Docker/AdventureLog
Docker/AdventureLog
1
0
Fork 0
mirror of https://github.com/seanmorley15/AdventureLog.git synced 2025-07-22 22:39:36 +02:00
Code Issues Releases Activity

remove image

Browse source
This commit is contained in:
Sean Morley 2024-08-17 13:59:49 -04:00
parent 9c75af5b7f
commit 6b9cd48603
2 changed files with 28 additions and 15 deletions
Download patch file Download diff file Expand all files Collapse all files

32
backend/server/adventures/views.py
View file

@ -536,7 +536,15 @@ class AdventureImageViewSet(viewsets.ModelViewSet):
serializer_class = AdventureImageSerializer serializer_class = AdventureImageSerializer
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
# make sure that when creating and updating an image, the user is authenticated and the adventure user is the same as the authenticated user def dispatch(self, request, *args, **kwargs):
print(f"Method: {request.method}")
return super().dispatch(request, *args, **kwargs)
@action(detail=True, methods=['post'])
def image_delete(self, request, *args, **kwargs):
return self.destroy(request, *args, **kwargs)
def create(self, request, *args, **kwargs): def create(self, request, *args, **kwargs):
if not request.user.is_authenticated: if not request.user.is_authenticated:
return Response({"error": "User is not authenticated"}, status=status.HTTP_401_UNAUTHORIZED) return Response({"error": "User is not authenticated"}, status=status.HTTP_401_UNAUTHORIZED)
@ -566,16 +574,21 @@ class AdventureImageViewSet(viewsets.ModelViewSet):
return super().update(request, *args, **kwargs) return super().update(request, *args, **kwargs)
# def destroy(self, request, *args, **kwargs): def perform_destroy(self, instance):
# if not request.user.is_authenticated: print("perform_destroy")
# return Response({"error": "User is not authenticated"}, status=status.HTTP_401_UNAUTHORIZED) return super().perform_destroy(instance)
# instance = self.get_object() def destroy(self, request, *args, **kwargs):
# adventure = instance.adventure print("destroy")
# if adventure.user_id != request.user: if not request.user.is_authenticated:
# return Response({"error": "User does not own this adventure"}, status=status.HTTP_403_FORBIDDEN) return Response({"error": "User is not authenticated"}, status=status.HTTP_401_UNAUTHORIZED)
# return super().destroy(request, *args, **kwargs) instance = self.get_object()
adventure = instance.adventure
if adventure.user_id != request.user:
return Response({"error": "User does not own this adventure"}, status=status.HTTP_403_FORBIDDEN)
return super().destroy(request, *args, **kwargs)
def partial_update(self, request, *args, **kwargs): def partial_update(self, request, *args, **kwargs):
if not request.user.is_authenticated: if not request.user.is_authenticated:
@ -606,7 +619,6 @@ class AdventureImageViewSet(viewsets.ModelViewSet):
return Response(serializer.data) return Response(serializer.data)
def get_queryset(self): def get_queryset(self):
# This method is used for list and retrieve actions
return AdventureImage.objects.filter(user_id=self.request.user) return AdventureImage.objects.filter(user_id=self.request.user)
def perform_create(self, serializer): def perform_create(self, serializer):

9
frontend/src/lib/components/EditAdventure.svelte
View file

@ -39,12 +39,13 @@
} }
async function removeImage(id: string) { async function removeImage(id: string) {
let res = await fetch(`/api/images/${id}/`, { let res = await fetch(`/api/images/${id}/image_delete`, {
method: 'DELETE' method: 'POST'
}); });
let data = await res.json(); if (res.status === 204) {
if (data.id) {
images = images.filter((image) => image.id !== id); images = images.filter((image) => image.id !== id);
adventureToEdit.images = images;
console.log(images);
addToast('success', 'Image removed'); addToast('success', 'Image removed');
} else { } else {
addToast('error', 'Failed to remove image'); addToast('error', 'Failed to remove image');