from flask import render_template, redirect, url_for, request, abort from flask_login import login_required, current_user from wtforms import StringField, SubmitField from wtforms.validators import DataRequired from flask_wtf import FlaskForm from models import db, User, Comments, Image, Votes, VideoVotes, Video, Comic, ComicVotes, Cookies, UpdateCookiesForm import os import shutil import uuid import aiofiles import bcrypt from utils import update_related_tables def register_admin_routes(app): @app.route('/admin', methods=['GET', 'POST']) @login_required def admin(): if current_user.username != 'naturefie': return redirect(url_for('index')) form = UpdateCookiesForm() user_cookies = { user.id: Cookies.query.filter_by(username=user.username).first().cookies if Cookies.query.filter_by(username=user.username).first() else 0 for user in User.query.all() } comments = Comments.query.order_by(Comments.comment_date.desc()).all() return render_template( 'panel.html', arts=Image.query.all(), comics=Comic.query.all(), videos=Video.query.all(), users=User.query.all(), comments=comments, form=form, user_cookies=user_cookies ) @app.route('/admin/delete//', methods=['POST']) @login_required def admin_delete_content(content_type, content_id): models = { 'art': (Image, 'arts', 'image_file', Votes, 'image_id'), 'video': (Video, 'videos', 'video_file', VideoVotes, 'video_id'), 'comic': (Comic, 'comics', 'comic_folder', ComicVotes, 'comic_id') } if content_type not in models: abort(404) model, folder, file_field, vote_model, foreign_key = models[content_type] content = model.query.get_or_404(content_id) vote_model.query.filter(getattr(vote_model, foreign_key) == content_id).delete() Comments.query.filter(getattr(Comments, foreign_key) == content_id).delete() file_path = os.path.join(app.config['UPLOAD_FOLDER'][folder], getattr(content, file_field)) if os.path.exists(file_path): if os.path.isfile(file_path): os.remove(file_path) else: shutil.rmtree(file_path) db.session.delete(content) db.session.commit() return redirect(url_for('admin')) @app.route('/admin/delete/user/', methods=['POST']) @login_required def admin_delete_user(user_id): user = User.query.get_or_404(user_id) if current_user.username != 'naturefie': return redirect(url_for('admin')) db.session.delete(user) db.session.commit() return redirect(url_for('admin')) @app.route('/admin/update_comment/', methods=['POST']) @login_required def admin_update_comment(comment_id): comment = Comments.query.get_or_404(comment_id) if current_user.username != 'naturefie': abort(403) new_text = request.form.get('comment_text', '').strip() if not new_text: return redirect(url_for('admin')) comment.comment_text = new_text try: db.session.commit() print(f"Updated comment ID {comment_id}: {comment.comment_text}") except Exception as e: db.session.rollback() print(f"Error updating comment: {e}") return redirect(url_for('admin')) @app.route('/admin/delete_comment/', methods=['POST']) @login_required def admin_delete_comment(comment_id): comment = Comments.query.get_or_404(comment_id) if current_user.username != 'naturefie': abort(403) db.session.delete(comment) db.session.commit() return redirect(url_for('admin')) @app.route('/admin/update_cookies/', methods=['POST']) @login_required def admin_update_cookies(user_id): user = User.query.get_or_404(user_id) if request.method == 'POST': new_cookie_count = request.form.get('cookies', type=int) if new_cookie_count is not None and new_cookie_count >= 0: user_cookies = Cookies.query.filter_by(username=user.username).first() if not user_cookies: user_cookies = Cookies(username=user.username, cookies=new_cookie_count) db.session.add(user_cookies) else: user_cookies.cookies = new_cookie_count db.session.commit() return redirect(url_for('admin')) @app.route('/admin/update_video/', methods=['POST']) @login_required def admin_update_video(content_id): video = Video.query.get_or_404(content_id) if current_user.username != 'naturefie': return redirect(url_for('admin')) new_video_name = request.form.get('video_name') new_description = request.form.get('description') new_tags = request.form.get('tags') if new_video_name and new_video_name != video.video_name: if len(new_video_name) < 3 or len(new_video_name) > 100: return redirect(url_for('admin')) video.video_name = new_video_name if new_description: video.description = new_description if new_tags: video.tags = new_tags db.session.commit() return redirect(url_for('admin')) @app.route('/admin/update_user/', methods=['POST']) @login_required def admin_update_user(user_id): user = User.query.get_or_404(user_id) if current_user.username != 'naturefie': return redirect(url_for('admin')) new_username = request.form.get('username') new_password = request.form.get('password') if new_username and new_username != user.username: if len(new_username) < 3 or len(new_username) > 20: return redirect(url_for('admin')) if User.query.filter_by(username=new_username).first(): return redirect(url_for('admin')) old_username = user.username user.username = new_username update_related_tables(old_username, new_username) if new_password: if len(new_password) < 6: return redirect(url_for('admin')) hashed_password = bcrypt.generate_password_hash(new_password).decode('utf-8') user.encrypted_password = hashed_password db.session.commit() return redirect(url_for('admin')) @app.route('/admin/update_tags//', methods=['POST']) @login_required def admin_update_tags(content_type, content_id): models = { 'art': Image, 'video': Video, 'comic': Comic } if content_type not in models: abort(404) model = models[content_type] content = model.query.get_or_404(content_id) new_tags = request.form.get('tags', '').strip() content.tags = new_tags db.session.commit() return redirect(url_for('admin'))