def post(self, request, *args, **kwargs):
self.object = self.get_object()
page = self.get_comment_page()
if self.is_comment_locked():
return HttpResponseForbidden()
parent = request.POST.get('parent')
if parent:
if len(parent) > 10:
return HttpResponseBadRequest()
try:
parent = int(parent)
except ValueError:
return HttpResponseNotFound()
else:
if not Comment.objects.filter(
hidden=False, id=parent, page=page).exists():
return HttpResponseNotFound()
form = CommentForm(request, request.POST)
if form.is_valid():
comment = form.save(commit=False)
comment.author = request.profile
comment.page = page
with LockModel(write=(Comment, Revision, Version),
read=(ContentType, )), revisions.create_revision():
revisions.set_user(request.user)
revisions.set_comment(_('Posted comment'))
comment.save()
return HttpResponseRedirect(request.path)
context = self.get_context_data(object=self.object, comment_form=form)
return self.render_to_response(context)
def changelist_view(self, request, extra_context=None):
self.__save_model_calls = 0
with NavigationBar.objects.disable_mptt_updates():
result = super(NavigationBarAdmin, self).changelist_view(request, extra_context)
if self.__save_model_calls:
with LockModel(write=(NavigationBar,)):
NavigationBar.objects.rebuild()
return result
def vote_comment(request, delta):
if abs(delta) != 1:
return HttpResponseBadRequest(_('Messing around, are we?'),
content_type='text/plain')
if request.method != 'POST':
return HttpResponseForbidden()
if 'id' not in request.POST or len(request.POST['id']) > 10:
return HttpResponseBadRequest()
if not request.user.is_staff and not request.profile.has_any_solves:
return HttpResponseBadRequest(
_('You must solve at least one problem before you can vote.'),
content_type='text/plain')
if request.profile.mute:
return HttpResponseBadRequest(_('Your part is silent, little toad.'),
content_type='text/plain')
try:
comment_id = int(request.POST['id'])
except ValueError:
return HttpResponseBadRequest()
else:
if not Comment.objects.filter(id=comment_id, hidden=False).exists():
return HttpResponseNotFound(_('Comment not found.'),
content_type='text/plain')
vote = CommentVote()
vote.comment_id = comment_id
vote.voter = request.profile
vote.score = delta
while True:
try:
vote.save()
except IntegrityError:
with LockModel(write=(CommentVote, )):
try:
vote = CommentVote.objects.get(comment_id=comment_id,
voter=request.profile)
except CommentVote.DoesNotExist:
# We must continue racing in case this is exploited to manipulate votes.
continue
if -vote.score != delta:
return HttpResponseBadRequest(_('You already voted.'),
content_type='text/plain')
vote.delete()
Comment.objects.filter(id=comment_id).update(score=F('score') -
vote.score)
else:
Comment.objects.filter(id=comment_id).update(score=F('score') +
delta)
break
return HttpResponse('success', content_type='text/plain')
def vote_comment(request, delta):
if abs(delta) != 1:
return HttpResponseBadRequest(_('Messing around, are we?'),
content_type='text/plain')
if request.method != 'POST':
return HttpResponseForbidden()
if 'id' not in request.POST:
return HttpResponseBadRequest()
try:
comment_id = int(request.POST['id'])
except ValueError:
return HttpResponseBadRequest()
else:
if not Comment.objects.filter(id=comment_id).exists():
raise Http404()
vote = CommentVote()
vote.comment_id = comment_id
vote.voter = request.user.profile
vote.score = delta
while True:
try:
vote.save()
except IntegrityError:
with LockModel(write=(CommentVote, )):
try:
vote = CommentVote.objects.get(comment_id=comment_id,
voter=request.user.profile)
except CommentVote.DoesNotExist:
# We must continue racing in case this is exploited to manipulate votes.
continue
if -vote.score != delta:
return HttpResponseBadRequest(_('You already voted.'),
content_type='text/plain')
vote.delete()
Comment.objects.filter(id=comment_id).update(score=F('score') -
vote.score)
else:
Comment.objects.filter(id=comment_id).update(score=F('score') +
delta)
break
return HttpResponse('success', content_type='text/plain')
def post(self, request, *args, **kwargs):
self.object = self.get_object()
page = self.get_comment_page()
with LockModel(write=(Comment, Revision, Version), read=(Profile, ContentType, Submission, Problem)):
form = CommentForm(request, request.POST)
if form.is_valid():
comment = form.save(commit=False)
comment.author = request.user.profile
comment.page = page
with revisions.create_revision():
revisions.set_user(request.user)
revisions.set_comment(_('Posted comment'))
comment.save()
return HttpResponseRedirect(request.path)
context = self.get_context_data(object=self.object, comment_form=form)
return self.render_to_response(context)