Exemplo n.º 1
0
def add_users_to_groups(data, db_session, username):
    logger.info(LogMsg.START, username)

    if username not in ADMINISTRATORS:
        logger.error(LogMsg.NOT_ACCESSED, {'username': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    users = set(data.get('users'))
    groups = set(data.get('groups'))

    validate_users(users, db_session)
    validate_groups(groups, db_session)
    final_res = {}
    for group_id in groups:
        result = []
        for user_id in users:
            if user_is_in_group(user_id, group_id, db_session):
                logger.error(LogMsg.GROUP_USER_IS_IN_GROUP,
                             {'user_id': user_id, 'group_id': group_id})
                raise Http_error(409, Message.ALREADY_EXISTS)
            result.append(
                model_to_dict(add(user_id, group_id, db_session, username)))
        final_res.update({group_id: result})

    logger.info(LogMsg.END)
    return final_res
def delete_group_permissions(data, db_session, username):
    logger.info(LogMsg.START, username)

    schema_validate(data, A_GROUP_ADD_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    group_id = data.get('group_id')
    permissions = data.get('permissions')

    group = get_group(group_id, db_session, username)
    if group is None:
        logger.error(LogMsg.NOT_FOUND, {'group_id': group_id})
        raise Http_error(404, Message.NOT_FOUND)

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    validate_permissions_and_access(username,
                                    db_session,
                                    'GROUP_PERMISSION_DELETE',
                                    model=group,
                                    access_level=Access_level.Premium)
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    result = []
    for permission_id in permissions:
        if not group_has_permission(permission_id, group_id, db_session):
            logger.error(LogMsg.PERMISSION_NOT_HAS_GROUP, {
                'permission_id': permission_id,
                'group_id': group_id
            })
            raise Http_error(404, Message.PERMISSION_NOT_FOUND)
        delete_permission_for_group(permission_id, group_id, db_session,
                                    username)

    logger.info(LogMsg.END)
    return result
Exemplo n.º 3
0
def delete(id, db_session, username=None):
    logger.info(LogMsg.START)

    order_item = get(id, db_session)
    if order_item is None:
        logger.error(LogMsg.NOT_FOUND, {'order_item_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    order = get_order(order_item.order_id, db_session)
    if order is None:
        logger.error(LogMsg.NOT_FOUND, {'order_id': order_item.order_id})
        raise Http_error(404, Message.NOT_FOUND)

    if username is not None:

        logger.debug(LogMsg.PERMISSION_CHECK, username)
        validate_permissions_and_access(username, db_session,
                                        'ORDER_ITEM_GET', model=order_item,
                                        access_level=Access_level.Premium)
        logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    try:
        db_session.delete(order_item)
        logger.debug(LogMsg.ORDER_ITEM_DELETED, id)
        new_order = calc_total_price_order(order.id, db_session)
        logger.debug(LogMsg.ORDER_CALC_PRICE,
                     order_to_dict(new_order, db_session, username))
    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(404, Message.DELETE_FAILED)
    logger.info(LogMsg.END)

    return Http_response(204, True)
Exemplo n.º 4
0
def delete(id, db_session, username):
    logger.info(LogMsg.START, username)

    logger.info(LogMsg.DELETE_REQUEST, {'group_id': id})

    user = check_user(username, db_session)

    per_data = {}
    permissions, presses = get_user_permissions(username, db_session)
    if is_admin_member(user.person_id, id, db_session):
        per_data.update({Permissions.IS_OWNER.value: True})
    has_permission([Permissions.DISCUSSION_GROUP_PREMIUM], permissions, None,
                   per_data)
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    model_instance = db_session.query(DiscussionGroup).filter(
        DiscussionGroup.id == id).first()
    if model_instance is None:
        logger.error(LogMsg.NOT_FOUND, {'group_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    try:
        delete_group_members(model_instance.id, db_session, username)
        logger.debug(LogMsg.DISCUSSION_GROUP_OLD_MEMBERS_DELETED)

        db_session.delete(model_instance)
        logger.debug(LogMsg.DISCUSSION_GROUP_DELETE, id)

    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(500, LogMsg.DELETE_FAILED)

    logger.info(LogMsg.END)

    return Http_response(204, True)
Exemplo n.º 5
0
def delete(tag_title, db_session, username):
    logging.info(
        Msg.START + 'user is {}  '.format(username) + 'tag_title= {}'.format(
            tag_title))
    if username != admin:
        logging.error(Msg.NOT_ACCESSED)
        raise Http_error(401, {'username': Msg.NOT_ACCESSED})

    logging.debug(Msg.DELETE_REQUEST + 'tag_title= {}'.format(tag_title))

    logging.debug(Msg.MODEL_GETTING)

    model_instance = db_session.query(Tag).filter(
        Tag.title == tag_title).first()
    if model_instance is None:
        logging.error(
            Msg.NOT_FOUND + ' tag by id = {}'.format(tag_title))
        raise Http_error(404, {tag_title: Msg.INVALID_TAG})

    db_session.query(Tag).filter(Tag.title == tag_title).delete()

    logging.debug(Msg.DELETE_SUCCESS)

    logging.info(Msg.END)

    return {}
Exemplo n.º 6
0
def get(id, db_session, username=None):
    logger.info(LogMsg.START, username)
    model_instance = db_session.query(GroupUser).filter(
        GroupUser.id == id).first()
    if model_instance is None:
        logger.debug(LogMsg.MODEL_GETTING_FAILED)
        raise Http_error(404, Message.NOT_FOUND)

    if username is not None:
        permissions, presses = get_user_permissions(username, db_session)

        user = check_user(username, db_session)

        permit = has_permission_or_not(
            [Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions)
        if not permit:
            press_permit = has_permission_or_not(
                [Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions)
            if not (press_permit and (user_is_in_group(
                    user.id, model_instance.group_id, db_session))):
                logger.error(LogMsg.PERMISSION_DENIED,
                             {'PERMISSION_GROUP_USER_GET': username})
                raise Http_error(403, Message.ACCESS_DENIED)

    logger.debug(LogMsg.MODEL_GETTING)

    logger.info(LogMsg.END)

    return group_user_to_dict(model_instance)
Exemplo n.º 7
0
def delete(id, db_session, username, **kwargs):
    logger.info(LogMsg.START)
    permission_data = {}
    logger.debug(LogMsg.RATE_CHECK)
    model_instance = db_session.query(Rate).filter(Rate.id == id).first()
    if model_instance:
        logger.debug(LogMsg.RATE_EXISTS,model_to_dict(model_instance))
    else:
        logger.debug(LogMsg.RATE_NOT_EXISTS,{'rate_id':id})
        raise Http_error(404, Message.NOT_FOUND)

    user = check_user(username, db_session)
    if user is None:
        raise Http_error(400, Message.INVALID_USER)
    if user.person_id is None:
        logger.error(LogMsg.USER_HAS_NO_PERSON)
        raise Http_error(400, Message.Invalid_persons)

    if model_instance.person_id == user.person_id:
        permission_data = {Permissions.IS_OWNER.value:True}
    permissions,presses = get_user_permissions(username, db_session)
    has_permission([Permissions.RATE_DELETE_PREMIUM], permissions,None,permission_data)

    try:
        db_session.query(Rate).filter(Rate.id == id).delete()
        logger.debug(LogMsg.RATE_DELETED,{'rate_id':id})

    except:
        logger.exception(LogMsg.DELETE_FAILED,exc_info=True)
        raise Http_error(404, Message.DELETE_FAILED)
    logger.info(LogMsg.END)
    return {}
Exemplo n.º 8
0
    def add(self,
            db_session,
            data,
            username,
            schema_checked=False,
            permission_checked=False):
        logger.info(LogMsg.START, username)

        if username is not None and username == SIGNUP_USER:
            permission_checked = True
        cell_no = data.get('cell_no')
        query_data = dict(filter=dict(cell_no=cell_no))
        if cell_no:
            user_by_cell = super(PersonController,
                                 self).get_by_data(query_data, db_session)
            if user_by_cell is not None:
                logger.error(LogMsg.ALREADY_EXISTS, {'cell_no': cell_no})
                raise Http_error(409, Message.ALREADY_EXISTS)

        email = data.get('email')

        if email:
            query_data = dict(filter=dict(email=email))
            user_by_email = super(PersonController,
                                  self).get_by_data(query_data, db_session)
            if user_by_email is not None:
                raise Http_error(409, Message.ALREADY_EXISTS)

        model_instance = super(PersonController,
                               self).add(data, db_session, username,
                                         schema_checked, permission_checked)
        account_controller.add_initial_account(model_instance.id, db_session,
                                               username)
        logger.info(LogMsg.END)
        return model_instance.to_dict()
Exemplo n.º 9
0
def get_all(db_session, username):
    logger.info(LogMsg.START, username)

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    permission_result = validate_permissions_and_access(
        username, db_session, 'PERMISSION_GET')
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    access_type = permission_result.get('access_type')
    if access_type == 'Normal':
        logger.error(LogMsg.PERMISSION_DENIED,
                     '{} is a normal_user'.format(username))
        raise Http_error(403, Message.ACCESS_DENIED)

    try:
        result = db_session.query(Permission).all()
        logger.debug(LogMsg.GET_SUCCESS)
    except:
        logger.error(LogMsg.GET_FAILED)
        raise Http_error(500, LogMsg.GET_FAILED)
    final_res = []
    if access_type == 'Press':
        for model in result:
            if not 'PREMIUM' in model.permission:
                final_res.append(model)
        return final_res

    logger.debug(LogMsg.END)
    return result
Exemplo n.º 10
0
def get_by_id(id, db_session, username):
    logger.info(LogMsg.START, username)

    user = check_user(username, db_session)

    if user.person_id is None:
        logger.error(LogMsg.PERSON_NOT_EXISTS, username)

        raise Http_error(404, Message.Invalid_persons)

    validate_person(user.person_id, db_session)
    logger.debug(LogMsg.PERSON_EXISTS, username)

    try:
        logger.debug(LogMsg.GETTING_ACCOUNT_BY_ID, id)
        result = db_session.query(Account).filter(
            and_(Account.person_id == user.person_id, Account.id == id)).first()
        if result is None:
            logger.debug(LogMsg.ACCOUNT_BY_ID_IS_NOT_FOR_PERSON,
                         {'account_id': id, 'person_id': user.person_id})
    except:
        logger.error(LogMsg.GET_FAILED, exc_info=True)
        raise Http_error(404, Message.NOT_FOUND)
    logger.info(LogMsg.END)

    return account_to_dict(result)
Exemplo n.º 11
0
def get_follower_list(data, username, db_session):
    logger.info(LogMsg.START, username)

    result = []

    user = check_user(username, db_session)
    if user is None:
        raise Http_error(400, Message.INVALID_USER)

    if user.person_id is None:
        logger.error(LogMsg.USER_HAS_NO_PERSON, username)
        raise Http_error(400, Message.Invalid_persons)

    validate_person(user.person_id, db_session)
    logger.debug(LogMsg.PERSON_EXISTS)

    if data.get('sort') is None:
        data['sort'] = ['creation_date-']

    if data.get('filter') is None:
        data.update({'filter': {'following_id': user.person_id}})
    else:
        data['filter'].update({'following_id': user.person_id})

    res = Follow.mongoquery(db_session.query(Follow)).query(**data).end().all()
    for item in res:
        result.append(follow_to_dict(item))
    logger.debug(LogMsg.FOLLOWER_LIST, result)
    logger.info(LogMsg.END)

    return result
Exemplo n.º 12
0
def delete(id, db_session, username):
    logger.info(LogMsg.START, username)

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    validate_permissions_and_access(username, db_session, 'ACCOUNT_DELETE',
                                    access_level=Access_level.Premium)
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    user = check_user(username, db_session)
    if user is None:
        logger.error(LogMsg.INVALID_USER, username)

        raise Http_error(404, Message.INVALID_USER)

    if user.person_id is None:
        logger.error(LogMsg.PERSON_NOT_EXISTS, username)

        raise Http_error(404, Message.Invalid_persons)

    validate_person(user.person_id, db_session)
    logger.debug(LogMsg.PERSON_EXISTS, username)

    try:
        logger.debug(LogMsg.DELETE_ACCOUNT_BY_ID, id)
        db_session.query(Account).filter(
            and_(Account.person_id == user.person_id, Account.id == id)
        ).delete()
    except:
        logger.error(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(404, Message.NOT_FOUND)
    logger.info(LogMsg.END)

    return Http_response(204, True)
Exemplo n.º 13
0
def delete_all(username, db_session):
    logger.info(LogMsg.START, username)

    validate_permissions_and_access(username, db_session, 'ACCOUNT_DELETE',
                                    access_level=Access_level.Premium)

    user = check_user(username, db_session)

    if user.person_id is None:
        logger.error(LogMsg.PERSON_NOT_EXISTS, username)

        raise Http_error(404, Message.Invalid_persons)

    validate_person(user.person_id, db_session)
    logger.debug(LogMsg.PERSON_EXISTS, username)

    try:
        logger.debug(LogMsg.DELETE_USER_ALL_ACCOUNTS, username)

        db_session.query(Account).filter(
            Account.person_id == user.person_id).delete()
    except:
        logger.error(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(404, Message.NOT_FOUND)
    logger.info(LogMsg.END)

    return Http_response(204, True)
Exemplo n.º 14
0
def add_group_users(data, db_session, username):
    logger.info(LogMsg.START, username)

    if username not in ADMINISTRATORS:
        logger.error(LogMsg.NOT_ACCESSED, {'username': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    group_id = data.get('group_id')

    users = data.get('users')

    validate_group(group_id, db_session)
    result = []
    for user_id in users:
        if user_is_in_group(user_id, group_id, db_session):
            logger.error(LogMsg.GROUP_USER_IS_IN_GROUP,
                         {'user_id': user_id, 'group_id': group_id})
            raise Http_error(409, Message.ALREADY_EXISTS)
        result.append(add(user_id, group_id, db_session, username))
    final_res = []
    for item in result:
        final_res.append(group_user_to_dict(item))

    logger.info(LogMsg.END)
    return final_res
Exemplo n.º 15
0
def delete_collection(data, db_session, username):
    title = data.get('title')
    logger.info(LogMsg.START, username)

    user = check_user(username, db_session)
    if user is None:
        raise Http_error(400, Message.INVALID_USER)

    if user.person_id is None:
        logger.error(LogMsg.USER_HAS_NO_PERSON, username)
        raise Http_error(400, Message.Invalid_persons)

    validate_person(user.person_id, db_session)
    logger.debug(LogMsg.PERSON_EXISTS)

    try:
        if not collection_exists(title, user.person_id, db_session):
            logger.error(LogMsg.NOT_FOUND, {
                'collection_title': title,
                'person_id': user.person_id
            })
            raise Http_error(404, Message.NOT_FOUND)
        logger.debug(LogMsg.COLLECTION_DELETE, title)
        result = delete_collection_constraints(title, user.person_id,
                                               db_session)
        stmt = Collection.__table__.delete().where(Collection.id.in_(result))

        db_session.execute(stmt)

    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(502, Message.DELETE_FAILED)
    logger.info(LogMsg.END)
    return Http_response(204, True)
Exemplo n.º 16
0
def get(id, db_session, username=None):
    logger.info(LogMsg.START, username)
    limited_permissions = False

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    permission_result = validate_permissions_and_access(
        username, db_session, 'PERMISSION_GET')
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    access_type = permission_result.get('access_type')
    if access_type == 'Normal':
        logger.error(LogMsg.PERMISSION_DENIED,
                     '{} is a normal_user'.format(username))
        raise Http_error(403, Message.ACCESS_DENIED)

    logger.debug(LogMsg.MODEL_GETTING)
    model_instance = db_session.query(Permission).filter(
        Permission.id == id).first()
    if model_instance:
        logger.debug(LogMsg.GET_SUCCESS, model_to_dict(model_instance))

    else:
        logger.debug(LogMsg.MODEL_GETTING_FAILED)
        raise Http_error(404, Message.NOT_FOUND)
    if access_type == 'Press':
        if 'PREMIUM' in model_instance.permission:
            logger.error(LogMsg.PERMISSION_DENIED,
                         {'premium_permission_id': id})
            raise Http_error(403, Message.ACCESS_DENIED)

    logger.info(LogMsg.END)

    return model_instance
Exemplo n.º 17
0
def delete(id, db_session, username):
    logger.info(LogMsg.START, username)

    logger.info(LogMsg.DELETE_REQUEST, id)

    logger.debug(LogMsg.MODEL_GETTING, id)
    model_instance = db_session.query(BookRole).filter(
        BookRole.id == id).first()
    if model_instance is None:
        logger.error(LogMsg.NOT_FOUND, id)
        raise Http_error(404, Message.NOT_FOUND)

    try:
        db_session.delete(model_instance)
        unique_connector = get_connector(id, db_session)
        if unique_connector:
            logger.debug(LogMsg.DELETE_UNIQUE_CONSTRAINT)
            delete_uniquecode(unique_connector.UniqueCode, db_session)
            delete_connector(id, db_session)

        logger.debug(LogMsg.ENTITY_DELETED, id)

    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(500, Message.DELETE_FAILED)

    logger.info(LogMsg.END)
    return Http_response(204, True)
Exemplo n.º 18
0
def edit(id, db_session, data, username):
    logger.info(LogMsg.START, username)

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    validate_permissions_and_access(username,
                                    db_session,
                                    'PERMISSION_EDIT',
                                    access_level=Access_level.Premium)
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    logger.debug(LogMsg.EDIT_REQUST, {'permission_id': id, 'data': data})
    schema_validate(data, PERMISSION_EDIT_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    model_instance = db_session.query(Permission).filter(
        Permission.id == id).first()
    if model_instance:
        logger.debug(LogMsg.MODEL_GETTING)
    else:
        logger.debug(LogMsg.MODEL_GETTING_FAILED, {'permission_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    try:
        for key, value in data.items():
            setattr(model_instance, key, value)
        edit_basic_data(model_instance, username, data.get('tags'))

        logger.debug(LogMsg.MODEL_ALTERED, model_to_dict(model_instance))

    except:
        logger.exception(LogMsg.EDIT_FAILED, exc_info=True)
        raise Http_error(409, Message.ALREADY_EXISTS)

    logger.info(LogMsg.END)
    return model_instance
Exemplo n.º 19
0
def delete(id, db_session, username):
    logger.info(LogMsg.START, username)
    user = check_user(username, db_session)

    logger.info(LogMsg.DELETE_REQUEST, {'group_user_id': id})
    model_instance = db_session.query(GroupUser).filter(
        GroupUser.id == id).first()

    if model_instance is None:
        logger.error(LogMsg.NOT_FOUND, {'group_user_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    permissions, presses = get_user_permissions(username, db_session)

    permit = has_permission_or_not(
        [Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions)
    if not permit:
        press_permit = has_permission_or_not(
            [Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions)
        if not (press_permit and
                (model_instance.group.person_id == user.person_id)):
            logger.error(LogMsg.PERMISSION_DENIED,
                         {'PERMISSION_GROUP_USER_DELETE': username})
            raise Http_error(403, Message.ACCESS_DENIED)

    try:
        db_session.delete(model_instance)
    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(500, LogMsg.DELETE_FAILED)

    logger.info(LogMsg.END)

    return Http_response(204, True)
Exemplo n.º 20
0
def edit(direct_id, db_session, data, username):
    logging.info(Msg.START + " user is {}".format(username))
    if "id" in data.keys():
        del data["id"]

    logging.debug(Msg.EDIT_REQUST)

    model_instance = get(direct_id, db_session, username)
    if model_instance:
        logging.debug(Msg.MODEL_GETTING)
    else:
        logging.debug(Msg.MODEL_GETTING_FAILED)
        raise Http_error(404, {'message': Msg.NOT_FOUND})

    if model_instance.sender != username:
        logging.error(Msg.ALTERING_AUTHORITY_FAILED)
        raise Http_error(403, {'sender': Msg.ALTERING_AUTHORITY_FAILED})

    model_instance.modification_date = Now()
    model_instance.modifier = username
    model_instance.message = data.get('message')

    logging.debug(Msg.MODEL_ALTERED)

    logging.debug(Msg.EDIT_SUCCESS + json.dumps(model_to_dict(model_instance)))

    logging.info(Msg.END)

    return model_instance
Exemplo n.º 21
0
def edit(id, data, db_session, username):
    logger.info(LogMsg.START)
    permission_data = {}

    user = check_user(username, db_session)
    if user is None:
        raise Http_error(400, Message.INVALID_USER)

    if user.person_id is None:
        logger.error(LogMsg.USER_HAS_NO_PERSON,username)
        raise Http_error(400, Message.Invalid_persons)

    logger.debug(LogMsg.RATE_CHECK,{'rate_id':id})
    model_instance = db_session.query(Rate).filter(Rate.id == id).first()

    if model_instance:

        logger.debug(LogMsg.RATE_EXISTS,model_to_dict(model_instance))
    else:
        logger.error(LogMsg.RATE_NOT_EXISTS,{'rate_id':id})
        raise Http_error(404, Message.NOT_FOUND)

    if model_instance.person_id == user.person_id:
        permission_data = {Permissions.IS_OWNER.value:True}
    permissions,presses = get_user_permissions(username, db_session)
    has_permission([Permissions.RATE_EDIT_PREMIUM], permissions,None,permission_data)

    model_instance.rate = data.get('rate')
    edit_basic_data(model_instance,username,data.get('tags'))

    logger.debug(LogMsg.RATE_CHANGED,model_to_dict(model_instance))
    logger.info(LogMsg.END)

    return model_instance
Exemplo n.º 22
0
    def pay(self, id, db_session, username=None):
        logger.info(LogMsg.START, username)
        receipt = self.internal_get(id, db_session, username)
        if receipt is None:
            raise Http_error(404, Message.NOT_FOUND)
        if receipt.status == 'Paid':
            raise Http_error(409, Message.ALREADY_PAID)

        if username is None:
            #       paypal pay
            pass
        else:
            user = check_user(username, db_session)
            receipt.payer_id = user.person_id

            account = account_controller.get(user.person_id, 'Main',
                                             db_session)
            if account is None:
                logger.error(LogMsg.NOT_FOUND, {'person_id': user.person_id})
                raise Http_error(404, Message.USER_HAS_NO_ACCOUNT)

            if account.value < receipt.total_payment:
                #     paypal pay
                pass
            else:
                account.value -= receipt.total_payment

            transaction_data = {
                'account_id': account.id,
                'debit': receipt.total_payment
            }
            transaction.internal_add(transaction_data, db_session)

        receipt.status = 'Paid'
        return receipt.to_dict()
Exemplo n.º 23
0
def add(data, username, db_session):
    if username != admin:
        logging.error(Msg.NOT_ACCESSED)
        raise Http_error(401, {'username': Msg.NOT_ACCESSED})

    logging.info(Msg.START)

    title = data.get('title')
    if title is None:
        logging.error(Msg.DATA_MISSING + ' title')
        raise Http_error(400, {'title': Msg.DATA_MISSING})

    tag = db_session.query(Tag).filter(
        Tag.title == title).first()
    if tag:
        logging.error(Msg.NOT_UNIQUE + '  title already exists')
        raise Http_error(409, {'title': Msg.NOT_UNIQUE})

    model_instance = Tag()
    model_instance.title = title
    model_instance.id = str(uuid4())
    model_instance.creation_date = Now()
    model_instance.creator = username

    logging.debug(Msg.DATA_ADDITION + "  || Data :" + json.dumps(data))

    db_session.add(model_instance)

    logging.debug(Msg.DB_ADD)

    logging.info(Msg.END)

    return model_instance
Exemplo n.º 24
0
def delete(id, db_session, username=None):
    logger.info(LogMsg.START, username)

    order = internal_get(id, db_session)
    if order is None:
        logger.error(LogMsg.NOT_FOUND, {'order_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    permissions, presses = get_user_permissions(username, db_session)
    per_data = {}
    if order.creator == username:
        per_data.update({Permissions.IS_OWNER.value:True})
    has_permission(
        [Permissions.ORDER_DELETE_PREMIUM], permissions,None,per_data)
    logger.debug(LogMsg.PERMISSION_VERIFIED)

    if order.status == OrderStatus.Invoiced:
        logger.error(LogMsg.ORDER_NOT_EDITABLE,
                     order_to_dict(order, db_session, username))
        raise Http_error(403, Message.ORDER_INVOICED)

    try:
        logger.debug(LogMsg.ORDER_ITEMS_DELETE, {'order_id': id})
        delete_orders_items_internal(order.id, db_session)
        logger.debug(LogMsg.ORDER_DELETE, {'order_id': id})
        db_session.delete(order)
    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(404, Message.DELETE_FAILED)
    logger.info(LogMsg.END)
    return Http_response(204, True)
def add(permission_id, group_id, db_session, username):
    logger.info(LogMsg.START, username)

    user = check_user(username, db_session)
    group = get_group(group_id, db_session, username=None)
    permission = get_permission(permission_id, db_session)
    if user.person_id != group.person_id:
        logger.error(LogMsg.PERMISSION_DENIED,
                     {'add_permission_to_group_be user': username})
        raise Http_error(403, Message.ACCESS_DENIED)

    if group_has_permission(permission_id, group_id, db_session):
        logger.error(LogMsg.PERMISSION_GROUP_ALREADY_HAS)
        raise Http_error(409, Message.ALREADY_EXISTS)

    permissions, presses = get_user_permissions(username, db_session)

    if permission.permission not in permissions:
        logger.error(LogMsg.PREMIUM_PERMISSION_ADDITION_RESTRICTION, username)
        raise Http_error(403, Message.ACCESS_DENIED)

    model_instance = GroupPermission()
    populate_basic_data(model_instance, username)
    logger.debug(LogMsg.POPULATING_BASIC_DATA)
    model_instance.group_id = group_id
    model_instance.permission_id = permission_id

    db_session.add(model_instance)

    logger.info(LogMsg.END)
    return model_instance
Exemplo n.º 26
0
def get_user_orders(data, db_session, username=None):
    logger.info(LogMsg.START, username)

    if data.get('sort') is None:
        data['sort'] = ['creation_date-']

    user = check_user(username, db_session)
    if user is None:
        raise Http_error(400, Message.INVALID_USER)

    if user.person_id is None:
        logger.error(LogMsg.USER_HAS_NO_PERSON, username)
        raise Http_error(400, Message.Invalid_persons)


    if data.get('filter') is None:
        data.update({'filter':{'person_id':user.person_id}})
    else:
        data['filter'].update({'person_id':user.person_id})

    result = Order.mongoquery(
            db_session.query(Order)).query(
            **data).end().all()

    res = []
    for item in result:
        res.append(order_to_dict(item, db_session, username))
    logger.debug(LogMsg.ORDER_USER_ORDERS, res)
    logger.info(LogMsg.END)

    return res
def delete(id, db_session, username):
    logger.info(LogMsg.START, username)

    logger.info(LogMsg.DELETE_REQUEST, {'group_permission_id': id})

    model_instance = db_session.query(GroupPermission).filter(
        GroupPermission.id == id).first()
    if model_instance is None:
        logger.error(LogMsg.NOT_FOUND, {'group_permission_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    group = get_group(model_instance.group_id, db_session, username=None)

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    validate_permissions_and_access(username,
                                    db_session,
                                    'GROUP_PERMISSION_DELETE',
                                    model=group,
                                    access_level=Access_level.Premium)
    logger.debug(LogMsg.PERMISSION_VERIFIED, username)

    try:
        db_session.delete(model_instance)
    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(500, LogMsg.DELETE_FAILED)

    logger.info(LogMsg.END)

    return Http_response(204, True)
Exemplo n.º 28
0
def delete(id, db_session, username, **kwargs):
    logger.info(LogMsg.START)
    logger.debug(LogMsg.RATE_CHECK)
    model_instance = db_session.query(Rate).filter(Rate.id == id).first()
    if model_instance:
        logger.debug(LogMsg.RATE_EXISTS, model_to_dict(model_instance))
    else:
        logger.debug(LogMsg.RATE_NOT_EXISTS, {'rate_id': id})
        raise Http_error(404, Message.NOT_FOUND)

    logger.debug(LogMsg.PERMISSION_CHECK, username)
    validate_permissions_and_access(username,
                                    db_session,
                                    'RATE_DELETE',
                                    model=model_instance)
    logger.debug(LogMsg.PERMISSION_VERIFIED)

    try:
        db_session.delete(model_instance)
        logger.debug(LogMsg.RATE_DELETED, {'rate_id': id})

    except:
        logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
        raise Http_error(404, Message.DELETE_FAILED)
    logger.info(LogMsg.END)
    return {}
Exemplo n.º 29
0
def add(data, db_session, username):
    logger.info(LogMsg.START, username)

    schema_validate(data,ITEM_ADD_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    book_id = data.get('book_id')

    person_id = data.get('person_id')
    if person_id is None:
        logger.error(LogMsg.DATA_MISSING, 'person_id')

    if is_book_in_library(person_id, book_id, db_session):
        logger.error(LogMsg.ALREADY_IS_IN_LIBRARY, {'book_id': book_id})
        raise Http_error(409, Message.ALREADY_EXISTS)

    book = get_book(book_id, db_session)
    if book is None:
        logger.error(LogMsg.NOT_FOUND, {'book_id': book_id})
        raise Http_error(404, Message.NOT_FOUND)

    if book.type.name in ONLINE_BOOK_TYPES :
        if data.get('count') > 1:
            logger.error(LogMsg.BOOK_ONLINE_TYPE_COUNT_LIMITATION)
            raise Http_error(400, Message.ONLINE_BOOK_COUNT_LIMITATION)

        content_id = book_has_content(book_id,'Original',db_session)
        if not content_id:
            logger.error(LogMsg.CONTENT_NOT_FOUND,{'book_id':book_id})
            raise Http_error(404,Message.BOOK_HAS_NO_CONTENT)

        if not is_generated(content_id):
            logger.error(LogMsg.CONTENT_NOT_GENERATED, {'content_id': content_id})
            raise Http_error(404, Message.BOOK_NOT_GENERATED)

    model_instance = OrderItem()

    populate_basic_data(model_instance, username)
    logger.debug(LogMsg.POPULATING_BASIC_DATA)
    model_instance.order_id = data.get('order_id')
    model_instance.book_id = book_id
    model_instance.count = data.get('count')
    # TODO discount not imposed yet
    model_instance.discount = data.get('discount', 0.0)
    model_instance.description = data.get('description')
    model_instance.price_detail = data.get('price_detail')

    model_instance.unit_price = get_book_price_internal(model_instance.book_id,
                                                        db_session)
    logger.debug(LogMsg.ORDER_ITEM_UNIT_PRICE, model_instance.unit_price)

    model_instance.net_price = calc_net_price(model_instance.unit_price,
                                              model_instance.count,
                                              model_instance.discount)
    logger.debug(LogMsg.ORDER_ITEM_NET_PRICE, model_instance.net_price)

    db_session.add(model_instance)
    logger.info(LogMsg.END)

    return model_instance
Exemplo n.º 30
0
def reset_pass(data, db_session):
    logger.info(LogMsg.START, data)
    schema_validate(data, RESET_PASS_SCHEMA_PATH)
    logger.debug(LogMsg.SCHEMA_CHECKED)

    cell_no = data.get('cell_no')
    redis_key = 'PASS_{}'.format(cell_no)
    code = redis.get(redis_key)
    if code is None:
        logger.error(LogMsg.REGISTER_KEY_DOESNT_EXIST)
        raise Http_error(404, Message.INVALID_CODE)

    code = code.decode("utf-8")
    if (code is None) or (code != data.get('code')):
        logger.error(LogMsg.REGISTER_KEY_INVALID)
        raise Http_error(409, Message.INVALID_CODE)

    user = check_by_cell_no(cell_no, db_session)

    if user:
        user.password = data.get('password')

        logger.debug(LogMsg.USER_PASSWORD_RESET, user_to_dict(user))
        logger.info(LogMsg.END)

        return data

    logger.error(LogMsg.NOT_FOUND, data)
    raise Http_error(404, Message.INVALID_USER)