diff --git a/closedverse_main/admin.py b/closedverse_main/admin.py index 331779d..43d818d 100644 --- a/closedverse_main/admin.py +++ b/closedverse_main/admin.py @@ -47,7 +47,7 @@ def Enable_user(modeladmin, request, queryset): queryset.update(is_active = True) class UserAdmin(BaseUserAdmin): - search_fields = ('id', 'username', 'nickname', 'email', 'addr', 'signup_addr') + search_fields = ('id', 'username', 'nickname', ) list_display = ('id', 'username', 'nickname', 'level', 'is_active', 'is_staff', 'is_superuser') actions = [Disable_user, Enable_user] raw_id_fields = ('role', ) @@ -111,56 +111,75 @@ class InvitesAdmin(admin.ModelAdmin): actions = [Void_invite, Restore_invite] class ComplaintAdmin(admin.ModelAdmin): - search_fields = ('id', 'body', ) + search_fields = ('body', 'creator__username', ) raw_id_fields = ('creator', ) + list_display = ('creator', 'type', 'body', ) class ConversationAdmin(admin.ModelAdmin): - search_fields = ('id', ) + search_fields = ('id', 'source__username', 'target__username') raw_id_fields = ('source', 'target', ) + list_display = ('source', 'target', ) class PostAdmin(admin.ModelAdmin): raw_id_fields = ('creator', 'poll', ) search_fields = ('id', 'body', 'creator__username', ) list_display = ('id', 'creator', 'body', 'is_rm', ) actions = [Hide_content, Show_content, Disable_comments, Enable_comments] - def get_queryset(self, request): - return models.Post.real.get_queryset() class CommentAdmin(admin.ModelAdmin): raw_id_fields = ('creator', 'original_post', ) search_fields = ('id', 'body', 'creator__username', ) list_display = ('id', 'creator', 'body', 'original_post', 'is_rm', ) actions = [Hide_content, Show_content] - def get_queryset(self, request): - return models.Comment.real.get_queryset() class CommunityAdmin(admin.ModelAdmin): raw_id_fields = ('creator', ) list_display = ('id', 'name', 'description', 'type', 'creator', 'popularity', 'is_rm', 'is_feature', 'require_auth') search_fields = ('id', 'name', 'description', ) actions = [Hide_content, Show_content, Feature_community, Unfeature_community, force_login, unforce_login] - def get_queryset(self, request): - return models.Community.real.get_queryset() + list_filter = ('type', 'is_rm', 'is_feature', 'require_auth') class MessageAdmin(admin.ModelAdmin): raw_id_fields = ('creator', 'conversation', ) search_fields = ('id', 'body', 'creator__username', ) - list_display = ('id', 'creator', 'conversation', 'body', ) + list_display = ('created', 'creator', 'conversation', 'body', 'is_rm', ) actions = [Hide_content, Show_content] - def get_queryset(self, request): - return models.Message.real.get_queryset() class NotificationAdmin(admin.ModelAdmin): + def combined_display(self, obj): + # not needed but it looks cool + parts = [] + if obj.context_post: + parts.append(f"Post: {obj.context_post}") + if obj.context_comment: + parts.append(f"Comment: {obj.context_comment}") + if obj.context_warning: + parts.append(f"Warning: {obj.context_warning.reason}") + return ', '.join(parts) or 'No content found, Warning this will throw an error.' + combined_display.short_description = 'Content' raw_id_fields = ('to', 'source', 'context_post', 'context_comment',) search_fields = ('to__username', 'source__username', 'context_post__body', 'context_comment__body',) - list_display = ('id', 'to', 'source', 'context_post', 'context_comment',) + list_display = ('id', 'to', 'source', 'combined_display',) class AuditAdmin(admin.ModelAdmin): + def combined_display(self, obj): + # not needed but it looks cool + parts = [] + if obj.post: + parts.append(f"Post: {obj.post}") + if obj.comment: + parts.append(f"Comment: {obj.comment}") + if obj.community: + parts.append(f"Community: {obj.community}") + return ', '.join(parts) or 'N/A' + combined_display.short_description = 'Affected content' raw_id_fields = ('by', 'user', 'post', 'comment', 'community', 'reversed_by', ) + list_display = ('by', 'user', 'type', 'combined_display', ) search_fields = ('by__username', 'user__username', 'post__body', 'comment__body', 'community__name', ) class AdsAdmin(admin.ModelAdmin): - raw_id_fileds = ('id', 'created', 'url', 'imageurl') + list_display = ('url', 'imageurl', ) + search_fields = ('url', 'imageurl', ) class YeahAdmin(admin.ModelAdmin): raw_id_fields = ('by', 'post', 'comment', ) @@ -200,6 +219,11 @@ class LoginAdmin(admin.ModelAdmin): list_display = ('user', 'addr', 'user_agent', ) search_fields = ('user__username', 'addr', 'user_agent', ) +class WarningAdmin(admin.ModelAdmin): + raw_id_fields = ('by', 'to') + list_display = ('by', 'to', 'reason', ) + search_fields = ('by__username', 'to__username', 'reason', ) + admin.site.register(models.Role, RoleAdmin) admin.site.register(models.User, UserAdmin) admin.site.register(models.Profile, ProfileAdmin) @@ -214,14 +238,15 @@ admin.site.register(models.UserBlock) admin.site.register(models.AuditLog, AuditAdmin) admin.site.register(models.ProfileHistory, HistoryAdmin) -admin.site.register(models.Yeah) +admin.site.register(models.Yeah, YeahAdmin) admin.site.register(models.Follow) admin.site.register(models.FriendRequest) admin.site.register(models.Post, PostAdmin) admin.site.register(models.Comment, CommentAdmin) admin.site.register(models.Ads, AdsAdmin) admin.site.register(models.Ban, BanAdmin) -admin.site.register(models.Warning) +admin.site.register(models.Warning, WarningAdmin) + # This will show fucking everything, just don't give other people perms to see content types, sessions, and all that shit. # This is so the superuser, owner of the site can see everything. diff --git a/closedverse_main/middleware.py b/closedverse_main/middleware.py index d3cc4e1..499340b 100644 --- a/closedverse_main/middleware.py +++ b/closedverse_main/middleware.py @@ -87,18 +87,6 @@ class ClosedMiddleware(object): if settings.CLOSEDVERSE_PROD not request.is_secure() and not 'Nintendo' in request.META['HTTP_USER_AGENT']: return redirect('https://{0}{1}'.format(request.get_host(), request.get_full_path())) """ - if request.user.is_authenticated: - """ - if not request.user.is_active: - if request.user.warned_reason: - ban_msg = request.user.warned_reason - else: - ban_msg = 'You are banned.' - return HttpResponseForbidden(ban_msg) - """ - # can just forbid post requests for the time being (but leav our funny logout message :3) - if not request.user.is_active and request.method != 'GET' and request.get_full_path() != '/logout/': - return HttpResponseForbidden() response = self.get_response(request) if request.user.is_authenticated: # for reverse proxy diff --git a/closedverse_main/models.py b/closedverse_main/models.py index a2344f2..2fd2b18 100644 --- a/closedverse_main/models.py +++ b/closedverse_main/models.py @@ -157,7 +157,7 @@ class User(AbstractBaseUser, PermissionsMixin): hide_online = models.BooleanField(default=False, help_text='If this is ticked, the user has opted to hide their online status.') color = ColorField(default='', null=True, blank=True) - is_staff = models.BooleanField(default=False, help_text='Allow this user to access the admin panel you\'re using right now?') + is_staff = models.BooleanField(default=False, help_text='Allow this user to access the admin panel you\'re using right now? Don\'t forget to specify the permissions.') is_active = models.BooleanField(default=True, help_text='If this is off, the user is basically banned and can\'t do shit here') is_superuser = models.BooleanField(default=False, help_text='Overrides django groups. This also allows you to change people\'s perms.') can_invite = models.BooleanField(default=True, help_text='Can this user invite new users? This does not matter unless the invite system is turned on.') @@ -174,11 +174,6 @@ class User(AbstractBaseUser, PermissionsMixin): objects = UserManager() - class Meta: - permissions = [ - ("Can_alter_level_and_Perms", "Allow this user to change Level, Groups and Permissions?"), - ] - def __str__(self): return self.username def get_full_name(self): @@ -755,19 +750,13 @@ class Community(models.Model): return False def post_perm(self, request): - if not request.user.is_active: - return False if self.Community_block(request): return False if request.user.level >= self.rank_needed_to_post: return True elif request.user.is_staff == True: return True - # If the community is made by you, you should be able to post in there regardless. - elif request.user == self.creator: - return True - else: - return False + return False def can_edit_community(self, request): # yanderedev moment if not request.user.is_authenticated: diff --git a/closedverse_main/views.py b/closedverse_main/views.py index c6b7981..b6dd42b 100644 --- a/closedverse_main/views.py +++ b/closedverse_main/views.py @@ -60,6 +60,11 @@ def community_list(request): else: feature = obj.filter(is_feature=True).order_by('-created') if request.user.is_authenticated: + # If no profile exists for request.user, make one automatically. + profile_exists = Profile.objects.filter(user=request.user).exists() + if not profile_exists: + print("Profile does not exist. Creating one...") + Profile.objects.create(user=request.user) classes = ['guest-top'] favorites = request.user.community_favorites() else: @@ -307,9 +312,6 @@ def signup_page(request): check_othersban = User.objects.filter(addr=request.META['REMOTE_ADDR'], is_active=False).exists() if check_othersban: return HttpResponseBadRequest("You cannot sign up while banned.") - check_signupban = User.objects.filter(signup_addr=request.META['REMOTE_ADDR'], is_active=False).exists() - if check_signupban: - return HttpResponseBadRequest("Get on your hands and knees") if iphub(request.META['REMOTE_ADDR']): if settings.DISALLOW_PROXY: return HttpResponseBadRequest("please do not use a vpn ok thanks") @@ -393,13 +395,9 @@ def forgot_passwd(request): def logout_page(request): """Password email page / post endpoint.""" - if not request.user.is_authenticated or not request.user.is_active: - if not request.user.is_authenticated: - logout(request) - r = HttpResponseForbidden("You are not logged in, so how can you possibly log out? You will be redirected to Wario Land 4 momentarily.", content_type='text/plain') - else: - r = HttpResponseForbidden("You can't log out while you're inactive. According to me and God, you'll just have to sit here and suffer for now. Go contemplate your actions. You will be redirected to Wario Land 4 momentarily.", content_type='text/plain') - r['Refresh'] = '7; url=https://gba.js.org/player#warioland4' + if not request.user.is_authenticated: + logout(request) + r = HttpResponseForbidden("You are not logged in, so how can you possibly log out? You will be redirected to Wario Land 4 momentarily.", content_type='text/plain') return r logout(request) if request.GET.get('next'): @@ -1047,6 +1045,8 @@ def community_create_action(request): community.type = 3 community.creator = request.user community.save() + request.user.c_tokens -= 1 + request.user.save() return redirect('/') else: raise Http404() diff --git a/static/closedverse.css b/static/closedverse.css index a1561e4..c287277 100644 --- a/static/closedverse.css +++ b/static/closedverse.css @@ -3406,6 +3406,10 @@ body.masked { content: "x"; color: var(--theme, #ff4159); } +.sidebar-setting .sidebar-admin-meta:before { + content: "l"; + color: var(--theme, #ff4159); +} .sidebar-setting .sidebar-menu-replies:before { content: "r"; color: var(--theme, #ff4159);