def create_or_edit(request, post_type, post=None, mode="create"):
FormClass = POST_TYPE_MAP.get(post_type) or PostTextForm
# show blank form on GET
if request.method != "POST":
form = FormClass(instance=post)
return render(request, f"posts/compose/{post_type}.html", {
"mode": mode,
"post_type": post_type,
"form": form,
})
# validate form on POST
form = FormClass(request.POST, request.FILES, instance=post)
if form.is_valid():
if not request.me.is_moderator:
if Post.check_duplicate(user=request.me,
title=form.cleaned_data["title"],
ignore_post_id=post.id if post else None):
raise ContentDuplicated()
is_ok = Post.check_rate_limits(request.me)
if not is_ok:
raise RateLimitException(
title="π
ββοΈ Π‘Π»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ²",
message=
"Π ΠΏΠΎΡΠ»Π΅Π΄Π½Π΅Π΅ Π²ΡΠ΅ΠΌΡ Π²Ρ ΡΠΎΠ·Π΄Π°Π»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ². ΠΠΎΡΠ΅ΡΠΏΠΈΡΠ΅, ΠΏΠΎΠΆΠ°Π»ΡΠΉΡΡΠ°."
)
post = form.save(commit=False)
if not post.author_id:
post.author = request.me
post.type = post_type
post.html = None # flush cache
post.save()
if mode == "create" or not post.is_visible:
PostSubscription.subscribe(request.me,
post,
type=PostSubscription.TYPE_ALL_COMMENTS)
if post.is_visible:
if post.topic:
post.topic.update_last_activity()
SearchIndex.update_post_index(post)
LinkedPost.create_links_from_text(post, post.text)
action = request.POST.get("action")
if action == "publish":
post.publish()
LinkedPost.create_links_from_text(post, post.text)
return redirect("show_post", post.type, post.slug)
return render(request, f"posts/compose/{post_type}.html", {
"mode": mode,
"post_type": post_type,
"form": form,
})
def create_comment(request, post_slug):
post = get_object_or_404(Post, slug=post_slug)
if not post.is_commentable and not request.me.is_moderator:
raise AccessDenied(title="ΠΠΎΠΌΠΌΠ΅Π½ΡΠ°ΡΠΈΠΈ ΠΊ ΡΡΠΎΠΌΡ ΠΏΠΎΡΡΡ Π·Π°ΠΊΡΡΡΡ")
if request.POST.get("reply_to_id"):
ProperCommentForm = ReplyForm
elif post.type == Post.TYPE_BATTLE:
ProperCommentForm = BattleCommentForm
else:
ProperCommentForm = CommentForm
if request.method == "POST":
form = ProperCommentForm(request.POST)
if form.is_valid():
is_ok = Comment.check_rate_limits(request.me)
if not is_ok:
raise RateLimitException(
title="π
ββοΈ ΠΡ ΠΊΠΎΠΌΠΌΠ΅Π½ΡΠΈΡΡΠ΅ΡΠ΅ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΡΠ°ΡΡΠΎ",
message=
"ΠΠΎΠ΄ΠΎΠΆΠ΄ΠΈΡΠ΅ Π½Π΅ΠΌΠ½ΠΎΠ³ΠΎ, Π²Ρ Π΄ΠΎΡΡΠΈΠ³Π»ΠΈ Π½Π°ΡΠ΅Π³ΠΎ Π»ΠΈΠΌΠΈΡΠ° Π½Π° ΠΊΠΎΠΌΠΌΠ΅Π½ΡΠ°ΡΠΈΠΈ Π² Π΄Π΅Π½Ρ. "
"ΠΠΎΠΆΠ΅ΡΠ΅ Π½Π°ΠΏΠΈΡΠ°ΡΡ Π½Π°ΠΌ Π² ΡΠ°ΠΏΠΏΠΎΡΡ, ΠΏΠΎΠΆΠ°Π»ΠΎΠ²Π°ΡΡΡΡ ΠΎΠ± ΡΡΠΎΠΌ.")
comment = form.save(commit=False)
comment.post = post
if not comment.author:
comment.author = request.me
comment.ipaddress = parse_ip_address(request)
comment.useragent = parse_useragent(request)
comment.save()
# update the shitload of counters :)
request.me.update_last_activity()
Comment.update_post_counters(post)
PostView.increment_unread_comments(comment)
PostView.register_view(
request=request,
user=request.me,
post=post,
)
SearchIndex.update_comment_index(comment)
LinkedPost.create_links_from_text(post, comment.text)
return redirect("show_comment", post.slug, comment.id)
else:
log.error(f"Comment form error: {form.errors}")
return render(
request, "error.html", {
"title": "ΠΠ°ΠΊΠ°Ρ-ΡΠΎ ΠΎΡΠΈΠ±ΠΊΠ° ΠΏΡΠΈ ΠΏΡΠ±Π»ΠΈΠΊΠ°ΡΠΈΠΈ ΠΊΠΎΠΌΠΌΠ΅Π½ΡΠ°ΡΠΈΡ π€·ββοΈ",
"message": f"ΠΡ ΡΠΆΠ΅ ΠΏΠΎΠ»ΡΡΠΈΠ»ΠΈ ΠΎΠΏΠΎΠ²Π΅ΡΠ΅Π½ΠΈΠ΅ ΠΈ ΡΠΊΠΎΡΠΎ ΠΏΠΎΡΠΈΠΊΡΠΈΠΌ. "
f"ΠΠ°Ρ ΠΊΠΎΠΌΠΌΠ΅Π½Ρ ΠΌΡ ΡΠΎΡ
ΡΠ°Π½ΠΈΠ»ΠΈ ΡΡΠΎΠ±Ρ Π²Ρ ΠΌΠΎΠ³Π»ΠΈ ΡΠΊΠΎΠΏΠΈΡΠΎΠ²Π°ΡΡ Π΅Π³ΠΎ ΠΈ Π·Π°ΠΏΠΎΡΡΠΈΡΡ Π΅ΡΠ΅ ΡΠ°Π·:",
"data": form.cleaned_data.get("text")
})
raise Http404()
def compose_type(request, post_type):
if post_type not in dict(Post.TYPES):
raise Http404()
FormClass = POST_TYPE_MAP.get(post_type) or PostTextForm
if request.method == "POST":
form = FormClass(request.POST, request.FILES)
if form.is_valid():
if not request.me.is_moderator:
if Post.check_duplicate(user=request.me,
title=form.cleaned_data["title"]):
raise ContentDuplicated()
is_ok = Post.check_rate_limits(request.me)
if not is_ok:
raise RateLimitException(
title="π
ββοΈ Π‘Π»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ²",
message=
"Π ΠΏΠΎΡΠ»Π΅Π΄Π½Π΅Π΅ Π²ΡΠ΅ΠΌΡ Π²Ρ ΡΠΎΠ·Π΄Π°Π»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ². ΠΠΎΡΠ΅ΡΠΏΠΈΡΠ΅, ΠΏΠΎΠΆΠ°Π»ΡΠΉΡΡΠ°."
)
post = form.save(commit=False)
post.author = request.me
post.type = post_type
post.save()
PostSubscription.subscribe(request.me, post)
if post.is_visible:
if post.topic:
post.topic.update_last_activity()
SearchIndex.update_post_index(post)
LinkedPost.create_links_from_text(post, post.text)
if post.is_visible or request.POST.get("show_preview"):
return redirect("show_post", post.type, post.slug)
else:
return redirect("compose")
else:
form = FormClass()
return render(request, f"posts/compose/{post_type}.html", {
"mode": "create",
"form": form
})
def create_for_user(cls, user, recipient, length=6):
recipient = recipient.lower()
last_codes_count = Code.objects.filter(
recipient=recipient,
created_at__gte=datetime.utcnow() - settings.AUTH_MAX_CODE_TIMEDELTA,
).count()
if last_codes_count > settings.AUTH_MAX_CODE_COUNT:
raise RateLimitException(title="ΠΡ Π·Π°ΠΏΡΠΎΡΠΈΠ»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄ΠΎΠ²")
return Code.objects.create(
recipient=recipient,
user=user,
code=random_number(length),
created_at=datetime.utcnow(),
expires_at=datetime.utcnow() + settings.AUTH_CODE_EXPIRATION_TIMEDELTA,
)
def register_archive_request(cls, user):
latest_request = DataRequests.objects\
.filter(user=user, type=DataRequests.TYPE_ARCHIVE)\
.order_by("-created_at")\
.first()
if latest_request and latest_request.created_at > datetime.utcnow(
) - settings.GDPR_ARCHIVE_REQUEST_TIMEDELTA:
raise RateLimitException(
title="ΠΡ ΡΠΆΠ΅ Π·Π°ΠΏΡΠ°ΡΠΈΠ²Π°Π»ΠΈ Π°ΡΡ
ΠΈΠ² ΡΠΎΠ²ΡΠ΅ΠΌ Π½Π΅Π΄Π°Π²Π½ΠΎ",
message="ΠΠ΅Π½Π΅ΡΠ°ΡΠΈΡ Π°ΡΡ
ΠΈΠ²Π° β ΡΠ»ΠΎΠΆΠ½Π°Ρ Π·Π°Π΄Π°ΡΠ°, "
"ΠΏΠΎΡΠΎΠΌΡ Π½Π°ΠΌ ΠΏΡΠΈΡ
ΠΎΠ΄ΠΈΡΡΡ ΠΎΠ³ΡΠ°Π½ΠΈΡΠΈΠ²Π°ΡΡ ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²ΠΎ Π·Π°ΠΏΡΠΎΡΠΎΠ² Π² Π΄Π΅Π½Ρ. "
"ΠΡΠΈΡ
ΠΎΠ΄ΠΈΡΠ΅ Π·Π°Π²ΡΡΠ°!")
return DataRequests.objects.create(
user=user,
type=DataRequests.TYPE_ARCHIVE,
)
def check_code(cls, recipient, code):
recipient = recipient.lower()
last_code = Code.objects.filter(recipient=recipient).order_by("-created_at").first()
if not last_code:
raise InvalidCode()
if last_code.attempts >= settings.AUTH_MAX_CODE_ATTEMPTS:
raise RateLimitException(
title="ΠΡ Π²Π²Π΅Π»ΠΈ ΠΊΠΎΠ΄ Π½Π΅ΠΏΡΠ°Π²ΠΈΠ»ΡΠ½ΠΎ Π½Π΅ΡΠΊΠΎΠ»ΡΠΊΠΎ ΡΠ°Π·. ΠΡΠΈΠ΄ΡΡΡΡ Π·Π°ΠΏΡΠΎΡΠΈΡΡ Π΅Π³ΠΎ Π·Π°Π½ΠΎΠ²ΠΎ",
message="ΠΡΠ΅ ΠΏΡΠΎΡΠ»ΡΠ΅ ΠΊΠΎΠ΄Ρ Π±ΠΎΠ»ΡΡΠ΅ Π½Π΅Π΄Π΅ΠΉΡΡΠ²ΠΈΡΠ΅Π»ΡΠ½Ρ ΡΠ°Π΄ΠΈ Π·Π°ΡΠΈΡΡ ΠΎΡ ΠΏΠ΅ΡΠ΅Π±ΠΎΡΠ°"
)
if last_code.is_expired() or last_code.code != code:
last_code.attempts += 1
last_code.save()
raise InvalidCode()
Code.objects.filter(recipient=recipient).delete()
return last_code.user
