def delete(self, uid, aid): """ .. http:delete:: /users/1/keys/1 deletes one api key **Example request**: .. sourcecode:: http DELETE /users/1/keys/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "result": true } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ if uid != g.current_user.id: if not ApiKeyCreatorPermission().can(): return dict( message="You are not authorized to view this token!"), 403 access_key = service.get(aid) if access_key is None: return dict(message="This token does not exist!"), 404 if access_key.user_id != uid: return dict( message="You are not authorized to delete this token!"), 403 service.delete(access_key) return {"result": True}
def delete(self, uid, aid): """ .. http:delete:: /users/1/keys/1 deletes one api key **Example request**: .. sourcecode:: http DELETE /users/1/keys/1 HTTP/1.1 Host: example.com Accept: application/json, text/javascript **Example response**: .. sourcecode:: http HTTP/1.1 200 OK Vary: Accept Content-Type: text/javascript { "result": true } :reqheader Authorization: OAuth token to authenticate :statuscode 200: no error :statuscode 403: unauthenticated """ if uid != g.current_user.id: if not ApiKeyCreatorPermission().can(): return dict(message="You are not authorized to view this token!"), 403 access_key = service.get(aid) if access_key is None: return dict(message="This token does not exist!"), 404 if access_key.user_id != uid: return dict(message="You are not authorized to delete this token!"), 403 service.delete(access_key) return {'result': True}