Add API hook for logging risk assessment completion

2026-01-17 05:22:16 +00:00 · 2019-07-28 22:47:48 +01:00
parent faa4573f6d
commit 82b9e26aa1
7 changed files with 67 additions and 4 deletions
--- a/PyRIGS/settings.py
+++ b/PyRIGS/settings.py
@@ -11,6 +11,7 @@ https://docs.djangoproject.com/en/1.7/ref/settings/
 # Build paths inside the project like this: os.path.join(BASE_DIR, ...)
 import os
 import raven
+import secrets

 BASE_DIR = os.path.dirname(os.path.dirname(__file__))

@@ -235,3 +236,5 @@ TERMS_OF_HIRE_URL = "http://www.nottinghamtec.co.uk/terms.pdf"
 AUTHORISATION_NOTIFICATION_ADDRESS = 'productions@nottinghamtec.co.uk'
 RISK_ASSESSMENT_URL = os.environ.get('RISK_ASSESSMENT_URL') if os.environ.get(
    'RISK_ASSESSMENT_URL') else "http://example.com"
+RISK_ASSESSMENT_SECRET = os.environ.get('RISK_ASSESSMENT_SECRET') if os.environ.get(
+    'RISK_ASSESSMENT_SECRET') else secrets.token_hex(15)
--- a/RIGS/migrations/0034_event_risk_assessment_edit_url.py
+++ b/RIGS/migrations/0034_event_risk_assessment_edit_url.py
@@ -0,0 +1,18 @@
+# Generated by Django 2.0.5 on 2019-07-28 21:28
+
+from django.db import migrations, models
+
+
+class Migration(migrations.Migration):
+
+    dependencies = [
+        ('RIGS', '0033_auto_20180325_0016'),
+    ]
+
+    operations = [
+        migrations.AddField(
+            model_name='event',
+            name='risk_assessment_edit_url',
+            field=models.CharField(blank=True, max_length=255, null=True),
+        ),
+    ]
--- a/RIGS/models.py
+++ b/RIGS/models.py
@@ -338,6 +338,9 @@ class Event(models.Model, RevisionMixin):
    auth_request_at = models.DateTimeField(null=True, blank=True)
    auth_request_to = models.EmailField(null=True, blank=True)

+    # Risk assessment info
+    risk_assessment_edit_url = models.CharField(max_length=255, blank=True, null=True)
+
    # Calculated values
    """
    EX Vat
--- a/RIGS/rigboard.py
+++ b/RIGS/rigboard.py
@@ -18,6 +18,7 @@ from django.core.exceptions import SuspiciousOperation
 from django.db.models import Q
 from django.contrib import messages
 from django.utils.decorators import method_decorator
+from django.views.decorators.csrf import csrf_exempt
 from z3c.rml import rml2pdf
 from PyPDF2 import PdfFileMerger, PdfFileReader
 import simplejson
@@ -84,6 +85,10 @@ class EventRA(generic.base.RedirectView):
    permanent = False
    def get_redirect_url(self, *args, **kwargs):
        event = get_object_or_404(models.Event, pk=kwargs['pk'])
+
+        if event.risk_assessment_edit_url:
+            return event.risk_assessment_edit_url
+
        params = {
            'entry.708610078': f'N{event.pk:05}',
            'entry.905899507': event.name,
@@ -400,3 +405,26 @@ class EventAuthoriseRequestEmailPreview(generic.DetailView):
        })
        context['to_name'] = self.request.GET.get('to_name', None)
        return context
+
+@method_decorator(csrf_exempt, name='dispatch')
+class LogRiskAssessment(generic.View):
+    http_method_names = ["post"]
+
+    def post(self, request, **kwargs):
+        data = request.POST
+        shared_secret = data.get("secret")
+        edit_url = data.get("editUrl")
+        rig_number = data.get("rigNum")
+        if shared_secret is None or edit_url is None or rig_number is None:
+            return HttpResponse(status=422)
+
+        if shared_secret != settings.RISK_ASSESSMENT_SECRET:
+            return HttpResponse(status=403)
+
+        rig_number = int(re.sub("[^0-9]", "", rig_number))
+
+        event = get_object_or_404(models.Event, pk=rig_number)
+        event.risk_assessment_edit_url = edit_url
+        event.save()
+
+        return HttpResponse(status=200)
--- a/RIGS/templates/RIGS/event_detail_buttons.html
+++ b/RIGS/templates/RIGS/event_detail_buttons.html
@@ -2,10 +2,18 @@
    <a href="{% url 'event_update' event.pk %}" class="btn btn-default"><span
            class="glyphicon glyphicon-edit"></span> <span
            class="hidden-xs">Edit</span></a>
-    <a href="{% url 'event_ra' event.pk %}" class="btn btn-default"><span
+    {% if event.is_rig %}
+        {% if not event.dry_hire %}
+            <a href="{% url 'event_ra' event.pk %}" class="btn btn-default
+                {% if event.risk_assessment_edit_url %}
+                    btn-success
+                {% else %}
+                    btn-warning
+                {% endif %}
+            "><span
                class="glyphicon glyphicon-paperclip"></span> <span
                class="hidden-xs">RA</span></a>
-    {% if event.is_rig %}
+        {% endif %}
        <a href="{% url 'event_print' event.pk %}" target="_blank" class="btn btn-default"><span
                class="glyphicon glyphicon-print"></span> <span
                class="hidden-xs">Print</span></a>
--- a/RIGS/urls.py
+++ b/RIGS/urls.py
@@ -188,6 +188,9 @@ urlpatterns = [
    url(r'^api/(?P<model>\w+)/(?P<pk>\d+)/$', login_required(views.SecureAPIRequest.as_view()),
        name="api_secure"),

+    # Risk assessment API
+    url(r'^log_risk_assessment/$', rigboard.LogRiskAssessment.as_view(), name='log_risk_assessment'),
+
    # Legacy URL's
    url(r'^rig/show/(?P<pk>\d+)/$',
        RedirectView.as_view(permanent=True, pattern_name='event_detail')),
--- a/requirements.txt
+++ b/requirements.txt
@@ -3,7 +3,7 @@ contextlib2==0.5.5
 diff-match-patch==20121119
 dj-database-url==0.5.0
 dj-static==0.0.6
-Django==2.0.5
+Django==2.0.13
 django-debug-toolbar==1.9.1
 django-ical==1.4
 django-recaptcha==1.4.0