def query(self, view_kwargs): """ query method for SessionList class :param view_kwargs: :return: """ query_ = self.session.query(Session) if view_kwargs.get('track_id') is not None: track = safe_query(self, Track, 'id', view_kwargs['track_id'], 'track_id') query_ = query_.join(Track).filter(Track.id == track.id) if view_kwargs.get('session_type_id') is not None: session_type = safe_query(self, SessionType, 'id', view_kwargs['session_type_id'], 'session_type_id') query_ = query_.join(SessionType).filter(SessionType.id == session_type.id) if view_kwargs.get('microlocation_id') is not None: microlocation = safe_query(self, Microlocation, 'id', view_kwargs['microlocation_id'], 'microlocation_id') query_ = query_.join(Microlocation).filter(Microlocation.id == microlocation.id) if view_kwargs.get('user_id') is not None: user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('speaker_id'): speaker = safe_query(self, Speaker, 'id', view_kwargs['speaker_id'], 'speaker_id') # session-speaker :: many-to-many relationship query_ = Session.query.filter(Session.speakers.any(id=speaker.id)) return query_
def query(self, view_kwargs): """ query method for Attendees List :param view_kwargs: :return: """ query_ = self.session.query(TicketHolder) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') if not has_access('is_registrar', event_id=order.event_id) and not has_access('is_user_itself', user_id=order.user_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Order).filter(Order.id == order.id) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') if not has_access('is_registrar', event_id=ticket.event_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Ticket).filter(Ticket.id == ticket.id) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User, User.email == TicketHolder.email).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs, permission='is_registrar') return query_
def query(self, view_kwargs): """ query method for Discount Code List :param view_kwargs: :return: """ query_ = self.session.query(DiscountCode) # user can only access his/her discount codes. if view_kwargs.get('user_id'): if has_access('is_user_itself', user_id=view_kwargs['user_id']): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) else: raise ForbiddenException({'source': ''}, 'You are not authorized') if view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') view_kwargs['event_id'] = event.id # event co-organizer access required for discount codes under an event. if view_kwargs.get('event_id'): if has_access('is_coorganizer', event_id=view_kwargs['event_id']): self.schema = DiscountCodeSchemaTicket query_ = query_.filter_by(event_id=view_kwargs['event_id']) else: raise ForbiddenException({'source': ''}, 'Event organizer access required') # discount_code - ticket :: many-to-many relationship if view_kwargs.get('ticket_id') and has_access('is_coorganizer'): self.schema = DiscountCodeSchemaTicket ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') query_ = query_.filter(DiscountCode.tickets.any(id=ticket.id)) return query_
def before_get(self, args, kwargs): if kwargs.get('event_identifier'): event = safe_query(db, Event, 'identifier', kwargs['event_identifier'], 'event_identifier') kwargs['event_id'] = event.id if kwargs.get('event_id') and has_access('is_admin'): event = safe_query(db, Event, 'id', kwargs['event_id'], 'event_id') if event.discount_code_id: kwargs['id'] = event.discount_code_id else: kwargs['id'] = None if kwargs.get('id'): discount = db.session.query(DiscountCode).filter_by(id=kwargs.get('id')).one() if not discount: raise ObjectNotFound({'parameter': '{id}'}, "DiscountCode: not found") if discount.used_for == 'ticket' and has_access('is_coorganizer', event_id=discount.event_id): self.schema = DiscountCodeSchemaTicket elif discount.used_for == 'event' and has_access('is_admin'): self.schema = DiscountCodeSchemaEvent else: raise UnprocessableEntity({'source': ''}, "Please verify your permission") elif not kwargs.get('id') and not has_access('is_admin'): raise UnprocessableEntity({'source': ''}, "Please verify your permission. You must be admin to view event\ discount code details")
def before_get(self, args, kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if kwargs.get('order_identifier'): order = safe_query(db, Order, 'identifier', kwargs['order_identifier'], 'order_identifier') kwargs['id'] = order.id elif kwargs.get('id'): order = safe_query(db, Order, 'id', kwargs['id'], 'id') if not has_access('is_coorganizer', event_id=order.event_id, user_id=order.user_id): return ForbiddenException({'source': ''}, 'You can only access your orders or your event\'s orders')
def before_get_object(self, view_kwargs): """ method to get id of stripe authorization related to an event :param view_kwargs: :return: """ if view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') view_kwargs['event_id'] = event.id if view_kwargs.get('event_id'): stripe_authorization = \ safe_query(self, StripeAuthorization, 'event_id', view_kwargs['event_id'], 'event_id') view_kwargs['id'] = stripe_authorization.id
def before_get_object(self, view_kwargs): """ before get method for Discount Code detail :param view_kwargs: :return: """ if view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') view_kwargs['event_id'] = event.id if view_kwargs.get('event_id') and has_access('is_admin'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') if event.discount_code_id: view_kwargs['id'] = event.discount_code_id else: view_kwargs['id'] = None if view_kwargs.get('event_invoice_id') and has_access('is_admin'): event_invoice = safe_query(self, EventInvoice, 'id', view_kwargs['event_invoice_id'], 'event_invoice_id') if event_invoice.discount_code_id: view_kwargs['id'] = event_invoice.discount_code_id else: view_kwargs['id'] = None if view_kwargs.get('id'): try: discount = self.session.query( DiscountCode).filter_by(id=view_kwargs.get('id')).one() except NoResultFound: raise ObjectNotFound( {'parameter': '{id}'}, "DiscountCode: not found") if 'code' in view_kwargs: # usage via discount code is public self.schema = DiscountCodeSchemaPublic return if discount.used_for == 'ticket' and has_access('is_coorganizer', event_id=discount.event_id): self.schema = DiscountCodeSchemaTicket elif discount.used_for == 'event' and has_access('is_admin'): self.schema = DiscountCodeSchemaEvent else: raise UnprocessableEntity({'source': ''}, "Please verify your permission") elif not view_kwargs.get('id') and not has_access('is_admin'): raise UnprocessableEntity({'source': ''}, "Please verify your permission. You must be admin to view event\ discount code details")
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') view_kwargs['id'] = event.id view_kwargs['event_id'] = event.id if view_kwargs.get('event_id'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') view_kwargs['id'] = event.id view_kwargs['event_id'] = event.id
def before_get_object(self, view_kwargs): """ before get method :param view_kwargs: :return: """ event = None if view_kwargs.get('event_id'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') elif view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') if event: feedback = safe_query(self, Feedback, 'event_id', event.id, 'event_id') view_kwargs['id'] = feedback.id
def query(self, view_kwargs): """ query method for event invoice list :param view_kwargs: :return: """ query_ = self.session.query(EventInvoice) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('discount_code_id'): discount_code = safe_query(self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id') query_ = query_.join(DiscountCode).filter(DiscountCode.id == discount_code.id) return query_
def before_get_object(self, view_kwargs): """ before get method to get the copyright id to fetch details :param view_kwargs: :return: """ event = None if view_kwargs.get('event_id'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') elif view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') if event: event_copyright = safe_query(self, EventCopyright, 'event_id', event.id, 'event_id') view_kwargs['id'] = event_copyright.id
def before_get_object(self, view_kwargs): """ before get method :param view_kwargs: :return: """ event = None if view_kwargs.get('event_id'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') elif view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') if event: custom_form = safe_query(self, CustomForms, 'event_id', event.id, 'event_id') view_kwargs['id'] = custom_form.id
def before_get_object(self, view_kwargs): """ before get object method to get custom placeholder id for detail :param view_kwargs: :return: """ event_sub_topic = None if view_kwargs.get('event_sub_topic_id'): event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'], 'event_sub_topic_id') if event_sub_topic: custom_placeholder = safe_query(self, CustomPlaceholder, 'event_sub_topic_id', event_sub_topic.id, 'event_sub_topic_id') view_kwargs['id'] = custom_placeholder.id
def test_safe_query(self): with app.test_request_context(): event = EventFactoryBasic() db.session.add(event) db.session.commit() obj = safe_query(db, Event, 'id', event.id, 'event_id') self.assertEqual(obj.name, event.name)
def export_pentabarf_task(self, event_id, temp=True): event = safe_query(db, Event, 'id', event_id, 'event_id') try: if temp: filedir = os.path.join(current_app.config.get('BASE_DIR'), 'static/uploads/temp/' + event_id + '/') else: filedir = os.path.join(current_app.config.get('BASE_DIR'), 'static/uploads/' + event_id + '/') if not os.path.isdir(filedir): os.makedirs(filedir) filename = "pentabarf.xml" file_path = os.path.join(filedir, filename) with open(file_path, "w") as temp_file: temp_file.write(str(PentabarfExporter.export(event_id), 'utf-8')) pentabarf_file = UploadedFile(file_path=file_path, filename=filename) if temp: pentabarf_url = upload(pentabarf_file, UPLOAD_PATHS['exports-temp']['pentabarf'].format(event_id=event_id)) else: pentabarf_url = upload(pentabarf_file, UPLOAD_PATHS['exports']['pentabarf'].format(event_id=event_id)) result = { 'download_url': pentabarf_url } if not temp: event.pentabarf_url = pentabarf_url save_to_db(event) except Exception as e: print(traceback.format_exc()) result = {'__error': True, 'result': str(e)} return result
def before_update_object(self, obj, data, kwargs): """ before update object method for attendee detail :param obj: :param data: :param kwargs: :return: """ if not has_access('is_registrar', event_id=obj.event_id): raise ForbiddenException({'source': 'User'}, 'You are not authorized to access this.') if 'device_name_checkin' in data: if 'checkin_times' not in data or data['checkin_times'] is None: raise UnprocessableEntity( {'pointer': '/data/attributes/device_name_checkin'}, "Check in Times missing" ) if 'is_checked_in' in data and data['is_checked_in']: if 'checkin_times' not in data or data['checkin_times'] is None: raise UnprocessableEntity({'pointer': '/data/attributes/checkin_times'}, "Check in time missing while trying to check in attendee") else: if obj.checkin_times and data['checkin_times'] not in obj.checkin_times.split(","): data['checkin_times'] = '{},{}'.format(obj.checkin_times, data['checkin_times']) elif obj.checkin_times and data['checkin_times'] in obj.checkin_times.split(","): raise UnprocessableEntity( {'pointer': '/data/attributes/checkin_times'}, "Check in time already present" ) if 'device_name_checkin' in data and data['device_name_checkin'] is not None: if obj.device_name_checkin is not None: data['device_name_checkin'] = '{},{}'.format(obj.device_name_checkin, data['device_name_checkin']) if len(data['checkin_times'].split(",")) != len(data['device_name_checkin'].split(",")): raise UnprocessableEntity( {'pointer': '/data/attributes/device_name_checkin'}, "Check in Time missing for the corresponding device name" ) else: if obj.device_name_checkin is not None: data['device_name_checkin'] = '{},{}'.format(obj.device_name_checkin, '-') else: data['device_name_checkin'] = '-' if 'is_checked_out' in data and data['is_checked_out']: attendee = safe_query(db, TicketHolder, 'id', kwargs['id'], 'attendee_id') if not attendee.is_checked_out: checkout_times = obj.checkout_times.split(',') if obj.checkout_times else [] checkout_times.append(str(datetime.utcnow())) data['checkout_times'] = ','.join(checkout_times) if 'attendee_notes' in data: if obj.attendee_notes and data['attendee_notes'] not in obj.attendee_notes.split(","): data['attendee_notes'] = '{},{}'.format(obj.attendee_notes, data['attendee_notes'])
def before_get_object(self, view_kwargs): """ before get object method for attendee detail :param view_kwargs: :return: """ attendee = safe_query(self, TicketHolder, 'id', view_kwargs['id'], 'attendee_id') if not has_access('is_registrar_or_user_itself', user_id=current_identity.id, event_id=attendee.event_id): raise ForbiddenException({'source': 'User'}, 'You are not authorized to access this.')
def send_event_fee_notification(): from app import current_app as app with app.app_context(): events = Event.query.all() for event in events: latest_invoice = EventInvoice.query.filter_by( event_id=event.id).order_by(EventInvoice.created_at.desc()).first() if latest_invoice: orders = Order.query \ .filter_by(event_id=event.id) \ .filter_by(status='completed') \ .filter(Order.completed_at > latest_invoice.created_at).all() else: orders = Order.query.filter_by( event_id=event.id).filter_by(status='completed').all() fee_total = 0 for order in orders: for order_ticket in order.tickets: ticket = safe_query(db, Ticket, 'id', order_ticket.ticket_id, 'ticket_id') if order.paid_via != 'free' and order.amount > 0 and ticket.price > 0: fee = ticket.price * (get_fee(order.event.payment_currency) / 100.0) fee_total += fee if fee_total > 0: organizer = get_user_event_roles_by_role_name(event.id, 'organizer').first() new_invoice = EventInvoice( amount=fee_total, event_id=event.id, user_id=organizer.user.id) if event.discount_code_id and event.discount_code: r = relativedelta(datetime.utcnow(), event.created_at) if r <= event.discount_code.valid_till: new_invoice.amount = fee_total - \ (fee_total * (event.discount_code.value / 100.0)) new_invoice.discount_code_id = event.discount_code_id save_to_db(new_invoice) prev_month = monthdelta(new_invoice.created_at, 1).strftime( "%b %Y") # Displayed as Aug 2016 app_name = get_settings()['app_name'] frontend_url = get_settings()['frontend_url'] link = '{}/invoices/{}'.format(frontend_url, new_invoice.identifier) send_email_for_monthly_fee_payment(new_invoice.user.email, event.name, prev_month, new_invoice.amount, app_name, link) send_notif_monthly_fee_payment(new_invoice.user, event.name, prev_month, new_invoice.amount, app_name, link, new_invoice.event_id)
def before_create_object(self, data, view_kwargs): """ method to create object before post :param data: :param view_kwargs: :return: """ if view_kwargs.get('user_id') is not None: user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') data['user_id'] = user.id
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('notification_action_id'): notification_action = safe_query(self, NotificationAction, 'id', view_kwargs['notification_action_id'], 'notification_action_id') view_kwargs['id'] = notification_action.notification_id
def query(self, view_kwargs): """ query method for Notifications list :param view_kwargs: :return: """ query_ = self.session.query(UserEmail) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) return query_
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('attendee_id'): attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id') view_kwargs['id'] = attendee.order.id if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') view_kwargs['id'] = order.id elif view_kwargs.get('id'): order = safe_query(self, Order, 'id', view_kwargs['id'], 'id') if not has_access('is_coorganizer_or_user_itself', event_id=order.event_id, user_id=order.user_id): return ForbiddenException({'source': ''}, 'You can only access your orders or your event\'s orders') # expire the initializing order if time limit is over. set_expiry_for_order(order)
def before_create_object(self, data, view_kwargs): """ method to create object before post :param data: :param view_kwargs: :return: """ if view_kwargs.get('event_sub_topic_id'): event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'], 'event_sub_topic_id') data['event_sub_topic_id'] = event_sub_topic.id
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('attendee_id'): attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id') view_kwargs['id'] = attendee.order.id if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') view_kwargs['id'] = order.id elif view_kwargs.get('id'): order = safe_query(self, Order, 'id', view_kwargs['id'], 'id') if not has_access('is_coorganizer_or_user_itself', event_id=order.event_id, user_id=order.user_id): return ForbiddenException({'source': ''}, 'You can only access your orders or your event\'s orders') # expire the pending order if time limit is over. set_expiry_for_order(order)
def before_create_object(self, data, view_kwargs): """ method to create object before post :param data: :param view_kwargs: :return: """ if view_kwargs.get('user_id') is not None: user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') data['user_id'] = user.id
def query(self, view_kwargs): """ query method for Notifications list :param view_kwargs: :return: """ query_ = self.session.query(UserEmail) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) return query_
def calculate_amount(): data = request.get_json() tickets = data['tickets'] discount_code = None if 'discount-code' in data: discount_code_id = data['discount-code'] discount_code = safe_query(db, DiscountCode, 'id', discount_code_id, 'id') if not TicketingManager.match_discount_quantity(discount_code, tickets, None): return UnprocessableEntityError({'source': 'discount-code'}, 'Discount Usage Exceeded').respond() return jsonify(calculate_order_amount(tickets, discount_code))
def before_get_object(self, view_kwargs): """ before get method for news object :param view_kwargs: :return: """ if view_kwargs.get('newscomment_id') is not None: newscomment = safe_query(self, NewsComment, 'id', view_kwargs['newscomment_id'], 'newscomment_id') view_kwargs['id'] = newscomment.news_id
def query(self, view_kwargs): """ query method for Discount Code List :param view_kwargs: :return: """ query_ = self.session.query(DiscountCode) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') view_kwargs['event_id'] = event.id if view_kwargs.get('event_id') and has_access('is_coorganizer', event_id=view_kwargs['event_id']): self.schema = DiscountCodeSchemaTicket query_ = query_.filter_by(event_id=view_kwargs['event_id']) return query_
def before_get_object(self, view_kwargs): """ before get method for user object :param view_kwargs: :return: """ if view_kwargs.get('move_comment_id') is not None: move_comment = safe_query(self, MoveComment, 'id', view_kwargs['move_comment_id'], 'move_comment_id') view_kwargs['id'] = move_comment.move_id
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('event_identifier'): event = safe_query( Event, 'identifier', view_kwargs['event_identifier'], 'identifier' ) view_kwargs['event_id'] = event.id
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('role_invite_id') is not None: role_invite = safe_query(self, RoleInvite, 'id', view_kwargs['role_invite_id'], 'role_invite_id') if role_invite.role_id is not None: view_kwargs['id'] = role_invite.role_id else: view_kwargs['id'] = None if view_kwargs.get('users_events_role_id') is not None: users_events_role = safe_query(self, UsersEventsRoles, 'id', view_kwargs['users_events_role_id'], 'users_events_role_id') if users_events_role.role_id is not None: view_kwargs['id'] = users_events_role.role_id else: view_kwargs['id'] = None
def query(self, view_kwargs): """ query method for SessionList class :param view_kwargs: :return: """ query_ = self.session.query(Session) if view_kwargs.get('track_id') is not None: track = safe_query(self, Track, 'id', view_kwargs['track_id'], 'track_id') query_ = query_.join(Track).filter(Track.id == track.id) if view_kwargs.get('session_type_id') is not None: session_type = safe_query(self, SessionType, 'id', view_kwargs['session_type_id'], 'session_type_id') query_ = query_.join(SessionType).filter( SessionType.id == session_type.id) if view_kwargs.get('microlocation_id') is not None: microlocation = safe_query( self, Microlocation, 'id', view_kwargs['microlocation_id'], 'microlocation_id', ) query_ = query_.join(Microlocation).filter( Microlocation.id == microlocation.id) if view_kwargs.get('user_id') is not None: user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = (query_.join(User).join(Speaker).filter( (User.id == user.id or Session.speakers.any(Speaker.user_id == user.id)))) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('speaker_id'): speaker = safe_query(self, Speaker, 'id', view_kwargs['speaker_id'], 'speaker_id') # session-speaker :: many-to-many relationship query_ = Session.query.filter(Session.speakers.any(id=speaker.id)) return query_
def event_query( self, query_, view_kwargs, event_id='event_id', event_identifier='event_identifier', permission='is_coorganizer_endpoint_related_to_event', ): """ Queries the event according to 'event_id' and 'event_identifier' and joins for the query For draft events, if the user is not logged in or does not have required permissions, a 404 is raised :param self: :param event_id: String representing event_id in the view_kwargs :param event_identifier: String representing event_identifier in the view_kwargs :param query_: Query object :param view_kwargs: view_kwargs from the API :param permission: the name of the permission to be applied as a string. Default: is_coorganizer :return: """ if view_kwargs.get(event_id): event = safe_query(self, Event, 'id', view_kwargs[event_id], event_id) if event.state != 'published' and ( 'Authorization' not in request.headers or not has_access(permission, event_id=event.id)): raise ObjectNotFound( {'parameter': event_id}, "Event: {} not found".format(view_kwargs[event_id]), ) query_ = query_.join(Event).filter(Event.id == event.id) elif view_kwargs.get(event_identifier): event = safe_query(self, Event, 'identifier', view_kwargs[event_identifier], event_identifier) if event.state != 'published' and ( 'Authorization' not in request.headers or not has_access(permission, event_id=event.id)): raise ObjectNotFound( {'parameter': event_identifier}, "Event: {} not found".format(view_kwargs[event_identifier]), ) query_ = query_.join(Event).filter(Event.id == event.id) return query_
def before_get_object(self, view_kwargs): """ before get method for user object :param view_kwargs: :return: """ if view_kwargs.get('role_id') is not None: panel_perm = safe_query(self, PanelPermission, 'id', view_kwargs['role_id'], 'role_id') if panel_perm.role_id is not None: view_kwargs['id'] = panel_perm.role_id else: view_kwargs['id'] = None
def before_get_object(self, view_kwargs): """ before get object method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('attendee_id') is not None: attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id') if attendee.ticket_id is not None: view_kwargs['id'] = attendee.ticket_id else: view_kwargs['id'] = None
def query(self, view_kwargs): """ query method for speakers list class :param view_kwargs: :return: """ query_ = db.session.query(Process) if view_kwargs.get('header_id'): header = safe_query(self, Header, 'id', view_kwargs['process_id'], 'process_id') query_ = query_.join(Header).filter(Header.id == header.id)
def before_create_object(self, data, view_kwargs): """ method to create object before post :param data: :param view_kwargs: :return: """ if view_kwargs.get('event_sub_topic_id'): event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'], 'event_sub_topic_id') data['event_sub_topic_id'] = event_sub_topic.id
def query(self, view_kwargs): """ method to query Ticket tags based on different params :param view_kwargs: :return: """ query_ = self.session.query(TicketTag) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') query_ = query_.join(ticket_tags_table).filter_by(ticket_id=ticket.id) query_ = event_query(self, query_, view_kwargs) return query_
def before_marshmallow(self, args, kwargs): if current_identity: # Is admin? if has_access('is_admin', user_id=current_identity.id): self.schema = GeokretSchema # Is GeoKret owner? if kwargs.get('id') is not None: geokret = safe_query(self, Geokret, 'id', kwargs['id'], 'geokret_owned_id') if geokret.owner_id == current_identity.id: self.schema = GeokretSchema
def before_get_object(self, view_kwargs): """ before get method :param view_kwargs: :return: """ event = None if view_kwargs.get('event_id'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') elif view_kwargs.get('event_identifier'): event = safe_query( self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier', ) if event: custom_form = safe_query(self, CustomForms, 'event_id', event.id, 'event_id') view_kwargs['id'] = custom_form.id
def before_get_object(self, view_kwargs): """ before get method to get the tax id to fetch details :param view_kwargs: :return: """ event = None if view_kwargs.get('event_id'): event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id') elif view_kwargs.get('event_identifier'): event = safe_query( self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier', ) if event: tax = safe_query(self, Tax, 'event_id', event.id, 'event_id') view_kwargs['id'] = tax.id
def verify_mobile_paypal_payment(order_identifier): """ Verify paypal payment made on mobile client :return: The status of order verification """ try: payment_id = request.json['data']['attributes']['payment-id'] except TypeError: raise BadRequestError({'source': ''}, 'Bad Request Error') order = safe_query(Order, 'identifier', order_identifier, 'identifier') status, error = PayPalPaymentsManager.verify_payment(payment_id, order) return jsonify(status=status, error=error)
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Microlocation) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('session_id'): session = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id') query_ = query_.join(Session).filter(Session.id == session.id) return query_
def query(self, view_kwargs): """ query method for speakers list class :param view_kwargs: :return: """ query_ = db.session.query(Header) if view_kwargs.get('process_id'): process = safe_query(self, Process, 'id', view_kwargs['process_id'], 'process_id') query_ = query_.join(Process).filter(Process.id == process.id)
def resize_event_images_task(self, event_id, original_image_url): event = safe_query(db, Event, 'id', event_id, 'event_id') try: logging.info('Event image resizing tasks started {}'.format(original_image_url)) uploaded_images = create_save_image_sizes(original_image_url, 'event-image', event.id) event.large_image_url = uploaded_images['large_image_url'] event.thumbnail_image_url = uploaded_images['thumbnail_image_url'] event.icon_image_url = uploaded_images['icon_image_url'] save_to_db(event) logging.info('Resized images saved successfully for event with id: {}'.format(event_id)) except (urllib.error.HTTPError, urllib.error.URLError): logging.exception('Error encountered while generating resized images for event with id: {}'.format(event_id))
def before_get_object(self, view_kwargs): """ before get method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('session_id') is not None: sessions = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id') if sessions.event_id is not None: view_kwargs['id'] = sessions.event_id else: view_kwargs['id'] = None
def resize_speaker_images_task(self, speaker_id, photo_url): speaker = safe_query(db, Speaker, 'id', speaker_id, 'speaker_id') try: logging.info('Speaker image resizing tasks started for speaker with id {}'.format(speaker_id)) uploaded_images = create_save_image_sizes(photo_url, 'speaker-image', speaker_id) speaker.small_image_url = uploaded_images['small_image_url'] speaker.thumbnail_image_url = uploaded_images['thumbnail_image_url'] speaker.icon_image_url = uploaded_images['icon_image_url'] save_to_db(speaker) logging.info('Resized images saved successfully for speaker with id: {}'.format(speaker_id)) except (urllib.error.HTTPError, urllib.error.URLError): logging.exception('Error encountered while generating resized images for event with id: {}'.format(speaker_id))
def query(self, view_kwargs): """ query method for custom placeholders list :param view_kwargs: :return: """ query_ = self.session.query(CustomPlaceholder) if view_kwargs.get('event_sub_topic_id'): event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'], 'event_sub_topic_id') query_ = query_.join(EventSubTopic).filter(EventSubTopic.id == event_sub_topic.id) return query_
def query(self, view_kwargs): """ query method for Panel Permission List :param view_kwargs: :return: """ query_ = self.session.query(CustomSysRole) if view_kwargs.get('panel_id'): panel = safe_query(self, PanelPermission, 'id', view_kwargs['panel_id'], 'panel_id') query_ = CustomSysRole.query.filter(CustomSysRole.panel_permissions.any(id=panel.id)) return query_
def before_get_object(self, view_kwargs): """ before get object method to get the resource id for fetching details :param view_kwargs: :return: """ if view_kwargs.get('attendee_id') is not None: attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id') if attendee.ticket_id is not None: view_kwargs['id'] = attendee.ticket_id else: view_kwargs['id'] = None
def test_field_daily_mails_is_boolean(self, value, expected_code, expected=False): response = UserPayload().blend()\ .set_daily_mails(value)\ .post(code=expected_code) if expected_code == 422: response.assertRaiseJsonApiError('/data/attributes/daily-mails') else: user = safe_query(self, User, 'id', response.id, 'id') self.assertEqual(user.daily_mails, expected)
def query(self, view_kwargs): """ query method for Discount Code List :param view_kwargs: :return: """ query_ = self.session.query(DiscountCode) # user can only access his/her discount codes. if view_kwargs.get('user_id'): if has_access('is_user_itself', user_id=view_kwargs['user_id']): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) else: raise ForbiddenException({'source': ''}, 'You are not authorized') if view_kwargs.get('event_identifier'): event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier') view_kwargs['event_id'] = event.id # event co-organizer access required for discount codes under an event. if view_kwargs.get('event_id'): if has_access('is_coorganizer', event_id=view_kwargs['event_id']): self.schema = DiscountCodeSchemaTicket query_ = query_.filter_by(event_id=view_kwargs['event_id']) else: raise ForbiddenException({'source': ''}, 'Event organizer access required') # discount_code - ticket :: many-to-many relationship if view_kwargs.get('ticket_id') and has_access('is_coorganizer'): self.schema = DiscountCodeSchemaTicket ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') query_ = query_.filter(DiscountCode.tickets.any(id=ticket.id)) return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ if 'Authorization' in request.headers: verify_jwt_in_request() if current_user.is_super_admin or current_user.is_admin: query_ = self.session.query(Ticket) elif view_kwargs.get('event_id') and has_access('is_organizer', event_id=view_kwargs['event_id']): query_ = self.session.query(Ticket) else: query_ = self.session.query(Ticket).filter_by(is_hidden=False) else: query_ = self.session.query(Ticket).filter_by(is_hidden=False) if view_kwargs.get('ticket_tag_id'): ticket_tag = safe_query(self, TicketTag, 'id', view_kwargs['ticket_tag_id'], 'ticket_tag_id') query_ = query_.join(ticket_tags_table).filter_by(ticket_tag_id=ticket_tag.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('access_code_id'): access_code = safe_query(self, AccessCode, 'id', view_kwargs['access_code_id'], 'access_code_id') # access_code - ticket :: many-to-many relationship query_ = Ticket.query.filter(Ticket.access_codes.any(id=access_code.id)) if view_kwargs.get('discount_code_id'): discount_code = safe_query(self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id') # discount_code - ticket :: many-to-many relationship query_ = Ticket.query.filter(Ticket.discount_codes.any(id=discount_code.id)) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') ticket_ids = [] for ticket in order.tickets: ticket_ids.append(ticket.id) query_ = query_.filter(Ticket.id.in_(tuple(ticket_ids))) return query_
def query(self, view_kwargs): """ query method for Attendees List :param view_kwargs: :return: """ query_ = self.session.query(TicketHolder) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') if not has_access('is_registrar', event_id=order.event_id) or not has_access( 'is_user_itself', id=order.user_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Order).filter(Order.id == order.id) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') if not has_access('is_registrar', event_id=ticket.event_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Ticket).filter(Ticket.id == ticket.id) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join( User, User.email == TicketHolder.email).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs, permission='is_registrar') return query_
def query(self, view_kwargs): """ query method for speakers list class :param view_kwargs: :return: """ query_ = self.session.query(Speaker) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('session_id'): session = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id') # session-speaker :: many-to-many relationship query_ = Speaker.query.filter(Speaker.sessions.any(id=session.id)) if 'Authorization' in request.headers and not has_access('is_coorganizer', event_id=session.event_id): if not has_access('is_session_self_submitted', session_id=session.id): query_ = query_.filter(Session.state == "approved" or Session.state == "accepted") return query_