def dbMakeUserInvitationTicket(db, ticketName, validityHours, userName,
userFullName, userEmail, ticketMessage, user,
urlRoot, settings):
""" Generate a ticket to be used to create a user
(with/out username pre-specified.
This is an admin-only operation.
"""
if isTicketIssuablePerSettings(validityHours, 1, settings):
'''
only admins can do this by design
'''
if userIsAdmin(db, user):
ticketId, securityCode = randomTicketNumbers(user)
issueDate = datetime.datetime.now()
metadata = {
k: v
for k, v in {
'username': userName,
'fullname': userFullName,
'email': userEmail,
'message': ticketMessage,
}.items() if v is not None
}
expirationDate = None if validityHours is None else (
issueDate + datetime.timedelta(hours=validityHours))
newTicket = Ticket(
ticket_id=ticketId,
name=ticketName,
security_code=securityCode,
username=user.username,
issue_date=issueDate,
expiration_date=expirationDate,
multiplicity=1,
target_type='user',
metadata=json.dumps(metadata),
last_redeemed=None,
times_redeemed=0,
)
#
dbAddRecordToTable(
db,
'tickets',
newTicket.asDict(),
dbTablesDesc=dbSchema,
)
db.commit()
return makeTicketMagicLink(newTicket, urlRoot)
else:
raise OstracionError('Insufficient permissions')
else:
raise OstracionError(
'Ticket parameters not allowed under the current settings')
def dbDeleteTicket(db, ticketId, user, mode, skipCommit=False):
""" Remove a ticket from DB."""
ticketDict = dbRetrieveRecordByKey(
db,
'tickets',
{'ticket_id': ticketId},
dbTablesDesc=dbSchema,
)
if (ticketDict is not None and
ticketTargetTypeToModeNameMap[ticketDict['target_type']] == mode):
ticket = Ticket(**ticketDict)
if userIsAdmin(db, user) or user.username == ticket.username:
#
dbDeleteRecordsByKey(
db,
'tickets',
{'ticket_id': ticketId},
dbTablesDesc=dbSchema,
)
if not skipCommit:
db.commit()
else:
raise OstracionError('Insufficient permissions')
else:
raise OstracionWarning('Ticket unavailable')
def dbGeneralisedGetTickets(db, user, query):
"""A generic ticket-reading query from DB, specialized in many ways."""
return (Ticket(**ticDoc) for ticDoc in dbRetrieveRecordsByKey(
db,
'tickets',
query,
dbTablesDesc=dbSchema,
))
def dbMakeGalleryTicket(db, ticketName, validityHours, multiplicity,
ticketMessage, box, boxPath, user, urlRoot, settings):
""" Generate a gallery-view ticket on a
box (with the specified ticket settings).
"""
if isTicketIssuablePerSettings(validityHours, multiplicity, settings):
ticketId, securityCode = randomTicketNumbers(user)
issueDate = datetime.datetime.now()
metadata = {
k: v
for k, v in {
'box_id': box.box_id,
'box_path': boxPath,
'box_name': box.box_name,
'box_title': box.title,
'message': ticketMessage,
}.items() if v is not None
}
expirationDate = None if validityHours is None else (
issueDate + datetime.timedelta(hours=validityHours))
newTicket = Ticket(
ticket_id=ticketId,
name=ticketName,
security_code=securityCode,
username=user.username,
issue_date=issueDate,
expiration_date=expirationDate,
multiplicity=multiplicity,
target_type='gallery',
metadata=json.dumps(metadata),
last_redeemed=None,
times_redeemed=0,
)
#
dbAddRecordToTable(
db,
'tickets',
newTicket.asDict(),
dbTablesDesc=dbSchema,
)
db.commit()
return makeTicketMagicLink(newTicket, urlRoot)
else:
raise OstracionError(
'Ticket parameters not allowed under the current settings')
def dbGetEnrichAndCheckTicket(db, mode, ticketId, securityCode, urlRoot):
""" Check validity (proper codes, existence) of a ticket
and return it enriched.
"""
ticketDict = dbRetrieveRecordByKey(
db,
'tickets',
{'ticket_id': ticketId},
dbTablesDesc=dbSchema,
)
if ticketDict is None:
return None
else:
ticket = Ticket(**ticketDict)
if all([
ticketTargetTypeToModeNameMap[ticket.target_type] == mode,
ticket.security_code == securityCode,
]):
return enrichTicket(db, ticket, urlRoot)
else:
return None