def get_current_user(req):
ip = req.get('REMOTE_ADDR')
try:
current_user = Anon.get(Anon.ip == ip)
except:
anon = Anon(ip=ip, name=random_name())
anon.save()
current_user = anon
return current_user
def unban(board_name, name):
if f':{board_name}:' not in get_current_user(request).mod:
return abort(403, "You are not allowed to do this.")
form = dict(request.forms)
anon = Anon.get(Anon.name == name)
if bool(form.get("dall")):
Post.delete().where(Post.author_id == anon.id).execute()
if bool(form.get("unban")):
Anon.update(banned=False, ban_reason=None,
ban_date=None).where(Anon.name == name).execute()
return redirect(f'{basename}/{board_name}/mod')
def ban(board_name):
if f':{board_name}:' not in get_current_user(request).mod:
return abort(403, "You are not allowed to do this.")
form = dict(request.forms)
reason = form.get('reason')
user = form.get('user').strip()
Anon.update(banned=True,
ban_reason=reason,
ban_date=datetime.now().replace(microsecond=0)).where(
Anon.name == user).execute()
return redirect(f'{basename}/{board_name}/mod')
def del_board(board_name):
if check_admin(request) == 1:
return abort(403, "You are not allowed to do this.")
for anon in Anon.select().where(Anon.mod != ""):
anon.mod = anon.mod.replace(f':{board_name}:', '')
anon.save()
board = Board.get(Board.name == board_name)
Post.delete().where(Post.board_id == board.id).execute()
board.delete_instance()
board_directory(board_name, remove=True)
return redirect(f'{basename}/admin')
def add_mod():
if check_admin(request) == 1:
return abort(403, "You are not allowed to do this.")
user = request.forms.get("user").strip()
board = request.forms.get("board")
try:
anon = Anon.get(Anon.name == user)
except:
return abort(404, "User does not exist.")
if f':{board}:' not in anon.mod: anon.mod += ":" + board + ":"
anon.save()
return redirect(f'{basename}/admin')
def admin_panel():
current_user = get_current_user(request)
logged_cookie = request.get_cookie("logged")
if bool(logged_cookie):
if logged_cookie != config['admin.token']:
return redirect(f'{basename}/')
else:
return redirect(f'{basename}/')
return dict(boards=Board.select(),
current_user=current_user,
board_name=None,
mods=Anon.select().where(Anon.mod != ""),
basename=basename)
def mod():
if check_admin(request) == 1:
return abort(403, "You are not allowed to do this.")
user = request.forms.get("user").strip()
board = request.forms.get("board")
opts = request.forms
anon = Anon.get(Anon.name == user)
if bool(opts.get("add")) and f':{board}:' not in anon.mod:
anon.mod += f':{board}:'
if bool(opts.get("rm")): anon.mod = anon.mod.replace(f':{board}:', '')
if bool(opts.get("rmall")): anon.mod = ""
anon.save()
return redirect(f'{basename}/admin')
def reports(board_name):
try:
board = Board.get(Board.name == board_name)
except:
return abort(404, "This page doesn't exist.")
current_user = get_current_user(request)
if f':{board_name}:' not in current_user.mod:
return redirect(f'{basename}/{board_name}/')
report_reasons = loads(config['reports.reasons'])
return dict(board=board,
bans=Anon.select().where(Anon.banned == True),
current_user=current_user,
board_name=board_name,
reasons=report_reasons,
reports=board.reports,
basename=basename)