def before_update_object(self, role_invite, data, view_kwargs):
"""
Method to edit object
:param role_invite:
:param data:
:param view_kwargs:
:return:
"""
user = User.query.filter_by(email=role_invite.email).first()
if user:
if not has_access(
'is_organizer',
event_id=role_invite.event_id) and not has_access(
'is_user_itself', user_id=user.id):
raise UnprocessableEntity({
'source': ''
}, "Status can be updated only by event organizer or user hiself"
)
if 'role_name' in data and data[
'role_name'] == 'owner' and not has_access(
'is_owner', event_id=data['event']):
raise ForbiddenException({'source': ''},
'Owner access is required.')
if not user and not has_access('is_organizer',
event_id=role_invite.event_id):
raise UnprocessableEntity({'source': ''}, "User not registered")
if not has_access('is_organizer', event_id=role_invite.event_id) and (
len(list(data.keys())) > 1 or 'status' not in data):
raise UnprocessableEntity({'source': ''},
"You can only change your status")
def after_create_object(self, event_topic, data, view_kwargs):
"""
after create method to save roles for users and add the user as an accepted role(organizer)
:param event_topic:
:param data:
:param view_kwargs:
:return:
"""
if data.get('system_image_url'):
try:
uploaded_image = create_system_image(
data['system_image_url'], unique_identifier=event_topic.id)
except (urllib.error.HTTPError, urllib.error.URLError):
raise UnprocessableEntity(
{'source': 'attributes/system-image-url'},
'Invalid Image URL')
except IOError:
raise UnprocessableEntity(
{'source': 'attributes/system-image-url'},
'Image is absent at URL')
else:
try:
uploaded_image = create_system_image(
unique_identifier=event_topic.id)
except IOError:
raise UnprocessableEntity({'source': ''},
'Default Image is absent in server')
self.session.query(EventTopic).filter_by(
id=event_topic.id).update(uploaded_image)
self.session.commit()
def validate_date(event, data):
if event:
if 'starts_at' not in data:
data['starts_at'] = event.starts_at
if 'ends_at' not in data:
data['ends_at'] = event.ends_at
if not data.get('starts_at') or not data.get('ends_at'):
raise UnprocessableEntity({'pointer': '/data/attributes/date'},
"enter required fields starts-at/ends-at")
if data['starts_at'] >= data['ends_at']:
raise UnprocessableEntity({'pointer': '/data/attributes/ends-at'},
"ends-at should be after starts-at")
if datetime.timestamp(data['starts_at']) <= datetime.timestamp(
datetime.now()):
if event and event.deleted_at and not data.get('deleted_at'):
data['state'] = 'draft'
elif event and not event.deleted_at and data.get('deleted_at'):
pass
else:
raise UnprocessableEntity(
{'pointer': '/data/attributes/starts-at'},
"starts-at should be after current date-time")
def validate_quantity(self, data):
if 'max_order' in data and 'min_order' in data:
if data['max_order'] < data['min_order']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/max-order'},
"max-order should be greater than or equal to min-order")
if 'quantity' in data and 'min_order' in data:
if data['quantity'] < data['min_order']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/quantity'},
"quantity should be greater than or equal to min-order")
if 'min_price' in data and 'max_price' in data and data[
'type'] == 'donation':
if data['min_price'] > data['max_price']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/min-price'},
"minimum price should be lesser than or equal to maximum price"
)
if 'quantity' in data and 'max_order' in data:
if data['quantity'] < data['max_order']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/quantity'},
"quantity should be greater than or equal to max-order")
def validate_satus(self, data, original_data):
if 'role' in data and 'role_name' in data:
try:
role = Role.query.filter_by(id=data['role']).one()
except NoResultFound:
raise ObjectNotFound({'source': '/data/role'},
"Role not found")
if role.name != data['role_name']:
raise UnprocessableEntity({'pointer': '/data/attributes/role'},
"Role id do not match role name")
if 'id' in original_data['data']:
try:
role_invite = RoleInvite.query.filter_by(
id=original_data['data']['id']).one()
except NoResultFound:
raise ObjectNotFound({'source': '/data/id'},
"Role invite not found")
if 'role' not in data:
data['role'] = role_invite.role.id
if 'role_name' in data:
try:
role = Role.query.filter_by(id=data['role']).one()
except NoResultFound:
raise ObjectNotFound({'source': '/data/role'},
"Role not found")
if role.name != data['role_name']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/role'},
"Role id do not match role name")
def before_update_object(self, event_topic, data, view_kwargs):
"""
method to save image urls before updating event object
:param event_topic:
:param data:
:param view_kwargs:
:return:
"""
if data.get('system_image_url'):
try:
uploaded_image = create_system_image(
data['system_image_url'], unique_identifier=event_topic.id)
except (urllib.error.HTTPError, urllib.error.URLError):
raise UnprocessableEntity(
{'source': 'attributes/system-image-url'},
'Invalid Image URL')
except IOError:
raise UnprocessableEntity(
{'source': 'attributes/system-image-url'},
'Image is absent at URL')
else:
try:
uploaded_image = create_system_image(
unique_identifier=event_topic.id)
except IOError:
raise UnprocessableEntity({'source': ''},
'Default Image is absent in server')
data['system_image_url'] = uploaded_image['system_image_url']
def validate_date(self, data, original_data):
if 'id' in original_data['data']:
ticket = Ticket.query.filter_by(
id=original_data['data']['id']).one()
if 'sales_starts_at' not in data:
data['sales_starts_at'] = ticket.sales_starts_at
if 'sales_ends_at' not in data:
data['sales_ends_at'] = ticket.sales_ends_at
if 'event_ends_at' not in data:
data['event_ends_at'] = ticket.event.ends_at
if data['sales_starts_at'] >= data['sales_ends_at']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/sales-ends-at'},
"sales-ends-at should be after sales-starts-at")
if 'event_ends_at' in data and data['sales_starts_at'] > data[
'event_ends_at']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/sales-starts-at'},
"ticket sales-starts-at should be before event ends-at")
if 'event_ends_at' in data and data['sales_ends_at'] > data[
'event_ends_at']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/sales-ends-at'},
"ticket sales-ends-at should be before event ends-at")
def query(self, view_kwargs):
"""Filter geokrety"""
query_ = self.session.query(Geokret)
waypoint = request.args.get('waypoint')
if waypoint is not None:
if waypoint:
return query_.filter(Geokret.last_position.has(Move.waypoint == waypoint))
raise UnprocessableEntity("Waypoint is invalid",
{'pointer': '/argument/waypoint'})
latitude = request.args.get('latitude')
longitude = request.args.get('longitude')
if latitude and longitude:
if not REG_LATITUDE.match(str(latitude)):
raise UnprocessableEntity("Latitude is invalid",
{'pointer': '/argument/latitude'})
if not REG_LONGITUDE.match(str(longitude)):
raise UnprocessableEntity("Longitude is invalid",
{'pointer': '/argument/longitude'})
return query_\
.filter(Geokret.last_position.has(Move.latitude == latitude))\
.filter(Geokret.last_position.has(Move.latitude == latitude))
raise UnprocessableEntity("Waypoint or latitude/longitude missing from arguments",
{'pointer': '/argument/[waypoint or latitude-longitude]'})
def before_create_object(self, data, view_kwargs):
"""
before create method to check if paid ticket has a paymentMethod enabled
:param data:
:param view_kwargs:
:return:
"""
if data.get('event'):
try:
event = db.session.query(Event).filter_by(
id=data['event'], deleted_at=None).one()
except NoResultFound:
raise UnprocessableEntity({'event_id': data['event']},
"Event does not exist")
if data.get('type') == 'paid':
if not event.is_payment_enabled():
raise UnprocessableEntity(
{'event_id': data['event']},
"Event having paid ticket must have a payment method")
if data.get('sales_ends_at') > event.ends_at:
raise UnprocessableEntity(
{'sales_ends_at': '/data/attributes/sales-ends-at'},
"Ticket end date cannot be greater than event end date")
def validate_order_quantity(self, data, original_data):
if 'id' in original_data['data']:
access_code = AccessCode.query.filter_by(
id=original_data['data']['id']).one()
if 'min_quantity' not in data:
data['min_quantity'] = access_code.min_quantity
if 'max_quantity' not in data:
data['max_quantity'] = access_code.max_quantity
if 'tickets_number' not in data:
data['tickets_number'] = access_code.tickets_number
min_quantity = data.get('min_quantity', None)
max_quantity = data.get('max_quantity', None)
tickets_number = data.get('tickets_number', None)
if min_quantity and max_quantity and (min_quantity > max_quantity):
raise UnprocessableEntity(
{'pointer': '/data/attributes/min-quantity'},
"min-quantity should be less than max-quantity",
)
if tickets_number and max_quantity and (tickets_number < max_quantity):
raise UnprocessableEntity(
{'pointer': '/data/attributes/tickets-number'},
"tickets-number should be greater than max-quantity",
)
def validate_date(self, data, original_data):
if 'id' in original_data['data']:
try:
event = Event.query.filter_by(
id=original_data['data']['id']).one()
except NoResultFound:
raise ObjectNotFound({'source': 'data/id'},
"Event id not found")
if 'starts_at' not in data:
data['starts_at'] = event.starts_at
if 'ends_at' not in data:
data['ends_at'] = event.ends_at
if 'starts_at' not in data or 'ends_at' not in data:
raise UnprocessableEntity(
{'pointer': '/data/attributes/date'},
"enter required fields starts-at/ends-at")
if data['starts_at'] >= data['ends_at']:
raise UnprocessableEntity({'pointer': '/data/attributes/ends-at'},
"ends-at should be after starts-at")
if datetime.timestamp(data['starts_at']) <= datetime.timestamp(
datetime.now()):
raise UnprocessableEntity(
{'pointer': '/data/attributes/starts-at'},
"starts-at should be after current date-time")
def before_get(self, args, kwargs):
if kwargs.get('event_identifier'):
event = safe_query(db, Event, 'identifier', kwargs['event_identifier'], 'event_identifier')
kwargs['event_id'] = event.id
if kwargs.get('event_id') and has_access('is_admin'):
event = safe_query(db, Event, 'id', kwargs['event_id'], 'event_id')
if event.discount_code_id:
kwargs['id'] = event.discount_code_id
else:
kwargs['id'] = None
if kwargs.get('id'):
discount = db.session.query(DiscountCode).filter_by(id=kwargs.get('id')).one()
if not discount:
raise ObjectNotFound({'parameter': '{id}'}, "DiscountCode: not found")
if discount.used_for == 'ticket' and has_access('is_coorganizer', event_id=discount.event_id):
self.schema = DiscountCodeSchemaTicket
elif discount.used_for == 'event' and has_access('is_admin'):
self.schema = DiscountCodeSchemaEvent
else:
raise UnprocessableEntity({'source': ''},
"Please verify your permission")
elif not kwargs.get('id') and not has_access('is_admin'):
raise UnprocessableEntity({'source': ''},
"Please verify your permission. You must be admin to view event\
discount code details")
def before_create_object(self, data, view_kwargs):
"""
before create object method for OrderListPost Class
:param data:
:param view_kwargs:
:return:
"""
for ticket_holder in data['ticket_holders']:
# Ensuring that the attendee exists and doesn't have an associated order.
try:
ticket_holder_object = self.session.query(
TicketHolder).filter_by(id=int(ticket_holder),
deleted_at=None).one()
if ticket_holder_object.order_id:
raise ConflictException(
{'pointer': '/data/relationships/attendees'},
"Order already exists for attendee with id {}".format(
str(ticket_holder)))
except NoResultFound:
raise ConflictException(
{'pointer': '/data/relationships/attendees'},
"Attendee with id {} does not exists".format(
str(ticket_holder)))
if data.get('cancel_note'):
del data['cancel_note']
if data.get('payment_mode') != 'free' and not data.get('amount'):
raise ConflictException({'pointer': '/data/attributes/amount'},
"Amount cannot be null for a paid order")
if not data.get('amount'):
data['amount'] = 0
# Apply discount only if the user is not event admin
if data.get('discount') and not has_access('is_coorganizer',
event_id=data['event']):
discount_code = safe_query_without_soft_deleted_entries(
self, DiscountCode, 'id', data['discount'], 'discount_code_id')
if not discount_code.is_active:
raise UnprocessableEntity({'source': 'discount_code_id'},
"Inactive Discount Code")
else:
now = datetime.utcnow()
valid_from = datetime.strptime(discount_code.valid_from,
'%Y-%m-%d %H:%M:%S')
valid_till = datetime.strptime(discount_code.valid_till,
'%Y-%m-%d %H:%M:%S')
if not (valid_from <= now <= valid_till):
raise UnprocessableEntity({'source': 'discount_code_id'},
"Inactive Discount Code")
if not TicketingManager.match_discount_quantity(
discount_code, data['ticket_holders']):
raise UnprocessableEntity({'source': 'discount_code_id'},
'Discount Usage Exceeded')
if discount_code.event.id != data[
'event'] and discount_code.user_for == TICKET:
raise UnprocessableEntity({'source': 'discount_code_id'},
"Invalid Discount Code")
def check_billing_info(data):
if data.get('amount') and data.get('amount') > 0 and not data.get('is_billing_enabled'):
raise UnprocessableEntity({'pointer': '/data/attributes/is_billing_enabled'},
"Billing information is mandatory for this order")
if data.get('is_billing_enabled') and not (data.get('company') and data.get('address') and data.get('city') and
data.get('zipcode') and data.get('country')):
raise UnprocessableEntity({'pointer': '/data/attributes/is_billing_enabled'},
"Billing information incomplete")
def validate_latitude_longitude(self, data):
if data.get('latitude') is None and data.get('longitude') is not None:
raise UnprocessableEntity(
"Latitude and longitude must be of the same type",
{'pointer': '/data/attributes/latitude'})
if data.get('latitude') is not None and data.get('longitude') is None:
raise UnprocessableEntity(
"Latitude and longitude must be of the same type",
{'pointer': '/data/attributes/longitude'})
def before_get_object(self, view_kwargs):
"""
before get method for Discount Code detail
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier',
view_kwargs['event_identifier'],
'event_identifier')
view_kwargs['event_id'] = event.id
if view_kwargs.get('event_id') and has_access('is_admin'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'],
'event_id')
if event.discount_code_id:
view_kwargs['id'] = event.discount_code_id
else:
view_kwargs['id'] = None
if view_kwargs.get('event_invoice_id') and has_access('is_admin'):
event_invoice = safe_query(self, EventInvoice, 'id',
view_kwargs['event_invoice_id'],
'event_invoice_id')
if event_invoice.discount_code_id:
view_kwargs['id'] = event_invoice.discount_code_id
else:
view_kwargs['id'] = None
if view_kwargs.get('id'):
try:
discount = self.session.query(DiscountCode).filter_by(
id=view_kwargs.get('id')).one()
except NoResultFound:
raise ObjectNotFound({'parameter': '{id}'},
"DiscountCode: not found")
if 'code' in view_kwargs: # usage via discount code is public
self.schema = DiscountCodeSchemaPublic
return
# if discount.used_for == 'ticket' and has_access('is_coorganizer', event_id=discount.event_id):
if discount.used_for == 'ticket':
self.schema = DiscountCodeSchemaTicket
# elif discount.used_for == 'event' and has_access('is_admin'):
elif discount.used_for == 'event':
self.schema = DiscountCodeSchemaEvent
else:
raise UnprocessableEntity({'source': ''},
"Please verify your permission")
elif not view_kwargs.get('id') and not has_access('is_admin'):
raise UnprocessableEntity({
'source': ''
}, "Please verify your permission. You must be admin to view event\
discount code details")
def before_create_object(self, data, view_kwargs):
if data['used_for'] == 'event' and 'events' in data:
for event in data['events']:
try:
event_now = db.session.query(Event).filter_by(id=event).one()
except NoResultFound:
raise UnprocessableEntity({'event_id': event},
"Event does not exist")
if event_now.discount_code_id:
raise UnprocessableEntity({'event_id': event},
"A Discount Code already exists for the provided Event ID")
def validate_quantity(self, data):
if 'max_order' in data and 'min_order' in data:
if data['max_order'] < data['min_order']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/max-order'},
"max-order should be greater than min-order")
if 'quantity' in data and 'min_order' in data:
if data['quantity'] < data['min_order']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/quantity'},
"quantity should be greater than min-order")
def before_post(self, args, kwargs, data):
"""
Before post method to check for required relationship and proper permissions
:param args:
:param kwargs:
:param data:
:return:
"""
require_relationship(['ticket', 'event'], data)
ticket = (
db.session.query(Ticket)
.filter_by(id=int(data['ticket']), deleted_at=None)
.first()
)
if ticket is None:
raise UnprocessableEntity(
{'pointer': '/data/relationships/ticket'}, "Invalid Ticket"
)
if ticket.event_id != int(data['event']):
raise UnprocessableEntity(
{'pointer': '/data/relationships/ticket'},
"Ticket belongs to a different Event",
)
# Check if the ticket is already sold out or not.
if get_sold_and_reserved_tickets_count(ticket.event_id) >= ticket.quantity:
raise ConflictException(
{'pointer': '/data/attributes/ticket_id'}, "Ticket already sold out"
)
if 'device_name_checkin' in data and data['device_name_checkin'] is not None:
if 'is_checked_in' not in data or not data['is_checked_in']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/device_name_checkin'},
"Attendee needs to be checked in first",
)
elif 'checkin_times' not in data or data['checkin_times'] is None:
raise UnprocessableEntity(
{'pointer': '/data/attributes/device_name_checkin'},
"Check in Times missing",
)
elif len(data['checkin_times'].split(",")) != len(
data['device_name_checkin'].split(",")
):
raise UnprocessableEntity(
{'pointer': '/data/attributes/device_name_checkin'},
"Check in Times missing for the corresponding device name",
)
if 'checkin_times' in data:
if 'device_name_checkin' not in data or data['device_name_checkin'] is None:
data['device_name_checkin'] = '-'
def create_object(self, data, view_kwargs):
order = Order.query.filter_by(id=view_kwargs['id']).first()
if order.payment_mode == 'stripe':
if data.get('stripe') is None:
raise UnprocessableEntity({'source': ''}, "stripe token is missing")
success, response = TicketingManager.charge_stripe_order_payment(order, data['stripe'])
if not success:
raise UnprocessableEntity({'source': 'stripe_token_id'}, response)
elif order.payment_mode == 'paypal':
success, response = TicketingManager.charge_paypal_order_payment(order)
if not success:
raise UnprocessableEntity({'source': ''}, response)
return order
def validate_fields(self, data, original_data):
is_patch_request = 'id' in original_data['data']
if is_patch_request:
try:
session = Session.query.filter_by(
id=original_data['data']['id']).one()
except NoResultFound:
raise ObjectNotFound({'parameter': '{id}'},
"Session: not found")
if 'starts_at' not in data:
data['starts_at'] = session.starts_at
if 'ends_at' not in data:
data['ends_at'] = session.ends_at
if 'event' not in data:
data['event'] = session.event_id
if data['starts_at'] and data['ends_at']:
if data['starts_at'] >= data['ends_at']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/ends-at'},
"ends-at should be after starts-at",
)
if not is_patch_request and datetime.timestamp(
data['starts_at']) <= datetime.timestamp(datetime.now()):
raise UnprocessableEntity(
{'pointer': '/data/attributes/starts-at'},
"starts-at should be after current date-time",
)
if 'state' in data:
if data['state'] not in ('draft', 'pending'):
if not has_access('is_coorganizer', event_id=data['event']):
return ForbiddenException(
{'source': ''}, 'Co-organizer access is required.')
if 'track' in data:
if not has_access('is_coorganizer', event_id=data['event']):
return ForbiddenException({'source': ''},
'Co-organizer access is required.')
if 'microlocation' in data:
if not has_access('is_coorganizer', event_id=data['event']):
return ForbiddenException({'source': ''},
'Co-organizer access is required.')
validate_complex_fields_json(self, data, original_data)
def validate_value(self, data, original_data):
if 'id' in original_data['data']:
try:
discount_code = DiscountCode.query.filter_by(
id=original_data['data']['id']
).one()
except NoResultFound:
raise ObjectNotFound({'parameter': '{code}'}, "DiscountCode: not found")
if 'type' not in data:
data['type'] = discount_code.type
if 'value' not in data:
data['value'] = discount_code.value
if data['type'] == "percent":
if 'tickets' in data:
for ticket in data['tickets']:
ticket_object = Ticket.query.filter_by(id=ticket).one()
if not ticket_object.price:
raise UnprocessableEntity(
{'pointer': '/data/attributes/tickets'},
"discount code cannot be applied on free tickets",
)
if data['value'] < 0 or data['value'] > 100:
raise UnprocessableEntity(
{'pointer': '/data/attributes/value'},
"discount percent must be within range of 0 and 100",
)
if data['type'] == "amount":
if 'tickets' in data:
for ticket in data['tickets']:
ticket_object = Ticket.query.filter_by(id=ticket).one()
if not ticket_object.price:
raise UnprocessableEntity(
{'pointer': '/data/attributes/tickets'},
"discount code cannot be applied on free tickets",
)
if ticket_object.price < data['value']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/value'},
"discount amount cannot be more than ticket amount",
)
if data['value'] < 0:
raise UnprocessableEntity(
{'pointer': '/data/attributes/value'},
"discount amount cannot be less than zero",
)
def validate_complex_fields_json(self, data, original_data):
if data.get('complex_field_values'):
if any(((not isinstance(i, (str, bool, int, float))) and i is not None)
for i in data['complex_field_values'].values()):
raise UnprocessableEntity(
{'pointer': '/data/attributes/complex_field_values'},
"Only flattened JSON of form {key: value} where value is a string, "
"integer, float, bool or null is permitted for this field")
if len(data['complex_field_values']) > get_settings(
)['max_complex_custom_fields']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/complex_field_values'},
"A maximum of {} complex custom form fields are currently supported"
.format(get_settings()['max_complex_custom_fields']))
def validate_quantity(self, data, original_data):
if 'id' in original_data['data']:
try:
discount_code = DiscountCode.query.filter_by(
id=original_data['data']['id']).one()
except NoResultFound:
raise ObjectNotFound({'parameter': '{code}'},
"DiscountCode: not found")
if 'min_quantity' not in data:
data['min_quantity'] = discount_code.min_quantity
if 'max_quantity' not in data:
data['max_quantity'] = discount_code.max_quantity
if 'tickets_number' not in data:
data['tickets_number'] = discount_code.tickets_number
DiscountCodeSchemaTicket.quantity_validation_helper(data)
if 'tickets_number' in data and 'max_quantity' in data:
if data['tickets_number'] < data['max_quantity']:
raise UnprocessableEntity(
{'pointer': '/data/attributes/tickets-number'},
"tickets-number should be greater than max-quantity")
def validate_observation_radius_value(self, data):
if data is None:
return
if data < 0 or data > 10:
raise UnprocessableEntity(
"Observation radius must be between 0 and 10",
{'pointer': '/data/attributes/observation-radius'})
def validate_waypoint(self, data):
if not data:
return
if not all(c in ALLOWED_WAYPOINT_CHARACTERS for c in data):
raise UnprocessableEntity("Waypoint format is invalid",
{'pointer': '/data/attributes/waypoint'})
def validate_date(self, data, original_data):
if 'id' in original_data['data']:
session = Session.query.filter_by(
id=original_data['data']['id']).one()
if 'starts_at' not in data:
data['starts_at'] = session.starts_at
if 'ends_at' not in data:
data['ends_at'] = session.ends_at
if 'event' not in data:
data['event'] = session.event_id
if data['starts_at'] >= data['ends_at']:
raise UnprocessableEntity({'pointer': '/data/attributes/ends-at'},
"ends-at should be after starts-at")
if 'state' in data:
if data['state'] is not 'draft' or not 'pending':
if not has_access('is_coorganizer', event_id=data['event']):
return ForbiddenException(
{'source': ''}, 'Co-organizer access is required.')
if 'track' in data:
if not has_access('is_coorganizer', event_id=data['event']):
return ForbiddenException({'source': ''},
'Co-organizer access is required.')
if 'microlocation' in data:
if not has_access('is_coorganizer', event_id=data['event']):
return ForbiddenException({'source': ''},
'Co-organizer access is required.')
def before_create_object(self, data, view_kwargs):
"""
method to check if stripe authorization object already exists for an event.
Raises ConflictException if it already exists.
If it doesn't, then uses the StripePaymentManager to get the other credentials from Stripe.
:param data:
:param view_kwargs:
:return:
"""
try:
self.session.query(StripeAuthorization).filter_by(
event_id=data['event'], deleted_at=None).one()
except NoResultFound:
credentials = StripePaymentsManager\
.get_event_organizer_credentials_from_stripe(data['stripe_auth_code'])
if 'error' in credentials:
raise UnprocessableEntity(
{'pointer': '/data/stripe_auth_code'},
credentials['error_description'])
data['stripe_secret_key'] = credentials['access_token']
data['stripe_refresh_token'] = credentials['refresh_token']
data['stripe_publishable_key'] = credentials[
'stripe_publishable_key']
data['stripe_user_id'] = credentials['stripe_user_id']
else:
raise ConflictException(
{'pointer': '/data/relationships/event'},
"Stripe Authorization already exists for this event")
def require_relationship(resource_list, data):
for resource in resource_list:
if resource not in data:
raise UnprocessableEntity(
{'pointer': '/data/relationships/{}'.format(resource)},
"A valid relationship with {} resource is required".format(
resource))
def before_update_object(self, ticket, data, view_kwargs):
"""
method to check if paid ticket has payment method before updating ticket object
:param ticket:
:param data:
:param view_kwargs:
:return:
"""
if ticket.type == 'paid':
try:
event = db.session.query(Event).filter_by(id=ticket.event.id, deleted_at=None).one()
except NoResultFound:
raise UnprocessableEntity({'event_id': ticket.event.id}, "Event does not exist")
if not event.is_payment_enabled():
raise UnprocessableEntity(
{'event_id': ticket.event.id}, "Event having paid ticket must have a payment method")
