2016-05-10 20:20:01 +00:00
|
|
|
from django.conf import settings
|
2016-05-12 17:08:54 +00:00
|
|
|
from django.contrib import messages
|
2016-05-15 22:09:00 +00:00
|
|
|
from django.contrib.auth.mixins import LoginRequiredMixin
|
2016-05-29 09:35:04 +00:00
|
|
|
from django.core.urlresolvers import reverse, reverse_lazy
|
2016-05-15 22:09:00 +00:00
|
|
|
from django.db.models import Count, F
|
2016-05-25 20:48:02 +00:00
|
|
|
from django.http import HttpResponse, HttpResponseRedirect, HttpResponseBadRequest, Http404
|
2016-05-16 19:54:25 +00:00
|
|
|
from django.shortcuts import get_object_or_404
|
2016-05-15 22:09:00 +00:00
|
|
|
from django.views.generic import (
|
2016-05-16 13:25:12 +00:00
|
|
|
View,
|
2016-05-15 22:09:00 +00:00
|
|
|
TemplateView,
|
|
|
|
ListView,
|
|
|
|
DetailView,
|
|
|
|
FormView,
|
2016-05-30 22:58:11 +00:00
|
|
|
UpdateView,
|
2016-05-15 22:09:00 +00:00
|
|
|
)
|
2016-05-29 10:10:51 +00:00
|
|
|
from django.views.generic.base import RedirectView
|
2016-05-16 16:48:15 +00:00
|
|
|
from django.views.generic.detail import SingleObjectMixin
|
2016-05-29 16:45:04 +00:00
|
|
|
from django.utils.decorators import method_decorator
|
|
|
|
from django.views.decorators.csrf import csrf_exempt
|
2016-05-31 20:57:55 +00:00
|
|
|
from django.utils.dateparse import parse_datetime
|
2016-05-31 21:15:33 +00:00
|
|
|
from django.utils import timezone
|
2016-05-16 16:48:15 +00:00
|
|
|
|
2016-05-15 22:09:00 +00:00
|
|
|
from shop.models import (
|
|
|
|
Order,
|
|
|
|
Product,
|
|
|
|
OrderProductRelation,
|
|
|
|
ProductCategory,
|
2016-05-16 17:12:59 +00:00
|
|
|
EpayCallback,
|
2016-05-17 06:15:14 +00:00
|
|
|
EpayPayment,
|
2016-05-25 20:48:02 +00:00
|
|
|
CoinifyAPIInvoice,
|
2016-05-29 17:33:26 +00:00
|
|
|
CoinifyAPICallback,
|
2016-05-30 20:50:43 +00:00
|
|
|
Ticket,
|
2016-06-19 19:59:50 +00:00
|
|
|
CreditNote,
|
2016-05-15 22:09:00 +00:00
|
|
|
)
|
|
|
|
from .forms import AddToOrderForm
|
2016-05-17 05:42:31 +00:00
|
|
|
from .epay import calculate_epay_hash, validate_epay_callback
|
2016-05-17 05:54:54 +00:00
|
|
|
from collections import OrderedDict
|
2017-03-24 00:58:04 +00:00
|
|
|
from vendor.coinify.coinify_api import CoinifyAPI
|
|
|
|
from vendor.coinify.coinify_callback import CoinifyCallback
|
2017-07-11 05:06:25 +00:00
|
|
|
from .coinify import create_coinify_invoice, save_coinify_callback, process_coinify_invoice_json
|
2016-05-31 21:58:25 +00:00
|
|
|
import json, time
|
2017-03-23 17:32:13 +00:00
|
|
|
import logging
|
|
|
|
logger = logging.getLogger("bornhack.%s" % __name__)
|
|
|
|
|
2016-05-16 16:48:15 +00:00
|
|
|
|
2016-05-31 21:23:05 +00:00
|
|
|
|
2016-11-09 11:28:34 +00:00
|
|
|
#################################################################################
|
|
|
|
### Mixins
|
2016-06-19 19:37:25 +00:00
|
|
|
class EnsureCreditNoteHasPDFMixin(SingleObjectMixin):
|
|
|
|
model = CreditNote
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if not self.get_object().pdf:
|
|
|
|
messages.error(request, "This creditnote has no PDF yet!")
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:creditnote_list'))
|
|
|
|
|
|
|
|
return super(EnsureCreditNoteHasPDFMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
class EnsureUserOwnsCreditNoteMixin(SingleObjectMixin):
|
|
|
|
model = CreditNote
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
# If the user does not own this creditnote OR is not staff
|
|
|
|
if not request.user.is_staff:
|
|
|
|
if self.get_object().user != request.user:
|
|
|
|
raise Http404("CreditNote not found")
|
|
|
|
|
|
|
|
return super(EnsureUserOwnsCreditNoteMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2016-05-16 16:48:15 +00:00
|
|
|
class EnsureUserOwnsOrderMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
2016-06-19 19:37:25 +00:00
|
|
|
# If the user does not own this order OR is not staff
|
2016-05-31 21:30:18 +00:00
|
|
|
if not request.user.is_staff:
|
|
|
|
if self.get_object().user != request.user:
|
|
|
|
raise Http404("Order not found")
|
2016-05-16 16:48:15 +00:00
|
|
|
|
|
|
|
return super(EnsureUserOwnsOrderMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
2016-05-17 06:27:13 +00:00
|
|
|
|
2016-05-17 06:21:59 +00:00
|
|
|
class EnsureUnpaidOrderMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if self.get_object().paid:
|
|
|
|
messages.error(request, "This order is already paid for!")
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': self.get_object().pk}))
|
|
|
|
|
|
|
|
return super(EnsureUnpaidOrderMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
2016-05-16 16:48:15 +00:00
|
|
|
|
2016-05-17 06:27:13 +00:00
|
|
|
|
2016-05-30 19:29:18 +00:00
|
|
|
class EnsurePaidOrderMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if not self.get_object().paid:
|
|
|
|
messages.error(request, "This order is not paid for!")
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': self.get_object().pk}))
|
|
|
|
|
|
|
|
return super(EnsurePaidOrderMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2016-05-17 06:34:54 +00:00
|
|
|
class EnsureClosedOrderMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if self.get_object().open is not None:
|
|
|
|
messages.error(request, 'This order is still open!')
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': self.get_object().pk}))
|
|
|
|
|
|
|
|
return super(EnsureClosedOrderMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
|
|
class EnsureOrderHasProductsMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if not self.get_object().products.count() > 0:
|
|
|
|
messages.error(request, 'This order has no products!')
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:index'))
|
|
|
|
|
|
|
|
return super(EnsureOrderHasProductsMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
2016-05-31 19:19:31 +00:00
|
|
|
|
2016-06-01 09:10:06 +00:00
|
|
|
class EnsureOrderIsNotCancelledMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if self.get_object().cancelled:
|
|
|
|
messages.error(
|
|
|
|
request,
|
|
|
|
'Order #{} is cancelled!'.format(self.get_object().id)
|
|
|
|
)
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:index'))
|
|
|
|
|
2016-06-01 09:11:24 +00:00
|
|
|
return super(EnsureOrderIsNotCancelledMixin, self).dispatch(
|
2016-06-01 09:10:06 +00:00
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
|
|
|
|
2016-05-30 19:29:18 +00:00
|
|
|
class EnsureOrderHasInvoicePDFMixin(SingleObjectMixin):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def dispatch(self, request, *args, **kwargs):
|
|
|
|
if not self.get_object().invoice.pdf:
|
|
|
|
messages.error(request, "This order has no invoice yet!")
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': self.get_object().pk}))
|
|
|
|
|
|
|
|
return super(EnsureOrderHasInvoicePDFMixin, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
2016-05-17 06:34:54 +00:00
|
|
|
|
2016-11-09 11:28:34 +00:00
|
|
|
#################################################################################
|
|
|
|
### Shop views
|
2016-05-12 17:08:54 +00:00
|
|
|
class ShopIndexView(ListView):
|
|
|
|
model = Product
|
|
|
|
template_name = "shop_index.html"
|
2016-05-15 22:09:00 +00:00
|
|
|
context_object_name = 'products'
|
2016-05-10 20:20:01 +00:00
|
|
|
|
2016-06-03 17:08:23 +00:00
|
|
|
def get_queryset(self):
|
|
|
|
queryset = super(ShopIndexView, self).get_queryset()
|
2016-08-25 10:04:47 +00:00
|
|
|
return queryset.available().order_by('category__name', 'price', 'name')
|
2016-06-03 17:08:23 +00:00
|
|
|
|
2016-05-13 06:36:56 +00:00
|
|
|
def get_context_data(self, **kwargs):
|
2016-05-13 06:50:04 +00:00
|
|
|
context = super(ShopIndexView, self).get_context_data(**kwargs)
|
2016-05-10 20:20:01 +00:00
|
|
|
|
2016-05-15 22:09:00 +00:00
|
|
|
if 'category' in self.request.GET:
|
|
|
|
category = self.request.GET.get('category')
|
2016-05-17 19:55:09 +00:00
|
|
|
|
|
|
|
# is this a public category
|
2016-05-17 19:24:04 +00:00
|
|
|
try:
|
2016-05-17 19:42:28 +00:00
|
|
|
categoryobj = ProductCategory.objects.get(slug=category)
|
2016-05-17 19:24:04 +00:00
|
|
|
if not categoryobj.public:
|
|
|
|
raise Http404("Category not found")
|
|
|
|
except ProductCategory.DoesNotExist:
|
2016-05-17 19:10:01 +00:00
|
|
|
raise Http404("Category not found")
|
2016-05-17 19:55:09 +00:00
|
|
|
|
|
|
|
# filter products by the chosen category
|
2016-05-15 22:09:00 +00:00
|
|
|
context['products'] = context['products'].filter(
|
2016-05-17 19:55:09 +00:00
|
|
|
category__slug=category
|
2016-05-15 22:09:00 +00:00
|
|
|
)
|
2016-05-30 18:56:03 +00:00
|
|
|
context['current_category'] = categoryobj
|
2016-05-15 22:09:00 +00:00
|
|
|
context['categories'] = ProductCategory.objects.annotate(
|
|
|
|
num_products=Count('products')
|
|
|
|
).filter(
|
2016-05-17 19:10:01 +00:00
|
|
|
num_products__gt=0,
|
|
|
|
public=True,
|
2016-08-25 10:04:47 +00:00
|
|
|
products__available_in__contains=timezone.now()
|
2016-05-15 22:09:00 +00:00
|
|
|
)
|
|
|
|
return context
|
2016-05-10 20:20:01 +00:00
|
|
|
|
2016-05-13 06:36:56 +00:00
|
|
|
|
2016-05-30 17:25:34 +00:00
|
|
|
class ProductDetailView(FormView, DetailView):
|
2016-05-15 22:09:00 +00:00
|
|
|
model = Product
|
|
|
|
template_name = 'product_detail.html'
|
|
|
|
form_class = AddToOrderForm
|
|
|
|
context_object_name = 'product'
|
2016-05-12 07:51:35 +00:00
|
|
|
|
2016-05-17 13:09:31 +00:00
|
|
|
def dispatch(self, request, *args, **kwargs):
|
2016-05-17 18:56:11 +00:00
|
|
|
if not self.get_object().category.public:
|
2016-05-17 13:09:31 +00:00
|
|
|
### this product is not publicly available
|
|
|
|
raise Http404("Product not found")
|
|
|
|
|
2016-05-17 18:42:02 +00:00
|
|
|
return super(ProductDetailView, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
2016-05-12 17:08:54 +00:00
|
|
|
def form_valid(self, form):
|
2016-05-15 22:09:00 +00:00
|
|
|
product = self.get_object()
|
2016-05-15 22:20:09 +00:00
|
|
|
quantity = form.cleaned_data.get('quantity')
|
2016-05-15 22:09:00 +00:00
|
|
|
|
|
|
|
# do we have an open order?
|
|
|
|
try:
|
|
|
|
order = Order.objects.get(
|
|
|
|
user=self.request.user,
|
2016-05-15 22:14:45 +00:00
|
|
|
open__isnull=False
|
2016-05-15 22:09:00 +00:00
|
|
|
)
|
|
|
|
except Order.DoesNotExist:
|
|
|
|
# no open order - open a new one
|
2016-05-15 22:20:09 +00:00
|
|
|
order = Order.objects.create(
|
|
|
|
user=self.request.user,
|
|
|
|
)
|
2016-05-15 22:09:00 +00:00
|
|
|
|
|
|
|
# get product from kwargs
|
|
|
|
if product in order.products.all():
|
|
|
|
# this product is already added to this order,
|
|
|
|
# increase count by quantity
|
|
|
|
OrderProductRelation.objects.filter(
|
|
|
|
product=product,
|
|
|
|
order=order
|
|
|
|
).update(quantity=F('quantity') + quantity)
|
2016-05-12 17:08:54 +00:00
|
|
|
else:
|
2016-05-15 22:20:09 +00:00
|
|
|
order.orderproductrelation_set.create(
|
|
|
|
product=product,
|
|
|
|
quantity=quantity,
|
|
|
|
)
|
2016-05-15 22:09:00 +00:00
|
|
|
|
|
|
|
messages.info(
|
|
|
|
self.request,
|
|
|
|
'{}x {} has been added to your order.'.format(
|
|
|
|
quantity,
|
|
|
|
product.name
|
|
|
|
)
|
|
|
|
)
|
2016-05-12 17:08:54 +00:00
|
|
|
|
2016-05-15 22:09:00 +00:00
|
|
|
# done
|
|
|
|
return super(ProductDetailView, self).form_valid(form)
|
2016-05-12 17:08:54 +00:00
|
|
|
|
|
|
|
def get_success_url(self):
|
2016-05-16 15:17:14 +00:00
|
|
|
return Order.objects.get(user=self.request.user, open__isnull=False).get_absolute_url()
|
2016-05-12 17:08:54 +00:00
|
|
|
|
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
class OrderListView(LoginRequiredMixin, ListView):
|
|
|
|
model = Order
|
|
|
|
template_name = "order_list.html"
|
2016-06-01 09:10:06 +00:00
|
|
|
context_object_name = 'orders'
|
2016-05-29 14:36:23 +00:00
|
|
|
|
2016-06-01 09:10:06 +00:00
|
|
|
def get_queryset(self):
|
|
|
|
queryset = super(OrderListView, self).get_queryset()
|
|
|
|
return queryset.filter(user=self.request.user).not_cancelled()
|
2016-05-29 14:36:23 +00:00
|
|
|
|
|
|
|
|
2017-03-26 08:15:54 +00:00
|
|
|
class OrderDetailView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureOrderHasProductsMixin, EnsureOrderIsNotCancelledMixin, DetailView):
|
2016-05-29 14:36:23 +00:00
|
|
|
model = Order
|
|
|
|
template_name = 'order_detail.html'
|
|
|
|
context_object_name = 'order'
|
|
|
|
|
|
|
|
def post(self, request, *args, **kwargs):
|
|
|
|
order = self.get_object()
|
|
|
|
payment_method = request.POST.get('payment_method')
|
|
|
|
|
|
|
|
if payment_method in order.PAYMENT_METHODS:
|
2016-06-01 13:27:33 +00:00
|
|
|
if not request.POST.get('accept_terms'):
|
|
|
|
messages.error(request, "You need to accept the general terms and conditions before you can continue!")
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': order.pk}))
|
2016-05-29 14:36:23 +00:00
|
|
|
|
2016-06-01 13:27:33 +00:00
|
|
|
# Set payment method and mark the order as closed
|
|
|
|
order.payment_method = payment_method
|
2016-05-29 14:36:23 +00:00
|
|
|
order.open = None
|
2017-03-26 08:15:54 +00:00
|
|
|
order.customer_comment = request.POST.get('customer_comment') or ''
|
2016-05-29 14:36:23 +00:00
|
|
|
order.save()
|
|
|
|
|
|
|
|
reverses = {
|
|
|
|
Order.CREDIT_CARD: reverse_lazy(
|
|
|
|
'shop:epay_form',
|
|
|
|
kwargs={'pk': order.id}
|
|
|
|
),
|
|
|
|
Order.BLOCKCHAIN: reverse_lazy(
|
|
|
|
'shop:coinify_pay',
|
|
|
|
kwargs={'pk': order.id}
|
|
|
|
),
|
|
|
|
Order.BANK_TRANSFER: reverse_lazy(
|
|
|
|
'shop:bank_transfer',
|
|
|
|
kwargs={'pk': order.id}
|
2016-11-09 11:27:42 +00:00
|
|
|
),
|
|
|
|
Order.CASH: reverse_lazy(
|
|
|
|
'shop:cash',
|
|
|
|
kwargs={'pk': order.id}
|
2016-05-29 14:36:23 +00:00
|
|
|
)
|
|
|
|
}
|
|
|
|
|
|
|
|
return HttpResponseRedirect(reverses[payment_method])
|
|
|
|
|
|
|
|
if 'update_order' in request.POST:
|
|
|
|
for order_product in order.orderproductrelation_set.all():
|
|
|
|
order_product_id = str(order_product.pk)
|
|
|
|
if order_product_id in request.POST:
|
|
|
|
new_quantity = int(request.POST.get(order_product_id))
|
|
|
|
order_product.quantity = new_quantity
|
|
|
|
order_product.save()
|
2017-03-26 08:15:54 +00:00
|
|
|
order.customer_comment = request.POST.get('customer_comment') or ''
|
2016-11-09 13:34:55 +00:00
|
|
|
order.save()
|
2016-05-29 14:36:23 +00:00
|
|
|
|
|
|
|
product_remove = request.POST.get('remove_product')
|
|
|
|
if product_remove:
|
|
|
|
order.orderproductrelation_set.filter(pk=product_remove).delete()
|
|
|
|
if not order.products.count() > 0:
|
2016-06-01 09:10:06 +00:00
|
|
|
order.mark_as_cancelled()
|
2016-05-31 19:01:48 +00:00
|
|
|
messages.info(request, 'Order cancelled!')
|
2016-05-29 14:36:23 +00:00
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:index'))
|
|
|
|
|
2016-05-31 19:01:48 +00:00
|
|
|
if 'cancel_order' in request.POST:
|
2016-06-01 09:10:06 +00:00
|
|
|
order.mark_as_cancelled()
|
2016-05-31 19:01:48 +00:00
|
|
|
messages.info(request, 'Order cancelled!')
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:index'))
|
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
return super(OrderDetailView, self).get(request, *args, **kwargs)
|
|
|
|
|
2016-05-30 19:29:18 +00:00
|
|
|
|
|
|
|
class DownloadInvoiceView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsurePaidOrderMixin, EnsureOrderHasInvoicePDFMixin, SingleObjectMixin, View):
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
response = HttpResponse(content_type='application/pdf')
|
|
|
|
response['Content-Disposition'] = 'attachment; filename="%s"' % self.get_object().invoice.filename
|
2016-05-30 22:00:57 +00:00
|
|
|
response.write(self.get_object().invoice.pdf.read())
|
2016-05-30 19:29:18 +00:00
|
|
|
return response
|
|
|
|
|
2016-06-19 19:37:25 +00:00
|
|
|
|
|
|
|
class CreditNoteListView(LoginRequiredMixin, ListView):
|
|
|
|
model = CreditNote
|
|
|
|
template_name = "creditnote_list.html"
|
|
|
|
context_object_name = 'creditnotes'
|
|
|
|
|
2017-04-14 13:36:41 +00:00
|
|
|
def get_queryset(self):
|
|
|
|
queryset = super().get_queryset()
|
|
|
|
return queryset.filter(user=self.request.user)
|
|
|
|
|
2016-06-19 19:37:25 +00:00
|
|
|
|
|
|
|
class DownloadCreditNoteView(LoginRequiredMixin, EnsureUserOwnsCreditNoteMixin, EnsureCreditNoteHasPDFMixin, SingleObjectMixin, View):
|
|
|
|
model = CreditNote
|
|
|
|
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
response = HttpResponse(content_type='application/pdf')
|
|
|
|
response['Content-Disposition'] = 'attachment; filename="%s"' % self.get_object().filename
|
2016-06-19 20:04:24 +00:00
|
|
|
response.write(self.get_object().pdf.read())
|
2016-06-19 19:37:25 +00:00
|
|
|
return response
|
|
|
|
|
|
|
|
|
2016-11-09 11:28:34 +00:00
|
|
|
class OrderMarkAsPaidView(LoginRequiredMixin, SingleObjectMixin, View):
|
|
|
|
|
|
|
|
model = Order
|
|
|
|
|
|
|
|
def get(self, request, *args, **kwargs):
|
|
|
|
if not request.user.is_staff:
|
|
|
|
messages.error(request, 'You do not have permissions to do that.')
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:index'))
|
|
|
|
else:
|
|
|
|
messages.success(request, 'The order has been marked as paid.')
|
|
|
|
order = self.get_object()
|
|
|
|
order.mark_as_paid()
|
|
|
|
return HttpResponseRedirect(request.META.get('HTTP_REFERER'))
|
|
|
|
|
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
#################################################################################
|
2016-11-09 11:28:34 +00:00
|
|
|
### Epay views
|
2016-05-29 14:36:23 +00:00
|
|
|
|
2016-05-29 15:07:09 +00:00
|
|
|
class EpayFormView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureUnpaidOrderMixin, EnsureClosedOrderMixin, EnsureOrderHasProductsMixin, DetailView):
|
2016-05-16 16:48:15 +00:00
|
|
|
model = Order
|
2016-05-16 13:31:37 +00:00
|
|
|
template_name = 'epay_form.html'
|
|
|
|
|
|
|
|
def get_context_data(self, **kwargs):
|
2016-05-16 16:48:15 +00:00
|
|
|
order = self.get_object()
|
2016-05-16 13:31:37 +00:00
|
|
|
context = super(EpayFormView, self).get_context_data(**kwargs)
|
|
|
|
context['merchant_number'] = settings.EPAY_MERCHANT_NUMBER
|
2016-05-17 05:06:25 +00:00
|
|
|
context['description'] = order.description
|
2016-05-29 11:00:00 +00:00
|
|
|
context['amount'] = order.total * 100
|
2016-05-17 05:06:25 +00:00
|
|
|
context['order_id'] = order.pk
|
2016-05-29 11:00:00 +00:00
|
|
|
context['accept_url'] = order.get_epay_accept_url(self.request)
|
|
|
|
context['cancel_url'] = order.get_cancel_url(self.request)
|
|
|
|
context['callback_url'] = order.get_epay_callback_url(self.request)
|
|
|
|
context['epay_hash'] = calculate_epay_hash(order, self.request)
|
2016-05-16 13:31:37 +00:00
|
|
|
return context
|
|
|
|
|
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
class EpayCallbackView(SingleObjectMixin, View):
|
2016-05-29 15:12:09 +00:00
|
|
|
model = Order
|
|
|
|
|
2016-05-30 19:29:18 +00:00
|
|
|
def get(self, request, *args, **kwargs):
|
2016-05-16 13:31:37 +00:00
|
|
|
callback = EpayCallback.objects.create(
|
|
|
|
payload=request.GET
|
|
|
|
)
|
|
|
|
|
|
|
|
if 'orderid' in request.GET:
|
2016-05-17 05:54:54 +00:00
|
|
|
query = OrderedDict(
|
2017-01-30 11:05:11 +00:00
|
|
|
[tuple(x.split('=')) for x in request.META['QUERY_STRING'].split('&')]
|
2016-05-16 13:31:37 +00:00
|
|
|
)
|
2016-05-16 19:57:52 +00:00
|
|
|
order = get_object_or_404(Order, pk=query.get('orderid'))
|
2016-05-29 14:36:23 +00:00
|
|
|
if order.pk != self.get_object().pk:
|
2017-03-23 17:32:13 +00:00
|
|
|
logger.error("bad epay callback, orders do not match!")
|
2016-05-29 14:36:23 +00:00
|
|
|
return HttpResponse(status=400)
|
2016-05-16 13:31:37 +00:00
|
|
|
|
2016-05-17 05:59:42 +00:00
|
|
|
if validate_epay_callback(query):
|
|
|
|
callback.md5valid=True
|
|
|
|
callback.save()
|
|
|
|
else:
|
2017-03-23 17:32:13 +00:00
|
|
|
logger.error("bad epay callback!")
|
2016-05-16 13:31:37 +00:00
|
|
|
return HttpResponse(status=400)
|
2017-03-23 17:32:13 +00:00
|
|
|
|
2016-05-17 13:35:28 +00:00
|
|
|
if order.paid:
|
|
|
|
### this order is already paid, perhaps we are seeing a double callback?
|
|
|
|
return HttpResponse('OK')
|
|
|
|
|
|
|
|
### epay callback is valid - has the order been paid in full?
|
2016-05-17 06:13:00 +00:00
|
|
|
if int(query['amount']) == order.total * 100:
|
2016-05-17 13:35:28 +00:00
|
|
|
### create an EpayPayment object linking the callback to the order
|
2016-05-17 05:59:42 +00:00
|
|
|
EpayPayment.objects.create(
|
|
|
|
order=order,
|
|
|
|
callback=callback,
|
|
|
|
txnid=query.get('txnid'),
|
|
|
|
)
|
2016-05-30 16:05:35 +00:00
|
|
|
### and mark order as paid (this will create tickets)
|
|
|
|
order.mark_as_paid()
|
2016-05-17 06:13:00 +00:00
|
|
|
else:
|
2017-03-23 17:32:13 +00:00
|
|
|
logger.error("valid epay callback with wrong amount detected")
|
2016-05-16 13:31:37 +00:00
|
|
|
else:
|
|
|
|
return HttpResponse(status=400)
|
|
|
|
|
|
|
|
return HttpResponse('OK')
|
2016-05-16 14:31:51 +00:00
|
|
|
|
|
|
|
|
2016-05-29 15:07:09 +00:00
|
|
|
class EpayThanksView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureClosedOrderMixin, DetailView):
|
2016-05-16 17:31:14 +00:00
|
|
|
model = Order
|
|
|
|
template_name = 'epay_thanks.html'
|
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
def dispatch(self, request, *args, **kwargs):
|
2016-05-29 14:10:06 +00:00
|
|
|
if request.GET:
|
|
|
|
# epay redirects the user back to our accepturl with a long
|
|
|
|
# and ugly querystring, redirect user to the clean url
|
2016-05-29 14:27:38 +00:00
|
|
|
return HttpResponseRedirect(reverse('shop:epay_thanks', kwargs={'pk': self.get_object().pk}))
|
2016-05-29 14:10:06 +00:00
|
|
|
|
2016-05-29 14:40:32 +00:00
|
|
|
return super(EpayThanksView, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
2016-11-09 11:28:34 +00:00
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
#################################################################################
|
2016-11-09 11:28:34 +00:00
|
|
|
### Bank Transfer view
|
2016-05-16 17:31:14 +00:00
|
|
|
|
2016-05-29 15:07:09 +00:00
|
|
|
class BankTransferView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureUnpaidOrderMixin, EnsureOrderHasProductsMixin, DetailView):
|
2016-05-16 17:31:14 +00:00
|
|
|
model = Order
|
|
|
|
template_name = 'bank_transfer.html'
|
2016-05-16 14:31:51 +00:00
|
|
|
|
2016-06-01 07:29:21 +00:00
|
|
|
def get_context_data(self, **kwargs):
|
|
|
|
context = super(BankTransferView, self).get_context_data(**kwargs)
|
|
|
|
context['iban'] = settings.BANKACCOUNT_IBAN
|
|
|
|
context['swiftbic'] = settings.BANKACCOUNT_SWIFTBIC
|
2016-06-01 07:36:42 +00:00
|
|
|
context['orderid'] = self.get_object().pk
|
2016-06-01 10:49:51 +00:00
|
|
|
context['regno'] = settings.BANKACCOUNT_REG
|
|
|
|
context['accountno'] = settings.BANKACCOUNT_ACCOUNT
|
2016-06-01 07:36:42 +00:00
|
|
|
context['total'] = self.get_object().total
|
2016-06-01 07:29:21 +00:00
|
|
|
return context
|
|
|
|
|
2016-11-09 11:27:42 +00:00
|
|
|
|
2016-05-29 14:36:23 +00:00
|
|
|
#################################################################################
|
2016-11-09 11:27:42 +00:00
|
|
|
### Cash payment view
|
|
|
|
|
|
|
|
class CashView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureUnpaidOrderMixin, EnsureOrderHasProductsMixin, DetailView):
|
|
|
|
model = Order
|
|
|
|
template_name = 'cash.html'
|
|
|
|
|
2016-05-25 20:48:02 +00:00
|
|
|
|
2016-11-09 11:28:34 +00:00
|
|
|
#################################################################################
|
|
|
|
### Coinify views
|
|
|
|
|
2016-05-29 09:52:20 +00:00
|
|
|
class CoinifyRedirectView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureUnpaidOrderMixin, EnsureClosedOrderMixin, EnsureOrderHasProductsMixin, SingleObjectMixin, RedirectView):
|
2016-05-25 20:48:02 +00:00
|
|
|
model = Order
|
|
|
|
|
2016-05-29 10:08:29 +00:00
|
|
|
def dispatch(self, request, *args, **kwargs):
|
2016-05-25 20:48:02 +00:00
|
|
|
order = self.get_object()
|
|
|
|
|
2016-05-31 20:57:55 +00:00
|
|
|
# create a new coinify invoice if needed
|
2017-06-20 07:02:13 +00:00
|
|
|
if not order.coinifyapiinvoice:
|
2017-06-19 21:52:01 +00:00
|
|
|
coinifyinvoice = create_coinify_invoice(order, request)
|
2017-05-22 16:03:09 +00:00
|
|
|
if not coinifyinvoice:
|
2016-05-29 10:08:29 +00:00
|
|
|
messages.error(request, "There was a problem with the payment provider. Please try again later")
|
|
|
|
return HttpResponseRedirect(reverse_lazy('shop:order_detail', kwargs={'pk': self.get_object().pk}))
|
2017-05-22 16:03:09 +00:00
|
|
|
|
2016-05-29 10:08:29 +00:00
|
|
|
return super(CoinifyRedirectView, self).dispatch(
|
|
|
|
request, *args, **kwargs
|
|
|
|
)
|
|
|
|
|
|
|
|
def get_redirect_url(self, *args, **kwargs):
|
2016-05-29 11:01:36 +00:00
|
|
|
return self.get_object().coinifyapiinvoice.invoicejson['payment_url']
|
2016-05-25 20:48:02 +00:00
|
|
|
|
|
|
|
|
2016-05-29 08:43:38 +00:00
|
|
|
class CoinifyCallbackView(SingleObjectMixin, View):
|
2016-05-29 17:44:43 +00:00
|
|
|
model = Order
|
|
|
|
|
2016-05-29 16:45:04 +00:00
|
|
|
@method_decorator(csrf_exempt)
|
2016-05-29 17:21:44 +00:00
|
|
|
def dispatch(self, *args, **kwargs):
|
|
|
|
return super(CoinifyCallbackView, self).dispatch(*args, **kwargs)
|
|
|
|
|
2016-05-25 20:48:02 +00:00
|
|
|
def post(self, request, *args, **kwargs):
|
2017-05-22 16:03:09 +00:00
|
|
|
# save callback and parse json payload
|
2017-07-11 05:02:17 +00:00
|
|
|
callbackobject = save_coinify_callback(request, self.get_object())
|
2017-04-03 16:00:25 +00:00
|
|
|
|
|
|
|
# do we have a json body?
|
2017-05-22 16:03:09 +00:00
|
|
|
if not callbackobject.payload:
|
2017-04-03 16:00:25 +00:00
|
|
|
# no, return an error
|
|
|
|
logger.error("unable to parse JSON body in callback for order %s" % callbackobject.order.id)
|
|
|
|
return HttpResponseBadRequest('unable to parse json')
|
|
|
|
|
2017-05-22 16:03:09 +00:00
|
|
|
# initiate SDK
|
|
|
|
sdk = CoinifyCallback(settings.COINIFY_IPN_SECRET.encode('utf-8'))
|
|
|
|
|
2017-04-03 16:00:25 +00:00
|
|
|
# attemt to validate the callbackc
|
2017-05-22 16:03:09 +00:00
|
|
|
if sdk.validate_callback(request.body, request.META['HTTP_X_COINIFY_CALLBACK_SIGNATURE']):
|
2016-05-29 11:20:51 +00:00
|
|
|
# mark callback as valid in db
|
|
|
|
callbackobject.valid=True
|
|
|
|
callbackobject.save()
|
2016-05-25 20:48:02 +00:00
|
|
|
else:
|
2017-03-23 17:32:13 +00:00
|
|
|
logger.error("invalid coinify callback detected")
|
2016-05-29 17:47:44 +00:00
|
|
|
return HttpResponseBadRequest('something is fucky')
|
2016-05-25 20:48:02 +00:00
|
|
|
|
2017-05-22 16:03:09 +00:00
|
|
|
if callbackobject.payload['event'] == 'invoice_state_change' or callbackobject.payload['event'] == 'invoice_manual_resend':
|
2017-07-11 05:16:51 +00:00
|
|
|
coinifyinvoice = process_coinify_invoice_json(callbackobject.payload['data'], self.get_object())
|
2017-05-22 16:03:09 +00:00
|
|
|
return HttpResponse('OK')
|
|
|
|
else:
|
|
|
|
logger.error("unsupported callback event %s" % callbackobject.payload['event'])
|
|
|
|
return HttpResponseBadRequest('unsupported event')
|
|
|
|
|
2016-05-29 08:43:38 +00:00
|
|
|
|
2016-05-29 15:07:09 +00:00
|
|
|
class CoinifyThanksView(LoginRequiredMixin, EnsureUserOwnsOrderMixin, EnsureClosedOrderMixin, DetailView):
|
2016-05-29 08:43:38 +00:00
|
|
|
model = Order
|
|
|
|
template_name = 'coinify_thanks.html'
|
|
|
|
|