def save(self, request): """Process and save cleaned data in the database.""" ip_address = core_utils.get_client_ip(request) comment_period_lockout = getattr( settings, 'COMMENT_PERIOD_LOCKOUT', None ) num_comments_allowed_in_lockout = \ getattr(settings, 'NUM_COMMENTS_ALLOWED_IN_PERIOD', 5) throttle_key = 'commenting_%s_%s' % ( self.cleaned_data['comment_content_type_id'], self.cleaned_data['comment_object_pk'] ) if request.user.is_authenticated(): user = request.user else: user = None if comment_period_lockout is not None: if core_throttling.check_throttle_exists(request, throttle_key): throttled = core_throttling.check_throttle( request, throttle_key, comment_period_lockout, num_comments_allowed_in_lockout ) else: throttled = throttling.check_throttle( user, ip_address, comment_period_lockout, num_comments_allowed_in_lockout ) if throttled: raise exceptions.RapidCommentingError( _("You are commenting too quickly. " "Please wait before commenting again") ) if self.cleaned_data['anonymous']: user = None comment = models.CommentModel.objects.create( user=user, created_by=user, modified_by=user, user_name=self.cleaned_data['user_name'], ip_address=ip_address, site=Site.objects.get_current(), content_type_id=self.cleaned_data['comment_content_type_id'], object_pk=self.cleaned_data['comment_object_pk'], comment=self.cleaned_data['comment_box'] ) core_throttling.add_to_throttle( request, throttle_key, comment.publish_at ) return comment
def _validate(request, user, throttle_key, ip_address, action): """Prevent users from liking the same thing twice.""" already_liked = request.COOKIES.get(throttle_key, None) if user is None and already_liked is None and action == 'remove': raise exceptions.UnauthorizedLikingError( _("This is not yours") ) if user is None and already_liked and action == 'add': raise exceptions.UnauthorizedLikingError( _("You already like this") ) like_period_lockout = getattr(settings, 'LIKE_PERIOD_LOCKOUT', None) num_likes_allowed_in_lockout = \ getattr(settings, 'NUM_LIKES_ALLOWED_IN_PERIOD', 5) if like_period_lockout is not None: if core_throttling.check_throttle_exists(request, throttle_key): throttled = core_throttling.check_throttle( request, throttle_key, like_period_lockout, num_likes_allowed_in_lockout ) else: throttled = throttling.check_throttle( user, ip_address, like_period_lockout, num_likes_allowed_in_lockout ) if throttled: raise exceptions.RapidLikingError( _('You are liking too quickly. ' 'Please wait before liking again') )