From 327f37bb62cbe9c058c93c97ce8e8cc07f86d600 Mon Sep 17 00:00:00 2001
From: Marcello Stanisci <stanisci.m@gmail.com>
Date: Fri, 31 May 2019 15:00:51 +0200
Subject: 5715.

Initial change in the structure.  Just porting the /history
validation to use the 'form' API for validating GET arguments.

Subsequent changes (for GET requests) will follow the same pattern.
---
 talerbank/app/schemas.py | 94 +++++++++++++++++++++++++++++-------------------
 1 file changed, 57 insertions(+), 37 deletions(-)

(limited to 'talerbank/app/schemas.py')

diff --git a/talerbank/app/schemas.py b/talerbank/app/schemas.py
index cf11bdc..b75ff6a 100644
--- a/talerbank/app/schemas.py
+++ b/talerbank/app/schemas.py
@@ -24,10 +24,66 @@ from validictory import validate
 from validictory.validator import \
     (RequiredFieldValidationError,
      FieldValidationError)
-
 from django.conf import settings
+from django.core.exceptions import ValidationError
+from django import forms
+from django.core.validators import RegexValidator
 
 
+##
+# Exception class to be raised when at least one expected URL
+# parameter is either not found or malformed.
+class URLParamValidationError(ValidationError):
+
+    ##
+    # Init method.
+    #
+    # @param self the object itself.
+    # @param param the missing URL parameter name.
+    # @param http_status_code the HTTP response code to return
+    #        to the caller (client).
+    def __init__(self, error, http_status_code):
+        self.hint = ["%s: %s, " % (k, error[k]) for k in error]
+        self.http_status_code = http_status_code
+        super().__init__()
+
+
+##
+# Form specification that validates GET parameters from a
+# /history request.
+class HistoryParams(forms.Form):
+    auth = forms.CharField(
+        validators=[RegexValidator(
+            "^basic$",
+            message="Only 'basic' is allowed")])
+
+    cancelled = forms.CharField(
+        required=False,
+        empty_value="show",
+        validators=[RegexValidator(
+            "^(omit|show)$",
+            message="Only 'omit' or 'show' are valid")])
+
+    # FIXME: adjust min/max values.
+    delta = forms.IntegerField()
+    # FIXME: adjust min/max values.
+    start = forms.IntegerField(required=False)
+
+    ordering = forms.CharField(
+        required=False,
+        empty_value="descending",
+        validators=[RegexValidator(
+            "^(ascending|descending)$",
+            message="Only 'ascending' or 'descending' are valid")])
+
+    direction = forms.CharField(
+        validators=[RegexValidator(
+            "^(debit|credit|both|cancel\+|cancel-)$",
+            message="Only: debit/credit/both/cancel+/cancel-")])
+
+    # FIXME: adjust min/max values.
+    account_number = forms.IntegerField(required=False)
+
 ##
 # Exception class to be raised when a expected URL parameter
 # is not found.
@@ -86,7 +142,6 @@ AMOUNT_SCHEMA = {
     "type": "string",
     "pattern": "^[A-Za-z0-9_-]+:([0-9]+)\.?([0-9]+)?$"}
 
-
 ##
 # Definition that withdraw request bodies have to match.
 WITHDRAW_SESSION_SCHEMA = {
@@ -172,32 +227,6 @@ HISTORY_RANGE_REQUEST_SCHEMA = {
 }
 
 
-##
-# Definition for /history request URL parameters.
-HISTORY_REQUEST_SCHEMA = {
-    "type": "object",
-    "properties": {
-        "auth": {"type": "string", "pattern": "^basic$"},
-        "cancelled": {"type": "string",
-                      "pattern": "^(omit|show)$",
-                      "required": False},
-        "delta": {"type": "string",
-                  "pattern": r"^([\+-])?([0-9])+$"},
-        "start": {"type": "string",
-                  "pattern": "^([0-9]+)$",
-                  "required": False},
-        "ordering": {"type": "string",
-                     "pattern": r"^(ascending|descending)$",
-                     "required": False},
-        "direction": {"type": "string",
-                      "pattern": r"^(debit|credit|both|cancel\+|cancel-)$"},
-        "account_number": {"type": "string",
-                           "pattern": "^([0-9]+)$",
-                           "required": False}
-    }
-}
-
-
 ##
 # Definition for /add/incoming request bodies.
 INCOMING_REQUEST_SCHEMA = {
@@ -210,7 +239,6 @@ INCOMING_REQUEST_SCHEMA = {
     }
 }
 
-
 ##
 # Definition for PIN/TAN request URL parameters.
 PIN_TAN_ARGS = {
@@ -267,13 +295,6 @@ def validate_pin_tan(data):
 def validate_reject(data):
     validate(data, REJECT_REQUEST_SCHEMA)
 
-##
-# Check /history input data.
-#
-# @param data dict representing /history's GET parameters.
-def validate_history(data):
-    validate(data, HISTORY_REQUEST_SCHEMA)
-
 ##
 # Check /history-range input data.
 #
@@ -319,7 +340,6 @@ def check_withdraw_session(data):
 def validate_data(request, data):
     switch = {
         "/reject": validate_reject,
-        "/history": validate_history,
         "/history-range": validate_history_range,
         "/admin/add/incoming": validate_add_incoming,
         "/pin/verify": check_withdraw_session,
-- 
cgit v1.2.3