Merge branch 'master' of code.ungleich.ch:nico/meow-pay

This commit is contained in:
Nico Schottelius 2020-02-23 09:18:27 +01:00
commit de06b9ee22
33 changed files with 454 additions and 307 deletions

View file

@ -1,25 +1,24 @@
# uncloud-pay
The pay module for the uncloud
The generic product/payment system.
- uses [etcd3](https://coreos.com/blog/etcd3-a-new-etcd.html) for storage.
- uses [Stripe](https://stripe.com/docs/api) as the payment gateway.
- uses [ldap3](https://github.com/cannatag/ldap3) for ldap authentication.
## Installation
```shell script
pip3 install -r requirements.txt
```
## Getting started as a user
## Getting Started
**TODO**
```shell script
python ucloud_pay.py
```
## Usage
Currently handles very basic features, such as:
#### 1. Adding of products
```shell script
http --json http://[::]:5000/product/add email=your_email_here password=your_password_here specs:=@ipv6-only-vm.json
http --json http://[::]:5000/product/add username=your_username_here password=your_password_here specs:=@ipv6-only-vm.json
```
#### 2. Listing of products
@ -27,20 +26,26 @@ http --json http://[::]:5000/product/add email=your_email_here password=your_pas
http --json http://[::]:5000/product/list
```
#### 3. Ordering products
```shell script
http --json http://[::]:5000/product/order email=your_email_here password=your_password_here product_id=5332cb89453d495381e2b2167f32c842 cpu=1 ram=1gb os-disk-space=10gb os=alpine
```
#### 4. Listing users orders
#### 3. Registering user's payment method (credit card for now using Stripe)
```shell script
http --json GET http://[::]:5000/order/list email=your_email_here password=your_password_here
http --json http://[::]:5000/user/register_payment card_number=4111111111111111 cvc=123 expiry_year=2020 expiry_month=8 card_holder_name="The test user" username=your_username_here password=your_password_here line1="your_billing_address" city="your_city" country="your_country"
```
#### 4. Ordering products
#### 5. Registering user's payment method (credit card for now using Stripe)
First of all, user have to buy the membership first.
```shell script
http --json http://[::]:5000/user/register_payment card_number=4111111111111111 cvc=123 expiry_year=2020 expiry_month=8 card_holder_name="The test user" email=your_email_here password=your_password_here
http --json http://[::]:5000/product/order username=your_username_here password=your_password_here product_id=membership pay=True
```
```shell script
http --json http://[::]:5000/product/order username=your_username_here password=your_password_here product_id=ipv6-only-vm cpu=1 ram=1 os-disk-space=10 os=alpine pay=True
```
#### 5. Listing users orders
```shell script
http --json POST http://[::]:5000/order/list username=your_username_here password=your_password_here
```

View file

@ -1,14 +1,21 @@
import configparser
from etcd_wrapper import EtcdWrapper
from ldap_manager import LdapManager
import os
config = configparser.ConfigParser()
config.read('pay.conf')
from ungleich_common.ldap.ldap_manager import LdapManager
from ungleich_common.std.configparser import StrictConfigParser
from ungleich_common.etcd.etcd_wrapper import EtcdWrapper
# Note 2020-02-15: this stuff clearly does not belong here,
# if config.py is used everywhere.
config_file = os.environ.get('meow-pay-config-file', default='pay.conf')
etcd_client = EtcdWrapper(host=config['etcd']['host'], port=config['etcd']['port'])
config = StrictConfigParser(allow_no_value=True)
config.read(config_file)
ldap_manager = LdapManager(server=config['ldap']['server'], admin_dn=config['ldap']['admin_dn'],
admin_password=config['ldap']['admin_password'])
etcd_client = EtcdWrapper(
host=config.get('etcd', 'host'), port=config.get('etcd', 'port'),
ca_cert=config.get('etcd', 'ca_cert'), cert_key=config.get('etcd', 'cert_key'),
cert_cert=config.get('etcd', 'cert_cert')
)
ldap_manager = LdapManager(
server=config.get('ldap', 'server'), admin_dn=config.get('ldap', 'admin_dn'),
admin_password=config.get('ldap', 'admin_password')
)

View file

@ -1,75 +0,0 @@
import etcd3
import json
from functools import wraps
from uncloud import UncloudException
from uncloud.common import logger
class EtcdEntry:
def __init__(self, meta_or_key, value, value_in_json=True):
if hasattr(meta_or_key, 'key'):
# if meta has attr 'key' then get it
self.key = meta_or_key.key.decode('utf-8')
else:
# otherwise meta is the 'key'
self.key = meta_or_key
self.value = value.decode('utf-8')
if value_in_json:
self.value = json.loads(self.value)
def readable_errors(func):
@wraps(func)
def wrapper(*args, **kwargs):
try:
return func(*args, **kwargs)
except etcd3.exceptions.ConnectionFailedError:
raise UncloudException('Cannot connect to etcd: is etcd running as configured in uncloud.conf?')
except etcd3.exceptions.ConnectionTimeoutError as err:
raise etcd3.exceptions.ConnectionTimeoutError('etcd connection timeout.') from err
except Exception as err:
logger.exception('Some etcd error occured. See syslog for details.', err)
return wrapper
class EtcdWrapper:
@readable_errors
def __init__(self, *args, **kwargs):
self.client = etcd3.client(*args, **kwargs)
@readable_errors
def get(self, *args, value_in_json=True, **kwargs):
_value, _key = self.client.get(*args, **kwargs)
if _key is None or _value is None:
return None
return EtcdEntry(_key, _value, value_in_json=value_in_json)
@readable_errors
def put(self, *args, value_in_json=True, **kwargs):
_key, _value = args
if value_in_json:
_value = json.dumps(_value)
if not isinstance(_key, str):
_key = _key.decode('utf-8')
return self.client.put(_key, _value, **kwargs)
@readable_errors
def get_prefix(self, *args, value_in_json=True, **kwargs):
event_iterator = self.client.get_prefix(*args, **kwargs)
for e in event_iterator:
yield EtcdEntry(*e[::-1], value_in_json=value_in_json)
@readable_errors
def watch_prefix(self, key, value_in_json=True):
event_iterator, cancel = self.client.watch_prefix(key)
for e in event_iterator:
if hasattr(e, '_event'):
e = getattr('e', '_event')
if e.type == e.PUT:
yield EtcdEntry(e.kv.key, e.kv.value, value_in_json=value_in_json)

View file

@ -1,5 +1,8 @@
import logging
import parsedatetime
from datetime import datetime
from stripe_utils import StripeUtils
@ -64,3 +67,21 @@ def calculate_charges(specification, data):
feature_detail['unit']['value']
)
return one_time_charge, recurring_charge
def is_order_valid(order_timestamp, renewal_period):
"""
Sample Code Usage
>> current_datetime, status = cal.parse('Now')
>> current_datetime = datetime(*current_datetime[:6])
>> print('Is order valid: ', is_order_valid(current_datetime, '1 month'))
>> True
"""
cal = parsedatetime.Calendar()
renewal_datetime, status = cal.parse(renewal_period)
renewal_datetime = datetime(*renewal_datetime[:6])
return order_timestamp <= renewal_datetime

View file

@ -1,69 +0,0 @@
import hashlib
import random
import base64
from ldap3 import Server, Connection, ObjectDef, Reader, ALL
class LdapManager:
def __init__(self, server, admin_dn, admin_password):
self.server = Server(server, get_info=ALL)
self.conn = Connection(server, admin_dn, admin_password, auto_bind=True)
self.person_obj_def = ObjectDef('inetOrgPerson', self.conn)
def get(self, query=None, search_base='dc=ungleich,dc=ch'):
kwargs = {
'connection': self.conn,
'object_def': self.person_obj_def,
'base': search_base,
}
if query:
kwargs['query'] = query
r = Reader(**kwargs)
return r.search()
def is_password_valid(self, query_value, password, query_key='mail', **kwargs):
entries = self.get(query='({}={})'.format(query_key, query_value), **kwargs)
if entries:
password_in_ldap = entries[0].userPassword.value
found = self._check_password(password_in_ldap, password)
if not found:
raise Exception('Invalid Password')
else:
return entries[0]
else:
raise ValueError('Such {}={} not found'.format(query_key, query_value))
@staticmethod
def _check_password(tagged_digest_salt, password):
digest_salt_b64 = tagged_digest_salt[6:]
digest_salt = base64.decodebytes(digest_salt_b64)
digest = digest_salt[:20]
salt = digest_salt[20:]
sha = hashlib.sha1(password.encode('utf-8'))
sha.update(salt)
return digest == sha.digest()
@staticmethod
def ssha_password(password):
"""
Apply the SSHA password hashing scheme to the given *password*.
*password* must be a :class:`bytes` object, containing the utf-8
encoded password.
Return a :class:`bytes` object containing ``ascii``-compatible data
which can be used as LDAP value, e.g. after armoring it once more using
base64 or decoding it to unicode from ``ascii``.
"""
SALT_BYTES = 15
sha1 = hashlib.sha1()
salt = random.SystemRandom().getrandbits(SALT_BYTES * 8).to_bytes(SALT_BYTES, 'little')
sha1.update(password)
sha1.update(salt)
digest = sha1.digest()
passwd = b'{SSHA}' + base64.b64encode(digest + salt)
return passwd

View file

@ -0,0 +1,3 @@
from django.contrib import admin
# Register your models here.

View file

@ -0,0 +1,5 @@
from django.apps import AppConfig
class OpennebulaConfig(AppConfig):
name = 'opennebula'

View file

@ -0,0 +1,38 @@
import os
import json
from django.core.management.base import BaseCommand
from django.contrib.auth import get_user_model
from xmlrpc.client import ServerProxy as RPCClient
from xmltodict import parse
from opennebula.models import VM as VMModel
import uncloud.secrets
class Command(BaseCommand):
help = 'Syncronize VM information from OpenNebula'
def add_arguments(self, parser):
pass
def handle(self, *args, **options):
with RPCClient(uncloud.secrets.OPENNEBULA_URL) as rpc_client:
success, response, *_ = rpc_client.one.vmpool.infoextended(
uncloud.secrets.OPENNEBULA_USER_PASS, -2, -1, -1, -1
)
if success:
vms = json.loads(json.dumps(parse(response)))['VM_POOL']['VM']
for i, vm in enumerate(vms):
vm_id = vm['ID']
vm_owner = vm['UNAME']
try:
user = get_user_model().objects.get(username=vm_owner)
except get_user_model().DoesNotExist:
user = get_user_model().objects.create_user(username=vm_owner)
vm_object = VMModel.objects.create(vmid=vm_id, owner=user, data=vm)
vm_object.save()
else:
print(response)

View file

@ -0,0 +1,23 @@
# Generated by Django 3.0.3 on 2020-02-21 10:22
from django.db import migrations, models
class Migration(migrations.Migration):
initial = True
dependencies = [
]
operations = [
migrations.CreateModel(
name='VM',
fields=[
('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
('vmid', models.IntegerField()),
('owner', models.CharField(max_length=128)),
('data', models.CharField(max_length=65536)),
],
),
]

View file

@ -0,0 +1,23 @@
# Generated by Django 3.0.3 on 2020-02-21 10:24
from django.db import migrations, models
class Migration(migrations.Migration):
dependencies = [
('opennebula', '0001_initial'),
]
operations = [
migrations.AlterField(
model_name='vm',
name='data',
field=models.CharField(max_length=65536, null=True),
),
migrations.AlterField(
model_name='vm',
name='owner',
field=models.CharField(max_length=128, null=True),
),
]

View file

@ -0,0 +1,21 @@
# Generated by Django 3.0.3 on 2020-02-21 11:13
from django.conf import settings
from django.db import migrations, models
import django.db.models.deletion
class Migration(migrations.Migration):
dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
('opennebula', '0002_auto_20200221_1024'),
]
operations = [
migrations.AlterField(
model_name='vm',
name='owner',
field=models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, to=settings.AUTH_USER_MODEL),
),
]

View file

@ -0,0 +1,8 @@
from django.db import models
from django.contrib.auth import get_user_model
class VM(models.Model):
vmid = models.IntegerField()
owner = models.ForeignKey(get_user_model(), on_delete=models.CASCADE)
data = models.CharField(max_length=65536, null=True)

View file

@ -0,0 +1,8 @@
from rest_framework import serializers
from opennebula.models import VM
class VMSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = VM
fields = ['vmid', 'owner', 'data']

View file

@ -0,0 +1,3 @@
from django.test import TestCase
# Create your tests here.

View file

@ -0,0 +1,14 @@
from rest_framework import viewsets, generics
from .models import VM
from .serializers import VMSerializer
class VMList(generics.ListAPIView):
queryset = VM.objects.all()
serializer_class = VMSerializer
class VMDetail(generics.RetrieveAPIView):
lookup_field = 'vmid'
queryset = VM.objects.all()
serializer_class = VMSerializer

View file

@ -2,3 +2,4 @@ django
djangorestframework
django-auth-ldap
stripe
xmltodict

View file

@ -7,5 +7,11 @@
# Live/test key from stripe
STRIPE_KEY=""
# XML-RPC interface of opennebula
OPENNEBULA_URL='https://opennebula.ungleich.ch:2634/RPC2'
# user:pass for accessing opennebula
OPENNEBULA_USER_PASS='user:password'

View file

@ -39,7 +39,8 @@ INSTALLED_APPS = [
'django.contrib.staticfiles',
'rest_framework',
'uncloud_api',
'uncloud_auth'
'uncloud_auth',
'opennebula'
]
MIDDLEWARE = [
@ -159,7 +160,7 @@ STATIC_URL = '/static/'
# Uncommitted file
import uncloud.secrets
import stripe
stripe.api_key = uncloud.secrets.STRIPE_KEY
# import uncloud.secrets
#
# import stripe
# stripe.api_key = uncloud.secrets.STRIPE_KEY

View file

@ -19,6 +19,8 @@ from django.urls import path, include
from rest_framework import routers
from uncloud_api import views
from opennebula import views as oneviews
router = routers.DefaultRouter()
router.register(r'users', views.UserViewSet)
router.register(r'groups', views.GroupViewSet)
@ -28,10 +30,9 @@ router.register(r'groups', views.GroupViewSet)
urlpatterns = [
path('', include(router.urls)),
path('admin/', admin.site.urls),
path('api-auth/', include('rest_framework.urls', namespace='rest_framework'))
]
path('products/', views.ProductsView.as_view(), name='products'),
path('api-auth/', include('rest_framework.urls', namespace='rest_framework')),
path('vm/list/', oneviews.VMList.as_view(), name='vm_list'),
path('vm/detail/<int:vmid>/', oneviews.VMDetail.as_view(), name='vm_detail'),
#urlpatterns = [
# path('admin/', admin.site.urls),
# path('api/', include('api.urls')),
#]
]

View file

@ -0,0 +1,26 @@
import time
from django.conf import settings
from django.core.management.base import BaseCommand
import uncloud_api.models
import inspect
import sys
import re
class Command(BaseCommand):
args = '<None>'
help = 'hacking - only use if you are Nico'
def add_arguments(self, parser):
parser.add_argument('command', type=str, help='Command')
def handle(self, *args, **options):
getattr(self, options['command'])(**options)
@classmethod
def classtest(cls, **_):
clsmembers = inspect.getmembers(sys.modules['uncloud_api.models'], inspect.isclass)
for name, c in clsmembers:
if re.match(r'.+Product$', name):
print("{} -> {}".format(name, c))

View file

@ -3,28 +3,89 @@ import uuid
from django.db import models
from django.contrib.auth import get_user_model
# Product in DB vs. product in code
# DB:
# - need to define params (+param types) in db -> messy?
# - get /products/ is easy / automatic
#
# code
# - can have serializer/verification of fields easily in DRF
# - can have per product side effects / extra code running
# - might (??) make features easier??
# - how to setup / query the recurring period (?)
# - could get products list via getattr() + re ...Product() classes
# -> this could include the url for ordering => /order/vm_snapshot (params)
# ---> this would work with urlpatterns
# Combination: create specific product in DB (?)
# - a table per product (?) with 1 entry?
# Orders
# define state in DB
# select a price from a product => product might change, order stays
# params:
# - the product uuid or name (?) => productuuid
# - the product parameters => for each feature
#
# logs
# Should have a log = ... => 1:n field for most models!
class Product(models.Model):
uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
name = models.CharField(max_length=256)
# override these fields by default
description = ""
recurring_period = "not_recurring"
recurring_period = models.CharField(max_length=256,
status = models.CharField(max_length=256,
choices = (
("per_year", "Per Year"),
("per_month", "Per Month"),
("per_week", "Per Week"),
("per_day", "Per Day"),
("per_hour", "Per Hour"),
("not_recurring", "Not recurring")
),
default="not_recurring"
('pending', 'Pending'),
('being_created', 'Being created'),
('created_active', 'Created'),
('deleted', 'Deleted')
)
def __str__(self):
return "{}".format(self.name)
class VMSnapshotProduct(Product):
price_per_gb_ssd = 0.35
price_per_gb_hdd = 1.5/100
sample_ssd = 10
sample_hdd = 100
def recurring_price(self):
return 0
def one_time_price(self):
return 0
@classmethod
def sample_price(cls):
return cls.sample_ssd * cls.price_per_gb_ssd + cls.sample_hdd * cls.price_per_gb_hdd
description = "Create snapshot of a VM"
recurring_period = "monthly"
@classmethod
def pricing_model(cls):
return """
Pricing is on monthly basis and storage prices are equivalent to the storage
price in the VM.
Price per GB SSD is: {}
Price per GB HDD is: {}
Sample price for a VM with {} GB SSD and {} GB HDD VM is: {}.
""".format(cls.price_per_gb_ssd, cls.price_per_gb_hdd,
cls.sample_ssd, cls.sample_hdd, cls.sample_price())
gb_ssd = models.FloatField()
gb_hdd = models.FloatField()
class Feature(models.Model):
uuid = models.UUIDField(primary_key=True, default=uuid.uuid4, editable=False)
@ -35,6 +96,15 @@ class Feature(models.Model):
product = models.ForeignKey(Product, on_delete=models.CASCADE)
# params for "cpu": cpu_count -> int
# each feature can only have one parameters
# could call this "value" and set whether it is user usable
# has_value = True/False
# value = string -> int (?)
# value_int
# value_str
# value_float
def __str__(self):
return "'{}' - '{}'".format(self.product, self.name)
@ -49,11 +119,5 @@ class Order(models.Model):
on_delete=models.CASCADE)
class OrderReference(models.Model):
"""
An order can references another product / relate to it.
This model is used for the relation
"""
class VMSnapshotOrder(Order):
pass

View file

@ -14,3 +14,6 @@ class GroupSerializer(serializers.HyperlinkedModelSerializer):
class Meta:
model = Group
fields = ['url', 'name']
class VMSnapshotSerializer(serializers.Serializer):
pass

View file

@ -2,9 +2,11 @@ from django.shortcuts import render
from django.contrib.auth import get_user_model
from django.contrib.auth.models import Group
from rest_framework import viewsets, permissions
from rest_framework import viewsets, permissions, generics
from .serializers import UserSerializer, GroupSerializer
from rest_framework.views import APIView
from rest_framework.response import Response
class CreditCardViewSet(viewsets.ModelViewSet):
@ -35,3 +37,47 @@ class GroupViewSet(viewsets.ModelViewSet):
serializer_class = GroupSerializer
permission_classes = [permissions.IsAuthenticated]
class GroupViewSet(viewsets.ModelViewSet):
"""
API endpoint that allows groups to be viewed or edited.
"""
queryset = Group.objects.all()
serializer_class = GroupSerializer
permission_classes = [permissions.IsAuthenticated]
# POST /vm/snapshot/ vmuuid=... => create snapshot, returns snapshot uuid
# GET /vm/snapshot => list
# DEL /vm/snapshot/<uuid:uuid> => delete
# create-list -> get, post => ListCreateAPIView
# del on other!
class VMSnapshotView(generics.ListCreateAPIView):
#lookup_field = 'uuid'
permission_classes = [permissions.IsAuthenticated]
import inspect
import sys
import re
# Next: create /order/<productname> urls
# Next: strip off "Product" at the end
class ProductsView(APIView):
def get(self, request, format=None):
clsmembers = inspect.getmembers(sys.modules['uncloud_api.models'], inspect.isclass)
products = []
for name, c in clsmembers:
# Include everything that ends in Product, but not Product itself
m = re.match(r'(?P<pname>.+)Product$', name)
if m:
products.append({
'name': m.group('pname'),
'description': c.description,
'recurring_period': c.recurring_period,
'pricing_model': c.pricing_model()
}
)
return Response(products)

View file

@ -1,4 +1,5 @@
from django.contrib.auth.models import AbstractUser
class User(AbstractUser):
pass

View file

@ -1,5 +1,14 @@
* snapshot feature
** product: vm-snapshot
** flow
*** list all my VMs
**** get the uuid of the VM I want to take a snapshot of
*** request a snapshot
```
vmuuid=$(http nicocustomer
http -a nicocustomer:xxx http://uncloud.ch/vm/create_snapshot uuid=
password=...
```
* steps
** DONE authenticate via ldap
CLOSED: [2020-02-20 Thu 19:05]

6
plan.org Normal file
View file

@ -0,0 +1,6 @@
* TODO register CC
* TODO list products
* ahmed
** schemas
*** field: is_valid? - used by schemas
*** definition of a "schema"

View file

@ -1,4 +1,11 @@
flask-restful
ldap3
etcd3
xmltodict
djangorestframework
django
done
stripe
flask
Flask-RESTful
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-etcd&subdirectory=etcd
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-ldap&subdirectory=ldap
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-std&subdirectory=std
git+https://code.ungleich.ch/ahmedbilal/ungleich-common/#egg=ungleich-common-schemas&subdirectory=schemas

17
sample-pay.conf Normal file
View file

@ -0,0 +1,17 @@
[etcd]
host = 127.0.0.1
port = 2379
ca_cert
cert_cert
cert_key
[stripe]
private_key=stripe_private_key
[app]
port = 5000
[ldap]
server = ldap_server_url
admin_dn = ldap_admin_dn
admin_password = ldap_admin_password

View file

@ -3,95 +3,9 @@ import config
import json
import math
from config import ldap_manager
from config import ldap_manager, etcd_client
from helper import resolve_product
etcd_client = config.etcd_client
class ValidationException(Exception):
"""Validation Error"""
class Field:
def __init__(self, _name, _type, _value=None, validators=None, disable_validation=False):
self.validation_disabled = disable_validation
self.name = _name
self.value = _value
self.type = _type
self.validators = validators or []
def is_valid(self):
if not self.validation_disabled:
if not isinstance(self.value, self.type):
try:
self.value = self.type(self.value)
except Exception:
raise ValidationException("Incorrect Type for '{}' field".format(self.name))
for validator in self.validators:
validator()
def __repr__(self):
return self.name
class BaseSchema:
def __init__(self):
self.objects = {}
def validation(self):
# custom validation is optional
return True
def get_fields(self):
return [getattr(self, field) for field in dir(self) if isinstance(getattr(self, field), Field)]
def is_valid(self):
for field in self.get_fields():
field.is_valid()
self.validation()
def get_cleaned_values(self):
field_kv_dict = {
field.name: field.value
for field in self.get_fields()
}
cleaned_values = field_kv_dict
cleaned_values.update(self.objects)
return cleaned_values
def add_schema(self, schema, data, under_field_name=None):
s = schema(data)
s.is_valid()
base = self
if under_field_name:
# Create a field in self
setattr(self, under_field_name, Field(under_field_name, dict, _value={}, disable_validation=True))
base = getattr(self, under_field_name)
for field in s.get_fields():
if under_field_name:
getattr(base, 'value')[field.name] = field.value
else:
setattr(base, field.name, field)
self.objects.update(s.objects)
@staticmethod
def get(dictionary: dict, key: str, return_default=False, default=None):
if dictionary is None:
raise ValidationException('No data provided at all.')
try:
value = dictionary[key]
except KeyError:
if return_default:
return {'_value': default, 'disable_validation': True}
raise ValidationException("Missing data for '{}' field.".format(key))
else:
return {'_value': value, 'disable_validation': False}
from ungleich_common.schemas.schemas import BaseSchema, Field, ValidationException
class AddProductSchema(BaseSchema):
@ -105,7 +19,7 @@ class AddProductSchema(BaseSchema):
user = self.objects['user']
user = json.loads(user.entry_to_json())
uid, ou, *dc = user['dn'].replace('ou=', '').replace('dc=', '').replace('uid=', '').split(',')
if ou != config.config['ldap']['internal_user_ou']:
if ou != config.config.get('ldap', 'internal_user_ou', fallback='users'):
raise ValidationException('You do not have access to create product.')
product = resolve_product(self.specs.value['usable-id'], etcd_client)

View file

@ -1,12 +1,11 @@
import json
import re
import stripe
import stripe.error
import logging
# FIXME: way too many dependencies in this import
# Most of them are not needed for stripe
#from config import etcd_client as client, config as config
from config import etcd_client as client, config as config
stripe.api_key = config.get('stripe', 'private_key')
def handle_stripe_error(f):
@ -292,7 +291,7 @@ class StripeUtils(object):
returns the new object.
:param amount: The amount in CHF cents
:param name: The name of the Stripe plan to be created.
:param product_name: The name of the Stripe plan (product) to be created.
:param stripe_plan_id: The id of the Stripe plan to be
created. Use get_stripe_plan_id_string function to
obtain the name of the plan to be created

View file

@ -5,7 +5,7 @@ from uuid import uuid4
from flask import Flask, request
from flask_restful import Resource, Api
from werkzeug.exceptions import HTTPException
from config import etcd_client as client, config as config
from stripe_utils import StripeUtils
from schemas import (
@ -324,4 +324,15 @@ if __name__ == '__main__':
api.add_resource(UserRegisterPayment, '/user/register_payment')
api.add_resource(OrderList, '/order/list')
app.run(host='::', port=config['app']['port'], debug=True)
app.run(host='::', port=config.get('app', 'port', fallback=5000), debug=True)
@app.errorhandler(Exception)
def handle_exception(e):
app.logger.error(e)
# pass through HTTP errors
if isinstance(e, HTTPException):
return e
# now you're handling non-HTTP exceptions only
return {'message': 'Server Error'}, 500