def wrapper(*args, **kwargs):
if current_user.is_authenticated and current_user.has_admin_rights(
):
return func(*args, **kwargs)
else:
flash('You do not have the permission to access this page')
return redirect(url_for(self.redirect_view))
def route_message_replies(username, postid):
lang = Language(get_user_lang(request.headers, current_user))
if current_user.is_authenticated and current_user.is_banned():
return render_template("errors/banned.html", lang=lang)
user = get_user_by_name(username)
if user == None:
return abort(404)
if user.is_banned() and (not current_user.is_authenticated
or not current_user.has_admin_rights()):
return redirect(url_for("route_profile", username=username))
msg = get_message_by_id(postid)
if msg == None:
return abort(404)
msgs, next_page, prev_page = compute_pages(request.args,
get_message_replies, msg,
current_user)
return render_template("message/viewreplies.html",
lang=lang,
user=user,
msgs=msgs,
render_message=bind1(render_message, lang),
prev_page=prev_page,
next_page=next_page,
has_before="b" in request.args
or "a" in request.args,
username=username,
postid=postid)
def route_message(username, postid):
lang = Language(get_user_lang(request.headers, current_user))
if current_user.is_authenticated and current_user.is_banned():
return render_template("errors/banned.html", lang=lang)
user = get_user_by_name(username)
if user == None:
return abort(404)
if user.is_banned() and (not current_user.is_authenticated
or not current_user.has_admin_rights()):
return redirect(url_for("route_profile", username=username))
msg = get_message_by_id(postid)
if msg == None:
return abort(404)
if user.get_id() != msg.get_author_id():
return abort(404)
reply = None
if msg.reply != None:
reply = get_message_by_id(msg.reply)
return render_template(
"message/viewmessage.html",
lang=lang,
user=user,
msg=msg,
reply=reply,
reply_id=msg.reply,
is_reply=msg.is_reply,
render_message=bind1(render_message, lang),
username=username,
postid=postid,
important_replies=msg.get_most_important_message_replies(current_user))
def wrapper(*args, **kwargs):
if current_user.is_authenticated and current_user.has_admin_rights(
):
return func(*args, **kwargs)
else:
flash('Page access denied, admin privileges required')
app.logger.info(
f'{current_user.username} denied access, admin privileges required'
)
return redirect(url_for(self.redirect_view))
def route_remove_msg_report():
if not current_user.has_admin_rights() or current_user.is_banned():
return abort(403)
rid = request.form["rid"]
try:
application.models.ReportMessage.query.filter_by(
reportid=rid).first().terminate()
except:
return abort(400)
return redirect(
get_safe_url(request.host_url, request.form["next"]
or url_for("route_admin_msgreports"),
url_for("route_admin_msgreports")))
def route_toggle_ban():
if current_user.is_banned():
return abort(403)
form = request.form
if not current_user.has_admin_rights():
return abort(403)
other_user = get_user_by_id(form["uid"])
code = toggle_ban(other_user)
if code == 200:
return redirect(
url_for("route_profile", username=other_user.get_user_name()))
else:
return abort(code)
def route_msg_delete():
if current_user.is_banned():
return abort(403)
form = request.form
mid = form["mid"]
msg = get_message_by_id(mid)
if msg == None:
return abort(400)
if not current_user.has_admin_rights():
if msg.get_author_id() != current_user.get_id():
return abort(403)
msg.terminate()
return redirect(
url_for("route_profile", username=msg.get_author().get_user_name()))
def route_admin_msgreports():
lang = Language(get_user_lang(request.headers, current_user))
if not current_user.has_admin_rights() or current_user.is_banned():
return render_template("errors/notadmin.html", lang=lang)
reports, next_page, prev_page = compute_pages(request.args,
get_message_reports,
current_user)
return render_template("admin/admin_msgreports.html",
lang=lang,
reports=reports,
render_report=bind1(render_message_report, lang),
prev_page=prev_page,
next_page=next_page,
has_before="b" in request.args
or "a" in request.args)
def route_profile_followers(username):
lang = Language(get_user_lang(request.headers, current_user))
if current_user.is_authenticated and current_user.is_banned():
return render_template("errors/banned.html", lang=lang)
user = get_user_by_name(username)
if user == None:
return abort(404)
if user.is_banned() and (not current_user.is_authenticated
or not current_user.has_admin_rights()):
return redirect(url_for("route_profile", username=username))
users, next_page, prev_page = compute_pages(request.args, get_followers,
user)
return render_template("profile/profile_followers.html",
lang=lang,
user=user,
users=users,
render_user=bind1(render_user, lang),
prev_page=prev_page,
next_page=next_page,
has_before="b" in request.args
or "a" in request.args)
def route_admin():
lang = Language(get_user_lang(request.headers, current_user))
if not current_user.has_admin_rights() or current_user.is_banned():
return render_template("errors/notadmin.html", lang=lang)
return render_template("admin/admin.html", lang=lang)