def process_exception(self, request, exception): """ Processes CommentClientRequestErrors in ajax requests. If the request is an ajax request, returns a http response that encodes the error as json """ if isinstance(exception, CommentClientRequestError) and request.is_ajax(): try: return JsonError(json.loads(text_type(exception)), exception.status_code) except ValueError: return JsonError(text_type(exception), exception.status_code) return None
def wrapper(request, *args, **kwargs): """ Wrapper for the view that only calls the view if the user is authorized. """ def fetch_content(): """ Extract the forum object from the keyword arguments to the view. """ user_group_id = None content_user_group_id = None if "thread_id" in kwargs: content = cc.Thread.find(kwargs["thread_id"]).to_dict() elif "comment_id" in kwargs: content = cc.Comment.find(kwargs["comment_id"]).to_dict() elif "commentable_id" in kwargs: content = cc.Commentable.find( kwargs["commentable_id"]).to_dict() else: content = None if 'username' in content: (user_group_id, content_user_group_id) = get_user_group_ids( course_key, content, request.user) return content, user_group_id, content_user_group_id course_key = CourseKey.from_string(kwargs['course_id']) content, user_group_id, content_user_group_id = fetch_content() if check_permissions_by_view(request.user, course_key, content, request.view_name, user_group_id, content_user_group_id): return func(request, *args, **kwargs) else: return JsonError("unauthorized", status=401)
def create_sub_comment(request, course_id, comment_id): """ given a course_id and comment_id, create a response to a comment after checking the max depth allowed, if allowed """ if is_comment_too_deep(parent=cc.Comment(comment_id)): return JsonError(_("Comment level too deep")) return _create_comment(request, CourseKey.from_string(course_id), parent_id=comment_id)
def create_comment(request, course_id, thread_id): """ given a course_id and thread_id, test for comment depth. if not too deep, call _create_comment to create the actual comment. """ if is_comment_too_deep(parent=None): return JsonError(_("Comment level too deep")) return _create_comment(request, CourseKey.from_string(course_id), thread_id=thread_id)
def users(request, course_id): """ Given a `username` query parameter, find matches for users in the forum for this course. Only exact matches are supported here, so the length of the result set will either be 0 or 1. """ course_key = CourseKey.from_string(course_id) try: get_course_overview_with_access(request.user, 'load', course_key, check_if_enrolled=True) except Http404: # course didn't exist, or requesting user does not have access to it. return JsonError(status=404) except CourseAccessRedirect: # user does not have access to the course. return JsonError(status=404) try: username = request.GET['username'] except KeyError: # 400 is default status for JsonError return JsonError(["username parameter is required"]) user_objs = [] try: matched_user = User.objects.get(username=username) cc_user = cc.User.from_django_user(matched_user) cc_user.course_id = course_key cc_user.retrieve(complete=False) if (cc_user['threads_count'] + cc_user['comments_count']) > 0: user_objs.append({ 'id': matched_user.id, 'username': matched_user.username, }) except User.DoesNotExist: pass return JsonResponse({"users": user_objs})
def _create_comment(request, course_key, thread_id=None, parent_id=None): """ given a course_key, thread_id, and parent_id, create a comment, called from create_comment to do the actual creation """ assert isinstance(course_key, CourseKey) post = request.POST user = request.user if 'body' not in post or not post['body'].strip(): return JsonError(_("Body can't be empty")) course = get_course_with_access(user, 'load', course_key) if course.allow_anonymous: anonymous = post.get('anonymous', 'false').lower() == 'true' else: anonymous = False if course.allow_anonymous_to_peers: anonymous_to_peers = post.get('anonymous_to_peers', 'false').lower() == 'true' else: anonymous_to_peers = False comment = cc.Comment( anonymous=anonymous, anonymous_to_peers=anonymous_to_peers, user_id=user.id, course_id=str(course_key), thread_id=thread_id, parent_id=parent_id, body=sanitize_body(post["body"]), ) comment.save() comment_created.send(sender=None, user=user, post=comment) followed = post.get('auto_subscribe', 'false').lower() == 'true' if followed: cc_user = cc.User.from_django_user(request.user) cc_user.follow(comment.thread) track_comment_created_event(request, course, comment, comment.thread.commentable_id, followed) if request.is_ajax(): return ajax_content_response(request, course_key, comment.to_dict()) else: return JsonResponse(prepare_content(comment.to_dict(), course.id))
def update_thread(request, course_id, thread_id): """ Given a course id and thread id, update a existing thread, used for both static and ajax submissions """ if 'title' not in request.POST or not request.POST['title'].strip(): return JsonError(_("Title can't be empty")) if 'body' not in request.POST or not request.POST['body'].strip(): return JsonError(_("Body can't be empty")) course_key = CourseKey.from_string(course_id) thread = cc.Thread.find(thread_id) # Get thread context first in order to be safe from reseting the values of thread object later thread_context = getattr(thread, "context", "course") thread.body = request.POST["body"] thread.title = request.POST["title"] user = request.user # The following checks should avoid issues we've seen during deploys, where end users are hitting an updated server # while their browser still has the old client code. This will avoid erasing present values in those cases. if "thread_type" in request.POST: thread.thread_type = request.POST["thread_type"] if "commentable_id" in request.POST: commentable_id = request.POST["commentable_id"] course = get_course_with_access(user, 'load', course_key) if thread_context == "course" and not discussion_category_id_access( course, user, commentable_id): return JsonError(_("Topic doesn't exist")) else: thread.commentable_id = commentable_id thread.save() thread_edited.send(sender=None, user=user, post=thread) if request.is_ajax(): return ajax_content_response(request, course_key, thread.to_dict()) else: return JsonResponse(prepare_content(thread.to_dict(), course_key))
def update_comment(request, course_id, comment_id): """ given a course_id and comment_id, update the comment with payload attributes handles static and ajax submissions """ course_key = CourseKey.from_string(course_id) comment = cc.Comment.find(comment_id) if 'body' not in request.POST or not request.POST['body'].strip(): return JsonError(_("Body can't be empty")) comment.body = request.POST["body"] comment.save() comment_edited.send(sender=None, user=request.user, post=comment) if request.is_ajax(): return ajax_content_response(request, course_key, comment.to_dict()) else: return JsonResponse(prepare_content(comment.to_dict(), course_key))
def create_thread(request, course_id, commentable_id): """ Given a course and commentable ID, create the thread """ log.debug("Creating new thread in %r, id %r", course_id, commentable_id) course_key = CourseKey.from_string(course_id) course = get_course_with_access(request.user, 'load', course_key) post = request.POST user = request.user if course.allow_anonymous: anonymous = post.get('anonymous', 'false').lower() == 'true' else: anonymous = False if course.allow_anonymous_to_peers: anonymous_to_peers = post.get('anonymous_to_peers', 'false').lower() == 'true' else: anonymous_to_peers = False if 'title' not in post or not post['title'].strip(): return JsonError(_("Title can't be empty")) if 'body' not in post or not post['body'].strip(): return JsonError(_("Body can't be empty")) params = { 'anonymous': anonymous, 'anonymous_to_peers': anonymous_to_peers, 'commentable_id': commentable_id, 'course_id': str(course_key), 'user_id': user.id, 'thread_type': post["thread_type"], 'body': post["body"], 'title': post["title"], } # Check for whether this commentable belongs to a team, and add the right context if get_team(commentable_id) is not None: params['context'] = ThreadContext.STANDALONE else: params['context'] = ThreadContext.COURSE thread = cc.Thread(**params) # Divide the thread if required try: group_id = get_group_id_for_comments_service(request, course_key, commentable_id) except ValueError: return HttpResponseServerError("Invalid group id for commentable") if group_id is not None: thread.group_id = group_id thread.save() thread_created.send(sender=None, user=user, post=thread) # patch for backward compatibility to comments service if 'pinned' not in thread.attributes: thread['pinned'] = False follow = post.get('auto_subscribe', 'false').lower() == 'true' if follow: cc_user = cc.User.from_django_user(user) cc_user.follow(thread) thread_followed.send(sender=None, user=user, post=thread) data = thread.to_dict() add_courseware_context([data], course, user) track_thread_created_event(request, course, thread, follow) if request.is_ajax(): return ajax_content_response(request, course_key, data) else: return JsonResponse(prepare_content(data, course_key))
def _create_comment(request, course_key, thread_id=None, parent_id=None): """ given a course_key, thread_id, and parent_id, create a comment, called from create_comment to do the actual creation """ assert isinstance(course_key, CourseKey) post = request.POST user = request.user if 'body' not in post or not post['body'].strip(): return JsonError(_("Body can't be empty")) course = get_course_with_access(user, 'load', course_key) if course.allow_anonymous: anonymous = post.get('anonymous', 'false').lower() == 'true' else: anonymous = False if course.allow_anonymous_to_peers: anonymous_to_peers = post.get('anonymous_to_peers', 'false').lower() == 'true' else: anonymous_to_peers = False comment = cc.Comment(anonymous=anonymous, anonymous_to_peers=anonymous_to_peers, user_id=user.id, course_id=str(course_key), thread_id=thread_id, parent_id=parent_id, body=post["body"]) comment.save() comment_created.send(sender=None, user=user, post=comment) followed = post.get('auto_subscribe', 'false').lower() == 'true' if followed: cc_user = cc.User.from_django_user(request.user) cc_user.follow(comment.thread) track_comment_created_event(request, course, comment, comment.thread.commentable_id, followed) # # Send notification # # Feature Flag to check that notifications are enabled or not. if settings.FEATURES.get("ENABLE_NOTIFICATIONS", False): action_user_id = request.user.id is_comment = not thread_id and parent_id replying_to_id = None # keep track of who we are replying to if is_comment: # If creating a comment, then we don't have the original thread_id # so we have to get it from the parent parent_comment = cc.Comment.find(parent_id) thread_id = parent_comment.thread_id replying_to_id = parent_comment.user_id thread = cc.Thread.find(thread_id) # IMPORTANT: we have to use getattr here as # otherwise the property will not get fetched # from cs_comment_service thread_user_id = int(getattr(thread, 'user_id', 0)) if not replying_to_id: # we must be creating a Reponse on a thread, # so the original poster is the author of the thread replying_to_id = thread_user_id # # IMPORTANT: We have to use getattr() here so that the # object is fully hydrated. This is a known limitation. # group_id = getattr(thread, 'group_id') if group_id: # We always send a notification to the whole cohort # when someone posts a comment, except the poster _send_discussion_notification( 'open-edx.lms.discussions.cohorted-comment-added', str(course_key), thread, request.user, excerpt=_get_excerpt(post["body"]), recipient_group_id=thread.get('group_id'), recipient_exclude_user_ids=[request.user.id], is_anonymous_user=anonymous or anonymous_to_peers) elif parent_id is None and action_user_id != replying_to_id: # we have to only send the notifications when # the user commenting the thread is not # the same user who created the thread # parent_id is None: publish notification only when creating the comment on # the thread not replying on the comment. When the user replied on the comment # the parent_id is not None at that time _send_discussion_notification( 'open-edx.lms.discussions.reply-to-thread', str(course_key), thread, request.user, excerpt=_get_excerpt(post["body"]), recipient_user_id=replying_to_id, is_anonymous_user=anonymous or anonymous_to_peers) if request.is_ajax(): return ajax_content_response(request, course_key, comment.to_dict()) else: return JsonResponse(prepare_content(comment.to_dict(), course.id))