Improve SEO + add perms helper

CHANGELOG.md

@@ -8,11 +8,12 @@
   + Added `restrictions` field to `User`.
 + Pages now can have a Content Warning. It prevents them to show up in previews, and adds a
   caution message when viewing them.
++ SEO improvement: added `keywords` and `description` meta tags to viewing pages.
 + Added Terms, Privacy Policy and Rules.
 + Changed user page URLs (contributions page) from `/u/user` to `/@user`.
 + `/manage/` is now a list of all managing options, including export/import and the brand new 
   `/manage/accounts`.
-+ TOC is now shown in pages where screen width is greater than 960 pixels.
++ TOC is now shown in pages when screen width is greater than 960 pixels.
 + Style changes: added a top bar with the site title. It replaces the floating menu on the top right.
 + Now logged-in users have an “Edit” button below the first heading. All users can access page history
   by clicking the last modified time.

app.py

@@ -179,6 +179,17 @@ class User(BaseModel):
             .where(UserGroupMembership.user == self)
         )
     
+    def get_perms(self):
+        if self.is_admin:
+            return PERM_ALL
+
+        perm = 0
+
+        for gr in self.groups:
+            perm |= gr.permissions
+        
+        return perm
+
 
 # page perms (used as bitmasks)
 PERM_READ = 1
@@ -241,7 +252,7 @@ class Page(BaseModel):
         return '/' + self.url + '/' if self.url else '/p/{}/'.format(self.id)
     def short_desc(self):
         if self.is_cw:
-            return '(Content Warning)'
+            return '(Content Warning: we are not allowed to show a description.)'
         full_text = self.latest.text
         text = remove_tags(full_text, convert = not self.is_math_enabled and not _getconf('appearance', 'simple_remove_tags', False))
         return text[:200] + ('\u2026' if len(text) > 200 else '')
@@ -304,6 +315,17 @@ class Page(BaseModel):
             perm &= PERM_LOCK
         return perm
     
+    def seo_keywords(self):
+        kw = []
+        for tag in self.tags:
+            kw.append(tag.name.replace("-", " "))
+        for bkl in self.back_links:
+            try:
+                kw.append(bkl.from_page.title.replace(",", ""))
+            except Exception:
+                pass
+        return ", ".join(kw)
+
 
 class PageText(BaseModel):
     content = BlobField()
@@ -535,6 +557,18 @@ def init_db_and_create_first_user():
         )
     print('Installed successfully!')
 
+#### PERMS HELPERS ####
+
+def has_perms(user, flags, page=None):
+    if page:
+        perm = page.get_perms(user)
+    else:
+        perm = user.get_perms()
+    
+    if perm & flags:
+        return True
+    return False
+
 #### WIKI SYNTAX ####
 
 def md_and_toc(text, expand_magic=False, toc=True, math=True):
@@ -724,6 +758,9 @@ def savepoint(form, is_preview=False, pageobj=None):
 @app.route('/create/', methods=['GET', 'POST'])
 @login_required
 def create():
+    if not has_perms(current_user, PERM_CREATE):
+        flash("You are not allowed to create pages.")
+        abort(403)
     if request.method == 'POST':
         if request.form.get('preview'):
             return savepoint(request.form, is_preview=True)

templates/view.jinja2

@@ -2,6 +2,11 @@
 
 {% block title %}{{ p.title }} - {{ app_name }}{% endblock %}
 
+{% block meta %}
+<meta name="description" content="{{ p.short_desc() }}" />
+<meta name="keywords" content="{{ p.seo_keywords() }}" />
+{% endblock %}
+
 {% block json_info %}<script>window.page_info={{ p.js_info()|tojson|safe }};</script>{% endblock %}
 
 {% set html_and_toc = rev.html_and_toc(math = request.args.get('math') not in ['0', 'false', 'no', 'off']) %}