def ticket_attendee_authorized(order_identifier): if current_user: try: order = Order.query.filter_by(identifier=order_identifier).first() except NoResultFound: return NotFoundError({ 'source': '' }, 'This ticket is not associated with any order').respond() if current_user.can_download_tickets(order): key = UPLOAD_PATHS['pdf']['tickets_all'].format( identifier=order_identifier) file_path = ( '../generated/tickets/{}/{}/'.format(key, generate_hash(key)) + order_identifier + '.pdf') try: return return_file('ticket', file_path, order_identifier) except FileNotFoundError: create_pdf_tickets_for_holder(order) return return_file('ticket', file_path, order_identifier) else: return ForbiddenError({ 'source': '' }, 'Unauthorized Access').respond() else: return ForbiddenError({ 'source': '' }, 'Authentication Required to access ticket').respond()
def order_invoices(order_identifier): if current_user: try: order = Order.query.filter_by(identifier=order_identifier).first() except NoResultFound: return NotFoundError({ 'source': '' }, 'Order Invoice not found').respond() if current_user.can_download_tickets(order): key = UPLOAD_PATHS['pdf']['order'].format( identifier=order_identifier) file_path = ('../generated/invoices/{}/{}/'.format( key, generate_hash(key)) + order_identifier + '.pdf') try: return return_file('invoice', file_path, order_identifier) except FileNotFoundError: create_pdf_tickets_for_holder(order) return return_file('invoice', file_path, order_identifier) else: return ForbiddenError({ 'source': '' }, 'Unauthorized Access').respond() else: return ForbiddenError({ 'source': '' }, 'Authentication Required to access Invoice').respond()
def ticket_attendee_authorized(order_identifier): if current_user: try: order = Order.query.filter_by(identifier=order_identifier).first() except NoResultFound: raise NotFoundError({'source': ''}, 'This ticket is not associated with any order') if (has_access( 'is_coorganizer_or_user_itself', event_id=order.event_id, user_id=order.user_id, ) or order.is_attendee(current_user)): key = UPLOAD_PATHS['pdf']['tickets_all'].format( identifier=order_identifier) file_path = ( '../generated/tickets/{}/{}/'.format(key, generate_hash(key)) + order_identifier + '.pdf') try: return return_file('ticket', file_path, order_identifier) except FileNotFoundError: create_pdf_tickets_for_holder(order) return return_file('ticket', file_path, order_identifier) else: raise ForbiddenError({'source': ''}, 'Unauthorized Access') else: raise ForbiddenError({'source': ''}, 'Authentication Required to access ticket')
def event_invoices(invoice_identifier): if not current_user: raise ForbiddenError({'source': ''}, 'Authentication Required to access Invoice') try: event_invoice = EventInvoice.query.filter_by( identifier=invoice_identifier).first() event_id = event_invoice.event_id except NoResultFound: raise NotFoundError({'source': ''}, 'Event Invoice not found') if not current_user.is_organizer(event_id) and not current_user.is_staff: raise ForbiddenError({'source': ''}, 'Unauthorized Access') key = UPLOAD_PATHS['pdf']['event_invoices'].format( identifier=invoice_identifier) file_path = ( '../generated/invoices/{}/{}/'.format(key, generate_hash(key)) + invoice_identifier + '.pdf') try: return return_file('event-invoice', file_path, invoice_identifier) except FileNotFoundError: raise ObjectNotFound( {'source': ''}, "The Event Invoice isn't available at the moment. \ Invoices are usually issued on the 1st of every month", )