def post(self, menu_identifier=None):
if menu_identifier is None or not Menu.isRightIdentifier(menu_identifier):
self.siteError( SiteErrorType.ERROR_MENU_NOT_EXIST )
return
user = self.context['user'].get_current_user()
if not user:
self.redirect( users.create_login_url("/write/"+menu_identifier ) )
remote_addr = self.request.remote_addr
if not remote_addr:
self.siteError( getSiteErrorMessage("invalid_access") )
return
self.context['menu_id'] = Menu.getMenuIdWithIdentifier( menu_identifier )
self.context['menu_label'] = Menu.getLabel( self.context['menu_id'] )
self.context['menu_identifier'] = menu_identifier
if self.context['user'] and User.isUserNeedCaptcha( self.get_current_user() ):
entry_form = EntryRecaptchaForm(remote_addr, data=self.request.POST)
else:
entry_form = EntryForm(data=self.request.POST)
if entry_form.is_valid():
# insert
# check user
User.insertUser(user, remote_addr)
menu_id = self.context['menu_id']
Entry.insert( entry_form.cleaned_data['title'], entry_form.cleaned_data['link'], entry_form.cleaned_data['content'], menu_id, user, remote_addr )
self.redirect("/list/"+Menu.getMenuIdentifier( menu_id) )
else:
self.createCSRFToken()
self.context['entry_form'] = entry_form
self.render( "write.html" )
def post(self, index=None):
if not self.context['user'].get_current_user():
self.siteError( SiteErrorType.ERROR_INVALID_ACCESS )
return
self.context['index'] = index
entry = Entry.get_entry( index )
if not entry or entry.is_removed:
self.siteError( getSiteErrorMessage("entry_not_exist") )
return
remote_addr = self.request.remote_addr
if not remote_addr:
self.siteError( getSiteErrorMessage("invalid_access") )
return
user = self.context['user'].get_current_user()
User.insertUser(user, remote_addr)
if self.context['user'] and User.isUserNeedCaptcha( self.get_current_user() ):
comment_form = CommentRecaptchaForm(self.request.remote_addr, data = self.request.POST)
else:
comment_form = CommentForm(data = self.request.POST)
if comment_form.is_valid():
comment = Comment.insert(entry, comment_form.cleaned_data['content'], user, remote_addr)
entry.comment_count = entry.comment_count + 1
entry.updated_on = datetime.datetime.now()
entry.put()
PagingCursorMasterKey.clearModelKey("Comment")
self.redirect("/entry/%s#comment%d"%(index, comment.id()))
else:
self.createCSRFToken()
self.context['entry'] = entry
self.context['comment_form'] = comment_form
self.render("view.html")
def createCSRFToken(self):
if not self.context['user'].get_current_user():
return
siteUser = User.getSiteUser( self.context['user'].get_current_user() )
if not siteUser:
siteUser = User.insertUser( self.context['user'].get_current_user(), self.request.remote_addr )
m = hashlib.md5()
# prepare salt
if siteUser.last_write_on:
m.update( siteUser.last_write_on.strftime("%Y/%m/%d %H:%M:%S.%f") )
else:
m.update( siteUser.join_on.strftime("%Y/%m/%d %H:%M:%S.%f") )
m.update( str( siteUser.key().id() ) )
self.context['csrf_token'] = m.hexdigest()
cookies = Cookies( self )
cookies['csrf_token'] = self.context['csrf_token']
def get(self, cursor=None):
siteUser = User.getSiteUser( self.context['user'].get_current_user() )
if not siteUser:
siteUser = User.insertUser(self.context['user'].get_current_user(), self.request.remote_addr )
self.context['siteUser'] = siteUser
LIST_NUMS = 10
query = Entry.all()
query.filter("site_user_id", User.getSiteUserId( self.context['user'].get_current_user() ) )
query.filter("is_removed", False )
query.order("-created_on")
paging = Paging( query )
paging.setCurrentCursor( cursor )
paging.setLimit( LIST_NUMS )
paging.execute()
self.context['paging'] = paging
self.render("user.html")
