Serving event invoice over route

app/api/auth.py

@@ -30,6 +30,7 @@
     USER_REGISTER_WITH_PASSWORD, PASSWORD_RESET_AND_VERIFY
 from app.models.notification import PASSWORD_CHANGE as PASSWORD_CHANGE_NOTIF
 from app.models.user import User
+from app.models.event_invoice import EventInvoice
 from app.api.helpers.storage import UPLOAD_PATHS
 from app.api.helpers.auth import AuthManager
 
@@ -295,9 +296,9 @@ def change_password():
     })
 
 
-def return_file(file_name_prefix, file_path, order_identifier):
+def return_file(file_name_prefix, file_path, identifier):
     response = make_response(send_file(file_path))
-    response.headers['Content-Disposition'] = 'attachment; filename=%s-%s.pdf' % (file_name_prefix, order_identifier)
+    response.headers['Content-Disposition'] = 'attachment; filename=%s-%s.pdf' % (file_name_prefix, identifier)
     return response
 
 
@@ -345,6 +346,48 @@ def order_invoices(order_identifier):
         return ForbiddenError({'source': ''}, 'Authentication Required to access Invoice').respond()
 
 
+@ticket_blueprint.route('/orders/invoices/<string:order_identifier>')
+@jwt_required()
+def event_invoices(order_identifier):
+    if current_user:
+        try:
+            order = Order.query.filter_by(identifier=order_identifier).first()
+        except NoResultFound:
+            return NotFoundError({'source': ''}, 'Order Invoice not found').respond()
+        if current_user.can_download_tickets(order):
+            key = UPLOAD_PATHS['pdf']['order'].format(identifier=order_identifier)
+            file_path = '../generated/invoices/{}/{}/'.format(key, generate_hash(key)) + order_identifier + '.pdf'
+            try:
+                return return_file('invoice', file_path, order_identifier)
+            except FileNotFoundError:
+                create_pdf_tickets_for_holder(order)
+                return return_file('invoice', file_path, order_identifier)
+        else:
+            return ForbiddenError({'source': ''}, 'Unauthorized Access').respond()
+    else:
+        return ForbiddenError({'source': ''}, 'Authentication Required to access Invoice').respond()     
+
+
+@ticket_blueprint.route('/events/invoices/<string:invoice_identifier>')
+@jwt_required()
+def event_invoices(invoice_identifier):
+    if current_user:
+        try:
+            event_invoice = EventInvoice.query.filter_by(identifier=invoice_identifier).first()
+            event_id = event_invoice.event_id
+        except NoResultFound:
+            return NotFoundError({'source': ''}, 'Event Invoice not found').respond()
+        if current_user.is_organizer(event_id) or current_user.is_staff:
+            key = UPLOAD_PATHS['pdf']['event_invoices'].format(identifier=invoice_identifier)
+            file_path = '../generated/invoices/{}/{}/'.format(key, generate_hash(key)) + invoice_identifier + '.pdf'
+            return return_file('invoice', file_path, invoice_identifier)
+        else:
+            return ForbiddenError({'source': ''}, 'Unauthorized Access').respond()
+    else:
+        return ForbiddenError({'source': ''}, 'Authentication Required to access Invoice').respond()
+
+
+
 # Access for Environment details & Basic Auth Support
 def requires_basic_auth(f):
     @wraps(f)

app/api/helpers/storage.py

@@ -81,7 +81,8 @@
     'pdf': {
         'ticket_attendee': 'attendees/tickets/pdf/{identifier}',
         'order': 'orders/invoices/pdf/{identifier}',
-        'tickets_all': 'orders/tickets/pdf/{identifier}'
+        'tickets_all': 'orders/tickets/pdf/{identifier}',
+        'event_invoice': 'events/organizer/invoices/pdf/{identifier}'
     }
 }