示例#1
0
文件: views.py 项目: techylax/forum
def delete_topic(request, topic_id):
    """
    Deletes a Topic after confirmation is made via POST.
    """
    filters = {'pk': topic_id}
    if not auth.is_moderator(request.user):
        filters['hidden'] = False
    topic = get_object_or_404(Topic, **filters)
    post = Post.objects.with_user_details().get(topic=topic,
                                                meta=False,
                                                num_in_topic=1)
    if not auth.user_can_edit_topic(request.user, topic):
        return permission_denied(
            request,
            message='You do not have permission to delete this topic.')
    forum = Forum.objects.select_related().get(pk=topic.forum_id)
    if app_settings.USE_REDIS:
        redis.seen_user(request.user, 'Deleting a Topic')
    if request.method == 'POST':
        topic.delete()
        return HttpResponseRedirect(forum.get_absolute_url())
    else:
        return render(
            request, 'forum/delete_topic.html', {
                'post': post,
                'topic': topic,
                'forum': forum,
                'section': forum.section,
                'title': 'Delete Topic',
                'avatar_dimensions': get_avatar_dimensions(),
            })
示例#2
0
def delete_topic(request, topic_id):
    """
    Deletes a Topic after confirmation is made via POST.
    """
    filters = {'pk': topic_id}
    if not auth.is_moderator(request.user):
        filters['hidden'] = False
    topic = get_object_or_404(Topic, **filters)
    post = Post.objects.with_user_details().get(topic=topic, meta=False,
                                                num_in_topic=1)
    if not auth.user_can_edit_topic(request.user, topic):
        return permission_denied(request,
            message='You do not have permission to delete this topic.')
    forum = Forum.objects.select_related().get(pk=topic.forum_id)
    if forum.section.is_managed():
        if not forum.section.is_corp_authed(request.user):
            return permission_denied(request,
                    message="You are not a member of the appropriate corporation, alliance or coalition.")
    if app_settings.USE_REDIS:
        redis.seen_user(request.user, 'Deleting a Topic')
    if request.method == 'POST':
        topic.delete()
        return HttpResponseRedirect(forum.get_absolute_url())
    else:
        return render(request, 'forum/delete_topic.html', {
            'post': post,
            'topic': topic,
            'forum': forum,
            'section': forum.section,
            'title': 'Delete Topic',
            'avatar_dimensions': get_avatar_dimensions(),
        })
示例#3
0
文件: views.py 项目: Anyson/forum
def delete_topic(request, topic_id):
    """
    Deletes a Topic after confirmation is made via POST.
    """
    filters = {"pk": topic_id}
    if not auth.is_moderator(request.user):
        filters["hidden"] = False
    topic = get_object_or_404(Topic, **filters)
    post = Post.objects.with_user_details().get(topic=topic, meta=False, num_in_topic=1)
    if not auth.user_can_edit_topic(request.user, topic):
        return permission_denied(request, message="You do not have permission to delete this topic.")
    forum = Forum.objects.select_related().get(pk=topic.forum_id)
    if app_settings.USE_REDIS:
        redis.seen_user(request.user, "Deleting a Topic")
    if request.method == "POST":
        topic.delete()
        return HttpResponseRedirect(forum.get_absolute_url())
    else:
        return render(
            request,
            "forum/delete_topic.html",
            {
                "post": post,
                "topic": topic,
                "forum": forum,
                "section": forum.section,
                "title": "Delete Topic",
                "avatar_dimensions": get_avatar_dimensions(),
            },
        )
示例#4
0
def edit_topic(request, topic_id):
    """
    Edits the given Topic.

    To avoid regular Users from being shown non-working links, the
    Topic's Forum's denormalised last Post data is also updated when
    necessary after the moderator has made a change to the Topic's
    ``hidden`` status. Post counts and Topic counts will not be
    affected by hiding a Topic - it is assumed this is a temporary
    measure which will either lead to a Topic being cleaned up or
    removed altogether.
    """
    filters = {'pk': topic_id}
    if not auth.is_moderator(request.user):
        filters['hidden'] = False
    topic = get_object_or_404(Topic, **filters)
    forum = Forum.objects.select_related().get(pk=topic.forum_id)
    if forum.section.is_managed():
        if not forum.section.is_corp_authed(request.user):
            return permission_denied(request,
                    message="You are not a member of the appropriate corporation, alliance or coalition.")
    if not auth.user_can_edit_topic(request.user, topic):
        return permission_denied(request,
            message='You do not have permission to edit this topic.')
    editable_fields = ['title', 'description']
    moderator = auth.is_moderator(request.user)
    if moderator:
        was_hidden = topic.hidden
    if app_settings.USE_REDIS:
        redis.seen_user(request.user, 'Editing Topic:', topic)
    if request.method == 'POST':
        form = forms.EditTopicForm(moderator, request.POST, instance=topic)
        if form.is_valid():
            topic = form.save(commit=True)
            if auth.is_moderator(request.user):
                if topic.hidden and not was_hidden:
                     if forum.last_topic_id == topic.id:
                         # Set the forum's last post to the latest non-hidden
                         # post.
                         forum.set_last_post()
                elif not topic.hidden and was_hidden:
                    # Just in case this topic still holds the last post
                    forum.set_last_post()
            return HttpResponseRedirect(topic.get_absolute_url())
    else:
        form = forms.EditTopicForm(moderator, instance=topic)
    return render(request, 'forum/edit_topic.html', {
        'topic': topic,
        'form': form,
        'section': forum.section,
        'forum': forum,
        'title': 'Edit Topic',
        'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
    })
示例#5
0
文件: views.py 项目: techylax/forum
def edit_topic(request, topic_id):
    """
    Edits the given Topic.

    To avoid regular Users from being shown non-working links, the
    Topic's Forum's denormalised last Post data is also updated when
    necessary after the moderator has made a change to the Topic's
    ``hidden`` status. Post counts and Topic counts will not be
    affected by hiding a Topic - it is assumed this is a temporary
    measure which will either lead to a Topic being cleaned up or
    removed altogether.
    """
    filters = {'pk': topic_id}
    if not auth.is_moderator(request.user):
        filters['hidden'] = False
    topic = get_object_or_404(Topic, **filters)
    forum = Forum.objects.select_related().get(pk=topic.forum_id)
    if not auth.user_can_edit_topic(request.user, topic):
        return permission_denied(
            request, message='You do not have permission to edit this topic.')
    editable_fields = ['title', 'description']
    moderator = auth.is_moderator(request.user)
    if moderator:
        was_hidden = topic.hidden
    if app_settings.USE_REDIS:
        redis.seen_user(request.user, 'Editing Topic:', topic)
    if request.method == 'POST':
        form = forms.EditTopicForm(moderator, request.POST, instance=topic)
        if form.is_valid():
            topic = form.save(commit=True)
            if auth.is_moderator(request.user):
                if topic.hidden and not was_hidden:
                    if forum.last_topic_id == topic.id:
                        # Set the forum's last post to the latest non-hidden
                        # post.
                        forum.set_last_post()
                elif not topic.hidden and was_hidden:
                    # Just in case this topic still holds the last post
                    forum.set_last_post()
            return HttpResponseRedirect(topic.get_absolute_url())
    else:
        form = forms.EditTopicForm(moderator, instance=topic)
    return render(
        request, 'forum/edit_topic.html', {
            'topic': topic,
            'form': form,
            'section': forum.section,
            'forum': forum,
            'title': 'Edit Topic',
            'quick_help_template': post_formatter.QUICK_HELP_TEMPLATE,
        })
示例#6
0
文件: auth.py 项目: techylax/forum
    def test_user_can_edit_topic(self):
        """
        Verifies the check for a given user being able to edit a given
        Topic.

        Members of the User group may only edit their own Topics if they
        are not locked.
        """
        # Topic creeated by admin
        topic = Topic.objects.get(pk=1)
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))
        topic.locked = True
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))

        # Topic created by moderator
        topic = Topic.objects.get(pk=2)
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))
        topic.locked = True
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))

        # Topic created by user
        topic = Topic.objects.get(pk=3)
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertTrue(auth.user_can_edit_topic(self.user, topic))
        topic.locked = True
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))
示例#7
0
文件: auth.py 项目: Anyson/forum
    def test_user_can_edit_topic(self):
        """
        Verifies the check for a given user being able to edit a given
        Topic.

        Members of the User group may only edit their own Topics if they
        are not locked.
        """
        # Topic creeated by admin
        topic = Topic.objects.get(pk=1)
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))
        topic.locked = True
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))

        # Topic created by moderator
        topic = Topic.objects.get(pk=2)
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))
        topic.locked = True
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))

        # Topic created by user
        topic = Topic.objects.get(pk=3)
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertTrue(auth.user_can_edit_topic(self.user, topic))
        topic.locked = True
        self.assertTrue(auth.user_can_edit_topic(self.admin, topic))
        self.assertTrue(auth.user_can_edit_topic(self.moderator, topic))
        self.assertFalse(auth.user_can_edit_topic(self.user, topic))
示例#8
0
def can_edit_topic(user, topic):
    return user.is_authenticated() and \
           auth.user_can_edit_topic(user, topic)
示例#9
0
def can_edit_topic(user, topic):
    return user.is_authenticated() and \
           auth.user_can_edit_topic(user, topic)