def save_new_transactions(request, transact_params=[]): if transact_params == []: # <DEBUG SECTION> user = get_debug_user(request) # <DEBUG SECTION> entries = request_to_array(request) else: user = transact_params[0]["user"] entries = transact_params if entries != []: for entry in entries: try: if entry['is_privat']: transactionType = PrivatTransaction audit_event_type = AuditEventTypes.private_transaction_created( ) else: transactionType = PublicTransaction audit_event_type = AuditEventTypes.transaction_created() new_transaction = transactionType(user = user, \ transactionstime = entry['date'],\ purpose = entry['purpose'], \ comment = entry['comment'], \ amount = entry['amount']) new_transaction.save() audit_created = audit_event(user, user,\ audit_event_type, \ transaction = new_transaction) if not audit_created: raise Exception except Exception as exc: return failure_page(request, "Failed on transaction " + \ str(entry) + " saving<br>" + str(exc)) return saved_success(request)
def check_expiration(entry_to_check): if entry_to_check.is_active: if entry_to_check.expiratin_date < timezone.now(): entry_to_check.is_expired = True #Define Audit event type if entry_to_check.type == "email": event_type = AuditEventTypes.email_confirmation_expired() elif entry_to_check.type == "family": event_type = AuditEventTypes.email_confirmation_expired() else: event_type = AuditEventTypes.unknown_event() try: entry_to_check.save() audit_event(entry_to_check.user, entry_to_check.user, \ event_type, confirmation=entry_to_check) except: return -6 return 0
def change_transaction_type(transaction, current_state_is_private, \ new_state_is_private): if new_state_is_private: destination = PrivatTransaction audit_event_type_created = AuditEventTypes.private_transaction_created( ) audit_event_type_deleted = AuditEventTypes.transaction_deleted() else: destination = PublicTransaction audit_event_type_deleted = AuditEventTypes.private_transaction_deleted( ) audit_event_type_created = AuditEventTypes.transaction_created() try: new_transaction = destination(user=transaction.user, \ transactionstime=transaction.transactionstime, \ purpose=transaction.purpose, \ comment=transaction.comment, \ amount=transaction.amount) new_transaction.save() audit_created = audit_event(transaction.user, transaction.user,\ audit_event_type_created, \ transaction = new_transaction) if not audit_created: raise Exception except Exception as exc: return str(exc) try: transaction.deleted = True transaction.save() audit_created = audit_event(transaction.user, transaction.user,\ audit_event_type_deleted, \ transaction = transaction) if not audit_created: raise Exception except Exception as exc: return str(exc) return new_transaction
def delete_transaction(request): # <DEBUG SECTION> user = get_debug_user(request) # <DEBUG SECTION> try: initial_state = request.POST["is_private"] except KeyError as excpt: return failure_page(request, "incorrect POST data") if int(initial_state) == 1: private_transaction = True audit_event_type = AuditEventTypes.private_transaction_deleted() elif int(initial_state) == 0: private_transaction = False audit_event_type = AuditEventTypes.transaction_deleted() else: return failure_page(request, "incorrect POST data") try: tr_id = request.POST["id"] except KeyError as excpt: return failure_page(request, "incorrect POST data") if not transaction_exists(tr_id): return failure_page(request, "Incorrect ID") transaction = user_is_allowed_to_edit(tr_id, request, private_transaction) try: transaction.deleted = True transaction.save() audit_created = audit_event(transaction.user, transaction.user,\ audit_event_type, \ transaction = transaction) if not audit_created: raise Exception except Exception as exc: return failure_page(request, "Audit wasn't created" + str(exc)) return deleted_success(request)
def change_access_data(request): #DEBUG section user = get_debug_user(request) #DEBUG section attempt_audit = AccessDataChange(user_impacted = user, \ pasword_change= False, \ email_change= False, \ change_date = timezone.now(), \ password_verification_result = 'Pending') try: request_parameters = parse_request(request) except Exception as e: return server_error(e, request) if request_parameters['new_email'] != '': attempt_audit.email_change = True if request_parameters['new_password'] != \ request_parameters['retype_new_password']: return server_error(e, request) if request_parameters['new_password'] != '': attempt_audit.pasword_change = True try: attempt_is_allowed = is_attempt_allowed(user) except Exception as e: return server_error(e, request) if not attempt_is_allowed: response = HttpResponse("OK.", content_type="text/plain") response['Overflow'] = "1" attempt_audit.password_verification_result = 'Fail' try: attempt_audit.save() except Exception as e: return server_error(e, request) return response try: password_is_correct = is_password_correct(user, \ request_parameters["conf_password"]) except Exception as e: return server_error(e, request) if not password_is_correct: response = HttpResponse("OK.", content_type="text/plain") response['Overflow'] = "-6" attempt_audit.password_verification_result = 'Fail' try: attempt_audit.save() except Exception as e: return server_error(e, request) return response try: save_access_data(user, request_parameters) except Exception as e: return server_error(e, request) response = HttpResponse("OK.", content_type="text/plain") response['Overflow'] = "0" attempt_audit.password_verification_result = 'Success' try: attempt_audit.save() except Exception as e: return server_error(e, request) try: send_email_confirmation(user, get_hostname(request)) except Exception as e: return server_error(e, request) audit_created = audit_event(user, user,\ AuditEventTypes.user_edited()) if not audit_created: return HttpResponseServerError("NOK") return response
def save_changes(request): # <DEBUG SECTION> user = get_debug_user(request) # <DEBUG SECTION> try: initial_state = request.POST["is_private"] except KeyError as excpt: return failure_page(request, "incorrect POST data") if int(initial_state) == 1: private_transaction = True audit_event_type = AuditEventTypes.private_transaction_edited() elif int(initial_state) == 0: private_transaction = False audit_event_type = AuditEventTypes.transaction_edited() else: return failure_page(request, "incorrect POST data") try: private_flag = request.POST["private"] is_private = True except KeyError as excpt: is_private = False try: tr_id = request.POST["id"] amount = request.POST["amount"] date = request.POST["date"] purpose = request.POST["purpose"] comment = request.POST["comment"] except KeyError as excpt: return failure_page(request, "incorrect POST data") if not transaction_exists(tr_id): return failure_page(request, "Incorrect PublicTransaction ID") transaction = user_is_allowed_to_edit(tr_id, request, private_transaction) if private_transaction != is_private: transaction = change_transaction_type(transaction, \ private_transaction, is_private) if isinstance(transaction, str): return failure_page(request, "Failed on transaction " + \ transaction) if transaction == -1: return failure_page(request, "Unknown error") if not transaction: return failure_page(request, "Attempt for edit unallowed transaction") if is_float(amount) and is_date(date): float_amount = float(amount) transactionstime = parse(date) audit_list = [] if transaction.amount != float_amount: change_dic = {"field": "amount", "old_value": transaction.amount, \ "new_value": float_amount} audit_list.append(change_dic) transaction.amount = float_amount transactionstime_tz_aware = timezone.make_aware(transactionstime, \ timezone.get_current_timezone()) if transaction.transactionstime != transactionstime_tz_aware: change_dic = {"field": "transactionstime", \ "old_value": transaction.transactionstime, \ "new_value": transactionstime} audit_list.append(change_dic) transaction.transactionstime = transactionstime_tz_aware if transaction.purpose != purpose: change_dic = {"field": "purpose", \ "old_value": transaction.purpose, \ "new_value": purpose} audit_list.append(change_dic) transaction.purpose = purpose if transaction.comment != comment: change_dic = {"field": "comment", \ "old_value": transaction.comment, \ "new_value": comment} audit_list.append(change_dic) transaction.comment = comment try: transaction.save() except Exception as exc: return failure_page(request, "Failed to save transaction " + \ "changes to DB") try: audit_created = audit_event(user, transaction.user, \ audit_event_type, \ transaction = transaction, \ list_of_changes = audit_list) if not audit_created: raise Exception except Exception as exc: return failure_page(request, "Failed to save audit changes to DB") return saved_success(request) else: return failure_page(request, "Amount or Data parameters are incorrect")
def create_user(email, password, family, other_params, family_confirmed=False, \ host=""): # Output: # -1 : user in auth is not created # -2 : user in Users is not created # -3 : the inputs are wrong if verify_inputs(email, password, family, other_params, family_confirmed): try: user = User.objects.create_user(username=email, \ email=email, \ password=password, \ first_name=other_params['fname'], \ last_name=other_params['sname']) user_from_users = Users(user=user, \ family=family, \ emailisconfirmed=False, \ birthdate=other_params['birthdate'], \ regdate=timezone.now(), \ famidconfirmed=family_confirmed, \ cellcountry=other_params['cellcountry'], \ cellarea=other_params['cellarea'], \ cellnum=other_params['cellnum'], \ addrcountry=other_params['addrcountry'], \ addrpostid=other_params['addrpostid'], \ addrtown=other_params['addrtown'], \ addrstr=other_params['addrstr'], \ addrhousenum=other_params['addrhousenum'], \ addrapt=other_params['addrapt'], \ addradditional=other_params['addradditional']) user_from_users.save() def_tab = SitePreferncesList.objects.get(setting_name\ ="default_tab_is_public") setting_conn = SitePrefernce.objects.get(setting=def_tab) users_default_settings = UserSettings(user = user_from_users, \ setting = setting_conn, \ value_bool = True) users_default_settings.save() code_conf = generate_email_confirmation(user_from_users) if (code_conf == -1) or (code_conf == -2): raise Exception #TODO: Here is just an excellent place for refactoring!!! new_user_name = return_full_name(email, "New User") url = create_url(host, email, code_conf) body_email_conf = get_body_email_conf(new_user_name, email, url) #DEUBG user_from_users.addradditional = url user_from_users.save() subject_user_conf = "Email confirmation" send_email("*****@*****.**", email, subject_user_conf, \ body_email_conf) if not family_confirmed: code_family_conf = generate_email_confirmation(user_from_users) if (code_family_conf == -1) or (code_family_conf == -2): raise Exception family_founder_name = return_full_name(family.founder, \ "Family founder") url = create_url(host, email, code_conf) body_family_conf = get_body_family_conf(family_founder_name, \ email, url) subject_family_conf = "New member wants to join your family" send_email("*****@*****.**", family.founder, \ subject_family_conf, body_family_conf) user_from_users.addradditional = url user_from_users.save() audit_created = audit_event(user_from_users, user_from_users,\ AuditEventTypes.user_created()) if not audit_created: raise Exception except Exception as e: try: user.delete() except: pass return -399 return [user, user_from_users] else: return -3
def change_site_prefernces(request): #DEBUG section user = get_debug_user(request) #DEBUG section try: request_parameters = parse_request(request) except Exception as e: return server_error(e, request) current_preferences = user.get_settings_with_name() prefernces_name_value = user.get_user_settings_as_voc() for sett_name, new_value in request_parameters.iteritems(): entry_exists = True audit_list = [] new_bool = None new_float = None new_string = None try: old_preference = current_preferences[sett_name] except KeyError as e: recreate_setting = SitePreferncesList.objects.get(setting_name\ =sett_name) setting_conn = SitePrefernce.objects.get(setting=recreate_setting) if setting_conn.type.prefernce_type == 'bool': new_bool = request_parameters[sett_name] elif setting_conn.type.prefernce_type == 'float': new_float = request_parameters[sett_name] elif setting_conn.type.prefernce_type == 'string': new_string = request_parameters[sett_name] elif setting_conn.type.prefernce_type == 'int': new_int = request_parameters[sett_name] users_default_settings = UserSettings(user = user, \ setting = setting_conn, \ value_bool = new_bool, \ value_float = new_float, \ value_int = new_int, \ value_string = new_string) users_default_settings.save() change_dic = {"field": sett_name, "old_value": None, \ "new_value": request_parameters[sett_name]} audit_list.append(change_dic) entry_exists = False if entry_exists and prefernces_name_value[sett_name] != \ request_parameters[sett_name]: setting_type = \ current_preferences[sett_name].setting.type.prefernce_type if setting_type == 'bool': new_bool = new_value elif setting_type == 'float': new_float = new_value elif setting_type == 'string': new_string = new_value elif setting_type == 'int': new_int = new_value old_preference.value_bool = new_bool old_preference.value_float = new_float old_preference.value_string = new_string old_preference.value_int = new_int try: old_preference.save() except: return failure_page(request, "Failed on user saving<br>") change_dic = {"field": sett_name, \ "old_value": prefernces_name_value[sett_name], \ "new_value": request_parameters[sett_name]} audit_list.append(change_dic) audit_created = audit_event(user, user,\ AuditEventTypes.site_preferences_edited(), \ list_of_changes = audit_list) if not audit_created: raise Exception response = HttpResponse("OK.", content_type="text/plain") response['Overflow'] = "0" return response
def save_settings(request): # <DEBUG SECTION> user = get_debug_user(request) # <DEBUG SECTION> audit_list = [] params = parse_inputs_personal(request) if params == -1: return failure_page(request, "Failed on parsing inputs<br>") if user.birthdate != params['birthdate']: change_dic = {"field": "birthdate", "old_value": user.birthdate, \ "new_value": params['birthdate']} audit_list.append(change_dic) user.birthdate = params['birthdate'] if user.cellcountry != params['cellcountry']: change_dic = {"field": "cellcountry", "old_value": user.cellcountry, \ "new_value": params['cellcountry']} audit_list.append(change_dic) user.cellcountry = params['cellcountry'] if user.cellarea != params['cellarea']: change_dic = {"field": "cellarea", "old_value": user.cellarea, \ "new_value": params['cellarea']} audit_list.append(change_dic) user.cellarea = params['cellarea'] if user.cellnum != params['cellnum']: change_dic = {"field": "cellnum", "old_value": user.cellnum, \ "new_value": params['cellnum']} audit_list.append(change_dic) user.cellnum = params['cellnum'] if user.addrcountry != params['addrcountry']: change_dic = {"field": "addrcountry", "old_value": user.addrcountry, \ "new_value": params['addrcountry']} audit_list.append(change_dic) user.addrcountry = params['addrcountry'] if user.addrpostid != params['addrpostid']: change_dic = {"field": "addrpostid", "old_value": user.addrpostid, \ "new_value": params['addrpostid']} audit_list.append(change_dic) user.addrpostid = params['addrpostid'] if user.addrtown != params['addrtown']: change_dic = {"field": "addrtown", "old_value": user.addrtown, \ "new_value": params['addrtown']} audit_list.append(change_dic) user.addrtown = params['addrtown'] if user.addrstr != params['addrstr']: change_dic = {"field": "addrstr", "old_value": user.addrstr, \ "new_value": params['addrstr']} audit_list.append(change_dic) user.addrstr = params['addrstr'] if user.addrhousenum != params['addrhousenum']: change_dic = {"field": "addrhousenum", "old_value": user.addrhousenum, \ "new_value": params['addrhousenum']} audit_list.append(change_dic) user.addrhousenum = params['addrhousenum'] if user.addrapt != params['addrapt']: change_dic = {"field": "addrapt", "old_value": user.addrapt, \ "new_value": params['addrapt']} audit_list.append(change_dic) user.addrapt = params['addrapt'] if user.addradditional != params['addradditional']: change_dic = {"field": "addradditional", \ "old_value": user.addradditional, \ "new_value": params['addradditional']} audit_list.append(change_dic) user.addradditional = params['addradditional'] user_auth = user.user if user_auth.first_name != params['fname']: change_dic = {"field": "fname", "old_value": user_auth.first_name, \ "new_value": params['fname']} audit_list.append(change_dic) user_auth.first_name = params['fname'] if user_auth.last_name != params['sname']: change_dic = {"field": "sname", "old_value": user_auth.last_name, \ "new_value": params['sname']} audit_list.append(change_dic) user_auth.last_name = params['sname'] if audit_list != []: try: user.save() user_auth.save() audit_created = audit_event(user, user,\ AuditEventTypes.user_edited(), \ list_of_changes = audit_list) if not audit_created: raise Exception except: return failure_page(request, "Failed on user saving<br>") return saved_success(request)