def validate_reset_request(request):
if 'email' not in request.get_json():
errors = ApiErrors()
errors.add_error('email', 'L\'email est manquant')
raise errors
if not request.get_json()['email']:
errors = ApiErrors()
errors.add_error('email', 'L\'email renseigné est vide')
raise errors
def validate_new_password_request(request):
if 'token' not in request.get_json():
errors = ApiErrors()
errors.add_error(
'token', 'Votre lien de changement de mot de passe est invalide.')
raise errors
if 'newPassword' not in request.get_json():
errors = ApiErrors()
errors.add_error('newPassword',
'Vous devez renseigner un nouveau mot de passe.')
raise errors
def check_valid_edition(request, venue):
managing_offerer_id = request.json.get('managingOffererId')
siret = request.json.get('siret')
if managing_offerer_id:
errors = ApiErrors()
errors.add_error('managingOffererId',
'Vous ne pouvez pas changer la structure d\'un lieu')
raise errors
if siret and venue.siret and siret != venue.siret:
errors = ApiErrors()
errors.add_error('siret',
'Vous ne pouvez pas modifier le siret d\'un lieu')
raise errors
def check_dates_are_allowed_on_new_stock(request_data: dict, offer: Offer):
if offer.isThing:
_forbid_dates_on_stock_for_thing_offer(request_data)
else:
if request_data.get('endDatetime', None) is None:
raise ApiErrors({'endDatetime': ['Ce paramètre est obligatoire']})
if request_data.get('beginningDatetime', None) is None:
raise ApiErrors(
{'beginningDatetime': ['Ce paramètre est obligatoire']})
if request_data.get('bookingLimitDatetime', None) is None:
raise ApiErrors(
{'bookingLimitDatetime': ['Ce paramètre est obligatoire']})
def _check_sirens(sirens: []) -> bool:
if not type(sirens) == []:
api_errors = ApiErrors()
api_errors.add_error(
'sirens',
'sirens is a list of 9 digits : ["123456789", "789654123"]')
for siren in sirens:
if not re.search(r'^(\d){9}$', siren):
api_errors = ApiErrors()
api_errors.add_error(
'sirens',
'sirens is a list of 9 digits : ["123456789", "789654123"]')
raise api_errors
return True
def get_bookings_csv():
only_digital_venues = request.args.get('onlyDigitalVenues', False)
try:
venue_id = dehumanize(request.args.get('venueId', None))
offer_id = dehumanize(request.args.get('offerId', None))
except ValueError:
errors = ApiErrors()
errors.add_error('global', 'Les identifiants sont incorrects')
errors.status_code = 400
raise errors
try:
if request.args.get('dateFrom', None):
date_from = dateutil.parser.parse(request.args.get('dateFrom'))
else:
date_from = None
if request.args.get('dateTo', None):
date_to = dateutil.parser.parse(request.args.get('dateTo'))
else:
date_to = None
except ValueError:
errors = ApiErrors()
errors.add_error('global', 'Les dates sont incorrectes')
errors.status_code = 400
raise errors
check_rights_to_get_bookings_csv(current_user, venue_id, offer_id)
query = filter_query_where_user_is_user_offerer_and_is_validated(
Offerer.query, current_user)
if only_digital_venues:
bookings = chain(*list(
map(
lambda offerer: find_all_digital_bookings_for_offerer(
offerer.id, offer_id, date_from, date_to), query)))
else:
bookings = chain(*list(
map(
lambda offerer: find_all_offerer_bookings(
offerer.id, venue_id, offer_id, date_from, date_to),
query)))
bookings_csv = generate_bookings_details_csv(bookings)
return bookings_csv.encode('utf-8-sig'), \
200, \
{'Content-type': 'text/csv; charset=utf-8;',
'Content-Disposition': 'attachment; filename=reservations_pass_culture.csv'}
def _forbid_dates_on_stock_for_thing_offer(request_data):
if 'beginningDatetime' in request_data or 'endDatetime' in request_data:
raise ApiErrors({
'global': [
'Impossible de mettre des dates de début et fin si l\'offre ne porte pas sur un évenement'
]
})
def check_already_booked(user_bookings):
already_booked = len(user_bookings) > 0
if already_booked:
api_errors = ApiErrors()
api_errors.add_error(
'stockId', "Cette offre a déja été reservée par l'utilisateur")
raise api_errors
def check_can_book_free_offer(stock, user):
if not user.canBookFreeOffers and stock.price == 0:
api_errors = ApiErrors()
api_errors.add_error(
'cannotBookFreeOffers',
'Votre compte ne vous permet pas de faire de réservation.')
raise api_errors
def check_booking_quantity_limit(quantity):
if quantity > 1:
api_errors = ApiErrors()
api_errors.add_error(
'quantity',
"Vous ne pouvez pas réserver plus d'une offre à la fois")
raise api_errors
def _check_date_format(date: str) -> bool:
if re.search(r'^(\d){4}-(\d){2}-(\d){2}$', date):
return True
api_errors = ApiErrors()
api_errors.add_error('date_format',
'to_date and from_date are of type yyyy-mm-dd')
raise api_errors
def _check_zip_codes_list(zip_codes_list: []) -> bool:
if not type(zip_codes_list) == []:
api_errors = ApiErrors()
api_errors.add_error(
'zip_codes',
'zip_codes is a list of type xxxxx (5 digits, ex: 78140 ou 2a000) : \
["78140", "69007"]')
for zip_code in zip_codes_list:
if not re.search(r'^(\d){5}$|^2{1}(a|b|A|B)(\d){3}$', zip_code):
api_errors = ApiErrors()
api_errors.add_error(
'zip_codes',
'zip_codes is a list of type xxxxx (5 digits, ex: 78140 ou 2a000) : \
["78140", "69007"]')
raise api_errors
return True
def patch_booking(booking_id):
is_cancelled = request.json.get('isCancelled')
if is_cancelled is not True:
api_errors = ApiErrors()
api_errors.add_error(
'isCancelled',
"Vous pouvez seulement changer l'état isCancelled à vrai")
raise api_errors
booking = booking_queries.find_by_id(dehumanize(booking_id))
is_user_cancellation = booking.user == current_user
check_booking_is_cancellable(booking, is_user_cancellation)
booking_offerer = booking.stock.resolvedOffer.venue.managingOffererId
is_offerer_cancellation = current_user.hasRights(RightsType.editor,
booking_offerer)
if not is_user_cancellation and not is_offerer_cancellation:
return "Vous n'avez pas le droit d'annuler cette réservation", 403
booking.isCancelled = True
PcObject.save(booking)
try:
send_cancellation_emails_to_user_and_offerer(booking,
is_offerer_cancellation,
is_user_cancellation,
send_raw_email)
except MailServiceException as e:
app.logger.error('Mail service failure', e)
return jsonify(
as_dict(booking, includes=WEBAPP_PATCH_POST_BOOKING_INCLUDES)), 200
def _check_is_active_param(is_active) -> bool:
if type(is_active) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error('is_active',
'is_active is a boolean, it accepts True or False')
raise api_errors
def when_api_error_raise_from_payload_validation(
self, validate_new_venue_provider_information, app):
# given
api_errors = ApiErrors()
api_errors.status_code = 400
api_errors.add_error('errors', 'error received')
validate_new_venue_provider_information.side_effect = api_errors
user = create_user(is_admin=True, can_book_free_offers=False)
PcObject.save(user)
auth_request = TestClient(app.test_client()) \
.with_auth(email=user.email)
venue_provider_data = {
'providerId': 'B9',
'venueId': 'B9',
'venueIdAtOfferProvider': '77567146400110'
}
# when
response = auth_request.post('/venueProviders',
json=venue_provider_data)
# then
assert response.status_code == 400
assert ['error received'] == response.json['errors']
def _check_dpts_list(dpts_list: []) -> bool:
if not type(dpts_list) == []:
api_errors = ApiErrors()
api_errors.add_error(
'dpts',
'dpts is a list of type xx or xxx (2 or 3 digits), or 2A, or 2B :\
["34", "37"]')
for dpts in dpts_list:
if not re.search(r'^(\d){2}$|^2{1}(a|b|A|B)$|^(\d){3}$', dpts):
api_errors = ApiErrors()
api_errors.add_error(
'dpts',
'dpts is a list of type xx or xxx (2 or 3 digits), or 2A, or 2B :\
["34", "37"]')
raise api_errors
return True
def _check_has_siren_param(has_siren) -> bool:
if type(has_siren) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error('has_siren',
'has_siren is a boolean, it accepts True or False')
raise api_errors
def _check_is_validated_param(is_validated) -> bool:
if type(is_validated) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'is_validated', 'is_validated is a boolean, it accepts True or False')
raise api_errors
def _check_is_virtual_param(is_virtual) -> bool:
if type(is_virtual) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error('is_virtual',
'is_virtual is a boolean, it accepts True or False')
raise api_errors
def check_user_is_logged_in_or_email_is_provided(user, email):
if not (user.is_authenticated or email):
api_errors = ApiErrors()
api_errors.add_error(
'email',
'Vous devez préciser l\'email de l\'utilisateur quand vous n\'êtes pas connecté(e)'
)
raise api_errors
def check_stock_venue_is_validated(stock):
if not stock.resolvedOffer.venue.isValidated:
api_errors = ApiErrors()
api_errors.add_error(
'stockId',
'Vous ne pouvez pas encore réserver cette offre, son lieu est en attente de validation'
)
raise api_errors
def _check_has_validated_venue_param(has_validated_venue) -> bool:
if type(has_validated_venue) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_validated_venue',
'has_validated_venue is a boolean, it accepts True or False')
raise api_errors
def check_valid_edition(data):
invalid_fields_for_patch = set(data.keys()).difference(
{'iban', 'bic', 'isActive'})
if invalid_fields_for_patch:
api_errors = ApiErrors()
for key in invalid_fields_for_patch:
api_errors.add_error(key, 'Vous ne pouvez pas modifier ce champ')
raise api_errors
def check_reset_token_validity(user):
if datetime.utcnow() > user.resetPasswordTokenValidityLimit:
errors = ApiErrors()
errors.add_error(
'token',
'Votre lien de changement de mot de passe est périmé. Veuillez effectuer une nouvelle demande.'
)
raise errors
def _check_has_venue_with_siret_param(has_venue_with_siret) -> bool:
if type(has_venue_with_siret) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_venue_with_siret',
'has_venue_with_siret is a boolean, it accepts True or False')
raise api_errors
def _validate_existing_provider(provider_id: str):
provider = find_provider_by_id(provider_id)
is_provider_available_for_pro_usage = provider and provider.isActive and provider.enabledForPro
if not is_provider_available_for_pro_usage:
errors = ApiErrors()
errors.status_code = 400
errors.add_error('provider', "Cette source n'est pas disponible")
raise errors
def _get_email_index_in_spreadsheet_or_error(authorized_emails):
try:
email_index = authorized_emails.index(request.json['email'])
except ValueError:
e = ApiErrors()
e.add_error('email', "Adresse non autorisée pour l'expérimentation")
raise e
return email_index
def check_offer_date(stock):
stock_has_expired = stock.beginningDatetime is not None and stock.beginningDatetime < datetime.utcnow(
)
if stock_has_expired:
api_errors = ApiErrors()
api_errors.add_error(
'date', "Cette offre n'est plus valable car sa date est passée")
raise api_errors
def _validate_existing_venue_provider(provider_id: int, venue_id: int, venue_id_at_offer_provider: str):
is_existing_venue_provider = find_venue_provider(provider_id,
venue_id,
venue_id_at_offer_provider)
if is_existing_venue_provider:
errors = ApiErrors()
errors.status_code = 400
errors.add_error('venueProvider', "Votre lieu est déjà lié à cette source")
raise errors
def _check_has_validated_user_offerer_param(
has_validated_user_offerer) -> bool:
if type(has_validated_user_offerer) == bool:
return True
api_errors = ApiErrors()
api_errors.add_error(
'has_validated_user_offerer',
'has_validated_user_offerer is a boolean, it accepts True or False')
raise api_errors