2011-04-22 19:09:09 +02:00
|
|
|
# -*- coding: utf-8 -*-
|
2013-09-19 10:39:52 +02:00
|
|
|
from AccessControl import getSecurityManager
|
2016-02-05 01:39:53 +01:00
|
|
|
from AccessControl import Unauthorized
|
2015-05-03 08:16:39 +02:00
|
|
|
from Acquisition import aq_inner
|
|
|
|
|
from Acquisition import aq_parent
|
2018-09-27 11:26:41 +02:00
|
|
|
from plone.app.discussion.events import NotifyOnPublish
|
|
|
|
|
from plone.app.discussion.events import NotifyOnDelete
|
2016-02-05 01:39:53 +01:00
|
|
|
from plone.app.discussion.interfaces import _
|
|
|
|
|
from plone.app.discussion.interfaces import IComment
|
|
|
|
|
from plone.app.discussion.interfaces import IReplies
|
2015-05-03 08:16:39 +02:00
|
|
|
from Products.CMFCore.utils import getToolByName
|
2009-06-10 22:14:44 +02:00
|
|
|
from Products.Five.browser import BrowserView
|
|
|
|
|
from Products.Five.browser.pagetemplatefile import ViewPageTemplateFile
|
2009-07-07 10:00:41 +02:00
|
|
|
from Products.statusmessages.interfaces import IStatusMessage
|
2018-09-27 11:26:41 +02:00
|
|
|
from zope.event import notify
|
2009-12-19 16:03:12 +01:00
|
|
|
|
2010-01-22 17:28:00 +01:00
|
|
|
|
2009-06-10 22:14:44 +02:00
|
|
|
class View(BrowserView):
|
2011-04-22 19:09:09 +02:00
|
|
|
"""Comment moderation view.
|
2009-06-10 22:14:44 +02:00
|
|
|
"""
|
|
|
|
|
template = ViewPageTemplateFile('moderation.pt')
|
2009-08-20 04:11:57 +02:00
|
|
|
try:
|
|
|
|
|
template.id = '@@moderate-comments'
|
|
|
|
|
except AttributeError:
|
|
|
|
|
# id is not writeable in Zope 2.12
|
|
|
|
|
pass
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-10 22:14:44 +02:00
|
|
|
def __call__(self):
|
2009-10-07 13:52:44 +02:00
|
|
|
self.request.set('disable_border', True)
|
2009-06-26 16:57:45 +02:00
|
|
|
context = aq_inner(self.context)
|
2009-12-08 12:19:26 +01:00
|
|
|
catalog = getToolByName(context, 'portal_catalog')
|
2009-12-19 16:03:12 +01:00
|
|
|
self.comments = catalog(object_provides=IComment.__identifier__,
|
2009-12-08 12:19:26 +01:00
|
|
|
review_state='pending',
|
|
|
|
|
sort_on='created',
|
|
|
|
|
sort_order='reverse')
|
2009-06-10 22:14:44 +02:00
|
|
|
return self.template()
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-10-18 15:12:52 +02:00
|
|
|
def moderation_enabled(self):
|
2010-12-16 00:52:56 +01:00
|
|
|
"""Returns true if a 'review workflow' is enabled on 'Discussion Item'
|
2010-10-08 12:22:40 +02:00
|
|
|
content type. A 'review workflow' is characterized by implementing
|
|
|
|
|
a 'pending' workflow state.
|
2009-10-18 15:12:52 +02:00
|
|
|
"""
|
|
|
|
|
context = aq_inner(self.context)
|
2011-04-22 19:09:09 +02:00
|
|
|
workflowTool = getToolByName(context, 'portal_workflow')
|
2012-01-13 10:16:01 +01:00
|
|
|
comment_workflow = workflowTool.getChainForPortalType(
|
|
|
|
|
'Discussion Item')
|
2011-04-27 19:41:07 +02:00
|
|
|
if comment_workflow:
|
|
|
|
|
comment_workflow = comment_workflow[0]
|
|
|
|
|
comment_workflow = workflowTool[comment_workflow]
|
|
|
|
|
if 'pending' in comment_workflow.states:
|
|
|
|
|
return True
|
2011-04-27 21:33:00 +02:00
|
|
|
return False
|
2009-06-10 22:14:44 +02:00
|
|
|
|
2009-10-18 15:12:52 +02:00
|
|
|
|
2010-12-08 18:45:11 +01:00
|
|
|
class ModerateCommentsEnabled(BrowserView):
|
|
|
|
|
|
|
|
|
|
def __call__(self):
|
2010-12-16 00:52:56 +01:00
|
|
|
"""Returns true if a 'review workflow' is enabled on 'Discussion Item'
|
2010-12-08 18:45:11 +01:00
|
|
|
content type. A 'review workflow' is characterized by implementing
|
|
|
|
|
a 'pending' workflow state.
|
|
|
|
|
"""
|
|
|
|
|
context = aq_inner(self.context)
|
2011-04-22 19:09:09 +02:00
|
|
|
workflowTool = getToolByName(context, 'portal_workflow', None)
|
2012-01-13 10:16:01 +01:00
|
|
|
comment_workflow = workflowTool.getChainForPortalType(
|
|
|
|
|
'Discussion Item')
|
2011-04-27 19:41:07 +02:00
|
|
|
if comment_workflow:
|
|
|
|
|
comment_workflow = comment_workflow[0]
|
|
|
|
|
comment_workflow = workflowTool[comment_workflow]
|
|
|
|
|
if 'pending' in comment_workflow.states:
|
|
|
|
|
return True
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2011-04-27 21:33:00 +02:00
|
|
|
return False
|
2010-12-08 18:45:11 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
class DeleteComment(BrowserView):
|
2010-10-05 17:14:12 +02:00
|
|
|
"""Delete a comment from a conversation.
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
This view is always called directly on the comment object:
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
http://nohost/front-page/++conversation++default/1286289644723317/\
|
|
|
|
|
@@moderate-delete-comment
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
Each table row (comment) in the moderation view contains a hidden input
|
|
|
|
|
field with the absolute URL of the content object:
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
<input type="hidden"
|
2010-10-05 17:14:12 +02:00
|
|
|
value="http://nohost/front-page/++conversation++default/\
|
2010-12-16 00:52:56 +01:00
|
|
|
1286289644723317"
|
2010-10-05 17:14:12 +02:00
|
|
|
name="selected_obj_paths:list">
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
This absolute URL is called from a jQuery method that is bind to the
|
|
|
|
|
'delete' button of the table row. See javascripts/moderation.js for more
|
2010-12-16 00:52:56 +01:00
|
|
|
details.
|
2009-06-26 16:57:45 +02:00
|
|
|
"""
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
def __call__(self):
|
2011-04-22 19:09:09 +02:00
|
|
|
comment = aq_inner(self.context)
|
|
|
|
|
conversation = aq_parent(comment)
|
|
|
|
|
content_object = aq_parent(conversation)
|
2013-09-19 10:39:52 +02:00
|
|
|
# conditional security
|
|
|
|
|
# base ZCML condition zope2.deleteObject allows 'delete own object'
|
|
|
|
|
# modify this for 'delete_own_comment_allowed' controlpanel setting
|
|
|
|
|
if self.can_delete(comment):
|
|
|
|
|
del conversation[comment.id]
|
|
|
|
|
content_object.reindexObject()
|
2018-09-27 11:26:41 +02:00
|
|
|
notify(NotifyOnDelete(self.context, comment))
|
2013-09-19 10:39:52 +02:00
|
|
|
IStatusMessage(self.context.REQUEST).addStatusMessage(
|
2016-02-05 01:39:53 +01:00
|
|
|
_('Comment deleted.'),
|
|
|
|
|
type='info')
|
2011-04-22 19:09:09 +02:00
|
|
|
came_from = self.context.REQUEST.HTTP_REFERER
|
2012-04-12 13:06:05 +02:00
|
|
|
# if the referrer already has a came_from in it, don't redirect back
|
2016-09-19 17:06:17 +02:00
|
|
|
if (len(came_from) == 0 or 'came_from=' in came_from or
|
|
|
|
|
not getToolByName(
|
|
|
|
|
content_object, 'portal_url').isURLInPortal(came_from)):
|
2011-04-22 19:09:09 +02:00
|
|
|
came_from = content_object.absolute_url()
|
|
|
|
|
return self.context.REQUEST.RESPONSE.redirect(came_from)
|
2009-07-07 10:00:41 +02:00
|
|
|
|
2013-09-19 10:39:52 +02:00
|
|
|
def can_delete(self, reply):
|
2014-09-20 16:02:48 +02:00
|
|
|
"""Returns true if current user has the 'Delete comments'
|
|
|
|
|
permission.
|
2013-09-19 10:39:52 +02:00
|
|
|
"""
|
2014-03-03 15:12:16 +01:00
|
|
|
return getSecurityManager().checkPermission('Delete comments',
|
2013-09-19 10:39:52 +02:00
|
|
|
aq_inner(reply))
|
|
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
|
2012-05-07 13:02:07 +02:00
|
|
|
class DeleteOwnComment(DeleteComment):
|
2015-05-03 08:41:24 +02:00
|
|
|
"""Delete an own comment if it has no replies.
|
|
|
|
|
|
|
|
|
|
Following conditions have to be true for a user to be able to delete his
|
|
|
|
|
comments:
|
2012-05-07 13:02:07 +02:00
|
|
|
* "Delete own comments" permission
|
|
|
|
|
* no replies to the comment
|
|
|
|
|
* Owner role directly assigned on the comment object
|
|
|
|
|
"""
|
|
|
|
|
|
2014-09-05 11:11:54 +02:00
|
|
|
def could_delete(self, comment=None):
|
2015-05-03 08:41:24 +02:00
|
|
|
"""Returns true if the comment could be deleted if it had no replies.
|
|
|
|
|
"""
|
2012-05-07 13:02:07 +02:00
|
|
|
sm = getSecurityManager()
|
2014-09-05 11:11:54 +02:00
|
|
|
comment = comment or aq_inner(self.context)
|
2012-05-07 13:02:07 +02:00
|
|
|
userid = sm.getUser().getId()
|
2016-02-05 01:39:53 +01:00
|
|
|
return (
|
|
|
|
|
sm.checkPermission('Delete own comments', comment) and
|
|
|
|
|
'Owner' in comment.get_local_roles_for_userid(userid)
|
|
|
|
|
)
|
2012-05-07 13:02:07 +02:00
|
|
|
|
2014-09-05 11:11:54 +02:00
|
|
|
def can_delete(self, comment=None):
|
|
|
|
|
comment = comment or self.context
|
2016-02-05 01:39:53 +01:00
|
|
|
return (
|
|
|
|
|
len(IReplies(aq_inner(comment))) == 0 and
|
|
|
|
|
self.could_delete(comment=comment)
|
|
|
|
|
)
|
2012-05-07 13:02:07 +02:00
|
|
|
|
|
|
|
|
def __call__(self):
|
|
|
|
|
if self.can_delete():
|
|
|
|
|
super(DeleteOwnComment, self).__call__()
|
|
|
|
|
else:
|
2014-09-20 16:02:48 +02:00
|
|
|
raise Unauthorized("You're not allowed to delete this comment.")
|
2012-05-07 13:02:07 +02:00
|
|
|
|
|
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
class PublishComment(BrowserView):
|
2010-10-05 17:14:12 +02:00
|
|
|
"""Publish a comment.
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
This view is always called directly on the comment object:
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
http://nohost/front-page/++conversation++default/1286289644723317/\
|
|
|
|
|
@@moderate-publish-comment
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
Each table row (comment) in the moderation view contains a hidden input
|
|
|
|
|
field with the absolute URL of the content object:
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
<input type="hidden"
|
2010-10-05 17:14:12 +02:00
|
|
|
value="http://nohost/front-page/++conversation++default/\
|
2010-12-16 00:52:56 +01:00
|
|
|
1286289644723317"
|
2010-10-05 17:14:12 +02:00
|
|
|
name="selected_obj_paths:list">
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
This absolute URL is called from a jQuery method that is bind to the
|
|
|
|
|
'delete' button of the table row. See javascripts/moderation.js for more
|
2010-12-16 00:52:56 +01:00
|
|
|
details.
|
2009-06-26 16:57:45 +02:00
|
|
|
"""
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
def __call__(self):
|
|
|
|
|
comment = aq_inner(self.context)
|
2011-04-22 19:09:09 +02:00
|
|
|
content_object = aq_parent(aq_parent(comment))
|
|
|
|
|
workflowTool = getToolByName(comment, 'portal_workflow', None)
|
2014-02-04 10:00:06 +01:00
|
|
|
workflow_action = self.request.form.get('workflow_action', 'publish')
|
|
|
|
|
workflowTool.doActionFor(comment, workflow_action)
|
2012-08-22 17:58:07 +02:00
|
|
|
comment.reindexObject()
|
2013-08-20 15:37:56 +02:00
|
|
|
content_object.reindexObject(idxs=['total_comments'])
|
2018-09-27 11:26:41 +02:00
|
|
|
notify(NotifyOnPublish(self.context, comment))
|
2009-07-07 10:00:41 +02:00
|
|
|
IStatusMessage(self.context.REQUEST).addStatusMessage(
|
2016-02-05 01:39:53 +01:00
|
|
|
_('Comment approved.'),
|
|
|
|
|
type='info')
|
2011-04-22 19:09:09 +02:00
|
|
|
came_from = self.context.REQUEST.HTTP_REFERER
|
2012-04-12 13:06:05 +02:00
|
|
|
# if the referrer already has a came_from in it, don't redirect back
|
2016-09-19 17:06:17 +02:00
|
|
|
if (len(came_from) == 0 or 'came_from=' in came_from or
|
|
|
|
|
not getToolByName(
|
|
|
|
|
content_object, 'portal_url').isURLInPortal(came_from)):
|
2011-04-22 19:09:09 +02:00
|
|
|
came_from = content_object.absolute_url()
|
|
|
|
|
return self.context.REQUEST.RESPONSE.redirect(came_from)
|
2009-07-07 10:00:41 +02:00
|
|
|
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
class BulkActionsView(BrowserView):
|
|
|
|
|
"""Bulk actions (unapprove, approve, delete, mark as spam).
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
Each table row of the moderation view has a checkbox with the absolute
|
2010-10-05 17:14:12 +02:00
|
|
|
path (without host and port) of the comment objects:
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
<input type="checkbox"
|
|
|
|
|
name="paths:list"
|
|
|
|
|
value="/plone/front-page/++conversation++default/\
|
2010-12-16 00:52:56 +01:00
|
|
|
1286289644723317"
|
2010-10-05 17:14:12 +02:00
|
|
|
id="cb_1286289644723317" />
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
If checked, the comment path will occur in the 'paths' variable of
|
|
|
|
|
the request when the bulk actions view is called. The bulk action
|
|
|
|
|
(delete, publish, etc.) will be applied to all comments that are
|
2010-10-05 17:14:12 +02:00
|
|
|
included.
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
The paths have to be 'traversable':
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
/plone/front-page/++conversation++default/1286289644723317
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
"""
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-26 16:57:45 +02:00
|
|
|
def __call__(self):
|
2010-10-06 16:12:30 +02:00
|
|
|
if 'form.select.BulkAction' in self.request:
|
2009-06-26 20:59:37 +02:00
|
|
|
bulkaction = self.request.get('form.select.BulkAction')
|
2009-06-29 15:44:46 +02:00
|
|
|
self.paths = self.request.get('paths')
|
2009-06-29 17:09:41 +02:00
|
|
|
if self.paths:
|
|
|
|
|
if bulkaction == '-1':
|
|
|
|
|
# no bulk action was selected
|
|
|
|
|
pass
|
|
|
|
|
elif bulkaction == 'retract':
|
|
|
|
|
self.retract()
|
|
|
|
|
elif bulkaction == 'publish':
|
|
|
|
|
self.publish()
|
|
|
|
|
elif bulkaction == 'mark_as_spam':
|
|
|
|
|
self.mark_as_spam()
|
|
|
|
|
elif bulkaction == 'delete':
|
|
|
|
|
self.delete()
|
|
|
|
|
else:
|
2012-01-13 10:16:01 +01:00
|
|
|
raise KeyError # pragma: no cover
|
|
|
|
|
|
2009-06-29 15:44:46 +02:00
|
|
|
def retract(self):
|
2009-06-26 20:59:37 +02:00
|
|
|
raise NotImplementedError
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-29 15:44:46 +02:00
|
|
|
def publish(self):
|
2010-10-05 17:14:12 +02:00
|
|
|
"""Publishes all comments in the paths variable.
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
Expects a list of absolute paths (without host and port):
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
/Plone/startseite/++conversation++default/1286200010610352
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
"""
|
2009-06-26 20:59:37 +02:00
|
|
|
context = aq_inner(self.context)
|
2009-06-29 15:44:46 +02:00
|
|
|
for path in self.paths:
|
2009-06-26 20:59:37 +02:00
|
|
|
comment = context.restrictedTraverse(path)
|
2013-03-28 14:28:22 +01:00
|
|
|
content_object = aq_parent(aq_parent(comment))
|
2011-04-22 19:09:09 +02:00
|
|
|
workflowTool = getToolByName(comment, 'portal_workflow')
|
|
|
|
|
current_state = workflowTool.getInfoFor(comment, 'review_state')
|
2009-06-29 15:52:51 +02:00
|
|
|
if current_state != 'published':
|
2011-04-22 19:09:09 +02:00
|
|
|
workflowTool.doActionFor(comment, 'publish')
|
2013-03-28 14:28:22 +01:00
|
|
|
comment.reindexObject()
|
2013-08-20 15:37:56 +02:00
|
|
|
content_object.reindexObject(idxs=['total_comments'])
|
2018-09-27 11:26:41 +02:00
|
|
|
notify(NotifyOnPublish(content_object, comment))
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-29 15:44:46 +02:00
|
|
|
def mark_as_spam(self):
|
2009-06-26 20:59:37 +02:00
|
|
|
raise NotImplementedError
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2009-06-29 15:44:46 +02:00
|
|
|
def delete(self):
|
2010-10-05 17:14:12 +02:00
|
|
|
"""Deletes all comments in the paths variable.
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
Expects a list of absolute paths (without host and port):
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-10-05 17:14:12 +02:00
|
|
|
/Plone/startseite/++conversation++default/1286200010610352
|
2012-01-13 10:16:01 +01:00
|
|
|
|
2010-12-16 00:52:56 +01:00
|
|
|
"""
|
2009-06-26 20:59:37 +02:00
|
|
|
context = aq_inner(self.context)
|
2009-06-29 15:44:46 +02:00
|
|
|
for path in self.paths:
|
2009-06-26 20:59:37 +02:00
|
|
|
comment = context.restrictedTraverse(path)
|
|
|
|
|
conversation = aq_parent(comment)
|
2013-03-28 14:28:22 +01:00
|
|
|
content_object = aq_parent(conversation)
|
2009-06-26 20:59:37 +02:00
|
|
|
del conversation[comment.id]
|
2013-08-20 15:37:56 +02:00
|
|
|
content_object.reindexObject(idxs=['total_comments'])
|
2018-09-27 11:26:41 +02:00
|
|
|
notify(NotifyOnDelete(content_object, comment))
|
