def save_new_transactions(request, transact_params=[]):
if transact_params == []:
# <DEBUG SECTION>
user = get_debug_user(request)
# <DEBUG SECTION>
entries = request_to_array(request)
else:
user = transact_params[0]["user"]
entries = transact_params
if entries != []:
for entry in entries:
try:
if entry['is_privat']:
transactionType = PrivatTransaction
audit_event_type = AuditEventTypes.private_transaction_created(
)
else:
transactionType = PublicTransaction
audit_event_type = AuditEventTypes.transaction_created()
new_transaction = transactionType(user = user, \
transactionstime = entry['date'],\
purpose = entry['purpose'], \
comment = entry['comment'], \
amount = entry['amount'])
new_transaction.save()
audit_created = audit_event(user, user,\
audit_event_type, \
transaction = new_transaction)
if not audit_created:
raise Exception
except Exception as exc:
return failure_page(request, "Failed on transaction " + \
str(entry) + " saving<br>" + str(exc))
return saved_success(request)
def check_expiration(entry_to_check):
if entry_to_check.is_active:
if entry_to_check.expiratin_date < timezone.now():
entry_to_check.is_expired = True
#Define Audit event type
if entry_to_check.type == "email":
event_type = AuditEventTypes.email_confirmation_expired()
elif entry_to_check.type == "family":
event_type = AuditEventTypes.email_confirmation_expired()
else:
event_type = AuditEventTypes.unknown_event()
try:
entry_to_check.save()
audit_event(entry_to_check.user, entry_to_check.user, \
event_type, confirmation=entry_to_check)
except:
return -6
return 0
def change_transaction_type(transaction, current_state_is_private, \
new_state_is_private):
if new_state_is_private:
destination = PrivatTransaction
audit_event_type_created = AuditEventTypes.private_transaction_created(
)
audit_event_type_deleted = AuditEventTypes.transaction_deleted()
else:
destination = PublicTransaction
audit_event_type_deleted = AuditEventTypes.private_transaction_deleted(
)
audit_event_type_created = AuditEventTypes.transaction_created()
try:
new_transaction = destination(user=transaction.user, \
transactionstime=transaction.transactionstime, \
purpose=transaction.purpose, \
comment=transaction.comment, \
amount=transaction.amount)
new_transaction.save()
audit_created = audit_event(transaction.user, transaction.user,\
audit_event_type_created, \
transaction = new_transaction)
if not audit_created:
raise Exception
except Exception as exc:
return str(exc)
try:
transaction.deleted = True
transaction.save()
audit_created = audit_event(transaction.user, transaction.user,\
audit_event_type_deleted, \
transaction = transaction)
if not audit_created:
raise Exception
except Exception as exc:
return str(exc)
return new_transaction
def delete_transaction(request):
# <DEBUG SECTION>
user = get_debug_user(request)
# <DEBUG SECTION>
try:
initial_state = request.POST["is_private"]
except KeyError as excpt:
return failure_page(request, "incorrect POST data")
if int(initial_state) == 1:
private_transaction = True
audit_event_type = AuditEventTypes.private_transaction_deleted()
elif int(initial_state) == 0:
private_transaction = False
audit_event_type = AuditEventTypes.transaction_deleted()
else:
return failure_page(request, "incorrect POST data")
try:
tr_id = request.POST["id"]
except KeyError as excpt:
return failure_page(request, "incorrect POST data")
if not transaction_exists(tr_id):
return failure_page(request, "Incorrect ID")
transaction = user_is_allowed_to_edit(tr_id, request, private_transaction)
try:
transaction.deleted = True
transaction.save()
audit_created = audit_event(transaction.user, transaction.user,\
audit_event_type, \
transaction = transaction)
if not audit_created:
raise Exception
except Exception as exc:
return failure_page(request, "Audit wasn't created" + str(exc))
return deleted_success(request)
def change_access_data(request):
#DEBUG section
user = get_debug_user(request)
#DEBUG section
attempt_audit = AccessDataChange(user_impacted = user, \
pasword_change= False, \
email_change= False, \
change_date = timezone.now(), \
password_verification_result = 'Pending')
try:
request_parameters = parse_request(request)
except Exception as e:
return server_error(e, request)
if request_parameters['new_email'] != '':
attempt_audit.email_change = True
if request_parameters['new_password'] != \
request_parameters['retype_new_password']:
return server_error(e, request)
if request_parameters['new_password'] != '':
attempt_audit.pasword_change = True
try:
attempt_is_allowed = is_attempt_allowed(user)
except Exception as e:
return server_error(e, request)
if not attempt_is_allowed:
response = HttpResponse("OK.", content_type="text/plain")
response['Overflow'] = "1"
attempt_audit.password_verification_result = 'Fail'
try:
attempt_audit.save()
except Exception as e:
return server_error(e, request)
return response
try:
password_is_correct = is_password_correct(user, \
request_parameters["conf_password"])
except Exception as e:
return server_error(e, request)
if not password_is_correct:
response = HttpResponse("OK.", content_type="text/plain")
response['Overflow'] = "-6"
attempt_audit.password_verification_result = 'Fail'
try:
attempt_audit.save()
except Exception as e:
return server_error(e, request)
return response
try:
save_access_data(user, request_parameters)
except Exception as e:
return server_error(e, request)
response = HttpResponse("OK.", content_type="text/plain")
response['Overflow'] = "0"
attempt_audit.password_verification_result = 'Success'
try:
attempt_audit.save()
except Exception as e:
return server_error(e, request)
try:
send_email_confirmation(user, get_hostname(request))
except Exception as e:
return server_error(e, request)
audit_created = audit_event(user, user,\
AuditEventTypes.user_edited())
if not audit_created:
return HttpResponseServerError("NOK")
return response
def save_changes(request):
# <DEBUG SECTION>
user = get_debug_user(request)
# <DEBUG SECTION>
try:
initial_state = request.POST["is_private"]
except KeyError as excpt:
return failure_page(request, "incorrect POST data")
if int(initial_state) == 1:
private_transaction = True
audit_event_type = AuditEventTypes.private_transaction_edited()
elif int(initial_state) == 0:
private_transaction = False
audit_event_type = AuditEventTypes.transaction_edited()
else:
return failure_page(request, "incorrect POST data")
try:
private_flag = request.POST["private"]
is_private = True
except KeyError as excpt:
is_private = False
try:
tr_id = request.POST["id"]
amount = request.POST["amount"]
date = request.POST["date"]
purpose = request.POST["purpose"]
comment = request.POST["comment"]
except KeyError as excpt:
return failure_page(request, "incorrect POST data")
if not transaction_exists(tr_id):
return failure_page(request, "Incorrect PublicTransaction ID")
transaction = user_is_allowed_to_edit(tr_id, request, private_transaction)
if private_transaction != is_private:
transaction = change_transaction_type(transaction, \
private_transaction, is_private)
if isinstance(transaction, str):
return failure_page(request, "Failed on transaction " + \
transaction)
if transaction == -1:
return failure_page(request, "Unknown error")
if not transaction:
return failure_page(request, "Attempt for edit unallowed transaction")
if is_float(amount) and is_date(date):
float_amount = float(amount)
transactionstime = parse(date)
audit_list = []
if transaction.amount != float_amount:
change_dic = {"field": "amount", "old_value": transaction.amount, \
"new_value": float_amount}
audit_list.append(change_dic)
transaction.amount = float_amount
transactionstime_tz_aware = timezone.make_aware(transactionstime, \
timezone.get_current_timezone())
if transaction.transactionstime != transactionstime_tz_aware:
change_dic = {"field": "transactionstime", \
"old_value": transaction.transactionstime, \
"new_value": transactionstime}
audit_list.append(change_dic)
transaction.transactionstime = transactionstime_tz_aware
if transaction.purpose != purpose:
change_dic = {"field": "purpose", \
"old_value": transaction.purpose, \
"new_value": purpose}
audit_list.append(change_dic)
transaction.purpose = purpose
if transaction.comment != comment:
change_dic = {"field": "comment", \
"old_value": transaction.comment, \
"new_value": comment}
audit_list.append(change_dic)
transaction.comment = comment
try:
transaction.save()
except Exception as exc:
return failure_page(request, "Failed to save transaction " + \
"changes to DB")
try:
audit_created = audit_event(user, transaction.user, \
audit_event_type, \
transaction = transaction, \
list_of_changes = audit_list)
if not audit_created:
raise Exception
except Exception as exc:
return failure_page(request, "Failed to save audit changes to DB")
return saved_success(request)
else:
return failure_page(request, "Amount or Data parameters are incorrect")
def create_user(email, password, family, other_params, family_confirmed=False, \
host=""):
# Output:
# -1 : user in auth is not created
# -2 : user in Users is not created
# -3 : the inputs are wrong
if verify_inputs(email, password, family, other_params, family_confirmed):
try:
user = User.objects.create_user(username=email, \
email=email, \
password=password, \
first_name=other_params['fname'], \
last_name=other_params['sname'])
user_from_users = Users(user=user, \
family=family, \
emailisconfirmed=False, \
birthdate=other_params['birthdate'], \
regdate=timezone.now(), \
famidconfirmed=family_confirmed, \
cellcountry=other_params['cellcountry'], \
cellarea=other_params['cellarea'], \
cellnum=other_params['cellnum'], \
addrcountry=other_params['addrcountry'], \
addrpostid=other_params['addrpostid'], \
addrtown=other_params['addrtown'], \
addrstr=other_params['addrstr'], \
addrhousenum=other_params['addrhousenum'], \
addrapt=other_params['addrapt'], \
addradditional=other_params['addradditional'])
user_from_users.save()
def_tab = SitePreferncesList.objects.get(setting_name\
="default_tab_is_public")
setting_conn = SitePrefernce.objects.get(setting=def_tab)
users_default_settings = UserSettings(user = user_from_users, \
setting = setting_conn, \
value_bool = True)
users_default_settings.save()
code_conf = generate_email_confirmation(user_from_users)
if (code_conf == -1) or (code_conf == -2):
raise Exception
#TODO: Here is just an excellent place for refactoring!!!
new_user_name = return_full_name(email, "New User")
url = create_url(host, email, code_conf)
body_email_conf = get_body_email_conf(new_user_name, email, url)
#DEUBG
user_from_users.addradditional = url
user_from_users.save()
subject_user_conf = "Email confirmation"
send_email("*****@*****.**", email, subject_user_conf, \
body_email_conf)
if not family_confirmed:
code_family_conf = generate_email_confirmation(user_from_users)
if (code_family_conf == -1) or (code_family_conf == -2):
raise Exception
family_founder_name = return_full_name(family.founder, \
"Family founder")
url = create_url(host, email, code_conf)
body_family_conf = get_body_family_conf(family_founder_name, \
email, url)
subject_family_conf = "New member wants to join your family"
send_email("*****@*****.**", family.founder, \
subject_family_conf, body_family_conf)
user_from_users.addradditional = url
user_from_users.save()
audit_created = audit_event(user_from_users, user_from_users,\
AuditEventTypes.user_created())
if not audit_created:
raise Exception
except Exception as e:
try:
user.delete()
except:
pass
return -399
return [user, user_from_users]
else:
return -3
def change_site_prefernces(request):
#DEBUG section
user = get_debug_user(request)
#DEBUG section
try:
request_parameters = parse_request(request)
except Exception as e:
return server_error(e, request)
current_preferences = user.get_settings_with_name()
prefernces_name_value = user.get_user_settings_as_voc()
for sett_name, new_value in request_parameters.iteritems():
entry_exists = True
audit_list = []
new_bool = None
new_float = None
new_string = None
try:
old_preference = current_preferences[sett_name]
except KeyError as e:
recreate_setting = SitePreferncesList.objects.get(setting_name\
=sett_name)
setting_conn = SitePrefernce.objects.get(setting=recreate_setting)
if setting_conn.type.prefernce_type == 'bool':
new_bool = request_parameters[sett_name]
elif setting_conn.type.prefernce_type == 'float':
new_float = request_parameters[sett_name]
elif setting_conn.type.prefernce_type == 'string':
new_string = request_parameters[sett_name]
elif setting_conn.type.prefernce_type == 'int':
new_int = request_parameters[sett_name]
users_default_settings = UserSettings(user = user, \
setting = setting_conn, \
value_bool = new_bool, \
value_float = new_float, \
value_int = new_int, \
value_string = new_string)
users_default_settings.save()
change_dic = {"field": sett_name, "old_value": None, \
"new_value": request_parameters[sett_name]}
audit_list.append(change_dic)
entry_exists = False
if entry_exists and prefernces_name_value[sett_name] != \
request_parameters[sett_name]:
setting_type = \
current_preferences[sett_name].setting.type.prefernce_type
if setting_type == 'bool':
new_bool = new_value
elif setting_type == 'float':
new_float = new_value
elif setting_type == 'string':
new_string = new_value
elif setting_type == 'int':
new_int = new_value
old_preference.value_bool = new_bool
old_preference.value_float = new_float
old_preference.value_string = new_string
old_preference.value_int = new_int
try:
old_preference.save()
except:
return failure_page(request, "Failed on user saving<br>")
change_dic = {"field": sett_name, \
"old_value": prefernces_name_value[sett_name], \
"new_value": request_parameters[sett_name]}
audit_list.append(change_dic)
audit_created = audit_event(user, user,\
AuditEventTypes.site_preferences_edited(), \
list_of_changes = audit_list)
if not audit_created:
raise Exception
response = HttpResponse("OK.", content_type="text/plain")
response['Overflow'] = "0"
return response
def save_settings(request):
# <DEBUG SECTION>
user = get_debug_user(request)
# <DEBUG SECTION>
audit_list = []
params = parse_inputs_personal(request)
if params == -1:
return failure_page(request, "Failed on parsing inputs<br>")
if user.birthdate != params['birthdate']:
change_dic = {"field": "birthdate", "old_value": user.birthdate, \
"new_value": params['birthdate']}
audit_list.append(change_dic)
user.birthdate = params['birthdate']
if user.cellcountry != params['cellcountry']:
change_dic = {"field": "cellcountry", "old_value": user.cellcountry, \
"new_value": params['cellcountry']}
audit_list.append(change_dic)
user.cellcountry = params['cellcountry']
if user.cellarea != params['cellarea']:
change_dic = {"field": "cellarea", "old_value": user.cellarea, \
"new_value": params['cellarea']}
audit_list.append(change_dic)
user.cellarea = params['cellarea']
if user.cellnum != params['cellnum']:
change_dic = {"field": "cellnum", "old_value": user.cellnum, \
"new_value": params['cellnum']}
audit_list.append(change_dic)
user.cellnum = params['cellnum']
if user.addrcountry != params['addrcountry']:
change_dic = {"field": "addrcountry", "old_value": user.addrcountry, \
"new_value": params['addrcountry']}
audit_list.append(change_dic)
user.addrcountry = params['addrcountry']
if user.addrpostid != params['addrpostid']:
change_dic = {"field": "addrpostid", "old_value": user.addrpostid, \
"new_value": params['addrpostid']}
audit_list.append(change_dic)
user.addrpostid = params['addrpostid']
if user.addrtown != params['addrtown']:
change_dic = {"field": "addrtown", "old_value": user.addrtown, \
"new_value": params['addrtown']}
audit_list.append(change_dic)
user.addrtown = params['addrtown']
if user.addrstr != params['addrstr']:
change_dic = {"field": "addrstr", "old_value": user.addrstr, \
"new_value": params['addrstr']}
audit_list.append(change_dic)
user.addrstr = params['addrstr']
if user.addrhousenum != params['addrhousenum']:
change_dic = {"field": "addrhousenum", "old_value": user.addrhousenum, \
"new_value": params['addrhousenum']}
audit_list.append(change_dic)
user.addrhousenum = params['addrhousenum']
if user.addrapt != params['addrapt']:
change_dic = {"field": "addrapt", "old_value": user.addrapt, \
"new_value": params['addrapt']}
audit_list.append(change_dic)
user.addrapt = params['addrapt']
if user.addradditional != params['addradditional']:
change_dic = {"field": "addradditional", \
"old_value": user.addradditional, \
"new_value": params['addradditional']}
audit_list.append(change_dic)
user.addradditional = params['addradditional']
user_auth = user.user
if user_auth.first_name != params['fname']:
change_dic = {"field": "fname", "old_value": user_auth.first_name, \
"new_value": params['fname']}
audit_list.append(change_dic)
user_auth.first_name = params['fname']
if user_auth.last_name != params['sname']:
change_dic = {"field": "sname", "old_value": user_auth.last_name, \
"new_value": params['sname']}
audit_list.append(change_dic)
user_auth.last_name = params['sname']
if audit_list != []:
try:
user.save()
user_auth.save()
audit_created = audit_event(user, user,\
AuditEventTypes.user_edited(), \
list_of_changes = audit_list)
if not audit_created:
raise Exception
except:
return failure_page(request, "Failed on user saving<br>")
return saved_success(request)