def get(request): """ Respond to the "/user/get" API call. """ try: # Extract our payload from the request parameters. request_payload = api_helper.process_request(request) if "error" in request_payload: return request_payload['error'] # Check that the required fields are present. error = api_helper.check_fields(request_payload, required_fields=["session_key"]) if error != None: return error # Retrieve the user's details, including a list of all the user's # accounts. user = request_payload['session'].user response_payload = {'user_id' : user.user_id, 'name' : user.name, 'accounts' : []} # initially. for account in Account.objects.filter(user_id=user.user_id): account_id = \ account_helper.make_account_id(account.user_id, account.associated_user_id, account.suffix) response_payload['accounts'].append(account_id) # Finally, return the user's details back to the caller. return api_helper.response(request_payload, response_payload) except: traceback.print_exc() return HttpResponseServerError()
def enter_transaction(request): """ Respond to the "/admin/account/transaction" URL. We let the user enter a transaction into the system. """ if request.method == "GET": # We're displaying the form for the first time -> set up the default # values. err_msg = None type = "P" user_id = "" associated_user_id = "" suffix = "" other_user_id = "" other_associated_user_id = "" other_suffix = "" amount = "" description = "" elif request.method == "POST": # Respond to the user submitting our form. if request.POST.get("cancel") == "Cancel": return HttpResponseRedirect(reverse("tahua.admin_interface." + "views.main.main")) err_msg = None # initially. type = request.POST['type'] user_id = request.POST['user_id'] associated_user_id = request.POST['associated_user_id'] suffix = request.POST['suffix'] other_user_id = request.POST['other_user_id'] other_associated_user_id = request.POST['other_associated_user_id'] other_suffix = request.POST['other_suffix'] amount = request.POST['amount'] description = request.POST['description'] account_id = account_helper.make_account_id(user_id, associated_user_id, suffix) if not account_helper.is_valid_account_id(account_id): err_msg = "You must enter a valid account identifier." if user_id not in ["", None]: try: user = User.objects.get(user_id=user_id) except User.DoesNotExist: err_msg = "There is no user with ID " + user_id if associated_user_id not in ["", None]: try: user = User.objects.get(user_id=associated_user_id) except User.DoesNotExist: err_msg = "There is no user with ID " + associated_user_id if err_msg == None: try: dec_amount = decimal.Decimal(amount) except decimal.InvalidOperation: err_msg = "Invalid amount." if err_msg == None: if type not in [Transaction.TYPE_DEPOSIT, Transaction.TYPE_WITHDRAWAL, Transaction.TYPE_PAYMENT, Transaction.TYPE_REVERSAL, Transaction.TYPE_ADJUSTMENT]: err_msg = "Please select a valid transaction type." if err_msg == None: if type == Transaction.TYPE_PAYMENT: other_account_id = \ account_helper.make_account_id(other_user_id, other_associated_user_id, other_suffix) if not account_helper.is_valid_account_id(other_account_id): err_msg = "You must enter a valid other account identifier." # If the entered data was accepted, enter the transaction into the # system. if err_msg == None: account = account_helper.get_or_create_account(account_id) if type == Transaction.TYPE_PAYMENT: other_account = \ account_helper.get_or_create_account(other_account_id) else: other_account = None meta_data = {} if description != "": meta_data['description'] = description if type == Transaction.TYPE_PAYMENT: dec_amount = -dec_amount # Deduct amount from source account. transaction = Transaction() transaction.account = account transaction.other_account = other_account transaction.timestamp = datetime.datetime.now() transaction.type = type transaction.amount = dec_amount transaction.metadata = json.dumps(meta_data) transaction.save() # If the user is entering a payment, enter the reverse transaction # at the same time. if type == Transaction.TYPE_PAYMENT: transaction = Transaction() transaction.account = other_account transaction.other_account = account transaction.timestamp = datetime.datetime.now() transaction.type = type transaction.amount = -dec_amount transaction.metadata = json.dumps(meta_data) transaction.save() # Finally, tell the user about the entered transaction. if type == Transaction.TYPE_PAYMENT: msg = utils.formatDecimalAsMoney(-dec_amount) \ + " has been transferred from " + account.describe() \ + " to " + other_account.describe() + "." else: msg = 'A transaction of type "' + transaction.type_to_string() \ + '" to the value of ' \ + utils.formatDecimalAsMoney(dec_amount) \ + ' has been entered against the ' \ + account.describe() return render_to_response("admin_interface/" + "transaction_entered.html", {'msg' : msg}, context_instance=RequestContext(request)) # If we get here, display the form to the user. return render_to_response("admin_interface/enter_transaction.html", {'err_msg' : err_msg, 'type' : type, 'user_id' : user_id, 'associated_user_id' : associated_user_id, 'suffix' : suffix, 'other_user_id' : other_user_id, 'other_associated_user_id' : other_associated_user_id, 'other_suffix' : other_suffix, 'amount' : amount, 'description' : description}, context_instance=RequestContext(request))
def get(request): """ Respond to the "/account/get" API call. """ try: # Extract our payload from the request parameters. request_payload = api_helper.process_request(request) if "error" in request_payload: return request_payload['error'] # Check that the required fields are present. error = api_helper.check_fields(request_payload, required_fields=["session_key", "account_id"]) if error != None: return error session = request_payload['session'] account_id = request_payload['fields']['account_id'] if not account_helper.is_valid_account_id(account_id): return api_helper.error(request_payload, api_errors.INVALID_ACCOUNT_ID) # Make sure the user is allowed to access the given account. if account_id != None: if session.user.user_id != account_id.get("user_id"): return api_helper.error(request_payload, api_errors.UNAUTHORIZED) # Get the desired account, if it exists. account = account_helper.get_account(account_id) # Build our response payload, based on the account's details. We start # with the account record itself. response_payload = {} response_payload['account'] = {} if account != None: response_payload['account']['exists'] = 1 else: response_payload['account']['exists'] = 0 # Add the account's current balance. balance = decimal.Decimal("0.00") if account != None: transactions = account.transaction_set.all().order_by("timestamp") for transaction in transactions: balance = balance + transaction.amount response_payload['account']['balance'] = balance # Add the list of transactions for this account. response_payload['account']['transactions'] = [] if account != None: transactions = account.transaction_set.all().order_by("timestamp") for transaction in transactions: timestamp = transaction.timestamp.isoformat() amount = transaction.amount metadata = transaction.get_metadata() transaction_data = {'timestamp' : timestamp, 'amount' : amount, 'meta_data' : metadata} other_account = transaction.other_account if other_account != None: other_account_id = account_helper.make_account_id( other_account.user_id, other_account.associated_user_id, other_account.suffix) transaction_data['other_account'] = other_account_id response_payload['account']['transactions'].append( transaction_data) # Add the account's metadata. Note that we exclude the password and pin # number, for security reasons. if account != None: metadata = account.get_metadata() else: metadata = {} if "password" in metadata: del metadata['password'] if "pin_number" in metadata: del metadata['pin_number'] response_payload['account']['meta_data'] = metadata # Add the account's policies, taking into account each policy's default # value, the user-specific override (if any), and account-specific # override (if any). policies = {} for policy in Policy.objects.all(): default = policy.get_default() try: override = PolicyUserOverride.objects.get(policy=policy, user=session.user) user_override = override.get_override() except PolicyUserOverride.DoesNotExist: user_override = None if account != None: try: override = \ PolicyAccountOverride.objects.get(policy=policy, account=account) account_override = override.get_override() except PolicyAccountOverride.DoesNotExist: account_override = None else: account_override = None if account_override != None: value = account_override elif user_override != None: value = user_override else: value = default policies[policy.name] = value response_payload['account']['policies'] = policies # Add the account's update ID. if account != None: response_payload['update_id'] = account.update_id else: response_payload['update_id'] = 0 # Finally, return the response payload back to the caller. return api_helper.response(request_payload, response_payload) except: traceback.print_exc() return HttpResponseServerError()