Fix reporting comments on profiles

[50-scratch-tabs]

I made report_comment use _assert_auth instead of _assert_permission so that you can report comments if you're not the profile owner.

I haven't tested this yet. I will test it next time I see spammers on griffpatch's profile. Additionally, due to this bug, it seems like the report function has never been tested, so I'll compare the network output to that when I do it in browser.

[faretek1]

one of the main problems with the report api is that it is dangerous to test. i did see some ad spam earlier though, so that could be tested on

[50-scratch-tabs]

one of the main problems with the report api is that it is dangerous to test. i did see some ad spam earlier though, so that could be tested on

Yes, I plan to test when I find spam. Keep an eye on griffpatch's profile once it opens back up.

[faretek1]

heres an example of a reportable comment:
https://scratch.mit.edu/users/insanetaco2000/#comments-366138176 (advertising, this was sent on tons of profiles, including mine (i deleted it))

[TheCommCraft]

Is this good to merge?

[faretek1]

has it been tested?

[50-scratch-tabs]

Tested with the spam comment linked earlier. If it gets removed we'll know it worked.

[TheCommCraft]

If you report with three different accounts, the comment will automatically be removed 50-scratch-tabs ***@***.***> schrieb am Do., 27. Feb. 2025, 00:18:

…

Tested with the spam comment linked earlier. If it gets removed we'll know it worked. — Reply to this email directly, view it on GitHub <#337 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ATCKMZSKGKHAZU77PJZ7KX32RZDUTAVCNFSM6AAAAABWLC3ZBGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMOBWGQZDGNZTGU> . You are receiving this because you commented.Message ID: ***@***.***> [image: 50-scratch-tabs]*50-scratch-tabs* left a comment (TimMcCool/scratchattach#337) <#337 (comment)> Tested with the spam comment linked earlier. If it gets removed we'll know it worked. — Reply to this email directly, view it on GitHub <#337 (comment)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/ATCKMZSKGKHAZU77PJZ7KX32RZDUTAVCNFSM6AAAAABWLC3ZBGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMZDMOBWGQZDGNZTGU> . You are receiving this because you commented.Message ID: ***@***.***>

[50-scratch-tabs]

Tested with 3 accts, got removed instantly. Here's my quick and dirty code that I just ran in the shell:

>>> accts=[["Username1","password1"],["Username2","password2"],["Username3","password3"]]

>>> for i in accts:
...   i.append(scratchattach.login(i[0],i[1]))

>>> contenttoreport="5406 please play my anime video edit (i made video edit on scratch): https://scratch.mit.edu/projects/645577765/"

>>> for j in accts:
...   comment=j[2].connect_user("insanetaco2000").comments()[2] # change to user and comment number you want to report
...   if comment.content==contenttoreport:
...     comment.report()

Worked like a charm.

[TheCommCraft]

So did you try it with or without this PRs code?

[50-scratch-tabs]

So did you try it with or without this PRs code?

With. Without it just raises an exception unless it's your own profile.