]> git.openstreetmap.org Git - osqa.git/blobdiff - forum/views/writers.py
OSQA-696, user profile URLs shouldn't be arbitrary, comparing the passed slug and...
[osqa.git] / forum / views / writers.py
index a5c5d704f817f926f28d5328842ed72ad02494e9..41a1320012de0be60288981c0cb1e6e3f48473bc 100644 (file)
@@ -1,25 +1,24 @@
 # encoding:utf-8
 import os.path
-import time, datetime, random
-import logging
+
+from django.views.decorators.csrf import csrf_exempt
 from django.core.files.storage import FileSystemStorage
 from django.shortcuts import render_to_response, get_object_or_404
 from django.http import HttpResponseRedirect, HttpResponse, Http404
 from django.template import RequestContext
 from django.utils.html import *
-from django.utils import simplejson
 from django.utils.translation import ugettext as _
-from django.core.urlresolvers import reverse
-from django.core.exceptions import PermissionDenied
 
-from forum.actions import AskAction, AnswerAction, ReviseAction, RollbackAction, RetagAction
+from forum.actions import AskAction, AnswerAction, ReviseAction, RollbackAction, RetagAction, AnswerToQuestionAction, CommentToQuestionAction
 from forum.forms import *
 from forum.models import *
-from forum.forms import get_next_url
 from forum.utils import html
 
+from forum.http_responses import HttpResponseUnauthorized
+
 from vars import PENDING_SUBMISSION_SESSION_ATTR
 
+@csrf_exempt
 def upload(request):#ajax upload file to a question or answer
     class FileTypeNotAllow(Exception):
         pass
@@ -111,6 +110,23 @@ def ask(request):
         'tab' : 'ask'
         }, context_instance=RequestContext(request))
 
+def convert_to_question(request, id):
+    user = request.user
+
+    node_type = request.GET.get('node_type', 'answer')
+    if node_type == 'comment':
+        node = get_object_or_404(Comment, id=id)
+        action_class = CommentToQuestionAction
+    else:
+        node = get_object_or_404(Answer, id=id)
+        action_class = AnswerToQuestionAction
+
+    if not user.can_convert_to_question(node):
+        return HttpResponseUnauthorized(request)
+
+    return _edit_question(request, node, template='node/convert_to_question.html', summary=_("Converted to question"),
+                           action_class =action_class, allow_rollback=False, url_getter=lambda a: Question.objects.get(id=a.id).get_absolute_url())
+
 def edit_question(request, id):
     question = get_object_or_404(Question, id=id)
     if question.nis.deleted and not request.user.can_view_deleted_post(question):
@@ -138,7 +154,7 @@ def _retag_question(request, question):
         #'tags' : _get_tags_cache_json(),
     }, context_instance=RequestContext(request))
 
-def _edit_question(request, question):
+def _edit_question(request, question, template='question_edit.html', summary='', action_class=ReviseAction, allow_rollback=True, url_getter=lambda q: q.get_absolute_url()):
     if request.method == 'POST':
         revision_form = RevisionForm(question, data=request.POST)
         revision_form.is_valid()
@@ -151,7 +167,7 @@ def _edit_question(request, question):
 
         if not 'select_revision' in request.POST and form.is_valid():
             if form.has_changed():
-                action = ReviseAction(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data)
+                action = action_class(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data)
 
                 if settings.WIKI_ON:
                     if request.POST.get('wiki', False) and not question.nis.wiki:
@@ -160,20 +176,23 @@ def _edit_question(request, question):
                         question.nstate.wiki = None
             else:
                 if not revision == question.active_revision:
-                    RollbackAction(user=request.user, node=question).save(data=dict(activate=revision))
+                    if allow_rollback:
+                        RollbackAction(user=request.user, node=question).save(data=dict(activate=revision))
+                    else:
+                        pass
 
-            return HttpResponseRedirect(question.get_absolute_url())
+            return HttpResponseRedirect(url_getter(question))
     else:
         revision_form = RevisionForm(question)
-        form = EditQuestionForm(question, request.user)
+        form = EditQuestionForm(question, request.user, initial={'summary': summary})
 
-    return render_to_response('question_edit.html', {
+    return render_to_response(template, {
         'question': question,
         'revision_form': revision_form,
         'form' : form,
-        #'tags' : _get_tags_cache_json()
     }, context_instance=RequestContext(request))
 
+
 def edit_answer(request, id):
     answer = get_object_or_404(Answer, id=id)
     if answer.deleted and not request.user.can_view_deleted_post(answer):