Merge pull request #753 in RMS/api-main-service from core-dev-gladys to RMSv2

* commit '53435a62': {dev bugfix} Do not allow to save Vendor same level to other delegation Template Post {dev bugfix} check if cr prefix exists in template {dev bugfix} Validate if poc is assigned to another delegation other than Vendor (Template Post and Form Post {dev bugfix} delete media file on master attachment when error occurs

Merge pull request #753 in RMS/api-main-service from core-dev-gladys to RMSv2
* commit '53435a62': {dev bugfix} Do not allow to save Vendor same level to other delegation Template Post {dev bugfix} check if cr prefix exists in template {dev bugfix} Validate if poc is assigned to another delegation other than Vendor (Template Post and Form Post {dev bugfix} delete media file on master attachment when error occurs
d0dad250 · Gladys Forte · 57a2ae68 · 53435a62 · d0dad250 · d0dad250
Commit d0dad250 authored Feb 04, 2020 by Gladys Forte
7 changed files
--- a/app/applicationlayer/cms/form/attachment/serializers.py
+++ b/app/applicationlayer/cms/form/attachment/serializers.py
@@ -17,6 +17,7 @@ class ChangeRequestFormAttachmentsSerializer(
            "contact_no": instance.uploaded_by.contact_no
        }
        ret['uploaded_by'] = user_object
        ret['file_upload'] = self.context['request'].build_absolute_uri(
            instance.file_upload.url.url)
        ret['file_upload_id'] = instance.file_upload.id
@@ -28,7 +29,6 @@ class ChangeRequestFormAttachmentsSerializer(
        read_only_fields = ['created', 'code']
 class ChangeRequestFormAttachmentsFileUploadSerializer(
    serializers.ModelSerializer
 ):

--- a/app/applicationlayer/cms/form/header/views.py
+++ b/app/applicationlayer/cms/form/header/views.py
@@ -36,7 +36,8 @@ from app.applicationlayer.cms.utils_cr import (number_generator,
                                               entity_log_bulk,
                                               reminder_trigger_save,
                                               overdue_trigger_save,
-                                               reset_autoemail_tables)
+                                               reset_autoemail_tables,
+                                               delete_master_attachment_file)
 from app.entities import enums
 from app.applicationlayer.utils import model_to_dict
@@ -1365,6 +1366,7 @@ class ChangeRequestFormPost(APIView):
        except ValidationError as e:
            transaction.savepoint_rollback(sp1)
            message = {
                'code': 400,
                'status': 'failed',
@@ -1374,6 +1376,7 @@ class ChangeRequestFormPost(APIView):
        except Exception as e:
            transaction.savepoint_rollback(sp1)
            message = {
                'code': 500,
                'status': 'failed',

--- a/app/applicationlayer/cms/template/header/serializers.py
+++ b/app/applicationlayer/cms/template/header/serializers.py
--- a/app/applicationlayer/cms/template/header/views.py
+++ b/app/applicationlayer/cms/template/header/views.py
@@ -14,7 +14,8 @@ from app.applicationlayer.utils import (CustomPagination,
                                        status_message_response)
 from app.applicationlayer.cms.utils_cr import (
-    entity_log_bulk
+    entity_log_bulk,
+    delete_master_attachment_file
 )
 from app.applicationlayer.utils import model_to_dict
 from app.entities import enums, models
@@ -443,6 +444,11 @@ class ChangeRequestTemplatePost(APIView):
        except ValidationError as e:
            transaction.savepoint_rollback(sp1)
+            if template_header['tmp_attachments']:
+                delete_master_attachment_file(
+                    template_header['tmp_attachments'])
            message = {
                'code': 400,
                'status': 'failed',
@@ -452,6 +458,11 @@ class ChangeRequestTemplatePost(APIView):
        except Exception as e:
            transaction.savepoint_rollback(sp1)
+            if template_header['tmp_attachments']:
+                delete_master_attachment_file(
+                    template_header['tmp_attachments'])
            message = {
                'code': 500,
                'status': 'failed',

--- a/app/applicationlayer/cms/utils_cr.py
+++ b/app/applicationlayer/cms/utils_cr.py
@@ -823,3 +823,12 @@ def cancelled_user_trigger(form_code,
        # create notification
        notification_create(form_code, message, receiver_code,
                            sender_code, 'cms')
+def delete_master_attachment_file(attachments):
+    # delete master attachment data and media file attachments
+    for attachment in attachments:
+        attach = models.MasterAttachment.objects.filter(
+            id=attachment['file_upload'])
+        if attach:
+            attach.first().delete()
--- a/app/businesslayer/changerequest/change_request_template.py
+++ b/app/businesslayer/changerequest/change_request_template.py
@@ -157,3 +157,35 @@ def validation_approver_same_level(approvers):
            return user_name
    return None
+# Check if poc is assigned to another delegation other than Vendor
+def validation_poc_vendor_only(poc, approvers):
+    validate = False
+    for approver in approvers:
+        if 'user' in approver and 'delegation' in approver:
+            if poc == approver['user']:
+                if not approver['delegation'] == 'DELEGATION-20191119-0000002':
+                    validate = True
+    return validate
+# Check if level if Vendor delegation has same level with other delegation
+def validation_vendor_unique_level(approvers):
+    validate = False
+    data_level = []
+    for approver in approvers:
+        if 'delegation' in approver:
+            if approver['delegation'] == 'DELEGATION-20191119-0000002':
+                data_level.append(approver['level'])
+    for approver in approvers:
+        if 'delegation' in approver:
+            if approver['level'] in data_level:
+                if not approver['delegation'] == 'DELEGATION-20191119-0000002':
+                    validate = True
+    return validate
\ No newline at end of file
--- a/app/helper/decorators.py
+++ b/app/helper/decorators.py
@@ -4,14 +4,18 @@ import json
 from rest_framework.exceptions import ParseError
 from functools import wraps
 from rest_framework.authtoken.models import Token
-from app.entities.models import User, Department, Company
+from app.entities.models import (User, Department, Company,
+                                 ChangeRequestTemplateHeader,
+                                 ChangeRequestFormHeader)
 from app.entities import enums
 from django.db.models import Q
 from app.businesslayer.changerequest.change_request_template import (
    tmp_add_edit_delete,
    validation_approver_same_level,
    validation_existing_vendor_requestor,
-    validation_existing_approver
+    validation_existing_approver,
+    validation_poc_vendor_only,
+    validation_vendor_unique_level
 )
 from app.applicationlayer.utils import error_message
@@ -292,49 +296,62 @@ def TemplateValidation(function):
    def wrapper(self, request, *args, **kwargs):
        template_header = request.data
+        required = {'requested_to_template_name': 'Template Name',
+                    'requested_to_template_id': 'CR Number prefix',
+                    'requested_to_target_date': 'Lead Time',
+                    'requested_to_company': 'Company',
+                    'requested_to_department': 'Department'}
+        for key in required.keys():
+            if not key in template_header or template_header[key] == '':
+                return error_message('400', required[key] + ' is required',
+                    'failed', status.HTTP_400_BAD_REQUEST)
+        # Check if prefix already exists
+        prefix = ChangeRequestTemplateHeader.objects.filter(
+            requested_to_template_id=template_header['requested_to_template_id'])
+        if prefix:
+            return error_message('400', 'CR Number prefix already exists.',
+                'failed', status.HTTP_400_BAD_REQUEST)
+        # Restrict form using Superuser Department
        if (template_header['created_by_department'] == 'DEPARTMENT-20190923-0000001' or
                template_header['requested_to_department'] == 'DEPARTMENT-20190923-0000001'):
-            message = {
+            return error_message('400', 'Superuser department cannot be selected',
-                'code': 400,
+                    'failed', status.HTTP_400_BAD_REQUEST)
-                'status': 'failed',
-                'message': 'Superuser department cannot be selected',
-            }
-            return Response(message,
-                            status=status.HTTP_400_BAD_REQUEST)
        tmp_approvers = template_header['tmp_approvers']
        # Check if Vendor and Requestor are existing on routing table
        if len(tmp_approvers) < 2:
-            message = {
+            return error_message('400', 'Please make sure to add an Approver, Vendor and Requestor into routing table',
-                'code': 400,
+                'failed', status.HTTP_400_BAD_REQUEST)
-                'status': 'failed',
-                'message': 'Please make sure to add an Approver, Vendor and Requestor into routing table',
-            }
-            return Response(message,
-                            status=status.HTTP_400_BAD_REQUEST)
        else:
            result = validation_existing_vendor_requestor(tmp_approvers)
            if result is False:
-                message = {
+                return error_message('400', 'Please add Vendor/Implementor and Requestor into routing table',
-                    'code': 400,
+                    'failed', status.HTTP_400_BAD_REQUEST)
-                    'status': 'failed',
-                    'message': 'Please add Vendor/Implementor and Requestor into routing table',
-                }
-                return Response(message,
-                                status=status.HTTP_400_BAD_REQUEST)
        # Do not allow adding an approver for the same level
        validation_result = validation_approver_same_level(tmp_approvers)
        if validation_result is not None:
-            message = {
+            return error_message('400', validation_result + ' is already exist for the same level of approval.',
-                'code': 400,
+                    'failed', status.HTTP_400_BAD_REQUEST)
-                'status': 'failed',
-                'message': validation_result + ' is already exist for the same level of approval.',
+        # Do not allow saving user as Vendor and other delegation
-            }
+        validate = validation_poc_vendor_only(
-            return Response(message,
+            template_header['requested_to_user'], tmp_approvers)
-                            status=status.HTTP_400_BAD_REQUEST)
+        if validate is True:
+            return error_message('400', 'Point of contact can only be assign to Vendor/Implementor',
+                    'failed', status.HTTP_400_BAD_REQUEST)
+        # Do not allow to save Vendor same level to other delegation
+        validate = validation_vendor_unique_level(tmp_approvers)
+        if validate is True:
+            return error_message('400', 'Vendor/Implementor cannot have same level with other delegation/s',
+                    'failed', status.HTTP_400_BAD_REQUEST)
        return function(self, request, *args, **kwargs)
    return wrapper
@@ -400,5 +417,17 @@ def FormValidation(function):
            }
            return Response(message, status=status.HTTP_400_BAD_REQUEST)
+        # Do not allow saving user as Vendor and other delegation
+        validate = validation_poc_vendor_only(
+            form_header['requested_to_user'], frm_approvers)
+        if validate is True:
+            message = {
+                'code': 400,
+                'status': 'failed',
+                'message': 'Point of contact can only be assign to Vendor/Implementor',
+            }
+            return Response(message,
+                            status=status.HTTP_400_BAD_REQUEST)
        return function(self, request, *args, **kwargs)
    return wrapper