Exemple #1
0
def submit_new_member():
    """Create the new member.
    '409 Conflict' is thrown if the email address is already associated
    with an existing member.
    """
    user_email = flask_login.current_user.id

    new_member = gapps.member_dict_from_request(flask.request, user_email,
                                                'join')
    join_or_renew = gapps.join_or_renew_member_from_dict(new_member)

    if join_or_renew == 'join':
        # Enqueue the welcome email
        gapps.enqueue_task('/tasks/new-member-mail', new_member)
    # else the member already existed and we're going to email. This is especially
    # important because App Engine 500s even after a successful member creation. We don't
    # want a retry to spam the member.

    return f'success: {join_or_renew}'
Exemple #2
0
    def post(self):
        """Create the new member.
        '409 Conflict' is thrown if the email address is already associated
        with an existing member.
        """
        helpers.check_csrf(self.request)

        user = users.get_current_user()
        if not user or not gapps.is_user_authorized(user):
            detail = 'user not authorized' if user else 'user not logged in'
            webapp2.abort(401, detail=detail)

        new_member = gapps.member_dict_from_request(self.request, user.email(),
                                                    'join')
        join_or_renew = gapps.join_or_renew_member_from_dict(new_member)

        self.response.write('success: %s' % join_or_renew)

        # Queue the welcome email
        taskqueue.add(url='/tasks/new-member-mail', params=new_member)
Exemple #3
0
    def post(self):
        """Create the new member.
        '409 Conflict' is thrown if the email address is already associated
        with an existing member.
        """
        helpers.check_csrf(self.request)

        user = users.get_current_user()
        if not user or not gapps.is_user_authorized(user):
            detail = 'user not authorized' if user else 'user not logged in'
            webapp2.abort(401, detail=detail)

        new_member = gapps.member_dict_from_request(self.request,
                                                    user.email(),
                                                    'join')
        join_or_renew = gapps.join_or_renew_member_from_dict(new_member)

        self.response.write('success: %s' % join_or_renew)

        # Queue the welcome email
        taskqueue.add(url='/tasks/new-member-mail', params=new_member)
    def post(self):
        payer_email = self.request.params.get('payer_email', '')
        payer_id = self.request.params.get('payer_id', '')
        payer_name = ''
        if self.request.params.get('first_name') and \
           self.request.params.get('last_name'):
            payer_name = '%s %s' % (self.request.params.get('first_name'),
                                    self.request.params.get('last_name'))

        # member_keystring should be considered untrusted. The user could have
        # removed or altered it before Paypal sent it to us. The rest of the
        # values came directly from Paypal (fwiw).
        # This value might also be empty because of an automatic renewal.
        member_keystring = self.request.params.get('invoice', '')

        # There are two scenarios here:
        #  1. This is a brand new member. We have their info in NDB and should
        #     now fully create them in the spreadsheet.
        #  2. This is an automatic renewal payment for an existing member. We
        #     should renew them in the spreadsheet.

        member_dict = {}
        candidate_found = False
        try:
            member_candidate_key = ndb.Key(urlsafe=member_keystring)
            member_candidate = member_candidate_key.get()
            member_candidate_key.delete()

            # Get the member data we stored
            member_dict = webapp2_extras.json.decode(
                member_candidate.member_json)
            candidate_found = True
            logging.info('found member candidate')
        except:
            logging.info('did not find member candidate')

        # Add the Paypal info, regardless
        member_dict[config.MEMBER_FIELDS.paypal_name.name] = payer_name
        member_dict[config.MEMBER_FIELDS.paypal_email.name] = payer_email
        member_dict[config.MEMBER_FIELDS.paypal_payer_id.name] = payer_id

        join_or_renew = 'renew'

        if candidate_found:
            join_or_renew = gapps.join_or_renew_member_from_dict(member_dict)
        else:
            #
            # Renew an existing member.
            # We will try to find an existing user by looking up the payer_email
            # value in either the "Paypal Email" field or the "Email" field.
            #

            renew_success = gapps.renew_member_by_email_or_paypal_id(
                payer_email, payer_id, member_dict)

            if not renew_success:
                # We failed to renew this paying member.
                # Alert our admins about this.
                subject = 'ALERT: failed to renew valid payer'
                body = '''
We received a valid PayPal transaction but were unable to match the \
transaction to a member. In other words, we got someone's money, and it looks \
legit, but we can't figure out who they are in order to actually join or renew \
them.

Maybe they're in the spreadsheet under another email address?

Here are the transaction values:
%s

Current URL:
%s

[This email was sent automatically.]
''' % (pprint.pformat(self.request.params.items()), self.request.host_url)

                mail.send_mail_to_admins(config.MASTER_EMAIL_SEND_ADDRESS,
                                         subject, body)

                logging.critical('failed to renew payer')
                return

        # Queue the welcome email
        if join_or_renew == 'renew':
            taskqueue.add(url='/tasks/renew-member-mail', params=member_dict)
            logging.info('renewed member')
            logging.info(member_dict)
        else:
            taskqueue.add(url='/tasks/new-member-mail', params=member_dict)
            logging.info('joined member')
            logging.info(member_dict)
Exemple #5
0
    def post(self):
        payer_email = self.request.params.get('payer_email', '')
        payer_id = self.request.params.get('payer_id', '')
        payer_name = ''
        if self.request.params.get('first_name') and \
           self.request.params.get('last_name'):
            payer_name = '%s %s' % (self.request.params.get('first_name'),
                                    self.request.params.get('last_name'))

        # member_keystring should be considered untrusted. The user could have
        # removed or altered it before Paypal sent it to us. The rest of the
        # values came directly from Paypal (fwiw).
        # This value might also be empty because of an automatic renewal.
        member_keystring = self.request.params.get('invoice', '')

        # There are two scenarios here:
        #  1. This is a brand new member. We have their info in NDB and should
        #     now fully create them in the spreadsheet.
        #  2. This is an automatic renewal payment for an existing member. We
        #     should renew them in the spreadsheet.

        member_dict = {}
        candidate_found = False
        try:
            member_candidate_key = ndb.Key(urlsafe=member_keystring)
            member_candidate = member_candidate_key.get()
            member_candidate_key.delete()

            # Get the member data we stored
            member_dict = webapp2_extras.json.decode(member_candidate.member_json)
            candidate_found = True
            logging.info('found member candidate')
        except:
            logging.info('did not find member candidate')

        # Add the Paypal info, regardless
        member_dict[config.MEMBER_FIELDS.paypal_name.name] = payer_name
        member_dict[config.MEMBER_FIELDS.paypal_email.name] = payer_email
        member_dict[config.MEMBER_FIELDS.paypal_payer_id.name] = payer_id

        join_or_renew = 'renew'

        if candidate_found:
            join_or_renew = gapps.join_or_renew_member_from_dict(member_dict)
        else:
            #
            # Renew an existing member.
            # We will try to find an existing user by looking up the payer_email
            # value in either the "Paypal Email" field or the "Email" field.
            #

            renew_success = gapps.renew_member_by_email_or_paypal_id(
                                    payer_email,
                                    payer_id,
                                    member_dict)

            if not renew_success:
                # We failed to renew this paying member.
                # Alert our admins about this.
                subject = 'ALERT: failed to renew valid payer'
                body = '''
We received a valid PayPal transaction but were unable to match the \
transaction to a member. In other words, we got someone's money, and it looks \
legit, but we can't figure out who they are in order to actually join or renew \
them.

Maybe they're in the spreadsheet under another email address?

Here are the transaction values:
%s

Current URL:
%s

[This email was sent automatically.]
''' % (pprint.pformat(self.request.params.items()),
       self.request.host_url)

                mail.send_mail_to_admins(config.MASTER_EMAIL_SEND_ADDRESS,
                                         subject,
                                         body)

                logging.critical('failed to renew payer')
                return

        # Queue the welcome email
        if join_or_renew == 'renew':
            taskqueue.add(url='/tasks/renew-member-mail', params=member_dict)
            logging.info('renewed member')
            logging.info(member_dict)
        else:
            taskqueue.add(url='/tasks/new-member-mail', params=member_dict)
            logging.info('joined member')
            logging.info(member_dict)
Exemple #6
0
def process_member_worker():
    """Creates or renews a member when payment has been received.
    """
    logging.debug('self_serve.process_member_worker hit')

    params = gapps.validate_queue_task(flask.request)
    logging.debug('self_serve.process_member_worker params: %s', params)

    payer_email = params.get('payer_email', '')
    payer_id = params.get('payer_id', '')
    paid_amount = params.get('mc_gross', '')
    payer_name = ''
    if params.get('first_name') and params.get('last_name'):
        payer_name = f"{params.get('first_name')} {params.get('last_name')}"

    # member_keystring should be considered untrusted. The user could have
    # removed or altered it before Paypal sent it to us. The rest of the
    # values came directly from Paypal (fwiw).
    # This value might also be empty because of an automatic renewal.
    member_keystring = params.get('invoice', '')

    # There are two scenarios here:
    #  1. This is a brand new member. We have their info in NDB and should
    #     now fully create them in the spreadsheet.
    #  2. This is an automatic renewal payment for an existing member. We
    #     should renew them in the spreadsheet.

    member_dict = {}
    candidate_found = False
    try:
        member_candidate = MemberCandidate.pop(member_keystring)

        # Get the member data we stored
        member_dict = flask.json.loads(member_candidate.member_json)
        candidate_found = True
        logging.info('found member candidate')
    except:
        logging.info('did not find member candidate')

    # Add the Paypal info, regardless
    member_dict[config.SHEETS.member.fields.paypal_name.name] = payer_name
    member_dict[config.SHEETS.member.fields.paypal_email.name] = payer_email
    member_dict[config.SHEETS.member.fields.paypal_payer_id.name] = payer_id
    member_dict[config.SHEETS.member.fields.paid_amount.name] = paid_amount

    join_or_renew = 'renew'

    if candidate_found:
        join_or_renew = gapps.join_or_renew_member_from_dict(member_dict)
    else:
        #
        # Renew an existing member.
        # We will try to find an existing user by looking up the payer_email
        # value in either the "Paypal Email" field or the "Email" field.
        #

        if not payer_email and not payer_id:
            logging.warning(
                'self_serve.process_member_worker: payer_email and payer_id empty'
            )
            renew_success = False
        else:
            renew_success = gapps.renew_member_by_email_or_paypal_id(
                payer_email, payer_id, member_dict)

        if not renew_success:
            # We failed to renew this paying member.
            # Alert our admins about this.
            subject = 'ALERT: failed to renew valid payer'
            body = f'''
We received a valid PayPal transaction but were unable to match the \
transaction to a member. In other words, we got someone's money, and it looks \
legit, but we can't figure out who they are in order to actually join or renew \
them.

Maybe they're in the spreadsheet under another email address?

Here are the transaction values:
{pprint.pformat(list(params))}

Current URL:
{flask.request.path}

[This email was sent automatically.]
'''

            emailer.send_to_admins(subject, body)

            logging.critical('failed to renew payer')
            return flask.make_response('', 200)

    # Enqueue the welcome email
    if join_or_renew == 'renew':
        gapps.enqueue_task('/tasks/renew-member-mail', member_dict)
        logging.info('renewed member')
        logging.info(member_dict)
    else:
        gapps.enqueue_task('/tasks/new-member-mail', member_dict)
        logging.info('joined member')
        logging.info(member_dict)

    return flask.make_response('', 200)