source: main/kofacustom.nigeria/trunk/src/kofacustom/nigeria/etranzact/applicantsbrowser.py @ 16189

Last change on this file since 16189 was 15974, checked in by Henrik Bettermann, 5 years ago

Do not allow to submit forms to other companies than payment.r_company.

  • Property svn:keywords set to Id
File size: 8.4 KB
Line 
1## $Id: applicantsbrowser.py 15974 2020-01-31 21:50:08Z henrik $
2##
3## Copyright (C) 2017 Uli Fouquet & Henrik Bettermann
4## This program is free software; you can redistribute it and/or modify
5## it under the terms of the GNU General Public License as published by
6## the Free Software Foundation; either version 2 of the License, or
7## (at your option) any later version.
8##
9## This program is distributed in the hope that it will be useful,
10## but WITHOUT ANY WARRANTY; without even the implied warranty of
11## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12## GNU General Public License for more details.
13##
14## You should have received a copy of the GNU General Public License
15## along with this program; if not, write to the Free Software
16## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
17##
18import grok
19import hashlib
20from datetime import datetime, timedelta
21from zope.component import getUtility
22from zope.security import checkPermission
23from waeup.kofa.interfaces import IKofaUtils
24from waeup.kofa.utils.helpers import to_timezone
25from waeup.kofa.browser.layout import UtilityView, KofaPage
26from waeup.kofa.browser.viewlets import ManageActionButton
27from kofacustom.nigeria.etranzact.helpers import (
28    write_payments_log, process_response, query_history)
29from kofacustom.nigeria.applicants.browser import NigeriaOnlinePaymentDisplayFormPage as NOPDPApplicant
30from kofacustom.nigeria.payments.interfaces import INigeriaOnlinePayment
31from kofacustom.nigeria.applicants.interfaces import INigeriaApplicantOnlinePayment
32from kofacustom.nigeria.interfaces import MessageFactory as _
33from kofacustom.nigeria.etranzact.studentsbrowser import webconnect_module_activated
34from kofacustom.nigeria.etranzact.tests import (
35    TERMINAL_ID, HOST, HTTPS, SECRET_KEY, LOGO_URL, GATEWAY_AMT)
36
37grok.templatedir('browser_templates')
38
39class EtranzactActionButtonApplicant(ManageActionButton):
40    grok.order(1)
41    grok.context(INigeriaOnlinePayment)
42    grok.view(NOPDPApplicant)
43    grok.require('waeup.payApplicant')
44    icon = 'actionicon_pay.png'
45    text = _('Pay via Etranzact WebConnect')
46    target = 'goto_etranzact'
47
48    @property
49    def target_url(self):
50        if not webconnect_module_activated(
51            self.context.__parent__.__parent__.year, self.context):
52            return ''
53        if self.context.p_state != 'unpaid':
54            return ''
55        return self.view.url(self.view.context, self.target)
56
57class EtranzactRequeryActionButtonApplicant(ManageActionButton):
58    grok.order(2)
59    grok.context(INigeriaOnlinePayment)
60    grok.view(NOPDPApplicant)
61    grok.require('waeup.payApplicant')
62    icon = 'actionicon_call.png'
63    text = _('Requery Etranzact WebConnect History')
64    target = 'requery_history'
65
66    @property
67    def target_url(self):
68        if not webconnect_module_activated(
69            self.context.__parent__.__parent__.year, self.context):
70            return ''
71        if self.context.p_state in ('paid', 'waived', 'scholarship'):
72            return ''
73        return self.view.url(self.view.context, self.target)
74
75class EtranzactPageApplicant(KofaPage):
76    """ View which sends a POST request to the Etranzact payment gateway.
77    """
78    grok.context(INigeriaApplicantOnlinePayment)
79    grok.name('goto_etranzact')
80    grok.template('goto_etranzact')
81    grok.require('waeup.payApplicant')
82    label = _('Pay via Etranzact')
83    submit_button = _('Pay now')
84
85    host = HOST
86    https = HTTPS
87    secret_key = SECRET_KEY
88    terminal_id = TERMINAL_ID
89    logo_url = LOGO_URL
90    gateway_amt = GATEWAY_AMT
91
92    @property
93    def action(self):
94        if self.https:
95            return 'https://' + self.host + '/webconnect/v3/caller.jsp'
96        return 'http://' + self.host + '/webconnect/v3/caller.jsp'
97
98    def init_update(self):
99        if self.context.p_state == 'paid':
100            return _("Payment ticket can't be re-sent to Etranzact.")
101        now = datetime.utcnow()
102        if self.context.creation_date.tzinfo is not None:
103            # That's bad. Please store timezone-naive datetimes only!
104            now = self.context.creation_date.tzinfo.localize(now)
105        time_delta = now - self.context.creation_date
106        if time_delta.days > 7:
107            return _("This payment ticket is too old. Please create a new ticket.")
108        # In contrast to the procedure in the Remita and Interswitch modules,
109        # we do not call requery_history but receive and evaluate
110        # the response form from Etranzact directly. This is possible
111        # because Etranzact provides the FINAL_CHECKSUM hash value
112        # which authenticates the response.
113        self.responseurl = self.url(self.context, 'receive_etranzact')
114        self.transaction_id = self.context.p_id
115        hashargs =      self.amount + self.terminal_id + self.transaction_id \
116            + self.responseurl + self.secret_key
117        self.hashvalue = hashlib.md5(hashargs).hexdigest()
118        self.customer = self.context.__parent__
119        return
120
121    def update(self):
122        if not webconnect_module_activated(
123            self.context.__parent__.__parent__.year, self.context):
124            self.flash(_('Forbidden'), type='danger')
125            self.redirect(self.url(self.context, '@@index'))
126            return
127        # Already now it becomes an Etranzact payment. We set the net amount
128        # and add the gateway amount.
129        if not self.context.r_company:
130            self.context.net_amt = self.context.amount_auth
131            self.context.amount_auth += self.gateway_amt
132            self.context.gateway_amt = self.gateway_amt
133            self.context.r_company = u'etranzact'
134        self.amount = "%.1f" % self.context.amount_auth
135        error = self.init_update()
136        if error:
137            self.flash(error, type='danger')
138            self.redirect(self.url(self.context, '@@index'))
139            return
140        return
141
142class EtranzactReceiveResponseApplicant(NOPDPApplicant):
143    """ View that receives the response from eTrantact payment gateway.
144    """
145    grok.name('receive_etranzact')
146
147    secret_key = SECRET_KEY
148    terminal_id = TERMINAL_ID
149
150    def update(self):
151        super(EtranzactReceiveResponseApplicant, self).update()
152        if not webconnect_module_activated(
153            self.context.__parent__.__parent__.year, self.context):
154            self.flash(_('Forbidden'), type='danger')
155            self.redirect(self.url(self.context, '@@index'))
156            return
157        applicant = self.context.__parent__
158        form = self.request.form
159        verify = False
160        if self.context.p_state == 'paid':
161            verify = True
162        success, msg, log = process_response(self.context, form, self, verify)
163        applicant.writeLogMessage(self, log)
164        if not success:
165            self.flash(msg, type='danger')
166            return
167        write_payments_log(applicant.applicant_id, self.context)
168        flashtype, msg, log = self.context.doAfterApplicantPayment()
169        if log is not None:
170            applicant.writeLogMessage(self, log)
171        self.flash(msg, type=flashtype)
172        return
173
174class EtranzactRequestPaymentStatusPageApplicant(UtilityView, grok.View):
175    """ Request webservice view for the Etranzact gateway.
176    """
177    grok.context(INigeriaApplicantOnlinePayment)
178    grok.name('requery_history')
179    grok.require('waeup.payApplicant')
180
181    host = HOST
182    https = HTTPS
183    secret_key = SECRET_KEY
184    terminal_id = TERMINAL_ID
185    logo_url = LOGO_URL
186
187    def update(self):
188        if not webconnect_module_activated(
189            self.context.__parent__.__parent__.year, self.context):
190            self.flash(_('Forbidden'), type='danger')
191            self.redirect(self.url(self.context, '@@index'))
192            return
193        if self.context.p_state in ('paid', 'waived', 'scholarship'):
194            self.flash(_('This ticket has already been paid.'), type='danger')
195            return
196        applicant = self.context.__parent__
197        verify = False
198        raw, form = query_history(self.host, self.terminal_id,
199                                  self.context.p_id, self.https)
200        success, msg, log = process_response(self.context, form, self, verify)
201        applicant.writeLogMessage(self, log)
202        if not success:
203            self.flash(msg, type='danger')
204            return
205        write_payments_log(applicant.applicant_id, self.context)
206        flashtype, msg, log = self.context.doAfterApplicantPayment()
207        if log is not None:
208            applicant.writeLogMessage(self, log)
209        self.flash(msg, type=flashtype)
210        return
211
212    def render(self):
213        self.redirect(self.url(self.context))
214        return
Note: See TracBrowser for help on using the repository browser.