Saturday, 31 August 2013

What's the best way to exclude routes from a sitemap using Flask?

What's the best way to exclude routes from a sitemap using Flask?

Getting a list of all routes to use in building sitemaps is simple, e.g.,
rules = current_app.url_map.iter_rules(). But a number of routes are
intended for administrative functions and these should be excluded from
sitemaps (both XML and human-readable). All such administrative routes
have a decorator @auth_role(...) (shown below, and which is very similar
to the @login_required decorator described in
http://flask.pocoo.org/docs/patterns/viewdecorators/). URLs do not have a
special segment that sets them apart from other non-administrative URLs.
So I'd like to be able to filter routes to exclude those pointing to view
functions that also have the @auth_role(...) decorator. Does it make sense
to do it this way? If so, how can this be done? If not should I revise all
administrative routes to include some segment that sets them apart from
routes for public consumption?
def auth_role(roles):
def _auth_role_required(f):
@wraps(f)
def _inner(*args, **kwargs):
try:
if g.user is None:
flash (u'You must login to access the requested
resource.', CSS.ERR)
path = urlsplit(request.url).path
if path in ['', '/', '/admin', '/admin/login']:
return redirect('/admin/login')
else:
return redirect('/admin/login?d=%s' % path)
if not g.user.is_active():
flash (u'Your account is no longer active.', CSS.ERR)
return abort(403)
if not g.user.is_authorized(roles):
flash (u'Your current role does not grant access to
this resource.', CSS.ERR)
return abort(403)
except KeyError:
return abort(401)
return f(*args, **kwargs)
return _inner
return _auth_role_required

No comments:

Post a Comment