def post(self, soknad_id): if soknad_id is not None: soknad = SoknadRepo.find_by_id(soknad_id) else: return SakApi.create_error_response_for_iframe(body_status=400, body_error='Missing object id') ensure(MANAGE, SoknadAction(soknad, SoknadStateMachine.t_last_opp_saksvedlegg)) validator = VedleggValidator(request.form).validate_post_fields() if validator.has_errors(): return SakApi.create_error_response_for_iframe(body_status=400, body_error=validator.errors) file = request.files.get('upload_file') if file is None: current_app.logger.warn('Missing required file: document') return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Dokument er påkrevd.') extension = os.path.splitext(file.filename)[1] if file.mimetype not in VALID_MIME_TYPES or extension not in VALID_EXTENSIONS: current_app.logger.warn('Invalid mimetype: %s', file.mimetype) return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Ugyldig filtype.') filnavn = uuid_with_ext(file.filename) target_path = generate_dir_path(DOC_PATH, get_rel_saksvedlegg_path(soknad)) backend = get_backend(file, filename=filnavn, path=target_path) backend.save() saksvedlegg = Vedlegg() user = get_user_from_auth() saksvedlegg.filnavn = file.filename saksvedlegg.file_ref = filnavn saksvedlegg.beskrivelse = request.form.get('tittel') saksvedlegg.user_id = user['id'] saksvedlegg.vedlagtdato = datetime.now() soknad.saksvedlegg.append(saksvedlegg) if soknad.saksbehandler_id: # Arkivering # ########### organisation = get_organisation(soknad.organisation_id, request.cookies) person = get_person(soknad.person_id, request.cookies) try: save_journalpost_for_saksvedlegg(soknad, organisation, person, saksvedlegg) except InvalidArkivExtensionError as e: return SakApi.create_error_response_for_iframe(body_status=400, body_error=e.message) current_app.db_session.commit() return Response(response=json.dumps(marshal(saksvedlegg, saksvedlegg_fields)), status=201, content_type='text/html')
def post(self): rapport_id = request.form.get('rapport_id') soknad_id = request.form.get('soknad_id') if not (rapport_id is None): soknad_or_rapport = RapportRepo.find_by_id(rapport_id) soknad_id = soknad_or_rapport.soknad_id elif not (soknad_id is None): soknad_or_rapport = SoknadRepo.find_by_id(soknad_id) else: return SakApi.create_error_response_for_iframe(body_status=400, body_error='Missing object id') ensure(PUT, soknad_or_rapport) file = request.files.get('upload_file') if file is None: current_app.logger.warn('Missing required file: document') return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Dokument er påkrevd.') extension = os.path.splitext(file.filename)[1] if file.mimetype not in VALID_MIME_TYPES or extension not in VALID_EXTENSIONS: current_app.logger.warn('Invalid mimetype: %s', file.mimetype) return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Ugyldig filtype.') filnavn = uuid_with_ext(file.filename) target_path = generate_dir_path(DOC_PATH, get_rel_vedlegg_path(soknad_id)); backend = get_backend(file, filename=filnavn, path=target_path) backend.save() vedlegg = Vedlegg() user = get_user_from_auth() vedlegg.filnavn = file.filename vedlegg.file_ref = filnavn vedlegg.user_id = user['id'] vedlegg.vedlagtdato = datetime.now() soknad_or_rapport.vedlegg.append(vedlegg) current_app.db_session.commit() return Response(response=json.dumps(marshal(vedlegg, vedlegg_fields)), status=201, content_type='text/html')
def create(cls, rapport): soknad = SoknadRepo.find_by_id(rapport.soknad_id) for arrangement in soknad.arrangement: make_transient(arrangement) rapport.arrangement.append(cls.copy_model_object(arrangement)) for okonomipost in soknad.okonomipost: make_transient(okonomipost) rapport.okonomipost.append(cls.copy_model_object(okonomipost)) rapport = cls.save(rapport) soknad.status = SoknadStateMachine.s_rapport_pabegynt.id SoknadRepo.save(soknad) return rapport
def get(self, soknad_id, saksvedlegg_id): soknad = SoknadRepo.find_by_id(soknad_id) ensure(GET, soknad) try: saksvedlegg = VedleggRepo.find_by_id(saksvedlegg_id) doc_path = "%s/%s" %(DOC_PATH, get_rel_saksvedlegg_path(soknad)) return send_from_directory(doc_path, saksvedlegg.file_ref, as_attachment=True, attachment_filename=saksvedlegg.filnavn.encode("utf-8")) except NotFound: abort(400, __error__=['Vedlegg med id %d finnes ikke' % saksvedlegg_id])
def get(self, soknad_id, action_id=None): # hent søknad soknad = SoknadRepo.find_by_id(soknad_id) ensure(GET, soknad) user = get_user_from_auth() # filter transitions actions = filter_actions(soknad, user) if action_id: if action_id in actions: return marshal(actions[action_id], action_fields) else: abort(404, __error__=[u"Fant ingen action med id=%s" % action_id]) return marshal(actions.values(), action_fields)
def put(self, soknad_id=None, action_id=None): data = request.get_json() # hent søknad soknad = SoknadRepo.find_by_id(soknad_id) # sjekk om angitt action er lovlig transition user = get_user_from_auth() sm = SoknadStateMachine() transitions = sm.get_transitions(soknad.status, user) if action_id not in transitions: abort( 403, __error__=[u"Aksjon %s ikke tilgjengelig for søknader med status %s" % (action_id, soknad.status)] ) action = transitions[action_id] SoknadActionExecutor.execute(soknad, action, data) return None, 200
def if_rapport_owner(rapport, user): soknad = SoknadRepo.find_by_id(rapport.soknad_id) return if_soker_can_manage_soknad(soknad, user)
def if_soknad_is_not_in_status_rapport_pabegynt(rapport): soknad = SoknadRepo.find_by_id(rapport.soknad_id) return soknad.status != SoknadStateMachine.s_rapport_pabegynt.id
def if_rapport_owner_can_edit_report(rapport, user): soknad = SoknadRepo.find_by_id(rapport.soknad_id) soknadaction = SoknadAction(soknad, SoknadStateMachine.t_rediger_rapport) return if_rapport_owner(rapport, user) and can_perform_action(soknadaction, user)