def safe_member_lookup(condition):
member = Member.exclude_deleted().filter(condition).one_or_none()
if member is None:
raise HttpBadRequest()
if not member.is_active:
raise HttpConflict(reason='user-deactivated')
return member
def reject(self, shetab_address_id: int):
bank_card = BankCard.query.filter(
BankCard.id == shetab_address_id).one_or_none()
if bank_card is None:
raise HttpNotFound()
if bank_card.is_verified is True:
raise HttpConflict('Already accepted')
bank_card.error = context.form.get('error')
return bank_card
def reject(self, bank_account_id: int):
sheba_address = BankAccount.query.filter(
BankAccount.id == bank_account_id).one_or_none()
if sheba_address is None:
raise HttpNotFound()
if sheba_address.is_verified is True:
raise HttpConflict('Already accepted')
sheba_address.error = context.form.get('error')
return sheba_address
def close(self, ticket_id: int):
ticket = Ticket.query.filter(Ticket.id == ticket_id)
if context.identity.is_in_roles('client'):
ticket = ticket.filter(Ticket.member_id == context.identity.id)
ticket = ticket.one_or_none()
if ticket is None:
raise HttpNotFound('Ticket not found')
if ticket.is_closed is False:
ticket.is_closed = True
else:
raise HttpConflict('Ticket already closed')
return ticket
def on_delete(mapper, connection, target):
raise HttpConflict('Cannot remove this object: %s' % target)
def create(self):
# TODO: Add some salt to prevent man in the middle (Extra field to send on creation and check on verification,
# Use description part)
amount = context.form.get('amount')
shetab_address_id = context.form.get('shetabAddressId')
# Check deposit range
payment_gateway = PaymentGateway.query.filter(
PaymentGateway.name == context.form.get(
'paymentGatewayName')).one_or_none()
amount = payment_gateway.fiat.input_to_normalized(amount)
# TODO: More strict check and review how we control payment gateways
if (payment_gateway is None) or (payment_gateway.fiat_symbol
not in ['IRR', 'TIRR']):
raise HttpBadRequest('Bad payment gateway')
Fiat.query.filter(Fiat.symbol == payment_gateway.fiat_symbol).one()
if (payment_gateway.cashin_max != Decimal(0) and amount > payment_gateway.cashin_max) \
or amount < payment_gateway.cashin_min:
raise HttpBadRequest('Amount is not between valid cashin range.')
# Check sheba
target_shetab = BankCard.query \
.filter(BankCard.id == shetab_address_id) \
.filter(BankCard.client_id == context.identity.id) \
.one_or_none()
if target_shetab is None:
raise HttpBadRequest('Shetab address not found.')
if target_shetab.is_verified is False:
raise HttpConflict('Shetab address is not verified.')
# Check commission
commission = payment_gateway.calculate_cashin_commission(amount)
if commission >= amount:
raise HttpConflict('Commission is more than the amount')
shaparak_in = Cashin()
shaparak_in.member_id = context.identity.id
shaparak_in.fiat_symbol = payment_gateway.fiat_symbol
shaparak_in.amount = amount
shaparak_in.commission = commission
shaparak_in.banking_id = target_shetab
shaparak_in.transaction_id = ''
shaparak_in.payment_gateway_name = payment_gateway.name
DBSession.add(shaparak_in)
DBSession.flush()
shaparak_provider = create_shaparak_provider()
try:
shaparak_in.transaction_id = shaparak_provider.create_transaction(
batch_id=shaparak_in.id, amount=amount)
except ShaparakError:
raise HttpBadRequest('Transaction could not be created')
return shaparak_in
def schedule(self):
amount = context.form.get('amount')
sheba_address_address_id = context.form.get('shebaAddressId')
# Check cashout range
payment_gateway = PaymentGateway.query.filter(
PaymentGateway.name == context.form.get(
'paymentGatewayName')).one()
amount = payment_gateway.fiat.input_to_normalized(amount)
# TODO: More strict check and review how we control payment gateways
if (payment_gateway is None) or (payment_gateway.fiat_symbol
not in ['IRR', 'TIRR']):
raise HttpBadRequest('Bad payment gateway')
Fiat.query.filter(Fiat.symbol == payment_gateway.fiat_symbol).one()
if (payment_gateway.cashout_max != Decimal(0) and amount > payment_gateway.cashout_max) or \
amount < payment_gateway.cashout_min:
raise HttpBadRequest('Amount is not between valid cashout range.')
commission = payment_gateway.calculate_cashout_commission(amount)
# Check balance
try:
available_balance = Decimal(
stexchange_client.balance_query(context.identity.id,
payment_gateway.fiat_symbol)
[payment_gateway.fiat_symbol]['available'])
except StexchangeException as e:
raise stexchange_http_exception_handler(e)
# FIXME: Think about concurrency
if available_balance < amount + commission:
raise HttpBadRequest('Not enough balance')
# Check sheba
target_sheba = BankAccount.query \
.filter(BankAccount.id == sheba_address_address_id) \
.filter(BankAccount.client_id == context.identity.id) \
.one_or_none()
if target_sheba is None:
raise HttpBadRequest('Sheba address not found.')
if target_sheba.is_verified is False:
raise HttpConflict('Sheba address is not verified.')
shaparak_out = Cashout()
shaparak_out.fiat_symbol = payment_gateway.fiat_symbol
shaparak_out.member_id = context.identity.id
shaparak_out.amount = amount
shaparak_out.commission = commission
shaparak_out.banking_id_id = sheba_address_address_id
shaparak_out.payment_gateway_name = payment_gateway.name # FIXME
DBSession.add(shaparak_out)
# Set new balance
try:
stexchange_client.balance_update(
user_id=shaparak_out.member_id,
asset=payment_gateway.fiat_symbol, # FIXME
business='cashout', # FIXME
business_id=shaparak_out.id,
change=
f'-{payment_gateway.fiat.format_normalized_string(amount + commission)}',
# FIXME Prevent negative amounts
detail=shaparak_out.to_dict(),
)
# FIXME: Important !!!! : rollback the updated balance if
# DBSession.commit() was not successful
except StexchangeException as e:
raise stexchange_http_exception_handler(e)
return shaparak_out