|
1 | 1 | from flask_restful import Resource, request |
2 | 2 | from backend.services.project_partnership_service import ProjectPartnershipService |
3 | 3 | from backend.services.users.authentication_service import token_auth |
4 | | -from backend.services.users.user_service import UserService |
| 4 | +from backend.services.project_admin_service import ProjectAdminService |
5 | 5 | from backend.models.dtos.project_partner_dto import ( |
6 | 6 | ProjectPartnershipDTO, |
7 | 7 | ProjectPartnershipUpdateDTO, |
@@ -88,46 +88,44 @@ def post(self): |
88 | 88 | 400: |
89 | 89 | description: Ivalid dates or started_on was after ended_on |
90 | 90 | 401: |
91 | | - description: Forbidden, if user is not an admin |
| 91 | + description: Forbidden, if user is not a manager of this project |
92 | 92 | 403: |
93 | 93 | description: Forbidden, if user is not authenticated |
94 | 94 | 404: |
95 | 95 | description: Not found |
96 | 96 | 500: |
97 | 97 | description: Internal Server Error |
98 | 98 | """ |
99 | | - try: |
100 | | - partnership_dto = ProjectPartnershipDTO(request.get_json()) |
101 | | - is_admin = UserService.is_user_an_admin(token_auth.current_user()) |
| 99 | + partnership_dto = ProjectPartnershipDTO(request.get_json()) |
102 | 100 |
|
103 | | - if not is_admin: |
104 | | - raise ValueError() |
105 | | - |
106 | | - if partnership_dto.started_on is None: |
107 | | - partnership_dto.started_on = timestamp() |
108 | | - |
109 | | - partnership_dto = ProjectPartnershipDTO(request.get_json()) |
110 | | - partnership_id = ProjectPartnershipService.create_partnership( |
111 | | - partnership_dto.project_id, |
112 | | - partnership_dto.partner_id, |
113 | | - partnership_dto.started_on, |
114 | | - partnership_dto.ended_on, |
115 | | - ) |
116 | | - return ( |
117 | | - { |
118 | | - "Success": "Partner {} assigned to project {}".format( |
119 | | - partnership_dto.partner_id, partnership_dto.project_id |
120 | | - ), |
121 | | - "partnershipId": partnership_id, |
122 | | - }, |
123 | | - 201, |
124 | | - ) |
125 | | - except ValueError: |
| 101 | + if not ProjectAdminService.is_user_action_permitted_on_project( |
| 102 | + token_auth.current_user(), partnership_dto.project_id |
| 103 | + ): |
126 | 104 | return { |
127 | | - "Error": "User is not an admin", |
| 105 | + "Error": "User is not a manager of the project", |
128 | 106 | "SubCode": "UserPermissionError", |
129 | 107 | }, 401 |
130 | 108 |
|
| 109 | + if partnership_dto.started_on is None: |
| 110 | + partnership_dto.started_on = timestamp() |
| 111 | + |
| 112 | + partnership_dto = ProjectPartnershipDTO(request.get_json()) |
| 113 | + partnership_id = ProjectPartnershipService.create_partnership( |
| 114 | + partnership_dto.project_id, |
| 115 | + partnership_dto.partner_id, |
| 116 | + partnership_dto.started_on, |
| 117 | + partnership_dto.ended_on, |
| 118 | + ) |
| 119 | + return ( |
| 120 | + { |
| 121 | + "Success": "Partner {} assigned to project {}".format( |
| 122 | + partnership_dto.partner_id, partnership_dto.project_id |
| 123 | + ), |
| 124 | + "partnershipId": partnership_id, |
| 125 | + }, |
| 126 | + 201, |
| 127 | + ) |
| 128 | + |
131 | 129 | @staticmethod |
132 | 130 | @token_auth.login_required |
133 | 131 | def patch(partnership_id: int): |
@@ -172,43 +170,44 @@ def patch(partnership_id: int): |
172 | 170 | 400: |
173 | 171 | description: Ivalid dates or started_on was after ended_on |
174 | 172 | 401: |
175 | | - description: Forbidden, if user is not an admin |
| 173 | + description: Forbidden, if user is not a manager of this project |
176 | 174 | 403: |
177 | 175 | description: Forbidden, if user is not authenticated |
178 | 176 | 404: |
179 | 177 | description: Not found |
180 | 178 | 500: |
181 | 179 | description: Internal Server Error |
182 | 180 | """ |
183 | | - try: |
184 | | - partnership_updates = ProjectPartnershipUpdateDTO(request.get_json()) |
185 | | - is_admin = UserService.is_user_an_admin(token_auth.current_user()) |
186 | | - |
187 | | - if not is_admin: |
188 | | - raise ValueError() |
189 | | - |
190 | | - partnership = ProjectPartnershipService.update_partnership_time_range( |
191 | | - partnership_id, |
192 | | - partnership_updates.started_on, |
193 | | - partnership_updates.ended_on, |
194 | | - ) |
| 181 | + partnership_updates = ProjectPartnershipUpdateDTO(request.get_json()) |
| 182 | + partnership_dto = ProjectPartnershipService.get_partnership_as_dto( |
| 183 | + partnership_id |
| 184 | + ) |
195 | 185 |
|
196 | | - return ( |
197 | | - { |
198 | | - "Success": "Updated time range. startedOn: {}, endedOn: {}".format( |
199 | | - partnership.started_on, partnership.ended_on |
200 | | - ), |
201 | | - "startedOn": f"{partnership.started_on}", |
202 | | - "endedOn": f"{partnership.ended_on}", |
203 | | - }, |
204 | | - 200, |
205 | | - ) |
206 | | - except ValueError: |
| 186 | + if not ProjectAdminService.is_user_action_permitted_on_project( |
| 187 | + token_auth.current_user(), partnership_dto.project_id |
| 188 | + ): |
207 | 189 | return { |
208 | | - "Error": "User is not an admin", |
| 190 | + "Error": "User is not a manager of the project", |
209 | 191 | "SubCode": "UserPermissionError", |
210 | 192 | }, 401 |
211 | 193 |
|
| 194 | + partnership = ProjectPartnershipService.update_partnership_time_range( |
| 195 | + partnership_id, |
| 196 | + partnership_updates.started_on, |
| 197 | + partnership_updates.ended_on, |
| 198 | + ) |
| 199 | + |
| 200 | + return ( |
| 201 | + { |
| 202 | + "Success": "Updated time range. startedOn: {}, endedOn: {}".format( |
| 203 | + partnership.started_on, partnership.ended_on |
| 204 | + ), |
| 205 | + "startedOn": f"{partnership.started_on}", |
| 206 | + "endedOn": f"{partnership.ended_on}", |
| 207 | + }, |
| 208 | + 200, |
| 209 | + ) |
| 210 | + |
212 | 211 | @staticmethod |
213 | 212 | @token_auth.login_required |
214 | 213 | def delete(partnership_id: int): |
@@ -237,33 +236,34 @@ def delete(partnership_id: int): |
237 | 236 | 201: |
238 | 237 | description: Partner project association created |
239 | 238 | 401: |
240 | | - description: Forbidden, if user is not an admin |
| 239 | + description: Forbidden, if user is not a manager of this project |
241 | 240 | 403: |
242 | 241 | description: Forbidden, if user is not authenticated |
243 | 242 | 404: |
244 | 243 | description: Not found |
245 | 244 | 500: |
246 | 245 | description: Internal Server Error |
247 | 246 | """ |
248 | | - try: |
249 | | - is_admin = UserService.is_user_an_admin(token_auth.current_user()) |
250 | | - |
251 | | - if not is_admin: |
252 | | - raise ValueError() |
| 247 | + partnership_dto = ProjectPartnershipService.get_partnership_as_dto( |
| 248 | + partnership_id |
| 249 | + ) |
253 | 250 |
|
254 | | - ProjectPartnershipService.delete_partnership(partnership_id) |
255 | | - return ( |
256 | | - { |
257 | | - "Success": "Partnership ID {} deleted".format(partnership_id), |
258 | | - }, |
259 | | - 200, |
260 | | - ) |
261 | | - except ValueError: |
| 251 | + if not ProjectAdminService.is_user_action_permitted_on_project( |
| 252 | + token_auth.current_user(), partnership_dto.project_id |
| 253 | + ): |
262 | 254 | return { |
263 | | - "Error": "User is not an admin", |
| 255 | + "Error": "User is not a manager of the project", |
264 | 256 | "SubCode": "UserPermissionError", |
265 | 257 | }, 401 |
266 | 258 |
|
| 259 | + ProjectPartnershipService.delete_partnership(partnership_id) |
| 260 | + return ( |
| 261 | + { |
| 262 | + "Success": "Partnership ID {} deleted".format(partnership_id), |
| 263 | + }, |
| 264 | + 200, |
| 265 | + ) |
| 266 | + |
267 | 267 |
|
268 | 268 | class PartnersByProjectAPI(Resource): |
269 | 269 | @staticmethod |
|
0 commit comments