Another simple one – this time a DeleteView from delete_object.
Before:
@permission_required('b2c.delete_b2ctrack')
def delete_track(request,id):
track = get_object_or_404(B2CTrack, pk=id)
if track.allow_delete:
return delete_object(request,
model=B2CTrack,
object_id=id,
post_delete_redirect=reverse('track_list'),
template_name='track_confirm_delete.html')
else:
return HttpResponseRedirect(reverse('track_view', kwargs = {'pk':id} ))
After:
class TrackDeleteView(DeleteView):
template_name = 'track_confirm_delete.html'
model = B2CTrack
def get_success_url(self):
return reverse('track_list')
## Override dispatch to apply the permission decorator
@method_decorator(permission_required('b2c.delete_b2ctrack'))
def dispatch(self, request, *args, **kwargs):
return super(TrackDeleteView, self).dispatch(request, *args, **kwargs)
## Only return object if the allow_delete property is True
def get_object(self, *args, **kwargs):
object = super(TrackDeleteView,self).get_object(*args, **kwargs)
if object.allow_delete:
return object
else:
raise Http404
The old code would redirect back to the view for the same object if the allow_delete property was false. (allow_delete is a property I use on my models to check for dependent DB entries) Since one has to monkey with the URL to even attempt a delete of an object that isn’t allowed, I decided a 404 was more appropriate. Lesson for the User: Don’t Monkey with URLs!!
Comments are closed.