Mercurial > public > sg101
comparison forums/forms.py @ 955:71a671dab55d
First commit of whitelisting image hosts.
This is behind a feature flag courtesy of waffle.
| author | Brian Neal <bgneal@gmail.com> |
|---|---|
| date | Wed, 03 Jun 2015 21:13:08 -0500 |
| parents | 5366c29d6dce |
| children |
comparison
equal
deleted
inserted
replaced
| 954:e56455f4626b | 955:71a671dab55d |
|---|---|
| 5 from collections import OrderedDict | 5 from collections import OrderedDict |
| 6 | 6 |
| 7 from django import forms | 7 from django import forms |
| 8 from django.conf import settings | 8 from django.conf import settings |
| 9 | 9 |
| 10 from core.markup import site_markup | |
| 10 from forums.models import Forum | 11 from forums.models import Forum |
| 11 from forums.models import Topic | 12 from forums.models import Topic |
| 12 from forums.models import Post | 13 from forums.models import Post |
| 13 from forums.attachments import AttachmentProcessor | 14 from forums.attachments import AttachmentProcessor |
| 14 import forums.permissions as perms | 15 import forums.permissions as perms |
| 15 from forums.signals import notify_new_topic, notify_new_post | 16 from forums.signals import notify_new_topic, notify_new_post |
| 17 from core.html import ImageCheckError | |
| 18 from core.html import image_check | |
| 16 | 19 |
| 17 | 20 |
| 18 FORUMS_FORM_CSS = { | 21 FORUMS_FORM_CSS = { |
| 19 'all': (settings.GPP_THIRD_PARTY_CSS['markitup'] + | 22 'all': (settings.GPP_THIRD_PARTY_CSS['markitup'] + |
| 20 settings.GPP_THIRD_PARTY_CSS['jquery-ui']) | 23 settings.GPP_THIRD_PARTY_CSS['jquery-ui']) |
| 115 data = self.cleaned_data['body'] | 118 data = self.cleaned_data['body'] |
| 116 if not data and not self.attach_proc.has_attachments(): | 119 if not data and not self.attach_proc.has_attachments(): |
| 117 raise forms.ValidationError("This field is required.") | 120 raise forms.ValidationError("This field is required.") |
| 118 return data | 121 return data |
| 119 | 122 |
| 120 def save(self, ip=None): | 123 def save(self, ip=None, html=None): |
| 121 """ | 124 """ |
| 122 Creates the new Topic and first Post from the form data and supplied | 125 Creates the new Topic and first Post from the form data and supplied |
| 123 arguments. | 126 arguments. |
| 124 """ | 127 """ |
| 125 topic = Topic(forum=self.forum, | 128 topic = Topic(forum=self.forum, |
| 131 | 134 |
| 132 post = Post(topic=topic, | 135 post = Post(topic=topic, |
| 133 user=self.user, | 136 user=self.user, |
| 134 body=self.cleaned_data['body'], | 137 body=self.cleaned_data['body'], |
| 135 user_ip=ip) | 138 user_ip=ip) |
| 136 post.save() | 139 post.save(html=html) |
| 137 | 140 |
| 138 self.attach_proc.save_attachments(post) | 141 self.attach_proc.save_attachments(post) |
| 139 | 142 |
| 140 notify_new_topic(topic) | 143 notify_new_topic(topic) |
| 141 notify_new_post(post) | 144 notify_new_post(post) |
| 142 | 145 |
| 143 return topic | 146 return topic |
| 147 | |
| 148 | |
| 149 class NewTopicFormS3(NewTopicForm): | |
| 150 """Form for ensuring image sources come from a white-listed set of | |
| 151 sources. | |
| 152 """ | |
| 153 def clean_body(self): | |
| 154 body_data = self.cleaned_data['body'] | |
| 155 self.body_html = site_markup(body_data) | |
| 156 try: | |
| 157 image_check(self.body_html) | |
| 158 except ImageCheckError as ex: | |
| 159 raise forms.ValidationError(str(ex)) | |
| 160 return body_data | |
| 161 | |
| 162 def save(self, ip=None): | |
| 163 return super(NewTopicFormS3, self).save(ip, html=self.body_html) | |
| 144 | 164 |
| 145 | 165 |
| 146 class PostForm(forms.ModelForm): | 166 class PostForm(forms.ModelForm): |
| 147 """ | 167 """ |
| 148 Form for editing an existing post or a new, non-quick post. | 168 Form for editing an existing post or a new, non-quick post. |