def delete_comment(self, id):
DB = GardensDB()
if 'uid' not in self.session_data:
self.no_auth(401)
return
comment = DB.get_one_comment(id)
if comment != None:
# If they did not write the comment
if self.session_data['uid'] != comment['author_id']:
self.no_auth(403)
return
DB.delete_comment(id)
self.response(204)
else:
self.response(404)
def update_comment(self, id):
DB = GardensDB()
if 'uid' not in self.session_data:
self.no_auth(401)
return
comment = DB.get_one_comment(id)
if comment != None:
# If they did not write the comment
if self.session_data['uid'] != comment['author_id']:
self.no_auth(403)
return
body = self.decode()
content = body['content']
DB.update_comment(id, content)
self.response(204)
else:
self.response(404)