def delete_category_item(item_id):
"""
Function to return a page to delete a category item.
Args:
item_id: ID of the category item to delete.
"""
user = get_user()
item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
category_id = ''
if not item:
if login_session.get('last_category_id', '') == '':
return redirect(url_for('index'))
else:
category_id = login_session.get('last_category_id')
else:
category_id = item.category.id
# Make sure the user is the creator of the item.
if not user or user and user.id != item.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the item "{}". As such, you are not authorized '\
'to delete it.'.format(item.name))
if request.method == 'POST':
db_session.delete(item)
db_session.commit()
flash("Item {} deleted.".format(item.name))
return redirect(url_for('category_info',
category_id=category_id))
else:
return render_template('delete_category_item.html',
item=item)
def delete_category(category_id):
"""
Function to return a page to delete a category.
Args:
category_id: ID of the category to delete.
"""
user = get_user()
category = db_session.query(Category)\
.filter_by(id=category_id).first()
if not category:
return redirect(url_for('index'))
# Make sure the user is the creator of the category.
if not user or user and user.id != category.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the category "{}". As such, you are not authorized '\
'to delete it.'.format(category.name))
if request.method == 'POST':
# Get and delete all items associated with this category.
items = db_session.query(CategoryItem)\
.filter_by(category_id=category.id)\
.all()
for item in items:
db_session.delete(item)
# Delete the category itself and commit everything.
db_session.delete(category)
db_session.commit()
flash("Category {} deleted.".format(category.name))
return redirect(url_for('index'))
else:
return render_template('delete_category.html',
category=category)
def delete_category(category_id):
"""
Function to return a page to delete a category.
Args:
category_id: ID of the category to delete.
"""
user = get_user()
category = db_session.query(Category)\
.filter_by(id=category_id).first()
if not category:
return redirect(url_for('index'))
# Make sure the user is the creator of the category.
if not user or user and user.id != category.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the category "{}". As such, you are not authorized '\
'to delete it.'.format(category.name))
if request.method == 'POST':
# Get and delete all items associated with this category.
items = db_session.query(CategoryItem)\
.filter_by(category_id=category.id)\
.all()
for item in items:
db_session.delete(item)
# Delete the category itself and commit everything.
db_session.delete(category)
db_session.commit()
flash("Category {} deleted.".format(category.name))
return redirect(url_for('index'))
else:
return render_template('delete_category.html', category=category)
def delete_category_item(item_id):
"""
Function to return a page to delete a category item.
Args:
item_id: ID of the category item to delete.
"""
user = get_user()
item = db_session.query(CategoryItem)\
.filter_by(id=item_id)\
.first()
category_id = ''
if not item:
if login_session.get('last_category_id', '') == '':
return redirect(url_for('index'))
else:
category_id = login_session.get('last_category_id')
else:
category_id = item.category.id
# Make sure the user is the creator of the item.
if not user or user and user.id != item.user.id:
return render_template('error.html',
headline_text='Access Denied',
error_text='Sorry, but you are not the creator of '\
'the item "{}". As such, you are not authorized '\
'to delete it.'.format(item.name))
if request.method == 'POST':
db_session.delete(item)
db_session.commit()
flash("Item {} deleted.".format(item.name))
return redirect(url_for('category_info', category_id=category_id))
else:
return render_template('delete_category_item.html', item=item)
