def update(self, request, post_id=None, comment_id=None): user = request.user if not (post_id and comment_id): resp = rc.BAD_REQUEST resp.write(ugettext('Both Post and Comment IDs must be supplied!')) return resp model = request.POST.get('model', '') if model: comment_update = StreamPostCommentValidationForm(json.loads(model)) else: comment_update = StreamPostCommentValidationForm(request.POST) try: comment = StreamPostComment.objects.get(stream_post__id__exact=int(post_id), id__exact=int(comment_id)) if user != comment.poster: resp = rc.FORBIDDEN resp.write(ugettext('Only the original commenter can update the comment!')) return resp if comment_update.is_valid(): comment.content = comment_update.cleaned_data['content'] comment.save() return comment else: resp = rc.BAD_REQUEST resp.write(ugettext('Invalid content')) return resp except StreamPostComment.DoesNotExist: resp = rc.BAD_REQUEST resp.write(ugettext('Invalid Post or Comment ID')) return resp
def create(self, request, post_id=None, comment_id=None): user = request.user groups = get_accessible_group_ids(user) model = request.POST.get('model', '') if model: comment = StreamPostCommentValidationForm(json.loads(model)) else: comment = StreamPostCommentValidationForm(request.POST) #Find a post that matches the given post_id and belongs to one of the request #user's groups if post_id: try: post = StreamPost.objects.get(id__exact=int(post_id), groups__id__in=groups) if comment.is_valid(): comment = StreamPostComment.objects.create(poster=request.user, stream_post=post, content=comment.cleaned_data['content']) return comment else: resp = rc.BAD_REQUEST resp.write(ugettext('Invalid content')) return resp except StreamPost.DoesNotExist: resp = rc.BAD_REQUEST resp.write(ugettext('No post has the specified ID, or the user has no permission to access it')) return resp else: resp = rc.BAD_REQUEST resp.write(ugettext('No Post ID was supplied!')) return resp