def respond(request, reviewer_id, token):
reviewer = get_object_or_404(Reviewer, id=reviewer_id)
if token != reviewer.response_token:
raise PermissionDenied
if request.method == 'POST':
response = Response(reviewer=reviewer)
form = ResponseForm(request.POST, instance=response)
if form.is_valid() and reviewer.review.status != 'closed':
form.save()
response.send_notification_to_submitter()
if request.user.has_perm('wagtailadmin.access_admin'):
messages.success(request, SUCCESS_RESPONSE_MESSAGE)
return redirect(reverse('wagtail_review_admin:dashboard'))
return HttpResponse(SUCCESS_RESPONSE_MESSAGE)
else:
page = reviewer.review.page_revision.as_page_object()
dummy_request = page.dummy_request(request)
# Fetch the CSRF token so that Django will return a set-cookie header in the case that this is
# the user's first request, and ensure that the dummy request (where the submit-review form is
# rendered) is using the same token
get_csrf_token(request)
dummy_request.META["CSRF_COOKIE"] = request.META["CSRF_COOKIE"]
dummy_request.wagtailreview_mode = 'respond'
dummy_request.wagtailreview_reviewer = reviewer
return page.serve_preview(dummy_request, page.default_preview_mode)
def process_view(self, request, view, args, kwargs):
"""process_view."""
if RUN_MODE == "DEVELOP":
request.user.username = "******"
request.user.is_superuser = True
return None
if getattr(view, 'login_exempt', False):
return None
# 对[公众号]weixin 路径不需要蓝鲸登录
use_weixin = getattr(settings, "USE_WEIXIN", None)
weixin_path_prefix = getattr(settings, "WEIXIN_SITE_URL", None)
weixin_app_external_host = getattr(settings, "WEIXIN_APP_EXTERNAL_HOST", None)
if (use_weixin and weixin_path_prefix and weixin_app_external_host and
request.path.startswith(weixin_path_prefix) and request.get_host() == weixin_app_external_host):
return None
# 对于微信小程序的路径不需要蓝鲸登录
use_miniweixin = getattr(settings, "USE_MINIWEIXIN", None)
miniweixin_path_prefix = getattr(settings, "MINIWEIXIN_SITE_URL", None)
miniweixin_app_external_host = getattr(settings, "MINIWEIXIN_APP_EXTERNAL_HOST", None)
if (use_miniweixin and miniweixin_path_prefix and miniweixin_app_external_host and
request.path.startswith(miniweixin_path_prefix) and request.get_host() == miniweixin_app_external_host):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
account = Account()
return account.redirect_login(request)
def handle_react(self, request: Request) -> Response:
context = {"CSRF_COOKIE_NAME": settings.CSRF_COOKIE_NAME}
# Force a new CSRF token to be generated and set in user's
# Cookie. Alternatively, we could use context_processor +
# template tag, but in this case, we don't need a form on the
# page. So there's no point in rendering a random `<input>` field.
get_csrf_token(request)
return render_to_response("sentry/bases/react.html", context=context, request=request)
def process_view(self, request, view, args, kwargs):
"""process_view."""
if getattr(view, 'login_exempt', False):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
print 'ssssssssssssssssssssss'
account = Account()
return account.redirect_login(request)
def process_view(self, request, view, args, kwargs):
"""process_view."""
if getattr(view, 'login_exempt', False):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
account = Account()
return account.redirect_login(request)
def handle_react(self, request):
context = Context({'request': request})
# Force a new CSRF token to be generated and set in user's
# Cookie. Alternatively, we could use context_processor +
# template tag, but in this case, we don't need a form on the
# page. So there's no point in rendering a random `<input>` field.
get_csrf_token(request)
template = loader.render_to_string('sentry/bases/react.html', context)
response = HttpResponse(template)
response['Content-Type'] = 'text/html'
return response
def process_view(self, request, view, args, kwargs):
"""process_view."""
if RUN_MODE == 'DEVELOP':
request.user.username = '******'
return None
if getattr(view, 'login_exempt', False):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
account = Account()
return account.redirect_login(request)
def process_view(self, request, view, args, kwargs):
"""process_view."""
# 模拟登录账号
username = '******'
user_model = get_user_model()
if user_model.objects.filter(username=username).exists():
user = user_model.objects.get(username=username)
else:
user = user_model.objects.create(username=username,
chname=username,
is_staff=False,
is_superuser=False,
is_in_app=True)
request.user = user
return None
if getattr(view, 'login_exempt', False):
return None
# 对[公众号]weixin 路径不需要蓝鲸登录
use_weixin = getattr(settings, "USE_WEIXIN", None)
weixin_path_prefix = getattr(settings, "WEIXIN_SITE_URL", None)
weixin_app_external_host = getattr(settings,
"WEIXIN_APP_EXTERNAL_HOST", None)
if (use_weixin and weixin_path_prefix and weixin_app_external_host
and request.path.startswith(weixin_path_prefix)
and request.get_host() == weixin_app_external_host):
return None
# 对于微信小程序的路径不需要蓝鲸登录
use_miniweixin = getattr(settings, "USE_MINIWEIXIN", None)
miniweixin_path_prefix = getattr(settings, "MINIWEIXIN_SITE_URL", None)
miniweixin_app_external_host = getattr(settings,
"MINIWEIXIN_APP_EXTERNAL_HOST",
None)
if (use_miniweixin and miniweixin_path_prefix
and miniweixin_app_external_host
and request.path.startswith(miniweixin_path_prefix)
and request.get_host() == miniweixin_app_external_host):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
account = Account()
return account.redirect_login(request)
def process_view(self, request, view, args, kwargs):
"""process_view."""
# if DEBUG:
# request.user.chname = "admin"
# request.user.username = "******"
# request.user.is_super_user = False
# return None
if getattr(view, 'login_exempt', False):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
account = Account()
return account.redirect_login(request)
def process_view(self, request, view, args, kwargs):
# 静态资源不做登录态验证
full_path = request.get_full_path()
if full_path.startswith(
settings.STATIC_URL) or full_path == '/robots.txt':
return None
if getattr(view, 'login_exempt', False):
return None
user = authenticate(request=request)
if user:
request.user = user
get_csrf_token(request)
return None
return redirect_login(request)
def i_render_import(request):
"""
Will render the import page for TQs by inclusion.
"""
valid_user = token_checker.token_is_valid(request)
if valid_user:
dic = {"csrf_token": get_csrf_token(request)}
return dashboard_includer.get_as_json("tq_file/_import.html",
template_context=dic)
def edit_gprot(request, gprot_pk):
gprot = get_object_or_404(GProt, pk=gprot_pk)
if gprot.author != request.user:
raise PermissionDenied('You are not the owner')
error = ''
if request.method == 'POST':
if gprot.is_pdf:
if 'file' in request.FILES:
upload = request.FILES['file']
if upload.size > settings.GPROT_PDF_MAX_SIZE * 1000000:
error = _('Only files up to {0} MB are allowed.').format(
settings.GPROT_PDF_MAX_SIZE)
if magic.from_buffer(upload.read(1024), mime=True) \
!= 'application/pdf':
error = _('Only PDF files are allowed.')
else:
error = _('Please select a file to upload.')
if not error:
if gprot.content_pdf:
gprot.content_pdf.delete()
gprot.content_pdf = upload
gprot.save()
_clean_pdf_metadata(gprot)
else:
content = request.POST.get('content', '')
gprot.content = clean_html(content)
gprot.save()
if not error:
if 'publish' in request.POST:
return redirect('gprot_publish', gprot.pk)
else:
return redirect('gprot_view', gprot.pk)
return render(
request, 'gprot/edit.html', {
'gprot': gprot,
'error': error,
'attachment_csrf_token': get_csrf_token(request)
})
def edit_gprot(request, gprot_pk):
gprot = get_object_or_404(GProt, pk=gprot_pk)
if gprot.author != request.user:
raise PermissionDenied('You are not the owner')
error = ''
if request.method == 'POST':
if gprot.is_pdf:
if 'file' in request.FILES:
upload = request.FILES['file']
if upload.size > settings.GPROT_PDF_MAX_SIZE * 1000000:
error = _('Only files up to {0} MB are allowed.').format(
settings.GPROT_PDF_MAX_SIZE)
if magic.from_buffer(upload.read(1024), mime=True) \
!= 'application/pdf':
error = _('Only PDF files are allowed.')
else:
error = _('Please select a file to upload.')
if not error:
if gprot.content_pdf:
gprot.content_pdf.delete()
gprot.content_pdf = upload
gprot.save()
_clean_pdf_metadata(gprot)
else:
content = request.POST.get('content', '')
gprot.content = clean_html(content)
gprot.save()
if not error:
if 'publish' in request.POST:
return redirect('gprot_publish', gprot.pk)
else:
return redirect('gprot_view', gprot.pk)
return render(request, 'gprot/edit.html', {
'gprot': gprot,
'error': error,
'attachment_csrf_token': get_csrf_token(request)
})
def get_buttons_context(self, rec):
buttons = self.buttons
if isinstance(buttons,str):
buttons = map(str.strip,buttons.split(','))
buttons_context = []
for b in buttons:
try:
meth_name = f'get_button_{b}_context'
context_method = getattr(self, meth_name)
except AttributeError:
self.get_button_context(b,rec)
context = context_method(b, rec)
context.update(
self.buttons_description[b],
name=b,
name_css_class=b.replace('_','-'),
)
buttons_context.append(context)
return dict(
buttons=buttons_context,
rec=rec,
action_col=self.name,
csrf_token=get_csrf_token(self.listing.request),
)
def obtain_csrf_token(request):
token = get_csrf_token(request)
return Response({"csrfToken": token})
logging.exception(e)
except Exception, e:
name = ""
logging.exception(e)
else:
name = ""
return render_to_response(
template,
{
"show": show,
"cast": cast,
"genre": genre,
"loves": loves,
"is_loved": is_loved,
"rating": rating,
"csrf": get_csrf_token(request),
"name": name,
"title": show.get("title"),
"genre_complete": ", ".join(eval(show.get("genre"))),
"description": description,
},
context_instance=RequestContext(request),
)
def love(request):
"""
This view handles creating relationships between the user and the TV show
"""
if request.method == "POST":
u = User.objects.get(id=request.user.id)
def list(self, request):
return Response({'csrftoken': get_csrf_token(request)})
def global_context_init(self):
self.global_context.update(app_settings.context)
if self.request and ( self.can_edit or self.has_upload ):
self.global_context['csrf_token'] = get_csrf_token(self.request)
