# encoding:utf-8
import os.path
-import time, datetime, random
-import logging
-from django.core.files.storage import default_storage
+
+import datetime
+
+from django.core.urlresolvers import reverse
+from django.core.files.storage import FileSystemStorage
+from django.views.decorators.csrf import csrf_exempt
from django.shortcuts import render_to_response, get_object_or_404
-from django.contrib.auth.decorators import login_required
-from django.http import HttpResponseRedirect, HttpResponse, HttpResponseForbidden, Http404
from django.template import RequestContext
+from django.http import HttpResponseRedirect, HttpResponse, Http404
from django.utils.html import *
-from django.utils import simplejson
from django.utils.translation import ugettext as _
-from django.core.urlresolvers import reverse
-from django.core.exceptions import PermissionDenied
-from forum.utils.html import sanitize_html
-from markdown2 import Markdown
+from django.contrib import messages
+
+from forum.actions import AskAction, AnswerAction, ReviseAction, RollbackAction, RetagAction, AnswerToQuestionAction, CommentToQuestionAction
from forum.forms import *
from forum.models import *
-from forum.auth import *
-from forum.const import *
-from forum import auth
-from forum.utils.forms import get_next_url
-from forum.views.readers import _get_tags_cache_json
-
-# used in index page
-INDEX_PAGE_SIZE = 20
-INDEX_AWARD_SIZE = 15
-INDEX_TAGS_SIZE = 100
-# used in tags list
-DEFAULT_PAGE_SIZE = 60
-# used in questions
-QUESTIONS_PAGE_SIZE = 10
-# used in answers
-ANSWERS_PAGE_SIZE = 10
-
-markdowner = Markdown(html4tags=True)
-
-def upload(request):#ajax upload file to a question or answer
+from forum.utils import html
+from forum.http_responses import HttpResponseUnauthorized
+
+from vars import PENDING_SUBMISSION_SESSION_ATTR
+
+@csrf_exempt
+def upload(request):#ajax upload file to a question or answer
class FileTypeNotAllow(Exception):
pass
class FileSizeNotAllow(Exception):
class UploadPermissionNotAuthorized(Exception):
pass
- #<result><msg><![CDATA[%s]]></msg><error><![CDATA[%s]]></error><file_url>%s</file_url></result>
xml_template = "<result><msg><![CDATA[%s]]></msg><error><![CDATA[%s]]></error><file_url>%s</file_url></result>"
try:
f = request.FILES['file-upload']
# check upload permission
- if not auth.can_upload_files(request.user):
- raise UploadPermissionNotAuthorized
+ if not request.user.can_upload_files():
+ raise UploadPermissionNotAuthorized()
# check file type
- file_name_suffix = os.path.splitext(f.name)[1].lower()
- if not file_name_suffix in settings.ALLOW_FILE_TYPES:
- raise FileTypeNotAllow
-
- # generate new file name
- new_file_name = str(time.time()).replace('.', str(random.randint(0,100000))) + file_name_suffix
- # use default storage to store file
- default_storage.save(new_file_name, f)
+ try:
+ file_name_suffix = os.path.splitext(f.name)[1].lower()
+ except KeyError:
+ raise FileTypeNotAllow()
+
+ if not file_name_suffix in ('.jpg', '.jpeg', '.gif', '.png', '.bmp', '.tiff', '.ico'):
+ raise FileTypeNotAllow()
+
+ storage = FileSystemStorage(str(settings.UPFILES_FOLDER), str(settings.UPFILES_ALIAS))
+ new_file_name = storage.save("_".join(f.name.split()), f)
# check file size
# byte
- size = default_storage.size(new_file_name)
- if size > settings.ALLOW_MAX_FILE_SIZE:
- default_storage.delete(new_file_name)
- raise FileSizeNotAllow
+ size = storage.size(new_file_name)
+
+ if size > float(settings.ALLOW_MAX_FILE_SIZE) * 1024 * 1024:
+ storage.delete(new_file_name)
+ raise FileSizeNotAllow()
- result = xml_template % ('Good', '', default_storage.url(new_file_name))
+ result = xml_template % ('Good', '', str(settings.UPFILES_ALIAS) + new_file_name)
except UploadPermissionNotAuthorized:
result = xml_template % ('', _('uploading images is limited to users with >60 reputation points'), '')
except FileTypeNotAllow:
result = xml_template % ('', _("allowed file types are 'jpg', 'jpeg', 'gif', 'bmp', 'png', 'tiff'"), '')
except FileSizeNotAllow:
- result = xml_template % ('', _("maximum upload file size is %sK") % settings.ALLOW_MAX_FILE_SIZE / 1024, '')
- except Exception:
- result = xml_template % ('', _('Error uploading file. Please contact the site administrator. Thank you. %s' % Exception), '')
+ result = xml_template % ('', _("maximum upload file size is %sM") % settings.ALLOW_MAX_FILE_SIZE, '')
+ except Exception, e:
+ result = xml_template % ('', _('Error uploading file. Please contact the site administrator. Thank you. %s' % e), '')
- return HttpResponse(result, mimetype="application/xml")
+ return HttpResponse(result, content_type="application/xml")
-#@login_required #actually you can post anonymously, but then must register
-def ask(request):#view used to ask a new question
- """a view to ask a new question
- gives space for q title, body, tags and checkbox for to post as wiki
+def ask(request):
+ form = None
- user can start posting a question anonymously but then
- must login/register in order for the question go be shown
- """
- if request.method == "POST":
- form = AskForm(request.POST)
- if form.is_valid():
+ if request.POST:
+ if request.session.pop('reviewing_pending_data', False):
+ form = AskForm(initial=request.POST, user=request.user)
+ elif "text" in request.POST:
+ form = AskForm(request.POST, user=request.user)
+ if form.is_valid():
+ if request.user.is_authenticated() and request.user.email_valid_and_can_ask():
+ ask_action = AskAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data)
+ question = ask_action.node
- added_at = datetime.datetime.now()
- title = strip_tags(form.cleaned_data['title'].strip())
- wiki = form.cleaned_data['wiki']
- tagnames = form.cleaned_data['tags'].strip()
- text = form.cleaned_data['text']
- html = sanitize_html(markdowner.convert(text))
- summary = strip_tags(html)[:120]
+ if settings.WIKI_ON and request.POST.get('wiki', False):
+ question.nstate.wiki = ask_action
- if request.user.is_authenticated():
- author = request.user
-
- question = Question.objects.create_new(
- title = title,
- author = author,
- added_at = added_at,
- wiki = wiki,
- tagnames = tagnames,
- summary = summary,
- text = sanitize_html(markdowner.convert(text))
- )
+ return HttpResponseRedirect(question.get_absolute_url())
+ else:
+ request.session[PENDING_SUBMISSION_SESSION_ATTR] = {
+ 'POST': request.POST,
+ 'data_name': _("question"),
+ 'type': 'ask',
+ 'submission_url': reverse('ask'),
+ 'time': datetime.datetime.now()
+ }
- return HttpResponseRedirect(question.get_absolute_url())
- else:
- request.session.flush()
- session_key = request.session.session_key
- question = AnonymousQuestion(
- session_key = session_key,
- title = title,
- tagnames = tagnames,
- wiki = wiki,
- text = text,
- summary = summary,
- added_at = added_at,
- ip_addr = request.META['REMOTE_ADDR'],
- )
- question.save()
- return HttpResponseRedirect(reverse('auth_action_signin', kwargs={'action': 'newquestion'}))
- else:
- form = AskForm()
+ if request.user.is_authenticated():
+ messages.info(request, _("Your question is pending until you %s.") % html.hyperlink(
+ django_settings.APP_URL + reverse('send_validation_email', prefix='/'), _("validate your email")
+ ))
+ return HttpResponseRedirect(reverse('index'))
+ else:
+ return HttpResponseRedirect(reverse('auth_signin'))
+ elif "go" in request.POST:
+ form = AskForm({'title': request.POST['q']}, user=request.user)
+
+ if not form:
+ form = AskForm(user=request.user)
- tags = _get_tags_cache_json()
return render_to_response('ask.html', {
'form' : form,
- 'tags' : tags,
- 'email_validation_faq_url':reverse('faq') + '#validate',
+ 'tab' : 'ask'
}, context_instance=RequestContext(request))
-@login_required
-def edit_question(request, id):#edit or retag a question
- """view to edit question
- """
+def convert_to_question(request, id):
+ user = request.user
+
+ node_type = request.GET.get('node_type', 'answer')
+ if node_type == 'comment':
+ node = get_object_or_404(Comment, id=id)
+ action_class = CommentToQuestionAction
+ else:
+ node = get_object_or_404(Answer, id=id)
+ action_class = AnswerToQuestionAction
+
+ if not user.can_convert_to_question(node):
+ return HttpResponseUnauthorized(request)
+
+ return _edit_question(request, node, template='node/convert_to_question.html', summary=_("Converted to question"),
+ action_class =action_class, allow_rollback=False, url_getter=lambda a: Question.objects.get(id=a.id).get_absolute_url())
+
+def edit_question(request, id):
question = get_object_or_404(Question, id=id)
- if question.deleted and not auth.can_view_deleted_post(request.user, question):
+ if question.nis.deleted and not request.user.can_view_deleted_post(question):
raise Http404
- if auth.can_edit_post(request.user, question):
+ if request.user.can_edit_post(question):
return _edit_question(request, question)
- elif auth.can_retag_questions(request.user):
+ elif request.user.can_retag_questions():
return _retag_question(request, question)
else:
raise Http404
-def _retag_question(request, question):#non-url subview of edit question - just retag
- """retag question sub-view used by
- view "edit_question"
- """
+def _retag_question(request, question):
if request.method == 'POST':
form = RetagQuestionForm(question, request.POST)
if form.is_valid():
if form.has_changed():
- latest_revision = question.get_latest_revision()
- retagged_at = datetime.datetime.now()
- # Update the Question itself
- Question.objects.filter(id=question.id).update(
- tagnames = form.cleaned_data['tags'],
- last_edited_at = retagged_at,
- last_edited_by = request.user,
- last_activity_at = retagged_at,
- last_activity_by = request.user
- )
- # Update the Question's tag associations
- tags_updated = Question.objects.update_tags(question,
- form.cleaned_data['tags'], request.user)
- # Create a new revision
- QuestionRevision.objects.create(
- question = question,
- title = latest_revision.title,
- author = request.user,
- revised_at = retagged_at,
- tagnames = form.cleaned_data['tags'],
- summary = CONST['retagged'],
- text = latest_revision.text
- )
- # send tags updated singal
- tags_updated.send(sender=question.__class__, question=question)
+ RetagAction(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=dict(tagnames=form.cleaned_data['tags']))
return HttpResponseRedirect(question.get_absolute_url())
else:
return render_to_response('question_retag.html', {
'question': question,
'form' : form,
- 'tags' : _get_tags_cache_json(),
+ #'tags' : _get_tags_cache_json(),
}, context_instance=RequestContext(request))
-def _edit_question(request, question):#non-url subview of edit_question - just edit the body/title
- latest_revision = question.get_latest_revision()
- revision_form = None
+def _edit_question(request, question, template='question_edit.html', summary='', action_class=ReviseAction,
+ allow_rollback=True, url_getter=lambda q: q.get_absolute_url(), additional_context=None):
if request.method == 'POST':
+ revision_form = RevisionForm(question, data=request.POST)
+ revision_form.is_valid()
+ revision = question.revisions.get(revision=revision_form.cleaned_data['revision'])
+
if 'select_revision' in request.POST:
- # user has changed revistion number
- revision_form = RevisionForm(question, latest_revision, request.POST)
- if revision_form.is_valid():
- # Replace with those from the selected revision
- form = EditQuestionForm(question,
- QuestionRevision.objects.get(question=question,
- revision=revision_form.cleaned_data['revision']))
- else:
- form = EditQuestionForm(question, latest_revision, request.POST)
+ form = EditQuestionForm(question, request.user, revision)
else:
- # Always check modifications against the latest revision
- form = EditQuestionForm(question, latest_revision, request.POST)
- if form.is_valid():
- html = sanitize_html(markdowner.convert(form.cleaned_data['text']))
- if form.has_changed():
- edited_at = datetime.datetime.now()
- tags_changed = (latest_revision.tagnames !=
- form.cleaned_data['tags'])
- tags_updated = False
- # Update the Question itself
- updated_fields = {
- 'title': form.cleaned_data['title'],
- 'last_edited_at': edited_at,
- 'last_edited_by': request.user,
- 'last_activity_at': edited_at,
- 'last_activity_by': request.user,
- 'tagnames': form.cleaned_data['tags'],
- 'summary': strip_tags(html)[:120],
- 'html': html,
- }
+ form = EditQuestionForm(question, request.user, revision, data=request.POST)
- # only save when it's checked
- # because wiki doesn't allow to be edited if last version has been enabled already
- # and we make sure this in forms.
- if ('wiki' in form.cleaned_data and
- form.cleaned_data['wiki']):
- updated_fields['wiki'] = True
- updated_fields['wikified_at'] = edited_at
-
- Question.objects.filter(
- id=question.id).update(**updated_fields)
- # Update the Question's tag associations
- if tags_changed:
- tags_updated = Question.objects.update_tags(
- question, form.cleaned_data['tags'], request.user)
- # Create a new revision
- revision = QuestionRevision(
- question = question,
- title = form.cleaned_data['title'],
- author = request.user,
- revised_at = edited_at,
- tagnames = form.cleaned_data['tags'],
- text = form.cleaned_data['text'],
- )
- if form.cleaned_data['summary']:
- revision.summary = form.cleaned_data['summary']
+ if not 'select_revision' in request.POST and form.is_valid():
+ if form.has_changed():
+ action = action_class(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data)
+
+ if settings.WIKI_ON:
+ if request.POST.get('wiki', False) and not question.nis.wiki:
+ question.nstate.wiki = action
+ elif question.nis.wiki and (not request.POST.get('wiki', False)) and request.user.can_cancel_wiki(question):
+ question.nstate.wiki = None
+ else:
+ if not revision == question.active_revision:
+ if allow_rollback:
+ RollbackAction(user=request.user, node=question).save(data=dict(activate=revision))
else:
- revision.summary = 'No.%s Revision' % latest_revision.revision
- revision.save()
+ pass
- return HttpResponseRedirect(question.get_absolute_url())
+ return HttpResponseRedirect(url_getter(question))
else:
+ revision_form = RevisionForm(question)
+ form = EditQuestionForm(question, request.user, initial={'summary': summary})
- revision_form = RevisionForm(question, latest_revision)
- form = EditQuestionForm(question, latest_revision)
- return render_to_response('question_edit.html', {
+ context = {
'question': question,
'revision_form': revision_form,
'form' : form,
- 'tags' : _get_tags_cache_json()
- }, context_instance=RequestContext(request))
+ }
+
+ if not (additional_context is None):
+ context.update(additional_context)
+
+ return render_to_response(template, context, context_instance=RequestContext(request))
+
-@login_required
def edit_answer(request, id):
answer = get_object_or_404(Answer, id=id)
- if answer.deleted and not auth.can_view_deleted_post(request.user, answer):
+ if answer.deleted and not request.user.can_view_deleted_post(answer):
raise Http404
- elif not auth.can_edit_post(request.user, answer):
+ elif not request.user.can_edit_post(answer):
raise Http404
- else:
- latest_revision = answer.get_latest_revision()
- if request.method == "POST":
- if 'select_revision' in request.POST:
- # user has changed revistion number
- revision_form = RevisionForm(answer, latest_revision, request.POST)
- if revision_form.is_valid():
- # Replace with those from the selected revision
- form = EditAnswerForm(answer,
- AnswerRevision.objects.get(answer=answer,
- revision=revision_form.cleaned_data['revision']))
- else:
- form = EditAnswerForm(answer, latest_revision, request.POST)
- else:
- form = EditAnswerForm(answer, latest_revision, request.POST)
- if form.is_valid():
- html = sanitize_html(markdowner.convert(form.cleaned_data['text']))
- if form.has_changed():
- edited_at = datetime.datetime.now()
- updated_fields = {
- 'last_edited_at': edited_at,
- 'last_edited_by': request.user,
- 'html': html,
- }
- Answer.objects.filter(id=answer.id).update(**updated_fields)
-
- revision = AnswerRevision(
- answer=answer,
- author=request.user,
- revised_at=edited_at,
- text=form.cleaned_data['text']
- )
-
- if form.cleaned_data['summary']:
- revision.summary = form.cleaned_data['summary']
- else:
- revision.summary = 'No.%s Revision' % latest_revision.revision
- revision.save()
-
- answer.question.last_activity_at = edited_at
- answer.question.last_activity_by = request.user
- answer.question.save()
-
- return HttpResponseRedirect(answer.get_absolute_url())
+
+ if request.method == "POST":
+ revision_form = RevisionForm(answer, data=request.POST)
+ revision_form.is_valid()
+ revision = answer.revisions.get(revision=revision_form.cleaned_data['revision'])
+
+ if 'select_revision' in request.POST:
+ form = EditAnswerForm(answer, request.user, revision)
else:
- revision_form = RevisionForm(answer, latest_revision)
- form = EditAnswerForm(answer, latest_revision)
- return render_to_response('answer_edit.html', {
- 'answer': answer,
- 'revision_form': revision_form,
- 'form': form,
- }, context_instance=RequestContext(request))
-
-def answer(request, id):#process a new answer
+ form = EditAnswerForm(answer, request.user, revision, data=request.POST)
+
+ if not 'select_revision' in request.POST and form.is_valid():
+ if form.has_changed():
+ action = ReviseAction(user=request.user, node=answer, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data)
+
+ if settings.WIKI_ON:
+ if request.POST.get('wiki', False) and not answer.nis.wiki:
+ answer.nstate.wiki = action
+ elif answer.nis.wiki and (not request.POST.get('wiki', False)) and request.user.can_cancel_wiki(answer):
+ answer.nstate.wiki = None
+ else:
+ if not revision == answer.active_revision:
+ RollbackAction(user=request.user, node=answer, ip=request.META['REMOTE_ADDR']).save(data=dict(activate=revision))
+
+ return HttpResponseRedirect(answer.get_absolute_url())
+
+ else:
+ revision_form = RevisionForm(answer)
+ form = EditAnswerForm(answer, request.user)
+ return render_to_response('answer_edit.html', {
+ 'answer': answer,
+ 'revision_form': revision_form,
+ 'form': form,
+ }, context_instance=RequestContext(request))
+
+def answer(request, id):
question = get_object_or_404(Question, id=id)
- if request.method == "POST":
- form = AnswerForm(question, request.user, request.POST)
- if form.is_valid():
- wiki = form.cleaned_data['wiki']
- text = form.cleaned_data['text']
- update_time = datetime.datetime.now()
+
+ if request.POST:
+ form = AnswerForm(request.POST, request.user)
+
+ if request.session.pop('reviewing_pending_data', False) or not form.is_valid():
+ request.session['redirect_POST_data'] = request.POST
+ return HttpResponseRedirect(question.get_absolute_url() + '#fmanswer')
+
+ if request.user.is_authenticated() and request.user.email_valid_and_can_answer():
+ answer_action = AnswerAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(dict(question=question, **form.cleaned_data))
+ answer = answer_action.node
+
+ if settings.WIKI_ON and request.POST.get('wiki', False):
+ answer.nstate.wiki = answer_action
+
+ return HttpResponseRedirect(answer.get_absolute_url())
+ else:
+ request.session[PENDING_SUBMISSION_SESSION_ATTR] = {
+ 'POST': request.POST,
+ 'data_name': _("answer"),
+ 'type': 'answer',
+ 'submission_url': reverse('answer', kwargs={'id': id}),
+ 'time': datetime.datetime.now()
+ }
if request.user.is_authenticated():
- Answer.objects.create_new(
- question=question,
- author=request.user,
- added_at=update_time,
- wiki=wiki,
- text=sanitize_html(markdowner.convert(text)),
- email_notify=form.cleaned_data['email_notify']
- )
+ messages.info(request, _("Your answer is pending until you %s.") % html.hyperlink(
+ django_settings.APP_URL + reverse('send_validation_email', prefix='/'), _("validate your email")
+ ))
+ return HttpResponseRedirect(question.get_absolute_url())
else:
- request.session.flush()
- html = sanitize_html(markdowner.convert(text))
- summary = strip_tags(html)[:120]
- anon = AnonymousAnswer(
- question=question,
- wiki=wiki,
- text=text,
- summary=summary,
- session_key=request.session.session_key,
- ip_addr=request.META['REMOTE_ADDR'],
- )
- anon.save()
- return HttpResponseRedirect(reverse('auth_action_signin', kwargs={'action': 'newanswer'}))
+ return HttpResponseRedirect(reverse('auth_signin'))
return HttpResponseRedirect(question.get_absolute_url())
-def __generate_comments_json(obj, type, user):#non-view generates json data for the post comments
- comments = obj.comments.all().order_by('id')
- # {"Id":6,"PostId":38589,"CreationDate":"an hour ago","Text":"hello there!","UserDisplayName":"Jarrod Dixon","UserUrl":"/users/3/jarrod-dixon","DeleteUrl":null}
- json_comments = []
- from forum.templatetags.extra_tags import diff_date
- for comment in comments:
- comment_user = comment.user
- delete_url = ""
- if user != None and auth.can_delete_comment(user, comment):
- #/posts/392845/comments/219852/delete
- #todo translate this url
- delete_url = reverse('index') + type + "s/%s/comments/%s/delete/" % (obj.id, comment.id)
- json_comments.append({"id" : comment.id,
- "object_id" : obj.id,
- "comment_age" : diff_date(comment.added_at),
- "text" : comment.comment,
- "user_display_name" : comment_user.username,
- "user_url" : comment_user.get_profile_url(),
- "delete_url" : delete_url
- })
-
- data = simplejson.dumps(json_comments)
- return HttpResponse(data, mimetype="application/json")
-
-
-def question_comments(request, id):#ajax handler for loading comments to question
- question = get_object_or_404(Question, id=id)
- user = request.user
- return __comments(request, question, 'question')
-def answer_comments(request, id):#ajax handler for loading comments on answer
- answer = get_object_or_404(Answer, id=id)
- user = request.user
- return __comments(request, answer, 'answer')
+def manage_pending_data(request, action, forward=None):
+ pending_data = request.session.pop(PENDING_SUBMISSION_SESSION_ATTR, None)
+
+ if not pending_data:
+ raise Http404
+
+ if action == _("cancel"):
+ return HttpResponseRedirect(forward or request.META.get('HTTP_REFERER', '/'))
+ else:
+ if action == _("review"):
+ request.session['reviewing_pending_data'] = True
+
+ request.session['redirect_POST_data'] = pending_data['POST']
+ return HttpResponseRedirect(pending_data['submission_url'])
+
-def __comments(request, obj, type):#non-view generic ajax handler to load comments to an object
- # only support get post comments by ajax now
- user = request.user
- if request.is_ajax():
- if request.method == "GET":
- response = __generate_comments_json(obj, type, user)
- elif request.method == "POST":
- if auth.can_add_comments(user,obj):
- comment_data = request.POST.get('comment')
- comment = Comment(content_object=obj, comment=comment_data, user=request.user)
- comment.save()
- obj.comment_count = obj.comment_count + 1
- obj.save()
- response = __generate_comments_json(obj, type, user)
- else:
- response = HttpResponseForbidden(mimetype="application/json")
- return response
-
-def delete_comment(request, object_id='', comment_id='', commented_object_type=None):#ajax handler to delete comment
- response = None
- commented_object = None
- if commented_object_type == 'question':
- commented_object = Question
- elif commented_object_type == 'answer':
- commented_object = Answer
-
- if request.is_ajax():
- comment = get_object_or_404(Comment, id=comment_id)
- if auth.can_delete_comment(request.user, comment):
- obj = get_object_or_404(commented_object, id=object_id)
- obj.comments.remove(comment)
- obj.comment_count = obj.comment_count - 1
- obj.save()
- user = request.user
- return __generate_comments_json(obj, commented_object_type, user)
- raise PermissionDenied()