def test_is_moderator(self):
"""
Verifies the check for a user having Moderator privileges.
"""
self.assertTrue(auth.is_moderator(self.admin))
self.assertTrue(auth.is_moderator(self.moderator))
self.assertFalse(auth.is_moderator(self.user))
def test_is_moderator(self):
"""
Verifies the check for a user having Moderator privileges.
"""
self.assertTrue(auth.is_moderator(self.admin))
self.assertTrue(auth.is_moderator(self.moderator))
self.assertFalse(auth.is_moderator(self.user))
def add_reply(request, topic_id, meta=False, quote_post=None):
"""
Adds a Post to a Topic.
If ``quote_post`` is given, the form will be prepopulated with a
quoted version of the Post's body.
"""
filters = {'pk': topic_id}
if not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic, **filters)
if topic.forum.section.is_managed():
if not topic.forum.section.is_corp_authed(request.user):
raise Http404
if topic.locked and \
not auth.is_moderator(request.user):
return permission_denied(request,
message='You do not have permission to post in this topic.')
forum = Forum.objects.select_related().get(pk=topic.forum_id)
preview = None
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Posting in topic:', topic)
if request.method == 'POST':
form = forms.ReplyForm(not meta, request.POST)
if form.is_valid():
if 'preview' in request.POST:
preview = post_formatter.format_post(
form.cleaned_data['body'], form.cleaned_data['emoticons'])
elif 'submit' in request.POST:
post = form.save(commit=False)
post.topic = topic
post.user = request.user
# Only force the meta attribute if posting in meta mode,
# as otherwise the user can choose to create a meta post.
if meta:
post.meta = True
post.user_ip = request.META['REMOTE_ADDR']
post.save()
return redirect_to_post(request, post.id, post)
else:
initial = {}
if quote_post is not None:
initial['body'] = post_formatter.quote_post(quote_post)
form = forms.ReplyForm(not meta, initial=initial)
return render(request, 'forum/add_reply.html', {
'form': form,
'topic': topic,
'section': forum.section,
'forum': forum,
'topic': topic,
'preview': preview,
'meta': meta,
'urls': TopicURLs(topic, meta),
'title': 'Add Reply to %s' % topic.title,
'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
})
def add_reply(request, topic_id, meta=False, quote_post=None):
"""
Adds a Post to a Topic.
If ``quote_post`` is given, the form will be prepopulated with a
quoted version of the Post's body.
"""
filters = {'pk': topic_id}
if not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic, **filters)
if topic.locked and \
not auth.is_moderator(request.user):
return permission_denied(
request,
message='You do not have permission to post in this topic.')
forum = Forum.objects.select_related().get(pk=topic.forum_id)
preview = None
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Posting in topic:', topic)
if request.method == 'POST':
form = forms.ReplyForm(not meta, request.POST)
if form.is_valid():
if 'preview' in request.POST:
preview = post_formatter.format_post(
form.cleaned_data['body'], form.cleaned_data['emoticons'])
elif 'submit' in request.POST:
post = form.save(commit=False)
post.topic = topic
post.user = request.user
# Only force the meta attribute if posting in meta mode,
# as otherwise the user can choose to create a meta post.
if meta:
post.meta = True
post.user_ip = request.META['REMOTE_ADDR']
post.save()
return redirect_to_post(request, post.id, post)
else:
initial = {}
if quote_post is not None:
initial['body'] = post_formatter.quote_post(quote_post)
form = forms.ReplyForm(not meta, initial=initial)
return render(
request, 'forum/add_reply.html', {
'form': form,
'topic': topic,
'section': forum.section,
'forum': forum,
'topic': topic,
'preview': preview,
'meta': meta,
'urls': TopicURLs(topic, meta),
'title': 'Add Reply to %s' % topic.title,
'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
})
def add_reply(request, topic_id, meta=False, quote_post=None):
"""
Adds a Post to a Topic.
If ``quote_post`` is given, the form will be prepopulated with a
quoted version of the Post's body.
"""
filters = {"pk": topic_id}
if not auth.is_moderator(request.user):
filters["hidden"] = False
topic = get_object_or_404(Topic, **filters)
if topic.locked and not auth.is_moderator(request.user):
return permission_denied(request, message="You do not have permission to post in this topic.")
forum = Forum.objects.select_related().get(pk=topic.forum_id)
preview = None
if app_settings.USE_REDIS:
redis.seen_user(request.user, "Posting in topic:", topic)
if request.method == "POST":
form = forms.ReplyForm(not meta, request.POST)
if form.is_valid():
if "preview" in request.POST:
preview = post_formatter.format_post(form.cleaned_data["body"], form.cleaned_data["emoticons"])
elif "submit" in request.POST:
post = form.save(commit=False)
post.topic = topic
post.user = request.user
# Only force the meta attribute if posting in meta mode,
# as otherwise the user can choose to create a meta post.
if meta:
post.meta = True
post.user_ip = request.META["REMOTE_ADDR"]
post.save()
return redirect_to_post(request, post.id, post)
else:
initial = {}
if quote_post is not None:
initial["body"] = post_formatter.quote_post(quote_post)
form = forms.ReplyForm(not meta, initial=initial)
return render(
request,
"forum/add_reply.html",
{
"form": form,
"topic": topic,
"section": forum.section,
"forum": forum,
"topic": topic,
"preview": preview,
"meta": meta,
"urls": TopicURLs(topic, meta),
"title": "Add Reply to %s" % topic.title,
"quick_help_template": post_formatter.QUICK_HELP_TEMPLATE,
},
)
def edit_topic(request, topic_id):
"""
Edits the given Topic.
To avoid regular Users from being shown non-working links, the
Topic's Forum's denormalised last Post data is also updated when
necessary after the moderator has made a change to the Topic's
``hidden`` status. Post counts and Topic counts will not be
affected by hiding a Topic - it is assumed this is a temporary
measure which will either lead to a Topic being cleaned up or
removed altogether.
"""
filters = {'pk': topic_id}
if not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic, **filters)
forum = Forum.objects.select_related().get(pk=topic.forum_id)
if forum.section.is_managed():
if not forum.section.is_corp_authed(request.user):
return permission_denied(request,
message="You are not a member of the appropriate corporation, alliance or coalition.")
if not auth.user_can_edit_topic(request.user, topic):
return permission_denied(request,
message='You do not have permission to edit this topic.')
editable_fields = ['title', 'description']
moderator = auth.is_moderator(request.user)
if moderator:
was_hidden = topic.hidden
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Editing Topic:', topic)
if request.method == 'POST':
form = forms.EditTopicForm(moderator, request.POST, instance=topic)
if form.is_valid():
topic = form.save(commit=True)
if auth.is_moderator(request.user):
if topic.hidden and not was_hidden:
if forum.last_topic_id == topic.id:
# Set the forum's last post to the latest non-hidden
# post.
forum.set_last_post()
elif not topic.hidden and was_hidden:
# Just in case this topic still holds the last post
forum.set_last_post()
return HttpResponseRedirect(topic.get_absolute_url())
else:
form = forms.EditTopicForm(moderator, instance=topic)
return render(request, 'forum/edit_topic.html', {
'topic': topic,
'form': form,
'section': forum.section,
'forum': forum,
'title': 'Edit Topic',
'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
})
def edit_post(request, post_id):
"""
Edits the given Post.
"""
filters = {'pk': post_id}
if not auth.is_moderator(request.user):
filters['topic__hidden'] = False
post = get_object_or_404(Post, **filters)
topic = post.topic
if not auth.user_can_edit_post(request.user, post, topic):
return permission_denied(request,
message='You do not have permission to edit this post.')
forum = Forum.objects.select_related().get(pk=topic.forum_id)
if forum.section.is_managed():
if not forum.section.is_corp_authed(request.user):
return permission_denied(request,
message="You are not a member of the appropriate corporation, alliance or coalition.")
meta_editable = auth.is_moderator(request.user)
if meta_editable:
was_meta = post.meta
preview = None
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Editing a post in:', topic)
if request.method == 'POST':
form = forms.ReplyForm(meta_editable, request.POST, instance=post)
if form.is_valid():
if 'preview' in request.POST:
preview = post_formatter.format_post(
form.cleaned_data['body'], form.cleaned_data['emoticons'])
elif 'submit' in request.POST:
post = form.save(commit=False)
if auth.is_moderator(request.user):
if post.meta and not was_meta:
moderation.make_post_meta(post, topic, forum)
elif not post.meta and was_meta:
moderation.make_post_not_meta(post, topic, forum)
else:
post.save()
else:
post.save()
return redirect_to_post(request, post.id, post)
else:
form = forms.ReplyForm(meta_editable, instance=post)
return render(request, 'forum/edit_post.html', {
'form': form,
'post': post,
'topic': topic,
'forum': forum,
'section': forum.section,
'preview': preview,
'title': 'Edit Post',
'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
})
def edit_post(request, post_id):
"""
Edits the given Post.
"""
filters = {"pk": post_id}
if not auth.is_moderator(request.user):
filters["topic__hidden"] = False
post = get_object_or_404(Post, **filters)
topic = post.topic
if not auth.user_can_edit_post(request.user, post, topic):
return permission_denied(request, message="You do not have permission to edit this post.")
forum = Forum.objects.select_related().get(pk=topic.forum_id)
meta_editable = auth.is_moderator(request.user)
if meta_editable:
was_meta = post.meta
preview = None
if app_settings.USE_REDIS:
redis.seen_user(request.user, "Editing a post in:", topic)
if request.method == "POST":
form = forms.ReplyForm(meta_editable, request.POST, instance=post)
if form.is_valid():
if "preview" in request.POST:
preview = post_formatter.format_post(form.cleaned_data["body"], form.cleaned_data["emoticons"])
elif "submit" in request.POST:
post = form.save(commit=False)
if auth.is_moderator(request.user):
if post.meta and not was_meta:
moderation.make_post_meta(post, topic, forum)
elif not post.meta and was_meta:
moderation.make_post_not_meta(post, topic, forum)
else:
post.save()
else:
post.save()
return redirect_to_post(request, post.id, post)
else:
form = forms.ReplyForm(meta_editable, instance=post)
return render(
request,
"forum/edit_post.html",
{
"form": form,
"post": post,
"topic": topic,
"forum": forum,
"section": forum.section,
"preview": preview,
"title": "Edit Post",
"quick_help_template": post_formatter.QUICK_HELP_TEMPLATE,
},
)
def edit_topic(request, topic_id):
"""
Edits the given Topic.
To avoid regular Users from being shown non-working links, the
Topic's Forum's denormalised last Post data is also updated when
necessary after the moderator has made a change to the Topic's
``hidden`` status. Post counts and Topic counts will not be
affected by hiding a Topic - it is assumed this is a temporary
measure which will either lead to a Topic being cleaned up or
removed altogether.
"""
filters = {'pk': topic_id}
if not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic, **filters)
forum = Forum.objects.select_related().get(pk=topic.forum_id)
if not auth.user_can_edit_topic(request.user, topic):
return permission_denied(
request, message='You do not have permission to edit this topic.')
editable_fields = ['title', 'description']
moderator = auth.is_moderator(request.user)
if moderator:
was_hidden = topic.hidden
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Editing Topic:', topic)
if request.method == 'POST':
form = forms.EditTopicForm(moderator, request.POST, instance=topic)
if form.is_valid():
topic = form.save(commit=True)
if auth.is_moderator(request.user):
if topic.hidden and not was_hidden:
if forum.last_topic_id == topic.id:
# Set the forum's last post to the latest non-hidden
# post.
forum.set_last_post()
elif not topic.hidden and was_hidden:
# Just in case this topic still holds the last post
forum.set_last_post()
return HttpResponseRedirect(topic.get_absolute_url())
else:
form = forms.EditTopicForm(moderator, instance=topic)
return render(
request, 'forum/edit_topic.html', {
'topic': topic,
'form': form,
'section': forum.section,
'forum': forum,
'title': 'Edit Topic',
'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
})
def edit_post(request, post_id):
"""
Edits the given Post.
"""
filters = {'pk': post_id}
if not auth.is_moderator(request.user):
filters['topic__hidden'] = False
post = get_object_or_404(Post, **filters)
topic = post.topic
if not auth.user_can_edit_post(request.user, post, topic):
return permission_denied(
request, message='You do not have permission to edit this post.')
forum = Forum.objects.select_related().get(pk=topic.forum_id)
meta_editable = auth.is_moderator(request.user)
if meta_editable:
was_meta = post.meta
preview = None
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Editing a post in:', topic)
if request.method == 'POST':
form = forms.ReplyForm(meta_editable, request.POST, instance=post)
if form.is_valid():
if 'preview' in request.POST:
preview = post_formatter.format_post(
form.cleaned_data['body'], form.cleaned_data['emoticons'])
elif 'submit' in request.POST:
post = form.save(commit=False)
if auth.is_moderator(request.user):
if post.meta and not was_meta:
moderation.make_post_meta(post, topic, forum)
elif not post.meta and was_meta:
moderation.make_post_not_meta(post, topic, forum)
else:
post.save()
else:
post.save()
return redirect_to_post(request, post.id, post)
else:
form = forms.ReplyForm(meta_editable, instance=post)
return render(
request, 'forum/edit_post.html', {
'form': form,
'post': post,
'topic': topic,
'forum': forum,
'section': forum.section,
'preview': preview,
'title': 'Edit Post',
'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
})
def topic_detail(request, topic_id, meta=False):
"""
Displays a Topic's Posts.
"""
filters = {'pk': topic_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic.objects.with_display_details(), **filters)
if app_settings.USE_REDIS:
redis.increment_view_count(topic)
if request.user.is_authenticated():
redis.update_last_read_time(request.user, topic)
redis.seen_user(request.user, 'Viewing Topic:', topic)
return object_list(request,
Post.objects.with_user_details().filter(topic=topic, meta=meta) \
.order_by('posted_at', 'num_in_topic'),
paginate_by=get_posts_per_page(request.user), allow_empty=True,
template_name='forum/topic_detail.html',
extra_context={
'topic': topic,
'title': topic.title,
'avatar_dimensions': get_avatar_dimensions(),
'meta': meta,
'urls': TopicURLs(topic, meta),
'show_fast_reply': request.user.is_authenticated() and \
ForumProfile.objects.get_for_user(request.user).auto_fast_reply \
or False,
}, template_object_name='post')
def delete_post(request, post_id):
"""
Deletes a Post after deletion is confirmed via POST.
A request to delete the first post in a Topic is interpreted
as a request to delete the Topic itself.
"""
filters = {'pk': post_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['topic__hidden'] = False
post = get_object_or_404(Post.objects.with_user_details(), **filters)
topic = post.topic
if not auth.user_can_edit_post(request.user, post, topic):
return permission_denied(request,
message='You do not have permission to delete this post.')
if post.num_in_topic == 1 and not post.meta:
return delete_topic(request, post.topic_id)
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Deleting a post in:', topic)
if request.method == 'POST':
post.delete()
url = post.meta and topic.get_meta_url() or topic.get_absolute_url()
return HttpResponseRedirect(url)
else:
forum = Forum.objects.select_related().get(pk=topic.forum_id)
return render(request, 'forum/delete_post.html', {
'post': post,
'topic': topic,
'forum': forum,
'section': forum.section,
'title': 'Delete Post',
'avatar_dimensions': get_avatar_dimensions(),
})
def delete_topic(request, topic_id):
"""
Deletes a Topic after confirmation is made via POST.
"""
filters = {'pk': topic_id}
if not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic, **filters)
post = Post.objects.with_user_details().get(topic=topic,
meta=False,
num_in_topic=1)
if not auth.user_can_edit_topic(request.user, topic):
return permission_denied(
request,
message='You do not have permission to delete this topic.')
forum = Forum.objects.select_related().get(pk=topic.forum_id)
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Deleting a Topic')
if request.method == 'POST':
topic.delete()
return HttpResponseRedirect(forum.get_absolute_url())
else:
return render(
request, 'forum/delete_topic.html', {
'post': post,
'topic': topic,
'forum': forum,
'section': forum.section,
'title': 'Delete Topic',
'avatar_dimensions': get_avatar_dimensions(),
})
def new_posts(request):
"""
Displays all Topics which have had new posts in the last fortnight,
those with newest Posts first.
"""
filters = {'last_post_at__gte': \
datetime.date.today() - datetime.timedelta(days=14)}
if not auth.is_moderator(request.user):
filters['hidden'] = False
queryset = Topic.objects.with_forum_and_user_details().filter(
**filters).order_by('-last_post_at')
if app_settings.USE_REDIS:
redis.seen_user(
request.user,
'Viewing: <a href="%s">New Posts</a>' % reverse('forum_new_posts'))
return object_list(request,
queryset,
paginate_by=get_topics_per_page(request.user),
allow_empty=True,
template_name='forum/new_posts.html',
extra_context={
'title': 'New Posts',
'posts_per_page': get_posts_per_page(request.user),
},
template_object_name='topic')
def topic_detail(request, topic_id, meta=False):
"""
Displays a Topic's Posts.
"""
filters = {'pk': topic_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic.objects.with_display_details(), **filters)
if app_settings.USE_REDIS:
redis.increment_view_count(topic)
if request.user.is_authenticated():
redis.update_last_read_time(request.user, topic)
redis.seen_user(request.user, 'Viewing Topic:', topic)
return object_list(request,
Post.objects.with_user_details().filter(topic=topic, meta=meta) \
.order_by('posted_at', 'num_in_topic'),
paginate_by=get_posts_per_page(request.user), allow_empty=True,
template_name='forum/topic_detail.html',
extra_context={
'topic': topic,
'title': topic.title,
'avatar_dimensions': get_avatar_dimensions(),
'meta': meta,
'urls': TopicURLs(topic, meta),
'show_fast_reply': request.user.is_authenticated() and \
ForumProfile.objects.get_for_user(request.user).auto_fast_reply \
or False,
}, template_object_name='post')
def user_profile(request, user_id):
"""
Displays the ForumProfile for the user with the given id.
"""
forum_user = get_object_or_404(User, pk=user_id)
try:
filters = {'user': forum_user}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
recent_topics = Topic.objects.with_forum_details().filter(
**filters).order_by('-started_at')[:5]
except IndexError:
recent_topics = []
context = {
'forum_user': forum_user,
'forum_profile': ForumProfile.objects.get_for_user(forum_user),
'recent_topics': Topic.objects.add_view_counts(recent_topics),
'title': 'Forum Profile for %s' % forum_user,
'avatar_dimensions': get_avatar_dimensions(),
}
if app_settings.USE_REDIS:
last_seen, doing = redis.get_last_seen(forum_user)
context['last_seen'] = last_seen
context['doing'] = doing
if request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing user profile:', forum_user)
return render(request, 'forum/user_profile.html', context)
def new_posts(request):
"""
Displays all Topics which have had new posts in the last fortnight,
those with newest Posts first.
"""
filters = {'last_post_at__gte': \
datetime.date.today() - datetime.timedelta(days=14)}
if not auth.is_moderator(request.user):
filters['hidden'] = False
accessible_sections = []
for section in Section.objects.all():
if section.is_managed():
if section.is_corp_authed(request.user):
accessible_sections.append(section)
else:
accessible_sections.append(section)
accessible_forums = Forum.objects.all().filter(section__in = accessible_sections)
filters.update({'forum__in': accessible_forums})
queryset = Topic.objects.with_forum_and_user_details().filter(
**filters).order_by('-last_post_at')
if app_settings.USE_REDIS:
redis.seen_user(request.user,
'Viewing: <a href="%s">New Posts</a>' % reverse('forum_new_posts'))
return object_list(request, queryset,
paginate_by=get_topics_per_page(request.user), allow_empty=True,
template_name='forum/new_posts.html',
extra_context={
'title': 'New Posts',
'posts_per_page': get_posts_per_page(request.user),
}, template_object_name='topic')
def is_moderator(user):
"""
Returns ``True`` if the given user has moderation permissions,
``False`` otherwise.
"""
return user.is_authenticated() and \
auth.is_moderator(user)
def delete_topic(request, topic_id):
"""
Deletes a Topic after confirmation is made via POST.
"""
filters = {'pk': topic_id}
if not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic, **filters)
post = Post.objects.with_user_details().get(topic=topic, meta=False,
num_in_topic=1)
if not auth.user_can_edit_topic(request.user, topic):
return permission_denied(request,
message='You do not have permission to delete this topic.')
forum = Forum.objects.select_related().get(pk=topic.forum_id)
if forum.section.is_managed():
if not forum.section.is_corp_authed(request.user):
return permission_denied(request,
message="You are not a member of the appropriate corporation, alliance or coalition.")
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Deleting a Topic')
if request.method == 'POST':
topic.delete()
return HttpResponseRedirect(forum.get_absolute_url())
else:
return render(request, 'forum/delete_topic.html', {
'post': post,
'topic': topic,
'forum': forum,
'section': forum.section,
'title': 'Delete Topic',
'avatar_dimensions': get_avatar_dimensions(),
})
def user_profile(request, user_id):
"""
Displays the ForumProfile for the user with the given id.
"""
forum_user = get_object_or_404(User, pk=user_id)
try:
filters = {"user": forum_user}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
filters["hidden"] = False
recent_topics = Topic.objects.with_forum_details().filter(**filters).order_by("-started_at")[:5]
except IndexError:
recent_topics = []
context = {
"forum_user": forum_user,
"forum_profile": ForumProfile.objects.get_for_user(forum_user),
"recent_topics": Topic.objects.add_view_counts(recent_topics),
"title": "Forum Profile for %s" % forum_user,
"avatar_dimensions": get_avatar_dimensions(),
}
if app_settings.USE_REDIS:
last_seen, doing = redis.get_last_seen(forum_user)
context["last_seen"] = last_seen
context["doing"] = doing
if request.user.is_authenticated():
redis.seen_user(request.user, "Viewing user profile:", forum_user)
return render(request, "forum/user_profile.html", context)
def topic_detail(request, topic_id, meta=False):
"""
Displays a Topic's Posts.
"""
filters = {"pk": topic_id}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
filters["hidden"] = False
topic = get_object_or_404(Topic.objects.with_display_details(), **filters)
if app_settings.USE_REDIS:
redis.increment_view_count(topic)
if request.user.is_authenticated():
redis.update_last_read_time(request.user, topic)
redis.seen_user(request.user, "Viewing Topic:", topic)
return object_list(
request,
Post.objects.with_user_details().filter(topic=topic, meta=meta).order_by("posted_at", "num_in_topic"),
paginate_by=get_posts_per_page(request.user),
allow_empty=True,
template_name="forum/topic_detail.html",
extra_context={
"topic": topic,
"title": topic.title,
"avatar_dimensions": get_avatar_dimensions(),
"meta": meta,
"urls": TopicURLs(topic, meta),
"show_fast_reply": request.user.is_authenticated()
and ForumProfile.objects.get_for_user(request.user).auto_fast_reply
or False,
},
template_object_name="post",
)
def delete_topic(request, topic_id):
"""
Deletes a Topic after confirmation is made via POST.
"""
filters = {"pk": topic_id}
if not auth.is_moderator(request.user):
filters["hidden"] = False
topic = get_object_or_404(Topic, **filters)
post = Post.objects.with_user_details().get(topic=topic, meta=False, num_in_topic=1)
if not auth.user_can_edit_topic(request.user, topic):
return permission_denied(request, message="You do not have permission to delete this topic.")
forum = Forum.objects.select_related().get(pk=topic.forum_id)
if app_settings.USE_REDIS:
redis.seen_user(request.user, "Deleting a Topic")
if request.method == "POST":
topic.delete()
return HttpResponseRedirect(forum.get_absolute_url())
else:
return render(
request,
"forum/delete_topic.html",
{
"post": post,
"topic": topic,
"forum": forum,
"section": forum.section,
"title": "Delete Topic",
"avatar_dimensions": get_avatar_dimensions(),
},
)
def edit_user_forum_profile(request, user_id):
"""
Edits public information in a given User's ForumProfile.
Only moderators may edit a User's title.
"""
user = get_object_or_404(User, pk=user_id)
if not auth.user_can_edit_user_profile(request.user, user):
return permission_denied(request,
message='You do not have permission to edit this user\'s forum profile.')
user_profile = ForumProfile.objects.get_for_user(user)
can_edit_title = auth.is_moderator(request.user)
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Editing User Profile')
if request.method == 'POST':
form = forms.UserProfileForm(can_edit_title, request.POST, instance=user_profile)
if form.is_valid():
form.save(commit=True)
return HttpResponseRedirect(user_profile.get_absolute_url())
else:
form = forms.UserProfileForm(can_edit_title, instance=user_profile)
return render(request, 'forum/edit_user_forum_profile.html', {
'forum_user': user,
'forum_profile': user_profile,
'form': form,
'title': 'Edit Forum Profile',
'avatar_dimensions': get_avatar_dimensions(),
})
def edit_user_forum_profile(request, user_id):
"""
Edits public information in a given User's ForumProfile.
Only moderators may edit a User's title.
"""
user = get_object_or_404(User, pk=user_id)
if not auth.user_can_edit_user_profile(request.user, user):
return permission_denied(
request,
message=
'You do not have permission to edit this user\'s forum profile.')
user_profile = ForumProfile.objects.get_for_user(user)
can_edit_title = auth.is_moderator(request.user)
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Editing User Profile')
if request.method == 'POST':
form = forms.UserProfileForm(can_edit_title,
request.POST,
instance=user_profile)
if form.is_valid():
form.save(commit=True)
return HttpResponseRedirect(user_profile.get_absolute_url())
else:
form = forms.UserProfileForm(can_edit_title, instance=user_profile)
return render(
request, 'forum/edit_user_forum_profile.html', {
'forum_user': user,
'forum_profile': user_profile,
'form': form,
'title': 'Edit Forum Profile',
'avatar_dimensions': get_avatar_dimensions(),
})
def is_moderator(user):
"""
Returns ``True`` if the given user has moderation permissions,
``False`` otherwise.
"""
return user.is_authenticated() and \
auth.is_moderator(user)
def user_topics(request, user_id):
"""
Displays Topics created by a given User.
"""
forum_user = get_object_or_404(User, pk=user_id)
filters = {'user': forum_user}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
queryset = Topic.objects.with_forum_details().filter(
**filters).order_by('-started_at')
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing topics by:', forum_user)
return object_list(request,
queryset,
paginate_by=get_topics_per_page(request.user),
allow_empty=True,
template_name='forum/user_topics.html',
extra_context={
'forum_user': forum_user,
'title':
'Topics Started by %s' % forum_user.username,
'posts_per_page': get_posts_per_page(request.user),
},
template_object_name='topic')
def user_profile(request, user_id):
"""
Displays the ForumProfile for the user with the given id.
"""
forum_user = get_object_or_404(User, pk=user_id)
try:
filters = {'user': forum_user}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
recent_topics = Topic.objects.with_forum_details().filter(
**filters).order_by('-started_at')[:5]
except IndexError:
recent_topics = []
context = {
'forum_user': forum_user,
'forum_profile': ForumProfile.objects.get_for_user(forum_user),
'recent_topics': Topic.objects.add_view_counts(recent_topics),
'title': 'Forum Profile for %s' % forum_user,
'avatar_dimensions': get_avatar_dimensions(),
}
if app_settings.USE_REDIS:
last_seen, doing = redis.get_last_seen(forum_user)
context['last_seen'] = last_seen
context['doing'] = doing
if request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing user profile:', forum_user)
return render(request, 'forum/user_profile.html', context)
def delete_post(request, post_id):
"""
Deletes a Post after deletion is confirmed via POST.
A request to delete the first post in a Topic is interpreted
as a request to delete the Topic itself.
"""
filters = {'pk': post_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['topic__hidden'] = False
post = get_object_or_404(Post.objects.with_user_details(), **filters)
topic = post.topic
if not auth.user_can_edit_post(request.user, post, topic):
return permission_denied(
request, message='You do not have permission to delete this post.')
if post.num_in_topic == 1 and not post.meta:
return delete_topic(request, post.topic_id)
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Deleting a post in:', topic)
if request.method == 'POST':
post.delete()
url = post.meta and topic.get_meta_url() or topic.get_absolute_url()
return HttpResponseRedirect(url)
else:
forum = Forum.objects.select_related().get(pk=topic.forum_id)
return render(
request, 'forum/delete_post.html', {
'post': post,
'topic': topic,
'forum': forum,
'section': forum.section,
'title': 'Delete Post',
'avatar_dimensions': get_avatar_dimensions(),
})
def topic_post_summary(request, topic_id):
"""
Displays a summary of Users who have posted in the given Topic and
the number of Posts they have made.
"""
filters = {'pk': topic_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic.objects.with_display_details(), **filters)
post_opts = Post._meta
post_table = qn(post_opts.db_table)
meta = qn(post_opts.get_field('meta').column)
topic_fk = qn(post_opts.get_field('topic').column)
user_fk = qn(post_opts.get_field('user').column)
user_opts = User._meta
user_table = qn(user_opts.db_table)
user_pk = qn(user_opts.pk.column)
users = User.objects.extra(
select={'post_count': """SELECT COUNT(%(post_pk)s)
FROM %(post)s
WHERE %(topic_fk)s=%%s
AND %(user_fk)s=%(user)s.%(user_pk)s
AND %(meta)s=%%s""" % {
'post_pk': qn(post_opts.pk.column),
'post': post_table,
'topic_fk': topic_fk,
'user_fk': user_fk,
'user': user_table,
'user_pk': user_pk,
'meta': meta,
}},
select_params=[topic.pk, False],
where=["""%(user)s.%(user_pk)s IN (
SELECT DISTINCT %(user_fk)s
FROM %(post)s
WHERE %(topic_fk)s=%%s
AND %(meta)s=%%s)""" % {
'user': user_table,
'user_pk': user_pk,
'user_fk': user_fk,
'post': post_table,
'topic_fk': topic_fk,
'meta': meta,
}],
params=[topic.pk, False],
).order_by('-post_count')
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing Post Summary for:', topic)
return render(request, 'forum/topic_post_summary.html', {
'topic': topic,
'users': users,
'title': 'Users who posted in %s' % topic.title,
})
def can_see_post_actions(user, topic):
"""
Returns ``True`` if the given User should be able to see the post
action list for posts in the given topic, ``False`` otherwise.
This function is used as part of ensuring that moderators have
unrestricted access to locked Topics.
"""
if user.is_authenticated():
return not topic.locked or auth.is_moderator(user)
else:
return False
def can_see_post_actions(user, topic):
"""
Returns ``True`` if the given User should be able to see the post
action list for posts in the given topic, ``False`` otherwise.
This function is used as part of ensuring that moderators have
unrestricted access to locked Topics.
"""
if user.is_authenticated():
return not topic.locked or auth.is_moderator(user)
else:
return False
def forum_detail(request, forum_id):
"""
Displays a Forum's Topics.
"""
forum = get_object_or_404(Forum.objects.select_related(), pk=forum_id)
topic_filters = {
'forum': forum,
'pinned': False,
}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
topic_filters['hidden'] = False
# Get a page of topics
topics_per_page = get_topics_per_page(request.user)
paginator = Paginator(
Topic.objects.with_user_details().filter(**topic_filters),
topics_per_page)
page = get_page_or_404(request, paginator)
topics = list(page.object_list)
context = {
'section': forum.section,
'forum': forum,
'topic_list': topics,
'title': forum.name,
'posts_per_page': get_posts_per_page(request.user),
'is_paginated': paginator.num_pages > 1,
'has_next': page.has_next(),
'has_previous': page.has_previous(),
'page': page.number,
'next': page.next_page_number(),
'previous': page.previous_page_number(),
'pages': paginator.num_pages,
'hits': paginator.count,
}
# Get pinned topics too if we're on the first page and add the
# current user's last read details to all topics.
if page.number == 1:
topic_filters['pinned'] = True
pinned_topics = list(Topic.objects.with_user_details() \
.filter(**topic_filters) \
.order_by('-started_at'))
context['pinned_topics'] = pinned_topics
if app_settings.USE_REDIS:
Topic.objects.add_last_read_times(topics + pinned_topics,
request.user)
Topic.objects.add_view_counts(topics + pinned_topics)
elif app_settings.USE_REDIS:
Topic.objects.add_last_read_times(topics, request.user)
Topic.objects.add_view_counts(topics)
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing:', forum)
return render(request, 'forum/forum_detail.html', context)
def forum_detail(request, forum_id):
"""
Displays a Forum's Topics.
"""
forum = get_object_or_404(Forum.objects.select_related(), pk=forum_id)
topic_filters = {
'forum': forum,
'pinned': False,
}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
topic_filters['hidden'] = False
# Get a page of topics
topics_per_page = get_topics_per_page(request.user)
paginator = Paginator(
Topic.objects.with_user_details().filter(**topic_filters),
topics_per_page)
page = get_page_or_404(request, paginator)
topics = list(page.object_list)
context = {
'section': forum.section,
'forum': forum,
'topic_list': topics,
'title': forum.name,
'posts_per_page': get_posts_per_page(request.user),
'is_paginated': paginator.num_pages > 1,
'has_next': page.has_next(),
'has_previous': page.has_previous(),
'page': page.number,
'next': page.next_page_number(),
'previous': page.previous_page_number(),
'pages': paginator.num_pages,
'hits' : paginator.count,
}
# Get pinned topics too if we're on the first page and add the
# current user's last read details to all topics.
if page.number == 1:
topic_filters['pinned'] = True
pinned_topics = list(Topic.objects.with_user_details() \
.filter(**topic_filters) \
.order_by('-started_at'))
context['pinned_topics'] = pinned_topics
if app_settings.USE_REDIS:
Topic.objects.add_last_read_times(topics + pinned_topics, request.user)
Topic.objects.add_view_counts(topics + pinned_topics)
elif app_settings.USE_REDIS:
Topic.objects.add_last_read_times(topics, request.user)
Topic.objects.add_view_counts(topics)
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing:', forum)
return render(request, 'forum/forum_detail.html', context)
def forum_detail(request, forum_id):
"""
Displays a Forum's Topics.
"""
forum = get_object_or_404(Forum.objects.select_related(), pk=forum_id)
topic_filters = {"forum": forum, "pinned": False}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
topic_filters["hidden"] = False
# Get a page of topics
topics_per_page = get_topics_per_page(request.user)
paginator = Paginator(Topic.objects.with_user_details().filter(**topic_filters), topics_per_page)
page = get_page_or_404(request, paginator)
topics = list(page.object_list)
context = {
"section": forum.section,
"forum": forum,
"topic_list": topics,
"title": forum.name,
"posts_per_page": get_posts_per_page(request.user),
"is_paginated": paginator.num_pages > 1,
"has_next": page.has_next(),
"has_previous": page.has_previous(),
"page": page.number,
"next": page.next_page_number(),
"previous": page.previous_page_number(),
"pages": paginator.num_pages,
"hits": paginator.count,
}
# Get pinned topics too if we're on the first page and add the
# current user's last read details to all topics.
if page.number == 1:
topic_filters["pinned"] = True
pinned_topics = list(Topic.objects.with_user_details().filter(**topic_filters).order_by("-started_at"))
context["pinned_topics"] = pinned_topics
if app_settings.USE_REDIS:
Topic.objects.add_last_read_times(topics + pinned_topics, request.user)
Topic.objects.add_view_counts(topics + pinned_topics)
elif app_settings.USE_REDIS:
Topic.objects.add_last_read_times(topics, request.user)
Topic.objects.add_view_counts(topics)
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, "Viewing:", forum)
return render(request, "forum/forum_detail.html", context)
def new_posts(request):
"""
Displays all Topics which have had new posts in the last fortnight,
those with newest Posts first.
"""
filters = {"last_post_at__gte": datetime.date.today() - datetime.timedelta(days=14)}
if not auth.is_moderator(request.user):
filters["hidden"] = False
queryset = Topic.objects.with_forum_and_user_details().filter(**filters).order_by("-last_post_at")
if app_settings.USE_REDIS:
redis.seen_user(request.user, 'Viewing: <a href="%s">New Posts</a>' % reverse("forum_new_posts"))
return object_list(
request,
queryset,
paginate_by=get_topics_per_page(request.user),
allow_empty=True,
template_name="forum/new_posts.html",
extra_context={"title": "New Posts", "posts_per_page": get_posts_per_page(request.user)},
template_object_name="topic",
)
def redirect_to_post(request, post_id, post=None):
"""
Redirects to the appropriate Topic page containing the given Post.
If the Post itself is also given it will not be looked up, saving a
database query.
"""
if post is None:
filters = {"pk": post_id}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
filters["topic__hidden"] = False
post = get_object_or_404(Post, **filters)
posts_per_page = get_posts_per_page(request.user)
page, remainder = divmod(post.num_in_topic, posts_per_page)
if post.num_in_topic < posts_per_page or remainder != 0:
page += 1
url_name = post.meta and "forum_topic_meta_detail" or "forum_topic_detail"
return HttpResponseRedirect(
"%s?page=%s&#post%s" % (reverse(url_name, args=(smart_unicode(post.topic_id),)), page, post_id)
)
def user_topics(request, user_id):
"""
Displays Topics created by a given User.
"""
forum_user = get_object_or_404(User, pk=user_id)
filters = {'user': forum_user}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
queryset = Topic.objects.with_forum_details().filter(
**filters).order_by('-started_at')
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing topics by:', forum_user)
return object_list(request, queryset,
paginate_by=get_topics_per_page(request.user), allow_empty=True,
template_name='forum/user_topics.html',
extra_context={
'forum_user': forum_user,
'title': 'Topics Started by %s' % forum_user.username,
'posts_per_page': get_posts_per_page(request.user),
}, template_object_name='topic')
def redirect_to_post(request, post_id, post=None):
"""
Redirects to the appropriate Topic page containing the given Post.
If the Post itself is also given it will not be looked up, saving a
database query.
"""
if post is None:
filters = {'pk': post_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['topic__hidden'] = False
post = get_object_or_404(Post, **filters)
posts_per_page = get_posts_per_page(request.user)
page, remainder = divmod(post.num_in_topic, posts_per_page)
if post.num_in_topic < posts_per_page or remainder != 0:
page += 1
url_name = post.meta and 'forum_topic_meta_detail' or 'forum_topic_detail'
return HttpResponseRedirect('%s?page=%s&#post%s' \
% (reverse(url_name, args=(smart_unicode(post.topic_id),)),
page, post_id))
def delete_post(request, post_id):
"""
Deletes a Post after deletion is confirmed via POST.
A request to delete the first post in a Topic is interpreted
as a request to delete the Topic itself.
"""
filters = {"pk": post_id}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
filters["topic__hidden"] = False
post = get_object_or_404(Post.objects.with_user_details(), **filters)
topic = post.topic
if not auth.user_can_edit_post(request.user, post, topic):
return permission_denied(request, message="You do not have permission to delete this post.")
if post.num_in_topic == 1 and not post.meta:
return delete_topic(request, post.topic_id)
if app_settings.USE_REDIS:
redis.seen_user(request.user, "Deleting a post in:", topic)
if request.method == "POST":
post.delete()
url = post.meta and topic.get_meta_url() or topic.get_absolute_url()
return HttpResponseRedirect(url)
else:
forum = Forum.objects.select_related().get(pk=topic.forum_id)
return render(
request,
"forum/delete_post.html",
{
"post": post,
"topic": topic,
"forum": forum,
"section": forum.section,
"title": "Delete Post",
"avatar_dimensions": get_avatar_dimensions(),
},
)
def user_topics(request, user_id):
"""
Displays Topics created by a given User.
"""
forum_user = get_object_or_404(User, pk=user_id)
filters = {"user": forum_user}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
filters["hidden"] = False
queryset = Topic.objects.with_forum_details().filter(**filters).order_by("-started_at")
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, "Viewing topics by:", forum_user)
return object_list(
request,
queryset,
paginate_by=get_topics_per_page(request.user),
allow_empty=True,
template_name="forum/user_topics.html",
extra_context={
"forum_user": forum_user,
"title": "Topics Started by %s" % forum_user.username,
"posts_per_page": get_posts_per_page(request.user),
},
template_object_name="topic",
)
def topic_post_summary(request, topic_id):
"""
Displays a summary of Users who have posted in the given Topic and
the number of Posts they have made.
"""
filters = {'pk': topic_id}
if not request.user.is_authenticated() or \
not auth.is_moderator(request.user):
filters['hidden'] = False
topic = get_object_or_404(Topic.objects.with_display_details(), **filters)
post_opts = Post._meta
post_table = qn(post_opts.db_table)
meta = qn(post_opts.get_field('meta').column)
topic_fk = qn(post_opts.get_field('topic').column)
user_fk = qn(post_opts.get_field('user').column)
user_opts = User._meta
user_table = qn(user_opts.db_table)
user_pk = qn(user_opts.pk.column)
users = User.objects.extra(
select={
'post_count': """SELECT COUNT(%(post_pk)s)
FROM %(post)s
WHERE %(topic_fk)s=%%s
AND %(user_fk)s=%(user)s.%(user_pk)s
AND %(meta)s=%%s""" % {
'post_pk': qn(post_opts.pk.column),
'post': post_table,
'topic_fk': topic_fk,
'user_fk': user_fk,
'user': user_table,
'user_pk': user_pk,
'meta': meta,
}
},
select_params=[topic.pk, False],
where=[
"""%(user)s.%(user_pk)s IN (
SELECT DISTINCT %(user_fk)s
FROM %(post)s
WHERE %(topic_fk)s=%%s
AND %(meta)s=%%s)""" % {
'user': user_table,
'user_pk': user_pk,
'user_fk': user_fk,
'post': post_table,
'topic_fk': topic_fk,
'meta': meta,
}
],
params=[topic.pk, False],
).order_by('-post_count')
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, 'Viewing Post Summary for:', topic)
return render(
request, 'forum/topic_post_summary.html', {
'topic': topic,
'users': users,
'title': 'Users who posted in %s' % topic.title,
})
def topic_post_summary(request, topic_id):
"""
Displays a summary of Users who have posted in the given Topic and
the number of Posts they have made.
"""
filters = {"pk": topic_id}
if not request.user.is_authenticated() or not auth.is_moderator(request.user):
filters["hidden"] = False
topic = get_object_or_404(Topic.objects.with_display_details(), **filters)
post_opts = Post._meta
post_table = qn(post_opts.db_table)
meta = qn(post_opts.get_field("meta").column)
topic_fk = qn(post_opts.get_field("topic").column)
user_fk = qn(post_opts.get_field("user").column)
user_opts = User._meta
user_table = qn(user_opts.db_table)
user_pk = qn(user_opts.pk.column)
users = User.objects.extra(
select={
"post_count": """SELECT COUNT(%(post_pk)s)
FROM %(post)s
WHERE %(topic_fk)s=%%s
AND %(user_fk)s=%(user)s.%(user_pk)s
AND %(meta)s=%%s"""
% {
"post_pk": qn(post_opts.pk.column),
"post": post_table,
"topic_fk": topic_fk,
"user_fk": user_fk,
"user": user_table,
"user_pk": user_pk,
"meta": meta,
}
},
select_params=[topic.pk, False],
where=[
"""%(user)s.%(user_pk)s IN (
SELECT DISTINCT %(user_fk)s
FROM %(post)s
WHERE %(topic_fk)s=%%s
AND %(meta)s=%%s)"""
% {
"user": user_table,
"user_pk": user_pk,
"user_fk": user_fk,
"post": post_table,
"topic_fk": topic_fk,
"meta": meta,
}
],
params=[topic.pk, False],
).order_by("-post_count")
if app_settings.USE_REDIS and request.user.is_authenticated():
redis.seen_user(request.user, "Viewing Post Summary for:", topic)
return render(
request,
"forum/topic_post_summary.html",
{"topic": topic, "users": users, "title": "Users who posted in %s" % topic.title},
)
