]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/views/readers.py
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / views / readers.py
index 999d320c86cc9d60db6d67173ca639441a11888e..3de8c4148c4f4ebaf3fc2e9e509d8ccd3da839dd 100644 (file)
@@ -2,58 +2,60 @@
 import datetime
 import logging
 from urllib import unquote
 import datetime
 import logging
 from urllib import unquote
-from forum import settings as django_settings
 from django.shortcuts import render_to_response, get_object_or_404
 from django.shortcuts import render_to_response, get_object_or_404
-from django.http import HttpResponseRedirect, HttpResponse, Http404, HttpResponsePermanentRedirect
+from django.http import HttpResponseRedirect, Http404, HttpResponsePermanentRedirect
 from django.core.paginator import Paginator, EmptyPage, InvalidPage
 from django.template import RequestContext
 from django import template
 from django.utils.html import *
 from django.core.paginator import Paginator, EmptyPage, InvalidPage
 from django.template import RequestContext
 from django import template
 from django.utils.html import *
-from django.utils import simplejson
-from django.db.models import Q
+from django.db.models import Q, Count
 from django.utils.translation import ugettext as _
 from django.utils.translation import ugettext as _
-from django.template.defaultfilters import slugify
 from django.core.urlresolvers import reverse
 from django.core.urlresolvers import reverse
-from django.utils.datastructures import SortedDict
-from django.views.decorators.cache import cache_page
-from django.utils.http import urlquote  as django_urlquote
 from django.template.defaultfilters import slugify
 from django.utils.safestring import mark_safe
 
 from django.template.defaultfilters import slugify
 from django.utils.safestring import mark_safe
 
-from forum.utils.html import sanitize_html, hyperlink
+from forum import settings as django_settings
+from forum.utils.html import hyperlink
 from forum.utils.diff import textDiff as htmldiff
 from forum.utils import pagination
 from forum.forms import *
 from forum.models import *
 from forum.utils.diff import textDiff as htmldiff
 from forum.utils import pagination
 from forum.forms import *
 from forum.models import *
-from forum.forms import get_next_url
 from forum.actions import QuestionViewAction
 from forum.http_responses import HttpResponseUnauthorized
 from forum.actions import QuestionViewAction
 from forum.http_responses import HttpResponseUnauthorized
-from forum.feed import RssQuestionFeed
+from forum.feed import RssQuestionFeed, RssAnswerFeed
+from forum.utils.pagination import generate_uri
+
 import decorators
 
 import decorators
 
+class HottestQuestionsSort(pagination.SortBase):
+    def apply(self, questions):
+        return questions.annotate(new_child_count=Count('all_children')).filter(
+                all_children__added_at__gt=datetime.datetime.now() - datetime.timedelta(days=1)).order_by('-new_child_count')
+
+
 class QuestionListPaginatorContext(pagination.PaginatorContext):
 class QuestionListPaginatorContext(pagination.PaginatorContext):
-    def __init__(self):
-        super (QuestionListPaginatorContext, self).__init__('QUESTIONS_LIST', sort_methods=(
-            (_('active'), pagination.SimpleSort(_('active'), '-last_activity_at', _("most recently updated questions"))),
-            (_('newest'), pagination.SimpleSort(_('newest'), '-added_at', _("most recently asked questions"))),
-            (_('hottest'), pagination.SimpleSort(_('hottest'), '-extra_count', _("hottest questions"))),
-            (_('mostvoted'), pagination.SimpleSort(_('most voted'), '-score', _("most voted questions"))),
-        ), pagesizes=(15, 30, 50))
+    def __init__(self, id='QUESTIONS_LIST', prefix='', pagesizes=(15, 30, 50), default_pagesize=30):
+        super (QuestionListPaginatorContext, self).__init__(id, sort_methods=(
+            (_('active'), pagination.SimpleSort(_('active'), '-last_activity_at', _("Most <strong>recently updated</strong> questions"))),
+            (_('newest'), pagination.SimpleSort(_('newest'), '-added_at', _("most <strong>recently asked</strong> questions"))),
+            (_('hottest'), HottestQuestionsSort(_('hottest'), _("most <strong>active</strong> questions in the last 24 hours</strong>"))),
+            (_('mostvoted'), pagination.SimpleSort(_('most voted'), '-score', _("most <strong>voted</strong> questions"))),
+        ), pagesizes=pagesizes, default_pagesize=default_pagesize, prefix=prefix)
 
 class AnswerSort(pagination.SimpleSort):
 
 class AnswerSort(pagination.SimpleSort):
-    def apply(self, objects):
-        if self.label == _('votes'):
-            return objects.order_by('-marked', self.order_by, 'added_at')
+    def apply(self, answers):
+        if not settings.DISABLE_ACCEPTING_FEATURE:
+            return answers.order_by(*(['-marked'] + list(self._get_order_by())))
         else:
         else:
-            return objects.order_by('-marked', self.order_by)
+            return super(AnswerSort, self).apply(answers)
 
 class AnswerPaginatorContext(pagination.PaginatorContext):
 
 class AnswerPaginatorContext(pagination.PaginatorContext):
-    def __init__(self):
-        super (AnswerPaginatorContext, self).__init__('ANSWER_LIST', sort_methods=(
+    def __init__(self, id='ANSWER_LIST', prefix='', default_pagesize=10):
+        super (AnswerPaginatorContext, self).__init__(id, sort_methods=(
             (_('oldest'), AnswerSort(_('oldest answers'), 'added_at', _("oldest answers will be shown first"))),
             (_('newest'), AnswerSort(_('newest answers'), '-added_at', _("newest answers will be shown first"))),
             (_('oldest'), AnswerSort(_('oldest answers'), 'added_at', _("oldest answers will be shown first"))),
             (_('newest'), AnswerSort(_('newest answers'), '-added_at', _("newest answers will be shown first"))),
-            (_('votes'), AnswerSort(_('popular answers'), '-score', _("most voted answers will be shown first"))),
-        ), default_sort=_('votes'), sticky_sort = True, pagesizes=(5, 10, 20))
+            (_('votes'), AnswerSort(_('popular answers'), ('-score', 'added_at'), _("most voted answers will be shown first"))),
+        ), default_sort=_('votes'), pagesizes=(5, 10, 20), default_pagesize=default_pagesize, prefix=prefix)
 
 class TagPaginatorContext(pagination.PaginatorContext):
     def __init__(self):
 
 class TagPaginatorContext(pagination.PaginatorContext):
     def __init__(self):
@@ -65,43 +67,76 @@ class TagPaginatorContext(pagination.PaginatorContext):
 
 def feed(request):
     return RssQuestionFeed(
 
 def feed(request):
     return RssQuestionFeed(
+                request,
                 Question.objects.filter_state(deleted=False).order_by('-last_activity_at'),
                 settings.APP_TITLE + _(' - ')+ _('latest questions'),
                 Question.objects.filter_state(deleted=False).order_by('-last_activity_at'),
                 settings.APP_TITLE + _(' - ')+ _('latest questions'),
-                settings.APP_DESCRIPTION,
-                request)(request)
-
+                settings.APP_DESCRIPTION)(request)
 
 @decorators.render('index.html')
 def index(request):
 
 @decorators.render('index.html')
 def index(request):
+    paginator_context = QuestionListPaginatorContext()
+    paginator_context.base_path = reverse('questions')
     return question_list(request,
                          Question.objects.all(),
     return question_list(request,
                          Question.objects.all(),
-                         sort=request.utils.set_sort_method('active'),
                          base_path=reverse('questions'),
                          base_path=reverse('questions'),
-                         feed_url=reverse('latest_questions_feed'))
+                         feed_url=reverse('latest_questions_feed'),
+                         paginator_context=paginator_context)
 
 @decorators.render('questions.html', 'unanswered', _('unanswered'), weight=400)
 def unanswered(request):
     return question_list(request,
 
 @decorators.render('questions.html', 'unanswered', _('unanswered'), weight=400)
 def unanswered(request):
     return question_list(request,
-                         Question.objects.filter(extra_ref=None),
+                         Question.objects.exclude(id__in=Question.objects.filter(children__marked=True).distinct()).exclude(marked=True),
                          _('open questions without an accepted answer'),
                          _('open questions without an accepted answer'),
-                         request.utils.set_sort_method('active'),
                          None,
                          _("Unanswered Questions"))
 
 @decorators.render('questions.html', 'questions', _('questions'), weight=0)
 def questions(request):
                          None,
                          _("Unanswered Questions"))
 
 @decorators.render('questions.html', 'questions', _('questions'), weight=0)
 def questions(request):
-    return question_list(request, Question.objects.all(), _('questions'), request.utils.set_sort_method('active'))
+    return question_list(request, Question.objects.all(), _('questions'))
 
 @decorators.render('questions.html')
 def tag(request, tag):
 
 @decorators.render('questions.html')
 def tag(request, tag):
-    return question_list(request,
-                         Question.objects.filter(tags__name=unquote(tag)),
-                         mark_safe(_('questions tagged <span class="tag">%(tag)s</span>') % {'tag': tag}),
-                         request.utils.set_sort_method('active'),
+    try:
+        tag = Tag.active.get(name=unquote(tag))
+    except Tag.DoesNotExist:
+        raise Http404
+
+    # Getting the questions QuerySet
+    questions = Question.objects.filter(tags__id=tag.id)
+
+    if request.method == "GET":
+        user = request.GET.get('user', None)
+
+        if user is not None:
+            try:
+                questions = questions.filter(author=User.objects.get(username=user))
+            except User.DoesNotExist:
+                raise Http404
+
+    # The extra tag context we need to pass
+    tag_context = {
+        'tag' : tag,
+    }
+
+    # The context returned by the question_list function, contains info about the questions
+    question_context = question_list(request,
+                         questions,
+                         mark_safe(_(u'questions tagged <span class="tag">%(tag)s</span>') % {'tag': tag}),
                          None,
                          None,
-                         mark_safe(_('Questions Tagged With %(tag)s') % {'tag': tag}),
+                         mark_safe(_(u'Questions Tagged With %(tag)s') % {'tag': tag}),
                          False)
 
                          False)
 
+    # If the return data type is not a dict just return it
+    if not isinstance(question_context, dict):
+        return question_context
+
+    question_context = dict(question_context)
+
+    # Create the combined context
+    context = dict(question_context.items() + tag_context.items())
+
+    return context
+
 @decorators.render('questions.html', 'questions', tabbed=False)
 def user_questions(request, mode, user, slug):
     user = get_object_or_404(User, id=user)
 @decorators.render('questions.html', 'questions', tabbed=False)
 def user_questions(request, mode, user, slug):
     user = get_object_or_404(User, id=user)
@@ -127,17 +162,18 @@ def user_questions(request, mode, user, slug):
 
     return question_list(request, questions,
                          mark_safe(description % hyperlink(user.get_profile_url(), user.username)),
 
     return question_list(request, questions,
                          mark_safe(description % hyperlink(user.get_profile_url(), user.username)),
-                         request.utils.set_sort_method('active'),
                          page_title=description % user.username)
 
 def question_list(request, initial,
                   list_description=_('questions'),
                          page_title=description % user.username)
 
 def question_list(request, initial,
                   list_description=_('questions'),
-                  sort=None,
                   base_path=None,
                   page_title=_("All Questions"),
                   allowIgnoreTags=True,
                   feed_url=None,
                   base_path=None,
                   page_title=_("All Questions"),
                   allowIgnoreTags=True,
                   feed_url=None,
-                  paginator_context=None):
+                  paginator_context=None,
+                  feed_sort=('-added_at',),
+                  feed_req_params_exclude=(_('page'), _('pagesize'), _('sort')),
+                  extra_context={}):
 
     questions = initial.filter_state(deleted=False)
 
 
     questions = initial.filter_state(deleted=False)
 
@@ -148,34 +184,39 @@ def question_list(request, initial,
         page_title = _("Questions")
 
     if request.GET.get('type', None) == 'rss':
         page_title = _("Questions")
 
     if request.GET.get('type', None) == 'rss':
-        return RssQuestionFeed(questions, page_title, list_description, request)(request)
+        if feed_sort:
+            questions = questions.order_by(*feed_sort)
+        return RssQuestionFeed(request, questions, page_title, list_description)(request)
 
     keywords =  ""
     if request.GET.get("q"):
         keywords = request.GET.get("q").strip()
 
 
     keywords =  ""
     if request.GET.get("q"):
         keywords = request.GET.get("q").strip()
 
-    answer_count = Answer.objects.filter_state(deleted=False).filter(parent__in=questions).count()
-    answer_description = _("answers")
+    #answer_count = Answer.objects.filter_state(deleted=False).filter(parent__in=questions).count()
+    #answer_description = _("answers")
 
     if not feed_url:
 
     if not feed_url:
-        req_params = "&".join(["%s=%s" % (k, v) for k, v in request.GET.items() if not k in (_('page'), _('pagesize'), _('sort'))])
+        req_params = generate_uri(request.GET, feed_req_params_exclude)
+
         if req_params:
             req_params = '&' + req_params
 
         if req_params:
             req_params = '&' + req_params
 
-        feed_url = mark_safe(request.path + "?type=rss" + req_params)
-
-    return pagination.paginated(request, 'questions', paginator_context or QuestionListPaginatorContext(), {
-    "questions" : questions,
-    "questions_count" : questions.count(),
-    "answer_count" : answer_count,
-    "keywords" : keywords,
-    "list_description": list_description,
-    "answer_description": answer_description,
-    "base_path" : base_path,
-    "page_title" : page_title,
-    "tab" : "questions",
-    'feed_url': feed_url,
-    })
+        feed_url = request.path + "?type=rss" + req_params
+
+    context = {
+        'questions' : questions.distinct(),
+        'questions_count' : questions.count(),
+        'keywords' : keywords,
+        'list_description': list_description,
+        'base_path' : base_path,
+        'page_title' : page_title,
+        'tab' : 'questions',
+        'feed_url': feed_url,
+    }
+    context.update(extra_context)
+
+    return pagination.paginated(request,
+                               ('questions', paginator_context or QuestionListPaginatorContext()), context)
 
 
 def search(request):
 
 
 def search(request):
@@ -189,28 +230,37 @@ def search(request):
             return HttpResponseRedirect(reverse('tags') + '?q=%s' % urlquote(keywords.strip()))
         elif search_type == "user":
             return HttpResponseRedirect(reverse('users') + '?q=%s' % urlquote(keywords.strip()))
             return HttpResponseRedirect(reverse('tags') + '?q=%s' % urlquote(keywords.strip()))
         elif search_type == "user":
             return HttpResponseRedirect(reverse('users') + '?q=%s' % urlquote(keywords.strip()))
-        elif search_type == "question":
+        else:
             return question_search(request, keywords)
     else:
         return render_to_response("search.html", context_instance=RequestContext(request))
 
 @decorators.render('questions.html')
 def question_search(request, keywords):
             return question_search(request, keywords)
     else:
         return render_to_response("search.html", context_instance=RequestContext(request))
 
 @decorators.render('questions.html')
 def question_search(request, keywords):
+    rank_feed = False
     can_rank, initial = Question.objects.search(keywords)
 
     if can_rank:
     can_rank, initial = Question.objects.search(keywords)
 
     if can_rank:
+        sort_order = None
+
+        if isinstance(can_rank, basestring):
+            sort_order = can_rank
+            rank_feed = True
+
         paginator_context = QuestionListPaginatorContext()
         paginator_context = QuestionListPaginatorContext()
-        paginator_context.sort_methods[_('ranking')] = pagination.SimpleSort(_('relevance'), '-ranking', _("most relevant questions"))
+        paginator_context.sort_methods[_('ranking')] = pagination.SimpleSort(_('relevance'), sort_order, _("most relevant questions"))
         paginator_context.force_sort = _('ranking')
     else:
         paginator_context = None
 
         paginator_context.force_sort = _('ranking')
     else:
         paginator_context = None
 
+    feed_url = mark_safe(escape(request.path + "?type=rss&q=" + keywords))
+
     return question_list(request, initial,
                          _("questions matching '%(keywords)s'") % {'keywords': keywords},
     return question_list(request, initial,
                          _("questions matching '%(keywords)s'") % {'keywords': keywords},
-                         False,
-                         "%s?t=question&q=%s" % (reverse('search'),django_urlquote(keywords)),
+                         None,
                          _("questions matching '%(keywords)s'") % {'keywords': keywords},
                          _("questions matching '%(keywords)s'") % {'keywords': keywords},
-                         paginator_context=paginator_context)
+                         paginator_context=paginator_context,
+                         feed_url=feed_url, feed_sort=rank_feed and (can_rank,) or '-added_at')
 
 
 @decorators.render('tags.html', 'tags', _('tags'), weight=100)
 
 
 @decorators.render('tags.html', 'tags', _('tags'), weight=100)
@@ -221,27 +271,25 @@ def tags(request):
     if request.method == "GET":
         stag = request.GET.get("q", "").strip()
         if stag:
     if request.method == "GET":
         stag = request.GET.get("q", "").strip()
         if stag:
-            tags = tags.filter(name__contains=stag)
+            tags = tags.filter(name__icontains=stag)
 
 
-    return pagination.paginated(request, 'tags', TagPaginatorContext(), {
+    return pagination.paginated(request, ('tags', TagPaginatorContext()), {
         "tags" : tags,
         "stag" : stag,
         "keywords" : stag
     })
 
 def update_question_view_times(request, question):
         "tags" : tags,
         "stag" : stag,
         "keywords" : stag
     })
 
 def update_question_view_times(request, question):
-    if not 'last_seen_in_question' in request.session:
-        request.session['last_seen_in_question'] = {}
+    last_seen_in_question = request.session.get('last_seen_in_question', {})
 
 
-    last_seen = request.session['last_seen_in_question'].get(question.id, None)
+    last_seen = last_seen_in_question.get(question.id, None)
 
 
-    if (not last_seen) or last_seen < question.last_activity_at:
+    if (not last_seen) or (last_seen < question.last_activity_at):
         QuestionViewAction(question, request.user, ip=request.META['REMOTE_ADDR']).save()
         QuestionViewAction(question, request.user, ip=request.META['REMOTE_ADDR']).save()
-        request.session['last_seen_in_question'][question.id] = datetime.datetime.now()
-
-    request.session['last_seen_in_question'][question.id] = datetime.datetime.now()
+        last_seen_in_question[question.id] = datetime.datetime.now()
+        request.session['last_seen_in_question'] = last_seen_in_question
 
 
-def match_question_slug(slug):
+def match_question_slug(id, slug):
     slug_words = slug.split('-')
     qs = Question.objects.filter(title__istartswith=slug_words[0])
 
     slug_words = slug.split('-')
     qs = Question.objects.filter(title__istartswith=slug_words[0])
 
@@ -264,8 +312,8 @@ def answer_redirect(request, answer):
         filter = Q(score__gt=answer.score) | Q(score=answer.score, added_at__lt=answer.added_at)
     else:
         raise Http404()
         filter = Q(score__gt=answer.score) | Q(score=answer.score, added_at__lt=answer.added_at)
     else:
         raise Http404()
-        
-    count = answer.question.answers.filter(Q(marked=True) | filter).count()
+
+    count = answer.question.answers.filter(Q(marked=True) | filter).exclude(state_string="(deleted)").count()
     pagesize = pc.pagesize(request)
 
     page = count / pagesize
     pagesize = pc.pagesize(request)
 
     page = count / pagesize
@@ -276,16 +324,16 @@ def answer_redirect(request, answer):
     if page == 0:
         page = 1
 
     if page == 0:
         page = 1
 
-    return HttpResponsePermanentRedirect("%s?%s=%s#%s" % (
-        answer.question.get_absolute_url(), _('page'), page, answer.id))
+    return HttpResponseRedirect("%s?%s=%s&focusedAnswerId=%s#%s" % (
+        answer.question.get_absolute_url(), _('page'), page, answer.id, answer.id))
 
 
-@decorators.render("question.html", 'questions', tabbed=False)
-def question(request, id, slug, answer=None):
+@decorators.render("question.html", 'questions')
+def question(request, id, slug='', answer=None):
     try:
         question = Question.objects.get(id=id)
     except:
         if slug:
     try:
         question = Question.objects.get(id=id)
     except:
         if slug:
-            question = match_question_slug(slug)
+            question = match_question_slug(id, slug)
             if question is not None:
                 return HttpResponseRedirect(question.get_absolute_url())
 
             if question is not None:
                 return HttpResponseRedirect(question.get_absolute_url())
 
@@ -294,6 +342,9 @@ def question(request, id, slug, answer=None):
     if question.nis.deleted and not request.user.can_view_deleted_post(question):
         raise Http404
 
     if question.nis.deleted and not request.user.can_view_deleted_post(question):
         raise Http404
 
+    if request.GET.get('type', None) == 'rss':
+        return RssAnswerFeed(request, question, include_comments=request.GET.get('comments', None) == 'yes')(request)
+
     if answer:
         answer = get_object_or_404(Answer, id=answer)
 
     if answer:
         answer = get_object_or_404(Answer, id=answer)
 
@@ -305,10 +356,13 @@ def question(request, id, slug, answer=None):
 
         return answer_redirect(request, answer)
 
 
         return answer_redirect(request, answer)
 
+    if settings.FORCE_SINGLE_URL and (slug != slugify(question.title)):
+        return HttpResponsePermanentRedirect(question.get_absolute_url())
+
     if request.POST:
     if request.POST:
-        answer_form = AnswerForm(question, request.POST)
+        answer_form = AnswerForm(request.POST, user=request.user)
     else:
     else:
-        answer_form = AnswerForm(question)
+        answer_form = AnswerForm(user=request.user)
 
     answers = request.user.get_visible_answers(question)
 
 
     answers = request.user.get_visible_answers(question)
 
@@ -321,13 +375,19 @@ def question(request, id, slug, answer=None):
             subscription = False
     else:
         subscription = False
             subscription = False
     else:
         subscription = False
+    try:
+        focused_answer_id = int(request.GET.get("focusedAnswerId", None))
+    except TypeError, ValueError:
+        focused_answer_id = None
 
 
-    return pagination.paginated(request, 'answers', AnswerPaginatorContext(), {
+    return pagination.paginated(request, ('answers', AnswerPaginatorContext()), {
     "question" : question,
     "answer" : answer_form,
     "answers" : answers,
     "similar_questions" : question.get_related_questions(),
     "subscription": subscription,
     "question" : question,
     "answer" : answer_form,
     "answers" : answers,
     "similar_questions" : question.get_related_questions(),
     "subscription": subscription,
+    "embed_youtube_videos" : settings.EMBED_YOUTUBE_VIDEOS,
+    "focused_answer_id" : focused_answer_id
     })
 
 
     })