def collection_post(self): """Auction Complaint Document Upload """ if self.request.validated['auction_status'] not in [ 'active.tendering', 'active.auction', 'active.qualification', 'active.awarded' ]: self.request.errors.add( 'body', 'data', 'Can\'t add document in current ({}) auction status'.format( self.request.validated['auction_status'])) self.request.errors.status = 403 return if self.context.status not in STATUS4ROLE.get( self.request.authenticated_role, []): self.request.errors.add( 'body', 'data', 'Can\'t add document in current ({}) complaint status'.format( self.context.status)) self.request.errors.status = 403 return document = upload_file(self.request) document.author = self.request.authenticated_role self.context.documents.append(document) if save_auction(self.request): self.LOGGER.info( 'Created auction complaint document {}'.format(document.id), extra=context_unpack( self.request, {'MESSAGE_ID': 'auction_complaint_document_create'}, {'document_id': document.id})) self.request.response.status = 201 document_route = self.request.matched_route.name.replace( "collection_", "") self.request.response.headers[ 'Location'] = self.request.current_route_url( _route_name=document_route, document_id=document.id, _query={}) return {'data': document.serialize("view")}
def validate_file_upload_post_common(request, **kwargs): if request.validated['auction_status'] not in [ 'active.qualification', 'active.awarded' ]: request.errors.add( 'body', 'data', 'Can\'t add document in current ({})' ' auction status'.format(request.validated['auction_status'])) elif any([ i.status != 'active' for i in request.validated['auction'].lots if i.id == request.validated['award'].lotID ]): request.errors.add('body', 'data', 'Can add document only in active lot status') elif request.context.status not in STATUS4ROLE.get( request.authenticated_role, []): request.errors.add( 'body', 'data', 'Can\'t add document in current ({})' ' complaint status'.format(request.context.status)) else: return request.errors.status = 403 raise error_handler(request)
def put(self): """Auction Complaint Document Update""" if self.request.authenticated_role != self.context.author: self.request.errors.add('url', 'role', 'Can update document only author') self.request.errors.status = 403 return if self.request.validated['auction_status'] not in [ 'active.tendering', 'active.auction', 'active.qualification', 'active.awarded' ]: self.request.errors.add( 'body', 'data', 'Can\'t update document in current ({}) auction status'.format( self.request.validated['auction_status'])) self.request.errors.status = 403 return if self.request.validated['complaint'].status not in STATUS4ROLE.get( self.request.authenticated_role, []): self.request.errors.add( 'body', 'data', 'Can\'t update document in current ({}) complaint status'. format(self.request.validated['complaint'].status)) self.request.errors.status = 403 return document = upload_file(self.request) document.author = self.request.authenticated_role self.request.validated['complaint'].documents.append(document) if save_auction(self.request): self.LOGGER.info( 'Updated auction complaint document {}'.format( self.request.context.id), extra=context_unpack( self.request, {'MESSAGE_ID': 'auction_complaint_document_put'})) return {'data': document.serialize("view")}