def like(request, comment_id, next=None):
"""
Like a comment. Confirmation on GET, action on POST.
Templates: :template:`django_comments_xtd/like.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(), pk=comment_id,
site__pk=settings.SITE_ID)
next = comment.get_absolute_url()
if request.user.is_authenticated():
if not has_app_model_option(comment)['allow_feedback']:
ctype = ContentType.objects.get_for_model(comment.content_object)
raise Http404("Comments posted to instances of '%s.%s' are not "
"explicitly allowed to receive 'liked it' flags. "
"Check the COMMENTS_XTD_APP_MODEL_OPTIONS "
"setting." % (ctype.app_label, ctype.model))
perform_like(request, comment)
return next_redirect(request,
fallback=next or 'comments-xtd-like-done',
c=comment.pk)
messages.error(request, '只有登录用户才能点赞, 请在侧边栏内登录再尝试点赞!', extra_tags='bg-warning text-warning')
return next_redirect(request,
fallback=next or 'comments-xtd-like-done',
c=comment.pk)
def post_finderchart(request, next=None):
data = request.POST.copy()
content_type = data.get("content_type")
object_id = data.get("object_id")
if content_type is None or object_id is None:
return ValueError("Missing content type or object id")
c_type = ContentType.objects.get(pk=content_type)
model = c_type.model_class()
target = model.objects.get(pk=object_id)
finder_chart_form = FinderChartForm(data)
if not finder_chart_form.is_valid():
messages.error(request, "Finder Chart form invalid")
return next_redirect(request, fallback=next or target.get_absolute_url())
date = finder_chart_form.cleaned_data['date']
if c_type.model == 'solarsystemobject':
ra, dec = target.ra_dec_on_date(date)
else:
ra, dec = target.ra, target.dec
settings = FchartSettings(
limiting_magnitude_stars=finder_chart_form.cleaned_data['limiting_magnitude_stars'],
limiting_magnitude_deepsky=finder_chart_form.cleaned_data['limiting_magnitude_deepsky'],
fieldsize=finder_chart_form.cleaned_data['field_of_view'],
)
x_label = str(target) if c_type.model == 'solarsystemobject' else ''
settings.add_target(ra, dec, str(target), content_type, object_id, x_label)
file = generate_fchart(settings)
wrapper = FileWrapper(file)
response = HttpResponse(wrapper, content_type='application/pdf')
response['Content-Length'] = os.path.getsize(file.name)
# Without streaming
# response = HttpResponse(file, content_type='application/pdf')
# response['Content-Disposition'] = 'attachment; filename="{0}"'.format(file.name)
return response
def flag(request, comment_id, next=None):
"""
Flags a comment. Confirmation on GET, action on POST.
Templates: :template:`comments/flag.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(),
pk=comment_id, site__pk=settings.SITE_ID)
if not has_app_model_option(comment)['allow_flagging']:
ctype = ContentType.objects.get_for_model(comment.content_object)
raise Http404("Comments posted to instances of '%s.%s' are not "
"explicitly allowed to receive 'removal suggestion' "
"flags. Check the COMMENTS_XTD_APP_MODEL_OPTIONS "
"setting." % (ctype.app_label, ctype.model))
# Flag on POST
if request.method == 'POST':
perform_flag(request, comment)
return next_redirect(request, fallback=next or 'comments-flag-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/flag.html',
{'comment': comment,
'next': next})
def delete_own_comment(request, comment_id, next=None):
comment = get_object_or_404(get_comment_model(),
pk=comment_id,
user=request.user,
site__pk=get_current_site(request).pk)
# Delete on POST
if request.method == 'POST':
# Flag the comment as deleted instead of actually deleting it.
if comment.user == request.user:
comment.is_removed = True
comment.save()
flag, created = CommentFlag.objects.get_or_create(
comment=comment,
user=request.user,
flag=CommentFlag.MODERATOR_DELETION
)
django_comments_signals.comment_was_flagged.send(
sender=comment.__class__,
comment=comment,
flag=flag,
created=created,
request=request,
)
return next_redirect(request, fallback=next or 'comments-delete-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/own_comment_delete.html', {'comment': comment, "next": next})
def delete(request, comment_id, next=None):
"""
Deletes a comment. Confirmation on GET, action on POST. Requires the "can
moderate comments" permission.
Templates: :template:`comments/delete.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(django_comments.get_model(),
pk=comment_id,
site__pk=get_current_site(request).pk)
# Delete on POST
if request.method == 'POST':
# Flag the comment as deleted instead of actually deleting it.
perform_delete(request, comment)
return next_redirect(request,
fallback=next or 'comments-delete-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/delete.html', {
'comment': comment,
"next": next
})
def dislike(request, comment_id, next=None):
"""
Dislike a comment. Confirmation on GET, action on POST.
Templates: :template:`django_comments_xtd/dislike.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(), pk=comment_id,
site__pk=settings.SITE_ID)
if not has_app_model_option(comment)['allow_feedback']:
ctype = ContentType.objects.get_for_model(comment.content_object)
raise Http404("Comments posted to instances of '%s.%s' are not "
"explicitly allowed to receive 'disliked it' flags. "
"Check the COMMENTS_XTD_APP_MODEL_OPTIONS "
"setting." % (ctype.app_label, ctype.model))
# Flag on POST
if request.method == 'POST':
perform_dislike(request, comment)
return next_redirect(request,
fallback=(next or 'comments-xtd-dislike-done'),
c=comment.pk)
# Render a form on GET
else:
disliked_it = request.user in comment.users_flagging(DISLIKEDIT_FLAG)
return render(request, 'django_comments_xtd/dislike.html',
{'comment': comment,
'already_disliked_it': disliked_it,
'next': next})
def approve(request, comment_id, next=None):
"""
Approve a comment (that is, mark it as public and non-removed). Confirmation
on GET, action on POST. Requires the "can moderate comments" permission.
Templates: :template:`comments/approve.html`,
Context:
comment
the `comments.comment` object for approval
"""
comment = get_object_or_404(django_comments.get_model(),
pk=comment_id,
site__pk=get_current_site(request).pk)
# Delete on POST
if request.method == 'POST':
# Flag the comment as approved.
perform_approve(request, comment)
return next_redirect(request,
fallback=next or 'comments-approve-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/approve.html', {
'comment': comment,
"next": next
})
def approve(request, comment_id, next=None):
"""
Approve a comment (that is, mark it as public and non-removed). Confirmation
on GET, action on POST. Requires the "can moderate comments" permission.
Templates: :template:`comments/approve.html`,
Context:
comment
the `comments.comment` object for approval
"""
comment = get_object_or_404(django_comments.get_model(), pk=comment_id)
# Delete on POST
if request.method == 'POST':
# Flag the comment as approved.
perform_approve(request, comment)
return next_redirect(request, fallback=next or 'comments-approve-done',
c=comment.pk)
# Render a form on GET
else:
return render_to_response(
'comments/approve.html',
{'comment': comment, "next": next},
template.RequestContext(request)
)
def delete(request, comment_id, next=None):
"""
Deletes a comment. Confirmation on GET, action on POST. Requires the "can
moderate comments" permission.
Templates: :template:`comments/delete.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(django_comments.get_model(), pk=comment_id)
# Delete on POST
if request.method == 'POST':
# Flag the comment as deleted instead of actually deleting it.
perform_delete(request, comment)
return next_redirect(request, fallback=next or 'comments-delete-done',
c=comment.pk)
# Render a form on GET
else:
return render_to_response(
'comments/delete.html',
{'comment': comment, "next": next},
template.RequestContext(request)
)
def comments_delete(request, comment_id):
"""Delete comment view."""
comment = get_object_or_404(django_comments.get_model(),
pk=comment_id,
site__pk=settings.SITE_ID)
context = {
'next': request.GET.get('next'),
'comment': comment,
'is_popup': "_popup" in request.REQUEST
}
if request.method == 'POST':
perform_delete(request, comment)
if context['is_popup']:
return render_to_response(
'admin/close_popup.html', context, RequestContext(request))
else:
return next_redirect(
request,
fallback=request.GET.get('next') or 'comments-delete-done',
c=comment.pk)
else:
return render_to_response(
'comments/delete.html', context, RequestContext(request))
def comments_delete(request, comment_id):
"""Delete comment view."""
comment = get_object_or_404(django_comments.get_model(),
pk=comment_id,
site__pk=settings.SITE_ID)
context = {
'next': request.GET.get('next'),
'comment': comment,
'is_popup': "_popup" in request.REQUEST
}
if request.method == 'POST':
perform_delete(request, comment)
if context['is_popup']:
return render_to_response('admin/close_popup.html', context,
RequestContext(request))
else:
return next_redirect(request,
fallback=request.GET.get('next')
or 'comments-delete-done',
c=comment.pk)
else:
return render_to_response('comments/delete.html', context,
RequestContext(request))
def dislike(request, comment_id, next=None):
"""
Dislike a comment. Confirmation on GET, action on POST.
Templates: :template:`django_comments_xtd/dislike.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(), pk=comment_id,
site__pk=settings.SITE_ID)
if not has_app_model_option(comment)['allow_feedback']:
ctype = ContentType.objects.get_for_model(comment.content_object)
raise Http404("Comments posted to instances of '%s.%s' are not "
"explicitly allowed to receive 'disliked it' flags. "
"Check the COMMENTS_XTD_APP_MODEL_OPTIONS "
"setting." % (ctype.app_label, ctype.model))
# Flag on POST
if request.method == 'POST':
perform_dislike(request, comment)
return next_redirect(request,
fallback=(next or 'comments-xtd-dislike-done'),
c=comment.pk)
# Render a form on GET
else:
disliked_it = request.user in comment.users_flagging(DISLIKEDIT_FLAG)
return render(request, 'django_comments_xtd/dislike.html',
{'comment': comment,
'already_disliked_it': disliked_it,
'next': next})
def flag(request, comment_id, next=None):
"""
Flags a comment. Confirmation on GET, action on POST.
Templates: :template:`comments/flag.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(),
pk=comment_id, site__pk=settings.SITE_ID)
if not has_app_model_option(comment)['allow_flagging']:
ctype = ContentType.objects.get_for_model(comment.content_object)
raise Http404("Comments posted to instances of '%s.%s' are not "
"explicitly allowed to receive 'removal suggestion' "
"flags. Check the COMMENTS_XTD_APP_MODEL_OPTIONS "
"setting." % (ctype.app_label, ctype.model))
# Flag on POST
if request.method == 'POST':
perform_flag(request, comment)
return next_redirect(request, fallback=next or 'comments-flag-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/flag.html',
{'comment': comment,
'next': next})
def like(request, comment_id, next=None):
"""
Like a comment. Confirmation on GET, action on POST.
Templates: :template:`django_comments_xtd/like.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(),
pk=comment_id,
site__pk=get_current_site_id(request))
if not get_app_model_options(comment=comment)['allow_feedback']:
ctype = ContentType.objects.get_for_model(comment.content_object)
raise Http404("Comments posted to instances of '%s.%s' are not "
"explicitly allowed to receive 'liked it' flags. "
"Check the COMMENTS_XTD_APP_MODEL_OPTIONS "
"setting." % (ctype.app_label, ctype.model))
# Flag on POST
if request.method == 'POST':
perform_like(request, comment)
return next_redirect(request,
fallback=next or 'comments-xtd-like-done',
c=comment.pk)
# Render a form on GET
else:
flag_qs = comment.flags.prefetch_related('user')\
.filter(flag=LIKEDIT_FLAG)
users_likedit = [item.user for item in flag_qs]
return render(
request, 'django_comments_xtd/like.html', {
'comment': comment,
'already_liked_it': request.user in users_likedit,
'next': next
})
def flag(request, comment_id, next=None):
"""
Flags a comment. Confirmation on GET, action on POST.
Templates: :template:`comments/flag.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(django_comments.get_model(),
pk=comment_id,
site__pk=get_current_site(request).pk)
# Flag on POST
if request.method == 'POST':
perform_flag(request, comment)
return next_redirect(request,
fallback=next or 'comments-flag-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/flag.html', {
'comment': comment,
"next": next
})
def dislike(request, comment_id, next=None):
"""
Dislike a comment. Confirmation on GET, action on POST.
Templates: :template:`django_comments_xtd/dislike.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(),
pk=comment_id,
site__pk=settings.SITE_ID)
# Flag on POST
if request.method == 'POST':
perform_dislike(request, comment)
return next_redirect(request,
fallback=(next or 'comments-xtd-dislike-done'),
c=comment.pk)
# Render a form on GET
else:
already_disliked_it = request.user in comment.users_who_disliked_it()
return render(
request, 'django_comments_xtd/dislike.html', {
'comment': comment,
'already_disliked_it': already_disliked_it,
'next': next
})
def flag(request, comment_id, next=None):
"""
Flags a comment. Confirmation on GET, action on POST.
Templates: :template:`comments/flag.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID)
# Flag on POST
if request.method == 'POST':
perform_flag(request, comment)
return next_redirect(request, fallback=next or 'comments-flag-done',
c=comment.pk)
# Render a form on GET
else:
return render(request, 'comments/flag.html', {'comment': comment, "next": next})
def credit(request, comment_id, next=None):
"""
Credit a comment (that is, mark it as public and non-removed). Confirmation
on GET, action on POST. Requires the "can moderate comments" permission.
Templates: `comments/credit.html`,
Context:
comment
the `comments.comment` object for approval
"""
comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID)
# Delete on POST
if request.method == 'POST':
# Flag the comment as creditd.
perform_credit(request, comment)
return next_redirect(request.POST.copy(), next, credit_done, c=comment.pk)
# Render a form on GET
else:
return render_to_response('comments/credit.html',
{'comment': comment, "next": next},
template.RequestContext(request)
)
def dislike(request, comment_id, next=None):
"""
Dislike a comment. Confirmation on GET, action on POST.
Templates: :template:`django_comments_xtd/dislike.html`,
Context:
comment
the flagged `comments.comment` object
"""
comment = get_object_or_404(get_comment_model(), pk=comment_id,
site__pk=settings.SITE_ID)
# Flag on POST
if request.method == 'POST':
perform_dislike(request, comment)
return next_redirect(request,
fallback=(next or 'comments-xtd-dislike-done'),
c=comment.pk)
# Render a form on GET
else:
already_disliked_it = request.user in comment.users_who_disliked_it()
return render(request, 'django_comments_xtd/dislike.html',
{'comment': comment,
'already_disliked_it': already_disliked_it,
'next': next})
def edit(request, comment_id, next=None):
"""
Edit a comment.
Requires HTTP POST and "can change comments" or "can moderate comments",
permission. Users can also only edit comments they own, unless they are
granted "comments.can_moderate" permissions.
If ``POST['submit'] == "preview"`` or there are errors,
a preview template ``comments/preview.html`` will be rendered.
Templates: `comments/edit.html`,
Context:
comment
the `comments.comment` object to be edited.
"""
comment = get_object_or_404(
get_model(), pk=comment_id, site__pk=settings.SITE_ID
)
# Make sure user has correct permissions to change the comment,
# or return a 401 Unauthorized error.
if not (request.user == comment.user and request.user.has_perm("comments.change_comment")
or request.user.has_perm("comments.can_moderate")):
return HttpResponse("Unauthorized", status=401)
# Populate POST data with all required initial data
# unless they are already in POST
data = request.POST.copy()
if not data.get("user_name", ""):
data["user_name"] = request.user.get_full_name() or request.user.username
if not data.get("user_email"):
data["user_email"] = request.user.email
next = data.get("next", next)
CommentEditForm = comments_extension.get_edit_form()
form = CommentEditForm(data, instance=comment)
if form.security_errors():
# NOTE: security hash fails!
return CommentEditBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
# If there are errors, or if a preview is requested
if form.errors or "preview" in data:
app_label, model = (form.instance.content_type.app_label, form.instance.content_type.model)
template_search_list = [
"comments/%s/%s/edit-preview.html" % (app_label, model),
"comments/%s/edit-preview.html" % model,
"comments/edit-preview.html"
]
return render_to_response(
template_search_list, {
"comment_obj": comment,
"comment": form.data.get("comment", ""),
"form": form,
"next": next,
},
RequestContext(request, {})
)
# Otherwise, try to save the comment and emit signals
if form.is_valid():
MODERATOR_EDITED = "moderator edited"
flag, created = CommentFlag.objects.get_or_create(
comment = form.instance,
user = request.user,
flag = MODERATOR_EDITED
)
form.instance.is_removed = False
form.save()
comment_was_flagged.send(
sender = comment.__class__,
comment = comment,
flag = flag,
created = created,
request = request
)
return utils.next_redirect(
request, fallback=next or 'comments-comment-done', c=comment._get_pk_val()
)
else:
# If we got here, raise Bad Request error.
return CommentEditBadRequest("Could not complete request!")
def post_comment(request, next=None, *args, **kwargs):
"""
Post a comment.
HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Require POST
if request.method != 'POST':
return HttpResponseNotAllowed(["POST"])
is_ajax = request.POST.get('is_ajax') and '_ajax' or ''
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name()
if not data.get('email', ''):
data["email"] = request.user.email
response = _lookup_content_object(data)
if isinstance(response, HttpResponse):
return response
else:
target, parent_comment, model = response
# Do we want to preview the comment?
preview = data.get("submit", "").lower() == "preview" or \
data.get("preview", None) is not None
# Construct the comment form
form = get_form()(target, parent_comment=parent_comment, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
"comments/%s_%s_preview%s.html" % tuple(str(model._meta).split(".") + [is_ajax]),
"comments/%s_preview%s.html" % (model._meta.app_label, is_ajax),
"comments/preview%s.html" % is_ajax
]
data = {
'comment': form.data.get("comment", ""),
'parent': parent_comment,
'level': parent_comment and parent_comment.level + 1 or 0,
'title': form.data.get("title", ""),
'submit_date': datetime.datetime.now(),
'rght': 0,
'lft': 0,
'user': request.user,
'user_name' : request.user.username,
}
comment = get_model()(**data)
return TemplateResponse(request, template_list, {
"comment" : comment,
"preview" : True,
"form" : form,
"allow_post": not form.errors,
"is_ajax" : is_ajax,
})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
comment.user_name = request.user.username
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender = comment.__class__,
comment = comment,
request = request
)
for (receiver, response) in responses:
if response == False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender = comment.__class__,
comment = comment,
request = request
)
return next_redirect(request, 'comments-comment-done%s' % (is_ajax and '-ajax' or ''), c=comment._get_pk_val())
def post(self, request, next=None, using=None):
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
data["name"] = request.user.get_full_name() or request.user.get_username()
data["email"] = request.user.email
# Look up the object we're trying to comment about
result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using)
if isinstance(result, CommentPostBadRequest):
return result
else:
model, target = result
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest("The comment form failed security verification: %s" %
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore
# format for preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(request, template_list, {
"comment": form.data.get("comment", ""),
"form": form,
"next": data.get("next", next),
})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
html_comment, tags = form.process_tags()
comment.comment = html_comment
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request)
# Add the tags that are extracted from the comment
comment.tags.add(*tags)
return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def form_valid(self, form):
form.save()
return next_redirect(self.request, fallback='comments-edit-done',
c=self.object.pk)
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name() or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
return CommentPostBadRequest(
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
return CommentPostBadRequest(
"The given content-type %r does not resolve to a valid model." % escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % (
escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % (
escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(request, template_list, {
"comment": form.data.get("comment", ""),
"form": form,
"next": data.get("next", next),
},
)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated():
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
return next_redirect(request, fallback=next or 'comments-comment-done',
c=comment._get_pk_val())
def post_comment(request, next=None, *args, **kwargs):
"""
Post a comment.
HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Require POST
if request.method != 'POST':
return HttpResponseNotAllowed(["POST"])
is_ajax = request.POST.get('is_ajax') and '_ajax' or ''
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name()
if not data.get('email', ''):
data["email"] = request.user.email
response = _lookup_content_object(data)
if isinstance(response, HttpResponse):
return response
else:
target, parent_comment, model = response
# Do we want to preview the comment?
preview = data.get("submit", "").lower() == "preview" or \
data.get("preview", None) is not None
# Construct the comment form
form = get_form()(target, parent_comment=parent_comment, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
"comments/%s_%s_preview%s.html" %
tuple(str(model._meta).split(".") + [is_ajax]),
"comments/%s_preview%s.html" % (model._meta.app_label, is_ajax),
"comments/preview%s.html" % is_ajax
]
data = {
'comment': form.data.get("comment", ""),
'parent': parent_comment,
'level': parent_comment and parent_comment.level + 1 or 0,
'title': form.data.get("title", ""),
'submit_date': datetime.datetime.now(),
'rght': 0,
'lft': 0,
'user': request.user,
'user_name': request.user.username,
}
comment = get_model()(**data)
return TemplateResponse(
request, template_list, {
"comment": comment,
"preview": True,
"form": form,
"allow_post": not form.errors,
"is_ajax": is_ajax,
})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
comment.user_name = request.user.username
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__,
comment=comment,
request=request)
for (receiver, response) in responses:
if response == False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" %
receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__,
comment=comment,
request=request)
return next_redirect(request,
'comments-comment-done%s' %
(is_ajax and '-ajax' or ''),
c=comment._get_pk_val())
def edit(request, comment_id, next=None):
"""
Edit a comment.
Requires HTTP POST and "can change comments" or "can moderate comments",
permission. Users can also only edit comments they own, unless they are
granted "comments.can_moderate" permissions.
If ``POST['submit'] == "preview"`` or there are errors,
a preview template ``comments/preview.html`` will be rendered.
Templates: `comments/edit.html`,
Context:
comment
the `comments.comment` object to be edited.
"""
comment = get_object_or_404(get_model(),
pk=comment_id,
site__pk=settings.SITE_ID)
# Make sure user has correct permissions to change the comment,
# or return a 401 Unauthorized error.
if not (request.user == comment.user
and request.user.has_perm("comments.change_comment")
or request.user.has_perm("comments.can_moderate")):
return HttpResponse("Unauthorized", status=401)
# Populate POST data with all required initial data
# unless they are already in POST
data = request.POST.copy()
if not data.get("user_name", ""):
data["user_name"] = request.user.get_full_name(
) or request.user.username
if not data.get("user_email"):
data["user_email"] = request.user.email
next = data.get("next", next)
CommentEditForm = comments_extension.get_edit_form()
form = CommentEditForm(data, instance=comment)
if form.security_errors():
# NOTE: security hash fails!
return CommentEditBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
# If there are errors, or if a preview is requested
if form.errors or "preview" in data:
app_label, model = (form.instance.content_type.app_label,
form.instance.content_type.model)
template_search_list = [
"comments/%s/%s/edit-preview.html" % (app_label, model),
"comments/%s/edit-preview.html" % model,
"comments/edit-preview.html"
]
return render_to_response(
template_search_list, {
"comment_obj": comment,
"comment": form.data.get("comment", ""),
"form": form,
"next": next,
}, RequestContext(request, {}))
# Otherwise, try to save the comment and emit signals
if form.is_valid():
MODERATOR_EDITED = "moderator edited"
flag, created = CommentFlag.objects.get_or_create(
comment=form.instance, user=request.user, flag=MODERATOR_EDITED)
form.instance.is_removed = False
form.save()
comment_was_flagged.send(sender=comment.__class__,
comment=comment,
flag=flag,
created=created,
request=request)
return utils.next_redirect(request,
fallback=next or 'comments-comment-done',
c=comment._get_pk_val())
else:
# If we got here, raise Bad Request error.
return CommentEditBadRequest("Could not complete request!")
def form_valid(self, form):
form.save()
return next_redirect(self.request,
fallback='comments-edit-done',
c=self.object.pk)
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
try:
user_is_authenticated = request.user.is_authenticated()
except TypeError: # Django >= 1.11
user_is_authenticated = request.user.is_authenticated
if user_is_authenticated:
if not data.get('name', ''):
data["name"] = request.user.get_full_name() or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
# 添加
if not request.session.get('login', None) and not user_is_authenticated:
return redirect("/")
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
return CommentPostBadRequest(
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
return CommentPostBadRequest(
"The given content-type %r does not resolve to a valid model." % escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % (
escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % (
escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(request, template_list, {
"comment": form.data.get("comment", ""),
"form": form,
"next": data.get("next", next),
},
)
# Otherwise create the comment
comment = form.get_comment_object(site_id=get_current_site(request).id)
comment.ip_address = request.META.get("REMOTE_ADDR", None)
# if user_is_authenticated:
# comment.user = request.user
#添加
if request.session.get('login',None):
comment.user_name = request.session['screen_name']
comment.user_img = request.session['profile_image_url']
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
return next_redirect(request, fallback=next or 'comments-comment-done',
c=comment._get_pk_val())
def post(self, request, next=None, using=None):
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
data["name"] = request.user.get_full_name() or request.user.get_username()
data["email"] = request.user.email
# Look up the object we're trying to comment about
result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using)
if isinstance(result, CommentPostBadRequest):
return result
else:
model, target = result
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % escape(str(form.security_errors()))
)
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore
# format for preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(
request,
template_list,
{"comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next)},
)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
html_comment, tags = form.process_tags()
comment.comment = html_comment
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__
)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request)
# Add the tags that are extracted from the comment
comment.tags.add(*tags)
return next_redirect(request, fallback=next or "comments-comment-done", c=comment._get_pk_val())
