def can_view(entry): ''' Check whether the current user can view the entry, so if not it can be removed from the navigation. Note: Currently only working with pages. ''' if entry.external or entry.activity_list: return True url = entry.url if not url[-1:] == '/': path = url url += '/' else: path = url[:-1] if path[-1:] == '/': path = path[1:] if path[:-1] == '/': path = path[:1] path = path[1:] page = Page.query.filter_by(path=path).first() if not page: return True return PageAPI.can_read(page)
def get_page(path=''): path = Page.strip_path(path) page = Page.get_by_path(path) if not page: # Try if this might be a redirect. print("not page") redirection = Redirect.query.filter(Redirect.fro == path).first() if redirection: # get GET parameters so they can be applied to the redirected # URL if request.args: redir_url = redirection.to + '?' for key in request.args: redir_url += key + '=' + \ request.args[key] + '&' print(redir_url) # this is necssary to prevent incorrect escaping return redirect(iri_to_uri(redir_url)) return redirect(redirection.to) return abort(404) if not PageAPI.can_read(page): return abort(403) revision = page.get_latest_revision() if not revision: return abort(500) return render_template('%s/view_single.htm' % (page.type), page=page, revision=revision, title=revision.title, context=revision.__class__.context)