def create(request, recipient_id, entity_id, amount): # Check Parameter Value Types recipient_id, success = validate_int(recipient_id) if not success: return cors_response( build_error(API_ERROR.INVALID_PARAMETER, parameter='recipient_id')) entity_id, success = validate_int(entity_id) if not success: return cors_response( build_error(API_ERROR.INVALID_PARAMETER, parameter='entity_id')) amount, success = validate_float(amount) if not success: return cors_response( build_error(API_ERROR.INVALID_PARAMETER, parameter='amount')) if amount <= 0: return cors_response( build_error(API_ERROR.INVALID_PARAMETER, parameter='amount')) # Get entity entity = Entity.objects.filter(pk=entity_id) if len(entity) != 1: return cors_response( build_error(API_ERROR.INVALID_PARAMETER, parameter='entity_id')) entity = entity[0] # Get recipient from entity # (this will also confirm the entity and recipient are linked) recipient = entity.recipient.filter(pk=recipient_id) if len(recipient) != 1: return cors_response( build_error(API_ERROR.INVALID_PARAMETER, parameter='recipient_id')) recipient = recipient[0] payee = recipient.payee if payee is None or payee.userservice is None: return cors_response( build_error(API_ERROR.DONATION.NO_PAYEE)) # Create donation _, checkout_url = payment.registry[payee.userservice.service].donation_create( entity, recipient, payee, amount, base_url=build_url(request), redirect_name='donation-confirm', callback_name='callback-wepay-checkout' ) # Make the checkout_url absolute checkout_url = urlparse.urljoin(build_url(request), checkout_url) if checkout_url: return cors_response(simplejson.dumps({ 'checkout_url': checkout_url, 'success': True })) return cors_response(build_error(API_ERROR.DONATION.SERVICE_FAILED))
def claim(request, recipient_id): recipients = Recipient.objects.all().filter(id=recipient_id) if len(recipients) == 0: return build_error(API_ERROR.INVALID_PARAMETER, recipient_id=recipient_id) elif len(recipients) == 1: if recipients[0].owner is None: if not request.user.is_authenticated(): return build_error(API_ERROR.AUTHENTICATION.NOT_LOGGED_IN) # TODO: Change to manual claim process recipients[0].owner = request.user recipients[0].save() return simplejson.dumps({ 'success': True, 'recipient': { 'id': recipients[0].id, 'slug': recipients[0].slug } }) else: return build_error(API_ERROR.RECIPIENT.ALREADY_CLAIMED) else: return build_error(API_ERROR.INVALID_PARAMETER, recipient_id=recipient_id)
def wrapper(request, *args, **kwargs): if settings.FRUCTUS_DEPLOYMENT == 'OPEN': return function(*args, **kwargs) else: # Cookie auth (API is used on the website) if request.user.is_authenticated() and request.user.is_active: if settings.FRUCTUS_DEPLOYMENT == 'INTERNAL' and request.user.is_staff: return function(*args, request=request, **kwargs) elif settings.FRUCTUS_DEPLOYMENT == 'INVITE': return function(*args, request=request, **kwargs) # deployauth token (API is used remotely) if 'deployauth_token' in kwargs: if deployauth_token_validate(kwargs['deployauth_token']): return function(*args, **kwargs) return build_error(API_ERROR.AUTHENTICATION.DEPLOYAUTH_FAILED)
def search(request, title, limit=10, entities_include=False, entities_limit=5, lookup_type=None, lookup_token=None): results = [] search_type = None if lookup_type is not None and lookup_token is not None: # ------------------------------- # External "lookup" # ------------------------------- search_type = 'lookup' # Check lookup_type is valid lookup_type_valid = False try: for type_id, _ in Recipient.TYPES: if int(lookup_type) == int(type_id): lookup_type_valid = True lookup_type = int(lookup_type) break except ValueError: pass if not lookup_type_valid: print "error" return cors_response(build_error( API_ERROR.INVALID_PARAMETER, parameter='lookup_type' )) # Find the token in our database token = None try: token = Token.objects.filter( token_type=Token.TOKEN_RECIPIENT_LOOKUP, token=lookup_token ) if len(token) == 1: token = token[0] else: token = None except Token.DoesNotExist: pass # Check token is still valid if token and token.valid(): token.delete() # Token has been used, let's remove it. if 'title' in token.data and token.data['title'] == title: results = entitygen.registry[lookup_type].recipient_create( token.data['title'], limit=9 ) else: return cors_response( build_error(API_ERROR.RECIPIENT.LOOKUP_TOKEN_INVALID)) else: return cors_response( build_error(API_ERROR.RECIPIENT.LOOKUP_TOKEN_INVALID)) else: # ------------------------------- # Direct database "search" # ------------------------------- search_type = 'search' results = Recipient.objects.all().filter( s_title__ilike='%' + search_like(title) + '%' )[:limit] # Append dicts of recipient results items = [] for recipient in results: items.append(recipient.dict( entities_include=entities_include, entities_filter={'parent': None}, entities_limit=entities_limit, check_owner=request.user )) # Build result dict result_dict = { 'success': True, 'items': items } # Create a Token (with a 10 min expire) that can be used for lookups if search_type == 'search': token = Token.objects.create( token_type=Token.TOKEN_RECIPIENT_LOOKUP, expire=datetime.datetime.now( tz=pytz.utc ) + datetime.timedelta(minutes=1), data={ 'title': title } ) result_dict['lookup_token'] = token.token # Return our response return cors_response(simplejson.dumps(result_dict))