def client_moral_personnes_delete_view(request): """ Delete client_moral_personnes """ # Check authorization if not Utils.has_permission(request, request.registry.settings['client_edition']): raise exc.HTTPForbidden() # Get client_id client_moral_personne_id = request.params[ 'id'] if 'id' in request.params else None model = request.dbsession.query(ClientMoralPersonne).filter( ClientMoralPersonne.id == client_moral_personne_id).first() # If result is empty if not model: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( ClientMoralPersonne.__tablename__, client_moral_personne_id)) request.dbsession.delete(model) return Utils.get_data_save_response( Constant.SUCCESS_DELETE.format(Client.__tablename__))
def emolument_facture_update_view(request): """ Update emolument_facture """ # Check authorization if not Utils.has_permission( request, request.registry.settings['affaire_facture_edition']): raise exc.HTTPForbidden() emolument_facture_id = request.params[ 'id'] if 'id' in request.params else None # Get the facture record = request.dbsession.query(EmolumentFacture).filter( EmolumentFacture.id == emolument_facture_id).first() if not record: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( EmolumentFacture.__tablename__, emolument_facture_id)) record = Utils.set_model_record(record, request.params) return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(EmolumentFacture.__tablename__))
def clients_delete_view(request): """ Delete client """ # Check authorization if not Utils.has_permission(request, request.registry.settings['client_edition']): raise exc.HTTPForbidden() # Get client_id id_client = request.params['id'] if 'id' in request.params else None model = request.dbsession.query(Client).filter( Client.id == id_client).first() # If result is empty if not model: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( Client.__tablename__, id_client)) model.sortie = datetime.utcnow() return Utils.get_data_save_response( Constant.SUCCESS_DELETE.format(Client.__tablename__))
def download_affaire_document_view(request): """ Download document """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() affaires_directory = request.registry.settings['affaires_directory'] affaire_id = request.params['affaire_id'] relpath = request.params['relpath'] filename = request.params['filename'] affaire_chemin = request.dbsession.query(Affaire).filter( Affaire.id == affaire_id).first().chemin file_path = os.path.normcase( os.path.join(affaires_directory, affaire_chemin, relpath, filename)) folder_path = os.path.exists(os.path.dirname(file_path)) if not folder_path: Utils.create_affaire_folder(request, folder_path) import urllib response = FileResponse(file_path, request=request, cache_max_age=86400) headers = response.headers headers['Content-Type'] = 'application/download' headers['Accept-Ranges'] = 'bite' headers[ 'Content-Disposition'] = 'attachment;filename=' + urllib.parse.quote( filename) return response
def numeros_view(request): """ Return all numeros """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() numero = int(request.params['numero']) if 'numero' in request.params else None cadastre_id = [int(a) for a in request.params['cadastre_id'].split(",")] if 'cadastre_id' in request.params else None type_id = [int(a) for a in request.params['type_id'].split(",")] if 'type_id' in request.params else None etat_id = [int(a) for a in request.params['etat_id'].split(",")] if 'etat_id' in request.params else None query = request.dbsession.query(VNumeros) if numero: query = query.filter(VNumeros.numero == numero) if cadastre_id: query = query.filter(VNumeros.cadastre_id.in_(cadastre_id)) if type_id: query = query.filter(VNumeros.type_numero_id.in_(type_id)) if etat_id: query = query.filter(VNumeros.etat_id.in_(etat_id)) query = query.order_by(VNumeros.numero.asc()).all() return Utils.serialize_many(query)
def numeros_relations_update_view(request): """ Update numeros_relations """ # Check authorization if not Utils.has_permission(request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() model = request.dbsession.query(NumeroRelation) # get instance if "id" in request.params: numrel_id = request.params["id"] model = model.filter(NumeroRelation.id == numrel_id) else: num_base_id = request.params["numero_id_base"] num_associe_id = request.params["numero_id_associe"] affaire_old_id = request.params["affaire_old_id"] model = model.filter(and_( NumeroRelation.numero_id_base == num_base_id, NumeroRelation.numero_id_associe == num_associe_id, NumeroRelation.affaire_id == affaire_old_id, )) model = model.first() # update instance if model != None and "affaire_new_id" in request.params: model.affaire_id = request.params["affaire_new_id"] if "affaire_new_id" in request.params else None return Utils.get_data_save_response(Constant.SUCCESS_SAVE.format(NumeroRelation.__tablename__))
def clients_moral_personne_update_view(request): """ Update contact in entreprise """ # Check authorization if not Utils.has_permission(request, request.registry.settings['client_edition']): raise exc.HTTPForbidden() client_moral_personne_id = request.params[ "id"] if "id" in request.params else None model = request.dbsession.query(ClientMoralPersonne).filter( ClientMoralPersonne.id == client_moral_personne_id).first() # If result is empty if not model: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( ClientMoralPersonne.__tablename__, client_moral_personne_id)) # Read params client model = Utils.set_model_record(model, request.params) return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(ClientMoralPersonne.__tablename__))
def controles_mutations_update_view(request): """ Update controle_mutation """ # Check authorization if not Utils.has_permission(request, request.registry.settings['affaire_edition']): raise exc.HTTPForbidden() # Get controle mutation id id = request.params['id'] if 'id' in request.params else None # Get controle mutation record record = request.dbsession.query(ControleMutation).filter( ControleMutation.id == id).first() if not record: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( ControleMutation.__tablename__, id)) record = Utils.set_model_record(record, request.params) return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(ControleMutation.__tablename__))
def save_document_view(request): """ Save file (preavis) """ settings = request.registry.settings mails_templates_directory = settings['mails_templates_directory'] affaires_directory = settings['affaires_directory'] # Get request params affaire_id = str(request.params['affaire_id']) template = request.params['template'] values = request.params['values'] service_id = request.params[ 'service_id'] if 'service_id' in request.params else None relPath = request.params['relpath'].strip('/').strip( '\\') if 'relpath' in request.params else "" filename = request.params[ 'filename'] if 'filename' in request.params else None # Set output file name output_file_name = filename if filename is not None else template if service_id: service = request.dbsession.query(Service).filter( Service.id == service_id).first() output_file_name += "_" + service.abreviation relPath = service.relpath.strip('/').strip('\\') affaire_relpath = request.dbsession.query(Affaire).filter( Affaire.id == affaire_id).first().chemin if affaire_relpath is None: affaire_relpath = affaire_id affaire_path = os.path.normcase( os.path.join(affaires_directory, affaire_relpath)) filename = output_file_name + '.docx' file_path = os.path.normcase(os.path.join(affaire_path, relPath, filename)) if not os.path.exists(affaire_path): Utils.create_affaire_folder(request, affaire_path) # update affaire chemin affaire = request.dbsession.query(Affaire).filter( Affaire.id == affaire_id).first() affaire.chemin = affaire_relpath # Set context context = json.loads(values) for key in context.keys(): context[key] = RichText(context[key]) # Ouverture du document template doc = DocxTemplate( os.path.join(mails_templates_directory, template + ".docx")) # Replace values by keywords and save doc.render(context) doc.save(file_path) return {'filename': filename, "folderpath": relPath}
def affaire_numero_new_view(request, params=None): """ Add new affaire-numero """ # Check authorization if not Utils.has_permission( request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() if not params: params = request.params # check if affaire_numero relation already exists affaireNumero = request.dbsession.query(AffaireNumero).filter( AffaireNumero.affaire_id == params['affaire_id']).filter( AffaireNumero.numero_id == params['numero_id']).filter( AffaireNumero.type_id == params['type_id']).first() if not affaireNumero is None: return # nouveau affaire_numero record = AffaireNumero() record = Utils.set_model_record(record, params) request.dbsession.add(record) return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(AffaireNumero.__tablename__))
def test_error(exc, request): """ Test (temp endpoint) """ query = request.dbsession.query(Client).first() query = Utils.set_model_record(query, request.params) return Utils.serialize_one(query)
def numeros_new_view(request, params=None): """ Add new numeros """ # Check authorization if not Utils.has_permission( request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() if not params: params = request.params params['no_access'] = "_".join(str(params['cadastre_id']), str(params['numero'])) # tester si le numéro à réserver est plus grand que le max +1 déjà existant dans la base. Si oui, répondre par une erreur num_max = request.dbsession.query(func.max(Numero.numero)).filter( Numero.cadastre_id == params['cadastre_id']).scalar() if int(params['numero']) > num_max + 1: raise CustomError( CustomError.NUMBER_REGISTRATION_FAILED.format( params['numero'], params['cadastre_id'], num_max)) # nouveau numero record = Numero() record = Utils.set_model_record(record, params) request.dbsession.add(record) request.dbsession.flush() Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(Numero.__tablename__)) return record.id
def numeros_etat_histo_new_view(request, params=None): """ Add new numero_etat_histo """ # Check authorization settings = request.registry.settings if not Utils.has_permission(request, settings['affaire_numero_edition']): raise exc.HTTPForbidden() if not params: params = request.params # check if etat already exists numEtatHisto = request.dbsession.query(NumeroEtatHisto).filter( NumeroEtatHisto.numero_id == params['numero_id']).filter( NumeroEtatHisto.numero_etat_id == params['numero_etat_id']).first() if not numEtatHisto is None: return # nouveau numero record = NumeroEtatHisto() record = Utils.set_model_record(record, params) request.dbsession.add(record) request.dbsession.flush() Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(NumeroEtatHisto.__tablename__)) return record.id
def numeros_search_view(request): """ Search numeros """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() settings = request.registry.settings search_limit = int(settings['search_limit']) params = request.params matDiff = False if 'matDiff' in params: matDiff = True if params['matDiff'] == 'true' else False # Set conditions conditions = Utils.get_search_conditions(VNumeros, params) # filter by conditions query = request.dbsession.query(VNumeros).order_by( VNumeros.cadastre, VNumeros.numero.desc()).filter(*conditions) query = query.filter(VNumeros.type_numero_id <= 4) # if option matDiff selected if matDiff: query = query.filter( and_(VNumeros.diff_entree.isnot(None), VNumeros.diff_sortie.is_(None))) query = query.limit(search_limit).all() return Utils.serialize_many(query)
def reservation_numeros_mo_by_affaire_id_view(request): """ Return all reservations_numeros_mo by affaire_id """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() searchLimit = request.registry.settings['search_limit'] affaire_id = request.matchdict['id'] cadastre_id = request.params[ "cadastre_id"] if "cadastre_id" in request.params else None startDate = request.params[ "startDate"] if "startDate" in request.params else None endDate = request.params["endDate"] if "endDate" in request.params else None query = request.dbsession.query(VReservationNumerosMO).filter( VReservationNumerosMO.affaire_id == affaire_id).order_by( VReservationNumerosMO.id.desc()) if not cadastre_id is None: query = query.filter(VReservationNumerosMO.cadastre_id == cadastre_id) if not startDate is None: query = query.filter(VReservationNumerosMO.date >= startDate) if not endDate is None: query = query.filter(VReservationNumerosMO.date <= endDate) if request.params == {} or (cadastre_id is None and startDate is None): query = query.limit(searchLimit) query = query.all() return Utils.serialize_many(query)
def numero_mo_next_view(request): """ Return all next available numero MO par cadastre, type et plan """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() cadastre_id = request.params[ 'cadastre_id'] if 'cadastre_id' in request.params else None type_id = request.params['type_id'] if 'type_id' in request.params else None plan = request.params['plan'] if 'plan' in request.params else None query = request.dbsession.query(VProchainNumeroDisponible) if cadastre_id: query = query.filter( VProchainNumeroDisponible.cadastre_id == cadastre_id) if type_id: query = query.filter( VProchainNumeroDisponible.numero_type_id == type_id) if plan: query = query.filter(VProchainNumeroDisponible.plan == plan) query = query.all() return Utils.serialize_many(query)
def affaire_numeros_view(request): """ Add new numero_etat_histo """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() conditions = list() affaire_id = request.matchdict["id"] # Récupérer les id des numéros de la MO settings = request.registry.settings numeros_immeubles_type_id = [ settings['numero_bf_id'], settings['numero_ddp_id'], settings['numero_ppe_id'], settings['numero_pcop_id'] ] conditions.append(VNumerosAffaires.affaire_id == affaire_id) conditions.append(VNumerosAffaires.numero_type_id.in_(numeros_immeubles_type_id)) if 'affaire_numero_actif' in request.params: affaire_numero_actif = request.params['affaire_numero_actif'] affaire_numero_actif = True if affaire_numero_actif.upper() == 'TRUE' else False conditions.append(VNumerosAffaires.affaire_numero_actif == affaire_numero_actif) records = request.dbsession.query(VNumerosAffaires).filter( *conditions).order_by(VNumerosAffaires.numero.desc()).all() return Utils.serialize_many(records)
def factures_update_view(request): """ Update facture """ # Check authorization if not Utils.has_permission(request, request.registry.settings['affaire_facture_edition']): raise exc.HTTPForbidden() # id_facture id_facture = None if 'id' in request.params: id_facture = request.params['id'] # Get the facture facture_record = request.dbsession.query(Facture).filter( Facture.id == id_facture).first() params = {} for key in request.params: if key == "numeros": params[key] = json.loads(request.params[key]) else: params[key] = request.params[key] if not facture_record: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format(Facture.__tablename__, id_facture)) facture_record = Utils.set_model_record(facture_record, params) return Utils.get_data_save_response(Constant.SUCCESS_SAVE.format(Facture.__tablename__))
def affaire_numero_delete_view(request): """ delete numeros_affaires """ if not Utils.has_permission(request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() affnum_id = None affaire_id = None numero_id = None record = None if "id" in request.params: affnum_id = request.params["id"] record = request.dbsession.query(AffaireNumero).filter(AffaireNumero.id == affnum_id).first() elif "affaire_id" in request.params and "numero_id" in request.params: affaire_id = request.params["affaire_id"] numero_id = request.params["numero_id"] record = request.dbsession.query(AffaireNumero).filter(and_( AffaireNumero.affaire_id == affaire_id, AffaireNumero.numero_id == numero_id )).first() else: raise CustomError(CustomError.INCOMPLETE_REQUEST) request.dbsession.delete(record) if not record: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format(AffaireNumero.__tablename__, affnum_id)) record = Utils.set_model_record(record, request.params) return Utils.get_data_save_response(Constant.SUCCESS_DELETE.format(AffaireNumero.__tablename__))
def numeros_relations_delete_view(request): """ Delete numeros_relations """ # Check authorization if not Utils.has_permission(request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() model = None numero_relation_id = None if "numero_relation_id" in request.params: numero_relation_id = request.params["numero_relation_id"] model = request.dbsession.query(NumeroRelation).filter(NumeroRelation.id == numero_relation_id).first() elif "numero_base_id" in request.params and "affaire_id" in request.params: numero_base_id = int(request.params["numero_base_id"]) affaire_id = int(request.params["affaire_id"]) numero_relation_id = "numero_base_id=" + request.params["numero_base_id"] + " & affaire_id=" + request.params["affaire_id"] model = request.dbsession.query(NumeroRelation).filter(and_( NumeroRelation.numero_id_base == numero_base_id, NumeroRelation.affaire_id == affaire_id )).first() else: raise CustomError.INCOMPLETE_REQUEST if not model: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format(NumeroRelation.__tablename__, numero_relation_id)) request.dbsession.delete(model) return Utils.get_data_save_response(Constant.SUCCESS_SAVE.format(NumeroRelation.__tablename__))
def operateur_notes_maj_update_view(request): """ Update last seen notes_maj in operateur """ # Check authorization if not Utils.check_connected(request): raise exc.HTTPForbidden() # Get operateur_id operateur_id = request.params[ 'operateur_id'] if 'operateur_id' in request.params else None last_notes_maj_id = request.params[ 'last_notes_maj_id'] if 'last_notes_maj_id' in request.params else None model = request.dbsession.query(Operateur).filter( Operateur.id == operateur_id).first() # If result is empty if not model: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( Operateur.__tablename__, operateur_id)) # Read params operateur model.last_notemaj_id = last_notes_maj_id return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(Operateur.__tablename__))
def notes_maj_update_view(request): """ Update notes_maj """ # Check authorization if not Utils.has_permission(request, request.registry.settings['fonction_admin']): raise exc.HTTPForbidden() # Get operateur_id notes_maj_id = request.params['id'] if 'id' in request.params else None model = request.dbsession.query(NotesMAJ).filter( NotesMAJ.id == notes_maj_id).first() # If result is empty if not model: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format( NotesMAJ.__tablename__, notes_maj_id)) # Read params operateur model = Utils.set_model_record(model, request.params) return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(NotesMAJ.__tablename__))
def reference_numeros_new_view(request): """ Add numéro muté in affaire """ # Check authorization if not Utils.has_permission( request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() # Get affaire_id affaire_id = request.params[ 'affaire_id'] if 'affaire_id' in request.params else None numeros_liste = json.loads(request.params['numeros_liste'] ) if 'numeros_liste' in request.params else None for numero_i in numeros_liste: # enregistrer le lien affaire-numéro params = Utils._params(affaire_id=affaire_id, numero_id=numero_i['numero_id'], actif=True, type_id=1) affaire_numero_new_view(request, params) return Utils.get_data_save_response( Constant.SUCCESS_SAVE.format(Numero.__tablename__))
def numeros_update_view(request): """ Update numeros """ # Check authorization if not Utils.has_permission(request, request.registry.settings['affaire_numero_edition']): raise exc.HTTPForbidden() # Get numero id id = request.params['id'] if 'id' in request.params else None # Get numero record record = request.dbsession.query(Numero).filter( Numero.id == id).first() if not record: raise CustomError( CustomError.RECORD_WITH_ID_NOT_FOUND.format(Numero.__tablename__, id)) last_record_etat_id = record.etat_id record = Utils.set_model_record(record, request.params) if 'etat_id' in request.params: if request.params['etat_id'] != last_record_etat_id: params = Utils._params( numero_id=record.id, numero_etat_id=request.params['etat_id']) numeros_etat_histo_new_view(request, params) return Utils.get_data_save_response(Constant.SUCCESS_SAVE.format(Numero.__tablename__))
def etapes_new_view(request): """ POST etapes affaire """ # Check authorization if not Utils.check_connected(request): raise exc.HTTPForbidden() chef_equipe_id = request.params['chef_equipe_id'] if 'chef_equipe_id' in request.params else None # Add new step model = Utils.addNewRecord(request, AffaireEtape) # send mail affaire_etape_index = request.dbsession.query(AffaireEtapeIndex).filter(AffaireEtapeIndex.id == model.etape_id).first() etape_mailer = request.dbsession.query(EtapeMailer).filter(model.etape_id == EtapeMailer.etape_id).all() operateur = request.dbsession.query(Operateur).all() mail_list = [] # only when chef_equipe is specified if chef_equipe_id: mail_list.append( request.dbsession.query(Operateur).filter(Operateur.id == chef_equipe_id).first().mail ) # update chef d'équipe in affaire affaire = request.dbsession.query(Affaire).filter(Affaire.id == model.affaire_id).first() affaire.technicien_id = chef_equipe_id # construct mail_list for em_i in etape_mailer: if em_i.sendmail: mail = next((op.mail for op in operateur if op.id == em_i.operateur_id), None) if mail: mail_list.append(mail) # Send mail only if step prio is 1 and if mail_list not empty if affaire_etape_index.priorite == int(request.registry.settings['affaire_etape_priorite_1_id']) and len(mail_list)>0: # get affaire informations affaire = request.dbsession.query(VAffaire).filter(VAffaire.id == model.affaire_id).first() # get list of done steps lastSteps = request.dbsession.query(VEtapesAffaires).filter( and_( VEtapesAffaires.affaire_id == model.affaire_id, VEtapesAffaires.etape_priorite == int(request.registry.settings['affaire_etape_priorite_1_id']) ) ).order_by(VEtapesAffaires.id.desc()).all() lastSteps = "".join(["<tr><td style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>{}</td>\ <td style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>{} {}</td>\ <td style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>{}</td>\ <td style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>{}</td>\ </tr>".format(i.datetime, i.operateur_prenom, i.operateur_nom, i.etape, i.remarque if i.remarque else "") for i in lastSteps]) affaire_nom = " (" + affaire.nom + ")" if affaire.nom is not None else "" text = "L'affaire <b><a href='" + os.path.join(request.registry.settings['infolica_url_base'], 'affaires', str(affaire.id)) + "'>" + str(affaire.id) + affaire_nom + "</a></b> est en attente pour l'étape <b>"+ affaire_etape_index.nom +"</b>." text += ("<br><br><br><h4>Historique de l'affaire</h4><table style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'><tr><th style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>Horodateur</th><th style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>Opérateur</th style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'><th>Etape</th><th style='border: 1px solid black; border-collapse: collapse; padding: 5px 25px 5px 10px;'>Remarque</th></tr>" + lastSteps + "</table>") if lastSteps != "" else "" subject = "Infolica - affaire " + str(affaire.id) send_mail(request, mail_list, "", subject, html=text) return Utils.get_data_save_response(Constant.SUCCESS_SAVE.format(AffaireEtape.__tablename__))
def operateurs_view(request): """ Return all operateurs """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() query = request.dbsession.query(Operateur).filter(Operateur.sortie == None).all() return Utils.serialize_many(query)
def numeros_relations_view(request): """ Return all numeros_relations """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() query = request.dbsession.query(VNumerosRelations).all() return Utils.serialize_many(query)
def facture_type_view(request): """ Return all facture types """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() query = request.dbsession.query(FactureType).all() return Utils.serialize_many(query)
def suivi_mandats_view(request): """ Return all suivi_mandats """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() query = request.dbsession.query(SuiviMandat).all() return Utils.serialize_many(query)
def controles_ppe_view(request): """ Return all controles_ppe """ # Check connected if not Utils.check_connected(request): raise exc.HTTPForbidden() query = request.dbsession.query(ControlePPE).all() return Utils.serialize_many(query)