2017-04-06 21:43:27 +00:00
package Pear::LocalLoop::Controller::Api::Admin ;
2017-02-24 19:27:43 +00:00
use Mojo::Base 'Mojolicious::Controller' ;
2017-04-21 13:14:51 +00:00
has error_messages = > sub {
return {
pending_organisation_id = > {
required = > { message = > 'pending_organisation_id is missing' , status = > 400 } ,
number = > { message = > 'pending_organisation_id is not a number' , status = > 400 } ,
in_resultset = > { message = > 'pending_organisation_id does not exist in the database' , status = > 400 } ,
} ,
postcode = > {
postcode = > { message = > 'postcode is not a valid uk postcode' , status = > 400 } ,
} ,
} ;
} ;
2017-02-24 19:27:43 +00:00
2017-04-20 00:27:18 +00:00
sub auth {
my $ c = shift ;
if ( defined $ c - > stash - > { api_user } - > administrator ) {
return 1 ;
}
$ c - > render (
json = > {
success = > Mojo::JSON - > false ,
message = > 'Not Authorised' ,
} ,
status = > 403 ,
) ;
return 0 ;
}
2017-02-24 19:27:43 +00:00
sub post_admin_approve {
2017-04-20 00:27:18 +00:00
my $ c = shift ;
my $ self = $ c ;
2017-04-21 13:14:51 +00:00
my $ validation = $ c - > validation ;
$ validation - > input ( $ c - > stash - > { api_json } ) ;
my $ pending_org_rs = $ c - > schema - > resultset ( 'PendingOrganisation' ) ;
$ validation - > required ( 'pending_organisation_id' ) - > number - > in_resultset ( 'id' , $ pending_org_rs ) ;
$ validation - > optional ( 'name' ) ;
$ validation - > optional ( 'street_name' ) ;
$ validation - > optional ( 'town' ) ;
$ validation - > optional ( 'postcode' ) - > postcode ;
return $ c - > api_validation_error if $ validation - > has_error ;
my $ pending_org = $ pending_org_rs - > find ( $ validation - > param ( 'pending_organisation_id' ) ) ;
my $ valid_org = $ c - > schema - > resultset ( 'Organisation' ) - > create ( {
name = > $ validation - > param ( 'name' ) || $ pending_org - > name ,
street_name = > $ validation - > param ( 'street_name' ) || $ pending_org - > street_name ,
town = > $ validation - > param ( 'town' ) || $ pending_org - > town ,
postcode = > $ validation - > param ( 'postcode' ) || $ pending_org - > postcode ,
} ) ;
my $ pending_transaction_rs = $ pending_org - > pending_transactions ;
while ( my $ pending_transaction = $ pending_transaction_rs - > next ) {
$ valid_org - > create_related (
'transactions' , {
buyeruserid_fk = > $ pending_transaction - > buyeruserid_fk ,
valuemicrocurrency = > $ pending_transaction - > valuemicrocurrency ,
proofimage = > $ pending_transaction - > proofimage ,
timedatesubmitted = > $ pending_transaction - > timedatesubmitted ,
}
) ;
2017-02-24 19:27:43 +00:00
}
2017-04-21 13:14:51 +00:00
$ pending_org - > delete ;
2017-02-24 19:27:43 +00:00
2017-04-21 13:14:51 +00:00
return $ self - > render (
json = > {
success = > Mojo::JSON - > true ,
message = > 'Successfully Approved Organisation' ,
2017-02-24 19:27:43 +00:00
} ,
2017-04-21 13:14:51 +00:00
status = > 200 ,
) ;
2017-02-24 19:27:43 +00:00
}
2017-03-06 03:35:49 +00:00
sub post_admin_merge {
my $ self = shift ;
my $ userId = $ self - > get_active_user_id ( ) ;
if ( ! $ self - > is_admin ( $ userId ) ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'You are not an admin.' ,
} ,
status = > 403 , ) ; #Forbidden request
}
my $ json = $ self - > req - > json ;
if ( ! defined $ json ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'JSON is missing.' ,
} ,
status = > 400 , ) ; #Malformed request
}
my $ unvalidatedOrganisationId = $ json - > { unvalidatedOrganisationId } ;
if ( ! defined $ unvalidatedOrganisationId ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'unvalidatedOrganisationId is missing.' ,
} ,
status = > 400 , ) ; #Malformed request
}
elsif ( ! Scalar::Util:: looks_like_number ( $ unvalidatedOrganisationId ) ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'unvalidatedOrganisationId does not look like a number.' ,
} ,
status = > 400 , ) ; #Malformed request
}
my $ validatedOrganisationId = $ json - > { validatedOrganisationId } ;
if ( ! defined $ validatedOrganisationId ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'validatedOrganisationId is missing.' ,
} ,
status = > 400 , ) ; #Malformed request
}
elsif ( ! Scalar::Util:: looks_like_number ( $ validatedOrganisationId ) ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'validatedOrganisationId does not look like a number.' ,
} ,
status = > 400 , ) ; #Malformed request
}
#FIXME This requires mutual exclusion.
my $ doesUnvalidatedIdNotExist = ( $ self - > db - > selectrow_array ( "SELECT COUNT(*) FROM PendingOrganisations WHERE PendingOrganisationId = ?" , undef , ( $ unvalidatedOrganisationId ) ) == 0 ) ;
if ( $ doesUnvalidatedIdNotExist ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'unvalidatedOrganisationId does not exist in the database.' ,
} ,
status = > 400 , ) ; #Malformed request
}
my $ doesValidatedIdNotExist = ( $ self - > db - > selectrow_array ( "SELECT COUNT(*) FROM Organisations WHERE OrganisationalId = ?" , undef , ( $ validatedOrganisationId ) ) == 0 ) ;
if ( $ doesValidatedIdNotExist ) {
$ self - > app - > log - > debug ( 'Path Error: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > false ,
message = > 'validatedOrganisationId does not exist in the database.' ,
} ,
status = > 400 , ) ; #Malformed request
}
#FIXME there may be race conditions here, so may get the wrong number, mutux is needed.
my $ statementSelectPendingTrans = $ self - > db - > prepare ( "SELECT BuyerUserId_FK, ValueMicroCurrency, ProofImage, TimeDateSubmitted FROM PendingTransactions WHERE PendingSellerOrganisationId_FK = ?" ) ;
$ statementSelectPendingTrans - > execute ( $ unvalidatedOrganisationId ) ;
my $ statementInsTrans = $ self - > db - > prepare ( "INSERT INTO Transactions (BuyerUserId_FK, SellerOrganisationId_FK, ValueMicroCurrency, ProofImage, TimeDateSubmitted) VALUES (?, ?, ?, ?, ?)" ) ;
#Move all transactions from pending onto verified.
while ( my ( $ buyerUserId , $ value , $ imgName , $ timeDate ) = $ statementSelectPendingTrans - > fetchrow_array ( ) ) {
$ statementInsTrans - > execute ( $ buyerUserId , $ validatedOrganisationId , $ value , $ imgName , $ timeDate ) ;
}
#Delete transactions first, so there is no dependancy when deleting the row from PendingOrganisations.
$ self - > db - > prepare ( "DELETE FROM PendingTransactions WHERE PendingSellerOrganisationId_FK = ?" ) - > execute ( $ unvalidatedOrganisationId ) ;
$ self - > db - > prepare ( "DELETE FROM PendingOrganisations WHERE PendingOrganisationId = ?" ) - > execute ( $ unvalidatedOrganisationId ) ;
$ self - > app - > log - > debug ( 'Path Success: file:' . __FILE__ . ', line: ' . __LINE__ ) ;
return $ self - > render ( json = > {
success = > Mojo::JSON - > true ,
} ,
status = > 200 , ) ;
}
2017-03-02 15:46:35 +00:00
2017-03-05 17:32:38 +00:00
2017-02-24 19:27:43 +00:00
1 ;