def get(self, request, user_id):
user = request.user
if CommonHelpers.is_int_equal(user_id, user.id) or user.is_admin():
if not AccountHelpers.is_user_having_account(user_id):
return render(request, 'error.html', {
'err': 'User has no accounts',
})
links = AccountHelpers.get_user_accounts(user_id)
return render(request, 'list_template.html', {
'title': 'User Accounts',
'links': links,
})
elif user.is_employee() or user.is_manager():
if not AccountHelpers.is_user_having_account(user_id):
return render(request, 'error.html', {
'err': 'User has no accounts',
})
links = AccountHelpers.get_user_assigned_accounts(user_id, user)
return render(request, 'list_template.html', {
'title': 'User Accounts',
'links': links,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this.',
})
def get(self, request, user_id, account_id):
user = request.user
if CommonHelpers.is_int_equal(user_id, user.id) or user.is_admin():
account = AccountHelpers.get_account(user_id, account_id)
if account:
form = UserAccountForm(instance=account)
return render(
request, 'form_template.html', {
'title': 'Account',
'form': form,
'hide_btn': True,
'readonly': True,
})
else:
return render(request, 'error.html', {
'err': 'Account does not exist.',
})
elif user.is_employee() or user.is_manager():
account = AccountHelpers.get_assigned_account_details(
user_id, account_id, user)
if account:
form = UserAccountForm(instance=account)
return render(
request, 'form_template.html', {
'title': 'Account',
'form': form,
'hide_btn': True,
'readonly': True,
})
else:
return render(
request, 'error.html', {
'err':
'Account does not exist or You do not have permissions to access it.',
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this.',
})
def get(self, request):
user = request.user
if user.is_admin():
links = AccountHelpers.get_users_having_accounts()
return render(request, 'list_template.html', {
'title': 'Users Having Accounts',
'links': links,
})
elif user.is_employee() or user.is_manager():
links = AccountHelpers.get_users_assigned_to_manager_employee(user)
return render(request, 'list_template.html', {
'title': 'Users Having Accounts',
'links': links,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this.',
})
def get(self, request):
user = request.user
if user.is_internal_user():
links = TransactionHelpers.get_completed_transactions()
return render(request, 'list_template.html', {
'title': 'Transaction History',
'links': links,
})
elif AccountHelpers.is_user_having_account(user.id):
links = TransactionHelpers.get_completed_transactions(user)
return render(request, 'list_template.html', {
'title': 'Transaction History',
'links': links,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permission to view this',
})
def get(self, request):
user = request.user
if TransactionHelpers.is_transaction_limit_reached(user):
return render(request, 'error.html', {
'err': 'You cannot create more transactions due to pending transactions'
})
# PKI
user_encrypted_data, server_encrypted_data = PKIHelpers.get_encrypted_token(user)
if user_encrypted_data is None or server_encrypted_data is None:
return render(request, 'error.html', {
'err': 'PKI has not been configured. Set it up to perform transactions.',
})
request.session[self.INTERNAL_PKI_TOKEN] = server_encrypted_data
use_pki = PKIHelpers.get_pki_dictionary(user_encrypted_data)
if user.is_employee():
form = TransactionForms.InternalRequestForm(user)
elif user.is_internal_user():
return render(request, 'error.html', {
'err': 'You cannot create transactions'
})
elif AccountHelpers.is_user_having_account(user.id):
form = TransactionForms.ExternalRequestForm(user)
else:
return render(request, 'error.html', {
'err': 'User has no accounts.'
})
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'use_pki': use_pki,
})
def assign_permissions(user_request):
request_type = user_request.request_type
model_type = user_request.model_type
assign_to = user_request.from_user
if request_type == UserRequest.READ:
if model_type == UserRequest.USER:
user_obj = user_request.user_obj
UserObjectPermission.objects.assign_perm('read_user', assign_to, user_obj)
elif model_type == UserRequest.ACCOUNT:
account_obj = user_request.account_obj
UserObjectPermission.objects.assign_perm('read_account', assign_to, account_obj)
elif model_type == UserRequest.TRANSACTION:
transaction_obj = user_request.transaction_obj
UserObjectPermission.objects.assign_perm('read_transaction', assign_to, transaction_obj)
elif model_type == UserRequest.PII_ACCESS:
pii_obj = user_request.pii_obj
UserObjectPermission.objects.assign_perm('read_pii', assign_to, pii_obj)
else:
return False
elif request_type == UserRequest.CREATE:
if model_type == UserRequest.ACCOUNT:
if user_request.account_obj:
MerchantPaymentAccount.objects.create(merchant_user=user_request.from_user, account=user_request.account_obj)
else:
AccountHelpers.create_account_for_user(assign_to)
else:
return False
elif request_type == UserRequest.UPDATE:
if model_type == UserRequest.USER:
user_obj = user_request.user_obj
UserObjectPermission.objects.assign_perm('edit_user', assign_to, user_obj)
else:
return False
elif request_type == UserRequest.DELETE:
if model_type == UserRequest.USER:
user_obj = user_request.user_obj
form = RequestForm(data={
'to_user': assign_to.get_assigned_admin().id,
'request_type': UserRequest.COMPLETE_DELETE,
'model_type': UserRequest.USER,
})
if form.is_valid():
new_request = form.save(commit=False)
new_request.from_user = assign_to
new_request.user_obj = user_obj
new_request.save()
else:
return False
else:
return False
elif request_type == UserRequest.COMPLETE_UPDATE:
if model_type == UserRequest.USER:
user_obj = user_request.user_obj
edit_user = get_edited_user(user_obj)
if edit_user:
update_user_from_edited_version(edit_user)
else:
return False
else:
return False
elif request_type == UserRequest.COMPLETE_DELETE:
if model_type == UserRequest.USER:
user_obj = user_request.user_obj
delete_request_from_external_user = UserRequest.objects.filter(is_approved=True, model_type=UserRequest.USER, request_type=UserRequest.DELETE, from_user=user_obj, user_obj=user_obj).count()
complete_delete_request_related = UserRequest.objects.filter(is_approved=True, model_type=UserRequest.USER, request_type=UserRequest.COMPLETE_DELETE, user_obj=user_obj).count()
# Handle case that an internal user cannot raise request to delete external user without consent
if delete_request_from_external_user > 0:
if delete_request_from_external_user == complete_delete_request_related + 1:
if not safely_delete_user(user_obj):
return False
else:
return False
else:
return False
else:
return False
else:
return False
return True
def post(self, request):
user = request.user
if TransactionHelpers.is_transaction_limit_reached(user):
return render(request, 'error.html', {
'err': 'You cannot create more transactions due to pending transactions'
})
if user.is_employee():
form = TransactionForms.InternalRequestForm(user, request.POST)
elif user.is_internal_user():
return render(request, 'error.html', {
'err': 'You cannot create transactions'
})
elif AccountHelpers.is_user_having_account(user.id):
form = TransactionForms.ExternalRequestForm(user, request.POST)
else:
return render(request, 'error.html', {
'err': 'User has no accounts.'
})
if form.is_valid():
# PKI Verify
pki_token = request.POST.get('pki_token', None)
internal_pki_token = request.session.get(self.INTERNAL_PKI_TOKEN, None)
if pki_token is None or internal_pki_token is None:
return render(request, 'error.html', {
'err': 'PKI Verification Failed. Try to reset your PKI and try again.'
})
if PKIHelpers.verify_pki(pki_token, internal_pki_token):
print('PKI Verified')
else:
return render(request, 'error.html', {
'err': 'PKI Verification Failed. Try to reset your PKI and try again.'
})
otp_token = request.POST.get('otp_token', None)
if not otp_token:
extra_form = TransactionForms.VerifyOTPForm()
return render(request, 'form_template.html', {
'title': 'Confirm OTP',
'form': form,
'extra_form': extra_form,
'extra_form_virtual_keyboard': True,
})
extra_form = TransactionForms.VerifyOTPForm(request, data=request.POST)
if extra_form.is_valid():
transaction = form.save(commit=False)
transaction.created_by = user
transaction.save()
messages.success(request, 'Transaction Created')
logger.info("Request for transaction created by %s", str(user.username))
return HttpResponseRedirect(reverse('app:HomeView'))
else:
messages.error(request, 'Incorrect OTP')
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'form': form,
'title': 'Transaction',
})