def survey_confirm_organisation(_):
    # Get and decrypt enrolment code
    cryptographer = Cryptographer()
    encrypted_enrolment_code = request.args.get('encrypted_enrolment_code',
                                                None)
    enrolment_code = cryptographer.decrypt(
        encrypted_enrolment_code.encode()).decode()

    # Validate enrolment code before retrieving organisation data
    iac_controller.validate_enrolment_code(enrolment_code)

    logger.info(
        'Attempting to retrieve data for confirm add organisation/survey page')
    try:
        # Get organisation name
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case['caseGroup']['partyId']
        business_party = party_controller.get_party_by_business_id(
            business_party_id, app.config['PARTY_URL'],
            app.config['BASIC_AUTH'])

        # Get survey name
        collection_exercise_id = case['caseGroup']['collectionExerciseId']
        collection_exercise = collection_exercise_controller.get_collection_exercise(
            collection_exercise_id)
        survey_id = collection_exercise['surveyId']
        survey_name = survey_controller.get_survey(app.config['SURVEY_URL'],
                                                   app.config['BASIC_AUTH'],
                                                   survey_id).get('longName')
def survey_confirm_organisation(_):
    # Get and decrypt enrolment code
    cryptographer = Cryptographer()
    encrypted_enrolment_code = request.args.get("encrypted_enrolment_code",
                                                None)
    enrolment_code = cryptographer.decrypt(
        encrypted_enrolment_code.encode()).decode()

    # Validate enrolment code before retrieving organisation data
    iac_controller.validate_enrolment_code(enrolment_code)

    logger.info(
        "Attempting to retrieve data for confirm add organisation/survey page",
        enrolment_code=enrolment_code)
    try:
        # Get organisation name
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case["caseGroup"]["partyId"]
        business_party = party_controller.get_party_by_business_id(
            business_party_id, app.config["PARTY_URL"],
            app.config["BASIC_AUTH"])

        # Get survey name
        collection_exercise_id = case["caseGroup"]["collectionExerciseId"]
        collection_exercise = collection_exercise_controller.get_collection_exercise(
            collection_exercise_id)
        survey_id = collection_exercise["surveyId"]
        survey_name = survey_controller.get_survey(app.config["SURVEY_URL"],
                                                   app.config["BASIC_AUTH"],
                                                   survey_id).get("longName")
Ejemplo n.º 3
0
def register_confirm_organisation_survey():
    # Get and decrypt enrolment code
    cryptographer = Cryptographer()
    encrypted_enrolment_code = request.args.get("encrypted_enrolment_code")
    try:
        enrolment_code = cryptographer.decrypt(
            encrypted_enrolment_code.encode()).decode()
    except AttributeError:
        logger.error("No enrolment code supplied",
                     exc_info=True,
                     url=request.url)
        raise
    # Validate enrolment code before retrieving organisation data
    iac_controller.validate_enrolment_code(enrolment_code)

    logger.info(
        "Attempting to retrieve data for confirm organisation/survey page",
        enrolment_code=enrolment_code)
    try:
        # Get organisation name
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case["caseGroup"]["partyId"]
        business_party = party_controller.get_party_by_business_id(
            business_party_id, app.config["PARTY_URL"],
            app.config["BASIC_AUTH"])

        # Get survey name
        collection_exercise_id = case["caseGroup"]["collectionExerciseId"]
        collection_exercise = collection_exercise_controller.get_collection_exercise(
            collection_exercise_id)
        survey_id = collection_exercise["surveyId"]
        survey_name = survey_controller.get_survey(app.config["SURVEY_URL"],
                                                   app.config["BASIC_AUTH"],
                                                   survey_id).get("longName")
Ejemplo n.º 4
0
def add_survey(_):
    form = EnrolmentCodeForm(request.form)

    if request.method == 'POST' and form.validate():
        logger.info('Enrolment code submitted')
        enrolment_code = request.form.get('enrolment_code').lower()

        # Validate the enrolment code
        try:
            iac = iac_controller.get_iac_from_enrolment(enrolment_code)
            if iac is None:
                logger.info('Enrolment code not found')
                template_data = {"error": {"type": "failed"}}
                return render_template('surveys/surveys-add.html',
                                       form=form,
                                       data=template_data), 200
            if not iac['active']:
                logger.info('Enrolment code not active')
                template_data = {"error": {"type": "failed"}}
                return render_template('surveys/surveys-add.html',
                                       form=form,
                                       data=template_data)
        except ApiError as exc:
            if exc.status_code == 400:
                logger.info('Enrolment code already used',
                            status_code=exc.status_code)
                template_data = {"error": {"type": "failed"}}
                return render_template('surveys/surveys-add.html',
                                       form=form,
                                       data=template_data)
            else:
                logger.error('Failed to submit enrolment code',
                             status_code=exc.status_code)
                raise

        cryptographer = Cryptographer()
        encrypted_enrolment_code = cryptographer.encrypt(
            enrolment_code.encode()).decode()
        logger.info('Successful enrolment code submitted')
        return redirect(
            url_for('surveys_bp.survey_confirm_organisation',
                    encrypted_enrolment_code=encrypted_enrolment_code,
                    _external=True,
                    _scheme=getenv('SCHEME', 'http')))

    elif request.method == 'POST' and not form.validate():
        logger.info('Invalid character length, must be 12 characters')
        template_data = {"error": {"type": "failed"}}
        return render_template('surveys/surveys-add.html',
                               form=form,
                               data=template_data)

    return render_template('surveys/surveys-add.html',
                           form=form,
                           data={"error": {}})
Ejemplo n.º 5
0
def register():
    cryptographer = Cryptographer()
    form = EnrolmentCodeForm(request.form)
    if form.enrolment_code.data:
        form.enrolment_code.data = form.enrolment_code.data.strip()

    if request.method == 'POST' and form.validate():
        logger.info('Enrolment code submitted')
        enrolment_code = form.enrolment_code.data.lower()

        # Validate the enrolment code
        try:
            iac = iac_controller.get_iac_from_enrolment(enrolment_code)
            if iac is None:
                template_data = {"error": {"type": "failed"}}
                return render_template(
                    'register/register.enter-enrolment-code.html',
                    form=form,
                    data=template_data), 200
        except ApiError as exc:
            if exc.status_code == 400:
                logger.info('Enrolment code already used')
                template_data = {"error": {"type": "failed"}}
                return render_template(
                    'register/register.enter-enrolment-code.html',
                    form=form,
                    data=template_data), 200
            else:
                logger.error('Failed to submit enrolment code')
                raise exc

        # This is the initial submission of enrolment code so post a case event for authentication attempt
        case_id = iac['caseId']
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case['partyId']
        case_controller.post_case_event(
            case_id,
            party_id=business_party_id,
            category='ACCESS_CODE_AUTHENTICATION_ATTEMPT',
            description='Access code authentication attempted')

        encrypted_enrolment_code = cryptographer.encrypt(
            enrolment_code.encode()).decode()
        logger.info('Successful enrolment code submitted')
        return redirect(
            url_for('register_bp.register_confirm_organisation_survey',
                    encrypted_enrolment_code=encrypted_enrolment_code,
                    _external=True,
                    _scheme=os.getenv('SCHEME', 'http')))

    return render_template('register/register.enter-enrolment-code.html',
                           form=form,
                           data={"error": {}})
Ejemplo n.º 6
0
def add_survey_submit(session):
    party_id = session.get_party_id()

    cryptographer = Cryptographer()
    encrypted_enrolment_code = request.args.get("encrypted_enrolment_code")
    enrolment_code = cryptographer.decrypt(
        encrypted_enrolment_code.encode()).decode()
    logger.info("Assigning new survey to a user",
                party_id=party_id,
                enrolment_code=enrolment_code)

    try:
        # Verify enrolment code is active
        iac = iac_controller.get_iac_from_enrolment(enrolment_code)
        if iac is None:
            # Showing the client an error screen if the enrolment code is either not found or inactive isn't great
            # but it's better then what used to happen, which was raise TypeError and show them the generic exception
            # page.  This lets us more easily debug the issue.  Ideally we'd redirect the user to the surveys_list
            # page with a 'Something went wrong when signing you up for the survey, try again or call us' error.
            logger.error("IAC code not found or inactive",
                         enrolment_code=enrolment_code)
            abort(400)

        # Add enrolment for user in party
        case_id = iac["caseId"]
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case["partyId"]
        collection_exercise_id = case["caseGroup"]["collectionExerciseId"]
        # Get survey ID from collection Exercise
        added_survey_id = collection_exercise_controller.get_collection_exercise(
            case["caseGroup"]["collectionExerciseId"]).get("surveyId")

        info = party_controller.get_party_by_business_id(
            business_party_id, app.config["PARTY_URL"],
            app.config["BASIC_AUTH"], collection_exercise_id)

        already_enrolled = None
        if is_respondent_and_business_enrolled(info["associations"],
                                               case["caseGroup"]["surveyId"],
                                               party_id):
            logger.info(
                "User tried to enrol onto a survey they are already enrolled on",
                case_id=case_id,
                party_id=party_id,
                enrolment_code=enrolment_code,
            )
            already_enrolled = True
        else:
def add_survey_submit(session):
    party_id = session['party_id']
    logger.info('Assigning new survey to a user', party_id=party_id)

    cryptographer = Cryptographer()
    encrypted_enrolment_code = request.args.get('encrypted_enrolment_code')
    enrolment_code = cryptographer.decrypt(
        encrypted_enrolment_code.encode()).decode()

    try:
        # Verify enrolment code is active
        iac = iac_controller.get_iac_from_enrolment(enrolment_code)

        # Add enrolment for user in party
        case_id = iac['caseId']
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case['partyId']
        case_controller.post_case_event(
            case_id,
            party_id=business_party_id,
            category='ACCESS_CODE_AUTHENTICATION_ATTEMPT',
            description='Access code authentication attempted')

        party_controller.add_survey(party_id, enrolment_code)

        # Get survey ID from collection Exercise
        added_survey_id = collection_exercise_controller.get_collection_exercise(
            case['caseGroup']['collectionExerciseId']).get('surveyId')

    except ApiError as exc:
        logger.error('Failed to assign user to a survey',
                     party_id=party_id,
                     status_code=exc.status_code)
        raise

    logger.info(
        'Successfully retrieved data for confirm add organisation/survey page',
        case_id=case_id,
        party_id=party_id)
    return redirect(
        url_for('surveys_bp.get_survey_list',
                _anchor=(business_party_id, added_survey_id),
                _external=True,
                business_party_id=business_party_id,
                survey_id=added_survey_id,
                tag='todo'))
Ejemplo n.º 8
0
import logging

from flask import render_template, request
from structlog import wrap_logger

from frontstage.common.cryptographer import Cryptographer
from frontstage.controllers import iac_controller, party_controller
from frontstage.exceptions.exceptions import ApiError
from frontstage.models import RegistrationForm
from frontstage.views.register import register_bp


logger = wrap_logger(logging.getLogger(__name__))
cryptographer = Cryptographer()


@register_bp.route('/create-account/enter-account-details', methods=['GET', 'POST'])
def register_enter_your_details():
    # Get and decrypt enrolment code
    encrypted_enrolment_code = request.args.get('encrypted_enrolment_code', None)
    enrolment_code = cryptographer.decrypt(encrypted_enrolment_code.encode()).decode()
    form = RegistrationForm(request.values, enrolment_code=encrypted_enrolment_code)
    form.email_address.data = form.email_address.data.strip()

    # Validate enrolment code before rendering or checking the form
    iac_controller.validate_enrolment_code(enrolment_code)

    if request.method == 'POST' and form.validate():
        logger.info('Attempting to create account')
        email_address = form.email_address.data
        registration_data = {
Ejemplo n.º 9
0
def add_survey(_):
    form = EnrolmentCodeForm(request.form)

    if request.method == "POST" and form.validate():
        enrolment_code = request.form.get("enrolment_code").lower()
        logger.info("Enrolment code submitted when attempting to add survey",
                    enrolment_code=enrolment_code)
        # Validate the enrolment code
        try:
            iac = iac_controller.get_iac_from_enrolment(enrolment_code)
            if iac is None:
                logger.info(
                    "Enrolment code not found when attempting to add survey",
                    enrolment_code=enrolment_code)
                template_data = {"error": {"type": "failed"}}
                return render_template("surveys/surveys-add.html",
                                       form=form,
                                       data=template_data), 200
            if not iac["active"]:
                logger.info(
                    "Enrolment code not active when attempting to add survey",
                    enrolment_code=enrolment_code)
                template_data = {"error": {"type": "failed"}}
                return render_template("surveys/surveys-add.html",
                                       form=form,
                                       data=template_data)
        except ApiError as exc:
            if exc.status_code == 400:
                logger.info(
                    "Enrolment code already used when attempting to add survey",
                    status_code=exc.status_code,
                    enrolment_code=enrolment_code,
                )
                template_data = {"error": {"type": "failed"}}
                return render_template("surveys/surveys-add.html",
                                       form=form,
                                       data=template_data)
            else:
                logger.error(
                    "Failed to submit enrolment code when attempting to add survey",
                    status_code=exc.status_code,
                    enrolment_code=enrolment_code,
                )
                raise

        logger.info(
            "Enrolment code validation complete; now attempting encryption",
            enrolment_code=enrolment_code)
        cryptographer = Cryptographer()
        encrypted_enrolment_code = cryptographer.encrypt(
            enrolment_code.encode()).decode()
        logger.info("Enrolment code decoding successful",
                    enrolment_code=enrolment_code)
        return redirect(
            url_for(
                "surveys_bp.survey_confirm_organisation",
                encrypted_enrolment_code=encrypted_enrolment_code,
                _external=True,
                _scheme=getenv("SCHEME", "http"),
            ))

    elif request.method == "POST" and not form.validate():
        logger.info("Invalid character length, must be 12 characters")
        template_data = {"error": {"type": "failed"}}
        return render_template("surveys/surveys-add.html",
                               form=form,
                               data=template_data)

    return render_template("surveys/surveys-add.html",
                           form=form,
                           data={"error": {}})
Ejemplo n.º 10
0
def register():
    cryptographer = Cryptographer()
    form = EnrolmentCodeForm(request.form)
    if form.enrolment_code.data:
        form.enrolment_code.data = form.enrolment_code.data.strip()

    if request.method == "POST" and form.validate():
        enrolment_code = form.enrolment_code.data.lower()
        logger.info(
            "Enrolment code submitted when attempting to create account",
            enrolment_code=enrolment_code)

        # Validate the enrolment code
        try:
            iac = iac_controller.get_iac_from_enrolment(enrolment_code)
            if iac is None:
                logger.info(
                    "Enrolment code not found when attempting to create account",
                    enrolment_code=enrolment_code)
                template_data = {"error": {"type": "failed"}}
                return (
                    render_template(
                        "register/register.enter-enrolment-code.html",
                        form=form,
                        data=template_data),
                    200,
                )
            if not iac["active"]:
                logger.info(
                    "Enrolment code not active when attempting to create account",
                    enrolment_code=enrolment_code)
                template_data = {"error": {"type": "failed"}}
                return render_template(
                    "register/register.enter-enrolment-code.html",
                    form=form,
                    data=template_data)
        except ApiError as exc:
            if exc.status_code == 400:
                logger.info(
                    "Enrolment code already used when attempting to create account",
                    enrolment_code=enrolment_code)
                template_data = {"error": {"type": "failed"}}
                return (
                    render_template(
                        "register/register.enter-enrolment-code.html",
                        form=form,
                        data=template_data),
                    200,
                )
            else:
                logger.error(
                    "Failed to submit enrolment code when attempting to create account",
                    enrolment_code=enrolment_code)
                raise exc

        # This is the initial submission of enrolment code so post a case event for authentication attempt
        case_id = iac["caseId"]
        case = case_controller.get_case_by_enrolment_code(enrolment_code)
        business_party_id = case["partyId"]
        case_controller.post_case_event(
            case_id,
            party_id=business_party_id,
            category="ACCESS_CODE_AUTHENTICATION_ATTEMPT",
            description="Access code authentication attempted",
        )

        encrypted_enrolment_code = cryptographer.encrypt(
            enrolment_code.encode()).decode()
        logger.info(
            "Successful enrolment code submitted when attempting to create account",
            enrolment_code=enrolment_code)
        return redirect(
            url_for(
                "register_bp.register_confirm_organisation_survey",
                encrypted_enrolment_code=encrypted_enrolment_code,
                _external=True,
                _scheme=os.getenv("SCHEME", "http"),
            ))

    return render_template("register/register.enter-enrolment-code.html",
                           form=form,
                           data={"error": {}})