Beispiel #1
0
    def save(self, request):
        """Process and save cleaned data in the database."""

        ip_address = core_utils.get_client_ip(request)
        comment_period_lockout = getattr(
                settings, 'COMMENT_PERIOD_LOCKOUT', None
        )
        num_comments_allowed_in_lockout = \
            getattr(settings, 'NUM_COMMENTS_ALLOWED_IN_PERIOD', 5)
        throttle_key = 'commenting_%s_%s' % (
            self.cleaned_data['comment_content_type_id'],
            self.cleaned_data['comment_object_pk']
        )
        if request.user.is_authenticated():
            user = request.user
        else:
            user = None

        if comment_period_lockout is not None:
            if core_throttling.check_throttle_exists(request, throttle_key):
                throttled = core_throttling.check_throttle(
                    request,
                    throttle_key,
                    comment_period_lockout,
                    num_comments_allowed_in_lockout
                )
            else:
                throttled = throttling.check_throttle(
                    user,
                    ip_address,
                    comment_period_lockout,
                    num_comments_allowed_in_lockout
                )

            if throttled:
                raise exceptions.RapidCommentingError(
                    _("You are commenting too quickly. "
                    "Please wait before commenting again")
                )

        if self.cleaned_data['anonymous']:
            user = None

        comment = models.CommentModel.objects.create(
            user=user,
            created_by=user,
            modified_by=user,
            user_name=self.cleaned_data['user_name'],
            ip_address=ip_address,
            site=Site.objects.get_current(),
            content_type_id=self.cleaned_data['comment_content_type_id'],
            object_pk=self.cleaned_data['comment_object_pk'],
            comment=self.cleaned_data['comment_box']
        )

        core_throttling.add_to_throttle(
            request, throttle_key, comment.publish_at
        )

        return comment
Beispiel #2
0
def _validate(request, user, throttle_key, ip_address, action):
    """Prevent users from liking the same thing twice."""

    already_liked = request.COOKIES.get(throttle_key, None)
    if user is None and already_liked is None and action == 'remove':
        raise exceptions.UnauthorizedLikingError(
            _("This is not yours")
        )

    if user is None and already_liked and action == 'add':
        raise exceptions.UnauthorizedLikingError(
            _("You already like this")
        )

    like_period_lockout = getattr(settings, 'LIKE_PERIOD_LOCKOUT', None)
    num_likes_allowed_in_lockout = \
        getattr(settings, 'NUM_LIKES_ALLOWED_IN_PERIOD', 5)
    if like_period_lockout is not None:
        if core_throttling.check_throttle_exists(request, throttle_key):
            throttled = core_throttling.check_throttle(
                request,
                throttle_key,
                like_period_lockout,
                num_likes_allowed_in_lockout
            )
        else:
            throttled = throttling.check_throttle(
                user,
                ip_address,
                like_period_lockout,
                num_likes_allowed_in_lockout
            )

        if throttled:
            raise exceptions.RapidLikingError(
                _('You are liking too quickly. '
                'Please wait before liking again')
            )