From c1aa3b227279c87ed442b73ddc17aa2018dc41eb Mon Sep 17 00:00:00 2001
From: Xevion <xevioni@yandex.com>
Date: Mon, 23 Dec 2019 21:48:11 -0600
Subject: [PATCH] swath of changes to remove hidden "id" implementation in
 favor of hidden "role" RBAC implement

---
 app/__init__.py                        |  4 +---
 app/hidden.py                          | 25 +++++++++++++++----------
 app/models.py                          |  1 -
 app/routes.py                          | 22 +---------------------
 app/templates/base.html                |  2 +-
 app/templates/dashboard/dashboard.html |  7 ++++++-
 6 files changed, 24 insertions(+), 37 deletions(-)

diff --git a/app/__init__.py b/app/__init__.py
index 7dcd06e..85b9180 100644
--- a/app/__init__.py
+++ b/app/__init__.py
@@ -17,6 +17,4 @@ migrate = Migrate(app, db)
 
 from app import models
 from app import routes, simple_routes, hidden, dashboard
-from app import ftbhot, custom, spotify, panzer, sound
-
-app.jinja_env.globals.update(get_hidden=routes.get_hidden)
\ No newline at end of file
+from app import ftbhot, custom, spotify, panzer, sound
\ No newline at end of file
diff --git a/app/hidden.py b/app/hidden.py
index 68526d2..b5cb0af 100644
--- a/app/hidden.py
+++ b/app/hidden.py
@@ -8,11 +8,18 @@ import xmltodict
 import base64
 import json
 
-# The only implementation I could get to work
-def validate_id(id):
-    id = str(id).strip()
-    val = str(app.config['HIDDEN_NUMBER']).strip()
-    return id == val
+@app.route('/hidden/history')
+@login_required
+@require_role(roles=['Hidden', 'Admin'])
+def hidden_history():
+    return render_template('hidden_history.html')
+
+
+@app.route('/hidden/help')
+@login_required
+@require_role(roles=['Hidden'])
+def hidden_help():
+    return render_template('hidden_help.html')
 
 # Parses strings to test for "boolean-ness"
 def boolparse(string, default=False):
@@ -23,12 +30,10 @@ def boolparse(string, default=False):
         return True
     return False
 
-@app.route('/hidden<id>/')
+@app.route('/hidden/')
 @login_required
 @require_role(roles=['Hidden'])
-def hidden(id):
-    if not validate_id(id):
-        return '<span style="color: red;">error:</span> bad id'
+def hidden():
     # Handled within request
     tags = request.args.get('tags') or 'trap'
     try:
@@ -81,7 +86,7 @@ def build_data(tags, page, count, base64, showfull):
                 'index' : str(index + 1),
                 'real_url' : element['@file_url'],
                 'sample_url' : element['@preview_url'],
-                # strips tags, ensures no empty tags (may be unnescary)
+                # strips tags, ensures no empty tags (may be unnecessary)
                 'tags' : list(filter(lambda tag : tag != '', [tag.strip() for tag in element['@tags'].split(' ')])),
                 'view' : gelbooru_view_url.format(element['@id'])
                 }
diff --git a/app/models.py b/app/models.py
index a12cead..a40b7e9 100644
--- a/app/models.py
+++ b/app/models.py
@@ -102,7 +102,6 @@ class Search(db.Model):
     def __repr__(self):
         return '<Search by {} @ {}>'.format(User.query.filter_by(id=self.user_id).first().username, self.timestamp)
 
-
 class Post(db.Model):
     id = db.Column(db.Integer, primary_key=True)
     body = db.Column(db.String(140))
diff --git a/app/routes.py b/app/routes.py
index 49fd527..61b0e40 100644
--- a/app/routes.py
+++ b/app/routes.py
@@ -146,24 +146,4 @@ def login():
 @app.route('/logout/')
 def logout():
     logout_user()
-    return redirect(url_for('index'))
-
-def get_hidden():
-    return "/hidden{}/".format(app.config['HIDDEN_NUMBER'])
-
-@app.route('/hidden<id>/history')
-@login_required
-@require_role(roles=['Hidden', 'Admin'])
-def hidden_history(id):
-    if not validate_id(id):
-        return '<span style="color: red;">error:</span> bad id'
-    return render_template('hidden_history.html')
-
-
-@app.route('/hidden<id>/help')
-@login_required
-@require_role(roles=['Hidden'])
-def hidden_help(id):
-    if not validate_id(id):
-        return '<span style="color: red;">error:</span> bad id'
-    return render_template('hidden_help.html')
\ No newline at end of file
+    return redirect(url_for('index'))
\ No newline at end of file
diff --git a/app/templates/base.html b/app/templates/base.html
index bbe9681..dc6a8e0 100644
--- a/app/templates/base.html
+++ b/app/templates/base.html
@@ -117,7 +117,7 @@ Color = Bulma Color Type of the Message Box
                         </a>
                         <hr class="navbar-divider">
                         {% if current_user.has_roles(['Hidden']) %}
-                        <a class="navbar-item" href="{{ get_hidden() }}">                            
+                        <a class="navbar-item" href="{{ url_for('hidden') }}">                            
                             <span class="navbar-fa-icon fas fa-user-ninja"></span>
                             Hidden
                         </a>
diff --git a/app/templates/dashboard/dashboard.html b/app/templates/dashboard/dashboard.html
index 9d59c15..93667d4 100644
--- a/app/templates/dashboard/dashboard.html
+++ b/app/templates/dashboard/dashboard.html
@@ -1,5 +1,10 @@
 {% extends '/dashboard/dashboard_base.html' %}
 {% set dashboard_home_active = True %}
 {% block dashboard_body %}
-<section></section>
+<section>
+    <h1>Roles</h1>
+    {% for role in current_user.get_roles() %}
+    <b>{{ role }}</b><br>
+    {% endfor %}
+</section>
 {% endblock dashboard_body %}
\ No newline at end of file