From 6931713a2b78bdff325b97b9473224e887ce2027 Mon Sep 17 00:00:00 2001 From: RhinosF1 <46229976+RhinosF1@users.noreply.github.com> Date: Fri, 15 May 2020 11:35:19 +0100 Subject: [PATCH] Handle POST headers better (#20) * Handle POST headers better * Update main.py * Create userinfo.cfg * Update userinfo.cfg * Update main.py * Update main.py * Update main.py * needs to be handled at least * make that better * more specific * revert last * upping sleep times * The user touching userinfo.cfg is a bad thing * incorrect * Update .travis.yml * Update main.py ran 'me@mypc PublicTestWiki-Inactive-Auto-post-header-automation % autopep8 --aggressive --aggressive -v --in-place main.py' * Update .travis.yml * Update .travis.yml * Update main.py * bumping to rc1 Co-authored-by: Examknow --- .travis.yml | 3 +- main.py | 315 ++++++++++++++++++++++++++++++--------------------- userinfo.cfg | 1 + 3 files changed, 185 insertions(+), 134 deletions(-) create mode 100644 userinfo.cfg diff --git a/.travis.yml b/.travis.yml index 71759e0..c0441cb 100644 --- a/.travis.yml +++ b/.travis.yml @@ -18,8 +18,7 @@ before_script: - docker exec testenv pip install -r requirements.txt - docker exec testenv python --version script: - # we ignore E402 because of workarounds we use for modules loading, and F401 because some imports aren't directly used but needed for modules and travis doesn't like that - - docker exec testenv flake8 modules --ignore E402,F401,W503 --max-line-length 210 + - docker exec testenv flake8 main.py --ignore W503,W504 --max-line-length 210 notifications: irc: channels: diff --git a/main.py b/main.py index 1c8ea8e..fbadf42 100644 --- a/main.py +++ b/main.py @@ -2,149 +2,200 @@ import requests import stdiomask import sys +from random import getrandbits # Define the functions here -def remove(): - time.sleep(2) - input("Press enter to continue or ctrl+c to quit") - users = input("How many users are being removed? ") - userlist = [] - count = 0 - while count < int(users): - usertemp = input("User to remove: ") - userlist.append(usertemp) - count = count + 1 - time.sleep(0.5) - fromheader = input("Your Email: ") - headers = { - 'User-Agent': 'PublicTestWikiInactiveAuto-github/rhinosf1-fortestwikiconusls', - 'From': fromheader - } - S = requests.Session() - URL = "https://test.miraheze.org/w/api.php" - # Step 1: Retrieve a login token - PARAMS_1 = { - "action": "query", - "meta": "tokens", - "type": "login", - "format": "json" - } - R = S.get(url=URL, params=PARAMS_1, headers=headers) - DATA = R.json() - LOGIN_TOKEN = DATA["query"]["tokens"]["logintoken"] - # Step 2: Send a post request to log in. See - # https://www.mediawiki.org/wiki/Manual:Bot_passwords - time.sleep(1) #wait 1s to avoid throttling - username = input("Username: ") - password = stdiomask.getpass() - PARAMS_2 = { - "action": "login", - "lgname": username, - "lgpassword": password, - "lgtoken": LOGIN_TOKEN, - "format": "json" - } - R = S.post(URL, data=PARAMS_2, headers=headers) - time.sleep(1) #hold for 1s to avoid throttling - # Step 3: Obtain a Userrights token - PARAMS_3 = { - "action": "query", - "format": "json", - "meta": "tokens", - "type": "userrights" - } - R = S.get(url=URL, params=PARAMS_3, headers=headers) - DATA = R.json() - USERRIGHTS_TOKEN = DATA["query"]["tokens"]["userrightstoken"] - count = 0 - while count < len(userlist): - inactiveuser = userlist[count] - time.sleep(5) #wait 5 seconds before write api - # Step 4: Request to add or remove a user from a group - PARAMS_4 = { - "action": "userrights", +def remove(): + time.sleep(2) + input("Press enter to continue or ctrl+c to quit") + file = open('userinfo.cfg', 'r') + userdata = file.read() + file.close() + try: + if userdata == '-': + opusername = input("Operator Username: ") + fromheader = input("Bot Email: ") + else: + userdata.split(',') + opusername = userdata[1] + fromheader = userdata[2] + username = userdata[3] + log = input("Logged in to: " + str(userdata) + " - Confirm? Y/N: ") + if log == "N": + opusername = input("Operator Username: ") + fromheader = input("Bot Email: ") + username = input("Bot Username: ") + except IndexError: + opusername = input("Operator Username: ") + fromheader = input("Bot Email: ") + headers = { + 'User-Agent': 'BOT: ' + opusername + '@TestWikiAutoInactive-v1rc1', + 'From': fromheader + } + S = requests.Session() + URL = "https://publictestwiki.com/w/api.php" + # Step 1: Retrieve a login token + PARAMS_1 = { + "action": "query", + "meta": "tokens", + "type": "login", + "format": "json" + } + R = S.get(url=URL, params=PARAMS_1, headers=headers) + DATA = R.json() + LOGIN_TOKEN = DATA["query"]["tokens"]["logintoken"] + # Step 2: Send a post request to log in. See + # https://www.mediawiki.org/wiki/Manual:Bot_passwords + time.sleep(5) # wait 5s to avoid throttling + password = stdiomask.getpass() + PARAMS_2 = { + "action": "login", + "lgname": username, + "lgpassword": password, + "lgtoken": LOGIN_TOKEN, + "format": "json" + } + # destroy the password + replace with random hash + password = getrandbits(125) + R = S.post(URL, data=PARAMS_2, headers=headers) + PARAMS_AUTH = { + "action": "query", "format": "json", - "user": inactiveuser, - "remove": "bot|sysop|bureaucrat|consul|testgroup|autopatrolled|confirmed|rollbacker|interface-admin|flow-bot|checkuser|interwiki-admin|oversight|steward", - "reason": "per [[TestWiki:Inactivity|Inactivity report]]", - "token": USERRIGHTS_TOKEN + "meta": "userinfo", + "uiprop": "email" } - count = count + 1 - - R = S.post(URL, data=PARAMS_4) + authres = S.post(URL, data=PARAMS_AUTH, headers=headers) + EMAIL = authres.json() + EMAIL = EMAIL["query"]["userinfo"]["email"] + if fromheader == EMAIL: + print("Email Authenticated!") + else: + fromheader = EMAIL + print("Your email was replaced with " + fromheader) + headers = { + 'User-Agent': 'BOT: ' + opusername + '@TestWikiAutoInactive-v1rc1', + 'From': fromheader # rewrite header to user email + } + configfile = open('userinfo.cfg', 'w+') + configfile.write( + ',' + + opusername + + ',' + + fromheader + + ',' + + username + + ',') + configfile.close() + time.sleep(5) # hold for 5s to avoid throttling + # Step 3: Obtain a Userrights token + PARAMS_3 = { + "action": "query", + "format": "json", + "meta": "tokens", + "type": "userrights" + } + R = S.get(url=URL, params=PARAMS_3, headers=headers) DATA = R.json() - print(DATA) - time.sleep(2) - print('Generating mass message text..') - print('{{subst:Inactivity|user='+username+'}}') - time.sleep(5) - print("Thanks for using! Good bye.") - sys.exit() - -def notify(): - time.sleep(10) - consul = input("What is your username? ") - removedate = input("Removal date: ") - date = input("Today's Date: " ) - users = input("How many users are being removed? ") - userlist = [] - count = 0 - while count < int(users): - usertemp = input("User to remove: ") - userlist.append(usertemp) - count = count + 1 - time.sleep(0.5) - print("Generating mass message list....") - time.sleep(2) - count = 0 - while count < len(userlist): - print("User Talk:" + str(userlist[count])) - count = count + 1 - time.sleep(0.5) - print("Generating mass message text....") - time.sleep(2) - print("{{subst:InactiveReminder|DATE=" + removedate + "|sig=~~~ for [[User:"+consul +"|"+consul + "]]}}") - print("Generating Community Noticeboard post") - time.sleep(2) - print("==Inactive Rights Removal - "+ date + "==") - print("The rights of the following users will be removed on or after " + removedate + " if they do not return to activity:") - count = 0 - while count < len(userlist): - print("*{{RFP/User|"+userlist[count]+"}}") + USERRIGHTS_TOKEN = DATA["query"]["tokens"]["userrightstoken"] + users = input("How many users are being removed? ") + userlist = [] + count = 0 + while count < int(users): + usertemp = input("User to remove: ") + userlist.append(usertemp) count = count + 1 - print("") - print("Thanks,") - print(":~~~") - print(":For the Consul Team") - print(":~~~~~") - time.sleep(5) - print("Thanks for using! Good bye.") + time.sleep(0.5) + count = 0 + while count < len(userlist): + inactiveuser = userlist[count] + time.sleep(10) # wait 10 seconds before write api + # Step 4: Request to add or remove a user from a group + PARAMS_4 = { + "action": "userrights", + "format": "json", + "user": inactiveuser, + "remove": "bot|sysop|bureaucrat|consul|testgroup|autopatrolled|confirmed|rollbacker|interface-admin|flow-bot|checkuser|interwiki-admin|oversight|steward", + "reason": "per [[TestWiki:Inactivity|Inactivity report]]", + "token": USERRIGHTS_TOKEN} + count = count + 1 + R = S.post(URL, data=PARAMS_4, headers=headers) + DATA = R.json() + print(DATA) + time.sleep(2) + print('Generating mass message text..') + print('{{subst:Inactivity|user=' + opusername + '}}') + time.sleep(5) + print("Thanks for using! Good bye.") + sys.exit() +def notify(): + time.sleep(10) + consul = input("What is your username? ") + removedate = input("Removal date: ") + date = input("Today's Date: ") + users = input("How many users are being removed? ") + userlist = [] + count = 0 + while count < int(users): + usertemp = input("User to remove: ") + userlist.append(usertemp) + count = count + 1 + time.sleep(0.5) + print("Generating mass message list....") + time.sleep(2) + count = 0 + while count < len(userlist): + print("User Talk:" + str(userlist[count])) + count = count + 1 + time.sleep(0.5) + print("Generating mass message text....") + time.sleep(2) + print("{{subst:InactiveReminder|DATE=" + removedate + + "|sig=~~~ for [[User:" + consul + "|" + consul + "]]}}") + print("Generating Community Noticeboard post") + time.sleep(2) + print("==Inactive Rights Removal - " + date + "==") + print( + "The rights of the following users will be removed on or after " + + removedate + + " if they do not return to activity:") + count = 0 + while count < len(userlist): + print("*{{RFP/User|" + userlist[count] + "}}") + count = count + 1 + print("") + print("Thanks,") + print(":~~~") + print(":For the Consul Team") + print(":~~~~~") + time.sleep(5) + print("Thanks for using! Good bye.") try: - if sys.argv[1] == 'remove': - print("Running Script in Remove Mode") - print("Welcome to the TestWiki:Inactivity Script") - print("This script may only be used by consuls") - print("Please ensure notifications were sent > 7 days ago and the users are still inacitve") - remove() - if sys.argv[1] == 'notify': - print("Running Script in Notify Mode") - print("Before we begin, please run the findInactive script on https://publictestwiki.com") - print("The notification process will begin in 10 seconds") - notify() - if sys.argv[1] == 'help': - print("Commands are:") - print("remove - Removes rights from inactive users") - print("notify - Generates messages for inactive users") - print("help - Displays this help page") - else: - print("Unknown command. For help use 'main.py help'.") -except IndexError: - print("Please specify an action (remove, notify)") - sys.exit() + if sys.argv[1] == 'remove': + print("Running Script in Remove Mode") + print("Welcome to the TestWiki:Inactivity Script") + print("This script may only be used by consuls") + print("Please ensure notifications were sent > 7 days ago and the users are still inacitve") + remove() + elif sys.argv[1] == 'notify': + print("Running Script in Notify Mode") + print("Before we begin, please run the findInactive script on https://publictestwiki.com") + print("The notification process will begin in 10 seconds") + notify() + elif sys.argv[1] == 'help': + print("Commands are:") + print("remove - Removes rights from inactive users") + print("notify - Generates messages for inactive users") + print("help - Displays this help page") + else: + print("Unknown command. For help use 'main.py help'.") +except IndexError as e: + print(e) + print("Please specify an action (remove, notify)") + sys.exit() diff --git a/userinfo.cfg b/userinfo.cfg new file mode 100644 index 0000000..39cdd0d --- /dev/null +++ b/userinfo.cfg @@ -0,0 +1 @@ +-