2008-08-26 06:14:22 +08:00
|
|
|
from django import http
|
|
|
|
|
from django.conf import settings
|
|
|
|
|
from utils import next_redirect, confirmation_view
|
2006-05-02 09:31:56 +08:00
|
|
|
from django.core.exceptions import ObjectDoesNotExist
|
2008-08-26 06:14:22 +08:00
|
|
|
from django.db import models
|
2006-05-02 09:31:56 +08:00
|
|
|
from django.shortcuts import render_to_response
|
|
|
|
|
from django.template import RequestContext
|
2008-08-26 06:14:22 +08:00
|
|
|
from django.template.loader import render_to_string
|
|
|
|
|
from django.utils.html import escape
|
|
|
|
|
from django.contrib import comments
|
|
|
|
|
from django.contrib.comments import signals
|
2008-07-19 07:54:34 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
class CommentPostBadRequest(http.HttpResponseBadRequest):
|
2008-07-19 07:54:34 +08:00
|
|
|
"""
|
2008-08-26 06:14:22 +08:00
|
|
|
Response returned when a comment post is invalid. If ``DEBUG`` is on a
|
|
|
|
|
nice-ish error message will be displayed (for debugging purposes), but in
|
|
|
|
|
production mode a simple opaque 400 page will be displayed.
|
2008-07-19 07:54:34 +08:00
|
|
|
"""
|
2008-08-26 06:14:22 +08:00
|
|
|
def __init__(self, why):
|
|
|
|
|
super(CommentPostBadRequest, self).__init__()
|
|
|
|
|
if settings.DEBUG:
|
|
|
|
|
self.content = render_to_string("comments/400-debug.html", {"why": why})
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
def post_comment(request, next=None):
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2008-08-26 06:14:22 +08:00
|
|
|
Post a comment.
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
|
|
|
|
|
errors a preview template, ``comments/preview.html``, will be rendered.
|
2005-07-13 09:25:57 +08:00
|
|
|
"""
|
2008-08-26 06:14:22 +08:00
|
|
|
|
|
|
|
|
# Require POST
|
|
|
|
|
if request.method != 'POST':
|
|
|
|
|
return http.HttpResponseNotAllowed(["POST"])
|
|
|
|
|
|
|
|
|
|
# Fill out some initial data fields from an authenticated user, if present
|
|
|
|
|
data = request.POST.copy()
|
|
|
|
|
if request.user.is_authenticated():
|
2008-08-31 05:30:02 +08:00
|
|
|
if not data.get('name', ''):
|
2008-08-26 06:14:22 +08:00
|
|
|
data["name"] = request.user.get_full_name()
|
2008-08-31 05:30:02 +08:00
|
|
|
if not data.get('email', ''):
|
2008-08-26 06:14:22 +08:00
|
|
|
data["email"] = request.user.email
|
|
|
|
|
|
|
|
|
|
# Look up the object we're trying to comment about
|
|
|
|
|
ctype = data.get("content_type")
|
|
|
|
|
object_pk = data.get("object_pk")
|
|
|
|
|
if ctype is None or object_pk is None:
|
|
|
|
|
return CommentPostBadRequest("Missing content_type or object_pk field.")
|
2005-07-13 09:25:57 +08:00
|
|
|
try:
|
2008-08-26 06:14:22 +08:00
|
|
|
model = models.get_model(*ctype.split(".", 1))
|
|
|
|
|
target = model._default_manager.get(pk=object_pk)
|
|
|
|
|
except TypeError:
|
|
|
|
|
return CommentPostBadRequest(
|
|
|
|
|
"Invalid content_type value: %r" % escape(ctype))
|
|
|
|
|
except AttributeError:
|
|
|
|
|
return CommentPostBadRequest(
|
|
|
|
|
"The given content-type %r does not resolve to a valid model." % \
|
|
|
|
|
escape(ctype))
|
2005-07-13 09:25:57 +08:00
|
|
|
except ObjectDoesNotExist:
|
2008-08-26 06:14:22 +08:00
|
|
|
return CommentPostBadRequest(
|
|
|
|
|
"No object matching content-type %r and object PK %r exists." % \
|
|
|
|
|
(escape(ctype), escape(object_pk)))
|
|
|
|
|
|
|
|
|
|
# Do we want to preview the comment?
|
|
|
|
|
preview = data.get("submit", "").lower() == "preview" or \
|
|
|
|
|
data.get("preview", None) is not None
|
|
|
|
|
|
|
|
|
|
# Construct the comment form
|
|
|
|
|
form = comments.get_form()(target, data=data)
|
|
|
|
|
|
|
|
|
|
# Check security information
|
|
|
|
|
if form.security_errors():
|
|
|
|
|
return CommentPostBadRequest(
|
|
|
|
|
"The comment form failed security verification: %s" % \
|
|
|
|
|
escape(str(form.security_errors())))
|
|
|
|
|
|
|
|
|
|
# If there are errors or if we requested a preview show the comment
|
|
|
|
|
if form.errors or preview:
|
|
|
|
|
template_list = [
|
|
|
|
|
"comments/%s_%s_preview.html" % tuple(str(model._meta).split(".")),
|
|
|
|
|
"comments/%s_preview.html" % model._meta.app_label,
|
|
|
|
|
"comments/preview.html",
|
|
|
|
|
]
|
|
|
|
|
return render_to_response(
|
|
|
|
|
template_list, {
|
|
|
|
|
"comment" : form.data.get("comment", ""),
|
|
|
|
|
"form" : form,
|
|
|
|
|
},
|
|
|
|
|
RequestContext(request, {})
|
|
|
|
|
)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
# Otherwise create the comment
|
|
|
|
|
comment = form.get_comment_object()
|
|
|
|
|
comment.ip_address = request.META.get("REMOTE_ADDR", None)
|
|
|
|
|
if request.user.is_authenticated():
|
|
|
|
|
comment.user = request.user
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
# Signal that the comment is about to be saved
|
2008-08-27 02:53:52 +08:00
|
|
|
responses = signals.comment_will_be_posted.send(
|
|
|
|
|
sender = comment.__class__,
|
|
|
|
|
comment = comment,
|
|
|
|
|
request = request
|
|
|
|
|
)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
for (receiver, response) in responses:
|
|
|
|
|
if response == False:
|
|
|
|
|
return CommentPostBadRequest(
|
|
|
|
|
"comment_will_be_posted receiver %r killed the comment" % receiver.__name__)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
2008-08-26 06:14:22 +08:00
|
|
|
# Save the comment and signal that it was saved
|
|
|
|
|
comment.save()
|
2008-08-27 02:53:52 +08:00
|
|
|
signals.comment_was_posted.send(
|
|
|
|
|
sender = comment.__class__,
|
|
|
|
|
comment = comment,
|
|
|
|
|
request = request
|
|
|
|
|
)
|
2008-08-26 06:14:22 +08:00
|
|
|
|
|
|
|
|
return next_redirect(data, next, comment_done, c=comment._get_pk_val())
|
|
|
|
|
|
|
|
|
|
comment_done = confirmation_view(
|
|
|
|
|
template = "comments/posted.html",
|
|
|
|
|
doc = """Display a "comment was posted" success page."""
|
|
|
|
|
)
|
2005-07-13 09:25:57 +08:00
|
|
|
|
