Updated plaid connection view to handle various plaid errors. Updated Plaid connection to only allow connecting to account ids which the user has access.
This commit is contained in:
DJ Gillespie
parent
b5b9604e63
commit
1e80dfd7fd
@ -42,25 +42,36 @@ class ConnectionViewSet(viewsets.ModelViewSet):
|
||||
return Response(
|
||||
status=status.HTTP_400_BAD_REQUEST,
|
||||
data="ERROR: missing account_id")
|
||||
accounts = Account.objects.filter(pk=account_id)
|
||||
|
||||
user = request.user
|
||||
# Filter out any accounts with the right id, but the given user
|
||||
# is not an owner or admin on that account.
|
||||
accounts = (Account.objects.filter(pk=account_id, owner=user) |
|
||||
Account.objects.filter(pk=account_id,
|
||||
admin_users__in=[user]))
|
||||
if not accounts:
|
||||
return Response(
|
||||
status=status.HTTP_400_BAD_REQUEST,
|
||||
data="ERROR: invalid account_id")
|
||||
data="ERROR: Account ID not found")
|
||||
else:
|
||||
print(f"Account Found: {accounts[0]}")
|
||||
account = accounts[0]
|
||||
print(request)
|
||||
plaid = importlib.import_module(f"connection.connections.plaid_client")
|
||||
conn_type = ConnectionType.objects.get(name="Plaid")
|
||||
try:
|
||||
plaid_client = plaid.Connection(request.data)
|
||||
except ValueError:
|
||||
return Response(status=status.HTTP_503,
|
||||
data="ERROR: Invalid public_token")
|
||||
except Exception:
|
||||
return Response(status=status.HTTP_500,
|
||||
data="ERROR: Unable to contact Plaid")
|
||||
conn, created = Connection.objects \
|
||||
.get_or_create(name=name, type=conn_type,
|
||||
defaults={
|
||||
"credentials": request.data,
|
||||
"account": account
|
||||
})
|
||||
plaid_client = plaid.Connection(request.data)
|
||||
conn.credentials = plaid_client.credentials
|
||||
conn.save()
|
||||
return Response(plaid_client.get_accounts())
|
||||
Loading…
Reference in New Issue
Block a user