def test_is_moderator(self): """ Verifies the check for a user having Moderator privileges. """ self.assertTrue(auth.is_moderator(self.admin)) self.assertTrue(auth.is_moderator(self.moderator)) self.assertFalse(auth.is_moderator(self.user))
def add_reply(request, topic_id, meta=False, quote_post=None): """ Adds a Post to a Topic. If ``quote_post`` is given, the form will be prepopulated with a quoted version of the Post's body. """ filters = {'pk': topic_id} if not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic, **filters) if topic.forum.section.is_managed(): if not topic.forum.section.is_corp_authed(request.user): raise Http404 if topic.locked and \ not auth.is_moderator(request.user): return permission_denied(request, message='You do not have permission to post in this topic.') forum = Forum.objects.select_related().get(pk=topic.forum_id) preview = None if app_settings.USE_REDIS: redis.seen_user(request.user, 'Posting in topic:', topic) if request.method == 'POST': form = forms.ReplyForm(not meta, request.POST) if form.is_valid(): if 'preview' in request.POST: preview = post_formatter.format_post( form.cleaned_data['body'], form.cleaned_data['emoticons']) elif 'submit' in request.POST: post = form.save(commit=False) post.topic = topic post.user = request.user # Only force the meta attribute if posting in meta mode, # as otherwise the user can choose to create a meta post. if meta: post.meta = True post.user_ip = request.META['REMOTE_ADDR'] post.save() return redirect_to_post(request, post.id, post) else: initial = {} if quote_post is not None: initial['body'] = post_formatter.quote_post(quote_post) form = forms.ReplyForm(not meta, initial=initial) return render(request, 'forum/add_reply.html', { 'form': form, 'topic': topic, 'section': forum.section, 'forum': forum, 'topic': topic, 'preview': preview, 'meta': meta, 'urls': TopicURLs(topic, meta), 'title': 'Add Reply to %s' % topic.title, 'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE, })
def add_reply(request, topic_id, meta=False, quote_post=None): """ Adds a Post to a Topic. If ``quote_post`` is given, the form will be prepopulated with a quoted version of the Post's body. """ filters = {'pk': topic_id} if not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic, **filters) if topic.locked and \ not auth.is_moderator(request.user): return permission_denied( request, message='You do not have permission to post in this topic.') forum = Forum.objects.select_related().get(pk=topic.forum_id) preview = None if app_settings.USE_REDIS: redis.seen_user(request.user, 'Posting in topic:', topic) if request.method == 'POST': form = forms.ReplyForm(not meta, request.POST) if form.is_valid(): if 'preview' in request.POST: preview = post_formatter.format_post( form.cleaned_data['body'], form.cleaned_data['emoticons']) elif 'submit' in request.POST: post = form.save(commit=False) post.topic = topic post.user = request.user # Only force the meta attribute if posting in meta mode, # as otherwise the user can choose to create a meta post. if meta: post.meta = True post.user_ip = request.META['REMOTE_ADDR'] post.save() return redirect_to_post(request, post.id, post) else: initial = {} if quote_post is not None: initial['body'] = post_formatter.quote_post(quote_post) form = forms.ReplyForm(not meta, initial=initial) return render( request, 'forum/add_reply.html', { 'form': form, 'topic': topic, 'section': forum.section, 'forum': forum, 'topic': topic, 'preview': preview, 'meta': meta, 'urls': TopicURLs(topic, meta), 'title': 'Add Reply to %s' % topic.title, 'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE, })
def add_reply(request, topic_id, meta=False, quote_post=None): """ Adds a Post to a Topic. If ``quote_post`` is given, the form will be prepopulated with a quoted version of the Post's body. """ filters = {"pk": topic_id} if not auth.is_moderator(request.user): filters["hidden"] = False topic = get_object_or_404(Topic, **filters) if topic.locked and not auth.is_moderator(request.user): return permission_denied(request, message="You do not have permission to post in this topic.") forum = Forum.objects.select_related().get(pk=topic.forum_id) preview = None if app_settings.USE_REDIS: redis.seen_user(request.user, "Posting in topic:", topic) if request.method == "POST": form = forms.ReplyForm(not meta, request.POST) if form.is_valid(): if "preview" in request.POST: preview = post_formatter.format_post(form.cleaned_data["body"], form.cleaned_data["emoticons"]) elif "submit" in request.POST: post = form.save(commit=False) post.topic = topic post.user = request.user # Only force the meta attribute if posting in meta mode, # as otherwise the user can choose to create a meta post. if meta: post.meta = True post.user_ip = request.META["REMOTE_ADDR"] post.save() return redirect_to_post(request, post.id, post) else: initial = {} if quote_post is not None: initial["body"] = post_formatter.quote_post(quote_post) form = forms.ReplyForm(not meta, initial=initial) return render( request, "forum/add_reply.html", { "form": form, "topic": topic, "section": forum.section, "forum": forum, "topic": topic, "preview": preview, "meta": meta, "urls": TopicURLs(topic, meta), "title": "Add Reply to %s" % topic.title, "quick_help_template": post_formatter.QUICK_HELP_TEMPLATE, }, )
def edit_topic(request, topic_id): """ Edits the given Topic. To avoid regular Users from being shown non-working links, the Topic's Forum's denormalised last Post data is also updated when necessary after the moderator has made a change to the Topic's ``hidden`` status. Post counts and Topic counts will not be affected by hiding a Topic - it is assumed this is a temporary measure which will either lead to a Topic being cleaned up or removed altogether. """ filters = {'pk': topic_id} if not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic, **filters) forum = Forum.objects.select_related().get(pk=topic.forum_id) if forum.section.is_managed(): if not forum.section.is_corp_authed(request.user): return permission_denied(request, message="You are not a member of the appropriate corporation, alliance or coalition.") if not auth.user_can_edit_topic(request.user, topic): return permission_denied(request, message='You do not have permission to edit this topic.') editable_fields = ['title', 'description'] moderator = auth.is_moderator(request.user) if moderator: was_hidden = topic.hidden if app_settings.USE_REDIS: redis.seen_user(request.user, 'Editing Topic:', topic) if request.method == 'POST': form = forms.EditTopicForm(moderator, request.POST, instance=topic) if form.is_valid(): topic = form.save(commit=True) if auth.is_moderator(request.user): if topic.hidden and not was_hidden: if forum.last_topic_id == topic.id: # Set the forum's last post to the latest non-hidden # post. forum.set_last_post() elif not topic.hidden and was_hidden: # Just in case this topic still holds the last post forum.set_last_post() return HttpResponseRedirect(topic.get_absolute_url()) else: form = forms.EditTopicForm(moderator, instance=topic) return render(request, 'forum/edit_topic.html', { 'topic': topic, 'form': form, 'section': forum.section, 'forum': forum, 'title': 'Edit Topic', 'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE, })
def edit_post(request, post_id): """ Edits the given Post. """ filters = {'pk': post_id} if not auth.is_moderator(request.user): filters['topic__hidden'] = False post = get_object_or_404(Post, **filters) topic = post.topic if not auth.user_can_edit_post(request.user, post, topic): return permission_denied(request, message='You do not have permission to edit this post.') forum = Forum.objects.select_related().get(pk=topic.forum_id) if forum.section.is_managed(): if not forum.section.is_corp_authed(request.user): return permission_denied(request, message="You are not a member of the appropriate corporation, alliance or coalition.") meta_editable = auth.is_moderator(request.user) if meta_editable: was_meta = post.meta preview = None if app_settings.USE_REDIS: redis.seen_user(request.user, 'Editing a post in:', topic) if request.method == 'POST': form = forms.ReplyForm(meta_editable, request.POST, instance=post) if form.is_valid(): if 'preview' in request.POST: preview = post_formatter.format_post( form.cleaned_data['body'], form.cleaned_data['emoticons']) elif 'submit' in request.POST: post = form.save(commit=False) if auth.is_moderator(request.user): if post.meta and not was_meta: moderation.make_post_meta(post, topic, forum) elif not post.meta and was_meta: moderation.make_post_not_meta(post, topic, forum) else: post.save() else: post.save() return redirect_to_post(request, post.id, post) else: form = forms.ReplyForm(meta_editable, instance=post) return render(request, 'forum/edit_post.html', { 'form': form, 'post': post, 'topic': topic, 'forum': forum, 'section': forum.section, 'preview': preview, 'title': 'Edit Post', 'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE, })
def edit_post(request, post_id): """ Edits the given Post. """ filters = {"pk": post_id} if not auth.is_moderator(request.user): filters["topic__hidden"] = False post = get_object_or_404(Post, **filters) topic = post.topic if not auth.user_can_edit_post(request.user, post, topic): return permission_denied(request, message="You do not have permission to edit this post.") forum = Forum.objects.select_related().get(pk=topic.forum_id) meta_editable = auth.is_moderator(request.user) if meta_editable: was_meta = post.meta preview = None if app_settings.USE_REDIS: redis.seen_user(request.user, "Editing a post in:", topic) if request.method == "POST": form = forms.ReplyForm(meta_editable, request.POST, instance=post) if form.is_valid(): if "preview" in request.POST: preview = post_formatter.format_post(form.cleaned_data["body"], form.cleaned_data["emoticons"]) elif "submit" in request.POST: post = form.save(commit=False) if auth.is_moderator(request.user): if post.meta and not was_meta: moderation.make_post_meta(post, topic, forum) elif not post.meta and was_meta: moderation.make_post_not_meta(post, topic, forum) else: post.save() else: post.save() return redirect_to_post(request, post.id, post) else: form = forms.ReplyForm(meta_editable, instance=post) return render( request, "forum/edit_post.html", { "form": form, "post": post, "topic": topic, "forum": forum, "section": forum.section, "preview": preview, "title": "Edit Post", "quick_help_template": post_formatter.QUICK_HELP_TEMPLATE, }, )
def edit_topic(request, topic_id): """ Edits the given Topic. To avoid regular Users from being shown non-working links, the Topic's Forum's denormalised last Post data is also updated when necessary after the moderator has made a change to the Topic's ``hidden`` status. Post counts and Topic counts will not be affected by hiding a Topic - it is assumed this is a temporary measure which will either lead to a Topic being cleaned up or removed altogether. """ filters = {'pk': topic_id} if not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic, **filters) forum = Forum.objects.select_related().get(pk=topic.forum_id) if not auth.user_can_edit_topic(request.user, topic): return permission_denied( request, message='You do not have permission to edit this topic.') editable_fields = ['title', 'description'] moderator = auth.is_moderator(request.user) if moderator: was_hidden = topic.hidden if app_settings.USE_REDIS: redis.seen_user(request.user, 'Editing Topic:', topic) if request.method == 'POST': form = forms.EditTopicForm(moderator, request.POST, instance=topic) if form.is_valid(): topic = form.save(commit=True) if auth.is_moderator(request.user): if topic.hidden and not was_hidden: if forum.last_topic_id == topic.id: # Set the forum's last post to the latest non-hidden # post. forum.set_last_post() elif not topic.hidden and was_hidden: # Just in case this topic still holds the last post forum.set_last_post() return HttpResponseRedirect(topic.get_absolute_url()) else: form = forms.EditTopicForm(moderator, instance=topic) return render( request, 'forum/edit_topic.html', { 'topic': topic, 'form': form, 'section': forum.section, 'forum': forum, 'title': 'Edit Topic', 'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE, })
def edit_post(request, post_id): """ Edits the given Post. """ filters = {'pk': post_id} if not auth.is_moderator(request.user): filters['topic__hidden'] = False post = get_object_or_404(Post, **filters) topic = post.topic if not auth.user_can_edit_post(request.user, post, topic): return permission_denied( request, message='You do not have permission to edit this post.') forum = Forum.objects.select_related().get(pk=topic.forum_id) meta_editable = auth.is_moderator(request.user) if meta_editable: was_meta = post.meta preview = None if app_settings.USE_REDIS: redis.seen_user(request.user, 'Editing a post in:', topic) if request.method == 'POST': form = forms.ReplyForm(meta_editable, request.POST, instance=post) if form.is_valid(): if 'preview' in request.POST: preview = post_formatter.format_post( form.cleaned_data['body'], form.cleaned_data['emoticons']) elif 'submit' in request.POST: post = form.save(commit=False) if auth.is_moderator(request.user): if post.meta and not was_meta: moderation.make_post_meta(post, topic, forum) elif not post.meta and was_meta: moderation.make_post_not_meta(post, topic, forum) else: post.save() else: post.save() return redirect_to_post(request, post.id, post) else: form = forms.ReplyForm(meta_editable, instance=post) return render( request, 'forum/edit_post.html', { 'form': form, 'post': post, 'topic': topic, 'forum': forum, 'section': forum.section, 'preview': preview, 'title': 'Edit Post', 'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE, })
def topic_detail(request, topic_id, meta=False): """ Displays a Topic's Posts. """ filters = {'pk': topic_id} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic.objects.with_display_details(), **filters) if app_settings.USE_REDIS: redis.increment_view_count(topic) if request.user.is_authenticated(): redis.update_last_read_time(request.user, topic) redis.seen_user(request.user, 'Viewing Topic:', topic) return object_list(request, Post.objects.with_user_details().filter(topic=topic, meta=meta) \ .order_by('posted_at', 'num_in_topic'), paginate_by=get_posts_per_page(request.user), allow_empty=True, template_name='forum/topic_detail.html', extra_context={ 'topic': topic, 'title': topic.title, 'avatar_dimensions': get_avatar_dimensions(), 'meta': meta, 'urls': TopicURLs(topic, meta), 'show_fast_reply': request.user.is_authenticated() and \ ForumProfile.objects.get_for_user(request.user).auto_fast_reply \ or False, }, template_object_name='post')
def delete_post(request, post_id): """ Deletes a Post after deletion is confirmed via POST. A request to delete the first post in a Topic is interpreted as a request to delete the Topic itself. """ filters = {'pk': post_id} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['topic__hidden'] = False post = get_object_or_404(Post.objects.with_user_details(), **filters) topic = post.topic if not auth.user_can_edit_post(request.user, post, topic): return permission_denied(request, message='You do not have permission to delete this post.') if post.num_in_topic == 1 and not post.meta: return delete_topic(request, post.topic_id) if app_settings.USE_REDIS: redis.seen_user(request.user, 'Deleting a post in:', topic) if request.method == 'POST': post.delete() url = post.meta and topic.get_meta_url() or topic.get_absolute_url() return HttpResponseRedirect(url) else: forum = Forum.objects.select_related().get(pk=topic.forum_id) return render(request, 'forum/delete_post.html', { 'post': post, 'topic': topic, 'forum': forum, 'section': forum.section, 'title': 'Delete Post', 'avatar_dimensions': get_avatar_dimensions(), })
def delete_topic(request, topic_id): """ Deletes a Topic after confirmation is made via POST. """ filters = {'pk': topic_id} if not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic, **filters) post = Post.objects.with_user_details().get(topic=topic, meta=False, num_in_topic=1) if not auth.user_can_edit_topic(request.user, topic): return permission_denied( request, message='You do not have permission to delete this topic.') forum = Forum.objects.select_related().get(pk=topic.forum_id) if app_settings.USE_REDIS: redis.seen_user(request.user, 'Deleting a Topic') if request.method == 'POST': topic.delete() return HttpResponseRedirect(forum.get_absolute_url()) else: return render( request, 'forum/delete_topic.html', { 'post': post, 'topic': topic, 'forum': forum, 'section': forum.section, 'title': 'Delete Topic', 'avatar_dimensions': get_avatar_dimensions(), })
def new_posts(request): """ Displays all Topics which have had new posts in the last fortnight, those with newest Posts first. """ filters = {'last_post_at__gte': \ datetime.date.today() - datetime.timedelta(days=14)} if not auth.is_moderator(request.user): filters['hidden'] = False queryset = Topic.objects.with_forum_and_user_details().filter( **filters).order_by('-last_post_at') if app_settings.USE_REDIS: redis.seen_user( request.user, 'Viewing: <a href="%s">New Posts</a>' % reverse('forum_new_posts')) return object_list(request, queryset, paginate_by=get_topics_per_page(request.user), allow_empty=True, template_name='forum/new_posts.html', extra_context={ 'title': 'New Posts', 'posts_per_page': get_posts_per_page(request.user), }, template_object_name='topic')
def user_profile(request, user_id): """ Displays the ForumProfile for the user with the given id. """ forum_user = get_object_or_404(User, pk=user_id) try: filters = {'user': forum_user} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['hidden'] = False recent_topics = Topic.objects.with_forum_details().filter( **filters).order_by('-started_at')[:5] except IndexError: recent_topics = [] context = { 'forum_user': forum_user, 'forum_profile': ForumProfile.objects.get_for_user(forum_user), 'recent_topics': Topic.objects.add_view_counts(recent_topics), 'title': 'Forum Profile for %s' % forum_user, 'avatar_dimensions': get_avatar_dimensions(), } if app_settings.USE_REDIS: last_seen, doing = redis.get_last_seen(forum_user) context['last_seen'] = last_seen context['doing'] = doing if request.user.is_authenticated(): redis.seen_user(request.user, 'Viewing user profile:', forum_user) return render(request, 'forum/user_profile.html', context)
def new_posts(request): """ Displays all Topics which have had new posts in the last fortnight, those with newest Posts first. """ filters = {'last_post_at__gte': \ datetime.date.today() - datetime.timedelta(days=14)} if not auth.is_moderator(request.user): filters['hidden'] = False accessible_sections = [] for section in Section.objects.all(): if section.is_managed(): if section.is_corp_authed(request.user): accessible_sections.append(section) else: accessible_sections.append(section) accessible_forums = Forum.objects.all().filter(section__in = accessible_sections) filters.update({'forum__in': accessible_forums}) queryset = Topic.objects.with_forum_and_user_details().filter( **filters).order_by('-last_post_at') if app_settings.USE_REDIS: redis.seen_user(request.user, 'Viewing: <a href="%s">New Posts</a>' % reverse('forum_new_posts')) return object_list(request, queryset, paginate_by=get_topics_per_page(request.user), allow_empty=True, template_name='forum/new_posts.html', extra_context={ 'title': 'New Posts', 'posts_per_page': get_posts_per_page(request.user), }, template_object_name='topic')
def is_moderator(user): """ Returns ``True`` if the given user has moderation permissions, ``False`` otherwise. """ return user.is_authenticated() and \ auth.is_moderator(user)
def delete_topic(request, topic_id): """ Deletes a Topic after confirmation is made via POST. """ filters = {'pk': topic_id} if not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic, **filters) post = Post.objects.with_user_details().get(topic=topic, meta=False, num_in_topic=1) if not auth.user_can_edit_topic(request.user, topic): return permission_denied(request, message='You do not have permission to delete this topic.') forum = Forum.objects.select_related().get(pk=topic.forum_id) if forum.section.is_managed(): if not forum.section.is_corp_authed(request.user): return permission_denied(request, message="You are not a member of the appropriate corporation, alliance or coalition.") if app_settings.USE_REDIS: redis.seen_user(request.user, 'Deleting a Topic') if request.method == 'POST': topic.delete() return HttpResponseRedirect(forum.get_absolute_url()) else: return render(request, 'forum/delete_topic.html', { 'post': post, 'topic': topic, 'forum': forum, 'section': forum.section, 'title': 'Delete Topic', 'avatar_dimensions': get_avatar_dimensions(), })
def user_profile(request, user_id): """ Displays the ForumProfile for the user with the given id. """ forum_user = get_object_or_404(User, pk=user_id) try: filters = {"user": forum_user} if not request.user.is_authenticated() or not auth.is_moderator(request.user): filters["hidden"] = False recent_topics = Topic.objects.with_forum_details().filter(**filters).order_by("-started_at")[:5] except IndexError: recent_topics = [] context = { "forum_user": forum_user, "forum_profile": ForumProfile.objects.get_for_user(forum_user), "recent_topics": Topic.objects.add_view_counts(recent_topics), "title": "Forum Profile for %s" % forum_user, "avatar_dimensions": get_avatar_dimensions(), } if app_settings.USE_REDIS: last_seen, doing = redis.get_last_seen(forum_user) context["last_seen"] = last_seen context["doing"] = doing if request.user.is_authenticated(): redis.seen_user(request.user, "Viewing user profile:", forum_user) return render(request, "forum/user_profile.html", context)
def topic_detail(request, topic_id, meta=False): """ Displays a Topic's Posts. """ filters = {"pk": topic_id} if not request.user.is_authenticated() or not auth.is_moderator(request.user): filters["hidden"] = False topic = get_object_or_404(Topic.objects.with_display_details(), **filters) if app_settings.USE_REDIS: redis.increment_view_count(topic) if request.user.is_authenticated(): redis.update_last_read_time(request.user, topic) redis.seen_user(request.user, "Viewing Topic:", topic) return object_list( request, Post.objects.with_user_details().filter(topic=topic, meta=meta).order_by("posted_at", "num_in_topic"), paginate_by=get_posts_per_page(request.user), allow_empty=True, template_name="forum/topic_detail.html", extra_context={ "topic": topic, "title": topic.title, "avatar_dimensions": get_avatar_dimensions(), "meta": meta, "urls": TopicURLs(topic, meta), "show_fast_reply": request.user.is_authenticated() and ForumProfile.objects.get_for_user(request.user).auto_fast_reply or False, }, template_object_name="post", )
def delete_topic(request, topic_id): """ Deletes a Topic after confirmation is made via POST. """ filters = {"pk": topic_id} if not auth.is_moderator(request.user): filters["hidden"] = False topic = get_object_or_404(Topic, **filters) post = Post.objects.with_user_details().get(topic=topic, meta=False, num_in_topic=1) if not auth.user_can_edit_topic(request.user, topic): return permission_denied(request, message="You do not have permission to delete this topic.") forum = Forum.objects.select_related().get(pk=topic.forum_id) if app_settings.USE_REDIS: redis.seen_user(request.user, "Deleting a Topic") if request.method == "POST": topic.delete() return HttpResponseRedirect(forum.get_absolute_url()) else: return render( request, "forum/delete_topic.html", { "post": post, "topic": topic, "forum": forum, "section": forum.section, "title": "Delete Topic", "avatar_dimensions": get_avatar_dimensions(), }, )
def edit_user_forum_profile(request, user_id): """ Edits public information in a given User's ForumProfile. Only moderators may edit a User's title. """ user = get_object_or_404(User, pk=user_id) if not auth.user_can_edit_user_profile(request.user, user): return permission_denied(request, message='You do not have permission to edit this user\'s forum profile.') user_profile = ForumProfile.objects.get_for_user(user) can_edit_title = auth.is_moderator(request.user) if app_settings.USE_REDIS: redis.seen_user(request.user, 'Editing User Profile') if request.method == 'POST': form = forms.UserProfileForm(can_edit_title, request.POST, instance=user_profile) if form.is_valid(): form.save(commit=True) return HttpResponseRedirect(user_profile.get_absolute_url()) else: form = forms.UserProfileForm(can_edit_title, instance=user_profile) return render(request, 'forum/edit_user_forum_profile.html', { 'forum_user': user, 'forum_profile': user_profile, 'form': form, 'title': 'Edit Forum Profile', 'avatar_dimensions': get_avatar_dimensions(), })
def edit_user_forum_profile(request, user_id): """ Edits public information in a given User's ForumProfile. Only moderators may edit a User's title. """ user = get_object_or_404(User, pk=user_id) if not auth.user_can_edit_user_profile(request.user, user): return permission_denied( request, message= 'You do not have permission to edit this user\'s forum profile.') user_profile = ForumProfile.objects.get_for_user(user) can_edit_title = auth.is_moderator(request.user) if app_settings.USE_REDIS: redis.seen_user(request.user, 'Editing User Profile') if request.method == 'POST': form = forms.UserProfileForm(can_edit_title, request.POST, instance=user_profile) if form.is_valid(): form.save(commit=True) return HttpResponseRedirect(user_profile.get_absolute_url()) else: form = forms.UserProfileForm(can_edit_title, instance=user_profile) return render( request, 'forum/edit_user_forum_profile.html', { 'forum_user': user, 'forum_profile': user_profile, 'form': form, 'title': 'Edit Forum Profile', 'avatar_dimensions': get_avatar_dimensions(), })
def user_topics(request, user_id): """ Displays Topics created by a given User. """ forum_user = get_object_or_404(User, pk=user_id) filters = {'user': forum_user} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['hidden'] = False queryset = Topic.objects.with_forum_details().filter( **filters).order_by('-started_at') if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, 'Viewing topics by:', forum_user) return object_list(request, queryset, paginate_by=get_topics_per_page(request.user), allow_empty=True, template_name='forum/user_topics.html', extra_context={ 'forum_user': forum_user, 'title': 'Topics Started by %s' % forum_user.username, 'posts_per_page': get_posts_per_page(request.user), }, template_object_name='topic')
def delete_post(request, post_id): """ Deletes a Post after deletion is confirmed via POST. A request to delete the first post in a Topic is interpreted as a request to delete the Topic itself. """ filters = {'pk': post_id} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['topic__hidden'] = False post = get_object_or_404(Post.objects.with_user_details(), **filters) topic = post.topic if not auth.user_can_edit_post(request.user, post, topic): return permission_denied( request, message='You do not have permission to delete this post.') if post.num_in_topic == 1 and not post.meta: return delete_topic(request, post.topic_id) if app_settings.USE_REDIS: redis.seen_user(request.user, 'Deleting a post in:', topic) if request.method == 'POST': post.delete() url = post.meta and topic.get_meta_url() or topic.get_absolute_url() return HttpResponseRedirect(url) else: forum = Forum.objects.select_related().get(pk=topic.forum_id) return render( request, 'forum/delete_post.html', { 'post': post, 'topic': topic, 'forum': forum, 'section': forum.section, 'title': 'Delete Post', 'avatar_dimensions': get_avatar_dimensions(), })
def topic_post_summary(request, topic_id): """ Displays a summary of Users who have posted in the given Topic and the number of Posts they have made. """ filters = {'pk': topic_id} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic.objects.with_display_details(), **filters) post_opts = Post._meta post_table = qn(post_opts.db_table) meta = qn(post_opts.get_field('meta').column) topic_fk = qn(post_opts.get_field('topic').column) user_fk = qn(post_opts.get_field('user').column) user_opts = User._meta user_table = qn(user_opts.db_table) user_pk = qn(user_opts.pk.column) users = User.objects.extra( select={'post_count': """SELECT COUNT(%(post_pk)s) FROM %(post)s WHERE %(topic_fk)s=%%s AND %(user_fk)s=%(user)s.%(user_pk)s AND %(meta)s=%%s""" % { 'post_pk': qn(post_opts.pk.column), 'post': post_table, 'topic_fk': topic_fk, 'user_fk': user_fk, 'user': user_table, 'user_pk': user_pk, 'meta': meta, }}, select_params=[topic.pk, False], where=["""%(user)s.%(user_pk)s IN ( SELECT DISTINCT %(user_fk)s FROM %(post)s WHERE %(topic_fk)s=%%s AND %(meta)s=%%s)""" % { 'user': user_table, 'user_pk': user_pk, 'user_fk': user_fk, 'post': post_table, 'topic_fk': topic_fk, 'meta': meta, }], params=[topic.pk, False], ).order_by('-post_count') if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, 'Viewing Post Summary for:', topic) return render(request, 'forum/topic_post_summary.html', { 'topic': topic, 'users': users, 'title': 'Users who posted in %s' % topic.title, })
def can_see_post_actions(user, topic): """ Returns ``True`` if the given User should be able to see the post action list for posts in the given topic, ``False`` otherwise. This function is used as part of ensuring that moderators have unrestricted access to locked Topics. """ if user.is_authenticated(): return not topic.locked or auth.is_moderator(user) else: return False
def forum_detail(request, forum_id): """ Displays a Forum's Topics. """ forum = get_object_or_404(Forum.objects.select_related(), pk=forum_id) topic_filters = { 'forum': forum, 'pinned': False, } if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): topic_filters['hidden'] = False # Get a page of topics topics_per_page = get_topics_per_page(request.user) paginator = Paginator( Topic.objects.with_user_details().filter(**topic_filters), topics_per_page) page = get_page_or_404(request, paginator) topics = list(page.object_list) context = { 'section': forum.section, 'forum': forum, 'topic_list': topics, 'title': forum.name, 'posts_per_page': get_posts_per_page(request.user), 'is_paginated': paginator.num_pages > 1, 'has_next': page.has_next(), 'has_previous': page.has_previous(), 'page': page.number, 'next': page.next_page_number(), 'previous': page.previous_page_number(), 'pages': paginator.num_pages, 'hits': paginator.count, } # Get pinned topics too if we're on the first page and add the # current user's last read details to all topics. if page.number == 1: topic_filters['pinned'] = True pinned_topics = list(Topic.objects.with_user_details() \ .filter(**topic_filters) \ .order_by('-started_at')) context['pinned_topics'] = pinned_topics if app_settings.USE_REDIS: Topic.objects.add_last_read_times(topics + pinned_topics, request.user) Topic.objects.add_view_counts(topics + pinned_topics) elif app_settings.USE_REDIS: Topic.objects.add_last_read_times(topics, request.user) Topic.objects.add_view_counts(topics) if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, 'Viewing:', forum) return render(request, 'forum/forum_detail.html', context)
def forum_detail(request, forum_id): """ Displays a Forum's Topics. """ forum = get_object_or_404(Forum.objects.select_related(), pk=forum_id) topic_filters = { 'forum': forum, 'pinned': False, } if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): topic_filters['hidden'] = False # Get a page of topics topics_per_page = get_topics_per_page(request.user) paginator = Paginator( Topic.objects.with_user_details().filter(**topic_filters), topics_per_page) page = get_page_or_404(request, paginator) topics = list(page.object_list) context = { 'section': forum.section, 'forum': forum, 'topic_list': topics, 'title': forum.name, 'posts_per_page': get_posts_per_page(request.user), 'is_paginated': paginator.num_pages > 1, 'has_next': page.has_next(), 'has_previous': page.has_previous(), 'page': page.number, 'next': page.next_page_number(), 'previous': page.previous_page_number(), 'pages': paginator.num_pages, 'hits' : paginator.count, } # Get pinned topics too if we're on the first page and add the # current user's last read details to all topics. if page.number == 1: topic_filters['pinned'] = True pinned_topics = list(Topic.objects.with_user_details() \ .filter(**topic_filters) \ .order_by('-started_at')) context['pinned_topics'] = pinned_topics if app_settings.USE_REDIS: Topic.objects.add_last_read_times(topics + pinned_topics, request.user) Topic.objects.add_view_counts(topics + pinned_topics) elif app_settings.USE_REDIS: Topic.objects.add_last_read_times(topics, request.user) Topic.objects.add_view_counts(topics) if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, 'Viewing:', forum) return render(request, 'forum/forum_detail.html', context)
def forum_detail(request, forum_id): """ Displays a Forum's Topics. """ forum = get_object_or_404(Forum.objects.select_related(), pk=forum_id) topic_filters = {"forum": forum, "pinned": False} if not request.user.is_authenticated() or not auth.is_moderator(request.user): topic_filters["hidden"] = False # Get a page of topics topics_per_page = get_topics_per_page(request.user) paginator = Paginator(Topic.objects.with_user_details().filter(**topic_filters), topics_per_page) page = get_page_or_404(request, paginator) topics = list(page.object_list) context = { "section": forum.section, "forum": forum, "topic_list": topics, "title": forum.name, "posts_per_page": get_posts_per_page(request.user), "is_paginated": paginator.num_pages > 1, "has_next": page.has_next(), "has_previous": page.has_previous(), "page": page.number, "next": page.next_page_number(), "previous": page.previous_page_number(), "pages": paginator.num_pages, "hits": paginator.count, } # Get pinned topics too if we're on the first page and add the # current user's last read details to all topics. if page.number == 1: topic_filters["pinned"] = True pinned_topics = list(Topic.objects.with_user_details().filter(**topic_filters).order_by("-started_at")) context["pinned_topics"] = pinned_topics if app_settings.USE_REDIS: Topic.objects.add_last_read_times(topics + pinned_topics, request.user) Topic.objects.add_view_counts(topics + pinned_topics) elif app_settings.USE_REDIS: Topic.objects.add_last_read_times(topics, request.user) Topic.objects.add_view_counts(topics) if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, "Viewing:", forum) return render(request, "forum/forum_detail.html", context)
def new_posts(request): """ Displays all Topics which have had new posts in the last fortnight, those with newest Posts first. """ filters = {"last_post_at__gte": datetime.date.today() - datetime.timedelta(days=14)} if not auth.is_moderator(request.user): filters["hidden"] = False queryset = Topic.objects.with_forum_and_user_details().filter(**filters).order_by("-last_post_at") if app_settings.USE_REDIS: redis.seen_user(request.user, 'Viewing: <a href="%s">New Posts</a>' % reverse("forum_new_posts")) return object_list( request, queryset, paginate_by=get_topics_per_page(request.user), allow_empty=True, template_name="forum/new_posts.html", extra_context={"title": "New Posts", "posts_per_page": get_posts_per_page(request.user)}, template_object_name="topic", )
def redirect_to_post(request, post_id, post=None): """ Redirects to the appropriate Topic page containing the given Post. If the Post itself is also given it will not be looked up, saving a database query. """ if post is None: filters = {"pk": post_id} if not request.user.is_authenticated() or not auth.is_moderator(request.user): filters["topic__hidden"] = False post = get_object_or_404(Post, **filters) posts_per_page = get_posts_per_page(request.user) page, remainder = divmod(post.num_in_topic, posts_per_page) if post.num_in_topic < posts_per_page or remainder != 0: page += 1 url_name = post.meta and "forum_topic_meta_detail" or "forum_topic_detail" return HttpResponseRedirect( "%s?page=%s&#post%s" % (reverse(url_name, args=(smart_unicode(post.topic_id),)), page, post_id) )
def redirect_to_post(request, post_id, post=None): """ Redirects to the appropriate Topic page containing the given Post. If the Post itself is also given it will not be looked up, saving a database query. """ if post is None: filters = {'pk': post_id} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['topic__hidden'] = False post = get_object_or_404(Post, **filters) posts_per_page = get_posts_per_page(request.user) page, remainder = divmod(post.num_in_topic, posts_per_page) if post.num_in_topic < posts_per_page or remainder != 0: page += 1 url_name = post.meta and 'forum_topic_meta_detail' or 'forum_topic_detail' return HttpResponseRedirect('%s?page=%s&#post%s' \ % (reverse(url_name, args=(smart_unicode(post.topic_id),)), page, post_id))
def delete_post(request, post_id): """ Deletes a Post after deletion is confirmed via POST. A request to delete the first post in a Topic is interpreted as a request to delete the Topic itself. """ filters = {"pk": post_id} if not request.user.is_authenticated() or not auth.is_moderator(request.user): filters["topic__hidden"] = False post = get_object_or_404(Post.objects.with_user_details(), **filters) topic = post.topic if not auth.user_can_edit_post(request.user, post, topic): return permission_denied(request, message="You do not have permission to delete this post.") if post.num_in_topic == 1 and not post.meta: return delete_topic(request, post.topic_id) if app_settings.USE_REDIS: redis.seen_user(request.user, "Deleting a post in:", topic) if request.method == "POST": post.delete() url = post.meta and topic.get_meta_url() or topic.get_absolute_url() return HttpResponseRedirect(url) else: forum = Forum.objects.select_related().get(pk=topic.forum_id) return render( request, "forum/delete_post.html", { "post": post, "topic": topic, "forum": forum, "section": forum.section, "title": "Delete Post", "avatar_dimensions": get_avatar_dimensions(), }, )
def user_topics(request, user_id): """ Displays Topics created by a given User. """ forum_user = get_object_or_404(User, pk=user_id) filters = {"user": forum_user} if not request.user.is_authenticated() or not auth.is_moderator(request.user): filters["hidden"] = False queryset = Topic.objects.with_forum_details().filter(**filters).order_by("-started_at") if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, "Viewing topics by:", forum_user) return object_list( request, queryset, paginate_by=get_topics_per_page(request.user), allow_empty=True, template_name="forum/user_topics.html", extra_context={ "forum_user": forum_user, "title": "Topics Started by %s" % forum_user.username, "posts_per_page": get_posts_per_page(request.user), }, template_object_name="topic", )
def topic_post_summary(request, topic_id): """ Displays a summary of Users who have posted in the given Topic and the number of Posts they have made. """ filters = {'pk': topic_id} if not request.user.is_authenticated() or \ not auth.is_moderator(request.user): filters['hidden'] = False topic = get_object_or_404(Topic.objects.with_display_details(), **filters) post_opts = Post._meta post_table = qn(post_opts.db_table) meta = qn(post_opts.get_field('meta').column) topic_fk = qn(post_opts.get_field('topic').column) user_fk = qn(post_opts.get_field('user').column) user_opts = User._meta user_table = qn(user_opts.db_table) user_pk = qn(user_opts.pk.column) users = User.objects.extra( select={ 'post_count': """SELECT COUNT(%(post_pk)s) FROM %(post)s WHERE %(topic_fk)s=%%s AND %(user_fk)s=%(user)s.%(user_pk)s AND %(meta)s=%%s""" % { 'post_pk': qn(post_opts.pk.column), 'post': post_table, 'topic_fk': topic_fk, 'user_fk': user_fk, 'user': user_table, 'user_pk': user_pk, 'meta': meta, } }, select_params=[topic.pk, False], where=[ """%(user)s.%(user_pk)s IN ( SELECT DISTINCT %(user_fk)s FROM %(post)s WHERE %(topic_fk)s=%%s AND %(meta)s=%%s)""" % { 'user': user_table, 'user_pk': user_pk, 'user_fk': user_fk, 'post': post_table, 'topic_fk': topic_fk, 'meta': meta, } ], params=[topic.pk, False], ).order_by('-post_count') if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, 'Viewing Post Summary for:', topic) return render( request, 'forum/topic_post_summary.html', { 'topic': topic, 'users': users, 'title': 'Users who posted in %s' % topic.title, })
def topic_post_summary(request, topic_id): """ Displays a summary of Users who have posted in the given Topic and the number of Posts they have made. """ filters = {"pk": topic_id} if not request.user.is_authenticated() or not auth.is_moderator(request.user): filters["hidden"] = False topic = get_object_or_404(Topic.objects.with_display_details(), **filters) post_opts = Post._meta post_table = qn(post_opts.db_table) meta = qn(post_opts.get_field("meta").column) topic_fk = qn(post_opts.get_field("topic").column) user_fk = qn(post_opts.get_field("user").column) user_opts = User._meta user_table = qn(user_opts.db_table) user_pk = qn(user_opts.pk.column) users = User.objects.extra( select={ "post_count": """SELECT COUNT(%(post_pk)s) FROM %(post)s WHERE %(topic_fk)s=%%s AND %(user_fk)s=%(user)s.%(user_pk)s AND %(meta)s=%%s""" % { "post_pk": qn(post_opts.pk.column), "post": post_table, "topic_fk": topic_fk, "user_fk": user_fk, "user": user_table, "user_pk": user_pk, "meta": meta, } }, select_params=[topic.pk, False], where=[ """%(user)s.%(user_pk)s IN ( SELECT DISTINCT %(user_fk)s FROM %(post)s WHERE %(topic_fk)s=%%s AND %(meta)s=%%s)""" % { "user": user_table, "user_pk": user_pk, "user_fk": user_fk, "post": post_table, "topic_fk": topic_fk, "meta": meta, } ], params=[topic.pk, False], ).order_by("-post_count") if app_settings.USE_REDIS and request.user.is_authenticated(): redis.seen_user(request.user, "Viewing Post Summary for:", topic) return render( request, "forum/topic_post_summary.html", {"topic": topic, "users": users, "title": "Users who posted in %s" % topic.title}, )