def build_access_request_data(registration, event, generate_code): """Return a dictionary with data required by ADaMS API.""" from indico_cern_access.plugin import CERNAccessPlugin start_dt, end_dt = get_access_dates(get_last_request(event)) tz = timezone('Europe/Zurich') title = do_truncate(None, str_to_ascii(remove_accents(event.title)), 100, leeway=0) if generate_code: reservation_code = get_random_reservation_code() else: reservation_code = registration.cern_access_request.reservation_code data = {'$id': generate_access_id(registration.id), '$rc': reservation_code, '$gn': title, '$fn': str_to_ascii(remove_accents(registration.first_name)), '$ln': str_to_ascii(remove_accents(registration.last_name)), '$sd': start_dt.astimezone(tz).strftime('%Y-%m-%dT%H:%M'), '$ed': end_dt.astimezone(tz).strftime('%Y-%m-%dT%H:%M')} if registration.cern_access_request and registration.cern_access_request.license_plate: data['$lp'] = registration.cern_access_request.license_plate checksum = ';;'.join(f'{key}:{value}' for key, value in sorted(data.items())) signature = hmac.new(CERNAccessPlugin.settings.get('secret_key').encode(), checksum.encode(), hashlib.sha256) data['$si'] = signature.hexdigest() return data
def adjust_payment_form_data(self, data): event = data['event'] registration = data['registration'] data['item_name'] = '{}: registration for {}'.format( str_to_ascii(remove_accents(registration.full_name)), str_to_ascii(remove_accents(event.title))) data['return_url'] = url_for_plugin('payment_paypal.success', registration.locator.uuid, _external=True) data['cancel_url'] = url_for_plugin('payment_paypal.cancel', registration.locator.uuid, _external=True) data['notify_url'] = url_for_plugin('payment_paypal.notify', registration.locator.uuid, _external=True)
def secure_filename(filename, fallback): """Return a secure version of a filename. This removes possibly dangerous characters and also converts the filename to plain ASCII for maximum compatibility. It should only be used for file system storage, since especially filenames written in asian languages likely become useless when stripping anything that's not ASCII; use :func:`secure_client_filename` for client-facing filenames. :param filename: A filename :param fallback: The filename to use if there were no safe chars in the original filename. """ if not filename: return fallback return _secure_filename(str_to_ascii(filename)) or fallback
def _generate_form_data(self, amount, data): if amount is None: return {} registration = data['registration'] personal_data = registration.get_personal_data() event = data['event'] currency = data['currency'] seed = data['settings'][f'hash_seed_{currency.lower()}'] shop_id = data['settings'][f'shop_id_{currency.lower()}'] method = get_payment_method(event, currency, data['selected_method']) if method is None: raise UserValueError(_('Invalid currency')) template_page = '' # yes, apparently it's supposed to be empty.. template_hash = sha512((seed + template_page).encode()).hexdigest() order_id = self._get_order_id(data) locator = registration.locator.uuid address = re.sub(r'(\r?\n)+', ', ', personal_data.get('address', '')) form_data = { 'PSPID': shop_id, 'ORDERID': order_id, 'AMOUNT': int(amount * 100), 'CURRENCY': currency, 'LANGUAGE': session.lang, 'CN': str_to_ascii(remove_accents(registration.full_name[:35])), 'EMAIL': registration.email[:50], 'OWNERADDRESS': address[:35], 'OWNERTELNO': personal_data.get('phone', '')[:30], 'TP': template_page + '&hash=' + template_hash, 'PM': method['type'], 'BRAND': method['name'], 'PARAMVAR': data['settings']['server_url_suffix'], 'HOMEURL': url_for('event_registration.display_regform', locator, _external=True), 'ACCEPTURL': url_for_plugin('payment_cern.success', locator, _external=True), 'CANCELURL': url_for_plugin('payment_cern.cancel', locator, _external=True), 'DECLINEURL': url_for_plugin('payment_cern.decline', locator, _external=True), 'EXCEPTIONURL': url_for_plugin('payment_cern.uncertain', locator, _external=True), 'BACKURL': url_for('payment.event_payment', locator, _external=True) } form_data['SHASIGN'] = create_hash(seed, form_data) return form_data