diff options
| author | meltland <[email protected]> | 2025-03-22 15:57:13 -0400 |
|---|---|---|
| committer | meltland <[email protected]> | 2025-03-22 15:57:13 -0400 |
| commit | a006c75df9ddbdf69a3c3ba70a29a1bf78ad826b (patch) | |
| tree | 61bec00b531e8d980e80a59fe14e8df7f9b6948e /main.py | |
| parent | e0b3db233b1412b14393c2f3c76ace83aa954889 (diff) | |
delete/edit
Diffstat (limited to 'main.py')
| -rw-r--r-- | main.py | 55 |
1 files changed, 55 insertions, 0 deletions
diff --git a/main.py b/main.py index 4998c16..b00ea39 100644 --- a/main.py +++ b/main.py @@ -488,6 +488,61 @@ async def handler(websocket): })) await websocket.send(json.dumps({"error": False, "listener": listener})) continue + elif r["command"] == "delete_post": + fc = util.field_check({"id": range(8,128)}, r) + if fc != True: + await websocket.send(util.error(fc, listener)) + continue + if str(websocket.id) not in client_data: + await websocket.send(util.error("unauthorized", listener)) + continue + data = db.posts.get_by_id(r["id"]) + if type(data) != dict: + await websocket.send(util.error(data, listener)) + continue + username = client_data[str(websocket.id)]["username"] + if data["author"] != username: + if "DELETE" not in db.acc.get_perms(username): + await websocket.send(util.error("unauthorized", listener)) + continue + deleted = db.posts.remove(r["id"]) + if deleted != True: + await websocket.send(util.error(data, listener)) + continue + broadcast(clients, json.dumps({ + "command": "deleted_post", + "_id": r["id"], + "deleted_by_author": data["author"] == username + })) + await websocket.send(json.dumps({"error": False, "listener": listener})) + continue + elif r["command"] == "edit_post": + fc = util.field_check({"id": range(8,128), "content": range(0,3001)}, r) + if fc != True: + await websocket.send(util.error(fc, listener)) + continue + if str(websocket.id) not in client_data: + await websocket.send(util.error("unauthorized", listener)) + continue + data = db.posts.get_by_id(r["id"]) + if type(data) != dict: + await websocket.send(util.error(data, listener)) + continue + username = client_data[str(websocket.id)]["username"] + if data["author"] != username: + await websocket.send(util.error("unauthorized", listener)) + continue + edited = db.posts.edit(r["id"], r["content"]) + if edited != True: + await websocket.send(util.error(data, listener)) + continue + broadcast(clients, json.dumps({ + "command": "edited_post", + "_id": r["id"], + "content": r["content"] + })) + await websocket.send(json.dumps({"error": False, "listener": listener})) + continue elif r["command"] == "ping": pass elif r["command"] in deprecated: |