From e49d856f71fd0dbb2ade41783a9f17037720daaf Mon Sep 17 00:00:00 2001 From: some weird guy <120821766+Mistake35@users.noreply.github.com> Date: Thu, 24 Aug 2023 12:20:32 -0700 Subject: [PATCH] god dead - Changed HTML to support the new fancy ban system - Added "banned" and "active_ban" bits in models.py - IP bans are supported now. --- README.foreskin | 6 +- README.md | 147 +----------------- closedverse_main/admin.py | 6 +- closedverse_main/middleware.py | 21 ++- closedverse_main/models.py | 8 +- .../elements/community_post.html | 17 +- .../elements/post-comment.html | 15 +- .../elements/profile-post.html | 12 +- .../elements/user-sidebar.html | 8 +- closedverse_main/views.py | 14 +- 10 files changed, 60 insertions(+), 194 deletions(-) diff --git a/README.foreskin b/README.foreskin index 6ab0629..bfe9377 100644 --- a/README.foreskin +++ b/README.foreskin @@ -18,8 +18,10 @@ Stuff that is in progress - New Ban system. Bans are here also with its own interface. - Instead of entering a datetime field manually, Admins are provided with choises for different ban lengths when using the frontend. - IP bans and range bans are not added yet. + Theres no way to unban a user when using the ban page. + Instead of entering a datetime field manually, Admins are provided with choises for different ban lengths when using the ban page. + IP bans are here but range bans are not added yet. + IPs are banned automatically when using the ban page. A proper ban page is not added yet and simply shows a 403 error. If a ban page is added, it should show the reason, and when the ban will expire. There's no javascript for the form page yet. diff --git a/README.md b/README.md index af0453b..be2fc07 100644 --- a/README.md +++ b/README.md @@ -1,146 +1,7 @@ -# About -Cedar-Django is a fork of Closedverse with custom features added to it. +# Cedar-Django -### Theme changing -Just like in Indigo, you can change the color of your theme. While this is only visible to each user specifically, a global theme can be set in Settings.py. +https://youtu.be/uUiJCG06bdA -### Overhauled admin panel -The admin panel has been changed completely. You can now do a lot more things in a much easier way. The intention behind this redesign is to reduce the need to use the normal Django admin panel. +Alright, I know I will eventually have to write the documentation, but fuuuuuuck I really don't want to do it. -### Community creation -You can have your users make communities. Each user by default can make one community. User communities can be changed by the owner of said community. - -### Password resetting within the settings page -**This should've been a thing since day one.** Instead of being forced to reset your password through your email, you can now change it via settings. - -### Invite only features -**You can set `invite_only` to `True` if you want your site to be invite only** If you choose to make your website invite only, users can create invite codes and send them to others as a means of inviting new people to the website. Upon signing up, users are required to input a valid invite code in order to create an account. This can be useful for closed off communities or as a ditch effort to stop raids or whatever. -Moderators and staff will be able to revoke a user's ability to add new users if need be. - -### Announcements appear on the side of the main page. -If you have an announcement community, each post will appear there. - -`welcomemsgs` are visible on the front page when you aren't signed in. - -## Other features include: -- Mods can warn users. -- Better audit logging system. -- Purging is much easier now. -- You can fucking ban people now without the Django panel. -- Each and every ban is an IP ban automatically. -- A page where every user can view collected data tied to their account. - -Can you rewrite this? - -# YOU NEED -- A server (obviously) -- Terminal access (also, obviously) -- Python 3 - -# Install time - -Should probably say that this is a lazy way to do it. You should use a reverse proxy to deploy the server up for prod. - -1. -SSH into your server. - -2. -Time to update -`sudo apt update && sudo apt upgrade` - -3. -You need Pip -`sudo apt install pip` - -4. -Get everything else you need. -`pip3 install Django==3.2.2 urllib3 lxml passlib bcrypt pillow django-markdown-deux django-markdown2 whitenoise django-xff` - -5. -Clone the clone! -`git clone https://github.com/Mistake35/Cedar-Django` - -5.5 (recommended). -You should use FileZilla or some other SFTP client to make things easier in the future. - -6. -Navigate to Cedar-Django -`cd Cedar-Django` - -7. -Edit the settings.py file. -`nano closedverse/settings.py` - -8. -Fill everything out as needed. Be sure to generate a secret key and paste it in too. - -9. -Now it's time for the good stuff! -Let's build the database -`python3 manage.py migrate` - -10. -Do the static files or no CSS or JS. -`python3 manage.py collectstatic` - -11. -Test the server! -Be sure to replace "IP-HERE" with your public IP and make sure it's running on port 80. -`python3 manage.py runserver IP-HERE:80` - -# Troubleshooting time! -Q: "HELP, I'M GETTING A BAD REQUEST (400) ERROR!" -A: Add your public IP to the `ALLOWED_HOSTS` bit in settings.py along with your domain that you'll be using. - -Q: "django.db.utils.OperationalError: no such table: ban_usersban" -A: You forgot to migrate and make the database. - -Q: "Why is the page white, with no color or style at all?" -A: You need to collect the static files as mentioned prior. - -You may have to do some additional troubleshooting, and that's the joy of web-hosting. -Fixing problems yourself is a great way to learn how this shit works. - -# Yet even more steps - -12. -So your server is running, the URL works and everything? Good. -Now it's time to create your account. -`python3 manage.py createsuperuser` -Enter your username, and password. - -13. -Make sure it's working by signing in. - -14. -Alright now it's time to do some fun stuff! We're going to try and make this run at boot with systemd. -`sudo nano /etc/systemd/system/django.service` - -15. -Paste this in! -Now it's time to change this if needed. -``` -[Unit] -Description=Django Application -After=network.target - -[Service] -User=root -WorkingDirectory=/root/Cedar-Django -ExecStart=/usr/bin/python3 manage.py runserver IP-HERE:80 - -[Install] -WantedBy=multi-user.target -``` - -16. -Pop these in! -``` -sudo systemctl daemon-reload -sudo systemctl enable django -sudo systemctl start django -``` -Make sure it works too! -``` -sudo systemctl status django -``` \ No newline at end of file +It's a standard Django app, You'll have to somehow set it up either with python3 manage.py runserver, or through nginx or whatever. diff --git a/closedverse_main/admin.py b/closedverse_main/admin.py index 9dd48d8..4d426d0 100644 --- a/closedverse_main/admin.py +++ b/closedverse_main/admin.py @@ -142,6 +142,10 @@ class HistoryAdmin(admin.ModelAdmin): class RoleAdmin(admin.ModelAdmin): exclude = ('is_static', ) +class BanAdmin(admin.ModelAdmin): + # Hide that shit for now, Eventually I plan to get rid of the user_tools_meta thing completely and just show IP addresses for staff like any normal site. + exclude = ('ip_address', ) + #class BlockAdmin(admin.ModelAdmin) admin.site.unregister(Group) @@ -164,7 +168,7 @@ admin.site.register(models.ProfileHistory, HistoryAdmin) admin.site.register(models.Post, PostAdmin) admin.site.register(models.Comment, CommentAdmin) -admin.site.register(models.Ban) +admin.site.register(models.Ban, BanAdmin) admin.site.register(models.Warning) if settings.DEBUG: diff --git a/closedverse_main/middleware.py b/closedverse_main/middleware.py index 20554b0..02c7dd5 100644 --- a/closedverse_main/middleware.py +++ b/closedverse_main/middleware.py @@ -21,20 +21,25 @@ class CheckForBanMiddleware: return response def process_view(self, request, view_func, view_args, view_kwargs): - - # If the user is not authenticated, there's no need to check for bans if not request.user.is_authenticated: return None - - # Get one active ban that is not expired - active_ban = Ban.objects.filter( + # Get one active ban that is not expired for the user + active_user_ban = Ban.objects.filter( to=request.user, active=True, expiry_date__gte=timezone.now() ).first() - - if active_ban: - return HttpResponseForbidden('You are banned from this site. Reason: ' + active_ban.reason) + if active_user_ban: + return HttpResponseForbidden('You are banned from this site. Reason: ' + active_user_ban.reason) + # Get one active ban that is not expired for the IP address + ip_address = request.META.get('REMOTE_ADDR') + active_ip_ban = Ban.objects.filter( + ip_address=ip_address, + active=True, + expiry_date__gte=timezone.now(), + ).first() + if active_ip_ban: + return HttpResponseForbidden('Your IP address is banned from this site. Reason: ' + active_ip_ban.reason) return None class ClosedMiddleware(object): diff --git a/closedverse_main/models.py b/closedverse_main/models.py index 5173edf..e9422d4 100644 --- a/closedverse_main/models.py +++ b/closedverse_main/models.py @@ -207,6 +207,12 @@ class User(AbstractBaseUser): if not g: return settings.STATIC_URL + 'img/anonymous-mii.png' return g + def banned(self): + banned = self.banned_user.filter(active=True, expiry_date__gt=timezone.now()) + return banned.exists() + def active_ban(self): + ban = self.banned_user.filter(active=True, expiry_date__gt=timezone.now()).order_by('-created').first() + return ban def mh(self): origin_info = self.profile('origin_info') if not origin_info: @@ -582,7 +588,6 @@ class User(AbstractBaseUser): return False return user -# This will be a fucking pain in the ass! class Ban(models.Model): id = models.AutoField(primary_key=True) created = models.DateTimeField(auto_now_add=True) @@ -591,6 +596,7 @@ class Ban(models.Model): reason = models.TextField(null=True, blank=True) expiry_date = models.DateTimeField(help_text='The date and time on which this ban will expire, Set this way off into the future if this ban should be permanent') active = models.BooleanField(default=True, help_text='Untick this to disable this ban') + ip_address = models.CharField(null=True, blank=True, max_length=256, help_text='Put an IP address in here to make this an IP ban. When using the ban function outside of the Django admin panel, this is filled in automatically.') def is_expired(self): if timezone.now() > self.expiry_date: diff --git a/closedverse_main/templates/closedverse_main/elements/community_post.html b/closedverse_main/templates/closedverse_main/elements/community_post.html index 0a1e6cd..4a0f130 100644 --- a/closedverse_main/templates/closedverse_main/elements/community_post.html +++ b/closedverse_main/templates/closedverse_main/elements/community_post.html @@ -1,5 +1,5 @@ {% if not post.is_rm %} -{% load closedverse_tags %}