* forms: replace re._pattern_type with re.Pattern
Python 3.7 removed re._pattern_type and replaced it with
re.Pattern.
* readme: update for Python 3.7
* Update requirements
Also remove some unused ones which were neither a direct dependency
nor a dependency of our dependencies.
* account: force ASCII usernames on login form
Our database doesn't like it when we check for unicode data in
a column that stores ASCII data, so let's stop it before it
gets that far.
* Move travis CI to Python 3.7
* travis: use xenial dist
* fix newer linter warnings
Apparently bare excepts are literally Hitler, and we have some
new import sorting rules. Hooray!
* requirements: remove six
This is a dependency for sqlalchemy-utils, but we ourselves don't
depend on it directly because we've never been on Python 2 ever.
* Update requirements.txt
* Add trusted application functionality
This lets users apply for trusted status, given certain minimum
requirements. Moderators can then review the applications, giving
a recommendation, and administrators can accept or reject them.
If an application is accepted or rejected, the user receives an
e-mail about it.
Markdown images are not rendered in applications to prevent browsers
from sending automatic requests to untrusted webservers.
Users who have had their application rejected cannot re-apply for a set
amount of days.
* minor fixes
* Implement range bans
People connecting from banned IP ranges are unable to upload
torrents anonymously, and need to manually have their accounts
activated.
This adds a new table "rangebans", and a command line utility,
"rangeban.py", which can be used to add, list and remove rangebans
from the command line.
As an example:
./rangeban.py ban 192.168.0.0/24
This would rangeban anything in this /24.
The temporary_tor column allows automated scripts to clean out and
re-add ever-changing sets of ranges to be banned without affecting
the other ranges.
This has only been tested for IPv4.
* Revise Rangebans
Add an id column, and change "temporary_tor" to "temp". Also
index masked_cidr and mask.
* rangebans: fix enabled and the binary op
kill me
* Add enabling/disabling bans to rangeban.py
* rangebans: fail earlier on garbage arguments
* rangebans: fix linter errors
* rangeban.py: don't shadow builtin keyword 'id'
* rangebans: change temporary ban logic, column
The 'temp' column is now a nullable time column. If the field is
null, the ban is understood to be permanent. If there is a time
in there, it's understood to be the creation time of the ban.
This allows scripts to e.g. delete all temporary bans older than
a certain amount of time.
Also, rename the '_cidr_string' column to 'cidr_string', because
reasons.
* rangeban.py: use ip_address to parse CIDR subnet
* rangebans: fixes to the mask calculation and query
Both were not bugs per-se, but just technically not needed/correct.
* De-meme apparently
This tells users who are banned the reason that they are banned,
and doesn't show the same message for inactive users.
IP banned users are still just shown the boring 403 page.
Disables all POSTs, optionally allowing users to log in (without updating last login date)
Blocked POSTs will redirect to the GET endpoint if possible, otherwise to referrer or in last case, home page.
API requests will get a plaintext message with 405 status code.
* Replace all `from nyaa import app` imports with `app = flask.current_app` (or `from flask import current_app as app` where possible)
* Add a separate config object for top-level and class statements as `nyaa.extensions.config`
Required because those codes don't have app context at the time of evaluation/execution.
* Remove `routes.py` file and register all blueprints in `nyaa/__init__.py`
* Refactor `nyaa/__init__.py` into an app factory
* Update tools
* Update tests (temporary, will be replaced)