def delete_screenshot(self, screenshot):
        this_screenshot = model.Screenshot.q().get(screenshot)
        if not this_screenshot:
            abort(404)

        package = this_screenshot.package

        # Make sure the user is allowed to delete the screenshot!
        if not my.authorized_for_screenshot(this_screenshot):
            abort(403, "I'm afraid I can't do that, Dave.")

        # Admins or the one who uploaded the screenshot is allowed to delete
        elif ('username' in session) or (my.client_cookie_hash() is not None and my.client_cookie_hash() == this_screenshot.uploaderhash):
            db.delete(this_screenshot)
            for image_path in this_screenshot.image_paths:
                if os.path.isfile(image_path):
                    os.unlink(image_path)
            my.message('Screenshot for package <em>%s</em> deleted.' % package.name)
        # If the screenshot is 'approved' and the current user is not an admin
        # then it's only possible to mark the screenshot for deletion by an admin.
        else:
            this_screenshot.markedfordelete=True
            this_screenshot.delete_reason=request.params.get('reason','?')[:100]
            my.message('Admins will be asked to delete this screenshot.')

        db.commit()

        # TODO: The approved screenshots have changes. Remove the cached start page.

        # Try to redirect to the backlink (if provided)
        my.redirect_back()

        # Otherwise redirect to the package overview
        redirect(url('package', package=package.name))
    def approve_screenshot(self, screenshot):
        """Approve a screenshot. Sets it to status 'approved'."""
        this_screenshot = model.Screenshot.q().get(screenshot)
        if not this_screenshot:
            abort(404)

        if this_screenshot.approved:
            my.message("Screenshot for package <em>%s</em> already approved." % this_screenshot.package.name)
            my.redirect_back()
            redirect(url('package', package=package.name))

        package = this_screenshot.package

        # Make sure the user is allowed to delete the screenshot!
        # Has this screenshot been uploaded by the current user?
        if not my.authorized_for_screenshot(this_screenshot):
            abort(403, "I'm afraid I can't do that, Dave.")

        old_image_paths = this_screenshot.image_paths
        this_screenshot.approved = True
        new_image_paths = this_screenshot.image_paths

        # sanity check
        assert(len(old_image_paths) == len(new_image_paths))

        try:
            for old_path, new_path in zip(old_image_paths, new_image_paths):
                if not os.path.isdir(this_screenshot.directory):
                    log.debug("Creating new directory %s", this_screenshot.directory)
                    os.makedirs(this_screenshot.directory)
                log.debug("Renaming %s to %s", old_path, new_path)
                os.rename(old_path, new_path)
            db.commit()
        except IOError:
            raise

        my.message("Screenshot for package <em>%s</em> approved." % package.name)

        # The approved screenshots have changes. Remove the cached start page.
        # TODO: cache.remove_value()...
        # (http://wiki.pylonshq.com/display/pylonsdocs/Caching+in+Templates+and+Controllers)
        # (-> Other Cache Options)

        my.redirect_back()
        redirect(url('package', package=package.name))
    def keep_screenshot(self, screenshot):
        """Remove a screenshot's "markedfordelete" tag.

        This action is called if an admin decides to keep a certain screenshot although
        a visitor requested that this screenshot gets deleted."""
        this_screenshot = model.Screenshot.q().get(screenshot)
        if not this_screenshot:
            abort(404)

        package = this_screenshot.package

        # Admins only
        if not 'username' in session:
            abort(403, "I'm afraid I can't do that, Dave.")
        this_screenshot.markedfordelete=False
        db.commit()

        my.message("Screenshot for package <em>%s</em> kept." % package.name)

        my.redirect_back()
        redirect(url('moderate', package=package.name))