def add_comment_for_object(
object: Model,
user: AbstractBaseUser,
content: str,
) -> Comment:
"""A simple utility to add a comment for given object by given user."""
# Adding comment is the easiest to achieve using comment form methods.
CommentForm = get_form()
security_data = CommentForm(object).generate_security_data()
data = {
"honeypot": "",
"comment": content,
"name": user.get_username(),
**security_data,
}
form = CommentForm(object, data=data)
comment = form.get_comment_object()
comment.user = user
# Original code in django_comments emits `comment_will_be_posted` signal at this
# point and checks if any of the receivers prevents comment from posting. For
# simplicity this behavior has not been implemented here.
comment.save()
return comment
def reply(request, cid):
try:
comment = XtdComment.objects.get(pk=cid)
except (XtdComment.DoesNotExist):
raise Http404
if comment.level == max_thread_level_for_content_type(comment.content_type):
return render_to_response(
"django_comments_xtd/max_thread_level.html",
{'max_level': settings.COMMENTS_XTD_MAX_THREAD_LEVEL},
context_instance=RequestContext(request))
form = get_form()(comment.content_object, comment=comment)
next = request.GET.get("next", reverse("comments-xtd-sent"))
template_arg = [
"django_comments_xtd/%s/%s/reply.html" % (
comment.content_type.app_label,
comment.content_type.model),
"django_comments_xtd/%s/reply.html" % (
comment.content_type.app_label,),
"django_comments_xtd/reply.html"
]
return render_to_response(template_arg,
{"comment": comment, "form": form, "next": next },
context_instance=RequestContext(request))
def create_comment(data=None, parent=None, target=None, user=None):
from django.test import Client
import django_comments as comments
from django.contrib.sites.models import Site
Comment = comments.get_model()
body = {
'name': 'user_anonymous_name',
'email': '*****@*****.**',
'comment': 'test_comment',
}
if data:
body.update(data)
url = comments.get_form_target()
args = [target if target else Site.objects.all()[0]]
kwargs = {}
if parent is not None:
kwargs['parent'] = str(parent.pk)
body['parent'] = str(parent.pk)
form = comments.get_form()(*args, **kwargs)
body.update(form.generate_security_data())
client = Client()
if user:
client.force_login(user)
client.post(url, body, follow=True)
return Comment.objects.last()
def get_form(self, context):
ctype, object_pk = self.get_target_ctype_pk(context)
if object_pk:
return get_form()(ctype.get_object_for_this_type(pk=object_pk),
parent_comment=None)
else:
return None
def new_comment(request, parent_pk=None, content_type=None, object_pk=None, *args, **kwargs):
"""
Display the form used to post a reply.
Expects a comment_id, and an optionnal 'is_ajax' parameter in request.GET.
"""
is_ajax = request.GET.get('is_ajax') and '_ajax' or ''
data = {
'parent_pk': parent_pk,
'content_type': content_type,
'object_pk': object_pk,
}
response = _lookup_content_object(data)
if isinstance(response, HttpResponse):
return response
else:
target, parent_comment, model = response
# Construct the initial comment form
form = get_form()(target, parent_comment=parent_comment)
template_list = [
"comments/%s_%s_new_form%s.html" % tuple(str(model._meta).split(".") + [is_ajax]),
"comments/%s_new_form%s.html" % (model._meta.app_label, is_ajax),
"comments/new_form%s.html" % is_ajax,
]
return TemplateResponse(request, template_list, { "form" : form })
def new_comment(request,
parent_pk=None,
content_type=None,
object_pk=None,
*args,
**kwargs):
"""
Display the form used to post a reply.
Expects a comment_id, and an optionnal 'is_ajax' parameter in request.GET.
"""
is_ajax = request.GET.get('is_ajax') and '_ajax' or ''
data = {
'parent_pk': parent_pk,
'content_type': content_type,
'object_pk': object_pk,
}
response = _lookup_content_object(data)
if isinstance(response, HttpResponse):
return response
else:
target, parent_comment, model = response
# Construct the initial comment form
form = get_form()(target, parent_comment=parent_comment)
template_list = [
"comments/%s_%s_new_form%s.html" %
tuple(str(model._meta).split(".") + [is_ajax]),
"comments/%s_new_form%s.html" % (model._meta.app_label, is_ajax),
"comments/new_form%s.html" % is_ajax,
]
return TemplateResponse(request, template_list, {"form": form})
def threaded_comment_json(request, comment):
viewer = request.user
coll = ContentType.objects.get_for_model(Collaboration)
all_comments = ThreadedComment.objects.filter(
content_type=coll,
object_pk=comment.content_object.pk,
site__pk=settings.SITE_ID)
all_comments = fill_tree(all_comments)
all_comments = list(annotate_tree_properties(all_comments))
rand = ''.join([choice(ascii_letters) for i in range(5)]) # nosec
citations = threaded_comment_citations(all_comments, viewer)
asset_resource = AssetResource()
sherd_resource = SherdNoteResource()
return {
'type':
'discussion',
'form':
smart_text(django_comments.get_form()(comment.content_object)),
'editing':
True,
'can_edit':
True,
'discussion': {
'id':
comment.id,
'max_length':
COMMENT_MAX_LENGTH,
'thread': [{
'open':
obj.open if hasattr(obj, "open") else None,
'close':
[i for i in obj.close] if hasattr(obj, "close") else None,
'id':
obj.id,
'author':
obj.name,
'author_username':
obj.user.username,
'submit_date':
pretty_date(obj.submit_date),
'title':
obj.title,
'content':
obj.comment,
'can_edit':
True if obj.user == viewer else False
} for obj in all_comments]
},
'assets':
dict([('%s_%s' % (rand, ann.asset.pk),
asset_resource.render_one(request, ann.asset))
for ann in citations if (ann.title != "Annotation Deleted"
and ann.title != 'Asset Deleted')]),
'annotations':
[sherd_resource.render_one(request, ann, rand) for ann in citations],
}
def post(request, template_name='comments/comments.html'):
"""Post a comment"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = \
request.user.get_full_name() or request.user.username
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.get(pk=object_pk)
except:
raise
# Construct the comment form
form = comments.get_form()(target, data=data)
if not form.is_valid():
context_data = {
'object': target,
'form': form,
}
return render(request, template_name, context_data)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated():
comment.user = request.user
# Signal that the comment is about to be saved
comments.signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
# Save the comment and signal that it was saved
comment.is_removed = False
comment.save()
comments.signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
context_data = {
'object': target,
'form': form,
}
return render(request, template_name, context_data)
def add(self):
import time
import django_comments as comments
from django.db import models
comment_form = comments.get_form()
try:
model = models.get_model(*self.content_type.split('.', 1))
targets = model._default_manager.filter(pk__in=self.object_pks)
except:
raise
for target in targets.iterator():
d_form = comment_form(target)
timestamp = str(time.time()).split('.')[0]
object_pk = str(target.pk)
data = {
'content_type': self.content_type,
'object_pk': object_pk,
'timestamp': timestamp,
'comment': self.comment
}
security_hash_dict = {
'content_type': self.content_type,
'object_pk': object_pk,
'timestamp': timestamp
}
data['security_hash'] = d_form.generate_security_hash(
**security_hash_dict)
form = comment_form(target, data=data)
# Response the errors if got
if not form.is_valid():
return form.errors
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = self.request.META.get("REMOTE_ADDR", None)
if self.request.user.is_authenticated():
comment.user = self.request.user
# Signal that the comment is about to be saved
comments.signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=self.request
)
# Save the comment and signal that it was saved
comment.save()
comments.signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=self.request
)
return
def change_comment(request, pk):
comment = get_object_or_404(get_model(), pk=pk)
parent = comment.parent_id
if request.method == 'GET':
form = get_form()(comment.content_object, initial=model_to_dict(get_model().objects.get(id=comment.pk)), parent=parent)
if request.is_ajax():
return JsonResponse({
'form': render_to_string('comments/change_ajax.html', {"comment": comment, "form": form}, RequestContext(request)),
})
elif request.method == 'POST':
target = comment.content_object
author = comment.user
data = request.POST.copy()
if author.is_authenticated():
if not data.get('name', ''):
data["name"] = author.get_full_name() or author.get_username()
if not data.get('email', ''):
data["email"] = author.email
form = get_form()(target, data=data, parent=parent)
if form.is_valid():
comment = form.get_comment_object()
comment.user = author
comment.pk = pk
comment.save()
if request.is_ajax():
return JsonResponse({
'comment': render_to_string('comments/comment_item_ajax.html', {"comment": comment}, RequestContext(request)),
})
else:
if request.is_ajax():
return JsonResponse({
'form': render_to_string('comments/change_ajax.html', {"comment": comment, "form": form}, RequestContext(request)),
})
return render(request, 'comments/change.html', {"comment": comment, "form": form})
def post(request, template_name='comments/comments.html'):
"""Post a comment"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated:
if not data.get('name', ''):
data["name"] = \
request.user.get_full_name() or request.user.username
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
model = utils.get_model(ctype)
target = model._default_manager.get(pk=object_pk)
# Construct the comment form
form = comments.get_form()(target, data=data)
if not form.is_valid():
context_data = {
'object': target,
'form': form,
}
return render(request, template_name, context=context_data)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated:
comment.user = request.user
# Signal that the comment is about to be saved
comments.signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
# Save the comment and signal that it was saved
comment.is_removed = False
comment.save()
comments.signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
context_data = {
'object': target,
'form': form,
}
return render(request, template_name, context=context_data)
def get_form(self, context):
parent_id = None
if self.parent:
parent_id = self.parent.resolve(context, ignore_failures=True)
obj = self.get_object(context)
if obj:
return django_comments.get_form()(obj, parent=parent_id)
else:
return None
def get_form(self, context):
parent_id = None
if self.parent:
parent_id = self.parent.resolve(context, ignore_failures=True)
obj = self.get_object(context)
if obj:
return django_comments.get_form()(obj, parent=parent_id)
else:
return None
def add(self):
import time
import django_comments as comments
from django.db import models
comment_form = comments.get_form()
try:
model = models.get_model(*self.content_type.split('.', 1))
targets = model._default_manager.filter(pk__in=self.object_pks)
except:
raise
for target in targets.iterator():
d_form = comment_form(target)
timestamp = str(time.time()).split('.')[0]
object_pk = str(target.pk)
data = {
'content_type': self.content_type,
'object_pk': object_pk,
'timestamp': timestamp,
'comment': self.comment
}
security_hash_dict = {
'content_type': self.content_type,
'object_pk': object_pk,
'timestamp': timestamp
}
data['security_hash'] = d_form.generate_security_hash(
**security_hash_dict)
form = comment_form(target, data=data)
# Response the errors if got
if not form.is_valid():
return form.errors
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = self.request.META.get("REMOTE_ADDR", None)
if self.request.user.is_authenticated():
comment.user = self.request.user
# Signal that the comment is about to be saved
comments.signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=self.request)
# Save the comment and signal that it was saved
comment.save()
comments.signals.comment_was_posted.send(sender=comment.__class__,
comment=comment,
request=self.request)
return
def test_notify_followers_dupes(self):
# first of all confirm Bob's comment otherwise it doesn't reach DB
self.get_confirm_comment_url(self.key)
# then put in play pull-request-15's assert...
# https://github.com/danirus/django-comments-xtd/pull/15
diary = Diary.objects.create(
body='Lorem ipsum',
allow_comments=True
)
self.assertEqual(diary.pk, self.article.pk)
self.form = comments.get_form()(diary)
data = {"name": "Charlie", "email": "*****@*****.**",
"followup": True, "reply_to": 0, "level": 1, "order": 1,
"comment": "Es war einmal eine kleine..." }
data.update(self.form.initial)
self.response = self.client.post(reverse("comments-post-comment"),
data=data)
self.key = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key"))
# 1) confirmation for Bob (sent in `setUp()`)
# 2) confirmation for Charlie
self.assertEqual(self.mock_mailer.call_count, 2)
self.get_confirm_comment_url(self.key)
self.assertEqual(self.mock_mailer.call_count, 2)
self.form = comments.get_form()(self.article)
data = {"name":"Alice", "email":"*****@*****.**", "followup": True,
"reply_to": 0, "level": 1, "order": 1,
"comment":"Es war einmal iene kleine..." }
data.update(self.form.initial)
self.response = self.client.post(reverse("comments-post-comment"),
data=data)
self.assertEqual(self.mock_mailer.call_count, 3)
self.key = re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key")
self.get_confirm_comment_url(self.key)
self.assertEqual(self.mock_mailer.call_count, 4)
self.assert_(self.mock_mailer.call_args[0][3] == ["*****@*****.**"])
self.assert_(self.mock_mailer.call_args[0][1].find("There is a new comment following up yours.") > -1)
def validate(self, data):
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return serializers.ValidationError("Missing content_type or "
"object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.get(pk=object_pk)
whocan = get_app_model_options(content_type=ctype)['who_can_post']
except (AttributeError, TypeError, LookupError):
raise serializers.ValidationError("Invalid content_type value: %r"
% escape(ctype))
except model.ObjectDoesNotExist:
raise serializers.ValidationError(
"No object matching content-type %r and object PK %r exists."
% (escape(ctype), escape(object_pk)))
except (ValueError, serializers.ValidationError) as e:
raise serializers.ValidationError(
"Attempting to get content-type %r and object PK %r exists "
"raised %s" % (escape(ctype), escape(object_pk),
e.__class__.__name__))
else:
if whocan == "users" and not self.request.user.is_authenticated:
raise serializers.ValidationError("User not authenticated")
# Signal that the request allows to be authorized.
responses = should_request_be_authorized.send(
sender=target.__class__,
comment=target,
request=self.request
)
for (receiver, response) in responses:
if response is True:
# A positive response indicates that the POST request
# must be trusted. So inject the CommentSecurityForm values
# to pass the form validation step.
secform = CommentSecurityForm(target)
data.update({
"honeypot": "",
"timestamp": secform['timestamp'].value(),
"security_hash": secform['security_hash'].value()
})
break
self.form = get_form()(target, data=data)
# Check security information.
if self.form.security_errors():
raise exceptions.PermissionDenied()
if self.form.errors:
raise serializers.ValidationError(self.form.errors)
return data
def assertPostComment(self, obj, comment, status=200, **kw):
kw['form'] = django_comments.get_form()(obj)
data = kw.setdefault('data', {})
data['comment'] = comment
post = self.assertPost('comments-post-comment', **kw)
if post.status_code == 400 and status != 400:
text = post.content
x = text.find("<td>", text.find('Why'))
y = text.find("</td>", x)
msg = text[x + 4:y]
else:
msg = "Expected status %d, found %d" % (status, post.status_code)
self.assertEqual(status, post.status_code, msg)
return post
def setUp(self):
# Create an article and send a comment. Test method will chech headers
# to see wheter messages has multiparts or not.
patcher = patch('django_comments_xtd.views.send_mail')
self.mock_mailer = patcher.start()
self.article = Article.objects.create(
title="September", slug="september", body="John's September")
self.form = comments.get_form()(self.article)
# Bob sends 1st comment to the article with follow-up
self.data = {"name": "Bob", "email": "*****@*****.**",
"followup": True, "reply_to": 0, "level": 1, "order": 1,
"comment": "Nice September you had..." }
self.data.update(self.form.initial)
def create(self, request, *args, **kwargs):
target = self.kwargs.pop("target")
data = self.request.data.copy()
data["user"] = self.request.user
form = get_form()(target, data=data)
if form.security_errors():
raise ValidationError(
{
"detail": _("The comment form failed security verification: %s")
% escape(str(form.security_errors()))
}
)
if form.errors:
return Response(
{"detail": form.errors}, status=status.HTTP_400_BAD_REQUEST,
)
site = get_current_site(request)
ip_address = request.META.get("REMOTE_ADDR", None) or None
comment = form.get_comment_object(site_id=site.id)
comment.ip_address = ip_address
comment.user = request.user
responses = signals.comment_will_be_posted.send(
sender=comment.__class__, comment=comment, request=request
)
for (receiver, response) in responses:
if response is False:
return Response(
data={
"detail": _(
"comment_will_be_posted receiver %r killed the comment"
)
% receiver.__name__
},
status=status.HTTP_412_PRECONDITION_FAILED,
)
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__, comment=comment, request=request
)
serializer = CommentSerializer(instance=comment, context={"request": request})
headers = self.get_success_headers(serializer.data)
return Response(
serializer.data, status=status.HTTP_201_CREATED, headers=headers
)
def add_comment(request, data):
"""
Helper method which is used to add comments to objects.
:returns: Tuple of (form, target) where form is the comments form object
and target is the object we're trying to comment about.
:rtype: tuple
"""
if request.user.is_authenticated:
if not data.get('name'):
data["name"] = request.user.get_full_name() or request.user.username
if not data.get('email'):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.get(pk=object_pk)
# Construct the comment form
form = django_comments.get_form()(target, data=data)
if not form.is_valid():
return form, target
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated:
comment.user = request.user
# Signal that the comment is about to be saved
django_comments.signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
# Save the comment and signal that it was saved
comment.is_removed = False
comment.save()
django_comments.signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
return form, target
def _post_comment(self, data=None, parent=None):
Comment = django_comments.get_model()
body = self.BASE_DATA.copy()
if data:
body.update(data)
url = django_comments.get_form_target()
args = [Site.objects.all()[0]]
kwargs = {}
if parent is not None:
kwargs['parent'] = unicode(parent.pk)
body['parent'] = unicode(parent.pk)
form = django_comments.get_form()(*args, **kwargs)
body.update(form.generate_security_data())
self.client.post(url, body, follow=True)
return Comment.objects.order_by('-id')[0]
def _post_comment(self, data=None, parent=None):
Comment = django_comments.get_model()
body = self.BASE_DATA.copy()
if data:
body.update(data)
url = django_comments.get_form_target()
args = [Site.objects.all()[0]]
kwargs = {}
if parent is not None:
kwargs['parent'] = str(parent.pk)
body['parent'] = str(parent.pk)
form = django_comments.get_form()(*args, **kwargs)
body.update(form.generate_security_data())
self.client.post(url, body, follow=True)
return Comment.objects.order_by('-id')[0]
def _check_form(self):
"""数据合法性检查"""
target = self.target
data = self.request.data.copy()
data['user'] = self.request.user
# data['name'] = self.request.user.username
self.form = get_form()(target, data=data)
if self.form.security_errors():
raise ValidationError({
'detail':
"The comment form failed security verification: %s" %
escape(str(self.form.security_errors()))
})
if self.form.errors:
raise ValidationError({'detail': self.form.errors})
def setUp(self):
patcher = patch('django_comments_xtd.views.send_mail')
self.mock_mailer = patcher.start()
self.article = Article.objects.create(title="September",
slug="september",
body="What I did on September...")
self.form = comments.get_form()(self.article)
data = {"name": "Bob", "email": "*****@*****.**", "followup": True,
"reply_to": 0, "level": 1, "order": 1,
"comment": "Es war einmal iene kleine..." }
data.update(self.form.initial)
self.response = self.client.post(reverse("comments-post-comment"),
data=data)
self.assert_(self.mock_mailer.call_count == 1)
self.key = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key"))
self.addCleanup(patcher.stop)
def threaded_comment_json(request, comment):
viewer = request.user
coll = ContentType.objects.get_for_model(Collaboration)
all_comments = ThreadedComment.objects.filter(
content_type=coll, object_pk=comment.content_object.pk,
site__pk=settings.SITE_ID)
all_comments = fill_tree(all_comments)
all_comments = list(annotate_tree_properties(all_comments))
rand = ''.join([choice(letters) for i in range(5)])
citations = threaded_comment_citations(all_comments, viewer)
asset_resource = AssetResource()
sherd_resource = SherdNoteResource()
return {
'type': 'discussion',
'form': django_comments.get_form()(
comment.content_object).__unicode__(),
'editing': True,
'can_edit': True,
'discussion': {
'id': comment.id,
'max_length': COMMENT_MAX_LENGTH,
'thread': [{'open': obj.open if hasattr(obj, "open") else None,
'close': [i for i in obj.close]
if hasattr(obj, "close") else None,
'id': obj.id,
'author': obj.name,
'author_username': obj.user.username,
'submit_date': pretty_date(obj.submit_date),
'title': obj.title,
'content': obj.comment,
'can_edit': True if obj.user == viewer else False}
for obj in all_comments]
},
'assets': dict([('%s_%s' % (rand, ann.asset.pk),
asset_resource.render_one(request, ann.asset))
for ann in citations
if (ann.title != "Annotation Deleted" and
ann.title != 'Asset Deleted')]),
'annotations': [sherd_resource.render_one(request, ann, rand)
for ann in citations],
}
def test_get_comment_create_data(self):
# as it's used in django_comments.views.comments
data = {"name":"Daniel",
"email":"*****@*****.**",
"followup": True,
"reply_to": 0, "level": 1, "order": 1,
"comment":"Es war einmal iene kleine..." }
data.update(self.form.initial)
form = comments.get_form()(self.article, data)
self.assert_(self.form.security_errors() == {})
self.assert_(self.form.errors == {})
comment = form.get_comment_object()
# it does have the new field 'followup'
self.assert_("followup" in comment)
# and as long as settings.COMMENTS_XTD_CONFIRM_EMAIL is True
# is_public is set to False until receive the user confirmation
self.assert_(comment.is_public == False)
def test_no_notification_for_same_user_email(self):
# test that a follow-up user_email don't get a notification when
# sending another email to the thread
self.assertEqual(self.mock_mailer.call_count, 1)
self.get_confirm_comment_url(self.key) # confirm Bob's comment
# no comment followers yet:
self.assertEqual(self.mock_mailer.call_count, 1)
# send Bob's 2nd comment
self.form = comments.get_form()(self.article)
data = {"name":"Alice", "email":"*****@*****.**", "followup": True,
"reply_to": 0, "level": 1, "order": 1,
"comment":"Bob's comment he shouldn't get notified about" }
data.update(self.form.initial)
self.response = self.client.post(reverse("comments-post-comment"),
data=data)
self.assertEqual(self.mock_mailer.call_count, 2)
self.key = re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key")
self.get_confirm_comment_url(self.key)
self.assertEqual(self.mock_mailer.call_count, 2)
def post(self, request, *args, **kwargs):
#serializer_class = serializers.WriteCommentSerializer
result = {}
data = request.POST
blog = Blog.objects.get(id=4)
self.form = get_form()(blog, data=data)
#self.form = django_comments.get_form()(blog)
print(self.form, "FORM")
if self.form.is_valid():
#self.form = form(blog)
pass
else:
print(self.form.errors)
site = get_current_site(request)
resp = {
'code': -1,
'comment': self.form.get_comment_object(site_id=site.id)
}
resp['comment'].ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated:
resp['comment'].user = request.user
if (not settings.COMMENTS_XTD_CONFIRM_EMAIL
or request.user.is_authenticated):
if not comments_views._comment_exists(resp['comment']):
new_comment = comments_views._create_comment(resp['comment'])
resp['comment'].xtd_comment = new_comment
confirmation_received.send(sender=TmpXtdComment,
comment=resp['comment'],
request=request)
comment_was_posted.send(sender=new_comment.__class__,
comment=new_comment,
request=request)
if resp['comment'].is_public:
resp['code'] = 201
#views.notify_comment_followers(new_comment)
else:
resp['code'] = 202
return JsonResponse(result)
def setUp(self):
# Creates an article and send two comments to the article with follow-up
# notifications. First comment doesn't have to send any notification.
# Second comment has to send one notification (to Bob).
patcher = patch('django_comments_xtd.views.send_mail')
self.mock_mailer = patcher.start()
self.article = Article.objects.create(
title="September", slug="september", body="John's September")
self.form = comments.get_form()(self.article)
# Bob sends 1st comment to the article with follow-up
data = {"name": "Bob", "email": "*****@*****.**", "followup": True,
"reply_to": 0, "level": 1, "order": 1,
"comment": "Nice September you had..." }
data.update(self.form.initial)
response = self.client.post(reverse("comments-post-comment"),
data=data)
self.assert_(self.mock_mailer.call_count == 1)
bobkey = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key"))
self.get_confirm_comment_url(bobkey) # confirm Bob's comment
# Alice sends 2nd comment to the article with follow-up
data = {"name": "Alice", "email": "*****@*****.**", "followup": True,
"reply_to": 1, "level": 1, "order": 1,
"comment": "Yeah, great photos" }
data.update(self.form.initial)
response = self.client.post(reverse("comments-post-comment"),
data=data)
self.assert_(self.mock_mailer.call_count == 2)
alicekey = str(re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key"))
self.get_confirm_comment_url(alicekey) # confirm Alice's comment
# Bob receives a follow-up notification
self.assert_(self.mock_mailer.call_count == 3)
self.bobs_mutekey = str(re.search(
r'http://.+/mute/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key"))
self.addCleanup(patcher.stop)
def test_email_field_requiredness_POST(self):
"""Regression test for #1944.
Previously a user without email address would not be able to add a comment.
This test makes a POST request with comment data."""
# Arrange
person = Person.objects.create(
personal="Ron",
family="Weasley",
username="******",
is_active=True,
email="",
)
consent_to_all_required_consents(person)
organization = Organization.objects.create(
domain="example.org",
fullname="Example Organisation",
)
CommentModel = django_comments.get_model()
CommentForm = django_comments.get_form()
data = {
"honeypot": "",
"comment": "Content",
**CommentForm(organization).generate_security_data(),
}
# Act
self.client.force_login(person)
self.client.post(reverse("comments-post-comment"),
data=data,
follow=True)
# Assert
self.assertEqual(
CommentModel.objects.for_model(organization).count(), 1)
def test_notify_comment_followers(self):
# send a couple of comments to the article with followup=True and check
# that when the second comment is confirmed a followup notification
# email is sent to the user who sent the first comment
self.assertEqual(self.mock_mailer.call_count, 1)
self.get_confirm_comment_url(self.key)
# no comment followers yet:
self.assertEqual(self.mock_mailer.call_count, 1)
# send 2nd comment
self.form = comments.get_form()(self.article)
data = {"name":"Alice", "email":"*****@*****.**", "followup": True,
"reply_to": 0, "level": 1, "order": 1,
"comment":"Es war einmal eine kleine..." }
data.update(self.form.initial)
self.response = self.client.post(reverse("comments-post-comment"),
data=data)
self.assertEqual(self.mock_mailer.call_count, 2)
self.key = re.search(r'http://.+/confirm/(?P<key>[\S]+)',
self.mock_mailer.call_args[0][1]).group("key")
self.get_confirm_comment_url(self.key)
self.assertEqual(self.mock_mailer.call_count, 3)
self.assert_(self.mock_mailer.call_args[0][3] == ["*****@*****.**"])
self.assert_(self.mock_mailer.call_args[0][1].find("There is a new comment following up yours.") > -1)
def validate(self, data):
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return serializers.ValidationError("Missing content_type or "
"object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.get(pk=object_pk)
except TypeError:
return serializers.ValidationError("Invalid content_type value: %r"
% escape(ctype))
except AttributeError:
return serializers.ValidationError("The given content-type %r does "
"not resolve to a valid model."
% escape(ctype))
except model.ObjectDoesNotExist:
return serializers.ValidationError(
"No object matching content-type %r and object PK %r exists."
% (escape(ctype), escape(object_pk)))
except (ValueError, serializers.ValidationError) as e:
return serializers.ValidationError(
"Attempting go get content-type %r and object PK %r exists "
"raised %s" % (escape(ctype), escape(object_pk),
e.__class__.__name__))
self.form = get_form()(target, data=data)
# Check security information
if self.form.security_errors():
return serializers.ValidationError(
"The comment form failed security verification: %s" %
escape(str(self.form.security_errors())))
if self.form.errors:
return serializers.ValidationError(self.form.errors)
return data
def test_email_field_requiredness(self):
"""Regression test for #1944.
Previously a user without email address would not be able to add a comment."""
# Arrange
organization = Organization.objects.create(
domain="example.org",
fullname="Example Organisation",
)
CommentForm = django_comments.get_form()
data = {
"honeypot": "",
"comment": "Content",
"name": "Ron", # required outside the request cycle
**CommentForm(organization).generate_security_data(),
}
# Act
form = CommentForm(organization, data)
# Assert
self.assertTrue(form.is_valid())
def validate(self, data):
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return serializers.ValidationError("Missing content_type or "
"object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.get(pk=object_pk)
except TypeError:
return serializers.ValidationError(
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
return serializers.ValidationError(
"The given content-type %r does "
"not resolve to a valid model." % escape(ctype))
except model.ObjectDoesNotExist:
return serializers.ValidationError(
"No object matching content-type %r and object PK %r exists." %
(escape(ctype), escape(object_pk)))
except (ValueError, serializers.ValidationError) as e:
return serializers.ValidationError(
"Attempting go get content-type %r and object PK %r exists "
"raised %s" %
(escape(ctype), escape(object_pk), e.__class__.__name__))
self.form = get_form()(target, data=data)
# Check security information
if self.form.security_errors():
return serializers.ValidationError(
"The comment form failed security verification: %s" %
escape(str(self.form.security_errors())))
if self.form.errors:
return serializers.ValidationError(self.form.errors)
return data
def post_comment(request, next=None, *args, **kwargs):
"""
Post a comment.
HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Require POST
if request.method != 'POST':
return HttpResponseNotAllowed(["POST"])
is_ajax = request.POST.get('is_ajax') and '_ajax' or ''
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name()
if not data.get('email', ''):
data["email"] = request.user.email
response = _lookup_content_object(data)
if isinstance(response, HttpResponse):
return response
else:
target, parent_comment, model = response
# Do we want to preview the comment?
preview = data.get("submit", "").lower() == "preview" or \
data.get("preview", None) is not None
# Construct the comment form
form = get_form()(target, parent_comment=parent_comment, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
"comments/%s_%s_preview%s.html" % tuple(str(model._meta).split(".") + [is_ajax]),
"comments/%s_preview%s.html" % (model._meta.app_label, is_ajax),
"comments/preview%s.html" % is_ajax
]
data = {
'comment': form.data.get("comment", ""),
'parent': parent_comment,
'level': parent_comment and parent_comment.level + 1 or 0,
'title': form.data.get("title", ""),
'submit_date': datetime.datetime.now(),
'rght': 0,
'lft': 0,
'user': request.user,
'user_name' : request.user.username,
}
comment = get_model()(**data)
return TemplateResponse(request, template_list, {
"comment" : comment,
"preview" : True,
"form" : form,
"allow_post": not form.errors,
"is_ajax" : is_ajax,
})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
comment.user_name = request.user.username
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender = comment.__class__,
comment = comment,
request = request
)
for (receiver, response) in responses:
if response == False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender = comment.__class__,
comment = comment,
request = request
)
return next_redirect(request, 'comments-comment-done%s' % (is_ajax and '-ajax' or ''), c=comment._get_pk_val())
def post_comment(request, next=None, *args, **kwargs):
"""
Post a comment.
HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Require POST
if request.method != 'POST':
return HttpResponseNotAllowed(["POST"])
is_ajax = request.POST.get('is_ajax') and '_ajax' or ''
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name()
if not data.get('email', ''):
data["email"] = request.user.email
response = _lookup_content_object(data)
if isinstance(response, HttpResponse):
return response
else:
target, parent_comment, model = response
# Do we want to preview the comment?
preview = data.get("submit", "").lower() == "preview" or \
data.get("preview", None) is not None
# Construct the comment form
form = get_form()(target, parent_comment=parent_comment, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
"comments/%s_%s_preview%s.html" %
tuple(str(model._meta).split(".") + [is_ajax]),
"comments/%s_preview%s.html" % (model._meta.app_label, is_ajax),
"comments/preview%s.html" % is_ajax
]
data = {
'comment': form.data.get("comment", ""),
'parent': parent_comment,
'level': parent_comment and parent_comment.level + 1 or 0,
'title': form.data.get("title", ""),
'submit_date': datetime.datetime.now(),
'rght': 0,
'lft': 0,
'user': request.user,
'user_name': request.user.username,
}
comment = get_model()(**data)
return TemplateResponse(
request, template_list, {
"comment": comment,
"preview": True,
"form": form,
"allow_post": not form.errors,
"is_ajax": is_ajax,
})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
comment.user_name = request.user.username
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__,
comment=comment,
request=request)
for (receiver, response) in responses:
if response == False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" %
receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__,
comment=comment,
request=request)
return next_redirect(request,
'comments-comment-done%s' %
(is_ajax and '-ajax' or ''),
c=comment._get_pk_val())
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
try:
user_is_authenticated = request.user.is_authenticated()
except TypeError: # Django >= 1.11
user_is_authenticated = request.user.is_authenticated
if user_is_authenticated:
if not data.get('name', ''):
data["name"] = request.user.get_full_name() or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
# 添加
if not request.session.get('login', None) and not user_is_authenticated:
return redirect("/")
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
return CommentPostBadRequest(
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
return CommentPostBadRequest(
"The given content-type %r does not resolve to a valid model." % escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % (
escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % (
escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(request, template_list, {
"comment": form.data.get("comment", ""),
"form": form,
"next": data.get("next", next),
},
)
# Otherwise create the comment
comment = form.get_comment_object(site_id=get_current_site(request).id)
comment.ip_address = request.META.get("REMOTE_ADDR", None)
# if user_is_authenticated:
# comment.user = request.user
#添加
if request.session.get('login',None):
comment.user_name = request.session['screen_name']
comment.user_img = request.session['profile_image_url']
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
return next_redirect(request, fallback=next or 'comments-comment-done',
c=comment._get_pk_val())
def setUp(self):
self.article = Article.objects.create(title="September",
slug="september",
body="What I did on September...")
self.form = comments.get_form()(self.article)
def get_form(self, context):
obj = self.get_object(context)
if obj:
return django_comments.get_form()(obj)
else:
return None
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name() or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
return CommentPostBadRequest(
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
return CommentPostBadRequest(
"The given content-type %r does not resolve to a valid model." % escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % (
escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % (
escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(request, template_list, {
"comment": form.data.get("comment", ""),
"form": form,
"next": data.get("next", next),
},
)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated():
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
return next_redirect(request, fallback=next or 'comments-comment-done',
c=comment._get_pk_val())
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
try:
user_is_authenticated = request.user.is_authenticated()
except TypeError: # Django >= 1.11
user_is_authenticated = request.user.is_authenticated
if user_is_authenticated:
if not data.get('name', ''):
data["name"] = request.user.get_short_name(
) or request.user.get_username()
# 考虑到last_name被我用来放头像JPG了,所以不要get_full_name
# data["name"] = request.user.get_full_name() or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
#add 2017-08-18 Jobin refer ysh
else:
return ResponseJson(501, False, 'No Login')
#add 2017-08-18 Jobin refer ysh
if not request.user.is_active:
return ResponseJson(502, False, 'User is Not Active')
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest("Missing content_type or object_pk field.")
return ResponseJson(503, False,
'Missing content_type or object_pk field.')
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest(
# "Invalid content_type value: %r" % escape(ctype))
return ResponseJson(504, False,
"Invalid content_type value: %r" % escape(ctype))
except AttributeError:
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest(
# "The given content-type %r does not resolve to a valid model." % escape(ctype))
return ResponseJson(
505, False,
"The given content-type %r does not resolve to a valid model." %
escape(ctype))
except ObjectDoesNotExist:
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest(
# "No object matching content-type %r and object PK %r exists." % (
# escape(ctype), escape(object_pk)))
return ResponseJson(
506, False,
"No object matching content-type %r and object PK %r exists." %
(escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest(
# "Attempting go get content-type %r and object PK %r exists raised %s" % (
# escape(ctype), escape(object_pk), e.__class__.__name__))
return ResponseJson(
507, False,
"Attempting go get content-type %r and object PK %r exists raised %s"
% (escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest(
# "The comment form failed security verification: %s" % escape(str(form.security_errors())))
return ResponseJson(
508, False, "The comment form failed security verification: %s" %
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" %
(model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" %
(model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
#change 2017-08-18 Jobin refer ysh
# return render(request, template_list, {
# "comment": form.data.get("comment", ""),
# "form": form,
# "next": data.get("next", next),
# },
# )
return ResponseJson(509, False, form.data.get("comment", ""))
# Otherwise create the comment
comment = form.get_comment_object(site_id=get_current_site(request).id)
comment.ip_address = request.META.get("REMOTE_ADDR", None)
#add 2017-08-18 Jobin refer ysh
comment.root_id = data.get('root_id', 0)
comment.reply_to = data.get('reply_to', 0)
comment.reply_name = data.get('reply_name', '')
if user_is_authenticated:
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__,
comment=comment,
request=request)
for (receiver, response) in responses:
if response is False:
#change 2017-08-18 Jobin refer ysh
# return CommentPostBadRequest(
# "comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
return ResponseJson(
510, False,
"comment_will_be_posted receiver %r killed the comment" %
receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__,
comment=comment,
request=request)
#add 2017-08-18 Jobin refer ysh
try:
root_url = 'http://chenzhibin.vip'
src_url = data.get('src_url', root_url)
src_url = root_url + src_url
# 调用发送邮件代码
send_comment_email(comment, src_url)
except Exception as e:
#ResponseJson方法是我前面自己加的,可以参考上一篇博文
return ResponseJson(200, True, e.message)
#change 2017-08-18 Jobin refer ysh
# return next_redirect(request, fallback=next or 'comments-comment-done',
# c=comment._get_pk_val())
return ResponseJson(200, True, 'comment success')
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated:
if not data.get('name', ''):
data["name"] = request.user.get_full_name() or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
# return CommentPostBadRequest("Missing content_type or object_pk field.")
return ResponseJson(503, False, 'Missing content_type or object_pk field.')
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
# return CommentPostBadRequest(
# "Invalid content_type value: %r" % escape(ctype))
return ResponseJson(504, False, "Invalid content_type value: %r" % escape(ctype))
except AttributeError:
# return CommentPostBadRequest(
# "The given content-type %r does not resolve to a valid model." % escape(ctype))
return ResponseJson(505, False,
"The given content-type %r does not resolve to a valid model." % escape(ctype))
except ObjectDoesNotExist:
# return CommentPostBadRequest(
# "No object matching content-type %r and object PK %r exists." % (
# escape(ctype), escape(object_pk)))
return ResponseJson(506, False,
"No object matching content-type %r and object PK %r exists." % (escape(ctype),
escape(object_pk)))
except (ValueError, ValidationError) as e:
# return CommentPostBadRequest(
# "Attempting go get content-type %r and object PK %r exists raised %s" % (
# escape(ctype), escape(object_pk), e.__class__.__name__))
return ResponseJson(507, False,
"Attempting go get content-type %r and object PK %r exists raised %s" % (escape(ctype),
escape(object_pk),
e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
# return CommentPostBadRequest(
# "The comment form failed security verification: %s" % escape(str(form.security_errors())))
return ResponseJson(508, False, "The comment form failed security verification: %s" %
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
# return render(request, template_list, {
# "comment": form.data.get("comment", ""),
# "form": form,
# "next": data.get("next", next),
# },
# )
return ResponseJson(509, False, form.data.get("comment", ""))
# Otherwise create the comment
comment = form.get_comment_object(site_id=get_current_site(request).id)
comment.ip_address = request.META.get("REMOTE_ADDR", None) or None
# 增加回复的字段
comment.root_id = data.get('root_id', 0)
comment.reply_to = data.get('reply_to', 0)
comment.reply_name = data.get('reply_name', '')
if request.user.is_authenticated:
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
# return CommentPostBadRequest(
# "comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
return ResponseJson(510, False,
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
try:
# 判断评论对象是否Wie博文
if str(comment.content_type) == '文章': # 模型的verbose_name
blog = Blog.objects.filter(id=comment.object_pk).first()
subject = ''
message = ''
from_mail = DEFAULT_FROM_EMAIL
recipient_list = []
html_message = ''
if int(comment.root_id) == 0:
subject = '[Hubery的博客]博文评论'
temp = loader.get_template('email/comment.html')
# 发送给自己
recipient_list.append(DEFAULT_RECEIVE_EMAIL)
data = {
'user_name': blog.uid.username,
'comment_name': comment.user_name,
'blog_title': blog.title,
'blog_url': 'http://{}/blog/read/?blogid={}'.format(HOST, blog.id),
'comment_content': comment.comment
}
html_message = temp.render(data)
else:
subject = '[Hubery的博客]博文回复'
temp = loader.get_template('email/replay.html')
# 获取评论对象,找到回复对应的评论
comment_model = django_comments.get_model()
cams = comment_model.objects.filter(id=comment.reply_to)
if cams:
# 如果邮箱为空,发给博主本人
recipient_list.append(cams[0].user_email if cams[0].user_email else DEFAULT_RECEIVE_EMAIL)
else:
# 没有找到评论,就发给自己(可以修改其他邮箱)
recipient_list.append(DEFAULT_RECEIVE_EMAIL)
data = {
'replay_name': comment.reply_name,
'comment_name': comment.user_name,
'blog_title': blog.title,
'blog_url': 'http://{}/blog/read/?blogid={}'.format(HOST,blog.id),
'comment_content': comment.comment
}
html_message = temp.render(data)
send_mail(subject, message, from_mail, recipient_list=recipient_list,
fail_silently=False, html_message=html_message)
elif str(comment.content_type) == '留言':
subject = ''
message = ''
from_mail = DEFAULT_FROM_EMAIL
recipient_list = []
html_message = ''
if int(comment.root_id) == 0:
subject = '[Hubery的博客]留言板评论'
temp = loader.get_template('email/comment.html')
# 发送给自己
recipient_list.append(DEFAULT_RECEIVE_EMAIL)
data = {
'user_name': 'hubery',
'comment_name': comment.user_name,
'blog_title': '留言板',
'blog_url': 'http://{}/blog/message_board/'.format(HOST),
'comment_content': comment.comment
}
html_message = temp.render(data)
else:
subject = '[Hubery的博客]留言回复'
temp = loader.get_template('email/replay.html')
# 获取评论对象,找到回复对应的评论
comment_model = django_comments.get_model()
cams = comment_model.objects.filter(id=comment.reply_to)
if cams:
recipient_list.append(cams[0].user_email if cams[0].user_email else DEFAULT_RECEIVE_EMAIL)
else:
# 没有找到评论,就发给自己(可以修改其他邮箱)
recipient_list.append(DEFAULT_RECEIVE_EMAIL)
data = {
'replay_name': comment.reply_name,
'comment_name': comment.user_name,
'blog_title': '留言评论',
'blog_url': 'http://{}/blog/message_board/'.format(HOST),
'comment_content': comment.comment
}
html_message = temp.render(data)
send_mail(subject, message, from_mail, recipient_list=recipient_list,
fail_silently=False, html_message=html_message)
else:
pass
except Exception as e:
print(e)
# return next_redirect(request, fallback=next or 'comments-comment-done',
# c=comment._get_pk_val())
return ResponseJson(200, True, 'comment success')
def post_comment_ajax(request, using=None):
"""
Post a comment, via an Ajax call. Most from django-fluent-comments
"""
if not request.is_ajax():
return HttpResponseBadRequest("Expecting Ajax call")
data = request.POST.copy()
if request.user.is_authenticated():
if not data.get('name', ''):
data["name"] = request.user.get_full_name(
) or request.user.get_username()
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest(
"Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
return CommentPostBadRequest("Invalid content_type value: %r" %
escape(ctype))
except AttributeError:
return CommentPostBadRequest(
"The given content-type %r does not resolve to a valid model." %
escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." %
(escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s"
% (escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" %
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if preview:
comment = form.get_comment_object() if not form.errors else None
if comment is not None and request.user.is_authenticated():
comment.user = request.user
return _ajax_result(request,
form,
"preview",
comment,
object_id=object_pk)
if form.errors:
return _ajax_result(request, form, "post", object_id=object_pk)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = get_trusted_ip(request)
if request.user.is_authenticated():
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__,
comment=comment,
request=request)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" %
receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__,
comment=comment,
request=request)
return _ajax_result(request, form, "post", comment, object_id=object_pk)
"The given content-type %r does not resolve to a valid model." % \
escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % \
(escape(ctype), escape(object_pk)))
except (ValueError, ValidationError), e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % \
(escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
# preview = "preview" in data
# Construct the comment form
form = comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
if form.errors:
return render_to_response("comments/error.html", {"form": form},
RequestContext(request, {}))
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated():
comment.user = request.user
def testGetForm(self):
self.assertEqual(django_comments.get_form(), CommentForm)
from django.test import TestCase
from django.urls import reverse
from django.core import mail
from django.contrib.auth import get_user_model
from django_comments import get_model, get_form
from froide.foirequest.models import FoiRequest
from froide.foirequest.tests import factories
from froide.foirequest.tests.test_api import OAuthAPIMixin
from .models import FoiRequestFollower
from .tasks import _batch_update
User = get_user_model()
Comment = get_model()
CommentForm = get_form()
class FoiRequestFollowerFactory(factory.DjangoModelFactory):
class Meta:
model = FoiRequestFollower
request = factory.SubFactory(factories.FoiRequestFactory)
user = factory.SubFactory(factories.UserFactory)
email = ''
confirmed = True
class FoiRequestFollowerTest(TestCase):
def setUp(self):
self.site = factories.make_world()
def post(self, request, next=None, using=None):
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
data["name"] = request.user.get_full_name() or request.user.get_username()
data["email"] = request.user.email
# Look up the object we're trying to comment about
result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using)
if isinstance(result, CommentPostBadRequest):
return result
else:
model, target = result
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % escape(str(form.security_errors()))
)
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore
# format for preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(
request,
template_list,
{"comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next)},
)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
html_comment, tags = form.process_tags()
comment.comment = html_comment
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__
)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request)
# Add the tags that are extracted from the comment
comment.tags.add(*tags)
return next_redirect(request, fallback=next or "comments-comment-done", c=comment._get_pk_val())
"The given content-type %r does not resolve to a valid model." % \
escape(ctype))
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type %r and object PK %r exists." % \
(escape(ctype), escape(object_pk)))
except (ValueError, ValidationError), e:
return CommentPostBadRequest(
"Attempting go get content-type %r and object PK %r exists raised %s" % \
(escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
# preview = "preview" in data
# Construct the comment form
form = comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: %s" % \
escape(str(form.security_errors())))
if form.errors:
return render_to_response("comments/error.html",
{"form": form},
RequestContext(request, {}))
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated():
def get_form(self, context):
obj = self.get_object(context)
if obj:
return django_comments.get_form()(obj)
else:
return None
def security_data(self, request, *args, **kwargs):
target = self.kwargs.pop("target")
form = get_form()(target)
return Response(data=form.generate_security_data(),
status=status.HTTP_200_OK)
from django.test import TestCase
from django.urls import reverse
from django.core import mail
from django.contrib.auth import get_user_model
from django_comments import get_model, get_form
from froide.foirequest.models import FoiRequest
from froide.foirequest.tests import factories
from froide.foirequest.tests.test_api import OAuthAPIMixin
from .models import FoiRequestFollower
from .tasks import _batch_update
User = get_user_model()
Comment = get_model()
CommentForm = get_form()
class FoiRequestFollowerFactory(factory.DjangoModelFactory):
class Meta:
model = FoiRequestFollower
request = factory.SubFactory(factories.FoiRequestFactory)
user = factory.SubFactory(factories.UserFactory)
email = ''
confirmed = True
class FoiRequestFollowerTest(TestCase):
def setUp(self):
self.site = factories.make_world()
def post_comment(request, next=None, using=None):
"""
Post a comment.
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
errors a preview template, ``comments/preview.html``, will be rendered.
"""
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
# if request.user.is_authenticated():
# if not data.get('name', ''):
# data["name"] = request.user.get_full_name() or request.user.get_username()
# if not data.get('email', ''):
# data["email"] = request.user.email
# #changes
# return JsonResponse({"result_info":"未认证用户"})
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
#return CommentPostBadRequest("Missing content_type or object_pk field.")
return JsonResponse({"result_info":"Missing content_type or object_pk field"})
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except TypeError:
#return CommentPostBadRequest(
# "Invalid content_type value: %r" % escape(ctype))
return JsonResponse({"result_info":"Invalid content_type value"})
except AttributeError:
# return CommentPostBadRequest(
# "The given content-type %r does not resolve to a valid model." % escape(ctype))
return JsonResponse({"result_info":"The given content-type does not resolve to a valid model"})
except ObjectDoesNotExist:
# return CommentPostBadRequest(
# "No object matching content-type %r and object PK %r exists." % (
# escape(ctype), escape(object_pk)))
return JsonResponse({"result_info":"No object matching content-type and object PK exists"})
except (ValueError, ValidationError) as e:
# return CommentPostBadRequest(
# "Attempting go get content-type %r and object PK %r exists raised %s" % (
# escape(ctype), escape(object_pk), e.__class__.__name__))
return JsonResponse({"result_info":"Attempting go get content-type and object PK exists raised"})
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
# return CommentPostBadRequest(
# "The comment form failed security verification: %s" % escape(str(form.security_errors())))
return JsonResponse({"result_info":"The comment form failed security verification"})
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons.
# Django v1.0 and v1.1 allowed the underscore format for
# preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
# return render(request, template_list, {
# "comment": form.data.get("comment", ""),
# "form": form,
# "next": data.get("next", next),
# }
# )
return JsonResponse({"result_info":"form.error or preview"})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
#change 2016-05-12
comment.root_id = data.get('root_id',0)
comment.reply_to = data.get('reply_to',0)
comment.reply_name = data.get('reply_name','')
if request.user.is_authenticated():
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
# return CommentPostBadRequest(
# "comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
return JsonResponse({"result_info":"comment_will_be_posted receiver killed the comment"})
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
#from . import email
try:
#判断评论对象是否为博文
if str(comment.content_type) == 'blog':
#设置模版对应的参数
email_data = {
'comment_name' : data["name"],
'comment_content' : comment.comment,
'comment_url' : 'http://yshblog.com/blog/%s#F%s' % (comment.object_pk, comment.id)}
subject = '' #邮件主题
template = '' #使用的模版
to_list = [] #收件人
if int(comment.root_id) == 0:
subject = '[Chenchen的博客]博文评论'
template = 'email/comment_email.html'
#发送给自己(可以写其他邮箱)
to_list.append(settings.DEFAULT_FROM_EMAIL)
else:
subject = '[Chenchen的博客]评论回复'
template = 'email/reply_email.html'
#获取评论对象,找到回复对应的评论
comment_model = django_comments.get_model()
cams = comment_model.objects.filter(id = comment.reply_to)
if cams:
to_list.append(cams[0].user_email)
else:
#没有找到评论,就发给自己(可以修改其他邮箱)
to_list.append(settings.DEFAULT_FROM_EMAIL)
#根据模版发送邮件
print("mail thread creating")
mail_thread=threading.Thread(target=send_email,args=(subject, template, email_data, to_list))
print("mail thread created")
mail_thread.setDaemon(True)
print("daemon")
mail_thread.start()
else:
#其他类型的评论暂不处理
pass
except Exception:
return JsonResponse({"result_info":"comment with email fail"})
return_data={
"user_name":comment.user_name ,
"submit_date":comment.submit_date.strftime('%Y-%m-%d %H:%M'),
"comment":comment.comment,
"reply_name": comment.reply_name ,
"root_id":comment.root_id ,
"reply_to":comment.reply_to ,
"comment_id":comment.id,
"result_info":"success"
}
return JsonResponse(return_data)
def test_get_form(self):
# check function django_comments_xtd.get_form retrieves the due class
self.assert_(comments.get_form() == XtdCommentForm)
def testGetForm(self):
self.assertEqual(django_comments.get_form(), CommentForm)
def post(self, request, next=None, using=None):
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
data["name"] = request.user.get_full_name() or request.user.get_username()
data["email"] = request.user.email
# Look up the object we're trying to comment about
result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using)
if isinstance(result, CommentPostBadRequest):
return result
else:
model, target = result
# Do we want to preview the comment?
preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data)
# Check security information
if form.security_errors():
return CommentPostBadRequest("The comment form failed security verification: %s" %
escape(str(form.security_errors())))
# If there are errors or if we requested a preview show the comment
if form.errors or preview:
template_list = [
# These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore
# format for preview templates, so we have to preserve that format.
"comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s_preview.html" % model._meta.app_label,
# Now the usual directory based template hierarchy.
"comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name),
"comments/%s/preview.html" % model._meta.app_label,
"comments/preview.html",
]
return render(request, template_list, {
"comment": form.data.get("comment", ""),
"form": form,
"next": data.get("next", next),
})
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
comment.user = request.user
html_comment, tags = form.process_tags()
comment.comment = html_comment
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request)
# Add the tags that are extracted from the comment
comment.tags.add(*tags)
return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def testGetForm(self):
from custom_comments.forms import CustomCommentForm
self.assertEqual(django_comments.get_form(), CustomCommentForm)
def entry_comment_form(entry):
return {
'form': comments.get_form()(entry),
'next': entry.get_absolute_url(),
}
def post_comment_ajax(request, using=None):
"""
Post a comment, via an Ajax call.
"""
if not request.is_ajax():
return HttpResponseBadRequest("Expecting Ajax call")
# This is copied from django_comments.
# Basically that view does too much, and doesn't offer a hook to change the rendering.
# The request object is not passed to next_redirect for example.
#
# This is a separate view to integrate both features. Previously this used django-ajaxcomments
# which is unfortunately not thread-safe (it it changes the comment view per request).
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated:
if not data.get('name', ''):
data["name"] = request.user.get_full_name() or request.user.username
if not data.get('email', ''):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except ValueError:
return CommentPostBadRequest("Invalid object_pk value: {0}".format(escape(object_pk)))
except (TypeError, LookupError):
return CommentPostBadRequest("Invalid content_type value: {0}".format(escape(ctype)))
except AttributeError:
return CommentPostBadRequest("The given content-type {0} does not resolve to a valid model.".format(escape(ctype)))
except ObjectDoesNotExist:
return CommentPostBadRequest("No object matching content-type {0} and object PK {1} exists.".format(escape(ctype), escape(object_pk)))
except (ValueError, ValidationError) as e:
return CommentPostBadRequest("Attempting go get content-type {0!r} and object PK {1!r} exists raised {2}".format(escape(ctype), escape(object_pk), e.__class__.__name__))
# Do we want to preview the comment?
is_preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data, is_preview=is_preview)
# Check security information
if form.security_errors():
return CommentPostBadRequest("The comment form failed security verification: {0}".format(form.security_errors()))
# If there are errors or if we requested a preview show the comment
if is_preview:
comment = form.get_comment_object() if not form.errors else None
return _ajax_result(request, form, "preview", comment, object_id=object_pk)
if form.errors:
return _ajax_result(request, form, "post", object_id=object_pk)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated:
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__,
comment=comment,
request=request
)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest("comment_will_be_posted receiver {0} killed the comment".format(receiver.__name__))
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(
sender = comment.__class__,
comment = comment,
request = request
)
return _ajax_result(request, form, "post", comment, object_id=object_pk)
def testGetForm(self):
from custom_comments.forms import CustomCommentForm
self.assertEqual(django_comments.get_form(), CustomCommentForm)
def post_comment_ajax(request, using=None):
"""
Post a comment, via an Ajax call.
"""
is_ajax = request.META.get("HTTP_X_REQUESTED_WITH") == "XMLHttpRequest"
if not is_ajax:
return HttpResponseBadRequest("Expecting Ajax call")
# This is copied from django_comments.
# Basically that view does too much, and doesn't offer a hook to change the rendering.
# The request object is not passed to next_redirect for example.
#
# This is a separate view to integrate both features. Previously this used django-ajaxcomments
# which is unfortunately not thread-safe (it it changes the comment view per request).
# Fill out some initial data fields from an authenticated user, if present
data = request.POST.copy()
if request.user.is_authenticated:
if not data.get("name", ""):
data["name"] = request.user.get_full_name() or request.user.username
if not data.get("email", ""):
data["email"] = request.user.email
# Look up the object we're trying to comment about
ctype = data.get("content_type")
object_pk = data.get("object_pk")
if ctype is None or object_pk is None:
return CommentPostBadRequest("Missing content_type or object_pk field.")
try:
model = apps.get_model(*ctype.split(".", 1))
target = model._default_manager.using(using).get(pk=object_pk)
except ValueError:
return CommentPostBadRequest("Invalid object_pk value: {0}".format(escape(object_pk)))
except (TypeError, LookupError):
return CommentPostBadRequest("Invalid content_type value: {0}".format(escape(ctype)))
except AttributeError:
return CommentPostBadRequest(
"The given content-type {0} does not resolve to a valid model.".format(escape(ctype))
)
except ObjectDoesNotExist:
return CommentPostBadRequest(
"No object matching content-type {0} and object PK {1} exists.".format(
escape(ctype), escape(object_pk)
)
)
except (ValueError, ValidationError) as e:
return CommentPostBadRequest(
"Attempting go get content-type {0!r} and object PK {1!r} exists raised {2}".format(
escape(ctype), escape(object_pk), e.__class__.__name__
)
)
# Do we want to preview the comment?
is_preview = "preview" in data
# Construct the comment form
form = django_comments.get_form()(target, data=data, is_preview=is_preview)
# Check security information
if form.security_errors():
return CommentPostBadRequest(
"The comment form failed security verification: {0}".format(form.security_errors())
)
# If there are errors or if we requested a preview show the comment
if is_preview:
comment = form.get_comment_object() if not form.errors else None
return _ajax_result(request, form, "preview", comment, object_id=object_pk)
if form.errors:
return _ajax_result(request, form, "post", object_id=object_pk)
# Otherwise create the comment
comment = form.get_comment_object()
comment.ip_address = request.META.get("REMOTE_ADDR", None)
if request.user.is_authenticated:
comment.user = request.user
# Signal that the comment is about to be saved
responses = signals.comment_will_be_posted.send(
sender=comment.__class__, comment=comment, request=request
)
for (receiver, response) in responses:
if response is False:
return CommentPostBadRequest(
"comment_will_be_posted receiver {0} killed the comment".format(receiver.__name__)
)
# Save the comment and signal that it was saved
comment.save()
signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request)
return _ajax_result(request, form, "post", comment, object_id=object_pk)
