Albirew/nyaa-pantsu
Archivé
1
0
Bifurcation 0
Ce dépôt a été archivé le 2022-05-07. Vous pouvez voir ses fichiers ou le cloner, mais pas ouvrir de ticket ou de demandes d'ajout, ni soumettre de changements.
nyaa-pantsu/controllers/modpanel.go
2017-07-15 01:44:09 +02:00

628 lignes
20 Kio
Go

package controllers
import (
"fmt"
"html"
"net/http"
"strconv"
"strings"
"github.com/NyaaPantsu/nyaa/config"
"github.com/NyaaPantsu/nyaa/models"
"github.com/NyaaPantsu/nyaa/models/activities"
"github.com/NyaaPantsu/nyaa/models/comments"
"github.com/NyaaPantsu/nyaa/models/reports"
"github.com/NyaaPantsu/nyaa/models/torrents"
"github.com/NyaaPantsu/nyaa/models/users"
"github.com/NyaaPantsu/nyaa/utils/categories"
"github.com/NyaaPantsu/nyaa/utils/cookies"
"github.com/NyaaPantsu/nyaa/utils/log"
msg "github.com/NyaaPantsu/nyaa/utils/messages"
"github.com/NyaaPantsu/nyaa/utils/search"
"github.com/NyaaPantsu/nyaa/utils/search/structs"
"github.com/NyaaPantsu/nyaa/utils/upload"
"github.com/NyaaPantsu/nyaa/utils/validator/torrent"
"github.com/gin-gonic/gin"
)
// ReassignForm : Structure for reassign Form used by the reassign page
type ReassignForm struct {
AssignTo uint
By string
Data string
Torrents []uint
}
// ExtractInfo : Function to assign values from request to ReassignForm
func (f *ReassignForm) ExtractInfo(c *gin.Context) bool {
f.By = c.PostForm("by")
messages := msg.GetMessages(c)
if f.By != "olduser" && f.By != "torrentid" {
messages.AddErrorTf("errors", "no_action_exist", f.By)
return false
}
f.Data = strings.Trim(c.PostForm("data"), " \r\n")
if f.By == "olduser" {
if f.Data == "" {
messages.AddErrorT("errors", "user_not_found")
return false
} else if strings.Contains(f.Data, "\n") {
messages.AddErrorT("errors", "multiple_username_error")
return false
}
} else if f.By == "torrentid" {
if f.Data == "" {
messages.AddErrorT("errors", "no_id_given")
return false
}
splitData := strings.Split(f.Data, "\n")
for i, tmp := range splitData {
tmp = strings.Trim(tmp, " \r")
torrentID, err := strconv.ParseUint(tmp, 10, 0)
if err != nil {
messages.AddErrorTf("errors", "parse_error_line", i+1)
return false // TODO: Shouldn't it continue to parse the rest and display the errored lines?
}
f.Torrents = append(f.Torrents, uint(torrentID))
}
}
tmpID := c.PostForm("to")
parsed, err := strconv.ParseUint(tmpID, 10, 32)
if err != nil {
messages.Error(err)
return false
}
f.AssignTo = uint(parsed)
_, _, _, _, err = cookies.RetrieveUserFromRequest(c, uint(parsed))
if err != nil {
messages.AddErrorTf("errors", "no_user_found_id", int(parsed))
return false
}
return true
}
// ExecuteAction : Function for applying the changes from ReassignForm
func (f *ReassignForm) ExecuteAction() (int, error) {
var toBeChanged []uint
var err error
if f.By == "olduser" {
toBeChanged, err = users.FindOldUploadsByUsername(f.Data)
if err != nil {
return 0, err
}
} else if f.By == "torrentid" {
toBeChanged = f.Torrents
}
num := 0
for _, torrentID := range toBeChanged {
torrent, err2 := torrents.FindRawByID(torrentID)
if err2 == nil {
torrent.UploaderID = f.AssignTo
torrent.Update(true)
num++
}
}
return num, nil
}
// IndexModPanel : Controller for showing index page of Mod Panel
func IndexModPanel(c *gin.Context) {
offset := 10
torrents, _, _ := torrents.FindAll(offset, 0)
users, _ := users.FindUsersForAdmin(offset, 0)
comments, _ := comments.FindAll(offset, 0, "", "")
torrentReports, _, _ := reports.GetAll(offset, 0)
panelAdminTemplate(c, torrents, models.TorrentReportsToJSON(torrentReports), users, comments)
}
// TorrentsListPanel : Controller for listing torrents, can accept common search arguments
func TorrentsListPanel(c *gin.Context) {
page := c.Param("page")
messages := msg.GetMessages(c)
deleted := c.Request.URL.Query()["deleted"]
unblocked := c.Request.URL.Query()["unblocked"]
blocked := c.Request.URL.Query()["blocked"]
if deleted != nil {
messages.AddInfoTf("infos", "torrent_deleted", "")
}
if blocked != nil {
messages.AddInfoT("infos", "torrent_blocked")
}
if unblocked != nil {
messages.AddInfoT("infos", "torrent_unblocked")
}
var err error
pagenum := 1
if page != "" {
pagenum, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
c.AbortWithError(http.StatusInternalServerError, err)
return
}
}
searchParam, torrents, count, err := search.ByQueryWithUser(c, pagenum)
if err != nil {
messages.Error(err)
}
category := ""
if len(searchParam.Category) > 0 {
category = searchParam.Category[0].String()
}
searchForm := searchForm{
TorrentParam: searchParam,
Category: category,
ShowItemsPerPage: true,
}
nav := navigation{count, int(searchParam.Max), pagenum, "mod/torrents/p"}
modelList(c, "admin/torrentlist.jet.html", torrents, nav, searchForm)
}
// TorrentReportListPanel : Controller for listing torrent reports, can accept pages
func TorrentReportListPanel(c *gin.Context) {
page := c.Param("page")
pagenum := 1
offset := 100
var err error
if page != "" {
pagenum, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
c.AbortWithError(http.StatusInternalServerError, err)
return
}
}
torrentReports, nbReports, _ := reports.GetAll(offset, (pagenum-1)*offset)
reportJSON := models.TorrentReportsToJSON(torrentReports)
nav := navigation{nbReports, offset, pagenum, "mod/reports/p"}
modelList(c, "admin/torrent_report.jet.html", reportJSON, nav, newSearchForm(c))
}
// UsersListPanel : Controller for listing users, can accept pages
func UsersListPanel(c *gin.Context) {
page := c.Param("page")
pagenum := 1
offset := 100
var err error
if page != "" {
pagenum, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
c.AbortWithError(http.StatusInternalServerError, err)
return
}
}
users, nbUsers := users.FindUsersForAdmin(offset, (pagenum-1)*offset)
nav := navigation{nbUsers, offset, pagenum, "mod/users/p"}
modelList(c, "admin/userlist.jet.html", users, nav, newSearchForm(c))
}
// CommentsListPanel : Controller for listing comments, can accept pages and userID
func CommentsListPanel(c *gin.Context) {
page := c.Param("page")
pagenum := 1
offset := 100
userid := c.Query("userid")
var err error
if page != "" {
pagenum, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
c.AbortWithError(http.StatusInternalServerError, err)
return
}
}
var conditions string
var values []interface{}
if userid != "" {
conditions = "user_id = ?"
values = append(values, userid)
}
comments, nbComments := comments.FindAll(offset, (pagenum-1)*offset, conditions, values...)
nav := navigation{nbComments, offset, pagenum, "mod/comments/p"}
modelList(c, "admin/commentlist.jet.html", comments, nav, newSearchForm(c))
}
// TorrentEditModPanel : Controller for editing a torrent after GET request
func TorrentEditModPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
torrent, _ := torrents.FindUnscopeByID(uint(id))
torrentJSON := torrent.ToJSON()
uploadForm := upload.NewTorrentRequest()
uploadForm.Name = torrentJSON.Name
uploadForm.Category = torrentJSON.Category + "_" + torrentJSON.SubCategory
uploadForm.Status = torrentJSON.Status
uploadForm.Hidden = torrent.Hidden
uploadForm.WebsiteLink = string(torrentJSON.WebsiteLink)
uploadForm.Description = string(torrentJSON.Description)
uploadForm.Languages = torrent.Languages
formTemplate(c, "admin/paneltorrentedit.jet.html", uploadForm)
}
// TorrentPostEditModPanel : Controller for editing a torrent after POST request
func TorrentPostEditModPanel(c *gin.Context) {
var uploadForm torrentValidator.TorrentRequest
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
messages := msg.GetMessages(c)
torrent, _ := torrents.FindUnscopeByID(uint(id))
if torrent.ID > 0 {
errUp := upload.ExtractEditInfo(c, &uploadForm)
if errUp != nil {
messages.AddErrorT("errors", "fail_torrent_update")
}
if !messages.HasErrors() {
// update some (but not all!) values
torrent.Name = uploadForm.Name
torrent.Category = uploadForm.CategoryID
torrent.SubCategory = uploadForm.SubCategoryID
torrent.Status = uploadForm.Status
torrent.Hidden = uploadForm.Hidden
torrent.WebsiteLink = uploadForm.WebsiteLink
torrent.Description = uploadForm.Description
torrent.Languages = uploadForm.Languages
_, err := torrent.UpdateUnscope()
messages.AddInfoT("infos", "torrent_updated")
if err == nil { // We only log edit torrent for admins
if torrent.Uploader == nil {
torrent.Uploader = &models.User{}
}
_, username := torrents.HideUser(torrent.UploaderID, torrent.Uploader.Username, torrent.Hidden)
activities.Log(&models.User{}, torrent.Identifier(), "edit", "torrent_edited_by", strconv.Itoa(int(torrent.ID)), username, getUser(c).Username)
}
}
}
formTemplate(c, "admin/paneltorrentedit.jet.html", uploadForm)
}
// CommentDeleteModPanel : Controller for deleting a comment
func CommentDeleteModPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
comment, _, err := comments.Delete(uint(id))
if err == nil {
activities.Log(&models.User{}, comment.Identifier(), "delete", "comment_deleted_by", strconv.Itoa(int(comment.ID)), comment.User.Username, getUser(c).Username)
}
c.Redirect(http.StatusSeeOther, "/mod/comments?deleted")
}
// TorrentDeleteModPanel : Controller for deleting a torrent
func TorrentDeleteModPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
definitely := c.Request.URL.Query()["definitely"]
var returnRoute = "/mod/torrents"
torrent, errFind := torrents.FindByID(uint(id))
if errFind == nil {
var err error
if definitely != nil {
_, _, err = torrent.DefinitelyDelete()
//delete reports of torrent
whereParams := structs.CreateWhereParams("torrent_id = ?", id)
reports, _, _ := reports.FindOrderBy(&whereParams, "", 0, 0)
for _, report := range reports {
report.Delete(true)
}
returnRoute = "/mod/torrents/deleted"
} else {
_, _, err = torrent.Delete(false)
//delete reports of torrent
whereParams := structs.CreateWhereParams("torrent_id = ?", id)
reports, _, _ := reports.FindOrderBy(&whereParams, "", 0, 0)
for _, report := range reports {
report.Delete(false)
}
}
if err == nil {
if torrent.Uploader == nil {
torrent.Uploader = &models.User{}
}
_, username := torrents.HideUser(torrent.UploaderID, torrent.Uploader.Username, torrent.Hidden)
activities.Log(&models.User{}, torrent.Identifier(), "delete", "torrent_deleted_by", strconv.Itoa(int(torrent.ID)), username, getUser(c).Username)
}
}
c.Redirect(http.StatusSeeOther, returnRoute+"?deleted")
}
// TorrentReportDeleteModPanel : Controller for deleting a torrent report
func TorrentReportDeleteModPanel(c *gin.Context) {
id := c.Query("id")
fmt.Println(id)
idNum, _ := strconv.ParseUint(id, 10, 64)
_, _, _ = reports.Delete(uint(idNum))
/* If we need to log report delete activity
if err == nil {
activity.Log(&models.User{}, torrent.Identifier(), "delete", "torrent_report_deleted_by", strconv.Itoa(int(report.ID)), getUser(c).Username)
}
*/
c.Redirect(http.StatusSeeOther, "/mod/reports?deleted")
}
// TorrentReassignModPanel : Controller for reassigning a torrent, after GET request
func TorrentReassignModPanel(c *gin.Context) {
formTemplate(c, "admin/reassign.jet.html", ReassignForm{})
}
// TorrentPostReassignModPanel : Controller for reassigning a torrent, after POST request
func TorrentPostReassignModPanel(c *gin.Context) {
var rForm ReassignForm
messages := msg.GetMessages(c)
if rForm.ExtractInfo(c) {
count, err2 := rForm.ExecuteAction()
if err2 != nil {
messages.AddErrorT("errors", "something_went_wrong")
} else {
messages.AddInfoTf("infos", "nb_torrents_updated", count)
}
}
formTemplate(c, "admin/reassign.jet.html", rForm)
}
// TorrentsPostListPanel : Controller for listing torrents, after POST request when mass update
func TorrentsPostListPanel(c *gin.Context) {
torrentManyAction(c)
TorrentsListPanel(c)
}
// APIMassMod : This function is used on the frontend for the mass
/* Query is: action=status|delete|owner|category|multiple
* Needed: torrent_id[] Ids of torrents in checkboxes of name torrent_id
*
* Needed on context:
* status=0|1|2|3|4 according to config/find.go (can be omitted if action=delete|owner|category|multiple)
* owner is the User ID of the new owner of the torrents (can be omitted if action=delete|status|category|multiple)
* category is the category string (eg. 1_3) of the new category of the torrents (can be omitted if action=delete|status|owner|multiple)
*
* withreport is the bool to enable torrent reports deletion (can be omitted)
*
* In case of action=multiple, torrents can be at the same time changed status, owner and category
*/
func APIMassMod(c *gin.Context) {
torrentManyAction(c)
messages := msg.GetMessages(c) // new utils for errors and infos
c.Header("Content-Type", "application/json")
var mapOk map[string]interface{}
if !messages.HasErrors() {
mapOk = map[string]interface{}{"ok": true, "infos": messages.GetAllInfos()["infos"]}
} else { // We need to show error messages
mapOk = map[string]interface{}{"ok": false, "errors": messages.GetAllErrors()["errors"]}
}
c.JSON(http.StatusOK, mapOk)
}
// DeletedTorrentsModPanel : Controller for viewing deleted torrents, accept common search arguments
func DeletedTorrentsModPanel(c *gin.Context) {
page := c.Param("page")
messages := msg.GetMessages(c) // new utils for errors and infos
deleted := c.Request.URL.Query()["deleted"]
unblocked := c.Request.URL.Query()["unblocked"]
blocked := c.Request.URL.Query()["blocked"]
if deleted != nil {
messages.AddInfoT("infos", "torrent_deleted_definitely")
}
if blocked != nil {
messages.AddInfoT("infos", "torrent_blocked")
}
if unblocked != nil {
messages.AddInfoT("infos", "torrent_unblocked")
}
var err error
pagenum := 1
if page != "" {
pagenum, err = strconv.Atoi(html.EscapeString(page))
if !log.CheckError(err) {
c.AbortWithError(http.StatusInternalServerError, err)
return
}
}
searchParam, torrents, count, err := search.ByQueryDeleted(c, pagenum)
if err != nil {
messages.Error(err)
}
category := ""
if len(searchParam.Category) > 0 {
category = searchParam.Category[0].String()
}
searchForm := searchForm{
TorrentParam: searchParam,
Category: category,
ShowItemsPerPage: true,
}
nav := navigation{count, int(searchParam.Max), pagenum, "mod/torrents/deleted/p"}
search := searchForm
modelList(c, "admin/torrentlist.jet.html", torrents, nav, search)
}
// DeletedTorrentsPostPanel : Controller for viewing deleted torrents after a mass update, accept common search arguments
func DeletedTorrentsPostPanel(c *gin.Context) {
torrentManyAction(c)
DeletedTorrentsModPanel(c)
}
// TorrentBlockModPanel : Controller to lock torrents, redirecting to previous page
func TorrentBlockModPanel(c *gin.Context) {
id, _ := strconv.ParseInt(c.Query("id"), 10, 32)
torrent, _, err := torrents.ToggleBlock(uint(id))
var returnRoute, action string
if torrent.IsDeleted() {
returnRoute = "/mod/torrents/deleted"
} else {
returnRoute = "/mod/torrents"
}
if torrent.IsBlocked() {
action = "blocked"
} else {
action = "unblocked"
}
if err == nil {
if torrent.Uploader == nil {
torrent.Uploader = &models.User{}
}
_, username := torrents.HideUser(torrent.UploaderID, torrent.Uploader.Username, torrent.Hidden)
activities.Log(&models.User{}, torrent.Identifier(), action, "torrent_"+action+"_by", strconv.Itoa(int(torrent.ID)), username, getUser(c).Username)
}
c.Redirect(http.StatusSeeOther, returnRoute+"?"+action)
}
/*
* Controller to modify multiple torrents and can be used by the owner of the torrent or admin
*/
func torrentManyAction(c *gin.Context) {
currentUser := getUser(c)
torrentsSelected := c.PostFormArray("torrent_id") // should be []string
action := c.PostForm("action")
status, _ := strconv.Atoi(c.PostForm("status"))
owner, _ := strconv.Atoi(c.PostForm("owner"))
category := c.PostForm("category")
withReport, _ := strconv.ParseBool(c.DefaultPostForm("withreport", "false"))
messages := msg.GetMessages(c) // new utils for errors and infos
catID, subCatID := -1, -1
var err error
if action == "" {
messages.AddErrorT("errors", "no_action_selected")
}
if action == "status" && c.PostForm("status") == "" { // We need to check the form value, not the int one because hidden is 0
messages.AddErrorT("errors", "no_move_location_selected")
}
if action == "owner" && c.PostForm("owner") == "" { // We need to check the form value, not the int one because renchon is 0
messages.AddErrorT("errors", "no_owner_selected")
}
if action == "category" && category == "" {
messages.AddErrorT("errors", "no_category_selected")
}
if len(torrentsSelected) == 0 {
messages.AddErrorT("errors", "select_one_element")
}
if !config.Get().Torrents.Status[status] { // Check if the status exist
messages.AddErrorTf("errors", "no_status_exist", status)
status = -1
}
if !currentUser.HasAdmin() {
if c.PostForm("status") != "" { // Condition to check if a user try to change torrent status without having the right permission
if (status == models.TorrentStatusTrusted && !currentUser.IsTrusted()) || status == models.TorrentStatusAPlus || status == 0 {
status = models.TorrentStatusNormal
}
}
if c.PostForm("owner") != "" { // Only admins can change owner of torrents
owner = -1
}
withReport = false // Users should not be able to remove reports
}
if c.PostForm("owner") != "" && currentUser.HasAdmin() { // We check that the user given exist and if not we return an error
_, _, errorUser := users.FindForAdmin(uint(owner))
if errorUser != nil {
messages.AddErrorTf("errors", "no_user_found_id", owner)
owner = -1
}
}
if category != "" {
catsSplit := strings.Split(category, "_")
// need this to prevent out of index panics
if len(catsSplit) == 2 {
catID, err = strconv.Atoi(catsSplit[0])
if err != nil {
messages.AddErrorT("errors", "invalid_torrent_category")
}
subCatID, err = strconv.Atoi(catsSplit[1])
if err != nil {
messages.AddErrorT("errors", "invalid_torrent_category")
}
if !categories.Exists(category) {
messages.AddErrorT("errors", "invalid_torrent_category")
}
}
}
if !messages.HasErrors() {
for _, torrentID := range torrentsSelected {
id, _ := strconv.Atoi(torrentID)
torrent, _ := torrents.FindByID(uint(id))
if torrent.ID > 0 && currentUser.CurrentOrAdmin(torrent.UploaderID) {
if action == "status" || action == "multiple" || action == "category" || action == "owner" {
/* If we don't delete, we make changes according to the form posted and we save at the end */
if c.PostForm("status") != "" && status != -1 {
torrent.Status = status
messages.AddInfoTf("infos", "torrent_moved", torrent.Name)
}
if c.PostForm("owner") != "" && owner != -1 {
torrent.UploaderID = uint(owner)
messages.AddInfoTf("infos", "torrent_owner_changed", torrent.Name)
}
if category != "" && catID != -1 && subCatID != -1 {
torrent.Category = catID
torrent.SubCategory = subCatID
messages.AddInfoTf("infos", "torrent_category_changed", torrent.Name)
}
/* Changes are done, we save */
_, err := torrent.UpdateUnscope()
if err == nil {
if torrent.Uploader == nil {
torrent.Uploader = &models.User{}
}
_, username := torrents.HideUser(torrent.UploaderID, torrent.Uploader.Username, torrent.Hidden)
activities.Log(&models.User{}, torrent.Identifier(), "edited", "torrent_edited_by", strconv.Itoa(int(torrent.ID)), username, getUser(c).Username)
}
} else if action == "delete" {
if status == models.TorrentStatusBlocked { // Then we should lock torrents before deleting them
torrent.Status = status
messages.AddInfoTf("infos", "torrent_moved", torrent.Name)
torrent.UpdateUnscope()
}
_, _, err = torrent.Delete(false)
if err != nil {
messages.ImportFromError("errors", err)
} else {
messages.AddInfoTf("infos", "torrent_deleted", torrent.Name)
if torrent.Uploader == nil {
torrent.Uploader = &models.User{}
}
_, username := torrents.HideUser(torrent.UploaderID, torrent.Uploader.Username, torrent.Hidden)
activities.Log(&models.User{}, torrent.Identifier(), "deleted", "torrent_deleted_by", strconv.Itoa(int(torrent.ID)), username, getUser(c).Username)
}
} else {
messages.AddErrorTf("errors", "no_action_exist", action)
}
if withReport {
whereParams := structs.CreateWhereParams("torrent_id = ?", torrentID)
reports, _, _ := reports.FindOrderBy(&whereParams, "", 0, 0)
for _, report := range reports {
report.Delete(false)
}
messages.AddInfoTf("infos", "torrent_reports_deleted", torrent.Name)
}
} else {
messages.AddErrorTf("errors", "torrent_not_exist", torrentID)
}
}
}
}