def update(self, request, org): # Get the organization try: organization = Organization.objects.get(name=org) except: return build_response(request, 404, 'Organization not found') if not request.user.is_active: return build_response(request, 403, 'Forbidden') if not request.user.is_staff and request.user.pk not in organization.managers: return build_response(request, 403, 'Forbidden') try: # Load request data data = json.loads(request.raw_post_data) if 'notification_url' in data: if data['notification_url'] and not is_valid_url(data['notification_url']): raise Exception('Enter a valid URL') organization.notification_url = data['notification_url'] # Load the tax address new_taxaddr = {} if 'tax_address' in data and data['tax_address'] != {}: new_taxaddr = { 'street': data['tax_address']['street'], 'postal': data['tax_address']['postal'], 'city': data['tax_address']['city'], 'country': data['tax_address']['country'] } organization.tax_address = new_taxaddr # Load the payment info new_payment = {} if 'payment_info' in data and data['payment_info'] != {}: number = data['payment_info']['number'] if not is_valid_credit_card(number): if 'number' in organization.payment_info and \ is_hidden_credit_card(number, organization.payment_info['number']): number = organization.payment_info['number'] else: raise Exception('Invalid credit card number') new_payment = { 'type': data['payment_info']['type'], 'number': number, 'expire_year': data['payment_info']['expire_year'], 'expire_month': data['payment_info']['expire_month'], 'cvv2': data['payment_info']['cvv2'] } if 'limits' in data: limits = _check_limits(data['limits']) currency = limits['currency'] # Get default RSS rss = RSS.objects.all()[0] rss_factory = RSSManagerFactory(rss) exp_manager = rss_factory.get_expenditure_manager(rss.access_token) try: exp_manager.set_actor_limit(limits, organization) except HTTPError as e: if e.code == 401: rss.refresh_token() exp_manager.set_credentials(rss.access_token) exp_manager.set_actor_limit(limits, organization) else: raise e # Save limits limits['currency'] = currency organization.expenditure_limits = limits organization.payment_info = new_payment organization.save() except Exception as e: msg = 'Invalid JSON content' if e.message: msg = e.message return build_response(request, 400, msg) return build_response(request, 200, 'OK')
def update(self, request, username): if not request.user.is_staff and not request.user.username == username: return build_response(request, 403, 'Forbidden') data = json.loads(request.raw_post_data) # Update the user try: user = User.objects.get(username=username) # Get the user profile user_profile = UserProfile.objects.get(user=user) # If WStore is not integrated with the accounts enabler # update user info and roles if not settings.OILAUTH: if request.user.is_staff and 'roles' in data: # The user cannot change its roles if 'admin' in data['roles'] and request.user.is_staff: user.is_staff = True if 'provider' in data['roles']: # Append the provider role to the user orgs = [] for o in user_profile.organizations: if Organization.objects.get(pk=o['organization']).name == user.username \ and not 'provider' in o['roles']: o['roles'].append('provider') orgs.append(o) user_profile.organizations = orgs elif not 'provider' in data['roles'] and 'provider' in user_profile.get_user_roles(): # Remove the provider role from the user info orgs = [] for o in user_profile.organizations: if Organization.objects.get(pk=o['organization']).name == user.username: o['roles'].remove('provider') orgs.append(o) else: orgs.append(o) user_profile.organizations = orgs if 'notification_url' in data and 'provider' in user_profile.get_user_roles(): user_org = Organization.objects.get(name=user.username) user_org.notification_url = data['notification_url'] user_org.save() if 'password' in data: user.set_password(data['password']) if 'first_name' in data and 'last_name' in data: user.first_name = data['first_name'] user.last_name = data['last_name'] user_profile.complete_name = data['first_name'] + ' ' + data['last_name'] elif 'complete_name' in data: user_profile.complete_name = data['complete_name'] else: user_org = Organization.objects.get(actor_id=user.userprofile.actor_id) if 'notification_url' in data and 'provider' in user_profile.get_user_roles(): user_org.notification_url = data['notification_url'] user_org.save() # Check if expenditure limits are included in the request if 'limits' in data and data['limits']: limits = _check_limits(data['limits']) currency = limits['currency'] # Get default RSS instance try: rss_instance = RSS.objects.all()[0] except: raise Exception('No RSS instance registered: An RSS instance is needed for setting up expenditure limits') # Create limits in the RSS try: exp_manager = ExpenditureManager(rss_instance, rss_instance.access_token) exp_manager.set_actor_limit(limits, user.userprofile) except HTTPError as e: if e.code == 401: rss_instance.refresh_token() exp_manager.set_credentials(rss_instance.access_token) exp_manager.set_actor_limit(limits, user.userprofile) else: raise e # Save limits limits['currency'] = currency user_org.expenditure_limits = limits user_org.save() if 'tax_address' in data: user_profile.tax_address = { 'street': data['tax_address']['street'], 'postal': data['tax_address']['postal'], 'city': data['tax_address']['city'], 'country': data['tax_address']['country'] } else: # the update is absolute so if no tax address provided it is deleted user_profile.tax_address = {} if 'payment_info' in data: number = data['payment_info']['number'] if not is_valid_credit_card(number): if 'number' in user_profile.payment_info and \ is_hidden_credit_card(number, user_profile.payment_info['number']): number = user_profile.payment_info['number'] else: raise Exception('') user_profile.payment_info = { 'type': data['payment_info']['type'], 'number': number, 'expire_month': data['payment_info']['expire_month'], 'expire_year': data['payment_info']['expire_year'], 'cvv2': data['payment_info']['cvv2'] } else: # the update is absolute so if no payment info provided it is deleted user_profile.payment_info = {} user.save() user_profile.save() except Exception as e: msg = 'Invalid content' if e.message: msg = e.message return build_response(request, 400, msg) return build_response(request, 200, 'OK')
def update(self, request, username): if not request.user.is_staff and not request.user.username == username: return build_response(request, 403, 'Forbidden') data = json.loads(request.raw_post_data) # Update the user try: user = User.objects.get(username=username) # Get the user profile user_profile = UserProfile.objects.get(user=user) # If WStore is not integrated with the accounts enabler # update user info and roles if not settings.OILAUTH: if request.user.is_staff and 'roles' in data: # The user cannot change its roles if 'admin' in data['roles'] and request.user.is_staff: user.is_staff = True if 'provider' in data['roles']: # Append the provider role to the user orgs = [] for o in user_profile.organizations: if Organization.objects.get(pk=o['organization']).name == user.username \ and 'provider' not in o['roles']: o['roles'].append('provider') orgs.append(o) user_profile.organizations = orgs elif 'provider' not in data[ 'roles'] and 'provider' in user_profile.get_user_roles( ): # Remove the provider role from the user info orgs = [] for o in user_profile.organizations: if Organization.objects.get( pk=o['organization'] ).name == user.username: o['roles'].remove('provider') orgs.append(o) else: orgs.append(o) user_profile.organizations = orgs if 'notification_url' in data and 'provider' in user_profile.get_user_roles( ): user_org = Organization.objects.get(name=user.username) user_org.notification_url = data['notification_url'] user_org.save() if 'password' in data: user.set_password(data['password']) if 'first_name' in data and 'last_name' in data: user.first_name = data['first_name'] user.last_name = data['last_name'] user_profile.complete_name = data[ 'first_name'] + ' ' + data['last_name'] elif 'complete_name' in data: user_profile.complete_name = data['complete_name'] else: user_org = Organization.objects.get( actor_id=user.userprofile.actor_id) if 'notification_url' in data and 'provider' in user_profile.get_user_roles( ): user_org.notification_url = data['notification_url'] user_org.save() # Check if expenditure limits are included in the request if 'limits' in data and data['limits']: limits = _check_limits(data['limits']) currency = limits['currency'] # Get default RSS instance try: rss_instance = RSS.objects.all()[0] except: raise Exception( 'No RSS instance registered: An RSS instance is needed for setting up expenditure limits' ) # Create limits in the RSS try: rss_factory = RSSManagerFactory(rss_instance) exp_manager = rss_factory.get_expenditure_manager( rss_instance.access_token) exp_manager.set_actor_limit(limits, user.userprofile) except HTTPError as e: if e.code == 401: rss_instance.refresh_token() exp_manager.set_credentials( rss_instance.access_token) exp_manager.set_actor_limit( limits, user.userprofile) else: raise e # Save limits limits['currency'] = currency user_org.expenditure_limits = limits user_org.save() if 'tax_address' in data: user_profile.tax_address = { 'street': data['tax_address']['street'], 'postal': data['tax_address']['postal'], 'city': data['tax_address']['city'], 'country': data['tax_address']['country'] } else: # the update is absolute so if no tax address provided it is deleted user_profile.tax_address = {} if 'payment_info' in data: number = data['payment_info']['number'] if not is_valid_credit_card(number): if 'number' in user_profile.payment_info and \ is_hidden_credit_card(number, user_profile.payment_info['number']): number = user_profile.payment_info['number'] else: raise Exception('') user_profile.payment_info = { 'type': data['payment_info']['type'], 'number': number, 'expire_month': data['payment_info']['expire_month'], 'expire_year': data['payment_info']['expire_year'], 'cvv2': data['payment_info']['cvv2'] } else: # the update is absolute so if no payment info provided it is deleted user_profile.payment_info = {} user.save() user_profile.save() except Exception as e: msg = 'Invalid content' if e.message: msg = e.message return build_response(request, 400, msg) return build_response(request, 200, 'OK')
def update(self, request, org): # Get the organization try: organization = Organization.objects.get(name=org) except: return build_response(request, 404, 'Organization not found') if not request.user.is_active: return build_response(request, 403, 'Forbidden') if not request.user.is_staff and request.user.pk not in organization.managers: return build_response(request, 403, 'Forbidden') try: # Load request data data = json.loads(request.raw_post_data) if 'notification_url' in data: if data['notification_url'] and not is_valid_url( data['notification_url']): raise Exception('Enter a valid URL') organization.notification_url = data['notification_url'] # Load the tax address new_taxaddr = {} if 'tax_address' in data and data['tax_address'] != {}: new_taxaddr = { 'street': data['tax_address']['street'], 'postal': data['tax_address']['postal'], 'city': data['tax_address']['city'], 'country': data['tax_address']['country'] } organization.tax_address = new_taxaddr # Load the payment info new_payment = {} if 'payment_info' in data and data['payment_info'] != {}: number = data['payment_info']['number'] if not is_valid_credit_card(number): if 'number' in organization.payment_info and \ is_hidden_credit_card(number, organization.payment_info['number']): number = organization.payment_info['number'] else: raise Exception('Invalid credit card number') new_payment = { 'type': data['payment_info']['type'], 'number': number, 'expire_year': data['payment_info']['expire_year'], 'expire_month': data['payment_info']['expire_month'], 'cvv2': data['payment_info']['cvv2'] } if 'limits' in data: limits = _check_limits(data['limits']) currency = limits['currency'] # Get default RSS rss = RSS.objects.all()[0] rss_factory = RSSManagerFactory(rss) exp_manager = rss_factory.get_expenditure_manager( rss.access_token) try: exp_manager.set_actor_limit(limits, organization) except HTTPError as e: if e.code == 401: rss.refresh_token() exp_manager.set_credentials(rss.access_token) exp_manager.set_actor_limit(limits, organization) else: raise e # Save limits limits['currency'] = currency organization.expenditure_limits = limits organization.payment_info = new_payment organization.save() except Exception as e: msg = 'Invalid JSON content' if e.message: msg = e.message return build_response(request, 400, msg) return build_response(request, 200, 'OK')