annotate gpp/forums/views/main.py @ 257:6e7e84707e7d

Fix #106: CSRF verification failures on the deleting of checked PMs.
author Brian Neal <bgneal@gmail.com>
date Tue, 21 Sep 2010 01:16:02 +0000
parents d302c498560e
children 307a74e28112
rev   line source
bgneal@232 1 """
bgneal@232 2 Views for the forums application.
bgneal@232 3 """
bgneal@232 4 import datetime
bgneal@232 5
bgneal@232 6 from django.contrib.auth.decorators import login_required
bgneal@232 7 from django.contrib.auth.models import User
bgneal@232 8 from django.http import Http404
bgneal@232 9 from django.http import HttpResponse
bgneal@232 10 from django.http import HttpResponseBadRequest
bgneal@232 11 from django.http import HttpResponseForbidden
bgneal@232 12 from django.http import HttpResponseRedirect
bgneal@232 13 from django.core.urlresolvers import reverse
bgneal@232 14 from django.core.paginator import InvalidPage
bgneal@232 15 from django.shortcuts import get_object_or_404
bgneal@232 16 from django.shortcuts import render_to_response
bgneal@232 17 from django.shortcuts import redirect
bgneal@232 18 from django.template.loader import render_to_string
bgneal@232 19 from django.template import RequestContext
bgneal@232 20 from django.views.decorators.http import require_POST
bgneal@232 21 from django.utils.text import wrap
bgneal@232 22 from django.db.models import F
bgneal@232 23
bgneal@232 24 from core.paginator import DiggPaginator
bgneal@232 25 from core.functions import email_admins
bgneal@232 26 from forums.models import Forum, Topic, Post, FlaggedPost, TopicLastVisit, \
bgneal@232 27 ForumLastVisit
bgneal@232 28 from forums.forms import NewTopicForm, NewPostForm, PostForm, MoveTopicForm, \
bgneal@232 29 SplitTopicForm
bgneal@232 30 from forums.unread import get_forum_unread_status, get_topic_unread_status, \
bgneal@232 31 get_post_unread_status, get_unread_topics
bgneal@232 32
bgneal@232 33 from bio.models import UserProfile
bgneal@232 34 import antispam
bgneal@232 35 import antispam.utils
bgneal@232 36
bgneal@232 37 #######################################################################
bgneal@232 38
bgneal@232 39 TOPICS_PER_PAGE = 50
bgneal@232 40 POSTS_PER_PAGE = 20
bgneal@232 41
bgneal@232 42
bgneal@232 43 def get_page_num(request):
bgneal@232 44 """Returns the value of the 'page' variable in GET if it exists, or 1
bgneal@232 45 if it does not."""
bgneal@232 46
bgneal@232 47 try:
bgneal@232 48 page_num = int(request.GET.get('page', 1))
bgneal@232 49 except ValueError:
bgneal@232 50 page_num = 1
bgneal@232 51
bgneal@232 52 return page_num
bgneal@232 53
bgneal@232 54
bgneal@232 55 def create_topic_paginator(topics):
bgneal@232 56 return DiggPaginator(topics, TOPICS_PER_PAGE, body=5, tail=2, margin=3, padding=2)
bgneal@232 57
bgneal@232 58 def create_post_paginator(posts):
bgneal@232 59 return DiggPaginator(posts, POSTS_PER_PAGE, body=5, tail=2, margin=3, padding=2)
bgneal@232 60
bgneal@232 61
bgneal@232 62 def attach_topic_page_ranges(topics):
bgneal@232 63 """Attaches a page_range attribute to each topic in the supplied list.
bgneal@232 64 This attribute will be None if it is a single page topic. This is used
bgneal@232 65 by the templates to generate "goto page x" links.
bgneal@232 66 """
bgneal@232 67 for topic in topics:
bgneal@232 68 if topic.post_count > POSTS_PER_PAGE:
bgneal@232 69 pp = DiggPaginator(range(topic.post_count), POSTS_PER_PAGE,
bgneal@232 70 body=2, tail=3, margin=1)
bgneal@232 71 topic.page_range = pp.page(1).page_range
bgneal@232 72 else:
bgneal@232 73 topic.page_range = None
bgneal@232 74
bgneal@232 75 #######################################################################
bgneal@232 76
bgneal@232 77 SPECIAL_QUERIES = {
bgneal@232 78 'unread': 'forums-unread_topics',
bgneal@232 79 'unanswered': 'forums-unanswered_topics',
bgneal@232 80 'mine': 'forums-my_posts',
bgneal@232 81 'favorites': 'forums-manage_favorites',
bgneal@232 82 'subscriptions': 'forums-manage_subscriptions',
bgneal@232 83 }
bgneal@232 84
bgneal@232 85 def index(request):
bgneal@232 86 """
bgneal@232 87 This view displays all the forums available, ordered in each category.
bgneal@232 88 """
bgneal@232 89 # check for special forum queries
bgneal@232 90 query = request.GET.get("query")
bgneal@232 91 if query in SPECIAL_QUERIES:
bgneal@232 92 return redirect(SPECIAL_QUERIES[query])
bgneal@232 93
bgneal@232 94 public_forums = Forum.objects.public_forums()
bgneal@232 95 feeds = [{'name': 'All Forums', 'feed': '/feeds/forums/'}]
bgneal@232 96
bgneal@232 97 forums = Forum.objects.forums_for_user(request.user)
bgneal@232 98 get_forum_unread_status(forums, request.user)
bgneal@232 99 cats = {}
bgneal@232 100 for forum in forums:
bgneal@232 101 forum.has_feed = forum in public_forums
bgneal@232 102 if forum.has_feed:
bgneal@232 103 feeds.append({
bgneal@232 104 'name': '%s Forum' % forum.name,
bgneal@232 105 'feed': '/feeds/forums/%s/' % forum.slug,
bgneal@232 106 })
bgneal@232 107
bgneal@232 108 cat = cats.setdefault(forum.category.id, {
bgneal@232 109 'cat': forum.category,
bgneal@232 110 'forums': [],
bgneal@232 111 })
bgneal@232 112 cat['forums'].append(forum)
bgneal@232 113
bgneal@232 114 cmpdef = lambda a, b: cmp(a['cat'].position, b['cat'].position)
bgneal@232 115 cats = sorted(cats.values(), cmpdef)
bgneal@232 116
bgneal@232 117 return render_to_response('forums/index.html', {
bgneal@232 118 'cats': cats,
bgneal@232 119 'feeds': feeds,
bgneal@232 120 },
bgneal@232 121 context_instance=RequestContext(request))
bgneal@232 122
bgneal@232 123
bgneal@232 124 def forum_index(request, slug):
bgneal@232 125 """
bgneal@232 126 Displays all the topics in a forum.
bgneal@232 127 """
bgneal@232 128 forum = get_object_or_404(Forum.objects.select_related(), slug=slug)
bgneal@232 129
bgneal@232 130 if not forum.category.can_access(request.user):
bgneal@232 131 return HttpResponseForbidden()
bgneal@232 132
bgneal@232 133 topics = forum.topics.select_related('user', 'last_post', 'last_post__user')
bgneal@232 134 get_topic_unread_status(forum, topics, request.user)
bgneal@232 135
bgneal@232 136 paginator = create_topic_paginator(topics)
bgneal@232 137 page_num = get_page_num(request)
bgneal@232 138 try:
bgneal@232 139 page = paginator.page(page_num)
bgneal@232 140 except InvalidPage:
bgneal@232 141 raise Http404
bgneal@232 142
bgneal@232 143 attach_topic_page_ranges(page.object_list)
bgneal@232 144
bgneal@232 145 # we do this for the template since it is rendered twice
bgneal@232 146 page_nav = render_to_string('forums/pagination.html', {'page': page})
bgneal@232 147
bgneal@232 148 can_moderate = _can_moderate(forum, request.user)
bgneal@232 149
bgneal@232 150 return render_to_response('forums/forum_index.html', {
bgneal@232 151 'forum': forum,
bgneal@232 152 'page': page,
bgneal@232 153 'page_nav': page_nav,
bgneal@232 154 'can_moderate': can_moderate,
bgneal@232 155 },
bgneal@232 156 context_instance=RequestContext(request))
bgneal@232 157
bgneal@232 158
bgneal@232 159 def topic_index(request, id):
bgneal@232 160 """
bgneal@232 161 Displays all the posts in a topic.
bgneal@232 162 """
bgneal@232 163 topic = get_object_or_404(Topic.objects.select_related(
bgneal@232 164 'forum', 'forum__category', 'last_post'), pk=id)
bgneal@232 165
bgneal@232 166 if not topic.forum.category.can_access(request.user):
bgneal@232 167 return HttpResponseForbidden()
bgneal@232 168
bgneal@232 169 topic.view_count = F('view_count') + 1
bgneal@232 170 topic.save(force_update=True)
bgneal@232 171
bgneal@232 172 posts = topic.posts.select_related()
bgneal@232 173
bgneal@232 174 paginator = create_post_paginator(posts)
bgneal@232 175 page_num = get_page_num(request)
bgneal@232 176 try:
bgneal@232 177 page = paginator.page(page_num)
bgneal@232 178 except InvalidPage:
bgneal@232 179 raise Http404
bgneal@232 180 get_post_unread_status(topic, page.object_list, request.user)
bgneal@232 181
bgneal@232 182 # Attach user profiles to each post to avoid using get_user_profile() in
bgneal@232 183 # the template.
bgneal@232 184 users = set(post.user.id for post in page.object_list)
bgneal@232 185
bgneal@232 186 profiles = UserProfile.objects.filter(user__id__in=users).select_related()
bgneal@232 187 user_profiles = dict((profile.user.id, profile) for profile in profiles)
bgneal@232 188
bgneal@232 189 for post in page.object_list:
bgneal@232 190 post.user_profile = user_profiles[post.user.id]
bgneal@232 191
bgneal@232 192 last_page = page_num == paginator.num_pages
bgneal@232 193
bgneal@232 194 if request.user.is_authenticated() and last_page:
bgneal@232 195 _update_last_visit(request.user, topic)
bgneal@232 196
bgneal@232 197 # we do this for the template since it is rendered twice
bgneal@232 198 page_nav = render_to_string('forums/pagination.html', {'page': page})
bgneal@232 199
bgneal@232 200 can_moderate = _can_moderate(topic.forum, request.user)
bgneal@232 201
bgneal@232 202 can_reply = request.user.is_authenticated() and (
bgneal@232 203 not topic.locked or can_moderate)
bgneal@232 204
bgneal@232 205 is_favorite = request.user.is_authenticated() and (
bgneal@232 206 topic in request.user.favorite_topics.all())
bgneal@232 207
bgneal@232 208 is_subscribed = request.user.is_authenticated() and (
bgneal@232 209 topic in request.user.subscriptions.all())
bgneal@232 210
bgneal@232 211 return render_to_response('forums/topic.html', {
bgneal@232 212 'forum': topic.forum,
bgneal@232 213 'topic': topic,
bgneal@232 214 'page': page,
bgneal@232 215 'page_nav': page_nav,
bgneal@232 216 'last_page': last_page,
bgneal@232 217 'can_moderate': can_moderate,
bgneal@232 218 'can_reply': can_reply,
bgneal@232 219 'form': NewPostForm(initial={'topic_id': topic.id}),
bgneal@232 220 'is_favorite': is_favorite,
bgneal@232 221 'is_subscribed': is_subscribed,
bgneal@232 222 },
bgneal@232 223 context_instance=RequestContext(request))
bgneal@232 224
bgneal@232 225
bgneal@232 226 @login_required
bgneal@232 227 def new_topic(request, slug):
bgneal@232 228 """
bgneal@232 229 This view handles the creation of new topics.
bgneal@232 230 """
bgneal@232 231 forum = get_object_or_404(Forum.objects.select_related(), slug=slug)
bgneal@232 232
bgneal@232 233 if not forum.category.can_access(request.user):
bgneal@232 234 return HttpResponseForbidden()
bgneal@232 235
bgneal@232 236 if request.method == 'POST':
bgneal@232 237 form = NewTopicForm(request.user, forum, request.POST)
bgneal@232 238 if form.is_valid():
bgneal@232 239 if antispam.utils.spam_check(request, form.cleaned_data['body']):
bgneal@232 240 return HttpResponseRedirect(reverse('antispam-suspended'))
bgneal@232 241
bgneal@232 242 topic = form.save(request.META.get("REMOTE_ADDR"))
bgneal@232 243 _bump_post_count(request.user)
bgneal@232 244 return HttpResponseRedirect(reverse('forums-new_topic_thanks',
bgneal@232 245 kwargs={'tid': topic.pk}))
bgneal@232 246 else:
bgneal@232 247 form = NewTopicForm(request.user, forum)
bgneal@232 248
bgneal@232 249 return render_to_response('forums/new_topic.html', {
bgneal@232 250 'forum': forum,
bgneal@232 251 'form': form,
bgneal@232 252 },
bgneal@232 253 context_instance=RequestContext(request))
bgneal@232 254
bgneal@232 255
bgneal@232 256 @login_required
bgneal@232 257 def new_topic_thanks(request, tid):
bgneal@232 258 """
bgneal@232 259 This view displays the success page for a newly created topic.
bgneal@232 260 """
bgneal@232 261 topic = get_object_or_404(Topic.objects.select_related(), pk=tid)
bgneal@232 262 return render_to_response('forums/new_topic_thanks.html', {
bgneal@232 263 'forum': topic.forum,
bgneal@232 264 'topic': topic,
bgneal@232 265 },
bgneal@232 266 context_instance=RequestContext(request))
bgneal@232 267
bgneal@232 268
bgneal@232 269 @require_POST
bgneal@232 270 def quick_reply_ajax(request):
bgneal@232 271 """
bgneal@232 272 This function handles the quick reply to a thread function. This
bgneal@232 273 function is meant to be the target of an AJAX post, and returns
bgneal@232 274 the HTML for the new post, which the client-side script appends
bgneal@232 275 to the document.
bgneal@232 276 """
bgneal@232 277 if not request.user.is_authenticated():
bgneal@232 278 return HttpResponseForbidden('Please login or register to post.')
bgneal@232 279
bgneal@232 280 form = NewPostForm(request.POST)
bgneal@232 281 if form.is_valid():
bgneal@232 282 if not _can_post_in_topic(form.topic, request.user):
bgneal@232 283 return HttpResponseForbidden("You don't have permission to post in this topic.")
bgneal@232 284 if antispam.utils.spam_check(request, form.cleaned_data['body']):
bgneal@232 285 return HttpResponseForbidden(antispam.BUSTED_MESSAGE)
bgneal@232 286
bgneal@232 287 post = form.save(request.user, request.META.get("REMOTE_ADDR", ""))
bgneal@232 288 post.unread = True
bgneal@232 289 post.user_profile = request.user.get_profile()
bgneal@232 290 _bump_post_count(request.user)
bgneal@232 291 _update_last_visit(request.user, form.topic)
bgneal@232 292 return render_to_response('forums/display_post.html', {
bgneal@232 293 'post': post,
bgneal@232 294 'can_moderate': _can_moderate(form.topic.forum, request.user),
bgneal@232 295 'can_reply': True,
bgneal@232 296 },
bgneal@232 297 context_instance=RequestContext(request))
bgneal@232 298
bgneal@232 299 return HttpResponseBadRequest("Invalid post.");
bgneal@232 300
bgneal@232 301
bgneal@232 302 def goto_post(request, post_id):
bgneal@232 303 """
bgneal@232 304 This function calculates what page a given post is on, then redirects
bgneal@232 305 to that URL. This function is the target of get_absolute_url() for
bgneal@232 306 Post objects.
bgneal@232 307 """
bgneal@232 308 post = get_object_or_404(Post.objects.select_related(), pk=post_id)
bgneal@232 309 count = post.topic.posts.filter(creation_date__lt=post.creation_date).count()
bgneal@232 310 page = count / POSTS_PER_PAGE + 1
bgneal@232 311 url = reverse('forums-topic_index', kwargs={'id': post.topic.id}) + \
bgneal@232 312 '?page=%s#p%s' % (page, post.id)
bgneal@232 313 return HttpResponseRedirect(url)
bgneal@232 314
bgneal@232 315
bgneal@232 316 @require_POST
bgneal@232 317 def flag_post(request):
bgneal@232 318 """
bgneal@232 319 This function handles the flagging of posts by users. This function should
bgneal@232 320 be the target of an AJAX post.
bgneal@232 321 """
bgneal@232 322 if not request.user.is_authenticated():
bgneal@232 323 return HttpResponseForbidden('Please login or register to flag a post.')
bgneal@232 324
bgneal@232 325 id = request.POST.get('id')
bgneal@232 326 if id is None:
bgneal@232 327 return HttpResponseBadRequest('No post id')
bgneal@232 328
bgneal@232 329 try:
bgneal@232 330 post = Post.objects.get(pk=id)
bgneal@232 331 except Post.DoesNotExist:
bgneal@232 332 return HttpResponseBadRequest('No post with id %s' % id)
bgneal@232 333
bgneal@232 334 flag = FlaggedPost(user=request.user, post=post)
bgneal@232 335 flag.save()
bgneal@232 336 email_admins('A Post Has Been Flagged', """Hello,
bgneal@232 337
bgneal@232 338 A user has flagged a forum post for review.
bgneal@232 339 """)
bgneal@232 340 return HttpResponse('The post was flagged. A moderator will review the post shortly. ' \
bgneal@232 341 'Thanks for helping to improve the discussions on this site.')
bgneal@232 342
bgneal@232 343
bgneal@232 344 @login_required
bgneal@232 345 def edit_post(request, id):
bgneal@232 346 """
bgneal@232 347 This view function allows authorized users to edit posts.
bgneal@232 348 The superuser, forum moderators, and original author can edit posts.
bgneal@232 349 """
bgneal@232 350 post = get_object_or_404(Post.objects.select_related(), pk=id)
bgneal@232 351
bgneal@232 352 can_moderate = _can_moderate(post.topic.forum, request.user)
bgneal@232 353 can_edit = can_moderate or request.user == post.user
bgneal@232 354
bgneal@232 355 if not can_edit:
bgneal@232 356 return HttpResponseForbidden("You don't have permission to edit that post.")
bgneal@232 357
bgneal@232 358 if request.method == "POST":
bgneal@232 359 form = PostForm(request.POST, instance=post)
bgneal@232 360 if form.is_valid():
bgneal@232 361 if antispam.utils.spam_check(request, form.cleaned_data['body']):
bgneal@232 362 return HttpResponseRedirect(reverse('antispam-suspended'))
bgneal@232 363 post = form.save(commit=False)
bgneal@232 364 post.touch()
bgneal@232 365 post.save()
bgneal@232 366 return HttpResponseRedirect(post.get_absolute_url())
bgneal@232 367 else:
bgneal@232 368 form = PostForm(instance=post)
bgneal@232 369
bgneal@232 370 post.user_profile = request.user.get_profile()
bgneal@232 371
bgneal@232 372 return render_to_response('forums/edit_post.html', {
bgneal@232 373 'forum': post.topic.forum,
bgneal@232 374 'topic': post.topic,
bgneal@232 375 'post': post,
bgneal@232 376 'form': form,
bgneal@232 377 'can_moderate': can_moderate,
bgneal@232 378 },
bgneal@232 379 context_instance=RequestContext(request))
bgneal@232 380
bgneal@232 381
bgneal@232 382 @require_POST
bgneal@232 383 def delete_post(request):
bgneal@232 384 """
bgneal@232 385 This view function allows superusers and forum moderators to delete posts.
bgneal@232 386 This function is the target of AJAX calls from the client.
bgneal@232 387 """
bgneal@232 388 if not request.user.is_authenticated():
bgneal@232 389 return HttpResponseForbidden('Please login to delete a post.')
bgneal@232 390
bgneal@232 391 id = request.POST.get('id')
bgneal@232 392 if id is None:
bgneal@232 393 return HttpResponseBadRequest('No post id')
bgneal@232 394
bgneal@232 395 post = get_object_or_404(Post.objects.select_related(), pk=id)
bgneal@232 396
bgneal@232 397 can_delete = request.user.is_superuser or \
bgneal@232 398 request.user in post.topic.forum.moderators.all()
bgneal@232 399
bgneal@232 400 if not can_delete:
bgneal@232 401 return HttpResponseForbidden("You don't have permission to delete that post.")
bgneal@232 402
bgneal@232 403 delete_single_post(post)
bgneal@232 404 return HttpResponse("The post has been deleted.")
bgneal@232 405
bgneal@232 406
bgneal@232 407 def delete_single_post(post):
bgneal@232 408 """
bgneal@232 409 This function deletes a single post. It handles the case of where
bgneal@232 410 a post is the sole post in a topic by deleting the topic also. It
bgneal@232 411 adjusts any foreign keys in Topic or Forum objects that might be pointing
bgneal@232 412 to this post before deleting the post to avoid a cascading delete.
bgneal@232 413 """
bgneal@232 414 if post.topic.post_count == 1 and post == post.topic.last_post:
bgneal@232 415 _delete_topic(post.topic)
bgneal@232 416 else:
bgneal@232 417 _delete_post(post)
bgneal@232 418
bgneal@232 419
bgneal@232 420 def _delete_post(post):
bgneal@232 421 """
bgneal@232 422 Internal function to delete a single post object.
bgneal@232 423 Decrements the post author's post count.
bgneal@232 424 Adjusts the parent topic and forum's last_post as needed.
bgneal@232 425 """
bgneal@232 426 # Adjust post creator's post count
bgneal@232 427 profile = post.user.get_profile()
bgneal@232 428 if profile.forum_post_count > 0:
bgneal@232 429 profile.forum_post_count -= 1
bgneal@232 430 profile.save()
bgneal@232 431
bgneal@232 432 # If this post is the last_post in a topic, we need to update
bgneal@232 433 # both the topic and parent forum's last post fields. If we don't
bgneal@232 434 # the cascading delete will delete them also!
bgneal@232 435
bgneal@232 436 topic = post.topic
bgneal@232 437 if topic.last_post == post:
bgneal@232 438 topic.last_post_pre_delete()
bgneal@232 439 topic.save()
bgneal@232 440
bgneal@232 441 forum = topic.forum
bgneal@232 442 if forum.last_post == post:
bgneal@232 443 forum.last_post_pre_delete()
bgneal@232 444 forum.save()
bgneal@232 445
bgneal@232 446 # Should be safe to delete the post now:
bgneal@232 447 post.delete()
bgneal@232 448
bgneal@232 449
bgneal@232 450 def _delete_topic(topic):
bgneal@232 451 """
bgneal@232 452 Internal function to delete an entire topic.
bgneal@232 453 Deletes the topic and all posts contained within.
bgneal@232 454 Adjusts the parent forum's last_post as needed.
bgneal@232 455 Note that we don't bother adjusting all the users'
bgneal@232 456 post counts as that doesn't seem to be worth the effort.
bgneal@232 457 """
bgneal@232 458 if topic.forum.last_post and topic.forum.last_post.topic == topic:
bgneal@232 459 topic.forum.last_post_pre_delete()
bgneal@232 460 topic.forum.save()
bgneal@232 461
bgneal@232 462 # delete subscriptions to this topic
bgneal@232 463 topic.subscribers.clear()
bgneal@232 464 topic.bookmarkers.clear()
bgneal@232 465
bgneal@232 466 # It should be safe to just delete the topic now. This will
bgneal@232 467 # automatically delete all posts in the topic.
bgneal@232 468 topic.delete()
bgneal@232 469
bgneal@232 470
bgneal@232 471 @login_required
bgneal@232 472 def new_post(request, topic_id):
bgneal@232 473 """
bgneal@232 474 This function is the view for creating a normal, non-quick reply
bgneal@232 475 to a topic.
bgneal@232 476 """
bgneal@232 477 topic = get_object_or_404(Topic.objects.select_related(), pk=topic_id)
bgneal@232 478 can_post = _can_post_in_topic(topic, request.user)
bgneal@232 479
bgneal@232 480 if can_post:
bgneal@232 481 if request.method == 'POST':
bgneal@232 482 form = PostForm(request.POST)
bgneal@232 483 if form.is_valid():
bgneal@232 484 if antispam.utils.spam_check(request, form.cleaned_data['body']):
bgneal@232 485 return HttpResponseRedirect(reverse('antispam-suspended'))
bgneal@232 486 post = form.save(commit=False)
bgneal@232 487 post.topic = topic
bgneal@232 488 post.user = request.user
bgneal@232 489 post.user_ip = request.META.get("REMOTE_ADDR", "")
bgneal@232 490 post.save()
bgneal@232 491 _bump_post_count(request.user)
bgneal@232 492 _update_last_visit(request.user, topic)
bgneal@232 493 return HttpResponseRedirect(post.get_absolute_url())
bgneal@232 494 else:
bgneal@232 495 quote_id = request.GET.get('quote')
bgneal@232 496 if quote_id:
bgneal@232 497 quote_post = get_object_or_404(Post.objects.select_related(),
bgneal@232 498 pk=quote_id)
bgneal@232 499 form = PostForm(initial={'body': _quote_message(quote_post.user.username,
bgneal@232 500 quote_post.body)})
bgneal@232 501 else:
bgneal@232 502 form = PostForm()
bgneal@232 503 else:
bgneal@232 504 form = None
bgneal@232 505
bgneal@232 506 return render_to_response('forums/new_post.html', {
bgneal@232 507 'forum': topic.forum,
bgneal@232 508 'topic': topic,
bgneal@232 509 'form': form,
bgneal@232 510 'can_post': can_post,
bgneal@232 511 },
bgneal@232 512 context_instance=RequestContext(request))
bgneal@232 513
bgneal@232 514
bgneal@232 515 @login_required
bgneal@232 516 def mod_topic_stick(request, id):
bgneal@232 517 """
bgneal@232 518 This view function is for moderators to toggle the sticky status of a topic.
bgneal@232 519 """
bgneal@232 520 topic = get_object_or_404(Topic.objects.select_related(), pk=id)
bgneal@232 521 if _can_moderate(topic.forum, request.user):
bgneal@232 522 topic.sticky = not topic.sticky
bgneal@232 523 topic.save()
bgneal@232 524 return HttpResponseRedirect(topic.get_absolute_url())
bgneal@232 525
bgneal@232 526 return HttpResponseForbidden()
bgneal@232 527
bgneal@232 528
bgneal@232 529 @login_required
bgneal@232 530 def mod_topic_lock(request, id):
bgneal@232 531 """
bgneal@232 532 This view function is for moderators to toggle the locked status of a topic.
bgneal@232 533 """
bgneal@232 534 topic = get_object_or_404(Topic.objects.select_related(), pk=id)
bgneal@232 535 if _can_moderate(topic.forum, request.user):
bgneal@232 536 topic.locked = not topic.locked
bgneal@232 537 topic.save()
bgneal@232 538 return HttpResponseRedirect(topic.get_absolute_url())
bgneal@232 539
bgneal@232 540 return HttpResponseForbidden()
bgneal@232 541
bgneal@232 542
bgneal@232 543 @login_required
bgneal@232 544 def mod_topic_delete(request, id):
bgneal@232 545 """
bgneal@232 546 This view function is for moderators to delete an entire topic.
bgneal@232 547 """
bgneal@232 548 topic = get_object_or_404(Topic.objects.select_related(), pk=id)
bgneal@232 549 if _can_moderate(topic.forum, request.user):
bgneal@232 550 forum_url = topic.forum.get_absolute_url()
bgneal@232 551 _delete_topic(topic)
bgneal@232 552 return HttpResponseRedirect(forum_url)
bgneal@232 553
bgneal@232 554 return HttpResponseForbidden()
bgneal@232 555
bgneal@232 556
bgneal@232 557 @login_required
bgneal@232 558 def mod_topic_move(request, id):
bgneal@232 559 """
bgneal@232 560 This view function is for moderators to move a topic to a different forum.
bgneal@232 561 """
bgneal@232 562 topic = get_object_or_404(Topic.objects.select_related(), pk=id)
bgneal@232 563 if not _can_moderate(topic.forum, request.user):
bgneal@232 564 return HttpResponseForbidden()
bgneal@232 565
bgneal@232 566 if request.method == 'POST':
bgneal@232 567 form = MoveTopicForm(request.user, request.POST)
bgneal@232 568 if form.is_valid():
bgneal@232 569 new_forum = form.cleaned_data['forums']
bgneal@232 570 old_forum = topic.forum
bgneal@232 571 _move_topic(topic, old_forum, new_forum)
bgneal@232 572 return HttpResponseRedirect(topic.get_absolute_url())
bgneal@232 573 else:
bgneal@232 574 form = MoveTopicForm(request.user)
bgneal@232 575
bgneal@232 576 return render_to_response('forums/move_topic.html', {
bgneal@232 577 'forum': topic.forum,
bgneal@232 578 'topic': topic,
bgneal@232 579 'form': form,
bgneal@232 580 },
bgneal@232 581 context_instance=RequestContext(request))
bgneal@232 582
bgneal@232 583
bgneal@232 584 @login_required
bgneal@232 585 def mod_forum(request, slug):
bgneal@232 586 """
bgneal@232 587 Displays a view to allow moderators to perform various operations
bgneal@232 588 on topics in a forum in bulk. We currently support mass locking/unlocking,
bgneal@232 589 stickying and unstickying, moving, and deleting topics.
bgneal@232 590 """
bgneal@232 591 forum = get_object_or_404(Forum.objects.select_related(), slug=slug)
bgneal@232 592 if not _can_moderate(forum, request.user):
bgneal@232 593 return HttpResponseForbidden()
bgneal@232 594
bgneal@232 595 topics = forum.topics.select_related('user', 'last_post', 'last_post__user')
bgneal@232 596 paginator = create_topic_paginator(topics)
bgneal@232 597 page_num = get_page_num(request)
bgneal@232 598 try:
bgneal@232 599 page = paginator.page(page_num)
bgneal@232 600 except InvalidPage:
bgneal@232 601 raise Http404
bgneal@232 602
bgneal@232 603 # we do this for the template since it is rendered twice
bgneal@232 604 page_nav = render_to_string('forums/pagination.html', {'page': page})
bgneal@232 605 form = None
bgneal@232 606
bgneal@232 607 if request.method == 'POST':
bgneal@232 608 topic_ids = request.POST.getlist('topic_ids')
bgneal@232 609 url = reverse('forums-mod_forum', kwargs={'slug':forum.slug})
bgneal@232 610 url += '?page=%s' % page_num
bgneal@232 611
bgneal@232 612 if len(topic_ids):
bgneal@232 613 if request.POST.get('sticky'):
bgneal@232 614 _bulk_sticky(forum, topic_ids)
bgneal@232 615 return HttpResponseRedirect(url)
bgneal@232 616 elif request.POST.get('lock'):
bgneal@232 617 _bulk_lock(forum, topic_ids)
bgneal@232 618 return HttpResponseRedirect(url)
bgneal@232 619 elif request.POST.get('delete'):
bgneal@232 620 _bulk_delete(forum, topic_ids)
bgneal@232 621 return HttpResponseRedirect(url)
bgneal@232 622 elif request.POST.get('move'):
bgneal@232 623 form = MoveTopicForm(request.user, request.POST, hide_label=True)
bgneal@232 624 if form.is_valid():
bgneal@232 625 _bulk_move(topic_ids, forum, form.cleaned_data['forums'])
bgneal@232 626 return HttpResponseRedirect(url)
bgneal@232 627
bgneal@232 628 if form is None:
bgneal@232 629 form = MoveTopicForm(request.user, hide_label=True)
bgneal@232 630
bgneal@232 631 return render_to_response('forums/mod_forum.html', {
bgneal@232 632 'forum': forum,
bgneal@232 633 'page': page,
bgneal@232 634 'page_nav': page_nav,
bgneal@232 635 'form': form,
bgneal@232 636 },
bgneal@232 637 context_instance=RequestContext(request))
bgneal@232 638
bgneal@232 639
bgneal@232 640 @login_required
bgneal@232 641 @require_POST
bgneal@232 642 def forum_catchup(request, slug):
bgneal@232 643 """
bgneal@232 644 This view marks all the topics in the forum as being read.
bgneal@232 645 """
bgneal@232 646 forum = get_object_or_404(Forum.objects.select_related(), slug=slug)
bgneal@232 647
bgneal@232 648 if not forum.category.can_access(request.user):
bgneal@232 649 return HttpResponseForbidden()
bgneal@232 650
bgneal@232 651 forum.catchup(request.user)
bgneal@232 652 return HttpResponseRedirect(forum.get_absolute_url())
bgneal@232 653
bgneal@232 654
bgneal@232 655 @login_required
bgneal@232 656 def mod_topic_split(request, id):
bgneal@232 657 """
bgneal@232 658 This view function allows moderators to split posts off to a new topic.
bgneal@232 659 """
bgneal@232 660 topic = get_object_or_404(Topic.objects.select_related(), pk=id)
bgneal@232 661 if not _can_moderate(topic.forum, request.user):
bgneal@232 662 return HttpResponseRedirect(topic.get_absolute_url())
bgneal@232 663
bgneal@232 664 if request.method == "POST":
bgneal@232 665 form = SplitTopicForm(request.user, request.POST)
bgneal@232 666 if form.is_valid():
bgneal@232 667 if form.split_at:
bgneal@232 668 _split_topic_at(topic, form.post_ids[0],
bgneal@232 669 form.cleaned_data['forums'],
bgneal@232 670 form.cleaned_data['name'])
bgneal@232 671 else:
bgneal@232 672 _split_topic(topic, form.post_ids,
bgneal@232 673 form.cleaned_data['forums'],
bgneal@232 674 form.cleaned_data['name'])
bgneal@232 675
bgneal@232 676 return HttpResponseRedirect(topic.get_absolute_url())
bgneal@232 677 else:
bgneal@232 678 form = SplitTopicForm(request.user)
bgneal@232 679
bgneal@232 680 posts = topic.posts.select_related()
bgneal@232 681
bgneal@232 682 return render_to_response('forums/mod_split_topic.html', {
bgneal@232 683 'forum': topic.forum,
bgneal@232 684 'topic': topic,
bgneal@232 685 'posts': posts,
bgneal@232 686 'form': form,
bgneal@232 687 },
bgneal@232 688 context_instance=RequestContext(request))
bgneal@232 689
bgneal@232 690
bgneal@232 691 @login_required
bgneal@232 692 def unread_topics(request):
bgneal@232 693 """Displays the topics with unread posts for a given user."""
bgneal@232 694
bgneal@232 695 topics = get_unread_topics(request.user)
bgneal@232 696
bgneal@232 697 paginator = create_topic_paginator(topics)
bgneal@232 698 page_num = get_page_num(request)
bgneal@232 699 try:
bgneal@232 700 page = paginator.page(page_num)
bgneal@232 701 except InvalidPage:
bgneal@232 702 raise Http404
bgneal@232 703
bgneal@232 704 attach_topic_page_ranges(page.object_list)
bgneal@232 705
bgneal@232 706 # we do this for the template since it is rendered twice
bgneal@232 707 page_nav = render_to_string('forums/pagination.html', {'page': page})
bgneal@232 708
bgneal@232 709 return render_to_response('forums/topic_list.html', {
bgneal@232 710 'title': 'Topics With Unread Posts',
bgneal@232 711 'page': page,
bgneal@232 712 'page_nav': page_nav,
bgneal@232 713 },
bgneal@232 714 context_instance=RequestContext(request))
bgneal@232 715
bgneal@232 716
bgneal@232 717 def unanswered_topics(request):
bgneal@232 718 """Displays the topics with no replies."""
bgneal@232 719
bgneal@232 720 forum_ids = Forum.objects.forum_ids_for_user(request.user)
bgneal@232 721 topics = Topic.objects.filter(forum__id__in=forum_ids,
bgneal@232 722 post_count=1).select_related(
bgneal@232 723 'forum', 'user', 'last_post', 'last_post__user')
bgneal@232 724
bgneal@232 725 paginator = create_topic_paginator(topics)
bgneal@232 726 page_num = get_page_num(request)
bgneal@232 727 try:
bgneal@232 728 page = paginator.page(page_num)
bgneal@232 729 except InvalidPage:
bgneal@232 730 raise Http404
bgneal@232 731
bgneal@232 732 attach_topic_page_ranges(page.object_list)
bgneal@232 733
bgneal@232 734 # we do this for the template since it is rendered twice
bgneal@232 735 page_nav = render_to_string('forums/pagination.html', {'page': page})
bgneal@232 736
bgneal@232 737 return render_to_response('forums/topic_list.html', {
bgneal@232 738 'title': 'Unanswered Topics',
bgneal@232 739 'page': page,
bgneal@232 740 'page_nav': page_nav,
bgneal@232 741 },
bgneal@232 742 context_instance=RequestContext(request))
bgneal@232 743
bgneal@232 744
bgneal@232 745 @login_required
bgneal@232 746 def my_posts(request):
bgneal@232 747 """Displays a list of posts the requesting user made."""
bgneal@232 748 return _user_posts(request, request.user, request.user, 'My Posts')
bgneal@232 749
bgneal@232 750
bgneal@232 751 @login_required
bgneal@232 752 def posts_for_user(request, username):
bgneal@232 753 """Displays a list of posts by the given user.
bgneal@232 754 Only the forums that the requesting user can see are examined.
bgneal@232 755 """
bgneal@232 756 target_user = get_object_or_404(User, username=username)
bgneal@232 757 return _user_posts(request, target_user, request.user, 'Posts by %s' % username)
bgneal@232 758
bgneal@232 759
bgneal@232 760 @login_required
bgneal@232 761 def post_ip_info(request, post_id):
bgneal@232 762 """Displays information about the IP address the post was made from."""
bgneal@232 763 post = get_object_or_404(Post.objects.select_related(), pk=post_id)
bgneal@232 764
bgneal@232 765 if not _can_moderate(post.topic.forum, request.user):
bgneal@232 766 return HttpResponseForbidden("You don't have permission for this post.")
bgneal@232 767
bgneal@232 768 ip_users = sorted(set(Post.objects.filter(
bgneal@232 769 user_ip=post.user_ip).values_list('user__username', flat=True)))
bgneal@232 770
bgneal@232 771 return render_to_response('forums/post_ip.html', {
bgneal@232 772 'post': post,
bgneal@232 773 'ip_users': ip_users,
bgneal@232 774 },
bgneal@232 775 context_instance=RequestContext(request))
bgneal@232 776
bgneal@232 777
bgneal@232 778 def _user_posts(request, target_user, req_user, page_title):
bgneal@232 779 """Displays a list of posts made by the target user.
bgneal@232 780 req_user is the user trying to view the posts. Only the forums
bgneal@232 781 req_user can see are searched.
bgneal@232 782 """
bgneal@232 783 forum_ids = Forum.objects.forum_ids_for_user(req_user)
bgneal@232 784 posts = Post.objects.filter(user=target_user,
bgneal@232 785 topic__forum__id__in=forum_ids).order_by(
bgneal@232 786 '-creation_date').select_related()
bgneal@232 787
bgneal@232 788 paginator = create_post_paginator(posts)
bgneal@232 789 page_num = get_page_num(request)
bgneal@232 790 try:
bgneal@232 791 page = paginator.page(page_num)
bgneal@232 792 except InvalidPage:
bgneal@232 793 raise Http404
bgneal@232 794
bgneal@232 795 # we do this for the template since it is rendered twice
bgneal@232 796 page_nav = render_to_string('forums/pagination.html', {'page': page})
bgneal@232 797
bgneal@232 798 return render_to_response('forums/post_list.html', {
bgneal@232 799 'title': page_title,
bgneal@232 800 'page': page,
bgneal@232 801 'page_nav': page_nav,
bgneal@232 802 },
bgneal@232 803 context_instance=RequestContext(request))
bgneal@232 804
bgneal@232 805
bgneal@232 806 def _can_moderate(forum, user):
bgneal@232 807 """
bgneal@232 808 Determines if a user has permission to moderate a given forum.
bgneal@232 809 """
bgneal@232 810 return user.is_authenticated() and (
bgneal@232 811 user.is_superuser or user in forum.moderators.all())
bgneal@232 812
bgneal@232 813
bgneal@232 814 def _can_post_in_topic(topic, user):
bgneal@232 815 """
bgneal@232 816 This function returns true if the given user can post in the given topic
bgneal@232 817 and false otherwise.
bgneal@232 818 """
bgneal@232 819 return (not topic.locked and topic.forum.category.can_access(user)) or \
bgneal@232 820 (user.is_superuser or user in topic.forum.moderators.all())
bgneal@232 821
bgneal@232 822
bgneal@232 823 def _bump_post_count(user):
bgneal@232 824 """
bgneal@232 825 Increments the forum_post_count for the given user.
bgneal@232 826 """
bgneal@232 827 profile = user.get_profile()
bgneal@232 828 profile.forum_post_count += 1
bgneal@232 829 profile.save()
bgneal@232 830
bgneal@232 831
bgneal@232 832 def _quote_message(who, message):
bgneal@232 833 """
bgneal@232 834 Builds a message reply by quoting the existing message in a
bgneal@232 835 typical email-like fashion. The quoting is compatible with Markdown.
bgneal@232 836 """
bgneal@232 837 header = '*%s wrote:*\n\n' % (who, )
bgneal@232 838 lines = wrap(message, 55).split('\n')
bgneal@232 839 for i, line in enumerate(lines):
bgneal@232 840 lines[i] = '> ' + line
bgneal@232 841 return header + '\n'.join(lines)
bgneal@232 842
bgneal@232 843
bgneal@232 844 def _move_topic(topic, old_forum, new_forum):
bgneal@232 845 if new_forum != old_forum:
bgneal@232 846 topic.forum = new_forum
bgneal@232 847 topic.save()
bgneal@232 848 # Have to adjust foreign keys to last_post, denormalized counts, etc.:
bgneal@232 849 old_forum.sync()
bgneal@232 850 old_forum.save()
bgneal@232 851 new_forum.sync()
bgneal@232 852 new_forum.save()
bgneal@232 853
bgneal@232 854
bgneal@232 855 def _bulk_sticky(forum, topic_ids):
bgneal@232 856 """
bgneal@232 857 Performs a toggle on the sticky status for a given list of topic ids.
bgneal@232 858 """
bgneal@232 859 topics = Topic.objects.filter(pk__in=topic_ids)
bgneal@232 860 for topic in topics:
bgneal@232 861 if topic.forum == forum:
bgneal@232 862 topic.sticky = not topic.sticky
bgneal@232 863 topic.save()
bgneal@232 864
bgneal@232 865
bgneal@232 866 def _bulk_lock(forum, topic_ids):
bgneal@232 867 """
bgneal@232 868 Performs a toggle on the locked status for a given list of topic ids.
bgneal@232 869 """
bgneal@232 870 topics = Topic.objects.filter(pk__in=topic_ids)
bgneal@232 871 for topic in topics:
bgneal@232 872 if topic.forum == forum:
bgneal@232 873 topic.locked = not topic.locked
bgneal@232 874 topic.save()
bgneal@232 875
bgneal@232 876
bgneal@232 877 def _bulk_delete(forum, topic_ids):
bgneal@232 878 """
bgneal@232 879 Deletes the list of topics.
bgneal@232 880 """
bgneal@235 881 # Because we are deleting stuff, retrieve each topic one at a
bgneal@235 882 # time since we are going to be adjusting de-normalized fields
bgneal@235 883 # during deletes. In particular, we can't do this:
bgneal@235 884 # topics = Topic.objects.filter(pk__in=topic_ids).select_related()
bgneal@235 885 # for topic in topics:
bgneal@235 886 # since topic.forum.last_post can go stale after a delete.
bgneal@235 887
bgneal@235 888 for id in topic_ids:
bgneal@235 889 try:
bgneal@235 890 topic = Topic.objects.select_related().get(pk=id)
bgneal@235 891 except Topic.DoesNotExist:
bgneal@235 892 continue
bgneal@235 893 _delete_topic(topic)
bgneal@232 894
bgneal@232 895
bgneal@232 896 def _bulk_move(topic_ids, old_forum, new_forum):
bgneal@232 897 """
bgneal@232 898 Moves the list of topics to a new forum.
bgneal@232 899 """
bgneal@232 900 topics = Topic.objects.filter(pk__in=topic_ids).select_related()
bgneal@232 901 for topic in topics:
bgneal@232 902 if topic.forum == old_forum:
bgneal@232 903 _move_topic(topic, old_forum, new_forum)
bgneal@232 904
bgneal@232 905
bgneal@232 906 def _update_last_visit(user, topic):
bgneal@232 907 """
bgneal@232 908 Does the bookkeeping for the last visit status for the user to the
bgneal@232 909 topic/forum.
bgneal@232 910 """
bgneal@232 911 now = datetime.datetime.now()
bgneal@232 912 try:
bgneal@232 913 flv = ForumLastVisit.objects.get(user=user, forum=topic.forum)
bgneal@232 914 except ForumLastVisit.DoesNotExist:
bgneal@232 915 flv = ForumLastVisit(user=user, forum=topic.forum)
bgneal@232 916 flv.begin_date = now
bgneal@232 917
bgneal@232 918 flv.end_date = now
bgneal@232 919 flv.save()
bgneal@232 920
bgneal@232 921 if topic.update_date > flv.begin_date:
bgneal@232 922 try:
bgneal@232 923 tlv = TopicLastVisit.objects.get(user=user, topic=topic)
bgneal@232 924 except TopicLastVisit.DoesNotExist:
bgneal@232 925 tlv = TopicLastVisit(user=user, topic=topic)
bgneal@232 926
bgneal@232 927 tlv.touch()
bgneal@232 928 tlv.save()
bgneal@232 929
bgneal@232 930
bgneal@232 931 def _split_topic_at(topic, post_id, new_forum, new_name):
bgneal@232 932 """
bgneal@232 933 This function splits the post given by post_id and all posts that come
bgneal@232 934 after it in the given topic to a new topic in a new forum.
bgneal@232 935 It is assumed the caller has been checked for moderator rights.
bgneal@232 936 """
bgneal@232 937 post = get_object_or_404(Post, id=post_id)
bgneal@232 938 if post.topic == topic:
bgneal@232 939 post_ids = Post.objects.filter(topic=topic,
bgneal@232 940 creation_date__gte=post.creation_date).values_list('id', flat=True)
bgneal@232 941 _split_topic(topic, post_ids, new_forum, new_name)
bgneal@232 942
bgneal@232 943
bgneal@232 944 def _split_topic(topic, post_ids, new_forum, new_name):
bgneal@232 945 """
bgneal@232 946 This function splits the posts given by the post_ids list in the
bgneal@232 947 given topic to a new topic in a new forum.
bgneal@232 948 It is assumed the caller has been checked for moderator rights.
bgneal@232 949 """
bgneal@232 950 posts = Post.objects.filter(topic=topic, id__in=post_ids)
bgneal@232 951 if len(posts) > 0:
bgneal@232 952 new_topic = Topic(forum=new_forum, name=new_name, user=posts[0].user)
bgneal@232 953 new_topic.save()
bgneal@232 954 for post in posts:
bgneal@232 955 post.topic = new_topic
bgneal@232 956 post.save()
bgneal@232 957
bgneal@232 958 topic.post_count_update()
bgneal@232 959 topic.save()
bgneal@232 960 new_topic.post_count_update()
bgneal@232 961 new_topic.save()
bgneal@232 962 topic.forum.sync()
bgneal@232 963 topic.forum.save()
bgneal@232 964 new_forum.sync()
bgneal@232 965 new_forum.save()