From d540a4888b098a72a8e29c2e1dd3aa1f559df6d8 Mon Sep 17 00:00:00 2001 From: Jeremy Zhang Date: Fri, 15 Jun 2018 00:13:09 +0000 Subject: [PATCH] Only db commit on requests that change the database --- webapp/titanembeds/app.py | 1 - webapp/titanembeds/blueprints/admin/admin.py | 10 ++++++++++ webapp/titanembeds/blueprints/api/api.py | 17 +++++++++++++---- webapp/titanembeds/blueprints/user/user.py | 9 +++++++++ webapp/titanembeds/utils.py | 1 + 5 files changed, 33 insertions(+), 5 deletions(-) diff --git a/webapp/titanembeds/app.py b/webapp/titanembeds/app.py index fb72eb4..7966335 100644 --- a/webapp/titanembeds/app.py +++ b/webapp/titanembeds/app.py @@ -29,7 +29,6 @@ app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False # Suppress the warning/no app.config['RATELIMIT_HEADERS_ENABLED'] = True app.config['SQLALCHEMY_POOL_RECYCLE'] = 100 app.config['SQLALCHEMY_POOL_SIZE'] = 15 -app.config['SQLALCHEMY_COMMIT_ON_TEARDOWN'] = True app.config['RATELIMIT_STORAGE_URL'] = config["redis-uri"] app.config['PERMANENT_SESSION_LIFETIME'] = timedelta(days=3) app.config['REDIS_URL'] = config["redis-uri"] diff --git a/webapp/titanembeds/blueprints/admin/admin.py b/webapp/titanembeds/blueprints/admin/admin.py index 0695828..3f70d3f 100644 --- a/webapp/titanembeds/blueprints/admin/admin.py +++ b/webapp/titanembeds/blueprints/admin/admin.py @@ -68,6 +68,7 @@ def cosmetics_post(): badges = [] user.badges = json.dumps(badges) db.session.add(user) + db.session.commit() return ('', 204) @admin.route("/cosmetics", methods=["DELETE"]) @@ -80,6 +81,7 @@ def cosmetics_delete(): if not entry: abort(409) db.session.delete(entry) + db.session.commit() return ('', 204) @admin.route("/cosmetics", methods=["PATCH"]) @@ -108,6 +110,7 @@ def cosmetics_patch(): if badges == [""]: badges = [] entry.badges = json.dumps(badges) + db.session.commit() return ('', 204) def prepare_guild_members_list(members, bans): @@ -204,6 +207,7 @@ def update_administrate_guild(guild_id): if guest_icon != None and guest_icon.strip() == "": guest_icon = None db_guild.guest_icon = guest_icon + db.session.commit() emit("guest_icon_change", {"guest_icon": guest_icon if guest_icon else url_for('static', filename='img/titanembeds_square.png')}, room="GUILD_"+guild_id, namespace="/gateway") return jsonify( guild_id=db_guild.guild_id, @@ -262,6 +266,7 @@ def post_titan_tokens(): if get_titan_token(user_id) != -1: abort(409) set_titan_token(user_id, amount, "NEW VIA ADMIN [{}]".format(str(reason))) + db.session.commit() return ('', 204) @admin.route("/tokens", methods=["PATCH"]) @@ -275,6 +280,7 @@ def patch_titan_tokens(): if get_titan_token(user_id) == -1: abort(409) set_titan_token(user_id, amount, "MODIFY VIA ADMIN [{}]".format(str(reason))) + db.session.commit() return ('', 204) @admin.route("/disabled_guilds", methods=["GET"]) @@ -290,6 +296,7 @@ def post_disabled_guilds(): abort(409) guild = DisabledGuilds(guild_id) db.session.add(guild) + db.session.commit() return ('', 204) @admin.route("/disabled_guilds", methods=["DELETE"]) @@ -300,6 +307,7 @@ def delete_disabled_guilds(): abort(409) guild = db.session.query(DisabledGuilds).filter(DisabledGuilds.guild_id == guild_id).first() db.session.delete(guild) + db.session.commit() return ('', 204) @admin.route("/custom_css", methods=["GET"]) @@ -344,6 +352,7 @@ def edit_custom_css_post(css_id): dbcss.css = css dbcss.css_variables = variables dbcss.css_var_bool = variables_enabled + db.session.commit() return jsonify({"id": dbcss.id}) @admin.route("/custom_css/edit/", methods=["DELETE"]) @@ -353,6 +362,7 @@ def edit_custom_css_delete(css_id): if not dbcss: abort(404) db.session.delete(dbcss) + db.session.commit() return jsonify({}) @admin.route("/custom_css/new", methods=["GET"]) diff --git a/webapp/titanembeds/blueprints/api/api.py b/webapp/titanembeds/blueprints/api/api.py index 357f008..97d4084 100644 --- a/webapp/titanembeds/blueprints/api/api.py +++ b/webapp/titanembeds/blueprints/api/api.py @@ -330,6 +330,7 @@ def post(): else: message = discord_api.create_message(channel_id, content) status_code = message['code'] + db.session.commit() response = jsonify(message=message.get('content', message), status=status, illegal_reasons=illegal_reasons) response.status_code = status_code return response @@ -366,6 +367,7 @@ def create_unauthenticated_user(): captcha_response = request.form['captcha_response'] if not verify_captcha_request(captcha_response, request.remote_addr): abort(412) + final_response = None if not checkUserBanned(guild_id, ip_address): session['username'] = username if 'user_id' not in session or len(str(session["user_id"])) > 4: @@ -379,12 +381,14 @@ def create_unauthenticated_user(): session['user_keys'][guild_id] = key session.permanent = False status = update_user_status(guild_id, username, key) - return jsonify(status=status) + final_response = jsonify(status=status) else: status = {'banned': True} response = jsonify(status=status) response.status_code = 403 - return response + final_response = response + db.session.commit() + return final_response @api.route("/change_unauthenticated_username", methods=["POST"]) @rate_limiter.limit("1 per 10 minute", key_func=guild_ratelimit_key) @@ -402,6 +406,7 @@ def change_unauthenticated_username(): abort(404) if not guild_query_unauth_users_bool(guild_id): abort(401) + final_response = None if not checkUserBanned(guild_id, ip_address): if 'user_keys' not in session or guild_id not in session['user_keys'] or not session['unauthenticated']: abort(424) @@ -415,12 +420,14 @@ def change_unauthenticated_username(): session['user_keys'][guild_id] = key status = update_user_status(guild_id, username, key) emit("embed_user_disconnect", emitmsg, room="GUILD_"+guild_id, namespace="/gateway") - return jsonify(status=status) + final_response = jsonify(status=status) else: status = {'banned': True} response = jsonify(status=status) response.status_code = 403 - return response + final_response = response + db.session.commit() + return final_response def get_guild_guest_icon(guild_id): guest_icon = db.session.query(Guilds).filter(Guilds.guild_id == guild_id).first().guest_icon @@ -487,6 +494,7 @@ def create_authenticated_user(): if not db_user: db_user = AuthenticatedUsers(guild_id, session['user_id']) db.session.add(db_user) + db.session.commit() status = update_user_status(guild_id, session['username']) return jsonify(status=status) else: @@ -550,6 +558,7 @@ def webhook_discordbotsorg_vote(): pass DBLTrans = DiscordBotsOrgTransactions(int(user_id), vote_type, referrer) db.session.add(DBLTrans) + db.session.commit() return ('', 204) @api.route("/af/direct_message", methods=["POST"]) diff --git a/webapp/titanembeds/blueprints/user/user.py b/webapp/titanembeds/blueprints/user/user.py index 90de16f..1ccb188 100644 --- a/webapp/titanembeds/blueprints/user/user.py +++ b/webapp/titanembeds/blueprints/user/user.py @@ -165,6 +165,7 @@ def edit_custom_css_post(css_id): dbcss.css = css dbcss.css_variables = variables dbcss.css_var_bool = variables_enabled + db.session.commit() return jsonify({"id": dbcss.id}) @user.route("/custom_css/edit/", methods=["DELETE"]) @@ -179,6 +180,7 @@ def edit_custom_css_delete(css_id): if dbcss.user_id != session['user_id']: abort(403) db.session.delete(dbcss) + db.session.commit() return jsonify({}) @user.route("/administrate_guild/", methods=["GET"]) @@ -252,6 +254,7 @@ def update_administrate_guild(guild_id): guest_icon = None db_guild.guest_icon = guest_icon + db.session.commit() emit("guest_icon_change", {"guest_icon": guest_icon if guest_icon else url_for('static', filename='img/titanembeds_square.png')}, room="GUILD_"+guild_id, namespace="/gateway") return jsonify( guild_id=db_guild.guild_id, @@ -339,6 +342,7 @@ def ban_unauthenticated_user(): db.session.delete(db_ban) db_ban = UnauthenticatedBans(guild_id, db_user.ip_address, db_user.username, db_user.discriminator, reason, session["user_id"]) db.session.add(db_ban) + db.session.commit() return ('', 204) @user.route("/ban", methods=["DELETE"]) @@ -361,6 +365,7 @@ def unban_unauthenticated_user(): if db_ban.lifter_id is not None: abort(409) db_ban.liftBan(session["user_id"]) + db.session.commit() return ('', 204) @user.route("/revoke", methods=["POST"]) @@ -380,6 +385,7 @@ def revoke_unauthenticated_user(): if db_user.isRevoked(): abort(409) db_user.revokeUser() + db.session.commit() return ('', 204) @user.route('/donate', methods=["GET"]) @@ -440,6 +446,7 @@ def donate_confirm(): set_titan_token(session["user_id"], tokens, action) session["tokens"] = get_titan_token(session["user_id"]) add_badge(session["user_id"], "supporter") + db.session.commit() return redirect(url_for('user.donate_thanks', transaction=trans_id)) else: return redirect(url_for('index')) @@ -482,6 +489,7 @@ def donate_patch(): entry = Cosmetics(session["user_id"]) entry.guest_icon = True db.session.add(entry) + db.session.commit() return ('', 204) @user.route("/patreon") @@ -564,6 +572,7 @@ def patreon_sync_post(): set_titan_token(session["user_id"], usr["titan"]["eligible_tokens"], "PATREON {} [{}]".format(usr["attributes"]["full_name"], usr["id"])) add_badge(session["user_id"], "supporter") session["tokens"] = get_titan_token(session["user_id"]) + db.session.commit() return ('', 204) @user.route("/patreon/thanks") diff --git a/webapp/titanembeds/utils.py b/webapp/titanembeds/utils.py index 98b1b2c..7c4f7a5 100644 --- a/webapp/titanembeds/utils.py +++ b/webapp/titanembeds/utils.py @@ -145,6 +145,7 @@ def update_user_status(guild_id, username, user_key=None): if dbUser.username != username or dbUser.ip_address != ip_address: dbUser.username = username dbUser.ip_address = ip_address + db.session.commit() else: status = { 'authenticated': True,