def manage_request(current_user, requestId): is_admin = current_user[4] if is_admin is False: return jsonify({"message": "operation requires admin rights"}), 401 _request = Requests() if not _request.fetch_one("requests", "WHERE id = " + requestId + ""): return jsonify({"message": "request doesnot exist"}), 404 if not request.json: return jsonify({"message": "invalid request"}), 400 field = request.get_json() if field['status'] not in ("approve", "resolve", "disapprove"): return jsonify({ "message": "status not valid", "help tip": "please use 'approve',resolve or disapprove" }), 400 new_request = _request.update_record("requests", "status='" + field['status'] + "d'", "id=" + requestId + "") if new_request: return jsonify( {"message": "request " + field['status'] + "d successfully"}), 200 return jsonify({"message": "request not " + field['status'] + "d"}), 400
def user_city(): inp = request.args.get('station_name') Requests.insert_city(inp) status, value = interpreter.user_city(inp) data = BuilderResponse.get_response(status, value) return jsonify(data)
def get_request(current_user, requestId): user_id = current_user[0] _request = Requests() _request = _request.fetch_request_by_id(user_id, requestId) if not _request: return jsonify({ 'status': 'unkown request id', 'message': 'request does not exist' }), 400 results = [] this_request = { 'id': _request[0], 'type': _request[2], 'title': _request[3], 'description': _request[4], 'create_date': _request[5], 'status': _request[6] } results.append(this_request) return jsonify({ 'requests': results, 'status': 'OK', 'message': 'returned successfully' }), 200
def date(): date = request.args.get('date') Requests.insert_date(date) status, value = interpreter.user_travel_date(date) data = BuilderResponse.get_response(status, value) return jsonify(data)
def put_request(current_user, requestId): if not request.json: return jsonify({"message": "request is invalid"}), 400 if "title" not in request.json: return jsonify({"message": "title is missing"}), 400 if "type" not in request.json: return jsonify({"message": "type is missing"}), 400 if "description" not in request.json: return jsonify({"message": "body is missing"}), 400 field = request.get_json() r_type = field['type'].lower() r_title = field['title'].lower() r_description = field['description'] user_id = str(current_user[0]) requestId = str(requestId) if re.compile("[~!@#$%^&*()-_=+}{]").search(r_title) or r_title == "": return jsonify({ "message": "request title is not valid", "user": r_title, }), 400 if re.compile("[~!@#$%^&*()-_=+}{]").search(r_type) or r_type == "": return jsonify({"message": "request type is not valid"}), 400 if r_type not in ("repair", "maintenance"): return jsonify( {"message": "request type is not valid use reapir or maintanance"}), 400 _request = Requests() request_data = _request.fetch_request_by_id(user_id, requestId) if not request_data: return jsonify({ 'message': 'updating request failed, user and request combination doesnot exist' }), 400 current_status = request_data[6] if request_data and current_status == "pending": return jsonify({'message': 'request not yet approved'}), 400 if request_data and current_status == "resolved": return jsonify({'message': 'request already resolved'}), 400 if request_data and current_status == "disapproved": return jsonify({'message': 'can not update disapproved request'}), 400 result = _request.update_request(user_id, requestId, r_type, r_title, r_description) if result: return jsonify({'message': 'request updated successfully'}), 200
def user_state(): dict_inp = [{ 'station_name': request.args.get('station_name'), 'state_name': request.args.get('state_name'), 'station_ids': "1", 'type': 'STATION' }] inp = request.args.get('state_name') Requests.insert_state(inp) status, value = interpreter.user_state(dict_inp) data = BuilderResponse.get_response(status, value) return jsonify(data)
def create_requests_search_set(requester, other_requester): """ Generate 216 unique requests. Every combination of title content, description content, agency description content, title privacy, agency description privacy, and requester is guaranteed to be unique. """ agency_eins = [ ein[0] for ein in Agencies.query.with_entities(Agencies.ein).all() ] for title_private, agency_request_summary_private, is_requester in product( range(2), repeat=3): for title, description, agency_request_summary in product( ("foo", "bar", "qux"), repeat=3): agency_ein = random.choice(agency_eins) date_created = get_random_date(datetime(2015, 1, 1), datetime(2016, 1, 1)) date_submitted = get_following_date(date_created) # TODO: use rf = RequestsFactory() request = Requests(generate_request_id(agency_ein), title=title, description=description, agency_ein=agency_ein, date_created=date_created, date_submitted=date_submitted, due_date=get_due_date(date_submitted, ACKNOWLEDGMENT_DAYS_DUE, 'US/Eastern'), submission=submission_methods.DIRECT_INPUT, status=random.choice( (request_status.OPEN, request_status.CLOSED, request_status.OVERDUE, request_status.IN_PROGRESS, request_status.DUE_SOON)), privacy={ 'title': bool(title_private), 'agency_request_summary': bool(agency_request_summary_private) }) request.agency_request_summary = agency_request_summary create_object(request) user_request = UserRequests( user_guid=(requester.guid if is_requester else other_requester.guid), auth_user_type=(requester.auth_user_type if is_requester else other_requester.auth_user_type), request_id=request.id, request_user_type=user_type_request.REQUESTER, permissions=11) create_object(user_request)
def account(account_id): form = RequestVoucher() voucher_requests = Requests.query.filter_by(requested_by=account_id, voucher=None) account = Accounts.query.filter_by(id=account_id).first() if voucher_requests.count() == 0: voucher_requests = False if form.validate_on_submit(): request = Requests( id=str(uuid.uuid4()), nickname=form.nickname.data, email=form.email.data, request_type=form.request_type.data, requested_by=account.id, ) db.session.add(request) db.session.commit() del request flash("voucher request created") voucher_requests = Requests.query.filter_by(requested_by=account_id) return render_template("account.html", account=account, voucher_requests=voucher_requests, form=form)
def create_request(current_user): if not request.json: return jsonify({"message": "request is invalid"}), 400 if "title" not in request.json: return jsonify({"message": "title is missing"}), 400 if "type" not in request.json: return jsonify({"message": "type is missing"}), 400 if "description" not in request.json: return jsonify({"message": "body is missing"}), 400 field = request.get_json() r_type = field['type'].lower() r_title = field['title'].lower() r_description = field['description'] r_date = str(datetime.datetime.utcnow()) user_id = str(current_user[0]) if re.compile("[~!@#$%^&*()-_=+}{]").search(r_title) or r_title == "": return jsonify({ "message": "request title is not valid", "user": r_title, }), 400 if re.compile("[~!@#$%^&*()-_=+}{]").search(r_type) or r_type == "": return jsonify({"message": "request type is not valid"}), 400 if r_type not in ("repair", "maintenance"): return jsonify( {"message": "request type is not valid use repair or maintenance"}), 400 _request = Requests() if _request.fetch_request(user_id, r_title): return jsonify({'message': 'request title already used'}), 409 result = _request.insert_request(user_id, r_type, r_title, r_description, r_date) if result: return jsonify({'message': 'request created successfully'}), 201 return jsonify({'message': 'creating request failed'}), 400
def test_request_es_doc_not_created(self, es_create_patch): create_object( Requests('FOIL-COT', title="Where's my money Denny?", description="Oh Hi!", agency_ein=54, date_created=datetime.utcnow(), date_submitted=datetime.utcnow(), due_date=datetime.utcnow(), submission=IN_PERSON, status=OVERDUE)) self.assertFalse(es_create_patch.called)
def get_requests_admin(current_user): is_admin = current_user[4] if is_admin is False: return jsonify({"message": "operation requires admin rights"}), 401 _requests = Requests() total_results = _requests.fetch_all("requests") request_list = [] for _request in total_results: this_request = { "id": _request[0], "user id": _request[1], "type": _request[2], "title": _request[3], "description": _request[4], } request_list.append(this_request) return jsonify({ "message": "returned successfully", "requests": request_list, "counts": len(request_list) }), 200
def get_requests(current_user): user_id = current_user[0] _requests = Requests() _requests = _requests.fetch_requests(user_id) if _requests is False: return jsonify({"message": "you have no requests"}), 400 results = [] for _request in _requests: this_request = { 'id': _request[0], 'type': _request[2], 'title': _request[3], 'description': _request[4], 'status': _request[6] } results.append(this_request) return jsonify({ 'requests': results, 'status': 'OK', 'message': 'returned successfully' }), 200
def __init__(self, request_id=None, clean=True): """ :param request_id: request FOIL id :param clean: reset data? """ self.clean = clean date_created = datetime.utcnow() date_submitted = get_following_date(date_created) agency_ein = '0860' self.request = Requests( request_id or generate_request_id(agency_ein), title="I would like my vital essence.", description="Someone has taken my vital essence " "and I would like it back.", agency_ein=agency_ein, date_created=date_created, date_submitted=date_submitted, due_date=get_due_date(date_submitted, ACKNOWLEDGMENT_DAYS_DUE), submission=submission_methods.DIRECT_INPUT, status=request_status.OPEN) create_object(self.request) self.requester = Users( guid=generate_user_guid(user_type_auth.PUBLIC_USER_NYC_ID), auth_user_type=user_type_auth.PUBLIC_USER_NYC_ID, agency_ein=agency_ein, first_name='Jane', last_name='Doe', email='*****@*****.**', email_validated=True, terms_of_use_accepted=True, title='The Janest') create_object(self.requester) self.user_request = UserRequests( user_guid=self.requester.guid, auth_user_type=self.requester.auth_user_type, request_id=self.request.id, request_user_type=user_type_request.REQUESTER, permissions=Roles.query.filter_by( name=PUBLIC_REQUESTER).first().permissions) create_object(self.user_request)
def create_request( self, user, title=None, description=None, agency_request_summary=None, # TODO: agency_request_summary_release_date agency_ein=None, date_created=None, date_submitted=None, due_date=None, category=None, title_privacy=True, agency_request_summary_privacy=True, submission=None, status=request_status.OPEN, tz_name=current_app.config["APP_TIMEZONE"]): """ Create a request as the supplied user. An anonymous requester will be created if the supplied user is an agency user. :rtype: RequestWrapper """ # check due date if (date_created is not None or date_submitted is not None) and due_date is not None: def assert_date(date, date_var_str): assert ( due_date - date ).days >= 1, "due_date must be at least 1 day after " + date_var_str if date_created is not None: assert_date(date_created, "date_created") if date_submitted is not None: assert_date(date_submitted, "date_submitted") # check agency_ein if (agency_ein is not None or self.agency_ein is not None) \ and user.auth_user_type == user_type_auth.AGENCY_USER: assert (agency_ein or self.agency_ein) == user.agency_ein, \ "user's agency ein must match supplied agency ein" agency_ein = agency_ein or self.agency_ein or user.agency_ein or get_random_agency( ).ein # create dates date_created_local = utc_to_local(date_created or datetime.utcnow(), tz_name) date_submitted_local = date_submitted or get_following_date( date_created_local) due_date = due_date or get_due_date(date_submitted_local, ACKNOWLEDGMENT_DAYS_DUE, tz_name) date_created = date_created or local_to_utc(date_created_local, tz_name) date_submitted = date_submitted or local_to_utc( date_submitted_local, tz_name) # create request request = Requests( generate_request_id(agency_ein), title or fake.title(), description or fake.description(), agency_ein=agency_ein, date_created=date_created or datetime.utcnow(), date_submitted=date_submitted, due_date=due_date, category=category, privacy={ "title": title_privacy, "agency_request_summary": agency_request_summary_privacy }, submission=submission or random.choice(submission_methods.ALL), status=status, ) if agency_request_summary is not None: request.agency_request_summary = agency_request_summary if agency_request_summary_privacy is not None: request.agency_request_summary_release_date = calendar.addbusdays( datetime.utcnow(), RELEASE_PUBLIC_DAYS ) if not agency_request_summary_privacy else None create_object(request) request = RequestWrapper(request, self.agency_user) # create events timestamp = datetime.utcnow() create_object( Events(user_guid=user.guid, auth_user_type=user.auth_user_type, request_id=request.id, type_=event_type.REQ_CREATED, timestamp=timestamp, new_value=request.val_for_events)) if user.is_agency: create_object( Events(user_guid=user.guid, auth_user_type=user.auth_user_type, request_id=request.id, type_=event_type.AGENCY_REQ_CREATED, timestamp=timestamp)) # add users if user.is_public or user.is_anonymous_requester: request.add_user(user) if user.is_agency: # then create and add anonymous requester request.add_user(self.__uf.create_anonymous_user()) for admin in Agencies.query.filter_by( ein=agency_ein).one().administrators: request.add_user(admin) # create request doc now that requester is set request.es_create() return request
def new_request(): """ Create request instance """ request = Requests(new_user()) return request
from flask import request, jsonify, make_response from werkzeug.security import generate_password_hash, check_password_hash from functools import wraps from app import app import os import datetime from functools import wraps import jwt import re import uuid from app.models import User, Requests user_info = User() request_model = Requests() def login_required(f): @wraps(f) def decorated(*args, **kwargs): token = None if 'access-token' not in request.headers: return jsonify({'message': 'Token is missing, login to get token'}), 401 try: token = request.headers['access-token'] data = jwt.decode(token, app.config["SECRET_KEY"]) if data['username'] in user_info.user_token: current_user = user_info.users[data['username']] else:
def create_request(title, description, category, tz_name, agency_ein=None, first_name=None, last_name=None, submission=DIRECT_INPUT, agency_date_submitted_local=None, email=None, user_title=None, organization=None, phone=None, fax=None, address=None, upload_path=None, custom_metadata=None): """ Creates a new FOIL Request and associated Users, UserRequests, and Events. :param title: request title :param description: detailed description of the request :param tz_name: client's timezone name :param agency_ein: agency_ein selected for the request :param first_name: first name of the requester :param last_name: last name of the requester :param submission: request submission method :param agency_date_submitted_local: submission date chosen by agency :param email: requester's email address :param user_title: requester's organizational title :param organization: requester's organization :param phone: requester's phone number :param fax: requester's fax number :param address: requester's mailing address :param upload_path: file path of the validated upload :param custom_metadata: JSON containing all data from custom request forms """ # 1. Generate the request id request_id = generate_request_id(agency_ein) # 2a. Generate Email Notification Text for Agency # agency_email = generate_email_template('agency_acknowledgment.html', request_id=request_id) # 2b. Generate Email Notification Text for Requester # 3a. Send Email Notification Text for Agency # 3b. Send Email Notification Text for Requester # 4a. Calculate Request Submitted Date (Round to next business day) date_created_local = utc_to_local(datetime.utcnow(), tz_name) if current_user.is_agency: date_submitted_local = agency_date_submitted_local else: date_submitted_local = date_created_local # 4b. Calculate Request Due Date (month day year but time is always 5PM, 5 Days after submitted date) due_date = get_due_date(date_submitted_local, ACKNOWLEDGMENT_PERIOD_LENGTH, tz_name) date_created = local_to_utc(date_created_local, tz_name) date_submitted = local_to_utc(date_submitted_local, tz_name) # 5. Create Request request = Requests(id=request_id, title=title, agency_ein=agency_ein, category=category, description=description, date_created=date_created, date_submitted=date_submitted, due_date=due_date, submission=submission, custom_metadata=custom_metadata) create_object(request) guid_for_event = current_user.guid if not current_user.is_anonymous else None # 6. Get or Create User if current_user.is_public: user = current_user else: user = Users(guid=generate_guid(), email=email, first_name=first_name, last_name=last_name, title=user_title or None, organization=organization or None, email_validated=False, terms_of_use_accepted=False, phone_number=phone, fax_number=fax, mailing_address=address, is_anonymous_requester=True) create_object(user) # user created event create_object( Events(request_id, guid_for_event, event_type.USER_CREATED, previous_value=None, new_value=user.val_for_events, response_id=None, timestamp=datetime.utcnow())) if upload_path is not None: # 7. Move file to upload directory upload_path = _move_validated_upload(request_id, upload_path) # 8. Create response object filename = os.path.basename(upload_path) response = Files(request_id, RELEASE_AND_PRIVATE, filename, filename, fu.get_mime_type(upload_path), fu.getsize(upload_path), fu.get_hash(upload_path), is_editable=False) create_object(obj=response) # 8. Create upload Event upload_event = Events(user_guid=user.guid, response_id=response.id, request_id=request_id, type_=event_type.FILE_ADDED, timestamp=datetime.utcnow(), new_value=response.val_for_events) create_object(upload_event) # Create response token if requester is anonymous if current_user.is_anonymous or current_user.is_agency: create_object(ResponseTokens(response.id)) role_to_user = { role.PUBLIC_REQUESTER: user.is_public, role.ANONYMOUS: user.is_anonymous_requester, } role_name = [k for (k, v) in role_to_user.items() if v][0] # (key for "truthy" value) # 9. Create Event timestamp = datetime.utcnow() event = Events(user_guid=user.guid if current_user.is_anonymous else current_user.guid, request_id=request_id, type_=event_type.REQ_CREATED, timestamp=timestamp, new_value=request.val_for_events) create_object(event) if current_user.is_agency: agency_event = Events(user_guid=current_user.guid, request_id=request.id, type_=event_type.AGENCY_REQ_CREATED, timestamp=timestamp) create_object(agency_event) # 10. Create UserRequest for requester user_request = UserRequests( user_guid=user.guid, request_user_type=user_type_request.REQUESTER, request_id=request_id, permissions=Roles.query.filter_by(name=role_name).first().permissions) create_object(user_request) create_object( Events(request_id, guid_for_event, event_type.USER_ADDED, previous_value=None, new_value=user_request.val_for_events, response_id=None, timestamp=datetime.utcnow())) # 11. Create the elasticsearch request doc only if agency has been onboarded agency = Agencies.query.filter_by(ein=agency_ein).one() # 12. Add all agency administrators to the request. if agency.administrators: # b. Store all agency users objects in the UserRequests table as Agency users with Agency Administrator # privileges _create_agency_user_requests(request_id=request_id, agency_admins=agency.administrators, guid_for_event=guid_for_event) # 13. Add all parent agency administrators to the request. if agency != agency.parent: if (agency.parent.agency_features is not None and agency_ein in agency.parent.agency_features.get( 'monitor_agency_requests', []) and agency.parent.is_active and agency.parent.administrators): _create_agency_user_requests( request_id=request_id, agency_admins=agency.parent.administrators, guid_for_event=guid_for_event) # (Now that we can associate the request with its requester AND agency users.) if current_app.config['ELASTICSEARCH_ENABLED'] and agency.is_active: request.es_create() return request_id
def create_request(title, description, category, tz_name, agency_ein=None, first_name=None, last_name=None, submission=DIRECT_INPUT, agency_date_submitted_local=None, email=None, user_title=None, organization=None, phone=None, fax=None, address=None, upload_path=None, custom_metadata=None): """ Creates a new FOIL Request and associated Users, UserRequests, and Events. :param title: request title :param description: detailed description of the request :param tz_name: client's timezone name :param agency_ein: agency_ein selected for the request :param first_name: first name of the requester :param last_name: last name of the requester :param submission: request submission method :param agency_date_submitted_local: submission date chosen by agency :param email: requester's email address :param user_title: requester's organizational title :param organization: requester's organization :param phone: requester's phone number :param fax: requester's fax number :param address: requester's mailing address :param upload_path: file path of the validated upload :param custom_metadata: JSON containing all data from custom request forms """ # 1. Generate the request id request_id = generate_request_id(agency_ein) # 2a. Generate Email Notification Text for Agency # agency_email = generate_email_template('agency_acknowledgment.html', request_id=request_id) # 2b. Generate Email Notification Text for Requester # 3a. Send Email Notification Text for Agency # 3b. Send Email Notification Text for Requester # 4a. Calculate Request Submitted Date (Round to next business day) date_created_local = utc_to_local(datetime.utcnow(), tz_name) if current_user.is_agency: date_submitted_local = agency_date_submitted_local else: date_submitted_local = date_created_local # 4b. Calculate Request Due Date (month day year but time is always 5PM, 5 Days after submitted date) due_date = get_due_date( date_submitted_local, ACKNOWLEDGMENT_PERIOD_LENGTH, tz_name) date_created = local_to_utc(date_created_local, tz_name) date_submitted = local_to_utc(date_submitted_local, tz_name) # 5. Create Request request = Requests( id=request_id, title=title, agency_ein=agency_ein, category=category, description=description, date_created=date_created, date_submitted=date_submitted, due_date=due_date, submission=submission, custom_metadata=custom_metadata ) create_object(request) guid_for_event = current_user.guid if not current_user.is_anonymous else None # 6. Get or Create User if current_user.is_public: user = current_user else: user = Users( guid=generate_guid(), email=email, first_name=first_name, last_name=last_name, title=user_title or None, organization=organization or None, email_validated=False, terms_of_use_accepted=False, phone_number=phone, fax_number=fax, mailing_address=address, is_anonymous_requester=True ) create_object(user) # user created event create_object(Events( request_id, guid_for_event, event_type.USER_CREATED, previous_value=None, new_value=user.val_for_events, response_id=None, timestamp=datetime.utcnow() )) if upload_path is not None: # 7. Move file to upload directory upload_path = _move_validated_upload(request_id, upload_path) # 8. Create response object filename = os.path.basename(upload_path) response = Files(request_id, RELEASE_AND_PRIVATE, filename, filename, fu.get_mime_type(upload_path), fu.getsize(upload_path), fu.get_hash(upload_path), is_editable=False) create_object(obj=response) # 8. Create upload Event upload_event = Events(user_guid=user.guid, response_id=response.id, request_id=request_id, type_=event_type.FILE_ADDED, timestamp=datetime.utcnow(), new_value=response.val_for_events) create_object(upload_event) # Create response token if requester is anonymous if current_user.is_anonymous or current_user.is_agency: create_object(ResponseTokens(response.id)) role_to_user = { role.PUBLIC_REQUESTER: user.is_public, role.ANONYMOUS: user.is_anonymous_requester, } role_name = [k for (k, v) in role_to_user.items() if v][0] # (key for "truthy" value) # 9. Create Event timestamp = datetime.utcnow() event = Events(user_guid=user.guid if current_user.is_anonymous else current_user.guid, request_id=request_id, type_=event_type.REQ_CREATED, timestamp=timestamp, new_value=request.val_for_events) create_object(event) if current_user.is_agency: agency_event = Events(user_guid=current_user.guid, request_id=request.id, type_=event_type.AGENCY_REQ_CREATED, timestamp=timestamp) create_object(agency_event) # 10. Create UserRequest for requester user_request = UserRequests(user_guid=user.guid, request_user_type=user_type_request.REQUESTER, request_id=request_id, permissions=Roles.query.filter_by( name=role_name).first().permissions) create_object(user_request) create_object(Events( request_id, guid_for_event, event_type.USER_ADDED, previous_value=None, new_value=user_request.val_for_events, response_id=None, timestamp=datetime.utcnow() )) # 11. Create the elasticsearch request doc only if agency has been onboarded agency = Agencies.query.filter_by(ein=agency_ein).one() # 12. Add all agency administrators to the request. if agency.administrators: # b. Store all agency users objects in the UserRequests table as Agency users with Agency Administrator # privileges _create_agency_user_requests(request_id=request_id, agency_admins=agency.administrators, guid_for_event=guid_for_event) # 13. Add all parent agency administrators to the request. if agency != agency.parent: if ( agency.parent.agency_features is not None and agency_ein in agency.parent.agency_features.get('monitor_agency_requests', []) and agency.parent.is_active and agency.parent.administrators ): _create_agency_user_requests(request_id=request_id, agency_admins=agency.parent.administrators, guid_for_event=guid_for_event) # (Now that we can associate the request with its requester AND agency users.) if current_app.config['ELASTICSEARCH_ENABLED'] and agency.is_active: request.es_create() return request_id