def add_comment_for_object( object: Model, user: AbstractBaseUser, content: str, ) -> Comment: """A simple utility to add a comment for given object by given user.""" # Adding comment is the easiest to achieve using comment form methods. CommentForm = get_form() security_data = CommentForm(object).generate_security_data() data = { "honeypot": "", "comment": content, "name": user.get_username(), **security_data, } form = CommentForm(object, data=data) comment = form.get_comment_object() comment.user = user # Original code in django_comments emits `comment_will_be_posted` signal at this # point and checks if any of the receivers prevents comment from posting. For # simplicity this behavior has not been implemented here. comment.save() return comment
def reply(request, cid): try: comment = XtdComment.objects.get(pk=cid) except (XtdComment.DoesNotExist): raise Http404 if comment.level == max_thread_level_for_content_type(comment.content_type): return render_to_response( "django_comments_xtd/max_thread_level.html", {'max_level': settings.COMMENTS_XTD_MAX_THREAD_LEVEL}, context_instance=RequestContext(request)) form = get_form()(comment.content_object, comment=comment) next = request.GET.get("next", reverse("comments-xtd-sent")) template_arg = [ "django_comments_xtd/%s/%s/reply.html" % ( comment.content_type.app_label, comment.content_type.model), "django_comments_xtd/%s/reply.html" % ( comment.content_type.app_label,), "django_comments_xtd/reply.html" ] return render_to_response(template_arg, {"comment": comment, "form": form, "next": next }, context_instance=RequestContext(request))
def create_comment(data=None, parent=None, target=None, user=None): from django.test import Client import django_comments as comments from django.contrib.sites.models import Site Comment = comments.get_model() body = { 'name': 'user_anonymous_name', 'email': '*****@*****.**', 'comment': 'test_comment', } if data: body.update(data) url = comments.get_form_target() args = [target if target else Site.objects.all()[0]] kwargs = {} if parent is not None: kwargs['parent'] = str(parent.pk) body['parent'] = str(parent.pk) form = comments.get_form()(*args, **kwargs) body.update(form.generate_security_data()) client = Client() if user: client.force_login(user) client.post(url, body, follow=True) return Comment.objects.last()
def get_form(self, context): ctype, object_pk = self.get_target_ctype_pk(context) if object_pk: return get_form()(ctype.get_object_for_this_type(pk=object_pk), parent_comment=None) else: return None
def new_comment(request, parent_pk=None, content_type=None, object_pk=None, *args, **kwargs): """ Display the form used to post a reply. Expects a comment_id, and an optionnal 'is_ajax' parameter in request.GET. """ is_ajax = request.GET.get('is_ajax') and '_ajax' or '' data = { 'parent_pk': parent_pk, 'content_type': content_type, 'object_pk': object_pk, } response = _lookup_content_object(data) if isinstance(response, HttpResponse): return response else: target, parent_comment, model = response # Construct the initial comment form form = get_form()(target, parent_comment=parent_comment) template_list = [ "comments/%s_%s_new_form%s.html" % tuple(str(model._meta).split(".") + [is_ajax]), "comments/%s_new_form%s.html" % (model._meta.app_label, is_ajax), "comments/new_form%s.html" % is_ajax, ] return TemplateResponse(request, template_list, { "form" : form })
def new_comment(request, parent_pk=None, content_type=None, object_pk=None, *args, **kwargs): """ Display the form used to post a reply. Expects a comment_id, and an optionnal 'is_ajax' parameter in request.GET. """ is_ajax = request.GET.get('is_ajax') and '_ajax' or '' data = { 'parent_pk': parent_pk, 'content_type': content_type, 'object_pk': object_pk, } response = _lookup_content_object(data) if isinstance(response, HttpResponse): return response else: target, parent_comment, model = response # Construct the initial comment form form = get_form()(target, parent_comment=parent_comment) template_list = [ "comments/%s_%s_new_form%s.html" % tuple(str(model._meta).split(".") + [is_ajax]), "comments/%s_new_form%s.html" % (model._meta.app_label, is_ajax), "comments/new_form%s.html" % is_ajax, ] return TemplateResponse(request, template_list, {"form": form})
def threaded_comment_json(request, comment): viewer = request.user coll = ContentType.objects.get_for_model(Collaboration) all_comments = ThreadedComment.objects.filter( content_type=coll, object_pk=comment.content_object.pk, site__pk=settings.SITE_ID) all_comments = fill_tree(all_comments) all_comments = list(annotate_tree_properties(all_comments)) rand = ''.join([choice(ascii_letters) for i in range(5)]) # nosec citations = threaded_comment_citations(all_comments, viewer) asset_resource = AssetResource() sherd_resource = SherdNoteResource() return { 'type': 'discussion', 'form': smart_text(django_comments.get_form()(comment.content_object)), 'editing': True, 'can_edit': True, 'discussion': { 'id': comment.id, 'max_length': COMMENT_MAX_LENGTH, 'thread': [{ 'open': obj.open if hasattr(obj, "open") else None, 'close': [i for i in obj.close] if hasattr(obj, "close") else None, 'id': obj.id, 'author': obj.name, 'author_username': obj.user.username, 'submit_date': pretty_date(obj.submit_date), 'title': obj.title, 'content': obj.comment, 'can_edit': True if obj.user == viewer else False } for obj in all_comments] }, 'assets': dict([('%s_%s' % (rand, ann.asset.pk), asset_resource.render_one(request, ann.asset)) for ann in citations if (ann.title != "Annotation Deleted" and ann.title != 'Asset Deleted')]), 'annotations': [sherd_resource.render_one(request, ann, rand) for ann in citations], }
def post(request, template_name='comments/comments.html'): """Post a comment""" # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = \ request.user.get_full_name() or request.user.username if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.get(pk=object_pk) except: raise # Construct the comment form form = comments.get_form()(target, data=data) if not form.is_valid(): context_data = { 'object': target, 'form': form, } return render(request, template_name, context_data) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated(): comment.user = request.user # Signal that the comment is about to be saved comments.signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) # Save the comment and signal that it was saved comment.is_removed = False comment.save() comments.signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) context_data = { 'object': target, 'form': form, } return render(request, template_name, context_data)
def add(self): import time import django_comments as comments from django.db import models comment_form = comments.get_form() try: model = models.get_model(*self.content_type.split('.', 1)) targets = model._default_manager.filter(pk__in=self.object_pks) except: raise for target in targets.iterator(): d_form = comment_form(target) timestamp = str(time.time()).split('.')[0] object_pk = str(target.pk) data = { 'content_type': self.content_type, 'object_pk': object_pk, 'timestamp': timestamp, 'comment': self.comment } security_hash_dict = { 'content_type': self.content_type, 'object_pk': object_pk, 'timestamp': timestamp } data['security_hash'] = d_form.generate_security_hash( **security_hash_dict) form = comment_form(target, data=data) # Response the errors if got if not form.is_valid(): return form.errors # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = self.request.META.get("REMOTE_ADDR", None) if self.request.user.is_authenticated(): comment.user = self.request.user # Signal that the comment is about to be saved comments.signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=self.request ) # Save the comment and signal that it was saved comment.save() comments.signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=self.request ) return
def change_comment(request, pk): comment = get_object_or_404(get_model(), pk=pk) parent = comment.parent_id if request.method == 'GET': form = get_form()(comment.content_object, initial=model_to_dict(get_model().objects.get(id=comment.pk)), parent=parent) if request.is_ajax(): return JsonResponse({ 'form': render_to_string('comments/change_ajax.html', {"comment": comment, "form": form}, RequestContext(request)), }) elif request.method == 'POST': target = comment.content_object author = comment.user data = request.POST.copy() if author.is_authenticated(): if not data.get('name', ''): data["name"] = author.get_full_name() or author.get_username() if not data.get('email', ''): data["email"] = author.email form = get_form()(target, data=data, parent=parent) if form.is_valid(): comment = form.get_comment_object() comment.user = author comment.pk = pk comment.save() if request.is_ajax(): return JsonResponse({ 'comment': render_to_string('comments/comment_item_ajax.html', {"comment": comment}, RequestContext(request)), }) else: if request.is_ajax(): return JsonResponse({ 'form': render_to_string('comments/change_ajax.html', {"comment": comment, "form": form}, RequestContext(request)), }) return render(request, 'comments/change.html', {"comment": comment, "form": form})
def post(request, template_name='comments/comments.html'): """Post a comment""" # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated: if not data.get('name', ''): data["name"] = \ request.user.get_full_name() or request.user.username if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") model = utils.get_model(ctype) target = model._default_manager.get(pk=object_pk) # Construct the comment form form = comments.get_form()(target, data=data) if not form.is_valid(): context_data = { 'object': target, 'form': form, } return render(request, template_name, context=context_data) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated: comment.user = request.user # Signal that the comment is about to be saved comments.signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) # Save the comment and signal that it was saved comment.is_removed = False comment.save() comments.signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) context_data = { 'object': target, 'form': form, } return render(request, template_name, context=context_data)
def get_form(self, context): parent_id = None if self.parent: parent_id = self.parent.resolve(context, ignore_failures=True) obj = self.get_object(context) if obj: return django_comments.get_form()(obj, parent=parent_id) else: return None
def add(self): import time import django_comments as comments from django.db import models comment_form = comments.get_form() try: model = models.get_model(*self.content_type.split('.', 1)) targets = model._default_manager.filter(pk__in=self.object_pks) except: raise for target in targets.iterator(): d_form = comment_form(target) timestamp = str(time.time()).split('.')[0] object_pk = str(target.pk) data = { 'content_type': self.content_type, 'object_pk': object_pk, 'timestamp': timestamp, 'comment': self.comment } security_hash_dict = { 'content_type': self.content_type, 'object_pk': object_pk, 'timestamp': timestamp } data['security_hash'] = d_form.generate_security_hash( **security_hash_dict) form = comment_form(target, data=data) # Response the errors if got if not form.is_valid(): return form.errors # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = self.request.META.get("REMOTE_ADDR", None) if self.request.user.is_authenticated(): comment.user = self.request.user # Signal that the comment is about to be saved comments.signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=self.request) # Save the comment and signal that it was saved comment.save() comments.signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=self.request) return
def test_notify_followers_dupes(self): # first of all confirm Bob's comment otherwise it doesn't reach DB self.get_confirm_comment_url(self.key) # then put in play pull-request-15's assert... # https://github.com/danirus/django-comments-xtd/pull/15 diary = Diary.objects.create( body='Lorem ipsum', allow_comments=True ) self.assertEqual(diary.pk, self.article.pk) self.form = comments.get_form()(diary) data = {"name": "Charlie", "email": "*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment": "Es war einmal eine kleine..." } data.update(self.form.initial) self.response = self.client.post(reverse("comments-post-comment"), data=data) self.key = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key")) # 1) confirmation for Bob (sent in `setUp()`) # 2) confirmation for Charlie self.assertEqual(self.mock_mailer.call_count, 2) self.get_confirm_comment_url(self.key) self.assertEqual(self.mock_mailer.call_count, 2) self.form = comments.get_form()(self.article) data = {"name":"Alice", "email":"*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment":"Es war einmal iene kleine..." } data.update(self.form.initial) self.response = self.client.post(reverse("comments-post-comment"), data=data) self.assertEqual(self.mock_mailer.call_count, 3) self.key = re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key") self.get_confirm_comment_url(self.key) self.assertEqual(self.mock_mailer.call_count, 4) self.assert_(self.mock_mailer.call_args[0][3] == ["*****@*****.**"]) self.assert_(self.mock_mailer.call_args[0][1].find("There is a new comment following up yours.") > -1)
def validate(self, data): ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return serializers.ValidationError("Missing content_type or " "object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.get(pk=object_pk) whocan = get_app_model_options(content_type=ctype)['who_can_post'] except (AttributeError, TypeError, LookupError): raise serializers.ValidationError("Invalid content_type value: %r" % escape(ctype)) except model.ObjectDoesNotExist: raise serializers.ValidationError( "No object matching content-type %r and object PK %r exists." % (escape(ctype), escape(object_pk))) except (ValueError, serializers.ValidationError) as e: raise serializers.ValidationError( "Attempting to get content-type %r and object PK %r exists " "raised %s" % (escape(ctype), escape(object_pk), e.__class__.__name__)) else: if whocan == "users" and not self.request.user.is_authenticated: raise serializers.ValidationError("User not authenticated") # Signal that the request allows to be authorized. responses = should_request_be_authorized.send( sender=target.__class__, comment=target, request=self.request ) for (receiver, response) in responses: if response is True: # A positive response indicates that the POST request # must be trusted. So inject the CommentSecurityForm values # to pass the form validation step. secform = CommentSecurityForm(target) data.update({ "honeypot": "", "timestamp": secform['timestamp'].value(), "security_hash": secform['security_hash'].value() }) break self.form = get_form()(target, data=data) # Check security information. if self.form.security_errors(): raise exceptions.PermissionDenied() if self.form.errors: raise serializers.ValidationError(self.form.errors) return data
def assertPostComment(self, obj, comment, status=200, **kw): kw['form'] = django_comments.get_form()(obj) data = kw.setdefault('data', {}) data['comment'] = comment post = self.assertPost('comments-post-comment', **kw) if post.status_code == 400 and status != 400: text = post.content x = text.find("<td>", text.find('Why')) y = text.find("</td>", x) msg = text[x + 4:y] else: msg = "Expected status %d, found %d" % (status, post.status_code) self.assertEqual(status, post.status_code, msg) return post
def setUp(self): # Create an article and send a comment. Test method will chech headers # to see wheter messages has multiparts or not. patcher = patch('django_comments_xtd.views.send_mail') self.mock_mailer = patcher.start() self.article = Article.objects.create( title="September", slug="september", body="John's September") self.form = comments.get_form()(self.article) # Bob sends 1st comment to the article with follow-up self.data = {"name": "Bob", "email": "*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment": "Nice September you had..." } self.data.update(self.form.initial)
def create(self, request, *args, **kwargs): target = self.kwargs.pop("target") data = self.request.data.copy() data["user"] = self.request.user form = get_form()(target, data=data) if form.security_errors(): raise ValidationError( { "detail": _("The comment form failed security verification: %s") % escape(str(form.security_errors())) } ) if form.errors: return Response( {"detail": form.errors}, status=status.HTTP_400_BAD_REQUEST, ) site = get_current_site(request) ip_address = request.META.get("REMOTE_ADDR", None) or None comment = form.get_comment_object(site_id=site.id) comment.ip_address = ip_address comment.user = request.user responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return Response( data={ "detail": _( "comment_will_be_posted receiver %r killed the comment" ) % receiver.__name__ }, status=status.HTTP_412_PRECONDITION_FAILED, ) comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) serializer = CommentSerializer(instance=comment, context={"request": request}) headers = self.get_success_headers(serializer.data) return Response( serializer.data, status=status.HTTP_201_CREATED, headers=headers )
def add_comment(request, data): """ Helper method which is used to add comments to objects. :returns: Tuple of (form, target) where form is the comments form object and target is the object we're trying to comment about. :rtype: tuple """ if request.user.is_authenticated: if not data.get('name'): data["name"] = request.user.get_full_name() or request.user.username if not data.get('email'): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.get(pk=object_pk) # Construct the comment form form = django_comments.get_form()(target, data=data) if not form.is_valid(): return form, target # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated: comment.user = request.user # Signal that the comment is about to be saved django_comments.signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) # Save the comment and signal that it was saved comment.is_removed = False comment.save() django_comments.signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) return form, target
def _post_comment(self, data=None, parent=None): Comment = django_comments.get_model() body = self.BASE_DATA.copy() if data: body.update(data) url = django_comments.get_form_target() args = [Site.objects.all()[0]] kwargs = {} if parent is not None: kwargs['parent'] = unicode(parent.pk) body['parent'] = unicode(parent.pk) form = django_comments.get_form()(*args, **kwargs) body.update(form.generate_security_data()) self.client.post(url, body, follow=True) return Comment.objects.order_by('-id')[0]
def _post_comment(self, data=None, parent=None): Comment = django_comments.get_model() body = self.BASE_DATA.copy() if data: body.update(data) url = django_comments.get_form_target() args = [Site.objects.all()[0]] kwargs = {} if parent is not None: kwargs['parent'] = str(parent.pk) body['parent'] = str(parent.pk) form = django_comments.get_form()(*args, **kwargs) body.update(form.generate_security_data()) self.client.post(url, body, follow=True) return Comment.objects.order_by('-id')[0]
def _check_form(self): """数据合法性检查""" target = self.target data = self.request.data.copy() data['user'] = self.request.user # data['name'] = self.request.user.username self.form = get_form()(target, data=data) if self.form.security_errors(): raise ValidationError({ 'detail': "The comment form failed security verification: %s" % escape(str(self.form.security_errors())) }) if self.form.errors: raise ValidationError({'detail': self.form.errors})
def setUp(self): patcher = patch('django_comments_xtd.views.send_mail') self.mock_mailer = patcher.start() self.article = Article.objects.create(title="September", slug="september", body="What I did on September...") self.form = comments.get_form()(self.article) data = {"name": "Bob", "email": "*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment": "Es war einmal iene kleine..." } data.update(self.form.initial) self.response = self.client.post(reverse("comments-post-comment"), data=data) self.assert_(self.mock_mailer.call_count == 1) self.key = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key")) self.addCleanup(patcher.stop)
def threaded_comment_json(request, comment): viewer = request.user coll = ContentType.objects.get_for_model(Collaboration) all_comments = ThreadedComment.objects.filter( content_type=coll, object_pk=comment.content_object.pk, site__pk=settings.SITE_ID) all_comments = fill_tree(all_comments) all_comments = list(annotate_tree_properties(all_comments)) rand = ''.join([choice(letters) for i in range(5)]) citations = threaded_comment_citations(all_comments, viewer) asset_resource = AssetResource() sherd_resource = SherdNoteResource() return { 'type': 'discussion', 'form': django_comments.get_form()( comment.content_object).__unicode__(), 'editing': True, 'can_edit': True, 'discussion': { 'id': comment.id, 'max_length': COMMENT_MAX_LENGTH, 'thread': [{'open': obj.open if hasattr(obj, "open") else None, 'close': [i for i in obj.close] if hasattr(obj, "close") else None, 'id': obj.id, 'author': obj.name, 'author_username': obj.user.username, 'submit_date': pretty_date(obj.submit_date), 'title': obj.title, 'content': obj.comment, 'can_edit': True if obj.user == viewer else False} for obj in all_comments] }, 'assets': dict([('%s_%s' % (rand, ann.asset.pk), asset_resource.render_one(request, ann.asset)) for ann in citations if (ann.title != "Annotation Deleted" and ann.title != 'Asset Deleted')]), 'annotations': [sherd_resource.render_one(request, ann, rand) for ann in citations], }
def test_get_comment_create_data(self): # as it's used in django_comments.views.comments data = {"name":"Daniel", "email":"*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment":"Es war einmal iene kleine..." } data.update(self.form.initial) form = comments.get_form()(self.article, data) self.assert_(self.form.security_errors() == {}) self.assert_(self.form.errors == {}) comment = form.get_comment_object() # it does have the new field 'followup' self.assert_("followup" in comment) # and as long as settings.COMMENTS_XTD_CONFIRM_EMAIL is True # is_public is set to False until receive the user confirmation self.assert_(comment.is_public == False)
def test_no_notification_for_same_user_email(self): # test that a follow-up user_email don't get a notification when # sending another email to the thread self.assertEqual(self.mock_mailer.call_count, 1) self.get_confirm_comment_url(self.key) # confirm Bob's comment # no comment followers yet: self.assertEqual(self.mock_mailer.call_count, 1) # send Bob's 2nd comment self.form = comments.get_form()(self.article) data = {"name":"Alice", "email":"*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment":"Bob's comment he shouldn't get notified about" } data.update(self.form.initial) self.response = self.client.post(reverse("comments-post-comment"), data=data) self.assertEqual(self.mock_mailer.call_count, 2) self.key = re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key") self.get_confirm_comment_url(self.key) self.assertEqual(self.mock_mailer.call_count, 2)
def post(self, request, *args, **kwargs): #serializer_class = serializers.WriteCommentSerializer result = {} data = request.POST blog = Blog.objects.get(id=4) self.form = get_form()(blog, data=data) #self.form = django_comments.get_form()(blog) print(self.form, "FORM") if self.form.is_valid(): #self.form = form(blog) pass else: print(self.form.errors) site = get_current_site(request) resp = { 'code': -1, 'comment': self.form.get_comment_object(site_id=site.id) } resp['comment'].ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated: resp['comment'].user = request.user if (not settings.COMMENTS_XTD_CONFIRM_EMAIL or request.user.is_authenticated): if not comments_views._comment_exists(resp['comment']): new_comment = comments_views._create_comment(resp['comment']) resp['comment'].xtd_comment = new_comment confirmation_received.send(sender=TmpXtdComment, comment=resp['comment'], request=request) comment_was_posted.send(sender=new_comment.__class__, comment=new_comment, request=request) if resp['comment'].is_public: resp['code'] = 201 #views.notify_comment_followers(new_comment) else: resp['code'] = 202 return JsonResponse(result)
def setUp(self): # Creates an article and send two comments to the article with follow-up # notifications. First comment doesn't have to send any notification. # Second comment has to send one notification (to Bob). patcher = patch('django_comments_xtd.views.send_mail') self.mock_mailer = patcher.start() self.article = Article.objects.create( title="September", slug="september", body="John's September") self.form = comments.get_form()(self.article) # Bob sends 1st comment to the article with follow-up data = {"name": "Bob", "email": "*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment": "Nice September you had..." } data.update(self.form.initial) response = self.client.post(reverse("comments-post-comment"), data=data) self.assert_(self.mock_mailer.call_count == 1) bobkey = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key")) self.get_confirm_comment_url(bobkey) # confirm Bob's comment # Alice sends 2nd comment to the article with follow-up data = {"name": "Alice", "email": "*****@*****.**", "followup": True, "reply_to": 1, "level": 1, "order": 1, "comment": "Yeah, great photos" } data.update(self.form.initial) response = self.client.post(reverse("comments-post-comment"), data=data) self.assert_(self.mock_mailer.call_count == 2) alicekey = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key")) self.get_confirm_comment_url(alicekey) # confirm Alice's comment # Bob receives a follow-up notification self.assert_(self.mock_mailer.call_count == 3) self.bobs_mutekey = str(re.search( r'http://.+/mute/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key")) self.addCleanup(patcher.stop)
def test_email_field_requiredness_POST(self): """Regression test for #1944. Previously a user without email address would not be able to add a comment. This test makes a POST request with comment data.""" # Arrange person = Person.objects.create( personal="Ron", family="Weasley", username="******", is_active=True, email="", ) consent_to_all_required_consents(person) organization = Organization.objects.create( domain="example.org", fullname="Example Organisation", ) CommentModel = django_comments.get_model() CommentForm = django_comments.get_form() data = { "honeypot": "", "comment": "Content", **CommentForm(organization).generate_security_data(), } # Act self.client.force_login(person) self.client.post(reverse("comments-post-comment"), data=data, follow=True) # Assert self.assertEqual( CommentModel.objects.for_model(organization).count(), 1)
def test_notify_comment_followers(self): # send a couple of comments to the article with followup=True and check # that when the second comment is confirmed a followup notification # email is sent to the user who sent the first comment self.assertEqual(self.mock_mailer.call_count, 1) self.get_confirm_comment_url(self.key) # no comment followers yet: self.assertEqual(self.mock_mailer.call_count, 1) # send 2nd comment self.form = comments.get_form()(self.article) data = {"name":"Alice", "email":"*****@*****.**", "followup": True, "reply_to": 0, "level": 1, "order": 1, "comment":"Es war einmal eine kleine..." } data.update(self.form.initial) self.response = self.client.post(reverse("comments-post-comment"), data=data) self.assertEqual(self.mock_mailer.call_count, 2) self.key = re.search(r'http://.+/confirm/(?P<key>[\S]+)', self.mock_mailer.call_args[0][1]).group("key") self.get_confirm_comment_url(self.key) self.assertEqual(self.mock_mailer.call_count, 3) self.assert_(self.mock_mailer.call_args[0][3] == ["*****@*****.**"]) self.assert_(self.mock_mailer.call_args[0][1].find("There is a new comment following up yours.") > -1)
def validate(self, data): ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return serializers.ValidationError("Missing content_type or " "object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.get(pk=object_pk) except TypeError: return serializers.ValidationError("Invalid content_type value: %r" % escape(ctype)) except AttributeError: return serializers.ValidationError("The given content-type %r does " "not resolve to a valid model." % escape(ctype)) except model.ObjectDoesNotExist: return serializers.ValidationError( "No object matching content-type %r and object PK %r exists." % (escape(ctype), escape(object_pk))) except (ValueError, serializers.ValidationError) as e: return serializers.ValidationError( "Attempting go get content-type %r and object PK %r exists " "raised %s" % (escape(ctype), escape(object_pk), e.__class__.__name__)) self.form = get_form()(target, data=data) # Check security information if self.form.security_errors(): return serializers.ValidationError( "The comment form failed security verification: %s" % escape(str(self.form.security_errors()))) if self.form.errors: return serializers.ValidationError(self.form.errors) return data
def test_email_field_requiredness(self): """Regression test for #1944. Previously a user without email address would not be able to add a comment.""" # Arrange organization = Organization.objects.create( domain="example.org", fullname="Example Organisation", ) CommentForm = django_comments.get_form() data = { "honeypot": "", "comment": "Content", "name": "Ron", # required outside the request cycle **CommentForm(organization).generate_security_data(), } # Act form = CommentForm(organization, data) # Assert self.assertTrue(form.is_valid())
def validate(self, data): ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return serializers.ValidationError("Missing content_type or " "object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.get(pk=object_pk) except TypeError: return serializers.ValidationError( "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return serializers.ValidationError( "The given content-type %r does " "not resolve to a valid model." % escape(ctype)) except model.ObjectDoesNotExist: return serializers.ValidationError( "No object matching content-type %r and object PK %r exists." % (escape(ctype), escape(object_pk))) except (ValueError, serializers.ValidationError) as e: return serializers.ValidationError( "Attempting go get content-type %r and object PK %r exists " "raised %s" % (escape(ctype), escape(object_pk), e.__class__.__name__)) self.form = get_form()(target, data=data) # Check security information if self.form.security_errors(): return serializers.ValidationError( "The comment form failed security verification: %s" % escape(str(self.form.security_errors()))) if self.form.errors: return serializers.ValidationError(self.form.errors) return data
def post_comment(request, next=None, *args, **kwargs): """ Post a comment. HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Require POST if request.method != 'POST': return HttpResponseNotAllowed(["POST"]) is_ajax = request.POST.get('is_ajax') and '_ajax' or '' # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name() if not data.get('email', ''): data["email"] = request.user.email response = _lookup_content_object(data) if isinstance(response, HttpResponse): return response else: target, parent_comment, model = response # Do we want to preview the comment? preview = data.get("submit", "").lower() == "preview" or \ data.get("preview", None) is not None # Construct the comment form form = get_form()(target, parent_comment=parent_comment, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ "comments/%s_%s_preview%s.html" % tuple(str(model._meta).split(".") + [is_ajax]), "comments/%s_preview%s.html" % (model._meta.app_label, is_ajax), "comments/preview%s.html" % is_ajax ] data = { 'comment': form.data.get("comment", ""), 'parent': parent_comment, 'level': parent_comment and parent_comment.level + 1 or 0, 'title': form.data.get("title", ""), 'submit_date': datetime.datetime.now(), 'rght': 0, 'lft': 0, 'user': request.user, 'user_name' : request.user.username, } comment = get_model()(**data) return TemplateResponse(request, template_list, { "comment" : comment, "preview" : True, "form" : form, "allow_post": not form.errors, "is_ajax" : is_ajax, }) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user comment.user_name = request.user.username # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender = comment.__class__, comment = comment, request = request ) for (receiver, response) in responses: if response == False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender = comment.__class__, comment = comment, request = request ) return next_redirect(request, 'comments-comment-done%s' % (is_ajax and '-ajax' or ''), c=comment._get_pk_val())
def post_comment(request, next=None, *args, **kwargs): """ Post a comment. HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Require POST if request.method != 'POST': return HttpResponseNotAllowed(["POST"]) is_ajax = request.POST.get('is_ajax') and '_ajax' or '' # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name() if not data.get('email', ''): data["email"] = request.user.email response = _lookup_content_object(data) if isinstance(response, HttpResponse): return response else: target, parent_comment, model = response # Do we want to preview the comment? preview = data.get("submit", "").lower() == "preview" or \ data.get("preview", None) is not None # Construct the comment form form = get_form()(target, parent_comment=parent_comment, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ "comments/%s_%s_preview%s.html" % tuple(str(model._meta).split(".") + [is_ajax]), "comments/%s_preview%s.html" % (model._meta.app_label, is_ajax), "comments/preview%s.html" % is_ajax ] data = { 'comment': form.data.get("comment", ""), 'parent': parent_comment, 'level': parent_comment and parent_comment.level + 1 or 0, 'title': form.data.get("title", ""), 'submit_date': datetime.datetime.now(), 'rght': 0, 'lft': 0, 'user': request.user, 'user_name': request.user.username, } comment = get_model()(**data) return TemplateResponse( request, template_list, { "comment": comment, "preview": True, "form": form, "allow_post": not form.errors, "is_ajax": is_ajax, }) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user comment.user_name = request.user.username # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response == False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) return next_redirect(request, 'comments-comment-done%s' % (is_ajax and '-ajax' or ''), c=comment._get_pk_val())
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() try: user_is_authenticated = request.user.is_authenticated() except TypeError: # Django >= 1.11 user_is_authenticated = request.user.is_authenticated if user_is_authenticated: if not data.get('name', ''): data["name"] = request.user.get_full_name() or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email # 添加 if not request.session.get('login', None) and not user_is_authenticated: return redirect("/") # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: return CommentPostBadRequest( "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % ( escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % ( escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }, ) # Otherwise create the comment comment = form.get_comment_object(site_id=get_current_site(request).id) comment.ip_address = request.META.get("REMOTE_ADDR", None) # if user_is_authenticated: # comment.user = request.user #添加 if request.session.get('login',None): comment.user_name = request.session['screen_name'] comment.user_img = request.session['profile_image_url'] # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def setUp(self): self.article = Article.objects.create(title="September", slug="september", body="What I did on September...") self.form = comments.get_form()(self.article)
def get_form(self, context): obj = self.get_object(context) if obj: return django_comments.get_form()(obj) else: return None
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name() or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: return CommentPostBadRequest( "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % ( escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % ( escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }, ) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated(): comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() try: user_is_authenticated = request.user.is_authenticated() except TypeError: # Django >= 1.11 user_is_authenticated = request.user.is_authenticated if user_is_authenticated: if not data.get('name', ''): data["name"] = request.user.get_short_name( ) or request.user.get_username() # 考虑到last_name被我用来放头像JPG了,所以不要get_full_name # data["name"] = request.user.get_full_name() or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email #add 2017-08-18 Jobin refer ysh else: return ResponseJson(501, False, 'No Login') #add 2017-08-18 Jobin refer ysh if not request.user.is_active: return ResponseJson(502, False, 'User is Not Active') # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest("Missing content_type or object_pk field.") return ResponseJson(503, False, 'Missing content_type or object_pk field.') try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest( # "Invalid content_type value: %r" % escape(ctype)) return ResponseJson(504, False, "Invalid content_type value: %r" % escape(ctype)) except AttributeError: #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest( # "The given content-type %r does not resolve to a valid model." % escape(ctype)) return ResponseJson( 505, False, "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest( # "No object matching content-type %r and object PK %r exists." % ( # escape(ctype), escape(object_pk))) return ResponseJson( 506, False, "No object matching content-type %r and object PK %r exists." % (escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest( # "Attempting go get content-type %r and object PK %r exists raised %s" % ( # escape(ctype), escape(object_pk), e.__class__.__name__)) return ResponseJson( 507, False, "Attempting go get content-type %r and object PK %r exists raised %s" % (escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest( # "The comment form failed security verification: %s" % escape(str(form.security_errors()))) return ResponseJson( 508, False, "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] #change 2017-08-18 Jobin refer ysh # return render(request, template_list, { # "comment": form.data.get("comment", ""), # "form": form, # "next": data.get("next", next), # }, # ) return ResponseJson(509, False, form.data.get("comment", "")) # Otherwise create the comment comment = form.get_comment_object(site_id=get_current_site(request).id) comment.ip_address = request.META.get("REMOTE_ADDR", None) #add 2017-08-18 Jobin refer ysh comment.root_id = data.get('root_id', 0) comment.reply_to = data.get('reply_to', 0) comment.reply_name = data.get('reply_name', '') if user_is_authenticated: comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: #change 2017-08-18 Jobin refer ysh # return CommentPostBadRequest( # "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) return ResponseJson( 510, False, "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) #add 2017-08-18 Jobin refer ysh try: root_url = 'http://chenzhibin.vip' src_url = data.get('src_url', root_url) src_url = root_url + src_url # 调用发送邮件代码 send_comment_email(comment, src_url) except Exception as e: #ResponseJson方法是我前面自己加的,可以参考上一篇博文 return ResponseJson(200, True, e.message) #change 2017-08-18 Jobin refer ysh # return next_redirect(request, fallback=next or 'comments-comment-done', # c=comment._get_pk_val()) return ResponseJson(200, True, 'comment success')
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated: if not data.get('name', ''): data["name"] = request.user.get_full_name() or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: # return CommentPostBadRequest("Missing content_type or object_pk field.") return ResponseJson(503, False, 'Missing content_type or object_pk field.') try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: # return CommentPostBadRequest( # "Invalid content_type value: %r" % escape(ctype)) return ResponseJson(504, False, "Invalid content_type value: %r" % escape(ctype)) except AttributeError: # return CommentPostBadRequest( # "The given content-type %r does not resolve to a valid model." % escape(ctype)) return ResponseJson(505, False, "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: # return CommentPostBadRequest( # "No object matching content-type %r and object PK %r exists." % ( # escape(ctype), escape(object_pk))) return ResponseJson(506, False, "No object matching content-type %r and object PK %r exists." % (escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: # return CommentPostBadRequest( # "Attempting go get content-type %r and object PK %r exists raised %s" % ( # escape(ctype), escape(object_pk), e.__class__.__name__)) return ResponseJson(507, False, "Attempting go get content-type %r and object PK %r exists raised %s" % (escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): # return CommentPostBadRequest( # "The comment form failed security verification: %s" % escape(str(form.security_errors()))) return ResponseJson(508, False, "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] # return render(request, template_list, { # "comment": form.data.get("comment", ""), # "form": form, # "next": data.get("next", next), # }, # ) return ResponseJson(509, False, form.data.get("comment", "")) # Otherwise create the comment comment = form.get_comment_object(site_id=get_current_site(request).id) comment.ip_address = request.META.get("REMOTE_ADDR", None) or None # 增加回复的字段 comment.root_id = data.get('root_id', 0) comment.reply_to = data.get('reply_to', 0) comment.reply_name = data.get('reply_name', '') if request.user.is_authenticated: comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: # return CommentPostBadRequest( # "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) return ResponseJson(510, False, "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) try: # 判断评论对象是否Wie博文 if str(comment.content_type) == '文章': # 模型的verbose_name blog = Blog.objects.filter(id=comment.object_pk).first() subject = '' message = '' from_mail = DEFAULT_FROM_EMAIL recipient_list = [] html_message = '' if int(comment.root_id) == 0: subject = '[Hubery的博客]博文评论' temp = loader.get_template('email/comment.html') # 发送给自己 recipient_list.append(DEFAULT_RECEIVE_EMAIL) data = { 'user_name': blog.uid.username, 'comment_name': comment.user_name, 'blog_title': blog.title, 'blog_url': 'http://{}/blog/read/?blogid={}'.format(HOST, blog.id), 'comment_content': comment.comment } html_message = temp.render(data) else: subject = '[Hubery的博客]博文回复' temp = loader.get_template('email/replay.html') # 获取评论对象,找到回复对应的评论 comment_model = django_comments.get_model() cams = comment_model.objects.filter(id=comment.reply_to) if cams: # 如果邮箱为空,发给博主本人 recipient_list.append(cams[0].user_email if cams[0].user_email else DEFAULT_RECEIVE_EMAIL) else: # 没有找到评论,就发给自己(可以修改其他邮箱) recipient_list.append(DEFAULT_RECEIVE_EMAIL) data = { 'replay_name': comment.reply_name, 'comment_name': comment.user_name, 'blog_title': blog.title, 'blog_url': 'http://{}/blog/read/?blogid={}'.format(HOST,blog.id), 'comment_content': comment.comment } html_message = temp.render(data) send_mail(subject, message, from_mail, recipient_list=recipient_list, fail_silently=False, html_message=html_message) elif str(comment.content_type) == '留言': subject = '' message = '' from_mail = DEFAULT_FROM_EMAIL recipient_list = [] html_message = '' if int(comment.root_id) == 0: subject = '[Hubery的博客]留言板评论' temp = loader.get_template('email/comment.html') # 发送给自己 recipient_list.append(DEFAULT_RECEIVE_EMAIL) data = { 'user_name': 'hubery', 'comment_name': comment.user_name, 'blog_title': '留言板', 'blog_url': 'http://{}/blog/message_board/'.format(HOST), 'comment_content': comment.comment } html_message = temp.render(data) else: subject = '[Hubery的博客]留言回复' temp = loader.get_template('email/replay.html') # 获取评论对象,找到回复对应的评论 comment_model = django_comments.get_model() cams = comment_model.objects.filter(id=comment.reply_to) if cams: recipient_list.append(cams[0].user_email if cams[0].user_email else DEFAULT_RECEIVE_EMAIL) else: # 没有找到评论,就发给自己(可以修改其他邮箱) recipient_list.append(DEFAULT_RECEIVE_EMAIL) data = { 'replay_name': comment.reply_name, 'comment_name': comment.user_name, 'blog_title': '留言评论', 'blog_url': 'http://{}/blog/message_board/'.format(HOST), 'comment_content': comment.comment } html_message = temp.render(data) send_mail(subject, message, from_mail, recipient_list=recipient_list, fail_silently=False, html_message=html_message) else: pass except Exception as e: print(e) # return next_redirect(request, fallback=next or 'comments-comment-done', # c=comment._get_pk_val()) return ResponseJson(200, True, 'comment success')
def post_comment_ajax(request, using=None): """ Post a comment, via an Ajax call. Most from django-fluent-comments """ if not request.is_ajax(): return HttpResponseBadRequest("Expecting Ajax call") data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name( ) or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest( "Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: return CommentPostBadRequest("Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % (escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % (escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if preview: comment = form.get_comment_object() if not form.errors else None if comment is not None and request.user.is_authenticated(): comment.user = request.user return _ajax_result(request, form, "preview", comment, object_id=object_pk) if form.errors: return _ajax_result(request, form, "post", object_id=object_pk) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = get_trusted_ip(request) if request.user.is_authenticated(): comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) return _ajax_result(request, form, "post", comment, object_id=object_pk)
"The given content-type %r does not resolve to a valid model." % \ escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % \ (escape(ctype), escape(object_pk))) except (ValueError, ValidationError), e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % \ (escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? # preview = "preview" in data # Construct the comment form form = comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) if form.errors: return render_to_response("comments/error.html", {"form": form}, RequestContext(request, {})) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated(): comment.user = request.user
def testGetForm(self): self.assertEqual(django_comments.get_form(), CommentForm)
from django.test import TestCase from django.urls import reverse from django.core import mail from django.contrib.auth import get_user_model from django_comments import get_model, get_form from froide.foirequest.models import FoiRequest from froide.foirequest.tests import factories from froide.foirequest.tests.test_api import OAuthAPIMixin from .models import FoiRequestFollower from .tasks import _batch_update User = get_user_model() Comment = get_model() CommentForm = get_form() class FoiRequestFollowerFactory(factory.DjangoModelFactory): class Meta: model = FoiRequestFollower request = factory.SubFactory(factories.FoiRequestFactory) user = factory.SubFactory(factories.UserFactory) email = '' confirmed = True class FoiRequestFollowerTest(TestCase): def setUp(self): self.site = factories.make_world()
def post(self, request, next=None, using=None): # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() data["name"] = request.user.get_full_name() or request.user.get_username() data["email"] = request.user.email # Look up the object we're trying to comment about result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using) if isinstance(result, CommentPostBadRequest): return result else: model, target = result # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors())) ) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore # format for preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render( request, template_list, {"comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next)}, ) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user html_comment, tags = form.process_tags() comment.comment = html_comment # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__ ) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) # Add the tags that are extracted from the comment comment.tags.add(*tags) return next_redirect(request, fallback=next or "comments-comment-done", c=comment._get_pk_val())
"The given content-type %r does not resolve to a valid model." % \ escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % \ (escape(ctype), escape(object_pk))) except (ValueError, ValidationError), e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % \ (escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? # preview = "preview" in data # Construct the comment form form = comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) if form.errors: return render_to_response("comments/error.html", {"form": form}, RequestContext(request, {})) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated():
def security_data(self, request, *args, **kwargs): target = self.kwargs.pop("target") form = get_form()(target) return Response(data=form.generate_security_data(), status=status.HTTP_200_OK)
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() # if request.user.is_authenticated(): # if not data.get('name', ''): # data["name"] = request.user.get_full_name() or request.user.get_username() # if not data.get('email', ''): # data["email"] = request.user.email # #changes # return JsonResponse({"result_info":"未认证用户"}) # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: #return CommentPostBadRequest("Missing content_type or object_pk field.") return JsonResponse({"result_info":"Missing content_type or object_pk field"}) try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: #return CommentPostBadRequest( # "Invalid content_type value: %r" % escape(ctype)) return JsonResponse({"result_info":"Invalid content_type value"}) except AttributeError: # return CommentPostBadRequest( # "The given content-type %r does not resolve to a valid model." % escape(ctype)) return JsonResponse({"result_info":"The given content-type does not resolve to a valid model"}) except ObjectDoesNotExist: # return CommentPostBadRequest( # "No object matching content-type %r and object PK %r exists." % ( # escape(ctype), escape(object_pk))) return JsonResponse({"result_info":"No object matching content-type and object PK exists"}) except (ValueError, ValidationError) as e: # return CommentPostBadRequest( # "Attempting go get content-type %r and object PK %r exists raised %s" % ( # escape(ctype), escape(object_pk), e.__class__.__name__)) return JsonResponse({"result_info":"Attempting go get content-type and object PK exists raised"}) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): # return CommentPostBadRequest( # "The comment form failed security verification: %s" % escape(str(form.security_errors()))) return JsonResponse({"result_info":"The comment form failed security verification"}) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] # return render(request, template_list, { # "comment": form.data.get("comment", ""), # "form": form, # "next": data.get("next", next), # } # ) return JsonResponse({"result_info":"form.error or preview"}) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) #change 2016-05-12 comment.root_id = data.get('root_id',0) comment.reply_to = data.get('reply_to',0) comment.reply_name = data.get('reply_name','') if request.user.is_authenticated(): comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: # return CommentPostBadRequest( # "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) return JsonResponse({"result_info":"comment_will_be_posted receiver killed the comment"}) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) #from . import email try: #判断评论对象是否为博文 if str(comment.content_type) == 'blog': #设置模版对应的参数 email_data = { 'comment_name' : data["name"], 'comment_content' : comment.comment, 'comment_url' : 'http://yshblog.com/blog/%s#F%s' % (comment.object_pk, comment.id)} subject = '' #邮件主题 template = '' #使用的模版 to_list = [] #收件人 if int(comment.root_id) == 0: subject = '[Chenchen的博客]博文评论' template = 'email/comment_email.html' #发送给自己(可以写其他邮箱) to_list.append(settings.DEFAULT_FROM_EMAIL) else: subject = '[Chenchen的博客]评论回复' template = 'email/reply_email.html' #获取评论对象,找到回复对应的评论 comment_model = django_comments.get_model() cams = comment_model.objects.filter(id = comment.reply_to) if cams: to_list.append(cams[0].user_email) else: #没有找到评论,就发给自己(可以修改其他邮箱) to_list.append(settings.DEFAULT_FROM_EMAIL) #根据模版发送邮件 print("mail thread creating") mail_thread=threading.Thread(target=send_email,args=(subject, template, email_data, to_list)) print("mail thread created") mail_thread.setDaemon(True) print("daemon") mail_thread.start() else: #其他类型的评论暂不处理 pass except Exception: return JsonResponse({"result_info":"comment with email fail"}) return_data={ "user_name":comment.user_name , "submit_date":comment.submit_date.strftime('%Y-%m-%d %H:%M'), "comment":comment.comment, "reply_name": comment.reply_name , "root_id":comment.root_id , "reply_to":comment.reply_to , "comment_id":comment.id, "result_info":"success" } return JsonResponse(return_data)
def test_get_form(self): # check function django_comments_xtd.get_form retrieves the due class self.assert_(comments.get_form() == XtdCommentForm)
def post(self, request, next=None, using=None): # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() data["name"] = request.user.get_full_name() or request.user.get_username() data["email"] = request.user.email # Look up the object we're trying to comment about result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using) if isinstance(result, CommentPostBadRequest): return result else: model, target = result # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest("The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore # format for preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user html_comment, tags = form.process_tags() comment.comment = html_comment # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) # Add the tags that are extracted from the comment comment.tags.add(*tags) return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def testGetForm(self): from custom_comments.forms import CustomCommentForm self.assertEqual(django_comments.get_form(), CustomCommentForm)
def entry_comment_form(entry): return { 'form': comments.get_form()(entry), 'next': entry.get_absolute_url(), }
def post_comment_ajax(request, using=None): """ Post a comment, via an Ajax call. """ if not request.is_ajax(): return HttpResponseBadRequest("Expecting Ajax call") # This is copied from django_comments. # Basically that view does too much, and doesn't offer a hook to change the rendering. # The request object is not passed to next_redirect for example. # # This is a separate view to integrate both features. Previously this used django-ajaxcomments # which is unfortunately not thread-safe (it it changes the comment view per request). # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated: if not data.get('name', ''): data["name"] = request.user.get_full_name() or request.user.username if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except ValueError: return CommentPostBadRequest("Invalid object_pk value: {0}".format(escape(object_pk))) except (TypeError, LookupError): return CommentPostBadRequest("Invalid content_type value: {0}".format(escape(ctype))) except AttributeError: return CommentPostBadRequest("The given content-type {0} does not resolve to a valid model.".format(escape(ctype))) except ObjectDoesNotExist: return CommentPostBadRequest("No object matching content-type {0} and object PK {1} exists.".format(escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest("Attempting go get content-type {0!r} and object PK {1!r} exists raised {2}".format(escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? is_preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data, is_preview=is_preview) # Check security information if form.security_errors(): return CommentPostBadRequest("The comment form failed security verification: {0}".format(form.security_errors())) # If there are errors or if we requested a preview show the comment if is_preview: comment = form.get_comment_object() if not form.errors else None return _ajax_result(request, form, "preview", comment, object_id=object_pk) if form.errors: return _ajax_result(request, form, "post", object_id=object_pk) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated: comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return CommentPostBadRequest("comment_will_be_posted receiver {0} killed the comment".format(receiver.__name__)) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender = comment.__class__, comment = comment, request = request ) return _ajax_result(request, form, "post", comment, object_id=object_pk)
def post_comment_ajax(request, using=None): """ Post a comment, via an Ajax call. """ is_ajax = request.META.get("HTTP_X_REQUESTED_WITH") == "XMLHttpRequest" if not is_ajax: return HttpResponseBadRequest("Expecting Ajax call") # This is copied from django_comments. # Basically that view does too much, and doesn't offer a hook to change the rendering. # The request object is not passed to next_redirect for example. # # This is a separate view to integrate both features. Previously this used django-ajaxcomments # which is unfortunately not thread-safe (it it changes the comment view per request). # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated: if not data.get("name", ""): data["name"] = request.user.get_full_name() or request.user.username if not data.get("email", ""): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except ValueError: return CommentPostBadRequest("Invalid object_pk value: {0}".format(escape(object_pk))) except (TypeError, LookupError): return CommentPostBadRequest("Invalid content_type value: {0}".format(escape(ctype))) except AttributeError: return CommentPostBadRequest( "The given content-type {0} does not resolve to a valid model.".format(escape(ctype)) ) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type {0} and object PK {1} exists.".format( escape(ctype), escape(object_pk) ) ) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type {0!r} and object PK {1!r} exists raised {2}".format( escape(ctype), escape(object_pk), e.__class__.__name__ ) ) # Do we want to preview the comment? is_preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data, is_preview=is_preview) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: {0}".format(form.security_errors()) ) # If there are errors or if we requested a preview show the comment if is_preview: comment = form.get_comment_object() if not form.errors else None return _ajax_result(request, form, "preview", comment, object_id=object_pk) if form.errors: return _ajax_result(request, form, "post", object_id=object_pk) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated: comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver {0} killed the comment".format(receiver.__name__) ) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) return _ajax_result(request, form, "post", comment, object_id=object_pk)