added abuse prevention for share links

cookbook/views/views.py

@@ -30,7 +30,7 @@ from cookbook.forms import (CommentForm, Recipe, RecipeBookEntryForm, User,
 from cookbook.helper.permission_helper import group_required, share_link_valid, has_group_permission
 from cookbook.models import (Comment, CookLog, InviteLink, MealPlan,
                              RecipeBook, RecipeBookEntry, ViewLog, ShoppingList, Space, Keyword, RecipeImport, Unit,
-                             Food, UserFile)
+                             Food, UserFile, ShareLink)
 from cookbook.tables import (CookLogTable, RecipeTable, RecipeTableSmall,
                              ViewLogTable, InviteLinkTable)
 from cookbook.views.data import Object
@@ -122,7 +122,8 @@ def no_space(request):
             request.user.userpreference.save()
             request.user.groups.add(Group.objects.filter(name='admin').get())
 
-            messages.add_message(request, messages.SUCCESS, _('You have successfully created your own recipe space. Start by adding some recipes or invite other people to join you.'))
+            messages.add_message(request, messages.SUCCESS,
+                                 _('You have successfully created your own recipe space. Start by adding some recipes or invite other people to join you.'))
             return HttpResponseRedirect(reverse('index'))
 
         if join_form.is_valid():
@@ -239,10 +240,12 @@ def supermarket(request):
 @group_required('user')
 def files(request):
     try:
-        current_file_size_mb = UserFile.objects.filter(space=request.space).aggregate(Sum('file_size_kb'))['file_size_kb__sum'] / 1000
+        current_file_size_mb = UserFile.objects.filter(space=request.space).aggregate(Sum('file_size_kb'))[
+                                   'file_size_kb__sum'] / 1000
     except TypeError:
         current_file_size_mb = 0
-    return render(request, 'files.html', {'current_file_size_mb': current_file_size_mb, 'max_file_size_mb': request.space.max_file_storage_mb})
+    return render(request, 'files.html',
+                  {'current_file_size_mb': current_file_size_mb, 'max_file_size_mb': request.space.max_file_storage_mb})
 
 
 @group_required('user')
@@ -264,7 +267,9 @@ def meal_plan_entry(request, pk):
 
 @group_required('user')
 def latest_shopping_list(request):
-    sl = ShoppingList.objects.filter(Q(created_by=request.user) | Q(shared=request.user)).filter(finished=False, pace=request.space).order_by('-created_at').first()
+    sl = ShoppingList.objects.filter(Q(created_by=request.user) | Q(shared=request.user)).filter(finished=False,
+                                                                                                 pace=request.space).order_by(
+        '-created_at').first()
 
     if sl:
         return HttpResponseRedirect(reverse('view_shopping', kwargs={'pk': sl.pk}) + '?edit=true')
@@ -438,7 +443,8 @@ def invite_link(request, token):
         if link := InviteLink.objects.filter(valid_until__gte=datetime.today(), used_by=None, uuid=token).first():
             if request.user.is_authenticated:
                 if request.user.userpreference.space:
-                    messages.add_message(request, messages.WARNING, _('You are already member of a space and therefore cannot join this one.'))
+                    messages.add_message(request, messages.WARNING,
+                                         _('You are already member of a space and therefore cannot join this one.'))
                     return HttpResponseRedirect(reverse('index'))
 
                 link.used_by = request.user
@@ -481,7 +487,8 @@ def space(request):
 
     counts.recipes_no_keyword = Recipe.objects.filter(keywords=None, space=request.space).count()
 
-    invite_links = InviteLinkTable(InviteLink.objects.filter(valid_until__gte=datetime.today(), used_by=None, space=request.space).all())
+    invite_links = InviteLinkTable(
+        InviteLink.objects.filter(valid_until__gte=datetime.today(), used_by=None, space=request.space).all())
     RequestConfig(request, paginate={'per_page': 25}).configure(invite_links)
 
     return render(request, 'space.html', {'space_users': space_users, 'counts': counts, 'invite_links': invite_links})
@@ -515,6 +522,19 @@ def space_change_member(request, user_id, space_id, group):
     return HttpResponseRedirect(reverse('view_space'))
 
 
+def report_share_abuse(request, token):
+    if not settings.SHARING_ABUSE:
+        messages.add_message(request, messages.WARNING,
+                             _('Reporting share links is not enabled for this instance. Please notify the page administrator to report problems.'))
+    else:
+        if link := ShareLink.objects.filter(uuid=token).first():
+            link.abuse_blocked = True
+            link.save()
+            messages.add_message(request, messages.WARNING,
+                                 _('Recipe sharing link has been disabled! For additional information please contact the page administrator.'))
+    return HttpResponseRedirect(reverse('index'))
+
+
 def markdown_info(request):
     return render(request, 'markdown_info.html', {})