API tools faq
paste
Guest User

Untitled

a guest
Mar 5th, 2018
118
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Python 7.65 KB | None | 0 0
raw download clone embed print report
  1. '''Operations that affect multiple boards or the entire site,
  2. e.g., transferring and merging threads.'''
  3.  
  4. import time
  5.  
  6. import config
  7. import strings
  8. import board
  9. import staff
  10. import staff_interface
  11. import model
  12. import util
  13. import str_format
  14. import misc
  15. from template import Template
  16. from util import WakaError
  17.  
  18. from sqlalchemy.sql import case, or_, and_, select, func, null
  19.  
  20. # First-Time Setup
  21.  
  22. def do_first_time_setup(admin, username, password):
  23.     # Checks.
  24.     if admin != staff.crypt_pass(config.ADMIN_PASS):
  25.         return staff_interface.make_first_time_setup_gateway()
  26.     if not username:
  27.         raise WakaError('Missing username.')
  28.     if not password:
  29.         raise WakaError('Missing password.')
  30.  
  31.     staff.add_staff(username, password, staff.ADMIN, [])
  32.     return util.make_http_forward(misc.get_secure_script_name()
  33.                                   + "?task=loginpanel",
  34.                                   config.ALTERNATE_REDIRECT)
  35.  
  36. # Bans and Whitelists
  37.  
  38. def add_admin_entry(admin, option, comment, ip='', mask='255.255.255.255',
  39.                     sval1='', total='', expiration=0, caller=''):
  40.     staff.check_password(admin)
  41.  
  42.     session = model.Session()
  43.     table = model.admin
  44.  
  45.     ival1 = ival2 = 0
  46.  
  47.     if not comment:
  48.         raise WakaError(strings.COMMENT_A_MUST)
  49.     if option in ('ipban', 'whitelist'):
  50.         if not ip:
  51.             raise WakaError('IP address required.')
  52.         if not mask:
  53.             mask = '255.255.255.255'
  54.         # Convert to decimal.
  55.         (ival1, ival2) = (misc.dot_to_dec(ip), misc.dot_to_dec(mask))
  56.         sql = table.select().where(table.c.type == option)
  57.         query = session.execute(sql)
  58.  
  59.         for row in query:
  60.             if row.ival1 & row.ival2 == ival1 & ival2:
  61.                 raise WakaError('IP address and mask match ban #%d.' % \
  62.                                 (row.num))
  63.     else:
  64.         if not sval1:
  65.             raise WakaError(STRINGFIELDMISSING)
  66.         sql = table.select().where(and_(table.c.sval1 == sval1,
  67.                                         table.c.type == option))
  68.         row = session.execute(sql).fetchone()
  69.  
  70.         if row:
  71.             raise WakaError('Duplicate String in ban #%d.' % (row.num))
  72.  
  73.     comment = str_format.clean_string(\
  74.         str_format.decode_string(comment, config.CHARSET))
  75.     expiration = int(expiration)
  76.     if expiration:
  77.         expiration = expiration + time.time()
  78.  
  79.     sql = table.insert().values(type=option, comment=comment, ival1=ival1,
  80.                                 ival2=ival2, sval1=sval1, total=total,
  81.                                 expiration=expiration)
  82.     session.execute(sql)
  83.  
  84.     add_htaccess_entry(ip)
  85.  
  86.     # TODO: Log this.
  87.  
  88.     forward_url = ''.join([misc.get_secure_script_name(), '?task=bans'])
  89.  
  90.     return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
  91.  
  92. def remove_admin_entry(admin, num, override_log=False, no_redirect=False):
  93.     staff.check_password(admin)
  94.  
  95.     session = model.Session()
  96.     table = model.admin
  97.     sql = table.select().where(table.c.num == num)
  98.     row = session.execute(sql).fetchone()
  99.  
  100.     if row:
  101.         if row['total']:
  102.             ip = misc.dec_to_dot(row['ival'])
  103.             remove_htaccess_entry(ip)
  104.  
  105.         sql = table.delete().where(table.c.num == num)
  106.         session.execute(sql)
  107.  
  108.     return util.make_http_forward('%s?task=bans' % \
  109.                                   (misc.get_secure_script_name()))
  110.  
  111. def add_htaccess_entry(ip):
  112.     pass
  113.  
  114. def remove_htaccess_entry(ip):
  115.     pass
  116.  
  117. def ban_check(numip, name, subject, comment):
  118.     '''This function raises an exception if the IP address is banned, or
  119.    the post contains a forbidden (non-spam) string. It otherwise returns
  120.    nothing.'''
  121.  
  122.     session = model.Session()
  123.     table = model.admin
  124.  
  125.     # IP Banned?
  126.     sql = table.select().where(and_(table.c.type == 'ipban',
  127.                                     table.c.ival1.op('&')(table.c.ival2) \
  128.                                         == table.c.ival2.op('&')(numip)))
  129.     ip_row = session.execute(sql).fetchone()
  130.  
  131.     if ip_row:
  132.         raise WakaError('Address %s banned. Reason: %s' % \
  133.             (misc.dec_to_dot(numip), ip_row.comment))
  134.    
  135.     # To determine possible string bans, first normalize input to lowercase.
  136.     comment = comment.lower()
  137.     subject = subject.lower()
  138.     name = name.lower()
  139.  
  140.     sql = select([table.c.sval1], table.c.type == 'wordban')
  141.     query = session.execute(sql)
  142.  
  143.     for row in query:
  144.         bad_string = row.sval1.lower()
  145.         if comment.count(bad_string) or subject.count(bad_string) or \
  146.             name.count(bad_string):
  147.             raise WakaError(strings.STRREF)
  148.  
  149. def mark_resolved(admin, delete, caller, post_dict):
  150.     user = staff.check_password(admin)
  151.  
  152.     referer = environ['HTTP_REFERER']
  153.  
  154.     errors = []
  155.     board = None
  156.     for (board_name, posts) in post_dict.iteritems():
  157.         if user.account == staff.MODERATOR and board_name not in user.reign:
  158.             errors.append({'error' : '/%s/*: Sorry, you lack access rights.'\
  159.                                      % (board_name)})
  160.             continue
  161.  
  162.         for post in posts:
  163.             session = model.Session()
  164.             table = model.report
  165.             sql = table.select().where(and_(table.c.postnum == post,
  166.                                             table.c.board == board_name))
  167.             row = session.execute(sql).fetchone()
  168.             if not row:
  169.                 errors.append({'error' : '/%s/%d: Report not found.'\
  170.                                          % (board_name, post)})
  171.                 continue
  172.  
  173.             sql = table.delete().where(and_(table.c.postnum == post,
  174.                                             table.c.board == board_name))
  175.             session.execute(sql)
  176.  
  177.         if delete:
  178.             try:
  179.                 board = Board(board_name)
  180.             except WakaError:
  181.                 errors.append({'error' : '/%s/*: Error loading board.'\
  182.                                          % (board_name)})
  183.                 continue
  184.             board.delete_stuff(posts, '', False, False, admin=admin)
  185.  
  186.     # TODO: Staff logging
  187.  
  188.     if caller != 'internal':
  189.         # TODO: This probably should be refactored into StaffInterface.
  190.         return Template('report_resolved', errors=errors,
  191.                                            error_occurred=len(errors)>0,
  192.                                            admin=admin,
  193.                                            username=user.username,
  194.                                            type=user.account,
  195.                                            boards_select=user.reign,
  196.                                            referer=referer)
  197.  
  198. def flood_check(ip, timestamp, comment, file, no_repeat, report_check):
  199.     pass
  200.  
  201. # TODO: Implement edit_admin_entry().
  202.  
  203. def trim_reported_posts(date=0):
  204.     mintime = 0
  205.     if date:
  206.         mintime = time.time() - date
  207.     elif config.REPORT_RETENTION:
  208.         mintime = time.time() - config.REPORT_RETENTION
  209.  
  210.     if mintime > 0:
  211.         session = model.Session()
  212.         table = model.report
  213.         sql = table.delete().where(table.c.timestamp <= mintime)
  214.         session.execute(sql)
  215.  
  216. def update_spam_file(admin, spam):
  217.     user = staff.check_password(admin)
  218.     if user.account == staff.MODERATOR:
  219.         raise WakaError(strings.INUSUFFICENTPRIVLEDGES)
  220.  
  221.     # Dump all contents to first spam file.
  222.     with open(config.SPAM_FILES[0], 'w') as f:
  223.         f.write(spam)
  224.  
  225.     forward_url = ''.join([misc.get_secure_script_name(), '?task=spam'])
  226.     return util.make_http_forward(forward_url, config.ALTERNATE_REDIRECT)
  227.  
  228. # Thread Transfer
  229.  
  230. # Advanced Administration
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!