You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

views.py 2.7KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970
  1. from django.conf import settings
  2. from django.contrib.flatpages.models import FlatPage
  3. from django.contrib.sites.shortcuts import get_current_site
  4. from django.http import Http404, HttpResponse, HttpResponsePermanentRedirect
  5. from django.shortcuts import get_object_or_404
  6. from django.template import loader
  7. from django.utils.safestring import mark_safe
  8. from django.views.decorators.csrf import csrf_protect
  9. DEFAULT_TEMPLATE = 'flatpages/default.html'
  10. # This view is called from FlatpageFallbackMiddleware.process_response
  11. # when a 404 is raised, which often means CsrfViewMiddleware.process_view
  12. # has not been called even if CsrfViewMiddleware is installed. So we need
  13. # to use @csrf_protect, in case the template needs {% csrf_token %}.
  14. # However, we can't just wrap this view; if no matching flatpage exists,
  15. # or a redirect is required for authentication, the 404 needs to be returned
  16. # without any CSRF checks. Therefore, we only
  17. # CSRF protect the internal implementation.
  18. def flatpage(request, url):
  19. """
  20. Public interface to the flat page view.
  21. Models: `flatpages.flatpages`
  22. Templates: Uses the template defined by the ``template_name`` field,
  23. or :template:`flatpages/default.html` if template_name is not defined.
  24. Context:
  25. flatpage
  26. `flatpages.flatpages` object
  27. """
  28. if not url.startswith('/'):
  29. url = '/' + url
  30. site_id = get_current_site(request).id
  31. try:
  32. f = get_object_or_404(FlatPage, url=url, sites=site_id)
  33. except Http404:
  34. if not url.endswith('/') and settings.APPEND_SLASH:
  35. url += '/'
  36. f = get_object_or_404(FlatPage, url=url, sites=site_id)
  37. return HttpResponsePermanentRedirect('%s/' % request.path)
  38. else:
  39. raise
  40. return render_flatpage(request, f)
  41. @csrf_protect
  42. def render_flatpage(request, f):
  43. """
  44. Internal interface to the flat page view.
  45. """
  46. # If registration is required for accessing this page, and the user isn't
  47. # logged in, redirect to the login page.
  48. if f.registration_required and not request.user.is_authenticated:
  49. from django.contrib.auth.views import redirect_to_login
  50. return redirect_to_login(request.path)
  51. if f.template_name:
  52. template = loader.select_template((f.template_name, DEFAULT_TEMPLATE))
  53. else:
  54. template = loader.get_template(DEFAULT_TEMPLATE)
  55. # To avoid having to always use the "|safe" filter in flatpage templates,
  56. # mark the title and content as already safe (since they are raw HTML
  57. # content in the first place).
  58. f.title = mark_safe(f.title)
  59. f.content = mark_safe(f.content)
  60. response = HttpResponse(template.render({'flatpage': f}, request))
  61. return response