stef_buwalda/cal_counter
1
0
Fork 0
mirror of https://github.com/StefBuwalda/cal_counter.git synced 2025-10-30 11:19:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

Restrict food deletion to item owner

Browse Source 
Added a check to ensure only the owner of a FoodItem can delete it. This improves security by preventing unauthorized deletions.
This commit is contained in:
Stef
2025-07-02 16:08:25 +02:00
parent 7bf8a754db
commit 0e44c36e09
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
application/admin/routes.py
View File

@@ -32,7 +32,7 @@ def barcode_test():
def delete_food(id): def delete_food(id):
item = FoodItem.query.get(id) item = FoodItem.query.get(id)
if item: if item:
# if item.owner_id == current_user.id: if item.owner_id == current_user.id:
db.session.delete(item) db.session.delete(item)
db.session.commit() db.session.commit()
return redirect(url_for("admin.food_items")) return redirect(url_for("admin.food_items"))