def add_users_to_groups(data, db_session, username):
logger.info(LogMsg.START, username)
if username not in ADMINISTRATORS:
logger.error(LogMsg.NOT_ACCESSED, {'username': username})
raise Http_error(403, Message.ACCESS_DENIED)
users = set(data.get('users'))
groups = set(data.get('groups'))
validate_users(users, db_session)
validate_groups(groups, db_session)
final_res = {}
for group_id in groups:
result = []
for user_id in users:
if user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_IS_IN_GROUP,
{'user_id': user_id, 'group_id': group_id})
raise Http_error(409, Message.ALREADY_EXISTS)
result.append(
model_to_dict(add(user_id, group_id, db_session, username)))
final_res.update({group_id: result})
logger.info(LogMsg.END)
return final_res
def delete_group_permissions(data, db_session, username):
logger.info(LogMsg.START, username)
schema_validate(data, A_GROUP_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
group_id = data.get('group_id')
permissions = data.get('permissions')
group = get_group(group_id, db_session, username)
if group is None:
logger.error(LogMsg.NOT_FOUND, {'group_id': group_id})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.PERMISSION_CHECK, username)
validate_permissions_and_access(username,
db_session,
'GROUP_PERMISSION_DELETE',
model=group,
access_level=Access_level.Premium)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
result = []
for permission_id in permissions:
if not group_has_permission(permission_id, group_id, db_session):
logger.error(LogMsg.PERMISSION_NOT_HAS_GROUP, {
'permission_id': permission_id,
'group_id': group_id
})
raise Http_error(404, Message.PERMISSION_NOT_FOUND)
delete_permission_for_group(permission_id, group_id, db_session,
username)
logger.info(LogMsg.END)
return result
def delete(id, db_session, username=None):
logger.info(LogMsg.START)
order_item = get(id, db_session)
if order_item is None:
logger.error(LogMsg.NOT_FOUND, {'order_item_id': id})
raise Http_error(404, Message.NOT_FOUND)
order = get_order(order_item.order_id, db_session)
if order is None:
logger.error(LogMsg.NOT_FOUND, {'order_id': order_item.order_id})
raise Http_error(404, Message.NOT_FOUND)
if username is not None:
logger.debug(LogMsg.PERMISSION_CHECK, username)
validate_permissions_and_access(username, db_session,
'ORDER_ITEM_GET', model=order_item,
access_level=Access_level.Premium)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
try:
db_session.delete(order_item)
logger.debug(LogMsg.ORDER_ITEM_DELETED, id)
new_order = calc_total_price_order(order.id, db_session)
logger.debug(LogMsg.ORDER_CALC_PRICE,
order_to_dict(new_order, db_session, username))
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(404, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
logger.info(LogMsg.DELETE_REQUEST, {'group_id': id})
user = check_user(username, db_session)
per_data = {}
permissions, presses = get_user_permissions(username, db_session)
if is_admin_member(user.person_id, id, db_session):
per_data.update({Permissions.IS_OWNER.value: True})
has_permission([Permissions.DISCUSSION_GROUP_PREMIUM], permissions, None,
per_data)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
model_instance = db_session.query(DiscussionGroup).filter(
DiscussionGroup.id == id).first()
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, {'group_id': id})
raise Http_error(404, Message.NOT_FOUND)
try:
delete_group_members(model_instance.id, db_session, username)
logger.debug(LogMsg.DISCUSSION_GROUP_OLD_MEMBERS_DELETED)
db_session.delete(model_instance)
logger.debug(LogMsg.DISCUSSION_GROUP_DELETE, id)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(500, LogMsg.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def delete(tag_title, db_session, username):
logging.info(
Msg.START + 'user is {} '.format(username) + 'tag_title= {}'.format(
tag_title))
if username != admin:
logging.error(Msg.NOT_ACCESSED)
raise Http_error(401, {'username': Msg.NOT_ACCESSED})
logging.debug(Msg.DELETE_REQUEST + 'tag_title= {}'.format(tag_title))
logging.debug(Msg.MODEL_GETTING)
model_instance = db_session.query(Tag).filter(
Tag.title == tag_title).first()
if model_instance is None:
logging.error(
Msg.NOT_FOUND + ' tag by id = {}'.format(tag_title))
raise Http_error(404, {tag_title: Msg.INVALID_TAG})
db_session.query(Tag).filter(Tag.title == tag_title).delete()
logging.debug(Msg.DELETE_SUCCESS)
logging.info(Msg.END)
return {}
def get(id, db_session, username=None):
logger.info(LogMsg.START, username)
model_instance = db_session.query(GroupUser).filter(
GroupUser.id == id).first()
if model_instance is None:
logger.debug(LogMsg.MODEL_GETTING_FAILED)
raise Http_error(404, Message.NOT_FOUND)
if username is not None:
permissions, presses = get_user_permissions(username, db_session)
user = check_user(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_GET_PRESS], permissions)
if not (press_permit and (user_is_in_group(
user.id, model_instance.group_id, db_session))):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_GET': username})
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.MODEL_GETTING)
logger.info(LogMsg.END)
return group_user_to_dict(model_instance)
def delete(id, db_session, username, **kwargs):
logger.info(LogMsg.START)
permission_data = {}
logger.debug(LogMsg.RATE_CHECK)
model_instance = db_session.query(Rate).filter(Rate.id == id).first()
if model_instance:
logger.debug(LogMsg.RATE_EXISTS,model_to_dict(model_instance))
else:
logger.debug(LogMsg.RATE_NOT_EXISTS,{'rate_id':id})
raise Http_error(404, Message.NOT_FOUND)
user = check_user(username, db_session)
if user is None:
raise Http_error(400, Message.INVALID_USER)
if user.person_id is None:
logger.error(LogMsg.USER_HAS_NO_PERSON)
raise Http_error(400, Message.Invalid_persons)
if model_instance.person_id == user.person_id:
permission_data = {Permissions.IS_OWNER.value:True}
permissions,presses = get_user_permissions(username, db_session)
has_permission([Permissions.RATE_DELETE_PREMIUM], permissions,None,permission_data)
try:
db_session.query(Rate).filter(Rate.id == id).delete()
logger.debug(LogMsg.RATE_DELETED,{'rate_id':id})
except:
logger.exception(LogMsg.DELETE_FAILED,exc_info=True)
raise Http_error(404, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return {}
def add(self,
db_session,
data,
username,
schema_checked=False,
permission_checked=False):
logger.info(LogMsg.START, username)
if username is not None and username == SIGNUP_USER:
permission_checked = True
cell_no = data.get('cell_no')
query_data = dict(filter=dict(cell_no=cell_no))
if cell_no:
user_by_cell = super(PersonController,
self).get_by_data(query_data, db_session)
if user_by_cell is not None:
logger.error(LogMsg.ALREADY_EXISTS, {'cell_no': cell_no})
raise Http_error(409, Message.ALREADY_EXISTS)
email = data.get('email')
if email:
query_data = dict(filter=dict(email=email))
user_by_email = super(PersonController,
self).get_by_data(query_data, db_session)
if user_by_email is not None:
raise Http_error(409, Message.ALREADY_EXISTS)
model_instance = super(PersonController,
self).add(data, db_session, username,
schema_checked, permission_checked)
account_controller.add_initial_account(model_instance.id, db_session,
username)
logger.info(LogMsg.END)
return model_instance.to_dict()
def get_all(db_session, username):
logger.info(LogMsg.START, username)
logger.debug(LogMsg.PERMISSION_CHECK, username)
permission_result = validate_permissions_and_access(
username, db_session, 'PERMISSION_GET')
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
access_type = permission_result.get('access_type')
if access_type == 'Normal':
logger.error(LogMsg.PERMISSION_DENIED,
'{} is a normal_user'.format(username))
raise Http_error(403, Message.ACCESS_DENIED)
try:
result = db_session.query(Permission).all()
logger.debug(LogMsg.GET_SUCCESS)
except:
logger.error(LogMsg.GET_FAILED)
raise Http_error(500, LogMsg.GET_FAILED)
final_res = []
if access_type == 'Press':
for model in result:
if not 'PREMIUM' in model.permission:
final_res.append(model)
return final_res
logger.debug(LogMsg.END)
return result
def get_by_id(id, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
if user.person_id is None:
logger.error(LogMsg.PERSON_NOT_EXISTS, username)
raise Http_error(404, Message.Invalid_persons)
validate_person(user.person_id, db_session)
logger.debug(LogMsg.PERSON_EXISTS, username)
try:
logger.debug(LogMsg.GETTING_ACCOUNT_BY_ID, id)
result = db_session.query(Account).filter(
and_(Account.person_id == user.person_id, Account.id == id)).first()
if result is None:
logger.debug(LogMsg.ACCOUNT_BY_ID_IS_NOT_FOR_PERSON,
{'account_id': id, 'person_id': user.person_id})
except:
logger.error(LogMsg.GET_FAILED, exc_info=True)
raise Http_error(404, Message.NOT_FOUND)
logger.info(LogMsg.END)
return account_to_dict(result)
def get_follower_list(data, username, db_session):
logger.info(LogMsg.START, username)
result = []
user = check_user(username, db_session)
if user is None:
raise Http_error(400, Message.INVALID_USER)
if user.person_id is None:
logger.error(LogMsg.USER_HAS_NO_PERSON, username)
raise Http_error(400, Message.Invalid_persons)
validate_person(user.person_id, db_session)
logger.debug(LogMsg.PERSON_EXISTS)
if data.get('sort') is None:
data['sort'] = ['creation_date-']
if data.get('filter') is None:
data.update({'filter': {'following_id': user.person_id}})
else:
data['filter'].update({'following_id': user.person_id})
res = Follow.mongoquery(db_session.query(Follow)).query(**data).end().all()
for item in res:
result.append(follow_to_dict(item))
logger.debug(LogMsg.FOLLOWER_LIST, result)
logger.info(LogMsg.END)
return result
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
logger.debug(LogMsg.PERMISSION_CHECK, username)
validate_permissions_and_access(username, db_session, 'ACCOUNT_DELETE',
access_level=Access_level.Premium)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
user = check_user(username, db_session)
if user is None:
logger.error(LogMsg.INVALID_USER, username)
raise Http_error(404, Message.INVALID_USER)
if user.person_id is None:
logger.error(LogMsg.PERSON_NOT_EXISTS, username)
raise Http_error(404, Message.Invalid_persons)
validate_person(user.person_id, db_session)
logger.debug(LogMsg.PERSON_EXISTS, username)
try:
logger.debug(LogMsg.DELETE_ACCOUNT_BY_ID, id)
db_session.query(Account).filter(
and_(Account.person_id == user.person_id, Account.id == id)
).delete()
except:
logger.error(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(404, Message.NOT_FOUND)
logger.info(LogMsg.END)
return Http_response(204, True)
def delete_all(username, db_session):
logger.info(LogMsg.START, username)
validate_permissions_and_access(username, db_session, 'ACCOUNT_DELETE',
access_level=Access_level.Premium)
user = check_user(username, db_session)
if user.person_id is None:
logger.error(LogMsg.PERSON_NOT_EXISTS, username)
raise Http_error(404, Message.Invalid_persons)
validate_person(user.person_id, db_session)
logger.debug(LogMsg.PERSON_EXISTS, username)
try:
logger.debug(LogMsg.DELETE_USER_ALL_ACCOUNTS, username)
db_session.query(Account).filter(
Account.person_id == user.person_id).delete()
except:
logger.error(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(404, Message.NOT_FOUND)
logger.info(LogMsg.END)
return Http_response(204, True)
def add_group_users(data, db_session, username):
logger.info(LogMsg.START, username)
if username not in ADMINISTRATORS:
logger.error(LogMsg.NOT_ACCESSED, {'username': username})
raise Http_error(403, Message.ACCESS_DENIED)
group_id = data.get('group_id')
users = data.get('users')
validate_group(group_id, db_session)
result = []
for user_id in users:
if user_is_in_group(user_id, group_id, db_session):
logger.error(LogMsg.GROUP_USER_IS_IN_GROUP,
{'user_id': user_id, 'group_id': group_id})
raise Http_error(409, Message.ALREADY_EXISTS)
result.append(add(user_id, group_id, db_session, username))
final_res = []
for item in result:
final_res.append(group_user_to_dict(item))
logger.info(LogMsg.END)
return final_res
def delete_collection(data, db_session, username):
title = data.get('title')
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
if user is None:
raise Http_error(400, Message.INVALID_USER)
if user.person_id is None:
logger.error(LogMsg.USER_HAS_NO_PERSON, username)
raise Http_error(400, Message.Invalid_persons)
validate_person(user.person_id, db_session)
logger.debug(LogMsg.PERSON_EXISTS)
try:
if not collection_exists(title, user.person_id, db_session):
logger.error(LogMsg.NOT_FOUND, {
'collection_title': title,
'person_id': user.person_id
})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.COLLECTION_DELETE, title)
result = delete_collection_constraints(title, user.person_id,
db_session)
stmt = Collection.__table__.delete().where(Collection.id.in_(result))
db_session.execute(stmt)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(502, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def get(id, db_session, username=None):
logger.info(LogMsg.START, username)
limited_permissions = False
logger.debug(LogMsg.PERMISSION_CHECK, username)
permission_result = validate_permissions_and_access(
username, db_session, 'PERMISSION_GET')
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
access_type = permission_result.get('access_type')
if access_type == 'Normal':
logger.error(LogMsg.PERMISSION_DENIED,
'{} is a normal_user'.format(username))
raise Http_error(403, Message.ACCESS_DENIED)
logger.debug(LogMsg.MODEL_GETTING)
model_instance = db_session.query(Permission).filter(
Permission.id == id).first()
if model_instance:
logger.debug(LogMsg.GET_SUCCESS, model_to_dict(model_instance))
else:
logger.debug(LogMsg.MODEL_GETTING_FAILED)
raise Http_error(404, Message.NOT_FOUND)
if access_type == 'Press':
if 'PREMIUM' in model_instance.permission:
logger.error(LogMsg.PERMISSION_DENIED,
{'premium_permission_id': id})
raise Http_error(403, Message.ACCESS_DENIED)
logger.info(LogMsg.END)
return model_instance
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
logger.info(LogMsg.DELETE_REQUEST, id)
logger.debug(LogMsg.MODEL_GETTING, id)
model_instance = db_session.query(BookRole).filter(
BookRole.id == id).first()
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, id)
raise Http_error(404, Message.NOT_FOUND)
try:
db_session.delete(model_instance)
unique_connector = get_connector(id, db_session)
if unique_connector:
logger.debug(LogMsg.DELETE_UNIQUE_CONSTRAINT)
delete_uniquecode(unique_connector.UniqueCode, db_session)
delete_connector(id, db_session)
logger.debug(LogMsg.ENTITY_DELETED, id)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(500, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def edit(id, db_session, data, username):
logger.info(LogMsg.START, username)
logger.debug(LogMsg.PERMISSION_CHECK, username)
validate_permissions_and_access(username,
db_session,
'PERMISSION_EDIT',
access_level=Access_level.Premium)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
logger.debug(LogMsg.EDIT_REQUST, {'permission_id': id, 'data': data})
schema_validate(data, PERMISSION_EDIT_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
model_instance = db_session.query(Permission).filter(
Permission.id == id).first()
if model_instance:
logger.debug(LogMsg.MODEL_GETTING)
else:
logger.debug(LogMsg.MODEL_GETTING_FAILED, {'permission_id': id})
raise Http_error(404, Message.NOT_FOUND)
try:
for key, value in data.items():
setattr(model_instance, key, value)
edit_basic_data(model_instance, username, data.get('tags'))
logger.debug(LogMsg.MODEL_ALTERED, model_to_dict(model_instance))
except:
logger.exception(LogMsg.EDIT_FAILED, exc_info=True)
raise Http_error(409, Message.ALREADY_EXISTS)
logger.info(LogMsg.END)
return model_instance
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
logger.info(LogMsg.DELETE_REQUEST, {'group_user_id': id})
model_instance = db_session.query(GroupUser).filter(
GroupUser.id == id).first()
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, {'group_user_id': id})
raise Http_error(404, Message.NOT_FOUND)
permissions, presses = get_user_permissions(username, db_session)
permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PREMIUM], permissions)
if not permit:
press_permit = has_permission_or_not(
[Permissions.PERMISSION_GROUP_USER_DELETE_PRESS], permissions)
if not (press_permit and
(model_instance.group.person_id == user.person_id)):
logger.error(LogMsg.PERMISSION_DENIED,
{'PERMISSION_GROUP_USER_DELETE': username})
raise Http_error(403, Message.ACCESS_DENIED)
try:
db_session.delete(model_instance)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(500, LogMsg.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def edit(direct_id, db_session, data, username):
logging.info(Msg.START + " user is {}".format(username))
if "id" in data.keys():
del data["id"]
logging.debug(Msg.EDIT_REQUST)
model_instance = get(direct_id, db_session, username)
if model_instance:
logging.debug(Msg.MODEL_GETTING)
else:
logging.debug(Msg.MODEL_GETTING_FAILED)
raise Http_error(404, {'message': Msg.NOT_FOUND})
if model_instance.sender != username:
logging.error(Msg.ALTERING_AUTHORITY_FAILED)
raise Http_error(403, {'sender': Msg.ALTERING_AUTHORITY_FAILED})
model_instance.modification_date = Now()
model_instance.modifier = username
model_instance.message = data.get('message')
logging.debug(Msg.MODEL_ALTERED)
logging.debug(Msg.EDIT_SUCCESS + json.dumps(model_to_dict(model_instance)))
logging.info(Msg.END)
return model_instance
def edit(id, data, db_session, username):
logger.info(LogMsg.START)
permission_data = {}
user = check_user(username, db_session)
if user is None:
raise Http_error(400, Message.INVALID_USER)
if user.person_id is None:
logger.error(LogMsg.USER_HAS_NO_PERSON,username)
raise Http_error(400, Message.Invalid_persons)
logger.debug(LogMsg.RATE_CHECK,{'rate_id':id})
model_instance = db_session.query(Rate).filter(Rate.id == id).first()
if model_instance:
logger.debug(LogMsg.RATE_EXISTS,model_to_dict(model_instance))
else:
logger.error(LogMsg.RATE_NOT_EXISTS,{'rate_id':id})
raise Http_error(404, Message.NOT_FOUND)
if model_instance.person_id == user.person_id:
permission_data = {Permissions.IS_OWNER.value:True}
permissions,presses = get_user_permissions(username, db_session)
has_permission([Permissions.RATE_EDIT_PREMIUM], permissions,None,permission_data)
model_instance.rate = data.get('rate')
edit_basic_data(model_instance,username,data.get('tags'))
logger.debug(LogMsg.RATE_CHANGED,model_to_dict(model_instance))
logger.info(LogMsg.END)
return model_instance
def pay(self, id, db_session, username=None):
logger.info(LogMsg.START, username)
receipt = self.internal_get(id, db_session, username)
if receipt is None:
raise Http_error(404, Message.NOT_FOUND)
if receipt.status == 'Paid':
raise Http_error(409, Message.ALREADY_PAID)
if username is None:
# paypal pay
pass
else:
user = check_user(username, db_session)
receipt.payer_id = user.person_id
account = account_controller.get(user.person_id, 'Main',
db_session)
if account is None:
logger.error(LogMsg.NOT_FOUND, {'person_id': user.person_id})
raise Http_error(404, Message.USER_HAS_NO_ACCOUNT)
if account.value < receipt.total_payment:
# paypal pay
pass
else:
account.value -= receipt.total_payment
transaction_data = {
'account_id': account.id,
'debit': receipt.total_payment
}
transaction.internal_add(transaction_data, db_session)
receipt.status = 'Paid'
return receipt.to_dict()
def add(data, username, db_session):
if username != admin:
logging.error(Msg.NOT_ACCESSED)
raise Http_error(401, {'username': Msg.NOT_ACCESSED})
logging.info(Msg.START)
title = data.get('title')
if title is None:
logging.error(Msg.DATA_MISSING + ' title')
raise Http_error(400, {'title': Msg.DATA_MISSING})
tag = db_session.query(Tag).filter(
Tag.title == title).first()
if tag:
logging.error(Msg.NOT_UNIQUE + ' title already exists')
raise Http_error(409, {'title': Msg.NOT_UNIQUE})
model_instance = Tag()
model_instance.title = title
model_instance.id = str(uuid4())
model_instance.creation_date = Now()
model_instance.creator = username
logging.debug(Msg.DATA_ADDITION + " || Data :" + json.dumps(data))
db_session.add(model_instance)
logging.debug(Msg.DB_ADD)
logging.info(Msg.END)
return model_instance
def delete(id, db_session, username=None):
logger.info(LogMsg.START, username)
order = internal_get(id, db_session)
if order is None:
logger.error(LogMsg.NOT_FOUND, {'order_id': id})
raise Http_error(404, Message.NOT_FOUND)
permissions, presses = get_user_permissions(username, db_session)
per_data = {}
if order.creator == username:
per_data.update({Permissions.IS_OWNER.value:True})
has_permission(
[Permissions.ORDER_DELETE_PREMIUM], permissions,None,per_data)
logger.debug(LogMsg.PERMISSION_VERIFIED)
if order.status == OrderStatus.Invoiced:
logger.error(LogMsg.ORDER_NOT_EDITABLE,
order_to_dict(order, db_session, username))
raise Http_error(403, Message.ORDER_INVOICED)
try:
logger.debug(LogMsg.ORDER_ITEMS_DELETE, {'order_id': id})
delete_orders_items_internal(order.id, db_session)
logger.debug(LogMsg.ORDER_DELETE, {'order_id': id})
db_session.delete(order)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(404, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def add(permission_id, group_id, db_session, username):
logger.info(LogMsg.START, username)
user = check_user(username, db_session)
group = get_group(group_id, db_session, username=None)
permission = get_permission(permission_id, db_session)
if user.person_id != group.person_id:
logger.error(LogMsg.PERMISSION_DENIED,
{'add_permission_to_group_be user': username})
raise Http_error(403, Message.ACCESS_DENIED)
if group_has_permission(permission_id, group_id, db_session):
logger.error(LogMsg.PERMISSION_GROUP_ALREADY_HAS)
raise Http_error(409, Message.ALREADY_EXISTS)
permissions, presses = get_user_permissions(username, db_session)
if permission.permission not in permissions:
logger.error(LogMsg.PREMIUM_PERMISSION_ADDITION_RESTRICTION, username)
raise Http_error(403, Message.ACCESS_DENIED)
model_instance = GroupPermission()
populate_basic_data(model_instance, username)
logger.debug(LogMsg.POPULATING_BASIC_DATA)
model_instance.group_id = group_id
model_instance.permission_id = permission_id
db_session.add(model_instance)
logger.info(LogMsg.END)
return model_instance
def get_user_orders(data, db_session, username=None):
logger.info(LogMsg.START, username)
if data.get('sort') is None:
data['sort'] = ['creation_date-']
user = check_user(username, db_session)
if user is None:
raise Http_error(400, Message.INVALID_USER)
if user.person_id is None:
logger.error(LogMsg.USER_HAS_NO_PERSON, username)
raise Http_error(400, Message.Invalid_persons)
if data.get('filter') is None:
data.update({'filter':{'person_id':user.person_id}})
else:
data['filter'].update({'person_id':user.person_id})
result = Order.mongoquery(
db_session.query(Order)).query(
**data).end().all()
res = []
for item in result:
res.append(order_to_dict(item, db_session, username))
logger.debug(LogMsg.ORDER_USER_ORDERS, res)
logger.info(LogMsg.END)
return res
def delete(id, db_session, username):
logger.info(LogMsg.START, username)
logger.info(LogMsg.DELETE_REQUEST, {'group_permission_id': id})
model_instance = db_session.query(GroupPermission).filter(
GroupPermission.id == id).first()
if model_instance is None:
logger.error(LogMsg.NOT_FOUND, {'group_permission_id': id})
raise Http_error(404, Message.NOT_FOUND)
group = get_group(model_instance.group_id, db_session, username=None)
logger.debug(LogMsg.PERMISSION_CHECK, username)
validate_permissions_and_access(username,
db_session,
'GROUP_PERMISSION_DELETE',
model=group,
access_level=Access_level.Premium)
logger.debug(LogMsg.PERMISSION_VERIFIED, username)
try:
db_session.delete(model_instance)
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(500, LogMsg.DELETE_FAILED)
logger.info(LogMsg.END)
return Http_response(204, True)
def delete(id, db_session, username, **kwargs):
logger.info(LogMsg.START)
logger.debug(LogMsg.RATE_CHECK)
model_instance = db_session.query(Rate).filter(Rate.id == id).first()
if model_instance:
logger.debug(LogMsg.RATE_EXISTS, model_to_dict(model_instance))
else:
logger.debug(LogMsg.RATE_NOT_EXISTS, {'rate_id': id})
raise Http_error(404, Message.NOT_FOUND)
logger.debug(LogMsg.PERMISSION_CHECK, username)
validate_permissions_and_access(username,
db_session,
'RATE_DELETE',
model=model_instance)
logger.debug(LogMsg.PERMISSION_VERIFIED)
try:
db_session.delete(model_instance)
logger.debug(LogMsg.RATE_DELETED, {'rate_id': id})
except:
logger.exception(LogMsg.DELETE_FAILED, exc_info=True)
raise Http_error(404, Message.DELETE_FAILED)
logger.info(LogMsg.END)
return {}
def add(data, db_session, username):
logger.info(LogMsg.START, username)
schema_validate(data,ITEM_ADD_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
book_id = data.get('book_id')
person_id = data.get('person_id')
if person_id is None:
logger.error(LogMsg.DATA_MISSING, 'person_id')
if is_book_in_library(person_id, book_id, db_session):
logger.error(LogMsg.ALREADY_IS_IN_LIBRARY, {'book_id': book_id})
raise Http_error(409, Message.ALREADY_EXISTS)
book = get_book(book_id, db_session)
if book is None:
logger.error(LogMsg.NOT_FOUND, {'book_id': book_id})
raise Http_error(404, Message.NOT_FOUND)
if book.type.name in ONLINE_BOOK_TYPES :
if data.get('count') > 1:
logger.error(LogMsg.BOOK_ONLINE_TYPE_COUNT_LIMITATION)
raise Http_error(400, Message.ONLINE_BOOK_COUNT_LIMITATION)
content_id = book_has_content(book_id,'Original',db_session)
if not content_id:
logger.error(LogMsg.CONTENT_NOT_FOUND,{'book_id':book_id})
raise Http_error(404,Message.BOOK_HAS_NO_CONTENT)
if not is_generated(content_id):
logger.error(LogMsg.CONTENT_NOT_GENERATED, {'content_id': content_id})
raise Http_error(404, Message.BOOK_NOT_GENERATED)
model_instance = OrderItem()
populate_basic_data(model_instance, username)
logger.debug(LogMsg.POPULATING_BASIC_DATA)
model_instance.order_id = data.get('order_id')
model_instance.book_id = book_id
model_instance.count = data.get('count')
# TODO discount not imposed yet
model_instance.discount = data.get('discount', 0.0)
model_instance.description = data.get('description')
model_instance.price_detail = data.get('price_detail')
model_instance.unit_price = get_book_price_internal(model_instance.book_id,
db_session)
logger.debug(LogMsg.ORDER_ITEM_UNIT_PRICE, model_instance.unit_price)
model_instance.net_price = calc_net_price(model_instance.unit_price,
model_instance.count,
model_instance.discount)
logger.debug(LogMsg.ORDER_ITEM_NET_PRICE, model_instance.net_price)
db_session.add(model_instance)
logger.info(LogMsg.END)
return model_instance
def reset_pass(data, db_session):
logger.info(LogMsg.START, data)
schema_validate(data, RESET_PASS_SCHEMA_PATH)
logger.debug(LogMsg.SCHEMA_CHECKED)
cell_no = data.get('cell_no')
redis_key = 'PASS_{}'.format(cell_no)
code = redis.get(redis_key)
if code is None:
logger.error(LogMsg.REGISTER_KEY_DOESNT_EXIST)
raise Http_error(404, Message.INVALID_CODE)
code = code.decode("utf-8")
if (code is None) or (code != data.get('code')):
logger.error(LogMsg.REGISTER_KEY_INVALID)
raise Http_error(409, Message.INVALID_CODE)
user = check_by_cell_no(cell_no, db_session)
if user:
user.password = data.get('password')
logger.debug(LogMsg.USER_PASSWORD_RESET, user_to_dict(user))
logger.info(LogMsg.END)
return data
logger.error(LogMsg.NOT_FOUND, data)
raise Http_error(404, Message.INVALID_USER)
