py_tasks_melange: app/django/contrib/comments/forms.py@d1be59b6b627 (annotated)

323 ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	1	import re
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	2	import time
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	3	import datetime
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	4
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	5	from django import forms
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	6	from django.forms.util import ErrorDict
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	7	from django.conf import settings
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	8	from django.http import Http404
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	9	from django.contrib.contenttypes.models import ContentType
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	10	from models import Comment
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	11	from django.utils.encoding import force_unicode
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	12	from django.utils.hashcompat import sha_constructor
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	13	from django.utils.text import get_text_list
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	14	from django.utils.translation import ungettext, ugettext_lazy as _
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	15
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	16	COMMENT_MAX_LENGTH = getattr(settings,'COMMENT_MAX_LENGTH', 3000)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	17
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	18	class CommentForm(forms.Form):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	19	name = forms.CharField(label=_("Name"), max_length=50)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	20	email = forms.EmailField(label=_("Email address"))
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	21	url = forms.URLField(label=_("URL"), required=False)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	22	comment = forms.CharField(label=_('Comment'), widget=forms.Textarea,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	23	max_length=COMMENT_MAX_LENGTH)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	24	honeypot = forms.CharField(required=False,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	25	label=_('If you enter anything in this field '\
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	26	'your comment will be treated as spam'))
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	27	content_type = forms.CharField(widget=forms.HiddenInput)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	28	object_pk = forms.CharField(widget=forms.HiddenInput)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	29	timestamp = forms.IntegerField(widget=forms.HiddenInput)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	30	security_hash = forms.CharField(min_length=40, max_length=40, widget=forms.HiddenInput)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	31
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	32	def __init__(self, target_object, data=None, initial=None):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	33	self.target_object = target_object
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	34	if initial is None:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	35	initial = {}
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	36	initial.update(self.generate_security_data())
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	37	super(CommentForm, self).__init__(data=data, initial=initial)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	38
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	39	def get_comment_object(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	40	"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	41	Return a new (unsaved) comment object based on the information in this
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	42	form. Assumes that the form is already validated and will throw a
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	43	ValueError if not.
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	44
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	45	Does not set any of the fields that would come from a Request object
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	46	(i.e. ``user`` or ``ip_address``).
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	47	"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	48	if not self.is_valid():
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	49	raise ValueError("get_comment_object may only be called on valid forms")
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	50
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	51	new = Comment(
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	52	content_type = ContentType.objects.get_for_model(self.target_object),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	53	object_pk = force_unicode(self.target_object._get_pk_val()),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	54	user_name = self.cleaned_data["name"],
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	55	user_email = self.cleaned_data["email"],
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	56	user_url = self.cleaned_data["url"],
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	57	comment = self.cleaned_data["comment"],
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	58	submit_date = datetime.datetime.now(),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	59	site_id = settings.SITE_ID,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	60	is_public = True,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	61	is_removed = False,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	62	)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	63
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	64	# Check that this comment isn't duplicate. (Sometimes people post comments
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	65	# twice by mistake.) If it is, fail silently by returning the old comment.
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	66	possible_duplicates = Comment.objects.filter(
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	67	content_type = new.content_type,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	68	object_pk = new.object_pk,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	69	user_name = new.user_name,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	70	user_email = new.user_email,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	71	user_url = new.user_url,
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	72	)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	73	for old in possible_duplicates:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	74	if old.submit_date.date() == new.submit_date.date() and old.comment == new.comment:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	75	return old
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	76
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	77	return new
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	78
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	79	def security_errors(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	80	"""Return just those errors associated with security"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	81	errors = ErrorDict()
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	82	for f in ["honeypot", "timestamp", "security_hash"]:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	83	if f in self.errors:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	84	errors[f] = self.errors[f]
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	85	return errors
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	86
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	87	def clean_honeypot(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	88	"""Check that nothing's been entered into the honeypot."""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	89	value = self.cleaned_data["honeypot"]
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	90	if value:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	91	raise forms.ValidationError(self.fields["honeypot"].label)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	92	return value
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	93
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	94	def clean_security_hash(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	95	"""Check the security hash."""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	96	security_hash_dict = {
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	97	'content_type' : self.data.get("content_type", ""),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	98	'object_pk' : self.data.get("object_pk", ""),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	99	'timestamp' : self.data.get("timestamp", ""),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	100	}
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	101	expected_hash = self.generate_security_hash(**security_hash_dict)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	102	actual_hash = self.cleaned_data["security_hash"]
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	103	if expected_hash != actual_hash:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	104	raise forms.ValidationError("Security hash check failed.")
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	105	return actual_hash
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	106
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	107	def clean_timestamp(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	108	"""Make sure the timestamp isn't too far (> 2 hours) in the past."""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	109	ts = self.cleaned_data["timestamp"]
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	110	if time.time() - ts > (2 * 60 * 60):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	111	raise forms.ValidationError("Timestamp check failed")
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	112	return ts
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	113
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	114	def clean_comment(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	115	"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	116	If COMMENTS_ALLOW_PROFANITIES is False, check that the comment doesn't
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	117	contain anything in PROFANITIES_LIST.
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	118	"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	119	comment = self.cleaned_data["comment"]
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	120	if settings.COMMENTS_ALLOW_PROFANITIES == False:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	121	bad_words = [w for w in settings.PROFANITIES_LIST if w in comment.lower()]
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	122	if bad_words:
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	123	plural = len(bad_words) > 1
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	124	raise forms.ValidationError(ungettext(
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	125	"Watch your mouth! The word %s is not allowed here.",
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	126	"Watch your mouth! The words %s are not allowed here.", plural) % \
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	127	get_text_list(['"%s%s%s"' % (i[0], '-'*(len(i)-2), i[-1]) for i in bad_words], 'and'))
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	128	return comment
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	129
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	130	def generate_security_data(self):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	131	"""Generate a dict of security data for "initial" data."""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	132	timestamp = int(time.time())
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	133	security_dict = {
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	134	'content_type' : str(self.target_object._meta),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	135	'object_pk' : str(self.target_object._get_pk_val()),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	136	'timestamp' : str(timestamp),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	137	'security_hash' : self.initial_security_hash(timestamp),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	138	}
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	139	return security_dict
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	140
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	141	def initial_security_hash(self, timestamp):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	142	"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	143	Generate the initial security hash from self.content_object
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	144	and a (unix) timestamp.
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	145	"""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	146
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	147	initial_security_dict = {
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	148	'content_type' : str(self.target_object._meta),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	149	'object_pk' : str(self.target_object._get_pk_val()),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	150	'timestamp' : str(timestamp),
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	151	}
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	152	return self.generate_security_hash(**initial_security_dict)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	153
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	154	def generate_security_hash(self, content_type, object_pk, timestamp):
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	155	"""Generate a (SHA1) security hash from the provided info."""
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	156	info = (content_type, object_pk, timestamp, settings.SECRET_KEY)
ff1a9aa48cfd Load ../vendor/django into trunk/app/django. Pawel Solyga <Pawel.Solyga@gmail.com> parents: diff changeset	157	return sha_constructor("".join(info)).hexdigest()

author	Mario Ferraro <fadinlight@gmail.com>
	Sun, 15 Nov 2009 22:12:20 +0100
changeset 3093	d1be59b6b627
parent 323	ff1a9aa48cfd
permissions	-rw-r--r--