From 104289418ba52ba9feaefc30d268048189f1118d Mon Sep 17 00:00:00 2001
From: Eli Ribble <eli@authentise.com>
Date: Tue, 21 Jun 2016 07:51:36 -0600
Subject: [PATCH] Add support for creating and listing OFXAccounts

This makes it so that we can add new accounts and show the accounts that
we already have. We don't do anything with them yet, but that's okay it
was interesting figuring out how to get them set up at all. I'm
currently storing the passwords as unencrypted, which I intend to
change, but it's going to take some time to research exactly how to
encrypt them so that the data is not retrievable by a bad actor with
access to the database.
---
 templates/accounts.html      | 39 +++++++++++++++++++++++++--
 templates/login.html         |  3 ++-
 vanth/pages/accounts.py      | 24 ++++++++++++++---
 vanth/platform/ofxaccount.py | 52 ++++++++++++++++++++++++++++++++++++
 vanth/platform/ofxsource.py  | 11 ++------
 5 files changed, 113 insertions(+), 16 deletions(-)
 create mode 100644 vanth/platform/ofxaccount.py

diff --git a/templates/accounts.html b/templates/accounts.html
index 5f2cf66..6e64ee2 100644
--- a/templates/accounts.html
+++ b/templates/accounts.html
@@ -1,7 +1,42 @@
 {% extends 'layout.html' %}
 {% block main_content %}
 <h1>Accounts</h1>
-{% if not accounts %}
-<p>You don't have any accounts yet. Let's create some</p>
+{% if accounts %}
+  <table class="table">
+  <tr><th>Name</th><th>Type</th><th>Institution</th></tr>
+  {% for account in accounts %}
+  <tr>
+    <td>{{ account.name }}</td>
+    <td>{{ account.type }}</td>
+    <td>{{ account.institution }}</td>
+  </tr>
+  {% endfor %}
+  </table>
+{% else %}
+  <p>You don't have any accounts yet. Let's create some</p>
 {% endif %}
+<h1>Add new account</h1>
+<form method="POST" action="/account/">
+  <div class="form-group">
+    <label for="name">Name</label>
+    <input id="name" type="text" name="name" class="form-control" placeholder="My OFX account"></input>
+    <label for="institution">Institution</label>
+    <input id="institution" type="text" name="institution" class="form-control" list="institutions"></input>
+    <label for="userid">User ID</label>
+    <input id="userid" type="text" name="userid" class="form-control" placeholder="123456"></input>
+    <label for="password">Password</label>
+    <input id="password" type="password" name="password" class="form-control" placeholder="1234"></input>
+    <label for="type">Account Type</label>
+    <select id="account_type" value="checking" name="account_type" class="form-control">
+      <option value="checking">Checking</option>
+      <option value="checking">Savings</option>
+    </select>
+    <input class="btn btn-primary form-control" type="submit" value="Create Account"></input>
+    <datalist id="institutions">
+      {% for source in sources %}
+      <option value="{{ source.name }}">{{ source.name }}</option>
+      {% endfor %}
+    </datalist>
+  </div>
+</form>
 {% endblock %}
diff --git a/templates/login.html b/templates/login.html
index 03f949b..cf662c3 100644
--- a/templates/login.html
+++ b/templates/login.html
@@ -8,6 +8,7 @@
 		<input id="username" type="text" name="username" class="form-control"></input>
 		<label for="password">password</label>
 		<input id="password" type="password" name="password" class="form-control"></input>
-		<input class="btn btn-primary" type="submit" value="Log in" class="form-control"></input>
+		<input class="btn btn-primary form-control" type="submit" value="Log in"></input>
+	</div>
 </form>
 {% endblock %}
diff --git a/vanth/pages/accounts.py b/vanth/pages/accounts.py
index 1571d25..1d0f67e 100644
--- a/vanth/pages/accounts.py
+++ b/vanth/pages/accounts.py
@@ -1,8 +1,24 @@
 import flask
 
+import vanth.platform.ofxaccount
+import vanth.platform.ofxsource
+
 blueprint = flask.Blueprint('accounts', __name__)
 
-@blueprint.route('/accounts/')
-def accounts():
-    my_accounts = []
-    return flask.render_template('accounts.html', accounts=my_accounts)
+@blueprint.route('/accounts/', methods=['GET'])
+def get_accounts():
+    my_accounts = vanth.platform.ofxaccount.get(flask.session['user_id'])
+    sources = vanth.platform.ofxsource.get()
+    return flask.render_template('accounts.html', accounts=my_accounts, sources=sources)
+
+@blueprint.route('/account/', methods=['POST'])
+def post_account():
+    account_type = flask.request.form.get('account_type')
+    institution  = flask.request.form.get('institution')
+    name         = flask.request.form.get('name')
+    password     = flask.request.form.get('password')
+    userid       = flask.request.form.get('userid')
+
+
+    vanth.platform.ofxaccount.create(flask.session['user_id'], name, account_type, institution, password, userid)
+    return flask.redirect('/accounts/')
diff --git a/vanth/platform/ofxaccount.py b/vanth/platform/ofxaccount.py
new file mode 100644
index 0000000..2b1bf95
--- /dev/null
+++ b/vanth/platform/ofxaccount.py
@@ -0,0 +1,52 @@
+import uuid
+
+import chryso.connection
+import sqlalchemy
+
+import vanth.platform.ofxsource
+import vanth.tables
+
+
+def get(user_id):
+    engine = chryso.connection.get()
+    query = sqlalchemy.select([
+        vanth.tables.OFXSource.c.name.label('institution'),
+        vanth.tables.OFXAccount.c.name,
+        vanth.tables.OFXAccount.c.source,
+        vanth.tables.OFXAccount.c.type,
+        vanth.tables.OFXAccount.c.user_id,
+        vanth.tables.OFXAccount.c.uuid,
+    ]).where(
+        vanth.tables.OFXAccount.c.source == vanth.tables.OFXSource.c.uuid
+    ).where(
+        vanth.tables.OFXAccount.c.owner == user_id
+    )
+    results = engine.execute(query)
+    return [{
+        'institution'   : result[vanth.tables.OFXSource.c.name.label('institution')],
+        'name'          : result[vanth.tables.OFXAccount.c.name],
+        'source'        : result[vanth.tables.OFXAccount.c.source],
+        'type'          : result[vanth.tables.OFXAccount.c.type],
+        'user_id'       : result[vanth.tables.OFXAccount.c.user_id],
+        'uuid'          : result[vanth.tables.OFXAccount.c.uuid],
+    } for result in results]
+
+def create(user_id, name, account_type, institution, password, account_user):
+    engine = chryso.connection.get()
+
+    source_name = sqlalchemy.select([
+        vanth.tables.OFXSource.c.uuid
+    ]).where(vanth.tables.OFXSource.c.name == institution)
+
+    _uuid = uuid.uuid4()
+    statement = vanth.tables.OFXAccount.insert().values( # pylint: disable=no-value-for-parameter
+        uuid        = _uuid,
+        name        = name,
+        user_id     = account_user,
+        password    = password,
+        type        = account_type,
+        source      = source_name,
+        owner       = user_id,
+    )
+    engine.execute(statement)
+    return _uuid
diff --git a/vanth/platform/ofxsource.py b/vanth/platform/ofxsource.py
index eca0b7d..764745f 100644
--- a/vanth/platform/ofxsource.py
+++ b/vanth/platform/ofxsource.py
@@ -1,20 +1,13 @@
 import logging
 
 import chryso.connection
-import sepiida.routing
 
 import vanth.tables
 
 LOGGER = logging.getLogger(__name__)
 
-def by_filter(filters):
+def get():
     engine = chryso.connection.get()
-    LOGGER.debug("Getting ofxsources by filter %s", filters)
     query = vanth.tables.OFXSource.select()
     results = engine.execute(query).fetchall()
-    return [{
-        'name'      : result[vanth.tables.OFXSource.c.name],
-        'fid'       : result[vanth.tables.OFXSource.c.fid],
-        'bankid'    : result[vanth.tables.OFXSource.c.bankid],
-        'uri'       : sepiida.routing.uri('ofxsource', result[vanth.tables.OFXSource.c.uuid]),
-    } for result in results]
+    return [dict(result) for result in results]