def delete_catalog(user, id):
if not user:
return jsonify({'message': 'Unauthorized'}), 401
catalog = Catalog.find_by_id(id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
if user.id != catalog.user_id:
return jsonify({'message': 'No permission'}), 403
items = Item.find_by_catalog_id(id)
for item in items:
item.delete_from_db()
catalog.delete_from_db()
return jsonify({'message': 'Catalog deleted'}), 200
def delete_catalog(id):
catalog = Catalog.find_by_id(id)
if not catalog:
message = 'No catalog with id %s' % id
return render_template('common/not-found.html', message=message)
if catalog.user_id != login_session['user_id']:
flash('Not authorized to delete this catalog')
return redirect(url_for('show_catalogs'))
if request.method == 'GET':
return render_template('catalog/catalog-delete.html', catalog=catalog)
else:
items = Item.find_by_catalog_id(id)
for item in items:
item.delete_from_db()
catalog.delete_from_db()
flash('Catalog is successfully deleted')
return redirect(url_for('show_catalogs'))
def get_items(catalog_id):
catalog = Catalog.find_by_id(catalog_id)
if not catalog:
return jsonify({'message': 'Catalog not found'}), 404
items = Item.find_by_catalog_id(catalog_id)
return jsonify({'items': [item.serializer for item in items]}), 200
