def delete_post_instance(request):
# Users who are allowed to delete (actually tombstone) a Post instance:
# - user who is the author of the Post instance and who has the P_DELETE_MY_POST permission in this discussion
# - user who has the P_DELETE_POST permission in this discussion
ctx = request.context
user_id = authenticated_userid(request) or Everyone
permissions = ctx.get_permissions()
instance = ctx._instance
allowed = False
if (user_id == instance.creator_id and P_DELETE_MY_POST in permissions) or (P_DELETE_POST in permissions):
allowed = True
if not allowed:
raise HTTPUnauthorized()
# Remove extracts associated to this post
extracts_to_remove = instance.db.query(Extract).filter(Extract.content_id == instance.id).all()
number_of_extracts = len(extracts_to_remove)
for extract in extracts_to_remove:
extract.delete()
if user_id == instance.creator_id and P_DELETE_MY_POST in permissions:
cause = PublicationStates.DELETED_BY_USER
elif P_DELETE_POST in permissions:
cause = PublicationStates.DELETED_BY_ADMIN
instance.delete_post(cause)
return {
"result": "Post has been successfully deleted.",
"removed_extracts": number_of_extracts
}
评论列表
文章目录
