Exemple #1
0
    def __post__(self, result_types=None):
        request_data = request.get_json()

        # Handle some sloppy category data.
        if 'category' in request_data and (not request_data['category'] or not request_data['category']['id']):
            del request_data['category']

        try:
            search = SearchSchema().load(request_data)
        except ValidationError as e:
            raise RestException(RestException.INVALID_OBJECT, details=e.messages)

        try:
            # Overwrite the result types if requested.
            if not search.types and result_types:
                search.types = result_types
            results = elastic_index.search(search)
        except elasticsearch.ElasticsearchException as e:
            raise RestException(RestException.ELASTIC_ERROR, details=json.dumps(e.info))

        search.reset()  # zero out any existing counts or data on the search prior to populating.
        search.total = results.hits.total

        if search.map_data_only:
            return self.map_data_only_search_results(search, results)
        else:
            return self.full_search_results(search, results)
Exemple #2
0
    def post(self, flow, questionnaire_name):
        flow = Flows.get_flow_by_name(flow)
        if flow is None:
            raise RestException(RestException.NOT_FOUND)
        if not flow.has_step(questionnaire_name):
            raise RestException(RestException.NOT_IN_THE_FLOW)
        request_data = request.get_json()
        request_data["user_id"] = g.user.id
        if "_links" in request_data:
            request_data.pop("_links")
        schema = ExportService.get_schema(
            ExportService.camel_case_it(questionnaire_name))
        new_quest, errors = schema.load(request_data, session=db.session)

        if errors:
            raise RestException(RestException.INVALID_OBJECT, details=errors)
        if new_quest.participant_id is None:
            raise RestException(RestException.INVALID_OBJECT,
                                details="You must supply a participant id.")
        if not g.user.related_to_participant(new_quest.participant_id):
            raise RestException(RestException.UNRELATED_PARTICIPANT)
        db.session.add(new_quest)
        db.session.commit()
        self.log_progress(flow, questionnaire_name, new_quest)
        return schema.dump(new_quest)
Exemple #3
0
 def post(self):
     """
     Adds new user (with given attributes in request data) to the database and sends confirmation email
     to the provided email address
     """
     request_data = request.get_json()
     try:
         request_data['role'] = 'user'
         try:
             new_user = self.userSchema.load(request_data)
         except Exception as errors:
             raise RestException(RestException.INVALID_OBJECT,
                                 details=errors)
         email_exists = db.session.query(
             exists().where(User.email == new_user.email)).scalar()
         if email_exists:
             raise RestException(RestException.EMAIL_EXISTS)
         db.session.add(new_user)
         db.session.commit()
         self.send_confirm_email(new_user)
         return self.userSchema.dump(new_user)
     except IntegrityError as ie:
         raise RestException(RestException.INVALID_OBJECT)
     except ValidationError as err:
         raise RestException(RestException.INVALID_OBJECT,
                             details=new_user.errors)
Exemple #4
0
 def post(self):
     request_data = request.get_json()
     if 'relationship' in request_data:
         if not Relationship.has_name(request_data['relationship']):
             raise RestException(RestException.UNKNOWN_RELATIONSHIP,
                                 details="Valid Options:" +
                                 ','.join(Relationship.options()))
         else:
             relationship = request_data['relationship']
             request_data.pop('relationship', None)
     else:
         relationship = None
     if 'user_id' not in request_data:
         request_data['user_id'] = g.user.id
     try:
         load_result = self.schema.load(request_data).data
         load_result.user = db.session.query(User).filter(
             User.id == request_data['user_id']).first()
         load_result.relationship = relationship
         db.session.add(load_result)
         db.session.commit()
         return self.schema.dump(load_result)
     except ValidationError as err:
         raise RestException(RestException.INVALID_OBJECT,
                             details=load_result.errors)
     except exc.IntegrityError as err:
         raise RestException(RestException.INVALID_OBJECT,
                             details=load_result.errors)
Exemple #5
0
def login_password():
    request_data = request.get_json()
    email = request_data['email']
    user = User.query.filter(func.lower(User.email) == email.lower()).first()
    schema = UserSchema(many=False)

    if user is None:
        raise RestException(RestException.LOGIN_FAILURE)
    if user.email_verified:
        if user.is_correct_password(request_data["password"]):
            # redirect users back to the front end, include the new auth token.
            auth_token = user.encode_auth_token().decode()
            g.user = user
            user.token = auth_token
            user.last_login = datetime.datetime.utcnow()
            db.session.add(user)
            db.session.commit()
            return schema.jsonify(user)
        else:
            raise RestException(RestException.LOGIN_FAILURE)
    else:
        if 'email_token' in request_data:
            g.user = confirm_email(request_data['email_token'])
            return schema.jsonify(user)
        else:
            raise RestException(RestException.CONFIRM_EMAIL)
Exemple #6
0
 def get(self, id):
     if g.user.id != eval(
             id
     ) and Permission.user_detail_admin not in g.user.role.permissions():
         raise RestException(RestException.PERMISSION_DENIED)
     model = db.session.query(User).filter_by(id=id).first()
     if model is None: raise RestException(RestException.NOT_FOUND)
     return self.schema.dump(model)
Exemple #7
0
 def decode_auth_token(auth_token):
     try:
         payload = jwt.decode(auth_token, app.config.get('SECRET_KEY'), algorithms='HS256')
         return payload['sub']
     except jwt.ExpiredSignatureError:
         raise RestException(RestException.TOKEN_EXPIRED)
     except jwt.InvalidTokenError:
         raise RestException(RestException.TOKEN_INVALID)
Exemple #8
0
 def get(self, id):
     model = db.session.query(Participant).filter_by(id=id).first()
     if model is None: raise RestException(RestException.NOT_FOUND)
     if not model and (g.user.related_to_participant(model.id)
                       and not g.user.role == Role.admin):
         raise RestException(RestException.UNRELATED_PARTICIPANT)
     if model is None: raise RestException(RestException.NOT_FOUND)
     return self.schema.dump(model)
Exemple #9
0
 def get(self, name, participant_id):
     flow = Flows.get_flow_by_name(name)
     participant = db.session.query(Participant).filter_by(id=participant_id).first()
     if participant is None: raise RestException(RestException.NOT_FOUND)
     if g.user.related_to_participant(participant_id) and not g.user.role == 'Admin':
         raise RestException(RestException.UNRELATED_PARTICIPANT)
     step_logs = db.session.query(StepLog).filter_by(participant_id=participant_id, flow=name)
     for log in step_logs:
         flow.update_step_progress(log)
     return self.schema.dump(flow)
Exemple #10
0
 def post(self):
     request_data = request.get_json()
     try:
         new_note, errors = self.adminNoteSchema.load(request_data)
         if errors:
             raise RestException(RestException.INVALID_OBJECT,
                                 details=errors)
         db.session.add(new_note)
         db.session.commit()
         return self.adminNoteSchema.dump(new_note)
     except ValidationError as err:
         raise RestException(RestException.INVALID_OBJECT,
                             details=new_note.errors)
Exemple #11
0
 def put(self, id):
     request_data = request.get_json()
     instance = db.session.query(Participant).filter_by(id=id).first()
     if not g.user.related_to_participant(
             instance.id) and not g.user.role == Role.admin:
         raise RestException(RestException.UNRELATED_PARTICIPANT)
     updated, errors = self.schema.load(request_data, instance=instance)
     if errors:
         raise RestException(RestException.INVALID_OBJECT, details=errors)
     updated.last_updated = datetime.datetime.now()
     db.session.add(updated)
     db.session.commit()
     return self.schema.dump(updated)
Exemple #12
0
 def put(self, id):
     if g.user.id != eval(id) and g.user.role != Role.admin:
         raise RestException(RestException.PERMISSION_DENIED)
     request_data = request.get_json()
     if 'role' in request_data and request_data['role'] == 'admin' and g.user.role == Role.admin:
         request_data['role'] = 'admin'
     else:
         request_data['role'] = 'user'
     instance = db.session.query(User).filter_by(id=id).first()
     updated, errors = self.schema.load(request_data, instance=instance)
     if errors: raise RestException(RestException.INVALID_OBJECT, details=errors)
     updated.last_updated = datetime.datetime.now()
     db.session.add(updated)
     db.session.commit()
     return self.schema.dump(updated)
Exemple #13
0
 def put(self, id):
     request_data = request.get_json()
     instance = db.session.query(ThrivResource).filter_by(id=id).first()
     if instance.user_may_edit():
         updated, errors = ThrivResourceSchema().load(request_data,
                                                      instance=instance)
         if errors:
             raise RestException(RestException.INVALID_OBJECT,
                                 details=errors)
         updated.last_updated = datetime.datetime.now()
         db.session.add(updated)
         db.session.commit()
         elastic_index.update_resource(updated)
         return ThrivResourceSchema().dump(updated)
     else:
         raise RestException(RestException.PERMISSION_DENIED)
Exemple #14
0
 def delete(self, id):
     try:
         db.session.query(Category).filter(Category.id == id).delete()
         db.session.commit()
     except IntegrityError as error:
         raise RestException(RestException.CAN_NOT_DELETE)
     return
Exemple #15
0
 def post(self):
     request_data = request.get_json()
     new_cat, errors = self.category_schema.load(request_data)
     if errors: raise RestException(RestException.INVALID_OBJECT, details=errors)
     db.session.add(new_cat)
     db.session.commit()
     return self.category_schema.dump(new_cat)
Exemple #16
0
    def put(self, name, id):
        """
        Modifies an existing questionnaire record.

        Parameters:
            name (str):
                Snake-cased name of the questionnaire class (should also match the table name),
                found in app.model.questionnaires.
                E.g., clinical_diagnoses_questionnaire -> ClinicalDiagnosesQuestionnaire

            id (int): ID of the questionnaire record to retrieve

        Returns: The updated questionnaire record.
        """
        name = ExportService.camel_case_it(name)
        class_ref = ExportService.get_class(name)
        instance = db.session.query(class_ref).filter(
            class_ref.id == id).first()
        schema = ExportService.get_schema(name, session=db.session)
        request_data = request.get_json()
        if "_links" in request_data:
            request_data.pop("_links")

        try:
            updated = schema.load(request_data, instance=instance)
        except Exception as errors:
            raise RestException(RestException.INVALID_OBJECT, details=errors)

        updated.last_updated = datetime.datetime.utcnow()
        db.session.add(updated)
        db.session.commit()
        return schema.dump(updated)
Exemple #17
0
 def password(self, plaintext):
     role_name = self.role_name()
     if self.password_meets_requirements(role_name, plaintext):
         self._password = bcrypt.generate_password_hash(plaintext)
     else:
         message = "Please enter a valid password. " + password_requirements[role_name]['instructions']
         raise RestException(RestException.INVALID_INPUT, details=message)
Exemple #18
0
 def post(self):
     request_data = request.get_json()
     try:
         load_result = self.eventSchema.load(request_data).data
         address_dict = {
             'street': load_result.street_address1,
             'city': load_result.city,
             'state': load_result.state,
             'zip': load_result.zip
         }
         geocode = Geocode.get_geocode(address_dict=address_dict)
         load_result.latitude = geocode['lat']
         load_result.longitude = geocode['lng']
         db.session.add(load_result)
         db.session.commit()
         elastic_index.add_document(load_result,
                                    'Event',
                                    latitude=load_result.latitude,
                                    longitude=load_result.longitude)
         self.log_update(event_id=load_result.id,
                         event_title=load_result.title,
                         change_type='create')
         return self.eventSchema.dump(load_result)
     except ValidationError as err:
         raise RestException(RestException.INVALID_OBJECT,
                             details=load_result.errors)
Exemple #19
0
 def put(self, id):
     request_data = request.get_json()
     instance = db.session.query(Event).filter_by(id=id).first()
     if instance.zip != request_data['zip'] \
             or instance.street_address1 != request_data['street_address1']\
             or instance.latitude is None:
         address_dict = {
             'street': request_data['street_address1'],
             'city': request_data['city'],
             'state': request_data['state'],
             'zip': request_data['zip']
         }
         geocode = Geocode.get_geocode(address_dict=address_dict)
         request_data['latitude'] = geocode['lat']
         request_data['longitude'] = geocode['lng']
     updated, errors = self.schema.load(request_data, instance=instance)
     if errors:
         raise RestException(RestException.INVALID_OBJECT, details=errors)
     updated.last_updated = datetime.datetime.utcnow()
     db.session.add(updated)
     db.session.commit()
     elastic_index.update_document(updated,
                                   'Event',
                                   latitude=updated.latitude,
                                   longitude=updated.longitude)
     self.log_update(event_id=updated.id,
                     event_title=updated.title,
                     change_type='edit')
     return self.schema.dump(updated)
Exemple #20
0
    def post(self):
        request_data = request.get_json()
        search, errors = SearchSchema().load(request_data)

        if errors:
            raise RestException(RestException.INVALID_OBJECT, details=errors)
        try:
            if 'user' not in g or not g.user or g.user.role != "Admin":
                search.filters.append(
                    Filter(field="Approved", value="Approved"))
                results = elastic_index.search_resources(search)
                search.filters = search.filters[:-1]
            else:
                results = elastic_index.search_resources(search)
        except elasticsearch.ElasticsearchException as e:
            raise RestException(RestException.ELASTIC_ERROR)

        search.total = results.hits.total

        search.facets = []
        for facet_name in results.facets:
            if facet_name == "Approved":
                if 'user' in g and g.user and g.user.role == "Admin":
                    facet = Facet(facet_name)
                    facet.facetCounts = []
                    for category, hit_count, is_selected in results.facets[
                            facet_name]:
                        facet.facetCounts.append(
                            FacetCount(category, hit_count, is_selected))
                    search.facets.append(facet)
            else:
                facet = Facet(facet_name)
                facet.facetCounts = []
                for category, hit_count, is_selected in results.facets[
                        facet_name]:
                    facet.facetCounts.append(
                        FacetCount(category, hit_count, is_selected))
                search.facets.append(facet)

        resources = []
        for hit in results:
            resource = ThrivResource.query.filter_by(id=hit.id).first()
            if resource is not None:
                resources.append(resource)
        search.resources = ThrivResourceSchema().dump(resources,
                                                      many=True).data
        return SearchSchema().jsonify(search)
Exemple #21
0
 def post(self):
     json_data = request.get_json()
     uploaded_file, errors = self.fileSchema.load(json_data)
     if errors:
         raise RestException(RestException.INVALID_OBJECT, details=errors)
     db.session.add(uploaded_file)
     db.session.commit()
     return self.fileSchema.dump(uploaded_file)
Exemple #22
0
 def put(self, id):
     request_data = request.get_json()
     instance = db.session.query(Category).filter_by(id=id).first()
     updated, errors = self.schema.load(request_data, instance=instance)
     if errors:
         raise RestException(RestException.INVALID_OBJECT, details=errors)
     db.session.add(updated)
     return self.schema.dump(updated)
Exemple #23
0
 def get(self, flow, questionnaire_name):
     questionnaire_name = ExportService.camel_case_it(questionnaire_name)
     flow = Flows.get_flow_by_name(flow)
     if flow is None:
         raise RestException(RestException.NOT_FOUND)
     class_ref = ExportService.get_class(questionnaire_name)
     questionnaire = class_ref()
     return ExportService.get_meta(questionnaire, flow.relationship)
Exemple #24
0
    def post(self, id):
        request_data = request.get_json()

        try:
            existing = db.session.query(UserMeta).filter(
                UserMeta.id == id).first()
            new_meta = self.schema.load(request_data, instance=existing)
            new_meta.last_updated = datetime.datetime.utcnow()
            db.session.add(new_meta)
            db.session.commit()
            return self.schema.dump(new_meta)
        except ValidationError as err:
            raise RestException(RestException.INVALID_OBJECT,
                                details=new_meta.errors)
        except exc.IntegrityError as err:
            raise RestException(RestException.INVALID_OBJECT,
                                details=new_meta.errors)
Exemple #25
0
 def post(self):
     request_data = request.get_json()
     try:
         new_cat = self.category_schema.load(data=request_data, session=db.session)
     except Exception as e:
         raise RestException(RestException.INVALID_OBJECT, details=e)
     db.session.add(new_cat)
     db.session.commit()
     return self.category_schema.dump(new_cat)
Exemple #26
0
 def put(self, id):
     request_data = request.get_json()
     instance = db.session.query(Organization).filter_by(id=id).first()
     updated, errors = self.schema.load(request_data, instance=instance)
     if errors: raise RestException(RestException.INVALID_OBJECT, details=errors)
     updated.last_updated = datetime.datetime.now()
     db.session.add(updated)
     db.session.commit()
     return self.schema.dump(updated)
Exemple #27
0
 def post(self):
     request_data = request.get_json()
     try:
         request_data['role'] = 'user'
         new_user, errors = self.userSchema.load(request_data)
         if errors: raise RestException(RestException.INVALID_OBJECT, details=errors)
         email_exists = db.session.query(exists().where(User.email == new_user.email)).scalar()
         if email_exists:
             raise RestException(RestException.EMAIL_EXISTS)
         db.session.add(new_user)
         db.session.commit()
         self.send_confirm_email(new_user)
         return self.userSchema.dump(new_user)
     except IntegrityError as ie:
         raise RestException(RestException.INVALID_OBJECT)
     except ValidationError as err:
         raise RestException(RestException.INVALID_OBJECT,
                             details=new_user.errors)
Exemple #28
0
 def get(self, name, id):
     name = ExportService.camel_case_it(name)
     class_ref = ExportService.get_class(name)
     instance = db.session.query(class_ref).filter(
         class_ref.id == id).first()
     if instance is None:
         raise RestException(RestException.NOT_FOUND)
     schema = ExportService.get_schema(name)
     return schema.dump(instance)
Exemple #29
0
 def get(self, id):
     resource = db.session.query(ThrivResource).filter(
         ThrivResource.id == id).first()
     if resource is None:
         raise RestException(RestException.NOT_FOUND)
     response_dump = ThrivResourceSchema().dump(resource)
     response_dump[0]['event_date'] = [
         response_dump[0]['starts'], response_dump[0]['ends']]
     return response_dump
Exemple #30
0
 def post(self):
     request_data = request.get_json()
     try:
         load_result = self.iconSchema.load(request_data).data
         db.session.add(load_result)
         db.session.commit()
         return self.iconSchema.dump(load_result)
     except ValidationError:
         raise RestException(RestException.INVALID_OBJECT,
                             details=load_result.errors)