def check_offer_is_editable(offer: Offer): if not offer.isEditable: error = ApiErrors() error.status_code = 400 error.add_error('global', "Les offres importées ne sont pas modifiables") raise error
def check_offer_id_is_present_in_request(offer_id: str): if offer_id is None: errors = ApiErrors() errors.status_code = 400 errors.add_error('global', 'Le paramètre offerId est obligatoire') errors.maybe_raise() raise errors
def ensure_current_user_has_rights(rights, offerer_id, user=current_user): if not user.hasRights(rights, offerer_id): errors = ApiErrors() errors.add_error( 'global', "Vous n'avez pas les droits d'accès suffisant pour accéder à cette information." ) errors.status_code = 403 raise errors
def load_or_raise_error(obj_class, human_id): data = obj_class.query.filter_by(id=dehumanize(human_id)).first() if data is None: errors = ApiErrors() errors.add_error( 'global', 'Aucun objet ne correspond à cet identifiant dans notre base de données' ) errors.status_code = 400 raise errors else: return data
def get_user_with_credentials(identifier: str, password: str) -> User: with auto_close_db_transaction(): user = find_user_by_email(identifier) errors = ApiErrors() errors.status_code = 401 if not user: errors.add_error('identifier', 'Identifiant incorrect') raise errors if not user.isValidated: errors.add_error('identifier', "Ce compte n'est pas validé.") raise errors if not user.checkPassword(password): errors.add_error('password', 'Mot de passe incorrect') raise errors return user
def get_user_with_credentials(identifier, password): errors = ApiErrors() errors.status_code = 401 if identifier is None: errors.addError('identifier', 'Identifiant manquant') if password is None: errors.addError('password', 'Mot de passe manquant') errors.maybeRaise() user = User.query.filter_by(email=identifier).first() if not user: errors.addError('identifier', 'Identifiant incorrect') raise errors if not user.checkPassword(password): errors.addError('password', 'Mot de passe incorrect') raise errors login_user(user, remember=True) return user