def post(self, request, *args, **kwargs): self.comment_obj = get_object_or_404(Comment, id=request.POST.get("commentid")) if request.user == self.comment_obj.commented_by: form = CaseCommentForm(request.POST, instance=self.comment_obj) if form.is_valid(): return self.form_valid(form) else: return self.form_invalid(form) else: data = {'error': "You don't have permission to edit this comment."} return JsonResponse(data)
def post(self, request, *args, **kwargs): self.comment_obj = get_object_or_404(Comment, id=request.POST.get("commentid")) if (request.user == self.comment_obj.commented_by or request.user.is_superuser or request.user.role == "ADMIN"): form = CaseCommentForm(request.POST, instance=self.comment_obj) if form.is_valid(): return self.form_valid(form) return self.form_invalid(form) data = {"error": "You don't have permission to edit this comment."} return JsonResponse(data)
def add_comment(request): if request.method == 'POST': case = get_object_or_404(Case, id=request.POST.get('caseid')) if request.user in case.assigned_to.all() or request.user == case.created_by: form = CaseCommentForm(request.POST) if form.is_valid(): case_comment = form.save(commit=False) case_comment.comment = request.POST.get('comment') case_comment.commented_by = request.user case_comment.case = case case_comment.save() data = {"comment_id": case_comment.id, "comment": case_comment.comment, "commented_on": case_comment.commented_on, "commented_by": case_comment.commented_by.email} return JsonResponse(data) else: return JsonResponse({"error": form['comment'].errors})
def edit_comment(request): if request.method == "POST": comment = request.POST.get('comment') comment_id = request.POST.get("commentid") comment_obj = get_object_or_404(Comment, id=comment_id) form = CaseCommentForm(request.POST) if request.user == comment_obj.commented_by: if form.is_valid(): comment_obj.comment = comment comment_obj.save() data = {"comment": comment_obj.comment, "commentid": comment_id} return JsonResponse(data) else: return JsonResponse({"error": form['comment'].errors}) else: return JsonResponse({"error": "You dont have authentication to edit"}) else: return render(request, "404.html")