class BookingPost(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
@api_call_with_retry
def post(self):
csr = CSR.find_by_username(g.oidc_token_info['username'])
json_data = request.get_json()
if not json_data:
return {"message": "No input data received for creating a booking"}, 400
booking, warning = self.booking_schema.load(json_data)
if warning:
logging.warning("WARNING: %s", warning)
return {"message": warning}, 422
if booking.office_id is None:
booking.office_id = csr.office_id
if booking.office_id == csr.office_id or csr.liaison_designate == 1:
db.session.add(booking)
db.session.commit()
result = self.booking_schema.dump(booking)
return {"booking": result.data,
"errors": result.errors}, 201
else:
return {"The Booking Office ID and CSR Office ID do not match!"}, 403
class ExamSchema(ma.ModelSchema):
class Meta:
model = Exam
jit = toastedmarshmallow.Jit
booking_id = fields.Int()
deleted_date = fields.Str()
event_id = fields.Str()
exam_id = fields.Int(dump_only=True)
exam_method = fields.Str()
exam_name = fields.Str()
exam_received = fields.Int()
exam_received_date = fields.DateTime(allow_none=True)
exam_type_id = fields.Int()
examinee_name = fields.Str()
expiry_date = fields.DateTime()
notes = fields.Str(allow_none=True)
number_of_students = fields.Int()
office_id = fields.Int()
session_number = fields.Int()
exam_returned_date = fields.Str(allow_none=True)
exam_returned_tracking_number = fields.String(allow_none=True)
exam_written_ind = fields.Int()
offsite_location = fields.String()
booking = fields.Nested(BookingSchema())
exam_type = fields.Nested(ExamTypeSchema())
office = fields.Nested(OfficeSchema(exclude=("csrs", )))
class BookingDetail(Resource):
booking_schema = BookingSchema()
@jwt.has_one_of_roles([Role.internal_user.value])
def get(self, id):
csr = CSR.find_by_username(g.jwt_oidc_token_info['username'])
try:
booking = Booking.query.filter_by(booking_id=id).first_or_404()
# Also 404 the request if they shouldn't be able to see this booking
if booking.office_id != csr.office_id and csr.ita2_designate != 1:
abort(404)
result = self.booking_schema.dump(booking)
return {
"booking": result,
"errors": self.booking_schema.validate(booking)
}, 200
except exc.SQLAlchemyError as error:
logging.error(error, exc_info=True)
return {"message": "API is down"}, 500
class BookingPost(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
@has_any_role(roles=[Role.internal_user.value])
@api_call_with_retry
def post(self):
csr = CSR.find_by_username(g.oidc_token_info['username'])
json_data = request.get_json()
i_id = json_data.get('invigilator_id')
if not json_data:
return {"message": "No input data received for creating a booking"}, 400
booking, warning = self.booking_schema.load(json_data)
if warning:
logging.warning("WARNING: %s", warning)
return {"message": warning}, 422
if booking.office_id is None:
booking.office_id = csr.office_id
if booking.office_id == csr.office_id or csr.ita2_designate == 1:
if i_id is None:
db.session.add(booking)
db.session.commit()
elif type(i_id) == int:
booking.invigilators.append(Invigilator.query.filter_by(invigilator_id=i_id).first_or_404())
db.session.add(booking)
db.session.commit()
elif type(i_id) == list:
if len(i_id) == 0:
db.session.add(booking)
db.session.commit()
else:
for value in i_id:
booking.invigilators.append(Invigilator.query.filter_by(invigilator_id=value).first_or_404())
db.session.add(booking)
db.session.commit()
result = self.booking_schema.dump(booking)
return {"booking": result.data,
"errors": result.errors}, 201
else:
return {"The Booking Office ID and CSR Office ID do not match!"}, 403
class ExamSchema(ma.SQLAlchemySchema):
class Meta:
model = Exam
include_relationships = True
load_instance = True
jit = toastedmarshmallow.Jit
booking_id = fields.Int(allow_none=True)
deleted_date = fields.Str(allow_none=True)
event_id = fields.Str(allow_none=True)
exam_destroyed_date = fields.Str(allow_none=True)
exam_id = fields.Int(dump_only=True)
exam_method = fields.Str()
exam_name = fields.Str()
exam_received = fields.Int()
exam_received_date = fields.DateTime(allow_none=True)
exam_type_id = fields.Int()
examinee_name = fields.Str(allow_none=True)
examinee_phone = fields.Str(allow_none=True)
examinee_email = fields.Str(allow_none=True)
expiry_date = fields.DateTime(allow_none=True)
notes = fields.Str(allow_none=True)
number_of_students = fields.Int(allow_none=True)
office_id = fields.Int()
invigilator_id = fields.Int(allow_none=True)
session_number = fields.Int(allow_none=True)
exam_returned_ind = fields.Int()
exam_returned_date = fields.Str(allow_none=True)
exam_returned_tracking_number = fields.Str(allow_none=True)
exam_written_ind = fields.Int()
upload_received_ind = fields.Int(allow_none=True)
offsite_location = fields.Str(allow_none=True)
sbc_managed_ind = fields.Int(allow_none=True)
receipt = fields.Str(allow_none=True)
receipt_number = fields.Str()
fees = fields.Str()
payee_ind = fields.Int(allow_none=True)
receipt_sent_ind = fields.Int(allow_none=True)
payee_name = fields.Str(allow_none=True)
payee_email = fields.Str(allow_none=True)
payee_phone = fields.Str(allow_none=True)
bcmp_job_id = fields.Str(allow_none=True)
is_pesticide = fields.Int(allow_none=True)
candidates_list = fields.Nested(CandidateSchema)
booking = fields.Nested(BookingSchema())
exam_type = fields.Nested(ExamTypeSchema())
invigilator = fields.Nested(InvigilatorSchema())
office = fields.Nested(OfficeSchema(only=('appointments_enabled_ind', 'exams_enabled_ind', 'office_id',
'office_name', 'office_number', 'timezone')))
class BookingDelete(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
def delete(self, id):
csr = CSR.find_by_username(g.oidc_token_info['username'])
booking = Booking.query.filter_by(booking_id=id).join(Room).filter_by(office_id=csr.office_id).first_or_404()
db.session.delete(booking)
db.session.commit()
return {}, 204
class BookingDelete(Resource):
booking_schema = BookingSchema()
@jwt.has_one_of_roles([Role.internal_user.value])
def delete(self, id):
csr = CSR.find_by_username(g.jwt_oidc_token_info['username'])
booking = Booking.query.filter_by(booking_id=id).first_or_404()
# Also 404 the request if they shouldn't be able to see this booking
if booking.office_id != csr.office_id and csr.ita2_designate != 1:
abort(404)
db.session.delete(booking)
db.session.commit()
return {}, 204
class BookingDelete(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
def delete(self, id):
csr = CSR.find_by_username(g.oidc_token_info['username'])
booking = Booking.query.filter_by(booking_id=id).first_or_404()
# Also 404 the request if they shouldn't be able to see this booking
if booking.office_id != csr.office_id and csr.liaison_designate != 1:
abort(404)
db.session.delete(booking)
db.session.commit()
return {}, 204
class BookingList(Resource):
booking_schema = BookingSchema(many=True)
@oidc.accept_token(require_token=True)
def get(self):
csr = CSR.find_by_username(g.oidc_token_info['username'])
try:
bookings = Booking.query.join(Room).filter_by(office_id=csr.office_id).all()
result = self.booking_schema.dump(bookings)
return {'bookings': result.data,
'errors': result.errors}, 200
except exc.SQLAlchemyError as error:
logging.error(error, exc_info=True)
return {"message": "API is down"}, 500
class BookingDetail(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
def get(self, id):
csr = CSR.find_by_username(g.oidc_token_info['username'])
try:
booking = Booking.query.filter_by(
booking_id=id).join(Room).filter_by(
office_id=csr.office_id).first_or_404()
result = self.booking_schema.dump(booking)
return {"booking": result.data, "errors": result.errors}, 200
except exc.SQLAlchemyError as error:
logging.error(error, exc_info=True)
return {"message": "API is down"}, 500
class BookingList(Resource):
booking_schema = BookingSchema(many=True)
@oidc.accept_token(require_token=True)
def get(self):
csr = CSR.find_by_username(g.oidc_token_info['username'])
office_filter = csr.office_id
if request.args.get('office_id') and csr.liaison_designate == 1:
office_filter = request.args.get('office_id')
try:
bookings = Booking.query.filter_by(office_id=office_filter).all()
result = self.booking_schema.dump(bookings)
return {'bookings': result.data, 'errors': result.errors}, 200
except exc.SQLAlchemyError as error:
logging.error(error, exc_info=True)
return {"message": "API is down"}, 500
class BookingDetail(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
def get(self, id):
csr = CSR.find_by_username(g.oidc_token_info['username'])
try:
booking = Booking.query.filter_by(booking_id=id).first_or_404()
# Also 404 the request if they shouldn't be able to see this booking
if booking.office_id != csr.office_id and csr.liaison_designate != 1:
abort(404)
result = self.booking_schema.dump(booking)
return {"booking": result.data, "errors": result.errors}, 200
except exc.SQLAlchemyError as error:
logging.error(error, exc_info=True)
return {"message": "API is down"}, 500
class BookingPut(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
def put(self, id):
csr = CSR.find_by_username(g.oidc_token_info['username'])
json_data = request.get_json()
if not json_data:
return {"message": "No input data received for updating a booking"}
booking = Booking.query.filter_by(booking_id=id).first_or_404()
booking, warning = self.booking_schema.load(json_data,
instance=booking,
partial=True)
if warning:
logging.warning("WARNING: %s", warning)
return {"message": warning}, 422
room = Room.query.filter_by(room_id=booking.room_id).first()
if room.office_id == csr.office_id:
db.session.add(booking)
db.session.commit()
result = self.booking_schema.dump(booking)
return {"booking": result.data, "errors": result.errors}, 200
else:
return {
"The Booking Office ID and the CSR Office ID do not match!"
}, 403
class BookingRecurringPut(Resource):
booking_schema = BookingSchema()
@oidc.accept_token(require_token=True)
@has_any_role(roles=[Role.internal_user.value])
def put(self, id):
csr = CSR.find_by_username(g.oidc_token_info['username'])
json_data = request.get_json()
if not json_data:
return {
"message":
"No input data received for updating recurring bookings"
}
bookings = Booking.query.filter_by(recurring_uuid=id)\
.filter_by(office_id=csr.office_id)\
.all()
for booking in bookings:
booking, warning = self.booking_schema.load(json_data,
instance=booking,
partial=True)
if warning:
logging.warning('WARNING: %s', warning)
return {"message": warning}, 422
db.session.add(booking)
db.session.commit()
result = self.booking_schema.dump(bookings)
return {"bookings": result.data, "errors": result.errors}, 200
class BookingList(Resource):
booking_schema = BookingSchema(many=True)
@jwt.has_one_of_roles([Role.internal_user.value])
def get(self):
csr = CSR.find_by_username(g.jwt_oidc_token_info['username'])
office_filter = csr.office_id
if request.args.get('office_id') and csr.ita2_designate == 1:
office_filter = request.args.get('office_id')
try:
bookings = Booking.query.filter_by(office_id=office_filter).all()
result = self.booking_schema.dump(bookings)
return {
'bookings': result,
'errors': self.booking_schema.validate(bookings)
}, 200
except exc.SQLAlchemyError as error:
logging.error(error, exc_info=True)
return {"message": "API is down"}, 500
class BookingPut(Resource):
booking_schema = BookingSchema()
@jwt.has_one_of_roles([Role.internal_user.value])
def put(self, id):
csr = CSR.find_by_username(g.jwt_oidc_token_info['username'])
json_data = request.get_json()
i_id_list = json_data.get('invigilator_id')
if not json_data:
return {"message": "No input data received for updating a ooking"}
booking = Booking.query.filter_by(booking_id=id).first_or_404()
booking = self.booking_schema.load(json_data,
instance=booking,
partial=True)
warning = self.booking_schema.validate(json_data)
if warning:
logging.warning("WARNING: %s", warning)
return {"message": warning}, 422
if booking.office_id == csr.office_id or csr.ita2_designate == 1:
if 'invigilator_id' in json_data:
booking.invigilators = []
if type(i_id_list) == int:
booking.invigilators.append(
Invigilator.query.filter_by(
invigilator_id=i_id_list).first_or_404())
db.session.add(booking)
db.session.commit()
elif type(i_id_list) == list:
if len(i_id_list) == 0 or i_id_list == [None]:
db.session.add(booking)
db.session.commit()
else:
for value in i_id_list:
booking.invigilators.append(
Invigilator.query.filter_by(
invigilator_id=value).first_or_404())
db.session.add(booking)
db.session.commit()
elif i_id_list is None:
db.session.add(booking)
db.session.commit()
result = self.booking_schema.dump(booking)
return {
"booking": result,
"errors": self.booking_schema.validate(booking)
}, 200
else:
return {
"The Booking Office ID and the CSR Office ID do not match!"
}, 403