async def list_voting_options_election(self, request): private_key, public_key, user = await self._authorize(request) election_id = request.match_info.get('electionId', '') if election_id == '': raise ApiBadRequest( 'The election ID is a required query string parameter') voting_options = await self._database.fetch_election_voting_options_resource( election_id=election_id) if voting_options is None: raise ApiNotFound('Voting Options in the election id ' '{} was not found'.format(election_id)) election = await self._database.fetch_election_resource( election_id=election_id) if election is None: raise ApiNotFound('Election with the election id ' '{} was not found'.format(election_id)) if election.get('results_permission') != 'PUBLIC': poll_registration = await self._database.fetch_poll_book_registration( voter_id=user.get('voter_id'), election_id=election_id) if poll_registration is None and election.get( 'admin_id') != user.get('voter_id'): raise ApiForbidden( 'Voter is not registered in the poll book of the election with the id ' '{} .'.format(election_id)) return json_response(voting_options)
async def get_election(self, request): private_key, public_key, user = await self._authorize(request) election_id = request.match_info.get('electionId', '') if election_id == '': raise ApiBadRequest( 'The election ID is a required query string parameter') if 'asAdmin' in request.rel_url.query: election = await self._database.fetch_election_with_can_vote_resource_admin( voter_id=user.get('voter_id'), election_id=election_id) else: election = await self._database.fetch_election_with_can_vote_resource( voter_id=user.get('voter_id'), election_id=election_id) if election is None: raise ApiNotFound('Election with the election id ' '{} was not found'.format(election_id)) if election.get('results_permission') != 'PUBLIC': if election.get('can_vote') is False and election.get( 'admin_id') != user.get('voter_id'): raise ApiForbidden( 'Voter is not registered in the poll book of the election with the id ' '{}.'.format(election_id)) return json_response(election)
async def list_admins(self, request): private_key, public_key, user = await self._authorize(request) if user.get('type') != 'SUPERADMIN': raise ApiForbidden('Forbidden') admin_list = await self._database.fetch_admins_resources() return json_response(admin_list)
async def list_admin_elections(self, request): private_key, public_key, user = await self._authorize(request) voter_id = request.match_info.get('voterId', '') if voter_id == '': raise ApiBadRequest( 'The voter ID is a required query string parameter') if user.get('voter_id') != voter_id: raise ApiForbidden('Admin must be the authenticated one') if user.get('type') != 'ADMIN' and user.get('type') != 'SUPERADMIN': raise ApiForbidden('Voter must be an admin or superadmin') admin_elections_list = await self._database.fetch_admin_elections_resources( user.get('voter_id')) return json_response(admin_elections_list)
async def get_voters(self, request): private_key, public_key, user = await self._authorize(request) if user.get('type') != 'SUPERADMIN': raise ApiForbidden('Forbidden') voter_id = request.match_info.get('voterId', '') voters_list = await self._database.fetch_voters_resources( voter_id=voter_id) return json_response(voters_list)
async def list_elections_current(self, request): private_key, public_key, user = await self._authorize(request) voterId = request.match_info.get('voterId', '') if voterId == '': raise ApiBadRequest( 'The voter ID is a required query string parameter') if user.get('voter_id') != voterId: raise ApiForbidden('Admin must be the authenticated one') current_elections_list = await self._database.fetch_current_elections_resources( voterId, get_time()) return json_response(current_elections_list)
async def update_voter_type(self, request): private_key, public_key, user = await self._authorize(request) body = await decode_request(request) required_fields = ['type'] validate_fields(required_fields, body) voter_id = request.match_info.get('voterId', '') if voter_id == '': raise ApiBadRequest( 'The voter ID is a required query string parameter') if user.get('type') != 'SUPERADMIN': raise ApiForbidden('Forbidden') voter = await self._database.fetch_voter_resource(voter_id=voter_id) if voter is None: raise ApiNotFound('No voter found') if body.get('type') == 'ADMIN' and (voter.get('type') == 'ADMIN' or voter.get('type') == 'SUPERADMIN'): raise ApiConflict( 'Voter {} is already an admin or superadmin'.format(voter_id)) elif body.get('type') == 'VOTER' and voter.get('type') == 'VOTER': raise ApiConflict('Voter {} is already a voter. '.format(voter_id)) auth_info = await self._database.fetch_auth_resource( public_key=voter.get('public_key')) voter_private_key = decrypt_private_key( request.app['aes_key'], voter.get('public_key'), auth_info.get('encrypted_private_key')) await self._messenger.send_update_voter_transaction( private_key=voter_private_key, voter_id=voter_id, public_key=voter.get('public_key'), name=voter.get('name'), created_at=get_time(), type=body.get('type')) return json_response({ 'voter': { 'voter_id': voter_id, 'name': voter.get('name'), 'type': 'ADMIN' } })
async def get_vote_election(self, request): private_key, public_key, user = await self._authorize(request) voter_id = request.match_info.get('voterId', '') if voter_id == '': raise ApiBadRequest( 'The voter ID is a required query string parameter') election_id = request.match_info.get('electionId', '') if election_id == '': raise ApiBadRequest( 'The election ID is a required query string parameter') if user.get('voter_id') != voter_id: raise ApiForbidden('Admin must be the authenticated one') vote = await self._database.fetch_my_vote__election_resource( voter_id=voter_id, election_id=election_id) return json_response(vote)
async def create_election(self, request): private_key, public_key, user = await self._authorize(request) body = await decode_request(request) required_fields = [ 'name', 'description', 'start_timestamp', 'end_timestamp', 'results_permission', 'can_change_vote', 'can_show_realtime', 'voting_options', 'poll_book' ] validate_fields(required_fields, body) if user.get('type') != 'ADMIN' and user.get('type') != 'SUPERADMIN': raise ApiForbidden('Voter must be an admin or superadmin') election_id = uuid.uuid1().hex voting_options = body.get('voting_options') admin = await self._database.fetch_voter_resource(public_key=public_key ) for voting_option in voting_options: if voting_option.get('name').upper( ) == "NULL" or voting_option.get('name').upper() == "BLANK": raise ApiInternalError('NULL and BLANK are default options') voting_options.append({"name": "NULL", "description": "VOTE NULL"}) voting_options.append({"name": "BLANK", "description": "VOTE BLANK"}) await self._messenger.send_create_election_transaction( private_key=private_key, election_id=election_id, name=body.get('name'), description=body.get('description'), start_timestamp=body.get('start_timestamp'), end_timestamp=body.get('end_timestamp'), results_permission=body.get('results_permission'), can_change_vote=body.get('can_change_vote'), can_show_realtime=body.get('can_show_realtime'), admin_id=admin.get('voter_id'), status=1, timestamp=get_time()) for voting_option in voting_options: voting_option_id = uuid.uuid1().hex await self._messenger.send_create_voting_option_transaction( private_key=private_key, voting_option_id=voting_option_id, name=voting_option.get('name'), description=voting_option.get('description'), election_id=election_id, status=1, timestamp=get_time()) await self._database.insert_voting_option_num_vote_resource( voting_option_id=voting_option_id, name=voting_option.get('name'), election_id=election_id) for poll_book in body.get('poll_book'): await self._messenger.send_create_poll_registration_transaction( private_key=private_key, voter_id=poll_book.get('id'), name=poll_book.get('name'), election_id=election_id, status=1, timestamp=get_time()) return json_response({'data': 'Create election transaction submitted'})