disabled,
            table.c.action,
            table.c.info,
            table.c.date,
            table.c.ip,
        ]
        sql = select(
            dual_table_select, from_obj=[table.join(account_table, table.c.username == model.account.c.username)]
        )

        rooturl_args = dict(
            task="stafflog", board=board.name, view=view, sortby=sortby_name, order=sortby_dir, _amp=True
        )

        if view == "user":
            if not user_to_view:
                raise WakaError("Please select a user to view.")
            template_view = "staff_activity_by_user"
            sql = sql.where(table.c.username == user_to_view)
            rooturl_args["usertoview"] = user_to_view

        elif view == "action":
            if not action_to_view:
                raise WakaError("Please select an action to view.")
            template_view = "staff_activity_by_actions"
            (action_name, action_content) = staff_tasks.get_action_name(action_to_view, 1)
            sql = sql.where(table.c.action == action_to_view)
            rooturl_args["actiontoview"] = action_to_view

        elif view == "ip":
            if not ip_to_view:
                raise WakaError("Please specify an IP address to view.")
            template_view = "staff_activity_by_ip_address"
            sql = sql.where(table.c.info.like("%" + ip_to_view + "%"))
            rooturl_args["iptoview"] = ip_to_view

        elif view == "post":
            if not post_to_view:
                raise WakaError("Post key missing.")
            template_view = "staff_activity_by_post"
            sql = sql.where(table.c.info.like("%" + post_to_view + "%"))
            rooturl_args["posttoview"] = post_to_view

        rooturl = misc.make_script_url(**rooturl_args)

        # Acquire staff info.
        session = model.Session()
        staff_get = model.account.select()
        staff = session.execute(staff_get).fetchall()

        # Establish list of hidden inputs.
        inputs = [
            {"name": "actiontoview", "value": action_to_view},
            {"name": "task", "value": "stafflog"},
            {"name": "posttoview", "value": post_to_view},
            {"name": "usertoview", "value": user_to_view},
            {"name": "iptoview", "value": ip_to_view},
            {"name": "order", "value": sortby_dir},
            {"name": "sortby", "value": sortby_name},
            {"name": "view", "value": view},
        ]

        if self.board:
            inputs.append({"name": "board", "value": self.board.name})

        # Apply sorting.
        if sortby_name and hasattr(table.c, sortby_name):
            order_col = getattr(table.c, sortby_name)
            if sortby_dir.lower() == "asc":
                sort_spec = order_col.asc()
            else:
                sort_spec = order_col.desc()
            sql = sql.order_by(sort_spec)

        res = model.Page(sql, self.page, self.perpage)

        Template.__init__(
            self,
            template_view,
            user_to_view=user_to_view,
            entries=res.rows,
            staff=staff,
            rowcount=res.total_entries,
            numberofpages=res.total_pages,
            view=view,
            order=sortby_dir,
            action_name=action_name,
            content_name=action_content,
            sortby=sortby_name,
            number_of_pages=res.total_pages,
            rooturl=rooturl,
            inputs=inputs,
        )
コード例 #32
0
def move_thread(task_data, parent, src_brd_obj, dest_brd_obj):
    if not parent:
        raise WakaError('No thread specified.')
    if src_brd_obj.name == dest_brd_obj.name:
        raise WakaError('Source and destination boards match.')

    # Check administrative access rights to both boards.
    user = task_data.user
    src_brd_obj.check_access(user)
    dest_brd_obj.check_access(user)

    session = model.Session()
    src_table = src_brd_obj.table
    dest_table = dest_brd_obj.table

    sql = select([src_table.c.parent], src_table.c.num == parent)
    row = session.execute(sql).fetchone()

    if not row:
        raise WakaError('Thread not found.')
    elif row[0]:
        # Automatically correct if reply instead of thread was given.
        parent = row[0]

    sql = src_table.select().where(or_(src_table.c.num == parent,
                                       src_table.c.parent == parent))\
                            .order_by(src_table.c.num.asc())
    thread = [dict(x.items()) for x in session.execute(sql).fetchall()]

    # Indicate OP post number after insertion.
    new_parent = 0

    # List of images/thumbs to move around.
    image_move = []
    thumb_move = []

    lasthit = time.time()

    # DB operations
    for post in thread:
        # Grab post contents as dictionary of updates. Remove primary key.
        del post['num']

        post['lasthit'] = lasthit
        image = post['image']
        thumbnail = post['thumbnail']

        if image:
            image_move.append(image)
        if re.match(src_brd_obj.options['THUMB_DIR'], thumbnail):
            thumb_move.append(thumbnail)

        # Update post reference links.
        if new_parent:
            post['parent'] = new_parent

            new_comment = re.sub(r'a href="(.*?)'
                + os.path.join(src_brd_obj.path,
                               src_brd_obj.options['RES_DIR'],
                               '%d%s' % (int(parent)), config.PAGE_EXT),
                r'a href="\1' + os.path.join(\
                               dest_brd_obj.path,
                               dest_brd_obj.options['RES_DIR'],
                               '%d%s' % (int((new_parent), config.PAGE_EXT))),
                post['comment'])

            post['comment'] = new_comment

        sql = dest_table.insert().values(**post)
        result = session.execute(sql)

        if not new_parent:
            new_parent = result.inserted_primary_key[0]

    # Nested associate for moving files in bulk.
    def rename_files(filename_list, dir_type):
        for filename in filename_list:
            src_filename = os.path.join(src_brd_obj.path, filename)
            dest_filename = re.sub('^/?' + src_brd_obj.options[dir_type],
                                   dest_brd_obj.options[dir_type], filename)
            dest_filename = os.path.join(dest_brd_obj.path, dest_filename)
            os.rename(src_filename, dest_filename)

    # File transfer operations.
    rename_files(image_move, 'IMG_DIR')
    rename_files(thumb_move, 'THUMB_DIR')

    dest_brd_obj.build_cache()
    dest_brd_obj.build_thread_cache(new_parent)

    src_brd_obj.delete_stuff([parent], '', False, False, caller='internal')

    forward_url = misc.make_script_url(task='mpanel',
                                       board=dest_brd_obj.name,
                                       page=('t%s' % new_parent))

    # Log.
    task_data.contents.append('/%s/%d to /%s/%d' \
                              % (src_brd_obj.name, int(parent),
                                 dest_brd_obj.name, int(new_parent)))

    return util.make_http_forward(forward_url)
コード例 #33
0
ファイル: interboard.py プロジェクト: k-anon/wakarimasen
def add_admin_entry(task_data, option, comment, ip='', mask='255.255.255.255',
                    sval1='', total='', expiration=0,
                    caller=''):
    session = model.Session()
    table = model.admin

    ival1 = ival2 = 0

    if not comment:
        raise WakaError(strings.COMMENT_A_MUST)
    if option in ('ipban', 'whitelist'):
        if not ip:
            raise WakaError('IP address required.')
        if not mask:
            mask = '255.255.255.255'
        # Convert to decimal.
        (ival1, ival2) = (misc.dot_to_dec(ip), misc.dot_to_dec(mask))
        sql = table.select().where(table.c.type == option)
        query = session.execute(sql)

        for row in query:
            try:
                if int(row.ival1) & int(row.ival2) == ival1 & ival2:
                    raise WakaError('IP address and mask match ban #%d.' % \
                                    (row.num))
            except ValueError:
                raise WakaError("Entry #%s on ban table is inconsistent. "
                    "This shouldn't happen." % row.num)
        # Add info to task data.
        content = ip + (' (' + mask + ')' if mask else '')

        if total == 'yes':
            add_htaccess_entry(ip)
            content += ' (no browse)'

        content += ' "' + comment + '"'
        task_data.contents.append(content)
    else:
        if not sval1:
            raise WakaError(strings.STRINGFIELDMISSING)
        sql = table.select().where(and_(table.c.sval1 == sval1,
                                        table.c.type == option))
        row = session.execute(sql).fetchone()

        if row:
            raise WakaError('Duplicate String in ban #%d.' % (row.num))
        # Add ifno to task data.
        task_data.contents.append(sval1)

    comment = str_format.clean_string(\
        str_format.decode_string(comment, config.CHARSET))
    expiration = int(expiration) if expiration else 0
    if expiration:
        expiration = expiration + time.time()

    sql = table.insert().values(type=option, comment=comment, ival1=int(ival1),
                                ival2=int(ival2), sval1=sval1, total=total,
                                expiration=expiration)
    result = session.execute(sql)

    task_data.admin_id = result.inserted_primary_key[0]

    # Add specific action name to task data.
    task_data.action = option

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='bans', board=board.name)

    if caller == 'window':
        return Template('edit_successful')
    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #34
0
def add_admin_entry(task_data,
                    option,
                    comment,
                    ip='',
                    mask='255.255.255.255',
                    sval1='',
                    total='',
                    expiration=0,
                    caller=''):
    session = model.Session()
    table = model.admin

    ival1 = ival2 = 0

    if not comment:
        raise WakaError(strings.COMMENT_A_MUST)
    if option in ('ipban', 'whitelist'):
        if not ip:
            raise WakaError('IP address required.')
        if not mask:
            mask = '255.255.255.255'
        # Convert to decimal.
        (ival1, ival2) = (misc.dot_to_dec(ip), misc.dot_to_dec(mask))
        sql = table.select().where(table.c.type == option)
        query = session.execute(sql)

        for row in query:
            try:
                if int(row.ival1) & int(row.ival2) == ival1 & ival2:
                    raise WakaError('IP address and mask match ban #%d.' % \
                                    (row.num))
            except ValueError:
                raise WakaError("Entry #%s on ban table is inconsistent. "
                                "This shouldn't happen." % row.num)
        # Add info to task data.
        content = ip + (' (' + mask + ')' if mask else '')

        if total == 'yes':
            add_htaccess_entry(ip)
            content += ' (no browse)'

        content += ' "' + comment + '"'
        task_data.contents.append(content)
    else:
        if not sval1:
            raise WakaError(strings.STRINGFIELDMISSING)
        sql = table.select().where(
            and_(table.c.sval1 == sval1, table.c.type == option))
        row = session.execute(sql).fetchone()

        if row:
            raise WakaError('Duplicate String in ban #%d.' % (row.num))
        # Add ifno to task data.
        task_data.contents.append(sval1)

    comment = str_format.clean_string(\
        str_format.decode_string(comment, config.CHARSET))
    expiration = int(expiration) if expiration else 0
    if expiration:
        expiration = expiration + time.time()

    sql = table.insert().values(type=option,
                                comment=comment,
                                ival1=int(ival1),
                                ival2=int(ival2),
                                sval1=sval1,
                                total=total,
                                expiration=expiration)
    result = session.execute(sql)

    task_data.admin_id = result.inserted_primary_key[0]

    # Add specific action name to task data.
    task_data.action = option

    board = local.environ['waka.board']
    forward_url = misc.make_script_url(task='bans', board=board.name)

    if caller == 'window':
        return Template('edit_successful')
    return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
コード例 #35
0
    def make_admin_post_search_panel(self, search, text, caller='internal'):
        board = self.board
        session = model.Session()
        table = board.table

        board.check_access(self.user)

        popup = caller != 'board'

        if search.find('IP Address') != -1:
            try:
                sql = table.select()\
                           .where(table.c.ip == misc.dot_to_dec(text))
            except ValueError:
                raise WakaError('Please enter a valid IP.')
            search_type = 'IP'
        elif search.find('Text String') != -1:
            sql = table.select().where(table.c.comment.like('%' + text + '%'))
            search_type = 'text string'
        elif search.find('Author') != -1:
            sql = table.select().where(
                or_(table.c.name.like('%' + text + '%'),
                    table.c.trip.like('%' + text + '%')))
            search_type = 'author'
        else:
            sql = table.select().where(table.c.num == text)
            search_type = 'ID'

        if search_type != 'ID':
            page = model.Page(sql, self.page, self.perpage)
            rowcount = page.total_entries
            total_pages = page.total_pages
            posts = page.rows
            if not posts:
                raise WakaError("No posts found for %s %s" %
                                (search_type, text))
        else:
            rowcount = total_pages = 1
            row = session.execute(sql).fetchone()
            if not row:
                raise WakaError("Post not found. (It may have just been"
                                " deleted.)")
            posts = [row]

        inputs = [{
            'name': 'board',
            'value': board.name
        }, {
            'name': 'task',
            'value': 'searchposts'
        }, {
            'name': 'text',
            'value': text
        }, {
            'name': 'caller',
            'value': caller
        }, {
            'name': 'search',
            'value': search
        }]

        rooturl = misc.make_script_url(task='searchposts',
                                       board=board.name,
                                       caller=caller,
                                       search=search,
                                       text=text,
                                       _amp=True)

        Template.__init__(self,
                          'post_search',
                          num=id,
                          posts=posts,
                          search=search,
                          text=text,
                          inputs=inputs,
                          number_of_pages=total_pages,
                          rooturl=rooturl,
                          rowcount=rowcount,
                          popup=popup)
コード例 #36
0
    def make_admin_activity_panel(self, view='', user_to_view=None,
                                  action_to_view=None, ip_to_view=None,
                                  post_to_view=None, sortby_name='date',
                                  sortby_dir='desc'):

        board = self.board

        template_view = 'staff_activity_unfiltered'
        action_name = action_content = ''

        table = model.activity
        account_table = model.account
        
        dual_table_select = [account_table.c.username,
                             account_table.c.account,
                             account_table.c.disabled,
                             table.c.action,
                             table.c.info,
                             table.c.date,
                             table.c.ip]
        sql = select(dual_table_select,
                     from_obj=[table.join(account_table,
                     table.c.username == model.account.c.username)])

        rooturl_args = dict(task='stafflog', board=board.name,
            view=view, sortby=sortby_name, order=sortby_dir, _amp=True)

        if view == 'user':
            if not user_to_view:
                raise WakaError('Please select a user to view.')
            template_view = 'staff_activity_by_user'
            sql = sql.where(table.c.username == user_to_view)
            rooturl_args['usertoview'] = user_to_view

        elif view == 'action':
            if not action_to_view:
                raise WakaError('Please select an action to view.')
            template_view = 'staff_activity_by_actions'
            (action_name, action_content) \
                = staff_tasks.get_action_name(action_to_view, 1)
            sql = sql.where(table.c.action == action_to_view)
            rooturl_args['actiontoview'] = action_to_view

        elif view == 'ip':
            if not ip_to_view:
                raise WakaError('Please specify an IP address to view.')
            template_view = 'staff_activity_by_ip_address'
            sql = sql.where(table.c.info.like('%' + ip_to_view + '%'))
            rooturl_args['iptoview'] = ip_to_view

        elif view == 'post':
            if not post_to_view:
                raise WakaError('Post key missing.')
            template_view = 'staff_activity_by_post'
            sql = sql.where(table.c.info.like('%' + post_to_view + '%'))
            rooturl_args['posttoview'] = post_to_view

        rooturl = misc.make_script_url(**rooturl_args)

        # Acquire staff info.
        session = model.Session()
        staff_get = model.account.select()
        staff = session.execute(staff_get).fetchall()

        # Establish list of hidden inputs.
        inputs = [
            {'name' : 'actiontoview', 'value' : action_to_view},
            {'name' : 'task', 'value' : 'stafflog'},
            {'name' : 'posttoview', 'value' : post_to_view},
            {'name' : 'usertoview', 'value' : user_to_view},
            {'name' : 'iptoview', 'value' : ip_to_view},
            {'name' : 'order', 'value' : sortby_dir},
            {'name' : 'sortby', 'value' : sortby_name},
            {'name' : 'view', 'value': view}
        ]

        if self.board:
            inputs.append({'name' : 'board', 'value' : self.board.name})

        # Apply sorting.
        if sortby_name and hasattr(table.c, sortby_name):
            order_col = getattr(table.c, sortby_name)
            if sortby_dir.lower() == 'asc':
                sort_spec = order_col.asc()
            else:
                sort_spec = order_col.desc()
            sql = sql.order_by(sort_spec)

        res = model.Page(sql, self.page, self.perpage)

        Template.__init__(self, template_view,
                          user_to_view=user_to_view,
                          entries=res.rows,
                          staff=staff,
                          rowcount=res.total_entries,
                          numberofpages=res.total_pages,
                          view=view,
                          order=sortby_dir,
                          action_name=action_name,
                          content_name=action_content,
                          sortby=sortby_name,
                          number_of_pages=res.total_pages,
                          rooturl=rooturl,
                          inputs=inputs)
コード例 #37
0
    def make_admin_activity_panel(self,
                                  view='',
                                  user_to_view=None,
                                  action_to_view=None,
                                  ip_to_view=None,
                                  post_to_view=None,
                                  sortby_name='date',
                                  sortby_dir='desc'):

        board = self.board

        template_view = 'staff_activity_unfiltered'
        action_name = action_content = ''

        table = model.activity
        account_table = model.account

        dual_table_select = [
            account_table.c.username, account_table.c.account,
            account_table.c.disabled, table.c.action, table.c.info,
            table.c.date, table.c.ip
        ]
        sql = select(dual_table_select,
                     from_obj=[
                         table.join(
                             account_table,
                             table.c.username == model.account.c.username)
                     ])

        rooturl_args = dict(task='stafflog',
                            board=board.name,
                            view=view,
                            sortby=sortby_name,
                            order=sortby_dir,
                            _amp=True)

        if view == 'user':
            if not user_to_view:
                raise WakaError('Please select a user to view.')
            template_view = 'staff_activity_by_user'
            sql = sql.where(table.c.username == user_to_view)
            rooturl_args['usertoview'] = user_to_view

        elif view == 'action':
            if not action_to_view:
                raise WakaError('Please select an action to view.')
            template_view = 'staff_activity_by_actions'
            (action_name, action_content) \
                = staff_tasks.get_action_name(action_to_view, 1)
            sql = sql.where(table.c.action == action_to_view)
            rooturl_args['actiontoview'] = action_to_view

        elif view == 'ip':
            if not ip_to_view:
                raise WakaError('Please specify an IP address to view.')
            template_view = 'staff_activity_by_ip_address'
            sql = sql.where(table.c.info.like('%' + ip_to_view + '%'))
            rooturl_args['iptoview'] = ip_to_view

        elif view == 'post':
            if not post_to_view:
                raise WakaError('Post key missing.')
            template_view = 'staff_activity_by_post'
            sql = sql.where(table.c.info.like('%' + post_to_view + '%'))
            rooturl_args['posttoview'] = post_to_view

        rooturl = misc.make_script_url(**rooturl_args)

        # Acquire staff info.
        session = model.Session()
        staff_get = model.account.select()
        staff = session.execute(staff_get).fetchall()

        # Establish list of hidden inputs.
        inputs = [{
            'name': 'actiontoview',
            'value': action_to_view
        }, {
            'name': 'task',
            'value': 'stafflog'
        }, {
            'name': 'posttoview',
            'value': post_to_view
        }, {
            'name': 'usertoview',
            'value': user_to_view
        }, {
            'name': 'iptoview',
            'value': ip_to_view
        }, {
            'name': 'order',
            'value': sortby_dir
        }, {
            'name': 'sortby',
            'value': sortby_name
        }, {
            'name': 'view',
            'value': view
        }]

        if self.board:
            inputs.append({'name': 'board', 'value': self.board.name})

        # Apply sorting.
        if sortby_name and hasattr(table.c, sortby_name):
            order_col = getattr(table.c, sortby_name)
            if sortby_dir.lower() == 'asc':
                sort_spec = order_col.asc()
            else:
                sort_spec = order_col.desc()
            sql = sql.order_by(sort_spec)

        res = model.Page(sql, self.page, self.perpage)

        Template.__init__(self,
                          template_view,
                          user_to_view=user_to_view,
                          entries=res.rows,
                          staff=staff,
                          rowcount=res.total_entries,
                          numberofpages=res.total_pages,
                          view=view,
                          order=sortby_dir,
                          action_name=action_name,
                          content_name=action_content,
                          sortby=sortby_name,
                          number_of_pages=res.total_pages,
                          rooturl=rooturl,
                          inputs=inputs)