def post(self):
        complaint = self.request.context
        tender = self.request.validated['tender']
        award_id = self.request.validated['award_id']
        data = self.request.validated['ownership_data']

        if complaint.transfer_token == sha512(data['transfer']).hexdigest():
            location = self.request.route_path('Tender Award Complaints', tender_id=tender.id, award_id=award_id, complaint_id=complaint.id)
            location = location[len(ROUTE_PREFIX):]  # strips /api/<version>
            transfer = extract_transfer(self.request, transfer_id=data['id'])
            if transfer.get('usedFor') and transfer.get('usedFor') != location:
                self.request.errors.add('body', 'transfer', 'Transfer already used')
                self.request.errors.status = 403
                return
        else:
            self.request.errors.add('body', 'transfer', 'Invalid transfer')
            self.request.errors.status = 403
            return

        update_ownership(complaint, transfer)

        transfer.usedFor = location
        self.request.validated['transfer'] = transfer
        if save_transfer(self.request):
            self.LOGGER.info('Updated transfer relation {}'.format(transfer.id),
                             extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'}))

            if save_tender(self.request):
                self.LOGGER.info('Updated award {} complaint {} ownership of tender {}'.format(complaint.id, award_id, tender.id),
                                 extra=context_unpack(self.request, {'MESSAGE_ID': 'award_complaint_ownership_update'}, {'complaint_id': complaint.id, 'award_id': award_id, 'tender_id': tender.id}))

                return {'data': complaint.serialize('view')}
示例#2
0
文件: contract.py 项目: lttga/op2
    def post(self):
        contract = self.request.validated["contract"]
        data = self.request.validated["ownership_data"]

        location = get_transfer_location(self.request, "Contract", contract_id=contract.id)
        transfer = extract_transfer(self.request, transfer_id=data["id"])

        if transfer.get("usedFor") and transfer.get("usedFor") != location:
            self.request.errors.add("body", "transfer", "Transfer already used")
            self.request.errors.status = 403
            return

        update_ownership(contract, transfer)
        self.request.validated["contract"] = contract

        transfer.usedFor = location
        self.request.validated["transfer"] = transfer

        if save_transfer(self.request):
            self.LOGGER.info(
                "Updated transfer relation {}".format(transfer.id),
                extra=context_unpack(self.request, {"MESSAGE_ID": "transfer_relation_update"}),
            )

            if save_contract(self.request):
                self.LOGGER.info(
                    "Updated ownership of contract {}".format(contract.id),
                    extra=context_unpack(self.request, {"MESSAGE_ID": "contract_ownership_update"}),
                )

                return {"data": contract.serialize("view")}
    def post(self):
        tender = self.request.validated['tender']
        data = self.request.validated['ownership_data']

        if tender.transfer_token == sha512(data['transfer']).hexdigest():
            location = self.request.route_path('Tender', tender_id=tender.id)
            location = location[len(ROUTE_PREFIX):]  # strips /api/<version>
            transfer = extract_transfer(self.request, transfer_id=data['id'])
            if transfer.get('usedFor') and transfer.get('usedFor') != location:
                self.request.errors.add('body', 'transfer', 'Transfer already used')
                self.request.errors.status = 403
                return
        else:
            self.request.errors.add('body', 'transfer', 'Invalid transfer')
            self.request.errors.status = 403
            return

        update_ownership(tender, transfer)
        self.request.validated['tender'] = tender

        transfer.usedFor = location
        self.request.validated['transfer'] = transfer
        if save_transfer(self.request):
            self.LOGGER.info('Updated transfer relation {}'.format(transfer.id),
                             extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'}))

            if save_tender(self.request):
                self.LOGGER.info('Updated ownership of tender {}'.format(tender.id),
                                extra=context_unpack(self.request, {'MESSAGE_ID': 'tender_ownership_update'}))

                return {'data': tender.serialize('view')}
    def post(self):
        contract = self.request.validated['contract']
        data = self.request.validated['ownership_data']
        if contract.status != "active":
            self.request.errors.add('body', 'data', 'Can\'t update credentials in current ({}) contract status'.format(contract.status))
            self.request.errors.status = 403
            return
        if  contract.transfer_token == sha512(data.get('transfer', '')).hexdigest() or contract.tender_token == sha512(data.get('tender_token', '')).hexdigest():
            transfer = extract_transfer(self.request, transfer_id=data['id'])
            if data.get('tender_token') and contract.owner != transfer.owner:
                self.request.errors.add('body', 'transfer', 'Only owner is allowed to generate new credentials.')
                self.request.errors.status = 403
                return

            location = self.request.route_path('Contract', contract_id=contract.id)
            location = location[len(ROUTE_PREFIX):]  # strips /api/<version>
            if transfer.get('usedFor') and transfer.get('usedFor') != location:
                self.request.errors.add('body', 'transfer', 'Transfer already used')
                self.request.errors.status = 403
                return
        else:
            self.request.errors.add('body', 'transfer', 'Invalid transfer')
            self.request.errors.status = 403
            return

        update_ownership(contract, transfer)
        self.request.validated['contract'] = contract

        transfer.usedFor = location
        self.request.validated['transfer'] = transfer
        if save_transfer(self.request):
            self.LOGGER.info('Updated transfer relation {}'.format(transfer.id),
                             extra=context_unpack(self.request, {'MESSAGE_ID': 'transfer_relation_update'}))

            if save_contract(self.request):
                self.LOGGER.info('Updated ownership of contract {}'.format(contract.id),
                    extra=context_unpack(self.request, {'MESSAGE_ID': 'contract_ownership_update'}))

                return {'data': contract.serialize('view')}
示例#5
0
    def post(self):
        agreement = self.request.validated["agreement"]
        data = self.request.validated["ownership_data"]

        route_name = "{}.Agreement".format(agreement.agreementType)
        location = get_transfer_location(self.request,
                                         route_name,
                                         agreement_id=agreement.id)
        transfer = extract_transfer(self.request, transfer_id=data["id"])

        if transfer.get("usedFor") and transfer.get("usedFor") != location:
            self.request.errors.add("body", "transfer",
                                    "Transfer already used")
            self.request.errors.status = 403
            return

        update_ownership(agreement, transfer)
        self.request.validated["agreement"] = agreement

        transfer.usedFor = location
        self.request.validated["transfer"] = transfer

        if save_transfer(self.request):
            self.LOGGER.info(
                "Updated transfer relation {}".format(transfer.id),
                extra=context_unpack(
                    self.request, {"MESSAGE_ID": "transfer_relation_update"}),
            )

            if save_agreement(self.request):
                self.LOGGER.info(
                    "Updated ownership of agreement {}".format(agreement.id),
                    extra=context_unpack(
                        self.request,
                        {"MESSAGE_ID": "agreement_ownership_update"}),
                )

                return {"data": agreement.serialize("view")}
示例#6
0
    def post(self):
        tender = self.request.validated["tender"]
        data = self.request.validated["ownership_data"]

        route_name = "{}:Tender".format(tender.procurementMethodType)
        location = get_transfer_location(self.request,
                                         route_name,
                                         tender_id=tender.id)
        transfer = extract_transfer(self.request, transfer_id=data["id"])

        if transfer.get("usedFor") and transfer.get("usedFor") != location:
            self.request.errors.add("body", "transfer",
                                    "Transfer already used")
            self.request.errors.status = 403
            return

        update_ownership(tender, transfer)
        self.request.validated["tender"] = tender

        transfer.usedFor = location
        self.request.validated["transfer"] = transfer

        if save_transfer(self.request):
            self.LOGGER.info(
                "Updated transfer relation {}".format(transfer.id),
                extra=context_unpack(
                    self.request, {"MESSAGE_ID": "transfer_relation_update"}),
            )

            if save_tender(self.request):
                self.LOGGER.info(
                    "Updated ownership of tender {}".format(tender.id),
                    extra=context_unpack(
                        self.request,
                        {"MESSAGE_ID": "tender_ownership_update"}),
                )

                return {"data": tender.serialize("view")}