IT4Change/gradido
3
0
Fork 0
mirror of https://github.com/IT4Change/gradido.git synced 2025-12-13 07:45:54 +00:00
Code Issues Packages Projects Releases Wiki Activity

add function for send GDD per ajax request

Browse Source
This commit is contained in:
Dario Rekowski on RockPI 2021-02-23 12:30:04 +00:00 committed by Ulf Gebhardt
parent fe60808247
commit c03ed3e789
No known key found for this signature in database
GPG Key ID: 81308EFE29ABFEBD
5 changed files with 137 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
config/routes.php
View File

@ -58,6 +58,7 @@ Router::scope('/', function (RouteBuilder $routes) {
// Skip token check for API URLs. // Skip token check for API URLs.
//die($request->getParam('controller')); //die($request->getParam('controller'));
$whitelist = ['JsonRequestHandler', 'ElopageWebhook']; $whitelist = ['JsonRequestHandler', 'ElopageWebhook'];
$ajaxWhitelist = ['TransactionSendCoins'];
foreach($whitelist as $entry) { foreach($whitelist as $entry) {
if($request->getParam('controller') === $entry) { if($request->getParam('controller') === $entry) {
@ -74,9 +75,19 @@ Router::scope('/', function (RouteBuilder $routes) {
$ip = gethostbyname($allowed); $ip = gethostbyname($allowed);
if($ip === $callerIp) return true; if($ip === $callerIp) return true;
} }
die("caller ip: $callerIp<br>");
} }
} }
} }
// disable csfr for all ajax requests in ajax whitelisted controller
foreach($ajaxWhitelist as $entry) {
if($request->getParam('controller') === $entry) {
$action = $request->getParam('action');
if(preg_match('/^ajax/', $action)) {
return true;
}
}
}
}); });
// Register scoped middleware for in scopes. // Register scoped middleware for in scopes.

121
src/Controller/TransactionSendCoinsController.php
View File

@ -37,6 +37,7 @@ class TransactionSendCoinsController extends AppController
//$this->Auth->allow(['add', 'edit']); //$this->Auth->allow(['add', 'edit']);
$this->Auth->allow('create'); $this->Auth->allow('create');
$this->Auth->allow('createRaw'); $this->Auth->allow('createRaw');
$this->Auth->allow('ajaxCreate');
$this->set( $this->set(
'naviHierarchy', 'naviHierarchy',
(new NaviHierarchy())-> (new NaviHierarchy())->
@ -288,6 +289,126 @@ class TransactionSendCoinsController extends AppController
$this->set('timeUsed', microtime(true) - $startTime); $this->set('timeUsed', microtime(true) - $startTime);
} }
public function ajaxCreate()
{
if ($this->request->is('post')) {
$startTime = microtime(true);
$jsonData = $this->request->input('json_decode', true);
$session_id = $jsonData['session_id'];
if(!$session_id) {
return $this->returnJson(['state' => 'error', 'msg' => 'invalid session id']);
}
$login_result = $this->requestLogin($session_id, false);
if($login_result !== true) {
return $this->returnJson($login_result);
}
$session = $this->getRequest()->getSession();
$user = $session->read('StateUser');
$receiverPubKeyHex = '';
$senderPubKeyHex = $user['public_hex'];
if(!isset($user['balance']) || $jsonData['amount'] > $user['balance']) {
return $this->returnJson(['state' => 'error', 'msg' => 'not enough GDD']);
}
$receiverEmail = $jsonData['email'];
if($receiverEmail === $user['email']) {
return $this->returnJson(['state' => 'error', 'msg' => 'sender and receiver email are the same']);
}
$requestAnswear = $this->JsonRequestClient->sendRequest(json_encode([
'session_id' => $session_id,
'email' => $receiverEmail,
'ask' => ['user.pubkeyhex', 'user.disabled']
]), '/getUserInfos');
if('success' == $requestAnswear['state'] && 'success' == $requestAnswear['data']['state']) {
// will be allways 64 byte long, even if it is empty
$receiverPubKeyHex = $requestAnswear['data']['userData']['pubkeyhex'];
} else {
return $this->returnJson([
'state' => 'error',
'msg' => 'receiver email not found on login-server',
'details' => $requestAnswear,
'timeUsed' => microtime(true) - $startTime
]);
}
if($requestAnswear['data']['userData']['disabled']) {
return $this->returnJson([
'state' => 'error',
'msg' => 'receiver is currently disabled, he cannot receive payments',
'timeUsed' => microtime(true) - $startTime
]);
}
//var_dump($sessionStateUser);
$builderResult = TransactionTransfer::build(
$jsonData['amount'],
$jsonData['memo'],
$receiverPubKeyHex,
$senderPubKeyHex
);
if($builderResult['state'] === 'success') {
$http = new Client();
try {
$loginServer = Configure::read('LoginServer');
$url = $loginServer['host'] . ':' . $loginServer['port'];
$response = $http->post($url . '/checkTransaction', json_encode([
'session_id' => $session_id,
'transaction_base64' => base64_encode($builderResult['transactionBody']->serializeToString()),
'balance' => $user['balance']
]), ['type' => 'json']);
$json = $response->getJson();
if($json['state'] != 'success') {
if($json['msg'] == 'session not found') {
$session->destroy();
return $this->returnJson([
'state' => 'error',
'msg' => 'session not found',
'details' => $session_id,
'timeUsed' => microtime(true) - $startTime
]);
//$this->Flash->error(__('session not found, please login again'));
} else {
return $this->returnJson([
'state' => 'error',
'msg' => 'login server return error',
'details' => $json,
'timeUsed' => microtime(true) - $startTime
]);
}
} else {
return $this->returnJson(['state' => 'success', 'timeUsed' => microtime(true) - $startTime]);
}
} catch(\Exception $e) {
$msg = $e->getMessage();
//$this->Flash->error(__('error http request: ') . $msg);
return $this->returnJson([
'state' => 'error',
'msg' => 'error http request',
'details' => $msg,
'timeUsed' => microtime(true) - $startTime
]);
}
} else {
return $this->returnJson([
'state' => 'error',
'msg' => 'no valid receiver public key given',
'details' => $receiverPubKeyHex,
'timeUsed' => microtime(true) - $startTime
]);
}
}
return $this->returnJson(['state' => 'error', 'msg' => 'no post request']);
}
public function createRaw() public function createRaw()
{ {

2
src/Model/Transactions/TransactionBody.php
View File

@ -79,7 +79,7 @@ class TransactionBody extends TransactionBase {
if ($transactionsTable->save($transactionEntity)) { if ($transactionsTable->save($transactionEntity)) {
// success // success
$this->mTransactionID = $transactionEntity->id; $this->mTransactionID = $transactionEntity->id;
if(!$this->mSpecificTransaction->save($transactionEntity->id, $firstPublic)) { if(!$this->mSpecificTransaction->save($transactionEntity->id, $firstPublic, $transactionEntity->received)) {
$this->addErrors($this->mSpecificTransaction->getErrors()); $this->addErrors($this->mSpecificTransaction->getErrors());
return false; return false;
} }

2
src/Model/Transactions/TransactionCreation.php
View File

@ -225,7 +225,7 @@ class TransactionCreation extends TransactionBase {
} }
// update state balance // update state balance
if(false === $this->updateStateBalance($receiverUserId, $this->getAmount())) { if(false === $this->updateStateBalance($receiverUserId, $this->getAmount(), $transactionCreationEntity->target_date)) {
return false; return false;
} }

6
src/Model/Transactions/TransactionTransfer.php
View File

@ -158,7 +158,7 @@ class TransactionTransfer extends TransactionBase {
return true; return true;
} }
public function save($transaction_id, $firstPublic) { public function save($transaction_id, $firstPublic, $received) {
static $functionName = 'TransactionCreation::save'; static $functionName = 'TransactionCreation::save';
@ -182,11 +182,11 @@ class TransactionTransfer extends TransactionBase {
return false; return false;
} }
$finalSenderBalance = $this->updateStateBalance($senderUserId, -$senderAmount->getAmount()); $finalSenderBalance = $this->updateStateBalance($senderUserId, -$senderAmount->getAmount(), $received);
if(false === $finalSenderBalance) { if(false === $finalSenderBalance) {
return false; return false;
} }
if(false === $this->updateStateBalance($receiverUserId, $receiverAmount->getAmount())) { if(false === $this->updateStateBalance($receiverUserId, $receiverAmount->getAmount(), $received)) {
return false; return false;
} }