def _update_actor_balance(self, price):
rss = RSS.objects.all()[0]
actor = None
# Check who is the charging actor (user or organization)
if self._purchase.organization_owned:
actor = self._purchase.owner_organization
else:
client = self._purchase.customer
actor = Organization.objects.get(actor_id=client.userprofile.actor_id)
charge = {
'currency': self._price_model['general_currency'],
'amount': price
}
# Check balance
try:
exp_manager = ExpenditureManager(rss, rss.access_token)
exp_manager.update_balance(charge, actor)
except HTTPError as e:
# Check if it is needed to refresh the access token
if e.code == 401:
rss.refresh_token()
exp_manager.set_credentials(rss.access_token)
exp_manager.update_balance(charge, actor)
# Check if the error is due to an insufficient balance
else:
raise e
def _check_expenditure_limits(self, price):
"""
Check if the user can purchase the offering depending on its
expenditure limits and ir accumulated balance thought the RSS
"""
# Check is an RSS instance is registered
if not RSS.objects.all():
return
else:
rss = RSS.objects.all()[0]
actor = None
# Check who is the charging actor (user or organization)
if self._purchase.organization_owned:
actor = self._purchase.owner_organization
else:
client = self._purchase.customer
actor = Organization.objects.get(actor_id=client.userprofile.actor_id)
# Check if the actor has defined expenditure limits
if not actor.expenditure_limits:
return
charge = {
'currency': self._price_model['general_currency'],
'amount': price
}
# Check balance
request_failure = None
try:
exp_manager = ExpenditureManager(rss, rss.access_token)
exp_manager.check_balance(charge, actor)
except HTTPError as e:
# Check if it is needed to refresh the access token
if e.code == 401:
rss.refresh_token()
exp_manager.set_credentials(rss.access_token)
try:
exp_manager.check_balance(charge, actor)
# The user may be unauthorized, an error occurs, or the
# actor balance is not enough
except:
request_failure = e
# Check if the error is due to an insufficient balance
else:
request_failure = e
except:
request_failure = e
# Raise the correct failure
if request_failure:
if type(request_failure) == HTTPError and request_failure.code == 404\
and json.loads(request_failure.read())['exceptionId'] == 'SVC3705':
raise Exception('There is not enough balance. Check your expenditure limits')
else:
raise request_failure
self._expenditure_used = True
def update(self, request, username):
if not request.user.is_staff and not request.user.username == username:
return build_response(request, 403, 'Forbidden')
data = json.loads(request.raw_post_data)
# Update the user
try:
user = User.objects.get(username=username)
# Get the user profile
user_profile = UserProfile.objects.get(user=user)
# If WStore is not integrated with the accounts enabler
# update user info and roles
if not settings.OILAUTH:
if request.user.is_staff and 'roles' in data: # The user cannot change its roles
if 'admin' in data['roles'] and request.user.is_staff:
user.is_staff = True
if 'provider' in data['roles']:
# Append the provider role to the user
orgs = []
for o in user_profile.organizations:
if Organization.objects.get(pk=o['organization']).name == user.username \
and not 'provider' in o['roles']:
o['roles'].append('provider')
orgs.append(o)
user_profile.organizations = orgs
elif not 'provider' in data['roles'] and 'provider' in user_profile.get_user_roles():
# Remove the provider role from the user info
orgs = []
for o in user_profile.organizations:
if Organization.objects.get(pk=o['organization']).name == user.username:
o['roles'].remove('provider')
orgs.append(o)
else:
orgs.append(o)
user_profile.organizations = orgs
if 'notification_url' in data and 'provider' in user_profile.get_user_roles():
user_org = Organization.objects.get(name=user.username)
user_org.notification_url = data['notification_url']
user_org.save()
if 'password' in data:
user.set_password(data['password'])
if 'first_name' in data and 'last_name' in data:
user.first_name = data['first_name']
user.last_name = data['last_name']
user_profile.complete_name = data['first_name'] + ' ' + data['last_name']
elif 'complete_name' in data:
user_profile.complete_name = data['complete_name']
else:
user_org = Organization.objects.get(actor_id=user.userprofile.actor_id)
if 'notification_url' in data and 'provider' in user_profile.get_user_roles():
user_org.notification_url = data['notification_url']
user_org.save()
# Check if expenditure limits are included in the request
if 'limits' in data and data['limits']:
limits = _check_limits(data['limits'])
currency = limits['currency']
# Get default RSS instance
try:
rss_instance = RSS.objects.all()[0]
except:
raise Exception('No RSS instance registered: An RSS instance is needed for setting up expenditure limits')
# Create limits in the RSS
try:
exp_manager = ExpenditureManager(rss_instance, rss_instance.access_token)
exp_manager.set_actor_limit(limits, user.userprofile)
except HTTPError as e:
if e.code == 401:
rss_instance.refresh_token()
exp_manager.set_credentials(rss_instance.access_token)
exp_manager.set_actor_limit(limits, user.userprofile)
else:
raise e
# Save limits
limits['currency'] = currency
user_org.expenditure_limits = limits
user_org.save()
if 'tax_address' in data:
user_profile.tax_address = {
'street': data['tax_address']['street'],
'postal': data['tax_address']['postal'],
'city': data['tax_address']['city'],
'country': data['tax_address']['country']
}
else:
# the update is absolute so if no tax address provided it is deleted
user_profile.tax_address = {}
if 'payment_info' in data:
number = data['payment_info']['number']
if not is_valid_credit_card(number):
if 'number' in user_profile.payment_info and \
is_hidden_credit_card(number, user_profile.payment_info['number']):
number = user_profile.payment_info['number']
else:
raise Exception('')
user_profile.payment_info = {
'type': data['payment_info']['type'],
'number': number,
'expire_month': data['payment_info']['expire_month'],
'expire_year': data['payment_info']['expire_year'],
'cvv2': data['payment_info']['cvv2']
}
else:
# the update is absolute so if no payment info provided it is deleted
user_profile.payment_info = {}
user.save()
user_profile.save()
except Exception as e:
msg = 'Invalid content'
if e.message:
msg = e.message
return build_response(request, 400, msg)
return build_response(request, 200, 'OK')
def update(self, request, org):
# Get the organization
try:
organization = Organization.objects.get(name=org)
except:
return build_response(request, 404, 'Organization not found')
if not request.user.is_active:
return build_response(request, 403, 'Forbidden')
if not request.user.is_staff and not request.user.pk in organization.managers:
return build_response(request, 403, 'Forbidden')
try:
# Load request data
data = json.loads(request.raw_post_data)
if 'notification_url' in data:
if data['notification_url'] and not is_valid_url(data['notification_url']):
raise Exception('Enter a valid URL')
organization.notification_url = data['notification_url']
# Load the tax address
new_taxaddr = {}
if 'tax_address' in data and data['tax_address'] != {}:
new_taxaddr = {
'street': data['tax_address']['street'],
'postal': data['tax_address']['postal'],
'city': data['tax_address']['city'],
'country': data['tax_address']['country']
}
organization.tax_address = new_taxaddr
# Load the payment info
new_payment = {}
if 'payment_info' in data and data['payment_info'] != {}:
number = data['payment_info']['number']
if not is_valid_credit_card(number):
if 'number' in organization.payment_info and \
is_hidden_credit_card(number, organization.payment_info['number']):
number = organization.payment_info['number']
else:
raise Exception('Invalid credit card number')
new_payment = {
'type': data['payment_info']['type'],
'number': number,
'expire_year': data['payment_info']['expire_year'],
'expire_month': data['payment_info']['expire_month'],
'cvv2': data['payment_info']['cvv2']
}
if 'limits' in data:
limits = _check_limits(data['limits'])
currency = limits['currency']
# Get default RSS
rss = RSS.objects.all()[0]
exp_manager = ExpenditureManager(rss, rss.access_token)
try:
exp_manager.set_actor_limit(limits, organization)
except HTTPError as e:
if e.code == 401:
rss.refresh_token()
exp_manager.set_credentials(rss.access_token)
exp_manager.set_actor_limit(limits, organization)
else:
raise e
# Save limits
limits['currency'] = currency
organization.expenditure_limits = limits
organization.payment_info = new_payment
organization.save()
except Exception as e:
msg = 'Invalid JSON content'
if e.message:
msg = e.message
return build_response(request, 400, msg)
return build_response(request, 200, 'OK')
