def post_delete(self, obj_key): obj = Product.get_by_key_name(obj_key) # For some reason, obj.user.key.name doesn't work here, so we just figure out what the user key is using the email address. # This is a hack which WILL NOT work if we change how user keys work. Need to figure out the right way to do this. obj_user_key = obj.user.email.split('@')[0] if obj_user_key == self.session['user_key']: Crud.post_delete(self, obj_key) self.redirect('/user/r/'+self.session['user_key']) else: self.redirect('/error/not_owner')