LICENSE.md

@@ -1,6 +1,6 @@
 MIT License
 
-Copyright (c) 2020-2077 Domeniko Gentner <code@tuxstash.de>
+Copyright (c) 2020 Domeniko Gentner <code@tuxstash.de>
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

labertasche/blueprints/bp_comments/__init__.py

@@ -57,6 +57,7 @@ def check_and_insert_new_comment(name):
         if not is_valid_json(new_comment) or \
                 len(new_comment['content']) < 40 or \
                 len(new_comment['email']) < 5:
+            print("too short", file=stderr)
             return make_response(jsonify(status='post-invalid-json'), 400)
 
         # Strip any HTML from message body
@@ -207,6 +208,7 @@ def check_deletion_link(name, email_hash):
     if comment:
         location = db.session.query(TLocation).filter(TLocation.id_location == comment.location_id).first()
         if compare_digest(comment.deletion, email_hash):
+            print("True")
             db.session.delete(comment)
             db.session.commit()
             url = f"{project.blogurl}?deleted=true"

labertasche/blueprints/bp_upgrades/db_v2.py

@@ -9,7 +9,7 @@
 from . import bp_dbupgrades
 from flask_cors import cross_origin
 from flask_login import login_required
-from flask import render_template, jsonify, make_response, redirect, url_for, current_app
+from flask import render_template, jsonify, make_response, redirect, url_for
 from pathlib import Path
 from labertasche.database import labertasche_db as db
 from labertasche.models import TProjects, TComments, TLocation, TEmail, TVersion
@@ -22,8 +22,7 @@ from datetime import datetime
 
 
 def get_backup_folder() -> Path:
-    path = Path(current_app.root_path)
-    path = path / "backup" / "v1"
+    path = Path('.').absolute() / "backup" / "v1"
     return path
 
 
@@ -55,7 +54,7 @@ def upgrade_db_to_v2_backup():
     # Create path for backup
     try:
         if not path.exists():
-            path.mkdir(mode=777, exist_ok=True, parents=True)
+            path.mkdir(mode=755, exist_ok=True, parents=True)
     except OSError as e:
         return make_response(jsonify(status='exception', msg=str(e)), 400)
 
@@ -136,9 +135,8 @@ def upgrade_db_to_v2_export():
         if compare_digest(db_uri[0:6], "sqlite"):
             m = search("([/]{3})(.*)", db_uri)
             new_db = get_backup_folder() / "labertasche.db"
-            old_db = Path(current_app.root_path)
-            old_db = old_db / m.group(2)
-            copy(old_db.absolute(), new_db.absolute())
+            old_db = Path(m.group(2)).absolute()
+            copy(old_db, new_db)
     except Exception as e:
         return make_response(jsonify(status='exception-copy-db', msg=str(e)), 400)
 
@@ -214,6 +212,7 @@ def upgrade_db_to_v2_import():
 
         # walk json and readd to database with project set to project 1
         for each in mails:
+            each.update({'project_id': 1})
             db.session.add(TEmail(**each))
 
         for each in locations:

labertasche/language/__init__.py

@@ -6,7 +6,7 @@
 #  * _repo    : https://git.tuxstash.de/gothseidank/labertasche
 #  * _license : This project is under MIT License
 #  *********************************************************************************/
-from flask import Request, current_app
+from flask import Request
 from pathlib import Path
 from json import load
 
@@ -19,8 +19,7 @@ class Language:
         self.languages = list()
 
         # Directory where translations live
-        i18n_dir = Path(current_app.root_path).absolute()
-        i18n_dir = i18n_dir / "i18n"
+        i18n_dir = Path('./i18n').absolute()
 
         # Looks for translations
         for filename in i18n_dir.glob("*.json"):

labertasche/settings/__init__.py

@@ -25,7 +25,7 @@ def hash_password(password, secret=None):
         secret = Secret()
     h = pbkdf2_hmac('sha512',
                     password=password.encode('utf8'),
-                    salt=secret.encode('utf8'),
+                    salt=secret.key.encode('utf8'),
                     iterations=250000)
     return h.hex()
 
@@ -113,7 +113,6 @@ class LegacySettings:
             file = file.with_suffix('.bak')
 
         with file.open('r') as fp:
-            print(f"Loading old conf from {file}")
             conf = yaml.safe_load(fp)
 
         self.system = conf['system']
@@ -130,10 +129,10 @@ class LegacySettings:
         systemvars = {
             'system': {
                 'weburl': self.system['web_url'],
-                'cookie_domain': self.system['cookie-domain'],
+                'cookie_domain': self.system['cookie_domain'],
                 'database_uri': self.system['database_uri'],
                 'debug': self.system['debug'],
-                'cookie_secure': False
+                'cookie_secure': self.system['cookie_secure']
             }
         }
 
@@ -149,7 +148,6 @@ class LegacySettings:
         }
 
         # backup old config
-        print("Copying old config to backup")
         copy(old, old.with_suffix('.bak'))
 
         # Write new config files
@@ -165,14 +163,10 @@ class LegacySettings:
             p_secret = '/etc/labertasche/' / p_secret
 
         with p_sys.open('w') as fp:
-            print("Dumping system vars as yaml")
             yaml.dump(systemvars, fp)
         with p_credentials.open('w') as fp:
-            print("Dumping credentials as yaml")
             yaml.dump(credentials, fp)
         with p_smileys.open('w') as fp:
-            print("Dumping smileys as yaml")
             yaml.dump(smileys, fp)
         with p_secret.open('w') as fp:
-            print("Dumping secret")
             fp.write(self.system['secret'])

server.py

@@ -70,7 +70,7 @@ with laberflask.app_context():
 
 
 # CORS
-cors = CORS(laberflask, resources={r"/comments/*": {"origins": "*"}})
+cors = CORS(laberflask)
 
 
 # There is only one user
@@ -102,5 +102,3 @@ def set_sqlite_pragma(dbapi_connection, connection_record):
 def inject_language():
     lang = Language(request)
     return {"i18n": lang.i18n}
-
-