def patch_booking_keep_by_token(token: str) -> None:
# in French, to be used by Swagger for the API documentation
"""Annulation de la validation d'une réservation."""
booking = booking_repository.find_by(token=token)
if current_user.is_authenticated:
check_user_can_validate_bookings_v2(current_user, booking.offererId)
if current_api_key:
check_api_key_allows_to_validate_booking(
current_api_key, # type: ignore[arg-type]
booking.offererId,
)
bookings_api.mark_as_unused(booking)
def test_raises_exception_when_api_key_is_provided_but_related_offerer_does_not_have_rights_on_booking(
self, app):
# Given
validApiKey = ApiKey()
validApiKey.value = random_token(64)
validApiKey.offererId = 67
# When
with pytest.raises(ApiErrors) as errors:
check_api_key_allows_to_validate_booking(validApiKey, None)
# Then
assert errors.value.errors["user"] == [
"Vous n'avez pas les droits suffisants pour valider cette contremarque."
]
def test_raises_exception_when_api_key_is_provided_but_related_offerer_does_not_have_rights_on_booking(
self, app):
# Given
validApiKey = ApiKey()
validApiKey.prefix = random_token(64)
validApiKey.offererId = 67
# When
with pytest.raises(ApiErrors) as errors:
check_api_key_allows_to_validate_booking(validApiKey, None)
# Then
assert errors.value.errors["user"] == [
"Vous n’avez pas les droits suffisants pour valider cette contremarque car cette réservation n'a pas été faite sur une de vos offres, ou que votre rattachement à la structure est encore en cours de validation"
]
def patch_booking_keep_by_token(token: str):
"""Let a pro user mark a booking as _not_ used."""
booking = booking_repository.find_by(token=token.upper())
offerer_id = booking.stock.offer.venue.managingOffererId
valid_api_key = _get_api_key_from_header(request)
if current_user.is_authenticated:
check_user_can_validate_bookings_v2(current_user, offerer_id)
if valid_api_key:
check_api_key_allows_to_validate_booking(valid_api_key, offerer_id)
bookings_api.mark_as_unused(booking)
return "", 204
def test_does_not_raise_error_when_api_key_is_provided_and_is_related_to_offerer_id(
self, app):
# Given
user = create_user()
offerer = create_offerer()
user_offerer = create_user_offerer(user, offerer, None)
repository.save(user, offerer, user_offerer)
validApiKey = ApiKey()
validApiKey.value = random_token(64)
validApiKey.offererId = offerer.id
repository.save(validApiKey)
# The the following should not raise
check_api_key_allows_to_validate_booking(validApiKey, offerer.id)
def patch_booking_use_by_token(token: str) -> None:
# in French, to be used by Swagger for the API documentation
"""Validation d'une réservation.
Pour confirmer que la réservation a bien été utilisée par le jeune.
"""
booking = booking_repository.find_by(token=token)
if current_user.is_authenticated:
check_user_can_validate_bookings_v2(current_user, booking.offererId)
if current_api_key:
check_api_key_allows_to_validate_booking(
current_api_key, # type: ignore[arg-type]
booking.offererId,
)
bookings_api.mark_as_used(booking)
def get_booking_by_token_v2(token: str):
valid_api_key = _get_api_key_from_header(request)
booking_token_upper_case = token.upper()
booking = booking_repository.find_by(token=booking_token_upper_case)
offerer_id = booking.stock.offer.venue.managingOffererId
if current_user.is_authenticated:
# warning : current user is not none when user is not logged in
check_user_can_validate_bookings_v2(current_user, offerer_id)
if valid_api_key:
check_api_key_allows_to_validate_booking(valid_api_key, offerer_id)
bookings_validation.check_is_usable(booking)
response = serialize_booking(booking)
return jsonify(response), 200
def get_booking_by_token_v2(token: str) -> GetBookingResponse:
# in French, to be used by Swagger for the API documentation
"""Consultation d'une réservation.
Le code “contremarque” ou "token" est une chaîne de caractères permettant d’identifier la réservation et qui sert de preuve de réservation.
Ce code unique est généré pour chaque réservation d'un utilisateur sur l'application et lui est transmis à cette occasion.
"""
booking = booking_repository.find_by(token=token)
if current_user.is_authenticated:
# warning : current user is not none when user is not logged in
check_user_can_validate_bookings_v2(current_user, booking.offererId)
if current_api_key:
check_api_key_allows_to_validate_booking(
current_api_key, # type: ignore[arg-type]
booking.offererId,
)
bookings_validation.check_is_usable(booking)
return get_booking_response(booking)
