a
/
gosora
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
gosora/routes.go

365 lines
12 KiB
Go
Raw Normal View History

Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
/*
*
more converts
2022-02-21 03:32:53 +00:00
* Gosora Route Handlers
* Copyright Azareal 2016 - 2020
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
*
*/
Adding the files.
2016-12-02 07:38:54 +00:00
package main
Added support for Websockets. The Control Panel Dashboard now updates every second. You can now see how many guests and users are online via the Control Panel Dashboard. The Control Panel Dashboard is now a little more mobile friendly.
2017-05-11 13:04:43 +00:00
import (
adjust path
2022-02-21 03:53:13 +00:00
"crypto/sha256"
"encoding/hex"
"encoding/json"
"errors"
"io"
"log"
"net/http"
"strconv"
"strings"
"sync"
"time"
"unicode"
more converts
2022-02-21 03:32:53 +00:00
adjust path
2022-02-21 03:53:13 +00:00
c "git.tuxpa.in/a/gosora/common"
"git.tuxpa.in/a/gosora/common/phrases"
Added support for Websockets. The Control Panel Dashboard now updates every second. You can now see how many guests and users are online via the Control Panel Dashboard. The Control Panel Dashboard is now a little more mobile friendly.
2017-05-11 13:04:43 +00:00
)
Modlogs / Adminlogs WIP, not much to see here. I'm just dumping this here, as I'm going to be moving a lot of code into another file, and I didn't want it to mess with the diffs.
2017-04-05 14:05:37 +00:00
Adding the files.
2016-12-02 07:38:54 +00:00
// A blank list to fill out that parameter in Page for routes which don't use it
Simplified adding variant hooks. The benchmark now uses ten replies instead of one for a more relevant result. Slices are now used instead of maps for itemLists. The compiled template engine now supports slice loops. More routes are compiled now. Fixed a bug with the sorting of the itemLists in the templates. Guests can no longer see the reply creation forms. Fixed the notice system.
2016-12-18 12:56:06 +00:00
var tList []interface{}
Optimise the database layer. Refactor database adapters. Experimental last ip cutoff. More parser test cases.
2019-12-31 21:57:54 +00:00
var successJSONBytes = []byte(`{"success":1}`)
Adding the files.
2016-12-02 07:38:54 +00:00
Added the AboutSegment feature, you can see this in use on Cosora, it's a little raw right now, but I'm planning to polish it in the next commit. Refactored the code to use switches instead of if blocks in some places. Refactored the Dashboard to make it easier to add icons to it like I did with Cosora. You can now use maps in transpiled templates. Made progress on Cosora's footer. Swapped out the ThemeName property in the HeaderVars struct for a more general and flexible Theme property. Added the colstack CSS class to make it easier to style the layouts for the Control Panel and profile. Renamed the FStore variable to Forums. Renamed the Fpstore variable to FPStore. Renamed the Gstore variable to Groups. Split the MemoryTopicStore into DefaultTopicStore and MemoryTopicCache. Split the MemoryUserStore into DefaultUserStore and MemoryUserCache. Removed the NullUserStore, SQLUserStore, and SQLTopicStore. Added the NullTopicCache and NullUserCache. Moved the Reload method out of the TopicCache interface and into the TopicStore one. Moved the Reload method out of the UserCache interface and into the UserStore one. Added the SetCache and GetCache methods to the TopicStore and UserStore. Added the BypassGetAll method to the WordFilterMap type. Renamed routePanelSetting to routePanelSettingEdit. Renamed routePanelSettingEdit to routePanelSettingEditSubmit. Moved the page titles into the english language pack. Split main() into main and afterDBInit to avoid code duplication in general_test.go Added the ReqIsJson method so that we don't have to sniff the headers every time. Added the LogStore interface. Added the SQLModLogStore and the SQLAdminLogStore. Refactored the phrase system to use getPhrasePlaceholder instead of hard-coding the string to return in a bunch of functions. Removed a redundant rank check. Added the GuildStore to plugin_guilds. Added the about_segment_title and about_segment_body settings. Refactored the setting system to use predefined errors to make it easier for an upstream caller to filter out sensitive error messages as opposed to safe errors. Added the BypassGetAll method to the SettingMap type. Added the Update method to the SettingMap type. BulkGet is now exposed via the MemoryUserCache. Refactored more logs in the template transpiler to reduce the amount of indentation. Refactored the tests to take up fewer lines. Further improved the Cosora theme's colours, padding, and profiles. Added styling for the Control Panel Dashboard to the Cosora Theme. Reduced the amount of code duplication in the installer query generator and opened the door to certain types of auto-migrations. Refactored the Control Panel Dashboard to reduce the amount of code duplication. Refactored the modlog route to reduce the amount of code duplication and string concatenation.
2017-11-23 05:37:08 +00:00
// TODO: Refactor this
Commented out more debug code. Main Menu is now shown on the main menu in the menu list for extra clarity. Travis should now be able to run it's tests. Moved routeChangeTheme to the routes package. Moved routeShowAttachment to the routes package and partially refactored it. Moved routeLikeTopicSubmit to the routes package. Moved routeReplyLikeSubmit to the routes package and partially refactored it. Moved routeProfileReplyCreateSubmit to the routes package. Moved routeLogout to the routes package, now known as routes.AccountLogout. Moved the routeDynamic stub to the routes package, now known as routes.DynamicRoute. Moved the routeUploads stub to the routes package, now known as routes.UploadedFile. Moved the BadRoute stub to the routes package, now known as routes.BadRoute. All routes moved to the routes package have had the route prefix dropped from their name. Simplified the email token route to redirect back to the main email route instead of rendering the same template. Refactored the panel menus to use the new submenu system instead of the old one which had a lot of menu duplication. Added a stub directory for Nox, the next major theme after Cosora. Fixed a bug where the alerts wouldn't load outside of the index. Tweaked the CSS in the topic creation and reply forms on Shadow. Tweaked the padding on the stickies on Shadow. Improved the submenu CSS on every theme. Fixed the submitrow CSS on Shadow, Tempra Conflux. Fixed some double borders on Tempra Conflux. The frontend sidebar should no longer show up in the Control Panel in Tempra Conflux and Tempra Simple. Tweaked the title CSS on Cosora. Tweaked the user manager CSS on Cosora. Changed the primary text colour on Cosora. Fixed attachment images taking up too much space on Cosora. Run the patcher or update script for this commit.
2018-05-15 05:59:52 +00:00
// TODO: Use the phrase system
Experimenting with speeding up the installer. Added support for foreign keys to the MySQL adapter. activity_stream_matches now has a foreign key to help enforce referential integrity. Added the AddForeignKey method to the database adapters. Shortened a couple of API bits to ever slow slightly reduce the lengths of the strings. Fixed a phrase group I missed for logged out users in init.js Fixed a bug where deleting a topic would break the alert list when there is an alert event relating to it. You will need to run the updater / patcher for this commit.
2019-05-06 04:04:00 +00:00
var phraseLoginAlerts = []byte(`{"msgs":[{"msg":"Login to see your alerts","path":"/accounts/login"}],"count":0}`)
optimise alerts with sync pool
2020-04-20 23:59:23 +00:00
var alertStrPool = sync.Pool{}
Refactored the code to follow best standards better. Added Basic IP Search. Added more items to .gitignore Add a VSCode settings file. Refactored the theme system to allow me to add a per-user theme switcher in the following commit. Fixed h1s, rowmenus, profiles and the Control Panel Dashboard on Tempra Simple. We now catch more extreme edge case errors. Renamed route_panel_themes_default to route_panel_themes_set_default. Centralised some of the per-route ExtData fields. Added an ExtData field to headerLite. Moved SettingLabels into the Phrase System.
2017-09-03 04:50:31 +00:00
Added the AboutSegment feature, you can see this in use on Cosora, it's a little raw right now, but I'm planning to polish it in the next commit. Refactored the code to use switches instead of if blocks in some places. Refactored the Dashboard to make it easier to add icons to it like I did with Cosora. You can now use maps in transpiled templates. Made progress on Cosora's footer. Swapped out the ThemeName property in the HeaderVars struct for a more general and flexible Theme property. Added the colstack CSS class to make it easier to style the layouts for the Control Panel and profile. Renamed the FStore variable to Forums. Renamed the Fpstore variable to FPStore. Renamed the Gstore variable to Groups. Split the MemoryTopicStore into DefaultTopicStore and MemoryTopicCache. Split the MemoryUserStore into DefaultUserStore and MemoryUserCache. Removed the NullUserStore, SQLUserStore, and SQLTopicStore. Added the NullTopicCache and NullUserCache. Moved the Reload method out of the TopicCache interface and into the TopicStore one. Moved the Reload method out of the UserCache interface and into the UserStore one. Added the SetCache and GetCache methods to the TopicStore and UserStore. Added the BypassGetAll method to the WordFilterMap type. Renamed routePanelSetting to routePanelSettingEdit. Renamed routePanelSettingEdit to routePanelSettingEditSubmit. Moved the page titles into the english language pack. Split main() into main and afterDBInit to avoid code duplication in general_test.go Added the ReqIsJson method so that we don't have to sniff the headers every time. Added the LogStore interface. Added the SQLModLogStore and the SQLAdminLogStore. Refactored the phrase system to use getPhrasePlaceholder instead of hard-coding the string to return in a bunch of functions. Removed a redundant rank check. Added the GuildStore to plugin_guilds. Added the about_segment_title and about_segment_body settings. Refactored the setting system to use predefined errors to make it easier for an upstream caller to filter out sensitive error messages as opposed to safe errors. Added the BypassGetAll method to the SettingMap type. Added the Update method to the SettingMap type. BulkGet is now exposed via the MemoryUserCache. Refactored more logs in the template transpiler to reduce the amount of indentation. Refactored the tests to take up fewer lines. Further improved the Cosora theme's colours, padding, and profiles. Added styling for the Control Panel Dashboard to the Cosora Theme. Reduced the amount of code duplication in the installer query generator and opened the door to certain types of auto-migrations. Refactored the Control Panel Dashboard to reduce the amount of code duplication. Refactored the modlog route to reduce the amount of code duplication and string concatenation.
2017-11-23 05:37:08 +00:00
// TODO: Refactor this endpoint
You can now manage the attachments for an opening post by hitting edit. The update system now uses the database as the source of truth for the last version rather than lastSchema.json Refactored several structs and bits of code, so we can avoid allocations for contexts where we never use a relative time. Clicking on the relative times on the topic list and the forum page should now take you to the post on the last page rather than just the last page. Added the reltime template function. Fixed some obsolete bits of code. Fixed some spelling mistakes. Fixed a bug where MaxBytesReader was capped at the maxFileSize rather than r.ContentLength. All of the client side templates should work again now. Shortened some statement names to save some horizontal space. accUpdateBuilder and SimpleUpdate now use updatePrebuilder behind the scenes to simplify things. Renamed selectItem to builder in AccSelectBuilder. Added a Total() method to accCountBuilder to reduce the amount of boilerplate used for row count queries. The "_builder" strings have been replaced with empty strings to help save memory, to make things slightly faster and to open the door to removing the query name in many contexts down the line. Added the open_edit and close_edit client hooks. Removed many query name checks. Split the attachment logic into separate functions and de-duplicated it between replies and topics. Improved the UI for editing topics in Nox. Used type aliases to reduce the amount of boilerplate in tables.go and patches.go Reduced the amount of boilerplate in the action post logic. Eliminated a map and a slice in the topic page for users who haven't given any likes. E.g. Guests. Fixed some long out-dated parts of the update instructions. Updated the update instructions to remove mention of the obsolete lastSchema.json Fixed a bug in init.js where /api/me was being loaded for guests. Added the MiniTopicGet, GlobalCount and CountInTopic methods to AttachmentStore. Added the MiniAttachment struct. Split the mod floaters out into their own template to reduce duplication. Removed a couple of redundant ParseForms. Added the common.skipUntilIfExistsOrLine function. Added the NotFoundJS and NotFoundJSQ functions. Added the lastReplyID and attachCount columns to the topics table.
2018-12-27 05:42:41 +00:00
// TODO: Move this into the routes package
Revert "Revert "will a pointer make this faster...?"" This reverts commit 501bcc2425f79493e35f920e9a074565af334a6e.
2020-03-18 09:21:34 +00:00
func routeAPI(w http.ResponseWriter, r *http.Request, user *c.User) c.RouteError {
more converts
2022-02-21 03:32:53 +00:00
// TODO: Don't make this too JSON dependent so that we can swap in newer more efficient formats
w.Header().Set("Content-Type", "application/json")
err := r.ParseForm()
if err != nil {
return c.PreErrorJS("Bad Form", w, r)
}
action := r.FormValue("a")
if action == "" {
action = "get"
}
if action != "get" && action != "set" {
return c.PreErrorJS("Invalid Action", w, r)
}
switch r.FormValue("m") {
// TODO: Split this into it's own function
case "dismiss-alert":
id, err := strconv.Atoi(r.FormValue("id"))
if err != nil {
return c.PreErrorJS("Invalid id", w, r)
}
res, err := stmts.deleteActivityStreamMatch.Exec(user.ID, id)
if err != nil {
return c.InternalError(err, w, r)
}
count, err := res.RowsAffected()
if err != nil {
return c.InternalError(err, w, r)
}
// Don't want to throw an internal error due to a socket closing
if c.EnableWebsockets && count > 0 {
c.DismissAlert(user.ID, id)
}
w.Write(successJSONBytes)
// TODO: Split this into it's own function
case "alerts": // A feed of events tailored for a specific user
if !user.Loggedin {
h := w.Header()
if gzw, ok := w.(c.GzipResponseWriter); ok {
w = gzw.ResponseWriter
h.Del("Content-Encoding")
}
etag := "\"1583653869-n\""
//etag = c.StartEtag
h.Set("ETag", etag)
if match := r.Header.Get("If-None-Match"); match != "" {
if strings.Contains(match, etag) {
w.WriteHeader(http.StatusNotModified)
return nil
}
}
w.Write(phraseLoginAlerts)
return nil
}
var count int
err = stmts.getActivityCountByWatcher.QueryRow(user.ID).Scan(&count)
if err == ErrNoRows {
return c.PreErrorJS("Unable to get the activity count", w, r)
} else if err != nil {
return c.InternalErrorJS(err, w, r)
}
if count == 0 {
if gzw, ok := w.(c.GzipResponseWriter); ok {
w = gzw.ResponseWriter
w.Header().Del("Content-Encoding")
}
_, _ = io.WriteString(w, `{}`)
return nil
}
rCreatedAt, _ := strconv.ParseInt(r.FormValue("t"), 10, 64)
rCount, _ := strconv.Atoi(r.FormValue("c"))
//log.Print("rCreatedAt:", rCreatedAt)
//log.Print("rCount:", rCount)
var actors []int
var alerts []*c.Alert
var createdAt time.Time
var topCreatedAt int64
if count != 0 {
rows, err := stmts.getActivityFeedByWatcher.Query(user.ID, 12)
if err != nil {
return c.InternalErrorJS(err, w, r)
}
defer rows.Close()
for rows.Next() {
al := &c.Alert{}
err = rows.Scan(&al.ASID, &al.ActorID, &al.TargetUserID, &al.Event, &al.ElementType, &al.ElementID, &createdAt)
if err != nil {
return c.InternalErrorJS(err, w, r)
}
uCreatedAt := createdAt.Unix()
//log.Print("uCreatedAt", uCreatedAt)
//if rCreatedAt == 0 || rCreatedAt < uCreatedAt {
alerts = append(alerts, al)
actors = append(actors, al.ActorID)
//}
if uCreatedAt > topCreatedAt {
topCreatedAt = uCreatedAt
}
}
if err = rows.Err(); err != nil {
return c.InternalErrorJS(err, w, r)
}
}
if len(alerts) == 0 || (rCreatedAt != 0 && rCreatedAt >= topCreatedAt && count == rCount) {
if gzw, ok := w.(c.GzipResponseWriter); ok {
w = gzw.ResponseWriter
w.Header().Del("Content-Encoding")
}
_, _ = io.WriteString(w, `{}`)
return nil
}
// Might not want to error here, if the account was deleted properly, we might want to figure out how we should handle deletions in general
list, err := c.Users.BulkGetMap(actors)
if err != nil {
log.Print("actors:", actors)
return c.InternalErrorJS(err, w, r)
}
var sb *strings.Builder
ii := alertStrPool.Get()
if ii == nil {
sb = &strings.Builder{}
} else {
sb = ii.(*strings.Builder)
sb.Reset()
}
sb.Grow(c.AlertsGrowHint + (len(alerts) * (c.AlertsGrowHint2 + 1)) - 1)
sb.WriteString(`{"msgs":[`)
var ok bool
for i, alert := range alerts {
if i != 0 {
sb.WriteRune(',')
}
alert.Actor, ok = list[alert.ActorID]
if !ok {
return c.InternalErrorJS(errors.New("No such actor"), w, r)
}
err := c.BuildAlertSb(sb, alert, user)
if err != nil {
return c.LocalErrorJS(err.Error(), w, r)
}
}
sb.WriteString(`],"count":`)
sb.WriteString(strconv.Itoa(count))
sb.WriteString(`,"tc":`)
//rCreatedAt
sb.WriteString(strconv.Itoa(int(topCreatedAt)))
sb.WriteRune('}')
_, _ = io.WriteString(w, sb.String())
alertStrPool.Put(sb)
default:
return c.PreErrorJS("Invalid Module", w, r)
}
return nil
Added the InternalErrorJS and LocalErrorJS error handler functions. Hid the themes which aren't under construction yet from the Theme Manager. Fixed a bug in the BBCode parser where every post had ten spaces appended to them. Added the get_reply() internal API function for plugins to make use of. Added the bell to the theme. Fixed some bits of the Cosmo theme where the rowhead wasn't appearing. Added a "Don't have an account?" link to the login page. I began work on the alerts system, I took a little break, so it's a little further behind than you might expect, but it shouldn't take too long for me to finish it up. I haven't finished the back-end portions of it yet, so there's not much to see yet!
2017-02-28 09:27:28 +00:00
}
Almost finished live topic lists, you can find them at /topics/. You can disable them via config.json The topic list cache can handle more groups now, but don't go too crazy with groups (e.g. thousands of them). Make the suspicious request logs more descriptive. Added the phrases API endpoint. Split the template phrases up by prefix, more work on this coming up. Removed #dash_saved and part of #dash_username. Removed some temporary artifacts from trying to implement FA5 in Nox. Removed some commented CSS. Fixed template artifact deletion on Windows. Tweaked HTTPSRedirect to make it more compact. Fixed NullUserCache not complying with the expectations for BulkGet. Swapped out a few RunVhook calls for more appropriate RunVhookNoreturn calls. Removed a few redundant IsAdmin checks when IsMod would suffice. Commented out a few pushers. Desktop notification permission requests are no longer served to guests. Split topics.html into topics.html and topics_topic.html RunThemeTemplate should now fallback to interpreted templates properly when the transpiled variants aren't avaialb.e Changed TopicsRow.CreatedAt from a string to a time.Time Added SkipTmplPtrMap to CTemplateConfig. Added SetBuildTags to CTemplateSet. A bit more data is dumped when something goes wrong while transpiling templates now. topics_topic, topic_posts, and topic_alt_posts are now transpiled for the client, although not all of them are ready to be served to the client yet. Client rendered templates now support phrases. Client rendered templates now support loops. Fixed loadAlerts in global.js Refactored some of the template initialisation code to make it less repetitive. Split topic.html into topic.html and topic_posts.html Split topic_alt.html into topic_alt.html and topic_alt_posts.html Added comments for PollCache. Fixed a data race in the MemoryPollCache. The writer is now closed properly in WsHubImpl.broadcastMessage. Fixed a potential deadlock in WsHubImpl.broadcastMessage. Removed some old commented code in websockets.go Added the DisableLiveTopicList config setting.
2018-06-24 13:49:29 +00:00
Added the init.js file to make certain bits of JS run sooner than others. The template_*.js files should get cached now. The phrase API results might get cached now. Solved an edge case in the attachment parser where a redirect is triggered on a HTTPS site when the attachment is posted as a HTTP URL. Fixed runHook in the JS files.
2018-08-13 10:34:00 +00:00
// TODO: Remove this line after we move routeAPIPhrases to the routes package
Some more places to use c. instead of common. Some missed bits.
2019-04-19 07:25:49 +00:00
var cacheControlMaxAge = "max-age=" + strconv.Itoa(int(c.Day))
Added the init.js file to make certain bits of JS run sooner than others. The template_*.js files should get cached now. The phrase API results might get cached now. Solved an edge case in the attachment parser where a redirect is triggered on a HTTPS site when the attachment is posted as a HTTP URL. Fixed runHook in the JS files.
2018-08-13 10:34:00 +00:00
Almost finished live topic lists, you can find them at /topics/. You can disable them via config.json The topic list cache can handle more groups now, but don't go too crazy with groups (e.g. thousands of them). Make the suspicious request logs more descriptive. Added the phrases API endpoint. Split the template phrases up by prefix, more work on this coming up. Removed #dash_saved and part of #dash_username. Removed some temporary artifacts from trying to implement FA5 in Nox. Removed some commented CSS. Fixed template artifact deletion on Windows. Tweaked HTTPSRedirect to make it more compact. Fixed NullUserCache not complying with the expectations for BulkGet. Swapped out a few RunVhook calls for more appropriate RunVhookNoreturn calls. Removed a few redundant IsAdmin checks when IsMod would suffice. Commented out a few pushers. Desktop notification permission requests are no longer served to guests. Split topics.html into topics.html and topics_topic.html RunThemeTemplate should now fallback to interpreted templates properly when the transpiled variants aren't avaialb.e Changed TopicsRow.CreatedAt from a string to a time.Time Added SkipTmplPtrMap to CTemplateConfig. Added SetBuildTags to CTemplateSet. A bit more data is dumped when something goes wrong while transpiling templates now. topics_topic, topic_posts, and topic_alt_posts are now transpiled for the client, although not all of them are ready to be served to the client yet. Client rendered templates now support phrases. Client rendered templates now support loops. Fixed loadAlerts in global.js Refactored some of the template initialisation code to make it less repetitive. Split topic.html into topic.html and topic_posts.html Split topic_alt.html into topic_alt.html and topic_alt_posts.html Added comments for PollCache. Fixed a data race in the MemoryPollCache. The writer is now closed properly in WsHubImpl.broadcastMessage. Fixed a potential deadlock in WsHubImpl.broadcastMessage. Removed some old commented code in websockets.go Added the DisableLiveTopicList config setting.
2018-06-24 13:49:29 +00:00
// TODO: Be careful with exposing the panel phrases here, maybe move them into a different namespace? We also need to educate the admin that phrases aren't necessarily secret
Added the init.js file to make certain bits of JS run sooner than others. The template_*.js files should get cached now. The phrase API results might get cached now. Solved an edge case in the attachment parser where a redirect is triggered on a HTTPS site when the attachment is posted as a HTTP URL. Fixed runHook in the JS files.
2018-08-13 10:34:00 +00:00
// TODO: Move to the routes package
The Search and Filter Widget is now partly implemented. Just Search to go in the basic implementation. Added AJAX Pagination for the Topic List and Forum Page. A new log file pair is now created every-time Gosora starts up. Added proper per-theme template overrides. Added EasyJSON to make JSON serialisation faster. Moved a bit of boilerplate into paginator.html Improved paginator.html with a richer template with first, last and symbols instead of text. Phased out direct access to Templates.ExecuteTemplate across the software. Fixed the Live Topic List so it should work again. Added MicroAvatar to WsJSONUser for topic list JSON requests. An instance of the plugin is now passed to plugin handlers rather than having the plugins manipulate the globals directly. Added the pre_render_panel_forum_edit and pre_render_panel_forum_edit_perms hooks to replace pre_render_panel_edit_forum. Renamed the pre_render_panel_edit_user hook to pre_render_panel_user_edit Reduced the amount of noise from fsnotify. Added RawPrepare() to qgen.Accumulator. Added a temporary phrase whitelist to the phrase endpoint. Moved the location of the zone data assignments in the topic list to reduce the chances of security issues in the future. Changed the signature of routes/panel/renderTemplate() requiring some changes across the panel routes. Removed bits of boilerplate in some of the panel routes with renderTemplate() Added a BenchmarkTopicsGuestJSRouteParallelWithRouter benchmark. Removed a fair bit of boilerplate for each page struct by generating a couple of interface casts for each template file instead. Added the profile_comments_row_alt template. Added the topics_quick_topic template to reuse part of the quick topic logic for both the topic list and forum page. Tweaked the CSS for the Online Users Widget. Tweaked the CSS for Widgets in every theme with a sidebar. Refactored the template initialisers to hopefully reduce the amount of boilerplate and make things easier to maintain and follow. Add genIntTmpl in the template initialiser file to reduce the amount of boilerplate needed for the fallback template bindings. Removed the topics_head phrase. Moved the paginator_ phrases into the paginator. namespace and renamed them accordingly. Added the paginator.first_page phrase. Added the paginator.first_page_aria phrase. Added the paginator.last_page phrase. Added the paginator.last_page_aria phrase. Added the panel_forum_delete_are_you_sure phrase. Fixed a data race in LogWarning()
2019-02-10 05:52:26 +00:00
var phraseWhitelist = []string{
more converts
2022-02-21 03:32:53 +00:00
"topic",
"status",
"alerts",
"paginator",
"analytics",
You can now re-order forums by dragging them in the Forum Manager. Added some visual and textual hints to make it clearer that Menu Items and Forums can be dragged. Added a hint to flush the page after pushing the <head> Added the notice client template and pushNotice client function. Used a pointer instead of a struct for AnalyticsTimeRange in the analytics routes. Caught a potential missing error check in InitPhrases. Use struct{} instead of bool in some of the user mapping maps for WebSockets to save space. Added the buildUserExprs function to eliminate a bit of duplication. Fixed a typo in ForumsEdit where it referenced a non-existent notice phrase. Client hooks can now sort of return things. Panel phrases are now fetched by init.js, but only in the control panel. Reduced the number of unused phrases loaded in both the front-end and the control panel. Plugin hyperdrive should handle Gzip better now. Added the panel.ForumsOrderSubmit route. Added the panel_hints_reorder phrase. Moved the panel_forums phrases into the panel. namespace. Added the panel.forums_order_updated phrase. Renamed the panel_themes_menus_item_edit_button_aria phrase to panel_themes_menus_items_edit_button_aria Renamed the panel_themes_menus_item_delete_button_aria phrase to panel_themes_menus_items_delete_button_aria Added the panel_themes_menus_items_update_button phrase. You will need to run the patcher / updater for this commit.
2019-04-27 06:32:26 +00:00
more converts
2022-02-21 03:32:53 +00:00
"panel", // We're going to handle this specially below as this is a security boundary
The Search and Filter Widget is now partly implemented. Just Search to go in the basic implementation. Added AJAX Pagination for the Topic List and Forum Page. A new log file pair is now created every-time Gosora starts up. Added proper per-theme template overrides. Added EasyJSON to make JSON serialisation faster. Moved a bit of boilerplate into paginator.html Improved paginator.html with a richer template with first, last and symbols instead of text. Phased out direct access to Templates.ExecuteTemplate across the software. Fixed the Live Topic List so it should work again. Added MicroAvatar to WsJSONUser for topic list JSON requests. An instance of the plugin is now passed to plugin handlers rather than having the plugins manipulate the globals directly. Added the pre_render_panel_forum_edit and pre_render_panel_forum_edit_perms hooks to replace pre_render_panel_edit_forum. Renamed the pre_render_panel_edit_user hook to pre_render_panel_user_edit Reduced the amount of noise from fsnotify. Added RawPrepare() to qgen.Accumulator. Added a temporary phrase whitelist to the phrase endpoint. Moved the location of the zone data assignments in the topic list to reduce the chances of security issues in the future. Changed the signature of routes/panel/renderTemplate() requiring some changes across the panel routes. Removed bits of boilerplate in some of the panel routes with renderTemplate() Added a BenchmarkTopicsGuestJSRouteParallelWithRouter benchmark. Removed a fair bit of boilerplate for each page struct by generating a couple of interface casts for each template file instead. Added the profile_comments_row_alt template. Added the topics_quick_topic template to reuse part of the quick topic logic for both the topic list and forum page. Tweaked the CSS for the Online Users Widget. Tweaked the CSS for Widgets in every theme with a sidebar. Refactored the template initialisers to hopefully reduce the amount of boilerplate and make things easier to maintain and follow. Add genIntTmpl in the template initialiser file to reduce the amount of boilerplate needed for the fallback template bindings. Removed the topics_head phrase. Moved the paginator_ phrases into the paginator. namespace and renamed them accordingly. Added the paginator.first_page phrase. Added the paginator.first_page_aria phrase. Added the paginator.last_page phrase. Added the paginator.last_page_aria phrase. Added the panel_forum_delete_are_you_sure phrase. Fixed a data race in LogWarning()
2019-02-10 05:52:26 +00:00
}
Revert "Revert "will a pointer make this faster...?"" This reverts commit 501bcc2425f79493e35f920e9a074565af334a6e.
2020-03-18 09:21:34 +00:00
func routeAPIPhrases(w http.ResponseWriter, r *http.Request, user *c.User) c.RouteError {
more converts
2022-02-21 03:32:53 +00:00
// TODO: Don't make this too JSON dependent so that we can swap in newer more efficient formats
h := w.Header()
h.Set("Content-Type", "application/json")
err := r.ParseForm()
if err != nil {
return c.PreErrorJS("Bad Form", w, r)
}
query := r.FormValue("q")
if query == "" {
return c.PreErrorJS("No query provided", w, r)
}
var negations, positives []string
for _, queryBit := range strings.Split(query, ",") {
queryBit = strings.TrimSpace(queryBit)
if queryBit[0] == '!' && len(queryBit) > 1 {
queryBit = strings.TrimPrefix(queryBit, "!")
for _, ch := range queryBit {
if !unicode.IsLetter(ch) && ch != '-' && ch != '_' {
return c.PreErrorJS("No symbols allowed, only - and _", w, r)
}
}
negations = append(negations, queryBit)
} else {
for _, ch := range queryBit {
if !unicode.IsLetter(ch) && ch != '-' && ch != '_' {
return c.PreErrorJS("No symbols allowed, only - and _", w, r)
}
}
positives = append(positives, queryBit)
}
}
if len(positives) == 0 {
return c.PreErrorJS("You haven't requested any phrases", w, r)
}
h.Set("Cache-Control", cacheControlMaxAge) //Cache-Control: max-age=31536000
var etag string
_, ok := w.(c.GzipResponseWriter)
if ok {
etag = "\"" + strconv.FormatInt(phrases.GetCurrentLangPack().ModTime.Unix(), 10) + "-ng\""
} else {
etag = "\"" + strconv.FormatInt(phrases.GetCurrentLangPack().ModTime.Unix(), 10) + "-n\""
}
var plist map[string]string
var notModified, private bool
posLoop := func(positive string) c.RouteError {
// ! Constrain it to a subset of phrases for now
for _, item := range phraseWhitelist {
if strings.HasPrefix(positive, item) {
// TODO: Break this down into smaller security boundaries based on control panel sections?
// TODO: Do we have to be so strict with panel phrases?
if strings.HasPrefix(positive, "panel") {
private = true
ok = user.IsSuperMod
} else {
ok = true
if notModified {
return nil
}
w.Header().Set("ETag", etag)
match := r.Header.Get("If-None-Match")
if match != "" && strings.Contains(match, etag) {
notModified = true
return nil
}
}
break
}
}
if !ok {
return c.PreErrorJS("Outside of phrase prefix whitelist", w, r)
}
return nil
}
// A little optimisation to avoid copying entries from one map to the other, if we don't have to mutate it
if len(positives) > 1 {
plist = make(map[string]string)
for _, positive := range positives {
rerr := posLoop(positive)
if rerr != nil {
return rerr
}
pPhrases, ok := phrases.GetTmplPhrasesByPrefix(positive)
if !ok {
return c.PreErrorJS("No such prefix", w, r)
}
for name, phrase := range pPhrases {
plist[name] = phrase
}
}
} else {
rerr := posLoop(positives[0])
if rerr != nil {
return rerr
}
pPhrases, ok := phrases.GetTmplPhrasesByPrefix(positives[0])
if !ok {
return c.PreErrorJS("No such prefix", w, r)
}
plist = pPhrases
}
if private {
w.Header().Set("Cache-Control", "private")
} else if notModified {
w.WriteHeader(http.StatusNotModified)
return nil
}
for _, negation := range negations {
for name, _ := range plist {
if strings.HasPrefix(name, negation) {
delete(plist, name)
}
}
}
// TODO: Cache the output of this, especially for things like topic, so we don't have to waste more time than we need on this
jsonBytes, err := json.Marshal(plist)
if err != nil {
return c.InternalError(err, w, r)
}
w.Write(jsonBytes)
return nil
Almost finished live topic lists, you can find them at /topics/. You can disable them via config.json The topic list cache can handle more groups now, but don't go too crazy with groups (e.g. thousands of them). Make the suspicious request logs more descriptive. Added the phrases API endpoint. Split the template phrases up by prefix, more work on this coming up. Removed #dash_saved and part of #dash_username. Removed some temporary artifacts from trying to implement FA5 in Nox. Removed some commented CSS. Fixed template artifact deletion on Windows. Tweaked HTTPSRedirect to make it more compact. Fixed NullUserCache not complying with the expectations for BulkGet. Swapped out a few RunVhook calls for more appropriate RunVhookNoreturn calls. Removed a few redundant IsAdmin checks when IsMod would suffice. Commented out a few pushers. Desktop notification permission requests are no longer served to guests. Split topics.html into topics.html and topics_topic.html RunThemeTemplate should now fallback to interpreted templates properly when the transpiled variants aren't avaialb.e Changed TopicsRow.CreatedAt from a string to a time.Time Added SkipTmplPtrMap to CTemplateConfig. Added SetBuildTags to CTemplateSet. A bit more data is dumped when something goes wrong while transpiling templates now. topics_topic, topic_posts, and topic_alt_posts are now transpiled for the client, although not all of them are ready to be served to the client yet. Client rendered templates now support phrases. Client rendered templates now support loops. Fixed loadAlerts in global.js Refactored some of the template initialisation code to make it less repetitive. Split topic.html into topic.html and topic_posts.html Split topic_alt.html into topic_alt.html and topic_alt_posts.html Added comments for PollCache. Fixed a data race in the MemoryPollCache. The writer is now closed properly in WsHubImpl.broadcastMessage. Fixed a potential deadlock in WsHubImpl.broadcastMessage. Removed some old commented code in websockets.go Added the DisableLiveTopicList config setting.
2018-06-24 13:49:29 +00:00
}
Made it harder to parse the antispam script. Used Unicode magic to make it harder to parse the antispam trap question. Added more shady email substrings. Tweaked the contributing guidelines, no more await allowed... For now. Might already have Git, note that. Added the the_form class to the login form, registration form and login mfa form. Made the titles on the Control Panel Dashboard and Debug page a little softer on Cosora. Added the quick topic form to Nox. Made the topic pages somewhat usable on Nox.
2018-07-05 09:54:01 +00:00
// A dedicated function so we can shake things up every now and then to make the token harder to parse
// TODO: Are we sure we want to do this by ID, just in case we reuse this and have multiple antispams on the page?
Revert "Revert "will a pointer make this faster...?"" This reverts commit 501bcc2425f79493e35f920e9a074565af334a6e.
2020-03-18 09:21:34 +00:00
func routeJSAntispam(w http.ResponseWriter, r *http.Request, user *c.User) c.RouteError {
more converts
2022-02-21 03:32:53 +00:00
h := sha256.New()
h.Write([]byte(c.JSTokenBox.Load().(string)))
h.Write([]byte(user.GetIP()))
jsToken := hex.EncodeToString(h.Sum(nil))
Made it harder to parse the antispam script. Used Unicode magic to make it harder to parse the antispam trap question. Added more shady email substrings. Tweaked the contributing guidelines, no more await allowed... For now. Might already have Git, note that. Added the the_form class to the login form, registration form and login mfa form. Made the titles on the Control Panel Dashboard and Debug page a little softer on Cosora. Added the quick topic form to Nox. Made the topic pages somewhat usable on Nox.
2018-07-05 09:54:01 +00:00
more converts
2022-02-21 03:32:53 +00:00
innerCode := "`document.getElementByld('golden-watch').value='" + jsToken + "';`"
io.WriteString(w, `let hihi=`+innerCode+`;hihi=hihi.replace('ld','Id');eval(hihi);`)
Made it harder to parse the antispam script. Used Unicode magic to make it harder to parse the antispam trap question. Added more shady email substrings. Tweaked the contributing guidelines, no more await allowed... For now. Might already have Git, note that. Added the the_form class to the login form, registration form and login mfa form. Made the titles on the Control Panel Dashboard and Debug page a little softer on Cosora. Added the quick topic form to Nox. Made the topic pages somewhat usable on Nox.
2018-07-05 09:54:01 +00:00
more converts
2022-02-21 03:32:53 +00:00
return nil
Made it harder to parse the antispam script. Used Unicode magic to make it harder to parse the antispam trap question. Added more shady email substrings. Tweaked the contributing guidelines, no more await allowed... For now. Might already have Git, note that. Added the the_form class to the login form, registration form and login mfa form. Made the titles on the Control Panel Dashboard and Debug page a little softer on Cosora. Added the quick topic form to Nox. Made the topic pages somewhat usable on Nox.
2018-07-05 09:54:01 +00:00
}