]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/actions/node.py
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / actions / node.py
index be386facd8d640aaba0eba19437450496c138f5b..5ba6e2bfe0f1904f6571d6974bdecf5aff0ec5b9 100644 (file)
-from django.utils.html import strip_tags\r
-from django.utils.translation import ugettext as _\r
-from forum.models.action import ActionProxy\r
-from forum.models import Comment, Question, Answer, NodeRevision\r
-\r
-class NodeEditAction(ActionProxy):\r
-    def create_revision_data(self, initial=False, **data):\r
-        revision_data = dict(summary=data.get('summary', (initial and _('Initial revision') or '')), body=data['text'])\r
-\r
-        if data.get('title', None):\r
-            revision_data['title'] = strip_tags(data['title'].strip())\r
-\r
-        if data.get('tags', None):\r
-            revision_data['tagnames'] = data['tags'].strip()\r
-\r
-        return revision_data\r
-\r
-class AskAction(NodeEditAction):\r
-    verb = _("asked")\r
-\r
-    def process_data(self, **data):\r
-        question = Question(author=self.user, **self.create_revision_data(True, **data))\r
-        question.save()\r
-        self.node = question\r
-\r
-    def describe(self, viewer=None):\r
-        return _("%(user)s asked %(question)s") % {\r
-            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),\r
-            'question': self.hyperlink(self.node.get_absolute_url(), self.node.title)\r
-        }\r
-\r
-class AnswerAction(NodeEditAction):\r
-    verb = _("answered")\r
-\r
-    def process_data(self, **data):\r
-        answer = Answer(author=self.user, parent=data['question'], **self.create_revision_data(True, **data))\r
-        answer.save()\r
-        self.node = answer\r
-\r
-    def process_action(self):\r
-        self.node.question.reset_answer_count_cache()\r
-\r
-    def describe(self, viewer=None):\r
-        question = self.node.parent\r
-        return _("%(user)s answered %(asker)s %(question)s") % {\r
-            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),\r
-            'asker': self.hyperlink(question.author.get_profile_url(), self.friendly_username(viewer, question.author)),\r
-            'question': self.hyperlink(self.node.get_absolute_url(), question.title)\r
-        }\r
-\r
-class CommentAction(ActionProxy):\r
-    verb = _("commented")\r
-\r
-    def process_data(self, text='', parent=None):\r
-        comment = Comment(author=self.user, parent=parent, body=text)\r
-        comment.save()\r
-        self.node = comment\r
-\r
-    def describe(self, viewer=None):\r
-        return _("%(user)s commented on %(post_desc)s") % {\r
-            'user': self.hyperlink(self.node.author.get_profile_url(), self.friendly_username(viewer, self.node.author)),\r
-            'post_desc': self.describe_node(viewer, self.node.parent)\r
-        }\r
-\r
-class ReviseAction(NodeEditAction):\r
-    verb = _("edited")\r
-\r
-    def process_data(self, **data):\r
-        revision_data = self.create_revision_data(**data)\r
-        revision = self.node.create_revision(self.user, action=self, **revision_data)\r
-        self.extra = revision.revision\r
-\r
-    def describe(self, viewer=None):\r
-        return _("%(user)s edited %(post_desc)s") % {\r
-            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),\r
-            'post_desc': self.describe_node(viewer, self.node)\r
-        }\r
-\r
-    def get_absolute_url(self):\r
-        return self.node.get_revisions_url()\r
-\r
-class RetagAction(ActionProxy):\r
-    verb = _("retagged")\r
-\r
-    def process_data(self, tagnames=''):\r
-        active = self.node.active_revision\r
-        revision_data = dict(summary=_('Retag'), title=active.title, tagnames=strip_tags(tagnames.strip()), body=active.body)\r
-        self.node.create_revision(self.user, action=self, **revision_data)\r
-\r
-    def describe(self, viewer=None):\r
-        return _("%(user)s retagged %(post_desc)s") % {\r
-            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),\r
-            'post_desc': self.describe_node(viewer, self.node)\r
-        }\r
-\r
-    def get_absolute_url(self):\r
-        return self.node.get_revisions_url()\r
-\r
-class RollbackAction(ActionProxy):\r
-    verb = _("reverted")\r
-\r
-    def process_data(self, activate=None):\r
-        previous = self.node.active_revision\r
-        self.node.activate_revision(self.user, activate, self)\r
-        self.extra = "%d:%d" % (previous.revision, activate.revision)\r
-\r
-    def describe(self, viewer=None):\r
-        revisions = [NodeRevision.objects.get(node=self.node, revision=int(n)) for n in self.extra.split(':')]\r
-\r
-        return _("%(user)s reverted %(post_desc)s from revision %(initial)d (%(initial_sum)s) to revision %(final)d (%(final_sum)s)") % {\r
-            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),\r
-            'post_desc': self.describe_node(viewer, self.node),\r
-            'initial': revisions[0].revision, 'initial_sum': revisions[0].summary,\r
-            'final': revisions[1].revision, 'final_sum': revisions[1].summary,\r
-        }\r
-\r
-    def get_absolute_url(self):\r
-        return self.node.get_revisions_url()\r
-\r
-class CloseAction(ActionProxy):\r
-    verb = _("closed")\r
-\r
-    def process_action(self):\r
-        self.node.extra_action = self\r
-        self.node.marked = True\r
-        self.node.save()\r
-\r
-    def cancel_action(self):\r
-        self.node.extra_action = None\r
-        self.node.marked = False\r
-        self.node.save()\r
-\r
-    def describe(self, viewer=None):\r
-        return _("%(user)s closed %(post_desc)s: %(reason)s") % {\r
-            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),\r
-            'post_desc': self.describe_node(viewer, self.node),\r
-            'reason': self.extra\r
-        }
\ No newline at end of file
+from django.utils.html import strip_tags
+from django.utils.translation import ugettext as _
+from forum.models.action import ActionProxy
+from forum.models import Comment, Question, Answer, NodeRevision
+import logging
+
+class NodeEditAction(ActionProxy):
+    def create_revision_data(self, initial=False, **data):
+        revision_data = dict(summary=data.get('summary', (initial and _('Initial revision') or '')), body=data['text'])
+
+        if data.get('title', None):
+            revision_data['title'] = strip_tags(data['title'].strip())
+
+        if data.get('tags', None):
+            revision_data['tagnames'] = data['tags'].strip()
+
+        return revision_data
+
+class AskAction(NodeEditAction):
+    verb = _("asked")
+
+    def process_data(self, **data):
+        processed_data = self.create_revision_data(True, **data)
+        if 'added_at' in data:
+            processed_data['added_at'] = data['added_at']
+
+        question = Question(author=self.user, **processed_data)
+        question.save()
+        self.node = question
+
+        self.user.message_set.create(message=self.describe(self.user))
+
+    def describe(self, viewer=None):
+        return _("%(user)s asked %(question)s") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'question': self.hyperlink(self.node.get_absolute_url(), self.node.title)
+        }
+
+class AnswerAction(NodeEditAction):
+    verb = _("answered")
+
+    def process_data(self, **data):
+        answer = Answer(author=self.user, parent=data['question'], **self.create_revision_data(True, **data))
+        answer.save()
+        self.node = answer
+
+    def process_action(self):
+        self.node.question.reset_answer_count_cache()
+
+        self.user.message_set.create(message=self.describe(self.user))
+
+
+    def describe(self, viewer=None):
+        question = self.node.parent
+        return _("%(user)s answered %(asker)s on %(question)s") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'asker': self.hyperlink(question.author.get_profile_url(), self.friendly_username(viewer, question.author)),
+            'question': self.hyperlink(self.node.get_absolute_url(), question.title)
+        }
+
+class CommentAction(ActionProxy):
+    verb = _("commented")
+
+    def process_data(self, text='', parent=None):
+        comment = Comment(author=self.user, parent=parent, body=text)
+        comment.save()
+        self.node = comment
+
+    def describe(self, viewer=None):
+        return _("%(user)s commented on %(post_desc)s") % {
+            'user': self.hyperlink(self.node.author.get_profile_url(), self.friendly_username(viewer, self.node.author)),
+            'post_desc': self.describe_node(viewer, self.node.parent)
+        }
+
+class ReviseAction(NodeEditAction):
+    verb = _("edited")
+
+    def process_data(self, **data):
+        revision_data = self.create_revision_data(**data)
+        revision = self.node.create_revision(self.user, **revision_data)
+        self.extra = revision.revision
+
+    def process_action(self):
+        self.node.last_edited = self
+        self.node.save()
+
+    def describe(self, viewer=None):
+        return _("%(user)s edited %(post_desc)s") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'post_desc': self.describe_node(viewer, self.node)
+        }
+
+    def get_absolute_url(self):
+        return self.node.get_revisions_url()
+
+class RetagAction(ActionProxy):
+    verb = _("retagged")
+
+    def process_data(self, tagnames=''):
+        active = self.node.active_revision
+        revision_data = dict(summary=_('Retag'), title=active.title, tagnames=strip_tags(tagnames.strip()), body=active.body)
+        revision = self.node.create_revision(self.user, **revision_data)
+        self.extra = revision.revision
+
+    def process_action(self):
+        self.node.last_edited = self
+        self.node.save()
+
+    def describe(self, viewer=None):
+        return _("%(user)s retagged %(post_desc)s") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'post_desc': self.describe_node(viewer, self.node)
+        }
+
+    def get_absolute_url(self):
+        return self.node.get_revisions_url()
+
+class RollbackAction(ActionProxy):
+    verb = _("reverted")
+
+    def process_data(self, activate=None):
+        previous = self.node.active_revision
+        self.node.activate_revision(self.user, activate)
+        self.extra = "%d:%d" % (previous.revision, activate.revision)
+
+    def process_action(self):
+        self.node.last_edited = self
+        self.node.save()
+
+    def describe(self, viewer=None):
+        revisions = [NodeRevision.objects.get(node=self.node, revision=int(n)) for n in self.extra.split(':')]
+
+        return _("%(user)s reverted %(post_desc)s from revision %(initial)d (%(initial_sum)s) to revision %(final)d (%(final_sum)s)") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'post_desc': self.describe_node(viewer, self.node),
+            'initial': revisions[0].revision, 'initial_sum': revisions[0].summary,
+            'final': revisions[1].revision, 'final_sum': revisions[1].summary,
+        }
+
+    def get_absolute_url(self):
+        return self.node.get_revisions_url()
+
+class CloseAction(ActionProxy):
+    verb = _("closed")
+
+    def process_action(self):
+        self.node.marked = True
+        self.node.nstate.closed = self
+        self.node.last_edited = self
+        self.node.update_last_activity(self.user, save=True)
+
+    def cancel_action(self):
+        self.node.marked = False
+        self.node.nstate.closed = None
+        self.node.update_last_activity(self.user, save=True)
+
+    def describe(self, viewer=None):
+        return _("%(user)s closed %(post_desc)s: %(reason)s") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'post_desc': self.describe_node(viewer, self.node),
+            'reason': self.extra
+        }
+
+class AnswerToCommentAction(ActionProxy):
+    verb = _("converted")
+
+    def process_data(self, new_parent=None):
+        self.node.parent = new_parent
+        self.node.node_type = "comment"
+
+        for comment in self.node.comments.all():
+            comment.parent = new_parent
+            comment.save()
+
+        self.node.last_edited = self
+        self.node.update_last_activity(self.user, save=True)
+        try:
+            self.node.abs_parent.reset_answer_count_cache()
+        except AttributeError:
+            pass
+
+    def describe(self, viewer=None):
+        return _("%(user)s converted an answer to %(question)s into a comment") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'question': self.describe_node(viewer, self.node.abs_parent),
+        }
+
+class CommentToAnswerAction(ActionProxy):
+    verb = _("converted")
+
+    def process_data(self, question):
+        self.node.parent = question
+        self.node.node_type = "answer"
+        self.node.last_edited = self
+        self.node.update_last_activity(self.user, save=True)
+
+        # Now updated the cached data
+        question.reset_answer_count_cache()
+
+    def describe(self, viewer=None):
+        return _("%(user)s converted comment on %(question)s into an answer") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'question': self.describe_node(viewer, self.node.abs_parent),
+        }
+class CommentToQuestionAction(NodeEditAction):
+    verb = _("converted")
+
+    def process_data(self, **data):
+        revision_data = self.create_revision_data(**data)
+        revision = self.node.create_revision(self.user, **revision_data)
+
+        self.extra = {
+            'covert_revision': revision.revision,
+        }
+
+        self.node.node_type = "question"
+        self.node.parent = None
+        self.node.abs_parent = None
+
+    def process_action(self):
+        self.node.last_edited = self
+        self.node.save()
+
+    def describe(self, viewer=None):
+        return _("%(user)s converted comment on %(question)s to a new question") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'question': self.describe_node(viewer, self.node.abs_parent),
+        }
+
+class AnswerToQuestionAction(NodeEditAction):
+    verb = _("converted to question")
+
+    def process_data(self,  **data):
+        revision_data = self.create_revision_data(**data)
+        revision = self.node.create_revision(self.user, **revision_data)
+
+        original_question = self.node.question
+
+        self.extra = {
+            'covert_revision': revision.revision,
+            'original_question': original_question
+        }
+
+        self.node.node_type = "question"
+        self.node.parent = None
+        self.node.abs_parent = None
+
+        original_question.reset_answer_count_cache()
+
+    def process_action(self):
+        self.node.last_edited = self
+        self.node.save()
+
+
+    def describe(self, viewer=None):
+        return _("%(user)s converted an answer to %(question)s into a separate question") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'question': self.describe_node(viewer, self.node.abs_parent),
+        }
+
+class WikifyAction(ActionProxy):
+    verb = _("wikified")
+
+    def process_action(self):
+        self.node.nstate.wiki = self
+        self.node.last_edited = self
+        self.node.update_last_activity(self.user, save=True)
+
+    def cancel_action(self):
+        self.node.nstate.wiki = None
+        self.node.update_last_activity(self.user, save=True)
+
+    def describe(self, viewer=None):
+        return _("%(user)s marked %(node)s as community wiki.") % {
+            'user': self.hyperlink(self.user.get_profile_url(), self.friendly_username(viewer, self.user)),
+            'node': self.describe_node(viewer, self.node),
+        }
+