[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-bank] 01/06: addressing #5013
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-bank] 01/06: addressing #5013 |
|
Date: |
Mon, 29 May 2017 11:25:16 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository bank.
commit 85fea9b7b0e249fc7e6caad2a00452257df75938
Author: Marcello Stanisci <address@hidden>
AuthorDate: Tue May 23 15:52:14 2017 +0200
addressing #5013
---
bank-check.conf | 1 +
talerbank/app/amounts.py | 13 +++++-
talerbank/app/tests.py | 15 +++++-
talerbank/app/views.py | 117 +++++++++++++++++++++++++++++++++--------------
4 files changed, 108 insertions(+), 38 deletions(-)
diff --git a/bank-check.conf b/bank-check.conf
index dc78564..b38ccd0 100644
--- a/bank-check.conf
+++ b/bank-check.conf
@@ -1,3 +1,4 @@
+
[taler]
CURRENCY = KUDOS
diff --git a/talerbank/app/amounts.py b/talerbank/app/amounts.py
index f201594..f9bdd02 100644
--- a/talerbank/app/amounts.py
+++ b/talerbank/app/amounts.py
@@ -26,10 +26,19 @@ logger = logging.getLogger(__name__)
FRACTION = 100000000
class CurrencyMismatchException(Exception):
- pass
+ def __init__(self, msg=None, status_code=0):
+ self.msg = msg
+ # HTTP status code to be returned as response for
+ # this exception
+ self.status_code = status_code
class BadFormatAmount(Exception):
- pass
+ def __init__(self, msg=None, status_code=0):
+ self.msg = msg
+ # HTTP status code to be returned as response for
+ # this exception
+ self.status_code = status_code
+
def check_currency(a1, a2):
if a1["currency"] != a2["currency"]:
diff --git a/talerbank/app/tests.py b/talerbank/app/tests.py
index 4de125e..092d21c 100644
--- a/talerbank/app/tests.py
+++ b/talerbank/app/tests.py
@@ -123,6 +123,20 @@ class AddIncomingTestCase(TestCase):
content_type="application/json",
follow=True, **{"HTTP_X_TALER_BANK_USERNAME":
"user_user", "HTTP_X_TALER_BANK_PASSWORD": "user_password"})
self.assertEqual(200, response.status_code)
+ data = '{"auth": {"type": "basic"}, \
+ "credit_account": 1, \
+ "wtid": "TESTWTID", \
+ "exchange_url": "https://exchange.test";, \
+ "amount": \
+ {"value": 1, \
+ "fraction": 0, \
+ "currency": "%s"}}' \
+ % "WRONGCURRENCY"
+ response = c.post(reverse("add-incoming", urlconf=urls),
+ data=data,
+ content_type="application/json",
+ follow=True, **{"HTTP_X_TALER_BANK_USERNAME":
"user_user", "HTTP_X_TALER_BANK_PASSWORD": "user_password"})
+ self.assertEqual(406, response.status_code)
class HistoryTestCase(TestCase):
@@ -171,7 +185,6 @@ class HistoryTestCase(TestCase):
response = c.get(reverse("history", urlconf=urls), {"auth": "basic",
"delta": "1", "start": "11"},
**{"HTTP_X_TALER_BANK_USERNAME": "User",
"HTTP_X_TALER_BANK_PASSWORD": "Password"})
response_txt = response.content.decode("utf-8")
- logger.info(response_txt)
self.assertEqual(204, response.status_code)
# Get credit records
response = c.get(reverse("history", urlconf=urls), {"auth": "basic",
"delta": "+1", "direction": "credit"},
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index c3bed3e..b0d8974 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -232,6 +232,13 @@ def pin_tan_verify(request):
logger.warning("Withdrawal impossible due to debt limit exceeded")
request.session["debt_limit"] = True
return redirect("profile")
+ except amounts.BadFormatAmount as e:
+ return HttpResponse(e.msg, status=e.status_code)
+ except amounts.CurrencyMismatchException as e:
+ return HttpResponse(e.msg, status=e.status_code)
+ except SameAccountException:
+ logger.error("Odd situation: SameAccountException should NOT occur in
this function")
+ return HttpResponse("internal server error", status=500)
request_url = urljoin(exchange_url, "admin/add/incoming")
res = requests.post(request_url, json=json_body)
@@ -274,6 +281,14 @@ def register(request):
except DebtLimitExceededException:
logger.info("Debt situation encountered")
request.session["no_initial_bonus"] = True
+ except amounts.CurrencyMismatchException as e:
+ return HttpResponse(e.msg, status=e.status_code)
+ except amounts.BadFormatAmount as e:
+ return HttpResponse(e.msg, status=e.status_code)
+ except SameAccountException:
+ logger.error("Odd situation: SameAccountException should NOT occur in
this function")
+ return HttpResponse("internal server error", status=500)
+
request.session["just_registered"] = True
user = django.contrib.auth.authenticate(username=username,
password=password)
django.contrib.auth.login(request, user)
@@ -471,14 +486,15 @@ def add_incoming(request):
credit_account,
subject)
return JsonResponse(dict(serial_id=transaction.id,
timestamp="/Date(%s)/" % int(transaction.date.timestamp())))
- except amounts.BadFormatAmount:
- logger.error("Amount specified in TALER_MAX_DEBT or
TALER_MAX_DEBT_BANK is malformed")
- return HttpResponse(status=500)
+ except amounts.BadFormatAmount as e:
+ return JsonResponse(dict(error=e.msg), status=e.status_code)
except SameAccountException:
return JsonResponse(dict(error="debit and credit account are the
same"), status=422)
except DebtLimitExceededException:
return JsonResponse(dict(error="debit count has reached its debt
limit", status=403 ),
status=403)
+ except amounts.CurrencyMismatchException as e:
+ return JsonResponse(dict(error=e.msg), status=e.status_code)
@login_required
@require_POST
@@ -515,42 +531,73 @@ def wire_transfer(amount,
debit_account=debit_account,
subject=subject)
- if debit_account.debit:
- debit_account.balance_obj =
amounts.amount_add(debit_account.balance_obj,
- amount)
-
- elif -1 == amounts.amount_cmp(debit_account.balance_obj, amount):
- debit_account.debit = True
- debit_account.balance_obj = amounts.amount_sub(amount,
-
debit_account.balance_obj)
- else:
- debit_account.balance_obj =
amounts.amount_sub(debit_account.balance_obj,
- amount)
-
- if False == credit_account.debit:
- credit_account.balance_obj =
amounts.amount_add(credit_account.balance_obj,
- amount)
-
- elif 1 == amounts.amount_cmp(amount, credit_account.balance_obj):
- credit_account.debit = False
- credit_account.balance_obj = amounts.amount_sub(amount,
-
credit_account.balance_obj)
- else:
- credit_account.balance_obj =
amounts.amount_sub(credit_account.balance_obj,
- amount)
+ # Client problem (amount's currency != bank's currency)
+ try:
+ if debit_account.debit:
+ debit_account.balance_obj =
amounts.amount_add(debit_account.balance_obj,
+ amount)
+
+ elif -1 == amounts.amount_cmp(debit_account.balance_obj, amount):
+ debit_account.debit = True
+ debit_account.balance_obj = amounts.amount_sub(amount,
+
debit_account.balance_obj)
+ else:
+ debit_account.balance_obj =
amounts.amount_sub(debit_account.balance_obj,
+ amount)
+
+ if False == credit_account.debit:
+ credit_account.balance_obj =
amounts.amount_add(credit_account.balance_obj,
+ amount)
+
+ elif 1 == amounts.amount_cmp(amount, credit_account.balance_obj):
+ credit_account.debit = False
+ credit_account.balance_obj = amounts.amount_sub(amount,
+
credit_account.balance_obj)
+ else:
+ credit_account.balance_obj =
amounts.amount_sub(credit_account.balance_obj,
+ amount)
+ # end-of client problem
+ except amounts.CurrencyMismatchException:
+ # make sure the accounts match bank's currency
+ msg = "The amount to be transferred (%s) doesn't match the bank's
currency (%s)" % (amount["currency"], settings.TALER_CURRENCY)
+ status_code = 406
+ if settings.TALER_CURRENCY != credit_account.balance_obj["currency"]:
+ logger.error("Internal inconsistency: credit account's currency
(%s) differs from bank's one (%s)" % (credit_account.balance_obj["currency"],
settings.TALER_CURRENCY))
+ msg = "Internal server error"
+ status_code = 500
+ elif settings.TALER_CURRENCY != debit_account.balance_obj["currency"]:
+ logger.error("Internal inconsistency: debit account's currency
(%s) differs from bank's one (%s)" % (debit_account.balance_obj["currency"],
settings.TALER_CURRENCY))
+ msg = "Internal server error"
+ status_code = 500
+ logger.error(msg)
+ raise amounts.CurrencyMismatchException(msg=msg,
status_code=status_code)
# Check here if any account went beyond the allowed
# debit threshold.
- threshold = amounts.parse_amount(settings.TALER_MAX_DEBT)
- if debit_account.user.username == "Bank":
- threshold = amounts.parse_amount(settings.TALER_MAX_DEBT_BANK)
- if 1 == amounts.amount_cmp(debit_account.balance_obj, threshold) \
- and 0 != amounts.amount_cmp(amounts.get_zero(), threshold) \
- and debit_account.debit:
- logger.error("Negative balance '%s' not allowed." %
json.dumps(debit_account.balance_obj))
- logger.info("%s's threshold is: '%s'." % (debit_account.user.username,
json.dumps(threshold)))
- raise DebtLimitExceededException()
+ # Parse potential problem
+ try:
+ threshold = amounts.parse_amount(settings.TALER_MAX_DEBT)
+
+ if debit_account.user.username == "Bank":
+ threshold = amounts.parse_amount(settings.TALER_MAX_DEBT_BANK)
+ except amounts.BadFormatAmount:
+ logger.error("MAX_DEBT|MAX_DEBT_BANK had the wrong format")
+ raise amounts.BadFormatAmount(msg="internal server error",
status_code=500)
+ # end-of parse problem
+
+ # Internal internal problem (threshold)
+ try:
+ if 1 == amounts.amount_cmp(debit_account.balance_obj, threshold) \
+ and 0 != amounts.amount_cmp(amounts.get_zero(), threshold) \
+ and debit_account.debit:
+ logger.error("Negative balance '%s' not allowed." %
json.dumps(debit_account.balance_obj))
+ logger.info("%s's threshold is: '%s'." %
(debit_account.user.username, json.dumps(threshold)))
+ raise DebtLimitExceededException()
+ except amounts.CurrencyMismatchException:
+ logger.error("(Internal) currency mismatch between debt threshold and
debit account")
+ raise amounts.CurrencyMismatchException(msg="internal server error",
status_code=500)
+ # end-of internal problem
with transaction.atomic():
debit_account.save()
--
To stop receiving notification emails like this one, please contact
address@hidden
- [GNUnet-SVN] [taler-bank] branch master updated (9430850 -> 05d86a1), gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 06/06: commenting out faults-injected tests, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 03/06: Add manual authentication before logging a user in. Just calling login() without authenticating the user before, returns 200 even for wrong login attempts., gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 05/06: removing unneeded comments, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 04/06: testing operations with wrong currencies, gnunet, 2017/05/29
- [GNUnet-SVN] [taler-bank] 01/06: addressing #5013,
gnunet <=
- [GNUnet-SVN] [taler-bank] 02/06: first tests under erroneous circumstances, gnunet, 2017/05/29