gnunet-svn
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [taler-bank] branch master updated: shortening pin/tan hand

From: gnunet
Subject: [GNUnet-SVN] [taler-bank] branch master updated: shortening pin/tan handler
Date: Mon, 06 Nov 2017 12:33:54 +0100 
This is an automated email from the git hooks/post-receive script.

marcello pushed a commit to branch master
in repository bank.

The following commit(s) were added to refs/heads/master by this push:
     new 62674ab  shortening pin/tan handler
62674ab is described below

commit 62674ab55897a9a84112278af81be62225f62fa9
Author: Marcello Stanisci <address@hidden>
AuthorDate: Mon Nov 6 12:33:32 2017 +0100

    shortening pin/tan handler
---
 talerbank/app/schemas.py | 30 ++++++++++++++++++++++++++++++
 talerbank/app/views.py   | 46 +++++++++++-----------------------------------
 2 files changed, 41 insertions(+), 35 deletions(-)

diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index e43947d..15988a5 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -20,6 +20,7 @@ definitions of JSON schemas for validating data
 """
 
 import validictory
+import json
 
 WIREDETAILS_SCHEMA = {
     "type": "object",
@@ -64,6 +65,35 @@ INCOMING_REQUEST_SCHEMA = {
     }
 }
 
+PIN_TAN_ARGS = {
+    "type": "object",
+    "properties": {
+        "amount_value": {"format": "str_to_int"},
+        "amount_fraction": {"format": "str_to_int"},
+        "amount_currency": {"type": "string"},
+        "exchange": {"type": "string"},
+        "reserve_pub": {"type": "string"},
+        "wire_details": {"format": "wiredetails_string"}
+    }
+}
+
+def validate_pintan_types(validator, fieldname, value, format_option):
+    try:
+        if format_option == "str_to_int":
+            int(value)
+        if format_option == "wiredetails_string":
+            data = json.loads(value)
+            validate_wiredetails(data)
+    except Exception:
+        raise validictory.FieldValidationError(
+            "Missing/malformed '%s'" % fieldname, fieldname, value)
+
+def validate_pin_tan_args(pin_tan_args):
+    format_dict = {
+        "str_to_int": validate_pintan_types,
+        "wiredetails_string": validate_pintan_types}
+    validictory.validate(pin_tan_args, PIN_TAN_ARGS, 
format_validators=format_dict)
+
 def validate_amount(amount):
     validictory.validate(amount, AMOUNT_SCHEMA)
 
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 439f394..dc5aabc 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -129,41 +129,18 @@ class Pin(forms.Form):
 @require_GET
 @login_required
 def pin_tan_question(request):
-    for param in ("amount_value",
-                  "amount_fraction",
-                  "amount_currency",
-                  "exchange",
-                  "reserve_pub",
-                  "wire_details"):
-        if param not in request.GET:
-            return HttpResponseBadRequest("parameter {} missing".format(param))
     try:
-        value = int(request.GET.get("amount_value", None))
-    except ValueError:
-        return HttpResponseBadRequest("invalid parameters: \"amount_value\" 
not given or NaN")
-    try:
-        fraction = int(request.GET.get("amount_fraction", None))
-    except ValueError:
-        return HttpResponseBadRequest("invalid parameters: \"amount_fraction\" 
not given or NaN")
-    try:
-        currency = request.GET.get("amount_currency", None)
-    except ValueError:
-        return HttpResponseBadRequest("invalid parameters: \"amount_currency\" 
not given")
-    if currency != settings.TALER_CURRENCY:
-        return HttpResponse("Such currency (%s) is not accepted" % currency, 
status=422)
-    amount = Amount(currency, value, fraction)
-    user_account = BankAccount.objects.get(user=request.user)
-    wiredetails = json.loads(request.GET["wire_details"])
-    if not isinstance(wiredetails, dict) or "test" not in wiredetails:
-        return HttpResponseBadRequest(
-            "This bank only supports the test wire transfer method. "
-            "The exchange does not seem to support it.")
-    try:
-        schemas.validate_wiredetails(wiredetails)
+        schemas.validate_pin_tan_args(request.GET.dict())
+        # Currency is not checked, as any mismatches will be
+        # detected afterwards
     except ValueError as error:
-        return HttpResponseBadRequest("invalid parameters (%s)" % error)
-    # parameters we store in the session are (more or less) validated
-    request.session["exchange_account_number"] = 
wiredetails["test"]["account_number"]
+        return HttpResponseBadRequest("invalid '%s'" % error.fieldname)
+    user_account = BankAccount.objects.get(user=request.user)
+    request.session["exchange_account_number"] = \
+        json.loads(request.GET["wire_details"])["test"]["account_number"]
+    amount = Amount(request.GET["amount_currency"],
+                    int(request.GET["amount_value"]),
+                    int(request.GET["amount_fraction"]))
     request.session["amount"] = amount.dump()
     request.session["exchange_url"] = request.GET["exchange"]
     request.session["reserve_pub"] = request.GET["reserve_pub"]
@@ -177,8 +154,7 @@ def pin_tan_question(request):
         form=Pin(auto_id=False),
         amount=amount.stringify(settings.TALER_DIGITS),
         previous_failed=previous_failed,
-        exchange=request.GET["exchange"],
-    )
+        exchange=request.GET["exchange"])
     return render(request, "pin_tan.html", context)
 
 

-- 
To stop receiving notification emails like this one, please contact
address@hidden
reply via email to
[Prev in Thread] Current Thread [Next in Thread]