def _create_invoice(business: Business, filing: Filing, filing_types: list, user_jwt: JwtManager) \ -> Tuple[int, dict, int]: """Create the invoice for the filing submission. Returns: { int: the paymentToken (id), or None dict: a dict of errors, or None int: the HTTPStatus error code, or None } """ payment_svc_url = current_app.config.get('PAYMENT_SVC_URL') mailing_address = business.mailing_address.one_or_none() payload = { 'paymentInfo': { 'methodOfPayment': 'CC' }, 'businessInfo': { 'businessIdentifier': f'{business.identifier}', 'corpType': f'{business.identifier[:-7]}', 'businessName': f'{business.legal_name}', 'contactInfo': { 'city': mailing_address.city, 'postalCode': mailing_address.postal_code, 'province': mailing_address.region, 'addressLine1': mailing_address.street, 'country': mailing_address.country } }, 'filingInfo': { 'filingTypes': filing_types } } try: token = user_jwt.get_token_auth_header() headers = {'Authorization': 'Bearer ' + token} rv = requests.post(url=payment_svc_url, json=payload, headers=headers, timeout=20.0) except (exceptions.ConnectionError, exceptions.Timeout) as err: current_app.logger.error( f'Payment connection failure for {business.identifier}: filing:{filing.id}', err) return { 'message': 'unable to create invoice for payment.' }, HTTPStatus.PAYMENT_REQUIRED if rv.status_code == HTTPStatus.OK or rv.status_code == HTTPStatus.CREATED: pid = rv.json().get('id') filing.payment_token = pid filing.save() return None, None return { 'message': 'unable to create invoice for payment.' }, HTTPStatus.PAYMENT_REQUIRED
def authorized( # pylint: disable=too-many-return-statements identifier: str, jwt: JwtManager, action: List[str]) -> bool: """Assert that the user is authorized to create filings against the business identifier.""" # if they are registry staff, they are always authorized if not action or not identifier or not jwt: return False if jwt.validate_roles([STAFF_ROLE]) \ or jwt.validate_roles([SYSTEM_ROLE]) \ or jwt.validate_roles([COLIN_SVC_ROLE]): return True if jwt.has_one_of_roles([BASIC_USER, PUBLIC_USER]): # if the action is create_comment or courtOrder/registrarsNotation/registrarsOrder filings # disallow - only staff are allowed staff_only_actions = [ 'add_comment', 'court_order', 'registrars_notation', 'registrars_order' ] if any(elem in action for elem in staff_only_actions): return False template_url = current_app.config.get('AUTH_SVC_URL') auth_url = template_url.format(**vars()) token = jwt.get_token_auth_header() headers = {'Authorization': 'Bearer ' + token} try: http = Session() retries = Retry(total=5, backoff_factor=0.1, status_forcelist=[500, 502, 503, 504]) http.mount('http://', HTTPAdapter(max_retries=retries)) rv = http.get(url=auth_url, headers=headers) if rv.status_code != HTTPStatus.OK \ or not rv.json().get('roles'): return False if all(elem.lower() in rv.json().get('roles') for elem in action): return True except ( exceptions.ConnectionError, # pylint: disable=broad-except exceptions.Timeout, ValueError, Exception) as err: current_app.logger.error( f'template_url {template_url}, svc:{auth_url}') current_app.logger.error( f'Authorization connection failure for {identifier}, using svc:{auth_url}', err) return False return False
def authorized_token( # pylint: disable=too-many-return-statements identifier: str, jwt: JwtManager, action: List[str]) -> bool: """Assert that the user is authorized to submit API requests for a particular action.""" if not action or not identifier or not jwt: return False # All users including staff must have the PPR role. if not jwt.validate_roles([PPR_ROLE]): return False if jwt.has_one_of_roles([BASIC_USER, PRO_DATA_USER]): template_url = current_app.config.get('AUTH_SVC_URL') auth_url = template_url.format(**vars()) token = jwt.get_token_auth_header() headers = {'Authorization': 'Bearer ' + token} try: http = Session() retries = Retry(total=5, backoff_factor=0.1, status_forcelist=[500, 502, 503, 504]) http.mount('http://', HTTPAdapter(max_retries=retries)) rv = http.get(url=auth_url, headers=headers) if rv.status_code != HTTPStatus.OK \ or not rv.json().get('roles'): return False if all(elem.lower() in rv.json().get('roles') for elem in action): return True except ( exceptions.ConnectionError, # pylint: disable=broad-except exceptions.Timeout, ValueError, Exception) as err: current_app.logger.error( f'template_url {template_url}, svc:{auth_url}') current_app.logger.error( f'Authorization connection failure for {identifier}, using svc:{auth_url}', err) return False return False
def check_auth(business_identifier: str, jwt: JwtManager, **kwargs): """Authorize the user for the business entity.""" bearer_token = jwt.get_token_auth_header() if jwt else None auth_url = current_app.config.get( 'AUTH_API_ENDPOINT') + f'entities/{business_identifier}/authorizations' auth_response = RestService.get(auth_url, bearer_token, AuthHeaderType.BEARER, ContentType.JSON) is_authorized: bool = False if auth_response: roles: list = auth_response.json().get('roles', []) if kwargs.get('one_of_roles', None): is_authorized = list(set(kwargs.get('one_of_roles')) & set(roles)) != [] if kwargs.get('contains_role', None): is_authorized = kwargs.get('contains_role') in roles if not is_authorized: abort(403)
def _create_invoice(business: Business, # pylint: disable=too-many-locals filing: Filing, filing_types: list, user_jwt: JwtManager, payment_account_id: str = None) \ -> Tuple[int, dict, int]: """Create the invoice for the filing submission. Returns: { int: the paymentToken (id), or None dict: a dict of errors, or None int: the HTTPStatus error code, or None } """ payment_svc_url = current_app.config.get('PAYMENT_SVC_URL') if filing.filing_type == Filing.FILINGS[ 'incorporationApplication'].get('name'): mailing_address = Address.create_address( filing.json['filing']['incorporationApplication']['offices'] ['registeredOffice']['mailingAddress']) corp_type = filing.json['filing']['business'].get( 'legalType', Business.LegalTypes.BCOMP.value) try: business.legal_name = filing.json['filing'][ 'incorporationApplication']['nameRequest']['legalName'] except KeyError: business.legal_name = business.identifier else: mailing_address = business.mailing_address.one_or_none() corp_type = business.legal_type if business.legal_type else \ filing.json['filing']['business'].get('legalType') payload = { 'businessInfo': { 'businessIdentifier': f'{business.identifier}', 'corpType': f'{corp_type}', 'businessName': f'{business.legal_name}', 'contactInfo': { 'city': mailing_address.city, 'postalCode': mailing_address.postal_code, 'province': mailing_address.region, 'addressLine1': mailing_address.street, 'country': mailing_address.country } }, 'filingInfo': { 'filingTypes': filing_types } } folio_number = filing.json['filing']['header'].get('folioNumber', None) if folio_number: payload['filingInfo']['folioNumber'] = folio_number if user_jwt.validate_roles([STAFF_ROLE]) or \ user_jwt.validate_roles([SYSTEM_ROLE]): account_info = {} routing_slip_number = get_str(filing.filing_json, 'filing/header/routingSlipNumber') if routing_slip_number: account_info['routingSlip'] = routing_slip_number bcol_account_number = get_str(filing.filing_json, 'filing/header/bcolAccountNumber') if bcol_account_number: account_info['bcolAccountNumber'] = bcol_account_number dat_number = get_str(filing.filing_json, 'filing/header/datNumber') if dat_number: account_info['datNumber'] = dat_number if account_info: payload['accountInfo'] = account_info try: token = user_jwt.get_token_auth_header() headers = { 'Authorization': 'Bearer ' + token, 'Content-Type': 'application/json' } rv = requests.post(url=payment_svc_url, json=payload, headers=headers, timeout=20.0) except (exceptions.ConnectionError, exceptions.Timeout) as err: current_app.logger.error( f'Payment connection failure for {business.identifier}: filing:{filing.id}', err) return { 'message': 'unable to create invoice for payment.' }, HTTPStatus.PAYMENT_REQUIRED if rv.status_code in (HTTPStatus.OK, HTTPStatus.CREATED): pid = rv.json().get('id') filing.payment_token = pid filing.payment_status_code = rv.json().get('statusCode', '') filing.payment_account = payment_account_id filing.save() return { 'isPaymentActionRequired': rv.json().get('isPaymentActionRequired', False) }, HTTPStatus.CREATED if rv.status_code == HTTPStatus.BAD_REQUEST: # Set payment error type used to retrieve error messages from pay-api error_type = rv.json().get('type') filing.payment_status_code = error_type filing.save() return { 'payment_error_type': error_type, 'message': rv.json().get('detail') }, HTTPStatus.PAYMENT_REQUIRED return { 'message': 'unable to create invoice for payment.' }, HTTPStatus.PAYMENT_REQUIRED
def _create_invoice(business: Business, filing: Filing, filing_types: list, user_jwt: JwtManager) \ -> Tuple[int, dict, int]: """Create the invoice for the filing submission. Returns: { int: the paymentToken (id), or None dict: a dict of errors, or None int: the HTTPStatus error code, or None } """ payment_svc_url = current_app.config.get('PAYMENT_SVC_URL') if filing.filing_type == Filing.FILINGS[ 'incorporationApplication'].get('name'): mailing_address = Address.create_address( filing.json['filing']['incorporationApplication']['offices'] ['registeredOffice']['mailingAddress']) corp_type = filing.json['filing']['incorporationApplication'][ 'nameRequest']['legalType'] else: mailing_address = business.mailing_address.one_or_none() corp_type = business.identifier[:-7] payload = { 'paymentInfo': { 'methodOfPayment': 'CC' }, 'businessInfo': { 'businessIdentifier': f'{business.identifier}', 'corpType': f'{corp_type}', 'businessName': f'{business.legal_name}', 'contactInfo': { 'city': mailing_address.city, 'postalCode': mailing_address.postal_code, 'province': mailing_address.region, 'addressLine1': mailing_address.street, 'country': mailing_address.country } }, 'filingInfo': { 'filingTypes': filing_types } } if user_jwt.validate_roles([STAFF_ROLE]): routing_slip_number = get_str(filing.filing_json, 'filing/header/routingSlipNumber') if routing_slip_number: payload['accountInfo'] = {'routingSlip': routing_slip_number} try: token = user_jwt.get_token_auth_header() headers = { 'Authorization': 'Bearer ' + token, 'Content-Type': 'application/json' } rv = requests.post(url=payment_svc_url, json=payload, headers=headers, timeout=20.0) except (exceptions.ConnectionError, exceptions.Timeout) as err: current_app.logger.error( f'Payment connection failure for {business.identifier}: filing:{filing.id}', err) return { 'message': 'unable to create invoice for payment.' }, HTTPStatus.PAYMENT_REQUIRED if rv.status_code == HTTPStatus.OK or rv.status_code == HTTPStatus.CREATED: pid = rv.json().get('id') filing.payment_token = pid filing.save() return None, None if rv.status_code == HTTPStatus.BAD_REQUEST: return { 'code': rv.json().get('code'), 'message': rv.json().get('message') }, HTTPStatus.PAYMENT_REQUIRED return { 'message': 'unable to create invoice for payment.' }, HTTPStatus.PAYMENT_REQUIRED
def create_receipt(payment_identifier: str, invoice_identifier: str, filing_data: Tuple[Dict[str, Any]], jwt: JwtManager = None, skip_auth_check: bool = False): """Create receipt.""" current_app.logger.debug('<create receipt initiated', payment_identifier, invoice_identifier) bearer_token = jwt.get_token_auth_header() if jwt else None receipt_dict = { 'templateVars': { 'lineItems': [], }, 'templateName': 'payment_receipt_coops', 'reportName': 'payment_receipt_coops' } template_vars = receipt_dict['templateVars'] template_vars['coopsName'] = filing_data.get('corpName') template_vars['filingDateTime'] = filing_data.get('filingDateTime') # inovice number not mandatory ;since only one invoice exist for a payment now if not invoice_identifier: invoice_data = Invoice.find_by_payment_identifier( payment_identifier, jwt=jwt, skip_auth_check=skip_auth_check).asdict() else: invoice_data = Invoice.find_by_id( invoice_identifier, payment_identifier, jwt=jwt, skip_auth_check=skip_auth_check).asdict() template_vars['incorporationNumber'] = invoice_data['created_by'] template_vars['paymentInvoiceNumber'] = invoice_data['invoice_number'] if 'receipts' not in invoice_data: raise BusinessException(Error.PAY999) template_vars['receiptNumber'] = invoice_data['receipts'][0][ 'receipt_number'] for line_item in invoice_data['line_items']: template_vars['lineItems'].append({ 'description': line_item['description'], 'filingFees': '{:.2f}'.format(line_item['total']) }) template_vars['lineItems'].append({ 'description': 'Total', 'filingFees': '{:.2f}'.format(invoice_data['total']) }) current_app.logger.debug('<OAuthService invoked from receipt.py', current_app.config.get('REPORT_API_BASE_URL')) pdf_response = OAuthService.post( current_app.config.get('REPORT_API_BASE_URL'), bearer_token, AuthHeaderType.BEARER, ContentType.JSON, receipt_dict) current_app.logger.debug('<OAuthService responded to receipt.py') return pdf_response