aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--pyaggr3g470r/views.py22
1 files changed, 6 insertions, 16 deletions
diff --git a/pyaggr3g470r/views.py b/pyaggr3g470r/views.py
index 6560e92f..99f84ac5 100644
--- a/pyaggr3g470r/views.py
+++ b/pyaggr3g470r/views.py
@@ -97,7 +97,6 @@ def redirect_url(default='home'):
url_for(default)
-
from functools import wraps
def feed_access_required(func):
"""
@@ -117,8 +116,6 @@ def feed_access_required(func):
-
-
#
# Views.
#
@@ -290,7 +287,7 @@ def delete(article_id=None):
Delete an article from the database.
"""
article = Article.query.filter(Article.id == article_id).first()
- if article != None:
+ if article != None and article.source.subscriber.id == g.user.id:
db.session.delete(article)
db.session.commit()
flash('Article "' + article.title + '" deleted.', 'success')
@@ -522,18 +519,11 @@ def delete_feed(feed_id=None):
"""
Delete a feed with all associated articles.
"""
- user = models.User.objects(email=g.user.email).first()
- # delete all articles (Document objects) of the feed
- for feed in user.feeds:
- if str(feed.oid) == feed_id:
- for article in feed.articles:
- article.delete()
- feed.articles = []
- # delete the feed (EmbeddedDocument object)
- user.feeds.remove(feed)
- user.save()
- flash('Feed "' + feed.title + '" successfully deleted.', 'success')
- break
+ feed = Feed.query.filter(Feed.id == feed_id).first()
+ if feed.subscriber.id == g.user.id:
+ db.session.delete(feed)
+ db.session.commit()
+ flash('Feed "' + feed.title + '" successfully deleted.', 'success')
else:
flash('Impossible to delete this feed.', 'danger')
return redirect(redirect_url())
bgstack15