Ejemplo n.º 1
0
def transaction_confirmation(request, transaction_id):
    transaction = get_object_or_404(Transactions, pk=transaction_id)
    fields = {
        'authentication_error':
        '',
        'username':
        request.user.username,
        'transaction_id':
        transaction.id,
        'error':
        '',
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.view_user_operations'),
        'has_perm_create_payments':
        request.user.has_perm('BankingSystem.create_payments'),
    }

    if request.method != 'POST':
        return render(request, 'transaction_confirmation_otp.html', fields)
    otp = do_get(request.POST, 'otp')
    try:
        transaction.verify_otp(otp)
        if not transaction.is_cash and transaction.amount < Transactions.CRITICAL_LIMIT:
            transaction.process_transaction()
            return custom_redirect(
                "dashboard", success="Successfully processed transaction")
        else:
            return custom_redirect(
                "dashboard",
                info='Transaction will be processed after approval from ' +
                str(transaction.employee))
    except BankingException as e:
        fields['error'] = e.message
        return render(request, 'transaction_confirmation_otp.html', fields)
Ejemplo n.º 2
0
def login_view(request):
	if request.user.is_authenticated:
		if request.user.has_perm('BankingSystem.user_operations'):
			return custom_redirect("dashboard", success='Welcome.')
		if request.user.has_perm('BankingSystem.employee_operations'):
			return custom_redirect("employee_dashboard", success='Welcome.')
		return redirect("index")

	fields = {
		'authentication_error': ''
	}
	if request.method != 'POST':
		return render(request, 'login.html', fields)
	username = do_get(request.POST, 'username')
	password = do_get(request.POST, 'password')
	user = authenticate(request, username=username, password=password)
	if user is not None:
		login(request, user)
		if user.has_perm('BankingSystem.user_operations'):
			return custom_redirect("dashboard", success='Successfully logged in.')
		if user.has_perm('BankingSystem.employee_operations'):
			return custom_redirect("employee_dashboard", success='Successfully logged in.')
		return redirect('index')
	else:
		fields['authentication_error'] = 'Invalid username/password'
	return render(request, 'login.html', fields)
Ejemplo n.º 3
0
def reject_payment_id(request, payment_id):
    payment = get_object_or_404(Payments, pk=payment_id)
    try:
        payment.reject(request.user)
        if payment.transaction.status == 'R':
            return custom_redirect('user_payments', success="Payment rejected")
    except BankingException as e:
        return custom_redirect('user_payments', error=e.message)
    return custom_redirect('user_payments', error="Unknown error")
Ejemplo n.º 4
0
def reject_transaction_id(request, transaction_id):
	transaction = get_object_or_404(Transactions, pk=transaction_id)
	try:
		if transaction.employee.user.username != request.user.username:
			return custom_redirect('approve_transaction_employee', success="You don't have permission")
		transaction.reject_transaction(request.user)
		if transaction.status == 'R':
			return custom_redirect('approve_transaction_employee', success="Transaction rejected")
	except Exception as e:
		return custom_redirect('approve_transaction_employee', error=e.message)
	return custom_redirect('approve_transaction_employee', error="Unknown error")
Ejemplo n.º 5
0
def approve_transaction_id(request, transaction_id):
	transaction = get_object_or_404(Transactions, pk=transaction_id)
	try:
		if transaction.employee.user.id != request.user.id:
			return custom_redirect('approve_transaction_employee', success="You don't have permission")
		transaction.process_transaction(request.user)
		if transaction.status == 'P':
			return custom_redirect('approve_transaction_employee', success="Transaction processed")
	except BankingException as e:
		return custom_redirect('approve_transaction_employee', error=e.message)
	return custom_redirect('approve_transaction_employee', error="Unknown error")
Ejemplo n.º 6
0
def approve_payment_id(request, payment_id):
    payment = get_object_or_404(Payments, pk=payment_id)
    try:
        payment.approve(request.user)
        if payment.transaction.status == 'P':
            return custom_redirect('user_payments',
                                   success="Payment processed")
        if payment.transaction.status == 'A':
            return custom_redirect('user_payments',
                                   info="Payment is sent for approval")
    except BankingException as e:
        return custom_redirect('user_payments', error=e.message)
    return custom_redirect('user_payments', error="Unknown error")
Ejemplo n.º 7
0
def technical_accounts_access(request):
    fields = {
        'error':
        "",
        'username':
        request.user.username,
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.user_operations'),
    }
    if request.method != 'POST':
        return render(request, 'technical_accounts_access.html', fields)
    employee_username = do_get(request.POST, 'employee_username')

    try:
        employee = User.objects.filter(groups__name='Employees').get(
            username=employee_username)
    except:
        fields['error'] = 'No such employee.'
        return render(request, 'technical_accounts_access.html', fields)
    if employee is None:
        fields['error'] = 'No such employee'
        return render(request, 'technical_accounts_access.html', fields)
    request.user.profile.ticket_employee = employee.profile
    request.user.profile.save()
    return custom_redirect('dashboard',
                           success="Employee given access to your account.")
Ejemplo n.º 8
0
def user_detail_page(request, username):
	user = get_object_or_404(User, username=username)
	if user.profile.ticket_employee is None or user.profile.ticket_employee.user.username != request.user.username:
		return custom_redirect('user_accounts_list', error='Access denied')
	accounts = user.profile.account_set.all()
	account_transactions = []
	for i in accounts:
		account_transactions.extend(map(lambda x: str(x).split(), list(i.from_account.all())))
		account_transactions.extend(map(lambda x: str(x).split(), list(i.to_account.all())))
	account_transactions.sort(cmp=lambda x, y: int(y[0]) - int(x[0]))
	fields = {
		'username': request.user.username,
		'user': user,
		'account_transactions': account_transactions,
		'has_perm_employee_operations': request.user.has_perm('BankingSystem.employee_operations'),
	}
	return render(request, 'user_detail_page.html', fields)
Ejemplo n.º 9
0
def create_payment(request):
    fields = {
        'error':
        '',
        'username':
        request.user.username,
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.user_operations'),
        'has_perm_create_payments':
        request.user.has_perm('BankingSystem.create_payments'),
    }
    if request.method != 'POST':
        return render(request, 'create_payment.html', fields)
    payee_account = do_get(request.POST, 'payee_account')
    amount = do_get(request.POST, 'amount')
    try:
        Payments.create(request.user, payee_account, amount)
    except BankingException as e:
        fields['error'] = e.message
        return render(request, 'create_payment.html', fields)
    return custom_redirect('dashboard',
                           success="Payment requested from the user.")