diff options
Diffstat (limited to 'main.py')
| -rw-r--r-- | main.py | 15 |
1 files changed, 13 insertions, 2 deletions
diff --git a/main.py b/main.py index 736d112..d243d0f 100644 --- a/main.py +++ b/main.py @@ -38,7 +38,8 @@ deprecated = { "set_display_name": "set_property", "set_avatar": "set_property", "set_bio": "set_property", - "set_lastfm": "set_property" + "set_lastfm": "set_property", + "clear_home": "" } ulist = {} @@ -46,7 +47,7 @@ client_data = {} clients = [] -invite_codes = ["STANLEYYELNATSAB"] +invite_codes = [] locked = False class util: @@ -367,6 +368,9 @@ async def handler(websocket): if "KICK" not in db.acc.get_perms(username): await websocket.send(util.error("unauthorized", listener)) continue + if "PROTECTED" not in db.acc.get_perms(r["username"].lower()): + await websocket.send(util.error("unauthorized", listener)) + continue try: await util.forcekick(r["username"].lower()) except Exception as e: @@ -386,6 +390,9 @@ async def handler(websocket): await websocket.send(util.error("unauthorized", listener)) continue r["username"] = r["username"].lower() + if "PROTECTED" not in db.acc.get_perms(r["username"]): + await websocket.send(util.error("unauthorized", listener)) + continue ac = db.acc.edit({"banned_until": r["banned_until"]}, r["username"]) if ac != True: server.send_message(client, util.error(ac, listener)) @@ -400,6 +407,10 @@ async def handler(websocket): if str(websocket.id) not in client_data: await websocket.send(util.error("unauthorized", listener)) continue + username = client_data[str(websocket.id)]["username"] + if "INBOX" not in db.acc.get_perms(username): + await websocket.send(util.error("unauthorized", listener)) + continue data = db.inbox.get_recent() await websocket.send(json.dumps({"error": False, "inbox": data, "listener": listener})) elif r["command"] == "post_inbox": |