Mercurial > public > sg101
annotate forums/views/attachments.py @ 701:094492e66eb9
Implement rate limiting on user photo uploads.
author | Brian Neal <bgneal@gmail.com> |
---|---|
date | Sat, 14 Sep 2013 17:23:13 -0500 |
parents | 89b240fe9297 |
children | 7e0c3cbd3cda |
rev | line source |
---|---|
bgneal@285 | 1 """ |
bgneal@285 | 2 This module contains views for working with post attachments. |
bgneal@679 | 3 |
bgneal@285 | 4 """ |
bgneal@679 | 5 import json |
bgneal@679 | 6 |
bgneal@285 | 7 from django.http import HttpResponse |
bgneal@285 | 8 from django.http import HttpResponseForbidden |
bgneal@285 | 9 from django.http import HttpResponseBadRequest |
bgneal@285 | 10 from django.http import HttpResponseNotFound |
bgneal@285 | 11 |
bgneal@285 | 12 from forums.models import Post |
bgneal@285 | 13 |
bgneal@285 | 14 |
bgneal@285 | 15 def fetch_attachments(request): |
bgneal@285 | 16 """ |
bgneal@285 | 17 This view is the target of an AJAX GET request to retrieve the |
bgneal@285 | 18 attachment embed data for a given forum post. |
bgneal@285 | 19 |
bgneal@285 | 20 """ |
bgneal@285 | 21 if not request.user.is_authenticated(): |
bgneal@285 | 22 return HttpResponseForbidden('Please login or register.') |
bgneal@285 | 23 |
bgneal@285 | 24 post_id = request.GET.get('pid') |
bgneal@285 | 25 if post_id is None: |
bgneal@285 | 26 return HttpResponseBadRequest('Missing post ID.') |
bgneal@285 | 27 |
bgneal@285 | 28 try: |
bgneal@285 | 29 post = Post.objects.get(pk=post_id) |
bgneal@285 | 30 except Post.DoesNotExist: |
bgneal@285 | 31 return HttpResponseNotFound("That post doesn't exist.") |
bgneal@286 | 32 |
bgneal@285 | 33 embeds = post.attachments.all().select_related('embed') |
bgneal@285 | 34 data = [{'id': embed.id, 'html': embed.html} for embed in embeds] |
bgneal@285 | 35 |
bgneal@285 | 36 return HttpResponse(json.dumps(data), content_type='application/json') |
bgneal@285 | 37 |