def _is_ratelimited(request): """Ratelimiting helper for kbforum threads and replies. They are ratelimited together with the same key. """ return ( is_ratelimited(request, increment=True, rate='4/m', ip=False, keys=user_or_ip('kbforum-post-min')) or is_ratelimited(request, increment=True, rate='50/d', ip=False, keys=user_or_ip('kbforum-post-day')))
def _is_ratelimited(request): """Ratelimiting helper for kbforum threads and replies. They are ratelimited together with the same key. """ return (is_ratelimited(request, increment=True, rate='4/m', ip=False, keys=user_or_ip('kbforum-post-min')) or is_ratelimited(request, increment=True, rate='50/d', ip=False, keys=user_or_ip('kbforum-post-day')))
def new_message(request, template): """Send a new private message.""" to = request.GET.get('to') if to: try: User.objects.get(username=to) except User.DoesNotExist: contrib_messages.add_message( request, contrib_messages.ERROR, _('Invalid username provided. Enter a new username below.')) return HttpResponseRedirect(reverse('messages.new')) form = MessageForm(request.POST or None, initial={'to': to}) if (request.method == 'POST' and form.is_valid() and not is_ratelimited(request, increment=True, rate='50/d', ip=False, keys=user_or_ip('private-message-day'))): send_message(form.cleaned_data['to'], form.cleaned_data['message'], request.user) if form.cleaned_data['in_reply_to']: irt = form.cleaned_data['in_reply_to'] try: m = InboxMessage.objects.get(pk=irt, to=request.user) m.update(replied=True) except InboxMessage.DoesNotExist: pass contrib_messages.add_message(request, contrib_messages.SUCCESS, _('Your message was sent!')) return HttpResponseRedirect(reverse('messages.inbox')) return render(request, template, {'form': form})
document = get_object_or_404(Document, **kwargs) data = json.dumps({ 'id': document.id, 'locale': document.locale, 'slug': document.slug, 'title': document.title, 'summary': document.current_revision.summary, 'url': document.get_absolute_url(), }) return HttpResponse(data, mimetype='application/json') @require_POST @csrf_exempt @ratelimit(keys=user_or_ip('document-vote'), ip=False, rate='10/d') def helpful_vote(request, document_slug): """Vote for Helpful/Not Helpful document""" if 'revision_id' not in request.POST: return HttpResponseBadRequest() revision = get_object_or_404( Revision, id=smart_int(request.POST['revision_id'])) survey = None if revision.document.category == TEMPLATES_CATEGORY: return HttpResponseBadRequest() if not revision.has_voted(request): ua = request.META.get('HTTP_USER_AGENT', '')[:1000] # 1000 max_length vote = HelpfulVote(revision=revision, user_agent=ua)