def post(identifier, filing_id):
"""Create a new comment for the filing."""
# basic checks
err_msg, err_code = CommentResource._basic_checks(
identifier, filing_id, request)
if err_msg:
return jsonify(err_msg), err_code
json_input = request.get_json()
# check authorization
if not authorized(identifier, jwt, action=['add_comment']):
return jsonify({'message':
f'You are not authorized to submit a comment for {identifier}.'}), \
HTTPStatus.UNAUTHORIZED
# validate comment
err = validate(json_input, True)
if err:
json_input['errors'] = err.msg
return jsonify(json_input), err.code
# confirm that the filing ID in the URL is the same as in the json
if json_input['comment']['filingId'] != filing_id:
json_input['errors'] = [
{
'error': 'Invalid filingId in request'
},
]
return jsonify(json_input), HTTPStatus.BAD_REQUEST
# save comment
user = User.get_or_create_user_by_jwt(g.jwt_oidc_token_info)
try:
comment = Comment()
comment.comment = json_input['comment']['comment']
comment.staff_id = user.id
comment.filing_id = filing_id
comment.timestamp = datetime.datetime.utcnow()
comment.save()
except BusinessException as err:
reply = json_input
reply['errors'] = [
{
'error': err.error
},
]
return jsonify(reply), err.status_code or \
(HTTPStatus.CREATED if (request.method == 'POST') else HTTPStatus.ACCEPTED)
# all done
return jsonify(comment.json), HTTPStatus.CREATED
def factory_business_comment(business: Business = None, comment_text: str = 'some text', user: User = None):
"""Create a comment."""
if not business:
business = factory_business('CP1234567')
c = Comment()
c.business_id = business.id
c.timestamp = EPOCH_DATETIME
c.comment = comment_text
if user:
c.staff_id = user.id
c.save()
return c
def factory_comment(
business: Business = None, filing: Filing = None, comment_text: str = 'some text', user: User = None):
"""Create a comment."""
if not business:
business = factory_business('CP1234567')
if not filing:
filing = factory_filing(business, ANNUAL_REPORT)
c = Comment()
c.filing_id = filing.id
c.timestamp = EPOCH_DATETIME
c.comment = comment_text
if user:
c.staff_id = user.id
c.save()
return c
def post(identifier):
"""Create a new comment for the business."""
# basic checks
business = Business.find_by_identifier(identifier)
err_msg, err_code = BusinessCommentResource._basic_checks(
identifier, business, request)
if err_msg:
return jsonify(err_msg), err_code
json_input = request.get_json()
# check authorization
if not authorized(identifier, jwt, action=['add_comment']):
return jsonify({'message':
f'You are not authorized to submit a comment for {identifier}.'}), \
HTTPStatus.UNAUTHORIZED
# validate comment
err = validate(json_input, False)
if err:
json_input['errors'] = err.msg
return jsonify(json_input), err.code
# save comment
user = User.get_or_create_user_by_jwt(g.jwt_oidc_token_info)
try:
comment = Comment()
comment.comment = json_input['comment']['comment']
comment.staff_id = user.id
comment.business_id = business.id
comment.timestamp = datetime.datetime.utcnow()
comment.save()
except BusinessException as err:
reply = json_input
reply['errors'] = [
{
'error': err.error
},
]
return jsonify(reply), err.status_code
# all done
return jsonify(comment.json), HTTPStatus.CREATED