def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('attendee_id'): attendee = safe_query_kwargs(TicketHolder, view_kwargs, 'attendee_id') view_kwargs['id'] = attendee.order.id if view_kwargs.get('order_identifier'): order = safe_query_kwargs(Order, view_kwargs, 'order_identifier', 'identifier') view_kwargs['id'] = order.id elif view_kwargs.get('id'): order = safe_query_by_id(Order, view_kwargs['id']) if not has_access( 'is_coorganizer_or_user_itself', event_id=order.event_id, user_id=order.user_id, ): raise ForbiddenError( {'source': ''}, 'You can only access your orders or your event\'s orders') # expire the initializing order if time limit is over. set_expiry_for_order(order)
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('event_invoice_identifier'): event_invoice = safe_query_kwargs(EventInvoice, view_kwargs, 'event_invoice_identifier', 'identifier') view_kwargs['id'] = event_invoice.id elif view_kwargs.get('id'): event_invoice = safe_query_by_id(EventInvoice, view_kwargs['id']) if not current_user.is_staff and event_invoice.user_id != current_user.id: raise ForbiddenError({'source': ''}, 'Admin access is required')
def before_get(self, args, kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if kwargs.get('order_identifier'): order = safe_query_kwargs(Order, kwargs, 'order_identifier', 'identifier') kwargs['id'] = order.id elif kwargs.get('id'): order = safe_query_by_id(Order, kwargs['id']) if not has_access( 'is_coorganizer', event_id=order.event_id, user_id=order.user_id ): raise ForbiddenError( {'source': ''}, 'You can only access your orders or your event\'s orders' )
def before_update_object(self, obj, data, kwargs): """ before update object method for attendee detail :param obj: :param data: :param kwargs: :return: """ order = safe_query_by_id(Order, obj.order_id) if not (current_user.is_staff or current_user.id == order.user_id): raise ForbiddenError( 'Only admin or that user itself can update attendee info', ) if order.status != 'initializing' and ( 'checkin_times' not in data ): raise UnprocessableEntityError( {'pointer': '/data/id'}, "Attendee can't be updated because the corresponding order is not in initializing state", ) if 'device_name_checkin' in data: if 'checkin_times' not in data or data['checkin_times'] is None: raise UnprocessableEntityError( {'pointer': '/data/attributes/device_name_checkin'}, "Check in Times missing", ) if 'is_checked_in' in data and data['is_checked_in']: if 'checkin_times' not in data or data['checkin_times'] is None: raise UnprocessableEntityError( {'pointer': '/data/attributes/checkin_times'}, "Check in time missing while trying to check in attendee", ) if obj.checkin_times and data['checkin_times'] not in obj.checkin_times.split( "," ): data['checkin_times'] = '{},{}'.format( obj.checkin_times, data['checkin_times'] ) if 'device_name_checkin' in data and data['device_name_checkin'] is not None: if obj.device_name_checkin is not None: data['device_name_checkin'] = '{},{}'.format( obj.device_name_checkin, data['device_name_checkin'] ) if len(data['checkin_times'].split(",")) != len( data['device_name_checkin'].split(",") ): raise UnprocessableEntityError( {'pointer': '/data/attributes/device_name_checkin'}, "Check in Time missing for the corresponding device name", ) else: if obj.device_name_checkin is not None: data['device_name_checkin'] = '{},{}'.format( obj.device_name_checkin, '-' ) else: data['device_name_checkin'] = '-' if 'is_checked_out' in data and data['is_checked_out']: attendee = safe_query(TicketHolder, 'id', kwargs['id'], 'attendee_id') if not attendee.is_checked_out: checkout_times = ( obj.checkout_times.split(',') if obj.checkout_times else [] ) checkout_times.append(str(datetime.datetime.utcnow())) data['checkout_times'] = ','.join(checkout_times) if 'attendee_notes' in data: if obj.attendee_notes and data[ 'attendee_notes' ] not in obj.attendee_notes.split(","): data['attendee_notes'] = '{},{}'.format( obj.attendee_notes, data['attendee_notes'] ) data['complex_field_values'] = ( validate_custom_form_constraints_request( 'attendee', self.resource.schema, obj, data ) if obj.event.is_ticket_form_enabled else None )
def validate_discount_code(discount_code, tickets=None, ticket_holders=None, event_id=None): """Tickets validation should be performed before calling this function""" from app.models.discount_code import DiscountCode if isinstance(discount_code, int) or (isinstance(discount_code, str) and discount_code.isdigit()): # Discount Code ID is passed discount_code = safe_query_by_id(DiscountCode, discount_code) if not tickets and not ticket_holders: raise ValueError('Need to provide either tickets or ticket_holders') # Otherwise actual instance of Discount Code is passed if event_id: if discount_code.event.id != int(event_id): logger.warning( "Discount code Event ID mismatch", extra=dict(event_id=event_id, discount_code=discount_code), ) raise UnprocessableEntityError({'pointer': 'discount_code_id'}, "Invalid Discount Code") if tickets: ticket_applicable = discount_code.get_supported_tickets( [ticket['id'] for ticket in tickets]).all() if len(ticket_applicable) < 1: logger.warning( "Discount code is not applicable to these tickets", extra=dict( tickets=tickets, applicable_tickets=ticket_applicable, discount_code=discount_code, ), ) raise UnprocessableEntityError({'pointer': 'discount_code_id'}, 'Invalid Discount Code') now = pytz.utc.localize(datetime.utcnow()) valid_from = discount_code.valid_from valid_till = discount_code.valid_till if not discount_code.is_active or not valid_from <= now <= valid_till: logger.warning( "Discount code inactive or expired", extra=dict( discount_code=discount_code, active=discount_code.is_active, valid_from=valid_from, valid_till=valid_till, now=now, ), ) raise UnprocessableEntityError({'pointer': 'discount_code_id'}, "Invalid Discount Code") if not discount_code.is_available(tickets, ticket_holders): raise UnprocessableEntityError({'source': 'discount_code_id'}, 'Discount Usage Exceeded') return discount_code
def test_safe_query_exception(db): """Method to test the exception in function safe_query""" with pytest.raises(ObjectNotFound): safe_query_by_id(Event, 1)