Exemplo n.º 1
0
def discussion_callback(request):

    # TODO: Add csrf_token support to protect from cross-site exploits

    # assuming GET means get comments; POST means add a new one
    if request.method == u'GET':
        get_data = request.GET
        if get_data.has_key('last_update'):
            comments = ""
            comment_array = []
            last_update = get_data['last_update']
            if get_data.has_key('piece_id'):
                piece_id = get_data['piece_id']

    
                # only return the queryset of objects for this piece newer than
                # the last id (sent from AJAX callback). This assumes a sequential
                # addition of comments, incrementing the id every time
                comments = DCComment.objects.filter(
                    piece = DCPiece.objects.get(piece_id=piece_id),
                    id__gt = last_update
                    )

            else:
                    # if no piece_id was included, return everything
                    comments = DCComment.objects.filter(id__gt = last_update)
                    
            for comment in comments.values():
                display_time = comment['time'].strftime("%d/%m/%y %H:%M")
                current_piece = DCPiece.objects.get(id=comment['piece_id'])
                comment_array.append({
                    'id' : u"{}".format(comment['id']),
                    'text' : u"{}".format(comment['text']),
                    'display_time' : u"{}".format(display_time),
                    'author' : u"{}".format(
                        User.objects.get(id=comment['author_id'])),
                    'piece_id' : u"{}".format(current_piece.piece_id)
                })
            return JsonResponse(comment_array)
        else:
            return HttpResponseServerError("Missing critical GET attributes")
        
    # If accessed using a POST, assume we are adding a new discussion
    elif request.method == u'POST':
        post_data = request.POST
        if post_data.has_key('piece_id') and post_data.has_key('text'):
            piece = DCPiece.objects.get(piece_id=post_data['piece_id'])
            comment = DCComment(author = request.user,
                piece = piece,text = post_data['text'])
            comment.save()
            return HttpResponse("OK!")
        else:
            return HttpResponseServerError("Missing critical POST attributes")
Exemplo n.º 2
0
    def post(self, request, *args, **kwargs):
        piece_id = request.DATA.get('piece_id', None)
        comment_text = request.DATA.get('text', None)

        piece_obj = get_object_or_404(DCPiece, piece_id=piece_id)

        if comment_text not in EMPTY_COMMENTS:
            current_user = User.objects.get(pk=request.user.id)
            comment = DCComment()
            comment.piece = piece_obj
            comment.author = current_user
            comment.text = comment_text
            comment.save()

            serialized = DCCommentSerializer(comment).data

            return Response(serialized, status=status.HTTP_201_CREATED)

        else:
            return Response(status=status.HTTP_204_NO_CONTENT)