Adds a new config entry (EMAIL_SERVER_BLACKLIST, tuple of IPv4 addresses
as strings) and an email validator for registering, which will query all
the MX records for the domain and reject the registration if any of the
A records for any of the MX records are found in the blacklist.
If the query fails, the blacklist is ignored; the email is accepted.
* Implement range bans
People connecting from banned IP ranges are unable to upload
torrents anonymously, and need to manually have their accounts
activated.
This adds a new table "rangebans", and a command line utility,
"rangeban.py", which can be used to add, list and remove rangebans
from the command line.
As an example:
./rangeban.py ban 192.168.0.0/24
This would rangeban anything in this /24.
The temporary_tor column allows automated scripts to clean out and
re-add ever-changing sets of ranges to be banned without affecting
the other ranges.
This has only been tested for IPv4.
* Revise Rangebans
Add an id column, and change "temporary_tor" to "temp". Also
index masked_cidr and mask.
* rangebans: fix enabled and the binary op
kill me
* Add enabling/disabling bans to rangeban.py
* rangebans: fail earlier on garbage arguments
* rangebans: fix linter errors
* rangeban.py: don't shadow builtin keyword 'id'
* rangebans: change temporary ban logic, column
The 'temp' column is now a nullable time column. If the field is
null, the ban is understood to be permanent. If there is a time
in there, it's understood to be the creation time of the ban.
This allows scripts to e.g. delete all temporary bans older than
a certain amount of time.
Also, rename the '_cidr_string' column to 'cidr_string', because
reasons.
* rangeban.py: use ip_address to parse CIDR subnet
* rangebans: fixes to the mask calculation and query
Both were not bugs per-se, but just technically not needed/correct.
* De-meme apparently
* user page: add manual activation button for mods
Moderators can press this button on inactive users to manually
activate their accounts.
Furthermore, the admin form code has been refactored a bit, reducing
some code duplication.
* Implement comment locking
This adds a new flags to torrents, which is only editable by
moderators and admins. If checked, it does not allow unprivileged
users to post, edit or delete comments on that torrent.
* Rename "locked" to "comment_locked".
* Shorter button and additional words on alt text
* Admin log: Change comment locking message
dude I love bikeshedding xd
* Bikeshedding over admin log messages
* >&
Also some bikeshedding
This started out as a simple rebase, but then I rebased the wrong
branches and it all got confusing, so here it is as a new dank
commit.
We now have an @admin_only decorator, and we ask for confirmation
before we nuke. We can also see the nuke button when users are
banned, and nuking is a separate endpoint with a separate form.
Additionally, it now uses the new tracker API.
* Implement torrent nuking ability for mods
This deletes all torrents of a specific user.
A current caveat is that it will delete both sukebei and nyaa torrents,
but will only leave a log entry in the current flavour's log.
Also did some bootstrap untangling on the user view page.
* Per-flavour logging
Hopefully this works. Maybe.
* Tracker API: chunk into 100-element sublists
* isort
* Restrict nuking to superadmins
Also do a lint.sh.
* Implement upload ratelimit for non-trusted uploaders
Users may upload X torrents in Y minutes after which they
will have to wait Z minutes between uploads.
* Show torrent period count when ratelimited
* Only ratelimit new accounts
* Replace all `from nyaa import app` imports with `app = flask.current_app` (or `from flask import current_app as app` where possible)
* Add a separate config object for top-level and class statements as `nyaa.extensions.config`
Required because those codes don't have app context at the time of evaluation/execution.
* Remove `routes.py` file and register all blueprints in `nyaa/__init__.py`
* Refactor `nyaa/__init__.py` into an app factory
* Update tools
* Update tests (temporary, will be replaced)
url-list is supposed to be omitted in case of no webseeds,
but qB will instead use an empty bytestring '' as the value.
This commit makes the validation more lenient regarding url-list.
* Update isort settings
* Apply import sorting (isort) on all files in nyaa/
* Fixed Flake8 errors in nyaa/ (see PR for list)
* Add isort to lint.sh and requirements.txt
* Admin log added
* Add admin log to top bar
* Fixed some admin log bugs
* Remove comment_id column because comments die when they are killed
* Fix tabs in admin log template
* Fixed sort of admin logs to be created_time desc
* Fix navbar wrapping to a new line
when 992px <= width <= 1200px
* Put reports and admin log in "Admin" dropdown
Applied ./lint.sh fixes
Fixed long lines
* Updated log to be text instead of id based to account for future deletions
* Small fix in log message formatting
Added migration script!: remove sukebei_ lines if your local db does not have those.
Show users ip address on user page for superadmins.
Rename Admin to Moderator internally.
Moderators can now change user level to trusted.
Superadmins can make users moderator.
Improve changing user level.
Rename variables and reformats user/admin logic
Add an is_trusted field to upload and edit forms
Restructure fields on upload and edit pages
Add simple styling for checkboxes
Add titles (mouseover) for checkboxes with crude explanations
Show Anonymous checkbox during upload and check & disable it for guests
Show Trusted checkbox for users at or above Trusted level
Adjust description field rendering to show field label above it
Add title (mouseover) for edit icon on torrent page
Show uploader for admins on anonymous torrents
Show uploader for admins when editing others' torrents
This will allow most (if not all) torrents that have been rejected by 'Malformed torrent metadata (path part is empty)'
Adjusts _validate_bytes to disable empty check
Adds the empty check to file tree parsing