def create(request, recipient_id, entity_id, amount):
# Check Parameter Value Types
recipient_id, success = validate_int(recipient_id)
if not success:
return cors_response(
build_error(API_ERROR.INVALID_PARAMETER, parameter='recipient_id'))
entity_id, success = validate_int(entity_id)
if not success:
return cors_response(
build_error(API_ERROR.INVALID_PARAMETER, parameter='entity_id'))
amount, success = validate_float(amount)
if not success:
return cors_response(
build_error(API_ERROR.INVALID_PARAMETER, parameter='amount'))
if amount <= 0:
return cors_response(
build_error(API_ERROR.INVALID_PARAMETER, parameter='amount'))
# Get entity
entity = Entity.objects.filter(pk=entity_id)
if len(entity) != 1:
return cors_response(
build_error(API_ERROR.INVALID_PARAMETER, parameter='entity_id'))
entity = entity[0]
# Get recipient from entity
# (this will also confirm the entity and recipient are linked)
recipient = entity.recipient.filter(pk=recipient_id)
if len(recipient) != 1:
return cors_response(
build_error(API_ERROR.INVALID_PARAMETER, parameter='recipient_id'))
recipient = recipient[0]
payee = recipient.payee
if payee is None or payee.userservice is None:
return cors_response(
build_error(API_ERROR.DONATION.NO_PAYEE))
# Create donation
_, checkout_url = payment.registry[payee.userservice.service].donation_create(
entity, recipient, payee, amount,
base_url=build_url(request),
redirect_name='donation-confirm',
callback_name='callback-wepay-checkout'
)
# Make the checkout_url absolute
checkout_url = urlparse.urljoin(build_url(request), checkout_url)
if checkout_url:
return cors_response(simplejson.dumps({
'checkout_url': checkout_url,
'success': True
}))
return cors_response(build_error(API_ERROR.DONATION.SERVICE_FAILED))
def claim(request, recipient_id):
recipients = Recipient.objects.all().filter(id=recipient_id)
if len(recipients) == 0:
return build_error(API_ERROR.INVALID_PARAMETER, recipient_id=recipient_id)
elif len(recipients) == 1:
if recipients[0].owner is None:
if not request.user.is_authenticated():
return build_error(API_ERROR.AUTHENTICATION.NOT_LOGGED_IN)
# TODO: Change to manual claim process
recipients[0].owner = request.user
recipients[0].save()
return simplejson.dumps({
'success': True,
'recipient': {
'id': recipients[0].id,
'slug': recipients[0].slug
}
})
else:
return build_error(API_ERROR.RECIPIENT.ALREADY_CLAIMED)
else:
return build_error(API_ERROR.INVALID_PARAMETER, recipient_id=recipient_id)
def wrapper(request, *args, **kwargs):
if settings.FRUCTUS_DEPLOYMENT == 'OPEN':
return function(*args, **kwargs)
else:
# Cookie auth (API is used on the website)
if request.user.is_authenticated() and request.user.is_active:
if settings.FRUCTUS_DEPLOYMENT == 'INTERNAL' and request.user.is_staff:
return function(*args, request=request, **kwargs)
elif settings.FRUCTUS_DEPLOYMENT == 'INVITE':
return function(*args, request=request, **kwargs)
# deployauth token (API is used remotely)
if 'deployauth_token' in kwargs:
if deployauth_token_validate(kwargs['deployauth_token']):
return function(*args, **kwargs)
return build_error(API_ERROR.AUTHENTICATION.DEPLOYAUTH_FAILED)
def search(request, title, limit=10,
entities_include=False, entities_limit=5,
lookup_type=None, lookup_token=None):
results = []
search_type = None
if lookup_type is not None and lookup_token is not None:
# -------------------------------
# External "lookup"
# -------------------------------
search_type = 'lookup'
# Check lookup_type is valid
lookup_type_valid = False
try:
for type_id, _ in Recipient.TYPES:
if int(lookup_type) == int(type_id):
lookup_type_valid = True
lookup_type = int(lookup_type)
break
except ValueError:
pass
if not lookup_type_valid:
print "error"
return cors_response(build_error(
API_ERROR.INVALID_PARAMETER,
parameter='lookup_type'
))
# Find the token in our database
token = None
try:
token = Token.objects.filter(
token_type=Token.TOKEN_RECIPIENT_LOOKUP,
token=lookup_token
)
if len(token) == 1:
token = token[0]
else:
token = None
except Token.DoesNotExist:
pass
# Check token is still valid
if token and token.valid():
token.delete() # Token has been used, let's remove it.
if 'title' in token.data and token.data['title'] == title:
results = entitygen.registry[lookup_type].recipient_create(
token.data['title'], limit=9
)
else:
return cors_response(
build_error(API_ERROR.RECIPIENT.LOOKUP_TOKEN_INVALID))
else:
return cors_response(
build_error(API_ERROR.RECIPIENT.LOOKUP_TOKEN_INVALID))
else:
# -------------------------------
# Direct database "search"
# -------------------------------
search_type = 'search'
results = Recipient.objects.all().filter(
s_title__ilike='%' + search_like(title) + '%'
)[:limit]
# Append dicts of recipient results
items = []
for recipient in results:
items.append(recipient.dict(
entities_include=entities_include,
entities_filter={'parent': None},
entities_limit=entities_limit,
check_owner=request.user
))
# Build result dict
result_dict = {
'success': True,
'items': items
}
# Create a Token (with a 10 min expire) that can be used for lookups
if search_type == 'search':
token = Token.objects.create(
token_type=Token.TOKEN_RECIPIENT_LOOKUP,
expire=datetime.datetime.now(
tz=pytz.utc
) + datetime.timedelta(minutes=1),
data={
'title': title
}
)
result_dict['lookup_token'] = token.token
# Return our response
return cors_response(simplejson.dumps(result_dict))
