Exemple #1
0
def create(request, recipient_id, entity_id, amount):
    # Check Parameter Value Types
    recipient_id, success = validate_int(recipient_id)
    if not success:
        return cors_response(
            build_error(API_ERROR.INVALID_PARAMETER, parameter='recipient_id'))

    entity_id, success = validate_int(entity_id)
    if not success:
        return cors_response(
            build_error(API_ERROR.INVALID_PARAMETER, parameter='entity_id'))

    amount, success = validate_float(amount)
    if not success:
        return cors_response(
            build_error(API_ERROR.INVALID_PARAMETER, parameter='amount'))
    if amount <= 0:
        return cors_response(
            build_error(API_ERROR.INVALID_PARAMETER, parameter='amount'))

    # Get entity
    entity = Entity.objects.filter(pk=entity_id)
    if len(entity) != 1:
        return cors_response(
            build_error(API_ERROR.INVALID_PARAMETER, parameter='entity_id'))
    entity = entity[0]

    # Get recipient from entity
    # (this will also confirm the entity and recipient are linked)
    recipient = entity.recipient.filter(pk=recipient_id)
    if len(recipient) != 1:
        return cors_response(
            build_error(API_ERROR.INVALID_PARAMETER, parameter='recipient_id'))
    recipient = recipient[0]

    payee = recipient.payee
    if payee is None or payee.userservice is None:
        return cors_response(
            build_error(API_ERROR.DONATION.NO_PAYEE))

    # Create donation
    _, checkout_url = payment.registry[payee.userservice.service].donation_create(
        entity, recipient, payee, amount,
        base_url=build_url(request),
        redirect_name='donation-confirm',
        callback_name='callback-wepay-checkout'
    )

    # Make the checkout_url absolute
    checkout_url = urlparse.urljoin(build_url(request), checkout_url)

    if checkout_url:
        return cors_response(simplejson.dumps({
            'checkout_url': checkout_url,
            'success': True
        }))
    return cors_response(build_error(API_ERROR.DONATION.SERVICE_FAILED))
Exemple #2
0
def claim(request, recipient_id):
    recipients = Recipient.objects.all().filter(id=recipient_id)
    if len(recipients) == 0:
        return build_error(API_ERROR.INVALID_PARAMETER, recipient_id=recipient_id)
    elif len(recipients) == 1:
        if recipients[0].owner is None:
            if not request.user.is_authenticated():
                return build_error(API_ERROR.AUTHENTICATION.NOT_LOGGED_IN)

            # TODO: Change to manual claim process
            recipients[0].owner = request.user
            recipients[0].save()
            return simplejson.dumps({
                'success': True,
                'recipient': {
                    'id': recipients[0].id,
                    'slug': recipients[0].slug
                }
            })
        else:
            return build_error(API_ERROR.RECIPIENT.ALREADY_CLAIMED)
    else:
        return build_error(API_ERROR.INVALID_PARAMETER, recipient_id=recipient_id)
Exemple #3
0
    def wrapper(request, *args, **kwargs):
        if settings.FRUCTUS_DEPLOYMENT == 'OPEN':
            return function(*args, **kwargs)
        else:
            # Cookie auth (API is used on the website)
            if request.user.is_authenticated() and request.user.is_active:
                if settings.FRUCTUS_DEPLOYMENT == 'INTERNAL' and request.user.is_staff:
                    return function(*args, request=request, **kwargs)
                elif settings.FRUCTUS_DEPLOYMENT == 'INVITE':
                    return function(*args, request=request, **kwargs)

            # deployauth token (API is used remotely)
            if 'deployauth_token' in kwargs:
                if deployauth_token_validate(kwargs['deployauth_token']):
                    return function(*args, **kwargs)

        return build_error(API_ERROR.AUTHENTICATION.DEPLOYAUTH_FAILED)
Exemple #4
0
def search(request, title, limit=10,
           entities_include=False, entities_limit=5,
           lookup_type=None, lookup_token=None):

    results = []
    search_type = None

    if lookup_type is not None and lookup_token is not None:
        # -------------------------------
        #  External "lookup"
        # -------------------------------
        search_type = 'lookup'

        # Check lookup_type is valid
        lookup_type_valid = False
        try:
            for type_id, _ in Recipient.TYPES:
                if int(lookup_type) == int(type_id):
                    lookup_type_valid = True
                    lookup_type = int(lookup_type)
                    break
        except ValueError:
            pass

        if not lookup_type_valid:
            print "error"
            return cors_response(build_error(
                API_ERROR.INVALID_PARAMETER,
                parameter='lookup_type'
            ))

        # Find the token in our database
        token = None
        try:
            token = Token.objects.filter(
                token_type=Token.TOKEN_RECIPIENT_LOOKUP,
                token=lookup_token
            )
            if len(token) == 1:
                token = token[0]
            else:
                token = None
        except Token.DoesNotExist:
            pass

        # Check token is still valid
        if token and token.valid():
            token.delete()  # Token has been used, let's remove it.

            if 'title' in token.data and token.data['title'] == title:
                results = entitygen.registry[lookup_type].recipient_create(
                    token.data['title'], limit=9
                )
            else:
                return cors_response(
                    build_error(API_ERROR.RECIPIENT.LOOKUP_TOKEN_INVALID))
        else:
            return cors_response(
                build_error(API_ERROR.RECIPIENT.LOOKUP_TOKEN_INVALID))
    else:
        # -------------------------------
        #   Direct database "search"
        # -------------------------------
        search_type = 'search'

        results = Recipient.objects.all().filter(
            s_title__ilike='%' + search_like(title) + '%'
        )[:limit]

    # Append dicts of recipient results
    items = []
    for recipient in results:
        items.append(recipient.dict(
            entities_include=entities_include,
            entities_filter={'parent': None},
            entities_limit=entities_limit,
            check_owner=request.user
        ))

    # Build result dict
    result_dict = {
        'success': True,
        'items': items
    }

    # Create a Token (with a 10 min expire) that can be used for lookups
    if search_type == 'search':
        token = Token.objects.create(
            token_type=Token.TOKEN_RECIPIENT_LOOKUP,

            expire=datetime.datetime.now(
                tz=pytz.utc
            ) + datetime.timedelta(minutes=1),

            data={
                'title': title
            }
        )
        result_dict['lookup_token'] = token.token

    # Return our response
    return cors_response(simplejson.dumps(result_dict))