Fixed issues stellar#22 and stellar#19

JakeUrban · Dec 6, 2019 · 78cd76b · 78cd76b
1 parent dcd3451
commit 78cd76b
Show file tree

Hide file tree

Showing 7 changed files with 102 additions and 120 deletions.
diff --git a/polaris/polaris/deposit/views.py b/polaris/polaris/deposit/views.py
@@ -7,11 +7,11 @@
 """
 import base64
 import binascii
-import json
 from urllib.parse import urlencode
 
 from polaris import settings
 from django.urls import reverse
+from django.shortcuts import redirect
 from django.views.decorators.clickjacking import xframe_options_exempt
 from django.core.management import call_command
 from rest_framework import status
@@ -147,61 +147,45 @@ def interactive_deposit(request: Request) -> Response:
     """
     # Validate query parameters: account, asset_code, transaction_id.
     account = request.GET.get("account")
+    asset_code = request.GET.get("asset_code")
+    asset = Asset.objects.filter(code=asset_code).first()
+    transaction_id = request.GET.get("transaction_id")
     if not account:
         return render_error_response("no 'account' provided", content_type="text/html")
-
-    asset_code = request.GET.get("asset_code")
-    if not asset_code or not Asset.objects.filter(code=asset_code).exists():
+    elif not (asset_code and asset):
         return render_error_response("invalid 'asset_code'", content_type="text/html")
-
-    transaction_id = request.GET.get("transaction_id")
-    if not transaction_id:
+    elif not transaction_id:
         return render_error_response("no 'transaction_id' provided", content_type="text/html")
 
-    # GET: The server needs to display the form for the user to input the deposit information.
+    try:
+        transaction = Transaction.objects.get(
+            id=transaction_id, asset=asset
+        )
+    except Transaction.DoesNotExist:
+        return render_error_response(
+            "Transaction with ID and asset_code not found",
+            content_type="text/html",
+            status_code=status.HTTP_404_NOT_FOUND
+        )
+
     if request.method == "GET":
         form = DepositForm()
-    # POST: The user submitted a form with the amount to deposit.
+        return Response({"form": form}, template_name="deposit/form.html")
+
+    form = DepositForm(request.POST)
+    form.asset = asset
+    # If the form is valid, we create a transaction pending external action
+    # and render the success page.
+    if form.is_valid():
+        transaction.amount_in = form.cleaned_data["amount"]
+        transaction.amount_fee = calc_fee(
+            asset, settings.OPERATION_DEPOSIT, transaction.amount_in
+        )
+        transaction.save()
+
+        return redirect(f"{reverse('more_info')}?{urlencode({'id': transaction_id})}")
     else:
-        if Transaction.objects.filter(id=transaction_id).exists():
-            return render_error_response(
-                "transaction with matching 'transaction_id' already exists",
-                content_type="text/html"
-            )
-        form = DepositForm(request.POST)
-        asset = Asset.objects.get(code=asset_code)
-        form.asset = asset
-        # If the form is valid, we create a transaction pending external action
-        # and render the success page.
-        if form.is_valid():
-            amount_in = form.cleaned_data["amount"]
-            amount_fee = calc_fee(asset, settings.OPERATION_DEPOSIT, amount_in)
-            transaction = Transaction(
-                id=transaction_id,
-                stellar_account=account,
-                asset=asset,
-                kind=Transaction.KIND.deposit,
-                status=Transaction.STATUS.pending_user_transfer_start,
-                amount_in=amount_in,
-                amount_fee=amount_fee,
-                to_address=account,
-            )
-            transaction.save()
-
-            serializer = TransactionSerializer(
-                transaction,
-                context={"more_info_url": _construct_more_info_url(request)},
-            )
-            tx_json = json.dumps({"transaction": serializer.data})
-            return Response(
-                {
-                    "tx_json": tx_json,
-                    "transaction": transaction,
-                    "asset_code": transaction.asset.code,
-                },
-                template_name="transaction/more_info.html",
-            )
-    return Response({"form": form}, template_name="deposit/form.html")
+        return Response({"form": form}, template_name="deposit/form.html")
 
 
 @api_view(["POST"])
@@ -238,6 +222,14 @@ def deposit(account: str, request: Request) -> Response:
 
     # Construct interactive deposit pop-up URL.
     transaction_id = create_transaction_id()
+    Transaction.objects.create(
+        id=transaction_id,
+        stellar_account=account,
+        asset=asset,
+        kind=Transaction.KIND.deposit,
+        status=Transaction.STATUS.pending_user_transfer_start,
+        to_address=account
+    )
     url = _construct_interactive_url(request, asset_code, stellar_account, transaction_id)
     return Response(
         {"type": "interactive_customer_info_needed", "url": url, "id": transaction_id},

diff --git a/polaris/polaris/fee/views.py b/polaris/polaris/fee/views.py
@@ -45,7 +45,7 @@ def fee(account: str, request: Request) -> Response:
     amount_str = request.GET.get("amount")
     try:
         amount = float(amount_str)
-    except (TypeError, ValueError):
+    except (ValueError, TypeError):
         return render_error_response("invalid 'amount'")
 
     # Validate that the operation, and the specified type (if provided)

diff --git a/polaris/polaris/templates/withdraw/form.html b/polaris/polaris/templates/withdraw/form.html
@@ -42,10 +42,6 @@
         </div>
         {% endfor %}
 
-        <div class="field">
-            <div><input id="account" name="account" type="hidden" value="{{ account }}"/></div>
-        </div>
-
         <div class="field">
             <div class="control">
                 <button class="button is-link" type="submit">Continue</button>

diff --git a/polaris/polaris/tests/conftest.py b/polaris/polaris/tests/conftest.py
@@ -7,8 +7,10 @@
 
 from polaris.models import Asset, Transaction
 
-STELLAR_ACCOUNT_1 = "GBCTKB22TYTLXHDWVENZGWMJWJ5YK2GTSF7LHAGMTSNAGLLSZVXRGXEW"
-STELLAR_ACCOUNT_2 = "GAB4FHP66SOQ4L22WQGW7BQCHGWRFWXQ6MWBZV2YRVTXSK3QPNFOTM3T"
+STELLAR_ACCOUNT_1 = "GAIRMDK7VDAXKXCX54UQ7WQUXZVITPBBYH33ADXQIADMDTDVJMQGBQ6V"
+STELLAR_ACCOUNT_1_SEED = "SBB57BRFU7OFBVGUNJH4PMTQR72VCGKKFXBRQJJX7CHRSTZATAB5645L"
+STELLAR_ACCOUNT_2 = "GAWGLF7Y6WFNPMFLIZ7AZU7TCHRRMTVKSB64XUSLJUGMXS3KFCOZXJWC"
+STELLAR_ACCOUNT_2_SEED = "SAANDCFGMTWUQX27URREU47QL2HSJRCTB6YXZIOBHZJCAUBBEFJTGASY"
 
 
 @pytest.fixture(scope="session", name="usd_asset_factory")

diff --git a/polaris/polaris/tests/deposit_test.py b/polaris/polaris/tests/deposit_test.py
@@ -13,6 +13,7 @@
 from django.core.management import call_command
 
 from polaris import settings
+from polaris.tests.conftest import STELLAR_ACCOUNT_1_SEED
 from polaris.management.commands.create_stellar_deposit import (
     SUCCESS_XDR,
     TRUSTLINE_FAILURE_XDR,
@@ -304,6 +305,7 @@ def test_deposit_confirm_success(
         follow=True,
         **header
     )
+
     assert response.status_code == 200
     content = json.loads(response.content)
     transaction = content["transaction"]
@@ -429,9 +431,7 @@ def test_deposit_stellar_success(
 @pytest.mark.django_db
 @patch("stellar_sdk.server.Server.fetch_base_fee", return_value=100)
 @patch("stellar_sdk.server.Server.submit_transaction", return_value=HORIZON_SUCCESS_RESPONSE)
-@patch("polaris.helpers.check_auth", side_effect=mock_check_auth_success)
 def test_deposit_interactive_confirm_success(
-    mock_check,
     mock_submit,
     mock_base_fee,
     client,
@@ -441,11 +441,16 @@ def test_deposit_interactive_confirm_success(
     `GET /deposit` and `GET /transactions/deposit/webapp` succeed with valid `account`
     and `asset_code`.
     """
-    del mock_check, mock_submit, mock_base_fee
+    del mock_submit, mock_base_fee
     deposit = acc1_usd_deposit_transaction_factory()
+
+    encoded_jwt = sep10(client, deposit.stellar_account, STELLAR_ACCOUNT_1_SEED)
+    header = {"HTTP_AUTHORIZATION": f"Bearer {encoded_jwt}"}
+
     response = client.post(
         DEPOSIT_PATH, {"asset_code": "USD", "account": deposit.stellar_account},
-        follow=True
+        follow=True,
+        **header
     )
     content = json.loads(response.content)
     assert response.status_code == 200
@@ -455,14 +460,12 @@ def test_deposit_interactive_confirm_success(
     url = content["url"]
     amount = 20
     response = client.post(url, {"amount": amount})
-    assert response.status_code == 200
+    assert response.status_code == 302
     assert (
         Transaction.objects.get(id=transaction_id).status
         == Transaction.STATUS.pending_user_transfer_start
     )
 
-    encoded_jwt = sep10(client, client_address, client_seed)
-    header = {"HTTP_AUTHORIZATION": f"Bearer {encoded_jwt}"}
     response = client.get(
         f"/transactions/deposit/confirm_transaction?amount={amount}&transaction_id={transaction_id}",
         follow=True,

diff --git a/polaris/polaris/tests/withdraw_test.py b/polaris/polaris/tests/withdraw_test.py
@@ -127,7 +127,7 @@ def test_withdraw_interactive_failure_no_memotype(
         "bank": "Bank",
         "account": "Account"
     })
-    assert response.status_code == 200
+    assert response.status_code == 302
     assert (
         Transaction.objects.get(id=transaction_id).status
         == Transaction.STATUS.pending_user_transfer_start
@@ -160,7 +160,7 @@ def test_withdraw_interactive_failure_incorrect_memotype(
         "bank": "Bank",
         "account": "Account"
     })
-    assert response.status_code == 200
+    assert response.status_code == 302
     assert (
         Transaction.objects.get(id=transaction_id).status
         == Transaction.STATUS.pending_user_transfer_start
@@ -193,7 +193,7 @@ def test_withdraw_interactive_failure_no_memo(
         "bank": "Bank",
         "account": "Account"
     })
-    assert response.status_code == 200
+    assert response.status_code == 302
     assert (
         Transaction.objects.get(id=transaction_id).status
         == Transaction.STATUS.pending_user_transfer_start
@@ -226,7 +226,7 @@ def test_withdraw_interactive_failure_incorrect_memo(
         "bank": "Bank",
         "account": "Account"
     })
-    assert response.status_code == 200
+    assert response.status_code == 302
     assert (
         Transaction.objects.get(id=transaction_id).status
         == Transaction.STATUS.pending_user_transfer_start
@@ -256,7 +256,7 @@ def test_withdraw_interactive_success_transaction_unsuccessful(
         "bank": "Bank",
         "account": "Account"
     })
-    assert response.status_code == 200
+    assert response.status_code == 302
     transaction = Transaction.objects.get(id=transaction_id)
     assert transaction.status == Transaction.STATUS.pending_user_transfer_start
 
@@ -298,7 +298,7 @@ def test_withdraw_interactive_success_transaction_successful(
         "bank": "Bank",
         "account": "Account"
     })
-    assert response.status_code == 200
+    assert response.status_code == 302
     transaction = Transaction.objects.get(id=transaction_id)
     assert transaction.status == Transaction.STATUS.pending_user_transfer_start