async def event_search(request):
query = prepare_search_query(request)
if query is None:
return raw_json_response('{"items": []}')
json_str = await request['conn'].fetchval_b(search_sql,
company=request['company_id'],
query=query)
return raw_json_response(json_str)
async def guest_signin(request):
model, siw_method = SIGNIN_MODELS[request.match_info['site']]
m = await parse_request(request, model)
details = await siw_method(m, app=request.app)
company_id = request['company_id']
user_id, status = await request['conn'].fetchrow_b(
CREATE_USER_SQL,
values=Values(
company=company_id,
role='guest',
email=details['email'].lower(),
first_name=details.get('first_name'),
last_name=details.get('last_name'),
))
if status == 'suspended':
raise JsonErrors.HTTPBadRequest(message='user suspended')
session = await new_session(request)
session.update({
'user_id': user_id,
'user_role': 'guest',
'last_active': int(time())
})
await record_action(request, user_id, ActionTypes.guest_signin)
json_str = await request['conn'].fetchval(GET_USER_SQL, company_id,
user_id)
return raw_json_response(json_str)
async def user_tickets(request):
user_id = int(request.match_info['pk'])
if request['session']['role'] != 'admin' and user_id != request['session']['user_id']:
raise JsonErrors.HTTPForbidden(message='wrong user')
json_str = await request['conn'].fetchval(user_tickets_sql, user_id)
return raw_json_response(json_str)
async def category_public(request):
conn: BuildPgConnection = request['conn']
company_id = request['company_id']
category_slug = request.match_info['category']
json_str = await conn.fetchval(CATEGORY_PUBLIC_SQL, company_id, category_slug)
if not json_str:
raise JsonErrors.HTTPNotFound(message='category not found')
return raw_json_response(json_str)
async def user_actions(request):
json_str = await request['conn'].fetchval(
user_actions_sql,
int(request.match_info['pk']),
request['company_id'],
get_offset(request),
)
return raw_json_response(json_str)
async def event_public(request):
conn: BuildPgConnection = request['conn']
company_id = request['company_id']
category_slug = request.match_info['category']
event_slug = request.match_info['event']
json_str = await conn.fetchval(event_sql, company_id, category_slug, event_slug)
if not json_str:
raise JsonErrors.HTTPNotFound(message='event not found')
return raw_json_response(json_str)
async def event_tickets(request):
event_id = int(request.match_info['id'])
if request['session']['user_role'] == 'host':
host_id = await request['conn'].fetchval('SELECT host FROM events WHERE id=$1', event_id)
if host_id != request['session']['user_id']:
raise JsonErrors.HTTPForbidden(message='use is not the host of this event')
json_str = await request['conn'].fetchval(event_ticket_sql, event_id, request['company_id'])
return raw_json_response(json_str)
async def browse(self) -> web.Response:
json_str = await self.conn.fetchval_b(
self.browse_sql,
items_query=await self.browse_items_query(),
count_query=await self.browse_count_query(),
pagination=Var(str(self.browse_limit_value)),
print_=self.print_queries,
)
return raw_json_response(json_str)
async def host_signup(request):
signin_method = request.match_info['site']
model, siw_method = SIGNUP_MODELS[signin_method]
m: GrecaptchaModel = await parse_request(request, model)
await check_grecaptcha(m, get_ip(request), app=request.app)
details = await siw_method(m, app=request.app)
company_id = request['company_id']
conn = request['conn']
r = await conn.fetchrow(
'SELECT role, status FROM users WHERE email=$1 AND company=$2',
details['email'], company_id)
existing_role = None
if r:
existing_role, status = r
if existing_role != 'guest':
raise JsonErrors.HTTP470(status='existing-user')
if status == 'suspended':
raise JsonErrors.HTTP470(message='user suspended')
user_id = await request['conn'].fetchval_b(
"""
INSERT INTO users (:values__names) VALUES :values
ON CONFLICT (company, email) DO UPDATE SET role=EXCLUDED.role
RETURNING id
""",
values=Values(
company=company_id,
role='host',
status='active'
if signin_method in {'facebook', 'google'} else 'pending',
email=details['email'].lower(),
first_name=details.get('first_name'),
last_name=details.get('last_name'),
))
session = await new_session(request)
session.update({
'user_id': user_id,
'user_role': 'host',
'last_active': int(time())
})
await record_action(request,
user_id,
ActionTypes.host_signup,
existing_user=bool(existing_role),
signin_method=signin_method)
await request.app['email_actor'].send_account_created(user_id)
json_str = await request['conn'].fetchval(GET_USER_SQL, company_id,
user_id)
return raw_json_response(json_str)
async def opt_donations(request):
donation_opt_id = int(request.match_info['pk'])
json_str = await request['conn'].fetchval(donations_sql, donation_opt_id, request['company_id'])
return raw_json_response(json_str)
async def donation_options(request):
company_id = request['company_id']
json_str = await request['conn'].fetchval(donation_options_sql, company_id, int(request.match_info['cat_id']))
return raw_json_response(json_str)
async def _fetchval_response(self, sql, **kwargs):
json_str = await self.conn.fetchval_b(sql, **kwargs)
if not json_str:
raise JsonErrors.HTTPNotFound(
message=f'{self.meta["single_title"]} not found')
return raw_json_response(json_str)
async def index(request):
company_id = request['company_id']
user_id = request['session'].get('user_id', None)
json_str = await request['conn'].fetchval(company_sql, company_id, user_id)
return raw_json_response(json_str)
async def event_updates_sent(request):
event_id = await _check_event_permissions(request)
json_str = await request['conn'].fetchval(event_updates_sent_sql, event_id)
return raw_json_response(json_str)
async def event_get(request):
event_id = await check_event_sig(request)
user_id = request['session'].get('user_id', 0)
json_str = await request['conn'].fetchval(event_info_sql, event_id,
user_id)
return raw_json_response(json_str)
async def donating_info(request):
event_id = await check_event_sig(request)
json_str = await request['conn'].fetchval(get_donation_ticket_types,
event_id)
return raw_json_response(json_str)
async def event_get(request):
event_id = await check_event_sig(request)
json_str = await request['conn'].fetchval(event_info_sql, event_id)
return raw_json_response(json_str)
async def event_categories(request):
conn: BuildPgConnection = request['conn']
json_str = await conn.fetchval(category_sql, request['company_id'])
return raw_json_response(json_str)
async def category_public(request):
company_id = request['company_id']
category_slug = request.match_info['category']
json_str = await request['conn'].fetchval(category_public_sql, company_id,
category_slug)
return raw_json_response(json_str)
async def index(request):
company_id = request['company_id']
user_id = request['session'].get('user_id', None)
# TODO could cache this in redis as it's called A LOT
json_str = await request['conn'].fetchval(company_sql, company_id, user_id)
return raw_json_response(json_str)
