def post(self, request, *args, **kwargs): if not check_permissions_by_user(request.user, 'CAN_ADD_AGENT_SMARTCARD'): return render(request, 'web/permission-denied.html') self.logger.info('========== Start adding agent smart card ==========') context = super(SmartCardView, self).get_context_data(**kwargs) agent_id = context['agent_id'] params = { "card_number": request.POST.get('number'), "card_serial": request.POST.get('serial') } is_success = self._add_agent_smart_card(agent_id, params) self.logger.info( '========== Finished adding agent smartcard ==========') if is_success: return redirect(request.META['HTTP_REFERER']) else: agent_smartcard = self._get_agent_smartcard(agent_id) permissions = { 'is_perm_add_smart_card': check_permissions_by_user(self.request.user, "CAN_ADD_AGENT_SMARTCARD"), 'is_perm_del_smart_card': check_permissions_by_user(self.request.user, "CAN_DELETE_AGENT_SMARTCARD"), } context = { "smartcards": agent_smartcard, 'permissions': permissions, "agent_id": agent_id } return render(request, self.template_name, context)
def post(self, request, *args, **kwargs): self.logger.info('========== Start get card provider list ==========') context = super(CardProviderList, self).get_context_data(**kwargs) provider_name = request.POST.get('provider_name') params = {} if provider_name: params['name'] = provider_name self.logger.info('Params: {}'.format(params)) is_success, status_code, status_message, data = RestFulClient.post( url=self.url, headers=self._get_headers(), loggers=self.logger, timeout=settings.GLOBAL_TIMEOUT, params=params) if not is_success: if status_code in [ "access_token_expire", 'authentication_fail', 'invalid_access_token' ]: self.logger.info("{}".format(status_message)) raise InvalidAccessToken(status_message) self.logger.info('Response_content_count: {}'.format(len(data))) is_permission_detail = check_permissions_by_user( self.request.user, 'SYS_VIEW_DETAIL_PROVIDER') is_permission_edit = check_permissions_by_user(self.request.user, 'SYS_EDIT_PROVIDER') for i in data: i['is_permission_detail'] = is_permission_detail i['is_permission_edit'] = is_permission_edit context.update({'data': data, 'provider_name': provider_name}) self.logger.info('========== Finish get card provider list ==========') return render(request, self.template_name, context)
def get_service_group_list(self, body): is_success, status_code, status_message, data = RestFulClient.post(url=api_settings.SERVICE_GROUP_LIST_PATH, headers=self._get_headers(), loggers=self.logger, params=body) is_permission_detail = check_permissions_by_user(self.request.user, 'CAN_VIEW_SERVICE_GROUP') is_permission_edit = check_permissions_by_user(self.request.user, 'CAN_EDIT_SERVICE_GROUP') is_permission_delete = check_permissions_by_user(self.request.user, 'CAN_DELETE_SERVICE_GROUP') if is_success: self.logger.info('Finished get service group list') for i in data.get('service_groups'): i['is_permission_detail'] = is_permission_detail i['is_permission_edit'] = is_permission_edit i['is_permission_delete'] = is_permission_delete else: if status_code == "Timeout": self.logger.error('Search service group list request timeout') status_message = 'Search timeout, please try again or contact technical support' else: self.logger.error('Search service group list request failed') status_message = 'Search failed, please try again or contact support' messages.add_message( self.request, messages.ERROR, status_message ) API_Logger.get_logging(loggers=self.logger, response=data, status_code=status_code) return data, is_success
def _get_has_permissions(self): permissions = { 'is_perm_order_detail': check_permissions_by_user(self.request.user, "CAN_VIEW_PAYMENT_ORDER_DETAIL"), 'is_perm_order_search': check_permissions_by_user(self.request.user, "CAN_SEARCH_PAYMENT_ORDER"), 'is_perm_order_export': check_permissions_by_user(self.request.user, "CAN_EXPORT_PAYMENT_ORDER") } return permissions
def get_context_data(self, **kwargs): context = super(RoleList, self).get_context_data(**kwargs) is_success, status_code, status_message, data = RestFulClient.post( url=api_settings.ROLE_LIST, headers=self._get_headers(), loggers=self.logger) permissions = {} permissions['is_permission_detail'] = check_permissions_by_user( self.request.user, 'CAN_VIEW_ROLE') permissions['is_permission_edit'] = check_permissions_by_user( self.request.user, 'CAN_EDIT_ROLE') permissions['is_permission_delete'] = check_permissions_by_user( self.request.user, 'CAN_DELETE_ROLE') permissions['is_permission_manage'] = check_permissions_by_user( self.request.user, 'CAN_MANAGE_PERM_FOR_ROLE') if is_success: self.logger.info("Roles have [{}] role in database".format( len(data))) context['roles'] = data context['permissions'] = permissions elif (status_code == "access_token_expire") or ( status_code == 'authentication_fail') or (status_code == 'invalid_access_token'): self.logger.info("{} for {} username".format( status_message, self.request.user)) raise InvalidAccessToken(status_message) return context
def post(self, request, *args, **kwargs): campaign_name = request.POST.get('campaign_name') campaign_id = request.POST.get('campaign_id') status = request.POST.get('status') start_date = request.POST.get('dtp_from') to_date = request.POST.get('dtp_to') body = {} # if campaign_name: # body['campaign_name'] = campaign_name if campaign_id: body['rule_id'] = int(campaign_id) if (status == 'True'): body['is_active'] = True if (status == 'False'): body['is_active'] = False if start_date: new_from_created_timestamp = datetime.strptime( start_date, "%Y-%m-%d") new_from_created_timestamp = new_from_created_timestamp.strftime( '%Y-%m-%dT%H:%M:%SZ') body['start_active_timestamp'] = new_from_created_timestamp if to_date: new_to_created_timestamp = datetime.strptime(to_date, "%Y-%m-%d") new_to_created_timestamp = new_to_created_timestamp.replace( hour=23, minute=59, second=59) new_to_created_timestamp = new_to_created_timestamp.strftime( '%Y-%m-%dT%H:%M:%SZ') body['end_active_timestamp'] = new_to_created_timestamp self.logger.info('========== Start searching Campaign ==========') data = self._search_for_campaigns(body) is_permission_detail = check_permissions_by_user( self.request.user, 'CAN_VIEW_CAMPAIGN_DETAILS') is_permission_update_status = check_permissions_by_user( self.request.user, 'CAN_UDATE_CAMPAIGN_STATUS') for i in data: i['is_permission_detail'] = is_permission_detail i['is_permission_update_status'] = is_permission_update_status #data = self.format_data(data) status_list = self._get_status_list() context = { 'data': data, 'status_list': status_list, 'campaign_name': campaign_name, 'campaign_id': campaign_id, 'selected_status': status, 'start_date': start_date, 'to_date': to_date, } self.logger.info('========== Finished searching Campaign ==========') return render(request, self.template_name, context)
def _check_permission_list_page(self): self.logger.info("Checking permission for permission entities page") return { "sys_view_permission_entities": check_permissions_by_user(self.request.user, 'SYS_VIEW_PERMISSION_ENTITIES'), "sys_edit_permission_entities": check_permissions_by_user(self.request.user, 'SYS_EDIT_PERMISSION_ENTITIES'), "sys_delete_permission_entities": check_permissions_by_user(self.request.user, 'SYS_DELETE_PERMISSION_ENTITIES') }
def _get_agents(self, params): self.logger.info('========== Start searching agent ==========') api_path = SEARCH_AGENT success, status_code, status_message, data = RestFulClient.post( url=api_path, headers=self._get_headers(), loggers=self.logger, params=params) data = data or {} API_Logger.post_logging(loggers=self.logger, params=params, response=data.get('agents', []), status_code=status_code, is_getting_list=True) if success: has_permission_view = check_permissions_by_user( self.request.user, 'CAN_VIEW_AGENT') has_permission_edit = check_permissions_by_user( self.request.user, 'CAN_EDIT_AGENT_DETAILS') has_permission_delete = check_permissions_by_user( self.request.user, 'CAN_DELETE_AGENT') has_permission_identity = check_permissions_by_user( self.request.user, 'CAN_VIEW_AGENT_IDENTITIES') has_permission_smartcard = check_permissions_by_user( self.request.user, 'CAN_VIEW_AGENT_SMARTCARD') has_permission_sofcash = check_permissions_by_user( self.request.user, 'CAN_VIEW_AGENT_SOFCASH') has_permission_sofbank = check_permissions_by_user( self.request.user, 'CAN_VIEW_AGENT_SOFBANK') has_permission_suspend = check_permissions_by_user( self.request.user, 'CAN_SUSPEND_AGENTS') has_permission_individual_wallet = check_permissions_by_user( self.request.user, 'CAN_VIEW_AGENT_INDIVIDUAL_WALLET') has_permission_management = self.check_membership( ['CAN_VIEW_PROFILE_MANAGEMENT']) agents = data.get('agents', []) for i in agents: i['has_permission_view'] = has_permission_view i['has_permission_edit'] = has_permission_edit i['has_permission_delete'] = has_permission_delete i['has_permission_identity'] = has_permission_identity i['has_permission_individual_wallet'] = has_permission_individual_wallet i['has_permission_smartcard'] = has_permission_smartcard i['has_permission_sofcash'] = has_permission_sofcash i['has_permission_sofbank'] = has_permission_sofbank i['has_permission_suspend'] = has_permission_suspend i['has_permission_management'] = has_permission_management self.logger.info('========== Finished searching agent ==========') return data, success, status_message
def get(self, request, *args, **kwargs): data = self.get_campaigns() is_permission_detail = check_permissions_by_user( self.request.user, 'CAN_VIEW_CAMPAIGN_DETAILS') is_permission_update_status = check_permissions_by_user( self.request.user, 'CAN_UDATE_CAMPAIGN_STATUS') for i in data: i['is_permission_detail'] = is_permission_detail i['is_permission_update_status'] = is_permission_update_status status_list = self._get_status_list() context = { 'data': data, 'status_list': status_list, } return render(request, self.template_name, context)
def get(self, request, *args, **kwargs): self.logger.info('========== Start getting provider detail ==========') context = super(DetailView, self).get_context_data(**kwargs) provider_id = context['provider_id'] url = GET_DETAIL_PROVIDER.format(provider_id=provider_id) is_success, status_code, data = RestFulClient.get( url=url, headers=self._get_headers(), loggers=self.logger) if is_success: if data is None or data == "": data = [] else: if status_code in [ "access_token_expire", 'authentication_fail', 'invalid_access_token' ]: self.logger.info("{}".format(data)) raise InvalidAccessToken(data) data = [] messages.add_message(self.request, messages.ERROR, "Something went wrong") self.logger.info('Response_content: {}'.format(data)) is_permission_edit = check_permissions_by_user(self.request.user, 'SYS_EDIT_PROVIDER') context['is_permission_edit'] = is_permission_edit context['data'] = data self.logger.info( '========== Finish getting provider detail ==========') return render(request, self.template_name, context)
def get_context_data(self, **kwargs): context = super(ListView, self).get_context_data(**kwargs) self.logger.info('========== Start get Service Group List ==========') self.initSearchDateTime(context) body = { 'is_deleted': False, 'paging': True, 'page_index': 1 } data, is_success = self.get_service_group_list(body) self.logger.info('========== Finished get Service Group List ==========') if is_success: page = data.get("page", {}) context.update({ 'data': data.get('service_groups'), 'paginator': page, 'page_range': calculate_page_range_from_page_info(page), 'search_count': page.get('total_elements', 0), 'is_show_export': check_permissions_by_user(self.request.user, 'CAN_EXPORT_SERVICE_GROUP') }) else: context.update({ 'data': [], 'is_show_export': False }) return context
def grant_channel_access(request, agent_id, shop_id, channel_id): logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info( "Checking permission for [{}] username with [{}] permission".format( request.user, 'CAN_BLOCK_AGENT_CHANNELS')) if not check_permissions_by_user(request.user, 'CAN_BLOCK_AGENT_CHANNELS'): return {"status": 1, "msg": ''} logger.info('========== Start grant access to channel ==========') url = settings.DOMAIN_NAMES + api_settings.CHANNEL_GRANT_PERMISSION.format( channel_id=channel_id) params = { 'shop_id': shop_id, 'user_id': agent_id, 'user_type': { 'id': 2, 'name': 'agent' } } result = ajax_functions._post_method(request, url, "", logger, params) logger.info('========== Finish grant access to channel ==========') return result
def post(self, request, *args, **kwargs): if not check_permissions_by_user(request.user, 'SYS_ADD_COMPANY_BALANCE'): raise PermissionDeniedException() new_company_balance = request.POST.get('new_company_balance') amount = request.POST.get('adding_balance') string_amount = amount if isinstance(amount, str): amount = amount.replace(',', '') currency = request.POST.get('currency') data = {'amount': amount} response, success = self._add_company_balance(currency, data) if success: messages.add_message( request, messages.SUCCESS, 'Added balance successfully' ) return redirect(request.META['HTTP_REFERER']) else: messages.add_message( request, messages.ERROR, response ) context = self._build_context(request) context['new_company_balance'] = new_company_balance context['string_amount'] = string_amount context['selected_currency'] = currency return render(request, self.template_name, context)
def _get_card_design_detail(self, provider_id, card_id): self.logger.info( '========== Start getting card design detail ==========') is_permission_edit = check_permissions_by_user(self.request.user, 'SYS_EDIT_CARD_DESIGN') url = api_settings.CARD_DESIGN_DETAIL.format(provider_id=provider_id, card_id=card_id) is_success, status_code, data = RestFulClient.get( url=url, headers=self._get_headers(), loggers=self.logger) API_Logger.get_logging(loggers=self.logger, params={}, response=data, status_code=status_code) if is_success: if data is None or data == "": data = {} else: messages.add_message(self.request, messages.ERROR, "Something went wrong") data = {} self.logger.info( '========== Finish getting card design detail ==========') return {"body": data, "is_permission_edit": is_permission_edit}
def get_service_group_list(self): url = SERVICE_GROUP_LIST_URL success, status_code, status_message, data = RestfulHelper.send( "GET", url, {}, self.request, "getting service groups", "data") is_permission_detail = check_permissions_by_user( self.request.user, 'CAN_VIEW_SERVICE_GROUP') is_permission_edit = check_permissions_by_user( self.request.user, 'CAN_EDIT_SERVICE_GROUP') is_permission_delete = check_permissions_by_user( self.request.user, 'CAN_DELETE_SERVICE_GROUP') if success: for i in data: i['is_permission_detail'] = is_permission_detail i['is_permission_edit'] = is_permission_edit i['is_permission_delete'] = is_permission_delete return data
def get_context_data(self, **kwargs): self.logger.info('========== Start get bank list ==========') data, success = self._post_method(self.url, "get bank list", logger) permissions = {} permissions['is_permision_detail'] = check_permissions_by_user( self.request.user, 'SYS_VIEW_DETAIL_BANK') permissions['is_permision_edit'] = check_permissions_by_user( self.request.user, 'SYS_EDIT_BANK') permissions['is_permision_delete'] = check_permissions_by_user( self.request.user, 'SYS_DELETE_BANK') if success: result = {'data': data, 'permissions': permissions} self.logger.info( '========== Finished get get bank list ==========') return result
def upload_form(request): if not check_permissions_by_user(request.user, 'CAN_UPLOAD_VOUCHERS'): return HttpResponse(json.dumps({ 'id': -1, "code": "permission_denied" })) request.upload_handlers.insert(0, ThirdPartyUploadHandler( request)) # place our custom upload in first position return _upload_file_view(request)
def post(self, request, *args, **kwargs): user_id = request.POST.get('user_id') user_type_id = request.POST.get('user_type_id') currency = request.POST.get('currency') opening_page_index = request.POST.get('current_page_index') body = {} if user_id is not '': body['user_id'] = user_id if user_type_id is not '' and user_type_id is not '0': body['user_type'] = int(0 if user_type_id is None else user_type_id) if currency is not '': body['currency'] = currency if 'download' in request.POST: self.logger.info('========== Start export cash source of fund ==========') file_type = request.POST.get('export-type') body['file_type'] = file_type body['row_number'] = 5000 is_success, data = export_file(self, body=body, url_download=CASH_SOFS_URL, api_logger=API_Logger) if is_success: response = make_download_file(data, file_type) self.logger.info('========== End export cash source of fund ==========') return response else: self.logger.info('========== Start search cash source of fund ==========') data, success = self.get_cash_sof_list(body, opening_page_index) if not success: context = { 'sof_list': [], 'user_id': user_id, 'user_type_id': user_type_id, 'currency': currency, 'search_count': 0, 'is_show_export': False } return render(request, self.template_name, context) else: if data is not None: data = self.format_data(data) result_data = data.get('cash_sofs', []) page = data.get("page", {}) self.logger.info('Page: {}'.format(page)) context = { 'sof_list': result_data, 'user_id': user_id, 'user_type_id': user_type_id, 'currency': currency, 'search_count': page.get('total_elements', 0), 'paginator': page, 'page_range': calculate_page_range_from_page_info(page), 'is_show_export': check_permissions_by_user(self.request.user,"CAN_EXPORT_CASH_SOF_INFORMATION") } self.logger.info('========== End search cash source of fund ==========') return render(request, self.template_name, context)
def get(self, request, *args, **kwargs): data = self.get_rule() is_permission_detail = check_permissions_by_user(self.request.user, 'CAN_VIEW_RULE_DETAILS') is_permission_update_status = check_permissions_by_user(self.request.user, 'CAN_ENABLE_DISABLE_RULE') for i in data: i['is_permission_detail'] = is_permission_detail i['is_permission_update_status'] = is_permission_update_status status_list = self._get_status_list() permissions = {} permissions['CAN_VIEW_RULE_DETAILS'] = check_permissions_by_user(self.request.user, 'CAN_VIEW_RULE_DETAILS') permissions['CAN_CREATE_RULE'] = check_permissions_by_user(self.request.user, 'CAN_CREATE_RULE') context = { 'data': data, 'status_list': status_list, 'permissions': permissions, } return render(request, self.template_name, context)
def upload_form(request): if not check_permissions_by_user(request.user, 'CAN_UPLOAD_BALANCE_ADJUSTMENT'): return HttpResponse(json.dumps({ 'id': -1, "code": "permission_denied" })) request.upload_handlers.insert(0, ProgressUploadHandler( request)) # place our custom upload in first position return _upload_file_view(request)
def check_membership(self, permission): self.logger.info( "Checking permission for [{}] username with [{}] permission".format(self.request.user, permission)) self.logger.info( "Checking permission for [{}] username with [{}] permission".format(self.request.user, 'CAN_CREATE_RULE')) self.logger.info( "Checking permission for [{}] username with [{}] permission".format(self.request.user, 'CAN_VIEW_RULE_DETAILS')) self.logger.info( "Checking permission for [{}] username with [{}] permission".format(self.request.user, 'CAN_ENABLE_DISABLE_RULE')) return check_permissions_by_user(self.request.user, permission[0])
def get_context_data(self, **kwargs): self.logger.info('========== Start getting all configuration scope ==========') url = api_settings.SCOPES_URL data, success = self._get_method(url, 'configuration scope', logger) if success: data = {'scopes': data} is_permission_config_scope = check_permissions_by_user(self.request.user, "SYS_CONFIGURE_SCOPE") data.update({"is_permission_config_scope": is_permission_config_scope}) self.logger.info('========== Finish getting all configuration scope ==========') return data
def delete_client_by_id(request, client_id): if not check_permissions_by_user(request.user, 'CAN_DELETE_CLIENTS'): return logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info("========== Start deleting client id ==========") url = api_settings.DELETE_CLIENT_URL.format(client_id) result = ajax_functions._delete_method(request, url, "", logger) logger.info('========== Finish deleting client id ==========') return result
def remove(request, token_id): logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info("Checking permission for [{}] username with [{}] permission".format(request.user, 'CAN_REMOVE_TRUST')) if not check_permissions_by_user(request.user, 'CAN_REMOVE_TRUST'): return {"status": 1, "msg": ''} logger.info('========== Start remove trust token ==========') url = settings.DOMAIN_NAMES + api_settings.DELETE_TRUST_TOKEN_API.format(token_id) result = ajax_functions._delete_method(request, url, "", logger, {}) logger.info('========== Finish remove trust token ==========') return result
def delete_relationship(request, relationship_id): logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info("Checking permission for [{}] username with [{}] permission".format(request.user, 'CAN_DELETE_AGENT_RELATIONSHIP')) if not check_permissions_by_user(request.user, 'CAN_DELETE_AGENT_RELATIONSHIP'): return {"status": 1, "msg": ''} logger.info('========== Start delete relationship ==========') url = settings.DOMAIN_NAMES + api_settings.DELETE_RELATIONSHIP.format(relationship_id) result = ajax_functions._delete_method(request, url, "", logger) logger.info('========== Finish delete relationship ==========') return result
def regenerate(request, client_id): if not check_permissions_by_user(request.user, 'CAN_REGENERATE_CLIENTS'): return logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info('========== Start regenerating client secret ==========') url = api_settings.REGENERATE_CLIENT_SECRET_URL.format(client_id) result = ajax_functions._post_method(request, url, "regenerating client secret", logger) logger.info('========== Finish regenerating client secret ==========') return result
def delete(request, categoryId): if not check_permissions_by_user(request.user, 'CAN_DELETE_CATEGORY'): return logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info('========== Start deleting category ==========') url = settings.DOMAIN_NAMES + DELETE_CATEGORY.format( category_id=categoryId) result = ajax_functions._delete_method(request, url, "", logger) logger.info('========== Finish deleting category ==========') return result
def reset_password(request, agent_id, identity_id): if not check_permissions_by_user(request.user, 'CAN_RESETPASSWORD_AGENT'): return logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info('========== Start reset password==========') url = settings.DOMAIN_NAMES + api_settings.AGENT_IDENTITY_RESET_PASSWORD.format(agent_id, identity_id) params = {} result = ajax_functions._post_method(request, url, "", logger, params, timeout=settings.GLOBAL_TIMEOUT) logger.info('========== Finish reset password ==========') return result
def unblock(request, ticket_id): logger = logging.getLogger(__name__) correlation_id = get_correlation_id_from_username(request.user) logger = setup_logger(request, logger, correlation_id) logger.info( "Checking permission for [{}] username with [{}] permission".format( request.user, 'CAN_DELETE_FRAUD_TICKET')) if not check_permissions_by_user(request.user, 'CAN_DELETE_FRAUD_TICKET'): return JsonResponse({"status": 0, "msg": ''}) logger.info('========== Start unblocking device ==========') url = api_settings.DELETE_FRAUD_TICKET.format(ticket_id=ticket_id) result = ajax_functions._delete_method(request, url, "", logger) logger.info('========== Finish unblocking device ==========') return result
def get(self, request, *args, **kwargs): self.logger.info( '========== Start getting list agent smart card ==========') context = super(SmartCardView, self).get_context_data(**kwargs) agent_id = context['agent_id'] agent_smartcard = self._get_agent_smartcard(agent_id) permissions = { 'is_perm_add_smart_card': check_permissions_by_user(self.request.user, "CAN_ADD_AGENT_SMARTCARD"), 'is_perm_del_smart_card': check_permissions_by_user(self.request.user, "CAN_DELETE_AGENT_SMARTCARD"), } context = { "smartcards": agent_smartcard, 'permissions': permissions, 'agent_id': agent_id } self.logger.info( '========== Finished getting agent smartcard ==========') return render(request, self.template_name, context)