Add ability to make stickied, locked, and cyclical threads to backend code

2025-09-04 10:06:24 -07:00 · 2024-09-08 15:46:09 -07:00 · 2024-09-08 15:46:09 -07:00 · f1a5acc9e4
commit f1a5acc9e4
parent f03ea709f8
8 changed files with 64 additions and 26 deletions
--- a/cmd/gochan/deleteposts.go
+++ b/cmd/gochan/deleteposts.go
@ -16,7 +16,6 @@ import (
 	"github.com/gochan-org/gochan/pkg/config"
 	"github.com/gochan-org/gochan/pkg/gcsql"
 	"github.com/gochan-org/gochan/pkg/gcutil"
-	"github.com/gochan-org/gochan/pkg/manage"
 	"github.com/gochan-org/gochan/pkg/posting/uploads"
 	"github.com/gochan-org/gochan/pkg/server"
 	"github.com/gochan-org/gochan/pkg/server/serverutil"
@ -179,7 +178,7 @@ func deletePosts(checkedPosts []int, writer http.ResponseWriter, request *http.R
 		return
 	}

-	staff, err := manage.GetStaffFromRequest(request)
+	staff, err := gcsql.GetStaffFromRequest(request)
 	if err != nil && !errors.Is(err, sql.ErrNoRows) {
 		serveError(writer, "Unable to get staff info", http.StatusInternalServerError, wantsJSON, errEv.Err(err).Caller())
 		return
--- a/pkg/config/config.go
+++ b/pkg/config/config.go
@ -322,6 +322,7 @@ type PostConfig struct {
 	RepliesOnBoardPage       int
 	StickyRepliesOnBoardPage int
 	NewThreadsRequireUpload  bool
+	CyclicalThreadNumPosts   int

 	BanColors        []string
 	BanMessage       string
--- a/pkg/config/defaults.go
+++ b/pkg/config/defaults.go
@ -48,6 +48,7 @@ var (
 				ThreadsPerPage:           20,
 				RepliesOnBoardPage:       3,
 				StickyRepliesOnBoardPage: 1,
+				CyclicalThreadNumPosts:   500,
 				BanMessage:               "USER WAS BANNED FOR THIS POST",
 				EmbedWidth:               200,
 				EmbedHeight:              164,
--- a/pkg/gcsql/staff.go
+++ b/pkg/gcsql/staff.go
@ -169,6 +169,22 @@ func GetStaffBySession(session string) (*Staff, error) {
 	return &staff, err
 }

+// GetStaffFromRequest returns the staff making the request. If the request does not have
+// a staff cookie, it will return a staff object with rank 0.
+func GetStaffFromRequest(request *http.Request) (*Staff, error) {
+	sessionCookie, err := request.Cookie("sessiondata")
+	if err != nil {
+		return &Staff{Rank: 0}, nil
+	}
+	staff, err := GetStaffBySession(sessionCookie.Value)
+	if errors.Is(err, sql.ErrNoRows) {
+		return &Staff{Rank: 0}, nil
+	} else if err != nil {
+		return nil, err
+	}
+	return staff, nil
+}
+
 func GetStaffByUsername(username string, onlyActive bool) (*Staff, error) {
 	query := `SELECT 
 	id, username, password_checksum, global_rank, added_on, last_login, is_active
--- a/pkg/manage/handler.go
+++ b/pkg/manage/handler.go
@ -55,7 +55,7 @@ func setupManageFunction(action *Action) bunrouter.HandlerFunc {
 		}

 		var staff *gcsql.Staff
-		staff, err = GetStaffFromRequest(request)
+		staff, err = gcsql.GetStaffFromRequest(request)
 		if err != nil {
 			errEv.Err(err).Caller().Msg("Unable to get staff from request")
 			server.ServeError(writer, "Error getting staff info from request", wantsJSON, nil)
--- a/pkg/manage/util.go
+++ b/pkg/manage/util.go
@ -96,7 +96,7 @@ func createSession(key, username, password string, request *http.Request, writer
 }

 func getCurrentStaff(request *http.Request) (string, error) {
-	staff, err := GetStaffFromRequest(request)
+	staff, err := gcsql.GetStaffFromRequest(request)
 	if err != nil {
 		return "", err
 	}
@ -105,23 +105,14 @@ func getCurrentStaff(request *http.Request) (string, error) {

 // GetStaffFromRequest returns the staff making the request. If the request does not have
 // a staff cookie, it will return a staff object with rank 0.
+// Deprecated: use gcsql.GetStaffFromRequest
 func GetStaffFromRequest(request *http.Request) (*gcsql.Staff, error) {
-	sessionCookie, err := request.Cookie("sessiondata")
-	if err != nil {
-		return &gcsql.Staff{Rank: 0}, nil
-	}
-	staff, err := gcsql.GetStaffBySession(sessionCookie.Value)
-	if errors.Is(err, sql.ErrNoRows) {
-		return &gcsql.Staff{Rank: 0}, nil
-	} else if err != nil {
-		return nil, err
-	}
-	return staff, nil
+	return gcsql.GetStaffFromRequest(request)
 }

 // GetStaffRank returns the rank number of the staff referenced in the request
 func GetStaffRank(request *http.Request) int {
-	staff, err := GetStaffFromRequest(request)
+	staff, err := gcsql.GetStaffFromRequest(request)
 	if err != nil {
 		return NoPerms
 	}
--- a/pkg/posting/post.go
+++ b/pkg/posting/post.go
@ -250,6 +250,7 @@ func MakePost(writer http.ResponseWriter, request *http.Request) {
 	infoEv, errEv := gcutil.LogRequest(request)

 	if !serverutil.ValidReferer(request) {
+		// post has no referrer, or has a referrer from a different domain, probably a spambot
 		gcutil.LogWarning().
 			Str("spam", "badReferer").
 			Str("IP", gcutil.GetRealIP(request)).
@ -309,10 +310,34 @@ func MakePost(writer http.ResponseWriter, request *http.Request) {
 	setCookies(writer, request)

 	post.CreatedOn = time.Now()
-	// isSticky := request.PostFormValue("modstickied") == "on"
-	// isLocked := request.PostFormValue("modlocked") == "on"
+	isSticky := request.PostFormValue("modstickied") == "on"
+	isLocked := request.PostFormValue("modlocked") == "on"

-	//post has no referrer, or has a referrer from a different domain, probably a spambot
+	if isSticky || isLocked {
+		// check that the user has permission to create sticky/locked threads
+
+		staff, err := gcsql.GetStaffFromRequest(request)
+		if err != nil {
+			errEv.Err(err).Caller().Msg("Unable to get staff info")
+			server.ServeError(writer, "Unable to get staff info", wantsJSON, nil)
+			return
+		}
+		if staff.Rank < 2 {
+			// must be at least a moderator in order to make a sticky or locked thread
+			writer.WriteHeader(http.StatusForbidden)
+			server.ServeError(writer, "You do not have permission to lock or sticky threads", wantsJSON, map[string]any{
+				"username": staff.Username,
+				"rank":     staff.Rank,
+			})
+			return
+		}
+	}
+
+	isCyclical := request.PostFormValue("cyclical") == "on"
+	if isCyclical && boardConfig.CyclicalThreadNumPosts == 0 {
+		server.ServeError(writer, "Board does not support cyclical threads", wantsJSON, nil)
+		return
+	}

 	var delay int
 	var tooSoon bool
@ -405,7 +430,7 @@ func MakePost(writer http.ResponseWriter, request *http.Request) {
 		return
 	}
 	_, emailCommand := getEmailAndCommand(request)
-	if err = post.Insert(emailCommand != "sage", board.ID, false, false, false, false); err != nil {
+	if err = post.Insert(emailCommand != "sage", board.ID, isLocked, isSticky, false, isCyclical); err != nil {
 		errEv.Err(err).Caller().
 			Str("sql", "postInsertion").
 			Msg("Unable to insert post")
--- a/templates/postbox.html
+++ b/templates/postbox.html
@ -1,11 +1,7 @@
 {{define "postbox.html"}}
 <div id="postbox-area">
-	<form id="postform" name="postform" action="{{webPath "/post"}}" method="POST" enctype="multipart/form-data">
-	{{- with .op}}
-		<input type="hidden" name="threadid" value="{{$.op.ID}}" />
-	{{- else -}}
-		<input type="hidden" name="threadid" value="0" />
-	{{- end}}
+	<form id="postform" name="postform" action="{{webPath `/post`}}" method="POST" enctype="multipart/form-data">
+		<input type="hidden" name="threadid" value="{{with .op}}{{.ID}}{{else}}0{{end}}" />
 		<input type="hidden" name="boardid" value="{{$.board.ID}}" />
 		<table id="postbox-static">
 			<tr><th class="postblock">Name</th><td><input type="text" name="postname" maxlength="100" size="25" /></td></tr>
@ -34,6 +30,15 @@
 				</td>
 			</tr>
 			{{- end -}}
+			{{with $.op}}{{else -}}
+			<tr id="threadoptions" {{if eq $.boardConfig.CyclicalThreadNumPosts 0}}style="display: none;"{{end}}>
+				<th class="postblock">Options</th>
+				<td>
+					{{if gt $.boardConfig.CyclicalThreadNumPosts 0}}
+					<label for="cyclical"><input type="checkbox" name="cyclical" id="cyclical"> Cyclical thread</label>
+					{{end}}
+				</td>
+			</tr>{{end}}
 			<tr><th class="postblock">Password</th><td><input type="password" id="postpassword" name="postpassword" size="14" /> (for post/file deletion)</td></tr>
 			{{if .useCaptcha -}}
 				<tr><th class="postblock">CAPTCHA</th><td>