[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [taler-bank] branch master updated: making /admin call auth
|
From: |
gnunet |
|
Subject: |
[GNUnet-SVN] [taler-bank] branch master updated: making /admin call authenticated |
|
Date: |
Thu, 30 Mar 2017 16:29:47 +0200 |
This is an automated email from the git hooks/post-receive script.
marcello pushed a commit to branch master
in repository bank.
The following commit(s) were added to refs/heads/master by this push:
new c743f49 making /admin call authenticated
c743f49 is described below
commit c743f49c5d8e65202c1948998aa7e4bba614d8e7
Author: Marcello Stanisci <address@hidden>
AuthorDate: Thu Mar 30 16:29:37 2017 +0200
making /admin call authenticated
---
talerbank/app/schemas.py | 3 ++-
talerbank/app/tests_admin.py | 16 +++++++++-------
talerbank/app/views.py | 14 ++++++++++----
3 files changed, 21 insertions(+), 12 deletions(-)
diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index d4ba21b..7c1c9af 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -53,7 +53,8 @@ incoming_request_schema = {
"wtid": {"type": "string"},
"exchange_url": {"type": "string"},
"credit_account": {"type": "integer"},
- "debit_account": {"type": "integer"}
+ "username": {"type": "string"},
+ "password": {"type": "string"}
}
}
diff --git a/talerbank/app/tests_admin.py b/talerbank/app/tests_admin.py
index 8adbfe1..91b6938 100644
--- a/talerbank/app/tests_admin.py
+++ b/talerbank/app/tests_admin.py
@@ -47,16 +47,18 @@ class AddIncomingTestCase(TestCase):
def test_add_incoming(self):
c = Client()
- data = '{"debit_account":1, \
- "credit_account":2, \
- "wtid":"TESTWTID", \
- "exchange_url":"https://exchange.test";, \
+ data = '{"username": "bank_user", \
+ "password": "bank_password", \
+ "credit_account": 2, \
+ "wtid": "TESTWTID", \
+ "exchange_url": "https://exchange.test";, \
"amount": \
- {"value":1, \
- "fraction":0, \
- "currency":"%s"}}' \
+ {"value": 1, \
+ "fraction": 0, \
+ "currency": "%s"}}' \
% settings.TALER_CURRENCY
response = c.post(reverse("add-incoming", urlconf=urlsadmin),
data=data,
content_type="application/json",
follow=True)
+ self.assertEqual(200, response.status_code)
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 5cd1ad8..3f4ff70 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -348,19 +348,25 @@ def add_incoming(request):
logger.info("Handling /admin/add/incoming.")
data = json.loads(request.body.decode("utf-8"))
subject = "%s %s" % (data["wtid"], data["exchange_url"])
- logger.info("Submitting wire transfer: '%s'", subject)
try:
schemas.validate_incoming_request(data)
except ValueError:
return HttpResponseBadRequest()
+ # authenticate the user
+ user_account = django.contrib.auth.authenticate(username=data["username"],
+ password=data["password"])
+ if user_account is None:
+ return JsonResponse({"outcome": "fail",
+ "hint": "authentication failed"},
+ status=401)
+ logger.info("Submitting wire transfer: '%s'", subject)
try:
- debit_account = user_account =
BankAccount.objects.get(user=data["debit_account"])
- credit_account = user_account =
BankAccount.objects.get(user=data["credit_account"])
+ credit_account = BankAccount.objects.get(user=data["credit_account"])
except BankAccount.DoesNotExist:
return HttpResponse(status=404)
try:
wire_transfer(data["amount"],
- debit_account,
+ user_account.bankaccount,
credit_account,
subject)
except DebtLimitExceededException:
--
To stop receiving notification emails like this one, please contact
address@hidden
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [taler-bank] branch master updated: making /admin call authenticated,
gnunet <=