def query(self, view_kwargs):
"""
query method for SessionList class
:param view_kwargs:
:return:
"""
query_ = self.session.query(Session)
if view_kwargs.get('track_id') is not None:
track = safe_query(self, Track, 'id', view_kwargs['track_id'], 'track_id')
query_ = query_.join(Track).filter(Track.id == track.id)
if view_kwargs.get('session_type_id') is not None:
session_type = safe_query(self, SessionType, 'id', view_kwargs['session_type_id'], 'session_type_id')
query_ = query_.join(SessionType).filter(SessionType.id == session_type.id)
if view_kwargs.get('microlocation_id') is not None:
microlocation = safe_query(self, Microlocation, 'id', view_kwargs['microlocation_id'], 'microlocation_id')
query_ = query_.join(Microlocation).filter(Microlocation.id == microlocation.id)
if view_kwargs.get('user_id') is not None:
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
query_ = event_query(self, query_, view_kwargs)
if view_kwargs.get('speaker_id'):
speaker = safe_query(self, Speaker, 'id', view_kwargs['speaker_id'], 'speaker_id')
# session-speaker :: many-to-many relationship
query_ = Session.query.filter(Session.speakers.any(id=speaker.id))
return query_
def query(self, view_kwargs):
"""
query method for Attendees List
:param view_kwargs:
:return:
"""
query_ = self.session.query(TicketHolder)
if view_kwargs.get('order_identifier'):
order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier')
if not has_access('is_registrar', event_id=order.event_id) and not has_access('is_user_itself',
user_id=order.user_id):
raise ForbiddenException({'source': ''}, 'Access Forbidden')
query_ = query_.join(Order).filter(Order.id == order.id)
if view_kwargs.get('ticket_id'):
ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id')
if not has_access('is_registrar', event_id=ticket.event_id):
raise ForbiddenException({'source': ''}, 'Access Forbidden')
query_ = query_.join(Ticket).filter(Ticket.id == ticket.id)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
if not has_access('is_user_itself', user_id=user.id):
raise ForbiddenException({'source': ''}, 'Access Forbidden')
query_ = query_.join(User, User.email == TicketHolder.email).filter(User.id == user.id)
query_ = event_query(self, query_, view_kwargs, permission='is_registrar')
return query_
def query(self, view_kwargs):
"""
query method for Discount Code List
:param view_kwargs:
:return:
"""
query_ = self.session.query(DiscountCode)
# user can only access his/her discount codes.
if view_kwargs.get('user_id'):
if has_access('is_user_itself', user_id=view_kwargs['user_id']):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
else:
raise ForbiddenException({'source': ''}, 'You are not authorized')
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
view_kwargs['event_id'] = event.id
# event co-organizer access required for discount codes under an event.
if view_kwargs.get('event_id'):
if has_access('is_coorganizer', event_id=view_kwargs['event_id']):
self.schema = DiscountCodeSchemaTicket
query_ = query_.filter_by(event_id=view_kwargs['event_id'])
else:
raise ForbiddenException({'source': ''}, 'Event organizer access required')
# discount_code - ticket :: many-to-many relationship
if view_kwargs.get('ticket_id') and has_access('is_coorganizer'):
self.schema = DiscountCodeSchemaTicket
ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id')
query_ = query_.filter(DiscountCode.tickets.any(id=ticket.id))
return query_
def before_get(self, args, kwargs):
if kwargs.get('event_identifier'):
event = safe_query(db, Event, 'identifier', kwargs['event_identifier'], 'event_identifier')
kwargs['event_id'] = event.id
if kwargs.get('event_id') and has_access('is_admin'):
event = safe_query(db, Event, 'id', kwargs['event_id'], 'event_id')
if event.discount_code_id:
kwargs['id'] = event.discount_code_id
else:
kwargs['id'] = None
if kwargs.get('id'):
discount = db.session.query(DiscountCode).filter_by(id=kwargs.get('id')).one()
if not discount:
raise ObjectNotFound({'parameter': '{id}'}, "DiscountCode: not found")
if discount.used_for == 'ticket' and has_access('is_coorganizer', event_id=discount.event_id):
self.schema = DiscountCodeSchemaTicket
elif discount.used_for == 'event' and has_access('is_admin'):
self.schema = DiscountCodeSchemaEvent
else:
raise UnprocessableEntity({'source': ''},
"Please verify your permission")
elif not kwargs.get('id') and not has_access('is_admin'):
raise UnprocessableEntity({'source': ''},
"Please verify your permission. You must be admin to view event\
discount code details")
def before_get(self, args, kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if kwargs.get('order_identifier'):
order = safe_query(db, Order, 'identifier', kwargs['order_identifier'], 'order_identifier')
kwargs['id'] = order.id
elif kwargs.get('id'):
order = safe_query(db, Order, 'id', kwargs['id'], 'id')
if not has_access('is_coorganizer', event_id=order.event_id, user_id=order.user_id):
return ForbiddenException({'source': ''}, 'You can only access your orders or your event\'s orders')
def before_get_object(self, view_kwargs):
"""
method to get id of stripe authorization related to an event
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
view_kwargs['event_id'] = event.id
if view_kwargs.get('event_id'):
stripe_authorization = \
safe_query(self, StripeAuthorization, 'event_id', view_kwargs['event_id'], 'event_id')
view_kwargs['id'] = stripe_authorization.id
def before_get_object(self, view_kwargs):
"""
before get method for Discount Code detail
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
view_kwargs['event_id'] = event.id
if view_kwargs.get('event_id') and has_access('is_admin'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
if event.discount_code_id:
view_kwargs['id'] = event.discount_code_id
else:
view_kwargs['id'] = None
if view_kwargs.get('event_invoice_id') and has_access('is_admin'):
event_invoice = safe_query(self, EventInvoice, 'id', view_kwargs['event_invoice_id'], 'event_invoice_id')
if event_invoice.discount_code_id:
view_kwargs['id'] = event_invoice.discount_code_id
else:
view_kwargs['id'] = None
if view_kwargs.get('id'):
try:
discount = self.session.query(
DiscountCode).filter_by(id=view_kwargs.get('id')).one()
except NoResultFound:
raise ObjectNotFound(
{'parameter': '{id}'}, "DiscountCode: not found")
if 'code' in view_kwargs: # usage via discount code is public
self.schema = DiscountCodeSchemaPublic
return
if discount.used_for == 'ticket' and has_access('is_coorganizer', event_id=discount.event_id):
self.schema = DiscountCodeSchemaTicket
elif discount.used_for == 'event' and has_access('is_admin'):
self.schema = DiscountCodeSchemaEvent
else:
raise UnprocessableEntity({'source': ''},
"Please verify your permission")
elif not view_kwargs.get('id') and not has_access('is_admin'):
raise UnprocessableEntity({'source': ''},
"Please verify your permission. You must be admin to view event\
discount code details")
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
view_kwargs['id'] = event.id
view_kwargs['event_id'] = event.id
if view_kwargs.get('event_id'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
view_kwargs['id'] = event.id
view_kwargs['event_id'] = event.id
def before_get_object(self, view_kwargs):
"""
before get method
:param view_kwargs:
:return:
"""
event = None
if view_kwargs.get('event_id'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
elif view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
if event:
feedback = safe_query(self, Feedback, 'event_id', event.id, 'event_id')
view_kwargs['id'] = feedback.id
def query(self, view_kwargs):
"""
query method for event invoice list
:param view_kwargs:
:return:
"""
query_ = self.session.query(EventInvoice)
query_ = event_query(self, query_, view_kwargs)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
if view_kwargs.get('discount_code_id'):
discount_code = safe_query(self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id')
query_ = query_.join(DiscountCode).filter(DiscountCode.id == discount_code.id)
return query_
def before_get_object(self, view_kwargs):
"""
before get method to get the copyright id to fetch details
:param view_kwargs:
:return:
"""
event = None
if view_kwargs.get('event_id'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
elif view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
if event:
event_copyright = safe_query(self, EventCopyright, 'event_id', event.id, 'event_id')
view_kwargs['id'] = event_copyright.id
def before_get_object(self, view_kwargs):
"""
before get method
:param view_kwargs:
:return:
"""
event = None
if view_kwargs.get('event_id'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
elif view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
if event:
custom_form = safe_query(self, CustomForms, 'event_id', event.id, 'event_id')
view_kwargs['id'] = custom_form.id
def before_get_object(self, view_kwargs):
"""
before get object method to get custom placeholder id for detail
:param view_kwargs:
:return:
"""
event_sub_topic = None
if view_kwargs.get('event_sub_topic_id'):
event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'],
'event_sub_topic_id')
if event_sub_topic:
custom_placeholder = safe_query(self, CustomPlaceholder, 'event_sub_topic_id', event_sub_topic.id,
'event_sub_topic_id')
view_kwargs['id'] = custom_placeholder.id
def test_safe_query(self):
with app.test_request_context():
event = EventFactoryBasic()
db.session.add(event)
db.session.commit()
obj = safe_query(db, Event, 'id', event.id, 'event_id')
self.assertEqual(obj.name, event.name)
def export_pentabarf_task(self, event_id, temp=True):
event = safe_query(db, Event, 'id', event_id, 'event_id')
try:
if temp:
filedir = os.path.join(current_app.config.get('BASE_DIR'), 'static/uploads/temp/' + event_id + '/')
else:
filedir = os.path.join(current_app.config.get('BASE_DIR'), 'static/uploads/' + event_id + '/')
if not os.path.isdir(filedir):
os.makedirs(filedir)
filename = "pentabarf.xml"
file_path = os.path.join(filedir, filename)
with open(file_path, "w") as temp_file:
temp_file.write(str(PentabarfExporter.export(event_id), 'utf-8'))
pentabarf_file = UploadedFile(file_path=file_path, filename=filename)
if temp:
pentabarf_url = upload(pentabarf_file, UPLOAD_PATHS['exports-temp']['pentabarf'].format(event_id=event_id))
else:
pentabarf_url = upload(pentabarf_file, UPLOAD_PATHS['exports']['pentabarf'].format(event_id=event_id))
result = {
'download_url': pentabarf_url
}
if not temp:
event.pentabarf_url = pentabarf_url
save_to_db(event)
except Exception as e:
print(traceback.format_exc())
result = {'__error': True, 'result': str(e)}
return result
def before_update_object(self, obj, data, kwargs):
"""
before update object method for attendee detail
:param obj:
:param data:
:param kwargs:
:return:
"""
if not has_access('is_registrar', event_id=obj.event_id):
raise ForbiddenException({'source': 'User'}, 'You are not authorized to access this.')
if 'device_name_checkin' in data:
if 'checkin_times' not in data or data['checkin_times'] is None:
raise UnprocessableEntity(
{'pointer': '/data/attributes/device_name_checkin'},
"Check in Times missing"
)
if 'is_checked_in' in data and data['is_checked_in']:
if 'checkin_times' not in data or data['checkin_times'] is None:
raise UnprocessableEntity({'pointer': '/data/attributes/checkin_times'},
"Check in time missing while trying to check in attendee")
else:
if obj.checkin_times and data['checkin_times'] not in obj.checkin_times.split(","):
data['checkin_times'] = '{},{}'.format(obj.checkin_times, data['checkin_times'])
elif obj.checkin_times and data['checkin_times'] in obj.checkin_times.split(","):
raise UnprocessableEntity(
{'pointer': '/data/attributes/checkin_times'},
"Check in time already present"
)
if 'device_name_checkin' in data and data['device_name_checkin'] is not None:
if obj.device_name_checkin is not None:
data['device_name_checkin'] = '{},{}'.format(obj.device_name_checkin,
data['device_name_checkin'])
if len(data['checkin_times'].split(",")) != len(data['device_name_checkin'].split(",")):
raise UnprocessableEntity(
{'pointer': '/data/attributes/device_name_checkin'},
"Check in Time missing for the corresponding device name"
)
else:
if obj.device_name_checkin is not None:
data['device_name_checkin'] = '{},{}'.format(obj.device_name_checkin, '-')
else:
data['device_name_checkin'] = '-'
if 'is_checked_out' in data and data['is_checked_out']:
attendee = safe_query(db, TicketHolder, 'id', kwargs['id'], 'attendee_id')
if not attendee.is_checked_out:
checkout_times = obj.checkout_times.split(',') if obj.checkout_times else []
checkout_times.append(str(datetime.utcnow()))
data['checkout_times'] = ','.join(checkout_times)
if 'attendee_notes' in data:
if obj.attendee_notes and data['attendee_notes'] not in obj.attendee_notes.split(","):
data['attendee_notes'] = '{},{}'.format(obj.attendee_notes, data['attendee_notes'])
def before_get_object(self, view_kwargs):
"""
before get object method for attendee detail
:param view_kwargs:
:return:
"""
attendee = safe_query(self, TicketHolder, 'id', view_kwargs['id'], 'attendee_id')
if not has_access('is_registrar_or_user_itself', user_id=current_identity.id, event_id=attendee.event_id):
raise ForbiddenException({'source': 'User'}, 'You are not authorized to access this.')
def send_event_fee_notification():
from app import current_app as app
with app.app_context():
events = Event.query.all()
for event in events:
latest_invoice = EventInvoice.query.filter_by(
event_id=event.id).order_by(EventInvoice.created_at.desc()).first()
if latest_invoice:
orders = Order.query \
.filter_by(event_id=event.id) \
.filter_by(status='completed') \
.filter(Order.completed_at > latest_invoice.created_at).all()
else:
orders = Order.query.filter_by(
event_id=event.id).filter_by(status='completed').all()
fee_total = 0
for order in orders:
for order_ticket in order.tickets:
ticket = safe_query(db, Ticket, 'id', order_ticket.ticket_id, 'ticket_id')
if order.paid_via != 'free' and order.amount > 0 and ticket.price > 0:
fee = ticket.price * (get_fee(order.event.payment_currency) / 100.0)
fee_total += fee
if fee_total > 0:
organizer = get_user_event_roles_by_role_name(event.id, 'organizer').first()
new_invoice = EventInvoice(
amount=fee_total, event_id=event.id, user_id=organizer.user.id)
if event.discount_code_id and event.discount_code:
r = relativedelta(datetime.utcnow(), event.created_at)
if r <= event.discount_code.valid_till:
new_invoice.amount = fee_total - \
(fee_total * (event.discount_code.value / 100.0))
new_invoice.discount_code_id = event.discount_code_id
save_to_db(new_invoice)
prev_month = monthdelta(new_invoice.created_at, 1).strftime(
"%b %Y") # Displayed as Aug 2016
app_name = get_settings()['app_name']
frontend_url = get_settings()['frontend_url']
link = '{}/invoices/{}'.format(frontend_url, new_invoice.identifier)
send_email_for_monthly_fee_payment(new_invoice.user.email,
event.name,
prev_month,
new_invoice.amount,
app_name,
link)
send_notif_monthly_fee_payment(new_invoice.user,
event.name,
prev_month,
new_invoice.amount,
app_name,
link,
new_invoice.event_id)
def before_create_object(self, data, view_kwargs):
"""
method to create object before post
:param data:
:param view_kwargs:
:return:
"""
if view_kwargs.get('user_id') is not None:
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
data['user_id'] = user.id
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('notification_action_id'):
notification_action = safe_query(self, NotificationAction,
'id', view_kwargs['notification_action_id'], 'notification_action_id')
view_kwargs['id'] = notification_action.notification_id
def query(self, view_kwargs):
"""
query method for Notifications list
:param view_kwargs:
:return:
"""
query_ = self.session.query(UserEmail)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
return query_
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('attendee_id'):
attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id')
view_kwargs['id'] = attendee.order.id
if view_kwargs.get('order_identifier'):
order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier')
view_kwargs['id'] = order.id
elif view_kwargs.get('id'):
order = safe_query(self, Order, 'id', view_kwargs['id'], 'id')
if not has_access('is_coorganizer_or_user_itself', event_id=order.event_id, user_id=order.user_id):
return ForbiddenException({'source': ''}, 'You can only access your orders or your event\'s orders')
# expire the initializing order if time limit is over.
set_expiry_for_order(order)
def before_create_object(self, data, view_kwargs):
"""
method to create object before post
:param data:
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_sub_topic_id'):
event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'],
'event_sub_topic_id')
data['event_sub_topic_id'] = event_sub_topic.id
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('attendee_id'):
attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id')
view_kwargs['id'] = attendee.order.id
if view_kwargs.get('order_identifier'):
order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier')
view_kwargs['id'] = order.id
elif view_kwargs.get('id'):
order = safe_query(self, Order, 'id', view_kwargs['id'], 'id')
if not has_access('is_coorganizer_or_user_itself', event_id=order.event_id, user_id=order.user_id):
return ForbiddenException({'source': ''}, 'You can only access your orders or your event\'s orders')
# expire the pending order if time limit is over.
set_expiry_for_order(order)
def before_create_object(self, data, view_kwargs):
"""
method to create object before post
:param data:
:param view_kwargs:
:return:
"""
if view_kwargs.get('user_id') is not None:
user = safe_query(self, User, 'id', view_kwargs['user_id'],
'user_id')
data['user_id'] = user.id
def query(self, view_kwargs):
"""
query method for Notifications list
:param view_kwargs:
:return:
"""
query_ = self.session.query(UserEmail)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
return query_
def calculate_amount():
data = request.get_json()
tickets = data['tickets']
discount_code = None
if 'discount-code' in data:
discount_code_id = data['discount-code']
discount_code = safe_query(db, DiscountCode, 'id', discount_code_id, 'id')
if not TicketingManager.match_discount_quantity(discount_code, tickets, None):
return UnprocessableEntityError({'source': 'discount-code'}, 'Discount Usage Exceeded').respond()
return jsonify(calculate_order_amount(tickets, discount_code))
def before_get_object(self, view_kwargs):
"""
before get method for news object
:param view_kwargs:
:return:
"""
if view_kwargs.get('newscomment_id') is not None:
newscomment = safe_query(self, NewsComment, 'id',
view_kwargs['newscomment_id'],
'newscomment_id')
view_kwargs['id'] = newscomment.news_id
def query(self, view_kwargs):
"""
query method for Discount Code List
:param view_kwargs:
:return:
"""
query_ = self.session.query(DiscountCode)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier', view_kwargs['event_identifier'], 'event_identifier')
view_kwargs['event_id'] = event.id
if view_kwargs.get('event_id') and has_access('is_coorganizer', event_id=view_kwargs['event_id']):
self.schema = DiscountCodeSchemaTicket
query_ = query_.filter_by(event_id=view_kwargs['event_id'])
return query_
def before_get_object(self, view_kwargs):
"""
before get method for user object
:param view_kwargs:
:return:
"""
if view_kwargs.get('move_comment_id') is not None:
move_comment = safe_query(self, MoveComment, 'id',
view_kwargs['move_comment_id'],
'move_comment_id')
view_kwargs['id'] = move_comment.move_id
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_identifier'):
event = safe_query(
Event, 'identifier', view_kwargs['event_identifier'], 'identifier'
)
view_kwargs['event_id'] = event.id
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('role_invite_id') is not None:
role_invite = safe_query(self, RoleInvite, 'id', view_kwargs['role_invite_id'], 'role_invite_id')
if role_invite.role_id is not None:
view_kwargs['id'] = role_invite.role_id
else:
view_kwargs['id'] = None
if view_kwargs.get('users_events_role_id') is not None:
users_events_role = safe_query(self, UsersEventsRoles, 'id', view_kwargs['users_events_role_id'],
'users_events_role_id')
if users_events_role.role_id is not None:
view_kwargs['id'] = users_events_role.role_id
else:
view_kwargs['id'] = None
def query(self, view_kwargs):
"""
query method for SessionList class
:param view_kwargs:
:return:
"""
query_ = self.session.query(Session)
if view_kwargs.get('track_id') is not None:
track = safe_query(self, Track, 'id', view_kwargs['track_id'],
'track_id')
query_ = query_.join(Track).filter(Track.id == track.id)
if view_kwargs.get('session_type_id') is not None:
session_type = safe_query(self, SessionType, 'id',
view_kwargs['session_type_id'],
'session_type_id')
query_ = query_.join(SessionType).filter(
SessionType.id == session_type.id)
if view_kwargs.get('microlocation_id') is not None:
microlocation = safe_query(
self,
Microlocation,
'id',
view_kwargs['microlocation_id'],
'microlocation_id',
)
query_ = query_.join(Microlocation).filter(
Microlocation.id == microlocation.id)
if view_kwargs.get('user_id') is not None:
user = safe_query(self, User, 'id', view_kwargs['user_id'],
'user_id')
query_ = (query_.join(User).join(Speaker).filter(
(User.id == user.id
or Session.speakers.any(Speaker.user_id == user.id))))
query_ = event_query(self, query_, view_kwargs)
if view_kwargs.get('speaker_id'):
speaker = safe_query(self, Speaker, 'id',
view_kwargs['speaker_id'], 'speaker_id')
# session-speaker :: many-to-many relationship
query_ = Session.query.filter(Session.speakers.any(id=speaker.id))
return query_
def event_query(
self,
query_,
view_kwargs,
event_id='event_id',
event_identifier='event_identifier',
permission='is_coorganizer_endpoint_related_to_event',
):
"""
Queries the event according to 'event_id' and 'event_identifier' and joins for the query
For draft events, if the user is not logged in or does not have required permissions, a 404 is raised
:param self:
:param event_id: String representing event_id in the view_kwargs
:param event_identifier: String representing event_identifier in the view_kwargs
:param query_: Query object
:param view_kwargs: view_kwargs from the API
:param permission: the name of the permission to be applied as a string. Default: is_coorganizer
:return:
"""
if view_kwargs.get(event_id):
event = safe_query(self, Event, 'id', view_kwargs[event_id], event_id)
if event.state != 'published' and (
'Authorization' not in request.headers
or not has_access(permission, event_id=event.id)):
raise ObjectNotFound(
{'parameter': event_id},
"Event: {} not found".format(view_kwargs[event_id]),
)
query_ = query_.join(Event).filter(Event.id == event.id)
elif view_kwargs.get(event_identifier):
event = safe_query(self, Event, 'identifier',
view_kwargs[event_identifier], event_identifier)
if event.state != 'published' and (
'Authorization' not in request.headers
or not has_access(permission, event_id=event.id)):
raise ObjectNotFound(
{'parameter': event_identifier},
"Event: {} not found".format(view_kwargs[event_identifier]),
)
query_ = query_.join(Event).filter(Event.id == event.id)
return query_
def before_get_object(self, view_kwargs):
"""
before get method for user object
:param view_kwargs:
:return:
"""
if view_kwargs.get('role_id') is not None:
panel_perm = safe_query(self, PanelPermission, 'id', view_kwargs['role_id'], 'role_id')
if panel_perm.role_id is not None:
view_kwargs['id'] = panel_perm.role_id
else:
view_kwargs['id'] = None
def before_get_object(self, view_kwargs):
"""
before get object method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('attendee_id') is not None:
attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id')
if attendee.ticket_id is not None:
view_kwargs['id'] = attendee.ticket_id
else:
view_kwargs['id'] = None
def query(self, view_kwargs):
"""
query method for speakers list class
:param view_kwargs:
:return:
"""
query_ = db.session.query(Process)
if view_kwargs.get('header_id'):
header = safe_query(self, Header, 'id', view_kwargs['process_id'],
'process_id')
query_ = query_.join(Header).filter(Header.id == header.id)
def before_create_object(self, data, view_kwargs):
"""
method to create object before post
:param data:
:param view_kwargs:
:return:
"""
if view_kwargs.get('event_sub_topic_id'):
event_sub_topic = safe_query(self, EventSubTopic, 'id',
view_kwargs['event_sub_topic_id'],
'event_sub_topic_id')
data['event_sub_topic_id'] = event_sub_topic.id
def query(self, view_kwargs):
"""
method to query Ticket tags based on different params
:param view_kwargs:
:return:
"""
query_ = self.session.query(TicketTag)
if view_kwargs.get('ticket_id'):
ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'], 'ticket_id')
query_ = query_.join(ticket_tags_table).filter_by(ticket_id=ticket.id)
query_ = event_query(self, query_, view_kwargs)
return query_
def before_marshmallow(self, args, kwargs):
if current_identity:
# Is admin?
if has_access('is_admin', user_id=current_identity.id):
self.schema = GeokretSchema
# Is GeoKret owner?
if kwargs.get('id') is not None:
geokret = safe_query(self, Geokret, 'id', kwargs['id'],
'geokret_owned_id')
if geokret.owner_id == current_identity.id:
self.schema = GeokretSchema
def before_get_object(self, view_kwargs):
"""
before get method
:param view_kwargs:
:return:
"""
event = None
if view_kwargs.get('event_id'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
elif view_kwargs.get('event_identifier'):
event = safe_query(
self,
Event,
'identifier',
view_kwargs['event_identifier'],
'event_identifier',
)
if event:
custom_form = safe_query(self, CustomForms, 'event_id', event.id, 'event_id')
view_kwargs['id'] = custom_form.id
def before_get_object(self, view_kwargs):
"""
before get method to get the tax id to fetch details
:param view_kwargs:
:return:
"""
event = None
if view_kwargs.get('event_id'):
event = safe_query(self, Event, 'id', view_kwargs['event_id'], 'event_id')
elif view_kwargs.get('event_identifier'):
event = safe_query(
self,
Event,
'identifier',
view_kwargs['event_identifier'],
'event_identifier',
)
if event:
tax = safe_query(self, Tax, 'event_id', event.id, 'event_id')
view_kwargs['id'] = tax.id
def verify_mobile_paypal_payment(order_identifier):
"""
Verify paypal payment made on mobile client
:return: The status of order verification
"""
try:
payment_id = request.json['data']['attributes']['payment-id']
except TypeError:
raise BadRequestError({'source': ''}, 'Bad Request Error')
order = safe_query(Order, 'identifier', order_identifier, 'identifier')
status, error = PayPalPaymentsManager.verify_payment(payment_id, order)
return jsonify(status=status, error=error)
def query(self, view_kwargs):
"""
query method for resource list
:param view_kwargs:
:return:
"""
query_ = self.session.query(Microlocation)
query_ = event_query(self, query_, view_kwargs)
if view_kwargs.get('session_id'):
session = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id')
query_ = query_.join(Session).filter(Session.id == session.id)
return query_
def query(self, view_kwargs):
"""
query method for speakers list class
:param view_kwargs:
:return:
"""
query_ = db.session.query(Header)
if view_kwargs.get('process_id'):
process = safe_query(self, Process, 'id',
view_kwargs['process_id'], 'process_id')
query_ = query_.join(Process).filter(Process.id == process.id)
def resize_event_images_task(self, event_id, original_image_url):
event = safe_query(db, Event, 'id', event_id, 'event_id')
try:
logging.info('Event image resizing tasks started {}'.format(original_image_url))
uploaded_images = create_save_image_sizes(original_image_url, 'event-image', event.id)
event.large_image_url = uploaded_images['large_image_url']
event.thumbnail_image_url = uploaded_images['thumbnail_image_url']
event.icon_image_url = uploaded_images['icon_image_url']
save_to_db(event)
logging.info('Resized images saved successfully for event with id: {}'.format(event_id))
except (urllib.error.HTTPError, urllib.error.URLError):
logging.exception('Error encountered while generating resized images for event with id: {}'.format(event_id))
def before_get_object(self, view_kwargs):
"""
before get method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('session_id') is not None:
sessions = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id')
if sessions.event_id is not None:
view_kwargs['id'] = sessions.event_id
else:
view_kwargs['id'] = None
def resize_speaker_images_task(self, speaker_id, photo_url):
speaker = safe_query(db, Speaker, 'id', speaker_id, 'speaker_id')
try:
logging.info('Speaker image resizing tasks started for speaker with id {}'.format(speaker_id))
uploaded_images = create_save_image_sizes(photo_url, 'speaker-image', speaker_id)
speaker.small_image_url = uploaded_images['small_image_url']
speaker.thumbnail_image_url = uploaded_images['thumbnail_image_url']
speaker.icon_image_url = uploaded_images['icon_image_url']
save_to_db(speaker)
logging.info('Resized images saved successfully for speaker with id: {}'.format(speaker_id))
except (urllib.error.HTTPError, urllib.error.URLError):
logging.exception('Error encountered while generating resized images for event with id: {}'.format(speaker_id))
def query(self, view_kwargs):
"""
query method for custom placeholders list
:param view_kwargs:
:return:
"""
query_ = self.session.query(CustomPlaceholder)
if view_kwargs.get('event_sub_topic_id'):
event_sub_topic = safe_query(self, EventSubTopic, 'id', view_kwargs['event_sub_topic_id'],
'event_sub_topic_id')
query_ = query_.join(EventSubTopic).filter(EventSubTopic.id == event_sub_topic.id)
return query_
def query(self, view_kwargs):
"""
query method for Panel Permission List
:param view_kwargs:
:return:
"""
query_ = self.session.query(CustomSysRole)
if view_kwargs.get('panel_id'):
panel = safe_query(self, PanelPermission, 'id', view_kwargs['panel_id'], 'panel_id')
query_ = CustomSysRole.query.filter(CustomSysRole.panel_permissions.any(id=panel.id))
return query_
def before_get_object(self, view_kwargs):
"""
before get object method to get the resource id for fetching details
:param view_kwargs:
:return:
"""
if view_kwargs.get('attendee_id') is not None:
attendee = safe_query(self, TicketHolder, 'id', view_kwargs['attendee_id'], 'attendee_id')
if attendee.ticket_id is not None:
view_kwargs['id'] = attendee.ticket_id
else:
view_kwargs['id'] = None
def test_field_daily_mails_is_boolean(self,
value,
expected_code,
expected=False):
response = UserPayload().blend()\
.set_daily_mails(value)\
.post(code=expected_code)
if expected_code == 422:
response.assertRaiseJsonApiError('/data/attributes/daily-mails')
else:
user = safe_query(self, User, 'id', response.id, 'id')
self.assertEqual(user.daily_mails, expected)
def query(self, view_kwargs):
"""
query method for Discount Code List
:param view_kwargs:
:return:
"""
query_ = self.session.query(DiscountCode)
# user can only access his/her discount codes.
if view_kwargs.get('user_id'):
if has_access('is_user_itself', user_id=view_kwargs['user_id']):
user = safe_query(self, User, 'id', view_kwargs['user_id'],
'user_id')
query_ = query_.join(User).filter(User.id == user.id)
else:
raise ForbiddenException({'source': ''},
'You are not authorized')
if view_kwargs.get('event_identifier'):
event = safe_query(self, Event, 'identifier',
view_kwargs['event_identifier'],
'event_identifier')
view_kwargs['event_id'] = event.id
# event co-organizer access required for discount codes under an event.
if view_kwargs.get('event_id'):
if has_access('is_coorganizer', event_id=view_kwargs['event_id']):
self.schema = DiscountCodeSchemaTicket
query_ = query_.filter_by(event_id=view_kwargs['event_id'])
else:
raise ForbiddenException({'source': ''},
'Event organizer access required')
# discount_code - ticket :: many-to-many relationship
if view_kwargs.get('ticket_id') and has_access('is_coorganizer'):
self.schema = DiscountCodeSchemaTicket
ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'],
'ticket_id')
query_ = query_.filter(DiscountCode.tickets.any(id=ticket.id))
return query_
def query(self, view_kwargs):
"""
query method for resource list
:param view_kwargs:
:return:
"""
if 'Authorization' in request.headers:
verify_jwt_in_request()
if current_user.is_super_admin or current_user.is_admin:
query_ = self.session.query(Ticket)
elif view_kwargs.get('event_id') and has_access('is_organizer', event_id=view_kwargs['event_id']):
query_ = self.session.query(Ticket)
else:
query_ = self.session.query(Ticket).filter_by(is_hidden=False)
else:
query_ = self.session.query(Ticket).filter_by(is_hidden=False)
if view_kwargs.get('ticket_tag_id'):
ticket_tag = safe_query(self, TicketTag, 'id', view_kwargs['ticket_tag_id'], 'ticket_tag_id')
query_ = query_.join(ticket_tags_table).filter_by(ticket_tag_id=ticket_tag.id)
query_ = event_query(self, query_, view_kwargs)
if view_kwargs.get('access_code_id'):
access_code = safe_query(self, AccessCode, 'id', view_kwargs['access_code_id'], 'access_code_id')
# access_code - ticket :: many-to-many relationship
query_ = Ticket.query.filter(Ticket.access_codes.any(id=access_code.id))
if view_kwargs.get('discount_code_id'):
discount_code = safe_query(self, DiscountCode, 'id', view_kwargs['discount_code_id'], 'discount_code_id')
# discount_code - ticket :: many-to-many relationship
query_ = Ticket.query.filter(Ticket.discount_codes.any(id=discount_code.id))
if view_kwargs.get('order_identifier'):
order = safe_query(self, Order, 'identifier', view_kwargs['order_identifier'], 'order_identifier')
ticket_ids = []
for ticket in order.tickets:
ticket_ids.append(ticket.id)
query_ = query_.filter(Ticket.id.in_(tuple(ticket_ids)))
return query_
def query(self, view_kwargs):
"""
query method for Attendees List
:param view_kwargs:
:return:
"""
query_ = self.session.query(TicketHolder)
if view_kwargs.get('order_identifier'):
order = safe_query(self, Order, 'identifier',
view_kwargs['order_identifier'],
'order_identifier')
if not has_access('is_registrar',
event_id=order.event_id) or not has_access(
'is_user_itself', id=order.user_id):
raise ForbiddenException({'source': ''}, 'Access Forbidden')
query_ = query_.join(Order).filter(Order.id == order.id)
if view_kwargs.get('ticket_id'):
ticket = safe_query(self, Ticket, 'id', view_kwargs['ticket_id'],
'ticket_id')
if not has_access('is_registrar', event_id=ticket.event_id):
raise ForbiddenException({'source': ''}, 'Access Forbidden')
query_ = query_.join(Ticket).filter(Ticket.id == ticket.id)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'],
'user_id')
if not has_access('is_user_itself', id=user.id):
raise ForbiddenException({'source': ''}, 'Access Forbidden')
query_ = query_.join(
User,
User.email == TicketHolder.email).filter(User.id == user.id)
query_ = event_query(self,
query_,
view_kwargs,
permission='is_registrar')
return query_
def query(self, view_kwargs):
"""
query method for speakers list class
:param view_kwargs:
:return:
"""
query_ = self.session.query(Speaker)
query_ = event_query(self, query_, view_kwargs)
if view_kwargs.get('user_id'):
user = safe_query(self, User, 'id', view_kwargs['user_id'], 'user_id')
query_ = query_.join(User).filter(User.id == user.id)
if view_kwargs.get('session_id'):
session = safe_query(self, Session, 'id', view_kwargs['session_id'], 'session_id')
# session-speaker :: many-to-many relationship
query_ = Speaker.query.filter(Speaker.sessions.any(id=session.id))
if 'Authorization' in request.headers and not has_access('is_coorganizer', event_id=session.event_id):
if not has_access('is_session_self_submitted', session_id=session.id):
query_ = query_.filter(Session.state == "approved" or Session.state == "accepted")
return query_
