diff forums/forms.py @ 955:71a671dab55d

First commit of whitelisting image hosts. This is behind a feature flag courtesy of waffle.
author Brian Neal <bgneal@gmail.com>
date Wed, 03 Jun 2015 21:13:08 -0500
parents 5366c29d6dce
children
line wrap: on
line diff
--- a/forums/forms.py	Tue May 26 20:40:31 2015 -0500
+++ b/forums/forms.py	Wed Jun 03 21:13:08 2015 -0500
@@ -7,12 +7,15 @@
 from django import forms
 from django.conf import settings
 
+from core.markup import site_markup
 from forums.models import Forum
 from forums.models import Topic
 from forums.models import Post
 from forums.attachments import AttachmentProcessor
 import forums.permissions as perms
 from forums.signals import notify_new_topic, notify_new_post
+from core.html import ImageCheckError
+from core.html import image_check
 
 
 FORUMS_FORM_CSS = {
@@ -117,7 +120,7 @@
             raise forms.ValidationError("This field is required.")
         return data
 
-    def save(self, ip=None):
+    def save(self, ip=None, html=None):
         """
         Creates the new Topic and first Post from the form data and supplied
         arguments.
@@ -133,7 +136,7 @@
                 user=self.user,
                 body=self.cleaned_data['body'],
                 user_ip=ip)
-        post.save()
+        post.save(html=html)
 
         self.attach_proc.save_attachments(post)
 
@@ -143,6 +146,23 @@
         return topic
 
 
+class NewTopicFormS3(NewTopicForm):
+    """Form for ensuring image sources come from a white-listed set of
+    sources.
+    """
+    def clean_body(self):
+        body_data = self.cleaned_data['body']
+        self.body_html = site_markup(body_data)
+        try:
+            image_check(self.body_html)
+        except ImageCheckError as ex:
+            raise forms.ValidationError(str(ex))
+        return body_data
+
+    def save(self, ip=None):
+        return super(NewTopicFormS3, self).save(ip, html=self.body_html)
+
+
 class PostForm(forms.ModelForm):
     """
     Form for editing an existing post or a new, non-quick post.