view gpp/polls/views.py @ 507:8631d32e6b16

Some users are still having problems with the pop-up login. I think they are actually getting 403s because of the CSRF protection. So I have modified the base template to always have a javascript variable called csrf_token available when they aren't logged in. The ajax_login.js script was then modified to send this value with the ajax post. Fingers crossed.
author Brian Neal <bgneal@gmail.com>
date Sun, 04 Dec 2011 03:05:21 +0000
parents 8f46ba2f1b81
children
line wrap: on
line source
"""
Views for the polls application.

"""
import datetime

from django.shortcuts import render
from django.contrib.auth.decorators import login_required
from django.shortcuts import get_object_or_404
from django.http import Http404
from django.http import HttpResponseRedirect
from django.core.urlresolvers import reverse
from django.views.decorators.http import require_POST
from django.db.models import F

from polls.models import Poll
from polls.models import Choice
from polls.forms import VoteForm

#######################################################################

def get_user_choice(user, poll):
    """
    Return the Choice object the given user voted for from the given poll,
    or None if no vote has been recorded (or the user is not authenticated.

    """
    user_choice = None
    if user.is_authenticated():
        user_choices = user.choice_set.filter(poll=poll)
        if user_choices:
            user_choice = user_choices[0]

    return user_choice

#######################################################################

def poll_index(request):
    current_polls = Poll.objects.get_current_polls()
    old_polls = Poll.objects.get_old_polls()
    return render(request, 'polls/index.html', {
        'current_polls': current_polls,
        'old_polls': old_polls,
        })

#######################################################################

def poll_detail(request, poll_id):
    poll = get_object_or_404(Poll, pk=poll_id)
    if not poll.is_enabled or poll.start_date > datetime.datetime.now():
        raise Http404

    total_votes, choices = poll.results()

    return render(request, 'polls/poll_detail.html', {
        'poll': poll,
        'total_votes': total_votes,
        'choices': choices,
        'user_choice': get_user_choice(request.user, poll),
        })

#######################################################################

@login_required
def poll_vote(request, poll_id):
    poll = get_object_or_404(Poll, pk=poll_id)
    if not poll.is_enabled:
        raise Http404
    if not poll.is_open():
        return HttpResponseRedirect(reverse('polls-detail',
                                            kwargs={'poll_id': poll_id}))

    user_choice = get_user_choice(request.user, poll)

    if request.method == "POST":
        vote_form = VoteForm(poll, request.POST, user=request.user,
                             user_choice=user_choice)
        if vote_form.is_valid():
            vote_form.save()
            return HttpResponseRedirect(reverse('polls-detail',
                                                kwargs={'poll_id': poll_id}))
    else:
        vote_form = VoteForm(poll)

    return render(request, 'polls/poll_vote.html', {
        'poll': poll,
        'vote_form': vote_form,
        'user_choice': user_choice,
        })

#######################################################################

@require_POST
@login_required
def poll_delete_vote(request):
    poll = get_object_or_404(Poll, pk=request.POST.get('poll_id'))
    user_choice = get_user_choice(request.user, poll)
    if user_choice:
        Choice.objects.filter(id=user_choice.id).update(votes=F('votes') - 1)
        user_choice.voters.remove(request.user)

    return HttpResponseRedirect(reverse('polls-detail', kwargs={'poll_id': poll.id}))