def send_message(request): if not request.user.is_authenticated: raise PermissionDenied if request.user.user_type == 1: return utils.raise_exception(request, "Upgrade your account to send messages.") utils.check_captcha(request) friend_username = request.POST.get('friend_username', 'null') if not username_exists(friend_username): raise PermissionDenied friend_user = CustomUser.objects.get(username=friend_username) if request.user.user_type != 5 and not are_friend(request.user, friend_user): return utils.raise_exception( request, "You are not allowed to send messages to strangers.") message_text = request.POST.get("message_text", "null") my_friends = get_friends(request.user) Private_Message.objects.create(sender=request.user, receiver=friend_user, message=message_text) context = {'my_friends': my_friends} context['chats'] = getAllMessages(user1=request.user, user2=friend_user) context['friend_username'] = friend_username context['display_message_box'] = True return HttpResponseRedirect( reverse('private_message:friends_message_username', kwargs={'friend_username': friend_username}))
def friend_timeline(request, friend_username): if not request.user.is_authenticated: raise PermissionDenied if not username_exists(friend_username): raise PermissionDenied if request.user.username == friend_username: return HttpResponseRedirect(reverse('friends:timeline')) friend = CustomUser.objects.get(username=friend_username) if not are_friend(request.user, friend) and friend.timeline_view_level == 0: return utils.raise_exception( request, "You are not allowed to view the timeline.") all_posts = Post.objects.filter( recipient_name=friend_username).order_by('-post_date') can_post = (friend.timeline_post_level == 1) or are_friend( request.user, friend) context = { 'friend_username': friend_username, 'all_posts': all_posts, 'can_post': can_post } return render(request, 'friend_timeline.html', context=context)
def accept(request): if not request.user.is_authenticated: raise PermissionDenied # print("hiiiiiiii") friend_id = request.POST.get('friend', 'default') if not user_id_exists(friend_id): raise PermissionDenied # if not CustomUser.objects.filter(id=friend_id).exists(): # raise SuspiciousOperation("Please be in limits.") friend = CustomUser.objects.get(id=friend_id) if are_friend(request.user, friend): raise PermissionDenied row = Friend.objects.get(creator_id=friend_id, follower_id=request.user.id, confirmed=False) row.confirmed = True row.save() # print("hi") # print(Friend.objects.get(creator_id=friend_id,follower_id=request.user.id).confirmed) return HttpResponseRedirect(reverse('friends:friends'))
def add_post_friend(request, friend_username): # TODO add checks if not request.user.is_authenticated: raise PermissionDenied # friend = None # try: # friend = CustomUser.objects.get(username=friend_username) # except: # raise PermissionDenied utils.check_captcha(request) if not username_exists(friend_username): raise PermissionDenied friend = CustomUser.objects.get(username=friend_username) if not are_friend(request.user, friend): raise PermissionDenied author_name = request.user.username recipient_name = friend_username post_text = request.POST.get('post_text', "N/A") Post.objects.create(author_name=author_name, recipient_name=recipient_name, post_text=post_text) return redirect('friends:friend_timeline', friend_username=friend_username)
def add_friend(request): # print(request.user.id) if not request.user.is_authenticated: raise PermissionDenied friend_id = request.POST.get('friend', 'default') if not CustomUser.objects.filter(id=friend_id).exists(): raise PermissionDenied if request.user.id == friend_id: raise PermissionDenied friend = CustomUser.objects.get(id=friend_id) if are_friend(request.user, friend): raise PermissionDenied obj1 = list( Friend.objects.filter(creator_id=request.user.id, follower_id=friend_id)) obj2 = list( Friend.objects.filter(follower_id=request.user.id, creator_id=friend_id)) if len(obj1) == 0 and len(obj2) == 0: Friend.objects.create(creator_id=request.user.id, follower_id=friend_id, confirmed=False) return HttpResponseRedirect(reverse('friends:friends'))
def transfer(request): if not request.user.is_authenticated: raise PermissionDenied if request.method == 'POST': if (request.user.user_ongoing_transaction): django.contrib.auth.logout(request) return HttpResponseRedirect(reverse('logout')) request.user.user_ongoing_transaction = True # request.user.user_ongoing_transaction = False request.user.save() user2_username = request.POST.get("username", "null") user2 = CustomUser.objects.get(username=user2_username) amount = 0 try: amount = int(request.POST.get("amount", "null")) except: message = 'Please enter valid input.' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) if(user2.username=='admin'): message = 'You Cannot Send Money To Admin' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) # return HttpResponse('''<h1>You Cannot Send Money To Admin<br><a href="wallet_home">GO BACK</a>''') user1 = request.user # print(request.user.user_last_transaction) # print((datetime.now() - timecheck).seconds) am = amount if (am <= 0): message = 'Positive value required' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) # return HttpResponse('''<h1>Positive value required<br><a href="wallet_home">GO BACK</a>''') if user1.user_type != 5 and not are_friend(user1, user2): return utils.raise_exception(request, "Become a commercial user to send money to strangers.") if (user1.username == user2.username): message = 'You cannot transfer money to yourself' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) # return HttpResponse( # "<h1>You cannot transfer money to yourself<br><a href='wallet_home'>GO BACK</a>") if user1.user_no_of_transactions + 1 > user1.user_no_of_transactions_allowed: # MAX LIMIT ----> CHANGE message = 'You have reached max. transaction limit' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) # return HttpResponse( # "<h1>You have reached max. transaction limit<br><a href='wallet_home'>GO BACK</a>") if (am > user1.user_balance): message = 'Insufficient Balance to transfer entered amount' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) # return HttpResponse( # "<h1>Insufficient Balance to transfer entered amount<br><a href='wallet_home'>GO BACK</a>") timecheck = datetime.strptime(user1.user_last_transaction_for_begin, "%d-%b-%Y (%H:%M:%S.%f)") if ((datetime.now() - timecheck).seconds < 80): message = 'Try after 80 seconds' d = {} d['message'] = message request.user.user_ongoing_transaction = False request.user.save() return render(request, 'display_message_1.html', context=d) # return HttpResponse("<h1>Try after 80 seconds<br><a href='wallet_home'>GO BACK</a>") # user1.user_last_transaction_for_begin = datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)") # user1.save() # totp = pyotp.TOTP('base32secret3232') curr_otp = getOTP() # request.session['date_time'] = str(datetime.datet) # print(curr_otp) # print(curr_otp) send_mail('SocPay | NoReply', 'Your OTP is : ' + str(curr_otp), '*****@*****.**', [user1.email], fail_silently=False) user1.user_last_transaction_for_begin = datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)") user1.save() request.session['user1'] = user1.username request.session['user2'] = user2.username request.session['am'] = str(am) request.session['curr_otp'] = str(curr_otp) request.session['time'] = datetime.now().strftime("%d-%b-%Y (%H:%M:%S.%f)") return render(request, 'otp_tranfer.html') # return HttpResponseRedirect('/thanks/') else: all_friends = get_friends(request.user) if (request.user.user_ongoing_transaction): django.contrib.auth.logout(request) return HttpResponseRedirect(reverse('logout')) if request.user.user_type == 5: all_friends = CustomUser.objects.filter(~Q(username="******")) & CustomUser.objects.filter(~Q(username=request.user.username)) context = {'all_friends':all_friends} return render(request, 'transfer_money.html', context=context)