def confirm_supplier_details():
supplier = data_api_client.get_supplier(
current_user.supplier_id)['suppliers']
unconfirmed_open_supplier_frameworks = get_unconfirmed_open_supplier_frameworks(
data_api_client, current_user.supplier_id)
if not supplier_company_details_are_complete(supplier):
return render_error_page(
status_code=400,
error_message="Some company details are not complete")
else:
data_api_client.update_supplier(
supplier_id=current_user.supplier_id,
supplier={"companyDetailsConfirmed": True},
user=current_user.email_address)
for supplier_framework in unconfirmed_open_supplier_frameworks:
data_api_client.set_supplier_framework_application_company_details_confirmed(
supplier_id=current_user.supplier_id,
framework_slug=supplier_framework['frameworkSlug'],
application_company_details_confirmed=True,
user=current_user.email_address)
if "currently_applying_to" in session:
return redirect(
url_for(".framework_dashboard",
framework_slug=session["currently_applying_to"]))
else:
return redirect(url_for(".supplier_details"))
def external_404():
"""
Our router app proxies errors (e.g. on an assets domain) to the frontend app's /404 page (i.e. this route).
Relative links in our normal 404 page will not work if the domain doesn't match, so here we ensure all links
in the page are absolute.
:return: Our usual 404 page, but with all relative links made absolute
"""
error_page, status_code = render_error_page(status_code=404)
document = html.fromstring(error_page)
relative_links = document.xpath('//a[starts-with(@href, "/")]')
forms_with_relative_actions = document.xpath(
'//form[starts-with(@action, "/")]')
for link in relative_links:
link.set(
"href",
urljoin(current_app.config.get("DM_PATCH_FRONTEND_URL", ""),
link.get("href")))
for form in forms_with_relative_actions:
form.set(
"action",
urljoin(current_app.config.get("DM_PATCH_FRONTEND_URL", ""),
form.get("action")))
return html.tostring(document), status_code
def create_user(encoded_token):
token = decode_invitation_token(encoded_token)
if token.get('error') == 'token_invalid':
current_app.logger.warning("createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
# Replace this with a proper dedicated template.
return render_error_page(
status_code=400,
error_message=INVALID_TOKEN_MESSAGE.format(
support_email=current_app.config['SUPPORT_EMAIL_ADDRESS']),
)
role = token["role"]
if token.get('error') == 'token_expired':
current_app.logger.warning("createuser.token_expired: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create-user-error.html",
error=None,
support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=None,
user=None), 400
form = CreateUserForm()
user_json = data_api_client.get_user(email_address=token["email_address"])
if not user_json:
return render_template("auth/create-user.html",
email_address=token['email_address'],
form=form,
errors=get_errors_from_wtform(form),
role=role,
supplier_name=token.get('supplier_name'),
token=encoded_token), 200
user = User.from_json(user_json)
return render_template(
"auth/create-user-error.html",
error=None,
support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=token,
user=user), 400
def api_error_handler(e):
return render_error_page(status_code=e.status_code)
def content_loader_error_handler(e):
return render_error_page(status_code=400)
def submit_create_user(encoded_token):
token = decode_invitation_token(encoded_token)
if token.get('error') == 'token_invalid':
current_app.logger.warning("createuser.token_invalid: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_error_page(
status_code=400,
error_message=INVALID_TOKEN_MESSAGE.format(
support_email=current_app.config['SUPPORT_EMAIL_ADDRESS']),
)
role = token["role"]
if token.get('error') == 'token_expired':
current_app.logger.warning("createuser.token_expired: {encoded_token}",
extra={'encoded_token': encoded_token})
return render_template(
"auth/create-user-error.html",
error=None,
support_email_address=current_app.config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=None,
user=None), 400
form = CreateUserForm()
if not form.validate_on_submit():
current_app.logger.warning(
"createuser.invalid: {form_errors}",
extra={'form_errors': ", ".join(form.errors)})
return render_template("auth/create-user.html",
email_address=token['email_address'],
form=form,
errors=get_errors_from_wtform(form),
role=role,
supplier_name=token.get('supplier_name'),
token=encoded_token), 400
try:
user_data = {
'name': form.name.data,
'password': form.password.data,
'emailAddress': token['email_address'],
'role': role
}
if role == 'buyer':
user_data.update({'phoneNumber': form.phone_number.data})
elif role == 'supplier':
user_data.update({'supplierId': token['supplier_id']})
user_create_response = data_api_client.create_user(user_data)
user = User.from_json(user_create_response)
login_user(user)
except HTTPError as e:
if e.status_code == 409 or e.message == 'invalid_buyer_domain':
return render_template("auth/create-user-error.html",
error=e.message,
support_email_address=current_app.
config['SUPPORT_EMAIL_ADDRESS'],
role=role,
token=None), 400
else:
abort(503)
return redirect_logged_in_user(account_created=True)
def s3_response_error_handler(e):
return render_error_page(status_code=503)
def previous_services(framework_slug, lot_slug):
framework, lot = get_framework_and_lot_or_404(data_api_client, framework_slug, lot_slug, allowed_statuses=['open'])
form = OneServiceLimitCopyServiceForm(lot['name'].lower()) if lot.get('oneServiceLimit') else None
source_framework_slug = content_loader.get_metadata(framework['slug'], 'copy_services', 'source_framework')
source_framework = get_framework_or_500(data_api_client, source_framework_slug, logger=current_app.logger)
previous_services_list = data_api_client.find_services(
supplier_id=current_user.supplier_id,
framework=source_framework_slug,
lot=lot_slug,
status='published',
)["services"]
previous_services_still_to_copy = [
service for service in previous_services_list if not service['copiedToFollowingFramework']
]
if not previous_services_still_to_copy:
return redirect(url_for(".framework_submission_services", framework_slug=framework_slug, lot_slug=lot_slug))
if request.method == 'POST':
if lot.get('oneServiceLimit'):
# Don't copy a service if the lot has a one service limit and the supplier already has a draft for that lot
drafts, complete_drafts = get_lot_drafts(data_api_client, framework_slug, lot_slug)
if drafts or complete_drafts:
return render_error_page(
status_code=400,
error_message=f"You already have a draft {lot['name'].lower()} service."
)
if form.validate_on_submit():
if form.copy_service.data is True:
copy_service_from_previous_framework(
data_api_client,
content_loader,
framework_slug,
lot_slug,
previous_services_still_to_copy[0]['id'],
)
flash(
SINGLE_SERVICE_LOT_SINGLE_SERVICE_ADDED_MESSAGE.format(framework_name=framework['name']),
"success",
)
else:
data_api_client.create_new_draft_service(
framework_slug, lot_slug, current_user.supplier_id, {}, current_user.email_address,
)
return redirect(
url_for('.framework_submission_services', framework_slug=framework_slug, lot_slug=lot_slug)
)
else:
# Should not be POSTing to this view if not a one service lot
abort(400)
copy_all = request.args.get('copy_all', None)
errors = get_errors_from_wtform(form) if form else {}
return render_template(
"services/previous_services.html",
framework=framework,
lot=lot,
source_framework=source_framework,
previous_services_still_to_copy=previous_services_still_to_copy,
copy_all=copy_all,
declaration_status=get_declaration_status(data_api_client, framework_slug),
form=form,
errors=errors
), 200 if not errors else 400
