entrouvert
/
combo
16
1
Fork 0
Code Issues Pull Requests 11 Releases Wiki Activity

lingo: return json error response (#42512)

This commit is contained in:
Lauréline Guérin 2020-05-14 17:06:26 +02:00
parent ee1b833ef4
commit 2723604596
No known key found for this signature in database
GPG Key ID: 1FAB9B9B4F93D473
2 changed files with 46 additions and 49 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

69
combo/apps/lingo/views.py
View File

@ -50,6 +50,16 @@ from .models import (Regie, BasketItem, Transaction, TransactionOperation,
LingoBasketCell, SelfDeclaredInvoicePayment, PaymentBackend, EXPIRED)
class ErrorJsonResponse(JsonResponse):
def __init__(self, err_desc, *args, **kwargs):
data = {'err': 1, 'err_desc': err_desc}
super().__init__(data, *args, **kwargs)
class BadRequestJsonResponse(ErrorJsonResponse):
status_code = 400
def signing_dumps(content):
serialization = signing.dumps(content)
return serialization.replace(':', '.')
@ -139,7 +149,7 @@ class AddBasketItemApiView(View):
if not 'amount' in request.GET and not 'amount' in request_body and \
not 'amount' in extra:
return HttpResponseBadRequest('missing amount parameter')
return BadRequestJsonResponse('missing amount parameter')
if 'display_name' not in request_body:
return HttpResponseBadRequest('missing display_name parameter')
@ -148,19 +158,19 @@ class AddBasketItemApiView(View):
try:
item.amount = self.get_amount(request.GET.getlist('amount'))
except ArithmeticError:
return HttpResponseBadRequest('invalid value for "amount" in query string')
return BadRequestJsonResponse('invalid value for "amount" in query string')
if request_body.get('amount'):
try:
item.amount += self.get_amount(request_body['amount'])
except ArithmeticError:
return HttpResponseBadRequest('invalid value for "amount" in payload')
return BadRequestJsonResponse('invalid value for "amount" in payload')
if extra.get('amount'):
try:
item.amount += self.get_amount(extra['amount'])
except ArithmeticError:
return HttpResponseBadRequest('invalid value for "amount" in extra payload')
return BadRequestJsonResponse('invalid value for "amount" in extra payload')
if 'extra' in request_body:
item.request_data = request_body.get('extra')
@ -175,7 +185,7 @@ class AddBasketItemApiView(View):
else:
user = None
except User.DoesNotExist:
return HttpResponseBadRequest('unknown user')
return BadRequestJsonResponse('unknown user')
item.user = user
if request.GET.get('regie_id'):
@ -185,7 +195,7 @@ class AddBasketItemApiView(View):
try:
item.regie = Regie.objects.get(id=int(request.GET.get('regie_id')))
except (ValueError, Regie.DoesNotExist):
return HttpResponseBadRequest('Unknown regie')
return BadRequestJsonResponse('unknown regie')
else:
try:
item.regie = Regie.objects.get(is_default=True)
@ -195,7 +205,7 @@ class AddBasketItemApiView(View):
item.regie = Regie.objects.all()[0]
if item.regie.is_remote():
return HttpResponseBadRequest('Can not add a basket item to a remote regie.')
return BadRequestJsonResponse('can not add a basket item to a remote regie')
if request.GET.get('cancellable') == 'no':
item.user_cancellable = False
@ -211,15 +221,14 @@ class AddBasketItemApiView(View):
except TypeError:
capture_date_err = True
if item.capture_date is None or capture_date_err:
return HttpResponseBadRequest(
'Bad format for capture date, it should be yyyy-mm-dd.')
return BadRequestJsonResponse('bad format for capture date, it should be yyyy-mm-dd')
item.save()
if user:
item.regie.compute_extra_fees(user=item.user)
else:
if item.regie.extra_fees_ws_url:
HttpResponseBadRequest('Can not compute extra fees with anonymous user.')
BadRequestJsonResponse('can not compute extra fees with anonymous user')
payment_url = reverse(
'basket-item-pay-view',
@ -243,18 +252,18 @@ class RemoveBasketItemApiView(View):
request_body = json.loads(force_text(self.request.body))
if not 'basket_item_id' in request_body:
return HttpResponseBadRequest('missing basket_item_id parameter')
if 'basket_item_id' not in request_body:
return BadRequestJsonResponse('missing basket_item_id parameter')
try:
item = BasketItem.objects.get(id=request_body.get('basket_item_id'))
except BasketItem.DoesNotExist:
return HttpResponseBadRequest('unknown basket item')
return BadRequestJsonResponse('unknown basket item')
except ValueError:
return HttpResponseBadRequest('invalid basket_item_id')
return BadRequestJsonResponse('invalid basket_item_id')
if item.cancellation_date:
return HttpResponseBadRequest('basket item already cancelled')
return BadRequestJsonResponse('basket item already cancelled')
try:
if request.GET.get('NameId'):
@ -264,19 +273,17 @@ class RemoveBasketItemApiView(View):
elif request.GET.get('email'):
user = User.objects.get(email=request.GET.get('email'))
else:
return HttpResponseBadRequest('no user specified')
return BadRequestJsonResponse('no user specified')
except User.DoesNotExist:
return HttpResponseBadRequest('unknown user')
return BadRequestJsonResponse('unknown user')
if item.user != user:
return HttpResponseBadRequest('user does not own the basket item')
return BadRequestJsonResponse('user does not own the basket item')
notify_origin = bool(request_body.get('notify', 'false') == 'true')
item.notify_cancellation(notify_origin=notify_origin)
response = HttpResponse(content_type='application/json')
response.write(json.dumps({'result': 'success'}))
return response
return JsonResponse({'result': 'success'})
class ValidateTransactionApiView(View):
@ -306,18 +313,14 @@ class ValidateTransactionApiView(View):
result = payment.backend.validate(amount, transaction.bank_data)
except eopayment.ResponseError as e:
logger.error(u'failed in validation operation: %s', e)
response = HttpResponse(content_type='application/json')
response.write(json.dumps({'err': 1, 'e': force_text(e)}))
return response
return JsonResponse({'err': 1, 'e': force_text(e)})
logger.info(u'bank validation result: %r', result)
operation = TransactionOperation(transaction=transaction,
kind='validation', amount=amount, bank_result=result)
operation.save()
response = HttpResponse(content_type='application/json')
response.write(json.dumps({'err': 0, 'extra': result}))
return response
return JsonResponse({'err': 0, 'extra': result})
class CancelTransactionApiView(View):
@ -347,18 +350,14 @@ class CancelTransactionApiView(View):
result = payment.backend.cancel(amount, transaction.bank_data)
except eopayment.ResponseError as e:
logger.error(u'failed in cancel operation: %s', e)
response = HttpResponse(content_type='application/json')
response.write(json.dumps({'err': 1, 'e': force_text(e)}))
return response
return JsonResponse({'err': 1, 'e': force_text(e)})
logger.info(u'bank cancellation result: %r', result)
operation = TransactionOperation(transaction=transaction,
kind='cancellation', amount=amount, bank_result=result)
operation.save()
response = HttpResponse(content_type='application/json')
response.write(json.dumps({'err': 0, 'extra': result}))
return response
return JsonResponse({'err': 0, 'extra': result})
class PayMixin(object):
@ -855,9 +854,7 @@ class SelfInvoiceView(View):
else:
msg = _('Sorry, no invoice were found with that number and amount.')
if request.GET.get('ajax') == 'on':
response = HttpResponse(content_type='application/json')
response.write(json.dumps({'url': url, 'msg': msg and force_text(msg)}))
return response
return JsonResponse({'url': url, 'msg': msg and force_text(msg)})
if url:
return HttpResponseRedirect(url)
messages.warning(request, msg)

26
tests/test_lingo_payment.py
View File

@ -299,16 +299,16 @@ def test_add_amount_to_basket(app, key, regie, user):
url = '%s?amount=10,00&email=%s&orig=wcs' % (reverse('api-add-basket-item'), user_email)
url = sign_url(url, key)
resp = app.post_json(url, params=data, status=400)
assert 'invalid value for "amount" in query string' in resp.text
assert resp.json['err_desc'] == 'invalid value for "amount" in query string'
data['amount'] = '1,10'
url = '%s?amount=10.00&email=%s&orig=wcs' % (reverse('api-add-basket-item'), user_email)
url = sign_url(url, key)
resp = app.post_json(url, params=data, status=400)
assert 'invalid value for "amount" in payload' in resp.text
assert resp.json['err_desc'] == 'invalid value for "amount" in payload'
data['amount'] = '1.10'
data['extra'] = {'amount': '0,01'}
resp = app.post_json(url, params=data, status=400)
assert 'invalid value for "amount" in extra payload' in resp.text
assert resp.json['err_desc'] == 'invalid value for "amount" in extra payload'
data['amount'] = '1,10'
data['extra'] = {'amount': '0,01'}
@ -361,7 +361,7 @@ def test_add_amount_to_basket(app, key, regie, user):
url = '%s?email=%s&orig=wcs&regie_id=%s' % (reverse('api-add-basket-item'), user_email, 'scarecrow')
url = sign_url(url, key)
resp = app.post_json(url, params=data, status=400)
assert resp.text == 'Unknown regie'
assert resp.json['err_desc'] == 'unknown regie'
def test_basket_item_with_capture_date(app, user, regie, basket_page, monkeypatch):
@ -399,7 +399,7 @@ def test_add_basket_capture_date_format(app, user, regie, invalid_capture_date):
data['capture_date'] = invalid_capture_date
url = sign_url(url, settings.LINGO_API_SIGN_KEY)
resp = app.post_json(url, params=data, status=400)
assert 'Bad format for capture date, it should be yyyy-mm-dd.' in resp.text
assert resp.json['err_desc'] == 'bad format for capture date, it should be yyyy-mm-dd'
def test_add_basket_item_with_remote_regie(app, user, remote_regie):
@ -407,7 +407,7 @@ def test_add_basket_item_with_remote_regie(app, user, remote_regie):
url = '%s?email=%s' % (reverse('api-add-basket-item'), user.email)
url = sign_url(url, settings.LINGO_API_SIGN_KEY)
resp = app.post_json(url, params=data, status=400)
assert 'Can not add a basket item to a remote regie.' in resp.text
assert resp.json['err_desc'] == 'can not add a basket item to a remote regie'
def test_add_basket_item_without_display_name(app, user, regie):
@ -554,31 +554,31 @@ def test_cancel_basket_item(app, key, regie, user):
url = sign_url(url, key)
data = {'notify': 'true'}
resp = app.post_json(url, params=data, status=400)
assert 'missing basket_item_id parameter' in resp.text
assert resp.json['err_desc'] == 'missing basket_item_id parameter'
url = '%s?email=%s&orig=wcs' % (reverse('api-remove-basket-item'), user_email)
url = sign_url(url, key)
data = {'basket_item_id': 'eggs', 'notify': 'true'}
resp = app.post_json(url, params=data, status=400)
assert 'invalid basket_item_id' in resp.text
assert resp.json['err_desc'] == 'invalid basket_item_id'
url = '%s?email=%s&orig=wcs' % (reverse('api-remove-basket-item'), user_email)
url = sign_url(url, key)
data = {'basket_item_id': 0, 'notify': 'true'}
resp = app.post_json(url, params=data, status=400)
assert 'unknown basket item' in resp.text
assert resp.json['err_desc'] == 'unknown basket item'
url = '%s?orig=wcs' % (reverse('api-remove-basket-item'))
url = sign_url(url, key)
data = {'basket_item_id': basket_item_id, 'notify': 'true'}
resp = app.post_json(url, params=data, status=400)
assert 'no user specified' in resp.text
assert resp.json['err_desc'] == 'no user specified'
url = '%s?email=%s&orig=wcs' % (reverse('api-remove-basket-item'), 'unknown@example.com')
url = sign_url(url, key)
data = {'basket_item_id': basket_item_id, 'notify': 'true'}
resp = app.post_json(url, params=data, status=400)
assert 'unknown user' in resp.text
assert resp.json['err_desc'] == 'unknown user'
other_user_email = 'bar@example.net'
User.objects.get_or_create(email=other_user_email)
@ -586,7 +586,7 @@ def test_cancel_basket_item(app, key, regie, user):
url = sign_url(url, key)
data = {'basket_item_id': basket_item_id, 'notify': 'true'}
resp = app.post_json(url, params=data, status=400)
assert 'user does not own the basket item' in resp.text
assert resp.json['err_desc'] == 'user does not own the basket item'
with mock.patch('combo.utils.requests_wrapper.RequestsSession.request') as request:
url = '%s?email=%s&orig=wcs' % (reverse('api-remove-basket-item'), user_email)
@ -610,7 +610,7 @@ def test_cancel_basket_item(app, key, regie, user):
url = sign_url(url, key)
data = {'basket_item_id': basket_item_id}
resp = app.post_json(url, params=data, status=400)
assert 'basket item already cancelled' in resp.text
assert resp.json['err_desc'] == 'basket item already cancelled'
def test_cancel_basket_item_from_cell(app, key, regie, user):