def item_delete(request, item_id, curr_user): "Delete Item (item_id)" item_id = int(item_id) try: item = items.objects.get(id=item_id, is_sold=False) except items.DoesNotExist: return render(request, 'error.html', {'error': 'Item Does Not Exist or You don\'t have permission to be here!'}) # if the curr_user has no rights if curr_user.user_obj != item.user and not curr_user.is_admin: return render(request, 'error.html', {'error': 'Item Does Not Exist or You don\'t have permission to be here!'}) # User has rights, Perform Delete operations if request.method == 'POST': form = DelForm(request.POST) if form.is_valid() and form.cleaned_data['confirm']: item.delete() return render(request, 'msg.html', {'msg': 'Item Deleted!'}) else: return HttpResponseRedirect('/item/?id=%d' % item.id) else: return render(request, 'item_delete.html', {'form': DelForm(), 'item': item})
def del_profile(request, curr_user): "Delete Profile of currently logged in user" if request.method == 'POST': form = DelForm(request.POST) if form.is_valid(): if form.cleaned_data['confirm']: # remove all comm and messages comms = Comm.objects.filter(buyer=curr_user.user_obj) for comm in comms: Messages.objects.filter(comm=comm).delete() comms.delete() # remove all items _items = items.objects.filter(user=curr_user.user_obj) for item in _items: comms = Comm.objects.filter(item=item) for comm in comms: Messages.objects.filter(comm=comm).delete() comms.delete() # remove admin entries try: tmp = admins.objects.get(email=curr_user.user_obj.email) tmp.delete() except admins.DoesNotExist: pass # remove user curr_user.user_obj.delete() return HttpResponseRedirect(users.create_logout_url('/')) else: return HttpResponseRedirect('/') else: return HttpResponseRedirect('/') else: return render(request, 'user_delete.html', {'form': DelForm()})