def user_private_view_jsonld(request):
if request.scheme == "http" and asbool(request.registry.settings.get(
'accept_secure_connection', False)):
return HTTPFound(get_global_base_url(True) + request.path_qs)
discussion_id = request.context.get_discussion_id()
user_id, permissions, salt = read_user_token(request)
if P_READ not in permissions:
raise HTTPUnauthorized()
if not salt and P_ADMIN_DISC not in permissions:
salt = base64.urlsafe_b64encode(urandom(6))
jdata = userprivate_jsonld(discussion_id)
if salt:
obfuscator = AESObfuscator(salt)
jdata = obfuscator.obfuscate(jdata)
if "callback" in request.GET:
jdata = handle_jsonp(request.GET['callback'], jdata)
content_type = "application/javascript"
else:
content_type = "application/ld+json"
return Response(body=jdata, content_type=content_type, charset="utf-8")
评论列表
文章目录
