コード例 #1
0
def show_moderator_buttons(board_id):
    if get_authed():
        moderator = request_moderator()
        if moderator_service.moderates_board_id(moderator, board_id):
            return True

    return False
コード例 #2
0
def _gather_manage_params() -> ManagePostDetails:
    form = request.form

    board_name = form.get('board', None)
    if not validation.check_board_name_validity(board_name):
        abort(400)

    thread_refno = form.get('thread', type=int)
    valid_id_range(thread_refno)

    post_id = form.get('post_id', type=int)
    if not post_id:
        post_id = None

    if post_id is not None:
        valid_id_range(post_id)

    password = form.get('password', None)
    if not password:
        password = None

    if password and not validation.check_password_validity(password):
        abort(400)

    ip4 = get_request_ip4()

    mod_id = None
    if get_authed():
        mod_id = request_moderator().id

    mode_string = form.get('mode')

    return ManagePostDetails(board_name, thread_refno, post_id, ip4, mod_id, mode_string, password)
コード例 #3
0
ファイル: thread.py プロジェクト: Floens/uchan 
def show_moderator_buttons(board_id):
    if get_authed():
        moderator = request_moderator()
        if moderator_service.moderates_board_id(moderator, board_id):
            return True

    return False
コード例 #4
0
ファイル: mod_board.py プロジェクト: Floens/uchan 
def mod_board_delete():
    board = board_service.find_board(request.form['board_name'])

    try:
        moderator_service.user_delete_board(request_moderator(), board)
        flash('Board deleted')
        mod_log('delete board /{}/'.format(board.name))
    except ArgumentError as e:
        flash(e.message)

    return redirect(url_for('.mod_boards'))
コード例 #5
0
def mod_board_delete():
    board = board_service.find_board(request.form['board_name'])

    try:
        moderator_service.user_delete_board(request_moderator(), board)
        flash('Board deleted')
        mod_log('delete board /{}/'.format(board.name))
    except ArgumentError as e:
        flash(e.message)

    return redirect(url_for('.mod_boards'))
コード例 #6
0
ファイル: mod_auth.py プロジェクト: Floens/uchan 
def mod_auth():
    if request.method == 'POST':
        return _mod_auth_post()
    else:
        authed = get_authed()
        moderator = request_moderator() if authed else None

        method = None
        if not authed:
            method = verification_service.get_method()

        return render_template('auth.html', authed=authed, moderator=moderator, method=method)
コード例 #7
0
def _gather_post_params() -> Tuple[BoardModel, PostDetails]:
    form = request.form

    # Gather params
    thread_refno_raw = form.get('thread', None)
    thread_refno = None
    if thread_refno_raw is not None:
        try:
            thread_refno = int(thread_refno_raw)
            valid_id_range(thread_refno)
        except ValueError:
            abort(400)

    board_name = form.get('board', None)
    if not validation.check_board_name_validity(board_name):
        abort(400)

    board = board_service.find_board(board_name)
    if not board:
        abort(404)

    text = form.get('comment', None)
    name = form.get('name', None)
    subject = form.get('subject', None)
    password = form.get('password', None)

    # Convert empty strings to None
    if not text:
        text = None
    if not name:
        name = None
    if not subject:
        subject = None
    if not password:
        password = None

    file = request.files.get('file', None)
    has_file = file is not None and file.filename is not None and len(file.filename) > 0

    ip4 = get_request_ip4()

    with_mod = form.get('with_mod', default=False, type=bool)
    mod_id = None
    if with_mod:
        moderator = request_moderator() if get_authed() else None
        if moderator is not None:
            mod_id = moderator.id

    return board, PostDetails(form, board_name, thread_refno, text, name, subject, password, has_file,
                              ip4, mod_id, None)
コード例 #8
0
def mod_auth():
    if request.method == 'POST':
        return _mod_auth_post()
    else:
        authed = get_authed()
        moderator = request_moderator() if authed else None

        method = None
        if not authed:
            method = verification_service.get_method()

        return render_template('auth.html',
                               authed=authed,
                               moderator=moderator,
                               method=method)
コード例 #9
0
ファイル: mod_board.py プロジェクト: Floens/uchan 
def mod_board_log(board: BoardModel, page=0):
    per_page = 100
    pages = 15

    moderator = request_moderator()

    logs = moderator_service.user_get_logs(moderator, board, page, per_page)

    def get_log_type(typeid):
        try:
            return ModeratorLogType(typeid).name
        except ValueError:
            return ''

    return render_template('mod_board_log.html', board=board, page=page, pages=pages,
                           logs=logs, get_log_type=get_log_type)
コード例 #10
0
ファイル: mod_board.py プロジェクト: Floens/uchan 
def mod_boards():
    moderator = request_moderator()
    board_moderators = moderator_service.get_all_board_moderators_by_moderator(moderator)

    add_board_form = AddBoardForm(request.form)
    if request.method == 'POST' and add_board_form.validate():
        try:
            board_name = add_board_form.board_name.data
            moderator_service.user_create_board(moderator, board_name)
            flash('Board created')
            return redirect(url_for('.mod_board', board_name=board_name))
        except ArgumentError as e:
            flash(e.message)
            return redirect(url_for('.mod_boards'))

    return render_template('mod_boards.html', add_board_form=add_board_form, moderator=moderator,
                           board_moderators=board_moderators)
コード例 #11
0
ファイル: mod_self.py プロジェクト: Floens/uchan 
def mod_self():
    moderator = request_moderator()

    change_password_form = ChangePasswordForm(request.form)
    if request.method == 'POST' and change_password_form.validate():
        try:
            moderator_service.check_and_set_password(
                moderator, change_password_form.old_password.data, change_password_form.new_password.data)
            flash('Changed password')
            mod_log('password changed')
        except ArgumentError as e:
            flash(e.message)

    moderating_boards = moderator_service.get_all_moderating_boards(moderator)
    board_links = map(lambda b: (b.name, url_for('board', board_name=b.name)), moderating_boards)

    return render_template('mod_self.html', change_password_form=change_password_form, moderator=moderator,
                           board_links=board_links)
コード例 #12
0
ファイル: mod_moderator.py プロジェクト: pugong/uchan 
def mod_moderator_delete():
    moderator = moderator_service.find_moderator_id(
        request.form.get('moderator_id', type=int))
    username = moderator.username

    authed_moderator = request_moderator()
    self_delete = authed_moderator == moderator

    # moderator_service.delete_moderator(moderator)
    # if self_delete:
    #    unset_mod_authed()
    flash('Moderator deleted')
    mod_log('moderator delete username {}'.format(username),
            moderator_name=authed_moderator.username)

    if self_delete:
        return redirect(url_for('.mod_auth'))
    else:
        return redirect(url_for('.mod_moderators'))
コード例 #13
0
def mod_boards():
    moderator = request_moderator()
    board_moderators = moderator_service.get_all_board_moderators_by_moderator(
        moderator)

    add_board_form = AddBoardForm(request.form)
    if request.method == 'POST' and add_board_form.validate():
        try:
            board_name = add_board_form.board_name.data
            moderator_service.user_create_board(moderator, board_name)
            flash('Board created')
            return redirect(url_for('.mod_board', board_name=board_name))
        except ArgumentError as e:
            flash(e.message)
            return redirect(url_for('.mod_boards'))

    return render_template('mod_boards.html',
                           add_board_form=add_board_form,
                           moderator=moderator,
                           board_moderators=board_moderators)
コード例 #14
0
def mod_board_log(board: BoardModel, page=0):
    per_page = 100
    pages = 15

    moderator = request_moderator()

    logs = moderator_service.user_get_logs(moderator, board, page, per_page)

    def get_log_type(typeid):
        try:
            return ModeratorLogType(typeid).name
        except ValueError:
            return ''

    return render_template('mod_board_log.html',
                           board=board,
                           page=page,
                           pages=pages,
                           logs=logs,
                           get_log_type=get_log_type)
コード例 #15
0
ファイル: mod_self.py プロジェクト: pugong/uchan 
def mod_self():
    moderator = request_moderator()

    change_password_form = ChangePasswordForm(request.form)
    if request.method == 'POST' and change_password_form.validate():
        try:
            moderator_service.check_and_set_password(
                moderator, change_password_form.old_password.data,
                change_password_form.new_password.data)
            flash('Changed password')
            mod_log('password changed')
        except ArgumentError as e:
            flash(e.message)

    moderating_boards = moderator_service.get_all_moderating_boards(moderator)
    board_links = map(lambda b: (b.name, url_for('board', board_name=b.name)),
                      moderating_boards)

    return render_template('mod_self.html',
                           change_password_form=change_password_form,
                           moderator=moderator,
                           board_links=board_links)
コード例 #16
0
ファイル: mod_log.py プロジェクト: pugong/uchan 
def mod_log(what, moderator_name=None, moderator=None, ip4_str=None):
    """Logs to a log file."""
    # Hax
    in_request_context = _request_ctx_stack.top is not None

    if in_request_context:
        if ip4_str is None:
            ip4_str = get_request_ip4_str()
        if moderator_name is None:
            if not moderator:
                moderator = request_moderator() if get_authed() else None
            if moderator is not None:
                moderator_name = moderator.username

    output = ''
    if ip4_str is not None:
        output += '[' + ip4_str + '] '
    if moderator_name is not None:
        output += '[' + moderator_name + '] '
    output += what

    mod_logger.info(output)
コード例 #17
0
def _gather_report_manage_params():
    form = request.form

    report_id = form.get('report_id', type=int)
    moderator = request_moderator()

    mode_string = form['mode']

    if mode_string == 'clear':
        mode = ManageReportDetails.CLEAR
        success_message = 'Cleared report'
    elif mode_string == 'delete':
        mode = ManageReportDetails.DELETE_POST
        success_message = 'Deleted post'
    elif mode_string == 'delete_file':
        mode = ManageReportDetails.DELETE_FILE
        success_message = 'Deleted file'
    else:
        abort(400)
        return

    return ManageReportDetails(report_id, moderator.id, mode), success_message
コード例 #18
0
def mod_report(page=0, boards=None):
    per_page = 20
    pages = 15

    moderator = request_moderator()
    is_admin = moderator_service.has_role(moderator, roles.ROLE_ADMIN)

    board_names = None
    if boards is not None:
        board_names = list(set(boards.split(',')))

        if len(board_names) > 6:
            raise BadRequestError('Maximum of 6 boards can be combined')

    try:
        if board_names:
            for_boards = board_service.find_by_names(list(board_names))
        else:
            for_boards = None

        reports = report_service.get_reports(moderator, page, per_page, for_boards)
    except ArgumentError as e:
        raise BadRequestError(e)

    view_ips = is_admin
    show_ban_button = is_admin

    if is_admin:
        moderator_boards = board_service.get_all_boards()
    else:
        moderator_boards = moderator_service.get_all_moderating_boards(moderator)

    pager_suffix = '/' + ','.join(board_names) if board_names else ''
    return render_template('mod_report.html', page=page, pages=pages, pager_suffix=pager_suffix,
                           moderator=moderator, reports=reports, moderator_boards=moderator_boards,
                           view_ips=view_ips, ip4_to_str=ip4_to_str, show_ban_button=show_ban_button)
コード例 #19
0
def mod_board(board_name):
    board = board_service.find_board(board_name)
    if not board:
        abort(404)

    moderator = request_moderator()
    if not moderator_service.moderates_board(moderator, board):
        abort(404)

    # These are purely for configuring the visibility of the various elements on the page,
    # the actions are still checked with the authorizer on post.
    can_update_board_config = moderator_service.can_update_board_config(
        moderator, board)
    can_update_advanced_board_configs = moderator_service.can_update_advanced_board_configs(
        moderator)
    can_update_roles = moderator_service.can_update_roles(moderator, board)
    can_invite_moderator = moderator_service.can_invite_moderator(
        moderator, board)
    can_remove_moderator = moderator_service.can_remove_moderator(
        moderator, board)
    can_delete = moderator_service.can_delete_board(moderator)

    for_action = request.form.get('for_action')
    action_configure = for_action == 'configuration'
    action_update_roles = for_action == 'update_roles'
    action_invite_moderator = for_action == 'moderator_invite'
    action_remove_moderator = for_action == 'moderator_remove'

    board_configuration_form = None
    invite_messages = []
    invite_moderator_form = None
    roles_messages = []

    if request.method == 'POST':
        if action_configure:
            board_configuration_form = BoardConfigurationForm(request.form)
            if board_configuration_form.validate():
                board.config.full_name = board_configuration_form.full_name.data
                board.config.description = board_configuration_form.description.data

                if can_update_advanced_board_configs:
                    board.config.pages = board_configuration_form.pages.data
                    board.config.per_page = board_configuration_form.per_page.data
                    board.config.bump_limit = board_configuration_form.bump_limit.data
                    board.config.file_posting = board_configuration_form.file_posting.data
                    board.config.posting_verification_required = board_configuration_form.posting_verification.data

                moderator_service.user_update_board_config(moderator, board)
        elif action_invite_moderator:
            invite_moderator_form = InviteModeratorForm(request.form)
            if invite_moderator_form.validate():
                moderator_username = invite_moderator_form.username.data

                try:
                    moderator_service.user_invite_moderator(
                        request_moderator(), board, moderator_username)
                    invite_messages.append('Moderator invited')
                except ArgumentError as e:
                    invite_messages.append(str(e))
        elif action_remove_moderator:
            # No wtform for this action
            if not check_csrf_token(request.form.get('token')):
                abort(400)

            moderator_username = request.form['username']

            removed_self = False
            try:
                removed_self = moderator_service.user_remove_moderator(
                    moderator, board, moderator_username)
                roles_messages.append('Moderator removed')
            except ArgumentError as e:
                roles_messages.append(str(e))

            if removed_self:
                return redirect(url_for('.mod_boards'))
        elif action_update_roles:
            # Also no wtform
            if not check_csrf_token(request.form.get('token')):
                abort(400)

            moderator_username = request.form['username']

            checked_roles = []
            for board_role in roles.ALL_BOARD_ROLES:
                if request.form.get(board_role) == 'on':
                    checked_roles.append(board_role)

            try:
                moderator_service.user_update_roles(moderator, board,
                                                    moderator_username,
                                                    checked_roles)
                roles_messages.append('Roles updated')
            except ArgumentError as e:
                roles_messages.append(str(e))
            except NoPermissionError as e:
                roles_messages.append('No permission')
        else:
            abort(400)

    if not board_configuration_form:
        board_configuration_form = BoardConfigurationForm(
            full_name=board.config.full_name,
            description=board.config.description,
            pages=board.config.pages,
            per_page=board.config.per_page,
            bump_limit=board.config.bump_limit,
            file_posting=board.config.file_posting,
            posting_verification=board.config.posting_verification_required,
        )

    if not can_update_advanced_board_configs:
        del board_configuration_form.pages
        del board_configuration_form.per_page
        del board_configuration_form.bump_limit
        del board_configuration_form.file_posting
        del board_configuration_form.posting_verification

    if not invite_moderator_form:
        invite_moderator_form = InviteModeratorForm()

    board_configuration_form.action_url = url_for('.mod_board',
                                                  board_name=board_name)
    invite_moderator_form.action_url = url_for('.mod_board',
                                               board_name=board_name,
                                               _anchor='invite')

    board_moderators = moderator_service.get_all_board_moderators_by_board(
        board)

    # Put the request moderator on top for the permissions table
    board_moderators_unsorted = sorted(
        board_moderators,
        key=lambda board_moderator: board_moderator.moderator.id)
    board_moderators = []
    for item in board_moderators_unsorted:
        if item.moderator == moderator:
            board_moderators.append(item)
            break
    for item in board_moderators_unsorted:
        if item.moderator != moderator:
            board_moderators.append(item)

    all_board_roles = roles.ALL_BOARD_ROLES

    return render_template(
        'mod_board.html',
        board=board,
        board_configuration_form=board_configuration_form,
        invite_messages=invite_messages,
        roles_messages=roles_messages,
        invite_moderator_form=invite_moderator_form,
        can_update_board_config=can_update_board_config,
        can_update_advanced_board_configs=can_update_advanced_board_configs,
        can_delete=can_delete,
        can_update_roles=can_update_roles,
        can_invite_moderator=can_invite_moderator,
        can_remove_moderator=can_remove_moderator,
        board_moderators=board_moderators,
        all_board_roles=all_board_roles)
コード例 #20
0
ファイル: mod_board.py プロジェクト: Floens/uchan 
def mod_board(board_name):
    board = board_service.find_board(board_name)
    if not board:
        abort(404)

    moderator = request_moderator()
    if not moderator_service.moderates_board(moderator, board):
        abort(404)

    # These are purely for configuring the visibility of the various elements on the page,
    # the actions are still checked with the authorizer on post.
    can_update_board_config = moderator_service.can_update_board_config(moderator, board)
    can_update_advanced_board_configs = moderator_service.can_update_advanced_board_configs(moderator)
    can_update_roles = moderator_service.can_update_roles(moderator, board)
    can_invite_moderator = moderator_service.can_invite_moderator(moderator, board)
    can_remove_moderator = moderator_service.can_remove_moderator(moderator, board)
    can_delete = moderator_service.can_delete_board(moderator)

    for_action = request.form.get('for_action')
    action_configure = for_action == 'configuration'
    action_update_roles = for_action == 'update_roles'
    action_invite_moderator = for_action == 'moderator_invite'
    action_remove_moderator = for_action == 'moderator_remove'

    board_configuration_form = None
    invite_messages = []
    invite_moderator_form = None
    roles_messages = []

    if request.method == 'POST':
        if action_configure:
            board_configuration_form = BoardConfigurationForm(request.form)
            if board_configuration_form.validate():
                board.config.full_name = board_configuration_form.full_name.data
                board.config.description = board_configuration_form.description.data

                if can_update_advanced_board_configs:
                    board.config.pages = board_configuration_form.pages.data
                    board.config.per_page = board_configuration_form.per_page.data
                    board.config.bump_limit = board_configuration_form.bump_limit.data
                    board.config.file_posting = board_configuration_form.file_posting.data
                    board.config.posting_verification_required = board_configuration_form.posting_verification.data

                moderator_service.user_update_board_config(moderator, board)
        elif action_invite_moderator:
            invite_moderator_form = InviteModeratorForm(request.form)
            if invite_moderator_form.validate():
                moderator_username = invite_moderator_form.username.data

                try:
                    moderator_service.user_invite_moderator(request_moderator(), board, moderator_username)
                    invite_messages.append('Moderator invited')
                except ArgumentError as e:
                    invite_messages.append(str(e))
        elif action_remove_moderator:
            # No wtform for this action
            if not check_csrf_token(request.form.get('token')):
                abort(400)

            moderator_username = request.form['username']

            removed_self = False
            try:
                removed_self = moderator_service.user_remove_moderator(moderator, board, moderator_username)
                roles_messages.append('Moderator removed')
            except ArgumentError as e:
                roles_messages.append(str(e))

            if removed_self:
                return redirect(url_for('.mod_boards'))
        elif action_update_roles:
            # Also no wtform
            if not check_csrf_token(request.form.get('token')):
                abort(400)

            moderator_username = request.form['username']

            checked_roles = []
            for board_role in roles.ALL_BOARD_ROLES:
                if request.form.get(board_role) == 'on':
                    checked_roles.append(board_role)

            try:
                moderator_service.user_update_roles(moderator, board, moderator_username, checked_roles)
                roles_messages.append('Roles updated')
            except ArgumentError as e:
                roles_messages.append(str(e))
            except NoPermissionError as e:
                roles_messages.append('No permission')
        else:
            abort(400)

    if not board_configuration_form:
        board_configuration_form = BoardConfigurationForm(
            full_name=board.config.full_name,
            description=board.config.description,

            pages=board.config.pages,
            per_page=board.config.per_page,
            bump_limit=board.config.bump_limit,
            file_posting=board.config.file_posting,
            posting_verification=board.config.posting_verification_required,
        )

    if not can_update_advanced_board_configs:
        del board_configuration_form.pages
        del board_configuration_form.per_page
        del board_configuration_form.bump_limit
        del board_configuration_form.file_posting
        del board_configuration_form.posting_verification

    if not invite_moderator_form:
        invite_moderator_form = InviteModeratorForm()

    board_configuration_form.action_url = url_for('.mod_board', board_name=board_name)
    invite_moderator_form.action_url = url_for('.mod_board', board_name=board_name, _anchor='invite')

    board_moderators = moderator_service.get_all_board_moderators_by_board(board)

    # Put the request moderator on top for the permissions table
    board_moderators_unsorted = sorted(board_moderators, key=lambda board_moderator: board_moderator.moderator.id)
    board_moderators = []
    for item in board_moderators_unsorted:
        if item.moderator == moderator:
            board_moderators.append(item)
            break
    for item in board_moderators_unsorted:
        if item.moderator != moderator:
            board_moderators.append(item)

    all_board_roles = roles.ALL_BOARD_ROLES

    return render_template('mod_board.html', board=board,
                           board_configuration_form=board_configuration_form,
                           invite_messages=invite_messages,
                           roles_messages=roles_messages,
                           invite_moderator_form=invite_moderator_form,
                           can_update_board_config=can_update_board_config,
                           can_update_advanced_board_configs=can_update_advanced_board_configs,
                           can_delete=can_delete,
                           can_update_roles=can_update_roles,
                           can_invite_moderator=can_invite_moderator,
                           can_remove_moderator=can_remove_moderator,
                           board_moderators=board_moderators,
                           all_board_roles=all_board_roles)