def get(self, vedlegg_id):
rapport_vedlegg = current_app.db_session.query(RapportVedlegg).filter(
RapportVedlegg.vedlegg_id == vedlegg_id).first()
soknad_vedlegg = current_app.db_session.query(SoknadVedlegg).filter(
SoknadVedlegg.vedlegg_id == vedlegg_id).first()
if rapport_vedlegg is not None:
object = rapport_vedlegg.rapport
vedlegg = rapport_vedlegg.vedlegg
soknad_id = object.soknad_id
elif soknad_vedlegg is not None:
object = soknad_vedlegg.soknad
vedlegg = soknad_vedlegg.vedlegg
soknad_id = object.id
else:
abort(404, __error__=['Vedlegg med id %d finnes ikke' % vedlegg_id])
ensure(GET, object)
try:
doc_path = "%s/%s" % (DOC_PATH, get_rel_vedlegg_path(soknad_id))
return send_from_directory(doc_path,
vedlegg.file_ref,
as_attachment=True,
attachment_filename=vedlegg.filnavn.encode("utf-8"))
except NotFound:
abort(500, __error__=['Filen for vedlegg med id %d finnes ikke' % vedlegg_id])
def show_score(user_id,score_id):
teams = [t for t in Team.select() if can(auth.get_logged_in_user(),READ,t)]
user = get_object_or_404(User, User.id == user_id)
score = get_object_or_404(Score, Score.id == score_id)
ensure(READ,user)
users = [u for u in User.select().where(User.team == user.team) if can(auth.get_logged_in_user(),READ,u)]
return render_template("score_detail.html", active_user=user, teams=teams, users=users, active_team = user.team, score=score)
def get(self, application_id=None):
if application_id is not None:
application = self.get_object_by_id(application_id)
ensure(GET, application)
application_dict = marshal(application, application_fields)
# Include emails in response, if requested
if "include_emails" in request.args:
_, granted_message = render_email_template(application, "Granted")
_, denied_message = render_email_template(application, "Denied")
application_dict['emails'] = dict(
granted_message=granted_message,
denied_message=denied_message
)
return application_dict
applications = current_app.db_session.query(Application).order_by(Application.id)
applications = filter_applications(applications, request.cookies)
if "resource_uri" in request.args:
applications = applications.filter(
Application.resource_id == Resource.id,
Resource.uri == request.args["resource_uri"]
)
if "organisation_uri" in request.args:
applications = applications.filter(
Application.organisation_id == Organisation.id,
Organisation.uri == request.args["organisation_uri"]
)
if "status" in request.args:
applications = applications.filter(
Application.status == request.args["status"]
)
if "person_uri" in request.args:
applications = applications.filter(
Application.person_id == Person.id,
Person.uri == request.args["person_uri"]
)
if "type" in request.args:
if request.args["type"] == 'repeating':
applications = applications.filter(
Application.requested_repeating_slots.any()
)
if request.args["type"] == 'single':
applications = applications.filter(
Application.requested_single_slots.any()
)
if request.args["type"] == 'strotime':
applications = applications.filter(
Application.strotime_slots.any()
)
return marshal(applications.all(), application_fields)
def post(self, soknad_id):
if soknad_id is not None:
soknad = SoknadRepo.find_by_id(soknad_id)
else:
return SakApi.create_error_response_for_iframe(body_status=400, body_error='Missing object id')
ensure(MANAGE, SoknadAction(soknad, SoknadStateMachine.t_last_opp_saksvedlegg))
validator = VedleggValidator(request.form).validate_post_fields()
if validator.has_errors():
return SakApi.create_error_response_for_iframe(body_status=400, body_error=validator.errors)
file = request.files.get('upload_file')
if file is None:
current_app.logger.warn('Missing required file: document')
return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Dokument er påkrevd.')
extension = os.path.splitext(file.filename)[1]
if file.mimetype not in VALID_MIME_TYPES or extension not in VALID_EXTENSIONS:
current_app.logger.warn('Invalid mimetype: %s', file.mimetype)
return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Ugyldig filtype.')
filnavn = uuid_with_ext(file.filename)
target_path = generate_dir_path(DOC_PATH, get_rel_saksvedlegg_path(soknad))
backend = get_backend(file, filename=filnavn, path=target_path)
backend.save()
saksvedlegg = Vedlegg()
user = get_user_from_auth()
saksvedlegg.filnavn = file.filename
saksvedlegg.file_ref = filnavn
saksvedlegg.beskrivelse = request.form.get('tittel')
saksvedlegg.user_id = user['id']
saksvedlegg.vedlagtdato = datetime.now()
soknad.saksvedlegg.append(saksvedlegg)
if soknad.saksbehandler_id:
# Arkivering
# ###########
organisation = get_organisation(soknad.organisation_id, request.cookies)
person = get_person(soknad.person_id, request.cookies)
try:
save_journalpost_for_saksvedlegg(soknad, organisation, person, saksvedlegg)
except InvalidArkivExtensionError as e:
return SakApi.create_error_response_for_iframe(body_status=400, body_error=e.message)
current_app.db_session.commit()
return Response(response=json.dumps(marshal(saksvedlegg, saksvedlegg_fields)), status=201,
content_type='text/html')
def post(self, soknad_id):
rapport = Rapport()
rapport.soknad_id = soknad_id
ensure(POST, rapport)
rapport = self.repo.create(rapport)
return marshal(rapport, rapport_fields), 201
def put(self, soknad_id):
data = request.get_json()
self.validate_put_fields(data)
soknad = self.get_by_id(soknad_id)
ensure(PUT, soknad)
self.repo.save(soknad, data)
return marshal(soknad, soknad_fields())
def user_detail(user_id):
teams = [t for t in Team.select() if can(auth.get_logged_in_user(),READ,t)]
user = get_object_or_404(User, User.id == user_id)
ensure(READ,user)
scores = Score.select().where(Score.user == user).order_by(Score.created_at.desc())
users = [u for u in User.select().where(User.team == user.team) if can(auth.get_logged_in_user(),READ,u)]
pq = PaginatedQuery(scores, 20)
last_date = datetime.now() - timedelta(days=5)
return render_template("index.html", active_user=user, teams=teams, users=users, pagination=pq, page=pq.get_page(), active_team = user.team, weeks = [w for w in Week.select().where(Week.end > last_date) if not has_score(w.score_set)])
def get(self, soknad_id=None):
if soknad_id:
soknad = self.get_by_id(soknad_id)
ensure(GET, soknad)
return marshal(soknad, soknad_fields())
else:
soknader = self.query_resource.query_soknader([])
return marshal(soknader, soknadliste_fields())
def post(self, resource_id = None):
data = request.get_json()
verify_request_contains_mandatory_fields(data, self.mandatory_fields)
# Resource id might also be part of the incoming json.
resource_uri = None
if not resource_id:
resource_uri = data["resource_uri"]
resource = self.get_resource_with_id_or_uri(resource_id, resource_uri)
start_date, end_date = self.parse_date_range_from_dict(data)
start_time = parse_time(data["start_time"])
end_time = parse_time(data["end_time"])
week_day = data["week_day"]
if data["note"]:
note = data["note"]
if not (len(note) <= 50):
abort(400, __error__=[u'Maks lengde for merknad er 50 tegn'])
else:
note= ""
self.validate_start_and_end_times(start_date, end_date, start_time, end_time)
# Check that the time has correct minute interval, only 30-minute intervals allowed
invalid_minutes = filter(lambda my_time: my_time.minute not in [0, 30], [start_time, end_time])
if invalid_minutes:
abort(400,
__error__=[u'Tidene må angis i hele halvtimer']
)
weekly_blocked_time = WeeklyBlockedTime(resource, week_day,
start_date, end_date, start_time, end_time, note)
ensure(POST, weekly_blocked_time)
if self.is_conflict_slot_time(resource, start_date, end_date, week_day, start_time, end_time) or \
self.is_conflict_rammetid(resource, start_date, end_date, week_day, start_time, end_time):
abort(
400,
__error__=[u'Tiden er ikke tilgjengelig for blokkering']
)
if self.is_conflict_blocked_time(resource, start_date, end_date, week_day, start_time, end_time):
abort(
400,
__error__=[u'Tiden er allerede blokkert']
)
current_app.db_session.add(weekly_blocked_time)
current_app.db_session.commit()
current_app.db_session.refresh(weekly_blocked_time)
return marshal(weekly_blocked_time, self.fields), 201
def homepage():
teams = [t for t in Team.select() if g.user.can(READ,t)]
if not teams:
abort(404)
current_team = get_object_or_404(Team, Team.id == int(
request.args.get('t'))) if request.args.has_key('t') else teams[0]
ensure(READ,current_team)
users = [u for u in User.select().where(User.team == current_team, User.active == True) if g.user.can(READ,u)]
return render_template("index.html", teams=teams, users=users, active_team=current_team)
def put(self, soknad_id=None, rapport_id=None):
data = request.get_json()
rapport = self.get_by_id(rapport_id)
if rapport.soknad_id != soknad_id:
abort(403)
ensure(PUT, rapport)
self.validate_put_fields(data)
rapport = self.repo.save(rapport, data)
return marshal(rapport, rapport_fields)
def execute(cls, soknad, action, data):
try:
ensure(MANAGE, SoknadAction(soknad, action))
current_app.logger.debug(
u"Håndterer action %s på soknad %s i status %s" % (action.name, soknad.id, soknad.status))
strategy = default_action_strategy
if action in cls.custom_strategies:
strategy = cls.custom_strategies[action]
return strategy(soknad, action, data)
except InvalidArkivExtensionError as e:
abort(400, __error__=[e.message])
def get(self, tilskuddsordning_id=None):
user = get_user_from_auth()
if tilskuddsordning_id:
tilskuddsordning = self.get_by_id(tilskuddsordning_id)
ensure(GET, tilskuddsordning)
marshalled = marshal(tilskuddsordning, tilskuddsordning_fields)
if is_administrator(user) or is_saksbehandler(user) or is_godkjenner(user):
marshalled["vedtatt_belop"] = self.get_vedtatt_belop(tilskuddsordning_id)
return marshalled
else:
if is_soker(user):
return marshal(self.repo.find_by_where("publisert", True), tilskuddsordning_fields)
else:
return marshal(self.repo.find_all(), tilskuddsordning_fields)
def save_score(user_id):
user = get_object_or_404(User, User.id == user_id)
week = Week.get(Week.id==int(request.form.get("week")))
ensure(EDIT,user)
Score.create(
user = user,
self_score = request.form.get("score"),
week_start = week.start,
week_end = week.end,
week = week,
self_memo = request.form.get("self_memo")
)
return redirect(url_for('user_detail',user_id=user_id))
def get(self, soknad_id=None, rapport_id=None):
if rapport_id:
rapport = self.get_by_id(rapport_id)
if rapport.soknad_id != soknad_id:
abort(403)
ensure(GET, rapport)
return marshal(rapport, rapport_fields)
else:
if soknad_id:
rapporter = self.repo.find_by_where("soknad_id", soknad_id)
return marshal(rapporter, rapport_fields)
abort(404)
def post(self):
rapport_id = request.form.get('rapport_id')
soknad_id = request.form.get('soknad_id')
if not (rapport_id is None):
soknad_or_rapport = RapportRepo.find_by_id(rapport_id)
soknad_id = soknad_or_rapport.soknad_id
elif not (soknad_id is None):
soknad_or_rapport = SoknadRepo.find_by_id(soknad_id)
else:
return SakApi.create_error_response_for_iframe(body_status=400, body_error='Missing object id')
ensure(PUT, soknad_or_rapport)
file = request.files.get('upload_file')
if file is None:
current_app.logger.warn('Missing required file: document')
return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Dokument er påkrevd.')
extension = os.path.splitext(file.filename)[1]
if file.mimetype not in VALID_MIME_TYPES or extension not in VALID_EXTENSIONS:
current_app.logger.warn('Invalid mimetype: %s', file.mimetype)
return SakApi.create_error_response_for_iframe(body_status=400, body_error=u'Ugyldig filtype.')
filnavn = uuid_with_ext(file.filename)
target_path = generate_dir_path(DOC_PATH, get_rel_vedlegg_path(soknad_id));
backend = get_backend(file, filename=filnavn, path=target_path)
backend.save()
vedlegg = Vedlegg()
user = get_user_from_auth()
vedlegg.filnavn = file.filename
vedlegg.file_ref = filnavn
vedlegg.user_id = user['id']
vedlegg.vedlagtdato = datetime.now()
soknad_or_rapport.vedlegg.append(vedlegg)
current_app.db_session.commit()
return Response(response=json.dumps(marshal(vedlegg, vedlegg_fields)),
status=201,
content_type='text/html')
def get(self, soknad_id, saksvedlegg_id):
soknad = SoknadRepo.find_by_id(soknad_id)
ensure(GET, soknad)
try:
saksvedlegg = VedleggRepo.find_by_id(saksvedlegg_id)
doc_path = "%s/%s" %(DOC_PATH, get_rel_saksvedlegg_path(soknad))
return send_from_directory(doc_path,
saksvedlegg.file_ref,
as_attachment=True,
attachment_filename=saksvedlegg.filnavn.encode("utf-8"))
except NotFound:
abort(400, __error__=['Vedlegg med id %d finnes ikke' % saksvedlegg_id])
def delete(self, application_id):
application = self.get_object_by_id(application_id)
if not application:
abort(404)
if application.type != "strotime":
abort(405)
ensure(DELETE, application)
for slot in application.strotime_slots:
current_app.db_session.delete(slot)
current_app.db_session.delete(application)
current_app.db_session.commit()
return "", 204
def post(self):
data = request.get_json()
user = get_user_from_auth()
self.validate_post_fields(data)
soknad = Soknad()
soknad.status = SoknadStateMachine.s_kladd.id
soknad.person_id = user["person_id"]
tilskuddsordning = TilskuddsordningRepo.find_by_id(int(data.get("tilskuddsordning_id")))
soknad.tilskuddsordning = tilskuddsordning
ensure(POST, soknad)
self.repo.save(soknad, data)
return marshal(soknad, soknad_fields()), 201
def get(self, soknad_id, action_id=None):
# hent søknad
soknad = SoknadRepo.find_by_id(soknad_id)
ensure(GET, soknad)
user = get_user_from_auth()
# filter transitions
actions = filter_actions(soknad, user)
if action_id:
if action_id in actions:
return marshal(actions[action_id], action_fields)
else:
abort(404, __error__=[u"Fant ingen action med id=%s" % action_id])
return marshal(actions.values(), action_fields)
def put(self, resource_id=None, resource_uri=None):
data = request.get_json()
mandatory_fields = ["auto_approval_allowed", "single_booking_allowed",
"repeating_booking_allowed"]
verify_request_contains_mandatory_fields(data, mandatory_fields)
resource = self.get_resource(resource_id, resource_uri)
ensure(PUT, resource)
# Update the allowed booking types..
resource.auto_approval_allowed = data["auto_approval_allowed"]
resource.single_booking_allowed = data["single_booking_allowed"]
resource.repeating_booking_allowed = data["repeating_booking_allowed"]
current_app.db_session.add(resource)
current_app.db_session.commit()
current_app.db_session.refresh(resource)
return resource
def delete(self, application_id):
application = self.get_object_by_id(application_id)
ensure(DELETE, application)
if is_idporten_user(get_user(request.cookies)):
if application.status == 'Denied':
abort(400, __error__=[u'Kan ikke slette avviste søknader'])
if application.status == 'Granted':
# check that no slot has started
slots = application.slots
for slot in slots:
start = slot.start_date if hasattr(slot, 'start_date') else slot.start_time.date()
if start <= datetime.date.today():
abort(400, __error__=[u'Kan ikke slette godkjente søknader når perioden er påbegynt'])
current_app.db_session.delete(application)
current_app.db_session.commit()
return "", 204
def _verify_permissions(self, userid, permissions):
user = Users.query.get(userid)
with self.app.app_context():
# can't figure out how to get into logged in app context, so just force a login here
login_user(user, force=True)
admin = user.usertypeforsystem.name == 'System Administrator'
for model_name, operations in permissions.items():
for operation, permission in operations.items():
expected = True
try:
ensure(operation, model_name)
except Unauthorized:
expected = False
expected = expected or admin
self.assertEqual(
permission['global'], expected,
"Expected permission " + operation + " on " +
model_name + " to be " + str(expected))
# undo the forced login earlier
logout_user()
def update_score(user_id,score_id):
with db.database.transaction():
score = get_object_or_404(Score, Score.id == score_id)
ensure(EDIT,score)
score.rater = auth.get_logged_in_user()
score.score = request.form.get("score")
score.memo = request.form.get("memo")
score.save()
ScoreHistory.create(
rater = auth.get_logged_in_user(),
score = score,
history = request.form.get("score")
)
Score.get_or_create(
user = g.user,
week = score.week,
week_start = score.week_start,
week_end = score.week_end
)
return redirect(url_for('user_detail',user_id=user_id))
def delete(self, **kwargs):
blocked_time = self.get_object_by_id(kwargs["id"])
ensure(DELETE, blocked_time)
current_app.db_session.delete(blocked_time)
current_app.db_session.commit()
return "", 204
def put(self, slot_id):
try:
slot = current_app.db_session.query(RepeatingSlot).filter(RepeatingSlot.id == slot_id).one()
except NoResultFound:
abort(404, __error__=[u"No slot found with id %d." % slot_id])
ensure(PUT, slot)
args = request.get_json()
if slot.application.status != 'Granted':
abort(400, __error__=[u'Kan ikke frigi tid når søknaden ikke er godkjent'])
if slot.end_date <= date.today():
abort(400, __error__=[u'Kan ikke frigi allerede brukt tid'])
repeating_slots = []
if "release_from_date" in args or "release_to_date" in args:
release_from_date = parse_date(args["release_from_date"])
release_to_date = parse_date(args["release_to_date"])
if release_from_date > release_to_date:
abort(400, __error__=[u'Startdato er etter sluttdato'])
if release_from_date <= date.today():
abort(400, __error__=[u'Kan kun frigi tid frem i tid'])
if release_from_date <= slot.start_date and release_to_date >= slot.end_date:
abort(400, __error__=[u'Du kan ikke frigi hele perioden'])
intervals = [{
"start": release_from_date - timedelta(days=1),
"end": release_to_date + timedelta(days=1)
}]
periods = self.split_range_by_intervals(slot.start_date, slot.end_date, intervals)
for period in periods:
repeating_slots.append(RepeatingSlot(slot.application, slot.week_day,
period['start'], period['end'],
slot.start_time, slot.end_time, ))
if "release_from_time" in args or "release_to_time" in args:
release_from_time = parse_time(args["release_from_time"])
release_to_time = parse_time(args["release_to_time"])
if release_from_time > release_to_time:
abort(400, __error__=[u'Starttidspunkt er etter slutttidspunkt'])
if release_from_time <= slot.start_time and release_to_time >= slot.end_time:
abort(400, __error__=[u'Du kan ikke frigi hele tidsperioden'])
split_slot = slot
if slot.start_date <= date.today():
intervals = [{
"start": date.today(),
"end": date.today()
}]
periods = self.split_range_by_intervals(slot.start_date, slot.end_date, intervals)
# add period for past
repeating_slots.append(RepeatingSlot(slot.application, slot.week_day,
periods[0]['start'], periods[0]['end'],
slot.start_time, slot.end_time))
# continue splitting the future
split_slot = RepeatingSlot(slot.application, slot.week_day,
periods[1]['start'], periods[1]['end'],
slot.start_time, slot.end_time)
intervals = [{
"start": release_from_time,
"end": release_to_time
}]
periods = self.split_range_by_intervals(split_slot.start_time, split_slot.end_time, intervals)
for period in periods:
repeating_slots.append(RepeatingSlot(split_slot.application, split_slot.week_day,
split_slot.start_date + timedelta(days=1), split_slot.end_date,
period['start'], period['end']))
# Remove old slot if new slots are generated
if len(repeating_slots) > 0:
current_app.db_session.delete(slot)
# Add new slot(s)
for repeating_slot in repeating_slots:
current_app.db_session.add(repeating_slot)
current_app.db_session.commit()
return repeating_slots, 200
def post(self):
data = request.get_json()
rammetid_to_application = RammetidToApplication(data.get('umbrella_organisation').get('uri'))
ensure(POST, rammetid_to_application)
resource = data.get("resource", None)
if not resource:
abort(403, __error__=[u'Ressurs er ikke angitt.'])
resource = get_resource_for_uri(resource['uri'])
if not resource:
abort(404, __error__=[u'Ressursen finnes ikke.'])
if not resource.repeating_booking_allowed:
abort(403, __error__=[u'Gjentakende lån ikke tillatt'])
user = get_user(request.cookies)
person_uri = '/persons/{}'.format(user['person_id'])
person = get_person_for_uri(person_uri)
if not person:
abort(404, __error__=[u'Personen finnes ikke.'])
# get umbrella member orgs from organisations backend
umbrella_member_organisations = get_umbrella_organisation_from_web(data.get('umbrella_organisation').get('uri')).get('organisations', [])
# get local umbrella organisation object
umbrella_organisation = get_umbrella_organisation_for_uri(data.get('umbrella_organisation').get('uri'))
text = "Rammetid fordeling"
applications = []
organisations = data.get('organisations', None)
for organisation in organisations:
organisation_data = organisations[organisation]
# have to be superuser if the organisation is not public and not copied to booking already
organisation = get_organisation_for_uri(organisation_data['uri'], cookies=make_superuser_auth_cookie())
if not organisation:
abort(404, __error__=[u'Organisasjonen finnes ikke.'])
if not any(org.get('uri') == organisation_data['uri'] for org in umbrella_member_organisations):
abort(403, __error__=[u'Organisasjonen hører ikke til paraplyorganisasjonen'])
application = Application(person, organisation, text, None, resource)
application.status = 'Granted'
slots = organisation_data["slots"]
for slot_data in slots:
slot = self.parse_slot(slot_data, application)
slot_request = self.parse_slot_request(slot_data)
start_date = slot.start_date
end_date = slot.end_date
week_day = slot.week_day
start_time = slot.start_time
end_time = slot.end_time
self.validate_start_and_end_times(start_date, end_date, start_time, end_time)
if not self.has_matching_rammetid(umbrella_organisation.id, start_date, end_date, week_day, start_time, end_time):
abort(400, __error__=[u'Ingen rammetid passer'])
if self.is_conflict_slot_time(resource, start_date, end_date, week_day, start_time, end_time):
abort(400, __error__=[u'Tiden du har søkt på er ikke tilgjengelig'])
if self.is_conflict_blocked_time(resource, start_date, end_date, week_day, start_time, end_time):
abort(400, __error__=[u'Tiden du har søkt på er blokkert'])
application.request_repeating_slot(slot_request)
application.add_repeating_slot(slot)
applications.append(application)
for application in applications:
current_app.db_session.add(application)
current_app.db_session.commit()
current_app.db_session.refresh(application)
return applications, 201
def slett_action_strategy(soknad, action, data):
ensure(DELETE, soknad)
SoknadRepo.delete(soknad)
def put(self, application_id):
data = request.get_json()
application = self.get_object_by_id(application_id)
ensure(PUT, application)
status = data.get("status", None)
resource_uri = data["resource"]["uri"]
application_message = data.get("message", "")
to_be_invoiced = data.get("to_be_invoiced", None)
invoice_amount = data.get("invoice_amount") or None
if invoice_amount is not None and type(invoice_amount) is not int \
and not invoice_amount.isdigit():
abort(400, __error__=[u'Fakturabeløp må være heltall'])
resource = get_resource_for_uri(resource_uri)
if not resource:
abort(404)
resource_details = get_resource_from_web(application.resource.uri)
if not resource_details:
abort(404)
settings = SettingsResource().get()
user = get_user(request.cookies)
# Check that the resource allows the type of application
if application.get_type() == "single" and not resource.single_booking_allowed:
abort(403, __error__=[u'Det er ikke mulig å behandle en søknad om engangslån fordi type utlån er deaktivert for lokalet'])
if application.get_type() == "repeating" and (not resource.repeating_booking_allowed or \
(resource.repeating_booking_allowed and not settings["repeating_booking_allowed"] and not has_role(user,
'flod_saksbehandlere'))):
abort(403, __error__=[u'Det er ikke mulig å behandle en søknad om fast lån fordi type utlån er deaktivert for lokalet'])
# The application might have been moved to a different resource.
application.resource = resource
if status == "Pending":
application.amenities = application.requested_amenities
application.accessibility = application.requested_accessibility
application.equipment = application.requested_equipment
application.suitability = application.requested_suitability
application.facilitators = application.requested_facilitators
else:
application.amenities = data.get('amenities')
application.accessibility = data.get('accessibility')
application.equipment = data.get('equipment')
application.suitability = data.get('suitability')
application.facilitators = data.get('facilitators')
slot_data = data.get("slots", None)
if status == "Granted" and not slot_data:
abort(403, __error__=[u'Tildelt tid mangler'])
if application.get_type() == "single":
slots = [parse_single_slot(slot, application) for slot in slot_data]
application.single_slots = slots
elif application.get_type() == "repeating":
slots = [parse_repeating_slot(slot, application) for slot in slot_data]
application.repeating_slots = slots
# Check if there are any conflicts
for slot in slots:
if application.get_type() == "single":
start_date = slot.start_time.date()
end_date = slot.end_time.date()
week_day = slot.start_time.isoweekday()
start_time = slot.start_time.time()
end_time = slot.end_time.time()
elif application.get_type() == "repeating":
start_date = slot.start_date
end_date = slot.end_date
week_day = slot.week_day
start_time = slot.start_time
end_time = slot.end_time
if application.get_type() == "single":
self.validate_end_date_of_slot(settings["single_booking_enddate"], end_date.isoformat(), u'engangslån')
elif application.get_type() == "repeating":
self.validate_end_date_of_slot(settings["repeating_booking_enddate"], end_date.isoformat(), u'fast lån')
self.validate_start_and_end_times(start_date, end_date, start_time, end_time)
if application.is_arrangement or status == "Denied":
# NOTE: Arrangements trumph all other applications. If we reject an application, we dont nede to
# check if the time is available...
pass
else:
if self.is_conflict_slot_time(resource, start_date, end_date, week_day, start_time, end_time) or \
self.is_conflict_rammetid(resource, start_date, end_date, week_day, start_time, end_time):
abort(
400,
__error__=[u'Tiden du har søkt på er ikke tilgjengelig']
)
if status != "Denied":
if self.is_conflict_blocked_time(resource, start_date, end_date, week_day, start_time, end_time):
abort(
400,
__error__=[u'Tiden du har søkt på er blokkert']
)
if status == "Granted" or status == "Denied" or (status == "Pending" and len(slots) == 0):
application.status = status
else:
application.status = "Processing"
application.message = application_message
application.invoice_amount = invoice_amount
application.to_be_invoiced = to_be_invoiced
application.comment = data.get('comment')
current_app.db_session.add(application)
current_app.db_session.commit()
current_app.db_session.refresh(application)
document = ''
if status == "Granted" or status == "Denied":
document = send_email_application_processed(application)
# Create erv code
if invoice_amount is not None and status == "Granted":
invoice_amount = int(invoice_amount)
org_number = None
if application.organisation is not None:
organisation = get_organisation_from_web(
application.organisation.uri)
org_number = organisation.get('org_number', None)
if org_number is None:
person = get_person_from_web(application.person.uri)
erv_code = erv_person(application, invoice_amount,
person['national_identity_number'])
else:
erv_code = erv_organisation(application, invoice_amount,
org_number)
print 'erv: "{}"'.format(erv_code)
# Skip sending mail for now
# send_erv_code_mail("{},".format(erv_code))
application_dict = {}
if application.get_type() == "single":
application_dict = marshal(application, single_application_fields)
elif application.get_type() == "repeating":
# Authentication is not implemented for all resources yet, so we
# skip creating sak/journalpost if no auth_token exists
if status == 'Granted' and 'auth_token' in request.cookies:
arkiver(application, document)
application_dict = marshal(application, repeating_application_fields)
# Include emails in response, if requested
if data.get("include_emails", False):
_, granted_message = render_email_template(application, "Granted")
_, denied_message = render_email_template(application, "Denied")
application_dict['emails'] = dict(
granted_message=granted_message,
denied_message=denied_message
)
return application_dict
def post(self, resource_id = None):
data = request.get_json()
# Resource id might also be part of the incoming json.
resource_uri = None
if not resource_id:
resource_uri = data["resource_uri"]
resource = self.get_resource_with_id_or_uri(resource_id, resource_uri)
start_time = parse_datetime(data["start_time"])
end_time = parse_datetime(data["end_time"])
if data["note"]:
note = data["note"]
if not (len(note) <= 50):
abort(400, __error__=[u'Maks lengde for merknad er 50 tegn'])
else:
note= ""
# Check that the time has correct minute interval, only 30-minute intervals allowed
invalid_minutes = filter(lambda my_time: my_time.minute not in [0, 30], [start_time, end_time])
if invalid_minutes:
abort(400,
__error__=[u'Tidene må angis i hele halvtimer']
)
blocked_time_interval = BlockedTimeInterval(resource, start_time, end_time, note)
ensure(POST, blocked_time_interval)
start_date = start_time.date()
end_date = end_time.date()
start_time = start_time.time()
end_time = end_time.time()
self.validate_start_and_end_times(start_date, end_date, start_time, end_time)
# Find out which ISO week days this blocking covers
week_days = []
d = start_date
delta = datetime.timedelta(days=1)
while d <= end_date:
week_days.append(d.isoweekday())
d += delta
for week_day in week_days:
#if self.is_conflict_slot_time(resource, start_date, end_date, week_day, start_time, end_time) or \
# self.is_conflict_rammetid(resource, start_date, end_date, week_day, start_time, end_time):
# abort(
# 400,
# __error__=[u'Tiden er ikke tilgjengelig for blokkering']
# )
if self.is_conflict_blocked_time(resource, start_date, end_date, week_day, start_time, end_time):
abort(
400,
__error__=[u'Tiden er allerede blokkert']
)
current_app.db_session.add(blocked_time_interval)
current_app.db_session.commit()
current_app.db_session.refresh(blocked_time_interval)
return marshal(blocked_time_interval, self.fields), 201
