def delete(entry_id, inc_page=0):
if not ModuleAPI.can_write('navigation'):
return abort(403)
if inc_page and not ModuleAPI.can_write('page'):
flash(_('You do not have rights to remove pages'))
return abort(403)
entry = db.session.query(NavigationEntry).filter_by(id=entry_id).first()
if not entry:
abort(404)
if not entry.parent:
if entry.children.count() > 0:
flash('Deze item heeft nog subitems.', 'danger')
return redirect(url_for('navigation.edit', entry_id=entry.id))
if inc_page:
if entry.external or entry.activity_list:
flash('Deze item verwijst niet naar een pagina op deze website.',
'danger')
else:
path = entry.url.lstrip('/')
if PageAPI.remove_page(path):
flash('De pagina is verwijderd.', 'success')
else:
flash('De te verwijderen pagina kon niet worden gevonden.',
'danger')
db.session.delete(entry)
db.session.commit()
flash('De navigatie-item is verwijderd.', 'success')
return redirect(url_for('navigation.view'))
def can_view(entry):
'''
Check whether the current user can view the entry, so if not it can be
removed from the navigation. Note: Currently only working with pages.
'''
if entry.external or entry.activity_list:
return True
url = entry.url
if not url[-1:] == '/':
path = url
url += '/'
else:
path = url[:-1]
if path[-1:] == '/':
path = path[1:]
if path[:-1] == '/':
path = path[:1]
path = path[1:]
page = Page.query.filter_by(path=path).first()
if not page:
return True
return PageAPI.can_read(page)
def get_page(path=''):
path = Page.strip_path(path)
page = Page.get_by_path(path)
if not page:
# Try if this might be a redirect.
print("not page")
redirection = Redirect.query.filter(Redirect.fro == path).first()
if redirection:
# get GET parameters so they can be applied to the redirected
# URL
if request.args:
redir_url = redirection.to + '?'
for key in request.args:
redir_url += key + '=' + \
request.args[key] + '&'
print(redir_url)
# this is necssary to prevent incorrect escaping
return redirect(iri_to_uri(redir_url))
return redirect(redirection.to)
return abort(404)
if not PageAPI.can_read(page):
return abort(403)
revision = page.get_latest_revision()
if not revision:
return abort(500)
return render_template('%s/view_single.htm' % (page.type), page=page,
revision=revision, title=revision.title,
context=revision.__class__.context)
def get_page_history(path=''):
form = HistoryPageForm(request.form)
page = Page.get_by_path(path)
if not page:
return abort(404)
if not PageAPI.can_write(page):
return abort(403)
revisions = page.revision_cls.get_query()\
.filter(page.revision_cls.page_id == page.id)\
.all()
form.previous.choices = [(revision.id, '') for revision in revisions]
form.current.choices = [(revision.id, '') for revision in revisions]
if form.validate_on_submit():
previous = request.form['previous']
current = request.form['current']
previous_revision = page.revision_cls.get_query()\
.filter(page.revision_cls.id == previous).first()
current_revision = page.revision_cls.get_query()\
.filter(page.revision_cls.id == current).first()
prev = previous_revision.get_comparable()
cur = current_revision.get_comparable()
diff = htmldiff(prev, cur)
return render_template('page/compare_page_history.htm', diff=diff)
return render_template('page/get_page_history.htm', form=form,
revisions=zip(revisions, form.previous,
form.current))