From d354b0713df7fc1c2146a7ac69d5d7d068280b89 Mon Sep 17 00:00:00 2001 From: DinoInNameOnly Date: Fri, 14 Oct 2022 00:48:12 -0700 Subject: [PATCH] Allow search and other pages for logged out users --- files/routes/front.py | 6 ++---- files/routes/search.py | 28 ++++++++++++++-------------- files/routes/static.py | 31 +++++++++++-------------------- files/routes/users.py | 12 ++++-------- 4 files changed, 31 insertions(+), 46 deletions(-) diff --git a/files/routes/front.py b/files/routes/front.py index 58dedf2d0..6004df8b5 100644 --- a/files/routes/front.py +++ b/files/routes/front.py @@ -467,8 +467,7 @@ def changeloglist(v=None, sort="new", page=1, t="all", site=None): @app.get("/random_post") -@auth_required -def random_post(v): +def random_post(): p = g.db.query(Submission.id).filter(Submission.deleted_utc == 0, Submission.is_banned == False, Submission.private == False).order_by(func.random()).first() @@ -479,8 +478,7 @@ def random_post(v): @app.get("/random_user") -@auth_required -def random_user(v): +def random_user(): u = g.db.query(User.username).order_by(func.random()).first() if u: u = u[0] diff --git a/files/routes/search.py b/files/routes/search.py index 3de310ec4..56204467c 100644 --- a/files/routes/search.py +++ b/files/routes/search.py @@ -32,8 +32,7 @@ def searchparse(text): @app.get("/search/posts") -@auth_required -def searchposts(v): +def searchposts(v=None): query = request.values.get("q", '').strip() @@ -57,18 +56,19 @@ def searchposts(v): posts = g.db.query(Submission.id) - if not v.paid_dues: posts = posts.filter_by(club=False) + if not (v and v.paid_dues): posts = posts.filter_by(club=False) - if v.admin_level < 2: + if v and v.admin_level < 2: posts = posts.filter(Submission.deleted_utc == 0, Submission.is_banned == False, Submission.private == False, Submission.author_id.notin_(v.userblocks)) - + elif not v: + posts = posts.filter(Submission.deleted_utc == 0, Submission.is_banned == False, Submission.private == False) if 'author' in criteria: posts = posts.filter(Submission.ghost == False) author = get_user(criteria['author']) if not author: return {"error": "User not found"} - if author.is_private and author.id != v.id and v.admin_level < 2 and not v.eye: + if author.is_private and (not v or (author.id != v.id and v.admin_level < 2 and not v.eye)): if request.headers.get("Authorization"): return {"error": f"@{author.username}'s profile is private; You can't use the 'author' syntax on them"} return render_template("search.html", @@ -174,8 +174,7 @@ def searchposts(v): ) @app.get("/search/comments") -@auth_required -def searchcomments(v): +def searchcomments(v=None): query = request.values.get("q", '').strip() @@ -194,7 +193,7 @@ def searchcomments(v): comments = comments.filter(Comment.ghost == False) author = get_user(criteria['author']) if not author: return {"error": "User not found"} - if author.is_private and author.id != v.id and v.admin_level < 2 and not v.eye: + if author.is_private and (not v or (author.id != v.id and v.admin_level < 2 and not v.eye)): if request.headers.get("Authorization"): return {"error": f"@{author.username}'s profile is private; You can't use the 'author' syntax on them"} @@ -227,13 +226,15 @@ def searchcomments(v): comments = comments.filter(Comment.created_utc >= cutoff) - if v.admin_level < 2: + if v and v.admin_level < 2: private = [x[0] for x in g.db.query(Submission.id).filter(Submission.private == True).all()] - comments = comments.filter(Comment.author_id.notin_(v.userblocks), Comment.is_banned==False, Comment.deleted_utc == 0, Comment.parent_submission.notin_(private)) + elif not v: + private = [x[0] for x in g.db.query(Submission.id).filter(Submission.private == True).all()] + comments = comments.filter(Comment.is_banned==False, Comment.deleted_utc == 0, Comment.parent_submission.notin_(private)) - if not v.paid_dues: + if not (v and v.paid_dues): club = [x[0] for x in g.db.query(Submission.id).filter(Submission.club == True).all()] comments = comments.filter(Comment.parent_submission.notin_(club)) @@ -265,8 +266,7 @@ def searchcomments(v): @app.get("/search/users") -@auth_required -def searchusers(v): +def searchusers(v=None): query = request.values.get("q", '').strip() diff --git a/files/routes/static.py b/files/routes/static.py index ae471844e..f25936304 100644 --- a/files/routes/static.py +++ b/files/routes/static.py @@ -58,9 +58,8 @@ def support(v): return render_template('support.html', v=v) @app.get("/stats") -@auth_required @cache.memoize(timeout=86400, make_name=make_name) -def participation_stats(v): +def participation_stats(v=None): day = int(time.time()) - 86400 @@ -114,15 +113,13 @@ def chart(): @app.get("/weekly_chart") -@auth_required -def weekly_chart(v): +def weekly_chart(): file = cached_chart(kind="weekly", site=SITE) f = send_file(file) return f @app.get("/daily_chart") -@auth_required -def daily_chart(v): +def daily_chart(): file = cached_chart(kind="daily", site=SITE) f = send_file(file) return f @@ -207,8 +204,7 @@ def patrons(v): @app.get("/admins") @app.get("/badmins") -@auth_required -def admins(v): +def admins(v=None): if v and v.admin_level > 2: admins = g.db.query(User).filter(User.admin_level>1).order_by(User.truecoins.desc()).all() admins += g.db.query(User).filter(User.admin_level==1).order_by(User.truecoins.desc()).all() @@ -218,8 +214,8 @@ def admins(v): @app.get("/log") @app.get("/modlog") -@auth_required -def log(v): + +def log(v=None): try: page = max(int(request.values.get("page", 1)), 1) except: page = 1 @@ -259,8 +255,7 @@ def log(v): return render_template("log.html", v=v, admins=admins, types=types, admin=admin, type=kind, actions=actions, next_exists=next_exists, page=page) @app.get("/log/") -@auth_required -def log_item(id, v): +def log_item(id, v=None): try: id = int(id) except: abort(404) @@ -278,15 +273,13 @@ def log_item(id, v): @app.get("/api") -@auth_required -def api(v): +def api(v=None): return render_template("api.html", v=v) @app.get("/contact") @app.get("/press") @app.get("/media") -@auth_required -def contact(v): +def contact(v=None): return render_template("contact.html", v=v) @@ -415,15 +408,13 @@ def blocks(v): return render_template("blocks.html", v=v, users=users, targets=targets) @app.get("/banned") -@auth_required -def banned(v): +def banned(v=None): users = [x for x in g.db.query(User).filter(User.is_banned > 0, User.unban_utc == 0).all()] return render_template("banned.html", v=v, users=users) @app.get("/formatting") -@auth_required -def formatting(v): +def formatting(v=None): return render_template("formatting.html", v=v) diff --git a/files/routes/users.py b/files/routes/users.py index c10f427a9..9189478c7 100644 --- a/files/routes/users.py +++ b/files/routes/users.py @@ -751,26 +751,22 @@ def api_is_available(name): return {name: True} @app.get("/id/") -@auth_required -def user_id(id, v): +def user_id(id): user = get_account(id) return redirect(user.url) @app.get("/u/") -@auth_required -def redditor_moment_redirect(username, v): +def redditor_moment_redirect(username): return redirect(f"/@{username}") @app.get("/@/followers") -@auth_required -def followers(username, v): +def followers(username, v=None): u = get_user(username, v=v) users = g.db.query(User).join(Follow, Follow.target_id == u.id).filter(Follow.user_id == User.id).order_by(Follow.created_utc).all() return render_template("followers.html", v=v, u=u, users=users) @app.get("/@/following") -@auth_required -def following(username, v): +def following(username, v=None): u = get_user(username, v=v) users = g.db.query(User).join(Follow, Follow.user_id == u.id).filter(Follow.target_id == User.id).order_by(Follow.created_utc).all() return render_template("following.html", v=v, u=u, users=users)