def delete_user(name): if 'account' in session: user_info = get_user_info(session['account']) if user_info["access_id"] == 4: remove_user(name) return {"message": "User was deleted"}, 200 else: return render_template('404.html', username=user_info["name"]) return render_template('404.html')
def remove_profile(): """ Remove user profile :return mix: """ # get uid uid = int(session['uid']) # get user items items = [item.serialize for item in get_items_by_user(uid)] # if the user have any items create message if len(items) > 0: flash('First remove your cars', 'error') # get user user = get_user_by_id(uid) # get user full name name = ' '.join([user.first_name, user.last_name]) if request.method == 'POST' and request.form['csrf_token'] == csrf_token: if len(items) > 0: return render('users/delete_profile.html', brands=brands, csrf_token=csrf_token) # get absolute path to image path = ''.join([BASE_DIR, user.picture]) # if file exist remove the image file if os.path.isfile(path): os.unlink(path) # remove user data from database remove_user(uid) # remove session del session['uid'] if 'provider' in session: del session['provider'] # create success message flash('Profile "%s" was removed' % name, 'success') # redirect user to home page return redirect('/', 302) return render('users/delete_profile.html', brands=brands, csrf_token=csrf_token)
def delete_user(uid): """ Remove user's profile :param uid: :return string: JSON """ user_profile = get_user_by_id(uid) if user_profile.id != g.user.id: return jsonify({'error': 'permission denied'}), 403 else: remove_user(uid) return jsonify({'message': 'account was removed'}), 200