mirror of
https://github.com/TitanEmbeds/Titan.git
synced 2024-12-24 14:07:03 +01:00
Administrator can now disable misbehaving servers
This commit is contained in:
parent
6c4b850669
commit
bf47f9457c
@ -0,0 +1,32 @@
|
||||
"""Added disabled guilds table
|
||||
|
||||
Revision ID: f146d173e028
|
||||
Revises: d5dcee6894fa
|
||||
Create Date: 2018-01-05 07:36:58.561149
|
||||
|
||||
"""
|
||||
|
||||
# revision identifiers, used by Alembic.
|
||||
revision = 'f146d173e028'
|
||||
down_revision = 'd5dcee6894fa'
|
||||
branch_labels = None
|
||||
depends_on = None
|
||||
|
||||
from alembic import op
|
||||
import sqlalchemy as sa
|
||||
|
||||
|
||||
def upgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.create_table('disabled_guilds',
|
||||
sa.Column('id', sa.Integer(), nullable=False),
|
||||
sa.Column('guild_id', sa.String(length=255), nullable=False),
|
||||
sa.PrimaryKeyConstraint('id')
|
||||
)
|
||||
# ### end Alembic commands ###
|
||||
|
||||
|
||||
def downgrade():
|
||||
# ### commands auto generated by Alembic - please adjust! ###
|
||||
op.drop_table('disabled_guilds')
|
||||
# ### end Alembic commands ###
|
@ -1,7 +1,7 @@
|
||||
from flask import Blueprint, url_for, redirect, session, render_template, abort, request, jsonify
|
||||
from flask_socketio import emit
|
||||
from functools import wraps
|
||||
from titanembeds.database import db, get_administrators_list, Cosmetics, Guilds, UnauthenticatedUsers, UnauthenticatedBans, TitanTokens, TokenTransactions, get_titan_token, set_titan_token
|
||||
from titanembeds.database import db, get_administrators_list, Cosmetics, Guilds, UnauthenticatedUsers, UnauthenticatedBans, TitanTokens, TokenTransactions, get_titan_token, set_titan_token, list_disabled_guilds, DisabledGuilds
|
||||
from titanembeds.oauth import generate_guild_icon_url
|
||||
import datetime
|
||||
import json
|
||||
@ -267,3 +267,30 @@ def patch_titan_tokens():
|
||||
abort(409)
|
||||
set_titan_token(user_id, amount, "MODIFY VIA ADMIN [{}]".format(str(reason)))
|
||||
return ('', 204)
|
||||
|
||||
@admin.route("/disabled_guilds", methods=["GET"])
|
||||
@is_admin
|
||||
def get_disabled_guilds():
|
||||
return render_template("admin_disabled_guilds.html.j2", guilds=list_disabled_guilds())
|
||||
|
||||
@admin.route("/disabled_guilds", methods=["POST"])
|
||||
@is_admin
|
||||
def post_disabled_guilds():
|
||||
guild_id = request.form.get("guild_id", None)
|
||||
if guild_id in list_disabled_guilds():
|
||||
abort(409)
|
||||
guild = DisabledGuilds(guild_id)
|
||||
db.session.add(guild)
|
||||
db.session.commit()
|
||||
return ('', 204)
|
||||
|
||||
@admin.route("/disabled_guilds", methods=["DELETE"])
|
||||
@is_admin
|
||||
def delete_disabled_guilds():
|
||||
guild_id = request.form.get("guild_id", None)
|
||||
if guild_id not in list_disabled_guilds():
|
||||
abort(409)
|
||||
guild = db.session.query(DisabledGuilds).filter(DisabledGuilds.guild_id == guild_id).first()
|
||||
db.session.delete(guild)
|
||||
db.session.commit()
|
||||
return ('', 204)
|
@ -1,5 +1,5 @@
|
||||
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, AuthenticatedUsers, GuildMembers, Messages, get_channel_messages, list_all_guild_members, get_guild_member, get_administrators_list, get_badges
|
||||
from titanembeds.decorators import valid_session_required, discord_users_only
|
||||
from titanembeds.decorators import valid_session_required, discord_users_only, abort_if_guild_disabled
|
||||
from titanembeds.utils import check_guild_existance, guild_accepts_visitors, guild_query_unauth_users_bool, get_client_ipaddr, discord_api, rate_limiter, channel_ratelimit_key, guild_ratelimit_key, user_unauthenticated, checkUserRevoke, checkUserBanned, update_user_status, check_user_in_guild, get_guild_channels, guild_webhooks_enabled, guild_unauthcaptcha_enabled, get_member_roles
|
||||
from titanembeds.oauth import user_has_permission, generate_avatar_url, check_user_can_administrate_guild
|
||||
from flask import Blueprint, abort, jsonify, session, request, url_for
|
||||
@ -163,6 +163,7 @@ def get_channel_webhook_url(guild_id, channel_id):
|
||||
|
||||
@api.route("/fetch", methods=["GET"])
|
||||
@valid_session_required(api=True)
|
||||
@abort_if_guild_disabled()
|
||||
@rate_limiter.limit("2 per 2 second", key_func = channel_ratelimit_key)
|
||||
def fetch():
|
||||
guild_id = request.args.get("guild_id")
|
||||
@ -193,6 +194,7 @@ def fetch():
|
||||
return response
|
||||
|
||||
@api.route("/fetch_visitor", methods=["GET"])
|
||||
@abort_if_guild_disabled()
|
||||
@rate_limiter.limit("2 per 2 second", key_func = channel_ratelimit_key)
|
||||
def fetch_visitor():
|
||||
guild_id = request.args.get("guild_id")
|
||||
@ -215,6 +217,7 @@ def fetch_visitor():
|
||||
|
||||
@api.route("/post", methods=["POST"])
|
||||
@valid_session_required(api=True)
|
||||
@abort_if_guild_disabled()
|
||||
@rate_limiter.limit("1 per 5 second", key_func = channel_ratelimit_key)
|
||||
def post():
|
||||
guild_id = request.form.get("guild_id")
|
||||
@ -285,6 +288,7 @@ def verify_captcha_request(captcha_response, ip_address):
|
||||
|
||||
@api.route("/create_unauthenticated_user", methods=["POST"])
|
||||
@rate_limiter.limit("3 per 30 minute", key_func=guild_ratelimit_key)
|
||||
@abort_if_guild_disabled()
|
||||
def create_unauthenticated_user():
|
||||
session['unauthenticated'] = True
|
||||
username = request.form['username']
|
||||
@ -326,6 +330,7 @@ def create_unauthenticated_user():
|
||||
|
||||
@api.route("/change_unauthenticated_username", methods=["POST"])
|
||||
@rate_limiter.limit("1 per 10 minute", key_func=guild_ratelimit_key)
|
||||
@abort_if_guild_disabled()
|
||||
def change_unauthenticated_username():
|
||||
username = request.form['username']
|
||||
guild_id = request.form['guild_id']
|
||||
@ -381,6 +386,7 @@ def process_query_guild(guild_id, visitor=False):
|
||||
|
||||
@api.route("/query_guild", methods=["GET"])
|
||||
@valid_session_required(api=True)
|
||||
@abort_if_guild_disabled()
|
||||
def query_guild():
|
||||
guild_id = request.args.get('guild_id')
|
||||
if check_guild_existance(guild_id):
|
||||
@ -390,6 +396,7 @@ def query_guild():
|
||||
abort(404)
|
||||
|
||||
@api.route("/query_guild_visitor", methods=["GET"])
|
||||
@abort_if_guild_disabled()
|
||||
def query_guild_visitor():
|
||||
guild_id = request.args.get('guild_id')
|
||||
if check_guild_existance(guild_id):
|
||||
@ -400,6 +407,7 @@ def query_guild_visitor():
|
||||
|
||||
@api.route("/create_authenticated_user", methods=["POST"])
|
||||
@discord_users_only(api=True)
|
||||
@abort_if_guild_disabled()
|
||||
def create_authenticated_user():
|
||||
guild_id = request.form.get('guild_id')
|
||||
if session['unauthenticated']:
|
||||
|
@ -2,7 +2,7 @@ from flask import Blueprint, render_template, abort, redirect, url_for, session,
|
||||
from flask_babel import gettext
|
||||
from titanembeds.utils import check_guild_existance, guild_query_unauth_users_bool, guild_accepts_visitors, guild_unauthcaptcha_enabled
|
||||
from titanembeds.oauth import generate_guild_icon_url, generate_avatar_url
|
||||
from titanembeds.database import db, Guilds, UserCSS
|
||||
from titanembeds.database import db, Guilds, UserCSS, list_disabled_guilds
|
||||
from config import config
|
||||
import random
|
||||
import json
|
||||
@ -65,6 +65,7 @@ def guild_embed(guild_id):
|
||||
}
|
||||
customcss = get_custom_css()
|
||||
return render_template("embed.html.j2",
|
||||
disabled=guild_id in list_disabled_guilds(),
|
||||
login_greeting=get_logingreeting(),
|
||||
guild_id=guild_id,
|
||||
guild=guild_dict,
|
||||
|
@ -3,7 +3,7 @@ from flask import current_app as app
|
||||
from flask_socketio import emit
|
||||
from config import config
|
||||
from titanembeds.decorators import discord_users_only
|
||||
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, Cosmetics, UserCSS, Patreon, set_titan_token, get_titan_token, add_badge
|
||||
from titanembeds.database import db, Guilds, UnauthenticatedUsers, UnauthenticatedBans, Cosmetics, UserCSS, Patreon, set_titan_token, get_titan_token, add_badge, list_disabled_guilds
|
||||
from titanembeds.oauth import authorize_url, token_url, make_authenticated_session, get_current_authenticated_user, get_user_managed_servers, check_user_can_administrate_guild, check_user_permission, generate_avatar_url, generate_guild_icon_url, generate_bot_invite_url
|
||||
import time
|
||||
import datetime
|
||||
@ -218,11 +218,13 @@ def administrate_guild(guild_id):
|
||||
"discordio": db_guild.discordio if db_guild.discordio != None else "",
|
||||
"guest_icon": db_guild.guest_icon if db_guild.guest_icon != None else "",
|
||||
}
|
||||
return render_template("administrate_guild.html.j2", guild=dbguild_dict, members=users, permissions=permissions, cosmetics=cosmetics)
|
||||
return render_template("administrate_guild.html.j2", guild=dbguild_dict, members=users, permissions=permissions, cosmetics=cosmetics, disabled=(guild_id in list_disabled_guilds()))
|
||||
|
||||
@user.route("/administrate_guild/<guild_id>", methods=["POST"])
|
||||
@discord_users_only()
|
||||
def update_administrate_guild(guild_id):
|
||||
if guild_id in list_disabled_guilds():
|
||||
return ('', 423)
|
||||
if not check_user_can_administrate_guild(guild_id):
|
||||
abort(403)
|
||||
db_guild = db.session.query(Guilds).filter(Guilds.guild_id == guild_id).first()
|
||||
@ -316,6 +318,8 @@ def ban_unauthenticated_user():
|
||||
guild_id = request.form.get("guild_id", None)
|
||||
user_id = request.form.get("user_id", None)
|
||||
reason = request.form.get("reason", None)
|
||||
if guild_id in list_disabled_guilds():
|
||||
return ('', 423)
|
||||
if reason is not None:
|
||||
reason = reason.strip()
|
||||
if reason == "":
|
||||
@ -342,6 +346,8 @@ def ban_unauthenticated_user():
|
||||
def unban_unauthenticated_user():
|
||||
guild_id = request.args.get("guild_id", None)
|
||||
user_id = request.args.get("user_id", None)
|
||||
if guild_id in list_disabled_guilds():
|
||||
return ('', 423)
|
||||
if not guild_id or not user_id:
|
||||
abort(400)
|
||||
if not check_user_permission(guild_id, 2):
|
||||
@ -362,6 +368,8 @@ def unban_unauthenticated_user():
|
||||
def revoke_unauthenticated_user():
|
||||
guild_id = request.form.get("guild_id", None)
|
||||
user_id = request.form.get("user_id", None)
|
||||
if guild_id in list_disabled_guilds():
|
||||
return ('', 423)
|
||||
if not guild_id or not user_id:
|
||||
abort(400)
|
||||
if not check_user_permission(guild_id, 1):
|
||||
|
@ -14,6 +14,7 @@ from .administrators import Administrators, get_administrators_list
|
||||
from .titan_tokens import TitanTokens, get_titan_token
|
||||
from .token_transactions import TokenTransactions
|
||||
from .patreon import Patreon
|
||||
from .disabled_guilds import DisabledGuilds, list_disabled_guilds
|
||||
|
||||
def set_titan_token(user_id, amt_change, action):
|
||||
token_count = get_titan_token(user_id)
|
||||
|
16
webapp/titanembeds/database/disabled_guilds.py
Normal file
16
webapp/titanembeds/database/disabled_guilds.py
Normal file
@ -0,0 +1,16 @@
|
||||
from titanembeds.database import db
|
||||
|
||||
class DisabledGuilds(db.Model):
|
||||
__tablename__ = "disabled_guilds"
|
||||
id = db.Column(db.Integer, primary_key=True) # Auto increment id
|
||||
guild_id = db.Column(db.String(255), nullable=False) # Server id that is disabled
|
||||
|
||||
def __init__(self, guild_id):
|
||||
self.guild_id = guild_id
|
||||
|
||||
def list_disabled_guilds():
|
||||
q = db.session.query(DisabledGuilds).all()
|
||||
their_ids = []
|
||||
for guild in q:
|
||||
their_ids.append(guild.guild_id)
|
||||
return their_ids
|
@ -1,5 +1,6 @@
|
||||
from functools import wraps
|
||||
from flask import url_for, redirect, session, jsonify, abort
|
||||
from flask import url_for, redirect, session, jsonify, abort, request
|
||||
from titanembeds.database import list_disabled_guilds
|
||||
|
||||
def valid_session_required(api=False):
|
||||
def decorator(f):
|
||||
@ -26,3 +27,14 @@ def discord_users_only(api=False):
|
||||
return f(*args, **kwargs)
|
||||
return decorated_function
|
||||
return decorator
|
||||
|
||||
def abort_if_guild_disabled():
|
||||
def decorator(f):
|
||||
@wraps(f)
|
||||
def decorated_function(*args, **kwargs):
|
||||
guild_id = request.args.get("guild_id", None)
|
||||
if guild_id in list_disabled_guilds():
|
||||
return ('', 423)
|
||||
return f(*args, **kwargs)
|
||||
return decorated_function
|
||||
return decorator
|
57
webapp/titanembeds/static/js/admin_disabled_guilds.js
Normal file
57
webapp/titanembeds/static/js/admin_disabled_guilds.js
Normal file
@ -0,0 +1,57 @@
|
||||
/* global $, Materialize, location */
|
||||
|
||||
function postForm(guild_id) {
|
||||
var funct = $.ajax({
|
||||
dataType: "json",
|
||||
method: "POST",
|
||||
data: {"guild_id": guild_id}
|
||||
});
|
||||
return funct.promise();
|
||||
}
|
||||
|
||||
function deleteForm(guild_id) {
|
||||
var funct = $.ajax({
|
||||
dataType: "json",
|
||||
method: "DELETE",
|
||||
data: {"guild_id": guild_id}
|
||||
});
|
||||
return funct.promise();
|
||||
}
|
||||
|
||||
$(function() {
|
||||
$("#new_submit").click(function () {
|
||||
var guild_id = $("#new_guild_id").val();
|
||||
if (guild_id.length < 1) {
|
||||
Materialize.toast("The server ID field can't be blank!", 2000);
|
||||
return;
|
||||
}
|
||||
var formPost = postForm(guild_id);
|
||||
formPost.done(function (data) {
|
||||
location.reload();
|
||||
});
|
||||
formPost.fail(function (data) {
|
||||
if (data.status == 409) {
|
||||
Materialize.toast('This server id already exists!', 10000);
|
||||
} else {
|
||||
Materialize.toast('Oh no! Something has failed submitting a new entry!', 10000);
|
||||
}
|
||||
});
|
||||
});
|
||||
});
|
||||
|
||||
function delete_guild(guild_id) {
|
||||
var confirmation = confirm("Are you sure that you want to reenable server?");
|
||||
if (confirmation) {
|
||||
var formDelete = deleteForm(guild_id);
|
||||
formDelete.done(function (data) {
|
||||
location.reload();
|
||||
});
|
||||
formDelete.fail(function (data) {
|
||||
if (data.status == 409) {
|
||||
Materialize.toast('This server id does not exists!', 10000);
|
||||
} else {
|
||||
Materialize.toast('Oh no! Something has failed deleting this server entry!', 10000);
|
||||
}
|
||||
});
|
||||
}
|
||||
}
|
@ -16,6 +16,7 @@
|
||||
/* global linkify */
|
||||
/* global unauth_captcha_enabled */
|
||||
/* global soundManager */
|
||||
/* global disabled */
|
||||
|
||||
(function () {
|
||||
const theme_options = ["DiscordDark", "BetterTitan"]; // All the avaliable theming names
|
||||
@ -290,6 +291,11 @@
|
||||
}
|
||||
});
|
||||
|
||||
if (disabled) {
|
||||
Materialize.toast('This server is currently disabled. If you are an administrator of this server, please get in touch with a TitanEmbeds team member to lift the ban.', 100000);
|
||||
return;
|
||||
}
|
||||
|
||||
primeEmbed();
|
||||
setInterval(send_socket_heartbeat, 5000);
|
||||
if (getParameterByName("username")) {
|
||||
|
58
webapp/titanembeds/templates/admin_disabled_guilds.html.j2
Normal file
58
webapp/titanembeds/templates/admin_disabled_guilds.html.j2
Normal file
@ -0,0 +1,58 @@
|
||||
{% extends 'site_layout.html.j2' %}
|
||||
{% set title="Editing Disabled Servers" %}
|
||||
|
||||
{% block content %}
|
||||
<h1>Administrating Disabled Servers</h1>
|
||||
|
||||
<div class="row">
|
||||
<div class="col s12">
|
||||
<div class="card-panel indigo lighten-5 z-depth-3 hoverable black-text">
|
||||
<p class="flow-text">Add an entry</p>
|
||||
<table class="bordered striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Server ID</th>
|
||||
<th>Submit</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
<tr>
|
||||
<td>
|
||||
<div class="input-field inline">
|
||||
<input id="new_guild_id" placeholder="Server ID">
|
||||
</div>
|
||||
</td>
|
||||
<td>
|
||||
<a class="waves-effect waves-light btn" id="new_submit">Submit</a>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
|
||||
<div class="col s12">
|
||||
<div class="card-panel indigo lighten-5 z-depth-3 hoverable black-text">
|
||||
<table class="bordered striped">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>Remove</th>
|
||||
<th>Server ID</th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for guild in guilds %}
|
||||
<tr>
|
||||
<td><a class="waves-effect waves-light btn red" onclick="delete_guild('{{ guild }}');">Remove</a></td>
|
||||
<td>{{ guild }}</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
</table>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
||||
{% block script %}
|
||||
<script type="text/javascript" src="{{ url_for('static', filename='js/admin_disabled_guilds.js') }}"></script>
|
||||
{% endblock %}
|
@ -27,5 +27,12 @@
|
||||
<a class="waves-effect waves-light btn" href="{{ url_for('admin.manage_titan_tokens') }}">Manage</a>
|
||||
</div>
|
||||
</div>
|
||||
<div class="col s12">
|
||||
<div class="card-panel indigo lighten-5 z-depth-3 hoverable black-text">
|
||||
<h4>Disabled Servers</h4>
|
||||
<p class="flow-text">Block or reinstate servers from using Titan Embeds.</p>
|
||||
<a class="waves-effect waves-light btn" href="{{ url_for('admin.get_disabled_guilds') }}">Manage</a>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock %}
|
@ -18,6 +18,19 @@
|
||||
|
||||
<div class="row">
|
||||
|
||||
{% if disabled %}
|
||||
<div class="col s12">
|
||||
<div class="card horizontal red-text red lighten-5 z-depth-3 hoverable">
|
||||
<div class="card-stacked">
|
||||
<div class="card-content">
|
||||
<strong class="flow-text">This server is currently disabled on the platform.</strong>
|
||||
<p>You will not be able to embed the server for the time being. To have this action lifted, <em>please see an administrator</em>.</p>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
</div>
|
||||
{% endif %}
|
||||
|
||||
<div class="col s12">
|
||||
<h2 class="header">Embed URLs</h2>
|
||||
<div class="card horizontal black-text indigo lighten-5 z-depth-3 hoverable">
|
||||
|
@ -371,6 +371,7 @@
|
||||
{% endraw %}
|
||||
|
||||
<script>
|
||||
const disabled = {{ disabled|tojson|safe }};
|
||||
const guild_id = "{{ guild_id }}";
|
||||
const bot_client_id = "{{ client_id }}";
|
||||
const visitors_enabled = {% if visitors_enabled %}true{% else %}false{% endif %};
|
||||
|
Loading…
Reference in New Issue
Block a user