| 1 | ## Script (Python) "interswitch_cb" |
|---|
| 2 | ##bind container=container |
|---|
| 3 | ##bind context=context |
|---|
| 4 | ##bind namespace= |
|---|
| 5 | ##bind script=script |
|---|
| 6 | ##bind subpath=traverse_subpath |
|---|
| 7 | ##parameters= |
|---|
| 8 | ##title= |
|---|
| 9 | ## |
|---|
| 10 | # $Id: interswitch_request_cb2.py 5193 2010-05-14 11:38:09Z henrik $ |
|---|
| 11 | """ |
|---|
| 12 | payment callback |
|---|
| 13 | """ |
|---|
| 14 | try: |
|---|
| 15 | from Products.zdb import set_trace |
|---|
| 16 | except: |
|---|
| 17 | def set_trace(): |
|---|
| 18 | pass |
|---|
| 19 | import logging |
|---|
| 20 | logger = logging.getLogger('Skins.interswitch_request_cb2') |
|---|
| 21 | from AccessControl import Unauthorized |
|---|
| 22 | import DateTime |
|---|
| 23 | |
|---|
| 24 | now = DateTime.DateTime() |
|---|
| 25 | |
|---|
| 26 | if context.portal_membership.isAnonymousUser(): |
|---|
| 27 | return None |
|---|
| 28 | |
|---|
| 29 | request = context.REQUEST |
|---|
| 30 | students = context.portal_url.getPortalObject().campus.students |
|---|
| 31 | wftool = context.portal_workflow |
|---|
| 32 | mtool = context.portal_membership |
|---|
| 33 | member = mtool.getAuthenticatedMember() |
|---|
| 34 | member_id = str(member) |
|---|
| 35 | #student_id = context.getStudentId() |
|---|
| 36 | access_info = context.waeup_tool.getAccessInfo(context) |
|---|
| 37 | student_id = access_info['student_id'] |
|---|
| 38 | if not context.isSectionOfficer() and (student_id is None or student_id != member_id): |
|---|
| 39 | logger.info('%s tried to access payment object of %s' % (member_id,student_id)) |
|---|
| 40 | referer = request.get('HTTP_REFERER','none') |
|---|
| 41 | logger.info('%s:%s illegal access, referer = %s' % (member_id,student_id,referer)) |
|---|
| 42 | real_ip = request.get('HTTP_X_REAL_IP',"none") |
|---|
| 43 | logger.info('%s:%s illegal access, real_x_ip = %s' % (member_id,student_id,real_ip)) |
|---|
| 44 | return context.REQUEST.RESPONSE.redirect("%s/srp_anonymous_view" % context.portal_url()) |
|---|
| 45 | |
|---|
| 46 | referer = request.get('HTTP_REFERER','none') |
|---|
| 47 | real_ip = request.get('HTTP_X_REAL_IP',"none") |
|---|
| 48 | logger.info('%s, callback referer = %s, IP = %s' % (student_id,referer,real_ip)) |
|---|
| 49 | |
|---|
| 50 | #if not 'webpay.interswitchng.com' in referer and not 'waeup.org' in referer: |
|---|
| 51 | # logger.info('%s, wrong callback referer %s, callback rejected, IP = %s' % (student_id,referer,real_ip)) |
|---|
| 52 | # return request.RESPONSE.redirect("%s/waeup_document_view" % context.absolute_url()) |
|---|
| 53 | |
|---|
| 54 | student = getattr(students,student_id) |
|---|
| 55 | |
|---|
| 56 | resp_codes = ( |
|---|
| 57 | #("desc","resp_desc"), |
|---|
| 58 | #("resp","resp_code"), |
|---|
| 59 | #("txnRef","pay_reference"), |
|---|
| 60 | ("pin","resp_pay_reference"), |
|---|
| 61 | #("retRef","retRef"), |
|---|
| 62 | #("cardNum","resp_card_num"), |
|---|
| 63 | ("appamt","resp_approved_amount"), |
|---|
| 64 | ("msg","msg"), |
|---|
| 65 | ("session","resp_session"), |
|---|
| 66 | ("feename","resp_feename"), |
|---|
| 67 | ("studentnum","resp_studentnum"), |
|---|
| 68 | ("txndate","resp_txndate"), |
|---|
| 69 | ("studentname","resp_studentname"), |
|---|
| 70 | ) |
|---|
| 71 | |
|---|
| 72 | pd = {} |
|---|
| 73 | for rc,pdk in resp_codes: |
|---|
| 74 | pd[pdk] = request.get(rc,'') |
|---|
| 75 | |
|---|
| 76 | ## for testing purposes |
|---|
| 77 | #pd['resp_desc'] = 'Simulated Callback' |
|---|
| 78 | #pd['resp_pay_reference'] = 'XXXX' |
|---|
| 79 | #pd['resp_code'] = '00' |
|---|
| 80 | #pd['resp_card_num'] = '0000' |
|---|
| 81 | #pd['resp_approved_amount'] = '4680000' |
|---|
| 82 | |
|---|
| 83 | if pd['resp_approved_amount'] and len(pd['resp_approved_amount']) > 4: |
|---|
| 84 | pd['resp_approved_amount'] = pd['resp_approved_amount'][:-2] |
|---|
| 85 | pd['status'] = 'paid' |
|---|
| 86 | pd['resp_desc'] = pd['resp_feename'] + '|' + pd['resp_studentnum'] + '|' + pd['resp_studentname'] + '|' + pd['resp_txndate'] + '|' + pd['resp_session'] |
|---|
| 87 | pd['resp_code'] = 'RP' |
|---|
| 88 | pd['date'] = now |
|---|
| 89 | else: |
|---|
| 90 | pd['resp_approved_amount'] = '0' |
|---|
| 91 | pd['status'] = 'failed' |
|---|
| 92 | pd['resp_desc'] = pd['msg'] |
|---|
| 93 | pd['date'] = now |
|---|
| 94 | |
|---|
| 95 | review_state = wftool.getInfoFor(context,'review_state',None) |
|---|
| 96 | if not pd['resp_approved_amount']: |
|---|
| 97 | logger.info('%s requeried payment %s for %s and got empty response' % (member,context.getId(),student_id)) |
|---|
| 98 | return request.RESPONSE.redirect("%s/waeup_document_view" % context.absolute_url()) |
|---|
| 99 | if access_info['is_student'] and review_state == 'closed': |
|---|
| 100 | wftool.doActionFor(context,'open') |
|---|
| 101 | pay_doc = context.getContent() |
|---|
| 102 | resp = pd['resp_approved_amount'] |
|---|
| 103 | |
|---|
| 104 | pay_doc.edit(mapping = pd) |
|---|
| 105 | |
|---|
| 106 | if resp: |
|---|
| 107 | logger.info('%s received valid callback' % student_id) |
|---|
| 108 | logger.info('%s paid second instalment' % student_id) |
|---|
| 109 | else: |
|---|
| 110 | logger.info('%s received unsuccessful callback: %s' % (student_id,pd['resp_desc'])) |
|---|
| 111 | |
|---|
| 112 | review_state = wftool.getInfoFor(context,'review_state',None) |
|---|
| 113 | if review_state == 'opened': |
|---|
| 114 | wftool.doActionFor(context,'close') |
|---|
| 115 | |
|---|
| 116 | return request.RESPONSE.redirect("%s/waeup_document_view" % context.absolute_url()) |
|---|
| 117 | |
|---|
