def post(self):
data = request.get_json()
name = data['name']
optional = parse_optional_parameters(data)
optional["position"] = parse_position(data)
if optional["link"]:
if not (len(optional["link"]) <= 200):
abort(400, __error__=[u'Maks lengde for lenke er 200 tegn'])
if not (optional["link"].strip().startswith('http://') or optional["link"].strip().startswith('https://')):
abort(400, __error__=[u'Lenke må starte med http eller https'])
if 'contact_person' in data:
optional['contact_person'] = parse_contact_person(data)
if 'facility_type' in data and 'id' in data['facility_type']:
optional['facility_type'] = parse_facility_type(data)
if 'unit_type' in data and 'id' in data['unit_type']:
optional['unit_type'] = parse_unit_type(data)
fac = Facility(name, **optional)
fac.amenities = parse_dict(data, "amenities")
fac.accessibility = parse_dict(data, "accessibility")
fac.equipment = parse_dict(data, "equipment")
fac.suitability = parse_dict(data, "suitability")
fac.facilitators = parse_dict(data, "facilitators")
if 'is_deleted' in data:
fac.is_deleted = data['is_deleted']
if 'is_published' in data:
fac.is_published = data['is_published']
current_app.db_session.add(fac)
current_app.db_session.commit()
current_app.db_session.refresh(fac)
# Make sure the user who created the facility is allowed to edit it
user_id = repo.get_user_id_for_user(cookies=request.cookies)
if user_id:
added_credentials = repo.add_edit_credentials(user_id, fac.id, request.cookies)
if fac.id and added_credentials:
return marshal(fac, facility_fields_admin), 201
# If we were NOT successful all the way above, we have to delete the facility
try:
current_app.db_session.delete(fac)
current_app.db_session.commit()
except:
current_app.logger.warn(
"Not able to delete facility#id " + str(fac.id) + ", after updating credentials failed.")
pass
abort(500, __error__=["Error creating facility."])
else:
return marshal(fac, facility_fields_admin), 201
def validate(self, f, *args, **kwargs):
if kwargs.get("facility_id", None): # the normal case: a faility
facility_id = kwargs["facility_id"]
elif kwargs.get("image_id", None): # an image related to a facility
image = current_app.db_session.query(Image).get(kwargs["image_id"])
facility_id = image.facility_id
elif kwargs.get("document_id", None): # a document related to a facility
document = current_app.db_session.query(Document).get(kwargs["document_id"])
facility_id = document.facility_id
elif request.form.get('facilityId', None): # POST image/document with facility id in form
facility_id = request.form.get('facilityId')
#this should cover all cases where this decorator is used
user_id = repo.get_user_id_for_user(cookies=request.cookies)
valid = user_id and repo.can_user_edit_facility(user_id, facility_id,
cookies=request.cookies)
if not valid:
self.fail("You do not have privileges to edit facility %s." % facility_id,
f, 403, None, *args, **kwargs)
def validate(self, f, *args, **kwargs):
user_id = repo.get_user_id_for_user(cookies=request.cookies)
valid = user_id and repo.can_user_create_facility(user_id, cookies=request.cookies)
if not valid:
self.fail("You do not have privileges to create a facility.",
f, 403, None, *args, **kwargs)
