From 6d608ab2f480b3778812bdaec4aa6cdf1e1b8d68 Mon Sep 17 00:00:00 2001
From: Sn0wCrack <snowcrack123@gmail.com>
Date: Sat, 13 May 2017 22:24:42 +1000
Subject: [PATCH 1/9] Added comments

---
 nyaa/forms.py            |  7 ++++++
 nyaa/models.py           | 19 ++++++++++++++-
 nyaa/routes.py           | 32 +++++++++++++++++++++++++
 nyaa/templates/view.html | 51 ++++++++++++++++++++++++++++++++++++++++
 4 files changed, 108 insertions(+), 1 deletion(-)

diff --git a/nyaa/forms.py b/nyaa/forms.py
index 1a61706..a440092 100644
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@@ -126,6 +126,13 @@ class DisabledSelectField(SelectField):
             raise ValueError(self.gettext('Not a valid choice'))
 
 
+class CommentForm(FlaskForm):
+    comment = TextAreaField('Make a comment', [
+        Length(max=255, message='Comment must be at most %(max)d characters long.'),
+        Required()
+    ])
+
+
 class EditForm(FlaskForm):
     display_name = StringField('Torrent display name', [
         Length(min=3, max=255,
diff --git a/nyaa/models.py b/nyaa/models.py
index 07f75da..1cb8824 100644
--- a/nyaa/models.py
+++ b/nyaa/models.py
@@ -317,6 +317,22 @@ class SubCategory(db.Model):
         return cls.query.get((sub_cat_id, main_cat_id))
 
 
+class Comment(db.Model):
+    __tablename__ = DB_TABLE_PREFIX + 'comments'
+
+    id = db.Column(db.Integer, primary_key=True)
+    torrent = db.Column(db.Integer, db.ForeignKey(
+        DB_TABLE_PREFIX + 'torrents.id'), primary_key=True)
+    user_id = db.Column(db.Integer, db.ForeignKey(
+        'users.id', ondelete='CASCADE'))
+    text = db.Column(db.String(length=255), nullable=False)
+
+    user = db.relationship('User', uselist=False, back_populates='comments')
+
+    def __repr__(self):
+        return '<Comment %r>' % self.id
+
+
 class UserLevelType(IntEnum):
     REGULAR = 0
     TRUSTED = 1
@@ -346,7 +362,8 @@ class User(db.Model):
     last_login_date = db.Column(db.DateTime(timezone=False), default=None, nullable=True)
     last_login_ip = db.Column(db.Binary(length=16), default=None, nullable=True)
 
-    torrents = db.relationship('Torrent', back_populates='user', lazy="dynamic")
+    torrents = db.relationship('Torrent', back_populates='user', lazy='dynamic')
+    comments = db.relationship('Comment', back_populates='user', lazy='dynamic')
     # session = db.relationship('Session', uselist=False, back_populates='user')
 
     def __init__(self, username, email, password):
diff --git a/nyaa/routes.py b/nyaa/routes.py
index cc2c508..bc43e4c 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -573,6 +573,7 @@ def upload():
 @app.route('/view/<int:torrent_id>')
 def view_torrent(torrent_id):
     torrent = models.Torrent.by_id(torrent_id)
+    form = forms.CommentForm()
 
     viewer = flask.g.user
 
@@ -590,12 +591,43 @@ def view_torrent(torrent_id):
     if torrent.filelist:
         files = json.loads(torrent.filelist.filelist_blob.decode('utf-8'))
 
+    if flask.g.user is not None and flask.g.user.is_admin:
+        comments = models.Comment.query.filter(models.Comment.torrent == torrent_id)
+    else:
+        comments = models.Comment.query.filter(models.Comment.torrent == torrent_id,
+                                               models.Comment.deleted == False)
+
+    comment_count = comments.count()
+
     return flask.render_template('view.html', torrent=torrent,
                                  files=files,
                                  viewer=viewer,
+                                 form=form,
+                                 comments=comments,
+                                 comment_count=comment_count,
                                  can_edit=can_edit)
 
 
+@app.route('/view/<int:torrent_id>/submit_comment', methods=['POST'])
+def submit_comment(torrent_id):
+    form = forms.CommentForm(flask.request.form)
+
+    if flask.request.method == 'POST' and form.validate():
+        comment_text = (form.comment.data or '').strip()
+
+        # Null entry for User just means Anonymous
+        current_user_id = flask.g.user.id if flask.g.user else None
+        comment = models.Comment(
+            torrent=torrent_id,
+            user_id=current_user_id,
+            text=comment_text)
+
+        db.session.add(comment)
+        db.session.commit()
+
+    return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
+
+
 @app.route('/view/<int:torrent_id>/edit', methods=['GET', 'POST'])
 def edit_torrent(torrent_id):
     torrent = models.Torrent.by_id(torrent_id)
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index e32fc7d..658402e 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -1,6 +1,7 @@
 {% extends "layout.html" %}
 {% block title %}{{ torrent.display_name }} :: {{ config.SITE_NAME }}{% endblock %}
 {% block body %}
+{% from "_formhelpers.html" import render_field %}
 <div class="panel panel-{% if torrent.deleted %}deleted{% elif torrent.remake %}danger{% elif torrent.trusted %}success{% else %}default{% endif %}">
 	<div class="panel-heading"{% if torrent.hidden %} style="background-color: darkgray;"{% endif %}>
 		<h3 class="panel-title">
@@ -129,6 +130,56 @@
 </div>
 {% endif %}
 
+<div class="panel panel-default">
+	<div class="panel-heading">
+		<h3 class="panel-title">
+			Comments - {{ comment_count }}
+		</h3>
+	</div>
+	<div class="panel-collapse">
+        <table class="table table-bordered table-striped">
+            <thead>
+				{% if g.user.is_admin %}
+				<th style="width:auto;">Delete</th>
+				{% endif %}
+                <th style="width:auto;">User</th>
+                <th style="width:100%;">Comment</th>
+            </thead>
+            <tbody>
+				{% for comment in comments %}
+				<tr>
+					{% if g.user.is_admin %}
+					<td class="col-md-1">
+						{% if not comment.deleted %}
+						<a href="/"><i class="fa fa-ban"></i></a>
+						{% else %}
+						<a href="/"><i class="fa fa-circle-o"></i></a>
+						{% endif %}
+					</td>
+					{% endif %}
+					<td class="col-md-1">
+						{% if comment.user %}
+						<a href="{{ url_for('view_user', user_name=comment.user.username) }}">
+							{{ comment.user.username }}
+						</a>
+						{% else %}
+						<span>Anonymous</span>
+						{% endif %}
+					</td>
+					<td class="col-md-10">{{ comment.text }}</td>
+				</tr>
+				{% endfor %}
+            <tbody>
+        </table>
+	</div>
+</div>
+
+<form method="POST" action="{{ request.url }}/submit_comment">
+	{{ form.csrf_token }}
+	{{ render_field(form.comment, class_='form-control') }}
+	<input type="submit" value="Submit" class="btn btn-primary">
+</form>
+
 <script>
 	var target = document.getElementById('torrent-description');
 	var text = target.innerHTML;

From 1a9ebc19ed1e597857c2b9e14ecd73c39ca07664 Mon Sep 17 00:00:00 2001
From: Sn0wCrack <snowcrack123@gmail.com>
Date: Sun, 14 May 2017 09:52:57 +1000
Subject: [PATCH 2/9] Added hard delete functionality

---
 nyaa/routes.py           | 17 +++++++++++------
 nyaa/templates/view.html |  6 +-----
 2 files changed, 12 insertions(+), 11 deletions(-)

diff --git a/nyaa/routes.py b/nyaa/routes.py
index bc43e4c..cd97e56 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -591,12 +591,7 @@ def view_torrent(torrent_id):
     if torrent.filelist:
         files = json.loads(torrent.filelist.filelist_blob.decode('utf-8'))
 
-    if flask.g.user is not None and flask.g.user.is_admin:
-        comments = models.Comment.query.filter(models.Comment.torrent == torrent_id)
-    else:
-        comments = models.Comment.query.filter(models.Comment.torrent == torrent_id,
-                                               models.Comment.deleted == False)
-
+    comments = models.Comment.query.filter_by(torrent=torrent_id)
     comment_count = comments.count()
 
     return flask.render_template('view.html', torrent=torrent,
@@ -627,6 +622,16 @@ def submit_comment(torrent_id):
 
     return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
 
+@app.route('/view/<int:torrent_id>/delete_comment/<int:comment_id>')
+def delete_comment(torrent_id, comment_id):
+    if flask.g.user is not None and flask.g.user.is_admin:
+        models.Comment.query.filter_by(id=comment_id).delete()
+        db.session.commit()
+    else:
+        flask.abort(403)
+    
+    return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))     
+
 
 @app.route('/view/<int:torrent_id>/edit', methods=['GET', 'POST'])
 def edit_torrent(torrent_id):
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index 658402e..0dc90a9 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -150,11 +150,7 @@
 				<tr>
 					{% if g.user.is_admin %}
 					<td class="col-md-1">
-						{% if not comment.deleted %}
-						<a href="/"><i class="fa fa-ban"></i></a>
-						{% else %}
-						<a href="/"><i class="fa fa-circle-o"></i></a>
-						{% endif %}
+						<a href="{{ url_for('delete_comment', torrent_id=torrent.id, comment_id=comment.id )}}"><i class="fa fa-ban"></i></a>
 					</td>
 					{% endif %}
 					<td class="col-md-1">

From fe6abf33c1054cc2200a766f25c8b75691d9ef18 Mon Sep 17 00:00:00 2001
From: Sn0wCrack <snowcrack123@gmail.com>
Date: Mon, 15 May 2017 17:38:03 +1000
Subject: [PATCH 3/9] Added ability for users to leave anonymous comments

---
 nyaa/forms.py            | 2 ++
 nyaa/routes.py           | 6 +++++-
 nyaa/templates/view.html | 1 +
 3 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/nyaa/forms.py b/nyaa/forms.py
index a440092..1fec2ee 100644
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@@ -132,6 +132,8 @@ class CommentForm(FlaskForm):
         Required()
     ])
 
+    is_anonymous = BooleanField('Anonymous')
+
 
 class EditForm(FlaskForm):
     display_name = StringField('Torrent display name', [
diff --git a/nyaa/routes.py b/nyaa/routes.py
index cd97e56..82aa062 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -611,7 +611,11 @@ def submit_comment(torrent_id):
         comment_text = (form.comment.data or '').strip()
 
         # Null entry for User just means Anonymous
-        current_user_id = flask.g.user.id if flask.g.user else None
+        if flask.g.user is None or form.is_anonymous.data:
+            current_user_id = None
+        else:
+            current_user_id = flask.g.user.id
+            
         comment = models.Comment(
             torrent=torrent_id,
             user_id=current_user_id,
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index 0dc90a9..4ed7c8d 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -173,6 +173,7 @@
 <form method="POST" action="{{ request.url }}/submit_comment">
 	{{ form.csrf_token }}
 	{{ render_field(form.comment, class_='form-control') }}
+	{{ render_field(form.is_anonymous) }}
 	<input type="submit" value="Submit" class="btn btn-primary">
 </form>
 

From c3a637c8eb61ca3841b262f30257d6b5ec01e0ee Mon Sep 17 00:00:00 2001
From: Sn0wCrack <snowcrack123@gmail.com>
Date: Tue, 16 May 2017 13:00:36 +1000
Subject: [PATCH 4/9] Added date column t o comments

---
 nyaa/models.py           | 6 ++++++
 nyaa/templates/view.html | 4 +++-
 2 files changed, 9 insertions(+), 1 deletion(-)

diff --git a/nyaa/models.py b/nyaa/models.py
index 1cb8824..a048edd 100644
--- a/nyaa/models.py
+++ b/nyaa/models.py
@@ -325,6 +325,7 @@ class Comment(db.Model):
         DB_TABLE_PREFIX + 'torrents.id'), primary_key=True)
     user_id = db.Column(db.Integer, db.ForeignKey(
         'users.id', ondelete='CASCADE'))
+    created_time = db.Column(db.DateTime(timezone=False), default=datetime.utcnow)
     text = db.Column(db.String(length=255), nullable=False)
 
     user = db.relationship('User', uselist=False, back_populates='comments')
@@ -332,6 +333,11 @@ class Comment(db.Model):
     def __repr__(self):
         return '<Comment %r>' % self.id
 
+    @property
+    def created_utc_timestamp(self):
+        ''' Returns a UTC POSIX timestamp, as seconds '''
+        return (self.created_time - UTC_EPOCH).total_seconds()
+
 
 class UserLevelType(IntEnum):
     REGULAR = 0
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index 4ed7c8d..8ba96d6 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -142,6 +142,7 @@
 				{% if g.user.is_admin %}
 				<th style="width:auto;">Delete</th>
 				{% endif %}
+				<th style="width:auto;">Date</th>
                 <th style="width:auto;">User</th>
                 <th style="width:100%;">Comment</th>
             </thead>
@@ -162,7 +163,8 @@
 						<span>Anonymous</span>
 						{% endif %}
 					</td>
-					<td class="col-md-10">{{ comment.text }}</td>
+					<td class="col-md-1" data-timestamp="{{ torrent.created_utc_timestamp|int }}">{{ torrent.created_time.strftime('%Y-%m-%d %H:%M UTC') }}</td>
+					<td class="col-md-9">{{ comment.text }}</td>
 				</tr>
 				{% endfor %}
             <tbody>

From 9bd71af1b21faff1204cc23a69a2f8d9b005641a Mon Sep 17 00:00:00 2001
From: martstern <martstern@waifu.club>
Date: Mon, 22 May 2017 10:18:22 -0400
Subject: [PATCH 5/9] only allow logged in users to comment

---
 nyaa/templates/view.html | 79 +++++++++++++++++++++++-----------------
 1 file changed, 45 insertions(+), 34 deletions(-)

diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index 8ba96d6..68471d7 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -136,48 +136,59 @@
 			Comments - {{ comment_count }}
 		</h3>
 	</div>
-	<div class="panel-collapse">
-        <table class="table table-bordered table-striped">
-            <thead>
-				{% if g.user.is_admin %}
-				<th style="width:auto;">Delete</th>
-				{% endif %}
-				<th style="width:auto;">Date</th>
-                <th style="width:auto;">User</th>
-                <th style="width:100%;">Comment</th>
-            </thead>
-            <tbody>
-				{% for comment in comments %}
-				<tr>
-					{% if g.user.is_admin %}
-					<td class="col-md-1">
-						<a href="{{ url_for('delete_comment', torrent_id=torrent.id, comment_id=comment.id )}}"><i class="fa fa-ban"></i></a>
-					</td>
-					{% endif %}
-					<td class="col-md-1">
-						{% if comment.user %}
-						<a href="{{ url_for('view_user', user_name=comment.user.username) }}">
-							{{ comment.user.username }}
-						</a>
-						{% else %}
-						<span>Anonymous</span>
+	{% for comment in comments %}
+	<div class="panel panel-default">
+		<div class="panel-body" >
+			<div class="row">
+				<div class="col-md-2">
+					<p>
+						{% set user_url = torrent.user and url_for('view_user', user_name=comment.user.username) %}
+						<a href="{{ user_url }}">{{ comment.user.username }}</a>
+						{% if comment.user.id == torrent.uploader_id and not torrent.anonymous %}
+						(uploader)
 						{% endif %}
-					</td>
-					<td class="col-md-1" data-timestamp="{{ torrent.created_utc_timestamp|int }}">{{ torrent.created_time.strftime('%Y-%m-%d %H:%M UTC') }}</td>
-					<td class="col-md-9">{{ comment.text }}</td>
-				</tr>
-				{% endfor %}
-            <tbody>
-        </table>
+					</p>
+					<p>{{ comment.user.userlevel_str }}</p>
+					<p>
+						<img style="max-width: 120px;" src="{{ comment.user.gravatar_url() }}">
+					</p>
+					{% if g.user.is_moderator or g.user.id == comment.user_id %}
+					<div class="row form-group">
+						<div class="col-md-6">
+					<label class="btn btn-default" title="Delete">
+						<a href="{{ url_for('delete_comment', comment_id=comment.id, torrent_id=torrent.id)}}">Delete</a>
+					</label>
+						</div>
+					</div>
+					{% endif %}
+
+				</div>
+				<div class="col-md-10">
+					<small>{{comment.created_time | timesince}}</small><br><br>
+					{# Escape newlines into html entities because CF strips blank newlines #}
+					<div id="torrent-comment{{ comment.id }}">{{ comment.text }}</div>
+				</div>
+			</div>
+		</div>
 	</div>
+	<script>
+		var target = document.getElementById('torrent-comment{{ comment.id }}');
+		var text = target.innerHTML;
+		var reader = new commonmark.Parser({safe: true});
+		var writer = new commonmark.HtmlRenderer({safe: true, softbreak: '<br />'});
+		var parsed = reader.parse(text.trim());
+		target.innerHTML = writer.render(parsed);
+	</script>
+	{% endfor %}
 </div>
 
-<form method="POST" action="{{ request.url }}/submit_comment">
+{% if g.user %}
+<form method="POST">
 	{{ form.csrf_token }}
 	{{ render_field(form.comment, class_='form-control') }}
-	{{ render_field(form.is_anonymous) }}
 	<input type="submit" value="Submit" class="btn btn-primary">
 </form>
+{% endif %}
 
 <script>
 	var target = document.getElementById('torrent-description');

From fee55c17921d65ee11135b734cbe8afee9bce394 Mon Sep 17 00:00:00 2001
From: nyaadev <nyaadev@users.noreply.github.com>
Date: Mon, 22 May 2017 18:35:48 +0200
Subject: [PATCH 6/9] comments can be added+removed. gravatar for user avatar

---
 nyaa/forms.py                      |   2 +-
 nyaa/models.py                     |   9 ++++++++
 nyaa/routes.py                     |  35 ++++++++++++++++++++++++++---
 nyaa/static/img/avatar/default.png | Bin 0 -> 6793 bytes
 4 files changed, 42 insertions(+), 4 deletions(-)
 create mode 100644 nyaa/static/img/avatar/default.png

diff --git a/nyaa/forms.py b/nyaa/forms.py
index 1fec2ee..f6e35a8 100644
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@@ -129,7 +129,7 @@ class DisabledSelectField(SelectField):
 class CommentForm(FlaskForm):
     comment = TextAreaField('Make a comment', [
         Length(max=255, message='Comment must be at most %(max)d characters long.'),
-        Required()
+        DataRequired()
     ])
 
     is_anonymous = BooleanField('Anonymous')
diff --git a/nyaa/models.py b/nyaa/models.py
index a048edd..2f6d730 100644
--- a/nyaa/models.py
+++ b/nyaa/models.py
@@ -392,6 +392,15 @@ class User(db.Model):
         ]
         return all(checks)
 
+    def gravatar_url(self):
+        # from http://en.gravatar.com/site/implement/images/python/
+        size = 40
+        # construct the url
+        gravatar_url = 'https://www.gravatar.com/avatar/' + \
+            hashlib.md5(self.email.encode('utf-8').lower()).hexdigest() + '?'
+        gravatar_url += urllib.parse.urlencode({'d': config.DEFAULT_AVATAR_URL, 's': str(size)})
+        return gravatar_url
+
     @property
     def ip_string(self):
         if self.last_login_ip:
diff --git a/nyaa/routes.py b/nyaa/routes.py
index 82aa062..4df27a6 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -615,7 +615,7 @@ def submit_comment(torrent_id):
             current_user_id = None
         else:
             current_user_id = flask.g.user.id
-            
+
         comment = models.Comment(
             torrent=torrent_id,
             user_id=current_user_id,
@@ -626,6 +626,7 @@ def submit_comment(torrent_id):
 
     return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
 
+
 @app.route('/view/<int:torrent_id>/delete_comment/<int:comment_id>')
 def delete_comment(torrent_id, comment_id):
     if flask.g.user is not None and flask.g.user.is_admin:
@@ -633,8 +634,8 @@ def delete_comment(torrent_id, comment_id):
         db.session.commit()
     else:
         flask.abort(403)
-    
-    return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))     
+
+    return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
 
 
 @app.route('/view/<int:torrent_id>/edit', methods=['GET', 'POST'])
@@ -792,6 +793,34 @@ def _create_user_class_choices(user):
 
     return default, choices
 
+# Modified from: http://flask.pocoo.org/snippets/33/
+@app.template_filter()
+def timesince(dt, default='just now'):
+    """
+    Returns string representing "time since" e.g.
+    3 minutes ago, 5 hours ago etc.
+    Date and time (UTC) are returned if older than 1 day.
+    """
+
+    now = datetime.utcnow()
+    diff = now - dt
+
+    periods = (
+        (diff.days, 'day', 'days'),
+        (diff.seconds / 3600, 'hour', 'hours'),
+        (diff.seconds / 60, 'minute', 'minutes'),
+        (diff.seconds, 'second', 'seconds'),
+    )
+
+    if diff.days >= 1:
+        return dt.strftime('%Y-%m-%d %H:%M UTC')
+    else:
+        for period, singular, plural in periods:
+
+            if period >= 1:
+                return '%d %s ago' % (period, singular if period == 1 else plural)
+
+    return default
 
 # #################################### STATIC PAGES ####################################
 @app.route('/rules', methods=['GET'])
diff --git a/nyaa/static/img/avatar/default.png b/nyaa/static/img/avatar/default.png
new file mode 100644
index 0000000000000000000000000000000000000000..7cde0a66cf181375c1ec3b3630c4a018fe611845
GIT binary patch
literal 6793
zcmV;48g}K0P)<h;3K|Lk000e1NJLTq0077U0077c1^@s6tyr#}000_LNkl<Zc%1B=
z2Y8i5*2n*(KtdpaPy!@CB!L7(igW}i3L+6yiXc|Dxb7<Ytz~7=Wm(<T^;<=kPh?jS
zQ6N&Kh=BAC(t9r<AO;9Egb+yNo5LieaO->Ly>Gea_dMs}dds|H?)|?rXXeZ~AvbQ^
zfZk+YLFnF0wB2zU$@|Zu<)Wjgo|}iH?CYqVbq(RU`3U|+|86h_(5Nc#;r&351g}4u
zD=b@Bmar4TjtV;_Y_G5l!VU}jMO{xFQ$|mLOxlISjVJNq#9jF9*&LMD?Lv$xd87gG
zRc|1&oG#6iXg(7*TG%;Vt^gebB1VY#)ZG|3?-2TI$v`U}8LUTe8K6=aa8caD^EBL}
zE0hIBbq5AFRo^!U<Oy3UY>u!g!ZKAhu1p{&vk>+6Dh!{n6GN`#Ayi4DjNhm(#`l+7
z1KsP%X;JxtZ}8{K!1R5<xNX3;Q|{ZTCfb=d5NKIb-~Kw`ys&qLeIo3tiUxfai100<
zzub-&zu1Ns&s{||6`f-ILue4tuOaX&ai{N6SBxA%&fiNjfhEEV_}6-1(NV|m8PEtA
z^B_<;OrQRGL7K3U!oCo8#g~SB5{U3Gl6p?Y;>;Yx`O*o-|HMQ9lOF{-*Y)mm^lKS3
zOMG^B(Q{%(hIcvx!|sufO~ejiJ%s(NwE;~6IhTXb_ts*_*sXZ;LN21UUYs$8H`)Qi
zI~Gl&yyaRx@ZK6Biq+Cr`K%|<Cs}PD6>?J8P+^mxVbx2MKvE`S&b-6u<@E;{!+EC@
z@Ky&kZH?OwJd`N>mk2fO>CETCp7ZuYUI}DnI+9;lfGNAqpozB^VvHrStn?2CH8#2@
zhO$!FlfsUB`T>sx^385M^4vU(y?hN-G<J?Lh#KM!KdV2`Cf4Ylm;w^VQ^Hnw@@9_&
z^7Rh%89Wy=cu&K6R4NB-{Vfn5WpqzW1^tpcLyjmeaj~!`S$hHvUibl@u{f+pNRZsg
zW^vpGEw)V*R@>bhT?%CP8Q@pnVLDH%tjX9EpmzhKdtq8g924BV$*DljUq#5DmSFb&
zbGS=sw-~?hTyx+VUP^ICCt+jYLI+NLkQW!=<<Xn*u}&RhJfK`K5E}_p43&EpWVHL8
zeZ9!U=#Ep_C1a*&O11Mj856~L1g&gMa`b{jfo#n{y{;3nkv9SLr+f&|qNa?0N)~ok
zbs(;yjA@Dv_pFV4@fBXW3Y^UWPG14)2vNmF>f3Ld@sqH-g`F<_!fgWCb_$hJCS&u-
z%c$q4&IJ@SDs;O8=$Qz#i<N?K6$8cijV;1x3pJ<slOd(wHGVr@WO1m6HtL497gN`k
zV#=h?`3S~0Xaspi*nf&YSz-jqxQvKqV{uT-X^jb1wiyw^XLvLTc({QWHN-6^iiKfz
z4hd@{?0Vr7B}S0HuEd)x4&R{zM|8Gg#Jys)U`N?Xh>7pbc&*WePuv<o4xdM@CZFTT
zmFwX9oJL}WbNx~)xx5-<jQ~F8cIZSR?H<wLtD+HP#y&j8;?PFbaCsKuc`=I(=d+Yn
zr>d}ikkP+I0-3T0j~Ue?tI|qLMt{>Bc&wp37s1$u-Y71RL+22)<22eD+9eBdXEk8t
z{qp=aV@tXTt03(1O@Vy96EEfcVz$$g=7Rn>z3R&m;{hRzvcX38h|v*pHON^Xc~c+}
zp%_e&pITD9*qvJ9J~Hr5nb_b?PDv3+JTGh{tzuDBWBU7RfuYNc?vr__DTFbsJ@9KW
zVuateoyr6Vb?B>aO^;r0C#Ma679z>bH@I5{5hUhO4<-Ol-36p1a<CtR)+CT5dPF~t
zKehp)!o*#3uEE_hfG5N>>fNp~(2rpXNFssUQT!R2YbR9!em74Zn6fi8jiO{{Pd1hj
zwG2~=JIDuF2)V3Pg7a5_ho=IoJkI}M9mv`KlbBKtXb6;J|AKMOA`-|R@t~ojSMz@X
z{wbXIw^z$#VOEA#qsX_Q;6ch8%OU2B2ka$*&=}z|b?B;epx+F67{_Wfi;-dGBn;lW
zV7%l63504ZRCf1HI@<Z^X5ixuGUK<Iq0@OJ2(soi<N^f4Xy7~vgks-4o{7`6i_+nb
z-wrHE1FoB3bCG`kZDZxRi${{=A_K!HAddv1IpfuyGr$nx;xA28*d;G0^eYB8Wl=Et
z;FCZKNxJ~dJp?R22CO>)oYY|oMxz9Y;O-jII@S@>C*fa&vR}dIh!TO6X2)q@-l3aW
z8L|E+;EV?6K1}@Z8&#7cxbF^G1kwbBS(pGr7l9Oq8b5wfu7G8d<p_sASEj1@rNC%)
ziBjB99$DJSr)0~N4=R+GVi|+cT_6l&W%wS=FfL$$FpLXWAPnOI76`+*fCa)ZE?|K$
zj0;#G4C4Y82*bF51;Q{cV1Y1<3s@iw;{r}uU@#YRftmY&#c9B?i@<&HvaSeY4p<-t
zus0K!wilRl0N8p;Ml=^Pm`gXC3KobTq4O~#R*KQ$s5}PXh)#9=+9k#fED%3HhsG$`
z#ne5{g+bJg1QOh)&tUus3q(h#Zu#@`WReR{=u}7F{xIId0?~nUIdUpBb{mkB=lSP&
zdSyOXAc~<(FI^`Ar?S2OY-b)pOb73SD1_1<b)KkA9ErmBNQ_qACB{d11W`cxMPRs?
zQcc_`lTm1a@_RAng9YLvl>Po@-eL`-MsX-BBx62UAR3|a5N|C9#%y-Ibn6M#$^&=B
zsOS}=8WxBKXv44fRJn|+0xHMA&Y(GAfp`H4;-71P(VM+nzI8`a9z9G83&caH<U^+k
zz`=9s+vf7p=7mRgH(bw`8-A_6&_^6Z<Er|!%lHnDATC&z2E4We*pi{&H7b_n5yZ@}
zK%6jaIq=>Z{jbwLj!QV085T$>sJ_W7i)93^Kj_TySEhyqQjC%7fj5=`d44P_*M$XQ
zYFHqGOS!<W=XxHNt_rGu(yWGmugQ2vzzc-Vgg=l9{CLv;*N%$>%CY}pY64myv-ShO
zpATgC7)Pa*dX<d1F5@`?DG*AMFnk5@?i%0YsC=Pj1p_b6ctpSn<ib_p+3$ea2aN6s
zP>G9@nx23X$Pb5sC+EmwqGlkntkFGS+z~JWp?!_s(|~LFM)#zMtZPR1fN@7a#A2oH
z0v?)TE^!bP0Lhpe+m9gsyAF6`snNY~%)%o;ZXQt1_TPeav2C67TrpY<6~Y*`v1Dpb
zv(clT5O8~-Mg<`40#I2v?rma??iEvrZ3Xh`B4FeOqkG{!A9n*@Zf$fgm_lqfxRamp
z<}%<T3yOmXGw>Us^DdOSh(=t>&O%G#boT!8HQ>s1d5V($zO?&K{UnPl2h@#{7B8$}
zRiLbmq62IvkiV<|KKRk-UT7!Wz;C2}G*GJ|@Xc;unedNJX36aHBo0p@(e$bh{Jw=f
z0x@kf#iEmcl$(m2ax?oJ?wI;0(7%z<y^zp;QNn28lE&p|O2j>&A@D?Fppiunh1p`6
zm%`Hr%>w?p*4pAA%yf9_)y3MyK^#60yeqzwJ3o`l?5mHf>zlu@g+OT3@OP-XUX&?g
zbPpsaE&*TfRM+13hk%Y>1Akwwu1$Ynd4WvX1H5CgKe{VSqK}(?h#ruS`0!L9!y=oc
zmKMm0W5B?fz*U7gs*J`gBM6m<(~CI=fxa_<d_SJt)QV*VLYrz7m1{T5pbx5VLaSHB
zq1CAe6XZV4qCs-S%NHm+CHXjJ$CAsu+1G*lCkc^UG`c71F@r!>rI$RHUndfn)gNeH
za6Fif3aH2t_V0}{?dp>z&TMbV5rlTh4_`347y5A31Ob&xj}<-cmkjKCzDOJdCG1wk
z^Yi6umszotK<K9Sni!V<yVdBP=*MLfguqi3UV>_tOnd|g4=s9)$~+Xlt^%43ys}7L
zd#bUNK)%@pd}!faa!<(iV%J&^Xlg~%r<e#}Y|8CPB^DmlUL>eE<jYhImygM5U!+iU
zDzS_}_MNqcQ|Bw*gmvh_rk{c9LL@_4IgY7Pl~C`&MB(c^Ev9Y-ne8cl&WwA!mJkR9
z%yrdR`_F0^J%Vg3NPqOWlW><Er_@}BiUuWD1y(;J{;eXeD}=f0w3@b6VhMr#VSeD8
zzB76RAs>T&ymwT-{WS{X*{R@1OaYlu1qmz43;$+DU!bO#(tUr>_qJ7|Odyn<P!A|~
z)#N?;v~5Nx#N0^EiR-tn<#@T7e3J_bzGrH`_z#Z)8NV9<Y*92isYJ6t$eCMyOeS87
z{{;AClge&MXrJSyh3eZiGiC_EXj<Lz^Qx9(yWMg7b1iBDDT!*@SBcjfg>*(>v=GC8
zw#psXLR260p*v}p3Bd77YTGqCMhk?J*+rFe{F*9(bg$?5`6nBzX<sF7f7WNN0E><Q
zYfcC|E}XQ}j#nEJ9n4v^LT5Xknr+XWa(Db}@InL?^T~Fy7js0x<}9UKrP0C>!6x*G
zO9+I-u>Dkl2_bAc3G6@T{)|P4_#bPlDA52N(xD2n>-<!o!)(w9O*aUm&V}?ykU^l1
zxTwHCdZvk(*P9`p#zR8hUn|$X$+X_FDTu9lgqjY$_(R}|gP={gW8!;A^f4GvE40GY
zHQw=S<wJdIn{K3ooA}m-zX=(-%(n*UZt&;!zITM2ehMR*5<n|f&Nz79IDrt(k}lls
zWNPFoAKnMlj`FPyf8+D4@18iIU7YV7`FMkj?qp!jEoDL9BsmIbp?^c*B@3oA@>w9S
zwDG+YbXJ+l5ipWula__1%{@xO;4OWVfzdtG_s1XjB#^sffJc&i>%dQ0@^o2_jZOvn
z0^OnOnz*pe2lsoPm7Yq>jp`0e?<;rbt%y&%7jJj+?cx;I({r*6Z(t;~DwsR|hf<`j
zcuGu(H_9l7iw<_yDS;gAX}r)<zTe7d7Dyj4a-`JPeqs8<J~~~DAST#3HWRTGjqZVa
zsPO3cUcluC<i6OROety_C0f?9SLG~C0-;cZalN!(ly+n(Pm+p_C%a(<ffQ0fOtsp_
zNwX_n3xw_tGx|9XM{viUGh*bK5}3Q>o)B+h|059bN+5K)Y~kZFrKA=p8no?ruB_yW
zS~i-V*a5Hn!H>EDjh#e#x`V_)AtWpg*HFR)JLUPZIvxw;@111EZY}ITE1b74<gr=C
zHFFOF-BVd4X2BzY{INCgW(RE-pd7EgruvoyInY>j9C&;t?+uv&w*sLkUD_Pd0u@`K
zrCb$B#sZC52Y_y=EE1z}DG-XYn$|~Kcrrz#wi_>_gc)tn`I~{?3XynmPW`;WM|SOo
zQ-QqH5?J{(5Etovqgyh7P7~z6jBilRsAglOALkBA_&_yM7<D)l$ZKtZe?OpY<XCq?
zjvU8$pF<f3#1!=}%iX_^>I<&1V38U#Q(_;40_8pw{>DqKv^BQiF!0PA^A+s30~I_7
z5S+Om*nLKx0JYMoJu`DlAQi<IFmE8xp|-Y$rtby%f2*onOlc~Ixqh8$ZIEM6X?ZAG
zLF;}MQ<9rgth>Y?bMX_}#6f3!KHqB3S{-Jha=7c)sa#rNmYJna&XhCW6EvU^u=O`G
znU@wut_Pl*XMD;`yW=kQ?Y%WckI5Hd)DSeGHxR6GzB)nNwR}C(&Ul8alsHta>0q&(
zRm(VBMHxX_)60CiSx&3+EKq084!F99k#k-gN&~AZ$#kIO_2D&g247zSys*IfHOZ}n
zv*Mm~f10)b_UG51)U`VSgI5CCmnnReFM$u%>(w2`8O}zKnfri44pM?HF=;^>tKso^
z5IW#=f2vHf!1y0$Bgp4Y%F(GRbQ9=!G=hA05NJM@#bG3lobFRD>II&@0&M0uIG=GV
z5Lz<qGu`;Q6@iYUytvEKT-OT>q`E44;Zz`$K>4E|frqE@N|hOKlwM~^n(NPewS$*?
zeZ{Fjem4(zWwANR5;HRMerep5W2Vng@F=65+XO;~n>tSbzT9C%cNk}sE+j<7Ha*D<
zv*3t6{RtFG2xQwSd5&X6x>4O>oN=O*K*l;*y($ewSTowWDG>5E{<acmJuYyn$y$x$
zSw+VP==+-CU~|wBRF!sbrhfghJ3;dg0S(3gBUZ@*@{BnlXS>kn_)$!+&gOXbIa=g;
zdzEh8vOPhZ<<L453dCE-d)i)JY|%;(hf`UH`33%jx4Yz2F-mn6VzW@%H&cz7Gwm~_
zpu~H$%IK{?8duX^8OrPoo~x#~s55N(XR|M<yMdElE~HSo0y{!C3ku3yuH&jJ3&di4
zqM?psvl#XLFava8k6eV6Ivz1*fmn=84_B{>)7*vvq1eDNTjXOZ;-eQV5StSg?0flU
zGcx1{akD50zuC?LVYJeynyl+$C;qh#n7FIxzxCX|v+3d=Q;40WSGjq>-&O(dl}fMr
zn1<5Sp27mLId|J+1#9~$St;OXsk)X)(ZIW1^t&z##O5@&fj}s`Jw-2fsS6}mkyXm5
zqHd1_;OV>c-2^Rzzu(}^bc;iUReL4^?P6t>TsmBJ;4CnGAF%FOpnRy&J+v+?5Q|bH
z0(hng@Nfg5RW1AOlp76Cu`C89HyPd$c&h`8!XL0eECdzof44KxsjksI2^?4;79d7U
zr$+Yx`X(FQlfYueJ{E}SX(RlL9|pP4?#`%%PGV9qD4xZd6si#QLJMFai^K2y_>;`d
zKqWnR1TiV^bOMImV{|V952_MOmC_2U1+zd*Mx+=mKDr-xwwcjA2|Us+06iv`OtHiQ
zF&ST^0R41~En*x)Wj!9Bb$hvO_CZX<h<jNaMsPAq`W%jqGV=&x5=L|c{@T&#UIZSL
zce>vUV4ah5{-zQLt=3eJ0IGz`05ys!qWn);HcweY1yuifuhG2-JSZayIpnUAU>GWp
z)-{29>jE8X16|@}t@hGTpcqxQ+L|F%PN_5<RaCMv?rNYj>LEwG>qPgzB|`+#Rfu9_
zH=wBphj}RWs9{xUgBr`{NbzGf1G5h}E(>5aINH{~PzqP7dE?2A)^7p{4FZ1E6!=Xu
zphYd$Ra@QBHdb0ro~)v@`Z%!gh|C+6aaoQ!R>H1H-OR}DGjg?Rr-$d*{qohc5>u(k
zeSmtE)V3Qgdf%b8w4v?gbLWN6vMECzu-PDNTZT;hZ03r*;Vclpa9E5O-BP_v(5~xw
zkV?YoeyuI=YFlIPlC;K6>2hc}kBZ7r{k}8Va(b414Y+(=))uGG0?J`a|5CDOTH&CC
z0C@#QS=H%ZDtktuAi-ooCI6)mbozg#Y12(BcpNS)QutWW;nHX!B05Yyt`iBwR50%E
z69`P%Ba1?LJ0;icXG?eWxsL%+CU8LM$4e2hWK3W|H^(=Z1MjcX_W2OH6RMnk(5OMv
zoguB*`DBcRR;p;!n6I&j5c$m^VZq41k_VqNCy~$w-3k1ovzRhO`Pv%8Xy?dznRW3$
zTYM|~5Lph_LPCOZ9SQ{U#Y4ceO?+*IVYES$ptZ+=|Jwvi-|M<Owx<ZcF*l@QSzHnh
zs%B3ip^_8_9|L9l1?^){W_PNoNgK$t)W11HeZ+;BU0n(ZE(4mORoBu0?R+nO0*F_<
ze9JHd4Fc&GWeTJH=j6XsevSm8VuWzV)jS*zNvMot>6g&X+YggCruSuWFzOk)6!>Ph
z+^;aQZf3)(I1<#NCcG{+PwV~j2Lj#e>Cr7F&>>&;r!3=(%65oDT2QkXcvx|}2s#dW
zPi;NA#4tc|Rp9luM)v|}6Nha<^(tY9Hy?T^5qN{oN;5h`iScS099>W&0^5V)BC#vB
zBF=d70ZKtbF;#pFk<pt7;p5KkZ`@{coX|vcI1U8Wjs$+)45QqAplUcUO*rKdygSbL
z3CcM<)a&IVH4M84ACNZ6+_-UrRtqAM#^6HMHRrKeq~_iY{Mki@kta&yM#<n&e-Tv<
zdFewC8CecFH)l&?u9uyXfQ8OJ(7Qg1gE0n*dj9Y}|6a30Z7e2n(BoU~M88Iu;p_vn
zYQ-={@rRbOaE`yYFCMcCAKwy4m%8{?I3-!7-%M#}n%Jn$9b--U`zak#Oav~7YfUTs
z?^^;9;<zxN5&lv71FyI7PsbR>6%YGqia(+whQ~$XR{FRSE4KgWj1OAWz@ftbrah0=
zvHs~8!?=QKEjF&E?=_lM$DwDN;?v^Kl@LhfFyz1179Y@KIy(C4gZg%eVLXM-8~s`5
z4eFHo7!?+R{1VqK{ifaxFuqkyY@s<HtphWRS)c=X&)=<2+hTOu_G%l9EB*Y<eUQ>*
zTt-aRHLR&0jRbwV!!X*Qq#3U-20q@XuFVF~NMHLbT2=|aJ)*>6)JTmAI3>jKvbruX
zj2dX_|50~ffWlR+5%*%4BXJO}!m7R(_Kv!4FpN4r=>a5G_Prh9N_^fk5tE#~?r@4#
zif@HI>U&ohMlDn-t^HTpv+_LJ0878^510G&o&@GTCv2a#E-;LKw29Ro@f#n7^f5j0
zq`UWdB9KgB1BBTiO*CUS9;)wsU6r!IxFM!!17jlav%B|tdbEQMRkZ?-B#a69pVpqI
zoT?Lv^wdYtF(nZm<y!Q_2PqDPjQv+wUvECdF#h1T-veW}Iev|*3G_|IA~AA2Ek=$E
zPuuiXAcYJU_BSmbWEj1mau{vK0XrQm*gk$I#)y&Q58k$^RUkwUVgDA!Cq)?3Kw0}c
zPXzX4%KuKPf@5#pgJBOOAhlX~@7wc5AVfuBGllv2NDIR_XOnQf+k6SMsDVuj9>)XG
z;W($YEnfvf&@tWq!rl<p)YrxsMgiL=?8K;E^^saB3|D<=NQFRdwFN1Z_l3o)YLsET
zAPw?HO$VNo{IFFDq!60vJtVBRuoPjOoRra%3y@(^bA-(mc1305dI+RAR90b-u-^+a
zD1i%OQ)nM!jIdN;`FdSMZ-EqtMv~UTk|C#HWO2gi)Cm<wBZr^MSuzAA`Jwy>*}^Uf
rqx{in1xB0I8z4sx-TD6j00960@=Sr#o?{2)00000NkvXXu0mjf1s2Z^

literal 0
HcmV?d00001


From aab3eaccaaab5cc58c6096275afd09240ef973e3 Mon Sep 17 00:00:00 2001
From: snowfag <yuki@lolicon.eu>
Date: Mon, 22 May 2017 12:58:09 -0400
Subject: [PATCH 7/9] Spruce up comments.

---
 nyaa/models.py           |  2 +-
 nyaa/static/css/main.css | 23 +++++++++++++++
 nyaa/templates/view.html | 62 ++++++++++++++++++----------------------
 3 files changed, 52 insertions(+), 35 deletions(-)

diff --git a/nyaa/models.py b/nyaa/models.py
index 2f6d730..1e1e8dc 100644
--- a/nyaa/models.py
+++ b/nyaa/models.py
@@ -394,7 +394,7 @@ class User(db.Model):
 
     def gravatar_url(self):
         # from http://en.gravatar.com/site/implement/images/python/
-        size = 40
+        size = 120
         # construct the url
         gravatar_url = 'https://www.gravatar.com/avatar/' + \
             hashlib.md5(self.email.encode('utf-8').lower()).hexdigest() + '?'
diff --git a/nyaa/static/css/main.css b/nyaa/static/css/main.css
index 07e5a6a..46390ff 100644
--- a/nyaa/static/css/main.css
+++ b/nyaa/static/css/main.css
@@ -218,3 +218,26 @@ table.torrent-list tbody tr td a:visited {
 ul.nav-tabs#profileTabs {
 	margin-bottom: 15px;
 }
+
+.comments-panel {
+	width: 99%;
+	margin: 0 auto;
+	margin-top:10px;
+	margin-bottom:10px;
+}
+
+.comment-box {
+	width: 95%;
+	margin: 0 auto;
+	margin-top:30px;
+	margin-bottom:10px;
+}
+
+.delete-btn {
+	position: relative;
+	float: right;
+}
+
+.avatar {
+	max-width: 120px;
+}
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index 68471d7..f651f71 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -137,34 +137,29 @@
 		</h3>
 	</div>
 	{% for comment in comments %}
-	<div class="panel panel-default">
-		<div class="panel-body" >
-			<div class="row">
-				<div class="col-md-2">
-					<p>
-						{% set user_url = torrent.user and url_for('view_user', user_name=comment.user.username) %}
-						<a href="{{ user_url }}">{{ comment.user.username }}</a>
-						{% if comment.user.id == torrent.uploader_id and not torrent.anonymous %}
-						(uploader)
-						{% endif %}
-					</p>
-					<p>{{ comment.user.userlevel_str }}</p>
-					<p>
-						<img style="max-width: 120px;" src="{{ comment.user.gravatar_url() }}">
-					</p>
-					{% if g.user.is_moderator or g.user.id == comment.user_id %}
-					<div class="row form-group">
-						<div class="col-md-6">
-					<label class="btn btn-default" title="Delete">
-						<a href="{{ url_for('delete_comment', comment_id=comment.id, torrent_id=torrent.id)}}">Delete</a>
-					</label>
-						</div>
-					</div>
+	<div class="panel panel-default comments-panel">
+		<div class="panel-body">
+			<div class="col-md-2">
+				<p>
+					{% set user_url = torrent.user and url_for('view_user', user_name=comment.user.username) %}
+					<a href="{{ user_url }}">{{ comment.user.username }}</a>
+					{% if comment.user.id == torrent.uploader_id and not torrent.anonymous %}
+					(uploader)
+					{% endif %}
+				</p>
+				<p>{{ comment.user.userlevel_str }}</p>
+				<p>
+					<img class="avatar" src="{{ comment.user.gravatar_url() }}">
+				</p>
+			</div>
+			<div class="col-md-10">
+				<div class="row">
+					<small>{{comment.created_time | timesince}}</small>
+					{% if g.user.is_moderator or g.user.id == comment.user_id %}
+					<div class="btn btn-danger btn-sm delete-btn" title="Delete" onclick='location.href = "{{ url_for('delete_comment', comment_id=comment.id, torrent_id=torrent.id)}}";'>Delete</div>
 					{% endif %}
-
 				</div>
-				<div class="col-md-10">
-					<small>{{comment.created_time | timesince}}</small><br><br>
+				<div class="row">
 					{# Escape newlines into html entities because CF strips blank newlines #}
 					<div id="torrent-comment{{ comment.id }}">{{ comment.text }}</div>
 				</div>
@@ -180,16 +175,15 @@
 		target.innerHTML = writer.render(parsed);
 	</script>
 	{% endfor %}
+	{% if g.user %}
+	<form method="POST" class="comment-box">
+		{{ form.csrf_token }}
+		{{ render_field(form.comment, class_='form-control') }}
+		<input type="submit" value="Submit" class="btn btn-success btn-sm">
+	</form>
+	{% endif %}
 </div>
 
-{% if g.user %}
-<form method="POST">
-	{{ form.csrf_token }}
-	{{ render_field(form.comment, class_='form-control') }}
-	<input type="submit" value="Submit" class="btn btn-primary">
-</form>
-{% endif %}
-
 <script>
 	var target = document.getElementById('torrent-description');
 	var text = target.innerHTML;

From b7144f80f94e47713d23b7fae196ae8093cc41f0 Mon Sep 17 00:00:00 2001
From: nyaadev <nyaadev@users.noreply.github.com>
Date: Mon, 22 May 2017 23:01:23 +0200
Subject: [PATCH 8/9] Make comments great again.

---
 .../versions/d0eeb8049623_add_comments.py     | 48 +++++++++++
 nyaa/forms.py                                 | 10 +--
 nyaa/models.py                                | 31 +++++--
 nyaa/routes.py                                | 82 +++++++++++--------
 nyaa/static/css/main.css                      |  2 +-
 nyaa/templates/edit.html                      |  6 +-
 nyaa/templates/view.html                      | 24 +++---
 nyaa/torrents.py                              |  1 +
 8 files changed, 137 insertions(+), 67 deletions(-)
 create mode 100644 migrations/versions/d0eeb8049623_add_comments.py

diff --git a/migrations/versions/d0eeb8049623_add_comments.py b/migrations/versions/d0eeb8049623_add_comments.py
new file mode 100644
index 0000000..4b8599a
--- /dev/null
+++ b/migrations/versions/d0eeb8049623_add_comments.py
@@ -0,0 +1,48 @@
+"""Add comments table.
+
+Revision ID: d0eeb8049623
+Revises: 3001f79b7722
+Create Date: 2017-05-22 22:58:12.039149
+
+"""
+from alembic import op
+import sqlalchemy as sa
+
+
+# revision identifiers, used by Alembic.
+revision = 'd0eeb8049623'
+down_revision = '3001f79b7722'
+branch_labels = None
+depends_on = None
+
+
+def upgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.create_table('nyaa_comments',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('torrent_id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=True),
+    sa.Column('created_time', sa.DateTime(), nullable=True),
+    sa.Column('text', sa.String(length=255), nullable=False),
+    sa.ForeignKeyConstraint(['torrent_id'], ['nyaa_torrents.id'], ondelete='CASCADE'),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
+    sa.PrimaryKeyConstraint('id')
+    )
+    op.create_table('sukebei_comments',
+    sa.Column('id', sa.Integer(), nullable=False),
+    sa.Column('torrent_id', sa.Integer(), nullable=False),
+    sa.Column('user_id', sa.Integer(), nullable=True),
+    sa.Column('created_time', sa.DateTime(), nullable=True),
+    sa.Column('text', sa.String(length=255), nullable=False),
+    sa.ForeignKeyConstraint(['torrent_id'], ['sukebei_torrents.id'], ondelete='CASCADE'),
+    sa.ForeignKeyConstraint(['user_id'], ['users.id'], ondelete='CASCADE'),
+    sa.PrimaryKeyConstraint('id')
+    )
+    # ### end Alembic commands ###
+
+
+def downgrade():
+    # ### commands auto generated by Alembic - please adjust! ###
+    op.drop_table('nyaa_comments')
+    op.drop_table('sukebei_comments')
+    # ### end Alembic commands ###
diff --git a/nyaa/forms.py b/nyaa/forms.py
index f6e35a8..be79f51 100644
--- a/nyaa/forms.py
+++ b/nyaa/forms.py
@@ -128,18 +128,16 @@ class DisabledSelectField(SelectField):
 
 class CommentForm(FlaskForm):
     comment = TextAreaField('Make a comment', [
-        Length(max=255, message='Comment must be at most %(max)d characters long.'),
+        Length(min=3, max=255, message='Comment must be at least %(min)d characters '
+               'long and %(max)d at most.'),
         DataRequired()
     ])
 
-    is_anonymous = BooleanField('Anonymous')
-
 
 class EditForm(FlaskForm):
     display_name = StringField('Torrent display name', [
-        Length(min=3, max=255,
-               message='Torrent display name must be at least %(min)d characters long '
-                       'and %(max)d at most.')
+        Length(min=3, max=255, message='Torrent display name must be at least %(min)d characters '
+               'long and %(max)d at most.')
     ])
 
     category = DisabledSelectField('Category')
diff --git a/nyaa/models.py b/nyaa/models.py
index 1e1e8dc..e623aa8 100644
--- a/nyaa/models.py
+++ b/nyaa/models.py
@@ -1,3 +1,4 @@
+import flask
 from enum import Enum, IntEnum
 from datetime import datetime, timezone
 from nyaa import app, db
@@ -11,7 +12,8 @@ from ipaddress import ip_address
 import re
 import base64
 from markupsafe import escape as escape_markup
-from urllib.parse import unquote as unquote_url
+from urllib.parse import urlencode, unquote as unquote_url
+from hashlib import md5
 
 if app.config['USE_MYSQL']:
     from sqlalchemy.dialects import mysql
@@ -99,6 +101,8 @@ class Torrent(db.Model):
                             cascade="all, delete-orphan", back_populates='torrent', lazy='joined')
     trackers = db.relationship('TorrentTrackers', uselist=True,
                                cascade="all, delete-orphan", lazy='joined')
+    comments = db.relationship('Comment', uselist=True,
+                               cascade="all, delete-orphan")
 
     def __repr__(self):
         return '<{0} #{1.id} \'{1.display_name}\' {1.filesize}b>'.format(type(self).__name__, self)
@@ -321,14 +325,13 @@ class Comment(db.Model):
     __tablename__ = DB_TABLE_PREFIX + 'comments'
 
     id = db.Column(db.Integer, primary_key=True)
-    torrent = db.Column(db.Integer, db.ForeignKey(
-        DB_TABLE_PREFIX + 'torrents.id'), primary_key=True)
-    user_id = db.Column(db.Integer, db.ForeignKey(
-        'users.id', ondelete='CASCADE'))
+    torrent_id = db.Column(db.Integer, db.ForeignKey(
+        DB_TABLE_PREFIX + 'torrents.id', ondelete='CASCADE'), nullable=False)
+    user_id = db.Column(db.Integer, db.ForeignKey('users.id', ondelete='CASCADE'))
     created_time = db.Column(db.DateTime(timezone=False), default=datetime.utcnow)
     text = db.Column(db.String(length=255), nullable=False)
 
-    user = db.relationship('User', uselist=False, back_populates='comments')
+    user = db.relationship('User', uselist=False, back_populates='comments', lazy="joined")
 
     def __repr__(self):
         return '<Comment %r>' % self.id
@@ -396,11 +399,21 @@ class User(db.Model):
         # from http://en.gravatar.com/site/implement/images/python/
         size = 120
         # construct the url
-        gravatar_url = 'https://www.gravatar.com/avatar/' + \
-            hashlib.md5(self.email.encode('utf-8').lower()).hexdigest() + '?'
-        gravatar_url += urllib.parse.urlencode({'d': config.DEFAULT_AVATAR_URL, 's': str(size)})
+        default_avatar = flask.url_for('static', filename='img/avatar/default.png', _external=True)
+        gravatar_url = 'https://www.gravatar.com/avatar/{}?{}'.format(
+            md5(self.email.encode('utf-8').lower()).hexdigest(),
+            urlencode({'d': default_avatar, 's': str(size)}))
         return gravatar_url
 
+    @property
+    def userlevel_str(self):
+        if self.level == UserLevelType.REGULAR:
+            return 'User'
+        elif self.level == UserLevelType.TRUSTED:
+            return 'Trusted'
+        elif self.level >= UserLevelType.MODERATOR:
+            return 'Moderator'
+
     @property
     def ip_string(self):
         if self.last_login_ip:
diff --git a/nyaa/routes.py b/nyaa/routes.py
index 4df27a6..ecc3df9 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -7,6 +7,7 @@ from nyaa import torrents
 from nyaa import backend
 from nyaa import api_handler
 from nyaa.search import search_elastic, search_db
+from sqlalchemy.orm import joinedload
 import config
 
 import json
@@ -572,53 +573,52 @@ def upload():
 
 @app.route('/view/<int:torrent_id>')
 def view_torrent(torrent_id):
-    torrent = models.Torrent.by_id(torrent_id)
-    form = forms.CommentForm()
-
-    viewer = flask.g.user
-
+    torrent = models.Torrent.query \
+                            .options(joinedload('filelist'),
+                                     joinedload('comments')) \
+                            .filter_by(id=torrent_id) \
+                            .first()
     if not torrent:
         flask.abort(404)
 
     # Only allow admins see deleted torrents
-    if torrent.deleted and not (viewer and viewer.is_moderator):
+    if torrent.deleted and not (flask.g.user and flask.g.user.is_moderator):
         flask.abort(404)
 
     # Only allow owners and admins to edit torrents
-    can_edit = viewer and (viewer is torrent.user or viewer.is_moderator)
+    can_edit = flask.g.user and (flask.g.user is torrent.user or flask.g.user.is_moderator)
 
     files = None
     if torrent.filelist:
         files = json.loads(torrent.filelist.filelist_blob.decode('utf-8'))
 
-    comments = models.Comment.query.filter_by(torrent=torrent_id)
-    comment_count = comments.count()
+    comment_form = None
+    if flask.g.user:
+        comment_form = forms.CommentForm()
 
     return flask.render_template('view.html', torrent=torrent,
                                  files=files,
-                                 viewer=viewer,
-                                 form=form,
-                                 comments=comments,
-                                 comment_count=comment_count,
+                                 comment_form=comment_form,
+                                 comments=torrent.comments,
                                  can_edit=can_edit)
 
 
-@app.route('/view/<int:torrent_id>/submit_comment', methods=['POST'])
+@app.route('/view/<int:torrent_id>/comment', methods=['POST'])
 def submit_comment(torrent_id):
-    form = forms.CommentForm(flask.request.form)
+    if not flask.g.user:
+        flask.abort(403)
 
-    if flask.request.method == 'POST' and form.validate():
+    torrent = models.Torrent.by_id(torrent_id)
+    if not torrent:
+        flask.abort(404)
+
+    form = forms.CommentForm(flask.request.form)
+    if form.validate():
         comment_text = (form.comment.data or '').strip()
 
-        # Null entry for User just means Anonymous
-        if flask.g.user is None or form.is_anonymous.data:
-            current_user_id = None
-        else:
-            current_user_id = flask.g.user.id
-
         comment = models.Comment(
-            torrent=torrent_id,
-            user_id=current_user_id,
+            torrent_id=torrent_id,
+            user_id=flask.g.user.id,
             text=comment_text)
 
         db.session.add(comment)
@@ -627,14 +627,23 @@ def submit_comment(torrent_id):
     return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
 
 
-@app.route('/view/<int:torrent_id>/delete_comment/<int:comment_id>')
+@app.route('/view/<int:torrent_id>/comment/<int:comment_id>/delete', methods=['POST'])
 def delete_comment(torrent_id, comment_id):
-    if flask.g.user is not None and flask.g.user.is_admin:
-        models.Comment.query.filter_by(id=comment_id).delete()
-        db.session.commit()
-    else:
+    if not flask.g.user:
         flask.abort(403)
 
+    comment = models.Comment.query.filter_by(id=comment_id).first()
+    if not comment:
+        flask.abort(404)
+
+    if not (comment.user.id == flask.g.user.id or flask.g.user.is_moderator):
+        flask.abort(403)
+
+    db.session.delete(comment)
+    db.session.commit()
+
+    flask.flash('Comment successfully deleted.', 'success')
+
     return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
 
 
@@ -650,11 +659,11 @@ def edit_torrent(torrent_id):
         flask.abort(404)
 
     # Only allow admins edit deleted torrents
-    if torrent.deleted and not (editor and editor.is_moderator):
+    if torrent.deleted and not (flask.g.user and flask.g.user.is_moderator):
         flask.abort(404)
 
     # Only allow torrent owners or admins edit torrents
-    if not editor or not (editor is torrent.user or editor.is_moderator):
+    if not flask.g.user or not (flask.g.user is torrent.user or flask.g.user.is_moderator):
         flask.abort(403)
 
     if flask.request.method == 'POST' and form.validate():
@@ -670,9 +679,9 @@ def edit_torrent(torrent_id):
         torrent.complete = form.is_complete.data
         torrent.anonymous = form.is_anonymous.data
 
-        if editor.is_trusted:
+        if flask.g.user.is_trusted:
             torrent.trusted = form.is_trusted.data
-        if editor.is_moderator:
+        if flask.g.user.is_moderator:
             torrent.deleted = form.is_deleted.data
 
         db.session.commit()
@@ -700,8 +709,7 @@ def edit_torrent(torrent_id):
 
         return flask.render_template('edit.html',
                                      form=form,
-                                     torrent=torrent,
-                                     editor=editor)
+                                     torrent=torrent)
 
 
 @app.route('/view/<int:torrent_id>/magnet')
@@ -793,7 +801,7 @@ def _create_user_class_choices(user):
 
     return default, choices
 
-# Modified from: http://flask.pocoo.org/snippets/33/
+
 @app.template_filter()
 def timesince(dt, default='just now'):
     """
@@ -823,6 +831,8 @@ def timesince(dt, default='just now'):
     return default
 
 # #################################### STATIC PAGES ####################################
+
+
 @app.route('/rules', methods=['GET'])
 def site_rules():
     return flask.render_template('rules.html')
diff --git a/nyaa/static/css/main.css b/nyaa/static/css/main.css
index 46390ff..fdca7db 100644
--- a/nyaa/static/css/main.css
+++ b/nyaa/static/css/main.css
@@ -233,7 +233,7 @@ ul.nav-tabs#profileTabs {
 	margin-bottom:10px;
 }
 
-.delete-btn {
+.delete-comment-form {
 	position: relative;
 	float: right;
 }
diff --git a/nyaa/templates/edit.html b/nyaa/templates/edit.html
index b65ce0c..e608f8d 100644
--- a/nyaa/templates/edit.html
+++ b/nyaa/templates/edit.html
@@ -7,7 +7,7 @@
 {% set torrent_url = url_for('view_torrent', torrent_id=torrent.id) %}
 <h1>
 	Edit Torrent <a href="{{ torrent_url }}">#{{torrent.id}}</a>
-	{% if (torrent.user != None) and (torrent.user != editor) %}
+	{% if (torrent.user != None) and (torrent.user != g.user) %}
 	(by <a href="{{ url_for('view_user', user_name=torrent.user.username) }}">{{ torrent.user.username }}</a>)
 	{% endif %}
 </h1>
@@ -31,7 +31,7 @@
 		<div class="col-md-6">
 			<label class="control-label">Torrent flags</label>
 			<div>
-			{% if editor.is_moderator %}
+			{% if g.user.is_moderator %}
 			<label class="btn btn-primary">
 				{{ form.is_deleted }}
 				Deleted
@@ -58,7 +58,7 @@
 				Anonymous
 			</label>
 			{% endif %}
-			{% if editor.is_trusted %}
+			{% if g.user.is_trusted %}
 			<label class="btn btn-success" title="Mark torrent trusted">
 				{{ form.is_trusted }}
 				Trusted
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index f651f71..a2d7c7e 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -29,9 +29,9 @@
 			{%- if not torrent.anonymous and torrent.user -%}
 			<a href="{{ user_url }}">{{ torrent.user.username }}</a>
 			{%- else -%}
-			Anonymous {% if torrent.user and (viewer == torrent.user or viewer.is_moderator) %}(<a href="{{ user_url }}">{{ torrent.user.username }}</a>){% endif %}
+			Anonymous {% if torrent.user and (g.user == torrent.user or g.user.is_moderator) %}(<a href="{{ user_url }}">{{ torrent.user.username }}</a>){% endif %}
 			{%- endif -%}
-			{%- if viewer and viewer.is_superadmin and torrent.uploader_ip -%}
+			{%- if g.user and g.user.is_superadmin and torrent.uploader_ip -%}
 			({{ torrent.uploader_ip_string }})
 			{%- endif -%}
 			</div>
@@ -133,7 +133,7 @@
 <div class="panel panel-default">
 	<div class="panel-heading">
 		<h3 class="panel-title">
-			Comments - {{ comment_count }}
+			Comments - {{ comments|length }}
 		</h3>
 	</div>
 	{% for comment in comments %}
@@ -148,15 +148,15 @@
 					{% endif %}
 				</p>
 				<p>{{ comment.user.userlevel_str }}</p>
-				<p>
-					<img class="avatar" src="{{ comment.user.gravatar_url() }}">
-				</p>
+				<p><img class="avatar" src="{{ comment.user.gravatar_url() }}"></p>
 			</div>
 			<div class="col-md-10">
 				<div class="row">
-					<small>{{comment.created_time | timesince}}</small>
+					<small>{{ comment.created_time | timesince }}</small>
 					{% if g.user.is_moderator or g.user.id == comment.user_id %}
-					<div class="btn btn-danger btn-sm delete-btn" title="Delete" onclick='location.href = "{{ url_for('delete_comment', comment_id=comment.id, torrent_id=torrent.id)}}";'>Delete</div>
+					<form class="delete-comment-form" action="{{ url_for('delete_comment', torrent_id=torrent.id, comment_id=comment.id) }}" method="POST">
+						<button name="submit" type="submit" class="btn btn-danger btn-sm" title="Delete">Delete</button>
+					</form>
 					{% endif %}
 				</div>
 				<div class="row">
@@ -175,10 +175,10 @@
 		target.innerHTML = writer.render(parsed);
 	</script>
 	{% endfor %}
-	{% if g.user %}
-	<form method="POST" class="comment-box">
-		{{ form.csrf_token }}
-		{{ render_field(form.comment, class_='form-control') }}
+	{% if comment_form %}
+	<form action="{{ url_for('submit_comment', torrent_id=torrent.id) }}" method="POST" class="comment-box">
+		{{ comment_form.csrf_token }}
+		{{ render_field(comment_form.comment, class_='form-control') }}
 		<input type="submit" value="Submit" class="btn btn-success btn-sm">
 	</form>
 	{% endif %}
diff --git a/nyaa/torrents.py b/nyaa/torrents.py
index 648683f..3a466a9 100644
--- a/nyaa/torrents.py
+++ b/nyaa/torrents.py
@@ -14,6 +14,7 @@ USED_TRACKERS = OrderedSet()
 # Limit the amount of trackers added into .torrent files
 MAX_TRACKERS = 5
 
+
 def read_trackers_from_file(file_object):
     USED_TRACKERS.clear()
 

From 3fc347d049f9d7839a440fa040c9a67395c45026 Mon Sep 17 00:00:00 2001
From: nyaadev <nyaadev@users.noreply.github.com>
Date: Tue, 23 May 2017 00:04:27 +0200
Subject: [PATCH 9/9] Move posting comments to view_torrent to fix displaying
 form errors.

---
 nyaa/routes.py           | 66 +++++++++++++++++++---------------------
 nyaa/templates/view.html |  2 +-
 2 files changed, 33 insertions(+), 35 deletions(-)

diff --git a/nyaa/routes.py b/nyaa/routes.py
index ecc3df9..0168b2a 100644
--- a/nyaa/routes.py
+++ b/nyaa/routes.py
@@ -571,13 +571,16 @@ def upload():
         return flask.render_template('upload.html', upload_form=upload_form), status_code
 
 
-@app.route('/view/<int:torrent_id>')
+@app.route('/view/<int:torrent_id>', methods=['GET', 'POST'])
 def view_torrent(torrent_id):
-    torrent = models.Torrent.query \
-                            .options(joinedload('filelist'),
-                                     joinedload('comments')) \
-                            .filter_by(id=torrent_id) \
-                            .first()
+    if flask.request.method == 'POST':
+        torrent = models.Torrent.by_id(torrent_id)
+    else:
+        torrent = models.Torrent.query \
+                                .options(joinedload('filelist'),
+                                         joinedload('comments')) \
+                                .filter_by(id=torrent_id) \
+                                .first()
     if not torrent:
         flask.abort(404)
 
@@ -585,6 +588,29 @@ def view_torrent(torrent_id):
     if torrent.deleted and not (flask.g.user and flask.g.user.is_moderator):
         flask.abort(404)
 
+    comment_form = None
+    if flask.g.user:
+        comment_form = forms.CommentForm()
+
+    if flask.request.method == 'POST':
+        if not flask.g.user:
+            flask.abort(403)
+
+        if comment_form.validate():
+            comment_text = (comment_form.comment.data or '').strip()
+
+            comment = models.Comment(
+                torrent_id=torrent_id,
+                user_id=flask.g.user.id,
+                text=comment_text)
+
+            db.session.add(comment)
+            db.session.commit()
+
+            flask.flash('Comment successfully posted.', 'success')
+
+            return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
+
     # Only allow owners and admins to edit torrents
     can_edit = flask.g.user and (flask.g.user is torrent.user or flask.g.user.is_moderator)
 
@@ -592,10 +618,6 @@ def view_torrent(torrent_id):
     if torrent.filelist:
         files = json.loads(torrent.filelist.filelist_blob.decode('utf-8'))
 
-    comment_form = None
-    if flask.g.user:
-        comment_form = forms.CommentForm()
-
     return flask.render_template('view.html', torrent=torrent,
                                  files=files,
                                  comment_form=comment_form,
@@ -603,30 +625,6 @@ def view_torrent(torrent_id):
                                  can_edit=can_edit)
 
 
-@app.route('/view/<int:torrent_id>/comment', methods=['POST'])
-def submit_comment(torrent_id):
-    if not flask.g.user:
-        flask.abort(403)
-
-    torrent = models.Torrent.by_id(torrent_id)
-    if not torrent:
-        flask.abort(404)
-
-    form = forms.CommentForm(flask.request.form)
-    if form.validate():
-        comment_text = (form.comment.data or '').strip()
-
-        comment = models.Comment(
-            torrent_id=torrent_id,
-            user_id=flask.g.user.id,
-            text=comment_text)
-
-        db.session.add(comment)
-        db.session.commit()
-
-    return flask.redirect(flask.url_for('view_torrent', torrent_id=torrent_id))
-
-
 @app.route('/view/<int:torrent_id>/comment/<int:comment_id>/delete', methods=['POST'])
 def delete_comment(torrent_id, comment_id):
     if not flask.g.user:
diff --git a/nyaa/templates/view.html b/nyaa/templates/view.html
index a2d7c7e..3494703 100644
--- a/nyaa/templates/view.html
+++ b/nyaa/templates/view.html
@@ -176,7 +176,7 @@
 	</script>
 	{% endfor %}
 	{% if comment_form %}
-	<form action="{{ url_for('submit_comment', torrent_id=torrent.id) }}" method="POST" class="comment-box">
+	<form class="comment-box" method="POST">
 		{{ comment_form.csrf_token }}
 		{{ render_field(comment_form.comment, class_='form-control') }}
 		<input type="submit" value="Submit" class="btn btn-success btn-sm">