def record_authorization(self, request, format, reply_log_entry): # If the transaction already exists, do nothing if Transaction.objects.filter(reference=request.data.get('transaction_id')).exists(): logger.warning('Duplicate transaction_id received from CyberSource: %s' % request.data.get('transaction_id')) return redirect(settings.REDIRECT_SUCCESS) # Compare reference number to the order number cached in the session if request.data.get('req_reference_number') != request.session.get(CHECKOUT_ORDER_NUM): raise SuspiciousOperation("req_reference_number doesn't match user session") # Get the (currently frozen) basket from the session reference try: basket = Basket.objects.get(id=request.session.get(CHECKOUT_BASKET_ID)) except Basket.DoesNotExist: raise SuspiciousOperation("no basket in session") assign_basket_strategy(basket, request) # Get the basket and serializer prepared to place an order data = self._build_checkout_data(request, basket) ser = self.get_checkout_serializer(request, data) if not ser.is_valid(): return Response(ser.errors, status.HTTP_400_BAD_REQUEST) # Check if the authorization was declined if request.data.get('decision') != self.DECISION_ACCEPT: messages.add_message(request._request, messages.ERROR, settings.CARD_REJECT_ERROR) basket.thaw() return redirect(settings.REDIRECT_FAIL) # Everything checks out. Place the order and record the transaction. order = ser.save() # Save the payment token. We'll need to send this to PnP so they can complete the transaction token = self._record_payment_token(request, reply_log_entry) # Record the transaction information and, if it was declined, make the user try again self._record_payment(order, token, request, reply_log_entry) # Mark order as authorized since we've successfully auth'd the card order.set_status(settings.ORDER_STATUS_SUCCESS) # Run post order placement tasks self.send_confirmation_message(order, self.communication_type_code) signals.order_placed.send( sender=self.__class__, order=order) # Clean up the session for key in (CHECKOUT_BASKET_ID, CHECKOUT_ORDER_NUM, CHECKOUT_SHIPPING_CODE): if key in request.session: del request.session[key] request.session.modified = True request.session[CHECKOUT_ORDER_ID] = order.id return redirect(settings.REDIRECT_SUCCESS)
def get(self, request, pk=None, format=None): line = self.get_object() basket = get_basket(request) # if the line is from the current basket, use the serializer that # computes the prices by using the strategy. if line.basket == basket: assign_basket_strategy(line.basket, request) ser = serializers.BasketLineSerializer(instance=line, context={'request': request}) return Response(ser.data) return super(LineDetail, self).get(request, pk, format)
def to_representation(self, obj): # This override is needed to reflect offer discounts or strategy # related prices immediately in the response operations.assign_basket_strategy(obj.basket, self.context['request']) # Oscar stores the calculated discount in line._discount_incl_tax or # line._discount_excl_tax when offers are applied. So by just # retrieving the line from the db you will loose this values, that's # why we need to get the line from the in-memory resultset here lines = (x for x in obj.basket.all_lines() if x.id == obj.id) line = next(lines, None) return super(BasketLineSerializer, self).to_representation(line)
def get(self, request, pk=None, format=None): line = self.get_object() basket = operations.get_basket(request) # if the line is from the current basket, use the serializer that # computes the prices by using the strategy. if line.basket == basket: operations.assign_basket_strategy(line.basket, request) ser = BasketLineSerializer(instance=line, context={'request': request}) return Response(ser.data) return super(LineDetail, self).get(request, pk, format)
def get_queryset(self): basket_pk = self.kwargs.get("pk") basket = self.check_basket_permission(self.request, basket_pk=basket_pk) prepped_basket = operations.assign_basket_strategy( basket, self.request) return prepped_basket.all_lines()
def get( self, request, pk, format=None ): # pylint: disable=redefined-builtin,arguments-differ basket = self.check_basket_permission(request, basket_pk=pk) prepped_basket = operations.assign_basket_strategy(basket, request) self.queryset = prepped_basket.all_lines() return super(LineList, self).get(request, format)
def get(self, request, pk=None, format=None): if pk is not None: basket = self.check_basket_permission(request, pk) prepped_basket = operations.assign_basket_strategy(basket, request) self.queryset = prepped_basket.all_lines() self.serializer_class = serializers.BasketLineSerializer return super(LineList, self).get(request, format)
def get(self, request, pk=None, format=None): if pk is not None: basket = self.check_basket_permission(request, pk) prepped_basket = operations.assign_basket_strategy(basket, request) self.queryset = prepped_basket.all_lines() self.serializer_class = BasketLineSerializer return super(LineList, self).get(request, format)
def validate(self, attrs): request = self.context['request'] if request.user.is_anonymous(): if not settings.OSCAR_ALLOW_ANON_CHECKOUT: message = _('Anonymous checkout forbidden') raise serializers.ValidationError(message) if not attrs.get('guest_email'): # Always require the guest email field if the user is anonymous message = _('Guest email is required for anonymous checkouts') raise serializers.ValidationError(message) else: if 'guest_email' in attrs: # Don't store guest_email field if the user is authenticated del attrs['guest_email'] basket = attrs.get('basket') basket = assign_basket_strategy(basket, request) if basket.num_items <= 0: message = _('Cannot checkout with empty basket') raise serializers.ValidationError(message) shipping_method = self._shipping_method( request, basket, attrs.get('shipping_method_code'), attrs.get('shipping_address') ) shipping_charge = shipping_method.calculate(basket) posted_shipping_charge = attrs.get('shipping_charge') if posted_shipping_charge is not None: posted_shipping_charge = prices.Price(**posted_shipping_charge) # test submitted data. if not posted_shipping_charge == shipping_charge: message = _('Shipping price incorrect %s != %s' % ( posted_shipping_charge, shipping_charge )) raise serializers.ValidationError(message) posted_total = attrs.get('total') total = OrderTotalCalculator().calculate(basket, shipping_charge) if posted_total is not None: if posted_total != total.incl_tax: message = _('Total incorrect %s != %s' % ( posted_total, total.incl_tax )) raise serializers.ValidationError(message) # update attrs with validated data. attrs['total'] = total attrs['shipping_method'] = shipping_method attrs['shipping_charge'] = shipping_charge attrs['basket'] = basket return attrs
def validate(self, attrs): request = self.context['request'] if request.user.is_anonymous: if not settings.OSCAR_ALLOW_ANON_CHECKOUT: message = _('Anonymous checkout forbidden') raise serializers.ValidationError(message) if not attrs.get('guest_email'): # Always require the guest email field if the user is anonymous message = _('Guest email is required for anonymous checkouts') raise serializers.ValidationError(message) else: if 'guest_email' in attrs: # Don't store guest_email field if the user is authenticated del attrs['guest_email'] basket = attrs.get('basket') basket = assign_basket_strategy(basket, request) if basket.num_items <= 0: message = _('Cannot checkout with empty basket') raise serializers.ValidationError(message) shipping_method = self._shipping_method( request, basket, attrs.get('shipping_method_code'), attrs.get('shipping_address') ) shipping_charge = shipping_method.calculate(basket) posted_shipping_charge = attrs.get('shipping_charge') if posted_shipping_charge is not None: posted_shipping_charge = prices.Price(**posted_shipping_charge) # test submitted data. if not posted_shipping_charge == shipping_charge: message = _('Shipping price incorrect %s != %s' % ( posted_shipping_charge, shipping_charge )) raise serializers.ValidationError(message) posted_total = attrs.get('total') total = OrderTotalCalculator().calculate(basket, shipping_charge) if posted_total is not None: if posted_total != total.incl_tax: message = _('Total incorrect %s != %s' % ( posted_total, total.incl_tax )) raise serializers.ValidationError(message) # update attrs with validated data. attrs['total'] = total attrs['shipping_method'] = shipping_method attrs['shipping_charge'] = shipping_charge attrs['basket'] = basket return attrs
def get(self, request, pk=None, format=None): if pk is not None: basket = self.check_basket_permission(request, pk) prepped_basket = assign_basket_strategy(basket, request) self.queryset = prepped_basket.all_lines() self.serializer_class = serializers.BasketLineSerializer elif not request.user.is_staff: self.permission_denied(request) return super(LineList, self).get(request, format)
def get_queryset(self): pk = self.kwargs.get('pk') if pk is not None: # usually we need the lines of the basket basket = self.check_basket_permission(self.request, basket_pk=pk) prepped_basket = assign_basket_strategy(basket, self.request) return prepped_basket.all_lines() elif self.request.user.is_staff: # admin users can view a bit more return super(LineList, self).get_queryset() else: # non admin users can view nothing at all here. return self.permission_denied(self.request)
def validate(self, attrs): request = self.context["request"] if request.user.is_anonymous: if not settings.OSCAR_ALLOW_ANON_CHECKOUT: message = _("Anonymous checkout forbidden") raise serializers.ValidationError(message) if not attrs.get("guest_email"): # Always require the guest email field if the user is anonymous message = _("Guest email is required for anonymous checkouts") raise serializers.ValidationError(message) else: if "guest_email" in attrs: # Don't store guest_email field if the user is authenticated del attrs["guest_email"] basket = attrs.get("basket") basket = assign_basket_strategy(basket, request) if basket.num_items <= 0: message = _("Cannot checkout with empty basket") raise serializers.ValidationError(message) shipping_method = self._shipping_method( request, basket, attrs.get("shipping_method_code"), attrs.get("shipping_address"), ) shipping_charge = shipping_method.calculate(basket) posted_shipping_charge = attrs.get("shipping_charge") if posted_shipping_charge is not None: posted_shipping_charge = prices.Price(**posted_shipping_charge) # test submitted data. if not posted_shipping_charge == shipping_charge: message = _( "Shipping price incorrect %s != %s" % (posted_shipping_charge, shipping_charge) ) raise serializers.ValidationError(message) posted_total = attrs.get("total") total = OrderTotalCalculator().calculate(basket, shipping_charge) if posted_total is not None: if posted_total != total.incl_tax: message = _("Total incorrect %s != %s" % (posted_total, total.incl_tax)) raise serializers.ValidationError(message) # update attrs with validated data. attrs["order_total"] = total attrs["shipping_method"] = shipping_method attrs["shipping_charge"] = shipping_charge attrs["basket"] = basket return attrs
def get(self, request, pk=None, format=None): if pk is not None: email = request.query_params.get('email', None) print(email) if email is not None: request.user = User.objects.filter(email=email).first() basket = self.check_basket_permission(request, pk) prepped_basket = operations.assign_basket_strategy(basket, request) self.queryset = prepped_basket.all_lines() self.serializer_class = BasketLineSerializer return super(MyLineList, self).get(request, format)
def validate(self, attrs): request = self.context['request'] if request.user.is_anonymous() and not settings.OSCAR_ALLOW_ANON_CHECKOUT: message = _('Anonymous checkout forbidden') raise serializers.ValidationError(message) basket = attrs.get('basket') basket = assign_basket_strategy(basket, request) shipping_method = self._shipping_method( request, basket, attrs.get('shipping_method_code'), attrs.get('shipping_address') ) shipping_charge = shipping_method.calculate(basket) posted_shipping_charge = attrs.get('shipping_charge') if posted_shipping_charge is not None: posted_shipping_charge = prices.Price(**posted_shipping_charge) # test submitted data. if not posted_shipping_charge == shipping_charge: message = _('Shipping price incorrect %s != %s' % ( posted_shipping_charge, shipping_charge )) raise serializers.ValidationError(message) posted_total = attrs.get('total') total = OrderTotalCalculator().calculate(basket, shipping_charge) if posted_total is not None: if posted_total != total.incl_tax: message = _('Total incorrect %s != %s' % ( posted_total, total.incl_tax )) raise serializers.ValidationError(message) # update attrs with validated data. attrs['total'] = total attrs['shipping_method'] = shipping_method attrs['shipping_charge'] = shipping_charge attrs['basket'] = basket return attrs
def get_object(self): basket = super(BasketDetail, self).get_object() return assign_basket_strategy(basket, self.request)
def get_object(self, queryset=None): basket = super(BasketDetail, self).get_object(queryset) return assign_basket_strategy(basket, self.request)