def analytes(request, analyte_id=None):
"""Get, create, or update information about cannabis analysis analytes."""
# Initialize
model_id = analyte_id
model_type = 'analytes'
model_type_singular = 'analyte'
# Authenticate the user.
claims, status, org_id = authorize_user(request)
if status != 200:
return Response(claims, status=status)
# GET data.
if request.method == 'GET':
docs = get_objects(request, claims, org_id, model_id, model_type)
return Response({'success': True, 'data': docs}, status=200)
# POST data.
elif request.method == 'POST':
data = update_object(request, claims, model_type, model_type_singular, org_id)
if data:
return Response({'success': True, 'data': data}, status=200)
else:
message = 'Data not recognized. Please post either a singular object or an array of objects.'
return Response({'error': True, 'message': message}, status=400)
# DELETE data.
elif request.method == 'DELETE':
success = delete_object(request, claims, model_id, model_type, model_type_singular, org_id)
if not success:
message = f'Your must be an owner or quality assurance to delete {model_type}.'
return Response({'error': True, 'message': message}, status=403)
return Response({'success': True, 'data': []}, status=200)
def logs(request, log_id=None):
"""Get and create logs."""
# Initialize and authenticate.
model_id = log_id
model_type = 'logs'
model_type_singular = 'log'
claims = authenticate_request(request)
try:
claims['uid'] #pylint: disable=pointless-statement
owner = claims.get('owner', [])
team = claims.get('team', [])
quality_control = claims.get('qc', [])
authorized_ids = owner + team + quality_control
except KeyError:
message = 'Your request was not authenticated. Ensure that you have a valid session or API key.'
return Response({'error': True, 'message': message}, status=401)
# Authorize that the user can work with the data.
organization_id = request.query_params.get('organization_id')
if organization_id not in authorized_ids:
message = f'Your must be an owner, quality assurance, or a team member of this organization to manage {model_type}.'
return Response({'error': True, 'message': message}, status=403)
# GET data.
if request.method == 'GET':
docs = get_objects(request, authorized_ids, organization_id, model_id,
model_type)
return Response({'success': True, 'data': docs}, status=200)
# POST data.
elif request.method == 'POST':
data = update_object(request, claims, model_type, model_type_singular,
organization_id)
if data:
return Response({'success': True, 'data': data}, status=200)
# Return an error message if post fails.
message = 'Data not recognized. Please post either a singular object or an array of objects.'
return Response({'error': True, 'message': message}, status=400)
def transfers(request, transfer_id=None):
"""Get, create, or update transfers."""
# Initialize.
model_id = transfer_id
model_type = 'transfers'
model_type_singular = 'transfer'
# Authenticate the user.
claims, status, org_id = authorize_user(request)
if status != 200:
return Response(claims, status=status)
# GET data.
if request.method == 'GET':
docs = get_objects(request, claims, org_id, model_id, model_type)
return Response({'success': True, 'data': docs}, status=200)
# POST data.
# TODO: Send transfer to the organization.
# TODO: Notify the receiving organization.
# TODO: Post to Metrc if user specifies.
elif request.method == 'POST':
data = update_object(request, claims, model_type, model_type_singular,
org_id)
if data:
return Response({'success': True, 'data': data}, status=200)
else:
message = 'Data not recognized. Please post either a singular object or an array of objects.'
return Response({'error': True, 'message': message}, status=400)
# DELETE data.
elif request.method == 'DELETE':
success = delete_object(request, claims, model_id, model_type,
model_type_singular, org_id)
if not success:
message = f'Your must be an owner or quality assurance to delete {model_type}.'
return Response({'error': True, 'message': message}, status=403)
return Response({'success': True, 'data': []}, status=200)
def inventory(request, inventory_id=None):
"""Get, create, or update inventory."""
# Initialize.
model_id = inventory_id
model_type = 'inventory'
model_type_singular = 'item'
# Authenticate the user.
claims = authenticate_request(request)
# FIXME: Get `org_id`
org_id = None
if claims.get('user') is None:
message = 'Authentication failed.'
return Response({'success': False, 'data': message}, status=401)
# GET data.
if request.method == 'GET':
docs = get_objects(request, claims, org_id, model_id, model_type)
return Response({'success': True, 'data': docs}, status=200)
# POST data.
elif request.method == 'POST':
data = update_object(request, claims, model_type, model_type_singular,
org_id)
if data:
return Response({'success': True, 'data': data}, status=200)
else:
message = 'Data not recognized. Please post either a singular object or an array of objects.'
return Response({'error': True, 'message': message}, status=400)
# DELETE data.
elif request.method == 'DELETE':
success = delete_object(request, claims, model_id, model_type,
model_type_singular, org_id)
if not success:
message = f'Your must be an owner or quality assurance to delete {model_type}.'
return Response({'error': True, 'message': message}, status=403)
return Response({'success': True, 'data': []}, status=200)
def projects(request, project_id=None):
"""Get, create, or update laboratory projects, a group of samples
submitted at the same time by a given organization."""
# Initialize.
model_id = project_id
model_type = 'projects'
model_type_singular = 'project'
# Authenticate the user.
claims, status, org_id = authorize_user(request)
if status != 200:
return Response(claims, status=status)
# GET data.
if request.method == 'GET':
docs = get_objects(request, claims, org_id, model_id, model_type)
return Response({'success': True, 'data': docs}, status=200)
# POST data.
elif request.method == 'POST':
data = update_object(request, claims, model_type, model_type_singular,
org_id)
if data:
return Response({'success': True, 'data': data}, status=200)
else:
message = 'Data not recognized. Please post either a singular object or an array of objects.'
return Response({'error': True, 'message': message}, status=400)
# DELETE data.
elif request.method == 'DELETE':
success = delete_object(request, claims, model_id, model_type,
model_type_singular, org_id)
if not success:
message = f'Your must be an owner or quality assurance to delete {model_type}.'
return Response({'error': True, 'message': message}, status=403)
return Response({'success': True, 'data': []}, status=200)
