def get(self, request, user_id):
user = request.user
if CommonHelpers.is_int_equal(user_id, user.id) or user.is_admin():
if not AccountHelpers.is_user_having_account(user_id):
return render(request, 'error.html', {
'err': 'User has no accounts',
})
links = AccountHelpers.get_user_accounts(user_id)
return render(request, 'list_template.html', {
'title': 'User Accounts',
'links': links,
})
elif user.is_employee() or user.is_manager():
if not AccountHelpers.is_user_having_account(user_id):
return render(request, 'error.html', {
'err': 'User has no accounts',
})
links = AccountHelpers.get_user_assigned_accounts(user_id, user)
return render(request, 'list_template.html', {
'title': 'User Accounts',
'links': links,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permissions to view this.',
})
def get(self, request):
user = request.user
if user.is_internal_user():
links = TransactionHelpers.get_completed_transactions()
return render(request, 'list_template.html', {
'title': 'Transaction History',
'links': links,
})
elif AccountHelpers.is_user_having_account(user.id):
links = TransactionHelpers.get_completed_transactions(user)
return render(request, 'list_template.html', {
'title': 'Transaction History',
'links': links,
})
else:
return render(request, 'error.html', {
'err': 'You do not have permission to view this',
})
def get(self, request):
user = request.user
if TransactionHelpers.is_transaction_limit_reached(user):
return render(request, 'error.html', {
'err': 'You cannot create more transactions due to pending transactions'
})
# PKI
user_encrypted_data, server_encrypted_data = PKIHelpers.get_encrypted_token(user)
if user_encrypted_data is None or server_encrypted_data is None:
return render(request, 'error.html', {
'err': 'PKI has not been configured. Set it up to perform transactions.',
})
request.session[self.INTERNAL_PKI_TOKEN] = server_encrypted_data
use_pki = PKIHelpers.get_pki_dictionary(user_encrypted_data)
if user.is_employee():
form = TransactionForms.InternalRequestForm(user)
elif user.is_internal_user():
return render(request, 'error.html', {
'err': 'You cannot create transactions'
})
elif AccountHelpers.is_user_having_account(user.id):
form = TransactionForms.ExternalRequestForm(user)
else:
return render(request, 'error.html', {
'err': 'User has no accounts.'
})
return render(request, 'form_template.html', {
'title': 'Transaction',
'form': form,
'use_pki': use_pki,
})
def post(self, request):
user = request.user
if TransactionHelpers.is_transaction_limit_reached(user):
return render(request, 'error.html', {
'err': 'You cannot create more transactions due to pending transactions'
})
if user.is_employee():
form = TransactionForms.InternalRequestForm(user, request.POST)
elif user.is_internal_user():
return render(request, 'error.html', {
'err': 'You cannot create transactions'
})
elif AccountHelpers.is_user_having_account(user.id):
form = TransactionForms.ExternalRequestForm(user, request.POST)
else:
return render(request, 'error.html', {
'err': 'User has no accounts.'
})
if form.is_valid():
# PKI Verify
pki_token = request.POST.get('pki_token', None)
internal_pki_token = request.session.get(self.INTERNAL_PKI_TOKEN, None)
if pki_token is None or internal_pki_token is None:
return render(request, 'error.html', {
'err': 'PKI Verification Failed. Try to reset your PKI and try again.'
})
if PKIHelpers.verify_pki(pki_token, internal_pki_token):
print('PKI Verified')
else:
return render(request, 'error.html', {
'err': 'PKI Verification Failed. Try to reset your PKI and try again.'
})
otp_token = request.POST.get('otp_token', None)
if not otp_token:
extra_form = TransactionForms.VerifyOTPForm()
return render(request, 'form_template.html', {
'title': 'Confirm OTP',
'form': form,
'extra_form': extra_form,
'extra_form_virtual_keyboard': True,
})
extra_form = TransactionForms.VerifyOTPForm(request, data=request.POST)
if extra_form.is_valid():
transaction = form.save(commit=False)
transaction.created_by = user
transaction.save()
messages.success(request, 'Transaction Created')
logger.info("Request for transaction created by %s", str(user.username))
return HttpResponseRedirect(reverse('app:HomeView'))
else:
messages.error(request, 'Incorrect OTP')
return HttpResponseRedirect(reverse('app:HomeView'))
return render(request, 'form_template.html', {
'form': form,
'title': 'Transaction',
})