annotate gpp/core/views.py @ 322:c3d3d7114749

Fix #148; Django now requires AJAX posts to present the CSRF token. Added code suggested by Django docs to shoutbox.js. Since shoutbox.js is on every page, it should cover all cases.
author Brian Neal <bgneal@gmail.com>
date Sat, 12 Feb 2011 21:37:17 +0000
parents be3fff614b93
children
rev   line source
bgneal@127 1 """
bgneal@127 2 Views for the core application. These are mainly shared, common views
bgneal@127 3 used by multiple applications.
bgneal@127 4 """
bgneal@149 5 from django.contrib.auth.models import User
bgneal@149 6 from django.http import HttpResponse
bgneal@127 7 from django.shortcuts import render_to_response
bgneal@127 8 from django.template import RequestContext
bgneal@127 9 from django.contrib.auth.decorators import login_required
bgneal@127 10 from django.views.decorators.http import require_GET
bgneal@186 11 import django.utils.simplejson as json
bgneal@186 12
bgneal@127 13
bgneal@127 14 @login_required
bgneal@127 15 @require_GET
bgneal@127 16 def markdown_help(request):
bgneal@127 17 """
bgneal@127 18 This view provides the Markdown help cheat sheet. It is expected
bgneal@127 19 to be called via AJAX.
bgneal@127 20 """
bgneal@127 21 return render_to_response('core/markdown_help.html')
bgneal@149 22
bgneal@149 23
bgneal@149 24 def ajax_users(request):
bgneal@149 25 """
bgneal@186 26 If the user is authenticated, return a JSON array of strings of usernames
bgneal@186 27 whose names start with the 'q' GET parameter, limited by the 'limit' GET
bgneal@186 28 parameter. Only active usernames are returned.
bgneal@186 29 If the user is not authenticated, return an empty array.
bgneal@149 30 """
bgneal@149 31 q = request.GET.get('q', None)
bgneal@186 32 if q is None or not request.user.is_authenticated():
bgneal@186 33 return HttpResponse(json.dumps([]), content_type='application/json')
bgneal@149 34
bgneal@186 35 limit = int(request.GET.get('limit', 10))
bgneal@186 36 users = User.objects.filter(is_active=True,
bgneal@186 37 username__istartswith=q).values_list('username', flat=True)[:limit]
bgneal@186 38 return HttpResponse(json.dumps(list(users)), content_type='application/json')