def delete_entry(entry_id):
if not is_logged_in():
return 'User is not logged in; creator_id is not set'
db = Database()
db_entry = db.get_entry(entry_id)
if db_entry['creator_id'] == get_current_user_id(
) or db.is_user_id_administrator(get_current_user_id()):
db.disable_entry(entry_id)
else:
return "Invalid permissions"
return redirect_to_referrer()
def modify_entry(entry_id):
if not is_logged_in():
return 'User is not logged in; creator_id is not set'
if not is_current_session_set():
return 'Session_id is not set'
db = Database()
db_entry = db.get_entry(entry_id)
if db_entry['creator_id'] == get_current_user_id(
) or db.is_user_id_administrator(get_current_user_id()):
new_value = request.data.decode('utf-8')
db.update_entry(entry_id, new_value)
return "OK"
# clear entry_option_id
# clear category_id??
# update user id?? (if admin changed it)
else:
return "Invalid permissions"
