def patch(self: Controller): """ Set context.method Set context.form :return: """ # Preserve patches patches = context.form results = [] context.jsonpatch = True try: for patch in patches: context.form = patch.get('value', {}) context.method = patch['op'] remaining_paths = patch['path'].split('/') if remaining_paths and not remaining_paths[0]: return_data = self() else: return_data = self(*remaining_paths) results.append(return_data) DBSession.flush() DBSession.commit() return '[%s]' % ',\n'.join(results) except: if DBSession.is_active: DBSession.rollback() raise finally: del context.jsonpatch
def patch(self: Controller): try: results = super().patch() DBSession.commit() results = [r.to_dict() if hasattr(r, 'to_dict') else r \ for r in results] return results except: if DBSession.is_active: DBSession.rollback() raise finally: del context.jsonpatch
def patch(self: Controller): """ Set context.method Set context.form :return: """ # Preserve patches patches = context.form results = [] context.jsonpatch = True try: for patch in patches: context.form = patch.get('value', {}) path, context.query = split_path(patch['path']) context.method = patch['op'].lower() context.request_content_length = \ len(context.form) if context.form else 0 remaining_paths = path.split('/') if remaining_paths and not remaining_paths[0]: return_data = self() else: return_data = self(*remaining_paths) if isinstance(return_data, types.GeneratorType): results.append('"%s"' % ''.join(list(return_data))) else: results.append(return_data) DBSession.flush() context.query = {} DBSession.commit() return '[%s]' % ',\n'.join(results) except: if DBSession.is_active: DBSession.rollback() raise finally: del context.jsonpatch
def post(self, inner_resource: str): # TODO: Warning: DDOS! # TODO: Fix these shits! # TODO: Add some salt to prevent man in the middle (Extra field to send on creation and check on verification, # Use description part) if inner_resource == 'pay-irs': status = context.form.get('status', None) trans_id = context.form.get('transId', None) factor_number = context.form.get('factorNumber', None) _ = context.form.get('description', None) card_number = context.form.get('cardNumber', None) trace_number = context.form.get('traceNumber', None) _ = context.form.get('message', None) result = 'successful' if status == 0: result = 'bad-status' elif factor_number is None: result = 'bad-factor-number' elif trace_number is None: result = 'bad-trace-number' else: target_transaction = Cashin.query \ .filter(Cashin.id == factor_number) \ .filter(Cashin.reference_id.is_(None)) \ .filter(Cashin.transaction_id == trans_id).one_or_none() if target_transaction is None: result = 'bad-transaction' elif card_number[:6] != target_transaction.banking_id.pan.replace('-', '')[:6] or \ card_number[-4:] != target_transaction.banking_id.pan[-4:]: result = 'bad-card' else: payment_gateway = target_transaction.payment_gateway shaparak_provider = create_shaparak_provider() try: amount, _, _ = shaparak_provider.verify_transaction( target_transaction.transaction_id) amount = payment_gateway.fiat.input_to_normalized( str(amount), strict=False) # TODO: After verification, add a record with error to be possible to follow the problem later if target_transaction.amount != amount: result = 'bad-amount' else: try: # Set reference_id target_transaction.reference_id = trace_number stexchange_client.balance_update( user_id=target_transaction.member_id, asset=target_transaction.payment_gateway. fiat_symbol, # FIXME business="cashin", # FIXME business_id=target_transaction. id, # FIXME: Think about double payment change=payment_gateway.fiat. format_normalized_string( target_transaction.amount - target_transaction.commission), detail=target_transaction.to_dict(), ) # FIXME: Important !!!! : rollback the updated balance if # DBSession.commit() was not successful DBSession.commit() except StexchangeException as e: if DBSession.is_active: DBSession.rollback() result = 'stexchange-error' + str( e # FIXME: Delete the exception message for deployment ) except: import traceback traceback.print_exc() if DBSession.is_active: DBSession.rollback() result = 'internal-error' except ShaparakError: result = 'not-verified' raise HttpFound( f'{settings.shaparak.pay_ir.result_redirect_url}?result={result}' ) raise HttpMethodNotAllowed()