示例#1
0
def login_view(request):
	if request.user.is_authenticated:
		if request.user.has_perm('BankingSystem.user_operations'):
			return custom_redirect("dashboard", success='Welcome.')
		if request.user.has_perm('BankingSystem.employee_operations'):
			return custom_redirect("employee_dashboard", success='Welcome.')
		return redirect("index")

	fields = {
		'authentication_error': ''
	}
	if request.method != 'POST':
		return render(request, 'login.html', fields)
	username = do_get(request.POST, 'username')
	password = do_get(request.POST, 'password')
	user = authenticate(request, username=username, password=password)
	if user is not None:
		login(request, user)
		if user.has_perm('BankingSystem.user_operations'):
			return custom_redirect("dashboard", success='Successfully logged in.')
		if user.has_perm('BankingSystem.employee_operations'):
			return custom_redirect("employee_dashboard", success='Successfully logged in.')
		return redirect('index')
	else:
		fields['authentication_error'] = 'Invalid username/password'
	return render(request, 'login.html', fields)
示例#2
0
def debit_credit(request):
    fields = {
        'accounts': request.user.profile.account_set.all(),
        'username': request.user.username,
        'error': '',
    }
    if request.method != 'POST':
        return render(request, 'debit_credit.html', fields)

    account = do_get(request.POST, 'account')
    transaction_type = do_get(
        request.POST, 'debit_or_credit')  # Whether Debit or Credit transaction
    pref_employee = do_get(request.POST, 'preferred_employee')
    amount = do_get(request.POST, 'amount')
    try:
        if transaction_type == "debit":
            transaction = Transactions.create(Transactions.TYPE_DEBIT,
                                              request.user, account, None,
                                              amount, pref_employee)
        elif transaction_type == "credit":
            transaction = Transactions.create(Transactions.TYPE_CREDIT,
                                              request.user, None, account,
                                              amount, pref_employee)
        else:
            raise BankingException('Invalid request')
    except BankingException as e:
        fields['error'] = e.message
        return render(request, 'debit_credit.html', fields)
    return redirect("transaction_confirmation", transaction_id=transaction.id)
示例#3
0
def make_transactions(request):
    fields = {
        'username':
        request.user.username,
        'error':
        '',
        'has_perm_view_critical_transactions':
        request.user.has_perm('BankingSystem.view_critical_transactions'),
        'has_perm_create_payments':
        request.user.has_perm('BankingSystem.create_payments'),
        'accounts':
        request.user.profile.account_set.all()
    }
    if request.method != 'POST':
        return render(request, 'make_transactions.html', fields)
    sender_account_number = do_get(request.POST, 'sender_account_number')
    receiver_account_number = do_get(request.POST, 'receiver_account_number')
    amount = do_get(request.POST, 'amount')
    try:
        transaction = Transactions.create(Transactions.TYPE_TRANSACTION,
                                          request.user, sender_account_number,
                                          receiver_account_number, amount)
    except BankingException as e:
        fields['error'] = e.message
        return render(request, 'make_transactions.html', fields)
    return redirect("transaction_confirmation", transaction_id=transaction.id)
示例#4
0
def user_accounts_list(request):
	fields = {
		'redirect_info': do_get(request.GET, 'info'),  # Like already logged in
		'redirect_success': do_get(request.GET, 'success'),  # Like login successful
		'redirect_error': do_get(request.GET, 'error'),  # Generic site error
		'username': request.user.username,
		'users': request.user.profile.employee_ticket.all(),
		'has_perm_employee_operations': request.user.has_perm('BankingSystem.employee_operations'),
	}
	return render(request, 'user_account_list.html', fields)
示例#5
0
def dashboard_internal(request):
	fields = {
		'redirect_info': do_get(request.GET, 'info'),  # Like already logged in
		'redirect_success': do_get(request.GET, 'success'),  # Like login successful
		'redirect_error': do_get(request.GET, 'error'),  # Generic site error
		'error': '',
		'username': request.user.username,
		'has_perm_employee_operations': request.user.has_perm('BankingSystem.employee_operations'),
	}
	return render(request, 'dashboard_internal_user.html', fields)
示例#6
0
def reset_2fa(request):
    fields = {
        'username': request.user.username,
        'redirect_info': do_get(request.GET, 'info'),  # Like already logged in
        'redirect_success': do_get(request.GET,
                                   'success'),  # Like login successful
        'redirect_error': do_get(request.GET, 'error'),  # Generic site error
        'error': '',
        'token_url': request.user.profile.regenerate_totp_seed()
    }

    return render(request, 'reset_2fa.html', fields)
示例#7
0
def approve_transaction_employee(request):
	transactions = map(lambda x: str(x).split(), list(request.user.profile.transactions_set.all()))
	transactions.sort(cmp=lambda x, y: int(y[0]) - int(x[0]))
	fields = {
		'redirect_info': do_get(request.GET, 'info'),  # Like already logged in
		'redirect_success': do_get(request.GET, 'success'),  # Like login successful
		'redirect_error': do_get(request.GET, 'error'),  # Generic site error
		'username': request.user.username,
		'transactions': transactions,
		'has_perm_employee_operations': request.user.has_perm('BankingSystem.employee_operations'),
		'has_perm_view_critical_transactions': request.user.has_perm('BankingSystem.view_critical_transactions'),
	}
	return render(request, 'approve_transaction_employee.html', fields)
示例#8
0
def transaction_confirmation(request, transaction_id):
    transaction = get_object_or_404(Transactions, pk=transaction_id)
    fields = {
        'authentication_error':
        '',
        'username':
        request.user.username,
        'transaction_id':
        transaction.id,
        'error':
        '',
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.view_user_operations'),
        'has_perm_create_payments':
        request.user.has_perm('BankingSystem.create_payments'),
    }

    if request.method != 'POST':
        return render(request, 'transaction_confirmation_otp.html', fields)
    otp = do_get(request.POST, 'otp')
    try:
        transaction.verify_otp(otp)
        if not transaction.is_cash and transaction.amount < Transactions.CRITICAL_LIMIT:
            transaction.process_transaction()
            return custom_redirect(
                "dashboard", success="Successfully processed transaction")
        else:
            return custom_redirect(
                "dashboard",
                info='Transaction will be processed after approval from ' +
                str(transaction.employee))
    except BankingException as e:
        fields['error'] = e.message
        return render(request, 'transaction_confirmation_otp.html', fields)
示例#9
0
def technical_accounts_access(request):
    fields = {
        'error':
        "",
        'username':
        request.user.username,
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.user_operations'),
    }
    if request.method != 'POST':
        return render(request, 'technical_accounts_access.html', fields)
    employee_username = do_get(request.POST, 'employee_username')

    try:
        employee = User.objects.filter(groups__name='Employees').get(
            username=employee_username)
    except:
        fields['error'] = 'No such employee.'
        return render(request, 'technical_accounts_access.html', fields)
    if employee is None:
        fields['error'] = 'No such employee'
        return render(request, 'technical_accounts_access.html', fields)
    request.user.profile.ticket_employee = employee.profile
    request.user.profile.save()
    return custom_redirect('dashboard',
                           success="Employee given access to your account.")
示例#10
0
def approve_payments_for_users(request):
    payments = []
    for account in request.user.profile.account_set.all():
        payments.extend(list(account.payment_user.all()))
    fields = {
        'redirect_info':
        do_get(request.GET, 'info'),  # Like already logged in
        'redirect_success':
        do_get(request.GET, 'success'),  # Like login successful
        'redirect_error':
        do_get(request.GET, 'error'),  # Generic site error
        'payments':
        payments,
        'username':
        request.user.username,
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.user_operations'),
    }
    return render(request, 'approve_payments_for_users.html', fields)
示例#11
0
def create_payment(request):
    fields = {
        'error':
        '',
        'username':
        request.user.username,
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.user_operations'),
        'has_perm_create_payments':
        request.user.has_perm('BankingSystem.create_payments'),
    }
    if request.method != 'POST':
        return render(request, 'create_payment.html', fields)
    payee_account = do_get(request.POST, 'payee_account')
    amount = do_get(request.POST, 'amount')
    try:
        Payments.create(request.user, payee_account, amount)
    except BankingException as e:
        fields['error'] = e.message
        return render(request, 'create_payment.html', fields)
    return custom_redirect('dashboard',
                           success="Payment requested from the user.")
示例#12
0
def dashboard_external(request):
    print request.user
    fields = {
        'username':
        request.user.username,
        'redirect_info':
        do_get(request.GET, 'info'),  # Like already logged in
        'redirect_success':
        do_get(request.GET, 'success'),  # Like login successful
        'redirect_error':
        do_get(request.GET, 'error'),  # Generic site error
        'error':
        '',
        'has_perm_user_operations':
        request.user.has_perm('BankingSystem.user_operations'),
        'has_perm_create_payments':
        request.user.has_perm(
            'BankingSystem.create_payments'),  # check if user is Company
        'accounts':
        request.user.profile.account_set.all()
    }

    return render(request, 'dashboard_external_user.html', fields)