def occurrenceHandler(request, *, occurrence, info_role):
releve = TRelevesOccurrence.query.get_or_404(occurrence.id_releve_occtax)
# Test des droits d'édition du relevé si modification
if occurrence.id_occurrence_occtax is not None:
user_cruved = get_or_fetch_user_cruved(session=session,
id_role=info_role.id_role,
module_code="OCCTAX")
# info_role.code_action = update_data_scope
info_role = UserRigth(
id_role=info_role.id_role,
value_filter=user_cruved["U"],
code_action="U",
id_organisme=info_role.id_organisme,
)
releve = releve.get_releve_if_allowed(info_role)
# fin test, si ici => c'est ok
occurrenceSchema = OccurrenceSchema()
try:
occurrence = occurrenceSchema.load(request.get_json(),
instance=occurrence)
except ValidationError as error:
log.exception(error.messages)
raise BadRequest(error.messages)
DB.session.add(occurrence)
DB.session.commit()
return occurrence
def test_get_releve_cruved(self):
from occtax.backend.models import ReleveModel, VReleveList
user_hight = UserRigth(**user_admin)
releveInstance = VReleveList(**valide_occ_tax_releve)
user_cruved = get_or_fetch_user_cruved(session=session,
id_role=user_hight.id_role,
id_application=16,
id_application_parent=14)
cruved = {'R': '3', 'E': '3', 'C': '3', 'V': '3', 'D': '3', 'U': '3'}
assert cruved == user_cruved
releve_cruved = releveInstance.get_releve_cruved(user_hight, cruved)
user_releve_cruved = {
'E': True,
'V': True,
'R': True,
'D': True,
'C': True,
'U': True
}
assert releve_cruved == user_releve_cruved
def test_user_not_observer(self):
"""
user is not observer of the releve and have low right
Must return an InsufficientRightsError
"""
from occtax.backend.models import ReleveModel, VReleveList
user_2 = UserRigth(**user_low)
releveInstance = VReleveList(**valide_occ_tax_releve)
with pytest.raises(InsufficientRightsError):
releveInstance.get_releve_if_allowed(user_2)
def test_user_not_in_dataset(self):
"""
user is not observer of the releve cannot see dataset
number 1
Must return an InsufficientRightsError
"""
from occtax.backend.models import ReleveModel, VReleveList
_user_agent = UserRigth(**user_agent)
releveInstance = VReleveList(**valide_occ_tax_releve)
with pytest.raises(InsufficientRightsError):
releveInstance.get_releve_if_allowed(_user_agent)
def test_user_low_digitiser(self):
"""
user is digitiser of the releve and have low right
Must return true
"""
from occtax.backend.models import ReleveModel, VReleveList
user_2 = UserRigth(**user_low)
valide_occ_tax_releve['id_digitiser'] = 125
releveInstance = VReleveList(**valide_occ_tax_releve)
releve = releveInstance.get_releve_if_allowed(user_2)
assert isinstance(releve, VReleveList)
def test_user_is_in_dataset(self):
"""
user is not observer but can see its organism data
via rigth in dataset number 1
Must be True
"""
from occtax.backend.models import ReleveModel, VReleveList
user_hight = UserRigth(**user_admin)
valide_occ_tax_releve['id_digitiser'] = None
releveInstance = VReleveList(**valide_occ_tax_releve)
releve = releveInstance.get_releve_if_allowed(user_hight)
assert isinstance(releve, VReleveList)
def test_user_is_observers(self):
"""
user is observer of the releve
Must be True
"""
from occtax.backend.models import ReleveModel, VReleveList
user_hight = UserRigth(**user_admin)
valide_occ_tax_releve['observers'].append(user_hight)
releveInstance = VReleveList(**valide_occ_tax_releve)
releve = releveInstance.get_releve_if_allowed(user_hight)
assert isinstance(releve, VReleveList)
def releveHandler(request, *, releve, info_role):
# Test des droits d'édition du relevé
if releve.id_releve_occtax is not None:
user_cruved = get_or_fetch_user_cruved(session=session,
id_role=info_role.id_role,
module_code="OCCTAX")
# info_role.code_action = update_data_scope
user = UserRigth(
id_role=info_role.id_role,
value_filter=user_cruved["U"],
code_action="U",
id_organisme=info_role.id_organisme,
)
releve = releve.get_releve_if_allowed(user)
# fin test, si ici => c'est ok
# if creation
else:
if info_role.value_filter in ("0", "1", "2"):
# Check if user can add a releve in the current dataset
allowed = releve.user_is_in_dataset_actor(info_role)
if not allowed:
raise InsufficientRightsError(
"User {} has no right in dataset {}".format(
info_role.id_role, releve.id_dataset),
403,
)
# creation du relevé à partir du POST
releveSchema = ReleveSchema()
# Modification de la requete geojson en releve
json_req = request.get_json()
json_req["properties"]["geom_4326"] = json_req["geometry"]
# chargement des données POST et merge avec relevé initial
releve, errors = releveSchema.load(json_req["properties"], instance=releve)
if bool(errors):
raise InsufficientRightsError(
errors,
422,
)
# set id_digitiser
releve.id_digitiser = info_role.id_role
DB.session.add(releve)
DB.session.commit()
DB.session.flush()
return releve
def check_if_allowed(self, info_role, action, level_scope):
"""
Return the releve if the user is allowed
params:
info_role: object from Permission
"""
user = UserRigth(
id_role=info_role.id_role,
value_filter=level_scope,
code_action=action,
id_organisme=info_role.id_organisme,
)
if self.user_is_allowed_to(user, user.value_filter):
return self
raise Forbidden(('User "{}" cannot "{}" this current releve').format(
user.id_role, user.code_action), )
def occurrenceHandler(request, *, occurrence, info_role):
try:
releve = DB.session.query(TRelevesOccurrence).get(
occurrence.id_releve_occtax)
except Exception as e:
DB.session.rollback()
raise
if not releve:
raise InsufficientRightsError(
{"message": "not found"},
404,
)
# Test des droits d'édition du relevé si modification
if occurrence.id_occurrence_occtax is not None:
user_cruved = get_or_fetch_user_cruved(session=session,
id_role=info_role.id_role,
module_code="OCCTAX")
# info_role.code_action = update_data_scope
info_role = UserRigth(
id_role=info_role.id_role,
value_filter=user_cruved["U"],
code_action="U",
id_organisme=info_role.id_organisme,
)
releve = releve.get_releve_if_allowed(info_role)
# fin test, si ici => c'est ok
occurrenceSchema = OccurrenceSchema()
occurrence, errors = occurrenceSchema.load(request.get_json(),
instance=occurrence)
if bool(errors):
return errors, 422
DB.session.add(occurrence)
DB.session.commit()
return occurrence
def test_get_releve_cruved(self):
from occtax.backend.models import ReleveModel, VReleveOccurrence
user_hight = UserRigth(**user_admin)
releveInstance = VReleveOccurrence(**valide_occ_tax_releve)
user_cruved, herited = cruved_scope_for_user_in_module(
id_role=user_hight.id_role, module_code="OCCTAX")
cruved = {"R": "3", "E": "3", "C": "3", "V": "3", "D": "3", "U": "3"}
assert cruved == user_cruved
assert herited == True
releve_cruved = releveInstance.get_releve_cruved(user_hight, cruved)
user_releve_cruved = {
"E": True,
"V": True,
"R": True,
"D": True,
"C": True,
"U": True,
}
assert releve_cruved == user_releve_cruved
def test_get_releve_cruved(self):
from occtax.backend.models import ReleveModel, VReleveList
user_hight = UserRigth(**user_admin)
releveInstance = VReleveList(**valide_occ_tax_releve)
user_cruved, herited = cruved_scope_for_user_in_module(
id_role=user_hight.id_role, module_code='OCCTAX')
cruved = {'R': '3', 'E': '3', 'C': '3', 'V': '3', 'D': '3', 'U': '3'}
assert cruved == user_cruved
assert herited == True
releve_cruved = releveInstance.get_releve_cruved(user_hight, cruved)
user_releve_cruved = {
'E': True,
'V': True,
'R': True,
'D': True,
'C': True,
'U': True
}
assert releve_cruved == user_releve_cruved
def insertOrUpdateOneReleve(info_role):
releveRepository = ReleveRepository(TRelevesOccurrence)
data = dict(request.get_json())
occurrences_occtax = None
if "t_occurrences_occtax" in data["properties"]:
occurrences_occtax = data["properties"]["t_occurrences_occtax"]
data["properties"].pop("t_occurrences_occtax")
observersList = None
if "observers" in data["properties"]:
observersList = data["properties"]["observers"]
data["properties"].pop("observers")
# Test et suppression des propriétés inexistantes de TRelevesOccurrence
attliste = [k for k in data["properties"]]
for att in attliste:
if not getattr(TRelevesOccurrence, att, False):
data["properties"].pop(att)
releve = TRelevesOccurrence(**data["properties"])
shape = asShape(data["geometry"])
releve.geom_4326 = from_shape(shape, srid=4326)
if observersList is not None:
observers = DB.session.query(User).filter(
User.id_role.in_(observersList)).all()
for o in observers:
releve.observers.append(o)
for occ in occurrences_occtax:
cor_counting_occtax = []
if "cor_counting_occtax" in occ:
cor_counting_occtax = occ["cor_counting_occtax"]
occ.pop("cor_counting_occtax")
# Test et suppression
# des propriétés inexistantes de TOccurrencesOccurrence
attliste = [k for k in occ]
for att in attliste:
if not getattr(TOccurrencesOccurrence, att, False):
occ.pop(att)
# pop the id if None. otherwise DB.merge is not OK
if "id_occurrence_occtax" in occ and occ[
"id_occurrence_occtax"] is None:
occ.pop("id_occurrence_occtax")
occtax = TOccurrencesOccurrence(**occ)
for cnt in cor_counting_occtax:
# Test et suppression
# des propriétés inexistantes de CorCountingOccurrence
attliste = [k for k in cnt]
for att in attliste:
if not getattr(CorCountingOccurrence, att, False):
cnt.pop(att)
# pop the id if None. otherwise DB.merge is not OK
if "id_counting_occtax" in cnt and cnt[
"id_counting_occtax"] is None:
cnt.pop("id_counting_occtax")
countingOccurrence = CorCountingOccurrence(**cnt)
occtax.cor_counting_occtax.append(countingOccurrence)
releve.t_occurrences_occtax.append(occtax)
# if its a update
if releve.id_releve_occtax:
# get update right of the user
user_cruved = get_or_fetch_user_cruved(session=session,
id_role=info_role.id_role,
module_code="OCCTAX")
update_code_filter = user_cruved["U"]
# info_role.code_action = update_data_scope
user = UserRigth(
id_role=info_role.id_role,
value_filter=update_code_filter,
code_action="U",
id_organisme=info_role.id_organisme,
)
releve = releveRepository.update(releve, user, shape)
# if its a simple post
else:
# set id_digitiser
releve.id_digitiser = info_role.id_role
if info_role.value_filter in ("0", "1", "2"):
# Check if user can add a releve in the current dataset
allowed = releve.user_is_in_dataset_actor(info_role)
if not allowed:
raise InsufficientRightsError(
"User {} has no right in dataset {}".format(
info_role.id_role, releve.id_dataset),
403,
)
DB.session.add(releve)
DB.session.commit()
DB.session.flush()
return releve.get_geofeature()
def insertOrUpdateOneReleve(info_role):
"""
Route utilisée depuis l'appli mobile => depreciée et non utilisée par l'appli web
Post one Occtax data (Releve + Occurrence + Counting)
.. :quickref: Occtax; Post one Occtax data (Releve + Occurrence + Counting)
**Request JSON object:**
.. sourcecode:: http
{
"geometry":
{"type":"Point",
"coordinates":[0.9008789062500001,47.14489748555398]},
"properties":
{
"id_releve_occtax":null,"id_dataset":1,"id_digitiser":1,"date_min":"2019-05-09","date_max":"2019-05-09","hour_min":null,"hour_max":null,"altitude_min":null,"altitude_max":null,"meta_device_entry":"web","comment":null,"id_nomenclature_obs_technique":316,"observers":[1],"observers_txt":null,"id_nomenclature_grp_typ":132,
"t_occurrences_occtax":[{
"id_releve_occtax":null,"id_occurrence_occtax":null,"id_nomenclature_obs_technique":41,"id_nomenclature_bio_condition":157,"id_nomenclature_bio_status":29,"id_nomenclature_naturalness":160,"id_nomenclature_exist_proof":81,"id_nomenclature_observation_status":88,"id_nomenclature_blurring":175,"id_nomenclature_source_status":75,"determiner":null,"id_nomenclature_determination_method":445,"cd_nom":67111,"nom_cite":"Ablette = <i> Alburnus alburnus (Linnaeus, 1758)</i> - [ES - 67111]","meta_v_taxref":null,"sample_number_proof":null,"comment":null,
"cor_counting_occtax":[{
"id_counting_occtax":null,"id_nomenclature_life_stage":1,"id_nomenclature_sex":171,"id_nomenclature_obj_count":146,"id_nomenclature_type_count":94,"id_occurrence_occtax":null,"count_min":1,"count_max":1
}]
}]
}
}
:returns: GeoJson<TRelevesOccurrence>
"""
releveRepository = ReleveRepository(TRelevesOccurrence)
data = dict(request.get_json())
occurrences_occtax = None
if "t_occurrences_occtax" in data["properties"]:
occurrences_occtax = data["properties"]["t_occurrences_occtax"]
data["properties"].pop("t_occurrences_occtax")
observersList = None
if "observers" in data["properties"]:
observersList = data["properties"]["observers"]
data["properties"].pop("observers")
# Test et suppression des propriétés inexistantes de TRelevesOccurrence
attliste = [k for k in data["properties"]]
for att in attliste:
if not getattr(TRelevesOccurrence, att, False):
data["properties"].pop(att)
releve = TRelevesOccurrence(**data["properties"])
shape = asShape(data["geometry"])
two_dimension_geom = remove_third_dimension(shape)
releve.geom_4326 = from_shape(two_dimension_geom, srid=4326)
if observersList is not None:
observers = DB.session.query(User).filter(User.id_role.in_(observersList)).all()
for o in observers:
releve.observers.append(o)
for occ in occurrences_occtax:
cor_counting_occtax = []
if "cor_counting_occtax" in occ:
cor_counting_occtax = occ["cor_counting_occtax"]
occ.pop("cor_counting_occtax")
# Test et suppression
# des propriétés inexistantes de TOccurrencesOccurrence
attliste = [k for k in occ]
for att in attliste:
if not getattr(TOccurrencesOccurrence, att, False):
occ.pop(att)
# pop the id if None. otherwise DB.merge is not OK
if "id_occurrence_occtax" in occ and occ["id_occurrence_occtax"] is None:
occ.pop("id_occurrence_occtax")
occtax = TOccurrencesOccurrence(**occ)
for cnt in cor_counting_occtax:
# Test et suppression
# des propriétés inexistantes de CorCountingOccurrence
attliste = [k for k in cnt]
for att in attliste:
if not getattr(CorCountingOccurrence, att, False):
cnt.pop(att)
# pop the id if None. otherwise DB.merge is not OK
if "id_counting_occtax" in cnt and cnt["id_counting_occtax"] is None:
cnt.pop("id_counting_occtax")
countingOccurrence = CorCountingOccurrence(**cnt)
occtax.cor_counting_occtax.append(countingOccurrence)
releve.t_occurrences_occtax.append(occtax)
# if its a update
if releve.id_releve_occtax:
# get update right of the user
user_cruved = get_or_fetch_user_cruved(
session=session, id_role=info_role.id_role, module_code="OCCTAX"
)
update_code_filter = user_cruved["U"]
# info_role.code_action = update_data_scope
user = UserRigth(
id_role=info_role.id_role,
value_filter=update_code_filter,
code_action="U",
id_organisme=info_role.id_organisme,
)
releve = releveRepository.update(releve, user, shape)
# if its a simple post
else:
# set id_digitiser
releve.id_digitiser = info_role.id_role
if info_role.value_filter in ("0", "1", "2"):
# Check if user can add a releve in the current dataset
allowed = releve.user_is_in_dataset_actor(info_role)
if not allowed:
raise InsufficientRightsError(
"User {} has no right in dataset {}".format(
info_role.id_role, releve.id_dataset
),
403,
)
DB.session.add(releve)
DB.session.commit()
DB.session.flush()
return releve.get_geofeature()
def insertOrUpdateOneReleve(info_role):
releveRepository = ReleveRepository(TRelevesOccurrence)
data = dict(request.get_json())
if 't_occurrences_occtax' in data['properties']:
occurrences_occtax = data['properties']['t_occurrences_occtax']
data['properties'].pop('t_occurrences_occtax')
if 'observers' in data['properties']:
observersList = data['properties']['observers']
data['properties'].pop('observers')
# Test et suppression des propriétés inexistantes de TRelevesOccurrence
attliste = [k for k in data['properties']]
for att in attliste:
if not getattr(TRelevesOccurrence, att, False):
data['properties'].pop(att)
# set id_digitiser
data['properties']['id_digitiser'] = info_role.id_role
releve = TRelevesOccurrence(**data['properties'])
shape = asShape(data['geometry'])
releve.geom_4326 = from_shape(shape, srid=4326)
if observersList is not None:
observers = DB.session.query(TRoles).\
filter(TRoles.id_role.in_(observersList)).all()
for o in observers:
releve.observers.append(o)
for occ in occurrences_occtax:
cor_counting_occtax = []
if occ['cor_counting_occtax']:
cor_counting_occtax = occ['cor_counting_occtax']
occ.pop('cor_counting_occtax')
# Test et suppression
# des propriétés inexistantes de TOccurrencesOccurrence
attliste = [k for k in occ]
for att in attliste:
if not getattr(TOccurrencesOccurrence, att, False):
occ.pop(att)
occtax = TOccurrencesOccurrence(**occ)
for cnt in cor_counting_occtax:
# Test et suppression
# des propriétés inexistantes de CorCountingOccurrence
attliste = [k for k in cnt]
for att in attliste:
if not getattr(CorCountingOccurrence, att, False):
cnt.pop(att)
countingOccurrence = CorCountingOccurrence(**cnt)
occtax.cor_counting_occtax.append(countingOccurrence)
releve.t_occurrences_occtax.append(occtax)
if releve.id_releve_occtax:
# get update right of the user
user_cruved = get_or_fetch_user_cruved(
session=session,
id_role=info_role.id_role,
id_application=ID_MODULE,
id_application_parent=current_app.
config['ID_APPLICATION_GEONATURE'])
update_data_scope = user_cruved['U']
# info_role.tag_object_code = update_data_scope
user = UserRigth(id_role=info_role.id_role,
tag_object_code=update_data_scope,
tag_action_code="U",
id_organisme=info_role.id_organisme)
releve = releveRepository.update(releve, user, shape)
else:
if info_role.tag_object_code in ('0', '1', '2'):
# Check if user can add a releve in the current dataset
allowed = releve.user_is_in_dataset_actor(info_role)
if not allowed:
raise InsufficientRightsError(
'User {} has no right in dataset {}'.format(
info_role.id_role, releve.id_dataset), 403)
DB.session.add(releve)
DB.session.commit()
DB.session.flush()
return releve.get_geofeature()