changeset 432:ca744075e7b7

For #211; limit private message sizes to 8K.
author Brian Neal <bgneal@gmail.com>
date Fri, 06 May 2011 01:41:21 +0000 (2011-05-06)
parents 0d91176cf9b3
children 6663175b659e
files gpp/messages/forms.py
diffstat 1 files changed, 75 insertions(+), 65 deletions(-) [+]
line wrap: on
line diff
--- a/gpp/messages/forms.py	Fri May 06 00:02:55 2011 +0000
+++ b/gpp/messages/forms.py	Fri May 06 01:41:21 2011 +0000
@@ -16,83 +16,93 @@
 from messages.models import Options
 
 
+# Maximum size of a private message in characters
+MESSAGE_MAX = getattr(settings, 'MESSAGES_MAX_SIZE', 8192)
+
+
 class ComposeForm(forms.Form):
-   """
-   This form is used to compose private messages.
-   """
-   receiver = forms.CharField(label='To',
-         max_length=30,
-         widget=AutoCompleteUserInput())
-   subject = forms.CharField(max_length=120, widget=forms.TextInput(attrs={'size': 52}))
-   message = forms.CharField(widget=forms.Textarea(attrs={'class': 'markItUp smileyTarget'}))
-   attach_signature = forms.BooleanField(label='Attach Signature?', required=False)
+    """
+    This form is used to compose private messages.
+    """
+    receiver = forms.CharField(label='To',
+            max_length=30,
+            widget=AutoCompleteUserInput())
+    subject = forms.CharField(max_length=120, widget=forms.TextInput(attrs={'size': 52}))
+    message = forms.CharField(widget=forms.Textarea(attrs={'class': 'markItUp smileyTarget'}))
+    attach_signature = forms.BooleanField(label='Attach Signature?', required=False)
 
-   def __init__(self, user, *args, **kwargs):
-      forms.Form.__init__(self, *args, **kwargs)
-      self.user = user
-      options = Options.objects.for_user(user)
-      self.fields['attach_signature'].initial = options.attach_signature
+    def __init__(self, user, *args, **kwargs):
+        forms.Form.__init__(self, *args, **kwargs)
+        self.user = user
+        options = Options.objects.for_user(user)
+        self.fields['attach_signature'].initial = options.attach_signature
 
-   def clean_receiver(self):
-      receiver = self.cleaned_data['receiver']
-      try:
-         self.rcvr_user = User.objects.get(username=receiver)
-      except User.DoesNotExist:
-         raise forms.ValidationError("That username does not exist.")
-      if self.user == self.rcvr_user:
-         raise forms.ValidationError("You can't send a message to yourself.")
-      return receiver
+    def clean_receiver(self):
+        receiver = self.cleaned_data['receiver']
+        try:
+            self.rcvr_user = User.objects.get(username=receiver)
+        except User.DoesNotExist:
+            raise forms.ValidationError("That username does not exist.")
+        if self.user == self.rcvr_user:
+            raise forms.ValidationError("You can't send a message to yourself.")
+        return receiver
 
-   def save(self, parent_msg=None):
-      sender = self.user
-      receiver = self.rcvr_user
-      subject = self.cleaned_data['subject']
-      message = self.cleaned_data['message']
-      attach_signature = self.cleaned_data['attach_signature']
+    def clean_message(self):
+        msg = self.cleaned_data['message']
+        if len(msg) > MESSAGE_MAX:
+            raise forms.ValidationError("Your message is too long. Please trim some text.")
+        return msg
 
-      new_msg = Message(
-         sender=sender,
-         receiver=receiver,
-         subject=subject,
-         message=message,
-         signature_attached=attach_signature,
-      )
-      new_msg.save()
-      if parent_msg is not None:
-         parent_msg.reply_date = new_msg.send_date
-         parent_msg.save()
+    def save(self, parent_msg=None):
+        sender = self.user
+        receiver = self.rcvr_user
+        subject = self.cleaned_data['subject']
+        message = self.cleaned_data['message']
+        attach_signature = self.cleaned_data['attach_signature']
 
-      receiver_opts = Options.objects.for_user(receiver)
-      if receiver_opts.notify_email:
-         notify_receiver(new_msg)
+        new_msg = Message(
+            sender=sender,
+            receiver=receiver,
+            subject=subject,
+            message=message,
+            signature_attached=attach_signature,
+        )
+        new_msg.save()
+        if parent_msg is not None:
+            parent_msg.reply_date = new_msg.send_date
+            parent_msg.save()
 
-   class Media:
-      css = {
-          'all': (settings.GPP_THIRD_PARTY_CSS['markitup'] +
-                  settings.GPP_THIRD_PARTY_CSS['jquery-ui'])
-      }
-      js = (settings.GPP_THIRD_PARTY_JS['markitup'] +
-            settings.GPP_THIRD_PARTY_JS['jquery-ui'])
+        receiver_opts = Options.objects.for_user(receiver)
+        if receiver_opts.notify_email:
+            notify_receiver(new_msg)
+
+    class Media:
+        css = {
+             'all': (settings.GPP_THIRD_PARTY_CSS['markitup'] +
+                        settings.GPP_THIRD_PARTY_CSS['jquery-ui'])
+        }
+        js = (settings.GPP_THIRD_PARTY_JS['markitup'] +
+                settings.GPP_THIRD_PARTY_JS['jquery-ui'])
 
 
 class OptionsForm(forms.ModelForm):
-   class Meta:
-      model = Options
+    class Meta:
+        model = Options
 
 
 def notify_receiver(new_msg):
-   """
-   This function creates the notification email to notify a user of
-   a new private message.
-   """
-   site = Site.objects.get_current()
+    """
+    This function creates the notification email to notify a user of
+    a new private message.
+    """
+    site = Site.objects.get_current()
 
-   email_body = render_to_string('messages/notification_email.txt', {
-            'site': site,
-            'msg': new_msg,
-            'options_url': reverse('messages-options'),
-         })
+    email_body = render_to_string('messages/notification_email.txt', {
+                'site': site,
+                'msg': new_msg,
+                'options_url': reverse('messages-options'),
+            })
 
-   subject = 'New private message for %s at %s' % (new_msg.receiver.username, site.name)
-   from_email = settings.GPP_NO_REPLY_EMAIL + '@' + site.domain
-   send_mail(subject, email_body, from_email, [new_msg.receiver.email])
+    subject = 'New private message for %s at %s' % (new_msg.receiver.username, site.name)
+    from_email = settings.GPP_NO_REPLY_EMAIL + '@' + site.domain
+    send_mail(subject, email_body, from_email, [new_msg.receiver.email])