def _update_actor_balance(self, price): rss = RSS.objects.all()[0] actor = None # Check who is the charging actor (user or organization) if self._purchase.organization_owned: actor = self._purchase.owner_organization else: client = self._purchase.customer actor = Organization.objects.get(actor_id=client.userprofile.actor_id) charge = { 'currency': self._price_model['general_currency'], 'amount': price } # Check balance try: exp_manager = ExpenditureManager(rss, rss.access_token) exp_manager.update_balance(charge, actor) except HTTPError as e: # Check if it is needed to refresh the access token if e.code == 401: rss.refresh_token() exp_manager.set_credentials(rss.access_token) exp_manager.update_balance(charge, actor) # Check if the error is due to an insufficient balance else: raise e
def _check_expenditure_limits(self, price): """ Check if the user can purchase the offering depending on its expenditure limits and ir accumulated balance thought the RSS """ # Check is an RSS instance is registered if not RSS.objects.all(): return else: rss = RSS.objects.all()[0] actor = None # Check who is the charging actor (user or organization) if self._purchase.organization_owned: actor = self._purchase.owner_organization else: client = self._purchase.customer actor = Organization.objects.get(actor_id=client.userprofile.actor_id) # Check if the actor has defined expenditure limits if not actor.expenditure_limits: return charge = { 'currency': self._price_model['general_currency'], 'amount': price } # Check balance request_failure = None try: exp_manager = ExpenditureManager(rss, rss.access_token) exp_manager.check_balance(charge, actor) except HTTPError as e: # Check if it is needed to refresh the access token if e.code == 401: rss.refresh_token() exp_manager.set_credentials(rss.access_token) try: exp_manager.check_balance(charge, actor) # The user may be unauthorized, an error occurs, or the # actor balance is not enough except: request_failure = e # Check if the error is due to an insufficient balance else: request_failure = e except: request_failure = e # Raise the correct failure if request_failure: if type(request_failure) == HTTPError and request_failure.code == 404\ and json.loads(request_failure.read())['exceptionId'] == 'SVC3705': raise Exception('There is not enough balance. Check your expenditure limits') else: raise request_failure self._expenditure_used = True
def update(self, request, username): if not request.user.is_staff and not request.user.username == username: return build_response(request, 403, 'Forbidden') data = json.loads(request.raw_post_data) # Update the user try: user = User.objects.get(username=username) # Get the user profile user_profile = UserProfile.objects.get(user=user) # If WStore is not integrated with the accounts enabler # update user info and roles if not settings.OILAUTH: if request.user.is_staff and 'roles' in data: # The user cannot change its roles if 'admin' in data['roles'] and request.user.is_staff: user.is_staff = True if 'provider' in data['roles']: # Append the provider role to the user orgs = [] for o in user_profile.organizations: if Organization.objects.get(pk=o['organization']).name == user.username \ and not 'provider' in o['roles']: o['roles'].append('provider') orgs.append(o) user_profile.organizations = orgs elif not 'provider' in data['roles'] and 'provider' in user_profile.get_user_roles(): # Remove the provider role from the user info orgs = [] for o in user_profile.organizations: if Organization.objects.get(pk=o['organization']).name == user.username: o['roles'].remove('provider') orgs.append(o) else: orgs.append(o) user_profile.organizations = orgs if 'notification_url' in data and 'provider' in user_profile.get_user_roles(): user_org = Organization.objects.get(name=user.username) user_org.notification_url = data['notification_url'] user_org.save() if 'password' in data: user.set_password(data['password']) if 'first_name' in data and 'last_name' in data: user.first_name = data['first_name'] user.last_name = data['last_name'] user_profile.complete_name = data['first_name'] + ' ' + data['last_name'] elif 'complete_name' in data: user_profile.complete_name = data['complete_name'] else: user_org = Organization.objects.get(actor_id=user.userprofile.actor_id) if 'notification_url' in data and 'provider' in user_profile.get_user_roles(): user_org.notification_url = data['notification_url'] user_org.save() # Check if expenditure limits are included in the request if 'limits' in data and data['limits']: limits = _check_limits(data['limits']) currency = limits['currency'] # Get default RSS instance try: rss_instance = RSS.objects.all()[0] except: raise Exception('No RSS instance registered: An RSS instance is needed for setting up expenditure limits') # Create limits in the RSS try: exp_manager = ExpenditureManager(rss_instance, rss_instance.access_token) exp_manager.set_actor_limit(limits, user.userprofile) except HTTPError as e: if e.code == 401: rss_instance.refresh_token() exp_manager.set_credentials(rss_instance.access_token) exp_manager.set_actor_limit(limits, user.userprofile) else: raise e # Save limits limits['currency'] = currency user_org.expenditure_limits = limits user_org.save() if 'tax_address' in data: user_profile.tax_address = { 'street': data['tax_address']['street'], 'postal': data['tax_address']['postal'], 'city': data['tax_address']['city'], 'country': data['tax_address']['country'] } else: # the update is absolute so if no tax address provided it is deleted user_profile.tax_address = {} if 'payment_info' in data: number = data['payment_info']['number'] if not is_valid_credit_card(number): if 'number' in user_profile.payment_info and \ is_hidden_credit_card(number, user_profile.payment_info['number']): number = user_profile.payment_info['number'] else: raise Exception('') user_profile.payment_info = { 'type': data['payment_info']['type'], 'number': number, 'expire_month': data['payment_info']['expire_month'], 'expire_year': data['payment_info']['expire_year'], 'cvv2': data['payment_info']['cvv2'] } else: # the update is absolute so if no payment info provided it is deleted user_profile.payment_info = {} user.save() user_profile.save() except Exception as e: msg = 'Invalid content' if e.message: msg = e.message return build_response(request, 400, msg) return build_response(request, 200, 'OK')
def update(self, request, org): # Get the organization try: organization = Organization.objects.get(name=org) except: return build_response(request, 404, 'Organization not found') if not request.user.is_active: return build_response(request, 403, 'Forbidden') if not request.user.is_staff and not request.user.pk in organization.managers: return build_response(request, 403, 'Forbidden') try: # Load request data data = json.loads(request.raw_post_data) if 'notification_url' in data: if data['notification_url'] and not is_valid_url(data['notification_url']): raise Exception('Enter a valid URL') organization.notification_url = data['notification_url'] # Load the tax address new_taxaddr = {} if 'tax_address' in data and data['tax_address'] != {}: new_taxaddr = { 'street': data['tax_address']['street'], 'postal': data['tax_address']['postal'], 'city': data['tax_address']['city'], 'country': data['tax_address']['country'] } organization.tax_address = new_taxaddr # Load the payment info new_payment = {} if 'payment_info' in data and data['payment_info'] != {}: number = data['payment_info']['number'] if not is_valid_credit_card(number): if 'number' in organization.payment_info and \ is_hidden_credit_card(number, organization.payment_info['number']): number = organization.payment_info['number'] else: raise Exception('Invalid credit card number') new_payment = { 'type': data['payment_info']['type'], 'number': number, 'expire_year': data['payment_info']['expire_year'], 'expire_month': data['payment_info']['expire_month'], 'cvv2': data['payment_info']['cvv2'] } if 'limits' in data: limits = _check_limits(data['limits']) currency = limits['currency'] # Get default RSS rss = RSS.objects.all()[0] exp_manager = ExpenditureManager(rss, rss.access_token) try: exp_manager.set_actor_limit(limits, organization) except HTTPError as e: if e.code == 401: rss.refresh_token() exp_manager.set_credentials(rss.access_token) exp_manager.set_actor_limit(limits, organization) else: raise e # Save limits limits['currency'] = currency organization.expenditure_limits = limits organization.payment_info = new_payment organization.save() except Exception as e: msg = 'Invalid JSON content' if e.message: msg = e.message return build_response(request, 400, msg) return build_response(request, 200, 'OK')