import uuid from datetime import timedelta, datetime from math import ceil, floor from bottle import request from passlib.hash import sha256_crypt import model from connection import check_missing_attributes, BadRequest, Forbidden, PreconditionFailed, NotFound def missing_attributes(attributes): for attr in attributes: if attr not in request.json or request.json[attr] == '' or request.json[attr] is None: if str(attr) == 'session_id': return 'You are not signed in.' return 'Missing value for attribute ' + str(attr) if str(attr) == 'session_id': if not model.valid_session_id(request.json['session_id']): return 'You are not signed in.' return False def login(json_request): check_missing_attributes(json_request, ['username', 'password']) username = request.json['username'] password = request.json['password'] session_id = model.login(username, password) if session_id: return {'session_id': session_id} else: return Forbidden('Invalid login data') def depot(json_request): check_missing_attributes(json_request, ['session_id']) user_id = model.get_user_id_by_session_id(request.json['session_id']) return {'data': model.get_user_ownership(user_id), 'own_wealth': f'{model.user_wealth(user_id):.2f}', 'banking_license': model.user_has_banking_license(user_id)} def global_variables(_json_request): return model.global_control_values() def register(json_request): check_missing_attributes(json_request, ['username', 'password']) username = request.json['username'].strip() if username == '': return BadRequest('Username can not be empty.') if model.user_exists(username): return BadRequest('User already exists.') game_key = '' if 'game_key' in request.json: game_key = request.json['game_key'].strip().upper() if game_key != '' and not model.valid_key(game_key): return BadRequest('Game key is not valid.') if model.register(username, request.json['password'], game_key): return {'message': "successfully registered user"} else: return BadRequest('Registration not successful') def activate_key(json_request): check_missing_attributes(json_request, ['key', 'session_id']) if model.valid_key(request.json['key']): user_id = model.get_user_id_by_session_id(request.json['session_id']) model.activate_key(request.json['key'], user_id) return {'message': "successfully activated key"} else: return BadRequest('Invalid key.') def order(json_request): check_missing_attributes(json_request, ['buy', 'session_id', 'amount', 'ownable', 'time_until_expiration']) if not model.ownable_name_exists(request.json['ownable']): return BadRequest('This kind of object can not be ordered.') buy = request.json['buy'] sell = not buy if not isinstance(buy, bool): return BadRequest('`buy` must be a boolean') session_id = request.json['session_id'] amount = request.json['amount'] try: amount = int(amount) except ValueError: return BadRequest('Invalid amount.') if amount < 0: return BadRequest('You can not order a negative amount.') if amount < 1: return BadRequest('The minimum order size is 1.') ownable_name = request.json['ownable'] time_until_expiration = float(request.json['time_until_expiration']) if time_until_expiration < 0: return BadRequest('Invalid expiration time.') ownable_id = model.ownable_id_by_name(ownable_name) user_id = model.get_user_id_by_session_id(session_id) model.own(user_id, ownable_name) ownership_id = model.get_ownership_id(ownable_id, user_id) try: if request.json['limit'] == '': limit = None elif request.json['limit'] is None: limit = None else: if buy: limit = floor(float(request.json['limit']) * 10000) / 10000 else: limit = ceil(float(request.json['limit']) * 10000) / 10000 except ValueError: # for example when float fails return BadRequest('Invalid limit.') except KeyError: # for example when limit was not specified limit = None if limit < 0: return BadRequest('Limit must not be negative.') try: if request.json['stop_loss'] == '': stop_loss = None elif request.json['stop_loss'] is None: stop_loss = None else: stop_loss = 'stop_loss' in request.json and request.json['stop_loss'] if stop_loss is not None and limit is None: return BadRequest('Can only set stop-loss for limit orders') except KeyError: # for example when stop_loss was not specified stop_loss = None if sell: if not model.user_has_at_least_available(amount, user_id, ownable_id): return BadRequest('You can not sell more than you own.') try: expiry = datetime.strptime(model.current_db_time(), '%Y-%m-%d %H:%M:%S') + \ timedelta(minutes=time_until_expiration) except OverflowError: return BadRequest('The expiration time is too far in the future.') model.place_order(buy, ownership_id, limit, stop_loss, amount, expiry) return {'message': "Order placed."} def gift(json_request): check_missing_attributes(json_request, ['session_id', 'amount', 'object_name', 'username']) if not model.ownable_name_exists(request.json['object_name']): return BadRequest('This kind of object can not be given away.') if request.json['username'] == 'bank' or not model.user_exists(request.json['username']): return BadRequest('There is no user with this name.') try: amount = float(request.json['amount']) except ValueError: return BadRequest('Invalid amount.') ownable_id = model.ownable_id_by_name(request.json['object_name']) sender_id = model.get_user_id_by_session_id(request.json['session_id']) if model.available_amount(sender_id, ownable_id) == 0: return BadRequest('You do not own any of these.') if not model.user_has_at_least_available(amount, sender_id, ownable_id): # for example if you have a 1.23532143213 Kollar and want to give them all away amount = model.available_amount(sender_id, ownable_id) recipient_id = model.get_user_id_by_name(request.json['username']) model.send_ownable(sender_id, recipient_id, ownable_id, amount) return {'message': "Gift sent."} def orders(json_request): check_missing_attributes(json_request, ['session_id']) data = model.get_user_orders(model.get_user_id_by_session_id(request.json['session_id'])) return {'data': data} def loans(json_request): check_missing_attributes(json_request, ['session_id']) data = model.get_user_loans(model.get_user_id_by_session_id(request.json['session_id'])) return {'data': data} def orders_on(json_request): check_missing_attributes(json_request, ['session_id', 'ownable']) if not model.ownable_name_exists(request.json['ownable']): return BadRequest('This kind of object can not be ordered.') user_id = model.get_user_id_by_session_id(request.json['session_id']) ownable_id = model.ownable_id_by_name(request.json['ownable']) data = model.get_ownable_orders(user_id, ownable_id) return {'data': data} def old_orders(json_request): check_missing_attributes(json_request, ['session_id', 'include_canceled', 'include_executed', 'limit']) include_executed = request.json['include_executed'] include_canceled = request.json['include_canceled'] user_id = model.get_user_id_by_session_id(request.json['session_id']) limit = request.json['limit'] data = model.get_old_orders(user_id, include_executed, include_canceled, limit) return {'data': data} def cancel_order(json_request): check_missing_attributes(json_request, ['session_id', 'order_id']) if not model.user_has_order_with_id(request.json['session_id'], request.json['order_id']): return BadRequest('You do not have an order with that number.') model.delete_order(request.json['order_id'], 'Canceled') return {'message': "Successfully deleted order"} def change_password(json_request): check_missing_attributes(json_request, ['session_id', 'password']) salt = str(uuid.uuid4()) hashed_password = sha256_crypt.encrypt(request.json['password'] + salt) model.change_password(request.json['session_id'], hashed_password, salt) model.sign_out_user(request.json['session_id']) return {'message': "Successfully changed password"} def buy_banking_license(json_request): check_missing_attributes(json_request, ['session_id']) user_id = model.get_user_id_by_session_id(json_request['session_id']) if model.user_has_banking_license(user_id): raise PreconditionFailed('You already have a banking license.') price = model.global_control_value('banking_license_price') if model.user_money(user_id) < price: raise PreconditionFailed('You do not have enough money.') model.send_ownable(user_id, model.bank_id(), model.currency_id(), price) model.assign_banking_licence(user_id) return {'message': "Successfully bought banking license"} def news(_json_request): return {'data': model.news()} def tradables(_json_request): return {'data': model.ownables()} def trades(json_request): check_missing_attributes(json_request, ['session_id', 'limit']) return {'data': model.trades(model.get_user_id_by_session_id(request.json['session_id']), request.json['limit'])} def trades_on(json_request): check_missing_attributes(json_request, ['session_id', 'ownable', 'limit']) if not model.ownable_name_exists(request.json['ownable']): return BadRequest('This kind of object can not have transactions.') return {'data': model.trades_on(model.ownable_id_by_name(request.json['ownable']), request.json['limit'])} def leaderboard(_json_request): return {'data': model.leaderboard()} def take_out_personal_loan(json_request): check_missing_attributes(json_request, ['session_id', 'amount', ]) amount = json_request['amount'] if not isinstance(amount, float) or amount <= 0: raise BadRequest('Amount must be a number larger than 0') user_id = model.get_user_id_by_session_id(json_request['session_id']) model.take_out_personal_loan(user_id, amount) return {'message': "Successfully took out personal loan"} def repay_loan(json_request): check_missing_attributes(json_request, ['session_id', 'amount', 'loan_id']) amount = json_request['amount'] user_id = model.get_user_id_by_session_id(json_request['session_id']) loan_id = json_request['loan_id'] if amount == 'all': amount = model.loan_remaining_amount(loan_id) if amount < 0: raise BadRequest('You can not repay negative amounts.') if model.user_money(user_id) < amount: raise PreconditionFailed('You do not have enough money.') if not model.loan_id_exists(loan_id) or model.loan_recipient_id(loan_id) != user_id: raise NotFound(f'You do not have a loan with that id.') loan_volume = model.loan_remaining_amount(loan_id) if loan_volume < amount: raise PreconditionFailed(f'You can not repay more than the remaining loan volume of {loan_volume}.') model.repay_loan(loan_id, amount, known_user_id=user_id) return {'message': "Successfully repayed loan"} def before_request(_json_request): # pay interest rates for loans model.pay_loan_interest()