Ejemplo n.º 1
0
    def get_available_gateways(cls):
        """Return the JSONified list of payment gateways available

        This is a XHR only method

        If type is specified as address then an address lookup is done
        """
        Address = Pool().get('party.address')

        value = request.args.get('value', 0, type=int)
        if request.values.get('type') == 'address':
            # Address lookup only when logged in
            if request.is_guest_user:
                abort(403)

            # If not validated as user's address this could lead to
            # exploitation by ID
            if value not in [a.id for a in
                    request.nereid_user.party.addresses]:
                abort(403)

            address = Address(value)
            value = address.country.id

        rv = [{
            'id': g.id,
            'name': g.name,
            'image': g.get_image(),
        } for g in cls._get_available_gateways(value)]

        return jsonify(result=rv)
Ejemplo n.º 2
0
    def recent_products(self):
        """
        GET
        ---

        Return a list of recently visited products in JSON

        POST
        ----

        Add the product to the recent list manually. This method is required
        if the product page is cached, or is served by a Caching Middleware
        like Varnish which may clear the session before sending the request to
        Nereid.

        Just as with GET the response is the AJAX of recent products
        """
        if request.method == 'POST':
            self._add_to_recent_list(request.form.get('product_id', type=int))

        fields = request.args.getlist('fields')
        if fields:
            allowed_fields = [
                f for f in fields if f in self.json_allowed_fields
            ]
        else:
            allowed_fields = self.json_allowed_fields[:]
        products = []

        if 'sale_price' in allowed_fields:
            allowed_fields.remove('sale_price')

        if hasattr(session, 'sid'):
            product_ids = session.get('recent-products', [])
            products = self.read(product_ids, allowed_fields)
            for product in products:
                product['sale_price'] = format_currency(
                        self.sale_price(product['id']),
                        request.nereid_currency.code
                )

        return jsonify(
            products = products
        )
Ejemplo n.º 3
0
    def recent_products(cls):
        """
        GET
        ---

        Return a list of recently visited products in JSON

        POST
        ----

        Add the product to the recent list manually. This method is required
        if the product page is cached, or is served by a Caching Middleware
        like Varnish which may clear the session before sending the request to
        Nereid.

        Just as with GET the response is the AJAX of recent products
        """
        if request.method == 'POST':
            cls._add_to_recent_list(request.form.get('product_id', type=int))

        fields = set(request.args.getlist('fields')) or cls.json_allowed_fields
        fields = fields & cls.json_allowed_fields

        if 'sale_price' in fields:
            fields.remove('sale_price')

        response = []
        if hasattr(session, 'sid'):
            products = cls.browse(session.get('recent-products', []))
            for product in products:
                product_val = {}
                for field in fields:
                    product_val[field] = getattr(product, field)
                product_val['sale_price'] = format_currency(
                        product.sale_price(),
                        request.nereid_currency.code
                )
                response.append(product_val)

        return jsonify(products=response)