diff options
| author | multiple creatures <dev@multiple-creature.party> | 2019-07-17 15:54:57 -0500 |
|---|---|---|
| committer | multiple creatures <dev@multiple-creature.party> | 2019-07-17 15:54:57 -0500 |
| commit | 9f2d158864bb4da2dd72d965c99d368e8f19df16 (patch) | |
| tree | 30fc675c890677bc4a2eb9565b46daff666a4475 /app/lib | |
| parent | 6a5b0b65bb4ff54cdc24b900cfc010a36d6dbeac (diff) | |
add `admin:eval` bangtag & make `admin:` output local-only
Diffstat (limited to 'app/lib')
| -rw-r--r-- | app/lib/bangtags.rb | 43 |
1 files changed, 41 insertions, 2 deletions
diff --git a/app/lib/bangtags.rb b/app/lib/bangtags.rb index 230f68d31..a63e908d3 100644 --- a/app/lib/bangtags.rb +++ b/app/lib/bangtags.rb @@ -505,12 +505,28 @@ class Bangtags chunk = nil next unless @account.user.admin? next if cmd[1].nil? + @status.visibility = :direct + @status.local_only = true + @status.content_type = 'text/markdown' + chunk = "\n# <code>#!</code><code>admin:#{cmd[1].downcase}</code>:\n<hr />\n" case cmd[1].downcase when 'silence', 'unsilence', 'suspend', 'unsuspend', 'forgive' - @status.content_type = 'text/markdown' - chunk = "<code>admin:#{cmd[1].downcase}</code>:\n" @tf_cmds.push(cmd) @component_stack.push(:tf) + when 'exec', 'eval' + @chunks << chunk + unless @account.username.in?((ENV['ALLOW_ADMIN_EVAL_FROM'] || '').split) + @chunks << "<em>Unauthorized.</em>" + next + end + @chunks << "<strong>Input:</strong>" + unless cmd[2].present? && cmd[2].downcase == 'last' + @vars.delete("_admin:eval") + @vore_stack.push("_admin:eval") + @component_stack.push(:var) + end + @post_cmds.push(['admin', 'eval']) + chunk = nil end end end @@ -659,6 +675,25 @@ class Bangtags when 'desc' status.media_attachments[media_idx-1].description = @vars["_media:#{media_idx}:desc"] status.media_attachments[media_idx-1].save + @vars.delete("_media:#{media_idx}:desc") + end + when 'admin' + next unless @account.user.admin? + next if post_cmd[1].nil? + case post_cmd[1] + when 'eval' + @chunks << "<pre><code>" + @chunks << html_entities.encode(@vars["_admin:eval"]) + @chunks << "</code></pre>\n" + @chunks << "<strong>Output:</strong>" + begin + result = eval(@vars["_admin:eval"]) + rescue Exception => e + result = "\u274c #{e.message}" + end + @chunks << "<pre><code>" + @chunks << html_entities.encode(result) + @chunks << "</code></pre>" end end end @@ -695,4 +730,8 @@ class Bangtags end from_status.save end + + def html_entities + @html_entities ||= HTMLEntities.new + end end |