def survey_confirm_organisation(_): # Get and decrypt enrolment code cryptographer = Cryptographer() encrypted_enrolment_code = request.args.get('encrypted_enrolment_code', None) enrolment_code = cryptographer.decrypt( encrypted_enrolment_code.encode()).decode() # Validate enrolment code before retrieving organisation data iac_controller.validate_enrolment_code(enrolment_code) logger.info( 'Attempting to retrieve data for confirm add organisation/survey page') try: # Get organisation name case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case['caseGroup']['partyId'] business_party = party_controller.get_party_by_business_id( business_party_id, app.config['PARTY_URL'], app.config['BASIC_AUTH']) # Get survey name collection_exercise_id = case['caseGroup']['collectionExerciseId'] collection_exercise = collection_exercise_controller.get_collection_exercise( collection_exercise_id) survey_id = collection_exercise['surveyId'] survey_name = survey_controller.get_survey(app.config['SURVEY_URL'], app.config['BASIC_AUTH'], survey_id).get('longName')
def survey_confirm_organisation(_): # Get and decrypt enrolment code cryptographer = Cryptographer() encrypted_enrolment_code = request.args.get("encrypted_enrolment_code", None) enrolment_code = cryptographer.decrypt( encrypted_enrolment_code.encode()).decode() # Validate enrolment code before retrieving organisation data iac_controller.validate_enrolment_code(enrolment_code) logger.info( "Attempting to retrieve data for confirm add organisation/survey page", enrolment_code=enrolment_code) try: # Get organisation name case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case["caseGroup"]["partyId"] business_party = party_controller.get_party_by_business_id( business_party_id, app.config["PARTY_URL"], app.config["BASIC_AUTH"]) # Get survey name collection_exercise_id = case["caseGroup"]["collectionExerciseId"] collection_exercise = collection_exercise_controller.get_collection_exercise( collection_exercise_id) survey_id = collection_exercise["surveyId"] survey_name = survey_controller.get_survey(app.config["SURVEY_URL"], app.config["BASIC_AUTH"], survey_id).get("longName")
def register_confirm_organisation_survey(): # Get and decrypt enrolment code cryptographer = Cryptographer() encrypted_enrolment_code = request.args.get("encrypted_enrolment_code") try: enrolment_code = cryptographer.decrypt( encrypted_enrolment_code.encode()).decode() except AttributeError: logger.error("No enrolment code supplied", exc_info=True, url=request.url) raise # Validate enrolment code before retrieving organisation data iac_controller.validate_enrolment_code(enrolment_code) logger.info( "Attempting to retrieve data for confirm organisation/survey page", enrolment_code=enrolment_code) try: # Get organisation name case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case["caseGroup"]["partyId"] business_party = party_controller.get_party_by_business_id( business_party_id, app.config["PARTY_URL"], app.config["BASIC_AUTH"]) # Get survey name collection_exercise_id = case["caseGroup"]["collectionExerciseId"] collection_exercise = collection_exercise_controller.get_collection_exercise( collection_exercise_id) survey_id = collection_exercise["surveyId"] survey_name = survey_controller.get_survey(app.config["SURVEY_URL"], app.config["BASIC_AUTH"], survey_id).get("longName")
def add_survey(_): form = EnrolmentCodeForm(request.form) if request.method == 'POST' and form.validate(): logger.info('Enrolment code submitted') enrolment_code = request.form.get('enrolment_code').lower() # Validate the enrolment code try: iac = iac_controller.get_iac_from_enrolment(enrolment_code) if iac is None: logger.info('Enrolment code not found') template_data = {"error": {"type": "failed"}} return render_template('surveys/surveys-add.html', form=form, data=template_data), 200 if not iac['active']: logger.info('Enrolment code not active') template_data = {"error": {"type": "failed"}} return render_template('surveys/surveys-add.html', form=form, data=template_data) except ApiError as exc: if exc.status_code == 400: logger.info('Enrolment code already used', status_code=exc.status_code) template_data = {"error": {"type": "failed"}} return render_template('surveys/surveys-add.html', form=form, data=template_data) else: logger.error('Failed to submit enrolment code', status_code=exc.status_code) raise cryptographer = Cryptographer() encrypted_enrolment_code = cryptographer.encrypt( enrolment_code.encode()).decode() logger.info('Successful enrolment code submitted') return redirect( url_for('surveys_bp.survey_confirm_organisation', encrypted_enrolment_code=encrypted_enrolment_code, _external=True, _scheme=getenv('SCHEME', 'http'))) elif request.method == 'POST' and not form.validate(): logger.info('Invalid character length, must be 12 characters') template_data = {"error": {"type": "failed"}} return render_template('surveys/surveys-add.html', form=form, data=template_data) return render_template('surveys/surveys-add.html', form=form, data={"error": {}})
def register(): cryptographer = Cryptographer() form = EnrolmentCodeForm(request.form) if form.enrolment_code.data: form.enrolment_code.data = form.enrolment_code.data.strip() if request.method == 'POST' and form.validate(): logger.info('Enrolment code submitted') enrolment_code = form.enrolment_code.data.lower() # Validate the enrolment code try: iac = iac_controller.get_iac_from_enrolment(enrolment_code) if iac is None: template_data = {"error": {"type": "failed"}} return render_template( 'register/register.enter-enrolment-code.html', form=form, data=template_data), 200 except ApiError as exc: if exc.status_code == 400: logger.info('Enrolment code already used') template_data = {"error": {"type": "failed"}} return render_template( 'register/register.enter-enrolment-code.html', form=form, data=template_data), 200 else: logger.error('Failed to submit enrolment code') raise exc # This is the initial submission of enrolment code so post a case event for authentication attempt case_id = iac['caseId'] case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case['partyId'] case_controller.post_case_event( case_id, party_id=business_party_id, category='ACCESS_CODE_AUTHENTICATION_ATTEMPT', description='Access code authentication attempted') encrypted_enrolment_code = cryptographer.encrypt( enrolment_code.encode()).decode() logger.info('Successful enrolment code submitted') return redirect( url_for('register_bp.register_confirm_organisation_survey', encrypted_enrolment_code=encrypted_enrolment_code, _external=True, _scheme=os.getenv('SCHEME', 'http'))) return render_template('register/register.enter-enrolment-code.html', form=form, data={"error": {}})
def add_survey_submit(session): party_id = session.get_party_id() cryptographer = Cryptographer() encrypted_enrolment_code = request.args.get("encrypted_enrolment_code") enrolment_code = cryptographer.decrypt( encrypted_enrolment_code.encode()).decode() logger.info("Assigning new survey to a user", party_id=party_id, enrolment_code=enrolment_code) try: # Verify enrolment code is active iac = iac_controller.get_iac_from_enrolment(enrolment_code) if iac is None: # Showing the client an error screen if the enrolment code is either not found or inactive isn't great # but it's better then what used to happen, which was raise TypeError and show them the generic exception # page. This lets us more easily debug the issue. Ideally we'd redirect the user to the surveys_list # page with a 'Something went wrong when signing you up for the survey, try again or call us' error. logger.error("IAC code not found or inactive", enrolment_code=enrolment_code) abort(400) # Add enrolment for user in party case_id = iac["caseId"] case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case["partyId"] collection_exercise_id = case["caseGroup"]["collectionExerciseId"] # Get survey ID from collection Exercise added_survey_id = collection_exercise_controller.get_collection_exercise( case["caseGroup"]["collectionExerciseId"]).get("surveyId") info = party_controller.get_party_by_business_id( business_party_id, app.config["PARTY_URL"], app.config["BASIC_AUTH"], collection_exercise_id) already_enrolled = None if is_respondent_and_business_enrolled(info["associations"], case["caseGroup"]["surveyId"], party_id): logger.info( "User tried to enrol onto a survey they are already enrolled on", case_id=case_id, party_id=party_id, enrolment_code=enrolment_code, ) already_enrolled = True else:
def add_survey_submit(session): party_id = session['party_id'] logger.info('Assigning new survey to a user', party_id=party_id) cryptographer = Cryptographer() encrypted_enrolment_code = request.args.get('encrypted_enrolment_code') enrolment_code = cryptographer.decrypt( encrypted_enrolment_code.encode()).decode() try: # Verify enrolment code is active iac = iac_controller.get_iac_from_enrolment(enrolment_code) # Add enrolment for user in party case_id = iac['caseId'] case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case['partyId'] case_controller.post_case_event( case_id, party_id=business_party_id, category='ACCESS_CODE_AUTHENTICATION_ATTEMPT', description='Access code authentication attempted') party_controller.add_survey(party_id, enrolment_code) # Get survey ID from collection Exercise added_survey_id = collection_exercise_controller.get_collection_exercise( case['caseGroup']['collectionExerciseId']).get('surveyId') except ApiError as exc: logger.error('Failed to assign user to a survey', party_id=party_id, status_code=exc.status_code) raise logger.info( 'Successfully retrieved data for confirm add organisation/survey page', case_id=case_id, party_id=party_id) return redirect( url_for('surveys_bp.get_survey_list', _anchor=(business_party_id, added_survey_id), _external=True, business_party_id=business_party_id, survey_id=added_survey_id, tag='todo'))
import logging from flask import render_template, request from structlog import wrap_logger from frontstage.common.cryptographer import Cryptographer from frontstage.controllers import iac_controller, party_controller from frontstage.exceptions.exceptions import ApiError from frontstage.models import RegistrationForm from frontstage.views.register import register_bp logger = wrap_logger(logging.getLogger(__name__)) cryptographer = Cryptographer() @register_bp.route('/create-account/enter-account-details', methods=['GET', 'POST']) def register_enter_your_details(): # Get and decrypt enrolment code encrypted_enrolment_code = request.args.get('encrypted_enrolment_code', None) enrolment_code = cryptographer.decrypt(encrypted_enrolment_code.encode()).decode() form = RegistrationForm(request.values, enrolment_code=encrypted_enrolment_code) form.email_address.data = form.email_address.data.strip() # Validate enrolment code before rendering or checking the form iac_controller.validate_enrolment_code(enrolment_code) if request.method == 'POST' and form.validate(): logger.info('Attempting to create account') email_address = form.email_address.data registration_data = {
def add_survey(_): form = EnrolmentCodeForm(request.form) if request.method == "POST" and form.validate(): enrolment_code = request.form.get("enrolment_code").lower() logger.info("Enrolment code submitted when attempting to add survey", enrolment_code=enrolment_code) # Validate the enrolment code try: iac = iac_controller.get_iac_from_enrolment(enrolment_code) if iac is None: logger.info( "Enrolment code not found when attempting to add survey", enrolment_code=enrolment_code) template_data = {"error": {"type": "failed"}} return render_template("surveys/surveys-add.html", form=form, data=template_data), 200 if not iac["active"]: logger.info( "Enrolment code not active when attempting to add survey", enrolment_code=enrolment_code) template_data = {"error": {"type": "failed"}} return render_template("surveys/surveys-add.html", form=form, data=template_data) except ApiError as exc: if exc.status_code == 400: logger.info( "Enrolment code already used when attempting to add survey", status_code=exc.status_code, enrolment_code=enrolment_code, ) template_data = {"error": {"type": "failed"}} return render_template("surveys/surveys-add.html", form=form, data=template_data) else: logger.error( "Failed to submit enrolment code when attempting to add survey", status_code=exc.status_code, enrolment_code=enrolment_code, ) raise logger.info( "Enrolment code validation complete; now attempting encryption", enrolment_code=enrolment_code) cryptographer = Cryptographer() encrypted_enrolment_code = cryptographer.encrypt( enrolment_code.encode()).decode() logger.info("Enrolment code decoding successful", enrolment_code=enrolment_code) return redirect( url_for( "surveys_bp.survey_confirm_organisation", encrypted_enrolment_code=encrypted_enrolment_code, _external=True, _scheme=getenv("SCHEME", "http"), )) elif request.method == "POST" and not form.validate(): logger.info("Invalid character length, must be 12 characters") template_data = {"error": {"type": "failed"}} return render_template("surveys/surveys-add.html", form=form, data=template_data) return render_template("surveys/surveys-add.html", form=form, data={"error": {}})
def register(): cryptographer = Cryptographer() form = EnrolmentCodeForm(request.form) if form.enrolment_code.data: form.enrolment_code.data = form.enrolment_code.data.strip() if request.method == "POST" and form.validate(): enrolment_code = form.enrolment_code.data.lower() logger.info( "Enrolment code submitted when attempting to create account", enrolment_code=enrolment_code) # Validate the enrolment code try: iac = iac_controller.get_iac_from_enrolment(enrolment_code) if iac is None: logger.info( "Enrolment code not found when attempting to create account", enrolment_code=enrolment_code) template_data = {"error": {"type": "failed"}} return ( render_template( "register/register.enter-enrolment-code.html", form=form, data=template_data), 200, ) if not iac["active"]: logger.info( "Enrolment code not active when attempting to create account", enrolment_code=enrolment_code) template_data = {"error": {"type": "failed"}} return render_template( "register/register.enter-enrolment-code.html", form=form, data=template_data) except ApiError as exc: if exc.status_code == 400: logger.info( "Enrolment code already used when attempting to create account", enrolment_code=enrolment_code) template_data = {"error": {"type": "failed"}} return ( render_template( "register/register.enter-enrolment-code.html", form=form, data=template_data), 200, ) else: logger.error( "Failed to submit enrolment code when attempting to create account", enrolment_code=enrolment_code) raise exc # This is the initial submission of enrolment code so post a case event for authentication attempt case_id = iac["caseId"] case = case_controller.get_case_by_enrolment_code(enrolment_code) business_party_id = case["partyId"] case_controller.post_case_event( case_id, party_id=business_party_id, category="ACCESS_CODE_AUTHENTICATION_ATTEMPT", description="Access code authentication attempted", ) encrypted_enrolment_code = cryptographer.encrypt( enrolment_code.encode()).decode() logger.info( "Successful enrolment code submitted when attempting to create account", enrolment_code=enrolment_code) return redirect( url_for( "register_bp.register_confirm_organisation_survey", encrypted_enrolment_code=encrypted_enrolment_code, _external=True, _scheme=os.getenv("SCHEME", "http"), )) return render_template("register/register.enter-enrolment-code.html", form=form, data={"error": {}})