Move post/comment ID boilerplate inside getters.

Borrows code from the upstream which has been working in production reliably for ~months. Also, most of it was literally copy-pasted, and the casted ID values aren't used later in the route functions.
2022-11-05 18:40:30 -04:00 · 2022-11-05 18:40:30 -04:00 · c85cd469a1
commit c85cd469a1
parent 1018cf3412
6 changed files with 10 additions and 36 deletions
--- a/files/helpers/get.py
+++ b/files/helpers/get.py
@ -113,6 +113,10 @@ def get_account(id, v=None):


 def get_post(i, v=None, graceful=False):
+	try: i = int(i)
+	except:
+		if graceful: return None
+		else: abort(404)

 	if v:
 		vt = g.db.query(Vote).filter_by(
@ -201,6 +205,10 @@ def get_posts(pids, v=None):
 	return sorted(output, key=lambda x: pids.index(x.id))

 def get_comment(i, v=None, graceful=False):
+	try: i = int(i)
+	except:
+		if graceful: return None
+		abort(404)

 	if v:

--- a/files/helpers/jinja2.py
+++ b/files/helpers/jinja2.py
@ -7,10 +7,6 @@ from files.helpers.assetcache import assetcache_path

@app.template_filter("post_embed")
 def post_embed(id, v):
-
-	try: id = int(id)
-	except: return None
-	
 	p = get_post(id, v, graceful=True)
 	
 	if p: return render_template("submission_listing.html", listing=[p], v=v)
--- a/files/routes/comments.py
+++ b/files/routes/comments.py
@ -52,10 +52,6 @@ def pusher_thread(interests, c, username):
 # @app.get("/h/<sub>/post/<pid>/<anything>/<cid>")
@auth_desired
 def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
-
-	try: cid = int(cid)
-	except: abort(404)
-
 	comment = get_comment(cid, v=v)

 	if v and request.values.get("read"):
@ -75,9 +71,6 @@ def post_pid_comment_cid(cid, pid=None, anything=None, v=None, sub=None):
 		if comment.parent_submission: pid = comment.parent_submission
 		else: pid = 1

-	try: pid = int(pid)
-	except: abort(404)
-	
 	post = get_post(pid, v=v)
 	
 	if post.over_18 and not (v and v.over_18) and not session.get('over_18', 0) >= int(time.time()):
--- a/files/routes/posts.py
+++ b/files/routes/posts.py
@ -129,14 +129,6 @@ def submit_get(v, sub=None):
 # @app.get("/h/<sub>/post/<pid>/<anything>")
@auth_desired
 def post_id(pid, anything=None, v=None, sub=None):
-
-	try: pid = int(pid)
-	except Exception as e: pass
-
-
-	try: pid = int(pid)
-	except: abort(404)
-
 	post = get_post(pid, v=v)

 	if post.over_18 and not (v and v.over_18) and session.get('over_18', 0) < int(time.time()):
@ -276,8 +268,6 @@ def post_id(pid, anything=None, v=None, sub=None):
@limiter.limit("1/second;30/minute;200/hour;1000/day")
@auth_desired
 def viewmore(v, pid, sort, offset):
-	try: pid = int(pid)
-	except: abort(400)
 	post = get_post(pid, v=v)
 	if post.club and not (v and (v.paid_dues or v.id == post.author_id)): abort(403)

--- a/files/routes/subs.py
+++ b/files/routes/subs.py
@ -9,9 +9,6 @@ from .front import frontlist
@app.post("/exile/post/<pid>")
@is_not_permabanned
 def exile_post(v, pid):
-	try: pid = int(pid)
-	except: abort(400)
-
 	p = get_post(pid)
 	sub = p.sub
 	if not sub: abort(400)
@ -37,9 +34,6 @@ def exile_post(v, pid):
@app.post("/exile/comment/<cid>")
@is_not_permabanned
 def exile_comment(v, cid):
-	try: cid = int(cid)
-	except: abort(400)
-
 	c = get_comment(cid)
 	sub = c.post.sub
 	if not sub: abort(400)
@ -268,9 +262,6 @@ def create_sub2(v):
@app.post("/kick/<pid>")
@is_not_permabanned
 def kick(v, pid):
-	try: pid = int(pid)
-	except: abort(400)
-
 	post = get_post(pid)

 	if not post.sub: abort(403)
--- a/files/routes/votes.py
+++ b/files/routes/votes.py
@ -65,8 +65,6 @@ def api_vote_post(post_id, new, v):
 	new = int(new)

 	# get the post
-	try: post_id = int(post_id)
-	except: abort(404)
 	post = get_post(post_id)

 	# get the old vote, if we have one
@ -135,8 +133,6 @@ def api_vote_comment(comment_id, new, v):
 	new = int(new)

 	# get the comment
-	try: comment_id = int(comment_id)
-	except: abort(404)
 	comment = get_comment(comment_id)

 	# get the old vote, if we have one