Пример #1
0
def get_express_checkout_details(token):
	try:
		doc = dataent.get_doc("PayPal Settings")
		doc.setup_sandbox_env(token)

		params, url = doc.get_paypal_params_and_url()
		params.update({
			"METHOD": "GetExpressCheckoutDetails",
			"TOKEN": token
		})

		response = make_post_request(url, data=params)

		if response.get("ACK")[0] != "Success":
			dataent.respond_as_web_page(_("Something went wrong"),
				_("Looks like something went wrong during the transaction. Since we haven't confirmed the payment, Paypal will automatically refund you this amount. If it doesn't, please send us an email and mention the Correlation ID: {0}.").format(response.get("CORRELATIONID", [None])[0]),
				indicator_color='red',
				http_status_code=dataent.ValidationError.http_status_code)

			return

		doc = dataent.get_doc("Integration Request", token)
		update_integration_request_status(token, {
				"payerid": response.get("PAYERID")[0],
				"payer_email": response.get("EMAIL")[0]
			}, "Authorized", doc=doc)

		dataent.local.response["type"] = "redirect"
		dataent.local.response["location"] = get_redirect_uri(doc, token, response.get("PAYERID")[0])

	except Exception:
		dataent.log_error(dataent.get_traceback())
Пример #2
0
def execute_cmd(cmd, from_async=False):
    """execute a request as python module"""
    for hook in dataent.get_hooks("override_whitelisted_methods",
                                  {}).get(cmd, []):
        # override using the first hook
        cmd = hook
        break

    try:
        method = get_attr(cmd)
    except Exception as e:
        if dataent.local.conf.developer_mode:
            raise e
        else:
            dataent.respond_as_web_page(title='Invalid Method',
                                        html='Method not found',
                                        indicator_color='red',
                                        http_status_code=404)
        return

    if from_async:
        method = method.queue

    is_whitelisted(method)

    return dataent.call(method, **dataent.form_dict)
Пример #3
0
def dropbox_auth_finish(return_access_token=False):
	app_details = get_dropbox_settings(redirect_uri=True)
	callback = dataent.form_dict
	close = '<p class="text-muted">' + _('Please close this window') + '</p>'

	dropbox_oauth_flow = dropbox.DropboxOAuth2Flow(
		app_details["app_key"],
		app_details["app_secret"],
		app_details["redirect_uri"],
		{
			'dropbox-auth-csrf-token': callback.state
		},
		"dropbox-auth-csrf-token"
	)

	if callback.state or callback.code:
		token = dropbox_oauth_flow.finish({'state': callback.state, 'code': callback.code})
		if return_access_token and token.access_token:
			return token.access_token, callback.state

		set_dropbox_access_token(token.access_token)
	else:
		dataent.respond_as_web_page(_("Dropbox Setup"),
			_("Illegal Access Token. Please try again") + close,
			indicator_color='red',
			http_status_code=dataent.AuthenticationError.http_status_code)

	dataent.respond_as_web_page(_("Dropbox Setup"),
		_("Dropbox access is approved!") + close,
		indicator_color='green')
Пример #4
0
def return_success_page(doc):
    dataent.respond_as_web_page(_("Success"),
                                _("{0}: {1} is set to state {2}".format(
                                    doc.get('doctype'),
                                    dataent.bold(doc.get('name')),
                                    dataent.bold(
                                        get_doc_workflow_state(doc)))),
                                indicator_color='green')
Пример #5
0
def return_link_expired_page(doc, doc_workflow_state):
    dataent.respond_as_web_page(
        _("Link Expired"),
        _("Document {0} has been set to state {1} by {2}".format(
            dataent.bold(doc.get('name')), dataent.bold(doc_workflow_state),
            dataent.bold(
                dataent.get_value('User', doc.get("modified_by"),
                                  'full_name')))),
        indicator_color='blue')
Пример #6
0
def login_via_token(login_token):
	sid = dataent.cache().get_value("login_token:{0}".format(login_token), expires=True)
	if not sid:
		dataent.respond_as_web_page(_("Invalid Request"), _("Invalid Login Token"), http_status_code=417)
		return

	dataent.local.form_dict.sid = sid
	dataent.local.login_manager = LoginManager()

	redirect_post_login(desk_user = dataent.db.get_value("User", dataent.session.user, "user_type")=="System User")
Пример #7
0
def handle_session_stopped():
    dataent.respond_as_web_page(
        _("Updating"),
        _("Your system is being updated. Please refresh again after a few moments"
          ),
        http_status_code=503,
        indicator_color='orange',
        fullpage=True,
        primary_action=None)
    return dataent.website.render.render("message", http_status_code=503)
Пример #8
0
def callback(*args, **kwargs):
	migrator = dataent.get_doc("QuickBooks Migrator")
	migrator.set_indicator("Connecting to QuickBooks")
	migrator.code = kwargs.get("code")
	migrator.quickbooks_company_id = kwargs.get("realmId")
	migrator.save()
	migrator.get_tokens()
	dataent.db.commit()
	migrator.set_indicator("Connected to QuickBooks")
	# We need this page to automatically close afterwards
	dataent.respond_as_web_page("Quickbooks Authentication", html="<script>window.close()</script>")
Пример #9
0
def get_checkout_url(**kwargs):
	try:
		if kwargs.get('payment_gateway'):
			doc = dataent.get_doc("{0} Settings".format(kwargs.get('payment_gateway')))
			return doc.get_payment_url(**kwargs)
		else:
			raise Exception
	except Exception:
		dataent.respond_as_web_page(_("Something went wrong"),
			_("Looks like something is wrong with this site's payment gateway configuration. No payment has been made."),
			indicator_color='red',
			http_status_code=dataent.ValidationError.http_status_code)
Пример #10
0
def get_payment_url(doc, method):
    if doc.docstatus == 1:
        if doc.payment_gateway == "Razorpay":
            dataent.local.response["type"] = "redirect"
            dataent.local.response[
                "location"] = "./razorpay_checkout?payment_request={0}".format(
                    doc.name)
    else:
        dataent.respond_as_web_page(
            _("Invalid Payment Request"),
            _("Payment Request has been canceled by vendor"),
            success=False,
            http_status_code=dataent.ValidationError.http_status_code)
Пример #11
0
def sign_up(email, full_name, redirect_to):
    if not is_signup_enabled():
        dataent.throw(_('Sign Up is disabled'), title='Not Allowed')

    user = dataent.db.get("User", {"email": email})
    if user:
        if user.disabled:
            return 0, _("Registered but disabled")
        else:
            return 0, _("Already Registered")
    else:
        if dataent.db.sql("""select count(*) from tabUser where
			HOUR(TIMEDIFF(CURRENT_TIMESTAMP, TIMESTAMP(modified)))=1""")[0][0] > 300:

            dataent.respond_as_web_page(
                _('Temperorily Disabled'),
                _('Too many users signed up recently, so the registration is disabled. Please try back in an hour'
                  ),
                http_status_code=429)

        from dataent.utils import random_string
        user = dataent.get_doc({
            "doctype": "User",
            "email": email,
            "first_name": full_name,
            "enabled": 1,
            "new_password": random_string(10),
            "user_type": "Website User"
        })
        user.flags.ignore_permissions = True
        user.insert()

        # set default signup role as per Portal Settings
        default_role = dataent.db.get_value("Portal Settings", None,
                                            "default_role")
        if default_role:
            user.add_roles(default_role)

        if redirect_to:
            dataent.cache().hset('redirect_after_login', user.name,
                                 redirect_to)

        if user.flags.email_sent:
            return 1, _("Please check your email for verification")
        else:
            return 2, _("Please ask your administrator to verify your sign-up")
Пример #12
0
def authorize(*args, **kwargs):
	#Fetch provider URL from settings
	oauth_settings = get_oauth_settings()
	params = get_urlparams_from_kwargs(kwargs)
	request_url = urlparse(dataent.request.url)
	success_url = request_url.scheme + "://" + request_url.netloc + "/api/method/dataent.integrations.oauth2.approve?" + params
	failure_url = dataent.form_dict["redirect_uri"] + "?error=access_denied"

	if dataent.session['user']=='Guest':
		#Force login, redirect to preauth again.
		dataent.local.response["type"] = "redirect"
		dataent.local.response["location"] = "/login?redirect-to=/api/method/dataent.integrations.oauth2.authorize?" + quote(params.replace("+"," "))

	elif dataent.session['user']!='Guest':
		try:
			r = dataent.request
			uri = url_fix(r.url)
			http_method = r.method
			body = r.get_data()
			headers = r.headers

			scopes, dataent.flags.oauth_credentials = get_oauth_server().validate_authorization_request(uri, http_method, body, headers)

			skip_auth = dataent.db.get_value("OAuth Client", dataent.flags.oauth_credentials['client_id'], "skip_authorization")
			unrevoked_tokens = dataent.get_all("OAuth Bearer Token", filters={"status":"Active"})

			if skip_auth or (oauth_settings["skip_authorization"] == "Auto" and len(unrevoked_tokens)):

				dataent.local.response["type"] = "redirect"
				dataent.local.response["location"] = success_url
			else:
				#Show Allow/Deny screen.
				response_html_params = dataent._dict({
					"client_id": dataent.db.get_value("OAuth Client", kwargs['client_id'], "app_name"),
					"success_url": success_url,
					"failure_url": failure_url,
					"details": scopes
				})
				resp_html = dataent.render_template("templates/includes/oauth_confirmation.html", response_html_params)
				dataent.respond_as_web_page("Confirm Access", resp_html)

		except FatalClientError as e:
			return e
		except OAuth2Error as e:
			return e
Пример #13
0
def confirm_subscription(email):
	if not verify_request():
		return

	if not dataent.db.exists("Email Group", _("Website")):
		dataent.get_doc({
			"doctype": "Email Group",
			"title": _("Website")
		}).insert(ignore_permissions=True)


	dataent.flags.ignore_permissions = True

	add_subscribers(_("Website"), email)
	dataent.db.commit()

	dataent.respond_as_web_page(_("Confirmed"),
		_("{0} has been successfully added to the Email Group.").format(email),
		indicator_color='green')
Пример #14
0
def return_action_confirmation_page(doc,
                                    action,
                                    action_link,
                                    alert_doc_change=False):
    template_params = {
        'title': doc.get('name'),
        'doctype': doc.get('doctype'),
        'docname': doc.get('name'),
        'action': action,
        'action_link': action_link,
        'alert_doc_change': alert_doc_change
    }

    template_params['pdf_link'] = get_pdf_link(doc.get('doctype'),
                                               doc.get('name'))

    dataent.respond_as_web_page(None,
                                None,
                                indicator_color="blue",
                                template="confirm_workflow_action",
                                context=template_params)
Пример #15
0
    def build_response(self):
        self.writer = UnicodeWriter()
        self.name_field = 'parent' if self.parent_doctype != self.doctype else 'name'

        if self.template:
            self.add_main_header()

        self.writer.writerow([''])
        self.tablerow = [self.data_keys.doctype]
        self.labelrow = [_("Column Labels:")]
        self.fieldrow = [self.data_keys.columns]
        self.mandatoryrow = [_("Mandatory:")]
        self.typerow = [_('Type:')]
        self.inforow = [_('Info:')]
        self.columns = []

        self.build_field_columns(self.doctype)

        if self.all_doctypes:
            for d in self.child_doctypes:
                self.append_empty_field_column()
                if (self.select_columns and self.select_columns.get(
                        d['doctype'], None)) or not self.select_columns:
                    # if atleast one column is selected for this doctype
                    self.build_field_columns(d['doctype'], d['parentfield'])

        self.add_field_headings()
        self.add_data()
        if self.with_data and not self.data:
            dataent.respond_as_web_page(_('No Data'),
                                        _('There is no data to be exported'),
                                        indicator_color='orange')

        if self.file_type == 'Excel':
            self.build_response_as_excel()
        else:
            # write out response as a type csv
            dataent.response['result'] = cstr(self.writer.getvalue())
            dataent.response['type'] = 'csv'
            dataent.response['doctype'] = self.doctype
Пример #16
0
def verify_request():
    """Verify if the incoming signed request if it is correct."""
    query_string = dataent.safe_decode(dataent.local.flags.signed_query_string or \
     getattr(dataent.request, 'query_string', None))

    valid = False

    signature_string = '&_signature='
    if signature_string in query_string:
        params, signature = query_string.split(signature_string)

        given_signature = hmac.new(params.encode('utf-8'))

        given_signature.update(get_secret().encode())
        valid = signature == given_signature.hexdigest()

    if not valid:
        dataent.respond_as_web_page(
            _("Invalid Link"),
            _("This link is invalid or expired. Please make sure you have pasted correctly."
              ))

    return valid
Пример #17
0
def return_unsubscribed_page(email, name):
	dataent.respond_as_web_page(_("Unsubscribed from Newsletter"),
		_("<b>{0}</b> has been successfully unsubscribed from this mailing list.").format(email, name), indicator_color='green')
Пример #18
0
def return_confirmation_page(email, name, primary_action):
	dataent.respond_as_web_page(_("Unsubscribe from Newsletter"),_("Do you want to unsubscribe from this mailing list?"),
		indicator_color="blue", primary_label = _("Unsubscribe"), primary_action=primary_action)
Пример #19
0
def web_logout():
    dataent.local.login_manager.logout()
    dataent.db.commit()
    dataent.respond_as_web_page(_("Logged Out"),
                                _("You have been successfully logged out"),
                                indicator_color='green')
Пример #20
0
def return_unsubscribed_page(email, doctype, name):
	dataent.respond_as_web_page(_("Unsubscribed"),
		_("{0} has left the conversation in {1} {2}").format(email, _(doctype), name),
		indicator_color='green')
Пример #21
0
def handle_exception(e):
    response = None
    http_status_code = getattr(e, "http_status_code", 500)
    return_as_message = False

    if dataent.get_request_header('Accept') and (
            dataent.local.is_ajax
            or 'application/json' in dataent.get_request_header('Accept')):
        # handle ajax responses first
        # if the request is ajax, send back the trace or error message
        response = dataent.utils.response.report_error(http_status_code)

    elif (http_status_code == 500 and isinstance(e, pymysql.InternalError)
          and e.args[0] in (ER.LOCK_WAIT_TIMEOUT, ER.LOCK_DEADLOCK)):
        http_status_code = 508

    elif http_status_code == 401:
        dataent.respond_as_web_page(
            _("Session Expired"),
            _("Your session has expired, please login again to continue."),
            http_status_code=http_status_code,
            indicator_color='red')
        return_as_message = True

    elif http_status_code == 403:
        dataent.respond_as_web_page(
            _("Not Permitted"),
            _("You do not have enough permissions to complete the action"),
            http_status_code=http_status_code,
            indicator_color='red')
        return_as_message = True

    elif http_status_code == 404:
        dataent.respond_as_web_page(
            _("Not Found"),
            _("The resource you are looking for is not available"),
            http_status_code=http_status_code,
            indicator_color='red')
        return_as_message = True

    else:
        traceback = "<pre>" + dataent.get_traceback() + "</pre>"
        if dataent.local.flags.disable_traceback:
            traceback = ""

        dataent.respond_as_web_page("Server Error",
                                    traceback,
                                    http_status_code=http_status_code,
                                    indicator_color='red',
                                    width=640)
        return_as_message = True

    if e.__class__ == dataent.AuthenticationError:
        if hasattr(dataent.local, "login_manager"):
            dataent.local.login_manager.clear_cookies()

    if http_status_code >= 500:
        dataent.logger().error('Request Error', exc_info=True)
        make_error_snapshot(e)

    if return_as_message:
        response = dataent.website.render.render(
            "message", http_status_code=http_status_code)

    return response
Пример #22
0
def login_oauth_user(data=None, provider=None, state=None, email_id=None, key=None, generate_login_token=False):
	if not ((data and provider and state) or (email_id and key)):
		dataent.respond_as_web_page(_("Invalid Request"), _("Missing parameters for login"), http_status_code=417)
		return

	_login_oauth_user(data, provider, state, email_id, key, generate_login_token)