]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/views/decorators.py
Prevent XSS attacks with wmd using the google-caja html sanitizer.
[osqa.git] / forum / views / decorators.py
index 4eb832a4ab1ea7d6e03c796bcf9d149eeaead29b..9cb8cbd4ca08d622f0a3edb9f8cd18e1a4eae629 100644 (file)
@@ -1,17 +1,30 @@
-from django.http import HttpResponse, HttpResponseRedirect, Http404\r
+# -*- coding: utf-8 -*-\r
+\r
+import logging\r
+\r
+from datetime import datetime\r
+\r
+from django.http import HttpResponse, HttpResponseRedirect\r
 from django.utils import simplejson\r
-from django.core.paginator import Paginator, EmptyPage\r
 from django.shortcuts import render_to_response\r
 from django.core.urlresolvers import reverse\r
 from django.template import RequestContext\r
-from django.utils.translation import ungettext, ugettext as _\r
-from forum.modules import ui\r
-import logging\r
+from django.utils.translation import ugettext as _\r
+\r
+from forum.modules import ui, decorate\r
+from forum.settings import ONLINE_USERS\r
+\r
+def login_required(func, request, *args, **kwargs):\r
+    if not request.user.is_authenticated():\r
+        return HttpResponseRedirect(reverse('auth_signin'))\r
+    else:\r
+        return func(request, *args, **kwargs)\r
 \r
 def render(template=None, tab=None, tab_title='', weight=500, tabbed=True):\r
-    def decorator(func):\r
-        def decorated(request, *args, **kwargs):\r
-            context = func(request, *args, **kwargs)\r
+    def decorator(func):        \r
+        def decorated(context, request, *args, **kwargs):\r
+            if request.user.is_authenticated():\r
+                ONLINE_USERS[request.user] = datetime.now()\r
 \r
             if isinstance(context, HttpResponse):\r
                 return context\r
@@ -22,62 +35,14 @@ def render(template=None, tab=None, tab_title='', weight=500, tabbed=True):
             return render_to_response(context.pop('template', template), context,\r
                                       context_instance=RequestContext(request))\r
 \r
-        if tabbed and tab:\r
+        if tabbed and tab and tab_title:\r
             ui.register(ui.PAGE_TOP_TABS,\r
                         ui.PageTab(tab, tab_title, lambda: reverse(func.__name__), weight=weight))\r
             \r
-        return decorated\r
+        return decorate.result.withfn(decorated, needs_params=True)(func)\r
 \r
     return decorator\r
 \r
-def list(paginate, default_page_size):\r
-    def decorator(func):\r
-        def decorated(request, *args, **kwargs):\r
-            context = func(request, *args, **kwargs)\r
-\r
-            if isinstance(context, HttpResponse):\r
-                return context\r
-\r
-            pagesize = request.utils.page_size(default_page_size)\r
-            page = int(request.GET.get('page', 1))\r
-\r
-            big_list = context[paginate]\r
-            paginator = Paginator(big_list, pagesize)\r
-\r
-            try:\r
-                page_obj = paginator.page(page)\r
-            except EmptyPage:\r
-                raise Http404()\r
-\r
-            context[paginate] = page_obj.object_list.lazy()\r
-\r
-            base_path = context.get('base_path', None) or request.path\r
-            sort = request.utils.sort_method('')\r
-\r
-            context["pagination_context"] = {\r
-            'is_paginated' : True,\r
-            'pages': paginator.num_pages,\r
-            'page': page,\r
-            'has_previous': page_obj.has_previous(),\r
-            'has_next': page_obj.has_next(),\r
-            'previous': page_obj.previous_page_number(),\r
-            'next': page_obj.next_page_number(),\r
-            'base_url' : "%s%ssort=%s&" % (base_path, ('?' in base_path) and '&' or '?', sort),\r
-            'pagesize' : pagesize\r
-            }\r
-\r
-            context['sort_context'] = {\r
-            'base_url': "%s%ssort=" % (base_path, ('?' in base_path) and '&' or '?'),\r
-            'current': sort,\r
-            }\r
-\r
-            return context\r
-\r
-        return decorated\r
-\r
-    return decorator\r
-\r
-\r
 class CommandException(Exception):\r
     pass\r
 \r
@@ -87,35 +52,33 @@ class RefreshPageCommand(HttpResponse):
                 content=simplejson.dumps({'commands': {'refresh_page': []}, 'success': True}),\r
                 mimetype="application/json")\r
 \r
-def command(func):\r
-    def decorated(request, *args, **kwargs):\r
-        try:\r
-            response = func(request, *args, **kwargs)\r
-\r
-            if isinstance(response, HttpResponse):\r
-                return response\r
-\r
-            response['success'] = True\r
-        except Exception, e:\r
-            import traceback\r
-            #traceback.print_exc()\r
-\r
-            if isinstance(e, CommandException):\r
-                response = {\r
-                'success': False,\r
-                'error_message': e.message\r
-                }\r
-            else:\r
-                logging.error("%s: %s" % (func.__name__, str(e)))\r
-                logging.error(traceback.format_exc())\r
-                response = {\r
-                'success': False,\r
-                'error_message': _("We're sorry, but an unknown error ocurred.<br />Please try again in a while.")\r
-                }\r
-\r
-        if request.is_ajax():\r
-            return HttpResponse(simplejson.dumps(response), mimetype="application/json")\r
+def command(func, request, *args, **kwargs):\r
+    try:\r
+        response = func(request, *args, **kwargs)\r
+\r
+        if isinstance(response, HttpResponse):\r
+            return response\r
+\r
+        response['success'] = True\r
+    except Exception, e:\r
+        import traceback\r
+        #traceback.print_exc()\r
+\r
+        if isinstance(e, CommandException):\r
+            response = {\r
+            'success': False,\r
+            'error_message': e.message\r
+            }\r
         else:\r
-            return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/'))\r
+            logging.error("%s: %s" % (func.__name__, str(e)))\r
+            logging.error(traceback.format_exc())\r
+            response = {\r
+            'success': False,\r
+            'error_message': _("We're sorry, but an unknown error ocurred.<br />Please try again in a while.")\r
+            }\r
+\r
+    if request.is_ajax():\r
+        return HttpResponse(simplejson.dumps(response), mimetype="application/json")\r
+    else:\r
+        return HttpResponseRedirect(request.META.get('HTTP_REFERER', '/'))\r
 \r
-    return decorated
\ No newline at end of file