def post( self, request, contact_id, case_id, case_role_id=None, submission_id=None, *args, **kwargs ): notify_template_key = None try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) case_role = get_role(case_role_id) case = Case.objects.get(id=case_id) notify_template_key = case.type.meta.get("invite_notify_template_key") except Contact.DoesNotExist: raise NotFoundApiExceptions("Invalid contact id.") except CaseRole.DoesNotExist: raise NotFoundApiExceptions("Invalid case role id") except Case.DoesNotExist: raise InvalidRequestParams("Invalid case id") if not contact.organisation and contact.has_user: contact.organisation = contact.user.organisation.organisation # check if an invite exists already created = False invitation_kwargs = {} if submission_id: invitation_kwargs["submission__id"] = submission_id organisation_id = request.data.get("organisation_id") if organisation_id: organisation = Organisation.objects.get(id=organisation_id) else: organisation = contact.organisation try: invitation = Invitation.objects.get( contact=contact, case=case, organisation=organisation, deleted_at__isnull=True, **invitation_kwargs, ) except Invitation.DoesNotExist: invitation = Invitation.objects.create( created_by=request.user, contact=contact, case=case, case_role=case_role, organisation=organisation, short_code=crypto.get_random_string(8), code=str(uuid.uuid4()), email=contact.email, ) created = True values = {key: request.data.get(key) for key in request.data.keys()} invitation.send( sent_by=request.user, context=values, direct=True, template_key=notify_template_key ) return ResponseSuccess( { "result": invitation.to_dict(), "created": created, }, http_status=status.HTTP_201_CREATED, )
def post(self, request, case_id, contact_id, organisation_id, *args, **kwargs): try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) except Contact.DoesNotExist: raise NotFoundApiExceptions("Contact does not exist or access is denied") try: organisation = Organisation.objects.get(id=organisation_id) except Organisation.DoesNotExist: raise NotFoundApiExceptions("Organisation does not exist or access is denied") contact.set_primary(case=get_case(case_id), organisation=organisation) return ResponseSuccess({"result": contact.to_dict()}, http_status=status.HTTP_201_CREATED)
def get( self, request, case_id=None, contact_id=None, submission_id=None, invitation_id=None, organisation_id=None, *args, **kwargs, ): if invitation_id: invitation = Invitation.objects.get_user_invite( invitation_id, requested_by=request.user ) return ResponseSuccess({"result": invitation.to_dict()}) invitations = Invitation.objects.filter(deleted_at__isnull=True, organisation__isnull=False) if contact_id: try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) except Contact.DoesNotExist: raise NotFoundApiExceptions("Invalid contact id.") invitations = invitations.filter(contact=contact) if case_id: try: case = Case.objects.get(id=case_id) except Case.DoesNotExist: raise InvalidRequestParams("Invalid case id")
def get(self, request, organisation_id, *args, **kwargs): try: organisation = Organisation.objects.get(id=organisation_id) except Organisation.DoesNotExist: raise NotFoundApiExceptions( "Organisation does not exist or access is denied") case_id = request.GET.get("case_id") if case_id: # Get from user-org-case user_cases = UserCase.objects.filter( organisation_id=organisation_id, case_id=case_id) case_contacts = CaseContact.objects.filter( organisation_id=organisation_id, case_id=case_id) primary_contact_ids = {} for cc in case_contacts: if cc.primary: primary_contact_ids[str(cc.contact.id)] = True results = [] for user_case in user_cases: _dict = user_case.to_dict() (_dict.get("user") or {})["contact_id"] = user_case.user.contact.id if primary_contact_ids.get(str(user_case.user.contact.id)): _dict["primary"] = True results.append(_dict) return ResponseSuccess({"results": results}) return ResponseSuccess( {"results": [user.to_user_dict() for user in organisation.users]})
def delete(self, request, invitation_id, *args, **kwargs): try: invitation = Invitation.objects.get(id=invitation_id) except Invitation.DoesNotExist: raise NotFoundApiExceptions("Invalid invitation id") invitation.delete() return ResponseSuccess({"deleted_id": invitation_id})
def post(self, request, task_id=None, case_id=None, model_id=None, content_type=None, *args, **kwargs): """ create / update a Task """ task_id = task_id or request.data.get("id") case_id = case_id or request.data.get("case_id") if task_id: try: task = Task.objects.get(id=task_id) except Task.DoesNotExist: raise NotFoundApiExceptions("Invalid task id") else: # we must be creating a task, so get the key params case = get_case(case_id) model_id = model_id or request.data.get("model_id") content_type = content_type or request.data.get("content_type") _content_type = content_type and get_content_type(content_type) task = Task( case=case, created_by=request.user, model_id=model_id, content_type=_content_type, user_context=[request.user], )
def delete(self, request, contact_id=None, *args, **kwargs): try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) except Contact.DoesNotExist: raise NotFoundApiExceptions("Contact does not exist or access is denied") CaseContact.objects.filter(contact=contact).delete() contact.delete() return ResponseSuccess({"result": {"deleted": True}}, http_status=status.HTTP_200_OK)
class OrganisationNonResponsiveToggleAPI(TradeRemediesApiView): """ Toggle the non_responsive flag for this organisation's role in the case. """ def post(self, request, case_id, organisation_id, *args, **kwargs): try: case = Case.objects.get(id=case_id) organisation = Organisation.objects.get(id=organisation_id) except Case.DoesNotExist: raise NotFoundApiExceptions("Case not found or access denied")
def post(self, request, organisation_id, user_id=None, *args, **kwargs): try: organisation = Organisation.objects.get(id=organisation_id) except Organisation.DoesNotExist: raise NotFoundApiExceptions( "Organisation does not exist or access is denied") if user_id: org_user = organisation.users.get(user_id=user_id) if org_user and self.toggle_admin: org_user.user.toggle_role(SECURITY_GROUP_ORGANISATION_OWNER) return ResponseSuccess({"result": org_user.to_user_dict()})
def get(self, request, task_id=None, case_id=None, *args, **kwargs): # noqa: C901 """ Get one or more tasks based on a set of query parameters and fields. """ query_str = request.GET.get("query") query_dict = json.loads(query_str) if query_str else {} fields_str = request.GET.get("fields") fields = json.loads(fields_str) if fields_str else {} if task_id: try: task = Task.objects.get(id=task_id) return ResponseSuccess({"result": task.to_dict()}) except Task.DoesNotExist: raise NotFoundApiExceptions("Task not found id") else: query = Q(deleted_at__isnull=True) orquery = None exclude_exp = Q(id__isnull=True) for query_item in query_dict: field = query_item.get("field") field_val = query_item.get("value") if field_val: queue = None if field_val == "null": queue = Q(**{field + "__isnull": True}) else: queue = Q(**{field: field_val}) if query_item.get("combine") == "not": exclude_exp.add(queue, Q.OR) elif query_item.get("combine") == "or": if orquery: orquery.add(queue, Q.OR) else: orquery = queue else: query.add(queue, Q.AND) tasks = Task.objects.filter(query).exclude(exclude_exp) if orquery: tasks = Task.objects.filter(query).exclude(exclude_exp).filter( orquery) else: tasks = Task.objects.filter(query).exclude(exclude_exp) return ResponseSuccess( {"results": [_task.to_dict(fields=fields) for _task in tasks]})
def get(self, request, contact_id=None, *args, **kwargs): if contact_id: try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) return ResponseSuccess({"result": contact.to_dict()}) except Contact.DoesNotExist: raise NotFoundApiExceptions("Contact does not exist or access is denied") else: filter_kwargs = pluck(request.query_params, ["name", "country", "organisation"]) contacts = Contact.objects.filter(**filter_kwargs) return ResponseSuccess({"results": [_contact.to_dict() for _contact in contacts]})
def get(self, request, code, organisation_id, *args, **kwargs): try: organisation = Organisation.objects.get(id=organisation_id) invite = Invitation.objects.get( code=code, organisation=organisation, deleted_at__isnull=True ) invited_by = invite.created_by invited_by_token = invited_by.auth_token.key except (Organisation.DoesNotExist, Invitation.DoesNotExist): raise NotFoundApiExceptions("Invite not found") response = {"organisation": organisation.to_embedded_dict(), "invite": invite.to_dict()} response["invite"]["invited_by"] = invited_by_token return ResponseSuccess({"result": response}, http_status=status.HTTP_200_OK)
def post(self, request, organisation_id=None, case_id=None, organisation_type=None, *args, **kwargs): result = {} case = None if case_id: try: case = Case.objects.get(id=case_id) except Case.DoesNotExist: raise NotFoundApiExceptions("Case not found or access denied")
def post(self, request, invitation_id, *args, **kwargs): try: invitation = Invitation.objects.get( id=invitation_id, deleted_at__isnull=True, ) invitation.accepted_at = timezone.now() invitation.user = request.user invitation.save() return ResponseSuccess( { "result": invitation.to_dict(), } ) except Invitation.DoesNotExist: raise NotFoundApiExceptions("Invitation not found")
def get(self, request, organisation_id=None, case_id=None, *args, **kwargs): is_tra = request.user.is_tra() gov_body = request.query_params.get("gov_body", "false") in TRUTHFUL_INPUT_VALUES fields = request.query_params.get("fields") case = None if case_id: try: case = Case.objects.get(id=case_id) except Case.DoesNotExist: raise NotFoundApiExceptions("Case not found or access denied")
class InvitationDetailsAPI(TradeRemediesApiView): """ Retrieve the details of an invitation. This call would normally be called via the trusted user (healthcheck) and used to display the invitation information in the invite welcome screen. `GET /api/v1/invitation/{code_id}/{case_id}/` Retrieve an invitation """ def get(self, request, code=None, case_id=None, *args, **kwargs): try: case = Case.objects.get(id=case_id) invitation = Invitation.objects.get(code=code, case=case, deleted_at__isnull=True) return ResponseSuccess({"result": invitation.to_dict()}) except Case.DoesNotExist: raise NotFoundApiExceptions("Invalid case id")
def get(self, request, document_id, submission_id=None, *args, **kwargs): document = Document.objects.get(id=document_id) is_tra = request.user.is_tra() if (not is_tra and not submission_id and not request.user.email == settings.TRUSTED_USER_EMAIL): raise InvalidRequestParams("Invalid request params") if submission_id: submission = Submission.objects.get_submission(id=submission_id) doc_submission = SubmissionDocument.objects.get( submission=submission, document=document) if not is_tra and not doc_submission.downloadable_by(request.user): raise NotFoundApiExceptions( "Document not found or access is denied") doc_submission.downloads += 1 doc_submission.save() return stream_s3_file_download(document.s3_bucket, document.s3_key, filename=document.name)
def post(self, request, case_id, submission_id, contact_id, *args, **kwargs): notify_data = request.data.dict() case = get_case(case_id) submission = Submission.objects.get(id=submission_id, case=case) contact = Contact.objects.select_related("userprofile", "organisation").get(id=contact_id) try: invite = Invitation.objects.get(submission=submission, contact=contact) except Invitation.DoesNotExist: raise NotFoundApiExceptions("Invite not found") send_report = invite.send( sent_by=request.user, context=notify_data, direct=True, template_key="NOTIFY_THIRD_PARTY_INVITE", ) invite.email_sent = True invite.sent_at = timezone.now() invite.approved_by = request.user invite.save() return ResponseSuccess({"result": invite.to_dict()}, http_status=status.HTTP_201_CREATED)
def get( self, request, note_id=None, model_id=None, content_type=None, case_id=None, model_key=None, *args, **kwargs, ): if note_id: try: note = Note.objects.get(id=note_id) return ResponseSuccess({"result": note.to_dict()}) except Note.DoesNotExist: raise NotFoundApiExceptions("Invalid note id") else: notes = Note.objects.filter(deleted_at__isnull=True) if case_id: notes = notes.filter(case__id=case_id) if model_id and content_type: _content_type = get_content_type(content_type) if model_key: notes = notes.filter(model_id=model_id, content_type=_content_type, model_key=model_key) else: notes = notes.filter(model_id=model_id, content_type=_content_type) else: raise InvalidRequestParams( "A note id, case id or a model identifiers are required") notes = notes.order_by("created_at") return ResponseSuccess( {"results": [_note.to_dict() for _note in notes]})
def post(self, request, code=None, short_code=None, case_id=None, *args, **kwargs): if not code and not case_id and short_code: invitiation, organisation = Invitation.objects.validate_public_invite( short_code, user=request.user ) return ResponseSuccess( {"result": {"invitation": invitiation.to_dict(), "deviation": None, "diff": None}} ) else: invitation = Invitation.objects.get_invite_by_code(code) if invitation: invitation.process_invitation(request.user, accept=True) deviation, diff = invitation.compare_user_contact() return ResponseSuccess( { "result": { "invitation": invitation.to_dict(), "deviation": deviation, "diff": diff, } } ) else: raise NotFoundApiExceptions("No invitation found for this user")
def get(self, request, organisation_id, case_id=None, *args, **kwargs): # noqa: C901 contacts = {} case = Case.objects.get(id=case_id) if case_id else None def add_contact(case_contact, case): if get(case_contact, "contact").address != "redacted": contact_id = str(get(case_contact, "contact").id) if contact_id not in contacts: contact = get(case_contact, "contact") contacts[contact_id] = contact.to_dict(case) contacts[contact_id]["cases"] = {} if get(contacts[contact_id], "user"): try: organisation = contact.user.organisation.organisation contacts[contact_id]["user"]["organisation"] = { "id": organisation.id } except AttributeError: pass if case_contact.get("loa"): contacts[contact_id]["loa"] = True if case_contact.get("organisation_contact"): contacts[contact_id]["organisation_contact"] = True if case_contact.get("case_contact"): contacts[contact_id]["case_contact"] = True case = get(case_contact, "case") if case: cc = contacts[contact_id]["cases"].get(str(case.id)) or { "name": case.name } cc.update({ k: v for k, v in case_contact.items() if v is not None and k in ["primary", "loa", "name", "in_case", "case_contact"] }) contacts[contact_id]["cases"][str(case.id)] = cc try: organisation = Organisation.objects.get(id=organisation_id) except Organisation.DoesNotExist: raise NotFoundApiExceptions( "Organisation does not exist or access is denied") users = organisation.users # get the users from user->org # Add contacts that are related via a user-case with this org - representing if not request.query_params.get("exclude_indirect"): user_cases = UserCase.objects.filter(organisation=organisation, ) for user_case in user_cases: add_contact( { "contact": user_case.user.contact, "case": user_case.case, "primary": False, "in_case": True, }, case=case, ) # Add case contacts if we don't have them already case_contacts = CaseContact.objects.filter( organisation=organisation, contact__deleted_at__isnull=True, ) for case_contact in case_contacts: add_contact( { "contact": case_contact.contact, "case": case_contact.case, "primary": case_contact.primary, "case_contact": True, }, case=case, ) # Add LOA contacts for caserole in OrganisationCaseRole.objects.filter( organisation=organisation, auth_contact__deleted_at__isnull=True): if caserole.auth_contact: add_contact( { "contact": caserole.auth_contact, "loa": True, }, case=case, ) # Add contacts that are attached directly to the organisation for org_contact in organisation.contacts: add_contact( { "contact": org_contact, "organisation_contact": True, }, case=case, ) return ResponseSuccess({"results": contacts.values()})
def get(self, request, invitation_id=None, *args, **kwargs): try: invitation = Invitation.objects.get(id=invitation_id, user=request.user) return ResponseSuccess({"result": invitation.to_dict()}) except Invitation.DoesNotExist: raise NotFoundApiExceptions("Invalid invitation")
content_type=None, *args, **kwargs, ): response = None if note_id and document_id: try: note = Note.objects.get(id=note_id, case__id=case_id) document = Document.objects.get(id=document_id) case = get_case(case_id) # Only delete if the doc is not used in any submissions if len(document.submissions(case)) == 0: note.documents.remove(document) response = document.delete() else: result = { "deleted": False, "result": "Document used in submission" } except Note.DoesNotExist: raise NotFoundApiExceptions("Invalid note id") else: raise NotFoundApiExceptions("Invalid note id") return ResponseSuccess( {"result": { "deleted": True, "result": response }})
class NoteAPIView(TradeRemediesApiView): """ Get or create Notes on other models ### GET `GET /api/v1/notes/case/{CASE_UUID}/` Get all case notes `GET /api/v1/notes/case/{CASE_UUID}/on/{CONTENT_TYPE_IDENTIFIER}/{MODEL_ID}/` Get all notes for a particular model `GET /api/v1/notes/{NOTE_UUID}/` Get a specific note ### POST `POST /api/v1/notes/case/{CASE_UUID}/on/{CONTENT_TYPE_IDENTIFIER}/{MODEL_ID}/` Create a new note `POST /api/v1/notes/{NOTE_UUID}/` Update a specific note `GET /api/v1/notes/case/{CASE_UUID}/` Shortcut to create a note directly on a case. """ def get( self, request, note_id=None, model_id=None, content_type=None, case_id=None, model_key=None, *args, **kwargs, ): if note_id: try: note = Note.objects.get(id=note_id) return ResponseSuccess({"result": note.to_dict()}) except Note.DoesNotExist: raise NotFoundApiExceptions("Invalid note id") else: notes = Note.objects.filter(deleted_at__isnull=True) if case_id: notes = notes.filter(case__id=case_id) if model_id and content_type: _content_type = get_content_type(content_type) if model_key: notes = notes.filter(model_id=model_id, content_type=_content_type, model_key=model_key) else: notes = notes.filter(model_id=model_id, content_type=_content_type) else: raise InvalidRequestParams( "A note id, case id or a model identifiers are required") notes = notes.order_by("created_at") return ResponseSuccess( {"results": [_note.to_dict() for _note in notes]}) def post( # noqa: C901 self, request, case_id=None, note_id=None, model_id=None, document_id=None, content_type=None, *args, **kwargs, ): """ create / update the Notes :param request: :param note_id: :param model_id: :param args: :param kwargs: :return: """ case = get_case(case_id) _file = request.data.get("document", None) _file = json.loads(_file) if isinstance(_file, str) else None document = None if _file: document = Document.objects.create_document( file=_file, user=request.user, case=case, confidential=request.data.get("confidentiality") == "confidential", ) document_id = document.id if document_id: document = Document.objects.get(id=document_id) confidentiality = request.data.get("confidentiality") if confidentiality in ["confidential", "non-confidential"]: document.confidential = confidentiality == "confidential" document.save() if note_id: try: note = Note.objects.get(id=note_id, case__id=case_id) except Note.DoesNotExist: raise NotFoundApiExceptions("Invalid note id") else: model_id = model_id or request.data.get("model_id") content_type = content_type or request.data.get("content_type") if not model_id and not content_type: model_id = case_id _content_type = get_content_type("cases.case") else: _content_type = get_content_type(content_type) note = Note( case=case, created_by=request.user, model_id=model_id, content_type=_content_type, user_context=[request.user], ) note.load_attributes(request.data, ["note", "model_key"]) if document: note.documents.add(document) note.set_user_context([request.user]) note.generic_audit( message=f"Document attached: {document.name}", audit_type=AUDIT_TYPE_ATTACH, id=str(document.id), ) if note.is_dirty(): note.save() return ResponseSuccess({"result": note.to_dict()}, http_status=status.HTTP_201_CREATED) def delete( self, request, case_id=None, note_id=None, model_id=None, document_id=None, content_type=None, *args, **kwargs, ): response = None if note_id and document_id: try: note = Note.objects.get(id=note_id, case__id=case_id) document = Document.objects.get(id=document_id) case = get_case(case_id) # Only delete if the doc is not used in any submissions if len(document.submissions(case)) == 0: note.documents.remove(document) response = document.delete() else: result = { "deleted": False, "result": "Document used in submission" } except Note.DoesNotExist: raise NotFoundApiExceptions("Invalid note id")
def post( # noqa: C901 self, request, case_id=None, note_id=None, model_id=None, document_id=None, content_type=None, *args, **kwargs, ): """ create / update the Notes :param request: :param note_id: :param model_id: :param args: :param kwargs: :return: """ case = get_case(case_id) _file = request.data.get("document", None) _file = json.loads(_file) if isinstance(_file, str) else None document = None if _file: document = Document.objects.create_document( file=_file, user=request.user, case=case, confidential=request.data.get("confidentiality") == "confidential", ) document_id = document.id if document_id: document = Document.objects.get(id=document_id) confidentiality = request.data.get("confidentiality") if confidentiality in ["confidential", "non-confidential"]: document.confidential = confidentiality == "confidential" document.save() if note_id: try: note = Note.objects.get(id=note_id, case__id=case_id) except Note.DoesNotExist: raise NotFoundApiExceptions("Invalid note id") else: model_id = model_id or request.data.get("model_id") content_type = content_type or request.data.get("content_type") if not model_id and not content_type: model_id = case_id _content_type = get_content_type("cases.case") else: _content_type = get_content_type(content_type) note = Note( case=case, created_by=request.user, model_id=model_id, content_type=_content_type, user_context=[request.user], ) note.load_attributes(request.data, ["note", "model_key"]) if document: note.documents.add(document) note.set_user_context([request.user]) note.generic_audit( message=f"Document attached: {document.name}", audit_type=AUDIT_TYPE_ATTACH, id=str(document.id), ) if note.is_dirty(): note.save() return ResponseSuccess({"result": note.to_dict()}, http_status=status.HTTP_201_CREATED)
via the trusted user (healthcheck) and used to display the invitation information in the invite welcome screen. `GET /api/v1/invitation/{code_id}/{case_id}/` Retrieve an invitation """ def get(self, request, code=None, case_id=None, *args, **kwargs): try: case = Case.objects.get(id=case_id) invitation = Invitation.objects.get(code=code, case=case, deleted_at__isnull=True) return ResponseSuccess({"result": invitation.to_dict()}) except Case.DoesNotExist: raise NotFoundApiExceptions("Invalid case id") except Invitation.DoesNotExist: raise NotFoundApiExceptions("Invalid invitation details") class ValidateInvitationAPIView(TradeRemediesApiView): """ Validate an invitation to an Organisation or case for a user `GET /invitations/{ORGANISATION_ID}/validate/` Validate a user (via email and/or user id) is invited to an organisation """ def post(self, request, code=None, short_code=None, case_id=None, *args, **kwargs): if not code and not case_id and short_code: invitiation, organisation = Invitation.objects.validate_public_invite(
def post( self, request, document_id=None, case_id=None, organisation_id=None, submission_id=None, bundle_id=None, *args, **kwargs, ): if document_id is None: document_id = request.data.get("document_id", None) _files = request.FILES.getlist("file", None) _issued = request.data.get("issued") or False _case_document = request.data.get("case_document") _parent_id = request.data.get("parent_id") or False _replace_id = request.data.get("replace_id") or False _bundle_id = bundle_id or request.data.get("bundle_id") _system = request.data.get("system") or bool(_bundle_id) _confidential = request.data.get("confidential") _submission_document_type = request.data.get( "submission_document_type") if _submission_document_type: submission_document_type = SubmissionDocumentType.objects.get( key=_submission_document_type) else: submission_document_type = SubmissionDocumentType.type_by_user( request.user) if _confidential is None: _confidential = True submission_type_id = request.data.get("submission_type_id") if (not _case_document and not _bundle_id and not submission_id and not submission_type_id and not _system and not document_id): raise InvalidRequestParams("Submission id or type id are required") if not _files and not document_id and not request.data.get( "file_name"): raise InvalidRequestParams("No file or documents provided") case = get_case(case_id) submission = None if submission_id: submission = Submission.objects.get_submission(id=submission_id, case=case) elif submission_type_id: submission_type = SubmissionType.objects.get(id=submission_type_id) submission = Submission.objects.create( name=submission_type.name, case=case, organisation=self.organisation, type=submission_type, status=submission_type.default_status, created_by=request.user, user_context=[request.user], ) if not _files and request.data.get("file_name"): _files = [{ "name": request.data.get("file_name"), "size": request.data.get("file_size"), "document_name": request.data.get("document_name"), }] if _files: result = [] for _file in _files: _parent = None if _parent_id: try: _parent = Document.objects.get(id=_parent_id) except Document.DoesNotExist: raise NotFoundApiExceptions( "Parent document is not found") try: document = Document.objects.create_document( file=_file, user=request.user, confidential=_confidential, system=bool(_system), parent=_parent, document=Document.objects.get( id=document_id) if document_id else None, case=case, ) except InvalidFile as e: raise InvalidFileUpload(str(e)) if _replace_id and submission: # We are being asked to replace the given doc in this submission try: # Find the document to replace and get its child _replace_doc = Document.objects.get(id=_replace_id) _child_doc = Document.objects.filter( parent_id=_replace_id).first() replace_submission_document = SubmissionDocument.objects.get( submission=submission, document=_replace_doc) replace_submission_document.set_user_context( request.user) if _child_doc: child_submission_document = SubmissionDocument.objects.get( submission=submission, document=_child_doc) child_submission_document.set_user_context( request.user) # Clone the child doc and add link to parent _child_doc.id = None _child_doc.parent = document _child_doc.save() # Update submission_doc to point to new child doc. child_submission_document.document = _child_doc child_submission_document.save() replace_submission_document.delete() except (Document.DoesNotExist, SubmissionDocument.DoesNotExist) as e: logger.warning( f"Document to replace with id '{_replace_id}' was not found: {e}" ) if submission: if _submission_document_type: submission_document_type = SubmissionDocumentType.objects.get( key=_submission_document_type) else: submission_document_type = SubmissionDocumentType.type_by_user( request.user) submission_document = submission.add_document( document=document, document_type=submission_document_type, issued=_issued, issued_by=request.user, ) result_item = submission_document.to_dict() elif _bundle_id: bundle = DocumentBundle.objects.get(id=_bundle_id) bundle.documents.add(document) document.generic_audit( message=f"Attached to bundle {bundle.name}", audit_type=AUDIT_TYPE_ATTACH, id=str(document.id), ) result_item = document.to_dict() else: result_item = document.to_dict() result.append(result_item) return ResponseSuccess({"result": result}, http_status=status.HTTP_201_CREATED) elif document_id: # We just want to attach a document document = Document.objects.get(id=document_id) if submission_id: submission_document = submission.add_document( document=document, document_type=submission_document_type, issued=_issued, issued_by=request.user, ) if not request.user.is_tra(): submission.received_at = timezone.now() submission.status = submission.type.received_status submission.save() return ResponseSuccess( {"result": submission_document.to_dict()}, http_status=status.HTTP_201_CREATED) document.confidential = _confidential document.save() return ResponseSuccess( {"result": { "document": document.to_dict() }})
class ContactsAPI(TradeRemediesApiView): """ Return all or one contact records `GET /contacts/` Return all contact records, allowing for filtering by organisation, name or address `GET /contact/{contact_id}/` Return a single contact record `POST /contact/` Create a new contact `POST /contact/{contact_id}/` Update a contact """ def get(self, request, contact_id=None, *args, **kwargs): if contact_id: try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) return ResponseSuccess({"result": contact.to_dict()}) except Contact.DoesNotExist: raise NotFoundApiExceptions("Contact does not exist or access is denied") else: filter_kwargs = pluck(request.query_params, ["name", "country", "organisation"]) contacts = Contact.objects.filter(**filter_kwargs) return ResponseSuccess({"results": [_contact.to_dict() for _contact in contacts]}) def post( # noqa: C901 self, request, contact_id=None, organisation_id=None, case_id=None, *args, **kwargs ): self.required_keys = ["contact_name"] if not self.feature_flags("contact_email_read_only"): self.required_keys.append("contact_email") case_id = case_id or request.data.get("case_id") organisation_id = organisation_id or request.data.get("organisation_id") missing_required_fields = self.validate_required_fields(request) errors = {fld: "Required" for fld in missing_required_fields} if not self.feature_flags("contact_email_read_only"): if not is_valid_email(request.data.get("contact_email", "")): errors["email_not_valid"] = "Invalid email format" if errors: raise RequestValidationError(detail=errors) case = None if case_id: case = get_case(case_id) contact_id = contact_id or request.data.get("contact_id") if contact_id: try: contact = Contact.objects.select_related("userprofile", "organisation").get( id=contact_id ) except Contact.DoesNotExist: raise NotFoundApiExceptions("Contact does not exist or access is denied") if organisation_id: organisation = Organisation.objects.get(id=organisation_id) CaseContact.objects.get_or_create( case=case, contact=contact, organisation=organisation, primary=False ) else: organisation = None if organisation_id: organisation = Organisation.objects.get(id=organisation_id) contact = Contact(organisation=organisation, created_by=request.user) contact.set_case_context(case) contact.set_user_context(request.user) contact.name = request.data.get("contact_name") contact.address = request.data.get("contact_address") contact.country = request.data.get("contact_country") contact.post_code = request.data.get("contact_post_code") if not self.feature_flags("contact_email_read_only"): contact.email = request.data.get("contact_email", "").lower() contact.phone = request.data.get("contact_phone") if case and request.data.get("primary_contact"): contact.set_primary(case=case)
"results": [ organisation.to_embedded_dict() for organisation in organisations ] }) elif organisation_id: try: organisation = Organisation.objects.get(id=organisation_id) org_data = organisation.to_dict(case=case) if case_id: case_role = organisation.get_case_role(get_case(case_id)) org_data["case_role"] = case_role.to_dict( ) if case_role else None return ResponseSuccess({"result": org_data}) except Organisation.DoesNotExist: raise NotFoundApiExceptions( "Organisation does not exist or access is denied") elif is_tra: organisations = Organisation.objects.filter( deleted_at__isnull=True) return ResponseSuccess({ "results": [org.to_dict(fields=fields) for org in organisations] }) else: organisations = OrganisationUser.objects.filter(user=request.user) return ResponseSuccess({ "results": [org_user.organisation.to_dict() for org_user in organisations] })