def like(request, comment_id, next=None): """ Like a comment. Confirmation on GET, action on POST. Templates: :template:`django_comments_xtd/like.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(get_comment_model(), pk=comment_id, site__pk=settings.SITE_ID) next = comment.get_absolute_url() if request.user.is_authenticated(): if not has_app_model_option(comment)['allow_feedback']: ctype = ContentType.objects.get_for_model(comment.content_object) raise Http404("Comments posted to instances of '%s.%s' are not " "explicitly allowed to receive 'liked it' flags. " "Check the COMMENTS_XTD_APP_MODEL_OPTIONS " "setting." % (ctype.app_label, ctype.model)) perform_like(request, comment) return next_redirect(request, fallback=next or 'comments-xtd-like-done', c=comment.pk) messages.error(request, '只有登录用户才能点赞, 请在侧边栏内登录再尝试点赞!', extra_tags='bg-warning text-warning') return next_redirect(request, fallback=next or 'comments-xtd-like-done', c=comment.pk)
def post_finderchart(request, next=None): data = request.POST.copy() content_type = data.get("content_type") object_id = data.get("object_id") if content_type is None or object_id is None: return ValueError("Missing content type or object id") c_type = ContentType.objects.get(pk=content_type) model = c_type.model_class() target = model.objects.get(pk=object_id) finder_chart_form = FinderChartForm(data) if not finder_chart_form.is_valid(): messages.error(request, "Finder Chart form invalid") return next_redirect(request, fallback=next or target.get_absolute_url()) date = finder_chart_form.cleaned_data['date'] if c_type.model == 'solarsystemobject': ra, dec = target.ra_dec_on_date(date) else: ra, dec = target.ra, target.dec settings = FchartSettings( limiting_magnitude_stars=finder_chart_form.cleaned_data['limiting_magnitude_stars'], limiting_magnitude_deepsky=finder_chart_form.cleaned_data['limiting_magnitude_deepsky'], fieldsize=finder_chart_form.cleaned_data['field_of_view'], ) x_label = str(target) if c_type.model == 'solarsystemobject' else '' settings.add_target(ra, dec, str(target), content_type, object_id, x_label) file = generate_fchart(settings) wrapper = FileWrapper(file) response = HttpResponse(wrapper, content_type='application/pdf') response['Content-Length'] = os.path.getsize(file.name) # Without streaming # response = HttpResponse(file, content_type='application/pdf') # response['Content-Disposition'] = 'attachment; filename="{0}"'.format(file.name) return response
def flag(request, comment_id, next=None): """ Flags a comment. Confirmation on GET, action on POST. Templates: :template:`comments/flag.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(get_comment_model(), pk=comment_id, site__pk=settings.SITE_ID) if not has_app_model_option(comment)['allow_flagging']: ctype = ContentType.objects.get_for_model(comment.content_object) raise Http404("Comments posted to instances of '%s.%s' are not " "explicitly allowed to receive 'removal suggestion' " "flags. Check the COMMENTS_XTD_APP_MODEL_OPTIONS " "setting." % (ctype.app_label, ctype.model)) # Flag on POST if request.method == 'POST': perform_flag(request, comment) return next_redirect(request, fallback=next or 'comments-flag-done', c=comment.pk) # Render a form on GET else: return render(request, 'comments/flag.html', {'comment': comment, 'next': next})
def delete_own_comment(request, comment_id, next=None): comment = get_object_or_404(get_comment_model(), pk=comment_id, user=request.user, site__pk=get_current_site(request).pk) # Delete on POST if request.method == 'POST': # Flag the comment as deleted instead of actually deleting it. if comment.user == request.user: comment.is_removed = True comment.save() flag, created = CommentFlag.objects.get_or_create( comment=comment, user=request.user, flag=CommentFlag.MODERATOR_DELETION ) django_comments_signals.comment_was_flagged.send( sender=comment.__class__, comment=comment, flag=flag, created=created, request=request, ) return next_redirect(request, fallback=next or 'comments-delete-done', c=comment.pk) # Render a form on GET else: return render(request, 'comments/own_comment_delete.html', {'comment': comment, "next": next})
def delete(request, comment_id, next=None): """ Deletes a comment. Confirmation on GET, action on POST. Requires the "can moderate comments" permission. Templates: :template:`comments/delete.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=get_current_site(request).pk) # Delete on POST if request.method == 'POST': # Flag the comment as deleted instead of actually deleting it. perform_delete(request, comment) return next_redirect(request, fallback=next or 'comments-delete-done', c=comment.pk) # Render a form on GET else: return render(request, 'comments/delete.html', { 'comment': comment, "next": next })
def dislike(request, comment_id, next=None): """ Dislike a comment. Confirmation on GET, action on POST. Templates: :template:`django_comments_xtd/dislike.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(get_comment_model(), pk=comment_id, site__pk=settings.SITE_ID) if not has_app_model_option(comment)['allow_feedback']: ctype = ContentType.objects.get_for_model(comment.content_object) raise Http404("Comments posted to instances of '%s.%s' are not " "explicitly allowed to receive 'disliked it' flags. " "Check the COMMENTS_XTD_APP_MODEL_OPTIONS " "setting." % (ctype.app_label, ctype.model)) # Flag on POST if request.method == 'POST': perform_dislike(request, comment) return next_redirect(request, fallback=(next or 'comments-xtd-dislike-done'), c=comment.pk) # Render a form on GET else: disliked_it = request.user in comment.users_flagging(DISLIKEDIT_FLAG) return render(request, 'django_comments_xtd/dislike.html', {'comment': comment, 'already_disliked_it': disliked_it, 'next': next})
def approve(request, comment_id, next=None): """ Approve a comment (that is, mark it as public and non-removed). Confirmation on GET, action on POST. Requires the "can moderate comments" permission. Templates: :template:`comments/approve.html`, Context: comment the `comments.comment` object for approval """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=get_current_site(request).pk) # Delete on POST if request.method == 'POST': # Flag the comment as approved. perform_approve(request, comment) return next_redirect(request, fallback=next or 'comments-approve-done', c=comment.pk) # Render a form on GET else: return render(request, 'comments/approve.html', { 'comment': comment, "next": next })
def approve(request, comment_id, next=None): """ Approve a comment (that is, mark it as public and non-removed). Confirmation on GET, action on POST. Requires the "can moderate comments" permission. Templates: :template:`comments/approve.html`, Context: comment the `comments.comment` object for approval """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id) # Delete on POST if request.method == 'POST': # Flag the comment as approved. perform_approve(request, comment) return next_redirect(request, fallback=next or 'comments-approve-done', c=comment.pk) # Render a form on GET else: return render_to_response( 'comments/approve.html', {'comment': comment, "next": next}, template.RequestContext(request) )
def delete(request, comment_id, next=None): """ Deletes a comment. Confirmation on GET, action on POST. Requires the "can moderate comments" permission. Templates: :template:`comments/delete.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id) # Delete on POST if request.method == 'POST': # Flag the comment as deleted instead of actually deleting it. perform_delete(request, comment) return next_redirect(request, fallback=next or 'comments-delete-done', c=comment.pk) # Render a form on GET else: return render_to_response( 'comments/delete.html', {'comment': comment, "next": next}, template.RequestContext(request) )
def comments_delete(request, comment_id): """Delete comment view.""" comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID) context = { 'next': request.GET.get('next'), 'comment': comment, 'is_popup': "_popup" in request.REQUEST } if request.method == 'POST': perform_delete(request, comment) if context['is_popup']: return render_to_response( 'admin/close_popup.html', context, RequestContext(request)) else: return next_redirect( request, fallback=request.GET.get('next') or 'comments-delete-done', c=comment.pk) else: return render_to_response( 'comments/delete.html', context, RequestContext(request))
def comments_delete(request, comment_id): """Delete comment view.""" comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID) context = { 'next': request.GET.get('next'), 'comment': comment, 'is_popup': "_popup" in request.REQUEST } if request.method == 'POST': perform_delete(request, comment) if context['is_popup']: return render_to_response('admin/close_popup.html', context, RequestContext(request)) else: return next_redirect(request, fallback=request.GET.get('next') or 'comments-delete-done', c=comment.pk) else: return render_to_response('comments/delete.html', context, RequestContext(request))
def like(request, comment_id, next=None): """ Like a comment. Confirmation on GET, action on POST. Templates: :template:`django_comments_xtd/like.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(get_comment_model(), pk=comment_id, site__pk=get_current_site_id(request)) if not get_app_model_options(comment=comment)['allow_feedback']: ctype = ContentType.objects.get_for_model(comment.content_object) raise Http404("Comments posted to instances of '%s.%s' are not " "explicitly allowed to receive 'liked it' flags. " "Check the COMMENTS_XTD_APP_MODEL_OPTIONS " "setting." % (ctype.app_label, ctype.model)) # Flag on POST if request.method == 'POST': perform_like(request, comment) return next_redirect(request, fallback=next or 'comments-xtd-like-done', c=comment.pk) # Render a form on GET else: flag_qs = comment.flags.prefetch_related('user')\ .filter(flag=LIKEDIT_FLAG) users_likedit = [item.user for item in flag_qs] return render( request, 'django_comments_xtd/like.html', { 'comment': comment, 'already_liked_it': request.user in users_likedit, 'next': next })
def flag(request, comment_id, next=None): """ Flags a comment. Confirmation on GET, action on POST. Templates: :template:`comments/flag.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=get_current_site(request).pk) # Flag on POST if request.method == 'POST': perform_flag(request, comment) return next_redirect(request, fallback=next or 'comments-flag-done', c=comment.pk) # Render a form on GET else: return render(request, 'comments/flag.html', { 'comment': comment, "next": next })
def dislike(request, comment_id, next=None): """ Dislike a comment. Confirmation on GET, action on POST. Templates: :template:`django_comments_xtd/dislike.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(get_comment_model(), pk=comment_id, site__pk=settings.SITE_ID) # Flag on POST if request.method == 'POST': perform_dislike(request, comment) return next_redirect(request, fallback=(next or 'comments-xtd-dislike-done'), c=comment.pk) # Render a form on GET else: already_disliked_it = request.user in comment.users_who_disliked_it() return render( request, 'django_comments_xtd/dislike.html', { 'comment': comment, 'already_disliked_it': already_disliked_it, 'next': next })
def flag(request, comment_id, next=None): """ Flags a comment. Confirmation on GET, action on POST. Templates: :template:`comments/flag.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID) # Flag on POST if request.method == 'POST': perform_flag(request, comment) return next_redirect(request, fallback=next or 'comments-flag-done', c=comment.pk) # Render a form on GET else: return render(request, 'comments/flag.html', {'comment': comment, "next": next})
def credit(request, comment_id, next=None): """ Credit a comment (that is, mark it as public and non-removed). Confirmation on GET, action on POST. Requires the "can moderate comments" permission. Templates: `comments/credit.html`, Context: comment the `comments.comment` object for approval """ comment = get_object_or_404(django_comments.get_model(), pk=comment_id, site__pk=settings.SITE_ID) # Delete on POST if request.method == 'POST': # Flag the comment as creditd. perform_credit(request, comment) return next_redirect(request.POST.copy(), next, credit_done, c=comment.pk) # Render a form on GET else: return render_to_response('comments/credit.html', {'comment': comment, "next": next}, template.RequestContext(request) )
def dislike(request, comment_id, next=None): """ Dislike a comment. Confirmation on GET, action on POST. Templates: :template:`django_comments_xtd/dislike.html`, Context: comment the flagged `comments.comment` object """ comment = get_object_or_404(get_comment_model(), pk=comment_id, site__pk=settings.SITE_ID) # Flag on POST if request.method == 'POST': perform_dislike(request, comment) return next_redirect(request, fallback=(next or 'comments-xtd-dislike-done'), c=comment.pk) # Render a form on GET else: already_disliked_it = request.user in comment.users_who_disliked_it() return render(request, 'django_comments_xtd/dislike.html', {'comment': comment, 'already_disliked_it': already_disliked_it, 'next': next})
def edit(request, comment_id, next=None): """ Edit a comment. Requires HTTP POST and "can change comments" or "can moderate comments", permission. Users can also only edit comments they own, unless they are granted "comments.can_moderate" permissions. If ``POST['submit'] == "preview"`` or there are errors, a preview template ``comments/preview.html`` will be rendered. Templates: `comments/edit.html`, Context: comment the `comments.comment` object to be edited. """ comment = get_object_or_404( get_model(), pk=comment_id, site__pk=settings.SITE_ID ) # Make sure user has correct permissions to change the comment, # or return a 401 Unauthorized error. if not (request.user == comment.user and request.user.has_perm("comments.change_comment") or request.user.has_perm("comments.can_moderate")): return HttpResponse("Unauthorized", status=401) # Populate POST data with all required initial data # unless they are already in POST data = request.POST.copy() if not data.get("user_name", ""): data["user_name"] = request.user.get_full_name() or request.user.username if not data.get("user_email"): data["user_email"] = request.user.email next = data.get("next", next) CommentEditForm = comments_extension.get_edit_form() form = CommentEditForm(data, instance=comment) if form.security_errors(): # NOTE: security hash fails! return CommentEditBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) # If there are errors, or if a preview is requested if form.errors or "preview" in data: app_label, model = (form.instance.content_type.app_label, form.instance.content_type.model) template_search_list = [ "comments/%s/%s/edit-preview.html" % (app_label, model), "comments/%s/edit-preview.html" % model, "comments/edit-preview.html" ] return render_to_response( template_search_list, { "comment_obj": comment, "comment": form.data.get("comment", ""), "form": form, "next": next, }, RequestContext(request, {}) ) # Otherwise, try to save the comment and emit signals if form.is_valid(): MODERATOR_EDITED = "moderator edited" flag, created = CommentFlag.objects.get_or_create( comment = form.instance, user = request.user, flag = MODERATOR_EDITED ) form.instance.is_removed = False form.save() comment_was_flagged.send( sender = comment.__class__, comment = comment, flag = flag, created = created, request = request ) return utils.next_redirect( request, fallback=next or 'comments-comment-done', c=comment._get_pk_val() ) else: # If we got here, raise Bad Request error. return CommentEditBadRequest("Could not complete request!")
def post_comment(request, next=None, *args, **kwargs): """ Post a comment. HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Require POST if request.method != 'POST': return HttpResponseNotAllowed(["POST"]) is_ajax = request.POST.get('is_ajax') and '_ajax' or '' # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name() if not data.get('email', ''): data["email"] = request.user.email response = _lookup_content_object(data) if isinstance(response, HttpResponse): return response else: target, parent_comment, model = response # Do we want to preview the comment? preview = data.get("submit", "").lower() == "preview" or \ data.get("preview", None) is not None # Construct the comment form form = get_form()(target, parent_comment=parent_comment, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ "comments/%s_%s_preview%s.html" % tuple(str(model._meta).split(".") + [is_ajax]), "comments/%s_preview%s.html" % (model._meta.app_label, is_ajax), "comments/preview%s.html" % is_ajax ] data = { 'comment': form.data.get("comment", ""), 'parent': parent_comment, 'level': parent_comment and parent_comment.level + 1 or 0, 'title': form.data.get("title", ""), 'submit_date': datetime.datetime.now(), 'rght': 0, 'lft': 0, 'user': request.user, 'user_name' : request.user.username, } comment = get_model()(**data) return TemplateResponse(request, template_list, { "comment" : comment, "preview" : True, "form" : form, "allow_post": not form.errors, "is_ajax" : is_ajax, }) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user comment.user_name = request.user.username # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender = comment.__class__, comment = comment, request = request ) for (receiver, response) in responses: if response == False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender = comment.__class__, comment = comment, request = request ) return next_redirect(request, 'comments-comment-done%s' % (is_ajax and '-ajax' or ''), c=comment._get_pk_val())
def post(self, request, next=None, using=None): # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() data["name"] = request.user.get_full_name() or request.user.get_username() data["email"] = request.user.email # Look up the object we're trying to comment about result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using) if isinstance(result, CommentPostBadRequest): return result else: model, target = result # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest("The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore # format for preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user html_comment, tags = form.process_tags() comment.comment = html_comment # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) # Add the tags that are extracted from the comment comment.tags.add(*tags) return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def form_valid(self, form): form.save() return next_redirect(self.request, fallback='comments-edit-done', c=self.object.pk)
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name() or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: return CommentPostBadRequest( "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % ( escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % ( escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }, ) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) if request.user.is_authenticated(): comment.user = request.user # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def post_comment(request, next=None, *args, **kwargs): """ Post a comment. HTTP POST is required unless a initial form is requested. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Require POST if request.method != 'POST': return HttpResponseNotAllowed(["POST"]) is_ajax = request.POST.get('is_ajax') and '_ajax' or '' # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() if request.user.is_authenticated(): if not data.get('name', ''): data["name"] = request.user.get_full_name() if not data.get('email', ''): data["email"] = request.user.email response = _lookup_content_object(data) if isinstance(response, HttpResponse): return response else: target, parent_comment, model = response # Do we want to preview the comment? preview = data.get("submit", "").lower() == "preview" or \ data.get("preview", None) is not None # Construct the comment form form = get_form()(target, parent_comment=parent_comment, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ "comments/%s_%s_preview%s.html" % tuple(str(model._meta).split(".") + [is_ajax]), "comments/%s_preview%s.html" % (model._meta.app_label, is_ajax), "comments/preview%s.html" % is_ajax ] data = { 'comment': form.data.get("comment", ""), 'parent': parent_comment, 'level': parent_comment and parent_comment.level + 1 or 0, 'title': form.data.get("title", ""), 'submit_date': datetime.datetime.now(), 'rght': 0, 'lft': 0, 'user': request.user, 'user_name': request.user.username, } comment = get_model()(**data) return TemplateResponse( request, template_list, { "comment": comment, "preview": True, "form": form, "allow_post": not form.errors, "is_ajax": is_ajax, }) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user comment.user_name = request.user.username # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response == False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) return next_redirect(request, 'comments-comment-done%s' % (is_ajax and '-ajax' or ''), c=comment._get_pk_val())
def edit(request, comment_id, next=None): """ Edit a comment. Requires HTTP POST and "can change comments" or "can moderate comments", permission. Users can also only edit comments they own, unless they are granted "comments.can_moderate" permissions. If ``POST['submit'] == "preview"`` or there are errors, a preview template ``comments/preview.html`` will be rendered. Templates: `comments/edit.html`, Context: comment the `comments.comment` object to be edited. """ comment = get_object_or_404(get_model(), pk=comment_id, site__pk=settings.SITE_ID) # Make sure user has correct permissions to change the comment, # or return a 401 Unauthorized error. if not (request.user == comment.user and request.user.has_perm("comments.change_comment") or request.user.has_perm("comments.can_moderate")): return HttpResponse("Unauthorized", status=401) # Populate POST data with all required initial data # unless they are already in POST data = request.POST.copy() if not data.get("user_name", ""): data["user_name"] = request.user.get_full_name( ) or request.user.username if not data.get("user_email"): data["user_email"] = request.user.email next = data.get("next", next) CommentEditForm = comments_extension.get_edit_form() form = CommentEditForm(data, instance=comment) if form.security_errors(): # NOTE: security hash fails! return CommentEditBadRequest( "The comment form failed security verification: %s" % \ escape(str(form.security_errors()))) # If there are errors, or if a preview is requested if form.errors or "preview" in data: app_label, model = (form.instance.content_type.app_label, form.instance.content_type.model) template_search_list = [ "comments/%s/%s/edit-preview.html" % (app_label, model), "comments/%s/edit-preview.html" % model, "comments/edit-preview.html" ] return render_to_response( template_search_list, { "comment_obj": comment, "comment": form.data.get("comment", ""), "form": form, "next": next, }, RequestContext(request, {})) # Otherwise, try to save the comment and emit signals if form.is_valid(): MODERATOR_EDITED = "moderator edited" flag, created = CommentFlag.objects.get_or_create( comment=form.instance, user=request.user, flag=MODERATOR_EDITED) form.instance.is_removed = False form.save() comment_was_flagged.send(sender=comment.__class__, comment=comment, flag=flag, created=created, request=request) return utils.next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val()) else: # If we got here, raise Bad Request error. return CommentEditBadRequest("Could not complete request!")
def post_comment(request, next=None, using=None): """ Post a comment. HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are errors a preview template, ``comments/preview.html``, will be rendered. """ # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() try: user_is_authenticated = request.user.is_authenticated() except TypeError: # Django >= 1.11 user_is_authenticated = request.user.is_authenticated if user_is_authenticated: if not data.get('name', ''): data["name"] = request.user.get_full_name() or request.user.get_username() if not data.get('email', ''): data["email"] = request.user.email # 添加 if not request.session.get('login', None) and not user_is_authenticated: return redirect("/") # Look up the object we're trying to comment about ctype = data.get("content_type") object_pk = data.get("object_pk") if ctype is None or object_pk is None: return CommentPostBadRequest("Missing content_type or object_pk field.") try: model = apps.get_model(*ctype.split(".", 1)) target = model._default_manager.using(using).get(pk=object_pk) except TypeError: return CommentPostBadRequest( "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( "No object matching content-type %r and object PK %r exists." % ( escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( "Attempting go get content-type %r and object PK %r exists raised %s" % ( escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. # Django v1.0 and v1.1 allowed the underscore format for # preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }, ) # Otherwise create the comment comment = form.get_comment_object(site_id=get_current_site(request).id) comment.ip_address = request.META.get("REMOTE_ADDR", None) # if user_is_authenticated: # comment.user = request.user #添加 if request.session.get('login',None): comment.user_name = request.session['screen_name'] comment.user_img = request.session['profile_image_url'] # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send( sender=comment.__class__, comment=comment, request=request ) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send( sender=comment.__class__, comment=comment, request=request ) return next_redirect(request, fallback=next or 'comments-comment-done', c=comment._get_pk_val())
def post(self, request, next=None, using=None): # Fill out some initial data fields from an authenticated user, if present data = request.POST.copy() data["name"] = request.user.get_full_name() or request.user.get_username() data["email"] = request.user.email # Look up the object we're trying to comment about result = self._lookup_object(data.get("content_type"), data.get("object_pk"), using) if isinstance(result, CommentPostBadRequest): return result else: model, target = result # Do we want to preview the comment? preview = "preview" in data # Construct the comment form form = django_comments.get_form()(target, data=data) # Check security information if form.security_errors(): return CommentPostBadRequest( "The comment form failed security verification: %s" % escape(str(form.security_errors())) ) # If there are errors or if we requested a preview show the comment if form.errors or preview: template_list = [ # These first two exist for purely historical reasons. Django v1.0 and v1.1 allowed the underscore # format for preview templates, so we have to preserve that format. "comments/%s_%s_preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s_preview.html" % model._meta.app_label, # Now the usual directory based template hierarchy. "comments/%s/%s/preview.html" % (model._meta.app_label, model._meta.model_name), "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] return render( request, template_list, {"comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next)}, ) # Otherwise create the comment comment = form.get_comment_object() comment.ip_address = request.META.get("REMOTE_ADDR", None) comment.user = request.user html_comment, tags = form.process_tags() comment.comment = html_comment # Signal that the comment is about to be saved responses = signals.comment_will_be_posted.send(sender=comment.__class__, comment=comment, request=request) for (receiver, response) in responses: if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__ ) # Save the comment and signal that it was saved comment.save() signals.comment_was_posted.send(sender=comment.__class__, comment=comment, request=request) # Add the tags that are extracted from the comment comment.tags.add(*tags) return next_redirect(request, fallback=next or "comments-comment-done", c=comment._get_pk_val())