def create_checkin(request, company_id, headers):
if request.method == "POST":
check_in_data = json.loads(request.body)
check_in_data_send = [("vehicle_number", check_in_data['vehicle_number']), ("checkin_by", request.session['username'])]
for destination in check_in_data['destination_list']:
check_in_data_send.append(("destination_ids", destination['destination']['destination_id']))
response = requests.post("{}/company/{}/checkedin_destinations".format(settings.COORDINATOR_WS_URL, company_id),
data=check_in_data_send)
validate_api_call(response, [])
data = {"status_code": response.status_code}
# Let the display know we did a checkin
params = {"company_id": company_id}
display_response = requests.get("{}/display/company_destinations".format(settings.COORDINATOR_WS_URL),
params=params)
validate_api_call(display_response, [])
json_data = json.dumps(data)
return JsonResponse(json_data, safe=False)
else:
return Http404
def get_checkin_detail(request, company_id, vehicle_number, headers):
params = {"vehicle_number": vehicle_number}
response = requests.get("{}/company/{}/vehicle_destinations".format(settings.COORDINATOR_WS_URL, company_id),
params=params, headers=headers)
validate_api_call(response, [])
data = json.loads(response.text)
return JsonResponse(data, safe=False)
def get_company(request, company_id, headers):
parameters = {"company_contact_info": "true", "curbside_check_in_info": "true", "company_destination_info": "true"}
response = requests.get("{}/company/{}".format(settings.ADMIN_WS_URL, company_id), params=parameters,
headers=headers)
validate_api_call(response, [])
data = json.loads(response.text)['companies'][0]
return JsonResponse(data, safe=False)
def get_action_id(headers, action_name):
response = requests.get("{}/reference/action".format(
settings.ADMIN_WS_URL),
headers=headers)
validate_api_call(response, [])
for action in json.loads(response.text)['actions']:
if action['action_name'] == action_name:
return action['action_id']
def get_all_checkins(request, headers):
response = requests.get("{}/company/checkedin_vehicles".format(settings.COORDINATOR_WS_URL),
headers=headers)
validate_api_call(response, [404])
if response.status_code == 204 or response.status_code == 404:
data = {"data" : []}
else:
data = json.loads(response.text)
return JsonResponse(data, safe=False)
def create_audit(request, headers, action_reason, resource_name,
action_description, action_name, company_id, action_on_user):
data = {"action_id": get_action_id(headers, action_name)}
data['company_id'] = company_id
data['action_description'] = action_description
data['action_by_user_role_id'] = request.session['role_id']
data['action_by_user'] = request.session['username']
data['resource_name'] = resource_name
data['action_reason'] = action_reason
data['action_on_user'] = action_on_user
response = requests.post("{}/audit".format(settings.COORDINATOR_WS_URL),
data=data,
headers=headers)
validate_api_call(response, [])
def delete_checkin(request, company_id, headers):
if request.method == "POST":
form_data = json.loads(request.body)
delete_data = {"vehicle_number": form_data['vehicle_number']}
delete_data['checkout_by'] = request.session['username']
response = requests.delete("{}/company/{}/checkedin_destinations".format(settings.COORDINATOR_WS_URL, company_id),
data=delete_data)
validate_api_call(response, [])
data = {"status_code": response.status_code}
# Let the display know we did a delete
params = {"company_id": company_id}
display_response = requests.get("{}/display/company_destinations".format(settings.COORDINATOR_WS_URL),
params=params)
validate_api_call(display_response, [])
json_data = json.dumps(data)
return JsonResponse(json_data, safe=False)
else:
return Http404
def get_company_destinations(request, company_id, headers):
response = requests.get("{}/company/{}/company_destination".format(settings.ADMIN_WS_URL, company_id), headers=headers)
validate_api_call(response, [])
data = json.loads(response.text)
return JsonResponse(data, safe=False)
def get_vehicle(request, company_id, vehicle_id, headers):
response = requests.get("{}/gtms/vehicle/{}/".format(settings.ADMIN_WS_URL, vehicle_id), headers=headers)
validate_api_call(response, [])
data = json.loads(response.text)
return JsonResponse(data, safe=False)
def get_all_companies(request, headers):
response = requests.get("{}/company".format(settings.ADMIN_WS_URL), headers=headers)
validate_api_call(response, [])
data = json.loads(response.text)
return JsonResponse(data, safe=False)
def login(request):
try:
# GET requests to the page return the page itself
if request.session.session_key and 'role' in request.session:
if request.GET.get('next'):
return redirect(request.GET.get('next'))
return render(request, "coordinator_portal/app.html")
# POST request to the page attempt to validate the credentials and log-in the user
elif request.method == 'POST':
form = LoginForm(request.POST)
if form.is_valid():
username = request.POST.get('username')
password = request.POST.get('password')
# Authentication API Call
response = requests.post("{}/ad/auth".format(
settings.AD_WS_URL),
data={
"username": username,
"password": password,
"attributes": True
})
validate_api_call(response, [])
response_data = json.loads(response.text)["response"]
# If SFO AD returns a valid set of credentials
if response_data["validPassword"] is True:
# And if the credentials are in the Five Star OU
if response_data["dn"].find("OU=FSP PPM") != -1:
headers = {
"authorization":
"Basic {}".format(
base64.urlsafe_b64encode("{}:{}".format(
response_data['email'], password)))
}
response = requests.get(
"{}/user".format(settings.ADMIN_WS_URL),
params={"email": response_data['email'].lower()},
headers=headers)
validate_api_call(response, [404])
# And the user is in the coordinator user table
if response.status_code == 200:
# Iterate over all users with this email
for response_coordinator_data in json.loads(
response.text)['users']:
# If a coordinator is found and they're not deleted, immediately log them in
if not response_coordinator_data[
'deleted'] and (
response_coordinator_data['role']
['role_name']
== "coordinator_admin" or
response_coordinator_data['role']
['role_name']
== "coordinator_user"):
request.session["logged_in"] = True
request.session[
"first_name"] = response_coordinator_data[
"first_name"].title()
request.session[
"last_name"] = response_coordinator_data[
"last_name"].title()
request.session[
"username"] = response_coordinator_data[
"email"]
request.session[
"user_id"] = response_coordinator_data[
"user_id"]
request.session[
"role"] = response_coordinator_data[
'role']['role_name']
request.session[
"role_id"] = response_coordinator_data[
'role']['role_id']
request.session["auth"] = headers[
'authorization']
request.session[
"company_id"] = response_coordinator_data[
"company_id"]
# Log that the user logged in.
create_audit(
request, headers, None, "USERS",
"Logged in", "LOGIN", None,
response_coordinator_data['email'])
return render(
request, "coordinator_portal/app.html",
"")
# Otherwise alert them that they don't have authorization to use the app
messages.error(
request,
'Only authorized coordinators may use this system.',
extra_tags="danger")
return redirect(reverse('coordinator_login'))
# If there is no matching email, alert the user they're not authorized to use the app
messages.error(
request,
'Only authorized coordinators may use this system.',
extra_tags="danger")
return redirect(reverse('coordinator_login'))
# Otherwise alert the user they're a coordinator but not authorized to use the system
elif response.status_code == 404:
messages.error(
request,
'Only authorized coordinators may use this system.',
extra_tags="danger")
return redirect(reverse('coordinator_login'))
# Otherwise alert the user they're not authorized to use the system
else:
messages.error(
request,
'You do not have authorization to use this application.',
extra_tags="danger")
return redirect(reverse('coordinator_login'))
# Otherwise alert the user they've entered and incorrect username/password combination.
else:
messages.error(request,
'Incorrect username or password.',
extra_tags="danger")
return redirect(reverse('coordinator_login'))
# Otherwise alert the user that form validation failed
else:
messages.error(
request,
'An error occurred when attempting to validate your login credentials. Please try again or contact SFO Helpdesk.',
extra_tags="danger")
return redirect(reverse('coordinator_login'))
else:
return render(request, "coordinator_portal/login.html", "")
except KeyError:
django_logout(request)
return redirect((reverse('coordinator_login')))