def test_has_access(self):
user = self.create_user()
branch = self.create_branch()
self.assertFalse(UserBranchAccess.has_access(self.store, None, None))
self.assertFalse(UserBranchAccess.has_access(self.store, user, None))
self.assertFalse(UserBranchAccess.has_access(self.store, None, branch))
self.assertFalse(UserBranchAccess.has_access(self.store, user, branch))
user.add_access_to(branch)
self.assertTrue(UserBranchAccess.has_access(self.store, user, branch))
def create_model(self):
user = self._user
branch = self.target_combo.get_selected_data()
if UserBranchAccess.has_access(self._store, user, branch):
info(
_(u'%s is already associated with %s.') %
(user.person.name, branch.get_description()))
return
return UserBranchAccess(store=self._store, user=user, branch=branch)
def create_model(self):
user = self._user
branch = self.target_combo.get_selected_data()
if UserBranchAccess.has_access(self._store, user, branch):
info(_(u'%s is already associated with %s.') %
(user.person.name, branch.get_description()))
return
return UserBranchAccess(store=self._store,
user=user,
branch=branch)
def get(self, store):
from stoqnfe.domain.distribution import ImportedNfe
cnpj = self.get_arg('cnpj')
limit = self.get_arg('limit')
offset = self.get_arg('offset')
if not cnpj:
message = "'cnpj' not provided"
log.error(message)
abort(400, message)
if not validate_cnpj(cnpj):
message = "Invalid 'cnpj' provided"
log.error(message)
abort(400, message)
if limit is not None:
try:
limit = int(limit)
except (TypeError, ValueError):
message = "'limit' must be a number"
log.error(message)
abort(400, message)
if limit > MAX_PAGE_SIZE:
message = "'limit' must be lower than %s" % MAX_PAGE_SIZE
log.error(message)
abort(400, message)
if offset is not None:
try:
offset = int(offset)
except (TypeError, ValueError):
message = "'offset' must be a number"
log.error(message)
abort(400, message)
cnpj = format_cnpj(raw_document(cnpj))
limit = limit or 20
offset = offset or 0
login_user = self.get_current_user(store)
tables = [
Branch,
Join(Person, Branch.person_id == Person.id),
Join(Company, Company.person_id == Person.id)
]
query = Eq(Company.cnpj, cnpj)
branches = store.using(*tables).find(Branch, query)
# XXX There should exist at least one branch in database with
# the cnpj from ImportedNfes. Otherwise, there is something wrong that
# could lead to unwanted access to these ImportedNfes.
assert branches
for branch in branches:
has_access = UserBranchAccess.has_access(store, login_user, branch)
if has_access:
continue
message = 'login_user %s does not have access to branch %s' % \
(login_user.id, branch.id)
log.error(message)
abort(403, message)
result = store.find(ImportedNfe,
cnpj=cnpj).order_by(Desc(ImportedNfe.te_id))
result_count = result.count()
imported_nfes = result.config(offset=offset, limit=limit)
records = []
for imported_nfe in imported_nfes:
# FIXME: Change it to a store.find() when NFePurchase.key had been implemented
query = "SELECT id FROM nfe_purchase WHERE cnpj='{}' AND xml::text ilike '%{}%'"
nfe_purchase = store.execute(
query.format(imported_nfe.cnpj, imported_nfe.key)).get_one()
process_date = imported_nfe.process_date
record = {
'id': imported_nfe.id,
'key': imported_nfe.key,
# Since process_date is a new column, we can't assure that
# all entries have it fulfilled
'process_date': process_date and process_date.isoformat(),
'purchase_invoice_id': nfe_purchase and nfe_purchase[0]
}
records.append(record)
next_offset = offset + limit
has_next = result_count > next_offset
next_ = None
if has_next:
next_ = self.routes[0] + '?limit={}&offset={}&cnpj={}'.format(
limit, offset + limit, cnpj)
has_previous = offset > 0
previous = None
if has_previous:
previous = self.routes[0] + '?limit={}&offset={}&cnpj={}'.format(
limit, max(offset - limit, 0), cnpj)
response = {
'previous': previous,
'next': next_,
'count': len(records),
'total_records': result_count,
'records': records
}
return make_response(jsonify(response), 200)
def branch_with_access(store, client, example_creator):
branch = example_creator.create_branch(cnpj='99.399.705/0001-90')
UserBranchAccess(store=store, user=client.user, branch=branch)
return branch
