def get_user_goals(): student = models.UserData.current() or models.UserData.pre_phantom() user_override = request.request_user_data("email") if user_override and user_override.key_email != student.key_email: if not user_override.is_visible_to(student): return api_unauthorized_response("Cannot view this profile") else: # Allow access to this student's profile student = user_override goals = GoalList.get_all_goals(student) return [g.get_visible_data() for g in goals]