equal
deleted
inserted
replaced
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
9 # WARRANTIES OF TITLE, MERCHANTABILITY, AGAINST INFRINGEMENT, AND FITNESS |
10 # FOR A PARTICULAR PURPOSE. |
10 # FOR A PARTICULAR PURPOSE. |
11 # |
11 # |
12 |
12 |
13 from pyramid.exceptions import NotFound |
13 from pyramid.exceptions import NotFound |
14 from pyramid.httpexceptions import HTTPInternalServerError, HTTPUnauthorized |
14 from pyramid.httpexceptions import HTTPForbidden, HTTPInternalServerError |
15 from pyramid.view import view_config |
15 from pyramid.view import view_config |
16 from zope.container.interfaces import IContainer |
16 from zope.container.interfaces import IContainer |
17 from zope.interface import implementer |
17 from zope.interface import implementer |
18 |
18 |
19 from pyams_form.security import get_edit_permission |
19 from pyams_form.security import get_edit_permission |
89 } |
89 } |
90 } |
90 } |
91 # Check permission |
91 # Check permission |
92 if not ignore_permission: |
92 if not ignore_permission: |
93 context = container[name] |
93 context = container[name] |
94 permission = get_edit_permission(request, context) |
94 permission = get_edit_permission(request, context, action='delete') |
95 if permission is None: |
95 if permission is None: |
96 raise HTTPInternalServerError("Missing permission definition") |
96 raise HTTPInternalServerError("Missing permission definition") |
97 elif not request.has_permission(permission, context): |
97 if not request.has_permission(permission, context): |
98 raise HTTPUnauthorized() |
98 raise HTTPForbidden() |
99 # Delete element |
99 # Delete element |
100 del container[name] |
100 del container[name] |
101 return {'status': 'success'} |
101 return {'status': 'success'} |
102 |
102 |
103 |
103 |