[GNUnet-SVN] [taler-bank] branch master updated (5761de4 -> a75f50f)

[gnunet]

This is an automated email from the git hooks/post-receive script.

marcello pushed a change to branch master
in repository bank.

    from 5761de4  addressing obvious pylint warnings
     new bdb278f  still against the "too many return statement" warning; fetch 
login credentials from the headers via a dedicated decorator.
     new a75f50f  fix exception return value

The 2 revisions listed above as "new" are entirely new to this
repository and will be described in separate emails.  The revisions
listed as "add" were already present in the repository and have only
been added to this reference.


Summary of changes:
 talerbank/app/views.py | 102 ++++++++++++++++++++++++++-----------------------
 1 file changed, 54 insertions(+), 48 deletions(-)

diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index ab96c34..83ccc3f 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -16,6 +16,7 @@
 #  @author Florian Dold
 
 from urllib.parse import urljoin
+from functools import wraps
 import json
 import logging
 import time
@@ -162,6 +163,8 @@ def pin_tan_question(request):
         exchange=request.GET["exchange"])
     return render(request, "pin_tan.html", context)
 
+def err_ctx(resp, msg):
+    return dict(resp=resp, msg=msg)
 
 @require_POST
 @login_required
@@ -189,18 +192,17 @@ def pin_tan_verify(request):
                       exchange_bank_account,
                       request.session["reserve_pub"])
     except BankAccount.DoesNotExist as exc:
-        ctx = {"err": lambda: HRBR("That exchange is unknown to this bank"),
-               "exc": exc}
+        err = err_ctx(HRBR("That exchange is unknown to this bank"),
+                      exc)
     except DebtLimitExceededException as exc:
         request.session["debt_limit"] = True
-        ctx = {"err": lambda: redirect("profile"),
-               "exc": exc}
+        err = err_ctx(redirect("profile"), exc)
     except (SameAccountException, BadFormatAmount, CurrencyMismatch) as exc:
-        ctx = {"err": lambda: JsonResponse(dict(error="Internal server error", 
status=500)),
-               "exc": exc}
+        err = err_ctx(JsonResponse({"error": "Internal server error"}, 
status=500),
+                      exc)
     if "err" in locals():
-        LOGGER.error(ctx["exc"])
-        return ctx["err"]()
+        LOGGER.error(err["msg"])
+        return err["resp"]()
     res = requests.post(
         urljoin(request.session["exchange_url"],
                 "admin/add/incoming"),
@@ -253,15 +255,13 @@ def register(request):
     except (CurrencyMismatch,
             BadFormatAmount,
             SameAccountException) as exc:
-        exc = exc
+        err = err_ctx(HttpResponseServerError(), exc)
     except DebtLimitExceededException as exc:
         request.session["no_initial_bonus"] = True
-        exc = exc
-
+        err = err_ctx(HttpResponseServerError(), exc)
     if "err" in locals():
-        LOGGER.error(exc)
-        return HttpResponseServerError()
-
+        LOGGER.error(err["msg"])
+        return err["resp"]
     request.session["just_registered"] = True
     user = django.contrib.auth.authenticate(username=username, 
password=password)
     django.contrib.auth.login(request, user)
@@ -422,10 +422,21 @@ def auth_and_login(request):
     return django.contrib.auth.authenticate(username=username,
                                             password=password)
 
+def login_via_headers(view_func):
+    def _decorator(request, *args, **kwargs):
+        user_account = auth_and_login(request)
+        if not user_account:
+            LOGGER.error("authentication failed")
+            return JsonResponse(dict(error="authentication failed"),
+                                status=401)
+        return view_func(request, user_account, *args, **kwargs)
+    return wraps(view_func)(_decorator)
+
 
 @csrf_exempt
 @require_POST
-def add_incoming(request):
address@hidden
+def add_incoming(request, user_account):
     """
     Internal API used by exchanges to notify the bank
     of incoming payments.
@@ -437,22 +448,12 @@ def add_incoming(request):
     subject = "%s %s" % (data["wtid"], data["exchange_url"])
     try:
         schemas.validate_incoming_request(data)
-    except ValueError as error:
-        LOGGER.error("Bad data POSTed: %s" % error)
-        return JsonResponse(dict(error="invalid data POSTed: %s" % error), 
status=400)
-
-    user_account = auth_and_login(request)
-
-    if not user_account:
-        LOGGER.error("authentication failed")
-        return JsonResponse(dict(error="authentication failed"),
-                            status=401)
+    except ValueError as exc:
+        LOGGER.error(exc)
+        return JsonResponse({"error": exc}, status=400)
 
     try:
         credit_account = BankAccount.objects.get(user=data["credit_account"])
-    except BankAccount.DoesNotExist:
-        return HttpResponse(status=404)
-    try:
         schemas.validate_amount(data["amount"])
         if settings.TALER_CURRENCY != data["amount"]["currency"]:
             LOGGER.error("Currency differs from bank's")
@@ -461,28 +462,28 @@ def add_incoming(request):
                                user_account.bankaccount,
                                credit_account,
                                subject)
-        return JsonResponse(dict(serial_id=wtrans.id,
-                                 timestamp="/Date(%s)/" %
-                                 int(wtrans.date.timestamp())))
+    except BankAccount.DoesNotExist:
+        return JsonResponse({"error": "credit_account not found"},
+                            status=404)
     except ValueError as exc:
-        return JsonResponse(dict(error=exc), status=400)
-
-    except BadFormatAmount:
-        LOGGER.error("Bad MAX_DEBT|MAX_BANK_DEBT format")
-        return JsonResponse(dict(error="Internal server error"),
-                            status=500)
-    except CurrencyMismatch:
-        LOGGER.error("Internal currency inconsistency")
-        return JsonResponse(dict(error="Internal server error"),
-                            status=500)
+        err = err_ctx(JsonResponse({"error": exc}, status=400), exc)
+    except (CurrencyMismatch, BadFormatAmount) as exc:
+        err = err_ctx(JsonResponse({"error": "Internal server error"},
+                                   status=500),
+                      exc)
     except SameAccountException:
-        return JsonResponse(dict(error="debit and credit account are the 
same"),
-                            status=422)
-    except DebtLimitExceededException:
-        LOGGER.info("Prevenetd transfer, debit account would go beyond debt 
threshold")
-        return JsonResponse(dict(error="debit count has reached its debt 
limit",
-                                 status=403),
-                            status=403)
+        err = err_ctx(JsonResponse({"error":"same debit and credit account"},
+                                   status=422),
+                      exc)
+    except DebtLimitExceededException as exc:
+        err = err_ctx(JsonResponse({"error": "debt situation"}, status=403),
+                      exc)
+    if "err" in locals():
+        LOGGER.error(err["msg"])
+        return err["resp"]
+    return JsonResponse({"serial_id": wtrans.id,
+                         "timestamp":
+                             "/Date(%s)/" % int(wtrans.date.timestamp())})
 
 @login_required
 @require_POST
@@ -512,6 +513,11 @@ def withdraw_nojs(request):
 
 
 def wire_transfer(amount, debit_account, credit_account, subject):
+    LOGGER.info("%s => %s, %s, %s" %
+        (debit_account.account_no,
+         credit_account.account_no,
+         amount.stringify(2),
+         subject))
     if debit_account.pk == credit_account.pk:
         LOGGER.error("Debit and credit account are the same!")
         raise SameAccountException()

-- 
To stop receiving notification emails like this one, please contact
address@hidden