def delete_dataset(dataset_id):
"""Delete a dataset."""
ds = get_dataset(dataset_id)
if ds["author"] != current_user.id:
raise api_exceptions.APIUnauthorized("You can't delete this dataset.")
db.dataset.delete(ds["id"])
return jsonify(success=True, message="Dataset has been deleted.")
def get_check_dataset(dataset_id, write=False):
"""Wrapper for `dataset.get` function in `db` package. Meant for use with the API.
Checks the following conditions and raises NotFound exception if they
aren't met:
* Specified dataset exists.
* Current user is allowed to access this dataset.
"""
try:
ds = db.dataset.get(dataset_id)
except db.exceptions.NoDataFoundException as e:
raise api_exceptions.APINotFound("Can't find this dataset.")
if not write:
if ds["public"] or (current_user.is_authenticated
and ds["author"] == current_user.id):
return ds
else:
raise api_exceptions.APINotFound("Can't find this dataset.")
else:
if (current_user.is_authenticated and ds["author"] == current_user.id):
return ds
else:
raise api_exceptions.APIUnauthorized(
"Only the author can modify the dataset.")