Context navigation

source: main/kofacustom.nigeria/trunk/src/kofacustom/nigeria/interswitch/browser.py @ 17604

Last change on this file since 17604 was 17604, checked in by Henrik Bettermann, 12 months ago
Open function to allow receiving POST requests.
Property svn:keywords set to `Id`
File size: 17.1 KB

Rev	Line
[9781]	1	## $Id: browser.py 17604 2023-10-08 07:20:49Z henrik $
	2	##
	3	## Copyright (C) 2012 Uli Fouquet & Henrik Bettermann
	4	## This program is free software; you can redistribute it and/or modify
	5	## it under the terms of the GNU General Public License as published by
	6	## the Free Software Foundation; either version 2 of the License, or
	7	## (at your option) any later version.
	8	##
	9	## This program is distributed in the hope that it will be useful,
	10	## but WITHOUT ANY WARRANTY; without even the implied warranty of
	11	## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	12	## GNU General Public License for more details.
	13	##
	14	## You should have received a copy of the GNU General Public License
	15	## along with this program; if not, write to the Free Software
	16	## Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	17	##
	18	import grok
[12973]	19	from datetime import datetime, timedelta
[11630]	20	from zope.component import getUtility
[13578]	21	from zope.security import checkPermission
[11630]	22	from waeup.kofa.interfaces import IKofaUtils
	23	from waeup.kofa.utils.helpers import to_timezone
[16484]	24	from waeup.kofa.browser.layout import UtilityView, KofaPage, KofaFormPage, action
[9781]	25	from waeup.kofa.browser.viewlets import ManageActionButton
[11642]	26	from waeup.kofa.students.interfaces import IStudentsUtils
[9781]	27	from waeup.kofa.students.browser import OnlinePaymentDisplayFormPage as OPDPStudent
	28	from waeup.kofa.applicants.browser import OnlinePaymentDisplayFormPage as OPDPApplicant
	29	from kofacustom.nigeria.interswitch.helpers import (
[16484]	30	query_interswitch, write_payments_log, fetch_booking_details)
[9781]	31	from kofacustom.nigeria.payments.interfaces import INigeriaOnlinePayment
	32	from kofacustom.nigeria.students.interfaces import INigeriaStudentOnlinePayment
	33	from kofacustom.nigeria.applicants.interfaces import INigeriaApplicantOnlinePayment
[16484]	34	from kofacustom.nigeria.interswitch.tests import PAYDIRECT_URL, PAYDIRECT_HOST, MERCHANT_ID
[9781]	35	from kofacustom.nigeria.interfaces import MessageFactory as _
	36
[15755]	37	GATEWAY_AMT = 300.0
	38
[13581]	39	# Buttons
	40
[15770]	41	def module_activated(session, payment):
[17248]	42	if payment.p_currency != 'NGN':
	43	return False
[15770]	44	if payment.r_company and payment.r_company != 'interswitch':
	45	return False
[14755]	46	try:
	47	return getattr(grok.getSite()['configuration'][str(session)],
	48	'interswitch_enabled', True)
	49	except KeyError:
[16246]	50	session = datetime.now().year
	51	try:
	52	return getattr(grok.getSite()['configuration'][str(session)],
	53	'interswitch_enabled', True)
	54	except KeyError:
	55	return False
[14755]	56
[9781]	57	class InterswitchActionButtonStudent(ManageActionButton):
	58	grok.order(1)
	59	grok.context(INigeriaOnlinePayment)
	60	grok.view(OPDPStudent)
	61	grok.require('waeup.payStudent')
	62	icon = 'actionicon_pay.png'
[16484]	63	text = _('Pay via Interswitch CollegePAY')
[9781]	64	target = 'goto_interswitch'
	65
	66	@property
	67	def target_url(self):
[15770]	68	if not module_activated(
	69	self.context.student.current_session, self.context):
[14755]	70	return ''
[9781]	71	if self.context.p_state != 'unpaid':
	72	return ''
[16880]	73	if self.context.amount_auth == 0:
	74	return ''
[9781]	75	return self.view.url(self.view.context, self.target)
	76
	77	class InterswitchActionButtonApplicant(InterswitchActionButtonStudent):
	78	grok.view(OPDPApplicant)
	79	grok.require('waeup.payApplicant')
	80
[14755]	81	@property
	82	def target_url(self):
[15770]	83	if not module_activated(
	84	self.context.__parent__.__parent__.year, self.context):
[14755]	85	return ''
	86	if self.context.p_state != 'unpaid':
	87	return ''
[16880]	88	if self.context.amount_auth == 0:
	89	return ''
[14755]	90	return self.view.url(self.view.context, self.target)
	91
[9781]	92	class InterswitchRequestWebserviceActionButtonStudent(ManageActionButton):
	93	grok.order(2)
	94	grok.context(INigeriaOnlinePayment)
	95	grok.view(OPDPStudent)
	96	grok.require('waeup.payStudent')
	97	icon = 'actionicon_call.png'
[16484]	98	text = _('Requery CollegePAY History')
[9781]	99	target = 'request_webservice'
	100
	101	@property
	102	def target_url(self):
[15770]	103	if not module_activated(
	104	self.context.student.current_session, self.context):
[14755]	105	return ''
[16881]	106	if self.context.amount_auth == 0:
	107	return ''
[15842]	108	if self.context.p_state in ('paid', 'waived', 'scholarship'):
[9781]	109	return ''
	110	return self.view.url(self.view.context, self.target)
	111
	112	class InterswitchRequestWebserviceActionButtonApplicant(
	113	InterswitchRequestWebserviceActionButtonStudent):
	114	grok.view(OPDPApplicant)
	115	grok.require('waeup.payApplicant')
	116
[14755]	117	@property
	118	def target_url(self):
[15770]	119	if not module_activated(
	120	self.context.__parent__.__parent__.year, self.context):
[14755]	121	return ''
[16881]	122	if self.context.amount_auth == 0:
	123	return ''
[15842]	124	if self.context.p_state in ('paid', 'waived', 'scholarship'):
[14755]	125	return ''
	126	return self.view.url(self.view.context, self.target)
	127
[13581]	128	class InterswitchVerifyWebserviceActionButtonStudent(ManageActionButton):
	129	grok.order(3)
	130	grok.context(INigeriaOnlinePayment)
	131	grok.view(OPDPStudent)
	132	grok.require('waeup.manageStudent')
	133	icon = 'actionicon_call.png'
	134	text = _('Verify Payment')
	135	target = 'verify_payment'
	136
	137	@property
	138	def target_url(self):
[15770]	139	if not module_activated(
	140	self.context.student.current_session, self.context):
[14755]	141	return ''
[13585]	142	if self.context.p_state != 'paid' \
	143	or self.context.r_company != u'interswitch':
[13581]	144	return ''
	145	return self.view.url(self.view.context, self.target)
	146
	147	class InterswitchVerifyWebserviceActionButtonApplicant(
	148	InterswitchVerifyWebserviceActionButtonStudent):
	149	grok.view(OPDPApplicant)
	150	grok.require('waeup.manageApplication')
	151
[14755]	152	@property
	153	def target_url(self):
[15770]	154	if not module_activated(
	155	self.context.__parent__.__parent__.year, self.context):
[14755]	156	return ''
	157	if self.context.p_state != 'paid' \
	158	or self.context.r_company != u'interswitch':
	159	return ''
	160	return self.view.url(self.view.context, self.target)
[13581]	161
	162	# Webservice request views
	163
[9781]	164	class InterswitchPaymentRequestWebservicePageStudent(UtilityView, grok.View):
	165	""" Request webservice view for the CollegePAY gateway
	166	"""
	167	grok.context(INigeriaStudentOnlinePayment)
	168	grok.name('request_webservice')
	169
[17604]	170	#grok.require('waeup.payStudent')
	171
	172	# Function temporarily opened on 08/10/23 because Interswitch is sending
	173	# POST requests instead of GET requests. Usually all browsers protect
	174	# against cross-site attacks by removing cookies included in requests
	175	# originating from other websites. In other words, the cookies with the
	176	# session id, which is used for authentication is beeing removed when
	177	# receiving a POST request from the Interswitch platform.
	178	grok.require('waeup.Public')
	179
[9781]	180	product_id = None
	181	gateway_host = None
	182	gateway_url = None
[13044]	183	https = True
[13387]	184	mac = None
[9781]	185
	186	def update(self):
[15770]	187	if not module_activated(
	188	self.context.student.current_session, self.context):
[14755]	189	return
[15842]	190	if self.context.p_state in ('paid', 'waived', 'scholarship'):
[13579]	191	self.flash(_('This ticket has already been paid.'), type='danger')
[9781]	192	return
	193	student = self.context.student
	194	success, msg, log = query_interswitch(
[11915]	195	self.context, self.product_id,
	196	self.gateway_host, self.gateway_url,
[13584]	197	self.https, self.mac, False)
[9781]	198	student.writeLogMessage(self, log)
	199	if not success:
[11579]	200	self.flash(msg, type='danger')
[9781]	201	return
	202	write_payments_log(student.student_id, self.context)
[11581]	203	flashtype, msg, log = self.context.doAfterStudentPayment()
[9781]	204	if log is not None:
	205	student.writeLogMessage(self, log)
[11581]	206	self.flash(msg, type=flashtype)
[9781]	207	return
	208
	209	def render(self):
	210	self.redirect(self.url(self.context, '@@index'))
	211	return
	212
	213	class InterswitchPaymentRequestWebservicePageApplicant(UtilityView, grok.View):
	214	""" Request webservice view for the CollegePAY gateway
	215	"""
	216	grok.context(INigeriaApplicantOnlinePayment)
	217	grok.name('request_webservice')
	218	grok.require('waeup.payApplicant')
	219
	220	product_id = None
	221	gateway_host = None
	222	gateway_url = None
[13044]	223	https = True
[13387]	224	mac = None
[9781]	225
	226	def update(self):
[15770]	227	if not module_activated(
	228	self.context.__parent__.__parent__.year, self.context):
[14755]	229	return
[13580]	230	if self.context.p_state == 'paid':
[11642]	231	self.flash(_('This ticket has already been paid.'), type='danger')
[9781]	232	return
	233	applicant = self.context.__parent__
	234	success, msg, log = query_interswitch(
[11915]	235	self.context, self.product_id,
	236	self.gateway_host, self.gateway_url,
[13584]	237	self.https, self.mac, False)
[9781]	238	applicant.writeLogMessage(self, log)
	239	if not success:
[11579]	240	self.flash(msg, type='danger')
[9781]	241	return
	242	write_payments_log(applicant.applicant_id, self.context)
[11581]	243	flashtype, msg, log = self.context.doAfterApplicantPayment()
[9781]	244	if log is not None:
	245	applicant.writeLogMessage(self, log)
[11581]	246	self.flash(msg, type=flashtype)
[9781]	247	return
	248
	249	def render(self):
[15529]	250	self.redirect(self.url(self.context.__parent__, 'edit'))
[9781]	251	return
[11630]	252
[13581]	253	class InterswitchPaymentVerifyWebservicePageStudent(UtilityView, grok.View):
	254	""" Verify payment view for the CollegePAY gateway
	255	"""
	256	grok.context(INigeriaStudentOnlinePayment)
	257	grok.name('verify_payment')
	258	grok.require('waeup.manageStudent')
	259
	260	product_id = None
	261	gateway_host = None
	262	gateway_url = None
	263	https = True
	264	mac = None
	265
	266	def update(self):
[15770]	267	if not module_activated(
	268	self.context.student.current_session, self.context):
[14755]	269	return
[13585]	270	if self.context.p_state != 'paid' \
	271	or self.context.r_company != u'interswitch':
[13581]	272	self.flash(_('This ticket has not been paid.'), type='danger')
	273	return
	274	student = self.context.student
	275	success, msg, log = query_interswitch(
	276	self.context, self.product_id,
	277	self.gateway_host, self.gateway_url,
[13584]	278	self.https, self.mac, True)
[13581]	279	student.writeLogMessage(self, log)
	280	if not success:
	281	self.flash(msg, type='danger')
	282	return
	283	self.flash(msg)
	284	return
	285
	286	def render(self):
	287	self.redirect(self.url(self.context, '@@index'))
	288	return
	289
	290	class InterswitchPaymentVerifyWebservicePageApplicant(UtilityView, grok.View):
	291	""" Verify payment view for the CollegePAY gateway
	292	"""
	293	grok.context(INigeriaApplicantOnlinePayment)
	294	grok.name('verify_payment')
	295	grok.require('waeup.manageApplication')
	296
	297	product_id = None
	298	gateway_host = None
	299	gateway_url = None
	300	https = True
	301	mac = None
	302
	303	def update(self):
[15770]	304	if not module_activated(
	305	self.context.__parent__.__parent__.year, self.context):
[14755]	306	return
[13585]	307	if self.context.p_state != 'paid' \
	308	or self.context.r_company != u'interswitch':
[13581]	309	self.flash(_('This ticket has not been paid.'), type='danger')
	310	return
	311	applicant = self.context.__parent__
	312	success, msg, log = query_interswitch(
	313	self.context, self.product_id,
	314	self.gateway_host, self.gateway_url,
[13584]	315	self.https, self.mac, True)
[13581]	316	applicant.writeLogMessage(self, log)
	317	if not success:
	318	self.flash(msg, type='danger')
	319	return
	320	self.flash(msg)
	321	return
	322
	323	def render(self):
	324	self.redirect(self.url(self.context, '@@index'))
	325	return
	326
	327	# Forwarding pages
	328
[11630]	329	class InterswitchPageStudent(KofaPage):
	330	""" View which sends a POST request to the Interswitch
	331	CollegePAY payment gateway.
	332	"""
	333	grok.context(INigeriaOnlinePayment)
	334	grok.name('goto_interswitch')
	335	grok.template('student_goto_interswitch')
	336	grok.require('waeup.payStudent')
[16484]	337	label = _('Submit data to CollegePAY')
[11630]	338	submit_button = _('Submit')
	339
[11639]	340	action = None
	341	site_name = None
	342	currency = None
	343	pay_item_id = None
	344	product_id = None
	345	xml_data = None
[12477]	346	hashvalue = None
[15755]	347	gateway_amt = GATEWAY_AMT
[11639]	348
[11642]	349	def init_update(self):
[11630]	350	if self.context.p_state == 'paid':
[11642]	351	return _("Payment ticket can't be re-sent to CollegePAY.")
[13478]	352	now = datetime.utcnow()
	353	if self.context.creation_date.tzinfo is not None:
	354	# That's bad. Please store timezone-naive datetimes only!
	355	now = self.context.creation_date.tzinfo.localize(now)
	356	time_delta = now - self.context.creation_date
[13015]	357	if time_delta.days > 7:
[12973]	358	return _("This payment ticket is too old. Please create a new ticket.")
[15755]	359	if self.context.r_company and self.context.r_company != 'interswitch':
	360	return _("Payment ticket has been used for another payment gateway.")
[11642]	361	student = self.context.student
[11630]	362	certificate = getattr(student['studycourse'],'certificate',None)
	363	if certificate is None:
[11642]	364	return _("Study course data are incomplete.")
[11639]	365	kofa_utils = getUtility(IKofaUtils)
[11642]	366	student_utils = getUtility(IStudentsUtils)
	367	if student_utils.samePaymentMade(student, self.context.p_category,
	368	self.context.p_item, self.context.p_session):
	369	return _("This type of payment has already been made.")
[11630]	370	xmldict = {}
	371	if certificate is not None:
	372	xmldict['department'] = certificate.__parent__.__parent__.code
	373	xmldict['faculty'] = certificate.__parent__.__parent__.__parent__.code
	374	else:
	375	xmldict['department'] = None
	376	xmldict['faculty'] = None
[12509]	377	self.category = self.context.category
[11639]	378	tz = kofa_utils.tzinfo
[11630]	379	self.local_date_time = to_timezone(
	380	self.context.creation_date, tz).strftime("%Y-%m-%d %H:%M:%S %Z")
	381	self.site_redirect_url = self.url(self.context, 'request_webservice')
[11642]	382	self.student = student
	383	self.xmldict = xmldict
	384	return
[11630]	385
[11642]	386	def update(self):
[15770]	387	if not module_activated(
	388	self.context.student.current_session, self.context):
[15974]	389	self.flash(_('Forbidden'), type='danger')
	390	self.redirect(self.url(self.context, '@@index'))
[14755]	391	return
[11642]	392	error = self.init_update()
	393	if error:
	394	self.flash(error, type='danger')
	395	self.redirect(self.url(self.context, '@@index'))
[15755]	396	# Already now it becomes an Interswitch payment. We set the net amount
	397	# and add the gateway amount.
	398	if not self.context.r_company:
	399	self.context.net_amt = self.context.amount_auth
	400	self.context.amount_auth += self.gateway_amt
	401	self.context.gateway_amt = self.gateway_amt
	402	self.context.r_company = u'interswitch'
	403	self.amount_auth = int(100 * self.context.amount_auth)
[11642]	404	return
	405
[11630]	406	class InterswitchPageApplicant(KofaPage):
	407	""" View which sends a POST request to the Interswitch
	408	CollegePAY payment gateway.
	409	"""
	410	grok.context(INigeriaApplicantOnlinePayment)
	411	grok.require('waeup.payApplicant')
	412	grok.template('applicant_goto_interswitch')
	413	grok.name('goto_interswitch')
[16484]	414	label = _('Submit data to CollegePAY')
[11630]	415	submit_button = _('Submit')
	416
[11639]	417	action = None
	418	site_name = None
	419	currency = None
	420	pay_item_id = None
	421	product_id = None
	422	xml_data = None
[15755]	423	hashvalue = None
	424	gateway_amt = GATEWAY_AMT
[11639]	425
[11642]	426	def init_update(self):
[11630]	427	if self.context.p_state != 'unpaid':
[11642]	428	return _("Payment ticket can't be re-sent to CollegePAY.")
[11630]	429	if self.context.__parent__.__parent__.expired \
	430	and self.context.__parent__.__parent__.strict_deadline:
[16247]	431	return _("Payment ticket can't be sent to CollegePAY. "
[11642]	432	"Application period has expired.")
[15755]	433	if self.context.r_company and self.context.r_company != 'interswitch':
	434	return _("Payment ticket has been used for another payment gateway.")
[12973]	435	tz = getUtility(IKofaUtils).tzinfo
	436	time_delta = datetime.utcnow() - self.context.creation_date
[13015]	437	if time_delta.days > 7:
[12973]	438	return _("This payment ticket is too old. Please create a new ticket.")
[11630]	439	self.applicant = self.context.__parent__
[12509]	440	self.category = self.context.category
[11630]	441	tz = getUtility(IKofaUtils).tzinfo
	442	self.local_date_time = to_timezone(
	443	self.context.creation_date, tz).strftime("%Y-%m-%d %H:%M:%S %Z")
	444	self.site_redirect_url = self.url(self.context, 'request_webservice')
[11642]	445	return
	446
	447	def update(self):
[15770]	448	if not module_activated(
	449	self.context.__parent__.__parent__.year, self.context):
[15974]	450	self.flash(_('Forbidden'), type='danger')
	451	self.redirect(self.url(self.context, '@@index'))
[14755]	452	return
[11642]	453	error = self.init_update()
	454	if error:
	455	self.flash(error, type='danger')
	456	self.redirect(self.url(self.context, '@@index'))
[15755]	457	# Already now it becomes an Interswitch payment. We set the net amount
	458	# and add the gateway amount.
	459	if not self.context.r_company:
	460	self.context.net_amt = self.context.amount_auth
	461	self.context.amount_auth += self.gateway_amt
	462	self.context.gateway_amt = self.gateway_amt
	463	self.context.r_company = u'interswitch'
	464	self.amount_auth = int(100 * self.context.amount_auth)
[13478]	465	return
[16484]	466

Note: See TracBrowser for help on using the repository browser.

Download in other formats: