Exemple #1
0
def create_travel_record():
    #TODO: separate to a validation class
    if request.get_json() is None:
        return ru.http_unsupported_media_type()

    if 'description' not in request.get_json():
        return ru.http_bad_gateway(
            message="Description is required in the request")

    if 'start_date' not in request.get_json():
        return ru.http_bad_gateway(
            message="Start date is required in the request")
    else:
        if request.get_json().get('start_date') is None:
            pass
        else:
            if not vu.is_valid_datetime_string(
                    request.get_json().get('start_date')):
                return ru.http_bad_gateway(
                    message="Start date must be in format YYYY-MM-DD")

    if 'end_date' not in request.get_json():
        return ru.http_bad_gateway(
            message="End date is required in the request")
    else:
        if request.get_json().get('end_date') is None:
            pass
        else:
            if not vu.is_valid_datetime_string(
                    request.get_json().get('end_date')):
                return ru.http_bad_gateway(
                    message="End date must be in format YYYY-MM-DD")

            if request.get_json().get('start_date') > request.get_json().get(
                    'end_date'):
                return ru.http_bad_gateway(
                    message=
                    "End date must be greater than or equal to start date")

    if 'mode' not in request.get_json():
        return ru.http_bad_gateway(message="Mode is required in the request")

    if 'ticket_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Ticket cost is required in the request")
    else:
        if request.get_json().get('ticket_cost') is None:
            pass
        else:
            if not (type(request.get_json().get('ticket_cost')) == int
                    or type(request.get_json().get('ticket_cost')) == float):
                return ru.http_bad_gateway(
                    message="Ticket cost must be numeric")

            if request.get_json().get('ticket_cost') < 0:
                return ru.http_bad_gateway(
                    message="Ticket cost must greater than or equal to 0")

    if 'home_airport_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Home airport cost is required in the request")
    else:
        if request.get_json().get('home_airport_cost') is None:
            pass
        else:
            if not (type(request.get_json().get('home_airport_cost')) == int
                    or type(
                        request.get_json().get('home_airport_cost')) == float):
                return ru.http_bad_gateway(
                    message="Home airport cost must be numeric")

            if request.get_json().get('home_airport_cost') < 0:
                return ru.http_bad_gateway(
                    message="Home cost must greater than or equal to 0")

    if 'destination_airport_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Destination airport cost is required in the request")
    else:
        if request.get_json().get('destination_airport_cost') is None:
            pass
        else:
            if not (type(
                    request.get_json().get('destination_airport_cost')) == int
                    or type(request.get_json().get('destination_airport_cost'))
                    == float):
                return ru.http_bad_gateway(
                    message="Destination aiport cost must be numeric")

            if request.get_json().get('destination_airport_cost') < 0:
                return ru.http_bad_gateway(
                    message="Home cost must greater than or equal to 0")

    if 'hotel_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Hotel cost is required in the request")
    else:
        if request.get_json().get('hotel_cost') is None:
            pass
        else:
            if not (type(request.get_json().get('hotel_cost')) == int
                    or type(request.get_json().get('hotel_cost')) == float):
                return ru.http_bad_gateway(
                    message="Hotel cost must be numeric")

            if request.get_json().get('hotel_cost') < 0:
                return ru.http_bad_gateway(
                    message="Hotel cost must greater than or equal to 0")

    if 'local_conveyance' not in request.get_json():
        return ru.http_bad_gateway(
            message="Local conveyance is required in the request")
    else:
        if request.get_json().get('local_conveyance') is None:
            pass
        else:
            if not (type(request.get_json().get('local_conveyance')) == int or
                    type(request.get_json().get('local_conveyance')) == float):
                return ru.http_bad_gateway(
                    message="Local conveyance cost must be numeric")

            if request.get_json().get('local_conveyance') < 0:
                return ru.http_bad_gateway(
                    message="Local conveyance must greater than or equal to 0")

    manager_id = None
    if 'approver' not in request.get_json():
        return ru.http_bad_gateway(
            message="Approver is required in the request")
    else:
        if request.get_json().get('approver') is None:
            pass
        else:
            manager = User.find_by_uid(request.get_json().get('approver'))
            if manager is None:
                return ru.http_bad_gateway(message="Invalid manager")

            if not manager.is_manager:
                return ru.http_bad_gateway(message="Invalid manager")

            manager_id = manager.id

    auth = request.headers.get('authorization').split(' ')

    if not vu.is_valid_bearer(auth):
        return ru.http_unauthorized(message="Invalid Bearer Authentication")

    token = UserToken.is_valid_token(auth[1])

    if token is None:
        return ru.http_unauthorized(message="Invalid token")

    if token.is_blocked or token.is_expired:
        return ru.http_forbidden()

    user = User.find_by_id(token.user)

    if user is None:
        return ru.http_forbidden()

    is_submitted = 1
    if for_values.get(request.args.get('for')) is not None:
        is_submitted = for_values.get(request.args.get('for'))

    if is_submitted == 1:
        if manager_id is None:
            return ru.http_conflict(
                message="Manager must be required when submitting for approval"
            )

    if user.is_employee:
        travel = Travel.create_with_return(
            description=request.get_json().get('description'),
            start_date=request.get_json().get('start_date'),
            end_date=request.get_json().get('end_date'),
            mode=request.get_json().get('mode'),
            ticket_cost=request.get_json().get('ticket_cost'),
            home_airport_cab_cost=request.get_json().get('home_airport_cost'),
            dest_airport_cab_cost=request.get_json().get(
                'destination_airport_cost'),
            hotel_cost=request.get_json().get('hotel_cost'),
            local_conveyance=request.get_json().get('local_conveyance'),
            owner=user.id,
        )

        if travel is None:
            return ru.http_conflict(
                message="Failed to save your travel details")
        else:
            ta = TravelApproval.create(travel=travel.id,
                                       sender=user.id,
                                       approver=manager_id,
                                       status=is_submitted)

            if not ta:
                return ru.http_conflict(
                    message="Failed to save your travel approval details")

        return ru.http_created(message="successfully created")
    else:
        return ru.http_forbidden(
            message='Role is not allowed to create a travel record')
Exemple #2
0
def update_travel_record(id):
    #TODO: separate to a validation class
    if request.get_json() is None:
        return ru.http_unsupported_media_type()

    if 'description' not in request.get_json():
        return ru.http_bad_gateway(
            message="Description is required in the request")

    if 'start_date' not in request.get_json():
        return ru.http_bad_gateway(
            message="Start date is required in the request")
    else:
        if request.get_json().get('start_date') is None:
            pass
        else:
            if not vu.is_valid_datetime_string(
                    request.get_json().get('start_date')):
                return ru.http_bad_gateway(
                    message="Start date must be in format YYYY-MM-DD")

    if 'end_date' not in request.get_json():
        return ru.http_bad_gateway(
            message="End date is required in the request")
    else:
        if request.get_json().get('end_date') is None:
            pass
        else:
            if not vu.is_valid_datetime_string(
                    request.get_json().get('end_date')):
                return ru.http_bad_gateway(
                    message="End date must be in format YYYY-MM-DD")

            if request.get_json().get('start_date') > request.get_json().get(
                    'end_date'):
                return ru.http_bad_gateway(
                    message=
                    "End date must be greater than or equal to start date")

    if 'mode' not in request.get_json():
        return ru.http_bad_gateway(message="Mode is required in the request")

    if 'ticket_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Ticket cost is required in the request")
    else:
        if request.get_json().get('ticket_cost') is None:
            pass
        else:
            if not (type(request.get_json().get('ticket_cost')) == int
                    or type(request.get_json().get('ticket_cost')) == float):
                return ru.http_bad_gateway(
                    message="Ticket cost must be numeric")

            if request.get_json().get('ticket_cost') < 0:
                return ru.http_bad_gateway(
                    message="Ticket cost must greater than or equal to 0")

    if 'home_airport_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Home airport cost is required in the request")
    else:
        if request.get_json().get('home_airport_cost') is None:
            pass
        else:
            if not (type(request.get_json().get('home_airport_cost')) == int
                    or type(
                        request.get_json().get('home_airport_cost')) == float):
                return ru.http_bad_gateway(
                    message="Home airport cost must be numeric")

            if request.get_json().get('home_airport_cost') < 0:
                return ru.http_bad_gateway(
                    message="Home airport cost must greater than or equal to 0"
                )

    if 'destination_airport_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Destination airport cost is required in the request")
    else:
        if request.get_json().get('destination_airport_cost') is None:
            pass
        else:
            if not (type(
                    request.get_json().get('destination_airport_cost')) == int
                    or type(request.get_json().get('destination_airport_cost'))
                    == float):
                return ru.http_bad_gateway(
                    message="Destination aiport cost must be numeric")

            if request.get_json().get('destination_airport_cost') < 0:
                return ru.http_bad_gateway(
                    message=
                    "Destination airport cost must greater than or equal to 0")

    if 'hotel_cost' not in request.get_json():
        return ru.http_bad_gateway(
            message="Hotel cost is required in the request")
    else:
        if request.get_json().get('hotel_cost') is None:
            pass
        else:
            if not (type(request.get_json().get('hotel_cost')) == int
                    or type(request.get_json().get('hotel_cost')) == float):
                return ru.http_bad_gateway(
                    message="Hotel cost must be numeric")

            if request.get_json().get('hotel_cost') < 0:
                return ru.http_bad_gateway(
                    message="Hotel cost must greater than or equal to 0")

    if 'local_conveyance' not in request.get_json():
        return ru.http_bad_gateway(
            message="Local conveyance is required in the request")
    else:
        if request.get_json().get('local_conveyance') is None:
            pass
        else:
            if not (type(request.get_json().get('local_conveyance')) == int or
                    type(request.get_json().get('local_conveyance')) == float):
                return ru.http_bad_gateway(
                    message="Local conveyance cost must be numeric")

            if request.get_json().get('local_conveyance') < 0:
                return ru.http_bad_gateway(
                    message="Local conveyance must greater than or equal to 0")

    manager_id = None
    if 'approver' not in request.get_json():
        return ru.http_bad_gateway(
            message="Approver is required in the request")
    else:
        if request.get_json().get('approver') is None:
            pass
        else:
            manager = User.find_by_uid(request.get_json().get('approver'))
            if manager is None:
                return ru.http_bad_gateway(message="Invalid manager")

            if not manager.is_manager:
                return ru.http_bad_gateway(message="Invalid manager")

            manager_id = manager.id

    auth = request.headers.get('authorization').split(' ')

    if not vu.is_valid_bearer(auth):
        return ru.http_unauthorized(message="Invalid Bearer Authentication")

    token = UserToken.is_valid_token(auth[1])

    if token is None:
        return ru.http_unauthorized(message="Invalid token")

    if token.is_blocked or token.is_expired:
        return ru.http_forbidden()

    user = User.find_by_id(token.user)

    if user is None:
        return ru.http_forbidden()

    is_submitted = 1
    if for_values.get(request.args.get('for')) is not None:
        is_submitted = for_values.get(request.args.get('for'))

    if is_submitted == 1:
        if manager_id is None:
            return ru.http_conflict(
                message="Manager must be required when submitting for approval"
            )

    if user.is_employee:
        sub = db.session.query(
            TravelApproval.id).filter(TravelApproval.travel == id).order_by(
                desc(TravelApproval.id)).limit(1)

        query = db.session.query(Travel, TravelApproval).join(
            TravelApproval, TravelApproval.travel == Travel.id,
            isouter=False).join(User,
                                TravelApproval.approver == User.id,
                                isouter=True).filter(
                                    Travel.owner == user.id, Travel.id == id,
                                    TravelApproval.id == sub).first()

        print(query)

        if query is None:
            return ru.http_bad_gateway(
                message="The data is not available for update")

        if query[1] is not None:
            if query[1].status != 0 or query[1].sender != user.id:
                return ru.http_conflict(
                    message="The data is not available for update")

        if query is None:
            return ru.http_conflict(
                message="Failed to update your travel details")

        query[0].description = request.get_json().get('description'),
        query[0].start_date = request.get_json().get('start_date'),
        query[0].end_date = request.get_json().get('end_date'),
        query[0].mode = request.get_json().get('mode'),
        query[0].ticket_cost = request.get_json().get('ticket_cost'),
        query[0].home_airport_cab_cost = request.get_json().get(
            'home_airport_cost'),
        query[0].dest_airport_cab_cost = request.get_json().get(
            'destination_airport_cost'),
        query[0].hotel_cost = request.get_json().get('hotel_cost'),
        query[0].local_conveyance = request.get_json().get('local_conveyance'),

        if query[1] is None:
            ta = TravelApproval.create(travel=query[0].id,
                                       sender=user.id,
                                       approver=manager_id,
                                       status=is_submitted)
        else:
            query[1].travel = query[0].id
            query[1].sender = user.id
            query[1].approver = manager_id
            query[1].status = is_submitted

        db.session.commit()

        return ru.http_created(message="successfully updated")
    else:
        return ru.http_forbidden(
            message='Role is not allowed to update a travel record')