user2/hole_thu_backend
1
0
Fork 0
forked from newthuhole/hole_thu_backend
Code Issues Pull Requests Projects Releases Wiki Activity

显示管理日志

Browse Source
This commit is contained in:
hole-thu
2020-09-04 17:08:43 +08:00
parent 44d1b26079
commit 32093708e1
3 changed files with 47 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
hole.py
View File

@@ -4,10 +4,10 @@ from flask_limiter import Limiter
from flask_limiter.util import get_remote_address from flask_limiter.util import get_remote_address
from mastodon import Mastodon from mastodon import Mastodon
import time, re, random, string, datetime, hashlib import re, random, string, datetime, hashlib
from models import db, User, Post, Comment, Attention, Syslog from models import db, User, Post, Comment, Attention, Syslog
from utils import require_token, map_post, map_comment, check_attention, hash_name from utils import require_token, map_post, map_comment, check_attention, hash_name, look
app = Flask(__name__) app = Flask(__name__)
app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///hole.db' app.config['SQLALCHEMY_DATABASE_URI'] = 'sqlite:///hole.db'
@@ -122,7 +122,6 @@ def do_post():
content = content, content = content,
post_type = post_type, post_type = post_type,
cw = cw or None, cw = cw or None,
timestamp = int(time.time()),
likenum = 1, likenum = 1,
comments = [] comments = []
) )
@@ -189,7 +188,6 @@ def do_comment():
c = Comment( c = Comment(
name_hash = hash_name(u.name), name_hash = hash_name(u.name),
content = content, content = content,
timestamp = int(time.time())
) )
post.comments.append(c) post.comments.append(c)
db.session.commit() db.session.commit()
@@ -265,32 +263,52 @@ def delete():
obj = None obj = None
if obj_type == 'pid': if obj_type == 'pid':
obj = Post.query.get(obj_id) obj = Post.query.get(obj_id)
if len(obj.comments): abort(403)
elif obj_type == 'cid': elif obj_type == 'cid':
obj = Comment.query.get(obj_id) obj = Comment.query.get(obj_id)
if not obj: abort(404) if not obj: abort(404)
if obj.name_hash == hash_name(u.name): if obj.name_hash == hash_name(u.name):
if obj_type == 'pid' and len(obj.comments): abort(403)
db.session.delete(obj) db.session.delete(obj)
elif u.name in app.config.get('ADMINS'): elif u.name in app.config.get('ADMINS'):
obj.deleted = True obj.deleted = True
db.session.add(Syslog( db.session.add(Syslog(
log_type='ADMIN DELETE', log_type='ADMIN DELETE',
log_detail=f"{type}={obj_id}\nnote", log_detail=f"{obj_type}={obj_id}\n{note}",
name_hash=hash_name(u.name) name_hash=hash_name(u.name)
)) ))
if note.startswith('!ban'): if note.startswith('!ban'):
db.session.add(Syslog( db.session.add(Syslog(
log_type='BANNED', log_type='BANNED',
log_detail=f"{type}={obj_id}\nnote", log_detail=f"=> {obj_type}={obj_id}",
name_hash=obj.name_hash name_hash=obj.name_hash
)) ))
else: else:
abort(403) abort(403)
db.session.commit() db.session.commit()
return {'code': 0} return {'code': 0}
@app.route('/_api/v1/systemlog')
def system_log():
u = require_token()
ss = Syslog.query.all()
return {
'start_time': app.config['START_TIME'],
'salt': look(app.config['SALT'][:3]),
'data' : [{
'type': s.log_type,
'detail': s.log_detail,
'user': look(s.name_hash),
'timestamp': s.timestamp
} for s in ss[::-1]
]
}
if __name__ == '__main__': if __name__ == '__main__':
app.run(debug=True) app.run(debug=True)

13
models.py
View File

@@ -1,4 +1,5 @@
from flask_sqlalchemy import SQLAlchemy from flask_sqlalchemy import SQLAlchemy
import time
db = SQLAlchemy() db = SQLAlchemy()
@@ -23,6 +24,10 @@ class Post(db.Model):
comments = db.relationship('Comment', backref='post', lazy=True) comments = db.relationship('Comment', backref='post', lazy=True)
def __init__(self, **kwargs):
super(Post, self).__init__(**kwargs)
self.timestamp = int(time.time())
def __repr__(self): def __repr__(self):
return f"{self.name_hash}:[{self.content}]" return f"{self.name_hash}:[{self.content}]"
@@ -36,6 +41,10 @@ class Comment(db.Model):
post_id = db.Column(db.Integer, db.ForeignKey('post.id'), post_id = db.Column(db.Integer, db.ForeignKey('post.id'),
nullable=False) nullable=False)
def __init__(self, **kwargs):
super(Comment, self).__init__(**kwargs)
self.timestamp = int(time.time())
def __repr__(self): def __repr__(self):
return f"{self.name_hash}:[{self.content}->{self.post_id}]" return f"{self.name_hash}:[{self.content}->{self.post_id}]"
@@ -50,4 +59,8 @@ class Syslog(db.Model):
log_type = db.Column(db.String(16)) log_type = db.Column(db.String(16))
log_detail = db.Column(db.String(128)) log_detail = db.Column(db.String(128))
name_hash = db.Column(db.String(64)) name_hash = db.Column(db.String(64))
timestamp = db.Column(db.Integer)
def __init__(self, **kwargs):
super(Syslog, self).__init__(**kwargs)
self.timestamp = int(time.time())

10
utils.py
View File

@@ -7,9 +7,10 @@ def get_config(key):
def require_token(): def require_token():
token = request.args.get('user_token') token = request.args.get('user_token')
u = User.query.filter_by(token=token).first() if token else None if not token: abort(401)
if Syslog.query.filter_by(log_type='BANNED', name_hash=hash_name(u.name)).first(): abort(403) u = User.query.filter_by(token=token).first()
return u if u else abort(401) if not u or Syslog.query.filter_by(log_type='BANNED', name_hash=hash_name(u.name)).first(): abort(403)
return u
def hash_name(name): def hash_name(name):
return hashlib.sha256((get_config('SALT') + name).encode('utf-8')).hexdigest() return hashlib.sha256((get_config('SALT') + name).encode('utf-8')).hexdigest()
@@ -54,3 +55,6 @@ def check_attention(name, pid):
def check_can_del(name, author_hash): def check_can_del(name, author_hash):
return 1 if hash_name(name) == author_hash or name in get_config('ADMINS') else 0 return 1 if hash_name(name) == author_hash or name in get_config('ADMINS') else 0
def look(s):
return s[:3] + '...' + s[-3:]