def comment_delete(request, object_id): if not request.user.is_staff: return {'error': {'type': 403, 'message': 'Access denied'}} comment = get_object_or_404_ajax(CommentNode, pk=object_id) if request.POST.get('delete'): comment.delete() return {'success': True, 'id': object_id} else: return {'error': {'type': 400, 'message': 'Bad request'}}
def comment_edit(request, object_id): comment = get_object_or_404_ajax(CommentNode, pk=object_id) if request.user != comment.user: return {'error': {'type': 403, 'message': 'Access denied'}} if 'get_body' in request.POST: return {'body': comment.body} elif 'body' in request.POST: comment.body = request.POST['body'] comment.save() return {'body_html': comment.body_html} else: return {'error': {'type': 400, 'message': 'Bad request'}}
def comment_edit(request, object_id): comment = get_object_or_404_ajax(CommentNode, pk=object_id)