2 files changed, 24 insertions, 7 deletions

diff --git a/apioforum/templates/common.html b/apioforum/templates/common.html
index ff20644..8fcf5fe 100644
--- a/apioforum/templates/common.html
+++ b/apioforum/templates/common.html
@@ -17,13 +17,18 @@
             {% endif %}
         </span>
         <span class="post-heading-b">
-        {% if buttons and post.author == g.user %}
-            <a class="actionbutton"
-               href="{{url_for('thread.edit_post',post_id=post.id)}}">edit</a>
+        {% if buttons %}
+            {% if post.author == g.user %}
+                <a class="actionbutton"
+                   href="{{url_for('thread.edit_post',post_id=post.id)}}">edit</a>
+                <a class="actionbutton"
+                   href="{{url_for('thread.delete_post',post_id=post.id)}}">delete</a>
+            {% endif %}
             <a class="actionbutton"
-               href="{{url_for('thread.delete_post',post_id=post.id)}}">delete</a>
+               href="{{url_for('thread.view_post',post_id=post.id)}}">src</a>
         {% endif %}
-		<a class="post-anchor-link" href="{{post_url(post)}}">#{{post.id}}</a>
+            
+	<a class="post-anchor-link" href="{{post_url(post)}}">#{{post.id}}</a>
         </span>
     </div>
     <div class="post-content md">
diff --git a/apioforum/thread.py b/apioforum/thread.py
index 4bb3c86..e6d3690 100644
--- a/apioforum/thread.py
+++ b/apioforum/thread.py
@@ -84,8 +84,7 @@ def edit_post(post_id):
     post = db.execute("SELECT * FROM posts WHERE id = ?",(post_id,)).fetchone()
     if post is None:
         flash("that post doesn't exist")
-        # todo: index route
-        return redirect("/")
+        return redirect(url_for('index'))
 
     if post['author'] != g.user:
         flash("you can only edit posts that you created")
@@ -107,6 +106,19 @@ def edit_post(post_id):
         else:
             flash(err)
     return render_template("edit_post.html",post=post)
+
+@bp.route("/view_post/<int:post_id>")
+def view_post(post_id):
+    db = get_db()
+    post = db.execute("SELECT * FROM posts WHERE id = ?",(post_id,)).fetchone()
+    if post is None:
+        flash("that post doesn't exist")
+        return redirect(url_for('index'))
+
+    # when we have permissions, insert permissions check here
+    return render_template("view_post.html",post=post)
+    
+    
             
 @bp.route("/<int:thread_id>/config",methods=["GET","POST"])
 def config_thread(thread_id):