summary refs log tree commit diff
path: root/main.py
diff options
context:
space:
mode:
Diffstat (limited to 'main.py')
-rw-r--r--main.py55
1 files changed, 55 insertions, 0 deletions
diff --git a/main.py b/main.py
index 4998c16..b00ea39 100644
--- a/main.py
+++ b/main.py
@@ -488,6 +488,61 @@ async def handler(websocket):
                 }))

                 await websocket.send(json.dumps({"error": False, "listener": listener}))

                 continue

+            elif r["command"] == "delete_post":

+                fc = util.field_check({"id": range(8,128)}, r)

+                if fc != True:

+                    await websocket.send(util.error(fc, listener))

+                    continue

+                if str(websocket.id) not in client_data:

+                    await websocket.send(util.error("unauthorized", listener))

+                    continue

+                data = db.posts.get_by_id(r["id"])

+                if type(data) != dict:

+                    await websocket.send(util.error(data, listener))

+                    continue

+                username = client_data[str(websocket.id)]["username"]

+                if data["author"] != username:

+                    if "DELETE" not in db.acc.get_perms(username):

+                        await websocket.send(util.error("unauthorized", listener))

+                        continue

+                deleted = db.posts.remove(r["id"])

+                if deleted != True:

+                    await websocket.send(util.error(data, listener))

+                    continue

+                broadcast(clients, json.dumps({

+                    "command": "deleted_post",

+                    "_id": r["id"],

+                    "deleted_by_author": data["author"] == username

+                }))

+                await websocket.send(json.dumps({"error": False, "listener": listener}))

+                continue

+            elif r["command"] == "edit_post":

+                fc = util.field_check({"id": range(8,128), "content": range(0,3001)}, r)

+                if fc != True:

+                    await websocket.send(util.error(fc, listener))

+                    continue

+                if str(websocket.id) not in client_data:

+                    await websocket.send(util.error("unauthorized", listener))

+                    continue

+                data = db.posts.get_by_id(r["id"])

+                if type(data) != dict:

+                    await websocket.send(util.error(data, listener))

+                    continue

+                username = client_data[str(websocket.id)]["username"]

+                if data["author"] != username:

+                    await websocket.send(util.error("unauthorized", listener))

+                    continue

+                edited = db.posts.edit(r["id"], r["content"])

+                if edited != True:

+                    await websocket.send(util.error(data, listener))

+                    continue

+                broadcast(clients, json.dumps({

+                    "command": "edited_post",

+                    "_id": r["id"],

+                    "content": r["content"]

+                }))

+                await websocket.send(json.dumps({"error": False, "listener": listener}))

+                continue

             elif r["command"] == "ping":

                 pass

             elif r["command"] in deprecated:
generated by cgit-pink 1.4.1-2-gfad0 (git 2.37.1) at 2025-04-24 21:24:31 +0000