annotate gpp/downloads/views.py @ 257:6e7e84707e7d

Fix #106: CSRF verification failures on the deleting of checked PMs.
author Brian Neal <bgneal@gmail.com>
date Tue, 21 Sep 2010 01:16:02 +0000
parents 7ddd60164245
children 41411066b16d
rev   line source
gremmie@1 1 """
gremmie@1 2 Views for the downloads application.
gremmie@1 3 """
gremmie@1 4 import random
gremmie@1 5
gremmie@1 6 from django.shortcuts import render_to_response
gremmie@1 7 from django.template import RequestContext
gremmie@1 8 from django.contrib.auth.decorators import login_required
gremmie@1 9 from django.http import Http404
gremmie@1 10 from django.http import HttpResponse
gremmie@1 11 from django.http import HttpResponseRedirect
gremmie@1 12 from django.http import HttpResponseForbidden
gremmie@1 13 from django.http import HttpResponseBadRequest
bgneal@92 14 from django.core.paginator import InvalidPage
gremmie@1 15 from django.core.urlresolvers import reverse
gremmie@1 16 from django.db.models import Q
gremmie@1 17 from django.views.decorators.http import require_POST
gremmie@1 18
gremmie@1 19 from core.paginator import DiggPaginator
gremmie@1 20 from core.functions import email_admins
bgneal@241 21 from core.functions import get_page
gremmie@1 22 from downloads.models import Category
gremmie@1 23 from downloads.models import Download
gremmie@1 24 from downloads.models import VoteRecord
gremmie@1 25 from downloads.forms import AddDownloadForm
gremmie@1 26
gremmie@1 27 #######################################################################
gremmie@1 28
bgneal@242 29 DLS_PER_PAGE = 10
gremmie@1 30
gremmie@1 31 def create_paginator(dls):
gremmie@1 32 return DiggPaginator(dls, DLS_PER_PAGE, body=5, tail=3, margin=3, padding=2)
gremmie@1 33
gremmie@1 34 #######################################################################
gremmie@1 35
gremmie@1 36 @login_required
gremmie@1 37 def index(request):
gremmie@1 38 categories = Category.objects.all()
gremmie@1 39 total_dls = Download.public_objects.all().count()
gremmie@1 40 return render_to_response('downloads/index.html', {
gremmie@1 41 'categories': categories,
gremmie@1 42 'total_dls': total_dls,
gremmie@1 43 },
gremmie@1 44 context_instance = RequestContext(request))
gremmie@1 45
gremmie@1 46 #######################################################################
gremmie@1 47 # Maps URL component to database field name for the Download table:
gremmie@1 48
gremmie@1 49 DOWNLOAD_FIELD_MAP = {
gremmie@1 50 'title': 'title',
gremmie@1 51 'date': '-date_added',
gremmie@1 52 'rating': '-average_score',
gremmie@1 53 'hits': '-hits'
gremmie@1 54 }
gremmie@1 55
gremmie@1 56 @login_required
bgneal@241 57 def category(request, slug, sort='title'):
gremmie@1 58 try:
bgneal@241 59 cat = Category.objects.get(slug=slug)
gremmie@1 60 except Category.DoesNotExist:
gremmie@1 61 raise Http404
gremmie@1 62
gremmie@1 63 if sort not in DOWNLOAD_FIELD_MAP:
gremmie@1 64 sort = 'title'
gremmie@1 65 order_by = DOWNLOAD_FIELD_MAP[sort]
gremmie@1 66
bgneal@190 67 downloads = Download.public_objects.filter(category=cat.pk).order_by(
bgneal@190 68 order_by)
gremmie@1 69 paginator = create_paginator(downloads)
bgneal@241 70 page = get_page(request.GET)
gremmie@1 71 try:
bgneal@241 72 the_page = paginator.page(page)
gremmie@1 73 except InvalidPage:
gremmie@1 74 raise Http404
gremmie@1 75
gremmie@1 76 return render_to_response('downloads/download_list.html', {
gremmie@1 77 's' : sort,
gremmie@1 78 'category' : cat,
gremmie@1 79 'page' : the_page,
gremmie@1 80 },
gremmie@1 81 context_instance = RequestContext(request))
gremmie@1 82
gremmie@1 83 #######################################################################
gremmie@1 84
gremmie@1 85 @login_required
gremmie@1 86 def new(request):
bgneal@243 87 """Display new downloads with pagination."""
bgneal@243 88
bgneal@243 89 downloads = Download.public_objects.order_by('-date_added')
bgneal@243 90
bgneal@243 91 paginator = create_paginator(downloads)
bgneal@243 92 page = get_page(request.GET)
bgneal@243 93 try:
bgneal@243 94 the_page = paginator.page(page)
bgneal@243 95 except InvalidPage:
bgneal@243 96 raise Http404
bgneal@243 97
gremmie@1 98 return render_to_response('downloads/download_summary.html', {
bgneal@243 99 'page': the_page,
bgneal@243 100 'title': 'Newest Downloads',
gremmie@1 101 },
gremmie@1 102 context_instance = RequestContext(request))
gremmie@1 103
gremmie@1 104 #######################################################################
gremmie@1 105
gremmie@1 106 @login_required
gremmie@1 107 def popular(request):
bgneal@243 108 """Display popular downloads with pagination."""
bgneal@243 109
bgneal@243 110 downloads = Download.public_objects.order_by('-hits')
bgneal@243 111
bgneal@243 112 paginator = create_paginator(downloads)
bgneal@243 113 page = get_page(request.GET)
bgneal@243 114 try:
bgneal@243 115 the_page = paginator.page(page)
bgneal@243 116 except InvalidPage:
bgneal@243 117 raise Http404
bgneal@243 118
gremmie@1 119 return render_to_response('downloads/download_summary.html', {
bgneal@243 120 'page': the_page,
bgneal@243 121 'title': 'Popular Downloads',
gremmie@1 122 },
gremmie@1 123 context_instance = RequestContext(request))
gremmie@1 124
gremmie@1 125 #######################################################################
gremmie@1 126
gremmie@1 127 @login_required
gremmie@1 128 def rating(request):
bgneal@243 129 """Display downloads by rating with pagination."""
bgneal@243 130
bgneal@243 131 downloads = Download.public_objects.order_by('-average_score')
bgneal@243 132 paginator = create_paginator(downloads)
bgneal@243 133 page = get_page(request.GET)
bgneal@243 134 try:
bgneal@243 135 the_page = paginator.page(page)
bgneal@243 136 except InvalidPage:
bgneal@243 137 raise Http404
bgneal@243 138
gremmie@1 139 return render_to_response('downloads/download_summary.html', {
bgneal@243 140 'page': the_page,
bgneal@243 141 'title': 'Highest Rated Downloads',
gremmie@1 142 },
gremmie@1 143 context_instance = RequestContext(request))
gremmie@1 144
gremmie@1 145 #######################################################################
gremmie@1 146
gremmie@1 147 @login_required
bgneal@208 148 @require_POST
gremmie@1 149 def download(request, id):
gremmie@1 150 download = Download.public_objects.get(pk=id)
gremmie@1 151 if download is None:
gremmie@1 152 raise Http404
gremmie@1 153 return _redirect_download(download)
gremmie@1 154
gremmie@1 155 #######################################################################
gremmie@1 156
gremmie@1 157 def _redirect_download(download):
gremmie@1 158 download.hits += 1
gremmie@1 159 download.save()
gremmie@1 160 return HttpResponseRedirect(download.file.url)
gremmie@1 161
gremmie@1 162 #######################################################################
gremmie@1 163
gremmie@1 164 @login_required
bgneal@23 165 def details(request, id):
gremmie@1 166 download = Download.public_objects.get(pk=id)
gremmie@1 167 if download is None:
gremmie@1 168 raise Http404
bgneal@23 169 return render_to_response('downloads/download_detail.html', {
gremmie@1 170 'download' : download,
gremmie@1 171 },
gremmie@1 172 context_instance = RequestContext(request))
gremmie@1 173
gremmie@1 174 #######################################################################
gremmie@1 175
gremmie@1 176 @login_required
bgneal@208 177 @require_POST
gremmie@1 178 def random_download(request):
gremmie@1 179 ids = Download.public_objects.values_list('id', flat=True)
gremmie@1 180 if not ids:
gremmie@1 181 raise Http404
gremmie@1 182 id = random.choice(ids)
gremmie@1 183 download = Download.objects.get(pk=id)
gremmie@1 184 return _redirect_download(download)
gremmie@1 185
gremmie@1 186 #######################################################################
gremmie@1 187
gremmie@1 188 @login_required
gremmie@1 189 def add(request):
gremmie@1 190 if request.method == 'POST':
gremmie@1 191 form = AddDownloadForm(request.POST, request.FILES)
gremmie@1 192 if form.is_valid():
gremmie@1 193 dl = form.save(commit=False)
gremmie@1 194 dl.user = request.user
gremmie@1 195 dl.ip_address = request.META.get('REMOTE_ADDR', None)
gremmie@1 196 dl.save()
gremmie@1 197 email_admins('New download for approval', """Hello,
gremmie@1 198
gremmie@1 199 A user has uploaded a new download for your approval.
gremmie@1 200 """)
gremmie@1 201 return HttpResponseRedirect(reverse('downloads-add_thanks'))
gremmie@1 202 else:
gremmie@1 203 form = AddDownloadForm()
gremmie@1 204
gremmie@1 205 return render_to_response('downloads/add.html', {
gremmie@1 206 'add_form': form,
gremmie@1 207 },
gremmie@1 208 context_instance=RequestContext(request))
gremmie@1 209
gremmie@1 210 #######################################################################
gremmie@1 211
gremmie@1 212 @login_required
gremmie@1 213 def thanks(request):
gremmie@1 214 return render_to_response('downloads/thanks.html', {
gremmie@1 215 },
gremmie@1 216 context_instance=RequestContext(request))
gremmie@1 217
gremmie@1 218 #######################################################################
gremmie@1 219
gremmie@1 220 @require_POST
gremmie@1 221 def rate_download(request):
gremmie@1 222 """This function is called by AJAX to rate a download."""
gremmie@1 223 if request.user.is_authenticated():
gremmie@1 224 id = request.POST.get('id', None)
gremmie@1 225 rating = request.POST.get('rating', None)
gremmie@1 226 if id is None or rating is None:
gremmie@1 227 return HttpResponseBadRequest('Missing id or rating.')
gremmie@1 228
gremmie@1 229 try:
gremmie@1 230 rating = int(rating)
gremmie@1 231 except ValueError:
gremmie@1 232 return HttpResponseBadRequest('Invalid rating.')
gremmie@1 233
gremmie@1 234 # rating will be from 0-4
gremmie@1 235 rating = min(5, max(1, rating))
gremmie@1 236
gremmie@1 237 try:
gremmie@1 238 download = Download.public_objects.get(pk=id)
gremmie@1 239 except Download.DoesNotExist:
gremmie@1 240 return HttpResponseBadRequest('Invalid download id.')
gremmie@1 241
gremmie@1 242 # prevent multiple votes from the same user
bgneal@241 243 vote_record, created = VoteRecord.objects.get_or_create(
bgneal@241 244 download=download, user=request.user)
gremmie@1 245 if created:
gremmie@1 246 new_score = download.vote(rating)
gremmie@1 247 download.save()
gremmie@1 248 return HttpResponse(str(new_score))
gremmie@1 249 else:
gremmie@1 250 return HttpResponse('-1')
gremmie@1 251
gremmie@1 252 return HttpResponseForbidden('You must be logged in to rate a download.')