From 152e2ab0a68d0eea06332700381b73c509b05d42 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Gr=C3=A9gory=20Soutad=C3=A9?= Date: Mon, 24 Dec 2012 16:34:30 +0100 Subject: [PATCH] Do a lot of little modification (remove most of unused comments) --- forms.py | 2 +- static/css/dynastie.css | 5 ++ templates/base.html | 2 + templates/edit_user.html | 5 +- templates/view_blog.html | 3 + views.py | 170 +++++++++++++++++---------------------- 6 files changed, 87 insertions(+), 100 deletions(-) diff --git a/forms.py b/forms.py index 21c3d5e..bc36b67 100644 --- a/forms.py +++ b/forms.py @@ -27,7 +27,7 @@ class CategoryForm(ModelForm): class UserForm(ModelForm): class Meta: model = User - exclude = ('is_staff', 'is_active', 'last_login', 'last_joined', 'user_permissions', 'groups', 'date_joined') + exclude = ('is_staff', 'is_active', 'last_login', 'last_joined', 'user_permissions', 'groups', 'date_joined', 'password') class CommentForm(ModelForm): class Meta: diff --git a/static/css/dynastie.css b/static/css/dynastie.css index e69de29..f655369 100644 --- a/static/css/dynastie.css +++ b/static/css/dynastie.css @@ -0,0 +1,5 @@ +.edited +{ + color:green; + font-weight:bold; +} \ No newline at end of file diff --git a/templates/base.html b/templates/base.html index 5ab0eb1..f685cc9 100644 --- a/templates/base.html +++ b/templates/base.html @@ -2,6 +2,8 @@ Dynastie {% block head %} {% endblock %} + + Users Blogs Disconnect

diff --git a/templates/edit_user.html b/templates/edit_user.html index 91d10b9..5b9b0bd 100644 --- a/templates/edit_user.html +++ b/templates/edit_user.html @@ -2,13 +2,14 @@ {% block content %} {% if edited %} -

User successfuly updated

+

User successfuly updated

{% endif %} {% if user.is_superuser or user.id == user_to_edit.id %}
{% csrf_token %} {{ form.as_p }} - +

+{% if user.is_superuser %}{% endif %}
{% else %}
diff --git a/templates/view_blog.html b/templates/view_blog.html index d0ae6f1..dc17e74 100644 --- a/templates/view_blog.html +++ b/templates/view_blog.html @@ -2,6 +2,9 @@ {% block content %} Home Categories Tags +{% if edited %} +

Blog successfuly updated

+{% endif %} {% if user.is_superuser %} {% csrf_token %} diff --git a/views.py b/views.py index 6d37664..80c6d03 100644 --- a/views.py +++ b/views.py @@ -101,8 +101,7 @@ def index(request): def disconnect(request): logout(request) - c = {'auth_key': 'AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA',\ - 'login_failed' : False} + c = {'login_failed' : False} return HttpResponseRedirect('/') @login_required @@ -118,25 +117,21 @@ def add_user(request): if not request.user.is_superuser: return HttpResponseRedirect('/user') - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'add' in request.POST: - form = UserForm(request.POST) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = UserForm(request.POST) + if form.is_valid(): form = form.save() user = User.objects.get(pk=form.id) user.set_password(request.POST['password']) user.save() - # Process the data in form.cleaned_data - # ... - return HttpResponseRedirect('/user') # Redirect after POST + return HttpResponseRedirect('/user') else: - return HttpResponseRedirect('/user') # Redirect after POST + return HttpResponseRedirect('/user') else: - form = UserForm() # An unbound form + form = UserForm() - return render(request, 'add_user.html', { - 'form': form, - }) + return render(request, 'add_user.html', {'form': form}) @login_required def edit_user(request, user_id): @@ -147,12 +142,12 @@ def edit_user(request, user_id): edited = False - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if int(user_id) != int(request.user.id) and (not request.user.is_superuser): return HttpResponseRedirect('/user') if 'edit' in request.POST: - form = UserForm(request.POST, instance=user, initial={'password':''}) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = UserForm(request.POST, instance=user, initial={'password':''}) + if form.is_valid(): form.save() if request.POST['password'] != '': user.set_password(request.POST['password']) @@ -165,7 +160,7 @@ def edit_user(request, user_id): if 'cancel' in request.POST: return HttpResponseRedirect('/user') else: - form = UserForm(instance=user, initial={'password':''}) # An unbound form + form = UserForm(instance=user, initial={'password':''}) c = {'user_to_edit' : user, 'form' : form, 'edited' : edited} @@ -185,23 +180,19 @@ def category(request, blog_id): def add_category(request, blog_id): b,_ = have_I_right(request, blog_id) - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'add' in request.POST: - form = CategoryForm(request.POST) # A form bound to the POST data + form = CategoryForm(request.POST) form.blog = b - if form.is_valid(): # All validation rules pass + if form.is_valid(): form = form.save() - # Process the data in form.cleaned_data - # ... return HttpResponseRedirect('/category/' + str(b.id)) else: return HttpResponseRedirect('/category/' + str(b.id)) else: - form = CategoryForm() # An unbound form + form = CategoryForm() - return render(request, 'add_category.html', { - 'form': form, - }) + return render(request, 'add_category.html', {'form': form}) @login_required def edit_category(request, category_id): @@ -212,20 +203,20 @@ def edit_category(request, category_id): b,_ = have_I_right(request, category.blog.id) - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'cancel' in request.POST: - return HttpResponseRedirect('/category' + str(b.id)) + return HttpResponseRedirect('/category/' + str(b.id)) if 'edit' in request.POST: name = category.name name = name.strip() - form = CategoryForm(request.POST, instance=category) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = CategoryForm(request.POST, instance=category) + if form.is_valid(): if request.POST['name'] != name: category.remove(b) form.save() return HttpResponseRedirect('/category/' + str(b.id)) else: - form = CategoryForm(instance=category) # An unbound form + form = CategoryForm(instance=category) c = {'category' : category, 'form' : form} @@ -264,19 +255,19 @@ def edit_tag(request, tag_id): b,_ = have_I_right(request, tag.blog.id) - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'cancel' in request.POST: - return HttpResponseRedirect('/blog/' + str(b.id)) + return HttpResponseRedirect('/tag/' + str(b.id)) if 'edit' in request.POST: name = tag.name - form = TagForm(request.POST, instance=tag) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = TagForm(request.POST, instance=tag) + if form.is_valid(): if request.POST['name'] != name: tag.remove(b) form.save() - return HttpResponseRedirect('/blog/' + str(b.id)) + return HttpResponseRedirect('/tag/' + str(b.id)) else: - form = TagForm(instance=tag) # An unbound form + form = TagForm(instance=tag) c = {'tag' : tag, 'form' : form} @@ -294,7 +285,7 @@ def delete_tag(request, tag_id): tag.remove(b) tag.delete() - return HttpResponseRedirect('/blog/' + str(b.id)) + return HttpResponseRedirect('/tag/' + str(b.id)) @login_required def blog(request): @@ -312,27 +303,26 @@ def add_blog(request): if not request.user.is_superuser: return HttpResponseRedirect('/blog') - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'add' in request.POST: - form = BlogForm(request.POST) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = BlogForm(request.POST) + if form.is_valid(): form = form.save() form.create() - return HttpResponseRedirect('/blog') # Redirect after POST + return HttpResponseRedirect('/blog') else: - return HttpResponseRedirect('/blog') # Redirect after POST + return HttpResponseRedirect('/blog') else: - form = BlogForm() # An unbound form + form = BlogForm() - return render(request, 'add_blog.html', { - 'form': form, - }) + return render(request, 'add_blog.html', {'form': form}) @login_required def view_blog(request, blog_id): b,_ = have_I_right(request, blog_id) - count = Post.objects.filter(blog=b).count() + posts = Post.objects.filter(blog=b) + count = posts.count() nb_pages = int(count/50) if 'page' in request.GET: cur_page = int(request.GET['page']) @@ -342,6 +332,7 @@ def view_blog(request, blog_id): else: cur_page = 0 + # Prevent error injection if cur_page < 0 : cur_page = 0 if cur_page > nb_pages : cur_page = nb_pages-1 @@ -350,7 +341,7 @@ def view_blog(request, blog_id): start = cur_page * 50 end = start + 50 - posts = Post.objects.filter(blog=b).order_by('-creation_date')[start:end] + posts = posts.order_by('-creation_date')[start:end] form = BlogForm(instance=b) comments = Comment.objects.all() @@ -378,22 +369,25 @@ def edit_blog(request, blog_id): if b is None: raise Http404 - if request.method == 'POST': # If the form has been submitted... + edited = False + + if request.method == 'POST': if 'edit' in request.POST: - form = BlogForm(request.POST, instance=b) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = BlogForm(request.POST, instance=b) + if form.is_valid(): form.save() + edited = True else: if 'delete' in request.POST: b = Blog.objects.get(pk=blog_id) b.delete() return HttpResponseRedirect('/blog') else: - form = BlogForm(instance=b) # An unbound form + form = BlogForm(instance=b) posts = Post.objects.filter(blog=b).order_by('-creation_date') - c = {'blog' : b, 'posts' : posts, 'form' : form} + c = {'blog' : b, 'posts' : posts, 'form' : form, 'edited' : edited} return render(request, 'templates/view_blog.html', c) @@ -401,28 +395,24 @@ def edit_blog(request, blog_id): def add_post(request, blog_id): (b,_) = have_I_right(request, blog_id) - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'add' in request.POST: post = Post(blog=Blog.objects.get(pk=blog_id), author=User.objects.get(pk=request.user.id), creation_date=datetime.now(), modification_date=datetime.now()) content = request.POST['content'] # del request.POST['content'] - form = PostForm(request.POST, instance=post) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = PostForm(request.POST, instance=post) + if form.is_valid(): form = form.save() form.createPost(content, request.POST['text_tags']) s = Search() s.index_post(b, form.id) - # Process the data in form.cleaned_data - # ... - return HttpResponseRedirect('/blog/' + blog_id) # Redirect after POST + return HttpResponseRedirect('/blog/' + blog_id) else: - return HttpResponseRedirect('/blog/' + blog_id) # Redirect after POST + return HttpResponseRedirect('/blog/' + blog_id) else: - form = PostForm() # An unbound form + form = PostForm() - return render(request, 'add_post.html', { - 'form': form, 'blog_id' : blog_id - }) + return render(request, 'add_post.html', {'form': form, 'blog_id' : blog_id}) @login_required def edit_post(request, post_id): @@ -431,24 +421,22 @@ def edit_post(request, post_id): title = post.title blog_id = b.id - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'edit' in request.POST: - form = PostForm(request.POST, instance=post) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = PostForm(request.POST, instance=post) + if form.is_valid(): if title != request.POST['title']: post.remove() form.save() post.createPost(request.POST['content'], request.POST['text_tags']) s = Search() s.edit_post(b, post_id) - # Process the data in form.cleaned_data - # ... - return HttpResponseRedirect('/blog/' + str(blog_id)) # Redirect after POST + return HttpResponseRedirect('/blog/' + str(blog_id)) else: if 'cancel' in request.POST: - return HttpResponseRedirect('/blog/' + str(blog_id)) # Redirect after POST + return HttpResponseRedirect('/blog/' + str(blog_id)) else: - form = PostForm(instance=post, initial={'text_tags':', '.join((tag.name) for tag in post.tags.all())}) # An unbound form + form = PostForm(instance=post, initial={'text_tags':', '.join((tag.name) for tag in post.tags.all())}) b.create_paths() filename = b.src_path + '/_post/' + str(post.pk) @@ -474,7 +462,7 @@ def delete_post(request, post_id): (b, post) = have_I_right(request, None, post_id) s = Search() - s.edit_post(b, post_id) + s.delete_post(b, post_id) post.delete() @@ -483,9 +471,9 @@ def delete_post(request, post_id): def _generate(request, blog_id, report): b,_ = have_I_right(request, blog_id) - count = Post.objects.filter(blog=b).count() - nb_pages = int(count/50) - posts = Post.objects.filter(blog=b).order_by('-creation_date')[0:50] + posts = Post.objects.filter(blog=b).order_by('-creation_date') + nb_pages = int(posts.count()/50) + posts = posts[0:50] b = Blog.objects.get(pk=blog_id) form = BlogForm(instance=b) @@ -555,19 +543,20 @@ def search(request, blog_id): c = {'result' : res} + # Simple wrapper to HTML content return render(request, 'templates/search.html', c) @login_required def preview(request, blog_id): from dynastie.generators import post + (b, p) = have_I_right(request, blog_id) + values = {'title' : request.POST['title'], \ 'author' : request.user.first_name + ' ' + request.user.last_name, \ 'content' : request.POST['content'] } - (b, p) = have_I_right(request, blog_id) - b.create_paths() engine = globals()['post'] @@ -604,7 +593,6 @@ def _tinymcelist(request, b, year, month): suffix = '/images/' + str(year) + '/' + str(month) path = b.src_path + '/' + suffix - # url = 'http://' + 'localhost:8080' + '/' + suffix + '/' url = 'http://' + b.name + '/' + suffix + '/' if os.path.exists(path): @@ -661,26 +649,20 @@ def add_comment(request, post_id, parent_id): post = Post.objects.get(pk=post_id) if post is None: - print 'no post' return HttpResponseRedirect(ref) blog = Blog.objects.get(pk=post.blog_id) if blog is None: - print 'no blog ' + str(post.blog.id) return HttpResponseRedirect(ref) parent_id = int(parent_id) if parent_id != 0: parentComment = Comment.objects.get(pk=parent_id) - if parentComment is None: - print 'no parent' - return HttpResponseRedirect(ref) else: parentComment = None if request.POST['author'] == '' or request.POST['the_comment'] == '': - print 'Error on author or the_comment' return HttpResponseRedirect(ref) # Behind nginx proxy @@ -689,7 +671,6 @@ def add_comment(request, post_id, parent_id): else: ip = request.META['REMOTE_ADDR'] - # Avoid script injection the_comment = request.POST['the_comment'] the_comment = the_comment.replace('<', '<') @@ -772,23 +753,18 @@ def edit_comment(request, comment_id): (b, post) = have_I_right(request, None, comment.post_id) post_id = comment.post_id - if request.method == 'POST': # If the form has been submitted... + if request.method == 'POST': if 'edit' in request.POST: - form = CommentForm(request.POST, instance=comment) # A form bound to the POST data - if form.is_valid(): # All validation rules pass + form = CommentForm(request.POST, instance=comment) + if form.is_valid(): form = form.save() - # Process the data in form.cleaned_data - # ... return HttpResponseRedirect('/post/edit/' + str(post_id)) else: return HttpResponseRedirect('/post/edit/' + str(post_id)) - else: - form = CommentForm(instance=comment) # An unbound form + form = CommentForm(instance=comment) - return render(request, 'edit_comment.html', { - 'form': form, 'comment':comment - }) + return render(request, 'edit_comment.html', {'form': form, 'comment':comment}) @login_required def delete_comment(request, comment_id):