skorotkiewicz/rDrama
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Solve blocking weaponization.

Browse source 
* allow anyone to reply to their blockers

* revert userblocks thing

* get rid of unnecessary template

* make blocking page accurate

* comment author things

* fix prev commit

* fix block page

* comma splice

Co-authored-by: Snakes <104547575+TLSM@users.noreply.github.com>
This commit is contained in:
justcool393 2022-12-17 09:11:51 -08:00 committed by GitHub
parent af31abd545
commit a213396854
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 27 additions and 71 deletions
Download patch file Download diff file Expand all files Collapse all files

18
files/routes/users.py
View file

@ -772,11 +772,7 @@ def visitors(v):
@app.get("/@<username>")
@auth_desired
def u_username(username, v=None):
u = get_user(username, v=v)
if username != u.username:
return redirect(SITE_FULL + request.full_path.replace(username, u.username)[:-1])
@ -803,12 +799,6 @@ def u_username(username, v=None):
if request.headers.get("Authorization") or request.headers.get("xhr"): abort(403, f"You are blocking @{u.username}.")
return render_template("userpage_blocking.html", u=u, v=v)
if v and v.admin_level < 2 and hasattr(u, 'is_blocked') and u.is_blocked:
if request.headers.get("Authorization") or request.headers.get("xhr"): abort(403, "This person is blocking you.")
return render_template("userpage_blocked.html", u=u, v=v)
sort = request.values.get("sort", "new")
t = request.values.get("t", "all")
try: page = max(int(request.values.get("page", 1)), 1)
@ -858,11 +848,8 @@ def u_username(username, v=None):
@app.get("/@<username>/comments")
@auth_desired
def u_username_comments(username, v=None):
user = get_user(username, v=v)
if username != user.username: return redirect(f'/@{user.username}/comments')
u = user
if u.reserved:
@ -880,11 +867,6 @@ def u_username_comments(username, v=None):
if request.headers.get("Authorization") or request.headers.get("xhr"): abort(403, f"You are blocking @{u.username}.")
return render_template("userpage_blocking.html", u=u, v=v)
if v and v.admin_level < 2 and hasattr(u, 'is_blocked') and u.is_blocked:
if request.headers.get("Authorization") or request.headers.get("xhr"): abort(403, "This person is blocking you.")
return render_template("userpage_blocked.html", u=u, v=v)
try: page = max(int(request.values.get("page", "1")), 1)
except: page = 1