def request_to_buy(request):
user = request.user
try:
ticket = Ticket.objects.get(pk=request.POST.get('ticket_id'))
except Ticket.DoesNotExist:
raise Http404()
# Do this validation again...
if not Request.can_request(ticket, user) or Request.requested_other_ticket_same_time(user, ticket):
return ajax_http(False, 400)
if ticket.poster == user:
logging.warning('User cannot request to buy their own ticket')
return ajax_http(False, 400)
# Get the token and card that stripe sent us
token = request.POST.get('token')
card_id = request.POST.get('card_id')
if not token or not card_id:
logging.info('Request to buy submitted without Stripe token for {}'.format(user))
return ajax_other_message('Your request was unable to be processed. Our developers are on it!', 400)
try:
customer, card = create_customer_and_card(user, token, card_id)
except StripeError as e:
logging.critical('Request creation failed')
return ajax_other_message('Your request was unable to be processed. Our developers are on it', 400)
Request.objects.create_request(ticket, user, card)
return ajax_other_message('Your request to buy has been submitted. '
'Your card will be charged if the seller accepts your request.', 200)
def submit_ticket(request):
# If the form has been submitted by the user
if request.method == 'POST':
submit_ticket_form = SubmitTicketForm(request.POST)
#Determine which form the user submitted.
if submit_ticket_form.is_valid():
user = request.user
title = submit_ticket_form.cleaned_data.get('title')
price = submit_ticket_form.cleaned_data.get('price')
location_raw = submit_ticket_form.cleaned_data.get('location_raw')
location = submit_ticket_form.cleaned_data.get('location')
venue = submit_ticket_form.cleaned_data.get('venue')
start_datetime = submit_ticket_form.cleaned_data.get(
'start_datetime')
ticket_type = submit_ticket_form.cleaned_data.get('ticket_type')
payment_method = submit_ticket_form.cleaned_data.get(
'payment_method', 'G') # TODO Assume good faith since
# lean launch won't have secure
about = submit_ticket_form.cleaned_data.get(
'about') or '' # Might be empty
token = submit_ticket_form.cleaned_data.get('token')
card_id = submit_ticket_form.cleaned_data.get('card_id')
try:
customer, card = create_customer_and_card(user, token, card_id)
except StripeError as e:
logging.critical('Ticket creation failed')
return ajax_other_message(
'Uh oh, it looks like our server broke! Our developers are on it.',
400)
Ticket.objects.create_ticket(
poster=request.user,
price=price,
title=title,
about=about,
start_datetime=start_datetime,
location_raw=location_raw,
location=location,
ticket_type=ticket_type,
payment_method=payment_method,
card=card,
status='P',
venue=venue,
)
return ajax_popup_notification(
'success', 'Your ticket was successfully submitted! '
'It will become visible to others shortly.', 200)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was (unless it was a non_field error that we couldn't validate
# on the front end). This is okay because our app requires JS to be enabled.
# If the user managed to send us an aysynch request xwith JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(
**non_field_errors_notification(submit_ticket_form))
return render(request, 'tickets/submit_ticket.html',
{'form_settings': ticket_submit_form_settings})
def submit_ticket(request):
# If the form has been submitted by the user
if request.method == 'POST':
submit_ticket_form = SubmitTicketForm(request.POST)
#Determine which form the user submitted.
if submit_ticket_form.is_valid():
user = request.user
title = submit_ticket_form.cleaned_data.get('title')
price = submit_ticket_form.cleaned_data.get('price')
location_raw = submit_ticket_form.cleaned_data.get('location_raw')
location = submit_ticket_form.cleaned_data.get('location')
venue = submit_ticket_form.cleaned_data.get('venue')
start_datetime = submit_ticket_form.cleaned_data.get('start_datetime')
ticket_type = submit_ticket_form.cleaned_data.get('ticket_type')
payment_method = submit_ticket_form.cleaned_data.get('payment_method', 'G') # TODO Assume good faith since
# lean launch won't have secure
about = submit_ticket_form.cleaned_data.get('about') or '' # Might be empty
token = submit_ticket_form.cleaned_data.get('token')
card_id = submit_ticket_form.cleaned_data.get('card_id')
try:
customer, card = create_customer_and_card(user, token, card_id)
except StripeError as e:
logging.critical('Ticket creation failed')
return ajax_other_message('Uh oh, it looks like our server broke! Our developers are on it.', 400)
Ticket.objects.create_ticket(poster=request.user,
price=price,
title=title,
about=about,
start_datetime=start_datetime,
location_raw=location_raw,
location=location,
ticket_type=ticket_type,
payment_method=payment_method,
card=card,
status='P',
venue=venue,
)
return ajax_popup_notification('success',
'Your ticket was successfully submitted! '
'It will become visible to others shortly.',
200)
# If the user ignored out javascript validation and sent an invalid form, send back an error.
# We don't actually specify what the form error was (unless it was a non_field error that we couldn't validate
# on the front end). This is okay because our app requires JS to be enabled.
# If the user managed to send us an aysynch request xwith JS disabled, they aren't using the site as designed.
# eg., possibly a malicious user. No need to repeat the form pretty validation already done on the front end.
else:
return ajax_http(**non_field_errors_notification(submit_ticket_form))
return render(request,
'tickets/submit_ticket.html',
{'form_settings': ticket_submit_form_settings}
)
