def comment_post_wrapper( request ): if not request.user.is_authenticated(): return HttpResponseRedirect('/knowledgebase/login/') post_comment( request ) # redirecting to the same item entity = request.POST.get('content_type', "statement").replace('maps.','') ntt_id = int( request.POST.get('object_pk', 8) ) return HttpResponseRedirect( '/knowledgebase/map/' + entity + '/' + str(ntt_id) )
def form_valid(self, form): self.request.POST = self.request.POST.copy() self.request.POST['name'] = '' self.request.POST['url'] = '' self.request.POST['email'] = '' self.request.POST['parent'] = self.kwargs['parent'] post_comment(self.request) messages.success(self.request, _('Reply successfully created.')) return redirect('/admin/modeladmin/commenting/molocomment/')
def comment_post_wrapper(request): if request.user.is_authenticated(): # In case of a reply, check that the user is answering a comment of his own ad object_pk = request.POST.get('object_pk', '') if int(request.POST.get('reply_to', 0)) > 0: if (Ad.objects.get(pk=object_pk).author == request.user): return post_comment( request) # VER SI ESTE ES EL POST, o EL DE COMMENT XTD else: if (Ad.objects.get(pk=object_pk).author != request.user): return post_comment( request) # VER SI ESTE ES EL POST, o EL DE COMMENT XTD return HttpResponse('Unauthorized', status=401)
def proxy_post_comment(request, next=None, using=None): # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: return CommentPostBadRequest( "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % ( escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % ( escape(ctype), escape(object_pk), e.__class__.__name__)) mail_has_commented.delay(request.user.username, data['comment']) if not request.user.is_admin: ActionService.comment(request.user, target) return post_comment(request, next, using)
def comment_post_wrapper(request): # Clean the request to prevent form spoofing if request.user.is_authenticated: if not (request.user.get_full_name() == request.POST['name'] or \ request.user.email == request.POST['email']): return HttpResponse("Error 403: You're an evil hacker") return post_comment(request) return HttpResponse("Error 403: You're an evil hacker")
def comment_post_wrapper(request): # Clean the request to prevent form spoofing if request.user.is_authenticated(): if not (request.user.get_full_name() == request.POST['name'] or \ request.user.email == request.POST['email']): return HttpResponse("Error 403: You're an evil hacker") return post_comment(request) return HttpResponse("Error 403: You're an evil hacker")
def form_valid(self, form): self.request.POST = self.request.POST.copy() self.request.POST['name'] = '' self.request.POST['url'] = '' self.request.POST['email'] = '' self.request.POST['parent'] = self.kwargs['parent'] reply = post_comment(self.request, next=self.success_url) messages.success(self.request, _('Reply successfully created.')) return reply
def post_diary_comment(data, diary_entry, auth_user=None): request = request_factory.post( reverse('diary-detail', kwargs={'year': diary_entry.publish.year, 'month': diary_entry.publish.month, 'day': diary_entry.publish.day}), data=data, follow=True) if auth_user: request.user = auth_user else: request.user = AnonymousUser() request._dont_enforce_csrf_checks = True return comments.post_comment(request)
def post_article_comment(data, article, auth_user=None): request = request_factory.post( reverse('article-detail', kwargs={'year': article.publish.year, 'month': article.publish.month, 'day': article.publish.day, 'slug': article.slug}), data=data, follow=True) if auth_user: request.user = auth_user else: request.user = AnonymousUser() request._dont_enforce_csrf_checks = True return comments.post_comment(request)
def post_molo_comment(request, next=None, using=None): """ Allows for posting of a Molo Comment, this allows comments to be set with the "user_name" as "Anonymous" """ data = request.POST.copy() if 'submit_anonymously' in data: data['name'] = _('Anonymous') # replace with our changed POST data # ensure we always set an email data['email'] = request.user.email or '*****@*****.**' request.POST = data return post_comment(request, next=next, using=next)
def post_rating(request, url='/ratings/posted/', maxcomments=1): """Wrap django.contrib.comments.views.comments.post_comment, so that we can control where the user is returned after submit, also add the ability to control the maximum number of ratings per user per product. """ if request.method != "POST": raise Http404(_("One or more of the required fields wasn't submitted")) if 'url' in request.POST: url = request.POST['url'] response = post_comment(request) if maxcomments > 0 and not request.user.is_anonymous(): try: target = request.POST['target'] except KeyError: raise Http404( _("One or more of the required fields wasn't submitted")) content_type_id, object_id = target.split(':') try: ct = ContentType.objects.get(pk=content_type_id) except ContentType.DoesNotExist: raise Http404(_("Bad ContentType: %s" % content_type_id)) comments = Comment.objects.filter( object_id__exact=object_id, content_type__app_label__exact=ct.app_label, content_type__model__exact=ct.model, site__exact=Site.objects.get_current(), is_public__exact=True, user__exact=request.user.id).order_by('submit_date') ct = len(comments) if ct > maxcomments: log.debug("Got %i comments for user - removing all but %i", ct, maxcomments) for c in comments: c.delete() ct -= 1 if ct == maxcomments: break return HttpResponseRedirect(url)
def comments_post(request): """Post comment view.""" if not request.POST.get('comment'): return HttpResponseRedirect(request.REQUEST.get('next')) return post_comment(request)
def post_comment_wrapper(request): if not request.user.is_authenticated: return HttpResponseRedirect('/tickets') return post_comment(request)
def login_required_post_comment(*args, **kwargs): return post_comment(*args, **kwargs)
def login_required_post_comment(request, *args, **kwargs): if not review_requested() or is_admin_or_root(request.user): return post_comment(request, *args, **kwargs) else: return CommentPostBadRequest("Comment not allowed.")