def item_delete_route(item_name): """ Route to delete item """ target_item = get_item(item_name) # checking access rights if target_item.owner != user_info()['id']: flash('Only owner can delete item') return redirect(url_for('item_route', item_name=item_name)) if target_item is None: abort(404) if request.method == 'POST': delete_item(item_name) flash('Item deleted') # sending user to categories page for he has done return redirect(url_for('categories_route')) if request.method == 'GET': return render_template('confirm.html', page={'title': 'Delete item'}, user=user_info(), content={ 'message': 'Do you really want delete item ' + target_item.name + '?' })
def item_edit_route(item_name): """ Route to edit item """ target_item = get_item(item_name) # It is possible that user change the Item Name so use the previous # checking access rights if target_item.owner != user_info()['id']: flash('Only owner can edit item') return redirect(url_for('item_route', item_name=item_name)) if target_item is None: flash('Item with this name does not exist') abort(404) if request.method == 'POST': update_item(target_item.id) flash('Item updated') # sending user to item page after edit is done return redirect(url_for('item_route', item_name=target_item.name)) if request.method == 'GET': return render_template('item_edit.html', page={'title': 'Edit item'}, user=user_info(), content={ 'is_edit': True, 'item': target_item })
def item_route(item_name): """ Route that outputs item info """ target_item = get_item(item_name) if target_item is None: flash('Item not found') # sending user to categories page for he has done return redirect(url_for('categories_route')) return render_template('item.html', page={ 'title': 'Item ' + target_item.name, 'has_sidebar': True }, user=user_info(), content={ 'categories': get_categories(), 'item': target_item })