def submit_new_member(): """Create the new member. '409 Conflict' is thrown if the email address is already associated with an existing member. """ user_email = flask_login.current_user.id new_member = gapps.member_dict_from_request(flask.request, user_email, 'join') join_or_renew = gapps.join_or_renew_member_from_dict(new_member) if join_or_renew == 'join': # Enqueue the welcome email gapps.enqueue_task('/tasks/new-member-mail', new_member) # else the member already existed and we're going to email. This is especially # important because App Engine 500s even after a successful member creation. We don't # want a retry to spam the member. return f'success: {join_or_renew}'
def post(self): """Create the new member. '409 Conflict' is thrown if the email address is already associated with an existing member. """ helpers.check_csrf(self.request) user = users.get_current_user() if not user or not gapps.is_user_authorized(user): detail = 'user not authorized' if user else 'user not logged in' webapp2.abort(401, detail=detail) new_member = gapps.member_dict_from_request(self.request, user.email(), 'join') join_or_renew = gapps.join_or_renew_member_from_dict(new_member) self.response.write('success: %s' % join_or_renew) # Queue the welcome email taskqueue.add(url='/tasks/new-member-mail', params=new_member)
def post(self): payer_email = self.request.params.get('payer_email', '') payer_id = self.request.params.get('payer_id', '') payer_name = '' if self.request.params.get('first_name') and \ self.request.params.get('last_name'): payer_name = '%s %s' % (self.request.params.get('first_name'), self.request.params.get('last_name')) # member_keystring should be considered untrusted. The user could have # removed or altered it before Paypal sent it to us. The rest of the # values came directly from Paypal (fwiw). # This value might also be empty because of an automatic renewal. member_keystring = self.request.params.get('invoice', '') # There are two scenarios here: # 1. This is a brand new member. We have their info in NDB and should # now fully create them in the spreadsheet. # 2. This is an automatic renewal payment for an existing member. We # should renew them in the spreadsheet. member_dict = {} candidate_found = False try: member_candidate_key = ndb.Key(urlsafe=member_keystring) member_candidate = member_candidate_key.get() member_candidate_key.delete() # Get the member data we stored member_dict = webapp2_extras.json.decode( member_candidate.member_json) candidate_found = True logging.info('found member candidate') except: logging.info('did not find member candidate') # Add the Paypal info, regardless member_dict[config.MEMBER_FIELDS.paypal_name.name] = payer_name member_dict[config.MEMBER_FIELDS.paypal_email.name] = payer_email member_dict[config.MEMBER_FIELDS.paypal_payer_id.name] = payer_id join_or_renew = 'renew' if candidate_found: join_or_renew = gapps.join_or_renew_member_from_dict(member_dict) else: # # Renew an existing member. # We will try to find an existing user by looking up the payer_email # value in either the "Paypal Email" field or the "Email" field. # renew_success = gapps.renew_member_by_email_or_paypal_id( payer_email, payer_id, member_dict) if not renew_success: # We failed to renew this paying member. # Alert our admins about this. subject = 'ALERT: failed to renew valid payer' body = ''' We received a valid PayPal transaction but were unable to match the \ transaction to a member. In other words, we got someone's money, and it looks \ legit, but we can't figure out who they are in order to actually join or renew \ them. Maybe they're in the spreadsheet under another email address? Here are the transaction values: %s Current URL: %s [This email was sent automatically.] ''' % (pprint.pformat(self.request.params.items()), self.request.host_url) mail.send_mail_to_admins(config.MASTER_EMAIL_SEND_ADDRESS, subject, body) logging.critical('failed to renew payer') return # Queue the welcome email if join_or_renew == 'renew': taskqueue.add(url='/tasks/renew-member-mail', params=member_dict) logging.info('renewed member') logging.info(member_dict) else: taskqueue.add(url='/tasks/new-member-mail', params=member_dict) logging.info('joined member') logging.info(member_dict)
def post(self): payer_email = self.request.params.get('payer_email', '') payer_id = self.request.params.get('payer_id', '') payer_name = '' if self.request.params.get('first_name') and \ self.request.params.get('last_name'): payer_name = '%s %s' % (self.request.params.get('first_name'), self.request.params.get('last_name')) # member_keystring should be considered untrusted. The user could have # removed or altered it before Paypal sent it to us. The rest of the # values came directly from Paypal (fwiw). # This value might also be empty because of an automatic renewal. member_keystring = self.request.params.get('invoice', '') # There are two scenarios here: # 1. This is a brand new member. We have their info in NDB and should # now fully create them in the spreadsheet. # 2. This is an automatic renewal payment for an existing member. We # should renew them in the spreadsheet. member_dict = {} candidate_found = False try: member_candidate_key = ndb.Key(urlsafe=member_keystring) member_candidate = member_candidate_key.get() member_candidate_key.delete() # Get the member data we stored member_dict = webapp2_extras.json.decode(member_candidate.member_json) candidate_found = True logging.info('found member candidate') except: logging.info('did not find member candidate') # Add the Paypal info, regardless member_dict[config.MEMBER_FIELDS.paypal_name.name] = payer_name member_dict[config.MEMBER_FIELDS.paypal_email.name] = payer_email member_dict[config.MEMBER_FIELDS.paypal_payer_id.name] = payer_id join_or_renew = 'renew' if candidate_found: join_or_renew = gapps.join_or_renew_member_from_dict(member_dict) else: # # Renew an existing member. # We will try to find an existing user by looking up the payer_email # value in either the "Paypal Email" field or the "Email" field. # renew_success = gapps.renew_member_by_email_or_paypal_id( payer_email, payer_id, member_dict) if not renew_success: # We failed to renew this paying member. # Alert our admins about this. subject = 'ALERT: failed to renew valid payer' body = ''' We received a valid PayPal transaction but were unable to match the \ transaction to a member. In other words, we got someone's money, and it looks \ legit, but we can't figure out who they are in order to actually join or renew \ them. Maybe they're in the spreadsheet under another email address? Here are the transaction values: %s Current URL: %s [This email was sent automatically.] ''' % (pprint.pformat(self.request.params.items()), self.request.host_url) mail.send_mail_to_admins(config.MASTER_EMAIL_SEND_ADDRESS, subject, body) logging.critical('failed to renew payer') return # Queue the welcome email if join_or_renew == 'renew': taskqueue.add(url='/tasks/renew-member-mail', params=member_dict) logging.info('renewed member') logging.info(member_dict) else: taskqueue.add(url='/tasks/new-member-mail', params=member_dict) logging.info('joined member') logging.info(member_dict)
def process_member_worker(): """Creates or renews a member when payment has been received. """ logging.debug('self_serve.process_member_worker hit') params = gapps.validate_queue_task(flask.request) logging.debug('self_serve.process_member_worker params: %s', params) payer_email = params.get('payer_email', '') payer_id = params.get('payer_id', '') paid_amount = params.get('mc_gross', '') payer_name = '' if params.get('first_name') and params.get('last_name'): payer_name = f"{params.get('first_name')} {params.get('last_name')}" # member_keystring should be considered untrusted. The user could have # removed or altered it before Paypal sent it to us. The rest of the # values came directly from Paypal (fwiw). # This value might also be empty because of an automatic renewal. member_keystring = params.get('invoice', '') # There are two scenarios here: # 1. This is a brand new member. We have their info in NDB and should # now fully create them in the spreadsheet. # 2. This is an automatic renewal payment for an existing member. We # should renew them in the spreadsheet. member_dict = {} candidate_found = False try: member_candidate = MemberCandidate.pop(member_keystring) # Get the member data we stored member_dict = flask.json.loads(member_candidate.member_json) candidate_found = True logging.info('found member candidate') except: logging.info('did not find member candidate') # Add the Paypal info, regardless member_dict[config.SHEETS.member.fields.paypal_name.name] = payer_name member_dict[config.SHEETS.member.fields.paypal_email.name] = payer_email member_dict[config.SHEETS.member.fields.paypal_payer_id.name] = payer_id member_dict[config.SHEETS.member.fields.paid_amount.name] = paid_amount join_or_renew = 'renew' if candidate_found: join_or_renew = gapps.join_or_renew_member_from_dict(member_dict) else: # # Renew an existing member. # We will try to find an existing user by looking up the payer_email # value in either the "Paypal Email" field or the "Email" field. # if not payer_email and not payer_id: logging.warning( 'self_serve.process_member_worker: payer_email and payer_id empty' ) renew_success = False else: renew_success = gapps.renew_member_by_email_or_paypal_id( payer_email, payer_id, member_dict) if not renew_success: # We failed to renew this paying member. # Alert our admins about this. subject = 'ALERT: failed to renew valid payer' body = f''' We received a valid PayPal transaction but were unable to match the \ transaction to a member. In other words, we got someone's money, and it looks \ legit, but we can't figure out who they are in order to actually join or renew \ them. Maybe they're in the spreadsheet under another email address? Here are the transaction values: {pprint.pformat(list(params))} Current URL: {flask.request.path} [This email was sent automatically.] ''' emailer.send_to_admins(subject, body) logging.critical('failed to renew payer') return flask.make_response('', 200) # Enqueue the welcome email if join_or_renew == 'renew': gapps.enqueue_task('/tasks/renew-member-mail', member_dict) logging.info('renewed member') logging.info(member_dict) else: gapps.enqueue_task('/tasks/new-member-mail', member_dict) logging.info('joined member') logging.info(member_dict) return flask.make_response('', 200)