def news_item(request, news_item_id=None):
"""
View for a news item.
Only responds to GET requests.
"""
top_news_item = get_object_or_404(NewsItem, pk=news_item_id)
child_comments = get_child_comments(top_news_item.child_set, 0)
header = 'News Item'
# these are only set if there is an error or something
comment_posting_error = get_from_session(request, 'comment_posting_error')
comment_text = get_from_session(request, 'comment_text')
comment_text_for_id = get_from_session(request, 'comment_text_for_id')
# comment_text_for_id needs to be a string
if str(comment_text_for_id) != news_item_id:
comment_text = ''
comment_posting_error = ''
next = reverse('news.views.news_items.news_item',
args=(top_news_item.id,))
top_news_item.update_ranking()
return render_to_response('news/news_item.html',
{'top_news_item': top_news_item,
'child_comments': child_comments,
'header': header,
'comment_posting_error':comment_posting_error,
'comment_text': comment_text,
'next': next},
context_instance=RequestContext(request))
def edit_comment(request, comment_id):
"""
View for editing a comment.
Responds to GET and POST. Get for getting the view and POST
for updating the comment.
"""
com = get_object_or_404(Comment, pk=comment_id)
next = reverse('news.views.comments.edit_comment',
args=(com.id,))
# This calculates the page we came from.
# If it is not given, it just defaults to the
# news item (if that's what is being deleted),
# or the parent news item of the comment that
# is being deleted.
top_news_item = com.get_parent_news_item()
from_page = request.GET.get('from',
reverse('news.views.news_items.news_item',
args=(top_news_item.id,)))
assert_or_404(valid_next_redirect(from_page))
# you should not be able to see this page or edit any comment
# if you are not logged in or if you are trying to edit someone
# else's comment
assert_or_404(request.user.is_authenticated() and \
com.can_be_edited(request.user.get_profile()))
# make sure the item hasn't already been deleted.
assert_or_404(not com.dead)
# on GET we can just return the template
if request.method != "POST":
comment_posting_error = get_from_session(request, 'comment_posting_error')
comment_text = get_from_session(request, 'comment_text')
return render_to_response('news/edit_comment.html',
{'comment_posting_error': comment_posting_error,
'comment': com,
# this will default to comment_text but if it is blank it
# looks at com.text
'comment_text': comment_text or com.text,
'from_page': from_page,
'next': next},
context_instance=RequestContext(request))
comment_text = get_from_POST_or_404(request, 'comment_text')
# if it is not valid, set the error message
# and reload this page
if not valid_comment_text(comment_text):
request.session['comment_posting_error'] = "Comment not valid"
request.session['comment_text'] = comment_text
return HttpResponseRedirect(next)
com.text = comment_text
com.save()
return HttpResponseRedirect(from_page)
def comment(request, comment_id):
"""
View for a comment.
Only responds to GETS.
"""
top_comment = get_object_or_404(Comment, pk=comment_id)
child_comments = get_child_comments(top_comment.child_set, 0)
header = 'Comment'
# these are set if there is an error or something when trying to post
# the comment
comment_posting_error = get_from_session(request, 'comment_posting_error')
comment_text = get_from_session(request, 'comment_text')
comment_text_for_id = get_from_session(request, 'comment_text_for_id')
# comment_text_for_id needs to be a string
if str(comment_text_for_id) != comment_id:
comment_posting_error = ''
comment_text = ''
next = reverse('news.views.comments.comment',
args=(top_comment.id,))
top_comment.update_ranking()
return render_to_response('news/comment.html',
{'top_comment': top_comment,
'child_comments': child_comments,
'header': header,
'comment_posting_error': comment_posting_error,
'comment_text': comment_text,
'next': next},
context_instance=RequestContext(request))
def buy_points(request):
"""
Throw up a template for making a payment on an account.
Must be logged in.
"""
next = reverse('news.views.payment.buy_points')
# make sure user is authenticated
if not request.user.is_authenticated():
return HttpResponseRedirect(reverse('news.views.login.login_view') +
'?next=' + next)
voting_error = get_from_session(request, 'voting_error')
return render_to_response('news/buy_points.html',
{'next': next,
'voting_error': voting_error,},
context_instance=RequestContext(request))
def change_password(request):
"""
Change password.
On GETs it shows the change password page.
On POSTs it tries to change the user's password.
"""
next = reverse('news.views.login.change_password')
if not request.user.is_authenticated():
return HttpResponseRedirect(
reverse('news.views.login.login_view') +
'?next=' + next)
if request.method != 'POST':
change_password_error = get_from_session(request,
'change_password_error')
return render_to_response('news/change_password.html',
{'change_password_error': change_password_error,
'next': next},
context_instance=RequestContext(request))
password1 = get_from_POST_or_404(request, 'password1')
password2 = get_from_POST_or_404(request, 'password2')
if password1 != password2:
request.session['change_password_error'] = "Passwords do not match"
return HttpResponseRedirect(reverse('news.views.login.change_password'))
if not valid_password(password1):
request.session['change_password_error'] = "Password too long or blank"
return HttpResponseRedirect(reverse('news.views.login.change_password'))
request.user.set_password(password1)
request.user.save()
username = request.user.username
return HttpResponseRedirect(reverse('news.views.users.user', args=(username,)))
def user(request, username):
"""
View for a user.
On GET it shows the user profile (which is editable if
the user is logged in and looking at their own profile.)
On POST it tries to update the user's profile.
"""
userprofile = get_object_or_404(UserProfile, user__username=username)
next = reverse('news.views.users.user', args=(userprofile.username,))
if request.method != 'POST':
posting_error = get_from_session(request, 'userprofile_posting_error')
email_address = get_from_session(request, 'userprofile_email')
website = get_from_session(request, 'userprofile_website')
about = get_from_session(request, 'userprofile_about')
return render_to_response('news/user.html',
{'viewing_userprofile': userprofile,
'next': next,
'posting_error': posting_error,
'error_email': email_address,
'error_website': website,
'error_about': about},
context_instance=RequestContext(request))
# don't allow users to POST without being logged in.
# Also make sure the the user trying to post is the
# one that is logged in.
assert_or_404(request.user.is_authenticated())
assert_or_404(request.user == userprofile.user)
email_address = get_from_POST_or_404(request, 'email_address')
website = get_from_POST_or_404(request, 'website')
about = get_from_POST_or_404(request, 'about')
option_show_email = request.POST.get('option_show_email', False)
option_use_javascript = request.POST.get('option_use_javascript', False)
option_show_dead = request.POST.get('option_show_dead', False)
# there shouldn't be a problem with option_show_email
# or option_use_javascript, or option_show_dead,
# so we can go ahead and set them
if option_use_javascript == False:
userprofile.option_use_javascript = False
else:
userprofile.option_use_javascript = True
if option_show_email == False:
userprofile.option_show_email = False
else:
userprofile.option_show_email = True
if option_show_dead == False:
userprofile.option_show_dead = False
else:
userprofile.option_show_dead = True
userprofile.save()
if email_address and not valid_email(email_address):
request.session['userprofile_posting_error'] = "Email address too long"
request.session['userprofile_email'] = email_address
request.session['userprofile_website'] = website
request.session['userprofile_about'] = about
return HttpResponseRedirect(reverse('news.views.users.user',
args=(userprofile.username,)))
if website:
website = improve_url(website)
if not valid_url(website):
request.session['userprofile_posting_error'] = "URL not valid"
request.session['userprofile_email'] = email_address
request.session['userprofile_website'] = website
request.session['userprofile_about'] = about
return HttpResponseRedirect(reverse('news.views.users.user',
args=(userprofile.username,)))
if about and not valid_text(about):
request.session['userprofile_posting_error'] = "About not valid"
request.session['userprofile_email'] = email_address
request.session['userprofile_website'] = website
request.session['userprofile_about'] = about
return HttpResponseRedirect(reverse('news.views.users.user',
args=(userprofile.username,)))
userprofile.website = website
userprofile.about = about
userprofile.user.email = email_address
userprofile.save()
userprofile.user.save()
return HttpResponseRedirect(
reverse('news.views.users.user', args=(userprofile.username,)))
def submit(request):
"""
View for submitting an item.
On GET it shows the page for submitting news items.
Some of the data can be filled in from parameters
passed in from the URL.
On POST it tries to submit a news item.
"""
next = reverse('news.views.news_items.submit')
if request.method != 'POST':
title = ''
url = ''
text = ''
submission_error = ''
if 'submit_title' in request.session:
title = get_from_session(request, 'submit_title')
url = get_from_session(request, 'submit_url')
text = get_from_session(request, 'submit_text')
submission_error = get_from_session(request, 'submission_error')
# this enables submission by bookmarklet
elif 'title' in request.GET:
title = request.GET.get('title', '')
url = request.GET.get('url', '')
url = urllib.unquote(url)
return render_to_response('news/submit.html',
{'title': title,
'url': url,
'text': text,
'submission_error': submission_error,
'next': next},
context_instance=RequestContext(request))
title = get_from_POST_or_404(request, 'title')
url = get_from_POST_or_404(request, 'url')
text = get_from_POST_or_404(request, 'text')
url = improve_url(url)
submission_error = check_submission(title, url, text)
if submission_error:
request.session['submit_title'] = title
request.session['submit_url'] = url
request.session['submit_text'] = text
request.session['submission_error'] = submission_error
return HttpResponseRedirect(reverse('news.views.news_items.submit'))
if not request.user.is_authenticated():
request.session['submit_title'] = title
request.session['submit_url'] = url
request.session['submit_text'] = text
return HttpResponseRedirect(
reverse('news.views.login.login_view') +
'?next=' + next)
# if the url has already been posted, just vote up this story
if url and NewsItem.objects.filter(url=url):
newsitem = NewsItem.objects.filter(url=url)[0]
news_item_next = reverse('news.views.news_items.news_item',
args=(newsitem.id,))
vote_next = reverse('news.views.voting.vote') + '?' + \
urllib.urlencode({'id': newsitem.id,
'type': 'news_item',
'direction': 'up',
'next': news_item_next})
return HttpResponseRedirect(vote_next)
# now we can create the news item
newsitem = NewsItem.objects.create(poster=request.user.get_profile(),
title=title, url=url, text=text)
Rated.objects.create(rankable=newsitem, userprofile=request.user.get_profile(),
direction='up')
return HttpResponseRedirect(
reverse('news.views.news_items.news_item',
args=(newsitem.id,)))
def login_view(request):
"""
Perform login or show login page.
On GETs it shows the login page,
on POSTS it tries to log the user in.
"""
# If next is passed, get it.
# I am only attempting to get it from POST so I can use it in testing.
next = request.GET.get('next', reverse('news.views.news_items.index'))
next = request.POST.get('next', next)
assert_or_404(valid_next_redirect(next))
if request.method != 'POST':
# if there is a login error or create account error
# in session, get the value
login_error = get_from_session(request, "login_error")
username = get_from_session(request, "login_username")
create_account_error = get_from_session(request,
"create_account_error")
create_account_username = get_from_session(request,
"create_account_username")
return render_to_response('news/login.html',
{'login_error': login_error,
'username': username,
'create_account_error': create_account_error,
'create_account_username': create_account_username,
'next': next},
context_instance=RequestContext(request))
username = get_from_POST_or_404(request, 'username')
password = get_from_POST_or_404(request, 'password')
user = authenticate(username=username, password=password)
if user is None:
request.session['login_error'] = "Invalid username or password"
request.session['login_username'] = username
return HttpResponseRedirect(reverse('news.views.login.login_view') +
"?next=" + next)
if not user.is_active:
request.session['login_error'] = "Account disabled"
request.session['login_username'] = username
return HttpResponseRedirect(reverse('news.views.login.login_view') +
"?next=" + next)
# before we login the user, makes sure to get their session variables,
# and put them back into the session after calling login().
# login() will flush everything, so we need to make sure to save the stuff
# we want. This is used when the user trys to post
# a comment if they are not logged in. We will reload
# the page and send them back to the page with their comment
# already filled in.
comment_text = get_from_session(request, 'comment_text')
comment_text_for_id = get_from_session(request, 'comment_text_for_id')
submit_title = get_from_session(request, 'submit_title')
submit_url = get_from_session(request, 'submit_url')
submit_text = get_from_session(request, 'submit_text')
# user has be authenticated and they are active
login(request, user)
request.session['comment_text'] = comment_text
request.session['comment_text_for_id'] = comment_text_for_id
request.session['submit_title'] = submit_title
request.session['submit_url'] = submit_url
request.session['submit_text'] = submit_text
return HttpResponseRedirect(next)