def update(self, request, consent_id):
logger.info('Received update request for consent with id {}'.format(
consent_id))
consent = self._get_consent(consent_id)
if consent.status != Consent.ACTIVE:
logger.info('Consent is not ACTIVE. Not revoked')
return Response({'errors': ['wrong_consent_status']},
status=http_status.HTTP_400_BAD_REQUEST)
elif consent.person_id != self._get_person_id(request):
logger.warn(
'Consent doesn\'t belong to the logged in person so it is not revoked'
)
return Response({'errors': ['wrong_person']},
status=http_status.HTTP_400_BAD_REQUEST)
logger.info('Update data: {}'.format(request.data))
serializer = serializers.ConsentSerializer(consent,
data=request.data,
partial=True)
if serializer.is_valid():
serializer.save()
else:
logger.info('Update data are not valid. Errors are: {}'.format(
serializer.errors))
return Response({'errors': serializer.errors},
status=http_status.HTTP_400_BAD_REQUEST)
return Response({}, status=http_status.HTTP_200_OK)
def find(self, request):
"""
Method to find consent. The only supported query parameter is by confirmation_id
:param request:
:return:
"""
if 'confirm_id' not in request.query_params:
logger.debug('confirm_id paramater not present')
return Response({'errors': [ERRORS.MISSING_PARAMETERS]},
http_status.HTTP_400_BAD_REQUEST)
confirm_ids = request.GET.getlist('confirm_id')
logger.info(
'Called /v1/consents/find/ with query paramaters {}'.format(
request.query_params))
ccs = ConfirmationCode.objects.filter(code__in=confirm_ids,
consent__status=Consent.PENDING)
if not ccs:
return Response({}, http_status.HTTP_404_NOT_FOUND)
logger.debug('Found {} consents'.format(len(ccs)))
logger.debug('Checking validity'.format(len(ccs)))
consents = []
for cc in ccs:
if cc.check_validity():
serializer = serializers.ConsentSerializer(cc.consent)
consent_data = serializer.data.copy()
consent_data.update({'confirm_id': cc.code})
del consent_data['consent_id']
consents.append(consent_data)
logger.info('Found {} valid consents'.format(len(consents)))
return Response(consents, status=http_status.HTTP_200_OK)
def list(self, request):
if request.user is not None:
person_id = self._get_person_id(request)
consents = Consent.objects.filter(person_id=person_id,
status__in=(Consent.ACTIVE,
Consent.REVOKED))
logger.info('Found {} consents for user {}'.format(
len(consents), person_id))
else:
consents = Consent.objects.all()
serializer = serializers.ConsentSerializer(consents, many=True)
if request.user is not None or request.auth.application.is_super_client(
):
return Response(serializer.data)
else:
res = []
for c in serializer.data:
res.append({
'consent_id': c['consent_id'],
'source': c['source'],
'status': c['status'],
'start_validity': c['start_validity'],
'expire_validity': c['expire_validity']
})
return Response(res)
def retrieve(self, request, consent_id, format=None):
consent = self._get_consent(consent_id)
serializer = serializers.ConsentSerializer(consent)
if request.auth.application.is_super_client():
return Response(serializer.data)
else:
logger.info(serializer.data)
res = {
'consent_id': serializer.data['consent_id'],
'source': serializer.data['source'],
'status': serializer.data['status'],
'start_validity': serializer.data['start_validity'],
'expire_validity': serializer.data['expire_validity']
}
return Response(res)
def create(self, request):
logger.debug(request.scheme)
request.data.update({
'consent_id': get_random_string(32),
'status': Consent.PENDING
})
serializer = serializers.ConsentSerializer(data=request.data)
if serializer.is_valid():
co = serializer.save()
cc = ConfirmationCode.objects.create(consent=co)
cc.save()
res = {'confirm_id': cc.code, 'consent_id': co.consent_id}
return Response(res, status=http_status.HTTP_201_CREATED)
return Response(serializer.errors,
status=http_status.HTTP_400_BAD_REQUEST)