def post(self): args = self.req_parser.parse_args() registration_id = args['registration_id'] user_id = g.current_user['id'] try: current_user = UserRepository.get_by_id(user_id) registration, offer = RegistrationRepository.get_by_id_with_offer( registration_id) if not current_user.is_registration_admin(offer.event_id): return errors.FORBIDDEN registration.confirm() registration_user = UserRepository.get_by_id(offer.user_id) registration_event = EventRepository.get_by_id(offer.event_id) if _send_registration_confirmation_mail(registration_user, registration_event): registration.confirmation_email_sent_at = datetime.now() db.session.commit() return 'Confirmed Registration for {} {}'.format( registration_user.firstname, registration_user.lastname), 200 except Exception as e: LOGGER.error( 'Error occured while confirming registration with id {}: {}'. format(registration_id, e)) return errors.DB_NOT_AVAILABLE
def delete(self): args = self.req_parser.parse_args() event_id = args['event_id'] user_id = args['user_id'] registration_user_id = g.current_user['id'] registration_user = user_repository.get_by_id(registration_user_id) if not registration_user.is_registration_volunteer(event_id): return FORBIDDEN event = event_repository.get_by_id(event_id) if event is None: return EVENT_NOT_FOUND user = user_repository.get_by_id(user_id) if user is None: return USER_NOT_FOUND attendance = attendance_repository.get(event_id, user_id) if attendance is None: return ATTENDANCE_NOT_FOUND attendance_repository.delete(attendance) return 200
def post(self): args = self.post_req_parser.parse_args() user_id = g.current_user['id'] is_submitted = args['is_submitted'] application_form_id = args['application_form_id'] language = args['language'] if len(language) != 2: language = 'en' # Fallback to English if language doesn't look like an ISO 639-1 code application_form = application_form_repository.get_by_id( application_form_id) if application_form is None: return errors.FORM_NOT_FOUND_BY_ID user = user_repository.get_by_id(user_id) responses = response_repository.get_all_for_user_application( user_id, application_form_id) if not application_form.nominations and len(responses) > 0: return errors.RESPONSE_ALREADY_SUBMITTED response = Response(application_form_id, user_id, language) if is_submitted: response.submit() response_repository.save(response) answers = [] for answer_args in args['answers']: answer = Answer(response.id, answer_args['question_id'], answer_args['value']) answers.append(answer) response_repository.save_answers(answers) try: if response.is_submitted: LOGGER.info( 'Sending confirmation email for response with ID : {id}'. format(id=response.id)) user = user_repository.get_by_id(user_id) response = response_repository.get_by_id_and_user_id( response.id, user_id) self.send_confirmation(user, response) except: LOGGER.warn( 'Failed to send confirmation email for response with ID : {id}, but the response was submitted succesfully' .format(id=response.id)) finally: return response, 201
def _get_registrations(event_id, user_id, confirmed, exclude_already_signed_in=False): try: current_user = UserRepository.get_by_id(user_id) if not current_user.is_registration_volunteer(event_id): return errors.FORBIDDEN if(exclude_already_signed_in == True): registrations = RegistrationRepository.get_unsigned_in_attendees( event_id, confirmed=confirmed) guest_registration = GuestRegistrationRepository.get_all_unsigned_guests( event_id) else: if confirmed is None: registrations = RegistrationRepository.get_all_for_event( event_id) else: registrations = RegistrationRepository.get_confirmed_for_event( event_id, confirmed=confirmed) guest_registration = GuestRegistrationRepository.get_all_guests( event_id) registrations = [map_registration_info(info) for info in registrations] guest_registrations = [map_registration_info_guests( info) for info in guest_registration] all_registrations = registrations + guest_registrations # remove duplicates all_registrations_no_duplicates = list() for name, group in itertools.groupby(sorted(all_registrations, key=lambda d : d['user_id']), key=lambda d : d['user_id']): all_registrations_no_duplicates.append(next(group)) return marshal(all_registrations_no_duplicates, registration_admin_fields) except Exception as e: LOGGER.error( 'Error occured while retrieving unconfirmed registrations: {}'.format(e)) return errors.DB_NOT_AVAILABLE
def get(self): args = self.get_req_parser.parse_args() user_id = g.current_user['id'] event_id = args['event_id'] page_number = args['page_number'] limit = args['limit'] sort_column = args['sort_column'] reviewer = user_repository.get_by_id(user_id).is_reviewer(event_id) if not reviewer: return FORBIDDEN reviews = review_repository.get_review_history(user_id, event_id) if sort_column == 'review_response_id': reviews = reviews.order_by(ReviewResponse.id) if sort_column == 'submitted_timestamp': reviews = reviews.order_by(ReviewResponse.submitted_timestamp) reviews = reviews.slice(page_number * limit, page_number * limit + limit).all() num_entries = review_repository.get_review_history_count( user_id, event_id) total_pages = ceil(float(num_entries) / limit) reviews = [ReviewHistoryModel(review) for review in reviews] return { 'reviews': reviews, 'num_entries': num_entries, 'current_pagenumber': page_number, 'total_pages': total_pages }
def post(self): args = self.req_parser.parse_args() user_id = g.current_user["id"] current_user = user_repository.get_by_id(user_id) if not current_user.is_admin: return FORBIDDEN if event_repository.exists_by_key(args['key']): return EVENT_KEY_IN_USE if len(args['name']) == 0 or len(args['description']) == 0: return EVENT_MUST_CONTAIN_TRANSLATION if set(args['name']) != set(args['description']): return EVENT_TRANSLATION_MISMATCH event = Event(args['name'], args['description'], args['start_date'], args['end_date'], args['key'], args['organisation_id'], args['email_from'], args['url'], args['application_open'], args['application_close'], args['review_open'], args['review_close'], args['selection_open'], args['selection_close'], args['offer_open'], args['offer_close'], args['registration_open'], args['registration_close'], EventType[args['event_type'].upper()], args['travel_grant'], args['miniconf_url']) event.add_event_role('admin', user_id) event = event_repository.add(event) event = event_repository.get_by_id(event.id) return event, 201
def put(self): args = self.req_parser.parse_args() if len(args['name']) == 0 or len(args['description']) == 0: return EVENT_MUST_CONTAIN_TRANSLATION if set(args['name']) != set(args['description']): return EVENT_TRANSLATION_MISMATCH event = event_repository.get_by_id(args['id']) if not event: return EVENT_NOT_FOUND if event_repository.exists_by_key( args['key']) and args['key'] != event.key: return EVENT_KEY_IN_USE user_id = g.current_user["id"] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event.id): return FORBIDDEN event.update(args['name'], args['description'], args['start_date'], args['end_date'], args['key'], args['organisation_id'], args['email_from'], args['url'], args['application_open'], args['application_close'], args['review_open'], args['review_close'], args['selection_open'], args['selection_close'], args['offer_open'], args['offer_close'], args['registration_open'], args['registration_close'], args['travel_grant'], args['miniconf_url']) db.session.commit() event = event_repository.get_by_id(event.id) return event, 200
def post(self): args = self.req_parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] event = db.session.query(Event).get(event_id) if not event: return EVENT_NOT_FOUND current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN users = user_repository.get_all_without_responses() for user in users: event_name = event.get_name('en') organisation_name = event.organisation.name system_name = event.organisation.system_name deadline = event.application_close.strftime('%A %-d %B %Y') email_user('application-not-started', template_parameters=dict( event=event_name, organisation_name=organisation_name, system_name=system_name, deadline=deadline), event=event, user=user) return {'not_started_responses': len(users)}, 201
def post(self): req_parser = reqparse.RequestParser() req_parser.add_argument('user_id', type=int, required=True) req_parser.add_argument('email_subject', type=str, required=True) req_parser.add_argument('email_body', type=str, required=True) args = req_parser.parse_args() user = user_repository.get_by_id(args['user_id']) if user is None: return errors.USER_NOT_FOUND try: send_mail(recipient=user.email, sender_name=g.organisation.name, sender_email=g.organisation.email_from, subject=args['email_subject'], body_text=GENERIC_EMAIL_TEMPLATE.format( user_title=user.user_title, user_firstname=user.firstname, user_lastname=user.lastname, body=args['email_body'], ) ) except Exception as e: LOGGER.error('Error sending email: {}'.format(e)) return errors.EMAIL_NOT_SENT
def delete(self): args = self.del_req_parser.parse_args() current_user_id = g.current_user['id'] response = response_repository.get_by_id(args['id']) if not response: return errors.RESPONSE_NOT_FOUND if response.user_id != current_user_id: return errors.UNAUTHORIZED response.withdraw() response_repository.save(response) try: user = user_repository.get_by_id(current_user_id) event = response.application_form.event organisation = event.organisation emailer.email_user( 'withdrawal', template_parameters=dict( organisation_name=organisation.name ), event=event, user=user ) except: LOGGER.error('Failed to send withdrawal confirmation email for response with ID : {id}, but the response was withdrawn succesfully'.format(id=args['id'])) return {}, 204
def post(self): args = self.req_parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] event = db.session.query(Event).get(event_id) if not event: return EVENT_NOT_FOUND current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN users = user_repository.get_all_without_responses() for user in users: title = user.user_title firstname = user.firstname lastname = user.lastname event_name = event.name deadline = event.get_application_form().deadline.strftime('%A %-d %B %Y') subject = 'FINAL REMINDER: We do not have your application to attend {}'.format(event_name) body = NOT_STARTED_EMAIL_BODY.format(title=title, firstname=firstname, lastname=lastname, event=event_name, deadline=deadline) send_mail(recipient=user.email, subject=subject, body_text=body) return {'not_started_responses': len(users)}, 201
def get(self): user_id = g.current_user['id'] user = user_repository.get_by_id(user_id) if not user: return UNAUTHORIZED roles = db.session.query(EventRole).filter(EventRole.user_id == user.id).all() return user_info(user, roles)
def post(self): args = self.post_req_parser.parse_args() response_id = args['response_id'] title = args['title'] firstname = args['firstname'] lastname = args['lastname'] relation = args['relation'] email = args['email'] user = user_repository.get_by_id(g.current_user['id']) if not user: return USER_NOT_FOUND event = event_repository.get_event_by_response_id(response_id) if not event: return EVENT_NOT_FOUND response = response_repository.get_by_id(response_id) if not response: return RESPONSE_NOT_FOUND reference_request = ReferenceRequest(response_id=response_id, title=title, firstname=firstname, lastname=lastname, relation=relation, email=email) reference_request_repository.create(reference_request) link = "{host}/reference/{token}".format(host=misc.get_baobab_host(), token=reference_request.token) candidate, candidate_firstname, nominator = _get_candidate_nominator( response) if nominator is None: nomination_text = "has nominated themself" else: nomination_text = "has been nominated by {}".format(nominator) subject = 'REFERENCE REQUEST - {}'.format(event.name) body = REFERENCE_REQUEST_EMAIL_BODY.format( title=title, firstname=firstname, lastname=lastname, candidate=candidate, candidate_firstname=candidate_firstname, nomination_text=nomination_text, event_name=event.name, event_url=event.url, application_close_date=event.application_close, link=link) send_mail(recipient=email, subject=subject, body_text=body) reference_request.set_email_sent(datetime.now()) reference_request_repository.add(reference_request) return reference_request, 201
def post(self): args = self.post_req_parser.parse_args() response_id = args['response_id'] title = args['title'] firstname = args['firstname'] lastname = args['lastname'] relation = args['relation'] email = args['email'] user = user_repository.get_by_id(g.current_user['id']) if not user: return USER_NOT_FOUND event = event_repository.get_event_by_response_id(response_id) if not event: return EVENT_NOT_FOUND response = response_repository.get_by_id(response_id) if not response: return RESPONSE_NOT_FOUND reference_request = ReferenceRequest(response_id=response_id, title=title, firstname=firstname, lastname=lastname, relation=relation, email=email) reference_request_repository.create(reference_request) link = "{host}/reference/{token}".format(host=misc.get_baobab_host(), token=reference_request.token) try: candidate, candidate_firstname, nominator = _get_candidate_nominator( response) except ValueError as e: LOGGER.error(e) return BAD_CONFIGURATION email_user('reference-request-self-nomination' if nominator is None else 'reference-request', template_parameters=dict( candidate=candidate, candidate_firstname=candidate_firstname, nominator=nominator, event_url=event.url, application_close_date=event.application_close, link=link), event=event, user=user) reference_request.set_email_sent(datetime.now()) reference_request_repository.add(reference_request) return reference_request, 201
def _validate_user_admin_or_reviewer(user_id, event_id, response_id): user = user_repository.get_by_id(user_id) # Check if the user is an event admin permitted = user.is_event_admin(event_id) # If they're not an event admin, check if they're a reviewer for the relevant response if not permitted and user.is_reviewer(event_id): response_reviewer = review_repository.get_response_reviewer(response_id, user.id) if response_reviewer is not None: permitted = True return permitted
def post(self, event_id): req_parser = reqparse.RequestParser() req_parser.add_argument('user_id', type=int, required=True) req_parser.add_argument('outcome', type=str, required=True) args = req_parser.parse_args() event = event_repository.get_by_id(event_id) if not event: return errors.EVENT_NOT_FOUND user = user_repository.get_by_id(args['user_id']) if not user: return errors.USER_NOT_FOUND try: status = Status[args['outcome']] except KeyError: return errors.OUTCOME_STATUS_NOT_VALID try: # Set existing outcomes to no longer be the latest outcome existing_outcomes = outcome_repository.get_all_by_user_for_event(args['user_id'], event_id) for existing_outcome in existing_outcomes: existing_outcome.reset_latest() # Add new outcome outcome = Outcome( event_id, args['user_id'], status, g.current_user['id']) outcome_repository.add(outcome) db.session.commit() if status != Status.ACCEPTED: # Email will be sent with offer for accepted candidates email_user( 'outcome-rejected' if status == Status.REJECTED else 'outcome-waitlist', template_parameters=dict( host=misc.get_baobab_host() ), event=event, user=user, ) return outcome, 201 except SQLAlchemyError as e: LOGGER.error("Database error encountered: {}".format(e)) return errors.DB_NOT_AVAILABLE except: LOGGER.error("Encountered unknown error: {}".format(traceback.format_exc())) return errors.DB_NOT_AVAILABLE
def post(self): args = self.req_parser.parse_args() user_id = g.current_user["id"] current_user = user_repository.get_by_id(user_id) if not current_user.is_admin: return FORBIDDEN _date_format = '%Y-%m-%dT%H:%M:%S.%fZ' name = args['name'] description = args['description'] start_date = datetime.strptime((args['start_date']), _date_format) end_date = datetime.strptime((args['end_date']), _date_format) key = args['key'] organisation_id = args['organisation_id'] email_from = args['email_from'] url = args['url'] application_open = datetime.strptime((args['application_open']), _date_format) application_close = datetime.strptime((args['application_close']), _date_format) review_open = datetime.strptime((args['review_open']), _date_format) review_close = datetime.strptime((args['review_close']), _date_format) selection_open = datetime.strptime((args['selection_open']), _date_format) selection_close = datetime.strptime((args['selection_close']), _date_format) offer_open = datetime.strptime((args['offer_open']), _date_format) offer_close = datetime.strptime((args['offer_close']), _date_format) registration_open = datetime.strptime((args['registration_open']), _date_format) registration_close = datetime.strptime((args['registration_close']), _date_format) event_type = args['event_type'].upper() event = Event(name, description, start_date, end_date, key, organisation_id, email_from, url, application_open, application_close, review_open, review_close, selection_open, selection_close, offer_open, offer_close, registration_open, registration_close, EventType[event_type]) event.add_event_role('admin', user_id) try: event = event_repository.add(event) except IntegrityError as e: LOGGER.error("Event with KEY: {} already exists".format(key)) LOGGER.error(e) return EVENT_KEY_IN_USE event_org = event_repository.get_by_id_with_organisation(event.id) return event_details(event_org), 201
def put(self): args = self.req_parser.parse_args() event = event_repository.get_by_id(args['id']) if not event: return EVENT_NOT_FOUND user_id = g.current_user["id"] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event.id): return FORBIDDEN _date_format = '%Y-%m-%dT%H:%M:%S.%fZ' name = args['name'] description = args['description'] start_date = datetime.strptime((args['start_date']), _date_format) end_date = datetime.strptime((args['end_date']), _date_format) key = args['key'] organisation_id = args['organisation_id'] email_from = args['email_from'] url = args['url'] application_open = datetime.strptime((args['application_open']), _date_format) application_close = datetime.strptime((args['application_close']), _date_format) review_open = datetime.strptime((args['review_open']), _date_format) review_close = datetime.strptime((args['review_close']), _date_format) selection_open = datetime.strptime((args['selection_open']), _date_format) selection_close = datetime.strptime((args['selection_close']), _date_format) offer_open = datetime.strptime((args['offer_open']), _date_format) offer_close = datetime.strptime((args['offer_close']), _date_format) registration_open = datetime.strptime((args['registration_open']), _date_format) registration_close = datetime.strptime((args['registration_close']), _date_format) event.update(name, description, start_date, end_date, key, organisation_id, email_from, url, application_open, application_close, review_open, review_close, selection_open, selection_close, offer_open, offer_close, registration_open, registration_close) try: db.session.commit() except IntegrityError: LOGGER.error("Event with KEY: {} already exists".format(key)) return EVENT_KEY_IN_USE event_org = event_repository.get_by_id_with_organisation(event.id) return event_details(event_org), 200
def get(self): args = self.get_req_parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN counts = review_repository.count_reviews_allocated_and_completed_per_reviewer( event_id) views = [ReviewCountView(count) for count in counts] return views
def wrapper(*args, **kwargs): req_parser = reqparse.RequestParser() req_parser.add_argument('event_id', type=int, required=True) args = req_parser.parse_args() user = get_user_from_request() if user: user_info = user_repository.get_by_id(user['id']) if user_info.is_event_admin(args['event_id']): g.current_user = user return func(*args, event_id=args['event_id'], **kwargs) return FORBIDDEN
def post(self): args = self.post_req_parser.parse_args() user_id = g.current_user['id'] event_id = args['event_id'] reviewer_user_email = args['reviewer_user_email'] num_reviews = args['num_reviews'] event = db.session.query(Event).filter(Event.id == event_id).first() if not event: return EVENT_NOT_FOUND current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN reviewer_user = user_repository.get_by_email(reviewer_user_email, g.organisation.id) if reviewer_user is None: return USER_NOT_FOUND if not reviewer_user.is_reviewer(event_id): self.add_reviewer_role(reviewer_user.id, event_id) config = review_configuration_repository.get_configuration_for_event( event_id) response_ids = self.get_eligible_response_ids( event_id, reviewer_user.id, num_reviews, config.num_reviews_required) response_reviewers = [ ResponseReviewer(response_id, reviewer_user.id) for response_id in response_ids ] db.session.add_all(response_reviewers) db.session.commit() if len(response_ids) > 0: send_mail(recipient=reviewer_user.email, subject='You have been assigned reviews in Baobab', body_text=ASSIGNED_BODY.format( title=reviewer_user.user_title, firstname=reviewer_user.firstname, lastname=reviewer_user.lastname, num_reviews=len(response_ids), baobab_host=misc.get_baobab_host(), system_name=g.organisation.system_name, event_key=event.key, event=event.name)) return {}, 201
def get(self): args = self.get_req_parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN return { 'reviews_unallocated': review_repository.count_unassigned_reviews(event_id, REVIEWS_PER_SUBMISSION) }
def get(self): args = self.req_parser.parse_args() event_id = args['event_id'] current_user_id = g.current_user['id'] current_user = user_repository.get_by_id(current_user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN user_responses = user_repository.get_all_with_responses_for(event_id) views = [UserProfileView(user_response) for user_response in user_responses] return views
def get(self): LOGGER.debug('Received get request for reference-request') user = user_repository.get_by_id(g.current_user['id']) if not user: return USER_NOT_FOUND args = self.req_parser.parse_args() response = response_repository.get_by_id_and_user_id( args['response_id'], user.id) if not response: return RESPONSE_NOT_FOUND return reference_request_repository.get_all_by_response_id( response.id), 200
def get(self): req_parser = reqparse.RequestParser() req_parser.add_argument('event_id', type=int, required=True) req_parser.add_argument('user_id', type=int, required=True) args = req_parser.parse_args() current_user = user_repository.get_by_id(g.current_user['id']) if not current_user.is_event_admin(args['event_id']): return FORBIDDEN comments = db.session.query(UserComment).filter( UserComment.event_id == args['event_id'], UserComment.user_id == args['user_id']).all() return comments
def get(self): args = self.req_parser.parse_args() event_id = args['event_id'] current_user_id = g.current_user['id'] current_user = user_repository.get_by_id(current_user_id) if not (current_user.is_event_admin(event_id) or current_user.is_admin): return FORBIDDEN invited_guests = db.session.query(InvitedGuest, AppUser).filter_by(event_id=event_id).join( AppUser, InvitedGuest.user_id == AppUser.id).all() views = [InvitedGuestView(invited_guest) for invited_guest in invited_guests] return views
def put(self): args = self.put_req_parser.parse_args() user_id = g.current_user['id'] is_submitted = args['is_submitted'] language = args['language'] response = response_repository.get_by_id(args['id']) if not response: return errors.RESPONSE_NOT_FOUND if response.user_id != user_id: return errors.UNAUTHORIZED if response.application_form_id != args['application_form_id']: return errors.UPDATE_CONFLICT response.is_submitted = is_submitted response.language = language if is_submitted: response.submit() response_repository.save(response) answers = [] for answer_args in args['answers']: answer = response_repository.get_answer_by_question_id_and_response_id( answer_args['question_id'], response.id) if answer: answer.update(answer_args['value']) else: answer = Answer(response.id, answer_args['question_id'], answer_args['value']) answers.append(answer) response_repository.save_answers(answers) try: if response.is_submitted: LOGGER.info( 'Sending confirmation email for response with ID : {id}'. format(id=response.id)) user = user_repository.get_by_id(user_id) response = response_repository.get_by_id_and_user_id( response.id, user_id) self.send_confirmation(user, response) except: LOGGER.warn( 'Failed to send confirmation email for response with ID : {id}, but the response was submitted succesfully' .format(id=response.id)) finally: return response, 200
def post(self): args = self.post_req_parser.parse_args() user_id = g.current_user['id'] event_id = args['event_id'] reviewer_user_email = args['reviewer_user_email'] num_reviews = args['num_reviews'] event = event_repository.get_by_id(event_id) if not event: return EVENT_NOT_FOUND current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN reviewer_user = user_repository.get_by_email(reviewer_user_email, g.organisation.id) if reviewer_user is None: return USER_NOT_FOUND if not reviewer_user.is_reviewer(event_id): _add_reviewer_role(reviewer_user.id, event_id) config = review_configuration_repository.get_configuration_for_event( event_id) response_ids = self.get_eligible_response_ids( event_id, reviewer_user.id, num_reviews, config.num_reviews_required) response_reviewers = [ ResponseReviewer(response_id, reviewer_user.id) for response_id in response_ids ] db.session.add_all(response_reviewers) db.session.commit() if len(response_ids) > 0: email_user('reviews-assigned', template_parameters=dict( num_reviews=len(response_ids), baobab_host=misc.get_baobab_host(), system_name=g.organisation.system_name, event_key=event.key), event=event, user=reviewer_user) return {}, 201
def get(self): args = self.get_req_parser.parse_args() event_id = args['event_id'] user_id = g.current_user['id'] current_user = user_repository.get_by_id(user_id) if not current_user.is_event_admin(event_id): return FORBIDDEN config = review_configuration_repository.get_configuration_for_event( event_id) return { 'reviews_unallocated': review_repository.count_unassigned_reviews( event_id, config.num_reviews_required) }
def put(self): args = self.req_parser.parse_args() policy_agreed = args['policy_agreed'] if not policy_agreed: return POLICY_NOT_AGREED current_user_id = g.current_user['id'] current_user = user_repository.get_by_id(current_user_id) if current_user.has_agreed(): return POLICY_ALREADY_AGREED current_user.agree_to_policy() db.session.commit() return {}, 200