コード例 #1
0
ファイル: program.py プロジェクト: nesp-tsr3-1/tsx
def create_or_update_program(program_id=None):
	action = 'update' if program_id else 'create'

	user = get_user()

	if not permitted(user, action, 'program', program_id):
		return "Not authorized", 401

	if program_id:
		program = db_session.query(MonitoringProgram).get(program_id)
	else:
		program = MonitoringProgram()

	if not program:
		return "Not found", 400

	body = request.json

	errors = validate_fields(program_fields, body)

	if len(errors):
		return jsonify(errors), 400

	update_program_from_json(program, body)
	db_session.add(program)
	db_session.flush()

	if action == 'create':
		db_session.execute("""INSERT INTO user_program_manager (user_id, monitoring_program_id) VALUES (:user_id, :program_id)""",
				{ 'program_id': program.id, 'user_id': user.id })


	db_session.commit()

	return jsonify(program_to_json(program)), 200 if program_id else 201
コード例 #2
0
ファイル: program.py プロジェクト: nesp-tsr3-1/tsx
def add_manager_to_monitoring_program(program_id = None):
	if program_id == None:
		return "Not found", 404

	user = get_user()

	if not permitted(user, 'mangage_managers', 'program', program_id):
		return "Not authorized", 401

	body = request.json

	email = body["email"]

	if not re.match(email_regex, email):
		return jsonify({ 'error' : '"%s" is not a valid email address' % email }), 400

	manager = db_session.query(User).filter(User.email == email).one_or_none()

	if not manager:
		manager = User(email=email)
		db_session.add(manager)
		db_session.flush()

	db_session.execute("""REPLACE INTO user_program_manager (user_id, monitoring_program_id) VALUES (:user_id, :program_id)""",
		{ 'user_id': manager.id, 'program_id': program_id })
	db_session.commit()

	return "OK", 201
コード例 #3
0
ファイル: user.py プロジェクト: nesp-tsr3-1/tsx
def create_user():
	body = request.json

	fields = [
		Field(name='email', title='Email address', validators=[validate_required, validate_email]),
		Field(name='first_name', title='First name', validators=[validate_required, validate_max_chars(255)]),
		Field(name='last_name', title='Last name', validators=[validate_required, validate_max_chars(255)]),
		Field(name='phone_number', title='Phone number', validators=[validate_max_chars(32)]),
		Field(name='password', title='Password', validators=[validate_required, validate_min_chars(8)])
	]

	errors = validate_fields(fields, body)

	if len(errors):
		return jsonify(errors), 400

	user = db_session.query(User).filter(User.email == body['email']).one_or_none()
	if user:
		if user.password_hash:
			# User already has an ccount
			return jsonify({ 'email': "An account with this email address already exists" }), 400
	else:
		user = User(email=body['email'].strip())

	user.first_name=body['first_name'].strip()
	user.last_name=body['last_name'].strip()
	user.phone_number=body['phone_number'].strip()
	user.password_hash=pwd_context.hash(body['password'])

	try:
		db_session.add(user)
		db_session.flush()
	except exc.IntegrityError:
		# User already exists
		pass

	db_session.execute("""INSERT INTO user_role (user_id, role_id)
		VALUES (:user_id, (SELECT id FROM role WHERE description = 'Custodian'))""",
		{'user_id': user.id})

	db_session.commit()

	try:
		email_body = new_account_body.substitute(name=user.first_name)
		send_email(user.email, 'TSX Account Created', email_body)
	except Exception as e:
		print('Error sending email to %s' % user.email)
		print('Error: %s' % e)

	return "OK", 204 # Success
コード例 #4
0
def update_source_processing_notes(source_id=None, note_id=None):
	user = get_user()

	if not permitted(user, 'update', 'source', source_id):
		return "Not authorized", 401

	notes = db_session.query(DataProcessingNotes).get(note_id)

	if notes.source_id != source_id:
		return "Source id doesn't match", 400

	body = request.json # TODO: validate json
	notes.notes = body['notes']
	db_session.add(notes)
	db_session.commit()

	return "OK", 201
コード例 #5
0
def post_import():
	user = get_user()

	body = request.json

	try:
		source_id = body['source_id']
	except KeyError:
		return jsonify('source_id is required'), 400

	if not permitted(user, 'update', 'source', source_id):
		return 'Not authorized', 401

	# Check upload parameter
	if 'upload_uuid' not in body:
		return jsonify("upload_uuid is required"), 400

	upload_uuid = body['upload_uuid']
	file_path = get_upload_path(upload_uuid)

	if not os.path.exists(file_path):
		return jsonify("invalid upload_uuid"), 400

	# Create new working directory for the import
	data_import = DataImport(
		source_id = source_id,
		status_id = 1,
		upload_uuid = body['upload_uuid'],
		filename = get_upload_name(upload_uuid),
		data_type = body.get('data_type'),
		user_id = user.id
	)
	db_session.add(data_import)
	db_session.commit()
	import_id = data_import.id

	# working_path = os.path.join(imports_path, "%04d" % import_id)

	# working_path, import_id = next_path(os.path.join(imports_path, "%04d"))
	# os.makedirs(working_path)

	process_import_async(import_id, 'checking')

	# TODO - Ideally should return 201 Created and URL of new resource
	return jsonify(data_import_json(load_import(import_id)))
コード例 #6
0
def create_source_processing_notes(source_id=None):
	user = get_user()

	if not permitted(user, 'update', 'source', source_id):
		return "Not authorized", 401

	body = request.json

	# TODO: validate json

	notes = DataProcessingNotes()
	notes.notes = body['notes']
	notes.user_id = user.id
	notes.source_id = source_id
	db_session.add(notes)
	db_session.commit()

	return "OK", 201
コード例 #7
0
def create_or_update_source(source_id=None):
	action = 'update' if source_id else 'create'

	user = get_user()

	if not permitted(user, action, 'source', source_id):
		return "Not authorized", 401

	if source_id:
		source = db_session.query(Source).get(source_id)
	else:
		source = Source()

	if not source:
		return "Not found", 400

	body = request.json

	errors = validate_fields(source_fields, body)

	if len(errors):
		return jsonify(errors), 400

	update_source_from_json(source, body)
	db_session.add(source)
	db_session.flush()

	if action == 'create':
		db_session.execute("""INSERT INTO user_source (user_id, source_id) VALUES (:user_id, :source_id)""",
				{ 'source_id': source.id, 'user_id': user.id })

	else:
		remove_orphaned_monitoring_programs()

	db_session.commit()

	return jsonify(source_to_json(source)), 200 if source_id else 201
コード例 #8
0
def create_source_custodian(source_id=None):
	user = get_user()

	if not permitted(user, 'manage_custodians', 'source', source_id):
		return "Not authorized", 401

	body = request.json

	email = body["email"]

	if not re.match(email_regex, email):
		return jsonify({ 'error' : '"%s" is not a valid email address' % email }), 400

	custodian = db_session.query(User).filter(User.email == email).one_or_none()

	if not custodian:
		if auto_create_custodians:
			custodian = User(email=email)
			db_session.add(custodian)
			db_session.flush()
		else:
			error_message = 'No user found with the email address "%s". (Note: custodians must first create an account before they can be added)' % email
			return jsonify({ 'error': error_message }), 400

	rows = db_session.execute("""SELECT 1
		FROM user_source
		WHERE user_id = :user_id
		AND source_id = :source_id
	""", { 'source_id': source_id, 'user_id': custodian.id })

	if len(list(rows)) == 0:
		db_session.execute("""INSERT INTO user_source (user_id, source_id) VALUES (:user_id, :source_id)""",
			{ 'source_id': source_id, 'user_id': custodian.id })
		db_session.commit()

	return "OK", 201