def deleteMenuItem(restaurant_id, menu_id): """page to delete a menu item.""" if 'access_token' not in flask_session: return logInRedirect() restaurant = session.query(Restaurant).filter_by(id = restaurant_id).first() user_id = getUserId(flask_session['email'],flask_session['google_plus_id']) if not restaurant.user_id == user_id: flash("Only restaurant owners can delete items.") return redirect(url_for("publicMenu",restaurant_id = restaurant_id)) if request.method == "POST": print "\ndeleteMenuItem POST triggered!, menu_id is: ", menu_id deletedMenuItem = session.query(MenuItem).filter_by(id = menu_id).first() session.delete(deletedMenuItem) session.commit() flash( "item '" + deletedMenuItem.name + "' deleted. Auf Wiedersehen!") return redirect(url_for("showMenu", restaurant_id=restaurant_id)) else: print "restaurants/delete accessed..." menuItem = session.query(MenuItem).filter_by(id = menu_id).first() return render_template( 'deleteMenuItem.html', menuItem = menuItem, restaurant = restaurant )
def deleteRestaurant(restaurant_id): """page to delete a restaurant (authorized only for creators).""" if "access_token" not in flask_session: return logInRedirect() restaurant = session.query(Restaurant).filter_by(id=restaurant_id).first() user_id = getUserId(flask_session["email"], flask_session["google_plus_id"]) if not restaurant.user_id == user_id: flash("Only restaurant owners can delete restaurants.") return redirect(url_for("publicMenu", restaurant_id=restaurant_id)) if request.method == "POST": print "\ndeleteRestaurant POST triggered!" deletedRestaurant = session.query(Restaurant).filter_by(id=restaurant_id).first() session.delete(deletedRestaurant) session.commit() flash("item '" + deletedRestaurant.name + "' deleted. Auf Wiedersehen!") return redirect(url_for("showRestaurants")) else: print "restaurants/id/delete accessed..." return render_template("deleteRestaurant.html", restaurant=restaurant)