## Script (Python) "interswitch_cb" ##bind container=container ##bind context=context ##bind namespace= ##bind script=script ##bind subpath=traverse_subpath ##parameters= ##title= ## # $Id: interswitch_request_cb2.py 5193 2010-05-14 11:38:09Z henrik $ """ payment callback """ try: from Products.zdb import set_trace except: def set_trace(): pass import logging logger = logging.getLogger('Skins.interswitch_request_cb2') from AccessControl import Unauthorized import DateTime now = DateTime.DateTime() if context.portal_membership.isAnonymousUser(): return None request = context.REQUEST students = context.portal_url.getPortalObject().campus.students wftool = context.portal_workflow mtool = context.portal_membership member = mtool.getAuthenticatedMember() member_id = str(member) #student_id = context.getStudentId() access_info = context.waeup_tool.getAccessInfo(context) student_id = access_info['student_id'] if not context.isSectionOfficer() and (student_id is None or student_id != member_id): logger.info('%s tried to access payment object of %s' % (member_id,student_id)) referer = request.get('HTTP_REFERER','none') logger.info('%s:%s illegal access, referer = %s' % (member_id,student_id,referer)) real_ip = request.get('HTTP_X_REAL_IP',"none") logger.info('%s:%s illegal access, real_x_ip = %s' % (member_id,student_id,real_ip)) return context.REQUEST.RESPONSE.redirect("%s/srp_anonymous_view" % context.portal_url()) referer = request.get('HTTP_REFERER','none') real_ip = request.get('HTTP_X_REAL_IP',"none") logger.info('%s, callback referer = %s, IP = %s' % (student_id,referer,real_ip)) #if not 'webpay.interswitchng.com' in referer and not 'waeup.org' in referer: # logger.info('%s, wrong callback referer %s, callback rejected, IP = %s' % (student_id,referer,real_ip)) # return request.RESPONSE.redirect("%s/waeup_document_view" % context.absolute_url()) student = getattr(students,student_id) resp_codes = ( #("desc","resp_desc"), #("resp","resp_code"), #("txnRef","pay_reference"), ("pin","resp_pay_reference"), #("retRef","retRef"), #("cardNum","resp_card_num"), ("appamt","resp_approved_amount"), ("msg","msg"), ("session","resp_session"), ("feename","resp_feename"), ("studentnum","resp_studentnum"), ("txndate","resp_txndate"), ("studentname","resp_studentname"), ) pd = {} for rc,pdk in resp_codes: pd[pdk] = request.get(rc,'') ## for testing purposes #pd['resp_desc'] = 'Simulated Callback' #pd['resp_pay_reference'] = 'XXXX' #pd['resp_code'] = '00' #pd['resp_card_num'] = '0000' #pd['resp_approved_amount'] = '4680000' if pd['resp_approved_amount'] and len(pd['resp_approved_amount']) > 4: pd['resp_approved_amount'] = pd['resp_approved_amount'][:-2] pd['status'] = 'paid' pd['resp_desc'] = pd['resp_feename'] + '|' + pd['resp_studentnum'] + '|' + pd['resp_studentname'] + '|' + pd['resp_txndate'] + '|' + pd['resp_session'] pd['resp_code'] = 'RP' pd['date'] = now else: pd['resp_approved_amount'] = '0' pd['status'] = 'failed' pd['resp_desc'] = pd['msg'] pd['date'] = now review_state = wftool.getInfoFor(context,'review_state',None) if not pd['resp_approved_amount']: logger.info('%s requeried payment %s for %s and got empty response' % (member,context.getId(),student_id)) return request.RESPONSE.redirect("%s/waeup_document_view" % context.absolute_url()) if access_info['is_student'] and review_state == 'closed': wftool.doActionFor(context,'open') pay_doc = context.getContent() resp = pd['resp_approved_amount'] pay_doc.edit(mapping = pd) if resp: logger.info('%s received valid callback' % student_id) logger.info('%s paid second instalment' % student_id) else: logger.info('%s received unsuccessful callback: %s' % (student_id,pd['resp_desc'])) review_state = wftool.getInfoFor(context,'review_state',None) if review_state == 'opened': wftool.doActionFor(context,'close') return request.RESPONSE.redirect("%s/waeup_document_view" % context.absolute_url())