fixed wrong sqlite statement
This commit is contained in:
@@ -315,7 +315,7 @@ def serve_deck(deck, course_folder, path='index.html'):
|
|||||||
abort(404)
|
abort(404)
|
||||||
assert isinstance(course, Course)
|
assert isinstance(course, Course)
|
||||||
|
|
||||||
deck_obj = db.session.execute(db.select(Deck).where(Deck.deck==deck and Deck.course_id == course.id)).scalar()
|
deck_obj = db.session.execute(db.select(Deck).where(Deck.deck == deck, Deck.course_id == course.id)).scalar()
|
||||||
if not deck_obj:
|
if not deck_obj:
|
||||||
log_404("Deck not in database", deck, course_folder, path)
|
log_404("Deck not in database", deck, course_folder, path)
|
||||||
abort(404)
|
abort(404)
|
||||||
@@ -324,7 +324,7 @@ def serve_deck(deck, course_folder, path='index.html'):
|
|||||||
if not is_deck_unlocked(deck_obj.deck):
|
if not is_deck_unlocked(deck_obj.deck):
|
||||||
# We generally do not log redirects for locked content as 404s,
|
# We generally do not log redirects for locked content as 404s,
|
||||||
# but you could log a warning here if desired.
|
# but you could log a warning here if desired.
|
||||||
current_app.logger.info(f"Access denied (locked) for user {get_token().name if get_token() else 'Anon'} -> {deck}")
|
current_app.logger.info(f"Access denied (locked) for user {get_token().name if get_token() else 'Anon'} -> {deck_obj.name}")
|
||||||
return redirect(url_for('main.index'))
|
return redirect(url_for('main.index'))
|
||||||
|
|
||||||
slides_dir = os.path.join(current_app.config['SLIDES_DIR'], course.folder)
|
slides_dir = os.path.join(current_app.config['SLIDES_DIR'], course.folder)
|
||||||
@@ -332,13 +332,16 @@ def serve_deck(deck, course_folder, path='index.html'):
|
|||||||
|
|
||||||
if not os.path.exists(deck_path):
|
if not os.path.exists(deck_path):
|
||||||
log_404("Deck directory missing on disk", deck, course_folder, path)
|
log_404("Deck directory missing on disk", deck, course_folder, path)
|
||||||
return f"Deck '{deck}' not found.", 404
|
return f"Deck '{deck_obj.name}' not found.", 404
|
||||||
|
|
||||||
if slidev_all_pattern.match(request.path):
|
if slidev_all_pattern.match(request.path):
|
||||||
|
current_app.logger.info(f"User reloaded in deck {deck_obj.name}")
|
||||||
return send_from_directory(deck_path, deck_obj.index_file)
|
return send_from_directory(deck_path, deck_obj.index_file)
|
||||||
|
|
||||||
requested_file = os.path.join(deck_path, path)
|
requested_file = os.path.join(deck_path, path)
|
||||||
if os.path.isfile(requested_file):
|
if os.path.isfile(requested_file):
|
||||||
|
if path == deck_obj.index_file:
|
||||||
|
current_app.logger.info(f"User {get_token().name if get_token() else 'Anon'} accessed deck {deck_obj.name}")
|
||||||
return send_from_directory(deck_path, path)
|
return send_from_directory(deck_path, path)
|
||||||
|
|
||||||
log_404("File missing within deck", deck, course_folder, path)
|
log_404("File missing within deck", deck, course_folder, path)
|
||||||
@@ -353,7 +356,7 @@ def serve_export(deck, course_folder, path):
|
|||||||
abort(404)
|
abort(404)
|
||||||
assert isinstance(course, Course)
|
assert isinstance(course, Course)
|
||||||
|
|
||||||
deck_obj = db.session.execute(db.select(Deck).where(Deck.deck==deck and Deck.course_id == course.id)).scalar()
|
deck_obj = db.session.execute(db.select(Deck).where(Deck.deck==deck, Deck.course_id == course.id)).scalar()
|
||||||
if not deck_obj:
|
if not deck_obj:
|
||||||
log_404("Export: Deck not in database", deck, course_folder, path)
|
log_404("Export: Deck not in database", deck, course_folder, path)
|
||||||
abort(404)
|
abort(404)
|
||||||
|
|||||||
Reference in New Issue
Block a user