def safe_member_lookup(condition): member = Member.exclude_deleted().filter(condition).one_or_none() if member is None: raise HttpBadRequest() if not member.is_active: raise HttpConflict(reason='user-deactivated') return member
def reject(self, shetab_address_id: int): bank_card = BankCard.query.filter( BankCard.id == shetab_address_id).one_or_none() if bank_card is None: raise HttpNotFound() if bank_card.is_verified is True: raise HttpConflict('Already accepted') bank_card.error = context.form.get('error') return bank_card
def reject(self, bank_account_id: int): sheba_address = BankAccount.query.filter( BankAccount.id == bank_account_id).one_or_none() if sheba_address is None: raise HttpNotFound() if sheba_address.is_verified is True: raise HttpConflict('Already accepted') sheba_address.error = context.form.get('error') return sheba_address
def close(self, ticket_id: int): ticket = Ticket.query.filter(Ticket.id == ticket_id) if context.identity.is_in_roles('client'): ticket = ticket.filter(Ticket.member_id == context.identity.id) ticket = ticket.one_or_none() if ticket is None: raise HttpNotFound('Ticket not found') if ticket.is_closed is False: ticket.is_closed = True else: raise HttpConflict('Ticket already closed') return ticket
def on_delete(mapper, connection, target): raise HttpConflict('Cannot remove this object: %s' % target)
def create(self): # TODO: Add some salt to prevent man in the middle (Extra field to send on creation and check on verification, # Use description part) amount = context.form.get('amount') shetab_address_id = context.form.get('shetabAddressId') # Check deposit range payment_gateway = PaymentGateway.query.filter( PaymentGateway.name == context.form.get( 'paymentGatewayName')).one_or_none() amount = payment_gateway.fiat.input_to_normalized(amount) # TODO: More strict check and review how we control payment gateways if (payment_gateway is None) or (payment_gateway.fiat_symbol not in ['IRR', 'TIRR']): raise HttpBadRequest('Bad payment gateway') Fiat.query.filter(Fiat.symbol == payment_gateway.fiat_symbol).one() if (payment_gateway.cashin_max != Decimal(0) and amount > payment_gateway.cashin_max) \ or amount < payment_gateway.cashin_min: raise HttpBadRequest('Amount is not between valid cashin range.') # Check sheba target_shetab = BankCard.query \ .filter(BankCard.id == shetab_address_id) \ .filter(BankCard.client_id == context.identity.id) \ .one_or_none() if target_shetab is None: raise HttpBadRequest('Shetab address not found.') if target_shetab.is_verified is False: raise HttpConflict('Shetab address is not verified.') # Check commission commission = payment_gateway.calculate_cashin_commission(amount) if commission >= amount: raise HttpConflict('Commission is more than the amount') shaparak_in = Cashin() shaparak_in.member_id = context.identity.id shaparak_in.fiat_symbol = payment_gateway.fiat_symbol shaparak_in.amount = amount shaparak_in.commission = commission shaparak_in.banking_id = target_shetab shaparak_in.transaction_id = '' shaparak_in.payment_gateway_name = payment_gateway.name DBSession.add(shaparak_in) DBSession.flush() shaparak_provider = create_shaparak_provider() try: shaparak_in.transaction_id = shaparak_provider.create_transaction( batch_id=shaparak_in.id, amount=amount) except ShaparakError: raise HttpBadRequest('Transaction could not be created') return shaparak_in
def schedule(self): amount = context.form.get('amount') sheba_address_address_id = context.form.get('shebaAddressId') # Check cashout range payment_gateway = PaymentGateway.query.filter( PaymentGateway.name == context.form.get( 'paymentGatewayName')).one() amount = payment_gateway.fiat.input_to_normalized(amount) # TODO: More strict check and review how we control payment gateways if (payment_gateway is None) or (payment_gateway.fiat_symbol not in ['IRR', 'TIRR']): raise HttpBadRequest('Bad payment gateway') Fiat.query.filter(Fiat.symbol == payment_gateway.fiat_symbol).one() if (payment_gateway.cashout_max != Decimal(0) and amount > payment_gateway.cashout_max) or \ amount < payment_gateway.cashout_min: raise HttpBadRequest('Amount is not between valid cashout range.') commission = payment_gateway.calculate_cashout_commission(amount) # Check balance try: available_balance = Decimal( stexchange_client.balance_query(context.identity.id, payment_gateway.fiat_symbol) [payment_gateway.fiat_symbol]['available']) except StexchangeException as e: raise stexchange_http_exception_handler(e) # FIXME: Think about concurrency if available_balance < amount + commission: raise HttpBadRequest('Not enough balance') # Check sheba target_sheba = BankAccount.query \ .filter(BankAccount.id == sheba_address_address_id) \ .filter(BankAccount.client_id == context.identity.id) \ .one_or_none() if target_sheba is None: raise HttpBadRequest('Sheba address not found.') if target_sheba.is_verified is False: raise HttpConflict('Sheba address is not verified.') shaparak_out = Cashout() shaparak_out.fiat_symbol = payment_gateway.fiat_symbol shaparak_out.member_id = context.identity.id shaparak_out.amount = amount shaparak_out.commission = commission shaparak_out.banking_id_id = sheba_address_address_id shaparak_out.payment_gateway_name = payment_gateway.name # FIXME DBSession.add(shaparak_out) # Set new balance try: stexchange_client.balance_update( user_id=shaparak_out.member_id, asset=payment_gateway.fiat_symbol, # FIXME business='cashout', # FIXME business_id=shaparak_out.id, change= f'-{payment_gateway.fiat.format_normalized_string(amount + commission)}', # FIXME Prevent negative amounts detail=shaparak_out.to_dict(), ) # FIXME: Important !!!! : rollback the updated balance if # DBSession.commit() was not successful except StexchangeException as e: raise stexchange_http_exception_handler(e) return shaparak_out