def _post(self):
     query = {'openid': self.json_args['reviewer_openid']}
     user = yield dbapi.db_find_one('users', query)
     if not user:
         raises.Forbidden(message.unauthorized())
     role = self.get_secure_cookie(auth_const.ROLE)
     if 'reviewer' not in role.split(','):
         self.finish_request({'code': 403,
                              'msg': 'You do not have the reviewer '
                              'permision / role!'})
         return
     test = yield dbapi.db_find_one(
         'tests', {'id': self.json_args['test_id']})
     if test['owner'] == self.json_args['reviewer_openid']:
         self.finish_request({'code': 403,
                              'msg': 'No permision to review own results'})
         return
     query = {
         'reviewer_openid': self.json_args['reviewer_openid'],
         'test_id': self.json_args['test_id']
     }
     review = yield dbapi.db_find_one(self.table, query)
     if review:
         if review['outcome'] != self.json_args['outcome']:
             yield dbapi.db_update(self.table, query,
                                   {'$set': {
                                       'outcome': self.json_args['outcome'],
                                       'creation_date': datetime.now()}})
         self.finish_request()
     else:
         self.json_args['reviewer_name'] = user['fullname']
         self.json_args['reviewer_email'] = user['email']
         self._create(miss_fields=[], carriers=[])
Esempio n. 2
0
 def _update(self, data, query=None, **kwargs):
     logging.debug("_update")
     data = self.table_cls.from_dict(data)
     update_req = self._update_requests(data)
     yield dbapi.db_update(self.table, query, update_req)
     update_req['_id'] = str(data._id)
     self.finish_request(update_req)
Esempio n. 3
0
 def delete(self, id):
     query = {'_id': objectid.ObjectId(id)}
     application = yield dbapi.db_find_one(self.table, query)
     test_id = application['test_id']
     t_query = {'id': test_id}
     yield dbapi.db_delete('reviews', {'test_id': test_id})
     yield dbapi.db_update('tests', t_query,
                           {'$set': {
                               'status': 'private'
                           }})
     self._delete(query=query)
Esempio n. 4
0
    def get(self):
        ticket = self.get_query_argument('ticket', default=None)
        if ticket:
            (user, attrs, _) = self.cas_client.verify_ticket(ticket=ticket)
            login_user = {
                'user': user,
                'email': attrs.get('mail'),
                'fullname': attrs.get('field_lf_full_name'),
                'groups': constants.TESTAPI_USERS + attrs.get('group', [])
            }
            q_user = {'user': user}
            db_user = yield dbapi.db_find_one(self.table, q_user)
            if not db_user:
                dbapi.db_save(self.table, login_user)
            else:
                dbapi.db_update(self.table, q_user, login_user)

            self.clear_cookie(constants.TESTAPI_ID)
            self.set_secure_cookie(constants.TESTAPI_ID, user)

            self.redirect(url=CONF.ui_url)
Esempio n. 5
0
 def update(self, application_id, item, value, owner):
     self.json_args = {}
     self.json_args[item] = value
     query = {'_id': objectid.ObjectId(application_id), 'owner': owner}
     db_keys = ['_id', 'owner']
     if item == 'approved':
         if value == 'true':
             status = 'verified'
             self.json_args['approve_date'] = str(datetime.now())
         else:
             status = 'review'
             self.json_args['approve_date'] = ''
         application = yield dbapi.db_find_one(self.table, query)
         test_id = application['test_id']
         t_query = {'id': test_id}
         yield dbapi.db_update('tests', t_query,
                               {'$set': {
                                   'status': status
                               }})
     self._update(query=query, db_keys=db_keys)
Esempio n. 6
0
 def pure_update(self, data, query=None, **kwargs):
     data = self.table_cls.from_dict(data)
     update_req = self._update_requests(data)
     yield dbapi.db_update(self.table, query, update_req)
     self.finish_request()