##// END OF EJS Templates
Moved signatures block to the model block. All the signed content is in the 'content' block now. Removed edit time, previous and next posts links from the XML sync output because they can be computed from the post itself and can be changed locally for foreign posts (which breaks the signature)
Moved signatures block to the model block. All the signed content is in the 'content' block now. Removed edit time, previous and next posts links from the XML sync output because they can be computed from the post itself and can be changed locally for foreign posts (which breaks the signature)

File last commit:

r832:e351426f default
r838:2b96b9e7 decentral
Show More
forms.py
294 lines | 8.9 KiB | text/x-python | PythonLexer
import re
import time
import hashlib
from django import forms
from django.forms.util import ErrorList
from django.utils.translation import ugettext_lazy as _
from boards.mdx_neboard import formatters
from boards.models.post import TITLE_MAX_LENGTH
from boards.models import PostImage
from neboard import settings
from boards import utils
import boards.settings as board_settings
VETERAN_POSTING_DELAY = 5
ATTRIBUTE_PLACEHOLDER = 'placeholder'
LAST_POST_TIME = 'last_post_time'
LAST_LOGIN_TIME = 'last_login_time'
TEXT_PLACEHOLDER = _('''Type message here. Use formatting panel for more advanced usage.''')
TAGS_PLACEHOLDER = _('tag1 several_words_tag')
ERROR_IMAGE_DUPLICATE = _('Such image was already posted')
LABEL_TITLE = _('Title')
LABEL_TEXT = _('Text')
LABEL_TAG = _('Tag')
LABEL_SEARCH = _('Search')
TAG_MAX_LENGTH = 20
REGEX_TAG = r'^[\w\d]+$'
class FormatPanel(forms.Textarea):
def render(self, name, value, attrs=None):
output = '<div id="mark-panel">'
for formatter in formatters:
output += '<span class="mark_btn"' + \
' onClick="addMarkToMsg(\'' + formatter.format_left + \
'\', \'' + formatter.format_right + '\')">' + \
formatter.preview_left + formatter.name + \
formatter.preview_right + '</span>'
output += '</div>'
output += super(FormatPanel, self).render(name, value, attrs=None)
return output
class PlainErrorList(ErrorList):
def __unicode__(self):
return self.as_text()
def as_text(self):
return ''.join(['(!) %s ' % e for e in self])
class NeboardForm(forms.Form):
def as_div(self):
"""
Returns this form rendered as HTML <as_div>s.
"""
return self._html_output(
# TODO Do not show hidden rows in the list here
normal_row='<div class="form-row"><div class="form-label">'
'%(label)s'
'</div></div>'
'<div class="form-row"><div class="form-input">'
'%(field)s'
'</div></div>'
'<div class="form-row">'
'%(help_text)s'
'</div>',
error_row='<div class="form-row">'
'<div class="form-label"></div>'
'<div class="form-errors">%s</div>'
'</div>',
row_ender='</div>',
help_text_html='%s',
errors_on_separate_row=True)
def as_json_errors(self):
errors = []
for name, field in list(self.fields.items()):
if self[name].errors:
errors.append({
'field': name,
'errors': self[name].errors.as_text(),
})
return errors
class PostForm(NeboardForm):
title = forms.CharField(max_length=TITLE_MAX_LENGTH, required=False,
label=LABEL_TITLE)
text = forms.CharField(
widget=FormatPanel(attrs={ATTRIBUTE_PLACEHOLDER: TEXT_PLACEHOLDER}),
required=False, label=LABEL_TEXT)
image = forms.ImageField(required=False, label=_('Image'),
widget=forms.ClearableFileInput(
attrs={'accept': 'image/*'}))
# This field is for spam prevention only
email = forms.CharField(max_length=100, required=False, label=_('e-mail'),
widget=forms.TextInput(attrs={
'class': 'form-email'}))
session = None
need_to_ban = False
def clean_title(self):
title = self.cleaned_data['title']
if title:
if len(title) > TITLE_MAX_LENGTH:
raise forms.ValidationError(_('Title must have less than %s '
'characters') %
str(TITLE_MAX_LENGTH))
return title
def clean_text(self):
text = self.cleaned_data['text'].strip()
if text:
if len(text) > board_settings.MAX_TEXT_LENGTH:
raise forms.ValidationError(_('Text must have less than %s '
'characters') %
str(board_settings
.MAX_TEXT_LENGTH))
return text
def clean_image(self):
image = self.cleaned_data['image']
if image:
if image.size > board_settings.MAX_IMAGE_SIZE:
raise forms.ValidationError(
_('Image must be less than %s bytes')
% str(board_settings.MAX_IMAGE_SIZE))
md5 = hashlib.md5()
for chunk in image.chunks():
md5.update(chunk)
image_hash = md5.hexdigest()
if PostImage.objects.filter(hash=image_hash).exists():
raise forms.ValidationError(ERROR_IMAGE_DUPLICATE)
return image
def clean(self):
cleaned_data = super(PostForm, self).clean()
if not self.session:
raise forms.ValidationError('Humans have sessions')
if cleaned_data['email']:
self.need_to_ban = True
raise forms.ValidationError('A human cannot enter a hidden field')
if not self.errors:
self._clean_text_image()
if not self.errors and self.session:
self._validate_posting_speed()
return cleaned_data
def _clean_text_image(self):
text = self.cleaned_data.get('text')
image = self.cleaned_data.get('image')
if (not text) and (not image):
error_message = _('Either text or image must be entered.')
self._errors['text'] = self.error_class([error_message])
def _validate_posting_speed(self):
can_post = True
posting_delay = settings.POSTING_DELAY
if board_settings.LIMIT_POSTING_SPEED and LAST_POST_TIME in \
self.session:
now = time.time()
last_post_time = self.session[LAST_POST_TIME]
current_delay = int(now - last_post_time)
if current_delay < posting_delay:
error_message = _('Wait %s seconds after last posting') % str(
posting_delay - current_delay)
self._errors['text'] = self.error_class([error_message])
can_post = False
if can_post:
self.session[LAST_POST_TIME] = time.time()
class ThreadForm(PostForm):
regex_tags = re.compile(r'^[\w\s\d]+$', re.UNICODE)
tags = forms.CharField(
widget=forms.TextInput(attrs={ATTRIBUTE_PLACEHOLDER: TAGS_PLACEHOLDER}),
max_length=100, label=_('Tags'), required=True)
def clean_tags(self):
tags = self.cleaned_data['tags'].strip()
if not tags or not self.regex_tags.match(tags):
raise forms.ValidationError(
_('Inappropriate characters in tags.'))
return tags
def clean(self):
cleaned_data = super(ThreadForm, self).clean()
return cleaned_data
class SettingsForm(NeboardForm):
theme = forms.ChoiceField(choices=settings.THEMES,
label=_('Theme'))
class AddTagForm(NeboardForm):
tag = forms.CharField(max_length=TAG_MAX_LENGTH, label=LABEL_TAG)
method = forms.CharField(widget=forms.HiddenInput(), initial='add_tag')
def clean_tag(self):
tag = self.cleaned_data['tag']
regex_tag = re.compile(REGEX_TAG, re.UNICODE)
if not regex_tag.match(tag):
raise forms.ValidationError(_('Inappropriate characters in tags.'))
return tag
def clean(self):
cleaned_data = super(AddTagForm, self).clean()
return cleaned_data
class SearchForm(NeboardForm):
query = forms.CharField(max_length=500, label=LABEL_SEARCH, required=False)
class LoginForm(NeboardForm):
password = forms.CharField()
session = None
def clean_password(self):
password = self.cleaned_data['password']
if board_settings.MASTER_PASSWORD != password:
raise forms.ValidationError(_('Invalid master password'))
return password
def _validate_login_speed(self):
can_post = True
if LAST_LOGIN_TIME in self.session:
now = time.time()
last_login_time = self.session[LAST_LOGIN_TIME]
current_delay = int(now - last_login_time)
if current_delay < board_settings.LOGIN_TIMEOUT:
error_message = _('Wait %s minutes after last login') % str(
(board_settings.LOGIN_TIMEOUT - current_delay) / 60)
self._errors['password'] = self.error_class([error_message])
can_post = False
if can_post:
self.session[LAST_LOGIN_TIME] = time.time()
def clean(self):
self._validate_login_speed()
cleaned_data = super(LoginForm, self).clean()
return cleaned_data