def collection_post(self): """Auction Document Upload""" if self.request.authenticated_role != 'auction' and self.request.validated['auction_status'] != 'active.tendering' or \ self.request.authenticated_role == 'auction' and self.request.validated['auction_status'] not in ['active.auction', 'active.qualification']: self.request.errors.add( 'body', 'data', 'Can\'t add document in current ({}) auction status'.format( self.request.validated['auction_status'])) self.request.errors.status = 403 return document = dgf_upload_file(self.request) self.context.documents.append(document) if save_auction(self.request): self.LOGGER.info( 'Created auction document {}'.format(document.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'auction_document_create'}, {'document_id': document.id})) self.request.response.status = 201 document_route = self.request.matched_route.name.replace( "collection_", "") self.request.response.headers[ 'Location'] = self.request.current_route_url( _route_name=document_route, document_id=document.id, _query={}) return {'data': document.serialize("view")}
def put(self): """Auction Document Update""" if self.request.authenticated_role != 'auction' and self.request.validated['auction_status'] != 'active.tendering' or \ self.request.authenticated_role == 'auction' and self.request.validated['auction_status'] not in ['active.auction', 'active.qualification']: self.request.errors.add('body', 'data', 'Can\'t update document in current ({}) auction status'.format(self.request.validated['auction_status'])) self.request.errors.status = 403 return document = dgf_upload_file(self.request) self.request.validated['auction'].documents.append(document) if self.request.authenticated_role == 'auction_owner': invalidate_bids_data(self.request.auction) if save_auction(self.request): self.LOGGER.info('Updated auction document {}'.format(self.request.context.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'auction_document_put'})) return {'data': document.serialize("view")}