def json_photo(id): ''' Returns photo info in json format ''' photo = Photo.query.get_or_404(id) if not current_user.has_roles(['admin', 'poweruser']) and photo.is_hidden(): abort(404) return jsonify(photo.json())
def photo_thumbnail(id, width, height): ''' Return photo thumbnail of given dimension ''' photo = Photo.query.get_or_404(id) if not current_user.has_roles(['admin', 'poweruser']) and photo.is_hidden(): abort(404) return send_file(photo.thumbnail_path(width,height))
def photo_file(id): ''' Return raw photo file ''' photo = Photo.query.get_or_404(id) if not current_user.has_roles(['admin', 'poweruser']) and photo.is_hidden(): abort(404) return send_file(photo.path)
def photo(id): ''' Show photo ''' photo = Photo.query.get_or_404(id) if not current_user.has_roles(['admin', 'poweruser']) and photo.is_hidden(): abort(404) return render_template('photo.html', photo=photo)
def json_photo_exif(id): ''' Returns exif info in json format ''' photo = Photo.query.get_or_404(id) if not current_user.has_roles(['admin', 'poweruser']) and photo.is_hidden(): abort(404) if photo.exif_data: return jsonify(photo.exif_data.json()) else: abort(404)
def decorated_view(*args, **kwargs): id = kwargs['id'] # get element if type == Album: element = Album.query.get_or_404(id) elif type == Photo: element = Photo.query.get_or_404(id) elif type == Directory: element = Directory.query.get_or_404(id) element = element.album else: return abort(404) # user must be logged if not current_user.is_authenticated(): return current_app.user_manager.unauthenticated_view_function() # user must be admin or poweruser and author of element if not (current_user.has_roles('admin') or (current_user.has_roles('poweruser') and element.author == current_user)): return current_app.user_manager.unauthenticated_view_function() return func(*args, **kwargs)
def album(id, page=1): ''' View album ''' album = Album.query.get_or_404(id) if not current_user.has_roles(['admin', 'poweruser']) and album.is_hidden(): abort(404) if request.args.get('show_hidden'): photos = Photo.query.join(Directory).filter(Directory.album_id == album.id).paginate(page, current_app.config['FLASKLLERY_PHOTOS_PER_PAGE'], False) else: photos = Photo.query.filter_by(hidden=False).join(Directory).filter(Directory.album_id == album.id).paginate(page, current_app.config['FLASKLLERY_PHOTOS_PER_PAGE'], False) return render_template('album.html', album=album, photos=photos)
def json_album_photos(id): ''' Returns an array of photo ids that belongs to Album ''' album = Album.query.get(id) if not current_user.has_roles(['admin', 'poweruser']) and album.is_hidden(): abort(404) photos = Photo.query.with_entities(Photo.id).join(Directory).filter(Directory.album_id == id).all() if photos: return json.dumps(zip(*photos))[1:-1] else: abort(404)
def icesportsforum_email(form, field): if not current_user.is_authenticated() or not current_user.has_roles('management'): email = field.data.strip().lower() if email == "*****@*****.**": return #***ALERT*** MUST BE REMOVED. FOR TESTING ONLY if "@" not in email or email.split("@")[1] != "icesportsforum.com": raise ValidationError('Must have an Ice Sports Forum email to register')
def is_accessible(self): if not current_user.is_authenticated(): return False return current_user.has_roles("Admin")