def delete_catalog(user, id): if not user: return jsonify({'message': 'Unauthorized'}), 401 catalog = Catalog.find_by_id(id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 if user.id != catalog.user_id: return jsonify({'message': 'No permission'}), 403 items = Item.find_by_catalog_id(id) for item in items: item.delete_from_db() catalog.delete_from_db() return jsonify({'message': 'Catalog deleted'}), 200
def delete_catalog(id): catalog = Catalog.find_by_id(id) if not catalog: message = 'No catalog with id %s' % id return render_template('common/not-found.html', message=message) if catalog.user_id != login_session['user_id']: flash('Not authorized to delete this catalog') return redirect(url_for('show_catalogs')) if request.method == 'GET': return render_template('catalog/catalog-delete.html', catalog=catalog) else: items = Item.find_by_catalog_id(id) for item in items: item.delete_from_db() catalog.delete_from_db() flash('Catalog is successfully deleted') return redirect(url_for('show_catalogs'))
def get_items(catalog_id): catalog = Catalog.find_by_id(catalog_id) if not catalog: return jsonify({'message': 'Catalog not found'}), 404 items = Item.find_by_catalog_id(catalog_id) return jsonify({'items': [item.serializer for item in items]}), 200