summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMarcello Stanisci <stanisci.m@gmail.com>2019-11-16 03:10:17 +0100
committerMarcello Stanisci <stanisci.m@gmail.com>2019-11-16 03:10:17 +0100
commitfd5b3e7df26690169bb420f81e27a266a8c5d17b (patch)
treea8ffa696184fbe699fbc7eb0a17dd5680a3f1c48
parent0cec89e017418c75c2924c280461643d5e6a0532 (diff)
downloadbank-fd5b3e7df26690169bb420f81e27a266a8c5d17b.tar.gz
bank-fd5b3e7df26690169bb420f81e27a266a8c5d17b.tar.bz2
bank-fd5b3e7df26690169bb420f81e27a266a8c5d17b.zip
Closing #5788 and shortening middleware code.
-rw-r--r--talerbank/app/middleware.py52
-rw-r--r--talerbank/app/models.py2
-rw-r--r--talerbank/app/schemas.py2
-rw-r--r--talerbank/app/tests.py13
-rw-r--r--talerbank/app/views.py12
5 files changed, 40 insertions, 41 deletions
diff --git a/talerbank/app/middleware.py b/talerbank/app/middleware.py
index a0d8f40..21c747f 100644
--- a/talerbank/app/middleware.py
+++ b/talerbank/app/middleware.py
@@ -1,12 +1,14 @@
import logging
import zlib
+from . import urls
from django.http import JsonResponse
+from django.urls import reverse
from django.shortcuts import redirect
from .models import BankAccount, BankTransaction, \
BankAccountDoesNotExist, BankTransactionDoesNotExist
from .views import \
(DebitLimitException, SameAccountException,
- LoginFailed, RejectNoRightsException)
+ LoginFailed, RejectNoRightsException, UnhandledException)
from .schemas import \
(JSONFieldException,
@@ -68,31 +70,12 @@ class ExceptionMiddleware:
def __init__(self, get_response):
self.get_response = get_response
- # List of all the exceptions that are managed by
- # this module.
- self.excs = {
- BankAccountDoesNotExist: 5110,
- BankTransactionDoesNotExist: 5111,
- SameAccountException: 5102,
- URLParamValidationError: 5105,
- JSONFieldException: 5106,
- CurrencyMismatch: 5104,
- BadFormatAmount: 11,
- LoginFailed: 5312,
- NumberTooBig: 5108,
- NegativeNumber: 5107,
- DebitLimitException: 5103,
- RejectNoRightsException: 5200,
- }
-
# Map between endpoints and Web pages to render
# after the exception gets managed.
self.render = {
- "/profile": "profile",
- "/accounts/register": "index",
- "/public-accounts": "index",
- "/pin/verify": "profile",
- "/withdraw": "profile"
+ reverse("profile", urlconf=urls): "profile",
+ reverse("register", urlconf=urls): "index",
+ reverse("public-accounts", urlconf=urls): "index",
}
##
@@ -117,28 +100,17 @@ class ExceptionMiddleware:
# @param exception the exception raised from the bank.
def process_exception(self, request, exception):
LOGGER.warning(str(exception))
- # See if we manage this exception. Return None if not.
- exc_class = None
- for e in self.excs:
- if isinstance(exception, e):
- exc_class = e
- break
- if not exc_class:
- return None
-
- # Managed exception. Build response.
- taler_ec = self.excs.get(exc_class)
-
- # Check if the endpoint should cause a human-readable
- # page to be returned.
+
+ if not hasattr(exception, "taler_error_code"):
+ exception = UnhandledException()
+
render_to = self.render.get(request.path)
if not render_to:
- return JsonResponse({"ec": taler_ec,
+ return JsonResponse({"ec": exception.taler_error_code,
"error": exception.hint},
status=exception.http_status_code)
- request.session["profile_hint"] = \
- True, False, exception.hint
+ request.session["profile_hint"] = True, False, exception.hint
return redirect(render_to)
# [1] https://git.taler.net/exchange.git/tree/src/include/taler_error_codes.h
diff --git a/talerbank/app/models.py b/talerbank/app/models.py
index d7ce64c..692d6b8 100644
--- a/talerbank/app/models.py
+++ b/talerbank/app/models.py
@@ -126,12 +126,14 @@ class BankAccountDoesNotExist(Exception):
def __init__(self):
self.hint = "Bank account not found"
self.http_status_code = 404
+ self.taler_error_code = 5110
self.minor_error_code = 0
class BankTransactionDoesNotExist(Exception):
def __init__(self):
self.hint = "Bank transaction not found"
self.http_status_code = 404
+ self.taler_error_code = 5111
self.minor_error_code = 0
class CustomManager(models.Manager):
diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index bbe998c..b6aaeb2 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -70,6 +70,7 @@ class JSONFieldException(ValueError):
def __init__(self, error, http_status_code):
self.hint = json.dumps(error.as_json())
self.http_status_code = http_status_code
+ self.taler_error_code = 5106
super().__init__()
@@ -87,6 +88,7 @@ class URLParamValidationError(ValueError):
def __init__(self, error, http_status_code):
self.hint = json.stringify(error.as_json())
self.http_status_code = http_status_code
+ self.taler_error_code = 5105
super().__init__()
diff --git a/talerbank/app/tests.py b/talerbank/app/tests.py
index b58e3c8..4181c8c 100644
--- a/talerbank/app/tests.py
+++ b/talerbank/app/tests.py
@@ -51,6 +51,18 @@ def clear_db():
cursor.execute("ALTER SEQUENCE app_banktransaction_id_seq RESTART")
+# Bank used to crash when malformed JSON was sent
+# to some endpoint that needs to authenticate the
+# user.
+class MalformedLoginTestCase(TestCase):
+
+ def test_malformed_login(self):
+ self.client.generic(
+ "POST",
+ reverse("add-incoming", urlconf=urls),
+ "malformed"
+ )
+
class PublicAccountsTestCase(TestCase):
def setUp(self):
clear_db()
@@ -498,6 +510,7 @@ class AddIncomingTestCase(TestCase):
self.assertRaises(CurrencyMismatch)
self.assertEqual(406, response.status_code)
LOGGER.info(response.content.decode("utf-8"))
+
# Try to go debit
data = '{"auth": {"type": "basic"}, \
"credit_account": 1, \
diff --git a/talerbank/app/views.py b/talerbank/app/views.py
index 426937e..d4c1872 100644
--- a/talerbank/app/views.py
+++ b/talerbank/app/views.py
@@ -68,7 +68,7 @@ UINT64_MAX = (2**64) - 1
class LoginFailed(Exception):
hint = "Wrong username/password"
http_status_code = 401
-
+ taler_error_code = 5109
class InvalidInputData(Exception):
def __init__(self, msg):
@@ -93,6 +93,7 @@ class PrivateAccountException(Exception):
class DebitLimitException(Exception):
hint = "Insufficient credit, operation not acceptable."
http_status_code = 406
+ taler_error_code = 5103
##
@@ -102,6 +103,7 @@ class DebitLimitException(Exception):
class SameAccountException(Exception):
hint = "Debit and credit account are the same."
http_status_code = 403
+ taler_error_code = 5102
##
@@ -112,6 +114,14 @@ class RejectNoRightsException(Exception):
hint = "You weren't the transaction credit account, " \
"no rights to reject."
http_status_code = 403
+ taler_error_code = 5200
+
+class UnhandledException(Exception):
+ hint = "Unhandled exception happened!"
+ http_status_code = 500
+ taler_error_code = 5300
+
+
##