Merge branch 'importBankStatements' into 'master'

Script for importing bank statements

See merge request !46

Gemfile

@@ -22,6 +22,8 @@ gem 'composite_primary_keys', '~>11.0'
 
 gem 'rest-client'
 
+gem 'nokogiri'
+
 group :development do
   gem 'rerun'
   gem 'sqlite3', '< 1.4'

Gemfile.lock

@@ -189,6 +189,7 @@ DEPENDENCIES
   delayed_cron_job
   delayed_job_active_record
   libcdb-ruby
+  nokogiri
   pg
   rack-test
   rerun
@@ -206,4 +207,4 @@ DEPENDENCIES
   xmlenc
 
 BUNDLED WITH
-   1.16.1
+   1.17.3

lib/iapi/authenticator.rb

@@ -191,6 +191,7 @@ class Authenticator
           '/resource/list',
           '/resource/schema',
           '/users_admin/reserved_identifiers',
+          '/global_transaction/get',
         ],
         'post' => [
           '/users_admin/update',
@@ -214,7 +215,9 @@ class Authenticator
           '/resource/add_owner',
           '/resource/remove_owner',
           '/users_admin/release_reserved_identifier',
+          '/global_transaction/get_fresh_key',
           '/global_transaction/add',
+          '/user_transaction/add',
         ],
       }
     },

lib/iapi/routes/transaction.rb

@@ -12,6 +12,7 @@ class IApi < Sinatra::Base
   namespace '/global_transaction' do
     post '/add' do
       scope = parsed_body['scope']
+      allow_update = !!parsed_body['allow_update']
       unless (verify_acl(scope, [], ['bill']))
         return client_error('invalid_scope')
       end
@@ -28,12 +29,12 @@ class IApi < Sinatra::Base
       if res.empty?
         # keys must be reserved first to prevent enumeration and races
         client_error('failed')
-      elsif !res.first.value.present?
+      elsif !res.first.value.present? || allow_update
         res = res.first
-        res.ttl = ttl
+        res.remove_at = Time.now + ttl.days
         res.value = Base64.encode64(value)
         res.created_at = Time.now
-        res.update!
+        res.save!
         json result: 'success'
       else
         client_error('failed')
@@ -48,10 +49,13 @@ class IApi < Sinatra::Base
 
       key = params['key']
       res = GlobalTransaction.where(scope: scope, key: key)
-      if res.empty? || !res.first.value.present?
-        return json result: 'success', notfound: true
+      if res.empty?
+        return json result: 'success', status: "invalid"
+      end
+      if !res.first.value.present?
+        return json result: 'success', status: "empty"
       end
-      return json result: 'success', value: Base64.decode64(res.first.value).force_encoding("utf-8")
+      return json result: 'success', status: "present", value: Base64.decode64(res.first.value).force_encoding("utf-8")
     end
 
     post '/get_fresh_key' do
@@ -115,17 +119,26 @@ class IApi < Sinatra::Base
       unless (verify_acl(scope, ['bill']))
         return client_error('invalid_scope')
       end
+      user = authenticated_user
 
+      if IApiConf.acl.has_access_to_admin_api?(authenticated_user.email) &&
+          parsed_body['target_user'].present?
+        user = EmailUser.by_email(parsed_body['target_user'])
+        unless user
+          return client_error('invalid_target_user')
+        end
+      end
+      key = user.iapi_public_key
       value = parsed_body['value']
       ttl = parsed_body['ttl']
       ttl = ttl.to_i if ttl.present?
-      data = {email_user: authenticated_user, scope: scope, value: value}
+      data = {email_user: user, scope: scope, value: value}
       if ttl.present?
         data[:remove_at] = Time.now + ttl.days
       end
-      if api_user_public_key
+      if key
         data[:value] = Sodium::Box.close(
-          api_user_public_key,
+          key,
           IApiConf.transaction_log_key.sec, data[:value])
         data[:encrypted] = true
       end

scripts/import-bill-transaction

-#!/bin/env ruby
-
-$LOAD_PATH.unshift(File.expand_path('../../lib', __FILE__))
-require 'iapi'
-
-ActiveRecord::Base.establish_connection(IApiConf.user_db)
-
-ref = (ARGV[0]||'').gsub(" ","").upcase
-currency = (ARGV[1]||'').upcase
-amount = ARGV[2].to_f
-
-unless ref =~ /^RF\d\d/
-  puts "invalid reference #{ref}"
-  exit 1
-end
-
-unless ["CHF"].include?(currency)
-  puts "invalid currency #{currency}"
-  exit 1
-end
-
-unless amount > 0.0
-  puts "invalid amont #{amount}"
-  exit 1
-end
-
-ref = ref[4..-1]
-
-t = GlobalTransaction.where(scope: 'bill', key: ref)
-if t.empty?
-  puts "transaction for #{ref} could not be found"
-  exit 1
-end
-t = t.last
-t.value = Base64.encode64({currency: currency, amount: amount, status: 'paid'}.to_yaml)
-t.save!