Exemple #1
0
def handle_error(error):
    """Generically handle error messages with custom messages"""

    # Handle exceptions that are not Internal Server Errors
    if not isinstance(error, HTTPException):
        error = InternalServerError()  # pragma: no cover

    error.custom_message = custom_error_messages.get(error.code, error.description)
    return render_template("errors.html", error=error), error.code
Exemple #2
0
def _wsgi(e, environ, start_response):
    '''Wraps the given exception ``e`` in a WSGI application and calls it
    with the given ``environ`` and ``start_response``.
    
    If the exception is a subclass of ``HTTPException`` it will be used
    as-is; otherwise its message gets extracted and wrapped in an
    ``InternalServerError``.'''
    if not isinstance(e, HTTPException):
        logging.getLogger('modulo').debug('Creating InternalServerError')
        e = InternalServerError(e.message)
    return e.get_response(environ)(environ, start_response)
Exemple #3
0
def publish(request, mount):
    model = resolve_model(request, mount)
    try:
        return resolve_response(request, model)
    except HTTPException as e:
        return e.get_response(request.environ)
    except (SystemExit, KeyboardInterrupt) as e:
        raise
    except:
        print_exc(file=sys.stderr)
        e = InternalServerError()
        return e.get_response(request.environ)
Exemple #4
0
def enroll(username, friend_id):
    error = InternalServerError()
    error.type = 'enroll'
    
    if len(friend_id) != 14 or not friend_id.isnumeric()\
                            or not friend_id.startswith('2440'):
        error.msg = 'err_enroll_friend_id_knit'
        raise error
    if len(username) <= 2:
        error.msg = 'err_username_too_short'
        raise error
        
    friend_id = int(friend_id)
    query = database.User.filter(or_(
        database.User.friend_id == int(friend_id),
        database.User.alias.contains(username)))
    if query.count() > 0:
        user = query.first()
        if user.friend_id == friend_id:
            error.msg = 'err_enroll_duplicated_friend_id'
        elif user.alias == username:
            error.msg = 'err_enroll_duplicated_alias'
        else:
            error.msg = 'err_enroll_duplicate' # available?
        raise error

    database.session.add(database.User(friend_id, username))
    database.session.add(database.UserRequest(friend_id))
    return render_template('enroll.html', username=username)
Exemple #5
0
def request_music(username, music_key):
    if music_key.isnumeric():
        music_id = int(music_key)
    else:
        music_id = Music.by_keyword(music_key, g.lang)
    args = dependency.build(check_user)
    user = args['user']
    try:
        database.MusicRequest.by(friend_id=user.friend_id)
        e = InternalServerError()
        e.type = 'request'
        e.title = 'err_request_denied'
        e.msg = 'err_request_duplicated'
        raise e
    except:
        pass
    database.session.add(database.MusicRequest(user.friend_id, music_id))
    return render_templace('request.html', **args)
Exemple #6
0
    def parse_response(self, res):
        e = InternalServerError("Call returned an invalid value")
        e.remote = True

        is_empty = res.text == ""
        if ((self.response_must_be_empty == True and not is_empty) or
                (is_empty and self.response_can_be_empty == False)):
            raise e

        r = {
            'code': res.status_code,
            'headers': res.headers
        }

        if self.json_response:
            try:
                r['json'] = string_to_json(res.text)
            except ValueError:
                raise e
        else:
            r['data'] = res.text

        if r['code'] not in self.acceptable_response_codes:
            message = None
            if 'json' in r and r['json'] and type(r['json'].datum) == dict:
                if r['json'].datum.get('is_validation_error', False):
                    raise ValidationError(r['json'].datum.get('error', ''))
                if 'error' in r['json'].datum:
                    message = r['json'].datum['error']
            try:
                abort(r['code'], message)
            except Exception as e:
                # Flag the exception to specify that it came from a remote
                # API. If this exception bubbles up to the web layer, a
                # generic 500 response will be returned
                e.remote = True
                raise
        return r
Exemple #7
0
def errorhandler(e):
    """Handle error"""
    if not isinstance(e, HTTPException):
        e = InternalServerError()
    return apology(e.name, e.code)
Exemple #8
0
    def run_wsgi(self):
        if self.headers.get('Expect', '').lower().strip() == '100-continue':
            self.wfile.write(b'HTTP/1.1 100 Continue\r\n\r\n')

        self.environ = environ = self.make_environ()
        headers_set = []
        headers_sent = []

        def write(data):
            assert headers_set, 'write() before start_response'
            if not headers_sent:
                status, response_headers = headers_sent[:] = headers_set
                try:
                    code, msg = status.split(None, 1)
                except ValueError:
                    code, msg = status, ""
                self.send_response(int(code), msg)
                header_keys = set()
                for key, value in response_headers:
                    self.send_header(key, value)
                    key = key.lower()
                    header_keys.add(key)
                if 'content-length' not in header_keys:
                    self.close_connection = True
                    self.send_header('Connection', 'close')
                if 'server' not in header_keys:
                    self.send_header('Server', self.version_string())
                if 'date' not in header_keys:
                    self.send_header('Date', self.date_time_string())
                self.end_headers()

            assert isinstance(data, bytes), 'applications must write bytes'
            self.wfile.write(data)
            self.wfile.flush()

        def start_response(status, response_headers, exc_info=None):
            if exc_info:
                try:
                    if headers_sent:
                        reraise(*exc_info)
                finally:
                    exc_info = None
            elif headers_set:
                raise AssertionError('Headers already set')
            headers_set[:] = [status, response_headers]
            return write

        def execute(app):
            application_iter = app(environ, start_response)
            try:
                for data in application_iter:
                    write(data)
                if not headers_sent:
                    write(b'')
            finally:
                if hasattr(application_iter, 'close'):
                    application_iter.close()
                application_iter = None

        try:
            execute(self.server.app)
        except (socket.error, socket.timeout) as e:
            self.connection_dropped(e, environ)
        except Exception:
            if self.server.passthrough_errors:
                raise
            from werkzeug.debug.tbtools import get_current_traceback
            traceback = get_current_traceback(ignore_system_exceptions=True)
            try:
                # if we haven't yet sent the headers but they are set
                # we roll back to be able to set them again.
                if not headers_sent:
                    del headers_set[:]
                execute(InternalServerError())
            except Exception:
                pass
            self.server.log('error', 'Error on request:\n%s',
                            traceback.plaintext)
Exemple #9
0
def post_respondent(party, session):
    """
    Register respondent and set up pending enrolment before account verification
    :param party: respondent to be created details
    :param session
    :return: created respondent
    """

    # Validation, curation and checks
    expected = ('emailAddress', 'firstName', 'lastName', 'password',
                'telephone', 'enrolmentCode')

    v = Validator(Exists(*expected))
    if 'id' in party:
        # Note: there's not strictly a requirement to be able to pass in a UUID, this is currently supported to
        # aid with testing.
        logger.info("'id' in respondent post message")
        try:
            uuid.UUID(party['id'])
        except ValueError:
            logger.info("Invalid respondent id type",
                        respondent_id=party['id'])
            raise BadRequest(
                f"'{party['id']}' is not a valid UUID format for property 'id'"
            )

    if not v.validate(party):
        logger.debug(v.errors)
        raise BadRequest(v.errors)

    iac = request_iac(party['enrolmentCode'])
    if not iac.get('active'):
        logger.info("Inactive enrolment code")
        raise BadRequest("Enrolment code is not active")

    existing = query_respondent_by_email(party['emailAddress'].lower(),
                                         session)
    if existing:
        logger.info("Email already exists",
                    party_uuid=str(existing.party_uuid))
        raise BadRequest("Email address already exists")

    case_context = request_case(party['enrolmentCode'])
    case_id = case_context['id']
    business_id = case_context['partyId']
    collection_exercise_id = case_context['caseGroup']['collectionExerciseId']
    collection_exercise = request_collection_exercise(collection_exercise_id)
    survey_id = collection_exercise['surveyId']

    business = query_business_by_party_uuid(business_id, session)
    if not business:
        logger.error(
            "Could not locate business when creating business association",
            business_id=business_id,
            case_id=case_id,
            collection_exercise_id=collection_exercise_id)
        raise InternalServerError(
            "Could not locate business when creating business association")

    # Chain of enrolment processes
    translated_party = {
        'party_uuid': party.get('id') or str(uuid.uuid4()),
        'email_address': party['emailAddress'].lower(),
        'first_name': party['firstName'],
        'last_name': party['lastName'],
        'telephone': party['telephone'],
        'status': RespondentStatus.CREATED
    }

    # This might look odd but it's done in the interest of keeping the code working in the same way.
    # If raise_for_status in the function raises an error, it would've been caught by @with_db_session,
    # rolled back the db and raised it.  Whether that's something we want is another question.
    try:
        respondent = _add_enrolment_and_auth(business, business_id, case_id,
                                             party, session, survey_id,
                                             translated_party)
    except HTTPError:
        logger.error("add_enrolment_and_auth raised an HTTPError",
                     exc_info=True)
        session.rollback()
        raise

    # If the disabling of the enrolment code fails we log an error and continue anyway.  In the interest of keeping
    # the code working in the same way (which may itself be wrong...) we'll handle the ValueError that can be raised
    # in the same way as before (rollback the session and raise) but it's not clear whether this is the desired
    # behaviour.
    try:
        disable_iac(party['enrolmentCode'], case_id)
    except ValueError:
        logger.error("disable_iac didn't return json in its response",
                     exc_info=True)
        session.rollback()
        raise

    _send_email_verification(respondent.party_uuid,
                             party['emailAddress'].lower())

    return respondent.to_respondent_dict()
Exemple #10
0
def shop_data_export():
    google_sheets_credentials = get_google_sheets_credentials()
    if not google_sheets_credentials:
        raise InternalServerError('Google sheets credentials invalid')

    SPREADSHEET_ID = '1EVAHeUcqszrtAftpv8jN3lJtrBHnCM-F2MNej1Izy7o'
    service = build('sheets', 'v4', credentials=google_sheets_credentials)

    workbook = service.spreadsheets()
    workbook_data = workbook.get(spreadsheetId=SPREADSHEET_ID).execute()

    # new_shop_ids = db.session.query(ShopSalesData.shop_id.distinct()).filter(
    #     ShopSalesData.date > (datetime.today().date() - timedelta(days=10))
    # ).all()
    new_shop_ids = db.session.query(ShopSalesData.shop_id.distinct()).all()
    new_shop_ids = [i[0] for i in new_shop_ids]

    previous_sheet_delete_requests = [
        {
            "deleteSheet": {
                "sheetId": sheet['properties']['sheetId']
            }
         }
        for sheet in workbook_data['sheets']
        if sheet['properties']['title'] != 'the-one-you-cant-delete'
    ]
    add_new_sheet_requests = [
        {
            "addSheet": {
                "properties": {
                    "title": sheet_name,
                }
            }
        }
        for sheet_name in new_shop_ids
    ]

    requests = previous_sheet_delete_requests + add_new_sheet_requests

    batch_update_spreadsheet_request_body = {
        'requests': requests
    }

    response = workbook.batchUpdate(
        spreadsheetId=SPREADSHEET_ID,
        body=batch_update_spreadsheet_request_body
    ).execute()

    # shop_sales_data = ShopSalesData.query.filter(
    #     ShopSalesData.shop_id.in_(new_shop_ids),
    #     ShopSalesData.date > (datetime.today().date() - timedelta(days=10))
    # ).all()
    shop_sales_data = ShopSalesData.query.filter(ShopSalesData.shop_id.in_(new_shop_ids)).all()

    sales_divided_by_shop = {}

    for sales_data in shop_sales_data:
        shop_data = sales_divided_by_shop.setdefault(
            sales_data.shop_id,
            [['shop_id', 'date', 'bill_number', 'barcode', 'product_description', 'quantity', 'amount']]
        )
        shop_data.append([sales_data.shop_id, str(sales_data.date), sales_data.bill_number, sales_data.barcode,
                           sales_data.product_description, sales_data.sales_quantity, sales_data.amount])

    sales_data_for_sheet_body = [
        {
            'range': key,
            'values': sales_divided_by_shop[key]
        }
        for key in sales_divided_by_shop
    ]

    sheet_request_body = {
        'valueInputOption': 'USER_ENTERED',
        'data': sales_data_for_sheet_body
    }

    workbook.values().batchUpdate(
        spreadsheetId=SPREADSHEET_ID,
        body=sheet_request_body
    ).execute()

    return {'result': 'success'}
Exemple #11
0
 def view500():
     # flask-login user is loaded during @login_required, so check that the db has been queried
     mock_user_get.assert_called_with(user['login_id'])
     raise InternalServerError('error')
Exemple #12
0
def request_handler(request):
    """Handle an http request.

    The parameter `request` must be an instance of werkzeug's `Request` class.
    The return value will be a werkzeug `Response` object.
    """
    adapter = _url_map.bind_to_environ(request.environ)
    try:
        (f, schema), values = adapter.match()
        if schema is None:
            # no data needed from the body:
            request_data = {}
            # XXX: It would be nice to detect if the body is erroneously
            # non-empty, which is probably indicitave of a bug in the client.
        else:
            try:
                # Parse the body as json and validate it with the schema:
                request_handle = request.environ['wsgi.input']
                request_json = request_handle.read(request.content_length)
                request_data = schema.validate(json.loads(request_json))
                if not isinstance(request_data, dict):
                    raise ValidationError("The body of the request is not a JSON object.")
            except ValueError:
                # Parsing the json failed.
                raise ValidationError("The body of the request is not valid JSON.")
            except SchemaError:
                # Validating the schema failed.

                # It would be nice to return a more helpful error message here, but
                # it's a little awkward to extract one from the exception. You can
                # easily get something like:
                #
                #   'hello' should be instance of <type 'int'>
                #
                # which, while fairly clear and helpful, is obviously talking about
                # python types, which is gross.
                raise ValidationError("The request body %r is not valid for "
                                        "this request." % request_json)
        for k, v in values.iteritems():
            if k in request_data:
                logger.error("Argument %r to api function %r exists in both "
                             "the URL path and the body of the request. "
                             "This is a BUG in the schema for %r; the schema "
                             "is responsible for eliminating this possibility.",
                             k, f.__name__, f.__name__)
                raise InternalServerError()
            request_data[k] = v
        logger.debug('Recieved api call %s(%s)', f.__name__, _format_arglist(**request_data))
        response_body = f(**request_data)
        if not response_body:
            response_body = ""
        logger.debug("completed call to api function %s, "
                     "response body: %r", f.__name__, response_body)
        return Response(response_body, status=200)
    except APIError as e:
        logger.debug('Invalid call to api function %s, raised exception: %r',
                     f.__name__, e)
        return e.response()
    except ServerError as e:
        logger.error('Server-side failure in function %s, raised exception: %r',
                     f.__name__, e)
        return InternalServerError()
    except HTTPException, e:
        return e
Exemple #13
0
def errorhandler(e):
    """Handle error"""
    if not isinstance(e, HTTPException):
        e = InternalServerError()
    return render_template("error.html")
def errorhandler(e):
    if not isinstance(e, HTTPException):
        e = InternalServerError()
    return render_template('error.html',
                           title='HTTP Exception',
                           text='You encountered an HTTP Exception, try again')
Exemple #15
0
    def xml(self, **kwargs):
        database = kwargs.get('database', None)
        if not database:
            database = db_monodb()
        req = odoo.http.request
        language = kwargs.get('language', None)
        if req.httprequest.method == 'GET':
            # Login
            database = kwargs.get('database', None)
            req.session.db = database
            try:
                uid = self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt: %s" % e)
                return Response(
                    'Login with Odoo user name and password', 401,
                    headers=[('WWW-Authenticate', 'Basic realm="odoo"')]
                    )

            # As an optional extra security check we can validate a web token attached
            # to the request. It allows use to verify that the request is generated
            # from frePPLe and not from somebody else.

            # Generate data
            try:
                xp = exporter(
                  req,
                  uid=uid,
                  database=database,
                  company=kwargs.get('company', None),
                  mode=int(kwargs.get('mode', 1))
                  )
                # TODO Returning an iterator to stream the response back to the client and
                # to save memory on the server side
                return req.make_response(
                    ''.join([i for i in xp.run()]),
                    headers=[
                        ('Content-Type', 'application/xml;charset=utf8'),
                        ('Cache-Control', 'no-cache, no-store, must-revalidate'),
                        ('Pragma', 'no-cache'),
                        ('Expires', '0')
                    ])
            except Exception as e:
                logger.exception('Error generating frePPLe XML data')
                raise InternalServerError(description='Error generating frePPLe XML data: check the Odoo log file for more details')
        elif req.httprequest.method == 'POST':
            # Authenticate the user
            database = req.httprequest.form.get('database', None)
            req.session.db = database
            try:
                self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt %s" % e)
                return Response(
                    'Login with Odoo user name and password', 401,
                    headers=[('WWW-Authenticate', 'Basic realm="odoo"')]
                    )

            # Validate the company argument
            company_name = req.httprequest.form.get('company', None)
            company = None
            m = req.env['res.company']
            recs = m.search([('name', '=', company_name)], limit=1)
            for i in recs:
              company = i
            if not company:
              return Response('Invalid company name argument', 401)

            # Verify that the data was posted from frePPLe and nobody else
            try:
              webtoken = req.httprequest.form.get('webtoken', None)
              decoded = jwt.decode(
                webtoken,
                company.webtoken_key,
                algorithms=['HS256']
                )
              if self.user != decoded.get('user', None):
                return Response('Incorrect or missing webtoken', 401)
            except:
                return Response('Incorrect or missing webtoken', 401)

            # Import the data
            try:
                ip = importer(
                  req,
                  database=database,
                  company=company,
                  mode=req.httprequest.form.get('mode', 1)
                  )
                return req.make_response(
                    ip.run(),
                    [
                        ('Content-Type', 'text/plain'),
                        ('Cache-Control', 'no-cache, no-store, must-revalidate'),
                        ('Pragma', 'no-cache'),
                        ('Expires', '0')
                    ])
            except Exception as e:
                logger.exception('Error processing data posted by frePPLe')
                raise InternalServerError(description='Error processing data posted by frePPLe: check the Odoo log file for more details')
        else:
            raise MethodNotAllowed('Only GET and POST requests are accepted')
Exemple #16
0
    def put(self, mine_guid, mine_incident_guid):
        incident = MineIncident.find_by_mine_incident_guid(mine_incident_guid)
        if not incident or str(incident.mine_guid) != mine_guid:
            raise NotFound("Mine Incident not found")

        data = self.parser.parse_args()

        do_sub_codes = []
        if data['determination_type_code'] == 'DO':
            do_sub_codes = data['dangerous_occurrence_subparagraph_ids']
            if not do_sub_codes:
                raise BadRequest(
                    'Dangerous occurrences require one or more cited sections of HSRC code 1.7.3'
                )

        for key, value in data.items():
            if key == 'dangerous_occurrence_subparagraph_ids':
                continue
            if key in [
                    'reported_to_inspector_party_guid',
                    'responsible_inspector_party_guid',
                    'determination_inspector_party_guid'
            ]:
                tmp_party = Party.query.filter_by(party_guid=value).first()
                if tmp_party and 'INS' in tmp_party.business_roles_codes:
                    setattr(incident, key, value)
            else:
                setattr(incident, key, value)

        incident.dangerous_occurrence_subparagraphs = []
        for id in do_sub_codes:
            sub = ComplianceArticle.find_by_compliance_article_id(id)
            if not _compliance_article_is_do_subparagraph(sub):
                raise BadRequest(
                    'One of the provided compliance articles is not a sub-paragraph of section 1.7.3 (dangerous occurrences)'
                )
            incident.dangerous_occurrence_subparagraphs.append(sub)

        updated_documents = data.get('updated_documents')
        if updated_documents is not None:
            for updated_document in updated_documents:
                if not any(
                        str(doc.document_manager_guid) ==
                        updated_document['document_manager_guid']
                        for doc in incident.documents):
                    mine_doc = MineDocument(
                        mine_guid=mine_guid,
                        document_name=updated_document['document_name'],
                        document_manager_guid=updated_document[
                            'document_manager_guid'])

                    if not mine_doc:
                        raise BadRequest(
                            'Unable to register uploaded file as document')

                    mine_doc.save()
                    mine_incident_doc = MineIncidentDocumentXref(
                        mine_document_guid=mine_doc.mine_document_guid,
                        mine_incident_id=incident.mine_incident_id,
                        mine_incident_document_type_code=updated_document[
                            'mine_incident_document_type_code']
                        if updated_document['mine_incident_document_type_code']
                        else 'INI')

                    incident.documents.append(mine_incident_doc)
                    mine_incident_doc.save()

            for doc in incident.documents:
                if not any(updated_document['document_manager_guid'] == str(
                        doc.document_manager_guid)
                           for updated_document in updated_documents):
                    incident.documents.remove(doc)
                    db.session.delete(doc)
                    db.session.commit()

        try:
            incident.save()
        except Exception as e:
            raise InternalServerError(f'Error when saving: {e}')
        return incident
Exemple #17
0
    def post(self, mine_guid):
        mine = Mine.find_by_mine_guid(mine_guid)
        if not mine:
            raise NotFound('Mine not found')

        data = self.parser.parse_args()

        do_sub_codes = []
        if data['determination_type_code'] == 'DO':
            do_sub_codes = data['dangerous_occurrence_subparagraph_ids']
            if not do_sub_codes:
                raise BadRequest(
                    'Dangerous occurrences require one or more cited sections of HSRC code 1.7.3'
                )

        incident = MineIncident.create(
            mine,
            data['incident_timestamp'],
            data['incident_description'],
            determination_type_code=data['determination_type_code'],
            followup_investigation_type_code=data[
                'followup_investigation_type_code'],
            reported_timestamp=data['reported_timestamp'],
            reported_by_name=data['reported_by_name'],
        )

        incident.reported_by_email = data.get('reported_by_email')
        incident.reported_by_phone_no = data.get(
            'reported_by_phone_no')  # string
        incident.reported_by_phone_ext = data.get(
            'reported_by_phone_ext')  # string
        incident.number_of_fatalities = data.get('number_of_fatalities')  # int
        incident.number_of_injuries = data.get('number_of_injuries')  # int
        incident.emergency_services_called = data.get(
            'emergency_services_called')  # bool
        incident.followup_inspection = data.get('followup_inspection')  # bool
        incident.followup_inspection_date = data.get(
            'followup_inspection_date')

        # lookup and validated inspector party relationships
        tmp_party = Party.query.filter_by(
            party_guid=data.get('reported_to_inspector_party_guid')).first()
        if tmp_party and 'INS' in tmp_party.business_roles_codes:
            incident.reported_to_inspector_party_guid = tmp_party.party_guid
        tmp_party = Party.query.filter_by(
            party_guid=data.get('responsible_inspector_party_guid')).first()
        if tmp_party and 'INS' in tmp_party.business_roles_codes:
            incident.responsible_inspector_party_guid = tmp_party.party_guid
        tmp_party = Party.query.filter_by(
            party_guid=data.get('determination_inspector_party_guid')).first()
        if tmp_party and 'INS' in tmp_party.business_roles_codes:
            incident.determination_inspector_party_guid = tmp_party.party_guid

        incident.determination_type_code = data.get('determination_type_code')
        incident.followup_investigation_type_code = data.get(
            'followup_investigation_type_code')

        for id in do_sub_codes:
            sub = ComplianceArticle.find_by_compliance_article_id(id)
            if not _compliance_article_is_do_subparagraph(sub):
                raise BadRequest(
                    'One of the provided compliance articles is not a sub-paragraph of section 1.7.3 (dangerous occurrences)'
                )
            incident.dangerous_occurrence_subparagraphs.append(sub)

        updated_documents = data.get('updated_documents')
        if updated_documents is not None:
            for updated_file in updated_documents:
                mine_doc = MineDocument(
                    mine_guid=mine.mine_guid,
                    document_name=updated_file['document_name'],
                    document_manager_guid=updated_file['document_manager_guid']
                )

                if not mine_doc:
                    raise BadRequest(
                        'Unable to register uploaded file as document')

                mine_doc.save()
                mine_incident_doc = MineIncidentDocumentXref(
                    mine_document_guid=mine_doc.mine_document_guid,
                    mine_incident_id=incident.mine_incident_id,
                    mine_incident_document_type_code=updated_file[
                        'mine_incident_document_type_code']
                    if updated_file['mine_incident_document_type_code'] else
                    'INI')

                incident.documents.append(mine_incident_doc)

        try:
            incident.save()
        except Exception as e:
            raise InternalServerError(f'Error when saving: {e}')

        if data.get('recommendations') is not None:
            for recommendation in data.get('recommendations'):
                new_recommendation = MineIncidentRecommendation.create(
                    recommendation['recommendation'],
                    mine_incident_id=incident.mine_incident_id)
                new_recommendation.save()

        return incident, 201
Exemple #18
0
 def patch_version(self):
     if self.sversion:
         return int(int(self.sversion / 100) / 100)
     raise InternalServerError(self._INFORMATION_MSG)
Exemple #19
0
 def major_version(self):
     if self.sversion is not None:
         return int(self.sversion / 10000)
     raise InternalServerError(self._INFORMATION_MSG)
Exemple #20
0
    def run_wsgi(self):
        environ = self.make_environ()
        headers_set = []
        headers_sent = []

        def write(data):
            assert headers_set, 'write() before start_response'
            if not headers_sent:
                status, response_headers = headers_sent[:] = headers_set
                try:
                    code, msg = status.split(None, 1)
                except ValueError:
                    code, msg = status, ""
                self.send_response(int(code), msg)
                header_keys = set()
                for key, value in response_headers:
                    self.send_header(key, value)
                    key = key.lower()
                    header_keys.add(key)
                if 'content-length' not in header_keys:
                    self.close_connection = True
                    self.send_header('Connection', 'close')
                if 'server' not in header_keys:
                    self.send_header('Server', self.version_string())
                if 'date' not in header_keys:
                    self.send_header('Date', self.date_time_string())
                self.end_headers()

            assert type(data) is bytes, 'applications must write bytes'
            self.wfile.write(data)
            self.wfile.flush()

        def start_response(status, response_headers, exc_info=None):
            if exc_info:
                try:
                    if headers_sent:
                        reraise(*exc_info)
                finally:
                    exc_info = None
            elif headers_set:
                raise AssertionError('Headers already set')
            headers_set[:] = [status, response_headers]
            return write

        def app_proxy(environ, start_response):
            # We reject an invalid content length here because it can cause
            # problems with how WSGI apps respond to values in it.
            content_length = environ['CONTENT_LENGTH']
            if content_length and not content_length.isdigit():
                resp = BadRequest()
            else:
                resp = self.server.app
            return resp(environ, start_response)

        def execute(app):
            application_iter = app(environ, start_response)
            try:
                for data in application_iter:
                    write(data)
                if not headers_sent:
                    write(b'')
            finally:
                if hasattr(application_iter, 'close'):
                    application_iter.close()
                application_iter = None

        try:
            execute(app_proxy)
        except (socket.error, socket.timeout) as e:
            self.connection_dropped(e, environ)
        except Exception:
            if self.server.passthrough_errors:
                raise
            from werkzeug.debug.tbtools import get_current_traceback
            traceback = get_current_traceback(ignore_system_exceptions=True)
            try:
                # if we haven't yet sent the headers but they are set
                # we roll back to be able to set them again.
                if not headers_sent:
                    del headers_set[:]
                execute(InternalServerError())
            except Exception:
                pass
            self.server.log('error', 'Error on request:\n%s',
                            traceback.plaintext)
Exemple #21
0
 def view500():
     raise InternalServerError('error')
Exemple #22
0
class WSGIRequestHandler(BaseHTTPRequestHandler, object):

    """A request handler that implements WSGI dispatching."""

    @property
    def server_version(self):
        return 'Werkzeug/' + werkzeug.__version__

    def make_environ(self):
        if '?' in self.path:
            path_info, query = self.path.split('?', 1)
        else:
            path_info = self.path
            query = ''

        def shutdown_server():
            self.server.shutdown_signal = True

        url_scheme = self.server.ssl_context is None and 'http' or 'https'
        environ = {
            'wsgi.version':         (1, 0),
            'wsgi.url_scheme':      url_scheme,
            'wsgi.input':           self.rfile,
            'wsgi.errors':          sys.stderr,
            'wsgi.multithread':     self.server.multithread,
            'wsgi.multiprocess':    self.server.multiprocess,
            'wsgi.run_once':        False,
            'werkzeug.server.shutdown':
            shutdown_server,
            'SERVER_SOFTWARE':      self.server_version,
            'REQUEST_METHOD':       self.command,
            'SCRIPT_NAME':          '',
            'PATH_INFO':            unquote(path_info),
            'QUERY_STRING':         query,
            'CONTENT_TYPE':         self.headers.get('Content-Type', ''),
            'CONTENT_LENGTH':       self.headers.get('Content-Length', ''),
            'REMOTE_ADDR':          self.client_address[0],
            'REMOTE_PORT':          self.client_address[1],
            'SERVER_NAME':          self.server.server_address[0],
            'SERVER_PORT':          str(self.server.server_address[1]),
            'SERVER_PROTOCOL':      self.request_version
        }

        for key, value in self.headers.items():
            key = 'HTTP_' + key.upper().replace('-', '_')
            if key not in ('HTTP_CONTENT_TYPE', 'HTTP_CONTENT_LENGTH'):
                environ[key] = value

        return environ

    def run_wsgi(self):
        app = self.server.app
        environ = self.make_environ()
        headers_set = []
        headers_sent = []

        def write(data):
            assert headers_set, 'write() before start_response'
            if not headers_sent:
                status, response_headers = headers_sent[:] = headers_set
                code, msg = status.split(None, 1)
                self.send_response(int(code), msg)
                header_keys = set()
                for key, value in response_headers:
                    self.send_header(key, value)
                    key = key.lower()
                    header_keys.add(key)
                if 'content-length' not in header_keys:
                    self.close_connection = True
                    self.send_header('Connection', 'close')
                if 'server' not in header_keys:
                    self.send_header('Server', self.version_string())
                if 'date' not in header_keys:
                    self.send_header('Date', self.date_time_string())
                self.end_headers()

            assert type(data) is str, 'applications must write bytes'
            self.wfile.write(data)
            self.wfile.flush()

        def start_response(status, response_headers, exc_info=None):
            if exc_info:
                try:
                    if headers_sent:
                        raise exc_info[0], exc_info[1], exc_info[2]
                finally:
                    exc_info = None
            elif headers_set:
                raise AssertionError('Headers already set')
            headers_set[:] = [status, response_headers]
            return write

        def execute(app):
            application_iter = app(environ, start_response)
            try:
                for data in application_iter:
                    write(data)
                # make sure the headers are sent
                if not headers_sent:
                    write('')
            finally:
                if hasattr(application_iter, 'close'):
                    application_iter.close()
                application_iter = None

        try:
            execute(app)
        except (socket.error, socket.timeout), e:
            self.connection_dropped(e, environ)
        except Exception:
            if self.server.passthrough_errors:
                raise
            from werkzeug.debug.tbtools import get_current_traceback
            traceback = get_current_traceback(ignore_system_exceptions=True)
            try:
                # if we haven't yet sent the headers but they are set
                # we roll back to be able to set them again.
                if not headers_sent:
                    del headers_set[:]
                execute(InternalServerError())
            except Exception:
                pass
            self.server.log('error', 'Error on request:\n%s',
                            traceback.plaintext)
Exemple #23
0
def check_for_previous_run():
  """Check whether previous run is failed"""
  import webapp2  # pylint: disable=import-error
  if int(webapp2.get_request().headers["X-Appengine-Taskexecutioncount"]):
    raise InternalServerError("previous run is failed")
Exemple #24
0
    def xml(self, **kwargs):
        req = odoo.http.request
        language = kwargs.get("language", None)
        if req.httprequest.method == "GET":
            # Login
            database = kwargs.get("database", None)
            if not database:
                database = db_monodb()
            req.session.db = database
            try:
                uid = self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt: %s" % e)
                return Response(
                    "Login with Odoo user name and password",
                    401,
                    headers=[("WWW-Authenticate", 'Basic realm="odoo"')],
                )

            # As an optional extra security check we can validate a web token attached
            # to the request. It allows use to verify that the request is generated
            # from frePPLe and not from somebody else.

            # Generate data
            try:
                xp = exporter(
                    req,
                    uid=uid,
                    database=database,
                    company=kwargs.get("company", None),
                    mode=int(kwargs.get("mode", 1)),
                )
                # TODO Returning an iterator to stream the response back to the client and
                # to save memory on the server side
                return req.make_response(
                    "".join([i for i in xp.run()]),
                    headers=[
                        ("Content-Type", "application/xml;charset=utf8"),
                        ("Cache-Control",
                         "no-cache, no-store, must-revalidate"),
                        ("Pragma", "no-cache"),
                        ("Expires", "0"),
                    ],
                )
            except Exception as e:
                logger.exception("Error generating frePPLe XML data")
                raise InternalServerError(
                    description=
                    "Error generating frePPLe XML data: check the Odoo log file for more details"
                )
        elif req.httprequest.method == "POST":
            # Authenticate the user
            database = req.httprequest.form.get("database", None)
            if not database:
                database = db_monodb()
            req.session.db = database
            try:
                self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt %s" % e)
                return Response(
                    "Login with Odoo user name and password",
                    401,
                    headers=[("WWW-Authenticate", 'Basic realm="odoo"')],
                )

            # Validate the company argument
            company_name = req.httprequest.form.get("company", None)
            company = None
            m = req.env["res.company"]
            recs = m.search([("name", "=", company_name)], limit=1)
            for i in recs:
                company = i
            if not company:
                return Response("Invalid company name argument", 401)

            # Verify that the data was posted from frePPLe and nobody else
            try:
                webtoken = req.httprequest.form.get("webtoken", None)
                decoded = jwt.decode(webtoken,
                                     company.webtoken_key,
                                     algorithms=["HS256"])
                if self.user != decoded.get("user", None):
                    return Response("Incorrect or missing webtoken", 401)
            except Exception:
                return Response("Incorrect or missing webtoken", 401)

            # Import the data
            try:
                ip = importer(
                    req,
                    database=database,
                    company=company,
                    mode=req.httprequest.form.get("mode", 1),
                )
                return req.make_response(
                    ip.run(),
                    [
                        ("Content-Type", "text/plain"),
                        ("Cache-Control",
                         "no-cache, no-store, must-revalidate"),
                        ("Pragma", "no-cache"),
                        ("Expires", "0"),
                    ],
                )
            except Exception as e:
                logger.exception("Error processing data posted by frePPLe")
                raise InternalServerError(
                    description=
                    "Error processing data posted by frePPLe: check the Odoo log file for more details"
                )
        else:
            raise MethodNotAllowed("Only GET and POST requests are accepted")
Exemple #25
0
    def _handle_exception(self, exception):
        """Called within an except block to allow converting exceptions
           to abitrary responses. Anything returned (except None) will
           be used as response."""
        try:
            return super(HttpRequest, self)._handle_exception(exception)
        except UserError, e:
            return WrapJsonException(BadRequest(e.message))
        except MissingError, e:
            return WrapJsonException(NotFound(e.value))
        except AccessError, e:
            return WrapJsonException(Forbidden(e.value))
        except HTTPException, e:
            return WrapJsonException(e)
        except:
            return WrapJsonException(InternalServerError())

    def make_response(self, data, headers=None, cookies=None):
        data = json.dumps(data)
        if headers is None:
            headers = {}
        headers['Content-Type'] = 'application/json'
        return super(HttpJsonRequest, self).make_response(data,
                                                          headers=headers,
                                                          cookies=cookies)


ori_get_request = Root.get_request


def get_request(self, httprequest):
 def app_test():
     raise InternalServerError()
Exemple #27
0
def add_new_survey_for_respondent(payload, tran, session):
    """
    Add a survey for an existing respondent
    :param payload: json containing party_id and enrolment_code
    :param tran:
    :param session: database session
    """
    logger.info("Enrolling existing respondent in survey")

    respondent_party_id = payload['party_id']
    enrolment_code = payload['enrolment_code']

    iac = request_iac(enrolment_code)
    if not iac.get('active'):
        logger.info("Inactive enrolment code")
        raise BadRequest("Enrolment code is not active")

    respondent = query_respondent_by_party_uuid(respondent_party_id, session)
    case_context = request_case(enrolment_code)
    case_id = case_context['id']
    business_id = case_context['partyId']
    collection_exercise_id = case_context['caseGroup']['collectionExerciseId']
    collection_exercise = request_collection_exercise(collection_exercise_id)
    survey_id = collection_exercise['surveyId']

    business_respondent = query_business_respondent_by_respondent_id_and_business_id(
        business_id, respondent.id, session)

    if not business_respondent:
        # Associate respondent with new business
        business = query_business_by_party_uuid(business_id, session)
        if not business:
            logger.error("Could not find business",
                         business_id=business_id,
                         case_id=case_id,
                         collection_exercise_id=collection_exercise_id)
            raise InternalServerError(
                "Could not locate business when creating business association")
        business_respondent = BusinessRespondent(business=business,
                                                 respondent=respondent)

    enrolment = Enrolment(business_respondent=business_respondent,
                          survey_id=survey_id,
                          status=EnrolmentStatus.ENABLED)
    session.add(enrolment)
    session.commit()

    disable_iac(enrolment_code, case_id)

    if count_enrolment_by_survey_business(survey_id, business_id,
                                          session) == 0:
        logger.info("Informing case of respondent enrolled",
                    survey_id=survey_id,
                    business_id=business_id,
                    respondent_id=respondent.party_uuid)
        post_case_event(case_id=case_id,
                        category="RESPONDENT_ENROLED",
                        desc="Respondent enroled")

    # This ensures the log message is only written once the DB transaction is committed
    tran.on_success(lambda: logger.info(
        'Respondent has enroled to survey for business', business=business_id))
Exemple #28
0
def search(request_params: MultiDict,
           archives: Optional[List[str]] = None) -> Response:
    """
    Perform a simple search.

    This supports requests from both the form-based view (provided here) AND
    from the mini search widget displayed on all arXiv.org pages.

    At a minimum, expects the parameter ``value`` in the GET request. This may
    be a match value for a search query, or an arXiv ID.

    Parameters
    ----------
    request_params : :class:`.MultiDict`
    archives : list
        A list of archives within which the search should be performed.

    Returns
    -------
    dict
        Search result response data.
    int
        HTTP status code.
    dict
        Headers to add to the response.

    Raises
    ------
    :class:`.InternalServerError`
        Raised when there is a problem communicating with ES, or there was an
        unexpected problem executing the query.

    """
    if archives is not None and len(archives) == 0:
        raise NotFound("No such archive")

    # We may need to intervene on the request parameters, so we'll
    # reinstantiate as a mutable MultiDict.
    if isinstance(request_params, ImmutableMultiDict):
        request_params = MultiDict(request_params.items(multi=True))

    logger.debug("simple search form")
    response_data = {}  # type: Dict[str, Any]

    logger.debug("simple search request")
    if "query" in request_params:
        try:
            # first check if the URL includes an arXiv ID
            arxiv_id: Optional[str] = identifier.parse_arxiv_id(
                request_params["query"])
            # If so, redirect.
            logger.debug(f"got arXiv ID: {arxiv_id}")
        except ValueError:
            logger.debug("No arXiv ID detected; fall back to form")
            arxiv_id = None
    else:
        arxiv_id = None

    if arxiv_id:
        headers = {"Location": url_for("abs_by_id", paper_id=arxiv_id)}
        return {}, HTTPStatus.MOVED_PERMANENTLY, headers

    # Here we intervene on the user's query to look for holdouts from the
    # classic search system's author indexing syntax (surname_f). We
    # rewrite with a comma, and show a warning to the user about the
    # change.
    response_data["has_classic_format"] = False
    if "searchtype" in request_params and "query" in request_params:
        if request_params["searchtype"] in ["author", "all"]:
            _query, _classic = catch_underscore_syntax(request_params["query"])
            response_data["has_classic_format"] = _classic
            request_params["query"] = _query

    # Fall back to form-based search.
    form = SimpleSearchForm(request_params)

    if form.query.data:
        # Temporary workaround to support classic help search
        if form.searchtype.data == "help":
            return (
                {},
                HTTPStatus.MOVED_PERMANENTLY,
                {
                    "Location": f"/help/search?q={form.query.data}"
                },
            )

        # Support classic "expeirmental" search
        elif form.searchtype.data == "full_text":
            return (
                {},
                HTTPStatus.MOVED_PERMANENTLY,
                {
                    "Location":
                    "http://search.arxiv.org:8081/"
                    f"?in=&query={form.query.data}"
                },
            )

    q: Optional[Query]
    if form.validate():
        logger.debug("form is valid")
        q = _query_from_form(form)

        if archives is not None:
            q = _update_with_archives(q, archives)

        # Pagination is handled outside of the form.
        q = paginate(q, request_params)

        try:
            # Execute the search. We'll use the results directly in
            #  template rendering, so they get added directly to the
            #  response content.asdict
            response_data.update(SearchSession.search(q))  # type: ignore
        except index.IndexConnectionError as ex:
            # There was a (hopefully transient) connection problem. Either
            #  this will clear up relatively quickly (next request), or
            #  there is a more serious outage.
            logger.error("IndexConnectionError: %s", ex)
            raise InternalServerError(
                "There was a problem connecting to the search index. This is "
                "quite likely a transient issue, so please try your search "
                "again. If this problem persists, please report it to "
                "[email protected].") from ex
        except index.QueryError as ex:
            # Base exception routers should pick this up and show bug page.
            logger.error("QueryError: %s", ex)
            raise InternalServerError(
                "There was a problem executing your query. Please try your "
                "search again.  If this problem persists, please report it to "
                "[email protected].") from ex
        except index.OutsideAllowedRange as ex:
            raise BadRequest(
                "Hello clever friend. You can't get results in that range"
                " right now.") from ex

        except Exception as ex:
            logger.error("Unhandled exception: %s", str(ex))
            raise
    else:
        logger.debug("form is invalid: %s", str(form.errors))
        if "order" in form.errors or "size" in form.errors:
            # It's likely that the user tried to set these parameters manually,
            # or that the search originated from somewhere else (and was
            # configured incorrectly).
            simple_url = url_for("ui.search")
            raise BadRequest(
                f"It looks like there's something odd about your search"
                f" request. Please try <a href='{simple_url}'>starting"
                f" over</a>.")
        q = None
    response_data["query"] = q
    response_data["form"] = form
    return response_data, HTTPStatus.OK, {}
Exemple #29
0
from bartendro.model.dispenser import Dispenser
from bartendro.error import BartendroBusyError, BartendroBrokenError, BartendroCantPourError, BartendroCurrentSenseError

def ws_make_drink(drink_id):
    recipe = {}
    for arg in request.args:
        disp = int(arg[5:])
        recipe[disp] = int(request.args.get(arg))

    drink = Drink.query.filter_by(id=int(drink_id)).first()
    try:
        app.mixer.make_drink(drink, recipe)
    except mixer.BartendroCantPourError, err:
        raise BadRequest(err)
    except mixer.BartendroBrokenError, err:
        raise InternalServerError(err)
    except mixer.BartendroBusyError, err:
        raise ServiceUnavailable(err)

    return "ok\n"

@app.route('/ws/drink/<int:drink>')
def ws_drink(drink):
    drink_mixer = app.mixer
    if app.options.must_login_to_dispense and not current_user.is_authenticated():
        return "login required"

    return ws_make_drink(drink)

@app.route('/ws/drink/custom')
def ws_custom_drink():
Exemple #30
0
def wrapped_get_info(request, ident, base_uri):
    # don't fail silently
    r = unwrapped_get_info(request, ident, base_uri)
    if not r.content_length:
        return InternalServerError('empty json')
    return r
Exemple #31
0
def errorhandler(error):
    """ Handle errors """
    if not isinstance(error, HTTPException):
        error = InternalServerError()
    return apology(error.name, error.code)
Exemple #32
0
async def handle_httpexception(
    self, ctx: HTTPRequestContext, exception: HTTPException, environ: dict = None
) -> Response:
    """
    Handle a HTTP Exception.

    :param ctx: The context of the request.
    :param exception: The HTTPException to handle.
    :param environ: The fake WSGI environment.

    :return: A :class:`werkzeug.wrappers.Response` that handles this response.
    """
    # Try and load the error handler recursively from the ctx.route.blueprint.
    bp = ctx.bp or self.root

    if environ is None:
        environ = ctx.environ

    cbl = lambda environ: Response(
        "Internal server error during processing. Report this.", status=500
    )

    error_handler = bp.get_errorhandler(exception)
    if not error_handler:
        # Try the root Blueprint. This may happen if the blueprint requested isn't registered
        # properly in the root, for some reason.
        error_handler = self.root.get_errorhandler(exception)
        if not error_handler:
            # Just return the Exception's get_response.
            cbl = exception.get_response

    else:
        # Try and invoke the error handler to get the Response.
        # Wrap it in the try/except, so we can handle a default one.
        try:
            res = await error_handler.invoke(ctx, args=(exception,))
            # hacky way of unifying everything
            cbl = lambda environ: res
        except HTTPException as e:
            # why tho?
            logger.warning(
                "Error handler function raised another error, using the " "response from that..."
            )
            cbl = e.get_response
        except Exception as e:
            logger.exception("Error in error handler!")
            cbl = InternalServerError(e).get_response
            # else:
            # result = wrap_response(result, self.response_class)

    try:
        result = cbl(environ=environ)
    except Exception:
        # ok
        logger.critical(
            "Whilst handling a {}, response.get_response ({}) raised exception".format(
                exception.code, cbl
            ),
            exc_info=True,
        )
        result = Response("Critical server error. Your application is broken.", status=500)

    if result.status_code != exception.code:
        logger.warning(
            "Error handler {} returned code {} when exception was code {}...".format(
                error_handler.callable_repr, result.status_code, exception.code
            )
        )

    return result
Exemple #33
0
    def run_wsgi(self):
        app = self.server.app
        environ = self.make_environ()
        headers_set = []
        headers_sent = []

        def write(data):
            if not headers_sent:
                status, response_headers = headers_sent[:] = headers_set
                code, msg = status.split(None, 1)
                self.send_response(int(code), msg)
                header_keys = set()
                for key, value in response_headers:
                    self.send_header(key, value)
                    key = key.lower()
                    header_keys.add(key)

                if 'content-length' not in header_keys:
                    self.close_connection = True
                    self.send_header('Connection', 'close')
                if 'server' not in header_keys:
                    self.send_header('Server', self.version_string())
                if 'date' not in header_keys:
                    self.send_header('Date', self.date_time_string())
                self.end_headers()
            self.wfile.write(data)
            self.wfile.flush()

        def start_response(status, response_headers, exc_info = None):
            if exc_info:
                try:
                    if headers_sent:
                        raise exc_info[0], exc_info[1], exc_info[2]
                finally:
                    exc_info = None

            elif headers_set:
                raise AssertionError('Headers already set')
            headers_set[:] = [status, response_headers]
            return write

        def execute(app):
            application_iter = app(environ, start_response)
            try:
                for data in application_iter:
                    write(data)

                if not headers_sent:
                    write('')
            finally:
                if hasattr(application_iter, 'close'):
                    application_iter.close()
                application_iter = None

        try:
            execute(app)
        except (socket.error, socket.timeout) as e:
            self.connection_dropped(e, environ)
        except:
            if self.server.passthrough_errors:
                raise
            from werkzeug.debug.tbtools import get_current_traceback
            traceback = get_current_traceback(ignore_system_exceptions=True)
            try:
                if not headers_sent:
                    del headers_set[:]
                execute(InternalServerError())
            except:
                pass

            self.server.log('error', 'Error on request:\n%s', traceback.plaintext)
Exemple #34
0
def errorhandler(e):
    """Handle error"""
    if not isinstance(e, HTTPException):
        e = InternalServerError()
    return "Error"
Exemple #35
0
    def post(self):
        args = parser.parse_args(strict=False)
        username = args['username']
        token = args["Authorization"]
        ip = args['Ipaddress']
        decoded_token = token_verify_or_raise(token, username, ip)
        # data = json.loads(str(request.data, encoding='utf-8'))
        # print(data)
        role = args["role"]
        print(role)
        user_name = args["user"]
        print(args["statuschange"])
        user = Users.query.filter_by(Username=user_name).first()
        msgtext = None
        subject = None
        if "password" in args.keys():
            print(args.keys())
        if user is None:
            raise UnprocessableEntity('Username is not valid')
        try:
            if role == roles.ROLES_REVIEW_MANAGER or role == roles.ROLES_ADMIN:

                status_change = args["statuschange"]
                print(status_change)

                if not status_change:

                    display_name = args["displayname"]
                    email = args["email"]
                    phone_number = args["phonenumber"]
                    is_password_change = args["passwordchange"]
                    # session_expiry = data["session_expiry"]

                    if is_password_change:
                        password = randomStringwithDigitsAndSymbols()
                        password_enc = Encryption().encrypt(password)
                        print("password change")
                        user.DisplayName = display_name
                        user.Email = email
                        user.PhoneNumber = phone_number
                        user.Password = password_enc
                        user.TemporaryPassword = True
                        msgtext = f'<p>Your password has been reset. The temporary password is: {password}</p>' + \
                                  '<p>Please log into your system as soon as possible to set your new password.</p>'

                        subject = "Temporary Password for Saxon Portals"

                    else:
                        if "password" in args and args["password"] is not None:
                            user.Password = Encryption().encrypt(args["password"])
                            user.TemporaryPassword = True
                        print("not password change")
                        user.DisplayName = display_name
                        user.Email = email
                        user.PhoneNumber = phone_number
                else:
                    if not str(args["status"]).upper() in [STATUS_ACTIVE, STATUS_INACTIVE, STATUS_DELETE]:
                        raise BadRequest("Invalid status")
                    status = args["status"]
                    user.Status = str(status).upper()

                db.session.commit()
                if msgtext is not None and subject is not None:
                    send_email(user.Email, subject=subject, body=msgtext)
                return RESPONSE_OK
            elif role == roles.ROLES_EMPLOYER or role == roles.ROLES_MEMBER or role == roles.ROLES_HR:
                display_name = args["displayname"]
                email = args["email"]

                is_password_change = args["passwordchange"]

                if is_password_change:
                    password = randomStringwithDigitsAndSymbols()
                    password_enc = Encryption().encrypt(password)
                    user.DisplayName = display_name
                    user.Email = email
                    user.Password = password_enc
                    user.TemporaryPassword = True
                    msgtext = f'<p>Your password has been reset. The temporary password is: {password}</p>' + \
                              f'<p>Please log into your system as soon as possible to set your new password.</p>'

                    subject = "Temporary Password for Saxon Portals"
                else:
                    if "password" in args and args["password"] is not None:
                        user.Password = Encryption().encrypt(args["password"])
                        user.TemporaryPassword = True
                    user.DisplayName = display_name
                    user.Email = email
                db.session.commit()
                if msgtext is not None and subject is not None:
                    send_email(user.Email, subject=subject, body=msgtext)
                return RESPONSE_OK
            else:
                raise BadRequest('Invalid Role')
        except Exception as e:
            LOG.error("Exception while updating user", e)
            raise InternalServerError("Can't update user")
Exemple #36
0
def errorhandler(e):
    """Handle error"""
    if not isinstance(e, HTTPException):
        e = InternalServerError()
    return render_template("apology.html", error=e.name, error_code=e.code)