return 404 where it makes sense
This commit is contained in:
@@ -71,7 +71,8 @@ def update_post(post_id, new_content, markup_language='babycode'):
|
|||||||
def delete(post_id):
|
def delete(post_id):
|
||||||
post = Posts.find({'id': post_id})
|
post = Posts.find({'id': post_id})
|
||||||
if not post:
|
if not post:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
|
|
||||||
thread = Threads.find({'id': post.thread_id})
|
thread = Threads.find({'id': post.thread_id})
|
||||||
user = get_active_user()
|
user = get_active_user()
|
||||||
@@ -103,13 +104,15 @@ def delete(post_id):
|
|||||||
def edit(post_id):
|
def edit(post_id):
|
||||||
post = Posts.find({'id': post_id})
|
post = Posts.find({'id': post_id})
|
||||||
if not post:
|
if not post:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
|
|
||||||
user = get_active_user()
|
user = get_active_user()
|
||||||
q = f"{Posts.FULL_POSTS_QUERY} WHERE posts.id = ?"
|
q = f"{Posts.FULL_POSTS_QUERY} WHERE posts.id = ?"
|
||||||
editing_post = db.fetch_one(q, post_id)
|
editing_post = db.fetch_one(q, post_id)
|
||||||
if not editing_post:
|
if not editing_post:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
if editing_post['user_id'] != user.id:
|
if editing_post['user_id'] != user.id:
|
||||||
return redirect(url_for('topics.all_topics'))
|
return redirect(url_for('topics.all_topics'))
|
||||||
|
|
||||||
@@ -136,7 +139,8 @@ def edit_form(post_id):
|
|||||||
user = get_active_user()
|
user = get_active_user()
|
||||||
post = Posts.find({'id': post_id})
|
post = Posts.find({'id': post_id})
|
||||||
if not post:
|
if not post:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
if post.user_id != user.id:
|
if post.user_id != user.id:
|
||||||
return redirect(url_for('topics.all_topics'))
|
return redirect(url_for('topics.all_topics'))
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
from flask import (
|
from flask import (
|
||||||
Blueprint, render_template, request, redirect, url_for, flash
|
Blueprint, render_template, request, redirect, url_for, flash,
|
||||||
|
abort,
|
||||||
)
|
)
|
||||||
from .users import login_required, mod_only, get_active_user, is_logged_in
|
from .users import login_required, mod_only, get_active_user, is_logged_in
|
||||||
from ..db import db
|
from ..db import db
|
||||||
@@ -32,7 +33,8 @@ def thread(slug):
|
|||||||
POSTS_PER_PAGE = 10
|
POSTS_PER_PAGE = 10
|
||||||
thread = Threads.find({"slug": slug})
|
thread = Threads.find({"slug": slug})
|
||||||
if not thread:
|
if not thread:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
|
|
||||||
post_count = Posts.count({"thread_id": thread.id})
|
post_count = Posts.count({"thread_id": thread.id})
|
||||||
page_count = max(math.ceil(post_count / POSTS_PER_PAGE), 1)
|
page_count = max(math.ceil(post_count / POSTS_PER_PAGE), 1)
|
||||||
@@ -86,7 +88,8 @@ def thread(slug):
|
|||||||
def reply(slug):
|
def reply(slug):
|
||||||
thread = Threads.find({"slug": slug})
|
thread = Threads.find({"slug": slug})
|
||||||
if not thread:
|
if not thread:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
user = get_active_user()
|
user = get_active_user()
|
||||||
if user.is_guest():
|
if user.is_guest():
|
||||||
return redirect(url_for('.thread', slug=slug))
|
return redirect(url_for('.thread', slug=slug))
|
||||||
@@ -148,7 +151,8 @@ def lock(slug):
|
|||||||
user = get_active_user()
|
user = get_active_user()
|
||||||
thread = Threads.find({'slug': slug})
|
thread = Threads.find({'slug': slug})
|
||||||
if not thread:
|
if not thread:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
if not ((thread.user_id == user.id) or user.is_mod()):
|
if not ((thread.user_id == user.id) or user.is_mod()):
|
||||||
return redirect(url_for('.thread', slug=slug))
|
return redirect(url_for('.thread', slug=slug))
|
||||||
target_op = request.form.get('target_op')
|
target_op = request.form.get('target_op')
|
||||||
@@ -165,7 +169,8 @@ def sticky(slug):
|
|||||||
user = get_active_user()
|
user = get_active_user()
|
||||||
thread = Threads.find({'slug': slug})
|
thread = Threads.find({'slug': slug})
|
||||||
if not thread:
|
if not thread:
|
||||||
return redirect(url_for('topics.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
if not ((thread.user_id == user.id) or user.is_mod()):
|
if not ((thread.user_id == user.id) or user.is_mod()):
|
||||||
return redirect(url_for('.thread', slug=slug))
|
return redirect(url_for('.thread', slug=slug))
|
||||||
target_op = request.form.get('target_op')
|
target_op = request.form.get('target_op')
|
||||||
|
|||||||
@@ -1,5 +1,6 @@
|
|||||||
from flask import (
|
from flask import (
|
||||||
Blueprint, render_template, request, redirect, url_for, flash, session
|
Blueprint, render_template, request, redirect, url_for, flash, session,
|
||||||
|
abort,
|
||||||
)
|
)
|
||||||
from .users import login_required, mod_only, get_active_user, is_logged_in
|
from .users import login_required, mod_only, get_active_user, is_logged_in
|
||||||
from ..models import Users, Topics, Threads, Subscriptions
|
from ..models import Users, Topics, Threads, Subscriptions
|
||||||
@@ -50,7 +51,8 @@ def topic(slug):
|
|||||||
"slug": slug
|
"slug": slug
|
||||||
})
|
})
|
||||||
if not target_topic:
|
if not target_topic:
|
||||||
return redirect(url_for('.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
|
|
||||||
threads_count = Threads.count({
|
threads_count = Threads.count({
|
||||||
"topic_id": target_topic.id
|
"topic_id": target_topic.id
|
||||||
@@ -88,7 +90,8 @@ def topic(slug):
|
|||||||
def edit(slug):
|
def edit(slug):
|
||||||
topic = Topics.find({"slug": slug})
|
topic = Topics.find({"slug": slug})
|
||||||
if not topic:
|
if not topic:
|
||||||
return redirect(url_for('.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
return render_template("topics/edit.html", topic=topic)
|
return render_template("topics/edit.html", topic=topic)
|
||||||
|
|
||||||
|
|
||||||
@@ -98,7 +101,8 @@ def edit(slug):
|
|||||||
def edit_post(slug):
|
def edit_post(slug):
|
||||||
topic = Topics.find({"slug": slug})
|
topic = Topics.find({"slug": slug})
|
||||||
if not topic:
|
if not topic:
|
||||||
return redirect(url_for('.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
|
|
||||||
topic.update({
|
topic.update({
|
||||||
"name": request.form.get('name', default = topic.name).strip(),
|
"name": request.form.get('name', default = topic.name).strip(),
|
||||||
@@ -115,7 +119,8 @@ def edit_post(slug):
|
|||||||
def delete(slug):
|
def delete(slug):
|
||||||
topic = Topics.find({"slug": slug})
|
topic = Topics.find({"slug": slug})
|
||||||
if not topic:
|
if not topic:
|
||||||
return redirect(url_for('.all_topics'))
|
abort(404)
|
||||||
|
return
|
||||||
|
|
||||||
topic.delete()
|
topic.delete()
|
||||||
|
|
||||||
|
|||||||
@@ -1,5 +1,5 @@
|
|||||||
from flask import (
|
from flask import (
|
||||||
Blueprint, render_template, request, redirect, url_for, flash, session, current_app
|
Blueprint, render_template, request, redirect, url_for, flash, session, current_app, abort
|
||||||
)
|
)
|
||||||
from functools import wraps
|
from functools import wraps
|
||||||
from ..db import db
|
from ..db import db
|
||||||
@@ -295,6 +295,8 @@ def sign_up_post():
|
|||||||
@bp.get("/<username>")
|
@bp.get("/<username>")
|
||||||
def page(username):
|
def page(username):
|
||||||
target_user = Users.find({"username": username.lower()})
|
target_user = Users.find({"username": username.lower()})
|
||||||
|
if not target_user:
|
||||||
|
abort(404)
|
||||||
return render_template("users/user.html", target_user = target_user)
|
return render_template("users/user.html", target_user = target_user)
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user