from flask import abort, current_app, request from flask_login import current_user, login_required from threading import Thread from app import db from app.models import User from . import bp @bp.route('/') @login_required def user(user_id): user = User.query.get_or_404(user_id) if not (user == current_user or current_user.is_administrator()): abort(403) backrefs = request.args.get('backrefs', 'false').lower() == 'true' relationships = ( request.args.get('relationships', 'false').lower() == 'true') return user.to_json_serializeable(backrefs=backrefs, relationships=relationships), 200 @bp.route('/', methods=['DELETE']) @login_required def delete_user(user_id): def _delete_user(app, user_id): with app.app_context(): user = User.query.get(user_id) user.delete() db.session.commit() user = User.query.get_or_404(user_id) if not (user == current_user or current_user.is_administrator()): abort(403) thread = Thread( target=_delete_user, args=(current_app._get_current_object(), user_id) ) thread.start() return {}, 202