Commits

Mikhail Korobov committed c8cd425

Suspicious field

Comments (0)

Files changed (6)

     list_display = ['name', 'data_url', 'accept_url', 'reject_url', 'netcash_ip']
 
 class NetcashOrderAdmin(admin.ModelAdmin):
-    list_display = ['Reference', 'created_at', 'updated_at', 'Amount', 'Reason', 'RETC', 'request_ip', 'TransactionAccepted']
-    list_filter = ['TransactionAccepted']
+    list_display = ['Reference', 'created_at', 'updated_at', 'Amount',
+                    'Reason', 'RETC', 'request_ip', 'TransactionAccepted', 'suspicious']
+    list_filter = ['TransactionAccepted', 'suspicious']
     search_fields = ['Reference']
     date_hierarchy = 'created_at'
 

netcash/migrations/0006_add_suspicious.py

+# encoding: utf-8
+import datetime
+from south.db import db
+from south.v2 import SchemaMigration
+from django.db import models
+
+class Migration(SchemaMigration):
+
+    def forwards(self, orm):
+        
+        # Adding field 'NetcashOrder.suspicious'
+        db.add_column('netcash_netcashorder', 'suspicious', self.gf('django.db.models.fields.NullBooleanField')(default=None, null=True, blank=True), keep_default=False)
+
+
+    def backwards(self, orm):
+        
+        # Deleting field 'NetcashOrder.suspicious'
+        db.delete_column('netcash_netcashorder', 'suspicious')
+
+
+    models = {
+        'netcash.netcashgateway': {
+            'Meta': {'object_name': 'NetcashGateway'},
+            'id': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'name': ('django.db.models.fields.CharField', [], {'default': "'gateway'", 'max_length': '50'}),
+            'netcash_ip': ('django.db.models.fields.IPAddressField', [], {'max_length': '15', 'null': 'True', 'blank': 'True'}),
+            'secret': ('django.db.models.fields.CharField', [], {'max_length': '40'})
+        },
+        'netcash.netcashorder': {
+            'Amount': ('django.db.models.fields.DecimalField', [], {'null': 'True', 'max_digits': '12', 'decimal_places': '2', 'blank': 'True'}),
+            'CardHolderIpAddr': ('django.db.models.fields.IPAddressField', [], {'max_length': '15', 'null': 'True', 'blank': 'True'}),
+            'Extra1': ('django.db.models.fields.CharField', [], {'max_length': '50', 'null': 'True', 'blank': 'True'}),
+            'Extra2': ('django.db.models.fields.CharField', [], {'max_length': '50', 'null': 'True', 'blank': 'True'}),
+            'Extra3': ('django.db.models.fields.CharField', [], {'max_length': '50', 'null': 'True', 'blank': 'True'}),
+            'Meta': {'object_name': 'NetcashOrder'},
+            'RETC': ('django.db.models.fields.CharField', [], {'max_length': '25', 'null': 'True', 'blank': 'True'}),
+            'Reason': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),
+            'Reference': ('django.db.models.fields.AutoField', [], {'primary_key': 'True'}),
+            'TransactionAccepted': ('django.db.models.fields.NullBooleanField', [], {'default': 'None', 'null': 'True', 'blank': 'True'}),
+            'created_at': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'}),
+            'debug_info': ('django.db.models.fields.CharField', [], {'max_length': '255', 'null': 'True', 'blank': 'True'}),
+            'gateway': ('django.db.models.fields.related.ForeignKey', [], {'to': "orm['netcash.NetcashGateway']", 'null': 'True', 'blank': 'True'}),
+            'request_ip': ('django.db.models.fields.IPAddressField', [], {'max_length': '15', 'null': 'True', 'blank': 'True'}),
+            'suspicious': ('django.db.models.fields.NullBooleanField', [], {'default': 'None', 'null': 'True', 'blank': 'True'}),
+            'updated_at': ('django.db.models.fields.DateTimeField', [], {'default': 'datetime.datetime.now'})
+        }
+    }
+
+    complete_apps = ['netcash']

netcash/models.py

     gateway = models.ForeignKey(NetcashGateway, null=True, blank=True)
     request_ip = models.IPAddressField(null=True, blank=True)
     debug_info = models.CharField(max_length=255, null=True, blank=True)
+    suspicious = models.NullBooleanField(default=None)
 
     def save(self, *args, **kwargs):
         self.updated_at = datetime.now()
             'p4': 100,
         })
         reference = str(form.order.pk)
+        self.assertEqual(form.order.suspicious, None)
 
         self.assertFalse(data_handler.called)
 
         self.assertEqual(order.RETC, '123')
         self.assertEqual(order.gateway, self.gateway)
         self.assertEqual(order.request_ip, '127.0.0.1')
+        self.assertEqual(order.suspicious, False)
 
         self.assertTrue(data_handler.called)
         self.assertEqual(data_handler.order, order)
     gateway = get_object_or_404(NetcashGateway, secret=secret)
     ip = request.META.get(NETCASH_IP_HEADER, None)
     reference = request.POST.get('Reference', None)
+    order = get_object_or_404(NetcashOrder, pk=reference)
 
     if gateway.netcash_ip:
         # deny query if it come from untrusted ip
         if ip != gateway.netcash_ip:
+            order.request_ip = ip
+            order.debug_info = 'untrusted ip: %s != %s' % (gateway.netcash_ip, ip)
+            order.suspicious = True
+            order.save()
             raise Http404
 
-    order = get_object_or_404(NetcashOrder, pk=reference)
     form = DataHandlerForm(request.POST, instance = order)
     if form.is_valid():
         order = form.save(commit=False)
+        order.request_ip = ip
         order.gateway = gateway
-        order.request_ip = ip
         order.debug_info = request.raw_post_data
+        order.suspicious = False
         order.save()
         signals.data.send(sender = data_handler, order=order)
         return HttpResponse()
 
     errors = form.plain_errors()[:255]
     order.debug_info = errors
+    order.suspicious = True
     order.save()
     return HttpResponse(errors)
 
 
 setup(
     name='django-netcash',
-    version='0.1.6',
+    version='0.1.7',
     author='Mikhail Korobov',
     author_email='kmike84@gmail.com',