diff --git a/hole.py b/hole.py index d0f1276..e7732c4 100644 --- a/hole.py +++ b/hole.py @@ -4,10 +4,10 @@ from flask_limiter import Limiter from flask_limiter.util import get_remote_address from mastodon import Mastodon -import time, re, random, string, datetime, hashlib +import re, random, string, datetime, hashlib from models import db, User, Post, Comment, Attention, Syslog -from utils import require_token, map_post, map_comment, check_attention, hash_name +from utils import require_token, map_post, map_comment, check_attention, hash_name, look app = Flask(__name__) app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///hole.db' @@ -122,7 +122,6 @@ def do_post(): content = content, post_type = post_type, cw = cw or None, - timestamp = int(time.time()), likenum = 1, comments = [] ) @@ -189,7 +188,6 @@ def do_comment(): c = Comment( name_hash = hash_name(u.name), content = content, - timestamp = int(time.time()) ) post.comments.append(c) db.session.commit() @@ -265,32 +263,52 @@ def delete(): obj = None if obj_type == 'pid': obj = Post.query.get(obj_id) - if len(obj.comments): abort(403) elif obj_type == 'cid': obj = Comment.query.get(obj_id) if not obj: abort(404) if obj.name_hash == hash_name(u.name): + if obj_type == 'pid' and len(obj.comments): abort(403) db.session.delete(obj) elif u.name in app.config.get('ADMINS'): obj.deleted = True db.session.add(Syslog( log_type='ADMIN DELETE', - log_detail=f"{type}={obj_id}\nnote", + log_detail=f"{obj_type}={obj_id}\n{note}", name_hash=hash_name(u.name) )) if note.startswith('!ban'): db.session.add(Syslog( log_type='BANNED', - log_detail=f"{type}={obj_id}\nnote", + log_detail=f"=> {obj_type}={obj_id}", name_hash=obj.name_hash )) - else: abort(403) db.session.commit() return {'code': 0} +@app.route('/_api/v1/systemlog') +def system_log(): + u = require_token() + + ss = Syslog.query.all() + + return { + 'start_time': app.config['START_TIME'], + 'salt': look(app.config['SALT'][:3]), + 'data' : [{ + 'type': s.log_type, + 'detail': s.log_detail, + 'user': look(s.name_hash), + 'timestamp': s.timestamp + } for s in ss[::-1] + ] + } + + + + if __name__ == '__main__': app.run(debug=True) diff --git a/models.py b/models.py index 45bdab5..be57342 100644 --- a/models.py +++ b/models.py @@ -1,4 +1,5 @@ from flask_sqlalchemy import SQLAlchemy +import time db = SQLAlchemy() @@ -23,6 +24,10 @@ class Post(db.Model): comments = db.relationship('Comment', backref='post', lazy=True) + def __init__(self, **kwargs): + super(Post, self).__init__(**kwargs) + self.timestamp = int(time.time()) + def __repr__(self): return f"{self.name_hash}:[{self.content}]" @@ -35,6 +40,10 @@ class Comment(db.Model): post_id = db.Column(db.Integer, db.ForeignKey('post.id'), nullable=False) + + def __init__(self, **kwargs): + super(Comment, self).__init__(**kwargs) + self.timestamp = int(time.time()) def __repr__(self): return f"{self.name_hash}:[{self.content}->{self.post_id}]" @@ -50,4 +59,8 @@ class Syslog(db.Model): log_type = db.Column(db.String(16)) log_detail = db.Column(db.String(128)) name_hash = db.Column(db.String(64)) - + timestamp = db.Column(db.Integer) + + def __init__(self, **kwargs): + super(Syslog, self).__init__(**kwargs) + self.timestamp = int(time.time()) diff --git a/utils.py b/utils.py index e9ac7b0..19d47d4 100644 --- a/utils.py +++ b/utils.py @@ -7,9 +7,10 @@ def get_config(key): def require_token(): token = request.args.get('user_token') - u = User.query.filter_by(token=token).first() if token else None - if Syslog.query.filter_by(log_type='BANNED', name_hash=hash_name(u.name)).first(): abort(403) - return u if u else abort(401) + if not token: abort(401) + u = User.query.filter_by(token=token).first() + if not u or Syslog.query.filter_by(log_type='BANNED', name_hash=hash_name(u.name)).first(): abort(403) + return u def hash_name(name): return hashlib.sha256((get_config('SALT') + name).encode('utf-8')).hexdigest() @@ -54,3 +55,6 @@ def check_attention(name, pid): def check_can_del(name, author_hash): return 1 if hash_name(name) == author_hash or name in get_config('ADMINS') else 0 + +def look(s): + return s[:3] + '...' + s[-3:]