eren
/
Orderer


			
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239
							import json
from bottle import request, response
import model
from debug import debug
from passlib.hash import sha256_crypt

from util import salt


def missing_attributes(attributes):
    for attr in attributes:
        if attr not in request.json or request.json[attr] == '' or request.json[attr] is None:
            if str(attr) == 'session_id':
                return 'You are not signed in.'
            return 'Missing value for attribute ' + str(attr)
        if str(attr) == 'session_id':
            if not model.valid_session_id(request.json['session_id']):
                return 'You are not signed in.'
    return False


def login():
    missing = missing_attributes(['username', 'password'])
    if missing:
        return bad_request(missing)
    username = request.json['username']
    password = request.json['password']
    session_id = model.login(username, password)
    if session_id:
        return {'session_id': session_id}
    else:
        return forbidden('Invalid login data')


def depot():
    missing = missing_attributes(['session_id'])
    if missing:
        return bad_request(missing)
    user_id = model.get_user_id_by_session_id(request.json['session_id'])
    return {'data': model.get_user_ownership(user_id),
            'own_wealth': model.user_wealth(user_id)}


def register():
    missing = missing_attributes(['username', 'password'])
    if missing:
        return bad_request(missing)
    username = request.json['username'].strip()
    if username == '':
        return bad_request('Username can not be empty.')
    hashed_password = sha256_crypt.encrypt(request.json['password'] + salt)
    if model.user_exists(username):
        return bad_request('User already exists.')
    game_key = ''
    if 'game_key' in request.json:
        game_key = request.json['game_key'].strip().upper()
        if game_key != '' and game_key not in model.unused_keys():
            return bad_request('Game key is not valid.')
    if model.register(username, hashed_password, game_key):
        return {'message': "successfully registered user"}
    else:
        return bad_request('registration not successful')


def activate_key():
    missing = missing_attributes(['key', 'session_id'])
    if missing:
        return bad_request(missing)
    if model.valid_key(request.json['key']):
        user_id = model.get_user_id_by_session_id(request.json['session_id'])
        model.activate_key(request.json['key'], user_id)
        return {'message': "successfully activated key"}
    else:
        return bad_request('Invalid key.')


def order():
    missing = missing_attributes(['buy', 'session_id', 'amount', 'ownable', 'time_until_expiration'])
    if missing:
        return bad_request(missing)
    if not model.ownable_name_exists(request.json['ownable']):
        return bad_request('This kind of object can not be ordered.')

    buy = request.json['buy']
    sell = not buy
    session_id = request.json['session_id']
    amount = request.json['amount']
    try:
        amount = int(amount)
    except ValueError:
        return bad_request('Invalid amount.')
    if amount < 0:
        return bad_request('You can not order a negative amount.')
    if amount < 1:
        return bad_request('The minimum order size is 1.')
    ownable_name = request.json['ownable']
    time_until_expiration = float(request.json['time_until_expiration'])
    if time_until_expiration < 0:
        return bad_request('Invalid expiration time.')
    ownable_id = model.ownable_id_by_name(ownable_name)
    user_id = model.get_user_id_by_session_id(session_id)
    model.own(user_id, ownable_name)
    ownership_id = model.get_ownership_id(ownable_id, user_id)

    try:
        if request.json['limit'] == '':
            limit = None
        elif request.json['limit'] is None:
            limit = None
        else:
            limit = float(request.json['limit'])
    except ValueError:  # for example when float fails
        limit = None
    except KeyError:  # for example when limit was not specified
        limit = None

    try:
        if request.json['stop_loss'] == '':
            stop_loss = None
        elif request.json['stop_loss'] is None:
            stop_loss = None
        else:
            stop_loss = 'stop_loss' in request.json and request.json['stop_loss']
        if stop_loss is not None and limit is None:
            return bad_request('Can only set stop-loss for limit orders')
    except KeyError:  # for example when stop_loss was not specified
        stop_loss = None

    if sell:
        if not model.user_owns_at_least(amount, user_id, ownable_id):
            return bad_request('You can not sell more than you own.')

    model.place_order(buy, ownership_id, limit, stop_loss, amount, time_until_expiration)
    return {'message': "Order placed."}


def gift():
    missing = missing_attributes(['session_id', 'amount', 'object_name', 'username'])
    if missing:
        return bad_request(missing)
    if not model.ownable_name_exists(request.json['object_name']):
        return bad_request('This kind of object can not be given away.')
    if request.json['username'] == 'bank' or not model.user_exists(request.json['username']):
        return bad_request('There is no user with this name.')
    try:
        amount = float(request.json['amount'])
    except ValueError:
        return bad_request('Invalid amount.')
    ownable_id = model.ownable_id_by_name(request.json['object_name'])
    sender_id = model.get_user_id_by_session_id(request.json['session_id'])
    recipient_id = model.get_user_id_by_name(request.json['username'])
    if not model.user_owns_at_least(amount, sender_id, ownable_id):
        amount = model.available_amount(sender_id, ownable_id)

    model.send_ownable(sender_id, recipient_id, request.json['object_name'], amount)

    return {'message': "Gift sent."}


def orders():
    missing = missing_attributes(['session_id'])
    if missing:
        return bad_request(missing)
    data = model.get_user_orders(model.get_user_id_by_session_id(request.json['session_id']))
    return {'data': data}


def orders_on():
    missing = missing_attributes(['session_id', 'ownable'])
    if missing:
        return bad_request(missing)
    if not model.ownable_name_exists(request.json['ownable']):
        return bad_request('This kind of object can not be ordered.')
    data = model.get_ownable_orders(model.ownable_id_by_name(request.json['ownable']))
    return {'data': data}


def cancel_order():
    missing = missing_attributes(['session_id', 'order_id'])
    if missing:
        return bad_request(missing)
    if not model.user_has_order_with_id(request.json['session_id'], request.json['order_id']):
        return bad_request('You do not have an order with that number.')
    model.delete_order(request.json['order_id'])
    return {'message': "Successfully deleted order"}


def change_password():
    missing = missing_attributes(['session_id', 'password'])
    if missing:
        return bad_request(missing)
    hashed_password = sha256_crypt.encrypt(request.json['password'] + salt)
    model.change_password(request.json['session_id'], hashed_password)
    model.sign_out_user(request.json['session_id'])
    return {'message': "Successfully changed password"}


def news():
    return {'data': model.news()}


def transactions():
    missing = missing_attributes(['session_id', 'ownable'])
    if missing:
        return bad_request(missing)
    if not model.ownable_name_exists(request.json['ownable']):
        return bad_request('This kind of object can not have transactions.')
    return {'data': model.transactions(model.ownable_id_by_name(request.json['ownable']))}


def leaderboard():
    missing = missing_attributes(['session_id'])
    if missing:
        return bad_request(missing)
    return {'data': model.leaderboard()}


def not_found(msg=''):
    response.status = 404
    if debug:
        msg = str(response.status) + ': ' + msg
    response.content_type = 'application/json'
    return json.dumps({"error_message": msg})


def forbidden(msg=''):
    response.status = 403
    if debug:
        msg = str(response.status) + ': ' + msg
    response.content_type = 'application/json'
    return json.dumps({"error_message": msg})


def bad_request(msg=''):
    response.status = 400
    if debug:
        msg = str(response.status) + ': ' + msg
    response.content_type = 'application/json'
    return json.dumps({"error_message": msg})