def post(self): complaint = self.request.context tender = self.request.validated['tender'] award_id = self.request.validated['award_id'] data = self.request.validated['ownership_data'] if complaint.transfer_token == sha512(data['transfer']).hexdigest(): location = self.request.route_path('Tender Award Complaints', tender_id=tender.id, award_id=award_id, complaint_id=complaint.id) location = location[len(ROUTE_PREFIX):] # strips /api/<version> transfer = extract_transfer(self.request, transfer_id=data['id']) if transfer.get('usedFor') and transfer.get('usedFor') != location: self.request.errors.add('body', 'transfer', 'Transfer already used') self.request.errors.status = 403 return else: self.request.errors.add('body', 'transfer', 'Invalid transfer') self.request.errors.status = 403 return update_ownership(complaint, transfer) transfer.usedFor = location self.request.validated['transfer'] = transfer if save_transfer(self.request): self.LOGGER.info('Updated transfer relation {}'.format(transfer.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'})) if save_tender(self.request): self.LOGGER.info('Updated award {} complaint {} ownership of tender {}'.format(complaint.id, award_id, tender.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'award_complaint_ownership_update'}, {'complaint_id': complaint.id, 'award_id': award_id, 'tender_id': tender.id})) return {'data': complaint.serialize('view')}
def post(self): contract = self.request.validated["contract"] data = self.request.validated["ownership_data"] location = get_transfer_location(self.request, "Contract", contract_id=contract.id) transfer = extract_transfer(self.request, transfer_id=data["id"]) if transfer.get("usedFor") and transfer.get("usedFor") != location: self.request.errors.add("body", "transfer", "Transfer already used") self.request.errors.status = 403 return update_ownership(contract, transfer) self.request.validated["contract"] = contract transfer.usedFor = location self.request.validated["transfer"] = transfer if save_transfer(self.request): self.LOGGER.info( "Updated transfer relation {}".format(transfer.id), extra=context_unpack(self.request, {"MESSAGE_ID": "transfer_relation_update"}), ) if save_contract(self.request): self.LOGGER.info( "Updated ownership of contract {}".format(contract.id), extra=context_unpack(self.request, {"MESSAGE_ID": "contract_ownership_update"}), ) return {"data": contract.serialize("view")}
def post(self): tender = self.request.validated['tender'] data = self.request.validated['ownership_data'] if tender.transfer_token == sha512(data['transfer']).hexdigest(): location = self.request.route_path('Tender', tender_id=tender.id) location = location[len(ROUTE_PREFIX):] # strips /api/<version> transfer = extract_transfer(self.request, transfer_id=data['id']) if transfer.get('usedFor') and transfer.get('usedFor') != location: self.request.errors.add('body', 'transfer', 'Transfer already used') self.request.errors.status = 403 return else: self.request.errors.add('body', 'transfer', 'Invalid transfer') self.request.errors.status = 403 return update_ownership(tender, transfer) self.request.validated['tender'] = tender transfer.usedFor = location self.request.validated['transfer'] = transfer if save_transfer(self.request): self.LOGGER.info('Updated transfer relation {}'.format(transfer.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'})) if save_tender(self.request): self.LOGGER.info('Updated ownership of tender {}'.format(tender.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'tender_ownership_update'})) return {'data': tender.serialize('view')}
def post(self): contract = self.request.validated['contract'] data = self.request.validated['ownership_data'] if contract.status != "active": self.request.errors.add('body', 'data', 'Can\'t update credentials in current ({}) contract status'.format(contract.status)) self.request.errors.status = 403 return if contract.transfer_token == sha512(data.get('transfer', '')).hexdigest() or contract.tender_token == sha512(data.get('tender_token', '')).hexdigest(): transfer = extract_transfer(self.request, transfer_id=data['id']) if data.get('tender_token') and contract.owner != transfer.owner: self.request.errors.add('body', 'transfer', 'Only owner is allowed to generate new credentials.') self.request.errors.status = 403 return location = self.request.route_path('Contract', contract_id=contract.id) location = location[len(ROUTE_PREFIX):] # strips /api/<version> if transfer.get('usedFor') and transfer.get('usedFor') != location: self.request.errors.add('body', 'transfer', 'Transfer already used') self.request.errors.status = 403 return else: self.request.errors.add('body', 'transfer', 'Invalid transfer') self.request.errors.status = 403 return update_ownership(contract, transfer) self.request.validated['contract'] = contract transfer.usedFor = location self.request.validated['transfer'] = transfer if save_transfer(self.request): self.LOGGER.info('Updated transfer relation {}'.format(transfer.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'})) if save_contract(self.request): self.LOGGER.info('Updated ownership of contract {}'.format(contract.id), extra=context_unpack(self.request, {'MESSAGE_ID': 'contract_ownership_update'})) return {'data': contract.serialize('view')}
def post(self): agreement = self.request.validated["agreement"] data = self.request.validated["ownership_data"] route_name = "{}.Agreement".format(agreement.agreementType) location = get_transfer_location(self.request, route_name, agreement_id=agreement.id) transfer = extract_transfer(self.request, transfer_id=data["id"]) if transfer.get("usedFor") and transfer.get("usedFor") != location: self.request.errors.add("body", "transfer", "Transfer already used") self.request.errors.status = 403 return update_ownership(agreement, transfer) self.request.validated["agreement"] = agreement transfer.usedFor = location self.request.validated["transfer"] = transfer if save_transfer(self.request): self.LOGGER.info( "Updated transfer relation {}".format(transfer.id), extra=context_unpack( self.request, {"MESSAGE_ID": "transfer_relation_update"}), ) if save_agreement(self.request): self.LOGGER.info( "Updated ownership of agreement {}".format(agreement.id), extra=context_unpack( self.request, {"MESSAGE_ID": "agreement_ownership_update"}), ) return {"data": agreement.serialize("view")}
def post(self): tender = self.request.validated["tender"] data = self.request.validated["ownership_data"] route_name = "{}:Tender".format(tender.procurementMethodType) location = get_transfer_location(self.request, route_name, tender_id=tender.id) transfer = extract_transfer(self.request, transfer_id=data["id"]) if transfer.get("usedFor") and transfer.get("usedFor") != location: self.request.errors.add("body", "transfer", "Transfer already used") self.request.errors.status = 403 return update_ownership(tender, transfer) self.request.validated["tender"] = tender transfer.usedFor = location self.request.validated["transfer"] = transfer if save_transfer(self.request): self.LOGGER.info( "Updated transfer relation {}".format(transfer.id), extra=context_unpack( self.request, {"MESSAGE_ID": "transfer_relation_update"}), ) if save_tender(self.request): self.LOGGER.info( "Updated ownership of tender {}".format(tender.id), extra=context_unpack( self.request, {"MESSAGE_ID": "tender_ownership_update"}), ) return {"data": tender.serialize("view")}