class CreateOrder(CreateAPIView): ''' Create an order ''' permission_classes = (Customer, ) def __init__(self): self._order_service = OrderService() #@method_decorator(csrf_protect) def post(self, request): serializer = OrderCreateSerializer(data=request.data) if not serializer.is_valid(): return BAD_REQUEST(serializer.errors) order_is_valid = self._order_service.validate( **serializer.validated_data) if not order_is_valid: return BAD_REQUEST('LMAO you\'re cheating') self._order_service.create(request.appuser_id, **serializer.validated_data) return CREATED()