def validate_json_data(request):
try:
json = request.json_body
except ValueError as e:
request.errors.add('body', 'data', str(e))
request.errors.status = 422
raise error_handler(request.errors)
if not isinstance(json, dict) or 'data' not in json or not isinstance(
json.get('data'), dict):
request.errors.add('body', 'data', "Data not available")
request.errors.status = 422
raise error_handler(request.errors)
request.validated['json_data'] = json['data']
return json['data']
def extract_inspection(request):
key = "inspection_id"
uid = request.matchdict.get(key)
if uid:
db = request.registry.db
doc = db.get(uid)
if doc is not None and doc.get('doc_type') == 'inspection':
request.errors.add('url', key, 'Archived')
request.errors.status = 410
raise error_handler(request.errors)
elif doc is None or doc.get('doc_type') != 'Inspection':
request.errors.add('url', key, 'Not Found')
request.errors.status = 404
raise error_handler(request.errors)
return request.inspection_from_data(doc)
def extract_request(request):
key = "request_id"
uid = request.matchdict.get(key)
if uid:
db = request.registry.db
doc = db.get(uid)
if doc is not None and doc.get("doc_type") == "request":
request.errors.add("url", key, "Archived")
request.errors.status = 410
raise error_handler(request.errors)
elif doc is None or doc.get("doc_type") != "Request":
request.errors.add("url", key, "Not Found")
request.errors.status = 404
raise error_handler(request.errors)
return request.request_from_data(doc)
def validate_data(request, model, partial=False, data=None):
if data is None:
data = validate_json_data(request)
try:
if partial and isinstance(request.context, model):
initial_data = request.context.serialize()
m = model(initial_data)
new_patch = apply_data_patch(initial_data, data)
if new_patch:
m.import_data(new_patch, partial=True, strict=True)
m.__parent__ = request.context.__parent__
m.validate()
role = request.context.get_role()
method = m.to_patch
else:
m = model(data)
m.__parent__ = request.context
m.validate()
method = m.serialize
role = 'create'
except (ModelValidationError, ModelConversionError), e:
for i in e.message:
request.errors.add('body', i, e.message[i])
request.errors.status = 422
raise error_handler(request.errors)
def validate_json_data(request):
try:
json = request.json_body
except ValueError, e:
request.errors.add('body', 'data', e.message)
request.errors.status = 422
raise error_handler(request.errors)
def validate_data(request, model, partial=False, data=None):
if data is None:
data = validate_json_data(request)
try:
if partial and isinstance(request.context, model):
initial_data = request.context.serialize()
m = model(initial_data)
new_patch = apply_data_patch(initial_data, data)
if new_patch:
m.import_data(new_patch, partial=True, strict=True)
m.__parent__ = request.context.__parent__
m.validate()
role = request.context.get_role()
method = m.to_patch
else:
m = model(data)
m.__parent__ = request.context
m.validate()
method = m.serialize
role = 'create'
except (ModelValidationError, ModelConversionError) as e:
for i in e.messages:
request.errors.add('body', i, e.messages[i])
request.errors.status = 422
raise error_handler(request.errors)
except ValueError as e:
request.errors.add('body', 'data', e.args[0])
request.errors.status = 422
raise error_handler(request.errors)
else:
if hasattr(type(m), '_options') and role not in type(m)._options.roles:
request.errors.add('url', 'role', 'Forbidden')
request.errors.status = 403
raise error_handler(request.errors)
else:
data = method(role)
request.validated['data'] = data
if not partial:
m = model(data)
m.__parent__ = request.context
if model._options.namespace:
request.validated[model._options.namespace.lower()] = m
else:
request.validated[model.__name__.lower()] = m
return data
def extract_monitoring_adapter(request, monitoring_id):
db = request.registry.db
doc = db.get(monitoring_id)
if doc is None or doc.get('doc_type') != 'Monitoring':
request.errors.add('url', 'monitoring_id', 'Not Found')
request.errors.status = 404
raise error_handler(request.errors)
return request.monitoring_from_data(doc)
def _validate_elimination_report_status(request):
monitoring = request.validated['monitoring']
if monitoring.status != ADDRESSED_STATUS:
request.errors.status = 422
request.errors.add(
'body', 'eliminationReport',
'Can\'t update in current {} monitoring status.'.format(
monitoring.status))
raise error_handler(request.errors)
def validate_file_upload(request):
update_logging_context(request, {'document_id': '__new__'})
if request.registry.docservice_url and request.content_type == "application/json":
return validate_document_data(request)
if 'file' not in request.POST or not hasattr(request.POST['file'],
'filename'):
request.errors.add('body', 'file', 'Not Found')
request.errors.status = 404
raise error_handler(request.errors)
else:
request.validated['file'] = request.POST['file']
def validate_appeal_data(request):
"""
Validate appeal report data POST
"""
monitoring = request.validated['monitoring']
if monitoring.appeal is not None:
raise_operation_error(request, "Can't post another appeal.")
if monitoring.conclusion is None or monitoring.conclusion.datePublished is None:
request.errors.status = 422
request.errors.add('body', 'appeal',
'Can\'t post before conclusion is published.')
raise error_handler(request.errors)
return validate_data(request, Appeal)
def validate_monitoring_data(request):
"""
Validate monitoring data POST
"""
update_logging_context(request, {'MONITOR_ID': '__new__'})
data = validate_data(request, Monitoring)
monitoring = request.validated['monitoring']
if monitoring.status != DRAFT_STATUS:
request.errors.add(
'body', 'status',
"Can't create a monitoring in '{}' status.".format(
monitoring.status))
request.errors.status = 422
raise error_handler(request.errors)
return data
def _validate_patch_monitoring_fields(request):
"""
Check sent data that is not allowed in current status
acceptable fields are set in Monitor.Options.roles: edit_draft, edit_active, etc
"""
provided = set(request.validated['json_data'].keys())
allowed = set(request.validated['data'].keys())
difference = provided - allowed
if difference:
for i in difference:
request.errors.add(
'body', i,
'This field cannot be updated in the {} status.'.format(
request.validated['monitoring']['status']))
request.errors.status = 422
raise error_handler(request.errors)
def _validate_patch_monitoring_status(request):
"""
Check that monitoring status change is allowed
"""
status = request.validated['json_data'].get('status')
if status is not None and status != request.context.status:
function_name = '_validate_patch_monitoring_status_{}_to_{}'.format(
request.context.status, status)
try:
func = globals()[function_name]
except KeyError:
request.errors.add(
'body', 'status',
'Status update from "{}" to "{}" is not allowed.'.format(
request.context.status, status))
request.errors.status = 422
raise error_handler(request.errors)
else:
return func(request)
def get_item(parent, key, request):
request.validated['{}_id'.format(key)] = request.matchdict['{}_id'.format(
key)]
plural = '{}ies'.format(key[0:-1]) if key[-1] == 'y' else '{}s'.format(key)
items = [
i for i in getattr(parent, plural, [])
if i.id == request.matchdict['{}_id'.format(key)]
]
if not items:
from openprocurement.audit.api.utils import error_handler
request.errors.add('url', '{}_id'.format(key), 'Not Found')
request.errors.status = 404
raise error_handler(request.errors)
else:
if key == 'document':
request.validated[plural] = items
item = items[-1]
request.validated[key] = item
request.validated['id'] = request.matchdict['{}_id'.format(key)]
item.__parent__ = parent
return item
def _validate_patch_monitoring_status_to_stopped_or_cancelled(request):
if not request.validated.get('data', {}).get('cancellation'):
request.errors.status = 422
request.errors.add('body', 'cancellation', 'This field is required.')
raise error_handler(request.errors)
def _validate_patch_monitoring_status_active_to_addressed_or_declined(request):
if not request.validated.get('data', {}).get('conclusion'):
request.errors.status = 422
request.errors.add('body', 'conclusion', 'This field is required.')
raise error_handler(request.errors)
def _validate_patch_monitoring_status_draft_to_active(request):
if not request.validated.get('data', {}).get('decision'):
request.errors.status = 422
request.errors.add('body', 'decision', 'This field is required.')
raise error_handler(request.errors)
"DELETE": "delete"
}
def validate_json_data(request):
try:
json = request.json_body
except ValueError, e:
request.errors.add('body', 'data', e.message)
request.errors.status = 422
raise error_handler(request.errors)
if not isinstance(json, dict) or 'data' not in json or not isinstance(
json.get('data'), dict):
request.errors.add('body', 'data', "Data not available")
request.errors.status = 422
raise error_handler(request.errors)
request.validated['json_data'] = json['data']
return json['data']
def validate_data(request, model, partial=False, data=None):
if data is None:
data = validate_json_data(request)
try:
if partial and isinstance(request.context, model):
initial_data = request.context.serialize()
m = model(initial_data)
new_patch = apply_data_patch(initial_data, data)
if new_patch:
m.import_data(new_patch, partial=True, strict=True)
m.__parent__ = request.context.__parent__
