def comment_post_wrapper( request ):
if not request.user.is_authenticated():
return HttpResponseRedirect('/knowledgebase/login/')
post_comment( request )
# redirecting to the same item
entity = request.POST.get('content_type', "statement").replace('maps.','')
ntt_id = int( request.POST.get('object_pk', 8) )
return HttpResponseRedirect( '/knowledgebase/map/' + entity + '/' + str(ntt_id) )
def form_valid(self, form):
self.request.POST = self.request.POST.copy()
self.request.POST['name'] = ''
self.request.POST['url'] = ''
self.request.POST['email'] = ''
self.request.POST['parent'] = self.kwargs['parent']
post_comment(self.request)
messages.success(self.request, _('Reply successfully created.'))
return redirect('/admin/modeladmin/commenting/molocomment/')
def comment_post_wrapper(request):
if request.user.is_authenticated():
# In case of a reply, check that the user is answering a comment of his own ad
object_pk = request.POST.get('object_pk', '')
if int(request.POST.get('reply_to', 0)) > 0:
if (Ad.objects.get(pk=object_pk).author == request.user):
return post_comment(
request) # VER SI ESTE ES EL POST, o EL DE COMMENT XTD
else:
if (Ad.objects.get(pk=object_pk).author != request.user):
return post_comment(
request) # VER SI ESTE ES EL POST, o EL DE COMMENT XTD
return HttpResponse('Unauthorized', status=401)
def proxy_post_comment(request, next=None, using=None):
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
return CommentPostBadRequest(
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
return CommentPostBadRequest(
"The given content-type %r does not resolve to a valid model." % escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % (
escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % (
escape(ctype), escape(object_pk), e.__class__.__name__))
mail_has_commented.delay(request.user.username, data['comment'])
if not request.user.is_admin:
ActionService.comment(request.user, target)
return post_comment(request, next, using)
def comment_post_wrapper(request):
# Clean the request to prevent form spoofing
if request.user.is_authenticated:
if not (request.user.get_full_name() == request.POST['name'] or \
request.user.email == request.POST['email']):
return HttpResponse("Error 403: You're an evil hacker")
return post_comment(request)
return HttpResponse("Error 403: You're an evil hacker")
def comment_post_wrapper(request):
# Clean the request to prevent form spoofing
if request.user.is_authenticated():
if not (request.user.get_full_name() == request.POST['name'] or \
request.user.email == request.POST['email']):
return HttpResponse("Error 403: You're an evil hacker")
return post_comment(request)
return HttpResponse("Error 403: You're an evil hacker")
def form_valid(self, form):
self.request.POST = self.request.POST.copy()
self.request.POST['name'] = ''
self.request.POST['url'] = ''
self.request.POST['email'] = ''
self.request.POST['parent'] = self.kwargs['parent']
reply = post_comment(self.request, next=self.success_url)
messages.success(self.request, _('Reply successfully created.'))
return reply
def post_diary_comment(data, diary_entry, auth_user=None):
request = request_factory.post(
reverse('diary-detail', kwargs={'year': diary_entry.publish.year,
'month': diary_entry.publish.month,
'day': diary_entry.publish.day}),
data=data, follow=True)
if auth_user:
request.user = auth_user
else:
request.user = AnonymousUser()
request._dont_enforce_csrf_checks = True
return comments.post_comment(request)
def post_article_comment(data, article, auth_user=None):
request = request_factory.post(
reverse('article-detail', kwargs={'year': article.publish.year,
'month': article.publish.month,
'day': article.publish.day,
'slug': article.slug}),
data=data, follow=True)
if auth_user:
request.user = auth_user
else:
request.user = AnonymousUser()
request._dont_enforce_csrf_checks = True
return comments.post_comment(request)
def post_molo_comment(request, next=None, using=None):
"""
Allows for posting of a Molo Comment, this allows comments to
be set with the "user_name" as "Anonymous"
"""
data = request.POST.copy()
if 'submit_anonymously' in data:
data['name'] = _('Anonymous')
# replace with our changed POST data
# ensure we always set an email
data['email'] = request.user.email or '*****@*****.**'
request.POST = data
return post_comment(request, next=next, using=next)
def post_rating(request, url='/ratings/posted/', maxcomments=1):
"""Wrap django.contrib.comments.views.comments.post_comment, so that we can control where the user
is returned after submit, also add the ability to control the maximum number of ratings per user
per product.
"""
if request.method != "POST":
raise Http404(_("One or more of the required fields wasn't submitted"))
if 'url' in request.POST:
url = request.POST['url']
response = post_comment(request)
if maxcomments > 0 and not request.user.is_anonymous():
try:
target = request.POST['target']
except KeyError:
raise Http404(
_("One or more of the required fields wasn't submitted"))
content_type_id, object_id = target.split(':')
try:
ct = ContentType.objects.get(pk=content_type_id)
except ContentType.DoesNotExist:
raise Http404(_("Bad ContentType: %s" % content_type_id))
comments = Comment.objects.filter(
object_id__exact=object_id,
content_type__app_label__exact=ct.app_label,
content_type__model__exact=ct.model,
site__exact=Site.objects.get_current(),
is_public__exact=True,
user__exact=request.user.id).order_by('submit_date')
ct = len(comments)
if ct > maxcomments:
log.debug("Got %i comments for user - removing all but %i", ct,
maxcomments)
for c in comments:
c.delete()
ct -= 1
if ct == maxcomments: break
return HttpResponseRedirect(url)
def comments_post(request):
"""Post comment view."""
if not request.POST.get('comment'):
return HttpResponseRedirect(request.REQUEST.get('next'))
return post_comment(request)
def post_comment_wrapper(request):
if not request.user.is_authenticated:
return HttpResponseRedirect('/tickets')
return post_comment(request)
def post_comment_wrapper(request):
if not request.user.is_authenticated:
return HttpResponseRedirect('/tickets')
return post_comment(request)
def login_required_post_comment(*args, **kwargs):
return post_comment(*args, **kwargs)
def login_required_post_comment(request, *args, **kwargs):
if not review_requested() or is_admin_or_root(request.user):
return post_comment(request, *args, **kwargs)
else:
return CommentPostBadRequest("Comment not allowed.")
def comments_post(request):
"""Post comment view."""
if not request.POST.get('comment'):
return HttpResponseRedirect(request.REQUEST.get('next'))
return post_comment(request)
