def dispatch(self, request, *args, **kwargs): # если данные не проходят gpg проверку, возвращаем 403 data = json.loads(request.body) if not gpgtools.check_data_sign(data): return HttpResponseForbidden(loader.render_to_string( '403.html', context_instance=RequestContext(request))) kwargs.update({'data': data['data']}) return super(SignJSONResponseMixin, self).dispatch( request, *args, **kwargs)
def api_sign_test(request): status = 'error' msgs = [] if request.method == 'GET': msgs.append("Wrong method, use POST instead of GET") signed_data = request.POST.get('signed_data') if not (signed_data and gpgtools.check_data_sign( {'data': request.POST.get('test_string'), 'sign': signed_data})): msgs.append("Sing check error") test_string = request.POST.get('test_string') if not test_string == u"Проверочная строка": msgs.append("wrong test_string") if not msgs: status = 'ok' msgs = ["All passed"] response = {'sign': gpgtools.sign_data(test_string.encode('utf8')).data, 'data': msgs, 'status': status} return JSONResponse(response)
def api_test(request): status = 'error' msg = None if request.method == 'GET': msg = "Wrong method, use POST instead of GET" signed_data = request.POST.get('signed_data') if not (signed_data and gpgtools.check_data_sign( {'data': request.POST.get('test_string'), 'sign': signed_data})): msg = "Sing check error" test_string = request.POST.get('test_string') if not test_string == u"Проверочная строка": msg = "wrong test_string" if not msg: status = 'ok' msg = "All passed" response = [{'sign': gpgtools.sign_data(msg).data, 'data': msg, 'status': status}] return HttpResponse(simplejson.dumps(response), mimetype='text/json')
def get_distribution(request): if request.method == 'GET': raise Http404 data = json.loads(request.body) signed_data = data.get('signed_data') if not (signed_data and gpgtools.check_data_sign( {'data': data.get('id'), 'sign': signed_data})): raise Http404 _id = data.get('id') if not _id: raise Http404 distribution_qs = Distribution.objects.filter(pk=_id) if len(distribution_qs) != 1: return HttpResponse(json.dumps([0, ]), content_type='text/json') dist = distribution_qs[0] results = [] sadiks_ids = Requestion.objects.filter( distributed_in_vacancy__distribution=dist).distinct().values_list( 'distributed_in_vacancy__sadik_group__sadik', flat=True) options = data.get('options') for sadik in Sadik.objects.filter( id__in=sadiks_ids).distinct().order_by('number'): requestions = Requestion.objects.filter( distributed_in_vacancy__distribution=dist, distributed_in_vacancy__sadik_group__sadik=sadik, status__in=[ STATUS_DECISION, STATUS_DISTRIBUTED, STATUS_DISTRIBUTED_FROM_ES ]) if options.get('only_decision'): requestions = requestions.filter(status=STATUS_DECISION) if requestions: req_list = add_requestions_data(requestions, request) kg_dict = {'kindergtn': sadik.id, 'requestions': req_list} results.append(kg_dict) data = [{ 'id': dist.id, 'start': dttools.date_to_stamp(dist.init_datetime), 'end': dttools.date_to_stamp(dist.end_datetime), 'year': dist.year.year, 'results': results, }] return HttpResponse(gpgtools.get_signed_json(data), content_type='text/json')
def get_child(request): if request.method == 'GET': raise Http404 data = json.loads(request.body) if not data['data']: return HttpResponse() if gpgtools.check_data_sign(data): requestion_ct = ContentType.objects.get_for_model(Requestion) requestion_ids = EvidienceDocument.objects.filter( content_type=requestion_ct, document_number=data['data'], template__destination=REQUESTION_IDENTITY ).values_list('object_id', flat=True) if not requestion_ids: return HttpResponse() requestions = Requestion.objects.filter(id__in=requestion_ids) data = add_requestions_data(requestions, request) response = [{'sign': gpgtools.sign_data(data).data, 'data': data}] return HttpResponse(json.dumps(response), content_type='text/json') raise Http404