Remove coins from popovers, disable coin routes.
The last places coins were visible to non-admins were in user popovers and, potentially, via direct access of /@<username>/coins. These have been removed. Additionally, there are a number of routes which, despite being removed from the UI, were still operative and usable. These are disabled pending possible(?) future uses of coins.
This commit is contained in:
TLSM
Ben Rog-Wilhelm
parent
dbaf0a1bfd
commit
3e8904757a
6 changed files with 16 additions and 17 deletions
|
|
@ -25,7 +25,6 @@ function popclick(author) {
|
||||||
popover.getElementsByClassName('pop-bio')[0].innerHTML = author["bio_html"]
|
popover.getElementsByClassName('pop-bio')[0].innerHTML = author["bio_html"]
|
||||||
popover.getElementsByClassName('pop-postcount')[0].innerHTML = author["post_count"]
|
popover.getElementsByClassName('pop-postcount')[0].innerHTML = author["post_count"]
|
||||||
popover.getElementsByClassName('pop-commentcount')[0].innerHTML = author["comment_count"]
|
popover.getElementsByClassName('pop-commentcount')[0].innerHTML = author["comment_count"]
|
||||||
popover.getElementsByClassName('pop-coins')[0].innerHTML = author["coins"]
|
|
||||||
popover.getElementsByClassName('pop-viewmore')[0].href = author["url"]
|
popover.getElementsByClassName('pop-viewmore')[0].href = author["url"]
|
||||||
popover.getElementsByClassName('pop-badges')[0].innerHTML = badges
|
popover.getElementsByClassName('pop-badges')[0].innerHTML = badges
|
||||||
; }, 1);
|
; }, 1);
|
||||||
|
|
|
||||||
|
|
@ -550,7 +550,6 @@ class User(Base):
|
||||||
'profile_url': self.profile_url,
|
'profile_url': self.profile_url,
|
||||||
'bannerurl': self.banner_url,
|
'bannerurl': self.banner_url,
|
||||||
'bio_html': self.bio_html_eager,
|
'bio_html': self.bio_html_eager,
|
||||||
'coins': self.coins,
|
|
||||||
'post_count': 0 if self.shadowbanned and not (v and (v.shadowbanned or v.admin_level > 2)) else self.post_count,
|
'post_count': 0 if self.shadowbanned and not (v and (v.shadowbanned or v.admin_level > 2)) else self.post_count,
|
||||||
'comment_count': 0 if self.shadowbanned and not (v and (v.shadowbanned or v.admin_level > 2)) else self.comment_count,
|
'comment_count': 0 if self.shadowbanned and not (v and (v.shadowbanned or v.admin_level > 2)) else self.comment_count,
|
||||||
'badges': [x.path for x in self.badges],
|
'badges': [x.path for x in self.badges],
|
||||||
|
|
|
||||||
|
|
@ -14,6 +14,8 @@ from copy import deepcopy
|
||||||
@app.get("/settings/shop")
|
@app.get("/settings/shop")
|
||||||
@admin_level_required(2)
|
@admin_level_required(2)
|
||||||
def shop(v):
|
def shop(v):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
AWARDS = deepcopy(AWARDS2)
|
AWARDS = deepcopy(AWARDS2)
|
||||||
|
|
||||||
for val in AWARDS.values(): val["owned"] = 0
|
for val in AWARDS.values(): val["owned"] = 0
|
||||||
|
|
@ -32,6 +34,8 @@ def shop(v):
|
||||||
@app.post("/buy/<award>")
|
@app.post("/buy/<award>")
|
||||||
@auth_required
|
@auth_required
|
||||||
def buy(v, award):
|
def buy(v, award):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
if award == 'benefactor' and not request.values.get("mb"):
|
if award == 'benefactor' and not request.values.get("mb"):
|
||||||
return {"error": "You can only buy the Benefactor award with marseybux."}, 403
|
return {"error": "You can only buy the Benefactor award with marseybux."}, 403
|
||||||
|
|
||||||
|
|
@ -123,6 +127,8 @@ def buy(v, award):
|
||||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||||
@is_not_permabanned
|
@is_not_permabanned
|
||||||
def award_post(pid, v):
|
def award_post(pid, v):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
|
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
|
||||||
|
|
||||||
kind = request.values.get("kind", "").strip()
|
kind = request.values.get("kind", "").strip()
|
||||||
|
|
@ -350,6 +356,8 @@ def award_post(pid, v):
|
||||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||||
@is_not_permabanned
|
@is_not_permabanned
|
||||||
def award_comment(cid, v):
|
def award_comment(cid, v):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
|
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
|
||||||
|
|
||||||
kind = request.values.get("kind", "").strip()
|
kind = request.values.get("kind", "").strip()
|
||||||
|
|
@ -573,6 +581,8 @@ def award_comment(cid, v):
|
||||||
@app.get("/admin/awards")
|
@app.get("/admin/awards")
|
||||||
@admin_level_required(2)
|
@admin_level_required(2)
|
||||||
def admin_userawards_get(v):
|
def admin_userawards_get(v):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
if v.admin_level != 3:
|
if v.admin_level != 3:
|
||||||
return render_template("admin/awards.html", awards=list(AWARDS3.values()), v=v)
|
return render_template("admin/awards.html", awards=list(AWARDS3.values()), v=v)
|
||||||
|
|
||||||
|
|
@ -582,6 +592,8 @@ def admin_userawards_get(v):
|
||||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||||
@admin_level_required(2)
|
@admin_level_required(2)
|
||||||
def admin_userawards_post(v):
|
def admin_userawards_post(v):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
try: u = request.values.get("username").strip()
|
try: u = request.values.get("username").strip()
|
||||||
except: abort(404)
|
except: abort(404)
|
||||||
|
|
||||||
|
|
|
||||||
|
|
@ -353,17 +353,12 @@ def downvoting(v, username):
|
||||||
return render_template("voters.html", v=v, users=users[:25], pos=pos, name='Down', name2=f'Who @{username} downvotes')
|
return render_template("voters.html", v=v, users=users[:25], pos=pos, name='Down', name2=f'Who @{username} downvotes')
|
||||||
|
|
||||||
|
|
||||||
@app.get("/@<username>/coins")
|
|
||||||
@auth_required
|
|
||||||
def get_coins(v, username):
|
|
||||||
user = get_user(username)
|
|
||||||
if user != None: return {"coins": user.coins}, 200
|
|
||||||
else: return {"error": "invalid_user"}, 404
|
|
||||||
|
|
||||||
@app.post("/@<username>/transfer_coins")
|
@app.post("/@<username>/transfer_coins")
|
||||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||||
@is_not_permabanned
|
@is_not_permabanned
|
||||||
def transfer_coins(v, username):
|
def transfer_coins(v, username):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
receiver = g.db.query(User).filter_by(username=username).one_or_none()
|
receiver = g.db.query(User).filter_by(username=username).one_or_none()
|
||||||
|
|
||||||
if receiver is None: return {"error": "That user doesn't exist."}, 404
|
if receiver is None: return {"error": "That user doesn't exist."}, 404
|
||||||
|
|
@ -398,6 +393,8 @@ def transfer_coins(v, username):
|
||||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||||
@is_not_permabanned
|
@is_not_permabanned
|
||||||
def transfer_bux(v, username):
|
def transfer_bux(v, username):
|
||||||
|
abort(404) # disable entirely pending possible future use of coins
|
||||||
|
|
||||||
receiver = g.db.query(User).filter_by(username=username).one_or_none()
|
receiver = g.db.query(User).filter_by(username=username).one_or_none()
|
||||||
|
|
||||||
if not receiver: return {"error": "That user doesn't exist."}, 404
|
if not receiver: return {"error": "That user doesn't exist."}, 404
|
||||||
|
|
|
||||||
|
|
@ -30,10 +30,6 @@
|
||||||
<strong class="pop-commentcount text-black"></strong>
|
<strong class="pop-commentcount text-black"></strong>
|
||||||
<span class="text-black">comments</span>
|
<span class="text-black">comments</span>
|
||||||
</span>
|
</span>
|
||||||
<span class="ml-3">
|
|
||||||
<strong class="pop-coins text-black"></strong>
|
|
||||||
<span class="text-black">coins</span>
|
|
||||||
</span>
|
|
||||||
|
|
||||||
<a href="/" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} class="pop-viewmore ml-auto text-decoration-none">
|
<a href="/" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} class="pop-viewmore ml-auto text-decoration-none">
|
||||||
View
|
View
|
||||||
|
|
|
||||||
|
|
@ -33,10 +33,6 @@
|
||||||
<strong class="pop-commentcount text-black"></strong>
|
<strong class="pop-commentcount text-black"></strong>
|
||||||
<span class="text-black">comments</span>
|
<span class="text-black">comments</span>
|
||||||
</span>
|
</span>
|
||||||
<span class="ml-3">
|
|
||||||
<strong class="pop-coins text-black"></strong>
|
|
||||||
<span class="text-black">coins</span>
|
|
||||||
</span>
|
|
||||||
|
|
||||||
<a href="/" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} class="pop-viewmore ml-auto text-decoration-none">
|
<a href="/" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} class="pop-viewmore ml-auto text-decoration-none">
|
||||||
View
|
View
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue