Orderer/server_controller.py

import uuid
from datetime import timedelta, datetime
from math import ceil, floor

from bottle import request
from passlib.hash import sha256_crypt

import model
from connection import check_missing_attributes, BadRequest, Forbidden, PreconditionFailed, NotFound


def missing_attributes(attributes):
    for attr in attributes:
        if attr not in request.json or request.json[attr] == '' or request.json[attr] is None:
            if str(attr) == 'session_id':
                return 'You are not signed in.'
            return 'Missing value for attribute ' + str(attr)
        if str(attr) == 'session_id':
            if not model.valid_session_id(request.json['session_id']):
                return 'You are not signed in.'
    return False


def login(json_request):

    check_missing_attributes(json_request, ['username', 'password'])
    username = request.json['username']
    password = request.json['password']
    session_id = model.login(username, password)
    if session_id:
        return {'session_id': session_id}
    else:
        return Forbidden('Invalid login data')


def depot(json_request):
    check_missing_attributes(json_request, ['session_id'])
    user_id = model.get_user_id_by_session_id(request.json['session_id'])
    return {'data': model.get_user_ownership(user_id),
            'own_wealth': f'{model.user_wealth(user_id):.2f}',
            'banking_license': model.user_has_banking_license(user_id)}

def global_variables(_json_request):
    return model.global_control_values()


def register(json_request):
    check_missing_attributes(json_request, ['username', 'password'])
    username = request.json['username'].strip()
    if username == '':
        return BadRequest('Username can not be empty.')
    if model.user_exists(username):
        return BadRequest('User already exists.')
    game_key = ''
    if 'game_key' in request.json:
        game_key = request.json['game_key'].strip().upper()
        if game_key != '' and not model.valid_key(game_key):
            return BadRequest('Game key is not valid.')
    if model.register(username, request.json['password'], game_key):
        return {'message': "successfully registered user"}
    else:
        return BadRequest('Registration not successful')


def activate_key(json_request):
    check_missing_attributes(json_request, ['key', 'session_id'])
    if model.valid_key(request.json['key']):
        user_id = model.get_user_id_by_session_id(request.json['session_id'])
        model.activate_key(request.json['key'], user_id)
        return {'message': "successfully activated key"}
    else:
        return BadRequest('Invalid key.')


def order(json_request):
    check_missing_attributes(json_request, ['buy', 'session_id', 'amount', 'ownable', 'time_until_expiration'])
    if not model.ownable_name_exists(request.json['ownable']):
        return BadRequest('This kind of object can not be ordered.')

    buy = request.json['buy']
    sell = not buy
    if not isinstance(buy, bool):
        return BadRequest('`buy` must be a boolean')

    session_id = request.json['session_id']
    amount = request.json['amount']
    try:
        amount = int(amount)
    except ValueError:
        return BadRequest('Invalid amount.')
    if amount < 0:
        return BadRequest('You can not order a negative amount.')
    if amount < 1:
        return BadRequest('The minimum order size is 1.')
    ownable_name = request.json['ownable']
    time_until_expiration = float(request.json['time_until_expiration'])
    if time_until_expiration < 0:
        return BadRequest('Invalid expiration time.')
    ownable_id = model.ownable_id_by_name(ownable_name)
    user_id = model.get_user_id_by_session_id(session_id)
    model.own(user_id, ownable_name)
    ownership_id = model.get_ownership_id(ownable_id, user_id)

    try:
        if request.json['limit'] == '':
            limit = None
        elif request.json['limit'] is None:
            limit = None
        else:
            if buy:
                limit = floor(float(request.json['limit']) * 10000) / 10000
            else:
                limit = ceil(float(request.json['limit']) * 10000) / 10000
    except ValueError:  # for example when float fails
        return BadRequest('Invalid limit.')
    except KeyError:  # for example when limit was not specified
        limit = None

    if limit < 0:
        return BadRequest('Limit must not be negative.')

    try:
        if request.json['stop_loss'] == '':
            stop_loss = None
        elif request.json['stop_loss'] is None:
            stop_loss = None
        else:
            stop_loss = 'stop_loss' in request.json and request.json['stop_loss']
        if stop_loss is not None and limit is None:
            return BadRequest('Can only set stop-loss for limit orders')
    except KeyError:  # for example when stop_loss was not specified
        stop_loss = None

    if sell:
        if not model.user_has_at_least_available(amount, user_id, ownable_id):
            return BadRequest('You can not sell more than you own.')
    try:
        expiry = datetime.strptime(model.current_db_time(), '%Y-%m-%d %H:%M:%S') + \
                 timedelta(minutes=time_until_expiration)
    except OverflowError:
        return BadRequest('The expiration time is too far in the future.')
    model.place_order(buy, ownership_id, limit, stop_loss, amount, expiry)
    return {'message': "Order placed."}


def gift(json_request):
    check_missing_attributes(json_request, ['session_id', 'amount', 'object_name', 'username'])
    if not model.ownable_name_exists(request.json['object_name']):
        return BadRequest('This kind of object can not be given away.')
    if request.json['username'] == 'bank' or not model.user_exists(request.json['username']):
        return BadRequest('There is no user with this name.')
    try:
        amount = float(request.json['amount'])
    except ValueError:
        return BadRequest('Invalid amount.')
    ownable_id = model.ownable_id_by_name(request.json['object_name'])
    sender_id = model.get_user_id_by_session_id(request.json['session_id'])

    if model.available_amount(sender_id, ownable_id) == 0:
        return BadRequest('You do not own any of these.')
    if not model.user_has_at_least_available(amount, sender_id, ownable_id):
        # for example if you have a 1.23532143213 Kollar and want to give them all away
        amount = model.available_amount(sender_id, ownable_id)

    recipient_id = model.get_user_id_by_name(request.json['username'])

    model.send_ownable(sender_id,
                       recipient_id,
                       ownable_id,
                       amount)

    return {'message': "Gift sent."}


def orders(json_request):
    check_missing_attributes(json_request, ['session_id'])
    data = model.get_user_orders(model.get_user_id_by_session_id(request.json['session_id']))
    return {'data': data}


def loans(json_request):
    check_missing_attributes(json_request, ['session_id'])
    data = model.get_user_loans(model.get_user_id_by_session_id(request.json['session_id']))
    return {'data': data}


def orders_on(json_request):
    check_missing_attributes(json_request, ['session_id', 'ownable'])
    if not model.ownable_name_exists(request.json['ownable']):
        return BadRequest('This kind of object can not be ordered.')
    user_id = model.get_user_id_by_session_id(request.json['session_id'])
    ownable_id = model.ownable_id_by_name(request.json['ownable'])
    data = model.get_ownable_orders(user_id, ownable_id)
    return {'data': data}


def old_orders(json_request):
    check_missing_attributes(json_request, ['session_id', 'include_canceled', 'include_executed', 'limit'])
    include_executed = request.json['include_executed']
    include_canceled = request.json['include_canceled']
    user_id = model.get_user_id_by_session_id(request.json['session_id'])
    limit = request.json['limit']
    data = model.get_old_orders(user_id, include_executed, include_canceled, limit)
    return {'data': data}


def cancel_order(json_request):
    check_missing_attributes(json_request, ['session_id', 'order_id'])
    if not model.user_has_order_with_id(request.json['session_id'], request.json['order_id']):
        return BadRequest('You do not have an order with that number.')
    model.delete_order(request.json['order_id'], 'Canceled')
    return {'message': "Successfully deleted order"}


def change_password(json_request):
    check_missing_attributes(json_request, ['session_id', 'password'])
    salt = str(uuid.uuid4())
    hashed_password = sha256_crypt.encrypt(request.json['password'] + salt)
    model.change_password(request.json['session_id'], hashed_password, salt)
    model.sign_out_user(request.json['session_id'])
    return {'message': "Successfully changed password"}


def buy_banking_license(json_request):
    check_missing_attributes(json_request, ['session_id'])
    user_id = model.get_user_id_by_session_id(json_request['session_id'])
    if model.user_has_banking_license(user_id):
        raise PreconditionFailed('You already have a banking license.')
    price = model.global_control_value('banking_license_price')
    if model.user_money(user_id) < price:
        raise PreconditionFailed('You do not have enough money.')
    model.send_ownable(user_id, model.bank_id(), model.currency_id(), price)
    model.assign_banking_licence(user_id)
    return {'message': "Successfully bought banking license"}


def news(_json_request):
    return {'data': model.news()}


def tradables(_json_request):
    return {'data': model.ownables()}


def trades(json_request):
    check_missing_attributes(json_request, ['session_id', 'limit'])
    return {'data': model.trades(model.get_user_id_by_session_id(request.json['session_id']), request.json['limit'])}


def trades_on(json_request):
    check_missing_attributes(json_request, ['session_id', 'ownable', 'limit'])
    if not model.ownable_name_exists(request.json['ownable']):
        return BadRequest('This kind of object can not have transactions.')
    return {'data': model.trades_on(model.ownable_id_by_name(request.json['ownable']), request.json['limit'])}


def leaderboard(_json_request):
    return {'data': model.leaderboard()}


def take_out_personal_loan(json_request):
    check_missing_attributes(json_request, ['session_id', 'amount', ])
    amount = json_request['amount']
    if not isinstance(amount, float) or amount <= 0:
        raise BadRequest('Amount must be a number larger than 0')
    user_id = model.get_user_id_by_session_id(json_request['session_id'])
    model.take_out_personal_loan(user_id, amount)
    return {'message': "Successfully took out personal loan"}


def repay_loan(json_request):
    check_missing_attributes(json_request, ['session_id', 'amount', 'loan_id'])
    amount = json_request['amount']
    user_id = model.get_user_id_by_session_id(json_request['session_id'])
    loan_id = json_request['loan_id']
    if amount == 'all':
        amount = model.loan_remaining_amount(loan_id)
    if amount < 0:
        raise BadRequest('You can not repay negative amounts.')
    if model.user_money(user_id) < amount:
        raise PreconditionFailed('You do not have enough money.')
    if not model.loan_id_exists(loan_id) or model.loan_recipient_id(loan_id) != user_id:
        raise NotFound(f'You do not have a loan with that id.')
    loan_volume = model.loan_remaining_amount(loan_id)
    if loan_volume < amount:
        raise PreconditionFailed(f'You can not repay more than the remaining loan volume of {loan_volume}.')
    model.repay_loan(loan_id, amount, known_user_id=user_id)
    return {'message': "Successfully repayed loan"}


def before_request(_json_request):
    # pay interest rates for loans
    model.pay_loan_interest()