newthuhole
/
hole_thu_backend
4
6
Fork 2
Code Issues 7 Pull Requests Projects Releases Wiki Activity
Browse Source

显示管理日志

pull/7/head
hole-thu 5 years ago
parent
44d1b26079
commit
32093708e1
3 changed files with 47 additions and 12 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 34
      hole.py
  2. 15
      models.py
  3. 10
      utils.py

34
hole.py
Unescape View File

@ -4,10 +4,10 @@ from flask_limiter import Limiter
from flask_limiter.util import get_remote_address from flask_limiter.util import get_remote_address
from mastodon import Mastodon from mastodon import Mastodon
import time, re, random, string, datetime, hashlib import re, random, string, datetime, hashlib
from models import db, User, Post, Comment, Attention, Syslog from models import db, User, Post, Comment, Attention, Syslog
from utils import require_token, map_post, map_comment, check_attention, hash_name from utils import require_token, map_post, map_comment, check_attention, hash_name, look
app = Flask(__name__) app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///hole.db' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///hole.db'
@ -122,7 +122,6 @@ def do_post():
content = content, content = content,
post_type = post_type, post_type = post_type,
cw = cw or None, cw = cw or None,
timestamp = int(time.time()),
likenum = 1, likenum = 1,
comments = [] comments = []
) )
@ -189,7 +188,6 @@ def do_comment():
c = Comment( c = Comment(
name_hash = hash_name(u.name), name_hash = hash_name(u.name),
content = content, content = content,
timestamp = int(time.time())
) )
post.comments.append(c) post.comments.append(c)
db.session.commit() db.session.commit()
@ -265,32 +263,52 @@ def delete():
obj = None obj = None
if obj_type == 'pid': if obj_type == 'pid':
obj = Post.query.get(obj_id) obj = Post.query.get(obj_id)
if len(obj.comments): abort(403)
elif obj_type == 'cid': elif obj_type == 'cid':
obj = Comment.query.get(obj_id) obj = Comment.query.get(obj_id)
if not obj: abort(404) if not obj: abort(404)
if obj.name_hash == hash_name(u.name): if obj.name_hash == hash_name(u.name):
if obj_type == 'pid' and len(obj.comments): abort(403)
db.session.delete(obj) db.session.delete(obj)
elif u.name in app.config.get('ADMINS'): elif u.name in app.config.get('ADMINS'):
obj.deleted = True obj.deleted = True
db.session.add(Syslog( db.session.add(Syslog(
log_type='ADMIN DELETE', log_type='ADMIN DELETE',
log_detail=f"{type}={obj_id}\nnote", log_detail=f"{obj_type}={obj_id}\n{note}",
name_hash=hash_name(u.name) name_hash=hash_name(u.name)
)) ))
if note.startswith('!ban'): if note.startswith('!ban'):
db.session.add(Syslog( db.session.add(Syslog(
log_type='BANNED', log_type='BANNED',
log_detail=f"{type}={obj_id}\nnote", log_detail=f"=> {obj_type}={obj_id}",
name_hash=obj.name_hash name_hash=obj.name_hash
)) ))
else: else:
abort(403) abort(403)
db.session.commit() db.session.commit()
return {'code': 0} return {'code': 0}
@app.route('/_api/v1/systemlog')
def system_log():
u = require_token()
ss = Syslog.query.all()
return {
'start_time': app.config['START_TIME'],
'salt': look(app.config['SALT'][:3]),
'data' : [{
'type': s.log_type,
'detail': s.log_detail,
'user': look(s.name_hash),
'timestamp': s.timestamp
} for s in ss[::-1]
]
}
if __name__ == '__main__': if __name__ == '__main__':
app.run(debug=True) app.run(debug=True)

15
models.py
Unescape View File

@ -1,4 +1,5 @@
from flask_sqlalchemy import SQLAlchemy from flask_sqlalchemy import SQLAlchemy
import time
db = SQLAlchemy() db = SQLAlchemy()
@ -23,6 +24,10 @@ class Post(db.Model):
comments = db.relationship('Comment', backref='post', lazy=True) comments = db.relationship('Comment', backref='post', lazy=True)
def __init__(self, **kwargs):
super(Post, self).__init__(**kwargs)
self.timestamp = int(time.time())
def __repr__(self): def __repr__(self):
return f"{self.name_hash}:[{self.content}]" return f"{self.name_hash}:[{self.content}]"
@ -35,6 +40,10 @@ class Comment(db.Model):
post_id = db.Column(db.Integer, db.ForeignKey('post.id'), post_id = db.Column(db.Integer, db.ForeignKey('post.id'),
nullable=False) nullable=False)
def __init__(self, **kwargs):
super(Comment, self).__init__(**kwargs)
self.timestamp = int(time.time())
def __repr__(self): def __repr__(self):
return f"{self.name_hash}:[{self.content}->{self.post_id}]" return f"{self.name_hash}:[{self.content}->{self.post_id}]"
@ -50,4 +59,8 @@ class Syslog(db.Model):
log_type = db.Column(db.String(16)) log_type = db.Column(db.String(16))
log_detail = db.Column(db.String(128)) log_detail = db.Column(db.String(128))
name_hash = db.Column(db.String(64)) name_hash = db.Column(db.String(64))
timestamp = db.Column(db.Integer)
def __init__(self, **kwargs):
super(Syslog, self).__init__(**kwargs)
self.timestamp = int(time.time())

10
utils.py
Unescape View File

@ -7,9 +7,10 @@ def get_config(key):
def require_token(): def require_token():
token = request.args.get('user_token') token = request.args.get('user_token')
u = User.query.filter_by(token=token).first() if token else None if not token: abort(401)
if Syslog.query.filter_by(log_type='BANNED', name_hash=hash_name(u.name)).first(): abort(403) u = User.query.filter_by(token=token).first()
return u if u else abort(401) if not u or Syslog.query.filter_by(log_type='BANNED', name_hash=hash_name(u.name)).first(): abort(403)
return u
def hash_name(name): def hash_name(name):
return hashlib.sha256((get_config('SALT') + name).encode('utf-8')).hexdigest() return hashlib.sha256((get_config('SALT') + name).encode('utf-8')).hexdigest()
@ -54,3 +55,6 @@ def check_attention(name, pid):
def check_can_del(name, author_hash): def check_can_del(name, author_hash):
return 1 if hash_name(name) == author_hash or name in get_config('ADMINS') else 0 return 1 if hash_name(name) == author_hash or name in get_config('ADMINS') else 0
def look(s):
return s[:3] + '...' + s[-3:]

Write Preview
Loading…
Cancel
Save