async def check_evaluation_create_permissions(
current_user: UserInDB = Depends(get_current_active_user),
cleaning: CleaningInDB = Depends(get_cleaning_by_id_from_path),
cleaner: UserInDB = Depends(get_user_by_username_from_path),
offer: OfferInDB = Depends(get_offer_for_cleaning_from_user_by_path),
evals_repo: EvaluationsRepository = Depends(get_repository(EvaluationsRepository)),
) -> None:
# Test that only owners of a cleaning can leave evaluations for that cleaning job
# [R1] created utility function
if not user_owns_cleaning(user=current_user, cleaning=cleaning):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN,
detail="Users are unable to leave evaluations for cleaning jobs they do not own.",
)
# Check that evaluations can only be made for jobs that have been accepted
# Also serves to ensure that only one evaluation per-cleaner-per-job is allowed
if offer.status != "accepted":
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Only users with accepted offers can be evaluated.",
)
# Check that evaluations can only be made for users whose offer was accepted for that job
if offer.user_id != cleaner.id:
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="You are not authorized to leave an evaluation for this user.",
)
def check_offer_list_permissions(
current_user: UserInDB = Depends(get_current_active_user),
cleaning: CleaningInDB = Depends(get_cleaning_by_id_from_path),
) -> None:
if not user_owns_cleaning(user=current_user, cleaning=cleaning):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail="Unable to access offers.",
)
def check_offer_acceptance_permissions(
current_user: UserInDB = Depends(get_current_active_user),
cleaning: CleaningInDB = Depends(get_cleaning_by_id_from_path),
offer: OfferInDB = Depends(get_offer_for_cleaning_from_user_by_path),
) -> None:
if not user_owns_cleaning(user=current_user, cleaning=cleaning):
raise HTTPException(
status_code=status.HTTP_403_FORBIDDEN, detail="Only the owner of the cleaning may accept offers."
)
if offer.status != "pending":
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST, detail="Can only accept offers that are currently pending."
)
async def check_offer_create_permissions(
current_user: UserInDB = Depends(get_current_active_user),
cleaning: CleaningInDB = Depends(get_cleaning_by_id_from_path),
offers_repo: OffersRepository = Depends(get_repository(OffersRepository)),
) -> None:
if user_owns_cleaning(user=current_user, cleaning=cleaning):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Users are unable to create offers for cleaning jobs they own.",
)
if await offers_repo.get_offer_for_cleaning_from_user(cleaning=cleaning, user=current_user):
raise HTTPException(
status_code=status.HTTP_400_BAD_REQUEST,
detail="Users aren't allowed create more than one offer for a cleaning job.",
)
def check_offer_acceptance_permissions(
current_user: UserInDB = Depends(get_current_active_user),
cleaning: CleaningInDB = Depends(get_cleaning_by_id_from_path),
offer: OfferInDB = Depends(get_offer_for_cleaning_from_user_by_path),
existing_offers: List[OfferInDB] = Depends(
list_offers_for_cleaning_by_id_from_path),
) -> None:
if not user_owns_cleaning(user=current_user, cleaning=cleaning):
raise HTTPException(
status_code=HTTP_403_FORBIDDEN,
detail="Only the owner of the cleaning may accept offers.")
if offer.status != "pending":
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail="Can only accept offers that are currently pending.")
if "accepted" in [o.status for o in existing_offers]:
raise HTTPException(
status_code=HTTP_400_BAD_REQUEST,
detail="That cleaning job already has an accepted offer.")
