def my_retrieve(self, request, station_id, pk):
self.serializer_context = {}
form = Form.current_form(self.get_form_type_name(), station_id)
if form is None:
return Response(status=status.HTTP_404_NOT_FOUND)
try:
the_form = FormData.find_object_by_id(pk, form)
if the_form is None:
return Response(status=status.HTTP_404_NOT_FOUND)
except ObjectDoesNotExist:
return Response(status=status.HTTP_404_NOT_FOUND)
if hasattr(the_form, 'station'):
station = the_form.station
else:
station = BorderStation.objects.get(id=pk)
read_access = UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'VIEW', station.operating_country.id, station.id)
edit_access = UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'EDIT', station.operating_country.id, station.id)
private_access = UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'VIEW PI', station.operating_country.id, station.id)
if not read_access:
return Response(status=status.HTTP_401_UNAUTHORIZED)
if not edit_access and not private_access:
self.serializer_context['mask_private'] = True
form_data = FormData(the_form, form)
serializer = FormDataSerializer(form_data, context=self.serializer_context)
resp_data = serializer.data
return Response(resp_data)
def destroy(self, request, station_id, pk):
form = Form.current_form(self.get_form_type_name(), station_id)
try:
the_form = FormData.find_object_by_id(pk, form)
except ObjectDoesNotExist:
return Response({'errors' : [self.get_form_type_name() + " not found"], 'warnings':[]}, status=status.HTTP_404_NOT_FOUND)
if not UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'DELETE',
the_form.station.operating_country.id, the_form.station.id):
return Response(status=status.HTTP_401_UNAUTHORIZED)
form_data = FormData(the_form, form)
form_data.delete()
form_done.send_robust(sender=self.__class__, form_data=form_data, remove=True)
return Response(status=status.HTTP_200_OK)
def retrieve_blank_form(self, request, station_id):
self.serializer_context = {}
form = Form.current_form(self.get_form_type_name(), station_id)
if form is None:
return Response(status=status.HTTP_404_NOT_FOUND)
form_class = FormData.get_form_class(form)
the_form = form_class()
if station_id is not None:
station = BorderStation.objects.get(id=station_id)
the_form.station = station
add_access = UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'ADD',
the_form.station.operating_country.id, the_form.station.id)
if not add_access:
return Response(status=status.HTTP_401_UNAUTHORIZED)
if station.auto_number is not None and station.auto_number == form.form_type.name:
the_number = AutoNumber.get_next_number(station, form)
setattr(the_form, form_class.key_field_name(), the_number)
form_data = FormData(the_form, form)
serializer = FormDataSerializer(form_data, context=self.serializer_context)
return Response(serializer.data)
def custom_has_object_permission(self, request, view, method,
permissions_required, obj):
if request.method == method or method == "ANY":
# Need to have a way to access the country id and border station id from the object
# Assume each model will implement property get methods for country_id and border_station_id
get_country_id = getattr(obj, 'get_country_id', None)
if get_country_id is not None and callable(get_country_id):
country_id = obj.get_country_id()
else:
country_id = None
get_station_id = getattr(obj, 'get_border_station_id', None)
if get_station_id is not None and callable(get_station_id):
station_id = obj.get_border_station_id()
else:
station_id = None
for permission in permissions_required:
if not UserLocationPermission.has_session_permission(
request, permission['permission_group'],
permission['action'], country_id, station_id):
self.message = self.message.format(permission)
return False
return True
def update(self, request, station_id, pk):
form = Form.current_form(self.get_form_type_name(), station_id)
the_form = FormData.find_object_by_id(pk, form)
if the_form is None:
return Response({'errors' : [self.get_form_type_name() + " not found"], 'warnings':[]}, status=status.HTTP_404_NOT_FOUND)
form_data = FormData(the_form, form)
self.pre_process(request, form_data)
request_json = self.extract_data(request, self.get_element_paths())
self.serializer_context = {'form_type':form.form_type, 'request.user':request.user}
transaction.set_autocommit(False)
try:
serializer = FormDataSerializer(form_data, data=request_json, context=self.serializer_context)
if serializer.is_valid():
if not UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'EDIT',
serializer.get_country_id(), serializer.get_station_id()):
return Response(status=status.HTTP_401_UNAUTHORIZED)
form_data = serializer.save()
if self.check_form_number(form_data):
self.logbook_submit(form_data)
serializer2 = FormDataSerializer(form_data, context=self.serializer_context)
form_done.send_robust(sender=self.__class__, form_data=form_data)
rtn_status = status.HTTP_200_OK
ret = serializer2.data
transaction.commit()
transaction.set_autocommit(True)
self.post_process(request, form_data)
else:
transaction.rollback()
transaction.set_autocommit(True)
ret = {
'errors':['Form number exceeds highest number allocated for station'],
'warnings':[]
}
rtn_status=status.HTTP_400_BAD_REQUEST
else:
transaction.rollback()
transaction.set_autocommit(True)
if serializer.the_errors is not None and len(serializer.the_errors) > 0:
rtn_errors = serializer.the_errors
else:
rtn_errors = []
if serializer.the_warnings is not None and len(serializer.the_warnings) > 0:
rtn_warnings = serializer.the_warnings
else:
rtn_warnings = []
if len(rtn_errors) < 1 and len(rtn_warnings) < 1:
rtn_errors = serializer._errors
ret = {
'errors': rtn_errors,
'warnings':rtn_warnings
}
rtn_status = status.HTTP_400_BAD_REQUEST
except Exception:
transaction.rollback()
transaction.set_autocommit(True)
ret = {
'errors': 'Internal Error:' + traceback.format_exc(),
'warnings':[]
}
rtn_status = status.HTTP_500_INTERNAL_SERVER_ERROR
return Response (ret, status=rtn_status)
def create(self, request):
form_type = FormType.objects.get(name=self.get_form_type_name())
request_json = self.extract_data(request, self.get_element_paths())
self.serializer_context = {'form_type':form_type, 'request.user':request.user}
self.pre_process(request, None)
transaction.set_autocommit(False)
try:
serializer = FormDataSerializer(data=request_json, context=self.serializer_context)
if serializer.is_valid():
if not UserLocationPermission.has_session_permission(request, self.get_perm_group_name(), 'ADD',
serializer.get_country_id(), serializer.get_station_id()):
transaction.rollback()
transaction.set_autocommit(True)
return Response(status=status.HTTP_401_UNAUTHORIZED)
try:
form_data = serializer.save()
if self.check_form_number(form_data):
self.logbook_submit(form_data)
serializer2 = FormDataSerializer(form_data, context=self.serializer_context)
form_done.send_robust(sender=self.__class__, form_data=form_data)
ret = serializer2.data
rtn_status = status.HTTP_200_OK
transaction.commit()
transaction.set_autocommit(True)
self.post_process(request, form_data)
else:
transaction.rollback()
transaction.set_autocommit(True)
ret = {
'errors':['Form number exceeds highest number allocated for station'],
'warnings':[]
}
rtn_status=status.HTTP_400_BAD_REQUEST
except IntegrityError as exc:
transaction.rollback()
transaction.set_autocommit(True)
if 'unique constraint' in exc.args[0]:
ret = {
'errors': [ exc.args[0] ],
'warnings':[]
}
rtn_status=status.HTTP_400_BAD_REQUEST
else:
ret = {
'errors': 'Internal Error:' + traceback.format_exc(),
'warnings':[]
}
rtn_status=status.HTTP_400_BAD_REQUEST
else:
transaction.rollback()
transaction.set_autocommit(True)
ret = {
'errors': serializer.the_errors,
'warnings':serializer.the_warnings
}
rtn_status=status.HTTP_400_BAD_REQUEST
except Exception:
transaction.rollback()
transaction.set_autocommit(True)
ret = {
'errors': 'Internal Error:' + traceback.format_exc(),
'warnings':[]
}
rtn_status = status.HTTP_500_INTERNAL_SERVER_ERROR
return Response (ret, status=rtn_status)