def create_or_edit(request, post_type, post=None, mode="create"): FormClass = POST_TYPE_MAP.get(post_type) or PostTextForm # show blank form on GET if request.method != "POST": form = FormClass(instance=post) return render(request, f"posts/compose/{post_type}.html", { "mode": mode, "post_type": post_type, "form": form, }) # validate form on POST form = FormClass(request.POST, request.FILES, instance=post) if form.is_valid(): if not request.me.is_moderator: if Post.check_duplicate(user=request.me, title=form.cleaned_data["title"], ignore_post_id=post.id if post else None): raise ContentDuplicated() is_ok = Post.check_rate_limits(request.me) if not is_ok: raise RateLimitException( title="π ββοΈ Π‘Π»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ²", message= "Π ΠΏΠΎΡΠ»Π΅Π΄Π½Π΅Π΅ Π²ΡΠ΅ΠΌΡ Π²Ρ ΡΠΎΠ·Π΄Π°Π»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ². ΠΠΎΡΠ΅ΡΠΏΠΈΡΠ΅, ΠΏΠΎΠΆΠ°Π»ΡΠΉΡΡΠ°." ) post = form.save(commit=False) if not post.author_id: post.author = request.me post.type = post_type post.html = None # flush cache post.save() if mode == "create" or not post.is_visible: PostSubscription.subscribe(request.me, post, type=PostSubscription.TYPE_ALL_COMMENTS) if post.is_visible: if post.topic: post.topic.update_last_activity() SearchIndex.update_post_index(post) LinkedPost.create_links_from_text(post, post.text) action = request.POST.get("action") if action == "publish": post.publish() LinkedPost.create_links_from_text(post, post.text) return redirect("show_post", post.type, post.slug) return render(request, f"posts/compose/{post_type}.html", { "mode": mode, "post_type": post_type, "form": form, })
def create_comment(request, post_slug): post = get_object_or_404(Post, slug=post_slug) if not post.is_commentable and not request.me.is_moderator: raise AccessDenied(title="ΠΠΎΠΌΠΌΠ΅Π½ΡΠ°ΡΠΈΠΈ ΠΊ ΡΡΠΎΠΌΡ ΠΏΠΎΡΡΡ Π·Π°ΠΊΡΡΡΡ") if request.POST.get("reply_to_id"): ProperCommentForm = ReplyForm elif post.type == Post.TYPE_BATTLE: ProperCommentForm = BattleCommentForm else: ProperCommentForm = CommentForm if request.method == "POST": form = ProperCommentForm(request.POST) if form.is_valid(): is_ok = Comment.check_rate_limits(request.me) if not is_ok: raise RateLimitException( title="π ββοΈ ΠΡ ΠΊΠΎΠΌΠΌΠ΅Π½ΡΠΈΡΡΠ΅ΡΠ΅ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΡΠ°ΡΡΠΎ", message= "ΠΠΎΠ΄ΠΎΠΆΠ΄ΠΈΡΠ΅ Π½Π΅ΠΌΠ½ΠΎΠ³ΠΎ, Π²Ρ Π΄ΠΎΡΡΠΈΠ³Π»ΠΈ Π½Π°ΡΠ΅Π³ΠΎ Π»ΠΈΠΌΠΈΡΠ° Π½Π° ΠΊΠΎΠΌΠΌΠ΅Π½ΡΠ°ΡΠΈΠΈ Π² Π΄Π΅Π½Ρ. " "ΠΠΎΠΆΠ΅ΡΠ΅ Π½Π°ΠΏΠΈΡΠ°ΡΡ Π½Π°ΠΌ Π² ΡΠ°ΠΏΠΏΠΎΡΡ, ΠΏΠΎΠΆΠ°Π»ΠΎΠ²Π°ΡΡΡΡ ΠΎΠ± ΡΡΠΎΠΌ.") comment = form.save(commit=False) comment.post = post if not comment.author: comment.author = request.me comment.ipaddress = parse_ip_address(request) comment.useragent = parse_useragent(request) comment.save() # update the shitload of counters :) request.me.update_last_activity() Comment.update_post_counters(post) PostView.increment_unread_comments(comment) PostView.register_view( request=request, user=request.me, post=post, ) SearchIndex.update_comment_index(comment) LinkedPost.create_links_from_text(post, comment.text) return redirect("show_comment", post.slug, comment.id) else: log.error(f"Comment form error: {form.errors}") return render( request, "error.html", { "title": "ΠΠ°ΠΊΠ°Ρ-ΡΠΎ ΠΎΡΠΈΠ±ΠΊΠ° ΠΏΡΠΈ ΠΏΡΠ±Π»ΠΈΠΊΠ°ΡΠΈΠΈ ΠΊΠΎΠΌΠΌΠ΅Π½ΡΠ°ΡΠΈΡ π€·ββοΈ", "message": f"ΠΡ ΡΠΆΠ΅ ΠΏΠΎΠ»ΡΡΠΈΠ»ΠΈ ΠΎΠΏΠΎΠ²Π΅ΡΠ΅Π½ΠΈΠ΅ ΠΈ ΡΠΊΠΎΡΠΎ ΠΏΠΎΡΠΈΠΊΡΠΈΠΌ. " f"ΠΠ°Ρ ΠΊΠΎΠΌΠΌΠ΅Π½Ρ ΠΌΡ ΡΠΎΡ ΡΠ°Π½ΠΈΠ»ΠΈ ΡΡΠΎΠ±Ρ Π²Ρ ΠΌΠΎΠ³Π»ΠΈ ΡΠΊΠΎΠΏΠΈΡΠΎΠ²Π°ΡΡ Π΅Π³ΠΎ ΠΈ Π·Π°ΠΏΠΎΡΡΠΈΡΡ Π΅ΡΠ΅ ΡΠ°Π·:", "data": form.cleaned_data.get("text") }) raise Http404()
def compose_type(request, post_type): if post_type not in dict(Post.TYPES): raise Http404() FormClass = POST_TYPE_MAP.get(post_type) or PostTextForm if request.method == "POST": form = FormClass(request.POST, request.FILES) if form.is_valid(): if not request.me.is_moderator: if Post.check_duplicate(user=request.me, title=form.cleaned_data["title"]): raise ContentDuplicated() is_ok = Post.check_rate_limits(request.me) if not is_ok: raise RateLimitException( title="π ββοΈ Π‘Π»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ²", message= "Π ΠΏΠΎΡΠ»Π΅Π΄Π½Π΅Π΅ Π²ΡΠ΅ΠΌΡ Π²Ρ ΡΠΎΠ·Π΄Π°Π»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΏΠΎΡΡΠΎΠ². ΠΠΎΡΠ΅ΡΠΏΠΈΡΠ΅, ΠΏΠΎΠΆΠ°Π»ΡΠΉΡΡΠ°." ) post = form.save(commit=False) post.author = request.me post.type = post_type post.save() PostSubscription.subscribe(request.me, post) if post.is_visible: if post.topic: post.topic.update_last_activity() SearchIndex.update_post_index(post) LinkedPost.create_links_from_text(post, post.text) if post.is_visible or request.POST.get("show_preview"): return redirect("show_post", post.type, post.slug) else: return redirect("compose") else: form = FormClass() return render(request, f"posts/compose/{post_type}.html", { "mode": "create", "form": form })
def create_for_user(cls, user, recipient, length=6): recipient = recipient.lower() last_codes_count = Code.objects.filter( recipient=recipient, created_at__gte=datetime.utcnow() - settings.AUTH_MAX_CODE_TIMEDELTA, ).count() if last_codes_count > settings.AUTH_MAX_CODE_COUNT: raise RateLimitException(title="ΠΡ Π·Π°ΠΏΡΠΎΡΠΈΠ»ΠΈ ΡΠ»ΠΈΡΠΊΠΎΠΌ ΠΌΠ½ΠΎΠ³ΠΎ ΠΊΠΎΠ΄ΠΎΠ²") return Code.objects.create( recipient=recipient, user=user, code=random_number(length), created_at=datetime.utcnow(), expires_at=datetime.utcnow() + settings.AUTH_CODE_EXPIRATION_TIMEDELTA, )
def register_archive_request(cls, user): latest_request = DataRequests.objects\ .filter(user=user, type=DataRequests.TYPE_ARCHIVE)\ .order_by("-created_at")\ .first() if latest_request and latest_request.created_at > datetime.utcnow( ) - settings.GDPR_ARCHIVE_REQUEST_TIMEDELTA: raise RateLimitException( title="ΠΡ ΡΠΆΠ΅ Π·Π°ΠΏΡΠ°ΡΠΈΠ²Π°Π»ΠΈ Π°ΡΡ ΠΈΠ² ΡΠΎΠ²ΡΠ΅ΠΌ Π½Π΅Π΄Π°Π²Π½ΠΎ", message="ΠΠ΅Π½Π΅ΡΠ°ΡΠΈΡ Π°ΡΡ ΠΈΠ²Π° β ΡΠ»ΠΎΠΆΠ½Π°Ρ Π·Π°Π΄Π°ΡΠ°, " "ΠΏΠΎΡΠΎΠΌΡ Π½Π°ΠΌ ΠΏΡΠΈΡ ΠΎΠ΄ΠΈΡΡΡ ΠΎΠ³ΡΠ°Π½ΠΈΡΠΈΠ²Π°ΡΡ ΠΊΠΎΠ»ΠΈΡΠ΅ΡΡΠ²ΠΎ Π·Π°ΠΏΡΠΎΡΠΎΠ² Π² Π΄Π΅Π½Ρ. " "ΠΡΠΈΡ ΠΎΠ΄ΠΈΡΠ΅ Π·Π°Π²ΡΡΠ°!") return DataRequests.objects.create( user=user, type=DataRequests.TYPE_ARCHIVE, )
def check_code(cls, recipient, code): recipient = recipient.lower() last_code = Code.objects.filter(recipient=recipient).order_by("-created_at").first() if not last_code: raise InvalidCode() if last_code.attempts >= settings.AUTH_MAX_CODE_ATTEMPTS: raise RateLimitException( title="ΠΡ Π²Π²Π΅Π»ΠΈ ΠΊΠΎΠ΄ Π½Π΅ΠΏΡΠ°Π²ΠΈΠ»ΡΠ½ΠΎ Π½Π΅ΡΠΊΠΎΠ»ΡΠΊΠΎ ΡΠ°Π·. ΠΡΠΈΠ΄ΡΡΡΡ Π·Π°ΠΏΡΠΎΡΠΈΡΡ Π΅Π³ΠΎ Π·Π°Π½ΠΎΠ²ΠΎ", message="ΠΡΠ΅ ΠΏΡΠΎΡΠ»ΡΠ΅ ΠΊΠΎΠ΄Ρ Π±ΠΎΠ»ΡΡΠ΅ Π½Π΅Π΄Π΅ΠΉΡΡΠ²ΠΈΡΠ΅Π»ΡΠ½Ρ ΡΠ°Π΄ΠΈ Π·Π°ΡΠΈΡΡ ΠΎΡ ΠΏΠ΅ΡΠ΅Π±ΠΎΡΠ°" ) if last_code.is_expired() or last_code.code != code: last_code.attempts += 1 last_code.save() raise InvalidCode() Code.objects.filter(recipient=recipient).delete() return last_code.user