def edit(id, db_session, data, username): logger.info(LogMsg.START, username) schema_validate(data, USER_EDIT_SCHEMA_PATH) logger.debug(LogMsg.SCHEMA_CHECKED) old_pass = data.get('old_password', None) if old_pass is not None: user = check_user(username, db_session) if user.password != old_pass: logger.error(LogMsg.INVALID_USER, {'old_password': '******'}) raise Http_error(403, Message.INVALID_PASSWORD) logger.debug(LogMsg.EDIT_REQUST, {'user_id': id, 'data': data}) model_instance = check_by_id(id, db_session) if model_instance: logger.debug(LogMsg.MODEL_GETTING, {'user_id': id}) else: logger.debug(LogMsg.NOT_FOUND, {'user_id': id}) raise Http_error(404, Message.NOT_FOUND) if model_instance.username == username: password = data.get('old_password') if model_instance.password != password: logger.error(LogMsg.INVALID_USER, {'password': '******'}) raise Http_error(403, Message.INVALID_PASSWORD) for key, value in data.items(): setattr(model_instance, key, value) edit_basic_data(model_instance, username, data.get('tags')) user_dict = user_to_dict(model_instance) logger.debug(LogMsg.EDIT_SUCCESS, user_dict) logger.info(LogMsg.END) return user_dict
def add(data, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) if user is None: logger.error(LogMsg.INVALID_USER, username) model_instance = DiscussionGroup() populate_basic_data(model_instance, username, data.get('tags')) logger.debug(LogMsg.POPULATING_BASIC_DATA) model_instance.title = data.get('title') model_instance.description = data.get('description') model_instance.image = data.get('image') model_instance.status = 'Created' db_session.add(model_instance) members = data.get('members', []) members.append({'person_id': user.person_id, 'type': 'Admin'}) member_data = {'group_id': model_instance.id, 'members': members} logger.debug(LogMsg.DISCUSSION_GROUP_ADD, model_to_dict(model_instance)) discuss_members = add_disscussuion_members(member_data, db_session, username) logger.debug(LogMsg.DISCUSSION_GROUP_MEMBERS_ADDED, members) result = model_to_dict(model_instance) result['members'] = discuss_members logger.info(LogMsg.END) return result
def get(id, db_session, username=None): logger.info(LogMsg.START, username) logger.debug(LogMsg.MODEL_GETTING) model_instance = db_session.query(GroupPermission).filter( GroupPermission.id == id).first() if model_instance: logger.debug(LogMsg.GET_SUCCESS, model_to_dict(model_instance)) else: logger.debug(LogMsg.MODEL_GETTING_FAILED) raise Http_error(404, Message.NOT_FOUND) if username is not None: user = check_user(username, db_session) per_data = {} if user_is_in_group(user.id, model_instance.group_id, db_session): per_data.update({Permissions.IS_MEMBER.value: True}) logger.debug(LogMsg.PERMISSION_CHECK, username) validate_permissions_and_access(username, db_session, 'GROUP_PERMISSION_GET', per_data) logger.debug(LogMsg.PERMISSION_VERIFIED, username) logger.info(LogMsg.END) return group_permission_to_dict(model_instance)
def delete(id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) logger.info(LogMsg.DELETE_REQUEST, {'group_user_id': id}) model_instance = db_session.query(GroupUser).filter( GroupUser.id == id).first() if model_instance is None: logger.error(LogMsg.NOT_FOUND, {'group_user_id': id}) raise Http_error(404, Message.NOT_FOUND) permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions) if not (press_permit and (model_instance.group.person_id == user.person_id)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_DELETE': username}) raise Http_error(403, Message.ACCESS_DENIED) try: db_session.delete(model_instance) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(500, LogMsg.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)
def edit(id, data, db_session, username): logger.info(LogMsg.START) permission_data = {} user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON,username) raise Http_error(400, Message.Invalid_persons) logger.debug(LogMsg.RATE_CHECK,{'rate_id':id}) model_instance = db_session.query(Rate).filter(Rate.id == id).first() if model_instance: logger.debug(LogMsg.RATE_EXISTS,model_to_dict(model_instance)) else: logger.error(LogMsg.RATE_NOT_EXISTS,{'rate_id':id}) raise Http_error(404, Message.NOT_FOUND) if model_instance.person_id == user.person_id: permission_data = {Permissions.IS_OWNER.value:True} permissions,presses = get_user_permissions(username, db_session) has_permission([Permissions.RATE_EDIT_PREMIUM], permissions,None,permission_data) model_instance.rate = data.get('rate') edit_basic_data(model_instance,username,data.get('tags')) logger.debug(LogMsg.RATE_CHANGED,model_to_dict(model_instance)) logger.info(LogMsg.END) return model_instance
def edit(id, data, db_session, username): logger.info(LogMsg.START) permission_data = {} schema_validate(data, EDIT_SCHEMA_PATH) user = check_user(username, db_session) logger.debug(LogMsg.RATE_CHECK, {'rate_id': id}) model_instance = db_session.query(Rate).filter( Rate.id == id, Rate.person_id == user.person_id).first() if model_instance: logger.debug(LogMsg.RATE_EXISTS, model_to_dict(model_instance)) else: logger.error(LogMsg.RATE_NOT_EXISTS, {'rate_id': id}) raise Http_error(404, Message.NOT_FOUND) model_instance.rate = data.get('rate') edit_basic_data(model_instance, username, data.get('tags')) logger.debug(LogMsg.RATE_CHANGED, model_to_dict(model_instance)) logger.info(LogMsg.END) return model_instance
def get_by_group(group_id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) group = validate_group(group_id, db_session) if username not in ADMINISTRATORS: permissions, presses = get_user_permissions(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions) if not (press_permit and user_is_in_group(user.id, group_id, db_session)): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_GET': username}) raise Http_error(403, Message.ACCESS_DENIED) result = db_session.query(GroupUser).filter( GroupUser.group_id == group_id).all() final_res = [] for item in result: final_res.append(group_user_to_dict(item)) logger.info(LogMsg.END) return final_res
def dislike(db_session, comment_id, username): logger.info(LogMsg.START, username) logger.debug(LogMsg.ACTION_CHECK_COMMENT, comment_id) comment = get_comment(comment_id, db_session) if comment is None: logger.error(LogMsg.NOT_FOUND, {'comment_id': comment_id}) raise Http_error(404, Message.NOT_FOUND) user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON, username) raise Http_error(400, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS) action = get_action_like(comment_id, user.person_id, db_session) if action is None: logger.error(LogMsg.ACTION_USER_CANT_DISLIKE) raise Http_error(404, Message.COMMENT_NOT_FOUND) if action.person_id != user.person_id: logger.error(LogMsg.NOT_ACCESSED, username) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.ACTION_DISLIKE_COMMENT, comment_id) delete(action.id, db_session, username) logger.info(LogMsg.END) return Http_response(204, True)
def delete_all(username, db_session): logger.info(LogMsg.START, username) validate_permissions_and_access(username, db_session, 'ACCOUNT_DELETE', access_level=Access_level.Premium) user = check_user(username, db_session) if user.person_id is None: logger.error(LogMsg.PERSON_NOT_EXISTS, username) raise Http_error(404, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS, username) try: logger.debug(LogMsg.DELETE_USER_ALL_ACCOUNTS, username) db_session.query(Account).filter( Account.person_id == user.person_id).delete() except: logger.error(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(404, Message.NOT_FOUND) logger.info(LogMsg.END) return Http_response(204, True)
def get_person_profile(id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) per_data = {} permissions, presses = get_user_permissions(username, db_session) if user.person_id == id: per_data.update({Permissions.IS_OWNER.value: True}) has_permission([Permissions.PERSON_GET_PREMIUM], permissions, None, per_data) logger.debug(LogMsg.PERMISSION_VERIFIED) logger.debug(LogMsg.MODEL_GETTING) model_instance = db_session.query(Person).filter(Person.id == id).first() if model_instance: result = model_to_dict(model_instance) result['current_book'] = get_current_book( model_instance.current_book_id, db_session) or None result['following_list'] = list(get_following_list_internal(id, db_session)) result['wish_list'] = list(internal_wish_list(db_session, id)) logger.debug(LogMsg.GET_SUCCESS, result) else: logger.error(LogMsg.NOT_FOUND, {"Person_id": id}) raise Http_error(404, Message.NOT_FOUND) logger.info(LogMsg.END) return result
def get(id, db_session, username=None): logger.info(LogMsg.START, username) logger.debug(LogMsg.MODEL_GETTING) model_instance = db_session.query(Person).filter(Person.id == id).first() if model_instance: person_dict = person_to_dict(model_instance, db_session) logger.debug(LogMsg.GET_SUCCESS + json.dumps(person_dict)) else: logger.debug(LogMsg.MODEL_GETTING_FAILED) raise Http_error(404, Message.NOT_FOUND) if username is not None: user = check_user(username, db_session) per_data = {} permissions, presses = get_user_permissions(username, db_session) if user.person_id == id: per_data.update({Permissions.IS_OWNER.value: True}) has_permission([Permissions.PERSON_GET_PREMIUM], permissions, None, per_data) logger.debug(LogMsg.PERMISSION_VERIFIED) logger.info(LogMsg.END) return person_dict
def delete(id, db_session, username): logger.info(LogMsg.START, username) permissions, presses = get_user_permissions(username, db_session) has_permission([Permissions.ACCOUNT_DELETE_PREMIUM], permissions) user = check_user(username, db_session) if user is None: logger.error(LogMsg.INVALID_USER, username) raise Http_error(404, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.PERSON_NOT_EXISTS, username) raise Http_error(404, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS, username) try: logger.debug(LogMsg.DELETE_ACCOUNT_BY_ID, id) db_session.query(Account).filter( and_(Account.person_id == user.person_id, Account.id == id)).delete() except: logger.error(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(404, Message.NOT_FOUND) logger.info(LogMsg.END) return Http_response(204, True)
def search_group(data, db_session, username=None): if username is not None: user = check_user(username, db_session) logger.debug(LogMsg.PERMISSION_CHECK, username) validate_permissions_and_access(username, db_session, 'PERMISSION_GROUP_GET') logger.debug(LogMsg.PERMISSION_VERIFIED, username) if data.get('sort') is None: data['sort'] = ['creation_date-'] result = [] groups = Group.mongoquery( db_session.query(Group)).query(**data).end().all() for group in groups: result.append(model_to_dict(group)) if username is not None and not (user_is_in_group( user.id, group.id, db_session)): del result[-1] logger.debug(LogMsg.GET_SUCCESS, result) logger.info(LogMsg.END) return result
def delete(id, db_session, username): logger.info(LogMsg.START, username) logger.info(LogMsg.DELETE_REQUEST, {'group_id': id}) user = check_user(username, db_session) model_instance = db_session.query(Group).filter(Group.id == id).first() if model_instance is None: logger.error(LogMsg.NOT_FOUND, {'group_id': id}) raise Http_error(404, Message.NOT_FOUND) logger.debug(LogMsg.PERMISSION_CHECK, username) validate_permissions_and_access(username, db_session, 'PERMISSION_GROUP_DELETE', model=model_instance) logger.debug(LogMsg.PERMISSION_VERIFIED, username) try: logger.debug(LogMsg.DELETE_GROUP_USERS, {'group_id': id}) delete_group_users(model_instance.id, db_session) logger.debug(LogMsg.GROUP_DELETE_PERMISSIONS, {'group_id': id}) delete_all_permissions_of_group(model_instance.id, db_session) logger.debug(LogMsg.GROUP_DELETE, id) db_session.delete(model_instance) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(500, LogMsg.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)
def get_personal_library(data, db_session, username): logger.info(LogMsg.START, username) # # logger.debug(LogMsg.PERMISSION_CHECK, username) # validate_permissions_and_access(username, db_session, 'LIBRARY_DELETE',{Permissions.IS_OWNER.value: True}) # logger.debug(LogMsg.PERMISSION_VERIFIED) user = check_user(username, db_session) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON, username) raise Http_error(400, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS) if data.get('sort') is None: data['sort'] = ['creation_date-'] if data.get('filter') is None: data.update({'filter': {'person_id': user.person_id}}) else: data['filter'].update({'person_id': user.person_id}) logger.debug(LogMsg.LIBRARY_GET_PERSON_LIBRARY, username) result = Library.mongoquery( db_session.query(Library)).query(**data).end().all() logger.info(LogMsg.END) return lib_to_dictlist(result, db_session)
def delete(id, db_session, username): logger.info(LogMsg.START, username) logger.debug(LogMsg.PERMISSION_CHECK, username) validate_permissions_and_access(username, db_session, 'ACCOUNT_DELETE', access_level=Access_level.Premium) logger.debug(LogMsg.PERMISSION_VERIFIED, username) user = check_user(username, db_session) if user is None: logger.error(LogMsg.INVALID_USER, username) raise Http_error(404, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.PERSON_NOT_EXISTS, username) raise Http_error(404, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS, username) try: logger.debug(LogMsg.DELETE_ACCOUNT_BY_ID, id) db_session.query(Account).filter( and_(Account.person_id == user.person_id, Account.id == id) ).delete() except: logger.error(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(404, Message.NOT_FOUND) logger.info(LogMsg.END) return Http_response(204, True)
def get_user_orders(data, db_session, username=None): logger.info(LogMsg.START, username) if data.get('sort') is None: data['sort'] = ['creation_date-'] user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON, username) raise Http_error(400, Message.Invalid_persons) if data.get('filter') is None: data.update({'filter':{'person_id':user.person_id}}) else: data['filter'].update({'person_id':user.person_id}) result = Order.mongoquery( db_session.query(Order)).query( **data).end().all() res = [] for item in result: res.append(order_to_dict(item, db_session, username)) logger.debug(LogMsg.ORDER_USER_ORDERS, res) logger.info(LogMsg.END) return res
def get_by_id(id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) if user.person_id is None: logger.error(LogMsg.PERSON_NOT_EXISTS, username) raise Http_error(404, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS, username) try: logger.debug(LogMsg.GETTING_ACCOUNT_BY_ID, id) result = db_session.query(Account).filter( and_(Account.person_id == user.person_id, Account.id == id)).first() if result is None: logger.debug(LogMsg.ACCOUNT_BY_ID_IS_NOT_FOR_PERSON, {'account_id': id, 'person_id': user.person_id}) except: logger.error(LogMsg.GET_FAILED, exc_info=True) raise Http_error(404, Message.NOT_FOUND) logger.info(LogMsg.END) return account_to_dict(result)
def delete_collection(data, db_session, username): title = data.get('title') logger.info(LogMsg.START, username) user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON, username) raise Http_error(400, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS) try: if not collection_exists(title, user.person_id, db_session): logger.error(LogMsg.NOT_FOUND, { 'collection_title': title, 'person_id': user.person_id }) raise Http_error(404, Message.NOT_FOUND) logger.debug(LogMsg.COLLECTION_DELETE, title) result = delete_collection_constraints(title, user.person_id, db_session) stmt = Collection.__table__.delete().where(Collection.id.in_(result)) db_session.execute(stmt) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(502, Message.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)
def get_follower_list(data, username, db_session): logger.info(LogMsg.START, username) result = [] user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON, username) raise Http_error(400, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS) if data.get('sort') is None: data['sort'] = ['creation_date-'] if data.get('filter') is None: data.update({'filter': {'following_id': user.person_id}}) else: data['filter'].update({'following_id': user.person_id}) res = Follow.mongoquery(db_session.query(Follow)).query(**data).end().all() for item in res: result.append(follow_to_dict(item)) logger.debug(LogMsg.FOLLOWER_LIST, result) logger.info(LogMsg.END) return result
def get(id, db_session, username=None): logger.info(LogMsg.START, username) model_instance = db_session.query(GroupUser).filter( GroupUser.id == id).first() if model_instance is None: logger.debug(LogMsg.MODEL_GETTING_FAILED) raise Http_error(404, Message.NOT_FOUND) if username is not None: permissions, presses = get_user_permissions(username, db_session) user = check_user(username, db_session) permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions) if not permit: press_permit = has_permission_or_not( [Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions) if not (press_permit and (user_is_in_group( user.id, model_instance.group_id, db_session))): logger.error(LogMsg.PERMISSION_DENIED, {'PERMISSION_GROUP_USER_GET': username}) raise Http_error(403, Message.ACCESS_DENIED) logger.debug(LogMsg.MODEL_GETTING) logger.info(LogMsg.END) return group_user_to_dict(model_instance)
def store_add_new_receipt(data, username, db_session, *args, **kwargs): items = [] for i in range(100): if 'prd_{}'.format(i) not in data: break else: item = dict(name=data.get("prd_{}".format(i)), qty=data.get("qty_{}".format(i)), price=data.get("price_{}".format(i))) items.append(item) user = check_user(username, db_session) rcp_data = dict(payee_id=user.person.id, status="Waiting", title=data.get("title"), total_payment=float(data.get("total_amount", 0)), hst=float(data.get("hst", 0)), subtotal=float(data.get("subtotal", 0)), payer_name=data.get("payer"), body=items) try: return receipt_controller.add(db_session, rcp_data, username) except HTTPResponse as e: return SimpleTemplate(name="receipt_form_error.tpl", lookup=[get_tpl_path()]).render(error=e.body) except Exception as e: return SimpleTemplate(name="receipt_form_error.tpl", lookup=[get_tpl_path()]).render(error=e) pass
def delete(id, db_session, username, **kwargs): logger.info(LogMsg.START) permission_data = {} logger.debug(LogMsg.RATE_CHECK) model_instance = db_session.query(Rate).filter(Rate.id == id).first() if model_instance: logger.debug(LogMsg.RATE_EXISTS,model_to_dict(model_instance)) else: logger.debug(LogMsg.RATE_NOT_EXISTS,{'rate_id':id}) raise Http_error(404, Message.NOT_FOUND) user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON) raise Http_error(400, Message.Invalid_persons) if model_instance.person_id == user.person_id: permission_data = {Permissions.IS_OWNER.value:True} permissions,presses = get_user_permissions(username, db_session) has_permission([Permissions.RATE_DELETE_PREMIUM], permissions,None,permission_data) try: db_session.query(Rate).filter(Rate.id == id).delete() logger.debug(LogMsg.RATE_DELETED,{'rate_id':id}) except: logger.exception(LogMsg.DELETE_FAILED,exc_info=True) raise Http_error(404, Message.DELETE_FAILED) logger.info(LogMsg.END) return {}
def get_all(db_session, data, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) logger.debug(LogMsg.PERMISSION_CHECK, username) access_type = validate_permissions_and_access(username, db_session, 'CHECKOUT_PAYMENT_GET') logger.debug(LogMsg.PERMISSION_VERIFIED, username) if data.get('sort') is None: data['sort'] = ['creation_date-'] try: final_res = [] mq = CheckoutPressAccount.mongoquery( db_session.query(CheckoutPressAccount)) # data=dict(filter=dict(title="hello")) result = mq.query(**data).end().all() logger.debug(LogMsg.GET_SUCCESS) for item in result: if access_type == 'Press': if item.receiver_id == user.person_id: final_res.append(pay_model_to_dict(item)) else: final_res.append(pay_model_to_dict(item)) except: logger.exception(LogMsg.GET_FAILED, exc_info=True) raise Http_error(500, Message.GET_FAILED) logger.debug(LogMsg.END) return final_res
def delete(id, db_session, username): logger.info(LogMsg.START, username) logger.info(LogMsg.DELETE_REQUEST, {'group_id': id}) user = check_user(username, db_session) per_data = {} permissions, presses = get_user_permissions(username, db_session) if is_admin_member(user.person_id, id, db_session): per_data.update({Permissions.IS_OWNER.value: True}) has_permission([Permissions.DISCUSSION_GROUP_PREMIUM], permissions, None, per_data) logger.debug(LogMsg.PERMISSION_VERIFIED, username) model_instance = db_session.query(DiscussionGroup).filter( DiscussionGroup.id == id).first() if model_instance is None: logger.error(LogMsg.NOT_FOUND, {'group_id': id}) raise Http_error(404, Message.NOT_FOUND) try: delete_group_members(model_instance.id, db_session, username) logger.debug(LogMsg.DISCUSSION_GROUP_OLD_MEMBERS_DELETED) db_session.delete(model_instance) logger.debug(LogMsg.DISCUSSION_GROUP_DELETE, id) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(500, LogMsg.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)
def pay(self, id, db_session, username=None): logger.info(LogMsg.START, username) receipt = self.internal_get(id, db_session, username) if receipt is None: raise Http_error(404, Message.NOT_FOUND) if receipt.status == 'Paid': raise Http_error(409, Message.ALREADY_PAID) if username is None: # paypal pay pass else: user = check_user(username, db_session) receipt.payer_id = user.person_id account = account_controller.get(user.person_id, 'Main', db_session) if account is None: logger.error(LogMsg.NOT_FOUND, {'person_id': user.person_id}) raise Http_error(404, Message.USER_HAS_NO_ACCOUNT) if account.value < receipt.total_payment: # paypal pay pass else: account.value -= receipt.total_payment transaction_data = { 'account_id': account.id, 'debit': receipt.total_payment } transaction.internal_add(transaction_data, db_session) receipt.status = 'Paid' return receipt.to_dict()
def add(permission_id, group_id, db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) group = get_group(group_id, db_session, username=None) permission = get_permission(permission_id, db_session) if user.person_id != group.person_id: logger.error(LogMsg.PERMISSION_DENIED, {'add_permission_to_group_be user': username}) raise Http_error(403, Message.ACCESS_DENIED) if group_has_permission(permission_id, group_id, db_session): logger.error(LogMsg.PERMISSION_GROUP_ALREADY_HAS) raise Http_error(409, Message.ALREADY_EXISTS) permissions, presses = get_user_permissions(username, db_session) if permission.permission not in permissions: logger.error(LogMsg.PREMIUM_PERMISSION_ADDITION_RESTRICTION, username) raise Http_error(403, Message.ACCESS_DENIED) model_instance = GroupPermission() populate_basic_data(model_instance, username) logger.debug(LogMsg.POPULATING_BASIC_DATA) model_instance.group_id = group_id model_instance.permission_id = permission_id db_session.add(model_instance) logger.info(LogMsg.END) return model_instance
def get_user_direct_counts(person_id, db_session, username, **kwargs): logger.info(LogMsg.START, username) user = check_user(username, db_session) permissions, presses = get_user_permissions(username, db_session) permission_data = {} if user.person_id == person_id: permission_data.update({Permissions.IS_OWNER.value: True}) has_permission([Permissions.CHAT_GET_PREMIUM], permissions, None, permission_data) logger.debug(LogMsg.PERMISSION_VERIFIED, username) try: final_res = {} logger.debug(LogMsg.CHAT_GET_USER_MESSAGES, person_id) result = db_session.query(ChatMessage).filter( and_(ChatMessage.receptor_id == person_id, ChatMessage.group_id == None)).order_by( ChatMessage.creation_date.desc()).all() for item in result: final_res[item.sender_id] = 0 seen = get_receptor_sender_last_seen(person_id, item.sender_id, db_session) if seen.last_seen is None or item.creation_date > seen.last_seen: final_res[item.sender_id] += 1 except: logger.exception(LogMsg.GET_FAILED, exc_info=True) raise Http_error(400, Message.NOT_FOUND) logger.info(LogMsg.END) return final_res
def get_orders_items(order_id, db_session, username=None): logger.info(LogMsg.START) result = db_session.query(OrderItem).filter( OrderItem.order_id == order_id).all() order = get_order(order_id, db_session) if order is None: logger.error(LogMsg.NOT_FOUND, {'order_id': order_id}) raise Http_error(404, Message.NOT_FOUND) if username is not None: user = check_user(username, db_session) per_data = {} if order.person_id == user.person_id or ( result is not None and result[0].creator == username): per_data.update({Permissions.IS_OWNER.value: True}) logger.debug(LogMsg.PERMISSION_CHECK, username) validate_permissions_and_access(username, db_session, 'ORDER_ITEM_GET',per_data, model=order, access_level=Access_level.Premium) logger.debug(LogMsg.PERMISSION_VERIFIED, username) final_res = [] for item in result: final_res.append(item_to_dict(item, db_session)) logger.debug(LogMsg.ORDERS_ITEMS, final_res) logger.info(LogMsg.END) return final_res
def delete_wish_list(db_session, username): logger.info(LogMsg.START, username) user = check_user(username, db_session) if user is None: raise Http_error(400, Message.INVALID_USER) if user.person_id is None: logger.error(LogMsg.USER_HAS_NO_PERSON, username) raise Http_error(400, Message.Invalid_persons) validate_person(user.person_id, db_session) logger.debug(LogMsg.PERSON_EXISTS, username) try: logger.debug(LogMsg.WISH_DELETE_ALL, username) db_session.query(WishList).filter( WishList.person_id == user.person_id).delete() logger.debug(LogMsg.DELETE_SUCCESS, {'username': username}) except: logger.exception(LogMsg.DELETE_FAILED, exc_info=True) raise Http_error(502, Message.DELETE_FAILED) logger.info(LogMsg.END) return Http_response(204, True)