def delete_image(recipe_id, image_id):
"""Delete recipe images handler.
Deletes one recipe image from the database if exists.
This page can be accessed only by logged in users and CSRF check runs
for each delete.
Args:
recipe_id: The recipe id to be deleted
image_id: The image id to be deleted
"""
if request.method == 'GET':
return redirect(url_fo('recipes.index'))
csrf_protect() # csrf protection
try:
recipe = db.session.query(Recipe).filter_by(id=recipe_id).one()
except:
flash('Oopss! The recipe image does not exists!', 'danger')
return redirect(url_for('recipes.index'))
if recipe.user.id == current_user.id:
image = db.session.query(RecipeImage).filter_by(id=image_id).one()
db.session.delete(image)
flash('Recipe image was successfully deleted!', 'success')
db.session.commit()
return 'success'
flash('Oopss! You are not allowed to delete this image!', 'danger')
return 'error'
def delete_image(recipe_id, image_id):
"""Delete recipe images handler.
Deletes one recipe image from the database if exists.
This page can be accessed only by logged in users and CSRF check runs
for each delete.
Args:
recipe_id: The recipe id to be deleted
image_id: The image id to be deleted
"""
if request.method == 'GET':
return redirect(url_fo('recipes.index'))
csrf_protect() # csrf protection
try:
recipe = db.session.query(Recipe).filter_by(id=recipe_id).one()
except:
flash('Oopss! The recipe image does not exists!', 'danger')
return redirect(url_for('recipes.index'))
if recipe.user.id == current_user.id:
image = db.session.query(RecipeImage).filter_by(id=image_id).one()
db.session.delete(image)
flash('Recipe image was successfully deleted!', 'success')
db.session.commit()
return 'success'
flash('Oopss! You are not allowed to delete this image!', 'danger')
return 'error'
def delete(category_id):
"""Delete category handler.
Deletes the category from the database if exists. All the associated
recipes and images will also be deleted.
This page can be accessed only by logged in users and CSRF check runs
for each delete.
Args:
category_id: The category id to be deleted
"""
if request.method == 'GET':
return redirect(url_for('categories.index'))
elif current_user.is_admin:
csrf_protect() # csrf protection
try:
category = db.session.query(Category) \
.filter_by(id=category_id) \
.one()
db.session.delete(category)
flash(
'Category "%s" successfully deleted' % category.name, 'success'
)
delete_category_image(category_id)
db.session.commit()
except exc.NoResultFound:
flash('Category does not exists!', 'danger')
return 'error'
except:
flash('An error occurred, please try again later!')
return 'error'
return 'success'
flash('Oopss! You are not allowed to delete categories!', 'danger')
return 'error'
def delete(category_id):
"""Delete category handler.
Deletes the category from the database if exists. All the associated
recipes and images will also be deleted.
This page can be accessed only by logged in users and CSRF check runs
for each delete.
Args:
category_id: The category id to be deleted
"""
if request.method == 'GET':
return redirect(url_for('categories.index'))
elif current_user.is_admin:
csrf_protect() # csrf protection
try:
category = db.session.query(Category) \
.filter_by(id=category_id) \
.one()
db.session.delete(category)
flash('Category "%s" successfully deleted' % category.name,
'success')
delete_category_image(category_id)
db.session.commit()
except exc.NoResultFound:
flash('Category does not exists!', 'danger')
return 'error'
except:
flash('An error occurred, please try again later!')
return 'error'
return 'success'
flash('Oopss! You are not allowed to delete categories!', 'danger')
return 'error'
