From 7ed7ad183e2d202c4a45c382838ceec21817fe14 Mon Sep 17 00:00:00 2001 From: Kyle Drake Date: Sat, 22 Jun 2013 23:21:41 -0700 Subject: [PATCH] secret zone dont look at this commit --- app.rb | 33 ++++++++++++++++++++++++------- migrations/012_add_banned_flag.rb | 9 +++++++++ models/site.rb | 8 ++++---- views/admin.slim | 13 +++++++++--- 4 files changed, 49 insertions(+), 14 deletions(-) create mode 100644 migrations/012_add_banned_flag.rb diff --git a/app.rb b/app.rb index c47f6abe..6eb1122d 100644 --- a/app.rb +++ b/app.rb @@ -20,7 +20,7 @@ end get '/browse' do @current_page = params[:current_page] || 1 @current_page = @current_page.to_i - site_dataset = Site.order(:hits.desc, :updated_at.desc).filter(~{updated_at: nil}).paginate(@current_page, 100) + site_dataset = Site.order(:hits.desc, :updated_at.desc).filter(is_banned: false).filter(~{updated_at: nil}).paginate(@current_page, 100) @page_count = site_dataset.page_count || 1 @sites = site_dataset.all slim :browse @@ -55,10 +55,7 @@ post '/create' do DB.transaction { @site.save - begin - FileUtils.mkdir base_path - rescue Errno::EEXIST - end + FileUtils.mkdir base_path File.write File.join(base_path, 'index.html'), slim(:'templates/index', pretty: true, layout: false) File.write File.join(base_path, 'not_found.html'), slim(:'templates/not_found', pretty: true, layout: false) @@ -77,6 +74,12 @@ post '/signin' do dashboard_if_signed_in if Site.valid_login? params[:username], params[:password] site = Site[username: params[:username]] + + if site.is_banned + flash[:error] = 'Invalid login.' + redirect '/signin' + end + session[:id] = site.id redirect '/dashboard' else @@ -211,15 +214,31 @@ end get '/admin' do require_admin + @banned_sites = Site.filter(is_banned: true).order(:username).all slim :'admin' end post '/admin/banhammer' do require_admin site = Site[username: params[:username]] - binding.pry - + + if site.is_banned + flash[:error] = 'User is already banned' + redirect '/admin' + end + + if site.nil? + flash[:error] = 'User not found' + redirect '/admin' + end + + DB.transaction { + FileUtils.mv site_base_path(site.username), File.join(settings.public_folder, 'banned_sites', site.username) + site.update is_banned: true + } + flash[:success] = 'MISSION ACCOMPLISHED' + redirect '/admin' end def require_admin diff --git a/migrations/012_add_banned_flag.rb b/migrations/012_add_banned_flag.rb new file mode 100644 index 00000000..763a8f0a --- /dev/null +++ b/migrations/012_add_banned_flag.rb @@ -0,0 +1,9 @@ +Sequel.migration do + up { + DB.add_column :sites, :is_banned, :boolean, default: false + } + + down { + DB.add_column :sites, :is_banned + } +end \ No newline at end of file diff --git a/models/site.rb b/models/site.rb index 3c1ed352..37221618 100644 --- a/models/site.rb +++ b/models/site.rb @@ -65,10 +65,10 @@ class Site < Sequel::Model super end - def after_destroy - FileUtils.rm_rf file_path - super - end +# def after_destroy +# FileUtils.rm_rf file_path +# super +# end def validate super diff --git a/views/admin.slim b/views/admin.slim index 76093cc5..0b2f5ad3 100644 --- a/views/admin.slim +++ b/views/admin.slim @@ -1,12 +1,19 @@ .row - .span12 + .span12 h1 SECRET NSA BACKDOOR REPORTING ZONE + +.row + .span6 h2 Ban User for REASONS OF TERRRROROR! form action="/admin/banhammer" method="POST" input name="csrf_token" type="hidden" value="#{csrf_token}" p TerrRRRROR Suspect: - input type="text" name="username" place="" + input type="text" name="username" placeholder="edwardsnowden" br - input.btn.btn-danger type="submit" value="Warrantlessly Delete" \ No newline at end of file + input.btn.btn-danger type="submit" value="Ban" + .span6 + h2 Banned Terrorists + - @banned_sites.each do |banned_site| + = banned_site.username \ No newline at end of file