def process_request(self, request):
"""when askbot is in the closed mode
it will let through only authenticated users.
All others will be redirected to the login url.
"""
if (askbot_settings.ASKBOT_CLOSED_FORUM_MODE
and request.user.is_anonymous):
resolver_match = resolve(request.path)
if not is_askbot_view(resolver_match.func):
return None
internal_ips = getattr(settings, 'ASKBOT_INTERNAL_IPS', None)
if internal_ips and request.META.get('REMOTE_ADDR') in internal_ips:
return None
if is_view_allowed(resolver_match.func):
return None
if is_askbot_view(resolver_match.func):
request.user.message_set.create(
_('Please log in to use %s') % \
askbot_settings.APP_SHORT_NAME
)
redirect_url = '%s?next=%s' % (
settings.LOGIN_URL,
encode_jwt({'next_url': request.get_full_path()})
)
return HttpResponseRedirect(redirect_url)
return None
def wrapper(request, *args, **kwargs):
if request.user.is_anonymous:
#todo: expand for handling ajax responses
if askbot_settings.ALLOW_POSTING_BEFORE_LOGGING_IN == False:
request.user.message_set.create(message=message)
params = 'next=%s' % encode_jwt({'next_url': request.path})
return HttpResponseRedirect(url_utils.get_login_url() +
'?' + params)
return view_func(request, *args, **kwargs)
def feedback(request):
if askbot_settings.FEEDBACK_MODE == 'auth-only':
if request.user.is_anonymous:
message = _('Please sign in or register to send your feedback')
request.user.message_set.create(message=message)
next_jwt = encode_jwt({'next_url': request.path})
return HttpResponseRedirect(get_login_url() + '?next=' + next_jwt)
elif askbot_settings.FEEDBACK_MODE == 'disabled':
raise Http404
data = {'page_class': 'meta'}
form = None
if request.method == "POST":
form = FeedbackForm(user=request.user, data=request.POST)
if form.is_valid():
data = {
'message': form.cleaned_data['message'],
'name': form.cleaned_data.get('name'),
'ip_addr': request.META.get('REMOTE_ADDR', _('unknown')),
'user': request.user
}
if request.user.is_authenticated:
data['email'] = request.user.email
else:
data['email'] = form.cleaned_data.get('email', None)
email = FeedbackEmail(data)
email.send(get_users_by_role('recv_feedback'))
message = _('Thanks for the feedback!')
request.user.message_set.create(message=message)
return HttpResponseRedirect(get_next_url(request))
else:
form = FeedbackForm(user=request.user,
initial={'next': get_next_jwt(request)})
data['form'] = form
return render(request, 'feedback.html', data)
def get_next_jwt(request, default=None):
"""Returns jwt token with the validated next_url parameter
coming from the request.
The point of this is to authenticate the value using the SECRET_KEY.
"""
return encode_jwt({'next_url': get_next_url(request, default)})
def ask_widget(request, widget_id):
def post_question(data, request):
thread = models.Thread.objects.create_new(**data)
question = thread._question_post()
request.session['widget_question_url'] = question.get_absolute_url()
return question
widget = get_object_or_404(models.AskWidget, id=widget_id)
if request.method == "POST":
if askbot_settings.READ_ONLY_MODE_ENABLED:
return redirect('ask_by_widget')
form = forms.AskWidgetForm(include_text=widget.include_text_field,
data=request.POST,
user=request.user)
if form.is_valid():
ask_anonymously = form.cleaned_data['ask_anonymously']
title = form.cleaned_data['title']
if widget.include_text_field:
text = form.cleaned_data['text']
else:
text = ' '
if widget.group:
group_id = widget.group.id
else:
group_id = None
if widget.tag:
tagnames = widget.tag.name
else:
tagnames = ''
data_dict = {
'title': title,
'added_at': timezone.now(),
'wiki': False,
'text': text,
'tagnames': tagnames,
'group_id': group_id,
'is_anonymous': ask_anonymously
}
if request.user.is_authenticated:
data_dict['author'] = request.user
#question = post_question(data_dict, request)
return redirect('ask_by_widget_complete')
else:
request.session['widget_question'] = data_dict
next_jwt = encode_jwt(
{'next_url': reverse('ask_by_widget', args=(widget.id, ))})
next_url = '%s?next=%s' % (reverse('widget_signin'), next_jwt)
return redirect(next_url)
else:
if 'widget_question' in request.session and \
request.GET.get('action', 'post-after-login'):
if request.user.is_authenticated:
data_dict = request.session['widget_question']
data_dict['author'] = request.user
question = post_question(request.session['widget_question'],
request)
del request.session['widget_question']
return redirect('ask_by_widget_complete')
else:
#FIXME: this redirect is temporal need to create the correct view
next_jwt = encode_jwt(
{'next_url': reverse('ask_by_widget', args=(widget_id, ))})
next_url = '%s?next=%s' % (reverse('widget_signin'), next_jwt)
return redirect(next_url)
form = forms.AskWidgetForm(include_text=widget.include_text_field,
user=request.user)
data = {
'form': form,
'widget': widget,
'editor_type': askbot_settings.EDITOR_TYPE
}
return render(request, 'embed/ask_by_widget.html', data)