function delete_document_v1
Flask API endpoint that deletes a document after verifying ownership and authentication.
/tf/active/vicechatdev/vice_ai/new_app.py
1117 - 1137
moderate
Purpose
This function serves as a RESTful API endpoint to delete documents from the system. It ensures that only authenticated users can delete documents they own by verifying ownership before performing the deletion. It handles errors gracefully and logs all deletion attempts for audit purposes.
Source Code
def delete_document(document_id):
"""Delete a document"""
user_email = get_current_user()
# Verify document ownership
document = document_service.get_document(document_id)
if not document or document.owner != user_email:
return jsonify({'error': 'Document not found or access denied'}), 404
try:
success = document_service.delete_document(document_id)
if success:
logger.info(f"Document deleted successfully: {document_id}")
return jsonify({'success': True})
else:
return jsonify({'error': 'Failed to delete document'}), 500
except Exception as e:
logger.error(f"Error deleting document: {e}")
return jsonify({'error': str(e)}), 500Parameters
| Name | Type | Default | Kind |
|---|---|---|---|
document_id |
- | - | positional_or_keyword |
Parameter Details
document_id: String identifier for the document to be deleted. This is extracted from the URL path parameter and should be a unique identifier (likely UUID) that corresponds to an existing document in the system.
Return Value
Returns a Flask JSON response tuple. On success: ({'success': True}, 200). On document not found or access denied: ({'error': 'Document not found or access denied'}, 404). On deletion failure: ({'error': 'Failed to delete document'}, 500). On exception: ({'error': <error_message>}, 500).
Dependencies
flasklogging
Required Imports
from flask import jsonify
import logging
Usage Example
# This is a Flask route handler, typically called via HTTP DELETE request
# Example HTTP request:
# DELETE /api/documents/abc-123-def-456
# Headers: Authorization: Bearer <token>
# Response on success:
# Status: 200
# Body: {"success": true}
# Response on unauthorized:
# Status: 404
# Body: {"error": "Document not found or access denied"}
# To use in Flask app:
# app = Flask(__name__)
# @app.route('/api/documents/<document_id>', methods=['DELETE'])
# @require_auth
# def delete_document(document_id):
# # function implementation
# passBest Practices
- Always verify document ownership before allowing deletion to prevent unauthorized access
- Use proper HTTP status codes: 404 for not found/unauthorized, 500 for server errors
- Log all deletion operations for audit trails and debugging
- Wrap deletion logic in try-except blocks to handle unexpected errors gracefully
- Return consistent JSON response format for easier client-side handling
- Ensure the require_auth decorator is applied to protect the endpoint
- Consider implementing soft deletes instead of hard deletes for data recovery
- The function assumes document_service is properly initialized and available in scope
- Consider adding rate limiting to prevent abuse of the deletion endpoint
Tags
Similar Components
AI-powered semantic similarity - components with related functionality:
-
function api_delete_document 90.1% similar
-
function api_remove_document_v1 83.9% similar
-
function api_delete_chat_uploaded_document 80.3% similar
-
function api_remove_document 79.9% similar
-
function api_delete_section 79.7% similar