def post(self, request, format=None): # TODO: Make it possible to create orders with options. # at the moment, no options are passed to this method, which means they # are also not created. basket = parse_basket_from_hyperlink(request.data, format) if not request_contains_basket(request, basket): return response.Response("Unauthorized", status=status.HTTP_401_UNAUTHORIZED) c_ser = self.serializer_class(data=request.data, context={'request': request}) if c_ser.is_valid(): order = c_ser.save() basket.freeze() o_ser = self.order_serializer_class(order, context={'request': request}) oscarapi_post_checkout.send(sender=self, order=order, user=request.user, request=request, response=response) return response.Response(o_ser.data) return response.Response(c_ser.errors, status.HTTP_406_NOT_ACCEPTABLE)
def get_queryset(self): basket_pk = self.kwargs.get('basket_pk') basket = get_object_or_404(operations.editable_baskets(), pk=basket_pk) prepped_basket = operations.prepare_basket(basket, self.request) if operations.request_contains_basket(self.request, prepped_basket): return prepped_basket.lines else: return self.queryset.none()
def get_queryset(self): basket_pk = self.kwargs.get('basket_pk') basket = get_object_or_404(operations.editable_baskets(), pk=basket_pk) prepped_basket = operations.prepare_basket(basket, self.request) if operations.request_contains_basket(self.request, prepped_basket): return prepped_basket.all_lines() else: return self.queryset.none()
def process_request(self, request): super(ApiBasketMiddleWare, self).process_request(request) if self.is_api_request(request): # we should make sure that any cookie baskets are turned into # session baskets, since oscarapi uses only baskets from the # session. cookie_key = self.get_cookie_key(request) basket = self.get_cookie_basket( cookie_key, request, Exception( "get_cookie_basket doesn't use the manager argument")) if basket is not None: if request_contains_basket(request, basket): pass else: store_basket_in_session(basket, request.session)
def process_request(self, request): super(ApiBasketMiddleWare, self).process_request(request) if self.is_api_request(request): # we should make sure that any cookie baskets are turned into # session baskets, since oscarapi uses only baskets from the # session. cookie_key = self.get_cookie_key(request) basket = self.get_cookie_basket( cookie_key, request, Exception("get_cookie_basket doesn't use the manager argument") ) if basket is not None: if request_contains_basket(request, basket): pass else: store_basket_in_session(basket, request.session)
def has_object_permission(self, request, view, obj): return request_contains_basket(request, obj) or request.user.is_staff