[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-bank] 02/02: porting add-incoming
From: |
gnunet |
Subject: |
[GNUnet-SVN] [taler-bank] 02/02: porting add-incoming |
Date: |
Fri, 31 May 2019 18:56:37 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository bank.
commit 79734f4aa3760aab92ff1326c701452738f40931
Author: Marcello Stanisci <address@hidden>
AuthorDate: Fri May 31 18:56:29 2019 +0200
porting add-incoming
---
talerbank/app/schemas.py | 53 ++++++++++++------------------------------------
talerbank/app/views.py | 28 +++++++++++++++----------
2 files changed, 30 insertions(+), 51 deletions(-)
diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index 20d5e01..d44a03b 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -40,6 +40,10 @@ UINT64_MAX = (2**64) - 1
##
+# Pattern for amounts, plain RegEx.
+AMOUNT_REGEX = "^[A-Za-z0-9_-]+:([0-9]+)\.?([0-9]+)?$"
+
+##
# Exception class to be raised when at least one expected URL
# parameter is either not found or malformed.
class URLParamValidationError(ValidationError):
@@ -87,6 +91,15 @@ class RejectData(forms.Form):
row_id = forms.IntegerField()
account_number = forms.IntegerField()
+class AddIncomingData(forms.Form):
+ auth = AuthField()
+ amount = forms.CharField(validators=[
+ RegexValidator(AMOUNT_REGEX,
+ message="Format CURRENCY:X[.Y] not respected")])
+ subject = forms.CharField()
+ credit_account = forms.IntegerField(min_value=1)
+ exchange_url = forms.URLField()
+
##
# Form specification that validates GET parameters from a
# /history request.
@@ -244,29 +257,6 @@ AUTH_SCHEMA = {
##
-# Definition for reject request bodies.
-REJECT_REQUEST_SCHEMA = {
- "type": "object",
- "properties": {
- "auth": AUTH_SCHEMA,
- "row_id": {"type": "integer"},
- "account_number": {"type": "integer"}
- }
-}
-
-##
-# Definition for /add/incoming request bodies.
-INCOMING_REQUEST_SCHEMA = {
- "type": "object",
- "properties": {
- "amount": {"type": AMOUNT_SCHEMA},
- "subject": {"type": "string"},
- "credit_account": {"type": "integer"},
- "auth": AUTH_SCHEMA
- }
-}
-
-##
# Definition for PIN/TAN request URL parameters.
PIN_TAN_ARGS = {
"type": "object",
@@ -316,13 +306,6 @@ def validate_pin_tan(data):
validate(data, PIN_TAN_ARGS, format_validators=format_dict)
##
-# Check if the /reject request is valid.
-#
-# @param data POST/PUT body.
-def validate_reject(data):
- validate(data, REJECT_REQUEST_SCHEMA)
-
-##
# Check wire details
# (regardless of which endpoint triggered the check)
#
@@ -331,14 +314,6 @@ def validate_wiredetails(wiredetails):
validate(wiredetails, WIREDETAILS_SCHEMA)
##
-# Check input data for a wire transfer commanded via the
-# HTTP REST service.
-#
-# @param data POST body sent along the request.
-def validate_add_incoming(data):
- validate(data, INCOMING_REQUEST_SCHEMA)
-
-##
# Check that the state corresponds to a withdrawal session.
#
# @param data the dict representing the server state. So not
@@ -359,8 +334,6 @@ def check_withdraw_session(data):
# request.
def validate_data(request, data):
switch = {
- "/reject": validate_reject,
- "/admin/add/incoming": validate_add_incoming,
"/pin/verify": check_withdraw_session,
"/pin/question": validate_pin_tan
}
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 77f2477..88e5742 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -44,7 +44,7 @@ from django.shortcuts import render, redirect
from datetime import datetime
from .models import BankAccount, BankTransaction
from .amount import Amount
-from .schemas import validate_data, HistoryParams, HistoryRangeParams,
URLParamValidationError, RejectData, JSONFieldException
+from .schemas import validate_data, HistoryParams, HistoryRangeParams,
URLParamValidationError, RejectData, AddIncomingData, JSONFieldException
LOGGER = logging.getLogger(__name__)
@@ -831,21 +831,27 @@ def reject(request, user_account):
@login_via_headers
def add_incoming(request, user_account):
data = json.loads(request.body.decode("utf-8"))
- validate_data(request, data)
- subject = "%s %s" % (data["subject"], data["exchange_url"])
+ data = AddIncomingData(data)
+
+ if not data.is_valid():
+ raise JSONFieldException(data.errors, 400)
+
+ subject = "%s %s" % (data.cleaned_data["subject"],
+ data.cleaned_data["exchange_url"])
+
credit_account = BankAccount.objects.get(
- account_no=data["credit_account"])
- wtrans = wire_transfer(Amount.parse(data["amount"]),
- user_account.bankaccount,
- credit_account,
- subject)
+ account_no=data.cleaned_data["credit_account"])
+
+ wtrans = wire_transfer(
+ Amount.parse(data.cleaned_data["amount"]),
+ user_account.bankaccount,
+ credit_account,
+ subject)
+
return JsonResponse(
{"row_id": wtrans.id,
"timestamp": "/Date(%s)/" % int(wtrans.date.timestamp())})
-
-
-
##
# Serve a Taler withdrawal request; takes the amount chosen
# by the user, and builds a response to trigger the wallet into
--
To stop receiving notification emails like this one, please contact
address@hidden