Merge branch 'master' of github.com:ASKBOT/askbot-devel

15 files changed, 66 insertions, 21 deletions

diff --git a/askbot/conf/skin_general_settings.py b/askbot/conf/skin_general_settings.py
index 1bdb5887..387ac1f6 100644
--- a/askbot/conf/skin_general_settings.py
+++ b/askbot/conf/skin_general_settings.py
@@ -26,7 +26,7 @@ settings.register(
                         'then submit this whole form.'
                     ),
         upload_directory = django_settings.ASKBOT_FILE_UPLOAD_DIR,
-        upload_url = '/' + django_settings.ASKBOT_UPLOADED_FILES_URL,
+        upload_url = django_settings.ASKBOT_URL + '/' + django_settings.ASKBOT_UPLOADED_FILES_URL,
         default = '/images/logo.gif',
         url_resolver = skin_utils.get_media_url
     )
diff --git a/askbot/deployment/path_utils.py b/askbot/deployment/path_utils.py
index e0704a96..ef260f86 100644
--- a/askbot/deployment/path_utils.py
+++ b/askbot/deployment/path_utils.py
@@ -230,14 +230,20 @@ def deploy_into(directory, new_project = False, verbosity = 1, context = None):
     if verbosity >= 1:
         print ''
 
-def dir_name_acceptable(directory):
+def dir_name_unacceptable_for_django_project(directory):
+    dir_name = os.path.basename(directory)
+    if re.match(r'[_a-zA-Z][\w-]*$', dir_name):
+        return False
+    return True
+
+def dir_taken_by_python_module(directory):
     """True if directory is not taken by another python module"""
     dir_name = os.path.basename(directory)
     try:
         imp.find_module(dir_name)
-        return False
-    except ImportError:
         return True
+    except ImportError:
+        return False
 
 def get_install_directory(force = False):
     """returns a directory where a new django app/project 
@@ -277,8 +283,13 @@ def get_install_directory(force = False):
         if should_create_new == 'no':
             return None
 
-    if not dir_name_acceptable(directory):
+    if dir_taken_by_python_module(directory):
         print messages.format_msg_bad_dir_name(directory)
         return None
+    if dir_name_unacceptable_for_django_project(directory):
+        print """\nDirectory %s is not acceptable for a Django project.
+Please use lower case characters, numbers and underscore.
+The first character cannot be a number.\n""" % os.path.basename(directory)
+        return None
 
     return directory
diff --git a/askbot/doc/source/changelog.rst b/askbot/doc/source/changelog.rst
index a0bcb20e..3138110d 100644
--- a/askbot/doc/source/changelog.rst
+++ b/askbot/doc/source/changelog.rst
@@ -1,6 +1,15 @@
 Changes in Askbot
 =================
 
+Development version (not released yet)
+--------------------------------------
+* added basic slugification treatment to question titles with 
+  ``ALLOW_UNICODE_SLUGS = True`` (Evgeny)
+* added verification of the project directory name to
+  make sure it does not contain a `.` (dot) symbol (Evgeny)
+* made askbot compatible with django's `CSRFViewMiddleware`
+  that may be used for other projects (Evgeny)
+
 0.7.36 (Dec 20, 2011)
 ---------------------
 * bugfix and made the logo not used by default
diff --git a/askbot/doc/source/initial-configuration.rst b/askbot/doc/source/initial-configuration.rst
index 340324a1..7905aa1d 100644
--- a/askbot/doc/source/initial-configuration.rst
+++ b/askbot/doc/source/initial-configuration.rst
@@ -10,7 +10,16 @@ While most configuration settings for askbot can be done at any time :ref:`throu
 Installing Askbot as a new Django project (standalone app)
 ==========================================================
 
-When installing Askbot for the first time, you will need to initialize the site setup files by typing::
+.. note::
+    Firstly - if you are preparing the project directory manually,
+    make sure that the directory name does not
+    have the `.` - dot - symbol, because it is illegal for Python modules. 
+    For example::
+
+        mkdir mydjangosite
+        cd mydjangosite
+
+When installing Askbot for the first time, you will need to initialize the project setup files by typing::
 
     askbot-setup
 
diff --git a/askbot/setup_templates/settings.py b/askbot/setup_templates/settings.py
index 2972b9be..715e6ce8 100644
--- a/askbot/setup_templates/settings.py
+++ b/askbot/setup_templates/settings.py
@@ -209,7 +209,7 @@ LOGIN_URL = '/%s%s%s' % (ASKBOT_URL,_('account/'),_('signin/'))
 LOGIN_REDIRECT_URL = ASKBOT_URL #adjust if needed
 #note - it is important that upload dir url is NOT translated!!!
 #also, this url must not have the leading slash
-ASKBOT_UPLOADED_FILES_URL = '%s%s' % (ASKBOT_URL, 'upfiles/')
+ASKBOT_UPLOADED_FILES_URL = 'upfiles/'
 ALLOW_UNICODE_SLUGS = False
 ASKBOT_USE_STACKEXCHANGE_URLS = False #mimic url scheme of stackexchange
 
diff --git a/askbot/setup_templates/settings.py.mustache b/askbot/setup_templates/settings.py.mustache
index 2b010734..69da823a 100644
--- a/askbot/setup_templates/settings.py.mustache
+++ b/askbot/setup_templates/settings.py.mustache
@@ -208,7 +208,7 @@ LOGIN_URL = '/%s%s%s' % (ASKBOT_URL,_('account/'),_('signin/'))
 LOGIN_REDIRECT_URL = ASKBOT_URL #adjust, if needed
 #note - it is important that upload dir url is NOT translated!!!
 #also, this url must not have the leading slash
-ASKBOT_UPLOADED_FILES_URL = '%s%s' % (ASKBOT_URL, 'upfiles/')
+ASKBOT_UPLOADED_FILES_URL = 'upfiles/'
 ALLOW_UNICODE_SLUGS = False
 ASKBOT_USE_STACKEXCHANGE_URLS = False #mimic url scheme of stackexchange
 
diff --git a/askbot/skins/default/templates/main_page/javascript.html b/askbot/skins/default/templates/main_page/javascript.html
index e35113dd..619574d9 100644
--- a/askbot/skins/default/templates/main_page/javascript.html
+++ b/askbot/skins/default/templates/main_page/javascript.html
@@ -29,9 +29,9 @@
       }
     }
 
-    askbot['urls']['mark_interesting_tag'] = scriptUrl + '{% url mark_interesting_tag %}';
-    askbot['urls']['mark_ignored_tag'] = scriptUrl + '{% url mark_ignored_tag %}';
-    askbot['urls']['unmark_tag'] = scriptUrl + '{% url unmark_tag %}';
+    askbot['urls']['mark_interesting_tag'] = '{% url mark_interesting_tag %}';
+    askbot['urls']['mark_ignored_tag'] = '{% url mark_ignored_tag %}';
+    askbot['urls']['unmark_tag'] = '{% url unmark_tag %}';
     askbot['urls']['set_tag_filter_strategy'] = '{% url "set_tag_filter_strategy" %}';
     askbot['urls']['questions'] = '{% url "questions" %}';
     {% if settings.ASKBOT_TRANSLATE_URL %}
diff --git a/askbot/skins/default/templates/meta/bottom_scripts.html b/askbot/skins/default/templates/meta/bottom_scripts.html
index 0df25e7c..ad7bffa1 100644
--- a/askbot/skins/default/templates/meta/bottom_scripts.html
+++ b/askbot/skins/default/templates/meta/bottom_scripts.html
@@ -25,8 +25,8 @@
     askbot['urls']['mark_read_message'] = '{% url "read_message" %}';
     askbot['urls']['get_tags_by_wildcard'] = '{% url "get_tags_by_wildcard" %}';
     askbot['urls']['get_tag_list'] = '{% url "get_tag_list" %}';
-    askbot['urls']['follow_user'] = scriptUrl + 'followit/follow/user/{{'{{'}}userId{{'}}'}}/';
-    askbot['urls']['unfollow_user'] = scriptUrl + 'followit/unfollow/user/{{'{{'}}userId{{'}}'}}/';
+    askbot['urls']['follow_user'] = '/followit/follow/user/{{'{{'}}userId{{'}}'}}/';
+    askbot['urls']['unfollow_user'] = '/followit/unfollow/user/{{'{{'}}userId{{'}}'}}/';
     askbot['urls']['user_signin'] = '{{ settings.LOGIN_URL }}';
 </script>
 <script 
diff --git a/askbot/tests/badge_tests.py b/askbot/tests/badge_tests.py
index fdb9d626..c4a47fc5 100644
--- a/askbot/tests/badge_tests.py
+++ b/askbot/tests/badge_tests.py
@@ -1,4 +1,5 @@
 import datetime
+from django.conf import settings as django_settings
 from django.test.client import Client
 from askbot.tests.utils import AskbotTestCase
 from askbot.conf import settings
@@ -499,6 +500,6 @@ class BadgeTests(AskbotTestCase):
         self.u1.save()
         self.assert_have_badge('enthusiast', self.u1, 0)
         self.client.login(method = 'force', user_id = self.u1.id)
-        self.client.get('/')
+        self.client.get('/' + django_settings.ASKBOT_URL)
         self.assert_have_badge('enthusiast', self.u1, 1)
 
diff --git a/askbot/tests/skin_tests.py b/askbot/tests/skin_tests.py
index 660daa4e..f8e940ee 100644
--- a/askbot/tests/skin_tests.py
+++ b/askbot/tests/skin_tests.py
@@ -66,9 +66,10 @@ class SkinTests(TestCase):
         askbot_settings.update('SITE_LOGO_URL', new_logo)
         logo_url = askbot_settings.SITE_LOGO_URL
         self.assertTrue(
-                    logo_url.startswith(
-                        '/' + django_settings.ASKBOT_UPLOADED_FILES_URL
-                    )
-                )
+            logo_url.startswith(
+                django_settings.ASKBOT_URL + \
+                '/' + django_settings.ASKBOT_UPLOADED_FILES_URL
+            )
+        )
         response = self.client.get(logo_url)
         self.assertTrue(response.status_code == 200)
diff --git a/askbot/utils/slug.py b/askbot/utils/slug.py
index dbf794ce..1c8010c8 100644
--- a/askbot/utils/slug.py
+++ b/askbot/utils/slug.py
@@ -8,7 +8,7 @@ slug will be simply equal to the input text
 from unidecode import unidecode
 from django.template import defaultfilters
 from django.conf import settings
-
+import re
 
 def slugify(input_text, max_length=50):
     """custom slugify function that
@@ -30,4 +30,4 @@ def slugify(input_text, max_length=50):
                 break
         return slug
     else:
-        return input_text
+        return re.sub(r'\s+', '-', input_text.strip().lower())
diff --git a/askbot/views/commands.py b/askbot/views/commands.py
index 2022b148..3aeba161 100644
--- a/askbot/views/commands.py
+++ b/askbot/views/commands.py
@@ -78,6 +78,7 @@ def process_vote(user = None, vote_direction = None, post = None):
 
     return response_data
 
+@csrf.csrf_exempt
 def manage_inbox(request):
     """delete, mark as new or seen user's
     response memo objects, excluding flags
@@ -136,6 +137,7 @@ def manage_inbox(request):
         return HttpResponse(data, mimetype="application/json")
 
 
+@csrf.csrf_exempt
 def vote(request, id):
     """
     todo: this subroutine needs serious refactoring it's too long and is hard to understand
@@ -346,6 +348,7 @@ def vote(request, id):
     return HttpResponse(data, mimetype="application/json")
 
 #internally grouped views - used by the tagging system
+@csrf.csrf_exempt
 @decorators.ajax_login_required
 def mark_tag(request, **kwargs):#tagging system
     action = kwargs['action']
@@ -473,6 +476,7 @@ def api_get_questions(request):
         raise ValidationError('InvalidInput')
 
 
+@csrf.csrf_exempt
 @decorators.ajax_login_required
 def set_tag_filter_strategy(request):
     """saves data in the ``User.display_tag_filter_strategy``
@@ -548,6 +552,7 @@ def reopen(request, id):#re-open question
         return HttpResponseRedirect(question.get_absolute_url())
 
 
+@csrf.csrf_exempt
 @decorators.ajax_only
 def swap_question_with_answer(request):
     """receives two json parameters - answer id
@@ -565,6 +570,7 @@ def swap_question_with_answer(request):
             }
     raise Http404
 
+@csrf.csrf_exempt
 @decorators.ajax_only
 @decorators.post_only
 def upvote_comment(request):
@@ -585,6 +591,7 @@ def upvote_comment(request):
     return {'score': comment.score}
 
 #askbot-user communication system
+@csrf.csrf_exempt
 def read_message(request):#marks message a read
     if request.method == "POST":
         if request.POST['formdata'] == 'required':
diff --git a/askbot/views/readers.py b/askbot/views/readers.py
index 2c637f36..8a4eedf9 100644
--- a/askbot/views/readers.py
+++ b/askbot/views/readers.py
@@ -598,6 +598,7 @@ def revisions(request, id, object_name=None):
     }
     return render_into_skin('revisions.html', data, request)
 
+@csrf.csrf_exempt
 @ajax_only
 @anonymous_forbidden
 @get_only
@@ -611,6 +612,7 @@ def get_comment(request):
     request.user.assert_can_edit_comment(comment)
     return {'text': comment.comment}
 
+@csrf.csrf_exempt
 @ajax_only
 @get_only
 def get_question_body(request):
diff --git a/askbot/views/users.py b/askbot/views/users.py
index 935bf4fa..7a62ef56 100644
--- a/askbot/views/users.py
+++ b/askbot/views/users.py
@@ -1023,6 +1023,7 @@ def user(request, id, slug=None, tab_name=None):
     }
     return user_view_func(request, profile_owner, context)
 
+@csrf.csrf_exempt
 def update_has_custom_avatar(request):
     """updates current avatar type data for the user
     """
diff --git a/askbot/views/writers.py b/askbot/views/writers.py
index 5f073b37..f8da2181 100644
--- a/askbot/views/writers.py
+++ b/askbot/views/writers.py
@@ -44,6 +44,7 @@ QUESTIONS_PAGE_SIZE = 10
 # used in answers
 ANSWERS_PAGE_SIZE = 10
 
+@csrf.csrf_exempt
 def upload(request):#ajax upload file to a question or answer 
     """view that handles file upload via Ajax
     """
@@ -288,7 +289,7 @@ def ask(request):#view used to ask a new question
     return render_into_skin('ask.html', data, request)
 
 @login_required
-#@csrf.csrf_protect remove for ajax
+@csrf.csrf_exempt
 def retag_question(request, id):
     """retag question view
     """
@@ -575,6 +576,7 @@ def __generate_comments_json(obj, user):#non-view generates json data for the po
     data = simplejson.dumps(json_comments)
     return HttpResponse(data, mimetype="application/json")
 
+@csrf.csrf_exempt
 @decorators.check_spam('comment')
 def post_comments(request):#generic ajax handler to load comments to an object
     # only support get post comments by ajax now
@@ -614,6 +616,7 @@ def post_comments(request):#generic ajax handler to load comments to an object
     else:
         raise Http404
 
+@csrf.csrf_exempt
 @decorators.ajax_only
 @decorators.check_spam('comment')
 def edit_comment(request):
@@ -646,6 +649,7 @@ def edit_comment(request):
                 _('Sorry, anonymous users cannot edit comments')
             )
 
+@csrf.csrf_exempt
 def delete_comment(request):
     """ajax handler to delete comment
     """