async def list_voting_options_election(self, request):
private_key, public_key, user = await self._authorize(request)
election_id = request.match_info.get('electionId', '')
if election_id == '':
raise ApiBadRequest(
'The election ID is a required query string parameter')
voting_options = await self._database.fetch_election_voting_options_resource(
election_id=election_id)
if voting_options is None:
raise ApiNotFound('Voting Options in the election id '
'{} was not found'.format(election_id))
election = await self._database.fetch_election_resource(
election_id=election_id)
if election is None:
raise ApiNotFound('Election with the election id '
'{} was not found'.format(election_id))
if election.get('results_permission') != 'PUBLIC':
poll_registration = await self._database.fetch_poll_book_registration(
voter_id=user.get('voter_id'), election_id=election_id)
if poll_registration is None and election.get(
'admin_id') != user.get('voter_id'):
raise ApiForbidden(
'Voter is not registered in the poll book of the election with the id '
'{} .'.format(election_id))
return json_response(voting_options)
async def get_election(self, request):
private_key, public_key, user = await self._authorize(request)
election_id = request.match_info.get('electionId', '')
if election_id == '':
raise ApiBadRequest(
'The election ID is a required query string parameter')
if 'asAdmin' in request.rel_url.query:
election = await self._database.fetch_election_with_can_vote_resource_admin(
voter_id=user.get('voter_id'), election_id=election_id)
else:
election = await self._database.fetch_election_with_can_vote_resource(
voter_id=user.get('voter_id'), election_id=election_id)
if election is None:
raise ApiNotFound('Election with the election id '
'{} was not found'.format(election_id))
if election.get('results_permission') != 'PUBLIC':
if election.get('can_vote') is False and election.get(
'admin_id') != user.get('voter_id'):
raise ApiForbidden(
'Voter is not registered in the poll book of the election with the id '
'{}.'.format(election_id))
return json_response(election)
async def list_admins(self, request):
private_key, public_key, user = await self._authorize(request)
if user.get('type') != 'SUPERADMIN':
raise ApiForbidden('Forbidden')
admin_list = await self._database.fetch_admins_resources()
return json_response(admin_list)
async def list_admin_elections(self, request):
private_key, public_key, user = await self._authorize(request)
voter_id = request.match_info.get('voterId', '')
if voter_id == '':
raise ApiBadRequest(
'The voter ID is a required query string parameter')
if user.get('voter_id') != voter_id:
raise ApiForbidden('Admin must be the authenticated one')
if user.get('type') != 'ADMIN' and user.get('type') != 'SUPERADMIN':
raise ApiForbidden('Voter must be an admin or superadmin')
admin_elections_list = await self._database.fetch_admin_elections_resources(
user.get('voter_id'))
return json_response(admin_elections_list)
async def get_voters(self, request):
private_key, public_key, user = await self._authorize(request)
if user.get('type') != 'SUPERADMIN':
raise ApiForbidden('Forbidden')
voter_id = request.match_info.get('voterId', '')
voters_list = await self._database.fetch_voters_resources(
voter_id=voter_id)
return json_response(voters_list)
async def list_elections_current(self, request):
private_key, public_key, user = await self._authorize(request)
voterId = request.match_info.get('voterId', '')
if voterId == '':
raise ApiBadRequest(
'The voter ID is a required query string parameter')
if user.get('voter_id') != voterId:
raise ApiForbidden('Admin must be the authenticated one')
current_elections_list = await self._database.fetch_current_elections_resources(
voterId, get_time())
return json_response(current_elections_list)
async def update_voter_type(self, request):
private_key, public_key, user = await self._authorize(request)
body = await decode_request(request)
required_fields = ['type']
validate_fields(required_fields, body)
voter_id = request.match_info.get('voterId', '')
if voter_id == '':
raise ApiBadRequest(
'The voter ID is a required query string parameter')
if user.get('type') != 'SUPERADMIN':
raise ApiForbidden('Forbidden')
voter = await self._database.fetch_voter_resource(voter_id=voter_id)
if voter is None:
raise ApiNotFound('No voter found')
if body.get('type') == 'ADMIN' and (voter.get('type') == 'ADMIN' or
voter.get('type') == 'SUPERADMIN'):
raise ApiConflict(
'Voter {} is already an admin or superadmin'.format(voter_id))
elif body.get('type') == 'VOTER' and voter.get('type') == 'VOTER':
raise ApiConflict('Voter {} is already a voter. '.format(voter_id))
auth_info = await self._database.fetch_auth_resource(
public_key=voter.get('public_key'))
voter_private_key = decrypt_private_key(
request.app['aes_key'], voter.get('public_key'),
auth_info.get('encrypted_private_key'))
await self._messenger.send_update_voter_transaction(
private_key=voter_private_key,
voter_id=voter_id,
public_key=voter.get('public_key'),
name=voter.get('name'),
created_at=get_time(),
type=body.get('type'))
return json_response({
'voter': {
'voter_id': voter_id,
'name': voter.get('name'),
'type': 'ADMIN'
}
})
async def get_vote_election(self, request):
private_key, public_key, user = await self._authorize(request)
voter_id = request.match_info.get('voterId', '')
if voter_id == '':
raise ApiBadRequest(
'The voter ID is a required query string parameter')
election_id = request.match_info.get('electionId', '')
if election_id == '':
raise ApiBadRequest(
'The election ID is a required query string parameter')
if user.get('voter_id') != voter_id:
raise ApiForbidden('Admin must be the authenticated one')
vote = await self._database.fetch_my_vote__election_resource(
voter_id=voter_id, election_id=election_id)
return json_response(vote)
async def create_election(self, request):
private_key, public_key, user = await self._authorize(request)
body = await decode_request(request)
required_fields = [
'name', 'description', 'start_timestamp', 'end_timestamp',
'results_permission', 'can_change_vote', 'can_show_realtime',
'voting_options', 'poll_book'
]
validate_fields(required_fields, body)
if user.get('type') != 'ADMIN' and user.get('type') != 'SUPERADMIN':
raise ApiForbidden('Voter must be an admin or superadmin')
election_id = uuid.uuid1().hex
voting_options = body.get('voting_options')
admin = await self._database.fetch_voter_resource(public_key=public_key
)
for voting_option in voting_options:
if voting_option.get('name').upper(
) == "NULL" or voting_option.get('name').upper() == "BLANK":
raise ApiInternalError('NULL and BLANK are default options')
voting_options.append({"name": "NULL", "description": "VOTE NULL"})
voting_options.append({"name": "BLANK", "description": "VOTE BLANK"})
await self._messenger.send_create_election_transaction(
private_key=private_key,
election_id=election_id,
name=body.get('name'),
description=body.get('description'),
start_timestamp=body.get('start_timestamp'),
end_timestamp=body.get('end_timestamp'),
results_permission=body.get('results_permission'),
can_change_vote=body.get('can_change_vote'),
can_show_realtime=body.get('can_show_realtime'),
admin_id=admin.get('voter_id'),
status=1,
timestamp=get_time())
for voting_option in voting_options:
voting_option_id = uuid.uuid1().hex
await self._messenger.send_create_voting_option_transaction(
private_key=private_key,
voting_option_id=voting_option_id,
name=voting_option.get('name'),
description=voting_option.get('description'),
election_id=election_id,
status=1,
timestamp=get_time())
await self._database.insert_voting_option_num_vote_resource(
voting_option_id=voting_option_id,
name=voting_option.get('name'),
election_id=election_id)
for poll_book in body.get('poll_book'):
await self._messenger.send_create_poll_registration_transaction(
private_key=private_key,
voter_id=poll_book.get('id'),
name=poll_book.get('name'),
election_id=election_id,
status=1,
timestamp=get_time())
return json_response({'data': 'Create election transaction submitted'})