def submit_ticket(request):
# If the form has been submitted by the user
if request.method == 'POST':
submit_ticket_form = SubmitTicketForm(request.POST)
#Determine which form the user submitted.
if submit_ticket_form.is_valid():
user = request.user
title = submit_ticket_form.cleaned_data.get('title')
price = submit_ticket_form.cleaned_data.get('price')
location_raw = submit_ticket_form.cleaned_data.get('location_raw')
location = submit_ticket_form.cleaned_data.get('location')
venue = submit_ticket_form.cleaned_data.get('venue')
start_datetime = submit_ticket_form.cleaned_data.get(
'start_datetime')
ticket_type = submit_ticket_form.cleaned_data.get('ticket_type')
payment_method = submit_ticket_form.cleaned_data.get(
'payment_method', 'G') # TODO Assume good faith since
# lean launch won't have secure
about = submit_ticket_form.cleaned_data.get(
'about') or '' # Might be empty
token = submit_ticket_form.cleaned_data.get('token')
card_id = submit_ticket_form.cleaned_data.get('card_id')
try:
customer, card = create_customer_and_card(user, token, card_id)
except StripeError as e:
logging.critical('Ticket creation failed')
return ajax_other_message(
'Uh oh, it looks like our server broke! Our developers are on it.',
400)
Ticket.objects.create_ticket(
poster=request.user,
price=price,
title=title,
about=about,
start_datetime=start_datetime,
location_raw=location_raw,
location=location,
ticket_type=ticket_type,
payment_method=payment_method,
card=card,
status='P',
venue=venue,
)
return ajax_popup_notification(
'success', 'Your ticket was successfully submitted! '
'It will become visible to others shortly.', 200)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was (unless it was a non_field error that we couldn't validate
# on the front end). This is okay because our app requires JS to be enabled.
# If the user managed to send us an aysynch request xwith JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(
**non_field_errors_notification(submit_ticket_form))
return render(request, 'tickets/submit_ticket.html',
{'form_settings': ticket_submit_form_settings})
def accept_request(request):
user = request.user # This is the owner of the ticket
try:
ticket = Ticket.objects.get(pk=request.POST.get('ticket_id'))
except Ticket.DoesNotExist:
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
if ticket.poster != user:
logging.critical('Fraudulent request detected {} tried to accept a ticket posted by {}'
.format(user, ticket.poster))
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
try:
other_user = User.objects.get(pk=request.POST.get('other_user_id'))
except User.DoesNotExist:
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
user_request = Request.get_last_request(other_user, ticket)
if user_request.status == 'A':
return ajax_popup_notification('success', "You've already accepted this ticket!", 400)
if user_request.status != 'P':
return ajax_popup_notification('danger', 'There is no outstanding request for this ticket.', 400)
if not ticket.is_requestable():
return ajax_popup_notification('warning', 'It looks like this ticket is no longer available', 400)
customer1 = Customer.get_customer_from_user(other_user)
customer2 = Customer.get_customer_from_user(user)
if not (customer1 and customer2):
if not customer1:
logging.critical('Failed to accept request {}. '
'Customer information not available for user {}'
.format(user_request.id), other_user)
if not customer2:
logging.critical('Failed to accept request {}. '
'Customer information not available for user {}'
.format(user_request.id), user)
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
# Charge them first. We actually might have a scenario where one of the cards is declined
try:
customer1.charge(500, user_request.card)
customer2.charge(500, ticket.card)
except StripeError as e:
return ajax_popup_notification('danger', "One of the payments didn't quite go through. We'll follow up with you")
user_request.accept()
return ajax_popup_notification('success', "Congratulations, you accepted {}'s request"
.format(other_user.first_name.title()), 200)
def decline_request(request):
user = request.user
try:
ticket = Ticket.objects.get(pk=request.POST.get('ticket_id'))
except Ticket.DoesNotExist:
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
if ticket.poster != user:
logging.critical('Fraudulent request detected {} tried to decline a ticket posted by {}'
.format(user, ticket.poster))
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
if not ticket.is_requestable:
return ajax_popup_notification('warning', 'It looks like this ticket is no longer available', 400)
try:
other_user = User.objects.get(pk=request.POST.get('other_user_id'))
except User.DoesNotExist:
return ajax_popup_notification('danger', 'Uh Oh, something went wrong. Our developers are on it!', 400)
user_request = Request.get_last_request(other_user, ticket)
if user_request.status == 'D':
return ajax_popup_notification('success', "You've already declined this ticket!", 400)
if user_request.status != 'P':
return ajax_popup_notification('info', 'There is no outstanding request for this ticket.', 400)
user_request.decline()
return ajax_popup_notification('info', "Aww, we'll let {} down easy. Good luck finding another gig buddy."
.format(other_user.first_name.title()), 200)
def submit_ticket(request):
# If the form has been submitted by the user
if request.method == 'POST':
submit_ticket_form = SubmitTicketForm(request.POST)
#Determine which form the user submitted.
if submit_ticket_form.is_valid():
user = request.user
title = submit_ticket_form.cleaned_data.get('title')
price = submit_ticket_form.cleaned_data.get('price')
location_raw = submit_ticket_form.cleaned_data.get('location_raw')
location = submit_ticket_form.cleaned_data.get('location')
venue = submit_ticket_form.cleaned_data.get('venue')
start_datetime = submit_ticket_form.cleaned_data.get('start_datetime')
ticket_type = submit_ticket_form.cleaned_data.get('ticket_type')
payment_method = submit_ticket_form.cleaned_data.get('payment_method', 'G') # TODO Assume good faith since
# lean launch won't have secure
about = submit_ticket_form.cleaned_data.get('about') or '' # Might be empty
token = submit_ticket_form.cleaned_data.get('token')
card_id = submit_ticket_form.cleaned_data.get('card_id')
try:
customer, card = create_customer_and_card(user, token, card_id)
except StripeError as e:
logging.critical('Ticket creation failed')
return ajax_other_message('Uh oh, it looks like our server broke! Our developers are on it.', 400)
Ticket.objects.create_ticket(poster=request.user,
price=price,
title=title,
about=about,
start_datetime=start_datetime,
location_raw=location_raw,
location=location,
ticket_type=ticket_type,
payment_method=payment_method,
card=card,
status='P',
venue=venue,
)
return ajax_popup_notification('success',
'Your ticket was successfully submitted! '
'It will become visible to others shortly.',
200)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was (unless it was a non_field error that we couldn't validate
# on the front end). This is okay because our app requires JS to be enabled.
# If the user managed to send us an aysynch request xwith JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(**non_field_errors_notification(submit_ticket_form))
return render(request,
'tickets/submit_ticket.html',
{'form_settings': ticket_submit_form_settings}
)
def can_message(request):
ticket_id = request.GET.get('ticket_id', None)
other_user_id = request.GET.get('other_user_id', None)
if not ticket_id or not other_user_id:
return ajax_popup_notification('Uh oh, something went wrong', 400)
try:
ticket = Ticket.objects.get(pk=ticket_id)
except Ticket.DoesNotExist:
return ajax_popup_notification('danger', "Uh oh, something went wrong", 400)
try:
other_user = User.objects.get(pk=other_user_id)
except User.DoesNotExist:
return ajax_popup_notification('danger', "Uh oh, something went wrong", 400)
if Message.can_message(ticket, request.user, other_user):
return ajax_http(True, 200)
else:
return ajax_popup_notification('danger', 'You are not allowed to message this user about this ticket.'
'Chances are it was already sold.', 400)
def signup(request):
# If the user is already logged in, they're doing something they aren't supposed to. Send them a 405.
if request.user.is_authenticated():
return HttpResponseNotAllowed(["POST"])
# If the form has been submitted by the user
if request.method == "POST":
signup_form = SignupForm(request.POST, request=request)
# Determine which form the user submitted.
if signup_form.is_valid():
password = signup_form.cleaned_data.get("password")
email = signup_form.cleaned_data.get("email")
first_name = signup_form.cleaned_data.get("first_name")
last_name = signup_form.cleaned_data.get("last_name")
birthdate = signup_form.cleaned_data.get("birthdate")
location = signup_form.cleaned_data.get("location")
# Creates the user profile as well. Saves both objects to the database.
User.objects.create_user(
email=email,
password=password,
first_name=first_name,
last_name=last_name,
location=location,
birthdate=birthdate,
)
return ajax_popup_notification(
"success",
"One last step before you can log in! "
"We sent you a confirmation email that should "
"arrive in the next few minutes. "
"Just click the link inside. "
"Don't forget to check your spam folder too.",
status=200,
)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was. This is okay because our app requires JS to be enabled.
# If the user managed to send us an asynch request with JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(False, 400)
# These need to go here instead of in the settings file to avoid circular dependencies
signup_form_settings["ZIP_CODE_REMOTE_URL"] = reverse("valid_zip_code")
signup_form_settings["EMAIL_REMOTE_URL"] = reverse("valid_email")
return render(request, "registration/signup.html", {"form_settings": signup_form_settings})
def signup(request):
#If the user is already logged in, they're doing something they aren't supposed to. Send them a 405.
if request.user.is_authenticated():
return HttpResponseNotAllowed(['POST'])
# If the form has been submitted by the user
if request.method == 'POST':
signup_form = SignupForm(request.POST, request=request)
#Determine which form the user submitted.
if signup_form.is_valid():
password = signup_form.cleaned_data.get('password')
email = signup_form.cleaned_data.get('email')
first_name = signup_form.cleaned_data.get('first_name')
last_name = signup_form.cleaned_data.get('last_name')
birthdate = signup_form.cleaned_data.get('birthdate')
location = signup_form.cleaned_data.get('location')
# Creates the user profile as well. Saves both objects to the database.
User.objects.create_user(
email=email,
password=password,
first_name=first_name,
last_name=last_name,
location=location,
birthdate=birthdate,
)
return ajax_popup_notification(
'success', "One last step before you can log in! "
"We sent you a confirmation email that should "
"arrive in the next few minutes. "
"Just click the link inside. "
"Don't forget to check your spam folder too.",
status=200)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was. This is okay because our app requires JS to be enabled.
# If the user managed to send us an asynch request with JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(False, 400)
# These need to go here instead of in the settings file to avoid circular dependencies
signup_form_settings['ZIP_CODE_REMOTE_URL'] = reverse('valid_zip_code')
signup_form_settings['EMAIL_REMOTE_URL'] = reverse('valid_email')
return render(request, 'registration/signup.html',
{'form_settings': signup_form_settings})
def submit(request):
log = logging.getLogger('logentries')
log.setLevel(logging.INFO)
handler = LogentriesHandler('28379e13-d9b8-434f-a233-7ec9369d2fcb')
log.addHandler(handler)
if request.method == 'POST':
log.info("executing views.submit()");
try:
contact_form = ContactForm(request.POST)
except Exception as e:
#log.error("ContactForm exception error({0}): {1}".format(e.errno, e.strerror))
log.error("ContactForm exception error")
raise
#log.info("contactForm() isvalid({0}) -> body: '{1}' email: '{2}' subject: '{3}'.".format(contact_form.is_valid(), contact_form.body, contact_form.from_email_address, contact_form.subject_type));
if contact_form.is_valid():
try:
subject_type = contact_form.cleaned_data.get('subject_type')
subject_type = reverse_category_lookup(subject_type, contact_form_settings.get('SUBJECT_TYPES'))
body = contact_form.cleaned_data.get('body')
from_email_address = contact_form.cleaned_data.get('from_email_address')
except Exception as e:
#log.error("contact_form.is_valid() error({0}): {1}".format(e.errno, e.strerror))
log.error("contact_form.is_valid()")
raise
try:
# Send an email to [email protected] with the user's message
send_email(SOCIAL_EMAIL_ADDRESS,
subject_type,
body,
from_email=from_email_address
)
except Exception as e:
log.error("SOCIAL_EMAIL_ADDRESS error" )
#log.error("SOCIAL_EMAIL_ADDRESS error({0}): {1}".format(e.errno, e.strerror))
raise
try:
# Also shoot the user who contacted us an email to let them know we'll get back to them soon.
send_email(from_email_address,
FEEDBACK_SUBMISSION_RESPONSE_SUBJECT,
'',
FEEDBACK_SUBMISSION_RESPONSE_TEMPLATE,
)
except Exception as e:
log.error("from_email_address error")
#log.error("from_email_address error({0}): {1}".format(e.errno, e.strerror))
raise
# Notice that we always return True. If the email failed to send, we need to figure it out on our side.
# There is nothing additional for the client to do.
return ajax_popup_notification('success','We got your message! '
'Someone should respond to you within 24 hours.', 200)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was. This is okay because our app requires JS to be enabled.
# If the user managed to send us an aysynch request with JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(False)
else:
contact_form = ContactForm()
return render(request,
'contact/contact_form.html',
{'contact_form': contact_form,
'form_settings': contact_form_settings,
}
)