221V
/
Misago


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200
							from rest_framework import serializers
from rest_framework.response import Response

from django.core.exceptions import PermissionDenied
from django.utils.translation import gettext as _

from misago.acl import add_acl
from misago.conf import settings
from misago.core.apipatch import ApiPatch
from misago.threads.models import PostLike
from misago.threads.moderation import posts as moderation
from misago.threads.permissions import (
    allow_approve_post, allow_hide_best_answer, allow_hide_post, allow_protect_post,
    allow_unhide_post)
from misago.threads.permissions import exclude_invisible_posts


PATCH_LIMIT = settings.MISAGO_POSTS_PER_PAGE + settings.MISAGO_POSTS_TAIL

post_patch_dispatcher = ApiPatch()


def patch_acl(request, post, value):
    """useful little op that updates post acl to current state"""
    if value:
        add_acl(request.user_acl, post)
        return {'acl': post.acl}
    else:
        return {'acl': None}


post_patch_dispatcher.add('acl', patch_acl)


def patch_is_liked(request, post, value):
    if not post.acl['can_like']:
        raise PermissionDenied(_("You can't like posts in this category."))

    # lock user to protect us from likes flood
    request.user.lock()

    # grab like state for this post and user
    try:
        user_like = post.postlike_set.get(liker=request.user)
    except PostLike.DoesNotExist:
        user_like = None

    # no change
    if (value and user_like) or (not value and not user_like):
        return {
            'likes': post.likes,
            'last_likes': post.last_likes or [],
            'is_liked': value,
        }

    # like
    if value:
        post.postlike_set.create(
            category=post.category,
            thread=post.thread,
            liker=request.user,
            liker_name=request.user.username,
            liker_slug=request.user.slug,
        )
        post.likes += 1

    # unlike
    if not value:
        user_like.delete()
        post.likes -= 1

    post.last_likes = []
    for like in post.postlike_set.all()[:4]:
        post.last_likes.append({
            'id': like.liker_id,
            'username': like.liker_name,
        })

    post.save(update_fields=['likes', 'last_likes'])

    return {
        'likes': post.likes,
        'last_likes': post.last_likes or [],
        'is_liked': value,
    }


post_patch_dispatcher.replace('is-liked', patch_is_liked)


def patch_is_protected(request, post, value):
    allow_protect_post(request.user_acl, post)
    if value:
        moderation.protect_post(request.user, post)
    else:
        moderation.unprotect_post(request.user, post)
    return {'is_protected': post.is_protected}


post_patch_dispatcher.replace('is-protected', patch_is_protected)


def patch_is_unapproved(request, post, value):
    allow_approve_post(request.user_acl, post)

    if value:
        raise PermissionDenied(_("Content approval can't be reversed."))

    moderation.approve_post(request.user, post)

    return {'is_unapproved': post.is_unapproved}


post_patch_dispatcher.replace('is-unapproved', patch_is_unapproved)


def patch_is_hidden(request, post, value):
    if value is True:
        allow_hide_post(request.user_acl, post)
        allow_hide_best_answer(request.user_acl, post)
        moderation.hide_post(request.user, post)
    elif value is False:
        allow_unhide_post(request.user_acl, post)
        moderation.unhide_post(request.user, post)

    return {'is_hidden': post.is_hidden}


post_patch_dispatcher.replace('is-hidden', patch_is_hidden)


def post_patch_endpoint(request, post):
    old_is_unapproved = post.is_unapproved

    response = post_patch_dispatcher.dispatch(request, post)

    # diff posts's state against pre-patch and resync thread/category if necessarys
    if old_is_unapproved != post.is_unapproved:
        post.thread.synchronize()
        post.thread.save()

        post.category.synchronize()
        post.category.save()

    return response


def bulk_patch_endpoint(request, thread):
    serializer = BulkPatchSerializer(data=request.data)
    if not serializer.is_valid():
        return Response(serializer.errors, status=400)

    posts = clean_posts_for_patch(request, thread, serializer.data['ids'])

    old_unapproved_posts = [p.is_unapproved for p in posts].count(True)

    response = post_patch_dispatcher.dispatch_bulk(request, posts)

    new_unapproved_posts = [p.is_unapproved for p in posts].count(True)

    if old_unapproved_posts != new_unapproved_posts:
        thread.synchronize()
        thread.save()

        thread.category.synchronize()
        thread.category.save()

    return response


def clean_posts_for_patch(request, thread, posts_ids):
    posts_queryset = exclude_invisible_posts(request.user, thread.category, thread.post_set)
    posts_queryset = posts_queryset.filter(
        id__in=posts_ids,
        is_event=False,
    ).order_by('id')

    posts = []
    for post in posts_queryset:
        post.category = thread.category
        post.thread = thread
        posts.append(post)

    if len(posts) != len(posts_ids):
        raise PermissionDenied(_("One or more posts to update could not be found."))

    return posts


class BulkPatchSerializer(serializers.Serializer):
    ids = serializers.ListField(
        child=serializers.IntegerField(min_value=1),
        max_length=PATCH_LIMIT,
        min_length=1,
    )
    ops = serializers.ListField(
        child=serializers.DictField(),
        min_length=1,
        max_length=10,
    )