def get(self): req_parser = reqparse.RequestParser() req_parser.add_argument('event_id', type=int, required=True) req_parser.add_argument('user_id', type=int, required=True) args = req_parser.parse_args() current_user = user_repository.get_by_id(g.current_user['id']) if not current_user.is_event_admin(args['event_id']): return FORBIDDEN comments = db.session.query(UserComment).filter( UserComment.event_id == args['event_id'], UserComment.user_id == args['user_id']).all() return comments
def get(self): args = self.req_parser.parse_args() event_id = args['event_id'] current_user_id = g.current_user['id'] current_user = user_repository.get_by_id(current_user_id) if not (current_user.is_event_admin(event_id) or current_user.is_admin): return FORBIDDEN invited_guests = db.session.query(InvitedGuest, AppUser).filter_by(event_id=event_id).join( AppUser, InvitedGuest.user_id == AppUser.id).all() views = [InvitedGuestView(invited_guest) for invited_guest in invited_guests] return views
def post(self, event_id): parser = reqparse.RequestParser() parser.add_argument('response_ids', type=int, required=True, action='append') parser.add_argument('reviewer_email', type=str, required=True) args = parser.parse_args() response_ids = args['response_ids'] reviewer_email = args['reviewer_email'] filtered_response_ids = response_repository.filter_ids_to_event( response_ids, event_id) print('response_ids:', response_ids) print('filtered_response_ids:', filtered_response_ids) if set(filtered_response_ids) != set(response_ids): return FORBIDDEN event = event_repository.get_by_id(event_id) reviewer_user = user_repository.get_by_email(reviewer_email, g.organisation.id) if reviewer_user is None: return USER_NOT_FOUND if not reviewer_user.is_reviewer(event_id): _add_reviewer_role(reviewer_user.id, event_id) response_reviewers = [ ResponseReviewer(response_id, reviewer_user.id) for response_id in response_ids ] db.session.add_all(response_reviewers) db.session.commit() if len(response_ids) > 0: email_user('reviews-assigned', template_parameters=dict( num_reviews=len(response_ids), baobab_host=misc.get_baobab_host(), system_name=g.organisation.system_name, event_key=event.key), event=event, user=reviewer_user) return {}, 201
def put(self): args = self.put_req_parser.parse_args() user_id = g.current_user['id'] is_submitted = args['is_submitted'] language = args['language'] response = response_repository.get_by_id(args['id']) if not response: return errors.RESPONSE_NOT_FOUND if response.user_id != user_id: return errors.UNAUTHORIZED if response.application_form_id != args['application_form_id']: return errors.UPDATE_CONFLICT response.is_submitted = is_submitted response.language = language if is_submitted: response.submit() response_repository.save(response) answers = [] for answer_args in args['answers']: answer = response_repository.get_answer_by_question_id_and_response_id( answer_args['question_id'], response.id) if answer: answer.update(answer_args['value']) else: answer = Answer(response.id, answer_args['question_id'], answer_args['value']) answers.append(answer) response_repository.save_answers(answers) try: if response.is_submitted: LOGGER.info( 'Sending confirmation email for response with ID : {id}'. format(id=response.id)) user = user_repository.get_by_id(user_id) response = response_repository.get_by_id_and_user_id( response.id, user_id) self.send_confirmation(user, response) except: LOGGER.warn( 'Failed to send confirmation email for response with ID : {id}, but the response was submitted succesfully' .format(id=response.id)) finally: return response, 200
def get(self): args = self.get_req_parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN config = review_configuration_repository.get_configuration_for_event( event_id) return { 'reviews_unallocated': review_repository.count_unassigned_reviews( event_id, config.num_reviews_required) }
def put(self): args = self.req_parser.parse_args() policy_agreed = args['policy_agreed'] if not policy_agreed: return POLICY_NOT_AGREED current_user_id = g.current_user['id'] current_user = user_repository.get_by_id(current_user_id) if current_user.has_agreed(): return POLICY_ALREADY_AGREED current_user.agree_to_policy() db.session.commit() return {}, 200
def get(self): args = self.get_req_parser.parse_args() user = user_repository.get_by_id(g.current_user['id']) response = response_repository.get_by_id(args['response_id']) if not response: return RESPONSE_NOT_FOUND event = event_repository.get_event_by_response_id(response.id) if not user.is_event_admin(event.id): return FORBIDDEN reference_responses = reference_request_repository.get_references_by_response_id( response.id) return [ reference_response.Reference for reference_response in reference_responses ], 200
def post(self): LOGGER.debug('Received post request for reference-request') args = self.post_req_parser.parse_args() response_id = args['response_id'] title = args['title'] firstname = args['firstname'] lastname = args['lastname'] relation = args['relation'] email = args['email'] user = user_repository.get_by_id(g.current_user['id']) if not user: return USER_NOT_FOUND response_event = event_repository.get_event_by_response_id(response_id) if not response_event or not response_event.Event: return EVENT_NOT_FOUND event = response_event.Event reference_request = ReferenceRequest(response_id=response_id, title=title, firstname=firstname, lastname=lastname, relation=relation, email=email) reference_request_repository.create(reference_request) link = "{host}/{key}/reference?token={token}".format( host=misc.get_baobab_host(), key=event.key, token=reference_request.token) subject = 'REFERENCE REQUEST - {}'.format(event.name) body = REFERENCE_REQUEST_EMAIL_BODY.format( title=title, firstname=firstname, lastname=lastname, event_description=event.description, link=link, candidate_firstname=user.firstname, candidate_lastname=user.lastname, application_close_date=event.application_close) send_mail(recipient=email, subject=subject, body_text=body) reference_request.set_email_sent(datetime.now()) reference_request_repository.update(reference_request) return {}, 201
def post(self): args = self.req_parser.parse_args() user_api = UserAPI.UserAPI() user, status = user_api.post(invitedGuest=True) if status != 201: return user, status invited_guest_api = InvitedGuestAPI() invited_guest_info, status = invited_guest_api.post(send_email=False) if status == 201: event_id = invited_guest_info['event_id'] role = invited_guest_info['role'] user = user_repository.get_by_id(user['id']) event = event_repository.get_by_id(event_id) reset_code = misc.make_code() password_reset = PasswordReset(user=user) db.session.add(password_reset) db.session.commit() try: send_mail(recipient=user.email, subject='Your invitation to {}'.format(event.name), body_text=NEW_GUEST_EMAIL_TEMPLATE.format( user_title=user.user_title, firstname=user.firstname, lastname=user.lastname, role=role, event_name=event.name, event_key=event.key, system_name=g.organisation.system_name, host=misc.get_baobab_host(), reset_code=password_reset.code)) except Exception as e: LOGGER.error( 'Failed to send email for invited guest with user Id {} due to: {}' .format(user.id, e)) return INVITED_GUEST_EMAIL_FAILED return invited_guest_info, status
def get(self): parser = reqparse.RequestParser() parser.add_argument('event_id', type=int, required=True) parser.add_argument('language', type=str, required=True) args = parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] language = args['language'] if not user_repository.get_by_id(user_id).is_reviewer(event_id): return FORBIDDEN responses_to_review = review_repository.get_review_list( user_id, event_id) return [ ReviewListAPI._serialize_response(response, review_response, language) for response, review_response in responses_to_review ]
def _get_registrations(event_id, user_id, confirmed, exclude_already_signed_in=False): try: current_user = UserRepository.get_by_id(user_id) if not current_user.is_registration_volunteer(event_id): return errors.FORBIDDEN if (exclude_already_signed_in == True): registrations = RegistrationRepository.get_unsigned_in_attendees( event_id, confirmed=confirmed) guest_registration = GuestRegistrationRepository.get_all_unsigned_guests( event_id) else: if confirmed is None: registrations = RegistrationRepository.get_all_for_event( event_id) else: registrations = RegistrationRepository.get_confirmed_for_event( event_id, confirmed=confirmed) guest_registration = GuestRegistrationRepository.get_all_guests( event_id) registrations = [map_registration_info(info) for info in registrations] guest_registrations = [ map_registration_info_guests(info) for info in guest_registration ] all_registrations = registrations + guest_registrations # remove duplicates all_registrations_no_duplicates = list() for name, group in itertools.groupby(sorted( all_registrations, key=lambda d: d['user_id']), key=lambda d: d['user_id']): all_registrations_no_duplicates.append(next(group)) return marshal(all_registrations_no_duplicates, registration_admin_fields) except Exception as e: LOGGER.error( 'Error occured while retrieving unconfirmed registrations: {}'. format(e)) return errors.DB_NOT_AVAILABLE
def post(self): args = self.req_parser.parse_args() user_api = UserAPI.UserAPI() user, status = user_api.post(invitedGuest=True) if status != 201: return user, status invited_guest_api = InvitedGuestAPI() invited_guest_info, status = invited_guest_api.post(send_email=False) if status == 201: event_id = invited_guest_info['event_id'] role = invited_guest_info['role'] user = user_repository.get_by_id(user['id']) event = event_repository.get_by_id(event_id) reset_code = misc.make_code() password_reset=PasswordReset(user=user) db.session.add(password_reset) db.session.commit() try: email_user( 'new-guest-registration' if event.is_registration_open else 'new-guest-no-registration', template_parameters=dict( event_key=event.key, system_name=g.organisation.system_name, host=misc.get_baobab_host(), role=role, reset_code=password_reset.code, ), event=event, user=user ) except Exception as e: LOGGER.error('Failed to send email for invited guest with user Id {} due to: {}'.format(user.id, e)) return INVITED_GUEST_EMAIL_FAILED return invited_guest_info, status
def post(self): req_parser = reqparse.RequestParser() req_parser.add_argument('user_id', type=int, required=True) req_parser.add_argument('email_subject', type=str, required=True) req_parser.add_argument('email_body', type=str, required=True) args = req_parser.parse_args() user = user_repository.get_by_id(args['user_id']) if user is None: return errors.USER_NOT_FOUND try: send_mail(recipient=user.email, subject=args['email_subject'], body_text=GENERIC_EMAIL_TEMPLATE.format( user_title=user.user_title, user_firstname=user.firstname, user_lastname=user.lastname, body=args['email_body'], )) except Exception as e: LOGGER.error('Error sending email: {}'.format(e)) return errors.EMAIL_NOT_SENT
def get(self): email = request.args.get('email') LOGGER.debug("Resending verification email to: {}".format(email)) user = user_repository.get_by_email(email, g.organisation.id) if not user: LOGGER.debug( "User not found for email: {} in organisation: {}".format( email, g.organisation.name)) return USER_NOT_FOUND if user.verify_token is None: user.verify_token = make_code() try: db.session.commit() except IntegrityError: LOGGER.error("Adding verify token for {} failed. ".format(email)) return ADD_VERIFY_TOKEN_FAILED send_mail(recipient=user.email, sender_name=g.organisation.name, sender_email=g.organisation.email_from, subject='{} Email Verification'.format( g.organisation.system_name), body_text=VERIFY_EMAIL_BODY.format( title=user.user_title, firstname=user.firstname, lastname=user.lastname, system=g.organisation.system_name, organisation=g.organisation.name, host=misc.get_baobab_host(), token=user.verify_token)) LOGGER.debug("Resent email verification to: {}".format(email)) return {}, 201
def get(self): args = self.req_parser.parse_args() event = db.session.query(Event).filter(Event.id == args['event_id']).first() if not event: return EVENT_NOT_FOUND user_id = g.current_user["id"] event_id = args['event_id'] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN num_users = db.session.query(AppUser.id).count() num_responses = db.session.query(Response.id).count() num_submitted_respones = db.session.query(Response).filter(Response.is_submitted == True).count() return { 'event_description': event.description, 'num_users': num_users, 'num_responses': num_responses, 'num_submitted_responses': num_submitted_respones }, 200
def post(self): req_parser = reqparse.RequestParser() req_parser.add_argument('email', type=str, required=True) args = req_parser.parse_args() LOGGER.debug( "Requesting password reset for email {} and organisation {}". format(args['email'], g.organisation.name)) user = user_repository.get_by_email(args['email'], g.organisation.id) if not user: LOGGER.debug( "No user found for email {} and organisation {}".format( args['email'], g.organisation.name)) return USER_NOT_FOUND password_reset = PasswordReset(user=user) db.session.add(password_reset) db.session.commit() send_mail(recipient=args['email'], sender_name=g.organisation.name, sender_email=g.organisation.email_from, subject='Password Reset for {}'.format( g.organisation.system_name), body_text=RESET_EMAIL_BODY.format( title=user.user_title, firstname=user.firstname, lastname=user.lastname, system=g.organisation.system_name, organisation=g.organisation.name, host=misc.get_baobab_host(), token=password_reset.code)) return {}, 201
def put(self): # Update an existing response for the logged-in user. args = self.req_parser.parse_args() try: user_id = verify_token(request.headers.get('Authorization'))['id'] registration = db.session.query(GuestRegistration).filter( GuestRegistration.id == args['guest_registration_id']).one_or_none() if registration is None: return 'Registration not found', 404 registration.registration_form_id = args['registration_form_id'] db.session.commit() for answer_args in args['answers']: answer = db.session.query(GuestRegistrationAnswer).filter( GuestRegistrationAnswer.registration_question_id == answer_args['registration_question_id'], GuestRegistrationAnswer.guest_registration_id == args['guest_registration_id']).one_or_none() if answer is not None: answer.value = answer_args['value'] elif db.session.query(RegistrationQuestion).filter( RegistrationQuestion.id == answer_args['registration_question_id']).one(): answer = GuestRegistrationAnswer( guest_registration_id=registration.id, registration_question_id=answer_args[ 'registration_question_id'], value=answer_args['value']) db.session.add(answer) db.session.commit() current_user = user_repository.get_by_id(user_id) registration_answers = db.session.query( GuestRegistrationAnswer).filter( GuestRegistrationAnswer.guest_registration_id == registration.id).all() registration_questions = db.session.query( RegistrationQuestion).filter( RegistrationQuestion.registration_form_id == args['registration_form_id']).all() registration_form = db.session.query(RegistrationForm).filter( RegistrationForm.id == args['registration_form_id']).first() event = event_repository.get_by_id(registration_form.event_id) email_sent = self.send_confirmation(current_user, registration_questions, registration_answers, event) if email_sent: registration.confirmation_email_sent_at = date.today() db.session.commit() return 200 except Exception as e: return 'Could not access DB', 400
def post(self): args = self.req_parser.parse_args() event_id = args['event_id'] user_id = args['user_id'] registration_user_id = g.current_user['id'] registration_user = user_repository.get_by_id(registration_user_id) if not registration_user.is_registration_volunteer(event_id): return FORBIDDEN event = event_repository.get_by_id(event_id) if event is None: return EVENT_NOT_FOUND user = user_repository.get_by_id(user_id) if user is None: return USER_NOT_FOUND if attendance_repository.exists(event_id, user_id): return ATTENDANCE_ALREADY_CONFIRMED attendance = Attendance(event_id, user_id, registration_user_id) attendance_repository.create(attendance) send_mail(recipient=user.email, subject='Welcome to {}'.format(event.name), body_text=ATTENDANCE_EMAIL_BODY.format( user_title=user.user_title, first_name=user.firstname, last_name=user.lastname, event_name=event.name)) # Other Fields unavailable_response = None invitedguest_role = unavailable_response is_invited_guest = unavailable_response has_accepted_accom_award = unavailable_response offer = db.session.query(Offer).filter( Offer.user_id == user_id).filter( Offer.event_id == event_id).first() if offer: has_accepted_accom_award = (offer.accommodation_award and offer.accepted_accommodation_award) # Check if invited guest invited_guest = db.session.query(InvitedGuest).filter( InvitedGuest.event_id == event_id).filter( InvitedGuest.user_id == user.id).first() if (invited_guest): is_invited_guest = True invitedguest_role = invited_guest.role # Shirt Size shirt_answer = ( get_registration_answer_based_headline(user_id, "T-Shirt Size") and get_registration_answer_based_headline( user_id, "T-Shirt Size").value) or unavailable_response # Poster registration bringing_poster = False poster_answer = get_registration_answer_based_headline( user_id, "Will you be bringing a poster?") if (poster_answer is not None and poster_answer.value == 'yes'): bringing_poster = True attendance_user = AttendanceUser(attendance, has_accepted_accom_award, shirt_answer, is_invited_guest, bringing_poster, invitedguest_role) return attendance_user, 201
def put(self): # Update an existing response for the logged-in user. req_parser = reqparse.RequestParser() args = self.req_parser.parse_args() try: user_id = verify_token(request.headers.get('Authorization'))['id'] registration = db.session.query(Registration).filter( Registration.id == args['registration_id']).one_or_none() if registration is None: return 'Registration not found', 404 db_offer = db.session.query(Offer).filter( Offer.id == registration.offer_id).one_or_none() if db_offer is None: return errors.OFFER_NOT_FOUND if db_offer.user_id != user_id: return errors.FORBIDDEN registration.registration_form_id = args['registration_form_id'] db.session.commit() for answer_args in args['answers']: answer = db.session.query(RegistrationAnswer).filter( RegistrationAnswer.registration_question_id == answer_args['registration_question_id'], RegistrationAnswer.registration_id == args['registration_id']).one_or_none() if answer is not None: answer.value = answer_args['value'] elif db.session.query(RegistrationQuestion).filter( RegistrationQuestion.id == answer_args['registration_question_id']).one(): answer = RegistrationAnswer( registration_id=registration.id, registration_question_id=answer_args[ 'registration_question_id'], value=answer_args['value']) db.session.add(answer) db.session.commit() current_user = user_repository.get_by_id(user_id) registration_answers = db.session.query(RegistrationAnswer).filter( RegistrationAnswer.registration_id == registration.id).all() registration_questions = db.session.query( RegistrationQuestion).filter( RegistrationQuestion.registration_form_id == args['registration_form_id']).all() registration_form = db.session.query(RegistrationForm).filter( RegistrationForm.id == args['registration_form_id']).first() event = event_repository.get_by_id(registration_form.event_id) self.send_confirmation(current_user, registration_questions, registration_answers, registration.confirmed, event) return 200 except Exception as e: return 'Could not access DB', 400