def test_query_draft_event_user_error(event, user_login): "Different user should not be able to access draft event of other user" event.state = 'draft' with pytest.raises(ObjectNotFound): event_query(Ticket.query, {'event_id': event.id}) with pytest.raises(ObjectNotFound): event_query(Order.query, {'event_identifier': event.identifier})
def test_query_event(event): assert str(event_query(Order.query, {'event_id': event.id})) == str( Order.query.join(Event).filter(Event.id == event.id)) assert str( event_query(Ticket.query, {'event_identifier': event.identifier})) == str( Ticket.query.join(Event).filter(Event.id == event.id))
def test_query_restricted_event_admin(event, admin_login): assert str(event_query( Order.query, {'event_id': event.id}, restrict=True)) == str( Order.query.join(Event).filter(Event.id == event.id)) assert str( event_query(Ticket.query, {'event_identifier': event.identifier}, restrict=True)) == str( Ticket.query.join(Event).filter(Event.id == event.id))
def test_query_draft_event_admin(event, admin_login): event.state = 'draft' assert str(event_query(Order.query, {'event_id': event.id})) == str( Order.query.join(Event).filter(Event.id == event.id)) assert str( event_query(Ticket.query, {'event_identifier': event.identifier})) == str( Ticket.query.join(Event).filter(Event.id == event.id))
def test_query_restricted_event_organizer(event, user, user_login): get_owner(event, user) assert str(event_query( Order.query, {'event_id': event.id}, restrict=True)) == str( Order.query.join(Event).filter(Event.id == event.id)) assert str( event_query(Ticket.query, {'event_identifier': event.identifier}, restrict=True)) == str( Ticket.query.join(Event).filter(Event.id == event.id))
def test_query_draft_event_organizer(event, user, user_login): get_owner(event, user) event.state = 'draft' assert str(event_query(Order.query, {'event_id': event.id})) == str( Order.query.join(Event).filter(Event.id == event.id)) assert str( event_query(Ticket.query, {'event_identifier': event.identifier})) == str( Ticket.query.join(Event).filter(Event.id == event.id))
def query(self, view_kwargs): """ query method for Attendees List :param view_kwargs: :return: """ query_ = self.session.query(TicketHolder) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') if not has_access('is_registrar', event_id=order.event_id) and not has_access('is_user_itself', user_id=order.user_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Order).filter(Order.id == order.id) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') if not has_access('is_registrar', event_id=ticket.event_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Ticket).filter(Ticket.id == ticket.id) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User, User.email == TicketHolder.email).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs, permission='is_registrar') return query_
def query(self, view_kwargs): """ query method for Attendees List :param view_kwargs: :return: """ query_ = self.session.query(TicketHolder) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') if not has_access('is_registrar', event_id=order.event_id) or not has_access('is_user_itself', id=order.user_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Order).filter(Order.id == order.id) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') if not has_access('is_registrar', event_id=ticket.event_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(Ticket).filter(Ticket.id == ticket.id) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User, User.email == TicketHolder.email).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs, permission='is_registrar') return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Ticket).filter_by(is_hidden=False) if view_kwargs.get('ticket_tag_id'): ticket_tag = safe_query(self, TicketTag, 'id', view_kwargs['ticket_tag_id'], 'ticket_tag_id') query_ = query_.join(ticket_tags_table).filter_by( ticket_tag_id=ticket_tag.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('access_code_id'): access_code = safe_query(self, AccessCode, 'id', view_kwargs['access_code_id'], 'access_code_id') # access_code - ticket :: many-to-many relationship query_ = Ticket.query.filter( Ticket.access_codes.any(id=access_code.id)) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') ticket_ids = [] for ticket in order.tickets: ticket_ids.append(ticket.id) query_ = query_.filter(Ticket.id.in_(tuple(ticket_ids))) return query_
def query(self, view_kwargs): """ query method for speakers list class :param view_kwargs: :return: """ query_ = self.session.query(Speaker) query_ = event_query(query_, view_kwargs) if view_kwargs.get('user_id'): user = safe_query_kwargs(User, view_kwargs, 'user_id') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('session_id'): session = safe_query_kwargs(Session, view_kwargs, 'session_id') # session-speaker :: many-to-many relationship query_ = Speaker.query.filter(Speaker.sessions.any(id=session.id)) if 'Authorization' in request.headers and not has_access( 'is_coorganizer', event_id=session.event_id): if not has_access('is_session_self_submitted', session_id=session.id): query_ = query_.filter(Session.state == "approved" or Session.state == "accepted") return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ if 'Authorization' in request.headers: verify_jwt_in_request() if current_user.is_super_admin or current_user.is_admin: query_ = self.session.query(Ticket) elif view_kwargs.get('event_id') and has_access( 'is_organizer', event_id=view_kwargs['event_id']): query_ = self.session.query(Ticket) else: query_ = self.session.query(Ticket).filter_by(is_hidden=False) else: query_ = self.session.query(Ticket).filter_by(is_hidden=False) if view_kwargs.get('ticket_tag_id'): ticket_tag = safe_query(self, TicketTag, 'id', view_kwargs['ticket_tag_id'], 'ticket_tag_id') query_ = query_.join(ticket_tags_table).filter_by( ticket_tag_id=ticket_tag.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('access_code_id'): access_code = safe_query(self, AccessCode, 'id', view_kwargs['access_code_id'], 'access_code_id') # access_code - ticket :: many-to-many relationship query_ = Ticket.query.filter( Ticket.access_codes.any(id=access_code.id)) if view_kwargs.get('discount_code_id'): discount_code = safe_query( self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id', ) # discount_code - ticket :: many-to-many relationship query_ = Ticket.query.filter( Ticket.discount_codes.any(id=discount_code.id)) if view_kwargs.get('order_identifier'): order = safe_query( self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier', ) ticket_ids = [] for ticket in order.tickets: ticket_ids.append(ticket.id) query_ = query_.filter(Ticket.id.in_(tuple(ticket_ids))) return query_
def query(self, view_kwargs): """ query method for SessionList class :param view_kwargs: :return: """ query_ = self.session.query(Session) if view_kwargs.get('track_id') is not None: track = safe_query(self, Track, 'id', view_kwargs['track_id'], 'track_id') query_ = query_.join(Track).filter(Track.id == track.id) if view_kwargs.get('session_type_id') is not None: session_type = safe_query(self, SessionType, 'id', view_kwargs['session_type_id'], 'session_type_id') query_ = query_.join(SessionType).filter( SessionType.id == session_type.id) if view_kwargs.get('microlocation_id') is not None: microlocation = safe_query(self, Microlocation, 'id', view_kwargs['microlocation_id'], 'microlocation_id') query_ = query_.join(Microlocation).filter( Microlocation.id == microlocation.id) if view_kwargs.get('user_id') is not None: user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('speaker_id'): speaker = safe_query(self, Speaker, 'id', view_kwargs['speaker_id'], 'speaker_id') # session-speaker :: many-to-many relationship query_ = Session.query.filter(Session.speakers.any(id=speaker.id)) return query_
def query(self, view_kwargs): """ Method to get access codes list based on different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(AccessCode) query_ = event_query(self, query_, view_kwargs, permission='is_coorganizer') if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') if not has_access('is_coorganizer', event_id=ticket.event_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') # access_code - ticket :: many-to-many relationship query_ = AccessCode.query.filter( AccessCode.tickets.any(id=ticket.id)) query_ return query_
def query(self, view_kwargs): """ query method for SessionList class :param view_kwargs: :return: """ query_ = self.session.query(Session) if view_kwargs.get('track_id') is not None: track = safe_query(self, Track, 'id', view_kwargs['track_id'], 'track_id') query_ = query_.join(Track).filter(Track.id == track.id) if view_kwargs.get('session_type_id') is not None: session_type = safe_query(self, SessionType, 'id', view_kwargs['session_type_id'], 'session_type_id') query_ = query_.join(SessionType).filter(SessionType.id == session_type.id) if view_kwargs.get('microlocation_id') is not None: microlocation = safe_query(self, Microlocation, 'id', view_kwargs['microlocation_id'], 'microlocation_id') query_ = query_.join(Microlocation).filter(Microlocation.id == microlocation.id) if view_kwargs.get('user_id') is not None: user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('speaker_id'): speaker = safe_query(self, Speaker, 'id', view_kwargs['speaker_id'], 'speaker_id') # session-speaker :: many-to-many relationship query_ = Session.query.filter(Session.speakers.any(id=speaker.id)) return query_
def query(self, view_kwargs): """ query method for social link :param view_kwargs: :return: """ query_ = self.session.query(SocialLink) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Tax) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(Feedback) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for Sponsor List :param view_kwargs: :return: """ query_ = self.session.query(Sponsor) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for social link :param view_kwargs: :return: """ query_ = self.session.query(SocialLink) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(CustomForms) query_ = event_query(query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for Session Type List :param view_kwargs: :return: """ query_ = self.session.query(FaqType) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for role invites list :param view_kwargs: :return: """ query_ = self.session.query(RoleInvite) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for Session Type List :param view_kwargs: :return: """ query_ = self.session.query(SessionType) query_ = event_query(query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(Feedback) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for Sponsor List :param view_kwargs: :return: """ query_ = self.session.query(Sponsor) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Track) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for role invites list :param view_kwargs: :return: """ query_ = self.session.query(RoleInvite) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): query_ = Exhibitor.query if view_kwargs.get('session_id'): session = safe_query_kwargs(Session, view_kwargs, 'session_id') # session-exhibitor :: many-to-many relationship query_ = Exhibitor.query.filter( Exhibitor.sessions.any(id=session.id)) elif view_kwargs.get('event_id') or view_kwargs.get( 'event_identifier'): query_ = event_query(query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Microlocation) query_ = event_query(query_, view_kwargs) if view_kwargs.get('session_id'): session = safe_query_kwargs(Session, view_kwargs, 'session_id') query_ = query_.join(Session).filter(Session.id == session.id) return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Microlocation) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('session_id'): session = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id') query_ = query_.join(Session).filter(Session.id == session.id) return query_
def query(self, view_kwargs): """ query method for different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(Faq) query_ = event_query(query_, view_kwargs) if view_kwargs.get('faq_type_id') is not None: faq_type = safe_query_kwargs(FaqType, view_kwargs, 'faq_type_id') query_ = query_.join(FaqType).filter(FaqType.id == faq_type.id) return query_
def query(self, view_kwargs): """ method to query Ticket tags based on different params :param view_kwargs: :return: """ query_ = self.session.query(TicketTag) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') query_ = query_.join(ticket_tags_table).filter_by(ticket_id=ticket.id) query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ method to query Ticket tags based on different params :param view_kwargs: :return: """ query_ = self.session.query(TicketTag) if view_kwargs.get('ticket_id'): ticket = safe_query_kwargs(Ticket, view_kwargs, 'ticket_id') query_ = query_.join(ticket_tags_table).filter_by( ticket_id=ticket.id) query_ = event_query(query_, view_kwargs) return query_
def query(self, view_kwargs): query_ = self.session.query(Order) if view_kwargs.get('user_id'): # orders under a user user = safe_query_kwargs(User, view_kwargs, 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenError({'source': ''}, 'Access Forbidden') query_ = query_.filter(Order.user_id == user.id) else: # orders under an event query_ = event_query(query_, view_kwargs, restrict=True) return query_
def query(self, view_kwargs): """ query method for event invoice list :param view_kwargs: :return: """ query_ = self.session.query(EventInvoice) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('discount_code_id'): discount_code = safe_query(self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id') query_ = query_.join(DiscountCode).filter(DiscountCode.id == discount_code.id) return query_
def query(self, view_kwargs): """ query method for SessionList class :param view_kwargs: :return: """ query_ = self.session.query(Session) if view_kwargs.get('track_id'): track = safe_query_kwargs(Track, view_kwargs, 'track_id') query_ = query_.join(Track).filter(Track.id == track.id) elif view_kwargs.get('session_type_id'): session_type = safe_query_kwargs(SessionType, view_kwargs, 'session_type_id') query_ = query_.join(SessionType).filter(SessionType.id == session_type.id) elif view_kwargs.get('microlocation_id'): microlocation = safe_query_kwargs( Microlocation, view_kwargs, 'microlocation_id', ) query_ = query_.join(Microlocation).filter( Microlocation.id == microlocation.id ) elif view_kwargs.get('user_id'): user = safe_query_kwargs(User, view_kwargs, 'user_id') query_ = ( query_.join(Session.speakers) .filter( Session.creator_id == user.id or Session.speakers.any( or_(Speaker.user_id == user.id, Speaker.email == user.email) ) ) .distinct(*get_distinct_sort_fields(SessionSchema, Session, sort=False)) .order_by(*get_distinct_sort_fields(SessionSchema, Session)) ) elif view_kwargs.get('speaker_id'): speaker = safe_query_kwargs(Speaker, view_kwargs, 'speaker_id') # session-speaker :: many-to-many relationship query_ = Session.query.filter(Session.speakers.any(id=speaker.id)) elif view_kwargs.get('exhibitor_id'): exhibitor = safe_query_kwargs(Exhibitor, view_kwargs, 'exhibitor_id') # session-exhibitor :: many-to-many relationship query_ = Session.query.filter(Session.exhibitors.any(id=exhibitor.id)) elif view_kwargs.get('event_id') or view_kwargs.get('event_identifier'): query_ = event_query(query_, view_kwargs) return query_
def query(self, view_kwargs): """ query method for Attendees List :param view_kwargs: :return: """ query_ = self.session.query(TicketHolder) if view_kwargs.get('order_identifier'): order = safe_query_kwargs( Order, view_kwargs, 'order_identifier', 'identifier', ) is_coorganizer = has_access( 'is_coorganizer', event_id=order.event_id, ) if not ( is_coorganizer or current_user.id == order.user_id or order.is_attendee(current_user) ): raise ForbiddenError({'source': ''}, 'Access Forbidden') query_ = query_.join(Order).filter(Order.id == order.id) if not is_coorganizer and current_user.id != order.user_id: query_ = query_.filter(TicketHolder.user == current_user) if view_kwargs.get('ticket_id'): ticket = safe_query_kwargs(Ticket, view_kwargs, 'ticket_id') # if not has_access('is_registrar', event_id=ticket.event_id): # raise ForbiddenError({'source': ''}, 'Access Forbidden') query_ = query_.join(Ticket).filter(Ticket.id == ticket.id) if view_kwargs.get('user_id'): user = safe_query_kwargs(User, view_kwargs, 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenError({'source': ''}, 'Access Forbidden') query_ = query_.join(User, User.email == TicketHolder.email).filter( User.id == user.id ) query_ = event_query(query_, view_kwargs, restrict=True) return query_
def query(self, view_kwargs): """ query method for event invoice list :param view_kwargs: :return: """ user = current_user user_id = view_kwargs.get('user_id') if user_id != user.id and not user.is_staff: raise ForbiddenError({'source': ''}, 'Admin access is required') query_ = self.session.query(EventInvoice) query_ = event_query(query_, view_kwargs) if user_id: user = safe_query_kwargs(User, view_kwargs, 'user_id') query_ = query_.join(User).filter(User.id == user.id) return query_
def query(self, view_kwargs): """ query method for event invoice list :param view_kwargs: :return: """ query_ = self.session.query(EventInvoice) query_ = event_query(query_, view_kwargs) if view_kwargs.get('user_id'): user = safe_query_kwargs(User, view_kwargs, 'user_id') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('discount_code_id'): discount_code = safe_query_kwargs( DiscountCode, view_kwargs, 'discount_code_id', ) query_ = query_.join(DiscountCode).filter(DiscountCode.id == discount_code.id) return query_
def query(self, view_kwargs): query_ = self.session.query(Order) if view_kwargs.get('user_id'): # orders under a user user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User, User.id == Order.user_id).filter(User.id == user.id) else: # orders under an event query_ = event_query(self, query_, view_kwargs) # expire the pending orders if the time limit is over. orders = query_.all() for order in orders: set_expiry_for_order(order) return query_
def query(self, view_kwargs): query_ = self.session.query(Order) if view_kwargs.get('user_id'): # orders under a user user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', user_id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User, User.id == Order.user_id).filter(User.id == user.id) else: # orders under an event query_ = event_query(self, query_, view_kwargs) # expire the initializing orders if the time limit is over. orders = query_.all() for order in orders: set_expiry_for_order(order) return query_
def query(self, view_kwargs): """ query method for different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(Feedback) if view_kwargs.get('user_id'): # feedbacks under an user user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') query_ = query_.join(User, User.id == Feedback.user_id).filter(User.id == user.id) elif view_kwargs.get('session_id'): # feedbacks under a session session = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id') query_ = query_.join(Session, Session.id == Feedback.session_id).filter(Session.id == session.id) else: # feedbacks under an event query_ = event_query(self, query_, view_kwargs) return query_
def query(self, view_kwargs): """ Method to get access codes list based on different view_kwargs :param view_kwargs: :return: """ query_ = self.session.query(AccessCode) query_ = event_query(self, query_, view_kwargs, permission='is_coorganizer') if view_kwargs.get('user_id'): user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id') if not has_access('is_user_itself', id=user.id): raise ForbiddenException({'source': ''}, 'Access Forbidden') query_ = query_.join(User).filter(User.id == user.id) if view_kwargs.get('ticket_id'): ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id') if not has_access('is_coorganizer', event_id=ticket.event_id): raise ForbiddenException({'source': ''}, 'Access Forbidden') # access_code - ticket :: many-to-many relationship query_ = AccessCode.query.filter(AccessCode.tickets.any(id=ticket.id)) query_ return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ if 'Authorization' in request.headers: _jwt_required(current_app.config['JWT_DEFAULT_REALM']) if current_user.is_super_admin or current_user.is_admin: query_ = self.session.query(Ticket) elif view_kwargs.get('event_id') and has_access('is_organizer', event_id=view_kwargs['event_id']): query_ = self.session.query(Ticket) else: query_ = self.session.query(Ticket).filter_by(is_hidden=False) else: query_ = self.session.query(Ticket).filter_by(is_hidden=False) if view_kwargs.get('ticket_tag_id'): ticket_tag = safe_query(self, TicketTag, 'id', view_kwargs['ticket_tag_id'], 'ticket_tag_id') query_ = query_.join(ticket_tags_table).filter_by(ticket_tag_id=ticket_tag.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('access_code_id'): access_code = safe_query(self, AccessCode, 'id', view_kwargs['access_code_id'], 'access_code_id') # access_code - ticket :: many-to-many relationship query_ = Ticket.query.filter(Ticket.access_codes.any(id=access_code.id)) if view_kwargs.get('discount_code_id'): discount_code = safe_query(self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id') # discount_code - ticket :: many-to-many relationship query_ = Ticket.query.filter(Ticket.discount_codes.any(id=discount_code.id)) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') ticket_ids = [] for ticket in order.tickets: ticket_ids.append(ticket.id) query_ = query_.filter(Ticket.id.in_(tuple(ticket_ids))) return query_
def query(self, view_kwargs): """ query method for resource list :param view_kwargs: :return: """ query_ = self.session.query(Ticket).filter_by(is_hidden=False) if view_kwargs.get('ticket_tag_id'): ticket_tag = safe_query(self, TicketTag, 'id', view_kwargs['ticket_tag_id'], 'ticket_tag_id') query_ = query_.join(ticket_tags_table).filter_by(ticket_tag_id=ticket_tag.id) query_ = event_query(self, query_, view_kwargs) if view_kwargs.get('access_code_id'): access_code = safe_query(self, AccessCode, 'id', view_kwargs['access_code_id'], 'access_code_id') # access_code - ticket :: many-to-many relationship query_ = Ticket.query.filter(Ticket.access_codes.any(id=access_code.id)) if view_kwargs.get('order_identifier'): order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier') ticket_ids = [] for ticket in order.tickets: ticket_ids.append(ticket.id) query_ = query_.filter(Ticket.id.in_(tuple(ticket_ids))) return query_