def answer(request, question_id = 0):
if request.method == 'POST':
#create Answer objects given parameters in POST
answer_text = request.POST.get('answer_text')
answer_text = answer_text.replace("\n", "<br/>")
question_id = request.POST.get('q_id')
original_question=Question.objects.get(pk=question_id)
response_data = {}
answer=Answer(
question=original_question,
answer_text=answer_text,
user=request.user
)
answer.save()
response_data['answer_id'] = answer.pk
response_data['votes'] = answer.upvotes
response_data['answer_text'] = answer.answer_text
response_data['answer_username'] = answer.user.username
response_data['answer_user_id'] = answer.user.id
response_data['is_teacher'] = "Student"
response_data['name_style'] = ""
if answer.user.userprofile.isTeacher:
response_data['is_teacher'] = "Teacher"
response_data['name_style'] = "color: #FF6600"
return HttpResponse(
dumps(response_data),
content_type = "application/json"
)
def process_data(self, **data):
answer = Answer(author=self.user, parent=data["question"], **self.create_revision_data(True, **data))
answer.save()
if settings.FORM_ANSWERED_BY_SUPERUSER_TAG and self.user.is_superuser:
answer_tag = settings.FORM_ANSWERED_BY_SUPERUSER_TAG.strip()
if answer_tag not in answer.parent.tagname_list():
answer.parent.active_revision.tagnames += " " + answer_tag
answer.parent.active_revision.save()
answer.parent.tagnames += " " + answer_tag
answer.parent.save()
self.node = answer
def process_data(self, **data):
answer = Answer(author=self.user,
parent=data['question'],
**self.create_revision_data(True, **data))
answer.save()
if settings.FORM_ANSWERED_BY_SUPERUSER_TAG and self.user.is_superuser:
answer_tag = settings.FORM_ANSWERED_BY_SUPERUSER_TAG.strip()
if answer_tag not in answer.parent.tagname_list():
answer.parent.active_revision.tagnames += ' ' + answer_tag
answer.parent.active_revision.save()
answer.parent.tagnames += ' ' + answer_tag
answer.parent.save()
self.node = answer
def answer_resource(request):
"""
Secured answer API.
Only authenticated users have access.
Don't allow suspect characters in fields - prevent injections.
Permission rules:
You can create answer only for your current user.
Your question will be approved by the administrator.
You can see only public questions.
You can't modify answers.
POST: /api/v1/forum/question/ - create question
GET: /api/v1/forum/question/ - get list of questions
"""
if not request.user.is_authenticated:
return HttpResponseForbidden(json.dumps(
{'message': 'User must be authenticated'}),
content_type='application/json')
if request.method != 'POST':
return HttpResponseNotAllowed('Method not allowed')
data = json.loads(request.body.decode('utf-8'))
answer = Answer()
if 'question_id' not in data:
return HttpResponseForbidden(json.dumps(
{'message': 'The question_id is required'}),
content_type='application/json')
if 'body' in data:
answer.body = encrypt(data['body'], settings.TEXT_SECRET_CODE)
answer.user_id = request.user.id
answer.question_id = data['question_id']
answer.save()
return HttpResponse(json.dumps({
'body':
decrypt(answer.body, settings.TEXT_SECRET_CODE),
'question_id':
answer.question_id,
'user__first_name':
answer.user.first_name,
'user__last_name':
answer.user.last_name
}),
content_type='application/json')
def process_data(self, **data):
answer = Answer(author=self.user, parent=data['question'], **self.create_revision_data(True, **data))
answer.save()
self.node = answer
def process_data(self, **data):
answer = Answer(author=self.user,
parent=data['question'],
**self.create_revision_data(True, **data))
answer.save()
self.node = answer
def new_answer(request, question_id):
new_answer = Answer(content=request.POST["new_answer"],
question=Question.objects.get(id=question_id),
user=request.user)
new_answer.save()
return HttpResponseRedirect("/question/" + str(question_id) + "/")
def process_data(self, **data):
answer = Answer(author=self.user, parent=data['question'], **self.create_revision_data(True, **data))
answer.save()
if 'invites' in data:
answer.invites = data['invites'].strip()
self.node = answer
