diff options
Diffstat (limited to 'app/lib/django_comments/views')
| -rw-r--r-- | app/lib/django_comments/views/comments.py | 37 | ||||
| -rw-r--r-- | app/lib/django_comments/views/moderation.py | 89 | ||||
| -rw-r--r-- | app/lib/django_comments/views/utils.py | 14 |
3 files changed, 66 insertions, 74 deletions
diff --git a/app/lib/django_comments/views/comments.py b/app/lib/django_comments/views/comments.py index b44babf..c441c30 100644 --- a/app/lib/django_comments/views/comments.py +++ b/app/lib/django_comments/views/comments.py @@ -1,36 +1,36 @@ from __future__ import absolute_import from django import http +from django.apps import apps from django.conf import settings from django.core.exceptions import ObjectDoesNotExist, ValidationError -from django.db import models -from django.shortcuts import render_to_response -from django.template import RequestContext +from django.shortcuts import render from django.template.loader import render_to_string from django.utils.html import escape from django.views.decorators.csrf import csrf_protect +from django.views.decorators.csrf import csrf_exempt + from django.views.decorators.http import require_POST -try: - from django.apps import apps -except ImportError: - from django.db import models as apps import django_comments from django_comments import signals from django_comments.views.utils import next_redirect, confirmation_view + class CommentPostBadRequest(http.HttpResponseBadRequest): """ Response returned when a comment post is invalid. If ``DEBUG`` is on a nice-ish error message will be displayed (for debugging purposes), but in production mode a simple opaque 400 page will be displayed. """ + def __init__(self, why): super(CommentPostBadRequest, self).__init__() if settings.DEBUG: self.content = render_to_string("comments/400-debug.html", {"why": why}) +@csrf_exempt @require_POST def post_comment(request, next=None, using=None): """ @@ -60,16 +60,15 @@ def post_comment(request, next=None, using=None): "Invalid content_type value: %r" % escape(ctype)) except AttributeError: return CommentPostBadRequest( - "The given content-type %r does not resolve to a valid model." % \ - escape(ctype)) + "The given content-type %r does not resolve to a valid model." % escape(ctype)) except ObjectDoesNotExist: return CommentPostBadRequest( - "No object matching content-type %r and object PK %r exists." % \ - (escape(ctype), escape(object_pk))) + "No object matching content-type %r and object PK %r exists." % ( + escape(ctype), escape(object_pk))) except (ValueError, ValidationError) as e: return CommentPostBadRequest( - "Attempting go get content-type %r and object PK %r exists raised %s" % \ - (escape(ctype), escape(object_pk), e.__class__.__name__)) + "Attempting go get content-type %r and object PK %r exists raised %s" % ( + escape(ctype), escape(object_pk), e.__class__.__name__)) # Do we want to preview the comment? preview = "preview" in data @@ -80,8 +79,7 @@ def post_comment(request, next=None, using=None): # Check security information if form.security_errors(): return CommentPostBadRequest( - "The comment form failed security verification: %s" % \ - escape(str(form.security_errors()))) + "The comment form failed security verification: %s" % escape(str(form.security_errors()))) # If there are errors or if we requested a preview show the comment if form.errors or preview: @@ -96,13 +94,11 @@ def post_comment(request, next=None, using=None): "comments/%s/preview.html" % model._meta.app_label, "comments/preview.html", ] - return render_to_response( - template_list, { + return render(request, template_list, { "comment": form.data.get("comment", ""), "form": form, "next": data.get("next", next), }, - RequestContext(request, {}) ) # Otherwise create the comment @@ -119,7 +115,7 @@ def post_comment(request, next=None, using=None): ) for (receiver, response) in responses: - if response == False: + if response is False: return CommentPostBadRequest( "comment_will_be_posted receiver %r killed the comment" % receiver.__name__) @@ -132,7 +128,8 @@ def post_comment(request, next=None, using=None): ) return next_redirect(request, fallback=next or 'comments-comment-done', - c=comment._get_pk_val()) + c=comment._get_pk_val()) + comment_done = confirmation_view( template="comments/posted.html", diff --git a/app/lib/django_comments/views/moderation.py b/app/lib/django_comments/views/moderation.py index b35626a..4460569 100644 --- a/app/lib/django_comments/views/moderation.py +++ b/app/lib/django_comments/views/moderation.py @@ -1,15 +1,15 @@ from __future__ import absolute_import -from django import template from django.conf import settings from django.contrib.auth.decorators import login_required, permission_required -from django.shortcuts import get_object_or_404, render_to_response +from django.shortcuts import get_object_or_404, render from django.views.decorators.csrf import csrf_protect import django_comments from django_comments import signals from django_comments.views.utils import next_redirect, confirmation_view + @csrf_protect @login_required def flag(request, comment_id, next=None): @@ -27,14 +27,12 @@ def flag(request, comment_id, next=None): if request.method == 'POST': perform_flag(request, comment) return next_redirect(request, fallback=next or 'comments-flag-done', - c=comment.pk) + c=comment.pk) # Render a form on GET else: - return render_to_response('comments/flag.html', - {'comment': comment, "next": next}, - template.RequestContext(request) - ) + return render(request, 'comments/flag.html', {'comment': comment, "next": next}) + @csrf_protect @permission_required("django_comments.can_moderate") @@ -55,14 +53,12 @@ def delete(request, comment_id, next=None): # Flag the comment as deleted instead of actually deleting it. perform_delete(request, comment) return next_redirect(request, fallback=next or 'comments-delete-done', - c=comment.pk) + c=comment.pk) # Render a form on GET else: - return render_to_response('comments/delete.html', - {'comment': comment, "next": next}, - template.RequestContext(request) - ) + return render(request, 'comments/delete.html', {'comment': comment, "next": next}) + @csrf_protect @permission_required("django_comments.can_moderate") @@ -83,14 +79,12 @@ def approve(request, comment_id, next=None): # Flag the comment as approved. perform_approve(request, comment) return next_redirect(request, fallback=next or 'comments-approve-done', - c=comment.pk) + c=comment.pk) # Render a form on GET else: - return render_to_response('comments/approve.html', - {'comment': comment, "next": next}, - template.RequestContext(request) - ) + return render(request, 'comments/approve.html', {'comment': comment, "next": next}) + # The following functions actually perform the various flag/aprove/delete # actions. They've been broken out into separate functions to that they @@ -101,40 +95,41 @@ def perform_flag(request, comment): Actually perform the flagging of a comment from a request. """ flag, created = django_comments.models.CommentFlag.objects.get_or_create( - comment = comment, - user = request.user, - flag = django_comments.models.CommentFlag.SUGGEST_REMOVAL + comment=comment, + user=request.user, + flag=django_comments.models.CommentFlag.SUGGEST_REMOVAL ) signals.comment_was_flagged.send( - sender = comment.__class__, - comment = comment, - flag = flag, - created = created, - request = request, + sender=comment.__class__, + comment=comment, + flag=flag, + created=created, + request=request, ) + def perform_delete(request, comment): flag, created = django_comments.models.CommentFlag.objects.get_or_create( - comment = comment, - user = request.user, - flag = django_comments.models.CommentFlag.MODERATOR_DELETION + comment=comment, + user=request.user, + flag=django_comments.models.CommentFlag.MODERATOR_DELETION ) comment.is_removed = True comment.save() signals.comment_was_flagged.send( - sender = comment.__class__, - comment = comment, - flag = flag, - created = created, - request = request, + sender=comment.__class__, + comment=comment, + flag=flag, + created=created, + request=request, ) def perform_approve(request, comment): flag, created = django_comments.models.CommentFlag.objects.get_or_create( - comment = comment, - user = request.user, - flag = django_comments.models.CommentFlag.MODERATOR_APPROVAL, + comment=comment, + user=request.user, + flag=django_comments.models.CommentFlag.MODERATOR_APPROVAL, ) comment.is_removed = False @@ -142,24 +137,24 @@ def perform_approve(request, comment): comment.save() signals.comment_was_flagged.send( - sender = comment.__class__, - comment = comment, - flag = flag, - created = created, - request = request, + sender=comment.__class__, + comment=comment, + flag=flag, + created=created, + request=request, ) # Confirmation views. flag_done = confirmation_view( - template = "comments/flagged.html", - doc = 'Displays a "comment was flagged" success page.' + template="comments/flagged.html", + doc='Displays a "comment was flagged" success page.' ) delete_done = confirmation_view( - template = "comments/deleted.html", - doc = 'Displays a "comment was deleted" success page.' + template="comments/deleted.html", + doc='Displays a "comment was deleted" success page.' ) approve_done = confirmation_view( - template = "comments/approved.html", - doc = 'Displays a "comment was approved" success page.' + template="comments/approved.html", + doc='Displays a "comment was approved" success page.' ) diff --git a/app/lib/django_comments/views/utils.py b/app/lib/django_comments/views/utils.py index 314ab8c..557e673 100644 --- a/app/lib/django_comments/views/utils.py +++ b/app/lib/django_comments/views/utils.py @@ -3,19 +3,20 @@ A few bits of helper functions for comment views. """ import textwrap + try: from urllib.parse import urlencode -except ImportError: # Python 2 +except ImportError: # Python 2 from urllib import urlencode from django.http import HttpResponseRedirect -from django.shortcuts import render_to_response, resolve_url -from django.template import RequestContext +from django.shortcuts import render, resolve_url from django.core.exceptions import ObjectDoesNotExist from django.utils.http import is_safe_url import django_comments + def next_redirect(request, fallback, **get_kwargs): """ Handle the "where should I go next?" part of comment views. @@ -42,11 +43,13 @@ def next_redirect(request, fallback, **get_kwargs): next += joiner + urlencode(get_kwargs) + anchor return HttpResponseRedirect(next) + def confirmation_view(template, doc="Display a confirmation view."): """ Confirmation view generator for the "comment was posted/flagged/deleted/approved" views. """ + def confirmed(request): comment = None if 'c' in request.GET: @@ -54,10 +57,7 @@ def confirmation_view(template, doc="Display a confirmation view."): comment = django_comments.get_model().objects.get(pk=request.GET['c']) except (ObjectDoesNotExist, ValueError): pass - return render_to_response(template, - {'comment': comment}, - context_instance=RequestContext(request) - ) + return render(request, template, {'comment': comment}) confirmed.__doc__ = textwrap.dedent("""\ %s |