def _check_has_validated_venue_param(has_validated_venue) -> bool:
if type(has_validated_venue) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_validated_venue',
'has_validated_venue is a boolean, it accepts True or False')
raise api_errors
def _check_has_offerer_with_siren_param(has_offerer_with_siren) -> bool:
if type(has_offerer_with_siren) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_offerer_with_siren',
'has_offerer_with_siren is a boolean, it accepts True or False')
raise api_errors
def _get_email_index_in_spreadsheet_or_error(authorized_emails):
try:
email_index = authorized_emails.index(request.json['email'])
except ValueError:
e = ApiErrors()
e.add_error('email', "Adresse non autorisée pour l'expérimentation")
raise e
return email_index
def check_reset_token_validity(user):
if datetime.utcnow() > user.resetPasswordTokenValidityLimit:
errors = ApiErrors()
errors.add_error(
'token',
'Votre lien de changement de mot de passe est périmé. Veuillez effectuer une nouvelle demande.'
)
raise errors
def check_valid_edition(data):
invalid_fields_for_patch = set(data.keys()).difference(
{'iban', 'bic', 'isActive'})
if invalid_fields_for_patch:
api_errors = ApiErrors()
for key in invalid_fields_for_patch:
api_errors.add_error(key, 'Vous ne pouvez pas modifier ce champ')
raise api_errors
def _check_has_venue_with_siret_param(has_venue_with_siret) -> bool:
if type(has_venue_with_siret) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_venue_with_siret',
'has_venue_with_siret is a boolean, it accepts True or False')
raise api_errors
def check_stock_venue_is_validated(stock):
if not stock.resolvedOffer.venue.isValidated:
api_errors = ApiErrors()
api_errors.add_error(
'stockId',
'Vous ne pouvez pas encore réserver cette offre, son lieu est en attente de validation'
)
raise api_errors
def _check_has_bank_information_param(has_bank_information) -> bool:
if type(has_bank_information) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_bank_information',
'has_bank_information is a boolean, it accepts True or False')
raise api_errors
def check_user_is_logged_in_or_email_is_provided(user, email):
if not (user.is_authenticated or email):
api_errors = ApiErrors()
api_errors.add_error(
'email',
'Vous devez préciser l\'email de l\'utilisateur quand vous n\'êtes pas connecté(e)'
)
raise api_errors
def _validate_existing_venue_provider(provider_id: int, venue_id: int, venue_id_at_offer_provider: str):
is_existing_venue_provider = find_venue_provider(provider_id,
venue_id,
venue_id_at_offer_provider)
if is_existing_venue_provider:
errors = ApiErrors()
errors.status_code = 400
errors.add_error('venueProvider', "Votre lieu est déjà lié à cette source")
raise errors
def check_offer_date(stock):
stock_has_expired = stock.beginningDatetime is not None and stock.beginningDatetime < datetime.utcnow(
)
if stock_has_expired:
api_errors = ApiErrors()
api_errors.add_error(
'date', "Cette offre n'est plus valable car sa date est passée")
raise api_errors
def _check_has_validated_user_offerer_param(
has_validated_user_offerer) -> bool:
if type(has_validated_user_offerer) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_validated_user_offerer',
'has_validated_user_offerer is a boolean, it accepts True or False')
raise api_errors
def _check_offer_status_param(offer_status: str) -> bool:
valid_param = ['ALL', 'VALID', 'WITHOUT', 'EXPIRED']
for elem in valid_param:
if offer_status == elem:
return True
api_errors = ApiErrors()
api_errors.add_error(
'offer_status',
'offer_status accepte ALL ou VALID ou WITHOUT ou EXPIRED')
raise api_errors
def check_stock_booking_limit_date(stock):
stock_has_expired = stock.bookingLimitDatetime is not None and stock.bookingLimitDatetime < datetime.utcnow(
)
if stock_has_expired:
api_errors = ApiErrors()
api_errors.add_error(
'global',
'La date limite de réservation de cette offre est dépassée')
raise api_errors
def check_offer_is_active(stock):
soft_deleted_stock = stock.isSoftDeleted
inactive_offerer = not stock.resolvedOffer.venue.managingOfferer.isActive
inactive_offer = not stock.resolvedOffer.isActive
if soft_deleted_stock or inactive_offerer or inactive_offer:
api_errors = ApiErrors()
api_errors.add_error(
'stockId', "Cette offre a été retirée. Elle n'est plus valable.")
raise api_errors
def save_venue(venue):
try:
PcObject.save(venue)
except TooManyVirtualVenuesException:
errors = ApiErrors()
errors.add_error(
'isVirtual',
'Un lieu pour les offres numériques existe déjà pour cette structure'
)
raise errors
def check_user_can_validate_bookings(self, offerer_id):
if self.is_authenticated:
if self.hasRights(RightsType.editor, offerer_id):
return True
else:
api_errors = ApiErrors()
api_errors.add_error('global',
'Cette contremarque n\'a pas été trouvée')
raise api_errors
else:
return False
def _get_departement_code_when_authorized_or_error(authorized_emails,
departement_codes):
email_index = _get_email_index_in_spreadsheet_or_error(authorized_emails)
departement_code = departement_codes[email_index]
if departement_code.strip() == '':
logger.error(
"[ERROR] Missing departement code in users spreadsheet for " +
request.json['email'])
e = ApiErrors()
e.add_error('email', "Adresse non autorisée pour l'expérimentation")
raise e
return departement_code
def check_valid_signin(identifier: str, password: str):
errors = ApiErrors()
errors.status_code = 401
if identifier is None:
errors.add_error('identifier', 'Identifiant manquant')
if password is None:
errors.add_error('password', 'Mot de passe manquant')
errors.maybe_raise()
def check_dates_are_allowed_on_new_stock(request_data: dict, offer: Offer):
if offer.isThing:
_forbid_dates_on_stock_for_thing_offer(request_data)
else:
if request_data.get('endDatetime', None) is None:
raise ApiErrors({'endDatetime': ['Ce paramètre est obligatoire']})
if request_data.get('beginningDatetime', None) is None:
raise ApiErrors(
{'beginningDatetime': ['Ce paramètre est obligatoire']})
if request_data.get('bookingLimitDatetime', None) is None:
raise ApiErrors(
{'bookingLimitDatetime': ['Ce paramètre est obligatoire']})
def parse_boolean_param_validated(request):
validated = request.args.get('validated')
only_validated_offerers = True
if validated:
if validated.lower() in ('true', 'false'):
only_validated_offerers = validated.lower() == 'true'
else:
errors = ApiErrors()
errors.add_error(
'validated',
'Le paramètre \'validated\' doit être \'true\' ou \'false\'')
raise errors
return only_validated_offerers
def get_bookings_csv():
only_digital_venues = request.args.get('onlyDigitalVenues', False)
try:
venue_id = dehumanize(request.args.get('venueId', None))
offer_id = dehumanize(request.args.get('offerId', None))
except ValueError:
errors = ApiErrors()
errors.add_error('global', 'Les identifiants sont incorrects')
errors.status_code = 400
raise errors
try:
if request.args.get('dateFrom', None):
date_from = dateutil.parser.parse(request.args.get('dateFrom'))
else:
date_from = None
if request.args.get('dateTo', None):
date_to = dateutil.parser.parse(request.args.get('dateTo'))
else:
date_to = None
except ValueError:
errors = ApiErrors()
errors.add_error('global', 'Les dates sont incorrectes')
errors.status_code = 400
raise errors
check_rights_to_get_bookings_csv(current_user, venue_id, offer_id)
query = filter_query_where_user_is_user_offerer_and_is_validated(
Offerer.query, current_user)
if only_digital_venues:
bookings = chain(*list(
map(
lambda offerer: find_all_digital_bookings_for_offerer(
offerer.id, offer_id, date_from, date_to), query)))
else:
bookings = chain(*list(
map(
lambda offerer: find_all_offerer_bookings(
offerer.id, venue_id, offer_id, date_from, date_to),
query)))
bookings_csv = generate_bookings_details_csv(bookings)
return bookings_csv.encode('utf-8-sig'), \
200, \
{'Content-type': 'text/csv; charset=utf-8;',
'Content-Disposition': 'attachment; filename=reservations_pass_culture.csv'}
def _forbid_dates_on_stock_for_thing_offer(request_data):
if 'beginningDatetime' in request_data or 'endDatetime' in request_data:
raise ApiErrors({
'global': [
'Impossible de mettre des dates de début et fin si l\'offre ne porte pas sur un évenement'
]
})
def post_new_password():
validate_new_password_request(request)
token = request.get_json()['token']
new_password = request.get_json()['newPassword']
user = find_user_by_reset_password_token(token)
if not user:
errors = ApiErrors()
errors.add_error('token', 'Votre lien de changement de mot de passe est invalide.')
raise errors
check_reset_token_validity(user)
check_password_strength('newPassword', new_password)
user.setPassword(new_password)
PcObject.save(user)
return '', 204
def validate_reset_request(request):
if 'email' not in request.get_json():
errors = ApiErrors()
errors.add_error('email', 'L\'email est manquant')
raise errors
if not request.get_json()['email']:
errors = ApiErrors()
errors.add_error('email', 'L\'email renseigné est vide')
raise errors
def check_allowed_changes_for_user(data):
changes_allowed = {
'culturalSurveyId',
'departementCode',
'email',
'needsToFillCulturalSurvey',
'phoneNumber',
'postalCode',
'publicName',
}
changes_asked = set(data)
api_errors = ApiErrors()
changes_not_allowed = changes_asked.difference(changes_allowed)
if changes_not_allowed:
for change in changes_not_allowed:
api_errors.add_error(
change, 'Vous ne pouvez pas changer cette information')
raise api_errors
def validate():
token = request.args.get('token')
check_validation_request(token)
model_names = request.args.get('modelNames')
if model_names is None:
e = ApiErrors()
e.add_error('modelNames', 'Vous devez fournir des noms de classes')
return jsonify(e.errors), 400
model_names = model_names.split(',')
objects_to_validate = []
for model_name in model_names:
query = getattr(models, model_name) \
.query \
.filter_by(validationToken=token)
objects_to_validate += query.all()
if len(objects_to_validate) == 0:
return "Aucun(e) objet ne correspond à ce code de validation" \
+ " ou l'objet est déjà validé", \
404
for obj in objects_to_validate:
obj.validationToken = None
PcObject.save(*objects_to_validate)
user_offerers = iter(
[obj for obj in objects_to_validate if isinstance(obj, UserOfferer)])
user_offerer = next(user_offerers, None)
offerers = iter(
[obj for obj in objects_to_validate if isinstance(obj, Offerer)])
offerer = next(offerers, None)
try:
send_validation_confirmation_email(user_offerer, offerer,
send_raw_email)
except MailServiceException as e:
app.logger.error('Mail service failure', e)
return "Validation effectuée", 202
def check_thumb_in_request(files, form):
missing_image_error = ApiErrors(
{'thumb': ["Vous devez fournir une image d'accroche"]})
if 'thumb' in files:
if files['thumb'].filename == '':
raise missing_image_error
elif 'thumbUrl' not in form:
raise missing_image_error
def validate_new_password_request(request):
if 'token' not in request.get_json():
errors = ApiErrors()
errors.add_error(
'token', 'Votre lien de changement de mot de passe est invalide.')
raise errors
if 'newPassword' not in request.get_json():
errors = ApiErrors()
errors.add_error('newPassword',
'Vous devez renseigner un nouveau mot de passe.')
raise errors
def get_recommendation_search_params(request_args: dict) -> dict:
search_params = {}
api_errors = ApiErrors()
if 'page' in request_args and request_args['page']:
search_params['page'] = int(request_args['page'])
if 'keywords' in request_args and request_args['keywords']:
search_params['keywords_string'] = request_args['keywords']
if 'categories' in request_args and request_args['categories']:
type_sublabels = request_args['categories']
search_params[
'type_values'] = get_event_or_thing_type_values_from_sublabels(
type_sublabels)
if 'date' in request_args and request_args['date']:
date = dateutil.parser.parse(request_args['date'])
search_params['days_intervals'] = [[
date, date + timedelta(days=int(1))
]]
if 'days' in request_args and request_args['days']:
date = dateutil.parser.parse(request_args['date'])
days_intervals = request_args['days'].split(',')
search_params['days_intervals'] = [[
date + timedelta(days=int(day)) for day in days.split('-')
] for days in days_intervals]
if 'latitude' in request_args and request_args['latitude']:
search_params['latitude'] = float(request_args['latitude'])
if 'longitude' in request_args and request_args['longitude']:
search_params['longitude'] = float(request_args['longitude'])
if 'distance' in request_args and request_args['distance']:
if not request_args['distance'].isdigit():
api_errors.add_error('distance', 'cela doit etre un nombre')
raise api_errors
search_params['max_distance'] = float(request_args['distance'])
return search_params