a3x/nyaa
1
0
Fork 0
mirror of https://gitlab.com/SIGBUS/nyaa.git synced 2024-11-01 03:25:55 +00:00
Code Issues Projects Releases Wiki Activity
nyaa/nyaa/views/torrents.py

498 lines
18 KiB
Python
Raw Normal View History

Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
import json
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
from ipaddress import ip_address
Move torrent magnet and torrent download into 'torrents' blueprint
2017-07-24 20:10:59 +00:00
from urllib.parse import quote
Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
import flask
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
from werkzeug.datastructures import CombinedMultiDict
Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
from sqlalchemy.orm import joinedload
Refactor into an app factory [2 of 2] (#322) * Replace all `from nyaa import app` imports with `app = flask.current_app` (or `from flask import current_app as app` where possible) * Add a separate config object for top-level and class statements as `nyaa.extensions.config` Required because those codes don't have app context at the time of evaluation/execution. * Remove `routes.py` file and register all blueprints in `nyaa/__init__.py` * Refactor `nyaa/__init__.py` into an app factory * Update tools * Update tests (temporary, will be replaced)
2017-08-01 18:02:08 +00:00
from nyaa import backend, forms, models, torrents
Prepare for app factory [1 of 2] (#315) * Move db, assets, debug toolbar and fix_paginate into nyaa.extensions * Change all `from nyaa import db` imports to `from nyaa.extensions import db` * Move `nyaa.torrents.create_magnet_from_es_info` context processor into template-utils blueprint * Fix tools (wrap in `with app.app_context():` where needed)
2017-07-30 17:35:16 +00:00
from nyaa.extensions import db
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
from nyaa.utils import cached_function
Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
Refactor into an app factory [2 of 2] (#322) * Replace all `from nyaa import app` imports with `app = flask.current_app` (or `from flask import current_app as app` where possible) * Add a separate config object for top-level and class statements as `nyaa.extensions.config` Required because those codes don't have app context at the time of evaluation/execution. * Remove `routes.py` file and register all blueprints in `nyaa/__init__.py` * Refactor `nyaa/__init__.py` into an app factory * Update tools * Update tests (temporary, will be replaced)
2017-08-01 18:02:08 +00:00
app = flask.current_app
Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
bp = flask.Blueprint('torrents', __name__)
@bp.route('/view/<int:torrent_id>', endpoint='view', methods=['GET', 'POST'])
def view_torrent(torrent_id):
if flask.request.method == 'POST':
torrent = models.Torrent.by_id(torrent_id)
else:
torrent = models.Torrent.query \
.options(joinedload('filelist'),
joinedload('comments')) \
.filter_by(id=torrent_id) \
.first()
if not torrent:
flask.abort(404)
# Only allow admins see deleted torrents
if torrent.deleted and not (flask.g.user and flask.g.user.is_moderator):
flask.abort(404)
comment_form = None
Implement comment locking (#439) * Implement comment locking This adds a new flags to torrents, which is only editable by moderators and admins. If checked, it does not allow unprivileged users to post, edit or delete comments on that torrent. * Rename "locked" to "comment_locked". * Shorter button and additional words on alt text * Admin log: Change comment locking message dude I love bikeshedding xd * Bikeshedding over admin log messages * >& Also some bikeshedding
2018-03-26 00:03:49 +00:00
if flask.g.user and (not torrent.comment_locked or flask.g.user.is_moderator):
Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
comment_form = forms.CommentForm()
if flask.request.method == 'POST':
Implement comment locking (#439) * Implement comment locking This adds a new flags to torrents, which is only editable by moderators and admins. If checked, it does not allow unprivileged users to post, edit or delete comments on that torrent. * Rename "locked" to "comment_locked". * Shorter button and additional words on alt text * Admin log: Change comment locking message dude I love bikeshedding xd * Bikeshedding over admin log messages * >& Also some bikeshedding
2018-03-26 00:03:49 +00:00
if not comment_form:
Move /view/<int:torrent_id> route into 'torrents' blueprint and update templates.
2017-07-10 22:00:03 +00:00
flask.abort(403)
if comment_form.validate():
comment_text = (comment_form.comment.data or '').strip()
comment = models.Comment(
torrent_id=torrent_id,
user_id=flask.g.user.id,
text=comment_text)
db.session.add(comment)
db.session.flush()
torrent_count = torrent.update_comment_count()
db.session.commit()
flask.flash('Comment successfully posted.', 'success')
return flask.redirect(flask.url_for('torrents.view',
torrent_id=torrent_id,
_anchor='com-' + str(torrent_count)))
# Only allow owners and admins to edit torrents
can_edit = flask.g.user and (flask.g.user is torrent.user or flask.g.user.is_moderator)
files = None
if torrent.filelist:
files = json.loads(torrent.filelist.filelist_blob.decode('utf-8'))
report_form = forms.ReportForm()
return flask.render_template('view.html', torrent=torrent,
files=files,
comment_form=comment_form,
comments=torrent.comments,
can_edit=can_edit,
report_form=report_form)
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
@bp.route('/view/<int:torrent_id>/edit', endpoint='edit', methods=['GET', 'POST'])
def edit_torrent(torrent_id):
torrent = models.Torrent.by_id(torrent_id)
form = forms.EditForm(flask.request.form)
form.category.choices = _create_upload_category_choices()
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
delete_form = forms.DeleteForm()
ban_form = None
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
editor = flask.g.user
if not torrent:
flask.abort(404)
# Only allow admins edit deleted torrents
if torrent.deleted and not (editor and editor.is_moderator):
flask.abort(404)
# Only allow torrent owners or admins edit torrents
if not editor or not (editor is torrent.user or editor.is_moderator):
flask.abort(403)
Fix banning anonymous torrents We miss ye, testing
2017-08-25 23:36:38 +00:00
torrent_user_level = torrent.user and torrent.user.level
minor changes
2017-08-31 12:19:22 +00:00
if editor and editor.is_moderator and \
(torrent_user_level is None or editor.level > torrent_user_level):
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
ban_form = forms.BanForm()
if flask.request.method == 'POST' and form.submit.data and form.validate():
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
# Form has been sent, edit torrent with data.
torrent.main_category_id, torrent.sub_category_id = \
form.category.parsed_data.get_category_ids()
upload/edit: sanitize some string fields This commit introduces a regex to replace illegal (expectedly unused) characters from torrent display name, information link and description upon upload or edit. Fixes #541
2019-01-15 00:16:10 +00:00
torrent.display_name = backend.sanitize_string((form.display_name.data or '').strip())
torrent.information = backend.sanitize_string((form.information.data or '').strip())
torrent.description = backend.sanitize_string((form.description.data or '').strip())
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
torrent.hidden = form.is_hidden.data
torrent.remake = form.is_remake.data
torrent.complete = form.is_complete.data
torrent.anonymous = form.is_anonymous.data
if editor.is_trusted:
torrent.trusted = form.is_trusted.data
Implement comment locking (#439) * Implement comment locking This adds a new flags to torrents, which is only editable by moderators and admins. If checked, it does not allow unprivileged users to post, edit or delete comments on that torrent. * Rename "locked" to "comment_locked". * Shorter button and additional words on alt text * Admin log: Change comment locking message dude I love bikeshedding xd * Bikeshedding over admin log messages * >& Also some bikeshedding
2018-03-26 00:03:49 +00:00
if editor.is_moderator:
locked_changed = torrent.comment_locked != form.is_comment_locked.data
torrent.comment_locked = form.is_comment_locked.data
url = flask.url_for('torrents.view', torrent_id=torrent.id)
if editor.is_moderator and locked_changed:
log = "Torrent [#{0}]({1}) marked as {2}".format(
torrent.id, url,
"comments locked" if torrent.comment_locked else "comments unlocked")
adminlog = models.AdminLog(log=log, admin_id=editor.id)
db.session.add(adminlog)
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
db.session.commit()
flask.flash(flask.Markup(
'Torrent has been successfully edited! Changes might take a few minutes to show up.'),
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
'success')
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
Remove deprecated torrent delete code.
2018-02-16 18:58:31 +00:00
url = flask.url_for('torrents.view', torrent_id=torrent.id)
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
return flask.redirect(url)
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
elif flask.request.method == 'POST' and delete_form.validate() and \
(not ban_form or ban_form.validate()):
return _delete_torrent(torrent, delete_form, ban_form)
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
else:
if flask.request.method != 'POST':
# Fill form data only if the POST didn't fail
form.category.data = torrent.sub_category.id_as_string
form.display_name.data = torrent.display_name
form.information.data = torrent.information
form.description.data = torrent.description
form.is_hidden.data = torrent.hidden
form.is_remake.data = torrent.remake
form.is_complete.data = torrent.complete
form.is_anonymous.data = torrent.anonymous
form.is_trusted.data = torrent.trusted
Implement comment locking (#439) * Implement comment locking This adds a new flags to torrents, which is only editable by moderators and admins. If checked, it does not allow unprivileged users to post, edit or delete comments on that torrent. * Rename "locked" to "comment_locked". * Shorter button and additional words on alt text * Admin log: Change comment locking message dude I love bikeshedding xd * Bikeshedding over admin log messages * >& Also some bikeshedding
2018-03-26 00:03:49 +00:00
form.is_comment_locked.data = torrent.comment_locked
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
ipbanned = None
if editor.is_moderator:
Fix banning torrents without uploader ip Pretty much just for archived torrents
2017-08-25 23:52:59 +00:00
torrent_ip_banned = True
user_ip_banned = True
# Archived torrents do not have a null uploader_ip
if torrent.uploader_ip:
torrent_ip_banned = models.Ban.banned(None, torrent.uploader_ip).first()
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
if torrent.user:
Fix banning torrents without uploader ip Pretty much just for archived torrents
2017-08-25 23:52:59 +00:00
user_ip_banned = models.Ban.banned(None, torrent.user.last_login_ip).first()
ipbanned = (torrent_ip_banned and user_ip_banned)
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
return flask.render_template('edit.html',
form=form,
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
delete_form=delete_form,
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
ban_form=ban_form,
torrent=torrent,
ipbanned=ipbanned)
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
def _delete_torrent(torrent, form, banform):
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
editor = flask.g.user
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
uploader = torrent.user
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
# Only allow admins edit deleted torrents
if torrent.deleted and not (editor and editor.is_moderator):
flask.abort(404)
action = None
url = flask.url_for('main.home')
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
ban_torrent = form.ban.data
if banform:
ban_torrent = ban_torrent or banform.ban_user.data or banform.ban_userip.data
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
if form.delete.data and not torrent.deleted:
action = 'deleted'
torrent.deleted = True
db.session.add(torrent)
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
elif ban_torrent and not torrent.banned and editor.is_moderator:
Integrate tracker API for torrent ban/unban
2017-08-06 21:55:45 +00:00
action = 'banned'
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
torrent.banned = True
if not torrent.deleted:
torrent.deleted = True
action = 'deleted and banned'
site-specific changes for new tracker (#453)
2018-02-12 23:52:35 +00:00
db.session.add(models.TrackerApi(torrent.info_hash, 'remove'))
fix two bugs and a minor issue
2018-04-02 20:06:41 +00:00
torrent.stats.seed_count = 0
torrent.stats.leech_count = 0
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
db.session.add(torrent)
elif form.undelete.data and torrent.deleted:
action = 'undeleted'
torrent.deleted = False
Integrate tracker API for torrent ban/unban
2017-08-06 21:55:45 +00:00
if torrent.banned:
action = 'undeleted and unbanned'
torrent.banned = False
site-specific changes for new tracker (#453)
2018-02-12 23:52:35 +00:00
db.session.add(models.TrackerApi(torrent.info_hash, 'insert'))
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
db.session.add(torrent)
elif form.unban.data and torrent.banned:
action = 'unbanned'
torrent.banned = False
site-specific changes for new tracker (#453)
2018-02-12 23:52:35 +00:00
db.session.add(models.TrackerApi(torrent.info_hash, 'insert'))
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
db.session.add(torrent)
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
if not action and not ban_torrent:
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
flask.flash(flask.Markup('What the fuck are you doing?'), 'danger')
return flask.redirect(flask.url_for('torrents.edit', torrent_id=torrent.id))
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
if action and editor.is_moderator:
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
url = flask.url_for('torrents.view', torrent_id=torrent.id)
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
if editor is not uploader:
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
log = "Torrent [#{0}]({1}) has been {2}".format(torrent.id, url, action)
adminlog = models.AdminLog(log=log, admin_id=editor.id)
db.session.add(adminlog)
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
if action:
db.session.commit()
flask.flash(flask.Markup('Torrent has been successfully {0}.'.format(action)), 'success')
if not banform or not (banform.ban_user.data or banform.ban_userip.data):
return flask.redirect(url)
if banform.ban_userip.data:
tbanned = models.Ban.banned(None, torrent.uploader_ip).first()
ubanned = True
if uploader:
ubanned = models.Ban.banned(None, uploader.last_login_ip).first()
ipbanned = (tbanned and ubanned)
if (banform.ban_user.data and (not uploader or uploader.is_banned)) or \
(banform.ban_userip.data and ipbanned):
flask.flash(flask.Markup('What the fuck are you doing?'), 'danger')
return flask.redirect(flask.url_for('torrents.edit', torrent_id=torrent.id))
flavor = "Nyaa" if app.config['SITE_FLAVOR'] == 'nyaa' else "Sukebei"
eurl = flask.url_for('torrents.view', torrent_id=torrent.id, _external=True)
reason = "[{0}#{1}]({2}) {3}".format(flavor, torrent.id, eurl, banform.reason.data)
ban1 = models.Ban(admin_id=editor.id, reason=reason)
ban2 = models.Ban(admin_id=editor.id, reason=reason)
db.session.add(ban1)
if uploader:
uploader.status = models.UserStatusType.BANNED
db.session.add(uploader)
ban1.user_id = uploader.id
ban2.user_id = uploader.id
if banform.ban_userip.data:
if not ubanned:
ban1.user_ip = ip_address(uploader.last_login_ip)
if not tbanned:
uploader_ip = ip_address(torrent.uploader_ip)
if ban1.user_ip != uploader_ip:
ban2.user_ip = uploader_ip
db.session.add(ban2)
else:
ban1.user_ip = ip_address(torrent.uploader_ip)
uploader_str = "Anonymous"
if uploader:
uploader_url = flask.url_for('users.view_user', user_name=uploader.username)
uploader_str = "[{0}]({1})".format(uploader.username, uploader_url)
if ban1.user_ip:
uploader_str += " IP({0})".format(ban1.user_ip)
ban1.user_ip = ban1.user_ip.packed
if ban2.user_ip:
uploader_str += " IP({0})".format(ban2.user_ip)
ban2.user_ip = ban2.user_ip.packed
log = "Uploader {0} of torrent [#{1}]({2}) has been banned.".format(
uploader_str, torrent.id, flask.url_for('torrents.view', torrent_id=torrent.id), action)
adminlog = models.AdminLog(log=log, admin_id=editor.id)
db.session.add(adminlog)
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
db.session.commit()
Better bans (#341) * better bans * put jinja2 template into correct file
2017-08-25 22:53:35 +00:00
flask.flash(flask.Markup('Uploader has been successfully banned.'), 'success')
Expose soft delete to users and allow reuploading of deleted torrents. (#331) Add banning torrents for moderators which disallows reuploading. New delete UI.
2017-08-05 19:41:59 +00:00
return flask.redirect(url)
Move torrent magnet and torrent download into 'torrents' blueprint
2017-07-24 20:10:59 +00:00
@bp.route('/view/<int:torrent_id>/magnet')
def redirect_magnet(torrent_id):
torrent = models.Torrent.by_id(torrent_id)
if not torrent:
flask.abort(404)
return flask.redirect(torrents.create_magnet(torrent))
@bp.route('/view/<int:torrent_id>/torrent')
@bp.route('/download/<int:torrent_id>.torrent', endpoint='download')
def download_torrent(torrent_id):
torrent = models.Torrent.by_id(torrent_id)
if not torrent or not torrent.has_torrent:
flask.abort(404)
torrents: don't allow download of deleted torrents (#399) Only allow moderators to download torrent files that are deleted.
2017-11-03 16:54:08 +00:00
if torrent.deleted and not (flask.g.user and flask.g.user.is_moderator):
flask.abort(404)
Move bencoded info dicts from mysql torrent_info table to info_dict directory. DB change! IMPORTANT!!! Make sure to run utils/infodict_mysql2file.py before upgrading the database.
2017-08-29 00:17:39 +00:00
torrent_file, torrent_file_size = _make_torrent_file(torrent)
Change torrent Content-Disposition back to inline As per comments in #288, Firefox forces a "what do you want to do with this"-dialog for 'attachment' even when it's set to open them immediately in another program.
2017-08-03 08:28:21 +00:00
disposition = 'inline; filename="{0}"; filename*=UTF-8\'\'{0}'.format(
Move torrent magnet and torrent download into 'torrents' blueprint
2017-07-24 20:10:59 +00:00
quote(torrent.torrent_name.encode('utf-8')))
resp = flask.Response(torrent_file)
resp.headers['Content-Type'] = 'application/x-bittorrent'
resp.headers['Content-Disposition'] = disposition
resp.headers['Content-Length'] = torrent_file_size
return resp
[Schema+config change] Comment editing (#396) * Comment editing * Optional time limit for comment editing
2017-11-05 14:26:30 +00:00
@bp.route('/view/<int:torrent_id>/comment/<int:comment_id>/edit', methods=['POST'])
def edit_comment(torrent_id, comment_id):
if not flask.g.user:
flask.abort(403)
torrent = models.Torrent.by_id(torrent_id)
if not torrent:
flask.abort(404)
comment = models.Comment.query.get(comment_id)
if not comment:
flask.abort(404)
if not comment.user.id == flask.g.user.id:
flask.abort(403)
Implement comment locking (#439) * Implement comment locking This adds a new flags to torrents, which is only editable by moderators and admins. If checked, it does not allow unprivileged users to post, edit or delete comments on that torrent. * Rename "locked" to "comment_locked". * Shorter button and additional words on alt text * Admin log: Change comment locking message dude I love bikeshedding xd * Bikeshedding over admin log messages * >& Also some bikeshedding
2018-03-26 00:03:49 +00:00
if torrent.comment_locked and not flask.g.user.is_moderator:
flask.abort(403)
[Schema+config change] Comment editing (#396) * Comment editing * Optional time limit for comment editing
2017-11-05 14:26:30 +00:00
if comment.editing_limit_exceeded:
flask.abort(flask.make_response(flask.jsonify(
{'error': 'Editing time limit exceeded.'}), 400))
form = forms.CommentForm(flask.request.form)
if not form.validate():
fix two bugs and a minor issue
2018-04-02 20:06:41 +00:00
error_str = ' '.join(form.errors)
[Schema+config change] Comment editing (#396) * Comment editing * Optional time limit for comment editing
2017-11-05 14:26:30 +00:00
flask.abort(flask.make_response(flask.jsonify({'error': error_str}), 400))
comment.text = form.comment.data
db.session.commit()
return flask.jsonify({'comment': comment.text})
Move delete_comment and submit_report into blueprint
2017-07-24 20:15:45 +00:00
@bp.route('/view/<int:torrent_id>/comment/<int:comment_id>/delete', methods=['POST'])
def delete_comment(torrent_id, comment_id):
if not flask.g.user:
flask.abort(403)
torrent = models.Torrent.by_id(torrent_id)
if not torrent:
flask.abort(404)
comment = models.Comment.query.filter_by(id=comment_id).first()
if not comment:
flask.abort(404)
New help section for IRC and some prod changes I never put in the repo because lazy.
2018-02-23 07:23:53 +00:00
if not (comment.user.id == flask.g.user.id or flask.g.user.is_superadmin):
Move delete_comment and submit_report into blueprint
2017-07-24 20:15:45 +00:00
flask.abort(403)
Comment deletion: fix small lack of validation (#395) People could delete their own comments on torrents other than the one the URL would indicate, which meant they could mess with the total comment count on a torrent by having it be higher than it actually is through repeatedly posting and deleting comments that way. However, they could only ever delete their own comments, so this isn't a huge issue in the first place.
2017-10-29 18:01:19 +00:00
if torrent_id != comment.torrent_id:
flask.abort(400)
Implement comment locking (#439) * Implement comment locking This adds a new flags to torrents, which is only editable by moderators and admins. If checked, it does not allow unprivileged users to post, edit or delete comments on that torrent. * Rename "locked" to "comment_locked". * Shorter button and additional words on alt text * Admin log: Change comment locking message dude I love bikeshedding xd * Bikeshedding over admin log messages * >& Also some bikeshedding
2018-03-26 00:03:49 +00:00
if torrent.comment_locked and not flask.g.user.is_moderator:
flask.abort(403)
Commit editing time
2018-04-02 20:18:39 +00:00
if comment.editing_limit_exceeded and not flask.g.user.is_superadmin:
flask.abort(403)
Move delete_comment and submit_report into blueprint
2017-07-24 20:15:45 +00:00
db.session.delete(comment)
db.session.flush()
torrent.update_comment_count()
url = flask.url_for('torrents.view', torrent_id=torrent.id)
if flask.g.user.is_moderator:
log = "Comment deleted on torrent [#{}]({})".format(torrent.id, url)
adminlog = models.AdminLog(log=log, admin_id=flask.g.user.id)
db.session.add(adminlog)
db.session.commit()
flask.flash('Comment successfully deleted.', 'success')
return flask.redirect(url)
@bp.route('/view/<int:torrent_id>/submit_report', endpoint='report', methods=['POST'])
def submit_report(torrent_id):
New help section for IRC and some prod changes I never put in the repo because lazy.
2018-02-23 07:23:53 +00:00
if not flask.g.user or flask.g.user.age < app.config['RATELIMIT_ACCOUNT_AGE']:
Move delete_comment and submit_report into blueprint
2017-07-24 20:15:45 +00:00
flask.abort(403)
form = forms.ReportForm(flask.request.form)
Don't submit reports for already banned torrents (#448) If users kept their page open for a while before reporting a torrent, and mods got it in the meantime, users could still submit reports for that torrent. This is silly and really doesn't need to happen.
2018-02-08 20:12:54 +00:00
torrent = models.Torrent.by_id(torrent_id)
if not torrent:
flask.abort(404)
if torrent.banned:
flask.flash("The torrent you've tried to report is already banned.", 'danger')
flask.abort(404)
Move delete_comment and submit_report into blueprint
2017-07-24 20:15:45 +00:00
if flask.request.method == 'POST' and form.validate():
report_reason = form.reason.data
current_user_id = flask.g.user.id
report = models.Report(
torrent_id=torrent_id,
user_id=current_user_id,
reason=report_reason)
db.session.add(report)
db.session.commit()
flask.flash('Successfully reported torrent!', 'success')
Disable report button on empty reason (#374) Previously, people couldn't quite tell you needed to give a report reason. Now we disable the submit button until there is a reason, and flask.flash() if someone manages to submit an empty reason anyway.
2017-10-04 00:03:22 +00:00
elif len(form.reason.data) == 0:
flask.flash('Please give a report reason!', 'danger')
Move delete_comment and submit_report into blueprint
2017-07-24 20:15:45 +00:00
return flask.redirect(flask.url_for('torrents.view', torrent_id=torrent_id))
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
@bp.route('/upload', methods=['GET', 'POST'])
def upload():
upload_form = forms.UploadForm(CombinedMultiDict((flask.request.files, flask.request.form)))
upload_form.category.choices = _create_upload_category_choices()
[Config change] Upload ratelimit for non-trusted uploaders (#384) * Implement upload ratelimit for non-trusted uploaders Users may upload X torrents in Y minutes after which they will have to wait Z minutes between uploads. * Show torrent period count when ratelimited * Only ratelimit new accounts
2017-10-10 01:41:18 +00:00
show_ratelimit = False
next_upload_time = None
ratelimit_count = 0
# Anonymous uploaders and non-trusted uploaders
no_or_new_account = (not flask.g.user
or (flask.g.user.age < app.config['RATELIMIT_ACCOUNT_AGE']
and not flask.g.user.is_trusted))
if app.config['RATELIMIT_UPLOADS'] and no_or_new_account:
now, ratelimit_count, next_upload_time = backend.check_uploader_ratelimit(flask.g.user)
show_ratelimit = ratelimit_count >= app.config['MAX_UPLOAD_BURST']
next_upload_time = next_upload_time if next_upload_time > now else None
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
if flask.request.method == 'POST' and upload_form.validate():
Add (optional) validation for minimum anonymous torrent size (#342) MINIMUM_ANONYMOUS_TORRENT_SIZE can be used to require a minimum total size of torrents uploaded by anonymous users (ie. without accounts). Sets up a "framework" for post-WTForm torrent validation as well; this can easily be extended into filename blacklists and such.
2017-08-20 00:48:08 +00:00
try:
torrent = backend.handle_torrent_upload(upload_form, flask.g.user)
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
Add (optional) validation for minimum anonymous torrent size (#342) MINIMUM_ANONYMOUS_TORRENT_SIZE can be used to require a minimum total size of torrents uploaded by anonymous users (ie. without accounts). Sets up a "framework" for post-WTForm torrent validation as well; this can easily be extended into filename blacklists and such.
2017-08-20 00:48:08 +00:00
return flask.redirect(flask.url_for('torrents.view', torrent_id=torrent.id))
except backend.TorrentExtraValidationException:
pass
# If we get here with a POST, it means the form data was invalid: return a non-okay status
status_code = 400 if flask.request.method == 'POST' else 200
[Config change] Upload ratelimit for non-trusted uploaders (#384) * Implement upload ratelimit for non-trusted uploaders Users may upload X torrents in Y minutes after which they will have to wait Z minutes between uploads. * Show torrent period count when ratelimited * Only ratelimit new accounts
2017-10-10 01:41:18 +00:00
return flask.render_template('upload.html',
upload_form=upload_form,
show_ratelimit=show_ratelimit,
ratelimit_count=ratelimit_count,
next_upload_time=next_upload_time), status_code
Move torrent edit and upload into 'torrents' blueprint Move supporting functions and variables into other files * nyaa.views.torrents: - _create_upload_category_choices * nyaa.backend: - get_category_id_map
2017-07-24 20:10:36 +00:00
@cached_function
def _create_upload_category_choices():
''' Turns categories in the database into a list of (id, name)s '''
choices = [('', '[Select a category]')]
id_map = backend.get_category_id_map()
for key in sorted(id_map.keys()):
cat_names = id_map[key]
is_main_cat = key.endswith('_0')
# cat_name = is_main_cat and cat_names[0] or (' - ' + cat_names[1])
cat_name = ' - '.join(cat_names)
choices.append((key, cat_name, is_main_cat))
return choices
Move torrent magnet and torrent download into 'torrents' blueprint
2017-07-24 20:10:59 +00:00
Move bencoded info dicts from mysql torrent_info table to info_dict directory. DB change! IMPORTANT!!! Make sure to run utils/infodict_mysql2file.py before upgrading the database.
2017-08-29 00:17:39 +00:00
def _make_torrent_file(torrent):
Name fixes, DRY
2017-08-30 16:20:02 +00:00
with open(torrent.info_dict_path, 'rb') as in_file:
bencoded_info = in_file.read()
Move torrent magnet and torrent download into 'torrents' blueprint
2017-07-24 20:10:59 +00:00
Name fixes, DRY
2017-08-30 16:20:02 +00:00
bencoded_torrent_data = torrents.create_bencoded_torrent(torrent, bencoded_info)
Move bencoded info dicts from mysql torrent_info table to info_dict directory. DB change! IMPORTANT!!! Make sure to run utils/infodict_mysql2file.py before upgrading the database.
2017-08-29 00:17:39 +00:00
Name fixes, DRY
2017-08-30 16:20:02 +00:00
return bencoded_torrent_data, len(bencoded_torrent_data)
Reference in a new issue Copy permalink