annotate shoutbox/views.py @ 790:6a06080e7ca8

Prevent accidental deletion of UserProfiles in the admin.
author Brian Neal <bgneal@gmail.com>
date Fri, 23 May 2014 15:39:14 -0500
parents ee87ea74d46b
children 0ca691cccf8d
rev   line source
gremmie@1 1 """
gremmie@1 2 Views for the Shoutbox application.
gremmie@1 3 """
gremmie@1 4
gremmie@1 5 import re
gremmie@1 6 from django.shortcuts import render_to_response
gremmie@1 7 from django.template import RequestContext
bgneal@92 8 from django.core.paginator import InvalidPage
gremmie@1 9 from django.http import HttpResponse
gremmie@1 10 from django.http import HttpResponseBadRequest
gremmie@1 11 from django.http import HttpResponseForbidden
gremmie@1 12 from django.http import HttpResponseRedirect
bgneal@151 13 from django.http import Http404
gremmie@1 14 from django.contrib.auth.decorators import login_required
bgneal@12 15 from django.views.decorators.http import require_POST
gremmie@1 16
gremmie@1 17 from core.paginator import DiggPaginator
bgneal@13 18 from core.functions import email_admins
bgneal@243 19 from core.functions import get_page
gremmie@1 20 from shoutbox.forms import ShoutBoxForm
gremmie@1 21 from shoutbox.models import Shout
bgneal@13 22 from shoutbox.models import ShoutFlag
gremmie@1 23
gremmie@1 24 SHOUTS_PER_PAGE = 10
gremmie@1 25
gremmie@1 26 @login_required
bgneal@12 27 @require_POST
gremmie@1 28 def shout(request):
bgneal@12 29 msg = request.POST.get('msg', '').strip()
bgneal@12 30 if msg == '':
bgneal@12 31 return HttpResponse('')
bgneal@12 32
bgneal@12 33 shout = Shout(user=request.user, shout=msg)
bgneal@12 34 shout.save()
bgneal@12 35 return render_to_response('shoutbox/shout.html', {
bgneal@12 36 'shout': shout,
bgneal@12 37 },
bgneal@12 38 context_instance = RequestContext(request))
gremmie@1 39
gremmie@1 40
bgneal@13 41 def view_shout(request, id):
bgneal@13 42 """This view is for viewing an individual shout."""
bgneal@13 43 try:
bgneal@13 44 shout = Shout.objects.get(pk=id)
bgneal@13 45 except Shout.DoesNotExist:
bgneal@13 46 return render_to_response('shoutbox/missing_shout.html', {},
bgneal@13 47 context_instance = RequestContext(request))
bgneal@13 48
bgneal@13 49 return render_to_response('shoutbox/view_shout.html', {
bgneal@13 50 'shout': shout,
bgneal@13 51 },
bgneal@13 52 context_instance = RequestContext(request))
bgneal@13 53
bgneal@13 54
bgneal@243 55 def view_history(request):
gremmie@1 56 """This view allows one to view the shoutbox history."""
bgneal@118 57 paginator = DiggPaginator(Shout.objects.all().select_related(),
bgneal@118 58 SHOUTS_PER_PAGE, body=5, tail=3, margin=3, padding=2)
bgneal@243 59 page = get_page(request.GET)
gremmie@1 60 try:
bgneal@243 61 the_page = paginator.page(page)
gremmie@1 62 except InvalidPage:
gremmie@1 63 raise Http404
gremmie@1 64
gremmie@1 65 return render_to_response('shoutbox/view.html', {
gremmie@1 66 'page': the_page,
gremmie@1 67 },
gremmie@1 68 context_instance = RequestContext(request))
gremmie@1 69
gremmie@1 70
gremmie@1 71 shout_id_re = re.compile(r'shout-(\d+)')
gremmie@1 72
gremmie@1 73 def text(request):
gremmie@1 74 """This view function retrieves the text of a shout; it is used in the in-place
gremmie@1 75 editing of shouts on the shoutbox history view."""
gremmie@1 76 if request.user.is_authenticated():
gremmie@1 77 m = shout_id_re.match(request.GET.get('id', ''))
gremmie@1 78 if m is None:
gremmie@1 79 return HttpResponseBadRequest()
gremmie@1 80 try:
gremmie@1 81 shout = Shout.objects.get(pk=m.group(1))
gremmie@1 82 except Shout.DoesNotExist:
gremmie@1 83 return HttpResponseBadRequest()
gremmie@1 84 return HttpResponse(shout.shout)
gremmie@1 85
gremmie@1 86 return HttpResponseForbidden()
gremmie@1 87
gremmie@1 88
gremmie@1 89 def edit(request):
gremmie@1 90 """This view accepts a shoutbox edit from the shoutbox history view."""
gremmie@1 91 if request.user.is_authenticated():
gremmie@1 92 m = shout_id_re.match(request.POST.get('id', ''))
gremmie@1 93 if m is None:
gremmie@1 94 return HttpResponseBadRequest()
gremmie@1 95 try:
gremmie@1 96 shout = Shout.objects.get(pk=m.group(1))
gremmie@1 97 except Shout.DoesNotExist:
gremmie@1 98 return HttpResponseBadRequest()
gremmie@1 99 if request.user != shout.user:
gremmie@1 100 return HttpResponseForbidden()
gremmie@1 101 new_shout = request.POST.get('value', '').strip()
gremmie@1 102 if new_shout == '':
gremmie@1 103 return HttpResponseBadRequest()
gremmie@1 104 shout.shout = new_shout
gremmie@1 105 shout.save()
bgneal@151 106 return HttpResponse(shout.html)
gremmie@1 107
gremmie@1 108 return HttpResponseForbidden()
gremmie@1 109
gremmie@1 110
gremmie@1 111 def delete(request):
gremmie@1 112 """This view deletes a shout. It is called by AJAX from the shoutbox history view."""
gremmie@1 113 if request.user.is_authenticated():
gremmie@1 114 id = request.POST.get('id', None)
gremmie@1 115 if id is None or not id.isdigit():
gremmie@1 116 return HttpResponseBadRequest()
gremmie@1 117 try:
gremmie@1 118 shout = Shout.objects.get(pk=id)
gremmie@1 119 except Shout.DoesNotExist:
gremmie@1 120 return HttpResponseBadRequest()
gremmie@1 121 if request.user != shout.user:
gremmie@1 122 return HttpResponseForbidden()
gremmie@1 123 shout.delete()
gremmie@1 124 return HttpResponse(id)
gremmie@1 125
gremmie@1 126 return HttpResponseForbidden()
bgneal@12 127
bgneal@13 128
bgneal@13 129 @require_POST
bgneal@13 130 def flag(request):
bgneal@13 131 """
bgneal@13 132 This function handles the flagging of shouts by users. This function should
bgneal@13 133 be the target of an AJAX post.
bgneal@13 134 """
bgneal@13 135 if not request.user.is_authenticated():
bgneal@13 136 return HttpResponse('Please login or register to flag a shout.')
bgneal@13 137
bgneal@13 138 id = request.POST.get('id', None)
bgneal@13 139 if id is None:
bgneal@13 140 return HttpResponseBadRequest('No id')
bgneal@13 141
bgneal@13 142 try:
bgneal@13 143 shout = Shout.objects.get(pk=id)
bgneal@13 144 except Shout.DoesNotExist:
bgneal@13 145 return HttpResponseBadRequest('No shout with id %s' % id)
bgneal@13 146
bgneal@13 147 flag = ShoutFlag(user=request.user, shout=shout)
bgneal@13 148 flag.save()
bgneal@13 149 email_admins('A Shout Has Been Flagged', """Hello,
bgneal@13 150
bgneal@13 151 A user has flagged a shout for review.
bgneal@13 152 """)
bgneal@13 153 return HttpResponse('The shout was flagged. A moderator will review the shout shortly. ' \
bgneal@13 154 'Thanks for helping to improve the quality of this site.')
bgneal@13 155
bgneal@12 156 # vim: ts=4 sw=4