def testCountPurchases(self):
purchase = Purchase.countPurchases(dev_id=1)
self.assertEqual(purchase[0]['sells'], 2,
'Getting the purchase number of a developer')
# dev doesn't exist (return an empty queryset)
purchase2 = Purchase.countPurchases(dev_id=2222)
self.assertEqual(list(purchase2), [],
'Getting the purchase number of a developer')
# invalid input
purchase3 = Purchase.countPurchases(dev_id='panda')
self.assertEqual(purchase3, None,
'Getting the purchase number of a developer')
def buy_lvlup_other(request):
product_id = request.POST.get('product_id')
player_nick = request.POST.get('player_nick')
if not product_id or not player_nick:
return JsonResponse({'message': 'Uzupełnij dane.'}, status=411)
if not validate_player_nick(player_nick):
return JsonResponse({'message': 'Niepoprawny format nicku.'},
status=406)
product = Product.objects.filter(id=product_id).values(
'lvlup_other_price', 'server__server_status', 'server_id')
payment_operator = PaymentOperator.objects.filter(
server_id=product[0]['server_id'],
operator_type='lvlup_other').values('api_key')
if product[0]['server__server_status'] == 0:
return JsonResponse({'message': 'Serwer jest aktualnie wyłączony.'},
status=411)
price = product[0]['lvlup_other_price']
if settings.DEBUG:
payment = Payments(payment_operator[0]['api_key'], 'sandbox')
else:
payment = Payments(payment_operator[0]['api_key'], 'production')
domain = 'https://' + str(request.META['HTTP_HOST'])
success_page2 = str(domain) + "/success"
lvlup_check_page = str(domain) + "/payments/webhook/lvlup_other/"
link = payment.create_payment(format(float(price), '.2f'), success_page2,
lvlup_check_page)
try:
url = link['url']
payment_id = link['id']
except:
return JsonResponse(
{
'message':
'Wystąpił błąd, prawdopodobnie niepoprawny klucz api.'
},
status=401)
p = Purchase(
lvlup_id=payment_id,
buyer=player_nick,
product=Product.objects.get(id=product_id),
status=0,
)
p.save()
return JsonResponse({'message': url}, status=200)
def put(self, request):
"""
New game content processing
"""
form = forms.GameForm(request.POST)
if form.is_valid():
game = form.save(commit=False)
game.author_id = request.user.id
try:
game.addIcon(request.FILES['icon'])
except:
pass
with transaction.atomic():
game.save()
Purchase(purchase_user=request.user,
game=game,
purchase_date=datetime.now()).save()
for c in request.POST.getlist('category'):
GamesCategory(category_id=c, game=game).save()
if isPC(request):
return redirect('gameinfo', game_id=game.id)
else:
return Response(rest(game))
else:
if isPC(request):
return Response(
{
'form': form,
'button_text': 'Publish',
'select_text': 'Category'
},
template_name='game_form.html')
else:
return Response(form.errors.as_json())
def get(self, request):
"""
Returns a list of sells for the user
"""
if request.user.groups.get(name='devs'):
dev_id = request.user.id
sells = Purchase.countPurchases(dev_id)
return Response(rest(list(sells)))
else:
message = 'Unauthorized request. What are you trying to do? Panda is not amused.'
return Response({'message', message})
def testCheckPurchase(self):
# puchased
purchase = Purchase.checkPurchase(game_id=4, user_id=1)
self.assertEqual(purchase.purchase_user.id, 1,
'Checking if a user has purchased a game')
# not purchased
purchase2 = Purchase.checkPurchase(game_id=4, user_id=3)
self.assertEqual(purchase2, False,
'Checking if a user has purchased a game')
# user doesn't exist
purchase3 = Purchase.checkPurchase(game_id=4, user_id=222)
self.assertEqual(purchase3, False,
'Checking if a user has purchased a game')
# game doesn't exist
purchase4 = Purchase.checkPurchase(game_id=222, user_id=1)
self.assertEqual(purchase4, False,
'Checking if a user has purchased a game')
def get(self, request):
"""
Returns the view corresponding to the result of the payment
"""
try:
pid = request.GET['pid']
game_id = int((pid.split('!'))[0])
game = Game.objects.get(pk=game_id)
ref = request.GET['ref']
result = request.GET['result']
secret_key = "583e35f04573f59158691b6e21f869dc"
checksum = request.GET['checksum']
checksumstr1 = "pid={}&ref={}&result={}&token={}".format(
pid, ref, result, secret_key)
m = md5(checksumstr1.encode("ascii"))
checksum_check = m.hexdigest()
except (TypeError, NameError):
raise Http404("There are some errors, values are missing")
if checksum == checksum_check:
if result not in ["success", "cancel", "error"]:
return HttpResponse(content="error")
if result == "success":
Purchase(purchase_user=request.user,
game=game,
purchase_date=datetime.now()).save()
return HttpResponseRedirect(
reverse('gameinfo', args=(game_id, )))
elif result == "cancel":
return HttpResponseRedirect(
reverse('gameinfo', args=(game_id, )))
elif result == "error":
return render(request, "error.html", {'game': game})
else:
return render(request, "error.html", {'game': game})
else:
return render(request, "data_no_match.html", {'game': game})
def get(self, request, game_id):
"""
Returns the info for a game, including info on the user that
created the request and purchase link if the user did not
purchase the game
"""
try:
game = Game.objects.get(pk=game_id)
categories = game.getCategories()
scores = game.getHighScore()
# check if user has login & usergroup
if_login = request.user.is_authenticated
if_dev = if_login and request.user.id is game.author.id
if_purchase = if_login and Purchase.checkPurchase(
game_id, request.user.id)
highscore = None
rank = None
history = None
bill = None
if if_purchase:
highscore = game.getUserHighScore(request.user.id)
rank = game.getUserRank(request.user.id)
history = game.getUserHistory(request.user.id)
elif if_login:
try:
sid = "pandashop"
pid = str(game.id) + "!" + str(request.user.id)
secret_key = "583e35f04573f59158691b6e21f869dc"
checksumstr = "pid={}&sid={}&amount={}&token={}".format(
pid, sid, game.price, secret_key)
m = md5(checksumstr.encode("ascii"))
bill = {
'pid': pid,
'sid': sid,
'checksum': m.hexdigest(),
}
except (TypeError, NameError) as e:
if isPC(request):
return Response({'message': str(e)},
template_name='gameinfo.html')
else:
return Response(rest({'message': str(e)}), status=403)
user_status = {
'if_dev': if_dev,
'if_purchase': if_purchase,
'record': {
'highscore': highscore,
'rank': rank,
'history': history
}
}
data = {
'game': game,
'categories': categories,
'scores_list': scores,
'user_status': user_status,
'bill': bill
}
except Game.DoesNotExist:
data = None
if isPC(request):
return Response(data, template_name='gameinfo.html')
else:
data = {
'game': game,
'categories': categories,
'scores_list': scores,
'user_status': user_status,
}
print(data)
return Response(rest(data))
if isPC(request):
return Response(data, template_name='gameinfo.html')
else:
data = {
'game': game,
'categories': categories,
'scores_list': scores,
'user_status': user_status,
}
return Response(rest(data))
def buy_microsms_sms(request):
player_nick = request.POST.get('player_nick')
sms_code = request.POST.get('sms_code')
sms_number = request.POST.get('sms_number')
product_id = request.POST.get('product_id')
if not player_nick or not sms_code or not product_id or not sms_number:
return JsonResponse({'message': 'Uzupełnij dane.'}, status=411)
if not validate_player_nick(player_nick):
return JsonResponse({'message': 'Niepoprawny format nicku.'},
status=406)
product = Product.objects.filter(
id=product_id, microsms_sms_number=sms_number).values(
'server__server_ip', 'server__rcon_password', 'product_commands',
'server__server_status', 'product_name', 'server__rcon_port',
'server__id', 'server__discord_webhook')
payment_operator = PaymentOperator.objects.filter(
server__id=product[0]['server__id'],
operator_type='microsms_sms').values('client_id', 'sms_content',
'service_id')
if not product.exists() or not payment_operator.exists():
return JsonResponse({'message': 'Otóż nie tym razem ( ͡° ͜ʖ ͡°).'},
status=401)
if product[0]['server__server_status'] == 0:
return JsonResponse(
{
'message':
'Serwer jest aktualnie wyłączony, zachowaj kod i wykorzystaj go, gdy serwer będzie włączony.'
},
status=411)
client_id = payment_operator[0]['client_id']
service_id = payment_operator[0]['service_id']
pattern = re.compile("^[A-Za-z0-9]{8}$")
if not pattern.match(sms_code):
return JsonResponse({'message': 'Niepoprawny format kodu.'},
status=406)
url = f'https://microsms.pl/api/check_multi.php?userid={client_id}&code={sms_code}&serviceid={service_id}'
r = requests.get(url)
payment_status = r.text.strip()
if payment_status == "E,2":
return JsonResponse({'message': 'Brak partnera lub usługi.'},
status=401)
elif payment_status == "E,3":
return JsonResponse({'message': 'Niepoprawny numer SMS.'}, status=401)
elif payment_status == "E,2":
return JsonResponse({'message': 'Niepoprawny format kodu.'},
status=401)
elif payment_status[0] == "0":
return JsonResponse({'message': 'Niepoprawny kod SMS.'}, status=401)
elif payment_status[0] == "1":
server_ip = product[0]['server__server_ip']
rcon_password = product[0]['server__rcon_password']
commands = product[0]['product_commands'].split(';')
rcon_port = product[0]['server__rcon_port']
try:
send_commands(server_ip, rcon_password, commands, player_nick,
rcon_port)
except:
return JsonResponse(
{'message': 'Wystąpił błąd podczas łączenia się do rcon.'},
status=401)
p = Purchase(
lvlup_id="microsms_sms",
buyer=player_nick,
product=Product.objects.get(id=product_id),
status=1,
)
p.save()
if product[0]['server__discord_webhook']:
send_webhook_discord(product[0]['server__discord_webhook'],
player_nick, product[0]['product_name'])
return JsonResponse({'message': 'Zakupiono produkt.'}, status=200)
def buy_lvlup_sms(request):
player_nick = request.POST.get('player_nick')
sms_code = request.POST.get('sms_code')
sms_number = request.POST.get('sms_number')
product_id = request.POST.get('product_id')
if not player_nick or not sms_code or not product_id or not sms_number:
return JsonResponse({'message': 'Uzupełnij dane.'}, status=411)
if not validate_player_nick(player_nick):
return JsonResponse({'message': 'Niepoprawny format nicku.'},
status=406)
product = Product.objects.filter(
id=product_id, lvlup_sms_number=sms_number).values(
'server__server_ip', 'server__rcon_password', 'product_commands',
'server__server_status', 'product_name', 'server__rcon_port',
'server__id', 'server__discord_webhook')
server_id = product[0]['server__id']
payment_operator = PaymentOperator.objects.filter(
server__id=server_id, operator_type='lvlup_sms').values('client_id')
if not product.exists() or not payment_operator.exists():
return JsonResponse({'message': 'Otóż nie tym razem ( ͡° ͜ʖ ͡°).'},
status=401)
if product[0]['server__server_status'] == 0:
return JsonResponse(
{
'message':
'Serwer jest aktualnie wyłączony, zachowaj kod i wykorzystaj go, gdy serwer będzie włączony.'
},
status=411)
client_id = payment_operator[0]['client_id']
url = f"https://lvlup.pro/api/checksms?id={client_id}&code={sms_code}&number={sms_number}&desc=[IVshop] Zarobek z itemshopu ({player_nick})"
r = requests.get(url).json()
if not r['valid']:
return JsonResponse({'message': 'Niepoprawny kod SMS.'}, status=401)
server_ip = product[0]['server__server_ip']
rcon_password = product[0]['server__rcon_password']
commands = product[0]['product_commands'].split(';')
rcon_port = product[0]['server__rcon_port']
try:
send_commands(server_ip, rcon_password, commands, player_nick,
rcon_port)
except:
return JsonResponse(
{'message': 'Wystąpił błąd podczas łączenia się do rcon.'},
status=401)
p = Purchase(
lvlup_id="lvlup_sms",
buyer=player_nick,
product=Product.objects.get(id=product_id),
status=1,
)
p.save()
if product[0]['server__discord_webhook']:
send_webhook_discord(product[0]['server__discord_webhook'],
player_nick, product[0]['product_name'])
return JsonResponse({'message': 'Zakupiono produkt.'}, status=200)