Add an export() view, and implement it as text/text for Document.
For every Model except Document, the public() view is displayed for any
attempts to access the export() view.
Currently, the permissions for export() are the same as for public(). This
seems reasonable for Document, since anyone could extract the raw HTML from
the page source anyway. The permissions should probably be different for
other types of exports, such as vCard or iCard exports of profiles, CSV
exports of lists, etc.
Patch by: Todd Larsen
Review by: to-be-reviewed
try:
import cPickle as pickle
except ImportError:
import pickle
from django.conf import settings
from django.utils.hashcompat import md5_constructor
from django.forms import BooleanField
def security_hash(request, form, *args):
"""
Calculates a security hash for the given Form instance.
This creates a list of the form field names/values in a deterministic
order, pickles the result with the SECRET_KEY setting, then takes an md5
hash of that.
"""
data = [(bf.name, bf.field.clean(bf.data) or '') for bf in form]
data.extend(args)
data.append(settings.SECRET_KEY)
# Use HIGHEST_PROTOCOL because it's the most efficient. It requires
# Python 2.3, but Django requires 2.3 anyway, so that's OK.
pickled = pickle.dumps(data, pickle.HIGHEST_PROTOCOL)
return md5_constructor(pickled).hexdigest()