def comment_delete(request, object_id):
if not request.user.is_staff:
return {'error': {'type': 403, 'message': 'Access denied'}}
comment = get_object_or_404_ajax(CommentNode, pk=object_id)
if request.POST.get('delete'):
comment.delete()
return {'success': True, 'id': object_id}
else:
return {'error': {'type': 400, 'message': 'Bad request'}}
def comment_edit(request, object_id):
comment = get_object_or_404_ajax(CommentNode, pk=object_id)
if request.user != comment.user:
return {'error': {'type': 403, 'message': 'Access denied'}}
if 'get_body' in request.POST:
return {'body': comment.body}
elif 'body' in request.POST:
comment.body = request.POST['body']
comment.save()
return {'body_html': comment.body_html}
else:
return {'error': {'type': 400, 'message': 'Bad request'}}
def comment_edit(request, object_id):
comment = get_object_or_404_ajax(CommentNode, pk=object_id)
