Remove coins from popovers, disable coin routes.
The last places coins were visible to non-admins were in user popovers and, potentially, via direct access of /@<username>/coins. These have been removed. Additionally, there are a number of routes which, despite being removed from the UI, were still operative and usable. These are disabled pending possible(?) future uses of coins.
This commit is contained in:
TLSM
Ben Rog-Wilhelm
parent
dbaf0a1bfd
commit
3e8904757a
6 changed files with 16 additions and 17 deletions
|
|
@ -25,7 +25,6 @@ function popclick(author) {
|
|||
popover.getElementsByClassName('pop-bio')[0].innerHTML = author["bio_html"]
|
||||
popover.getElementsByClassName('pop-postcount')[0].innerHTML = author["post_count"]
|
||||
popover.getElementsByClassName('pop-commentcount')[0].innerHTML = author["comment_count"]
|
||||
popover.getElementsByClassName('pop-coins')[0].innerHTML = author["coins"]
|
||||
popover.getElementsByClassName('pop-viewmore')[0].href = author["url"]
|
||||
popover.getElementsByClassName('pop-badges')[0].innerHTML = badges
|
||||
; }, 1);
|
||||
|
|
|
|||
|
|
@ -550,7 +550,6 @@ class User(Base):
|
|||
'profile_url': self.profile_url,
|
||||
'bannerurl': self.banner_url,
|
||||
'bio_html': self.bio_html_eager,
|
||||
'coins': self.coins,
|
||||
'post_count': 0 if self.shadowbanned and not (v and (v.shadowbanned or v.admin_level > 2)) else self.post_count,
|
||||
'comment_count': 0 if self.shadowbanned and not (v and (v.shadowbanned or v.admin_level > 2)) else self.comment_count,
|
||||
'badges': [x.path for x in self.badges],
|
||||
|
|
|
|||
|
|
@ -14,6 +14,8 @@ from copy import deepcopy
|
|||
@app.get("/settings/shop")
|
||||
@admin_level_required(2)
|
||||
def shop(v):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
AWARDS = deepcopy(AWARDS2)
|
||||
|
||||
for val in AWARDS.values(): val["owned"] = 0
|
||||
|
|
@ -32,6 +34,8 @@ def shop(v):
|
|||
@app.post("/buy/<award>")
|
||||
@auth_required
|
||||
def buy(v, award):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
if award == 'benefactor' and not request.values.get("mb"):
|
||||
return {"error": "You can only buy the Benefactor award with marseybux."}, 403
|
||||
|
||||
|
|
@ -123,6 +127,8 @@ def buy(v, award):
|
|||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@is_not_permabanned
|
||||
def award_post(pid, v):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
|
||||
|
||||
kind = request.values.get("kind", "").strip()
|
||||
|
|
@ -350,6 +356,8 @@ def award_post(pid, v):
|
|||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@is_not_permabanned
|
||||
def award_comment(cid, v):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
if v.shadowbanned: return render_template('errors/500.html', err=True, v=v), 500
|
||||
|
||||
kind = request.values.get("kind", "").strip()
|
||||
|
|
@ -573,6 +581,8 @@ def award_comment(cid, v):
|
|||
@app.get("/admin/awards")
|
||||
@admin_level_required(2)
|
||||
def admin_userawards_get(v):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
if v.admin_level != 3:
|
||||
return render_template("admin/awards.html", awards=list(AWARDS3.values()), v=v)
|
||||
|
||||
|
|
@ -582,6 +592,8 @@ def admin_userawards_get(v):
|
|||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@admin_level_required(2)
|
||||
def admin_userawards_post(v):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
try: u = request.values.get("username").strip()
|
||||
except: abort(404)
|
||||
|
||||
|
|
|
|||
|
|
@ -353,17 +353,12 @@ def downvoting(v, username):
|
|||
return render_template("voters.html", v=v, users=users[:25], pos=pos, name='Down', name2=f'Who @{username} downvotes')
|
||||
|
||||
|
||||
@app.get("/@<username>/coins")
|
||||
@auth_required
|
||||
def get_coins(v, username):
|
||||
user = get_user(username)
|
||||
if user != None: return {"coins": user.coins}, 200
|
||||
else: return {"error": "invalid_user"}, 404
|
||||
|
||||
@app.post("/@<username>/transfer_coins")
|
||||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@is_not_permabanned
|
||||
def transfer_coins(v, username):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
receiver = g.db.query(User).filter_by(username=username).one_or_none()
|
||||
|
||||
if receiver is None: return {"error": "That user doesn't exist."}, 404
|
||||
|
|
@ -398,6 +393,8 @@ def transfer_coins(v, username):
|
|||
@limiter.limit("1/second;30/minute;200/hour;1000/day")
|
||||
@is_not_permabanned
|
||||
def transfer_bux(v, username):
|
||||
abort(404) # disable entirely pending possible future use of coins
|
||||
|
||||
receiver = g.db.query(User).filter_by(username=username).one_or_none()
|
||||
|
||||
if not receiver: return {"error": "That user doesn't exist."}, 404
|
||||
|
|
|
|||
|
|
@ -30,10 +30,6 @@
|
|||
<strong class="pop-commentcount text-black"></strong>
|
||||
<span class="text-black">comments</span>
|
||||
</span>
|
||||
<span class="ml-3">
|
||||
<strong class="pop-coins text-black"></strong>
|
||||
<span class="text-black">coins</span>
|
||||
</span>
|
||||
|
||||
<a href="/" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} class="pop-viewmore ml-auto text-decoration-none">
|
||||
View
|
||||
|
|
|
|||
|
|
@ -33,10 +33,6 @@
|
|||
<strong class="pop-commentcount text-black"></strong>
|
||||
<span class="text-black">comments</span>
|
||||
</span>
|
||||
<span class="ml-3">
|
||||
<strong class="pop-coins text-black"></strong>
|
||||
<span class="text-black">coins</span>
|
||||
</span>
|
||||
|
||||
<a href="/" {% if v and v.newtab and not g.webview %}target="_blank"{% endif %} class="pop-viewmore ml-auto text-decoration-none">
|
||||
View
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue