X-Git-Url: https://git.openstreetmap.org./osqa.git/blobdiff_plain/a9eef437702d5df7a2f97010e6798c689371808c..9694fb0873b055992c5d2d00ff12f946b2f26c08:/forum/views/writers.py?ds=inline diff --git a/forum/views/writers.py b/forum/views/writers.py index 2b2461d..c669f90 100644 --- a/forum/views/writers.py +++ b/forum/views/writers.py @@ -1,42 +1,27 @@ # encoding:utf-8 import os.path -import time, datetime, random -import logging -from django.core.files.storage import default_storage + +import datetime + +from django.core.urlresolvers import reverse +from django.core.files.storage import FileSystemStorage +from django.views.decorators.csrf import csrf_exempt from django.shortcuts import render_to_response, get_object_or_404 -from django.contrib.auth.decorators import login_required -from django.http import HttpResponseRedirect, HttpResponse, HttpResponseForbidden, Http404 from django.template import RequestContext +from django.http import HttpResponseRedirect, HttpResponse, Http404 from django.utils.html import * -from django.utils import simplejson from django.utils.translation import ugettext as _ -from django.core.urlresolvers import reverse -from django.core.exceptions import PermissionDenied -from forum.utils.html import sanitize_html -from markdown2 import Markdown +from forum.actions import AskAction, AnswerAction, ReviseAction, RollbackAction, RetagAction, AnswerToQuestionAction, CommentToQuestionAction from forum.forms import * from forum.models import * -from forum.auth import * -from forum.const import * -from forum import auth -from forum.utils.forms import get_next_url -from forum.views.readers import _get_tags_cache_json - -# used in index page -INDEX_PAGE_SIZE = 20 -INDEX_AWARD_SIZE = 15 -INDEX_TAGS_SIZE = 100 -# used in tags list -DEFAULT_PAGE_SIZE = 60 -# used in questions -QUESTIONS_PAGE_SIZE = 10 -# used in answers -ANSWERS_PAGE_SIZE = 10 - -markdowner = Markdown(html4tags=True) - -def upload(request):#ajax upload file to a question or answer +from forum.utils import html +from forum.http_responses import HttpResponseUnauthorized + +from vars import PENDING_SUBMISSION_SESSION_ATTR + +@csrf_exempt +def upload(request):#ajax upload file to a question or answer class FileTypeNotAllow(Exception): pass class FileSizeNotAllow(Exception): @@ -44,149 +29,123 @@ def upload(request):#ajax upload file to a question or answer class UploadPermissionNotAuthorized(Exception): pass - #%s xml_template = "%s" try: f = request.FILES['file-upload'] # check upload permission - if not auth.can_upload_files(request.user): - raise UploadPermissionNotAuthorized + if not request.user.can_upload_files(): + raise UploadPermissionNotAuthorized() # check file type - file_name_suffix = os.path.splitext(f.name)[1].lower() - if not file_name_suffix in settings.ALLOW_FILE_TYPES: - raise FileTypeNotAllow - - # generate new file name - new_file_name = str(time.time()).replace('.', str(random.randint(0,100000))) + file_name_suffix - # use default storage to store file - default_storage.save(new_file_name, f) + try: + file_name_suffix = os.path.splitext(f.name)[1].lower() + except KeyError: + raise FileTypeNotAllow() + + if not file_name_suffix in ('.jpg', '.jpeg', '.gif', '.png', '.bmp', '.tiff', '.ico'): + raise FileTypeNotAllow() + + storage = FileSystemStorage(str(settings.UPFILES_FOLDER), str(settings.UPFILES_ALIAS)) + new_file_name = storage.save("_".join(f.name.split()), f) # check file size # byte - size = default_storage.size(new_file_name) - if size > settings.ALLOW_MAX_FILE_SIZE: - default_storage.delete(new_file_name) - raise FileSizeNotAllow + size = storage.size(new_file_name) + + if size > float(settings.ALLOW_MAX_FILE_SIZE) * 1024 * 1024: + storage.delete(new_file_name) + raise FileSizeNotAllow() - result = xml_template % ('Good', '', default_storage.url(new_file_name)) + result = xml_template % ('Good', '', str(settings.UPFILES_ALIAS) + new_file_name) except UploadPermissionNotAuthorized: result = xml_template % ('', _('uploading images is limited to users with >60 reputation points'), '') except FileTypeNotAllow: result = xml_template % ('', _("allowed file types are 'jpg', 'jpeg', 'gif', 'bmp', 'png', 'tiff'"), '') except FileSizeNotAllow: - result = xml_template % ('', _("maximum upload file size is %sK") % settings.ALLOW_MAX_FILE_SIZE / 1024, '') - except Exception: - result = xml_template % ('', _('Error uploading file. Please contact the site administrator. Thank you. %s' % Exception), '') + result = xml_template % ('', _("maximum upload file size is %sM") % settings.ALLOW_MAX_FILE_SIZE, '') + except Exception, e: + result = xml_template % ('', _('Error uploading file. Please contact the site administrator. Thank you. %s' % e), '') return HttpResponse(result, mimetype="application/xml") -#@login_required #actually you can post anonymously, but then must register -def ask(request):#view used to ask a new question - """a view to ask a new question - gives space for q title, body, tags and checkbox for to post as wiki +def ask(request): + form = None - user can start posting a question anonymously but then - must login/register in order for the question go be shown - """ - if request.method == "POST": - form = AskForm(request.POST) - if form.is_valid(): + if request.POST: + if request.session.pop('reviewing_pending_data', False): + form = AskForm(initial=request.POST, user=request.user) + elif "text" in request.POST: + form = AskForm(request.POST, user=request.user) + if form.is_valid(): + if request.user.is_authenticated() and request.user.email_valid_and_can_ask(): + ask_action = AskAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data) + question = ask_action.node - added_at = datetime.datetime.now() - title = strip_tags(form.cleaned_data['title'].strip()) - wiki = form.cleaned_data['wiki'] - tagnames = form.cleaned_data['tags'].strip() - text = form.cleaned_data['text'] - html = sanitize_html(markdowner.convert(text)) - summary = strip_tags(html)[:120] + if settings.WIKI_ON and request.POST.get('wiki', False): + question.nstate.wiki = ask_action - if request.user.is_authenticated(): - author = request.user - - question = Question.objects.create_new( - title = title, - author = author, - added_at = added_at, - wiki = wiki, - tagnames = tagnames, - summary = summary, - text = sanitize_html(markdowner.convert(text)) - ) + return HttpResponseRedirect(question.get_absolute_url()) + else: + request.session[PENDING_SUBMISSION_SESSION_ATTR] = { + 'POST': request.POST, + 'data_name': _("question"), + 'type': 'ask', + 'submission_url': reverse('ask'), + 'time': datetime.datetime.now() + } - return HttpResponseRedirect(question.get_absolute_url()) - else: - request.session.flush() - session_key = request.session.session_key - question = AnonymousQuestion( - session_key = session_key, - title = title, - tagnames = tagnames, - wiki = wiki, - text = text, - summary = summary, - added_at = added_at, - ip_addr = request.META['REMOTE_ADDR'], - ) - question.save() - return HttpResponseRedirect(reverse('auth_action_signin', kwargs={'action': 'newquestion'})) - else: - form = AskForm() + if request.user.is_authenticated(): + request.user.message_set.create(message=_("Your question is pending until you %s.") % html.hyperlink( + reverse('send_validation_email'), _("validate your email") + )) + return HttpResponseRedirect(reverse('index')) + else: + return HttpResponseRedirect(reverse('auth_signin')) + elif "go" in request.POST: + form = AskForm({'title': request.POST['q']}, user=request.user) + + if not form: + form = AskForm(user=request.user) - tags = _get_tags_cache_json() return render_to_response('ask.html', { 'form' : form, - 'tags' : tags, - 'email_validation_faq_url':reverse('faq') + '#validate', + 'tab' : 'ask' }, context_instance=RequestContext(request)) -@login_required -def edit_question(request, id):#edit or retag a question - """view to edit question - """ +def convert_to_question(request, id): + user = request.user + + node_type = request.GET.get('node_type', 'answer') + if node_type == 'comment': + node = get_object_or_404(Comment, id=id) + action_class = CommentToQuestionAction + else: + node = get_object_or_404(Answer, id=id) + action_class = AnswerToQuestionAction + + if not user.can_convert_to_question(node): + return HttpResponseUnauthorized(request) + + return _edit_question(request, node, template='node/convert_to_question.html', summary=_("Converted to question"), + action_class =action_class, allow_rollback=False, url_getter=lambda a: Question.objects.get(id=a.id).get_absolute_url()) + +def edit_question(request, id): question = get_object_or_404(Question, id=id) - if question.deleted and not auth.can_view_deleted_post(request.user, question): + if question.nis.deleted and not request.user.can_view_deleted_post(question): raise Http404 - if auth.can_edit_post(request.user, question): + if request.user.can_edit_post(question): return _edit_question(request, question) - elif auth.can_retag_questions(request.user): + elif request.user.can_retag_questions(): return _retag_question(request, question) else: raise Http404 -def _retag_question(request, question):#non-url subview of edit question - just retag - """retag question sub-view used by - view "edit_question" - """ +def _retag_question(request, question): if request.method == 'POST': form = RetagQuestionForm(question, request.POST) if form.is_valid(): if form.has_changed(): - latest_revision = question.get_latest_revision() - retagged_at = datetime.datetime.now() - # Update the Question itself - Question.objects.filter(id=question.id).update( - tagnames = form.cleaned_data['tags'], - last_edited_at = retagged_at, - last_edited_by = request.user, - last_activity_at = retagged_at, - last_activity_by = request.user - ) - # Update the Question's tag associations - tags_updated = Question.objects.update_tags(question, - form.cleaned_data['tags'], request.user) - # Create a new revision - QuestionRevision.objects.create( - question = question, - title = latest_revision.title, - author = request.user, - revised_at = retagged_at, - tagnames = form.cleaned_data['tags'], - summary = CONST['retagged'], - text = latest_revision.text - ) - # send tags updated singal - tags_updated.send(sender=question.__class__, question=question) + RetagAction(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=dict(tagnames=form.cleaned_data['tags'])) return HttpResponseRedirect(question.get_absolute_url()) else: @@ -194,249 +153,140 @@ def _retag_question(request, question):#non-url subview of edit question - just return render_to_response('question_retag.html', { 'question': question, 'form' : form, - 'tags' : _get_tags_cache_json(), + #'tags' : _get_tags_cache_json(), }, context_instance=RequestContext(request)) -def _edit_question(request, question):#non-url subview of edit_question - just edit the body/title - latest_revision = question.get_latest_revision() - revision_form = None +def _edit_question(request, question, template='question_edit.html', summary='', action_class=ReviseAction, allow_rollback=True, url_getter=lambda q: q.get_absolute_url()): if request.method == 'POST': + revision_form = RevisionForm(question, data=request.POST) + revision_form.is_valid() + revision = question.revisions.get(revision=revision_form.cleaned_data['revision']) + if 'select_revision' in request.POST: - # user has changed revistion number - revision_form = RevisionForm(question, latest_revision, request.POST) - if revision_form.is_valid(): - # Replace with those from the selected revision - form = EditQuestionForm(question, - QuestionRevision.objects.get(question=question, - revision=revision_form.cleaned_data['revision'])) - else: - form = EditQuestionForm(question, latest_revision, request.POST) + form = EditQuestionForm(question, request.user, revision) else: - # Always check modifications against the latest revision - form = EditQuestionForm(question, latest_revision, request.POST) - if form.is_valid(): - html = sanitize_html(markdowner.convert(form.cleaned_data['text'])) - if form.has_changed(): - edited_at = datetime.datetime.now() - tags_changed = (latest_revision.tagnames != - form.cleaned_data['tags']) - tags_updated = False - # Update the Question itself - updated_fields = { - 'title': form.cleaned_data['title'], - 'last_edited_at': edited_at, - 'last_edited_by': request.user, - 'last_activity_at': edited_at, - 'last_activity_by': request.user, - 'tagnames': form.cleaned_data['tags'], - 'summary': strip_tags(html)[:120], - 'html': html, - } + form = EditQuestionForm(question, request.user, revision, data=request.POST) + + if not 'select_revision' in request.POST and form.is_valid(): + if form.has_changed(): + action = action_class(user=request.user, node=question, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data) - # only save when it's checked - # because wiki doesn't allow to be edited if last version has been enabled already - # and we make sure this in forms. - if ('wiki' in form.cleaned_data and - form.cleaned_data['wiki']): - updated_fields['wiki'] = True - updated_fields['wikified_at'] = edited_at - - Question.objects.filter( - id=question.id).update(**updated_fields) - # Update the Question's tag associations - if tags_changed: - tags_updated = Question.objects.update_tags( - question, form.cleaned_data['tags'], request.user) - # Create a new revision - revision = QuestionRevision( - question = question, - title = form.cleaned_data['title'], - author = request.user, - revised_at = edited_at, - tagnames = form.cleaned_data['tags'], - text = form.cleaned_data['text'], - ) - if form.cleaned_data['summary']: - revision.summary = form.cleaned_data['summary'] + if settings.WIKI_ON: + if request.POST.get('wiki', False) and not question.nis.wiki: + question.nstate.wiki = action + elif question.nis.wiki and (not request.POST.get('wiki', False)) and request.user.can_cancel_wiki(question): + question.nstate.wiki = None + else: + if not revision == question.active_revision: + if allow_rollback: + RollbackAction(user=request.user, node=question).save(data=dict(activate=revision)) else: - revision.summary = 'No.%s Revision' % latest_revision.revision - revision.save() + pass - return HttpResponseRedirect(question.get_absolute_url()) + return HttpResponseRedirect(url_getter(question)) else: + revision_form = RevisionForm(question) + form = EditQuestionForm(question, request.user, initial={'summary': summary}) - revision_form = RevisionForm(question, latest_revision) - form = EditQuestionForm(question, latest_revision) - return render_to_response('question_edit.html', { + return render_to_response(template, { 'question': question, 'revision_form': revision_form, 'form' : form, - 'tags' : _get_tags_cache_json() }, context_instance=RequestContext(request)) -@login_required + def edit_answer(request, id): answer = get_object_or_404(Answer, id=id) - if answer.deleted and not auth.can_view_deleted_post(request.user, answer): + if answer.deleted and not request.user.can_view_deleted_post(answer): raise Http404 - elif not auth.can_edit_post(request.user, answer): + elif not request.user.can_edit_post(answer): raise Http404 - else: - latest_revision = answer.get_latest_revision() - if request.method == "POST": - if 'select_revision' in request.POST: - # user has changed revistion number - revision_form = RevisionForm(answer, latest_revision, request.POST) - if revision_form.is_valid(): - # Replace with those from the selected revision - form = EditAnswerForm(answer, - AnswerRevision.objects.get(answer=answer, - revision=revision_form.cleaned_data['revision'])) - else: - form = EditAnswerForm(answer, latest_revision, request.POST) - else: - form = EditAnswerForm(answer, latest_revision, request.POST) - if form.is_valid(): - html = sanitize_html(markdowner.convert(form.cleaned_data['text'])) - if form.has_changed(): - edited_at = datetime.datetime.now() - updated_fields = { - 'last_edited_at': edited_at, - 'last_edited_by': request.user, - 'html': html, - } - Answer.objects.filter(id=answer.id).update(**updated_fields) - - revision = AnswerRevision( - answer=answer, - author=request.user, - revised_at=edited_at, - text=form.cleaned_data['text'] - ) - - if form.cleaned_data['summary']: - revision.summary = form.cleaned_data['summary'] - else: - revision.summary = 'No.%s Revision' % latest_revision.revision - revision.save() - - answer.question.last_activity_at = edited_at - answer.question.last_activity_by = request.user - answer.question.save() - - return HttpResponseRedirect(answer.get_absolute_url()) + + if request.method == "POST": + revision_form = RevisionForm(answer, data=request.POST) + revision_form.is_valid() + revision = answer.revisions.get(revision=revision_form.cleaned_data['revision']) + + if 'select_revision' in request.POST: + form = EditAnswerForm(answer, request.user, revision) else: - revision_form = RevisionForm(answer, latest_revision) - form = EditAnswerForm(answer, latest_revision) - return render_to_response('answer_edit.html', { - 'answer': answer, - 'revision_form': revision_form, - 'form': form, - }, context_instance=RequestContext(request)) - -def answer(request, id):#process a new answer + form = EditAnswerForm(answer, request.user, revision, data=request.POST) + + if not 'select_revision' in request.POST and form.is_valid(): + if form.has_changed(): + action = ReviseAction(user=request.user, node=answer, ip=request.META['REMOTE_ADDR']).save(data=form.cleaned_data) + + if settings.WIKI_ON: + if request.POST.get('wiki', False) and not answer.nis.wiki: + answer.nstate.wiki = action + elif answer.nis.wiki and (not request.POST.get('wiki', False)) and request.user.can_cancel_wiki(answer): + answer.nstate.wiki = None + else: + if not revision == answer.active_revision: + RollbackAction(user=request.user, node=answer, ip=request.META['REMOTE_ADDR']).save(data=dict(activate=revision)) + + return HttpResponseRedirect(answer.get_absolute_url()) + + else: + revision_form = RevisionForm(answer) + form = EditAnswerForm(answer, request.user) + return render_to_response('answer_edit.html', { + 'answer': answer, + 'revision_form': revision_form, + 'form': form, + }, context_instance=RequestContext(request)) + +def answer(request, id): question = get_object_or_404(Question, id=id) - if request.method == "POST": - form = AnswerForm(question, request.user, request.POST) - if form.is_valid(): - wiki = form.cleaned_data['wiki'] - text = form.cleaned_data['text'] - update_time = datetime.datetime.now() + + if request.POST: + form = AnswerForm(request.POST, request.user) + + if request.session.pop('reviewing_pending_data', False) or not form.is_valid(): + request.session['redirect_POST_data'] = request.POST + return HttpResponseRedirect(question.get_absolute_url() + '#fmanswer') + + if request.user.is_authenticated() and request.user.email_valid_and_can_answer(): + answer_action = AnswerAction(user=request.user, ip=request.META['REMOTE_ADDR']).save(dict(question=question, **form.cleaned_data)) + answer = answer_action.node + + if settings.WIKI_ON and request.POST.get('wiki', False): + answer.nstate.wiki = answer_action + + return HttpResponseRedirect(answer.get_absolute_url()) + else: + request.session[PENDING_SUBMISSION_SESSION_ATTR] = { + 'POST': request.POST, + 'data_name': _("answer"), + 'type': 'answer', + 'submission_url': reverse('answer', kwargs={'id': id}), + 'time': datetime.datetime.now() + } if request.user.is_authenticated(): - Answer.objects.create_new( - question=question, - author=request.user, - added_at=update_time, - wiki=wiki, - text=sanitize_html(markdowner.convert(text)), - email_notify=form.cleaned_data['email_notify'] - ) + request.user.message_set.create(message=_("Your answer is pending until you %s.") % html.hyperlink( + reverse('send_validation_email'), _("validate your email") + )) + return HttpResponseRedirect(question.get_absolute_url()) else: - request.session.flush() - html = sanitize_html(markdowner.convert(text)) - summary = strip_tags(html)[:120] - anon = AnonymousAnswer( - question=question, - wiki=wiki, - text=text, - summary=summary, - session_key=request.session.session_key, - ip_addr=request.META['REMOTE_ADDR'], - ) - anon.save() - return HttpResponseRedirect(reverse('auth_action_signin', kwargs={'action': 'newanswer'})) + return HttpResponseRedirect(reverse('auth_signin')) return HttpResponseRedirect(question.get_absolute_url()) -def __generate_comments_json(obj, type, user):#non-view generates json data for the post comments - comments = obj.comments.all().order_by('id') - # {"Id":6,"PostId":38589,"CreationDate":"an hour ago","Text":"hello there!","UserDisplayName":"Jarrod Dixon","UserUrl":"/users/3/jarrod-dixon","DeleteUrl":null} - json_comments = [] - from forum.templatetags.extra_tags import diff_date - for comment in comments: - comment_user = comment.user - delete_url = "" - if user != None and auth.can_delete_comment(user, comment): - #/posts/392845/comments/219852/delete - #todo translate this url - delete_url = reverse('index') + type + "s/%s/comments/%s/delete/" % (obj.id, comment.id) - json_comments.append({"id" : comment.id, - "object_id" : obj.id, - "comment_age" : diff_date(comment.added_at), - "text" : comment.comment, - "user_display_name" : comment_user.username, - "user_url" : comment_user.get_profile_url(), - "delete_url" : delete_url - }) - - data = simplejson.dumps(json_comments) - return HttpResponse(data, mimetype="application/json") - - -def question_comments(request, id):#ajax handler for loading comments to question - question = get_object_or_404(Question, id=id) - user = request.user - return __comments(request, question, 'question') -def answer_comments(request, id):#ajax handler for loading comments on answer - answer = get_object_or_404(Answer, id=id) - user = request.user - return __comments(request, answer, 'answer') +def manage_pending_data(request, action, forward=None): + pending_data = request.session.pop(PENDING_SUBMISSION_SESSION_ATTR, None) + + if not pending_data: + raise Http404 + + if action == _("cancel"): + return HttpResponseRedirect(forward or request.META.get('HTTP_REFERER', '/')) + else: + if action == _("review"): + request.session['reviewing_pending_data'] = True + + request.session['redirect_POST_data'] = pending_data['POST'] + return HttpResponseRedirect(pending_data['submission_url']) + -def __comments(request, obj, type):#non-view generic ajax handler to load comments to an object - # only support get post comments by ajax now - user = request.user - if request.is_ajax(): - if request.method == "GET": - response = __generate_comments_json(obj, type, user) - elif request.method == "POST": - if auth.can_add_comments(user,obj): - comment_data = request.POST.get('comment') - comment = Comment(content_object=obj, comment=comment_data, user=request.user) - comment.save() - obj.comment_count = obj.comment_count + 1 - obj.save() - response = __generate_comments_json(obj, type, user) - else: - response = HttpResponseForbidden(mimetype="application/json") - return response - -def delete_comment(request, object_id='', comment_id='', commented_object_type=None):#ajax handler to delete comment - response = None - commented_object = None - if commented_object_type == 'question': - commented_object = Question - elif commented_object_type == 'answer': - commented_object = Answer - - if request.is_ajax(): - comment = get_object_or_404(Comment, id=comment_id) - if auth.can_delete_comment(request.user, comment): - obj = get_object_or_404(commented_object, id=object_id) - obj.comments.remove(comment) - obj.comment_count = obj.comment_count - 1 - obj.save() - user = request.user - return __generate_comments_json(obj, commented_object_type, user) - raise PermissionDenied()