def _check_has_validated_venue_param(has_validated_venue) -> bool: if type(has_validated_venue) == bool: return True api_errors = ApiErrors() api_errors.add_error( 'has_validated_venue', 'has_validated_venue is a boolean, it accepts True or False') raise api_errors
def _check_has_offerer_with_siren_param(has_offerer_with_siren) -> bool: if type(has_offerer_with_siren) == bool: return True api_errors = ApiErrors() api_errors.add_error( 'has_offerer_with_siren', 'has_offerer_with_siren is a boolean, it accepts True or False') raise api_errors
def _get_email_index_in_spreadsheet_or_error(authorized_emails): try: email_index = authorized_emails.index(request.json['email']) except ValueError: e = ApiErrors() e.add_error('email', "Adresse non autorisée pour l'expérimentation") raise e return email_index
def check_reset_token_validity(user): if datetime.utcnow() > user.resetPasswordTokenValidityLimit: errors = ApiErrors() errors.add_error( 'token', 'Votre lien de changement de mot de passe est périmé. Veuillez effectuer une nouvelle demande.' ) raise errors
def check_valid_edition(data): invalid_fields_for_patch = set(data.keys()).difference( {'iban', 'bic', 'isActive'}) if invalid_fields_for_patch: api_errors = ApiErrors() for key in invalid_fields_for_patch: api_errors.add_error(key, 'Vous ne pouvez pas modifier ce champ') raise api_errors
def _check_has_venue_with_siret_param(has_venue_with_siret) -> bool: if type(has_venue_with_siret) == bool: return True api_errors = ApiErrors() api_errors.add_error( 'has_venue_with_siret', 'has_venue_with_siret is a boolean, it accepts True or False') raise api_errors
def check_stock_venue_is_validated(stock): if not stock.resolvedOffer.venue.isValidated: api_errors = ApiErrors() api_errors.add_error( 'stockId', 'Vous ne pouvez pas encore réserver cette offre, son lieu est en attente de validation' ) raise api_errors
def _check_has_bank_information_param(has_bank_information) -> bool: if type(has_bank_information) == bool: return True api_errors = ApiErrors() api_errors.add_error( 'has_bank_information', 'has_bank_information is a boolean, it accepts True or False') raise api_errors
def check_user_is_logged_in_or_email_is_provided(user, email): if not (user.is_authenticated or email): api_errors = ApiErrors() api_errors.add_error( 'email', 'Vous devez préciser l\'email de l\'utilisateur quand vous n\'êtes pas connecté(e)' ) raise api_errors
def _validate_existing_venue_provider(provider_id: int, venue_id: int, venue_id_at_offer_provider: str): is_existing_venue_provider = find_venue_provider(provider_id, venue_id, venue_id_at_offer_provider) if is_existing_venue_provider: errors = ApiErrors() errors.status_code = 400 errors.add_error('venueProvider', "Votre lieu est déjà lié à cette source") raise errors
def check_offer_date(stock): stock_has_expired = stock.beginningDatetime is not None and stock.beginningDatetime < datetime.utcnow( ) if stock_has_expired: api_errors = ApiErrors() api_errors.add_error( 'date', "Cette offre n'est plus valable car sa date est passée") raise api_errors
def _check_has_validated_user_offerer_param( has_validated_user_offerer) -> bool: if type(has_validated_user_offerer) == bool: return True api_errors = ApiErrors() api_errors.add_error( 'has_validated_user_offerer', 'has_validated_user_offerer is a boolean, it accepts True or False') raise api_errors
def _check_offer_status_param(offer_status: str) -> bool: valid_param = ['ALL', 'VALID', 'WITHOUT', 'EXPIRED'] for elem in valid_param: if offer_status == elem: return True api_errors = ApiErrors() api_errors.add_error( 'offer_status', 'offer_status accepte ALL ou VALID ou WITHOUT ou EXPIRED') raise api_errors
def check_stock_booking_limit_date(stock): stock_has_expired = stock.bookingLimitDatetime is not None and stock.bookingLimitDatetime < datetime.utcnow( ) if stock_has_expired: api_errors = ApiErrors() api_errors.add_error( 'global', 'La date limite de réservation de cette offre est dépassée') raise api_errors
def check_offer_is_active(stock): soft_deleted_stock = stock.isSoftDeleted inactive_offerer = not stock.resolvedOffer.venue.managingOfferer.isActive inactive_offer = not stock.resolvedOffer.isActive if soft_deleted_stock or inactive_offerer or inactive_offer: api_errors = ApiErrors() api_errors.add_error( 'stockId', "Cette offre a été retirée. Elle n'est plus valable.") raise api_errors
def save_venue(venue): try: PcObject.save(venue) except TooManyVirtualVenuesException: errors = ApiErrors() errors.add_error( 'isVirtual', 'Un lieu pour les offres numériques existe déjà pour cette structure' ) raise errors
def check_user_can_validate_bookings(self, offerer_id): if self.is_authenticated: if self.hasRights(RightsType.editor, offerer_id): return True else: api_errors = ApiErrors() api_errors.add_error('global', 'Cette contremarque n\'a pas été trouvée') raise api_errors else: return False
def _get_departement_code_when_authorized_or_error(authorized_emails, departement_codes): email_index = _get_email_index_in_spreadsheet_or_error(authorized_emails) departement_code = departement_codes[email_index] if departement_code.strip() == '': logger.error( "[ERROR] Missing departement code in users spreadsheet for " + request.json['email']) e = ApiErrors() e.add_error('email', "Adresse non autorisée pour l'expérimentation") raise e return departement_code
def check_valid_signin(identifier: str, password: str): errors = ApiErrors() errors.status_code = 401 if identifier is None: errors.add_error('identifier', 'Identifiant manquant') if password is None: errors.add_error('password', 'Mot de passe manquant') errors.maybe_raise()
def check_dates_are_allowed_on_new_stock(request_data: dict, offer: Offer): if offer.isThing: _forbid_dates_on_stock_for_thing_offer(request_data) else: if request_data.get('endDatetime', None) is None: raise ApiErrors({'endDatetime': ['Ce paramètre est obligatoire']}) if request_data.get('beginningDatetime', None) is None: raise ApiErrors( {'beginningDatetime': ['Ce paramètre est obligatoire']}) if request_data.get('bookingLimitDatetime', None) is None: raise ApiErrors( {'bookingLimitDatetime': ['Ce paramètre est obligatoire']})
def parse_boolean_param_validated(request): validated = request.args.get('validated') only_validated_offerers = True if validated: if validated.lower() in ('true', 'false'): only_validated_offerers = validated.lower() == 'true' else: errors = ApiErrors() errors.add_error( 'validated', 'Le paramètre \'validated\' doit être \'true\' ou \'false\'') raise errors return only_validated_offerers
def get_bookings_csv(): only_digital_venues = request.args.get('onlyDigitalVenues', False) try: venue_id = dehumanize(request.args.get('venueId', None)) offer_id = dehumanize(request.args.get('offerId', None)) except ValueError: errors = ApiErrors() errors.add_error('global', 'Les identifiants sont incorrects') errors.status_code = 400 raise errors try: if request.args.get('dateFrom', None): date_from = dateutil.parser.parse(request.args.get('dateFrom')) else: date_from = None if request.args.get('dateTo', None): date_to = dateutil.parser.parse(request.args.get('dateTo')) else: date_to = None except ValueError: errors = ApiErrors() errors.add_error('global', 'Les dates sont incorrectes') errors.status_code = 400 raise errors check_rights_to_get_bookings_csv(current_user, venue_id, offer_id) query = filter_query_where_user_is_user_offerer_and_is_validated( Offerer.query, current_user) if only_digital_venues: bookings = chain(*list( map( lambda offerer: find_all_digital_bookings_for_offerer( offerer.id, offer_id, date_from, date_to), query))) else: bookings = chain(*list( map( lambda offerer: find_all_offerer_bookings( offerer.id, venue_id, offer_id, date_from, date_to), query))) bookings_csv = generate_bookings_details_csv(bookings) return bookings_csv.encode('utf-8-sig'), \ 200, \ {'Content-type': 'text/csv; charset=utf-8;', 'Content-Disposition': 'attachment; filename=reservations_pass_culture.csv'}
def _forbid_dates_on_stock_for_thing_offer(request_data): if 'beginningDatetime' in request_data or 'endDatetime' in request_data: raise ApiErrors({ 'global': [ 'Impossible de mettre des dates de début et fin si l\'offre ne porte pas sur un évenement' ] })
def post_new_password(): validate_new_password_request(request) token = request.get_json()['token'] new_password = request.get_json()['newPassword'] user = find_user_by_reset_password_token(token) if not user: errors = ApiErrors() errors.add_error('token', 'Votre lien de changement de mot de passe est invalide.') raise errors check_reset_token_validity(user) check_password_strength('newPassword', new_password) user.setPassword(new_password) PcObject.save(user) return '', 204
def validate_reset_request(request): if 'email' not in request.get_json(): errors = ApiErrors() errors.add_error('email', 'L\'email est manquant') raise errors if not request.get_json()['email']: errors = ApiErrors() errors.add_error('email', 'L\'email renseigné est vide') raise errors
def check_allowed_changes_for_user(data): changes_allowed = { 'culturalSurveyId', 'departementCode', 'email', 'needsToFillCulturalSurvey', 'phoneNumber', 'postalCode', 'publicName', } changes_asked = set(data) api_errors = ApiErrors() changes_not_allowed = changes_asked.difference(changes_allowed) if changes_not_allowed: for change in changes_not_allowed: api_errors.add_error( change, 'Vous ne pouvez pas changer cette information') raise api_errors
def validate(): token = request.args.get('token') check_validation_request(token) model_names = request.args.get('modelNames') if model_names is None: e = ApiErrors() e.add_error('modelNames', 'Vous devez fournir des noms de classes') return jsonify(e.errors), 400 model_names = model_names.split(',') objects_to_validate = [] for model_name in model_names: query = getattr(models, model_name) \ .query \ .filter_by(validationToken=token) objects_to_validate += query.all() if len(objects_to_validate) == 0: return "Aucun(e) objet ne correspond à ce code de validation" \ + " ou l'objet est déjà validé", \ 404 for obj in objects_to_validate: obj.validationToken = None PcObject.save(*objects_to_validate) user_offerers = iter( [obj for obj in objects_to_validate if isinstance(obj, UserOfferer)]) user_offerer = next(user_offerers, None) offerers = iter( [obj for obj in objects_to_validate if isinstance(obj, Offerer)]) offerer = next(offerers, None) try: send_validation_confirmation_email(user_offerer, offerer, send_raw_email) except MailServiceException as e: app.logger.error('Mail service failure', e) return "Validation effectuée", 202
def check_thumb_in_request(files, form): missing_image_error = ApiErrors( {'thumb': ["Vous devez fournir une image d'accroche"]}) if 'thumb' in files: if files['thumb'].filename == '': raise missing_image_error elif 'thumbUrl' not in form: raise missing_image_error
def validate_new_password_request(request): if 'token' not in request.get_json(): errors = ApiErrors() errors.add_error( 'token', 'Votre lien de changement de mot de passe est invalide.') raise errors if 'newPassword' not in request.get_json(): errors = ApiErrors() errors.add_error('newPassword', 'Vous devez renseigner un nouveau mot de passe.') raise errors
def get_recommendation_search_params(request_args: dict) -> dict: search_params = {} api_errors = ApiErrors() if 'page' in request_args and request_args['page']: search_params['page'] = int(request_args['page']) if 'keywords' in request_args and request_args['keywords']: search_params['keywords_string'] = request_args['keywords'] if 'categories' in request_args and request_args['categories']: type_sublabels = request_args['categories'] search_params[ 'type_values'] = get_event_or_thing_type_values_from_sublabels( type_sublabels) if 'date' in request_args and request_args['date']: date = dateutil.parser.parse(request_args['date']) search_params['days_intervals'] = [[ date, date + timedelta(days=int(1)) ]] if 'days' in request_args and request_args['days']: date = dateutil.parser.parse(request_args['date']) days_intervals = request_args['days'].split(',') search_params['days_intervals'] = [[ date + timedelta(days=int(day)) for day in days.split('-') ] for days in days_intervals] if 'latitude' in request_args and request_args['latitude']: search_params['latitude'] = float(request_args['latitude']) if 'longitude' in request_args and request_args['longitude']: search_params['longitude'] = float(request_args['longitude']) if 'distance' in request_args and request_args['distance']: if not request_args['distance'].isdigit(): api_errors.add_error('distance', 'cela doit etre un nombre') raise api_errors search_params['max_distance'] = float(request_args['distance']) return search_params