def thread_view(key): thread = Thread.load(decrypt(key)) categories = get_categories(thread) user = active_user() if any(c.access is None or c.access.has_permission(user,'read') for c in categories): return template("view_thread",user=user,thread=thread) return flash_message("No permission. :(", "/","501")
def submit_post(key): user = active_user() if has_permission(user,'create-post'): post = Post() thread = Thread.load(decrypt(key)) content = bottle.request.forms.get("content","").strip() assert len(content)>0 post.update({"content":content,"owner":user.key}) thread.posts.append(post) thread.save() post.save()