def edit_torrent(torrent_id): torrent = models.Torrent.by_id(torrent_id) form = forms.EditForm(flask.request.form) form.category.choices = _create_upload_category_choices() delete_form = forms.DeleteForm() ban_form = None editor = flask.g.user if not torrent: flask.abort(404) # Only allow admins edit deleted torrents if torrent.deleted and not (editor and editor.is_moderator): flask.abort(404) # Only allow torrent owners or admins edit torrents if not editor or not (editor is torrent.user or editor.is_moderator): flask.abort(403) torrent_user_level = torrent.user and torrent.user.level if editor and editor.is_moderator and \ (torrent_user_level is None or editor.level > torrent_user_level): ban_form = forms.BanForm() if flask.request.method == 'POST' and form.submit.data and form.validate(): # Form has been sent, edit torrent with data. torrent.main_category_id, torrent.sub_category_id = \ form.category.parsed_data.get_category_ids() torrent.display_name = (form.display_name.data or '').strip() torrent.information = (form.information.data or '').strip() torrent.description = (form.description.data or '').strip() torrent.hidden = form.is_hidden.data torrent.remake = form.is_remake.data torrent.complete = form.is_complete.data torrent.anonymous = form.is_anonymous.data if editor.is_trusted: torrent.trusted = form.is_trusted.data if editor.is_moderator: locked_changed = torrent.comment_locked != form.is_comment_locked.data torrent.comment_locked = form.is_comment_locked.data url = flask.url_for('torrents.view', torrent_id=torrent.id) if editor.is_moderator and locked_changed: log = "Torrent [#{0}]({1}) marked as {2}".format( torrent.id, url, "comments locked" if torrent.comment_locked else "comments unlocked") adminlog = models.AdminLog(log=log, admin_id=editor.id) db.session.add(adminlog) db.session.commit() flask.flash( flask.Markup( 'Torrent has been successfully edited! Changes might take a few minutes to show up.' ), 'success') url = flask.url_for('torrents.view', torrent_id=torrent.id) return flask.redirect(url) elif flask.request.method == 'POST' and delete_form.validate() and \ (not ban_form or ban_form.validate()): return _delete_torrent(torrent, delete_form, ban_form) else: if flask.request.method != 'POST': # Fill form data only if the POST didn't fail form.category.data = torrent.sub_category.id_as_string form.display_name.data = torrent.display_name form.information.data = torrent.information form.description.data = torrent.description form.is_hidden.data = torrent.hidden form.is_remake.data = torrent.remake form.is_complete.data = torrent.complete form.is_anonymous.data = torrent.anonymous form.is_trusted.data = torrent.trusted form.is_comment_locked.data = torrent.comment_locked ipbanned = None if editor.is_moderator: torrent_ip_banned = True user_ip_banned = True # Archived torrents do not have a null uploader_ip if torrent.uploader_ip: torrent_ip_banned = models.Ban.banned( None, torrent.uploader_ip).first() if torrent.user: user_ip_banned = models.Ban.banned( None, torrent.user.last_login_ip).first() ipbanned = (torrent_ip_banned and user_ip_banned) return flask.render_template('edit.html', form=form, delete_form=delete_form, ban_form=ban_form, torrent=torrent, ipbanned=ipbanned)
def view_user(user_name): user = models.User.by_username(user_name) if not user: flask.abort(404) admin_form = None ban_form = None bans = None ipbanned = None if flask.g.user and flask.g.user.is_moderator and flask.g.user.level > user.level: admin_form = forms.UserForm() default, admin_form.user_class.choices = _create_user_class_choices( user) if flask.request.method == 'GET': admin_form.user_class.data = default ban_form = forms.BanForm() if flask.request.method == 'POST': doban = (ban_form.ban_user.data or ban_form.unban.data or ban_form.ban_userip.data) bans = models.Ban.banned(user.id, user.last_login_ip).all() ipbanned = list(filter(lambda b: b.user_ip == user.last_login_ip, bans)) url = flask.url_for('users.view_user', user_name=user.username) if flask.request.method == 'POST' and admin_form and not doban and admin_form.validate( ): selection = admin_form.user_class.data log = None if selection == 'regular': user.level = models.UserLevelType.REGULAR log = "[{}]({}) changed to regular user".format(user_name, url) elif selection == 'trusted': user.level = models.UserLevelType.TRUSTED log = "[{}]({}) changed to trusted user".format(user_name, url) elif selection == 'moderator': user.level = models.UserLevelType.MODERATOR log = "[{}]({}) changed to moderator user".format(user_name, url) adminlog = models.AdminLog(log=log, admin_id=flask.g.user.id) db.session.add(user) db.session.add(adminlog) db.session.commit() return flask.redirect(url) if flask.request.method == 'POST' and ban_form and doban and ban_form.validate( ): if (ban_form.ban_user.data and user.is_banned) or \ (ban_form.ban_userip.data and ipbanned) or \ (ban_form.unban.data and not user.is_banned and not bans): flask.flash(flask.Markup('What the f**k are you doing?'), 'danger') return flask.redirect(url) user_str = "[{0}]({1})".format(user.username, url) if ban_form.unban.data: action = "unbanned" user.status = models.UserStatusType.ACTIVE db.session.add(user) for ban in bans: if ban.user_ip: user_str += " IP({0})".format(ip_address(ban.user_ip)) db.session.delete(ban) else: action = "banned" user.status = models.UserStatusType.BANNED db.session.add(user) ban = models.Ban(admin_id=flask.g.user.id, user_id=user.id, reason=ban_form.reason.data) db.session.add(ban) if ban_form.ban_userip.data: ban.user_ip = ip_address(user.last_login_ip) user_str += " IP({0})".format(ban.user_ip) ban.user_ip = ban.user_ip.packed log = "User {0} has been {1}.".format(user_str, action) adminlog = models.AdminLog(log=log, admin_id=flask.g.user.id) db.session.add(adminlog) db.session.commit() flask.flash( flask.Markup('User has been successfully {0}.'.format(action)), 'success') return flask.redirect(url) if flask.request.method == 'POST' and ban_form and ban_form.nuke.data: if flask.g.user.is_superadmin: nyaa_banned = 0 sukebei_banned = 0 info_hashes = [] for t in chain(user.nyaa_torrents, user.sukebei_torrents): t.deleted = True t.banned = True info_hashes.append([t.info_hash]) db.session.add(t) if isinstance(t, models.NyaaTorrent): nyaa_banned += 1 else: sukebei_banned += 1 if info_hashes: backend.tracker_api(info_hashes, 'ban') for log_flavour, num in ((models.NyaaAdminLog, nyaa_banned), (models.SukebeiAdminLog, sukebei_banned)): if num > 0: log = "Nuked {0} torrents of [{1}]({2})".format( num, user.username, url) adminlog = log_flavour(log=log, admin_id=flask.g.user.id) db.session.add(adminlog) db.session.commit() flask.flash( 'Torrents of {0} have been nuked.'.format(user.username), 'success') return flask.redirect(url) else: flask.flash('Insufficient permissions to nuke.', 'danger') return flask.redirect(url) req_args = flask.request.args search_term = chain_get(req_args, 'q', 'term') sort_key = req_args.get('s') sort_order = req_args.get('o') category = chain_get(req_args, 'c', 'cats') quality_filter = chain_get(req_args, 'f', 'filter') page_number = chain_get(req_args, 'p', 'page', 'offset') try: page_number = max(1, int(page_number)) except (ValueError, TypeError): page_number = 1 results_per_page = app.config.get('RESULTS_PER_PAGE', DEFAULT_PER_PAGE) query_args = { 'term': search_term or '', 'user': user.id, 'sort': sort_key or 'id', 'order': sort_order or 'desc', 'category': category or '0_0', 'quality_filter': quality_filter or '0', 'page': page_number, 'rss': False, 'per_page': results_per_page } if flask.g.user: query_args['logged_in_user'] = flask.g.user if flask.g.user.is_moderator: # God mode query_args['admin'] = True # Use elastic search for term searching rss_query_string = _generate_query_string(search_term, category, quality_filter, user_name) use_elastic = app.config.get('USE_ELASTIC_SEARCH') if use_elastic and search_term: query_args['term'] = search_term max_search_results = app.config.get('ES_MAX_SEARCH_RESULT', DEFAULT_MAX_SEARCH_RESULT) # Only allow up to (max_search_results / page) pages max_page = min(query_args['page'], int(math.ceil(max_search_results / results_per_page))) query_args['page'] = max_page query_args['max_search_results'] = max_search_results query_results = search_elastic(**query_args) max_results = min(max_search_results, query_results['hits']['total']) # change p= argument to whatever you change page_parameter to or pagination breaks pagination = Pagination(p=query_args['page'], per_page=results_per_page, total=max_results, bs_version=3, page_parameter='p', display_msg=SERACH_PAGINATE_DISPLAY_MSG) return flask.render_template('user.html', use_elastic=True, pagination=pagination, torrent_query=query_results, search=query_args, user=user, user_page=True, rss_filter=rss_query_string, admin_form=admin_form, ban_form=ban_form, bans=bans, ipbanned=ipbanned) # Similar logic as home page else: if use_elastic: query_args['term'] = '' else: query_args['term'] = search_term or '' query = search_db(**query_args) return flask.render_template('user.html', use_elastic=False, torrent_query=query, search=query_args, user=user, user_page=True, rss_filter=rss_query_string, admin_form=admin_form, ban_form=ban_form, bans=bans, ipbanned=ipbanned)