def test_start_application(self):
application = Application.get_for_user(self.not_applicant.id)
self.assertIsNone(application, None)
start_application(self.not_applicant)
application = Application.get_for_user(self.not_applicant.id)
self.assertIsInstance(application, Application)
self.assertEqual(application.user_id, self.not_applicant.id)
def set_answers(user_id, answers=None, current_user=None):
if not user_id:
user_id = current_user.id if current_user else None
if not current_user.id == user_id:
raise ForbiddenException(
f'User {current_user.id} is not permitted to answer for {user_id}')
application = Application.get_for_user(user_id)
if not application:
raise ForbiddenException(f'User {user_id} is not an applicant')
elif application.is_submitted:
raise ForbiddenException(
f'Cannot modify answers to a submitted application')
for answer in answers:
answer_record = Answer.query.filter_by(
question_id=answer['question_id'],
application_id=application.id).one_or_none()
if not answer_record:
answer_record = Answer(question_id=answer['question_id'],
text=answer.get('text', ''),
application_id=application.id)
db.session.add(answer_record)
else:
answer_record.text = answer.get('text', '')
db.session.commit()
db.session.commit()
def test_promote_applicant_to_admin(self):
response = set_roles(self.applicant.id,
is_admin=True,
current_user=self.admin)
self.assertEqual(response, {'status': 'ok'})
self.assertTrue(self.applicant.admin)
self.assertIsNone(Application.get_for_user(self.applicant.id))
def get_applicant_notes(applicant_user_id, current_user=None):
applicant = User.get(applicant_user_id)
user_application_access_check(current_user, applicant)
if applicant is None:
applicant_name = Character.get(applicant_user_id).name
return {'error': 'User {} is not an applicant'.format(applicant_name)}
else:
application = Application.get_for_user(applicant_user_id)
return {'info': get_application_note_data(application, current_user)}
def submit_application(current_user=None):
application = Application.get_for_user(current_user.id)
if not application:
raise BadRequestException(
f'User {current_user.id} is not an applicant.')
application.is_submitted = True
db.session.commit()
add_status_note(application, 'Application submitted.')
return {'status': 'ok'}
def own_application_status(current_user):
application = Application.get_for_user(current_user.id)
if application is None:
status = 'none'
elif application.is_submitted:
status = 'submitted'
else:
status = 'unsubmitted'
return {'status': status}
def test_claim_applicant(self):
application = Application.get_for_user(self.applicant.id)
self.assertEqual(len(application.notes), 0)
response = claim_applicant(self.applicant.id, current_user=self.other_recruiter)
self.assertEqual(len(application.notes), 1)
self.assertDictEqual(response, {'status': 'ok'})
self.assertEqual(application.recruiter_id, self.other_recruiter.id)
self.assertFalse(application.is_concluded)
self.assertFalse(application.is_accepted)
self.assertFalse(application.is_invited)
def start_application(current_user=None):
if is_admin(current_user) or is_recruiter(current_user) or is_senior_recruiter(current_user):
raise BadRequestException('Recruiters cannot apply')
character = Character.get(current_user.id)
if character.blocked_from_applying:
raise ForbiddenException('User is blocked')
application = Application.get_for_user(current_user.id)
if application:
raise BadRequestException('An application is already open')
# no application, start one
application = Application(user_id=current_user.id, is_concluded=False)
db.session.add(application)
db.session.commit()
add_status_note(application, 'Application created.')
return {'status': 'ok'}
def get_user_images(user_id, current_user=None):
if user_id == None:
user_id = current_user.id
application = Application.get_for_user(user_id)
user = User.get(user_id)
if application is None:
raise ForbiddenException('User {} does not have access.'.format(
current_user.id))
elif not has_applicant_access(current_user, user, self_access=True):
raise ForbiddenException('User {} does not have access.'.format(
current_user.id))
return {
'info': [{
'url': image.url,
'id': image.filename
} for image in application.images]
}
def get_character_summary(character_id, current_user=None):
character = Character.get(character_id)
if (character_id != current_user.id):
character_application_access_check(current_user, character)
character_data = character.get_op(
'get_characters_character_id',
character_id=character_id,
)
application = Application.get_for_user(character.user_id)
if application is not None:
character_data['current_application_id'] = application.id
if character_id == current_user.id:
character_data[
'current_application_status'] = own_application_status(
current_user)['status']
else:
character_data[
'current_application_status'] = get_application_status(
application)
else:
character_data['current_application_id'] = None
character_data['current_application_status'] = None
character_data['security_status'] = character_data.get(
'security_status', 0.)
corporation = Corporation.get(character_data['corporation_id'])
if character.corporation_id != corporation.id:
character.corporation_id = corporation.id
db.session.commit()
character_data['corporation_name'] = corporation.name
if corporation.alliance is not None:
character_data['alliance_name'] = corporation.alliance.name
else:
character_data['alliance_name'] = None
character_data['character_name'] = character_data.pop('name')
character_data['character_id'] = character_id
redlisted_names = []
if corporation.is_redlisted:
redlisted_names.append('corporation_name')
if corporation.alliance and corporation.alliance.is_redlisted:
redlisted_names.append('alliance_name')
if character.is_redlisted:
redlisted_names.append('character_name')
character_data['redlisted'] = redlisted_names
return {'info': character_data}
def delete_s3(image_id, current_user=None):
image = Image.query.get(image_id)
application = Application.get_for_user(current_user.id)
if application is not None:
self_access = not application.is_submitted
has_access = has_applicant_access(current_user,
application.user,
self_access=self_access)
else:
has_access = False
if (not has_access or image is None or application is None
or application.is_submitted
or application.id != image.application_id):
raise ForbiddenException(
'User {} does not have access to image {}.'.format(
current_user.id, image_id))
else:
Image.delete(image_id, image.filename)
return {'status': 'ok'}
def upload_image(current_user=None):
application = Application.get_for_user(current_user.id)
if application is None:
raise ForbiddenException('User {} does not have access.'.format(
current_user.id))
else:
if app.config.get('TESTING'):
image = Image(application_id=application.id)
db.session.add(image)
db.session.commit()
return {'status': 'ok'}
else:
s3 = boto3.client(
's3',
region_name=aws_region_name,
endpoint_url=aws_endpoint_url,
config=Config(signature_version=aws_signature_version),
)
for key, file in request.files.items():
if file.filename == "":
raise BadRequestException("No file selected")
if file and file.filename.lower().endswith(
('.png', '.jpg', '.jpeg')):
try:
image = Image(application_id=application.id)
db.session.add(image)
db.session.commit()
s3.upload_fileobj(file,
aws_bucket_name,
image.filename,
ExtraArgs={
"ACL": 'public-read',
"ContentType": file.content_type
})
except Exception as e:
print('ERROR upload_image AppException', e)
Image.delete(image.id, image.filename)
raise AppException() from e
else:
print('ERROR upload_image File was not an allowed type')
raise ForbiddenException('File was not an allowed type')
return {'status': 'ok'}
def has_applicant_access(user, target_user, self_access=False, write=True):
if self_access and (user.id == target_user.id):
return True
elif not is_recruiter(user):
return False
else:
return_value = False
application = Application.get_for_user(target_user.id)
if application:
if application.recruiter_id == user.id and not application.is_concluded:
# Requesting user is recruiter who claimed application
return_value = True
elif is_senior_recruiter(user):
return True
elif not application.recruiter_id:
# unclaimed application
return_value = True
elif not write:
return_value = True # all recruiters can read
return return_value
def get_answers(user_id, current_user=None):
if not db.session.query(db.exists().where(User.id == user_id)).scalar():
raise BadRequestException(
'User with id={} does not exist.'.format(user_id))
user = User.get(user_id)
current_user = current_user or user
if not has_applicant_access(current_user, user, self_access=True):
raise ForbiddenException(
'User {} does not have access to user {}'.format(
current_user, user_id))
application = Application.get_for_user(user_id)
if not application:
raise BadRequestException(
'User with id={} has no application.'.format(user_id))
questions = get_questions()
response = {'questions': {}, 'has_application': False}
if application:
response['has_application'] = True
# get a dict keyed by question id of questions & answers
answers = {a.question_id: a.text for a in application.answers}
for question_id in questions:
answer = answers[question_id] if question_id in answers else ""
response['questions'][question_id] = {
'question': questions[question_id],
'user_id': user_id,
'answer': answer,
}
else:
# no application yet, create empty answers
for question_id in questions:
response['questions'][question_id] = {
'question': questions[question_id],
'user_id': user_id,
'answer': '',
}
return response
def delete_any_open_application(user_id):
application = Application.get_for_user(user_id)
if application is not None:
db.session.delete(application)
db.session.commit()
def test_get_user_application_on_non_applicant(self):
result = Application.get_for_user(self.not_applicant.id)
self.assertEqual(result, None)
def test_get_user_application(self):
result = Application.get_for_user(self.applicant.id)
self.assertEqual(result.user_id, self.applicant.id)
self.assertEqual(result, self.application)
def test_start_new_application_after_rejection(self):
reject_applicant(self.applicant.id, self.recruiter)
start_application(self.applicant)
application = Application.get_for_user(self.applicant.id)
self.assertIsInstance(application, Application)
self.assertEqual(application.user_id, self.applicant.id)
