def topic_publish(request, category_id=None): if category_id: Category.objects.get_public_or_404(pk=category_id) if request.method == 'POST': form = TopicForm(user=request.user, data=request.POST) cform = CommentForm(user=request.user, data=request.POST) pform = TopicPollForm(data=request.POST) pformset = TopicPollChoiceFormSet(can_delete=False, data=request.POST) if not request.is_limited and form.is_valid() and cform.is_valid() \ and pform.is_valid() and pformset.is_valid(): # wrap in transaction.atomic? topic = form.save() cform.topic = topic comment = cform.save() comment_posted.send(sender=comment.__class__, comment=comment, mentions=cform.mentions) # Create a poll only if we have choices if pformset.is_filled(): pform.topic = topic poll = pform.save() pformset.instance = poll pformset.save() return redirect(topic.get_absolute_url()) else: form = TopicForm(user=request.user, initial={'category': category_id, }) cform = CommentForm() pform = TopicPollForm() pformset = TopicPollChoiceFormSet(can_delete=False) return render(request, 'spirit/topic/topic_publish.html', {'form': form, 'cform': cform, 'pform': pform, 'pformset': pformset})
def private_publish(request, user_id=None): if request.method == 'POST': tform = TopicForPrivateForm(user=request.user, data=request.POST) cform = CommentForm(user=request.user, data=request.POST) tpform = TopicPrivateManyForm(user=request.user, data=request.POST) if not request.is_limited and tform.is_valid() and cform.is_valid() and tpform.is_valid(): # wrap in transaction.atomic? topic = tform.save() cform.topic = topic comment = cform.save() comment_posted.send(sender=comment.__class__, comment=comment, mentions=None) tpform.topic = topic topics_private = tpform.save_m2m() topic_private_post_create.send(sender=TopicPrivate, topics_private=topics_private, comment=comment) return redirect(topic.get_absolute_url()) else: tform = TopicForPrivateForm() cform = CommentForm() initial = None if user_id: user = get_object_or_404(User, pk=user_id) initial = {'users': [user.username, ]} tpform = TopicPrivateManyForm(initial=initial) return render(request, 'spirit/topic_private/private_publish.html', {'tform': tform, 'cform': cform, 'tpform': tpform})
def topic_publish(request, category_id=None): if category_id: Category.objects.get_public_or_404(pk=category_id) if request.method == 'POST': form = TopicForm(user=request.user, data=request.POST) cform = CommentForm(user=request.user, data=request.POST) if not request.is_limited and form.is_valid() and cform.is_valid(): # wrap in transaction.atomic? topic = form.save() cform.topic = topic comment = cform.save() comment_posted.send(sender=comment.__class__, comment=comment, mentions=cform.mentions) return redirect(topic.get_absolute_url()) else: form = TopicForm(user=request.user, initial={ 'category': category_id, }) cform = CommentForm() return render(request, 'spirit/topic/topic_publish.html', { 'form': form, 'cform': cform })
def test_comment_markdown(self): form_data = {'comment': u'**Spirit unicode: áéíóú** ' u'<script>alert();</script>', } form = CommentForm(data=form_data) self.assertEqual(form.is_valid(), True) form.user = self.user form.topic = self.topic comment = form.save() self.assertEqual(comment.comment_html, u'<p><strong>Spirit unicode: áéíóú</strong> ' u'<script>alert();</script></p>')
def test_comment_markdown(self): form_data = {'comment': u'**Spirit unicode: áéíóú** ' u'<script>alert();</script>', } form = CommentForm(data=form_data) self.assertEqual(form.is_valid(), True) form.user = self.user form.topic = self.topic comment = form.save() self.assertEqual(comment.comment_html, u'<p><strong>Spirit unicode: áéíóú</strong> ' u'<script>alert();</script></p>')
def topic_publish(request, category_id=None): if category_id: Category.objects.get_public_or_404(pk=category_id) if request.method == 'POST': form = TopicForm(user=request.user, data=request.POST) cform = CommentForm(user=request.user, data=request.POST) pform = TopicPollForm(data=request.POST) pformset = TopicPollChoiceFormSet(can_delete=False, data=request.POST) if not request.is_limited and form.is_valid() and cform.is_valid() \ and pform.is_valid() and pformset.is_valid(): # wrap in transaction.atomic? topic = form.save() cform.topic = topic comment = cform.save() comment_posted.send(sender=comment.__class__, comment=comment, mentions=cform.mentions) # Create a poll only if we have choices if pformset.is_filled(): pform.topic = topic poll = pform.save() pformset.instance = poll pformset.save() return redirect(topic.get_absolute_url()) else: form = TopicForm(user=request.user, initial={ 'category': category_id, }) cform = CommentForm() pform = TopicPollForm() pformset = TopicPollChoiceFormSet(can_delete=False) return render(request, 'spirit/topic/topic_publish.html', { 'form': form, 'cform': cform, 'pform': pform, 'pformset': pformset })
def topic_publish(request, category_id=None): if category_id: Category.objects.get_public_or_404(pk=category_id) if request.method == 'POST': form = TopicForm(user=request.user, data=request.POST) cform = CommentForm(user=request.user, data=request.POST) if not request.is_limited and form.is_valid() and cform.is_valid(): # wrap in transaction.atomic? topic = form.save() cform.topic = topic comment = cform.save() comment_posted.send(sender=comment.__class__, comment=comment, mentions=cform.mentions) return redirect(topic.get_absolute_url()) else: form = TopicForm(user=request.user, initial={'category': category_id, }) cform = CommentForm() return render(request, 'spirit/topic/topic_publish.html', {'form': form, 'cform': cform})