My team are developing a payment system for our web services. The site is built using Django, with the payment services provided by stripe. We are using dj-stripe to integrate the two.
For development we are using the stripe test environment, but we are doing this on multiple development servers, each with it's own dev DB.
dj-stripe identifies which customer to associate payment, card and source activity with using the dj-stripe customer id. This causes a conflict in the information for customers with the same ids on different development severs.
We have thought of a number of workarounds for this, the top two choices are;
1) Generate an offset in the customer ids to prevent clash. The issue is this may break down as time goes on, with more developers joining. It fixes the issue for now, but doesn't guarantee it won't be an issue again.
2) Create a stripe account for each developer to ensure no clashes and only use the test environment. However, this seems like something stripe wouldn't be happy with if we end up with many devs working on the project.
I am interested in whether there is a standard solution or best practices for this issue.
In case anyone comes here for a similar issue, Stripe responded very quickly to our question on this. They already have a feature to deal with this, it just wasn't immediately obvious to us.
Stripe have a feature for you to add multiple accounts from your dashboard. You can simple create an account for each developer and just use the test keys for that account. Then invite all developers in your team to have read access to the account so that everyone can see the logs.
Related
I have a Django app for online cockfights. Users can bet if their accounts on the site have balance. They do that by first buying a digital product "Online Sabong Cash-In" through PayPal. The money is sent to the website's PayPal business account. I believe, this kind of transaction is called user-to-website transaction, and I've made this work using django-paypal library. I've followed this tutorial for that simple transaction: https://overiq.com/django-paypal-integration-with-django-paypal/ .
Now, I want to give the website the feature where users can cash-out or like withdraw their money if they want. I want to have the website-to-user transaction. How can I do that, please? I've searched on Google a lot and all I see are articles for user-to-website transaction. I've found one way but I don't know how to do it using django-paypal library:https://developer.paypal.com/docs/checkout/integration-features/pay-another-account/.
PayPal has a Payouts API, which you can request access to. However, only certain use cases will be approved.
(There is a way to facilitate user-to-user transactions by setting a payee object for the checkout, but that's not what you're asking in the question)
For audit purposes I'm trying to revoke/remove all blocked users from groups using a Python script. Until now I managed just to list all blocked users in my Gitlab instance using a simple curl:
curl -H "Private-Token: xxx” https://mygitlab.domain.com/api/v3/users?blocked=true. Can anyone point me to the right direction for a list with the groups, blocked users\group and how to revoke them using Gitlab API and Python. Any suggestion would be appreciated.
Thanks
I will give you a path to follow what you want, because stackoverflow is not a scripting service.
I don't how you are comfortable with scripting
Some tips to follow
List all groups
For each group, list all users
List all blocked users
Remove/Revoke every user of each group
This is the basic of your script, in this order
The next step is related the language that you want to use, in this case, python
I don't know if you know how to make http requests with python and, if not, read this article
https://rapidapi.com/blog/how-to-use-an-api-with-python/
This kind of audit is part of a larger effort followed by Epic 3155: "Provide an audit report of user permissions by group and project"
This is being implemented with, as a first step, GitLab 13.12 (May 2021)
Added total group and project count to admin users table
Previously, it was difficult to know how many groups and projects a user belonged to. Compliance-minded organizations, in particular, want to know which users have access to what systems or resources as part of their access management policy.
This information provides visibility into your users’ memberships to know if a user has too much access, may have leftover access from a change in their role or employment, or help you determine the scope of a user’s involvement in your company’s projects.
Now it’s easier to get a high-level view of your users’ memberships for auditing purposes.
In this iteration towards an exportable user access report we’ve added additional data to the admin panel for self-managed instances to show the total number of groups and projects a user belongs to.
See Documentation and Epic.
And:
See GitLab 13.12 (May 2021)
Users' group counts now displayed in Admin Area
The user list in the Admin Area now shows the total number of groups
a given user has access to. The group count is a sum of both group and subgroup membership.
This is incredibly valuable,
because you can easily see how much access users have and quickly
identify when action is needed.
For example, you might use this information
to ensure that deactivated accounts no longer have access to any projects or
groups in GitLab.
See Documentation and Epic.
How does e-commerce usually handle integrations with ERP software?
We are working on a project for a client, who previously planned to use an ERP system that had a REST API.
This API allowed us to:
Place orders
Inform the ERP if the order was paid for
Get order status
Get all of the items available
Check item availability
Get user data
That would allow us to build a fairly complex online store with a lot of features.
Now the client wants to use another ERP system:
http://www.netsuite.com/portal/platform.shtml
I researched it, and the difficulty of integration surprised me. No REST API, some weird SOAP protocol to communicate with the system, and you have to write a lot of logic using SuiteScript. A whole new, different programming language just to build an integration with an online store? Why not just give developers access to an API to place orders and fetch items? And there are absolutely no docs available online for the thing. People on forums are saying that the system lacks in documentation and one has figure it out himself, along the way.
Magento and Shopify integration is done by third parties and looks dodgy. Same thing with SAP ERP. Am I missing something? Why is such a basic thing as a REST API for e-commerce not available for those systems?
Why develop using Python Django for the back-end and using React.js for the frontend. What is the right way to integrate them with the ERP system?
NetSuite does have a REST API and webservices. "you have to write a lot of logic using SuiteScript" is true but it's just JavaScript and there are many talented developers out there.
I'm not sure there is a "right way" but there are many ways to connect to the data.
My suggestion would be to contact a partner company, such as SWK Technologies. http://swktech.com
NetSuite has two main APIs, SuiteTalk and SuiteScript.
SuiteTalk is the Web Services API, which is SOAP based and allows for pulling data from and updating NetSuite. The SuiteScript API is JavaScript based and allows you to customize accounts and export data at the appropriate event during your business process. The term "SuiteCloud" encompasses all APIs and integration tools.
As for documentation, this is mostly only available to clients and partners. If you have a client who provides you with access to their account, you will gain access to the NetSuite Help Center and all relevant documentation.
Your options for integrating with the e-commerce platform depends on the exact platform. This ranges from Webhooks to HTTP requests.
You can't say NetSuite is delimiting developers in any way. It depends on how you look at it. As I see it, NetSuite provides two main method for developers - SuiteTalk and SuiteScript.By this, developer can create his/her own API, define what kind of acces those API should have.
SuiteTalk is SOAP based.
I would suggest using SuiteScript to create your own API using either NS RESTlet or NS Suitelet.
They have the feature for External URL. By sending request to this external URL you can trigger your own custom functions written on the SuiteScript. By SuiteScript, you can create your own API and define your own function. Ie, developer is in full control.
The only problem I see with NetSuite is its higher barrier for entry. There is no way you can access NetSuite Help Centre without having a Client/Partner/Test account.
But obviously, those who need some kind of integration with NetSuite have NS account.
Can you advice me with some articles/applications that allows you create SaaS(Software as a Service) application with Python and Django.
For the moment the general topics I do not understand are:
Do you have one working application for all clients or one app per client
How do you manage database access, permissions or different DB for each client
Are there any tools that allows you to convert one app to SaaS
one project, this will make maintenance easier. I handle host resolution with middleware in django-ikari.
you don't. see #1
I use the following :
django-ikari : anchored (sub)domains
django-guardian : per object permissions
django-tastypie : easy RESTful api
django-userprofiles : better than django-registration
django-billing : plan based subscription controls
django-pricing : plan based subscription definition
While not necessary, the following will help in the long run:
django-hunger : private beta signups
django-waffle : feature flip
django-classy-tags : nice, easy and neat templatetag creation
django-merchant : abstracted payment gateway framework
django-mockups : fast testing with models
django-merlin : better multi-step forms (wizards)
Finally, nice to have
django-activity-stream
A very basic, elementary example of how you would go about it.
Suppose you have a simple app designed to solve a particular business case. For example, you created an app to handle room reservations at your office.
To "convert" this app into a service you have to configure it such that most of the user-specific parts of the application are parametric (they can be "templatized" - for lack of better word).
This is how the front end would be converted. You might create variables to hold the logo, headline, teaser, color scheme for the app; allowing each user to customize their instance.
So far, your app is able to customize itself on the front end. It is still using the same database that was designed in phase one.
Now comes the matter of showing only those fields that are relevant to a particular user. This would be parameterizing the database. So you might add a column that identifies each row as belonging to a particular user; then create views or stored procedures that filter records based on the logged in user.
Now the application is able to be "rented" out; since you are able to customize the instance based on the user.
It then just gets bigger from here - depending on the scale, type and intended customization of your application. You might decide that your application performs better when each user has their own dedicated database instead of the stored procedure + view combo.
You may decide that for some user types (or "packages"), you need a dedicated instance of your application running. So for "premium" or "ultra" users you want to have their own dedicated system running.
If your application requires lots of storage - you might decide to charge separately for storage.
The bottom line is it has nothing to do with the language used. Its more an architecture and design problem.
Software as a Service is just a marketing word, it's technically no different from a server that is accessible over the internet. So question 3 makes no sense. That leaves us with question 1 and 2:
What do you mean with 'app' in this context? Your web application (built with Python and Django) can have multiple Django apps (components that make up the web application) but I think that's not what you mean. You can build your website in Python/Django and have various customization options depending on which user (client) is logged in. For example, a premium client can have several advanced options enabled but it's still part of the same codebase. It's just that some options (buttons/controls, etc) are not shown for certain clients
Django has plenty of tools for user management, permissions and groups. You can give each user (each client) different permissions and these permissions determine what they can do. Database access should be managed by your web application. For example, the code determines what information needs to be displayed on the webpage (depending on which client is logged in) and that code retrieves the information from the database. Depending on the scale that you're aiming for, you can also specify which database should be used to retrieve the information from.
I have a blog post describing my proposal of how to go about making a multi tenant SAAS web application using Django. Multi-tenancy here means that when user registers, they have their sub-domain. To recap:
All tenants share one database, but each has their own schemas. Imagine you have website abc.com and someone registered a xyz tenant so that they access their page through xyz.abc.com, then for a tenant xyz you have a separate schema containing all the tables thus encapsulating data related only to xyz tenant. There are other ways, like having one database and one schema for all, or having even separate databases. But schemas approach is the best trade-off. The django-tenants library's documentation contains more detailed info if you are interested
Use django-tenants library to abstract away work with tenants. When someone accesses xyz.abc.com, you need to know that xyz is the tenant and that you should use xyz schema. django-tenants library does this for you so on each request you can obtain the tenant object by simply doing current_tenant = request.tenant
You need to differentiate between shared tables and tenant-specific tables. For example, having table with list of orders is tenant-specific. Every tenant might have their own database containing all their orders. This table should be inside xyz schema. At the same time, you will have some core Django tables, like user. The data can be shared, for example, to disallow two users registering with the same email.
You need to configure your DNS to catch a wildcard expression *.abc.com, for which you can add an A record inside your CPanel with *.abc.com linking to the IP of your server
I have developed a small django web application. It still runs in the django development web server.
It has been decided that if more than 'n' number of users like the application, it will be approved.
I want to find out all the users who view my application.
How can find the user who views my application?
Since I was the user who ran the application, all python ways of getting the username returns my name only.
Please help.
You can look in the admin to see how many usernames are there, assuming everyone who likes it creates one. Or you can look at your server logs and count the unique IPs.
You can keep track of your visitors by adding a call to google analytics in your web pages. Or, if you do not wish to use a Google product, there are plenty of other analytics packages to keep track of visitors locally.
These packages tell you a lot more than just the number of unique visitors.
An open source alternative can be found at http://piwik.org/ . Also, see http://forge.2metz.fr/p/python-piwik/
Step 1. Add a model -- connected users. Include an FK to username and a datetime stamp.
Step 2. Write a function to log each user's activity.
Step 3. Write your own version of login that will call the Django built-in login and also call your function to log each user's activity.
Step 4. Write a small application -- outside Django -- that uses the ORM to query the connected users table and write summaries and counts and what-not.
You have a database. Use it.