Mirror
/
zulip
mirror of https://github.com/zulip/zulip.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zulip/zilencer/views.py

193 lines
8.6 KiB
Python
Raw Normal View History

[i18n] Make error messages translatable. Make all strings passing through `json_error` and `JsonableError` translatable. Fixes #727
2016-05-25 15:02:02 +02:00
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
import logging
billing: Send logs to a dedicated file. This will help make them easy to read through. Include messages to the logger name `stripe`, which Stripe's client library logs to.
2018-01-18 02:03:12 +01:00
import os
python: Sort imports in smaller apps.
2017-11-16 00:55:49 +01:00
from typing import Any, Dict, Optional, Text, Union, cast
Send feedback to a queue to be forwarded to staging. (imported from commit 4a9a1bfc6c95763a816263a726cc61b3ca90bf15)
2013-10-17 22:55:09 +02:00
python: Sort imports in smaller apps.
2017-11-16 00:55:49 +01:00
from django.http import HttpRequest, HttpResponse
from django.utils import timezone
from django.utils.translation import ugettext as _
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
from django.shortcuts import render
from django.conf import settings
from django.views.decorators.http import require_GET
from django.views.decorators.csrf import csrf_exempt
import stripe
from stripe.error import CardError, RateLimitError, InvalidRequestError, \
AuthenticationError, APIConnectionError, StripeError
from zerver.decorator import require_post, zulip_login_required
views: Fix imports of REQ/has_request_variables from the wrong place. These were never in zerver/decorator.py, and so it makes sense to import them zerver/lib/request.py, mostly for ease of finding things.
2017-10-28 00:07:31 +02:00
from zerver.lib.exceptions import JsonableError
billing: Send logs to a dedicated file. This will help make them easy to read through. Include messages to the logger name `stripe`, which Stripe's client library logs to.
2018-01-18 02:03:12 +01:00
from zerver.lib.logging_util import log_to_file
Add support infrastructure for push notification bouncer service. This is an incomplete cleaned-up continuation of Lisa Neigut's push notification bouncer work. It supports registration and deregistration of individual push tokens with a central push notification bouncer server. It still is missing a few things before we can complete this effort: * A registration form for server admins to configure their server for this service, with tests. * Code (and tests) for actually bouncing the notifications.
2016-10-27 23:55:31 +02:00
from zerver.lib.push_notifications import send_android_push_notification, \
send_apple_push_notification
python: Sort imports in smaller apps.
2017-11-16 00:55:49 +01:00
from zerver.lib.request import REQ, has_request_variables
Add support infrastructure for push notification bouncer service. This is an incomplete cleaned-up continuation of Lisa Neigut's push notification bouncer work. It supports registration and deregistration of individual push tokens with a central push notification bouncer server. It still is missing a few things before we can complete this effort: * A registration form for server admins to configure their server for this service, with tests. * Code (and tests) for actually bouncing the notifications.
2016-10-27 23:55:31 +02:00
from zerver.lib.response import json_error, json_success
zilencer: Remove unused imports (F401).
2017-11-02 12:39:10 +01:00
from zerver.lib.validator import check_int
from zerver.models import UserProfile
push_notifications: Validate APNS token format in bouncer. This prevents a buggy old Zulip server from forwarding invalid-format push notification tokens to the push notification bouncer service. As part of this change, we switch the token from Text to str to match the rest of the code path.
2017-07-07 18:23:36 +02:00
from zerver.views.push_notifications import validate_token
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
from zilencer.models import RemotePushDeviceToken, RemoteZulipServer, Customer
from zproject.settings import get_secret
STRIPE_SECRET_KEY = get_secret('stripe_secret_key')
STRIPE_PUBLISHABLE_KEY = get_secret('stripe_publishable_key')
stripe.api_key = STRIPE_SECRET_KEY
Send feedback to a queue to be forwarded to staging. (imported from commit 4a9a1bfc6c95763a816263a726cc61b3ca90bf15)
2013-10-17 22:55:09 +02:00
billing: Send logs to a dedicated file. This will help make them easy to read through. Include messages to the logger name `stripe`, which Stripe's client library logs to.
2018-01-18 02:03:12 +01:00
BILLING_LOG_PATH = os.path.join('/var/log/zulip'
if not settings.DEVELOPMENT
else settings.DEVELOPMENT_LOG_DIRECTORY,
'billing.log')
billing_logger = logging.getLogger('zilencer.stripe')
log_to_file(billing_logger, BILLING_LOG_PATH)
log_to_file(logging.getLogger('stripe'), BILLING_LOG_PATH)
zilencer: Use python 3 syntax for typing.
2017-10-27 12:57:54 +02:00
def validate_entity(entity: Union[UserProfile, RemoteZulipServer]) -> None:
views.py: Create validator for remote server.
2017-05-08 14:25:40 +02:00
if not isinstance(entity, RemoteZulipServer):
raise JsonableError(_("Must validate with valid Zulip server API key"))
zilencer: Use python 3 syntax for typing.
2017-10-27 12:57:54 +02:00
def validate_bouncer_token_request(entity: Union[UserProfile, RemoteZulipServer],
token: bytes, kind: int) -> None:
push_notifications: Verify that token types are valid. We only have two types of push notification tokens, so we should validate that in the bouncer code path.
2017-07-07 18:29:45 +02:00
if kind not in [RemotePushDeviceToken.APNS, RemotePushDeviceToken.GCM]:
raise JsonableError(_("Invalid token type"))
views.py: Create validator for remote server.
2017-05-08 14:25:40 +02:00
validate_entity(entity)
push_notifications: Validate APNS token format in bouncer. This prevents a buggy old Zulip server from forwarding invalid-format push notification tokens to the push notification bouncer service. As part of this change, we switch the token from Text to str to match the rest of the code path.
2017-07-07 18:23:36 +02:00
validate_token(token, kind)
views.py: Create validator for remote server.
2017-05-08 14:25:40 +02:00
Add support infrastructure for push notification bouncer service. This is an incomplete cleaned-up continuation of Lisa Neigut's push notification bouncer work. It supports registration and deregistration of individual push tokens with a central push notification bouncer server. It still is missing a few things before we can complete this effort: * A registration form for server admins to configure their server for this service, with tests. * Code (and tests) for actually bouncing the notifications.
2016-10-27 23:55:31 +02:00
@has_request_variables
mypy: Use Python 3 syntax for typing in `zilencer/views.py`.
2017-12-20 20:56:11 +01:00
def remote_server_register_push(request: HttpRequest, entity: Union[UserProfile, RemoteZulipServer],
user_id: int=REQ(), token: bytes=REQ(),
token_kind: int=REQ(validator=check_int),
ios_app_id: Optional[Text]=None) -> HttpResponse:
push_notifications: Validate APNS token format in bouncer. This prevents a buggy old Zulip server from forwarding invalid-format push notification tokens to the push notification bouncer service. As part of this change, we switch the token from Text to str to match the rest of the code path.
2017-07-07 18:23:36 +02:00
validate_bouncer_token_request(entity, token, token_kind)
Add support infrastructure for push notification bouncer service. This is an incomplete cleaned-up continuation of Lisa Neigut's push notification bouncer work. It supports registration and deregistration of individual push tokens with a central push notification bouncer server. It still is missing a few things before we can complete this effort: * A registration form for server admins to configure their server for this service, with tests. * Code (and tests) for actually bouncing the notifications.
2016-10-27 23:55:31 +02:00
server = cast(RemoteZulipServer, entity)
# If a user logged out on a device and failed to unregister,
# we should delete any other user associations for this token
# & RemoteServer pair
RemotePushDeviceToken.objects.filter(
token=token, kind=token_kind, server=server).exclude(user_id=user_id).delete()
# Save or update
remote_token, created = RemotePushDeviceToken.objects.update_or_create(
user_id=user_id,
server=server,
kind=token_kind,
token=token,
defaults=dict(
ios_app_id=ios_app_id,
last_updated=timezone.now()))
return json_success()
@has_request_variables
mypy: Use Python 3 syntax for typing in `zilencer/views.py`.
2017-12-20 20:56:11 +01:00
def remote_server_unregister_push(request: HttpRequest, entity: Union[UserProfile, RemoteZulipServer],
token: bytes=REQ(),
token_kind: int=REQ(validator=check_int),
ios_app_id: Optional[Text]=None) -> HttpResponse:
push_notifications: Validate APNS token format in bouncer. This prevents a buggy old Zulip server from forwarding invalid-format push notification tokens to the push notification bouncer service. As part of this change, we switch the token from Text to str to match the rest of the code path.
2017-07-07 18:23:36 +02:00
validate_bouncer_token_request(entity, token, token_kind)
Add support infrastructure for push notification bouncer service. This is an incomplete cleaned-up continuation of Lisa Neigut's push notification bouncer work. It supports registration and deregistration of individual push tokens with a central push notification bouncer server. It still is missing a few things before we can complete this effort: * A registration form for server admins to configure their server for this service, with tests. * Code (and tests) for actually bouncing the notifications.
2016-10-27 23:55:31 +02:00
server = cast(RemoteZulipServer, entity)
deleted = RemotePushDeviceToken.objects.filter(token=token,
kind=token_kind,
server=server).delete()
if deleted[0] == 0:
return json_error(_("Token does not exist"))
return json_success()
push_notification: Send data to notification bouncer.
2017-05-08 13:48:16 +02:00
@has_request_variables
mypy: Use Python 3 syntax for typing in `zilencer/views.py`.
2017-12-20 20:56:11 +01:00
def remote_server_notify_push(request: HttpRequest, entity: Union[UserProfile, RemoteZulipServer],
payload: Dict[str, Any]=REQ(argument_type='body')) -> HttpResponse:
push_notification: Send data to notification bouncer.
2017-05-08 13:48:16 +02:00
validate_entity(entity)
push_notification: Push data from Zilencer.
2017-05-09 10:31:47 +02:00
server = cast(RemoteZulipServer, entity)
user_id = payload['user_id']
gcm_payload = payload['gcm_payload']
apns_payload = payload['apns_payload']
android_devices = list(RemotePushDeviceToken.objects.filter(
user_id=user_id,
kind=RemotePushDeviceToken.GCM,
server=server
))
apple_devices = list(RemotePushDeviceToken.objects.filter(
user_id=user_id,
kind=RemotePushDeviceToken.APNS,
server=server
))
if android_devices:
push_notifications: Remove DeviceTokenType logic. The syntax wasn't valid on Python 3.5, and the new code is somewhat more readable anyway.
2017-05-16 21:15:45 +02:00
send_android_push_notification(android_devices, gcm_payload, remote=True)
push_notification: Push data from Zilencer.
2017-05-09 10:31:47 +02:00
if apple_devices:
push notifs: Implement APNs with new API. And it works! A couple of things still to do: * When a device token is no longer active, we'll get HTTP status 410. We should then remove the token from the database so we don't keep trying to push to it. This is fairly urgent. * The library we're using has a nice asynchronous API, but this version doesn't use it. This is OK now, but async will be essential at scale.
2017-08-19 01:38:11 +02:00
send_apple_push_notification(user_id, apple_devices, apns_payload)
push_notification: Push data from Zilencer.
2017-05-09 10:31:47 +02:00
push_notification: Send data to notification bouncer.
2017-05-08 13:48:16 +02:00
return json_success()
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
@zulip_login_required
def add_payment_method(request: HttpRequest) -> HttpResponse:
user = request.user
ctx = {
"publishable_key": STRIPE_PUBLISHABLE_KEY,
"email": user.email,
} # type: Dict[str, Any]
if not user.is_realm_admin:
ctx["error_message"] = _("You should be an administrator of the organization %s to view this page."
% (user.realm.name,))
/billing/: Rename "payment.html" => "billing.html". This matches the URL path /billing/ to the filename "billing.html".
2018-01-30 01:30:02 +01:00
return render(request, 'zilencer/billing.html', context=ctx)
billing: Better error message for dev on lacking Stripe credentials. Normal server admins will never run this code, and zulipchat.com will have this information configured before users see it, so this message is really just for development.
2018-01-18 01:05:18 +01:00
if STRIPE_PUBLISHABLE_KEY is None:
# Dev-only message; no translation needed.
ctx["error_message"] = "Missing Stripe config. In dev, add to zproject/dev-secrets.conf ."
/billing/: Rename "payment.html" => "billing.html". This matches the URL path /billing/ to the filename "billing.html".
2018-01-30 01:30:02 +01:00
return render(request, 'zilencer/billing.html', context=ctx)
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
try:
if request.method == "GET":
try:
customer_obj = Customer.objects.get(realm=user.realm)
cards = stripe.Customer.retrieve(customer_obj.stripe_customer_id).sources.all(object="card")
ctx["num_cards"] = len(cards["data"])
except Customer.DoesNotExist:
ctx["num_cards"] = 0
/billing/: Rename "payment.html" => "billing.html". This matches the URL path /billing/ to the filename "billing.html".
2018-01-30 01:30:02 +01:00
return render(request, 'zilencer/billing.html', context=ctx)
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
if request.method == "POST":
token = request.POST.get("stripeToken", "")
# The card metadata doesn't show up in Dashboard but can be accessed
# using the API.
card_metadata = {"added_user_id": user.id, "added_user_email": user.email}
try:
customer_obj = Customer.objects.get(realm=user.realm)
customer = stripe.Customer.retrieve(customer_obj.stripe_customer_id)
billing: Log important requests to Stripe.
2018-01-18 02:44:34 +01:00
billing_logger.info("Adding card on customer %s: source=%r, metadata=%r",
customer_obj.stripe_customer_id, token, card_metadata)
stripe: Make newly added card default source.
2018-01-20 20:42:07 +01:00
card = customer.sources.create(source=token, metadata=card_metadata)
customer.default_source = card.id
customer.save()
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
ctx["num_cards"] = len(customer.sources.all(object="card")["data"])
except Customer.DoesNotExist:
customer_metadata = {"string_id": user.realm.string_id}
# Description makes it easier to identify customers in Stripe dashboard
description = "{} ({})".format(user.realm.name, user.realm.string_id)
billing: Log important requests to Stripe.
2018-01-18 02:44:34 +01:00
billing_logger.info("Creating customer: source=%r, description=%r, metadata=%r",
token, description, customer_metadata)
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
customer = stripe.Customer.create(source=token,
description=description,
metadata=customer_metadata)
card = customer.sources.all(object="card")["data"][0]
card.metadata = card_metadata
card.save()
Customer.objects.create(realm=user.realm, stripe_customer_id=customer.id)
ctx["num_cards"] = 1
ctx["payment_method_added"] = True
/billing/: Rename "payment.html" => "billing.html". This matches the URL path /billing/ to the filename "billing.html".
2018-01-30 01:30:02 +01:00
return render(request, 'zilencer/billing.html', context=ctx)
billing: Simplify logging of Stripe errors. Several changes: * De-duplicate code for different error types. * No need to list lots of error subtypes where we aren't treating them differently; StripeError is the base class of them all. * Unexpected, non-Stripe-related, exceptions we can handle in the normal way. Just make them show up in the billing-specific log too. * The Stripe client library already logs type, code, param, and message before raising an error, so we don't need to repeat those; just add the HTTP status code (because it's not there already and sure why not), and the Python exception type the client library chose to raise in case that makes things a bit easier to interpret.
2018-01-18 03:05:27 +01:00
except StripeError as e:
billing_logger.error("Stripe error: %d %s", e.http_status, e.__class__.__name__)
if isinstance(e, CardError):
ctx["error_message"] = e.json_body.get('error', {}).get('message')
else:
ctx["error_message"] = _("Something went wrong. Please try again or email us at %s."
% (settings.ZULIP_ADMINISTRATOR,))
/billing/: Rename "payment.html" => "billing.html". This matches the URL path /billing/ to the filename "billing.html".
2018-01-30 01:30:02 +01:00
return render(request, 'zilencer/billing.html', context=ctx)
billing: Integrate Stripe, using Stripe Checkout. Stripe Checkout means using JS code provided by Stripe to handle almost all of the UI, which is great for us. There are more features we should add to this page and changes we should make, but this gives us an MVP. [greg: expanded commit message; fixed import ordering and some types.]
2018-01-13 19:38:13 +01:00
except Exception as e:
billing: Simplify logging of Stripe errors. Several changes: * De-duplicate code for different error types. * No need to list lots of error subtypes where we aren't treating them differently; StripeError is the base class of them all. * Unexpected, non-Stripe-related, exceptions we can handle in the normal way. Just make them show up in the billing-specific log too. * The Stripe client library already logs type, code, param, and message before raising an error, so we don't need to repeat those; just add the HTTP status code (because it's not there already and sure why not), and the Python exception type the client library chose to raise in case that makes things a bit easier to interpret.
2018-01-18 03:05:27 +01:00
billing_logger.exception("Uncaught error in billing")
raise