Ejemplo n.º 1
0
def get_user_images(user_id, current_user=None):
    if user_id == None:
        user_id = current_user.id
    application = Application.get_for_user(user_id)
    user = User.get(user_id)
    if application is None:
        raise ForbiddenException('User {} does not have access.'.format(
            current_user.id))
    elif not has_applicant_access(current_user, user, self_access=True):
        raise ForbiddenException('User {} does not have access.'.format(
            current_user.id))
    return {
        'info': [{
            'url': image.url,
            'id': image.filename
        } for image in application.images]
    }
Ejemplo n.º 2
0
def get_user_characters(user_id, current_user=None):
    user = User.get(user_id)
    if not has_applicant_access(current_user, user, self_access=True):
        raise ForbiddenException(
            'User {} does not have access.'.format(current_user))
    if not db.session.query(db.exists().where(User.id == user_id)).scalar():
        raise BadRequestException(
            'User with id={} does not exist.'.format(user_id))
    character_dict = {}
    for character in db.session.query(Character).filter(
            Character.user_id == user_id):
        character_dict[character.id] = {
            'name': character.name,
            'corporation_id': character.corporation_id,
            'corporation_name': character.corporation.name,
        }
    return {'info': character_dict}
Ejemplo n.º 3
0
def delete_s3(image_id, current_user=None):
    image = Image.query.get(image_id)
    application = Application.get_for_user(current_user.id)
    if application is not None:
        self_access = not application.is_submitted
        has_access = has_applicant_access(current_user,
                                          application.user,
                                          self_access=self_access)
    else:
        has_access = False
    if (not has_access or image is None or application is None
            or application.is_submitted
            or application.id != image.application_id):
        raise ForbiddenException(
            'User {} does not have access to image {}.'.format(
                current_user.id, image_id))
    else:
        Image.delete(image_id, image.filename)
        return {'status': 'ok'}
Ejemplo n.º 4
0
def release_applicant(applicant_user_id, current_user=current_user):
    if not is_recruiter(current_user):
        raise ForbiddenException(
            'User {} is not a recruiter'.format(current_user.id))
    application = Application.get_submitted_for_user(applicant_user_id)
    if application is None:
        raise BadRequestException(
            'User {} is not in an open application.'.format(
                applicant_user_id
            )
        )
    elif not has_applicant_access(current_user, User.get(applicant_user_id)):
        raise ForbiddenException('User {} does not have access to user {}'.format(
            current_user.id, applicant_user_id
        ))
    else:
        application.recruiter_id = None
        db.session.commit()
        add_status_note(
            application, 'Application released by {}.'.format(current_user.name))
        return {'status': 'ok'}
Ejemplo n.º 5
0
def get_answers(user_id, current_user=None):
    if not db.session.query(db.exists().where(User.id == user_id)).scalar():
        raise BadRequestException(
            'User with id={} does not exist.'.format(user_id))
    user = User.get(user_id)
    current_user = current_user or user
    if not has_applicant_access(current_user, user, self_access=True):
        raise ForbiddenException(
            'User {} does not have access to user {}'.format(
                current_user, user_id))

    application = Application.get_for_user(user_id)
    if not application:
        raise BadRequestException(
            'User with id={} has no application.'.format(user_id))
    questions = get_questions()
    response = {'questions': {}, 'has_application': False}
    if application:
        response['has_application'] = True
        # get a dict keyed by question id of questions & answers
        answers = {a.question_id: a.text for a in application.answers}
        for question_id in questions:
            answer = answers[question_id] if question_id in answers else ""
            response['questions'][question_id] = {
                'question': questions[question_id],
                'user_id': user_id,
                'answer': answer,
            }
    else:
        # no application yet, create empty answers
        for question_id in questions:
            response['questions'][question_id] = {
                'question': questions[question_id],
                'user_id': user_id,
                'answer': '',
            }
    return response
Ejemplo n.º 6
0
 def test_has_applicant_self_access(self):
     self.assertFalse(
         has_applicant_access(self.user, self.applicant, self_access=True))
Ejemplo n.º 7
0
 def test_has_applicant_access(self):
     self.assertFalse(has_applicant_access(self.user, self.applicant))