Add automod events

cloudlink.py

@@ -4,7 +4,7 @@
 from urllib.parse import urlparse, parse_qs
 
 from utils import log, full_stack
-from database import rdb
+from database import db, rdb
 
 VERSION = "0.1.7.10"
 
@@ -282,18 +282,18 @@ def authenticate(self, account: dict[str, Any], token: str, listener: Optional[s
             "username": self.username,
             "token": token,
             "account": account,
-            "relationships": self.proxy_api_request("/me/relationships", "get")["autoget"],
+            "relationships": self.proxy_api_request("/me/relationships", "get", headers={"token": token})["autoget"],
             **({
-                "chats": self.proxy_api_request("/chats", "get")["autoget"]
+                "chats": self.proxy_api_request("/chats", "get", headers={"token": token})["autoget"]
             } if self.proto_version != 0 else {})
         }, listener=listener)
 
     def logout(self):
         if not self.username:
             return
 
-        # Trigger last_seen update
-        self.proxy_api_request("/me", "get")
+        # Update last_seen
+        db.usersv0.update_one({"_id": self.username}, {"$set": {"last_seen": int(time.time())}})
 
         self.server.usernames[self.username].remove(self)
         if len(self.server.usernames[self.username]) == 0:
@@ -313,8 +313,6 @@ def proxy_api_request(
             "X-Internal-Token": os.environ["INTERNAL_API_TOKEN"],
             "X-Internal-Ip": self.ip,
         })
-        if self.username:
-            headers["X-Internal-Username"] = self.username
 
         # Make request
         resp = getattr(requests, method)(

rest_api/__init__.py

@@ -65,16 +65,7 @@ async def check_auth(headers: TokenHeader):
     # Authenticate request
     account = None
     if request.path != "/status":
-        if hasattr(request, "internal_username") and request.internal_username:  # internal auth
-            account = db.usersv0.find_one({"_id": request.internal_username}, projection={
-                "_id": 1,
-                "uuid": 1,
-                "flags": 1,
-                "permissions": 1,
-                "ban.state": 1,
-                "ban.expires": 1
-            })
-        elif headers.token:  # external auth
+        if headers.token:
             account = db.usersv0.find_one({"tokens": headers.token}, projection={
                 "_id": 1,
                 "uuid": 1,
@@ -84,16 +75,12 @@ async def check_auth(headers: TokenHeader):
                 "ban.expires": 1
             })
 
-        if account:
-            if account["ban"]["state"] == "perm_ban" or (account["ban"]["state"] == "temp_ban" and account["ban"]["expires"] > time.time()):
-                rdb.publish("admin", msgpack.packb({
-                    "op": "log",
-                    "data": f"**Banned (REST API)**\n@{account['_id']} ({account['uuid']})\nInternal username: {getattr(request, 'internal_username')}\nBan: {account['ban']}"
-                }))
-                return {"error": True, "type": "accountBanned"}, 403
-            request.user = account["_id"]
-            request.flags = account["flags"]
-            request.permissions = account["permissions"]
+            if account:
+                if account["ban"]["state"] == "perm_ban" or (account["ban"]["state"] == "temp_ban" and account["ban"]["expires"] > time.time()):
+                    return {"error": True, "type": "accountBanned"}, 403
+                request.user = account["_id"]
+                request.flags = account["flags"]
+                request.permissions = account["permissions"]
 
 
 @app.get("/")  # Welcome message

rest_api/admin.py

@@ -407,7 +407,6 @@ async def delete_post(post_id):
     else:
         chat = db.chats.find_one({
             "_id": post["post_origin"],
-            "members": request.user,
             "deleted": False
         }, projection={"members": 1})
         if chat:

rest_api/v0/me.py

@@ -72,10 +72,7 @@ async def get_me():
     # Check authorization
     if not request.user:
         abort(401)
-
-    # Update last_seen (this is only to remove CL3's dependency on the DB)
-    db.usersv0.update_one({"_id": request.user}, {"$set": {"last_seen": int(time.time())}})
-
+
     # Get and return account
     return {"error": False, **security.get_account(request.user, include_config=True)}, 200
 

rest_api/v0/posts.py

@@ -4,10 +4,10 @@
 from typing import Optional
 from threading import Thread
 from copy import copy
-import pymongo, uuid, time, emoji
+import pymongo, uuid, time, emoji, msgpack
 
 import security
-from database import db, get_total_pages
+from database import db, rdb, get_total_pages
 from uploads import claim_file, unclaim_file
 from utils import log
 
@@ -149,7 +149,18 @@ async def report_post(post_id, data: ReportBody):
     post = db.posts.find_one({"_id": post_id})
     if not post:
         abort(404)
-
+
+    # Send to files automod if there are attachments
+    if len(post["attachments"]):
+        rdb.publish("automod:files", msgpack.packb({
+            "type": 2,
+            "username": post["u"],
+            "file_bucket": "attachments",
+            "file_hashes": [file["hash"] for file in db.files.find({"_id": {"$in": post["attachments"]}})],
+            "post_id": post["_id"],
+            "post_content": post["p"]
+        }))
+
     security.ratelimit(f"report:{request.user}", 3, 5)
 
     report = db.reports.find_one({

supporter.py

@@ -100,6 +100,17 @@ def create_post(
         if origin != "livechat":
             db.posts.insert_one(post)
 
+        # Send to files automod if there are attachments
+        if len(attachments):
+            rdb.publish("automod:files", msgpack.packb({
+                "type": 1,
+                "username": author,
+                "file_bucket": "attachments",
+                "file_hashes": [file["hash"] for file in db.files.find({"_id": {"$in": attachments}})],
+                "post_id": post_id,
+                "post_content": content
+            }))
+
         # Add nonce for WebSocket
         if nonce:
             post["nonce"] = nonce
@@ -163,6 +174,43 @@ def listen_for_admin_pubsub(self):
                         # Logout user (can't kick because of async stuff)
                         for c in self.cl.usernames.get(username, []):
                             c.logout()
+                    case "delete_post":
+                        # Get post
+                        post = db.posts.find_one({"_id": msg.pop("id")}, projection={"_id": 1, "post_origin": 1})
+
+                        # Delete post
+                        db.posts.update_one(
+                            {"_id": post["_id"]},
+                            {
+                                "$set": {
+                                    "isDeleted": True,
+                                    "deleted_at": int(time.time()),
+                                    "mod_deleted": True,
+                                }
+                            },
+                        )
+
+                        # Emit deletion
+                        if post["post_origin"] == "home" or (post["post_origin"] == "inbox" and post["u"] == "Server"):
+                            self.cl.send_event("delete_post", {
+                                "chat_id": post["post_origin"],
+                                "post_id": post["_id"]
+                            })
+                        elif post["post_origin"] == "inbox":
+                            self.cl.send_event("delete_post", {
+                                "chat_id": post["post_origin"],
+                                "post_id": post["_id"]
+                            }, usernames=[post["u"]])
+                        else:
+                            chat = db.chats.find_one({
+                                "_id": post["post_origin"],
+                                "deleted": False
+                            }, projection={"members": 1})
+                            if chat:
+                                self.cl.send_event("delete_post", {
+                                    "chat_id": post["post_origin"],
+                                    "post_id": post["_id"]
+                                }, usernames=chat["members"])
 
                     case "log":  # this is a temp thing
                         try: