From ddf72146dee17bdcf9c20df938ac395a1df398bf Mon Sep 17 00:00:00 2001 From: seba Date: Thu, 29 Sep 2011 14:14:29 +0200 Subject: [PATCH] Buying will work... soon... --- k4ever/api2/decorators.py | 23 +++++++++++++++++++++++ k4ever/api2/handlers.py | 30 +++++++++++++++++++++++++----- k4ever/api2/urls.py | 4 ++-- k4ever/settings.py | 1 + 4 files changed, 51 insertions(+), 7 deletions(-) create mode 100644 k4ever/api2/decorators.py diff --git a/k4ever/api2/decorators.py b/k4ever/api2/decorators.py new file mode 100644 index 0000000..8a05cb3 --- /dev/null +++ b/k4ever/api2/decorators.py @@ -0,0 +1,23 @@ +from functools import wraps + +def changeUserOnPlugin(apiFunc): + """ Changes to a given user when the authenticated user is an plugin + + When the user which called the apifunc is an plugin this function + goes through the following steps: + - searches the user it should change to + - checks if this user allowed the plugin to "speak for him" + - change the request so it looks like the user called himself + - add an plugin_user entry containing the previous request user + This decorator is intended to be used with django piston, so on error + it will return the appropriate rc.* values. + """ + + @wraps(apiFunc) + def wrapper(self, request, *args, **kwargs): + return self.apiFunc(request, *args, **kwargs) + return wrapper + + + + diff --git a/k4ever/api2/handlers.py b/k4ever/api2/handlers.py index 20b998d..48d99e9 100644 --- a/k4ever/api2/handlers.py +++ b/k4ever/api2/handlers.py @@ -2,12 +2,13 @@ from piston.handler import BaseHandler from piston.utils import rc from k4ever.buyable.models import * from k4ever.transaction.models import * +from decorators import changeUserOnPlugin class BuyableItemHandler(BaseHandler): allowed_methods = ('GET', 'POST') #fields = ('id', 'description') model = Buyable - exclude = ('_state',) + exclude = ('_*',) def read(self, request, itemId=None): if itemId == None: @@ -23,7 +24,7 @@ class BuyableItemHandler(BaseHandler): error.write("This buyable does not exist in our database") return error - def getInt(d, key, default): + def getInt(self, d, key, default): try: return int(d.get(key, default)) except ValueError: @@ -32,9 +33,9 @@ class BuyableItemHandler(BaseHandler): def create(self, request, itemId=None): if not itemId: return rc.BAD_REQUEST - obj = None + item = None try: - obj = Buyables.objects.get(id=itemId) + item = Buyable.objects.get(id=itemId) except Buyable.DoesNotExist: return rc.NOT_FOUND @@ -42,7 +43,26 @@ class BuyableItemHandler(BaseHandler): data = request.POST deposit = self.getInt(data, 'deposit', 0) amount = self.getInt(data, 'amount', 1) - + if amount < 1: + return rc.BAD_REQUEST + if item.hasDeposit() and deposit > 0: + return rc.BAD_REQUEST # this is just the user being plain stupid + order = Order() + order.create(request.user) + try: + order.save() + except Exception, e: + return str(e) + return rc.ALL_OK + for i in range(amount): + p = Purchase.create(order, item, isDeposit=False) + p.save() + if deposit > 0: + p = Purchase.create(order, item, isDeposit=True) + p.save() + order.updatePrice(commit=True) + order.save() + return rc.ALL_OK class BuyableTypeHandler(BaseHandler): diff --git a/k4ever/api2/urls.py b/k4ever/api2/urls.py index d12b651..cfd604a 100644 --- a/k4ever/api2/urls.py +++ b/k4ever/api2/urls.py @@ -21,8 +21,8 @@ buyableTypeRes = CsrfExemptResource(handler=BuyableTypeHandler, **ad) transactionTransactRes = CsrfExemptResource(handler=TransactionTransactHandler, **ad) transactionTypeRes = CsrfExemptResource(handler=TransactionTypeHandler, **ad) -authBlobRes = Resource(handler=AuthBlobHandler, **ad) -configRes = Resource(handler=ConfigHandler, **ad) +authBlobRes = CsrfExemptResource(handler=AuthBlobHandler, **ad) +configRes = CsrfExemptResource(handler=ConfigHandler, **ad) urlpatterns = patterns('', diff --git a/k4ever/settings.py b/k4ever/settings.py index a814103..b02f66a 100644 --- a/k4ever/settings.py +++ b/k4ever/settings.py @@ -5,6 +5,7 @@ import ldap DEBUG = True TEMPLATE_DEBUG = DEBUG PISTON_DISPLAY_ERRORS = DEBUG +DEBUG_PROPOGATE_EXCEPTIONS = True ADMINS = ( # ('Your Name', 'your_email@domain.com'),