move user ban functionality to the database instead of config

suchwow/app.py

@@ -9,7 +9,7 @@ from flask import Flask, request, session, redirect
 from flask import render_template, flash, url_for
 from flask_session import Session
 from suchwow import config
-from suchwow.models import Post, Profile, Comment, Notification, db, Moderator
+from suchwow.models import Post, Profile, Comment, Notification, db, Moderator, Ban
 from suchwow.routes import auth, comment, post, profile, leaderboard, api
 from suchwow.utils.decorators import login_required, moderator_required
 from suchwow.utils.helpers import post_webhook, get_latest_tipped_posts
@@ -85,7 +85,7 @@ def init():
         makedirs(f"{config.DATA_FOLDER}/{i}", exist_ok=True)
 
     # init db
-    db.create_tables([Post, Profile, Comment, Notification, Moderator])
+    db.create_tables([Post, Profile, Comment, Notification, Moderator, Ban])
 
 @app.cli.command("post_reddit")
 @click.argument('last_hours')
@@ -153,6 +153,40 @@ def remove_admin(username):
     else:
         print("That moderator doesn't exist")
 
+@app.cli.command("ban_user")
+@click.argument("username")
+@click.argument("reason", nargs=-1)
+def ban_user(username, reason):
+    u = Profile.filter(username=username).first()
+    b = Ban.filter(user=u).first()
+    if b:
+        print("User already banned")
+        return False
+    if u:
+        b = Ban(user=u, reason=' '.join(reason))
+        b.save()
+        print(f"Banned {username}")
+        return
+    else:
+        print("That user doesn't exist")
+        return
+
+@app.cli.command("unban_user")
+@click.argument("username")
+def ban_user(username):
+    u = Profile.filter(username=username).first()
+    if not u:
+        print("That user doesn't exist")
+        return False
+    b = Ban.filter(user=u).first()
+    if b:
+        b.delete_instance()
+        print(f"Unbanned {username}")
+        return True
+    else:
+        print("That user isn't banned")
+        return False
+
 @app.cli.command("show")
 @click.argument("post_id")
 def post_id(post_id):

suchwow/config.py

@@ -21,9 +21,6 @@ WALLET_RPC_USER = getenv('WALLET_RPC_USER', 'suchwow')   #
 WALLET_RPC_PASS = getenv('WALLET_RPC_PASS', 'suchwow')   #
 WALLET_PASS = getenv('WALLET_PASS', 'zzzzzzz')           # You specify all these wallet details in .env
 
-# Optional for banning users who post crazy shit (they do)
-BANNED_USERS = {'username': 'reason for the ban'}
-
 # Optional for posting to Reddit
 PRAW_CLIENT_SECRET = getenv('PRAW_CLIENT_SECRET', None)
 PRAW_CLIENT_ID = getenv('PRAW_CLIENT_ID', None)

suchwow/models.py

@@ -123,3 +123,12 @@ class Notification(Model):
 
     class Meta:
         database = db
+
+class Ban(Model):
+    id = AutoField()
+    user = ForeignKeyField(Profile)
+    reason = TextField()
+    timestamp = DateTimeField(default=datetime.now)
+
+    class Meta:
+        database = db

suchwow/routes/post.py

@@ -9,7 +9,7 @@ from werkzeug.utils import secure_filename
 from secrets import token_urlsafe
 from suchwow import wownero
 from suchwow import config
-from suchwow.models import Post, Comment
+from suchwow.models import Post, Profile, Comment, Ban
 from suchwow.utils.decorators import login_required, profile_required, moderator_required
 from suchwow.utils.helpers import allowed_file, is_moderator, get_session_user
 from suchwow.utils.helpers import rw_cache, post_webhook
@@ -54,12 +54,14 @@ def read(id):
 @login_required
 @profile_required
 def create():
+    submitter = get_session_user()
+    u = Profile.filter(username=submitter)
+    banned = Ban.filter(user=u).first()
+    print(banned)
+    if banned:
+        flash(f"You can't post: {banned.reason}", "is-danger")
+        return redirect("/")
     if request.method == "POST":
-        submitter = get_session_user()
-        if submitter in config.BANNED_USERS:
-            reason = config.BANNED_USERS[submitter]
-            flash(f"You can't post for now: {reason}", "is-danger")
-            return redirect("/")
         post_title = request.form.get("title")
         # check if the post request has the file part
         if "file" not in request.files: