def Update(id): """ Updates teachers information """ if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') mobile_phone = request.form.get('mobile_phone') password = request.form.get('password') if not first_name and not last_name and not email and not mobile_phone and not password: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter details for the teacher.' }) teachers = TeacherModel.findById(id) if not teachers: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Teacher not found.' }) if first_name: teachers.setFirstName(first_name) if last_name: teachers.setLastName(last_name) if email: teachers.setEmail(email) if mobile_phone: teachers.setMobile(mobile_phone) if password: salt = teachers.getSalt() hashedPassword = Security.hashPassword(password, salt) teachers.setPassword(hashedPassword) try: teachers.save() except: return JsonResponse.badRequest({'error': 'database_error'}) return JsonResponse.ok()
def Update(module_id, session_id): """ Updates a module session. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) # Get session object session = ModuleSessionModel.findById(session_id) if not session: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Session not found.' }) # Save new values to database teacher = request.form.get('teacher') sessionType = request.form.get('type') if not teacher and not sessionType: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter a teacher and session type.' }) if teacher: if not TeacherModel.findById(teacher): return JsonResponse.badRequest({ 'message': 'not_found', 'nice_message': 'Teacher not found.' }) session.setStaff(teacher) if sessionType: if not ModuleSessionModel.findById(sessionType): return JsonResponse.badRequest({ 'message': 'not_found', 'nice_message': 'Session type not found.' }) session.setType(sessionType) session.save() return JsonResponse.ok()
def Update(id): """POST /staff/[id] - Updates staff information (JSON) (Post variables: first_name, last_name, email, mobile_phone, salt, password, role (integer))""" #Auth if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') mobile_phone = request.form.get('mobile_phone') password = request.form.get('password') role = request.form.get('role') if not first_name and not last_name and not email and not mobile_phone and not password and not role: #Bad request return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Pleaase enter new details for the staff member' }) staff = StaffModel.findById(id) #Not sure on method names if first_name: staff.setFirstName(first_name) if last_name: staff.setLastName(last_name) if email: staff.setEmail(email) if mobile_phone: staff.setMobile(mobile_phone) if role: staff.setRole(role) #Password hashed here if password: salt = staff.getSalt() hashedPassword = Security.hashPassword(password, salt) staff.setPassword(hashedPassword) try: staff.save() except: return JsonResponse.badRequest({'error': 'database_error'}) return JsonResponse.ok()
def UpdateTerm(term_id): """ Creates a new Campus """ # Authenticate user if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) term = request.form.get('term') term_start = request.form.get('term_start') term_end = request.form.get('term_end') if not term or not term_start or not term_end: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter a new term number, start date or end date.' }) if term not in ('1', '2', '3', 1, 2, 3): return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please select a term between 1 and 3.' }) termObj = TermModel.findById(term_id) if not termObj: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Term not found.' }) if term: termObj.setTerm(term) if term_start: termObj.setStartDate(yyyyMmDdToTimestamp(term_start)) if term_end: termObj.setEndDate(yyyyMmDdToTimestamp(term_end)) termObj.save() return JsonResponse.ok()
def Update(campus_id, building_id, room_id): """ Update a given campus building room. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('building_admin', 'fire_officer')): return JsonResponse.unauthorized({'message': 'no_access', 'nice_message': 'You do not have accdss to this page. Contact system administrator.'}) # Get room object room = CampusBuildingRoomModel.findById(room_id) if not room: return JsonResponse.notFound({'message': 'room_missing', 'nice_message': 'Room not found.'}) # Save new values to database name = request.form.get('room_name') floor = request.form.get('floor') capacity = request.form.get('capacity') if not name and not floor and not capacity: return JsonResponse.badRequest({'message': 'missing_parameters', 'nice_message': 'Please enter a floor, capacity or name.'}) if name: room.setIdentifier(name) if floor: room.setBuildingFloor(floor) if capacity: room.setCapacity(capacity) room.save() return JsonResponse.ok()
def Delete(student_id, module_id): if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) if not student_id or not module_id: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Missing parameter.' }) enrolments = StudentModuleModel.findBy('student', student_id) for enrolment in enrolments: if enrolment.getModule() == int(module_id): enrolment.delete() return JsonResponse.ok() return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Enrolment does not exist.' })
def Create(campus_id): """ Creates new campus building """ # Verify user access if not Authorization.canAccess(session.get('user'), ('building_admin', )): return JsonResponse.unauthorized() # Ensure campus exists campus = CampusModel.findById(campus_id) if not campus: return JsonResponse.notFound() # Parse and validate request body name = request.form.get('building_name') floorCount = request.form.get('floor_count') if not name or not floorCount: return JsonResponse.badRequest() # Save new data to database building = CampusBuildingModel() building.setName(name) \ .setFloorCount(floorCount) \ .setCampus(campus_id) \ .save() return JsonResponse.ok()
def Update(id): """ Updates information for a Campus """ if not Authorization.canAccess(session.get('user'), ('building_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) name = request.form.get('campus_name') if not name: return JsonResponse.badRequest({ 'message': 'name_missing', 'nice_message': 'Missing campus name.' }) campus = CampusModel.findById(id) if not campus: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Campus could not be found.' }) campus.setName(name) \ .save() return JsonResponse.ok()
def Create(): """ Creates a new Campus """ # Authenticate user if not Authorization.canAccess(session.get('user'), ('building_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) name = request.form.get('campus_name') if not name: return JsonResponse.badRequest({ 'message': 'name_missing', 'nice_message': 'Missing Campus Name' }) campus = CampusModel() campus.setName(name) \ .save() return JsonResponse.ok()
def DeleteTerm(term_id): """ Creates a new Campus """ # Authenticate user if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) if not term_id: return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please enter the term' }) term = TermModel.findById(term_id) if not term: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Term not found.' }) term.delete() return JsonResponse.ok()
def Create(campus_id, building_id): """ Create a room in a given campus building. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('building_admin')): return JsonResponse.unauthorized({'message': 'no_acces', 'nice_message': 'You do not have acess to this page. Contact system administrator.'}) # Get building object building = CampusBuildingModel.findById(building_id) if not building: return JsonResponse.notFound({'message': 'not_found', 'nice_message': 'Building not found.'}) # Parse and validate request body name = request.form.get('room_name') floor = request.form.get('floor') capacity = request.form.get('capacity') if not name or not floor or not capacity: return JsonResponse.badRequest({'message': 'bad_request', 'nice_message': 'Please enter a capacity, name and floor.'}) # Save new data to database room = CampusBuildingRoomModel() room.setIdentifier(name) \ .setBuildingFloor(floor) \ .setBuilding(building_id) \ .setCapacity(capacity) \ .save() return JsonResponse.ok()
def Create(student_id): if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this page. Contact system administrator.' }) module_id = request.form.get('module') if not module_id or not student_id: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Missing student or module.' }) newEnrolment = StudentModuleModel() dateNow = int(time.time()) newEnrolment.setEnrolmentDate(dateNow) newEnrolment.setStudent(student_id) newEnrolment.setModule(module_id) newEnrolment.save() return JsonResponse.ok()
def Update(id): """ Updates a given module. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this page. Contact system administrator.' }) # Get module object module = ModuleModel.findById(id) if not module: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Module not found.' }) # Save new values to database name = request.form.get('module_name') leader = request.form.get('leader') if not name and not leader: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter a new name or module leader.' }) if name: module.setName(name) if leader: if not TeacherModel.findById(leader): return JsonResponse.badRequest({ 'message': 'not_found', 'nice_message': 'Teacher not found.' }) module.setLeader(leader) module.save() return JsonResponse.ok()
def Create(module_id): """ Creates a new module session. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this page. Contact system administrator.' }) # Get module object module = ModuleModel.findById(module_id) if not module: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Module not found.' }) # Parse and validate request body teacher = request.form.get('teacher') sessionType = request.form.get('type') if not TeacherModel.findById(teacher): return JsonResponse.badRequest({ 'message': 'not_found', 'nice_message': 'Teacher not found.' }) if not ModuleSessionTypeModel.findById(sessionType): return JsonResponse.badRequest({ 'message': 'not_found', 'nice_message': 'Module session not found.' }) # Save new data to database moduleSession = ModuleSessionModel() moduleSession.setModule(module.getId()) \ .setStaff(teacher) \ .setType(sessionType) \ .save() return JsonResponse.ok()
def Update(id): """Updates student information """ """(JSON) (Post variables: first_name, last_name, email, mobile_phone, password)""" #Auth if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized() first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') mobile_phone = request.form.get('mobile_phone') password = request.form.get('password') if not first_name and not last_name and not email and not mobile_phone and not password: #Bad request return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please fill out new information for the student.' }) student = StudentModel.findById(id) #Not sure on method names if first_name: student.setFirstName(first_name) if last_name: student.setLastName(last_name) if email: student.setEmail(email) if mobile_phone: student.setMobile(mobile_phone) #Password hashed here if password: salt = student.getSalt() hashedPassword = Security.hashPassword(password, salt) student.setPassword(hashedPassword) try: student.save() except: return JsonResponse.badRequest({'error': 'database_error'}) return JsonResponse.ok()
def CreateTerm(): """ Creates a new Campus """ # Authenticate user if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this page. Contact system administrator.' }) term = request.form.get('term') term_start = request.form.get('term_start') term_end = request.form.get('term_end') if not term or not term_start or not term_end: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter term number, term start date and term end date.' }) if term not in ('1', '2', '3', 1, 2, 3): return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please select a term number between 1 and 3.' }) term_start = yyyyMmDdToTimestamp(term_start) term_end = yyyyMmDdToTimestamp(term_end) termObj = TermModel() termObj.setTerm(int(term)) \ .setStartDate(term_start) \ .setEndDate(term_end) \ .save() return JsonResponse.ok()
def Create(): """Creates a new student (JSON) (Post variables: first_name, last_name, email, mobile_phone)""" #Change who is authorised if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') mobile_phone = request.form.get('mobile_phone') password = request.form.get('password') salt = Security.generateSalt() hashedPassword = Security.hashPassword(password, salt) student = StudentModel() if not first_name or not last_name or not email or not mobile_phone or not password: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please fill all fields for the new student.' }) student.setFirstName(first_name) student.setLastName(last_name) student.setEmail(email) student.setMobile(mobile_phone) student.setPassword(hashedPassword) student.setSalt(salt) try: student.save() except: return JsonResponse.badRequest({'error': 'database_error'}) return JsonResponse.ok()
def Delete(id): """ Deletes teacher """ if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator' }) teachers = TeacherModel.findById(id) if not teachers: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Teacher not found.' }) modules = ModuleModel.findBy('leader', id) if len(modules) != 0: return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Modules exist with this teacher as module leader.' }) sessions = ModuleSessionModel.findBy('staff', id) if len(sessions) != 0: return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Sessions exist for this teacher.' }) teachers.delete() return JsonResponse.ok()
def Create(): """ Creates a new module. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this page. Contact system administrator.' }) # Parse and validate request body name = request.form.get('module_name') leader = request.form.get('leader') if not name or not leader: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please make sure you enter a name and leader.' }) # Make sure leader is a valid staff member if not TeacherModel.findById(leader): return JsonResponse.badRequest({ 'message': 'not_found', 'nice_message': 'Teacher not found' }) # Save new data to database module = ModuleModel() module.setName(name) \ .setLeader(leader) \ .save() return JsonResponse.ok()
def Update(campus_id, building_id): """ Update information for given building """ # Verify user access if not Authorization.canAccess(session.get('user'), ('building_admin', )): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) # Get building object building = CampusBuildingModel.findById(building_id) if not building: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Building not found.' }) # Save new values to database name = request.form.get('building_name') floorCount = request.form.get('floor_count') if not name and not floorCount: return JsonResponse.badRequest({ 'message': 'missing_parameter', 'nice_message': 'Please enter a new name or floor count.' }) if name: building.setName(name) if floorCount: building.setFloorCount(floorCount) building.save() return JsonResponse.ok()
def Create(): """ Creates a new teacher """ if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator' }) first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') mobile_phone = request.form.get('mobile_phone') password = request.form.get('password') salt = Security.generateSalt() hashedPassword = Security.hashPassword(password, salt) teachers = TeacherModel() if not teachers: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Teacher not found.' }) teachers.setFirstName(first_name) teachers.setLastName(last_name) teachers.setEmail(email) teachers.setMobile(mobile_phone) teachers.setPassword(hashedPassword) teachers.setSalt(salt) try: teachers.save() except: return JsonResponse.badRequest({'error': 'database_error'}) return JsonResponse.ok()
def Create(): """POST /staff - Creates a new staff member (JSON) (Post variables: first_name, last_name, email, mobile_phone, salt, password, role (integer))""" if not Authorization.canAccess(session.get('user'), ('admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator.' }) first_name = request.form.get('first_name') last_name = request.form.get('last_name') email = request.form.get('email') mobile_phone = request.form.get('mobile_phone') role = request.form.get('role') password = request.form.get('password') #password = '******' #generatePassword() salt = Security.generateSalt() hashedPassword = Security.hashPassword(password, salt) staff = StaffModel() staff.setFirstName(first_name) staff.setLastName(last_name) staff.setEmail(email) staff.setMobile(mobile_phone) staff.setRole(role) staff.setPassword(hashedPassword) staff.setSalt(salt) try: staff.save() except: return JsonResponse.badRequest({'error': 'database_error'}) return JsonResponse.ok()
def SessionLogin(): if 'X-App-Token' in request.headers and ApiSession.isValid(request): return JsonResponse.ok({'token': request.headers['X-App-Token']}) userEmail = request.form.get('email') userPassword = request.form.get('password') userType = request.form.get('user_type') # Step 1: Verify presence of values and validate them if not userEmail or not userPassword or not userType: return JsonResponse.badRequest({ 'message': 'post_property_missing', 'nice_message': 'Missing POST property.' }) if userType not in ('student', 'teacher'): return JsonResponse.badRequest({ 'message': 'invalid_user_type', 'nice_message': 'Given user type is invalid! Allowable types are: student/teacher.' }) # Step 2: Verify password if userType == 'student': user = StudentModel.findBy('email', userEmail) elif userType == 'teacher': user = TeacherModel.findBy('email', userEmail) else: return JsonResponse.internalServerError({ 'message': 'unexpected_user_type', 'nice_message': 'Unexpected user type. Contact system administrator.' }) if len(user) != 1: return JsonResponse.unauthorized({ 'message': 'invalid_credentials', 'nice_message': 'Supplied credentials (email/password) are invalid.' }) user = user[0] salt = user.getSalt() hashedPassword = Security.hashPassword(userPassword, salt) if hashedPassword != user.getPassword(): return JsonResponse.unauthorized({ 'message': 'invalid_credentials', 'nice_message': 'Supplied credentials (email/password) are invalid.' }) userId = user.getId() # Step 3: Create session ipAddress = request.remote_addr if Config.getValue('DEPLOYMENT') == 'heroku': ipAddress = request.headers['X-Forwarded-For'] token = ApiSession.create(userId, userType, ipAddress, request.headers['User-Agent']) if token: return JsonResponse.ok({'token': token}) return JsonResponse.internalServerError({ 'message': 'session_generation_failed', 'nice_message': 'Session generation failed. Contact system administrator.' })
def CreateRecurringBooking(module_id, session_id): """ Updates a module session. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact system administrator' }) # Get session object theSession = ModuleSessionModel.findById(session_id) if not theSession: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Session not found.' }) module = ModuleModel.findById(theSession.getModule()) if not module: return JsonResponse.internalServerError({ 'message': 'not_found', 'nice_message': 'Module not found.' }) enrolments = StudentModuleModel.findBy('module', module.getId()) # Get post values building_id = request.form.get('building') duration = request.form.get('duration') day = request.form.get('day') frequency = request.form.get('frequency') term_id = request.form.get('term') if not building_id or not duration or not day or not frequency or not term_id: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please enter a building, duration, day, frequency and term' }) if day not in ('1', '2', '3', '4', '5'): return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please choose a day Monday to Friday.' }) day = int(day) if frequency not in ('1', '2', '3', '4', '5', '6', '7', '8'): return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please select a frequency.' }) frequency = int(frequency) duration = int(duration) if duration <= 0 or duration > 3: return JsonResponse.badRequest({ 'message': 'bad_requst', 'nice_message': 'Please select a duration betweene 1 and 3 hours.' }) building = CampusBuildingModel.findById(building_id) if not building: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Building not found.' }) term = TermModel.findById(term_id) if not term: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Term not found.' }) #def scheduleRecurring(term_id, session_id, building_id, day_of_week, frequency, duration, sessionType): res = Scheduler.scheduleRecurring(term.getId(), theSession.getId(), building.getId(), day, frequency, duration, theSession.getType()) #if not res: # return JsonResponse.badRequest() return JsonResponse.ok()
def CreateBooking(module_id, session_id): """ Creates a new room booking. """ # Verify user access if not Authorization.canAccess(session.get('user'), ('scheduling_admin')): return JsonResponse.unauthorized({ 'message': 'no_access', 'nice_message': 'You do not have access to this function. Contact sytem administrator.' }) # Get session object theSession = ModuleSessionModel.findById(session_id) if not theSession: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Session not found.' }) module = ModuleModel.findById(theSession.getModule()) if not module: return JsonResponse.internalServerError({ 'message': 'not_found', 'nice_message': 'Module not found.' }) enrolments = StudentModuleModel.findBy('module', module.getId()) # Get post values building_id = request.form.get('building') duration = request.form.get('duration') day = request.form.get('day') hour = request.form.get('hour') duration = int(duration) if duration <= 0 or duration > 3: return JsonResponse.badRequest({ 'message': 'bad_request', 'nice_message': 'Please enter a duration between 1 and 3.' }) if not building_id or not duration or not day or not hour: return JsonResponse.badRequest({ 'message': 'missing_parameters', 'nice_message': 'Please ensure you enter a buildng, duration and time.' }) day = day + " 03:00" # Daylight savings time fix ts = int( datetime.strptime(day + " UTC", "%Y-%m-%d %H:%M %Z").strftime("%s")) building = CampusBuildingModel.findById(building_id) if not building: return JsonResponse.notFound({ 'message': 'not_found', 'nice_message': 'Building not found.' }) #def scheduleOneOff(building_id, duration, capacity, day, hour, sessionType = None, session = None): res = Scheduler.scheduleOneOff(building_id, duration, len(enrolments), ts, hour, theSession.getType(), theSession.getId()) if not res: return JsonResponse.badRequest({ 'message': 'booking_failed', 'nice_message': 'Booking not made.' }) return JsonResponse.ok()