def post(self, user_id): post_data = request.get_json() reset_user_id = post_data.get('user_id') if reset_user_id is not None: user = User.query.get(reset_user_id) if user is None: return make_response( jsonify({ 'message': 'No user found for ID: {}'.format(reset_user_id) })), 404 UserUtils.admin_reset_user_pin(user) response_object = { 'status': 'success', 'message': 'Successfully reset pin for user.', 'data': { 'user': user_schema.dump(user).data } } return make_response(jsonify(response_object)), 200 else: response_object = { 'message': 'No user to reset pin for', } return make_response(jsonify(response_object)), 400
def put(self, user_id): user = User.query.get(user_id) reset_tfa = request.args.get('reset_tfa', False) == 'true' if user is not None: if reset_tfa and AccessControl.has_sufficient_tier( g.user.roles, 'ADMIN', 'sempoadmin'): user.reset_TFA() if reset_tfa and not AccessControl.has_sufficient_tier( g.user.roles, 'ADMIN', 'sempoadmin'): response_object = { 'status': 'fail', 'message': 'Only Sempo admininstrators may reset TFA codes.', } return make_response(jsonify(response_object)), 403 user.reset_password() response_object = { 'status': 'success', 'message': 'Successfully reset password for user.', 'data': { 'user': user_schema.dump(user).data } } return make_response(jsonify(response_object)), 200 else: response_object = { 'message': 'No user to reset password for', } return make_response(jsonify(response_object)), 400
def signin(): json_data = request.get_json() email_or_username = json_data.get("emailOrUsername") password = json_data.get("password") validate = signin_validator(email_or_username, password) """ signin_validator() method validates user signin credits. if validation is a success, it returns three objects: True, errors, user_to_login obj:1: Bolean True: validation is a success obj:2: list of errors. In this case an empty list. obj:3: a user object: used to login the user. if validation fails, it returns also three objects: obj:1: Bolean False: validation is a failure obj:2: list of errors. obj:3: None """ if not validate[0]: return { "code": 400, "message": "Please review the errors", "success": False, "errors": validate[1], }, 400 user = validate[2] login_user(user, remember=True) return { "code": 200, "message": "successfully logged-in", "success": True, "user": user_schema.dump(user), }, 200
def get(self): version = request.args.get('version', 1) if str(version) == '2': user = g.user responseObject = { 'message': 'Successfully Loaded.', 'data': { 'user': user_schema.dump(user).data, } } return make_response(jsonify(responseObject)), 201 user = g.user if user.is_subadmin or user.is_supervendor: # admins and supervendors see all transfers for that transfer account transfer_account = user.transfer_account transfers_query = CreditTransfer.query.filter( or_( CreditTransfer.recipient_transfer_account_id == transfer_account.id, CreditTransfer.sender_transfer_account_id == transfer_account.id)) else: # other users only see transfers involving themselves transfers_query = CreditTransfer.query.filter( or_(CreditTransfer.recipient_user_id == user.id, CreditTransfer.sender_user_id == user.id)) transfers, total_items, total_pages = paginate_query( transfers_query, CreditTransfer) responseObject = { 'message': 'Successfully Loaded.', 'items': total_items, 'pages': total_pages, 'data': { 'user': old_user_schema.dump(user).data, # 'credit_transfers': transfer_list, } } return make_response(jsonify(responseObject)), 201
def put(self, user_id): put_data = request.get_json() first_name = put_data.get('first_name') last_name = put_data.get('last_name') email = put_data.get('email') phone = put_data.get('phone') public_serial_number = put_data.get('public_serial_number') location = put_data.get('location') user = User.query.get(user_id) if not user: response_object = {'message': 'User not found'} return make_response(jsonify(response_object)), 400 if first_name and not first_name == user.first_name: user.first_name = first_name if last_name and not last_name == user.last_name: user.last_name = last_name if email and not email == user.email: user.email = email if phone and not phone == user.phone: user.phone = phone if public_serial_number and not public_serial_number == user.public_serial_number: user.public_serial_number = public_serial_number if location and not location == user.location: user.location = location db.session.commit() responseObject = { 'status': 'success', 'message': 'Successfully Edited User.', 'data': { 'user': user_schema.dump(user).data } } return make_response(jsonify(responseObject)), 201
def user_is_authenticated(id): if id: if current_user.is_authenticated: if current_user.id == int(id): return { "code": 200, "authenticated": True, "message": "User is logged-in", "success": True, "user": user_schema.dump(current_user), }, 200 return { "code": 400, "authenticated": False, "message": "Either user id missing or you are not authenticated.", "success": False, "user": None }, 400
def get(self): user = g.user serialised_data = user_schema.dump(user).data # TODO: Create a better way of having multiple dummy transfer accounts for testing # import copy # new_ta = copy.deepcopy(serialised_data['transfer_accounts'][0]) # new_ta['id'] = new_ta['id'] + 1 # new_ta['balance'] = 99999 # new_ta['token']['id'] = 2 # new_ta['token']['symbol'] = 'GOOP' # # serialised_data['transfer_accounts'].append(new_ta) response_object = { 'message': 'Successfully Loaded.', 'data': { 'user': serialised_data } } return make_response(jsonify(response_object)), 201
def get(self, user_id): role = None if g.user.is_admin: role = 'is_admin' can_see_full_details = role in ['is_admin'] if not can_see_full_details: public_serial_number = request.args.get('public_serial_number') if public_serial_number: user = User.query.filter_by( public_serial_number=public_serial_number.strip()).first() if user: transfer_account = TransferAccount.query.get( user.transfer_account_id) if transfer_account: response_object = { 'message': 'Successfully found transfer account!', 'data': { 'balance': transfer_account.balance } } return make_response(jsonify(response_object)), 201 response_object = { 'message': 'No transfer_account for user: {}'.format(user), } return make_response(jsonify(response_object)), 400 response_object = { 'message': 'No user for public serial number: {}'.format( public_serial_number), } return make_response(jsonify(response_object)), 400 response_object = { 'message': 'No public_serial_number provided', } return make_response(jsonify(response_object)), 400 account_type_filter = request.args.get('account_type') if account_type_filter: account_type_filter = account_type_filter.lower() if user_id: user = User.query.get(user_id) if user is None: response_object = { 'message': 'No such user: {}'.format(user_id), } return make_response(jsonify(response_object)), 400 response_object = { 'status': 'success', 'message': 'Successfully Loaded.', 'data': { 'user': user_schema.dump(user).data } } return make_response(jsonify(response_object)), 201 else: if account_type_filter == 'beneficiary': user_query = User.query.filter(User.is_beneficiary) elif account_type_filter == 'vendor': user_query = User.query.filter(User.is_vendor) elif account_type_filter == 'admin': user_query = User.query.filter(User.is_subadmin).order_by( User.created.desc()) else: user_query = User.query users, total_items, total_pages = paginate_query(user_query, User) if users is None: response_object = { 'message': 'No users', } return make_response(jsonify(response_object)), 400 user_list = users_schema.dump(users).data response_object = { 'message': 'Successfully Loaded.', 'pages': total_pages, 'items': total_items, 'data': { 'users': user_list, } } return make_response(jsonify(response_object)), 201
def proccess_create_or_modify_user_request(attribute_dict, organisation=None, allow_existing_user_modify=False, is_self_sign_up=False, modify_only=False): """ Takes a create or modify user request and determines the response. Normally what's in the top level API function, but here it's one layer down because there's multiple entry points for 'create user': - The admin api - The register api :param attribute_dict: attributes that can be supplied by the request maker :param organisation: what organisation the request maker belongs to. The created user is bound to the same org :param allow_existing_user_modify: whether to return an error when the user already exists for the supplied IDs :param is_self_sign_up: does the request come from the register api? :param modify_only: whether to allow the creation of a new user :return: An http response """ if not attribute_dict.get('custom_attributes'): attribute_dict['custom_attributes'] = {} user_id = attribute_dict.get('user_id') email = attribute_dict.get('email') phone = attribute_dict.get('phone') account_types = attribute_dict.get('account_types', []) if isinstance(account_types, str): account_types = account_types.split(',') referred_by = attribute_dict.get('referred_by') blockchain_address = attribute_dict.get('blockchain_address') provided_public_serial_number = attribute_dict.get('public_serial_number') uuid = attribute_dict.get('uuid') require_identifier = attribute_dict.get('require_identifier', True) if not user_id: # Extract ID from Combined User ID and Name String if it exists try: user_id_name_string = attribute_dict.get('user_id_name_string') user_id_str = user_id_name_string and user_id_name_string.split( ':')[0] if user_id_str: user_id = int(user_id_str) except SyntaxError: pass if not blockchain_address and provided_public_serial_number: try: blockchain_address = to_checksum_address( provided_public_serial_number) # Since it's actually an ethereum address set the provided public serial number to None # so it doesn't get used as a transfer card provided_public_serial_number = None except Exception: pass require_transfer_card_exists = attribute_dict.get( 'require_transfer_card_exists', g.active_organisation.require_transfer_card) public_serial_number = (provided_public_serial_number or attribute_dict.get('payment_card_qr_code') or attribute_dict.get('payment_card_barcode')) location = attribute_dict.get('location') # address location # Yes, we know "GPS" refers to a technology, but "gps_location" is less ambiguous for end users than "geo_location" gps_location = attribute_dict.get( 'gps_location') # geo location as str of lat, lng use_precreated_pin = attribute_dict.get('use_precreated_pin') use_last_4_digits_of_id_as_initial_pin = attribute_dict.get( 'use_last_4_digits_of_id_as_initial_pin') transfer_account_name = attribute_dict.get('transfer_account_name') first_name = attribute_dict.get('first_name') last_name = attribute_dict.get('last_name') business_usage_name = attribute_dict.get('business_usage_name') business_usage_id = None if business_usage_name: usage = TransferUsage.find_or_create(business_usage_name) business_usage_id = usage.id preferred_language = attribute_dict.get('preferred_language') primary_user_identifier = attribute_dict.get('primary_user_identifier') primary_user_pin = attribute_dict.get('primary_user_pin') initial_disbursement = attribute_dict.get('initial_disbursement', None) if not account_types: account_types = ['beneficiary'] roles_to_set = [] for at in account_types: if at not in g.active_organisation.valid_roles: raise Exception( f'{at} not a valid role for this organisation. Please choose one of the following: {g.active_organisation.valid_roles}' ) roles_to_set.append((ASSIGNABLE_TIERS[at], at)) chain = get_chain() if current_app.config['CHAINS'][chain]['IS_USING_BITCOIN']: try: base58.b58decode_check(blockchain_address) except ValueError: response_object = { 'message': 'Blockchain Address {} Not Valid'.format(blockchain_address) } return response_object, 400 if isinstance(phone, bool): phone = None if phone and not is_self_sign_up: # phone has already been parsed if self sign up try: phone = proccess_phone_number(phone) except NumberParseException as e: response_object = {'message': 'Invalid Phone Number: ' + str(e)} return response_object, 400 # Work out if there's an existing transfer account to bind to existing_transfer_account = None if primary_user_identifier: primary_user, _ = find_user_from_public_identifier( primary_user_identifier) if not primary_user or not primary_user.verify_password( primary_user_pin): response_object = {'message': 'Primary User not Found'} return response_object, 400 if not primary_user.verify_password(primary_user_pin): response_object = {'message': 'Invalid PIN for Primary User'} return response_object, 400 primary_user_transfer_account = primary_user.transfer_account if not primary_user_transfer_account: response_object = { 'message': 'Primary User has no transfer account' } return response_object, 400 if not (phone or email or public_serial_number or blockchain_address or user_id or uuid or not require_identifier): response_object = {'message': 'Must provide a unique identifier'} return response_object, 400 if use_precreated_pin and not public_serial_number: response_object = { 'message': 'Must provide public serial number to use a transfer card or pre-created pin' } return response_object, 400 if public_serial_number: public_serial_number = str(public_serial_number) if use_precreated_pin or require_transfer_card_exists: transfer_card = TransferCard.query.filter_by( public_serial_number=public_serial_number).first() if not transfer_card: response_object = {'message': 'Transfer card not found'} return response_object, 400 business_usage = None if business_usage_id: business_usage = TransferUsage.query.get(business_usage_id) if not business_usage: response_object = { 'message': f'Business Usage not found for id {business_usage_id}' } return response_object, 400 referred_by_user, _ = find_user_from_public_identifier(referred_by) if referred_by and not referred_by_user: response_object = { 'message': f'Referrer user not found for public identifier {referred_by}' } return response_object, 400 existing_user, _ = find_user_from_public_identifier( email, phone, public_serial_number, blockchain_address, uuid) if not existing_user and user_id: existing_user = User.query.get(user_id) if modify_only and existing_user is None: response_object = {'message': 'User not found'} return response_object, 404 if existing_user: if not allow_existing_user_modify: response_object = {'message': 'User already exists for Identifier'} return response_object, 400 try: user = update_transfer_account_user( existing_user, first_name=first_name, last_name=last_name, preferred_language=preferred_language, phone=phone, email=email, public_serial_number=public_serial_number, use_precreated_pin=use_precreated_pin, existing_transfer_account=existing_transfer_account, roles=roles_to_set, business_usage=business_usage) set_location_conditionally(user, location, gps_location) if referred_by_user: user.referred_by.clear( ) # otherwise prior referrals will remain... user.referred_by.append(referred_by_user) set_custom_attributes(attribute_dict, user) flag_modified(user, "custom_attributes") db.session.commit() response_object = { 'message': 'User Updated', 'data': { 'user': user_schema.dump(user).data } } return response_object, 200 except Exception as e: response_object = {'message': str(e)} return response_object, 400 user = create_transfer_account_user( first_name=first_name, last_name=last_name, preferred_language=preferred_language, phone=phone, email=email, public_serial_number=public_serial_number, uuid=uuid, organisation=organisation, blockchain_address=blockchain_address, transfer_account_name=transfer_account_name, use_precreated_pin=use_precreated_pin, use_last_4_digits_of_id_as_initial_pin= use_last_4_digits_of_id_as_initial_pin, existing_transfer_account=existing_transfer_account, roles=roles_to_set, is_self_sign_up=is_self_sign_up, business_usage=business_usage, initial_disbursement=initial_disbursement) set_location_conditionally(user, location, gps_location) if referred_by_user: user.referred_by.append(referred_by_user) if attribute_dict.get('gender'): attribute_dict['custom_attributes']['gender'] = attribute_dict.get( 'gender') if attribute_dict.get('bio'): attribute_dict['custom_attributes']['bio'] = attribute_dict.get('bio') set_custom_attributes(attribute_dict, user) if is_self_sign_up and attribute_dict.get('deviceInfo', None) is not None: save_device_info(device_info=attribute_dict.get('deviceInfo'), user=user) send_onboarding_sms_messages(user) # Location fires an async task that needs to know user ID db.session.flush() if phone: if is_self_sign_up: send_one_time_code(phone=phone, user=user) return { 'message': 'User Created. Please verify phone number.', 'otp_verify': True }, 200 elif current_app.config['ONBOARDING_SMS']: try: send_onboarding_sms_messages(user) except Exception as e: print(e) sentry_sdk.capture_exception(e) pass response_object = { 'message': 'User Created', 'data': { 'user': user_schema.dump(user).data } } return response_object, 200
def get(self, user_id): can_see_full_details = AccessControl.has_suffient_role( g.user.roles, {'ADMIN': 'admin'}) if not can_see_full_details: public_serial_number = request.args.get('public_serial_number') if public_serial_number: user = User.query.filter_by( public_serial_number=public_serial_number.strip()).first() if user: if user.default_transfer_account: response_object = { 'message': 'Successfully found transfer account!', 'data': { 'balance': user.default_transfer_account.balance } } return make_response(jsonify(response_object)), 201 response_object = { 'message': 'No transfer_account for user: {}'.format(user), } return make_response(jsonify(response_object)), 400 response_object = { 'message': 'No user for public serial number: {}'.format( public_serial_number), } return make_response(jsonify(response_object)), 400 response_object = { 'message': 'No public_serial_number provided', } return make_response(jsonify(response_object)), 400 account_type_filter = request.args.get('account_type') if account_type_filter: account_type_filter = account_type_filter.lower() if user_id: user = User.query.get(user_id) # # user.cashout_authorised() if user is None: response_object = { 'message': 'No such user: {}'.format(user_id), } return make_response(jsonify(response_object)), 400 response_object = { 'status': 'success', 'message': 'Successfully Loaded.', 'data': { 'user': user_schema.dump(user).data } } return make_response(jsonify(response_object)), 200 else: if account_type_filter == 'beneficiary': user_query = User.query.filter(User.has_beneficiary_role) elif account_type_filter == 'vendor': user_query = User.query.filter(User.has_vendor_role) elif account_type_filter == 'admin': user_query = User.query.filter(User.has_admin_role).order_by( User.created.desc()) else: user_query = User.query users, total_items, total_pages = paginate_query(user_query, User) if users is None: response_object = { 'message': 'No users', } return make_response(jsonify(response_object)), 400 user_list = users_schema.dump(users).data response_object = { 'message': 'Successfully Loaded.', 'pages': total_pages, 'items': total_items, 'data': { 'users': user_list, } } return make_response(jsonify(response_object)), 200
def proccess_create_or_modify_user_request( attribute_dict, organisation=None, allow_existing_user_modify=False, is_self_sign_up=False, modify_only=False, ): """ Takes a create or modify user request and determines the response. Normally what's in the top level API function, but here it's one layer down because there's multiple entry points for 'create user': - The admin api - The register api :param attribute_dict: attributes that can be supplied by the request maker :param organisation: what organisation the request maker belongs to. The created user is bound to the same org :param allow_existing_user_modify: whether to return and error when the user already exists for the supplied IDs :param is_self_sign_up: does the request come from the register api? :return: An http response """ if not attribute_dict.get('custom_attributes'): attribute_dict['custom_attributes'] = {} user_id = attribute_dict.get('user_id') email = attribute_dict.get('email') phone = attribute_dict.get('phone') referred_by = attribute_dict.get('referred_by') blockchain_address = attribute_dict.get('blockchain_address') provided_public_serial_number = attribute_dict.get('public_serial_number') if not blockchain_address and provided_public_serial_number: try: blockchain_address = to_checksum_address( provided_public_serial_number) # Since it's actually an ethereum address set the provided public serial number to None # so it doesn't get used as a transfer card provided_public_serial_number = None except Exception: pass require_transfer_card_exists = attribute_dict.get( 'require_transfer_card_exists', g.active_organisation.require_transfer_card) public_serial_number = (provided_public_serial_number or attribute_dict.get('payment_card_qr_code') or attribute_dict.get('payment_card_barcode')) location = attribute_dict.get('location') # address location geo_location = attribute_dict.get( 'geo_location') # geo location as str of lat, lng if geo_location: geo = geo_location.split(' ') lat = geo[0] lng = geo[1] else: # TODO: Work out how this passed tests when this wasn't definied properly!?! lat = None lng = None use_precreated_pin = attribute_dict.get('use_precreated_pin') use_last_4_digits_of_id_as_initial_pin = attribute_dict.get( 'use_last_4_digits_of_id_as_initial_pin') transfer_account_name = attribute_dict.get('transfer_account_name') first_name = attribute_dict.get('first_name') last_name = attribute_dict.get('last_name') business_usage_name = attribute_dict.get('business_usage_name') business_usage_id = None if business_usage_name: usage = TransferUsage.find_or_create(business_usage_name) business_usage_id = usage.id preferred_language = attribute_dict.get('preferred_language') primary_user_identifier = attribute_dict.get('primary_user_identifier') primary_user_pin = attribute_dict.get('primary_user_pin') initial_disbursement = attribute_dict.get('initial_disbursement', None) is_vendor = attribute_dict.get('is_vendor', None) if is_vendor is None: is_vendor = attribute_dict.get('vendor', False) is_tokenagent = attribute_dict.get('is_tokenagent', False) is_groupaccount = attribute_dict.get('is_groupaccount', False) # is_beneficiary defaults to the opposite of is_vendor is_beneficiary = attribute_dict.get( 'is_beneficiary', not is_vendor and not is_tokenagent and not is_groupaccount) if current_app.config['IS_USING_BITCOIN']: try: base58.b58decode_check(blockchain_address) except ValueError: response_object = { 'message': 'Blockchain Address {} Not Valid'.format(blockchain_address) } return response_object, 400 if isinstance(phone, bool): phone = None if phone and not is_self_sign_up: # phone has already been parsed if self sign up try: phone = proccess_phone_number(phone) except NumberParseException as e: response_object = {'message': 'Invalid Phone Number: ' + str(e)} return response_object, 400 # Work out if there's an existing transfer account to bind to existing_transfer_account = None if primary_user_identifier: primary_user = find_user_from_public_identifier( primary_user_identifier) if not primary_user or not primary_user.verify_password( primary_user_pin): response_object = {'message': 'Primary User not Found'} return response_object, 400 if not primary_user.verify_password(primary_user_pin): response_object = {'message': 'Invalid PIN for Primary User'} return response_object, 400 primary_user_transfer_account = primary_user.transfer_account if not primary_user_transfer_account: response_object = { 'message': 'Primary User has no transfer account' } return response_object, 400 if not (phone or email or public_serial_number or blockchain_address): response_object = {'message': 'Must provide a unique identifier'} return response_object, 400 if use_precreated_pin and not public_serial_number: response_object = { 'message': 'Must provide public serial number to use a transfer card or pre-created pin' } return response_object, 400 if public_serial_number: public_serial_number = str(public_serial_number) if use_precreated_pin or require_transfer_card_exists: transfer_card = TransferCard.query.filter_by( public_serial_number=public_serial_number).first() if not transfer_card: response_object = {'message': 'Transfer card not found'} return response_object, 400 business_usage = None if business_usage_id: business_usage = TransferUsage.query.get(business_usage_id) if not business_usage: response_object = { 'message': f'Business Usage not found for id {business_usage_id}' } return response_object, 400 referred_by_user = find_user_from_public_identifier(referred_by) if referred_by and not referred_by_user: response_object = { 'message': f'Referrer user not found for public identifier {referred_by}' } return response_object, 400 existing_user = find_user_from_public_identifier(email, phone, public_serial_number, blockchain_address) if modify_only: existing_user = User.query.get(user_id) if modify_only and existing_user is None: response_object = {'message': 'User not found'} return response_object, 404 if existing_user: if not allow_existing_user_modify: response_object = {'message': 'User already exists for Identifier'} return response_object, 400 try: user = update_transfer_account_user( existing_user, first_name=first_name, last_name=last_name, preferred_language=preferred_language, phone=phone, email=email, location=location, public_serial_number=public_serial_number, use_precreated_pin=use_precreated_pin, existing_transfer_account=existing_transfer_account, is_beneficiary=is_beneficiary, is_vendor=is_vendor, is_tokenagent=is_tokenagent, is_groupaccount=is_groupaccount, business_usage=business_usage) if referred_by_user: user.referred_by.clear( ) # otherwise prior referrals will remain... user.referred_by.append(referred_by_user) set_custom_attributes(attribute_dict, user) flag_modified(user, "custom_attributes") db.session.commit() response_object = { 'message': 'User Updated', 'data': { 'user': user_schema.dump(user).data } } return response_object, 200 except Exception as e: response_object = {'message': str(e)} return response_object, 400 user = create_transfer_account_user( first_name=first_name, last_name=last_name, preferred_language=preferred_language, phone=phone, email=email, public_serial_number=public_serial_number, organisation=organisation, blockchain_address=blockchain_address, transfer_account_name=transfer_account_name, lat=lat, lng=lng, use_precreated_pin=use_precreated_pin, use_last_4_digits_of_id_as_initial_pin= use_last_4_digits_of_id_as_initial_pin, existing_transfer_account=existing_transfer_account, is_beneficiary=is_beneficiary, is_vendor=is_vendor, is_tokenagent=is_tokenagent, is_groupaccount=is_groupaccount, is_self_sign_up=is_self_sign_up, business_usage=business_usage, initial_disbursement=initial_disbursement) if referred_by_user: user.referred_by.append(referred_by_user) if attribute_dict.get('gender'): attribute_dict['custom_attributes']['gender'] = attribute_dict.get( 'gender') if attribute_dict.get('bio'): attribute_dict['custom_attributes']['bio'] = attribute_dict.get('bio') set_custom_attributes(attribute_dict, user) if is_self_sign_up and attribute_dict.get('deviceInfo', None) is not None: save_device_info(device_info=attribute_dict.get('deviceInfo'), user=user) send_onboarding_sms_messages(user) # Location fires an async task that needs to know user ID db.session.flush() if location: user.location = location if phone: if is_self_sign_up: send_one_time_code(phone=phone, user=user) return { 'message': 'User Created. Please verify phone number.', 'otp_verify': True }, 200 elif current_app.config['ONBOARDING_SMS']: try: send_onboarding_sms_messages(user) except Exception as e: print(e) sentry_sdk.capture_exception(e) pass response_object = { 'message': 'User Created', 'data': { 'user': user_schema.dump(user).data } } return response_object, 200
def proccess_attribute_dict(attribute_dict, force_dict_keys_lowercase=False, allow_existing_user_modify=False, require_transfer_card_exists=False): elapsed_time('1.0 Start') if force_dict_keys_lowercase: attribute_dict = force_attribute_dict_keys_to_lowercase(attribute_dict) attribute_dict = strip_kobo_preslashes(attribute_dict) attribute_dict = apply_settings(attribute_dict) attribute_dict = truthy_all_dict_values(attribute_dict) attribute_dict = strip_whitespace_characters(attribute_dict) elapsed_time('2.0 Post Processing') email = attribute_dict.get('email') phone = attribute_dict.get('phone') blockchain_address = attribute_dict.get('blockchain_address') provided_public_serial_number = attribute_dict.get('public_serial_number') if not blockchain_address and provided_public_serial_number: try: blockchain_address = utils.checksum_encode( provided_public_serial_number) # Since it's actually an ethereum address set the provided public serial number to None # so it doesn't get used as a transfer card provided_public_serial_number = None except Exception: pass public_serial_number = (provided_public_serial_number or attribute_dict.get('payment_card_qr_code') or attribute_dict.get('payment_card_barcode')) location = attribute_dict.get('location') use_precreated_pin = attribute_dict.get('use_precreated_pin') use_last_4_digits_of_id_as_initial_pin = attribute_dict.get( 'use_last_4_digits_of_id_as_initial_pin') transfer_account_name = attribute_dict.get('transfer_account_name') first_name = attribute_dict.get('first_name') last_name = attribute_dict.get('last_name') primary_user_identifier = attribute_dict.get('primary_user_identifier') primary_user_pin = attribute_dict.get('primary_user_pin') custom_initial_disbursement = attribute_dict.get( 'custom_initial_disbursement', None) is_vendor = attribute_dict.get('is_vendor', None) if is_vendor is None: is_vendor = attribute_dict.get('vendor', False) # is_beneficiary defaults to the opposite of is_vendor is_beneficiary = attribute_dict.get('is_beneficiary', not is_vendor) if current_app.config['IS_USING_BITCOIN']: try: base58.b58decode_check(blockchain_address) except ValueError: response_object = { 'message': 'Blockchain Address {} Not Valid'.format(blockchain_address) } return response_object, 400 if isinstance(phone, bool): phone = None if phone: try: phone = proccess_phone_number(phone) except NumberParseException as e: response_object = {'message': 'Invalid Phone Number: ' + str(e)} return response_object, 400 # Work out if there's an existing transfer account to bind to existing_transfer_account = None if primary_user_identifier: primary_user = find_user_from_public_identifier( primary_user_identifier) if not primary_user or not primary_user.verify_password( primary_user_pin): response_object = {'message': 'Primary User not Found'} return response_object, 400 if not primary_user.verify_password(primary_user_pin): response_object = {'message': 'Invalid PIN for Primary User'} return response_object, 400 primary_user_transfer_account = primary_user.transfer_account if not primary_user_transfer_account: response_object = { 'message': 'Primary User has no transfer account' } return response_object, 400 if not (phone or email or public_serial_number or blockchain_address): response_object = {'message': 'Must provide a unique identifier'} return response_object, 400 if use_precreated_pin and not public_serial_number: response_object = { 'message': 'Must provide public serial number to use a transfer card or pre-created pin' } return response_object, 400 if public_serial_number: public_serial_number = str(public_serial_number) if use_precreated_pin or require_transfer_card_exists: transfer_card = models.TransferCard.query.filter_by( public_serial_number=public_serial_number).first() if not transfer_card: response_object = {'message': 'Transfer card not found'} return response_object, 400 if custom_initial_disbursement and not custom_initial_disbursement <= current_app.config[ 'MAXIMUM_CUSTOM_INITIAL_DISBURSEMENT']: response_object = { 'message': 'Disbursement more than maximum allowed amount ({} {})'.format( current_app.config['MAXIMUM_CUSTOM_INITIAL_DISBURSEMENT'] / 100, current_app.config['CURRENCY_NAME']) } return response_object, 400 existing_user = find_user_from_public_identifier(email, phone, public_serial_number, blockchain_address) if existing_user: if not allow_existing_user_modify: response_object = {'message': 'User already exists for Identifier'} return response_object, 400 user = update_transfer_account_user( existing_user, first_name=first_name, last_name=last_name, phone=phone, email=email, public_serial_number=public_serial_number, use_precreated_pin=use_precreated_pin, existing_transfer_account=existing_transfer_account, is_beneficiary=is_beneficiary, is_vendor=is_vendor) default_attributes, custom_attributes = set_custom_attributes( attribute_dict, user) flag_modified(user, "custom_attributes") db.session.commit() response_object = { 'message': 'User Updated', 'data': { 'user': user_schema.dump(user).data } } return response_object, 200 elapsed_time('3.0 Ready to create') user = create_transfer_account_user( first_name=first_name, last_name=last_name, phone=phone, email=email, public_serial_number=public_serial_number, blockchain_address=blockchain_address, transfer_account_name=transfer_account_name, location=location, use_precreated_pin=use_precreated_pin, use_last_4_digits_of_id_as_initial_pin= use_last_4_digits_of_id_as_initial_pin, existing_transfer_account=existing_transfer_account, is_beneficiary=is_beneficiary, is_vendor=is_vendor) elapsed_time('4.0 Created') default_attributes, custom_attributes = set_custom_attributes( attribute_dict, user) if custom_initial_disbursement: try: disbursement = CreditTransferUtils.make_disbursement_transfer( custom_initial_disbursement, user) except Exception as e: response_object = {'message': str(e)} return response_object, 400 elapsed_time('5.0 Disbursement done') db.session.flush() if location: user.location = location if phone and current_app.config['ONBOARDING_SMS']: try: balance = user.transfer_account.balance if isinstance(balance, int): balance = balance / 100 send_onboarding_message(first_name=user.first_name, to_phone=phone, credits=balance, one_time_code=user.one_time_code) except Exception as e: print(e) pass if user.one_time_code: response_object = { 'message': 'User Created', 'data': { 'user': user_schema.dump(user).data } } else: response_object = { 'message': 'User Created', 'data': { 'user': user_schema.dump(user).data } } elapsed_time('6.0 Complete') return response_object, 200