def _set_order_payment_declined(order, request):
# Set the order status
order.set_status(ORDER_STATUS_PAYMENT_DECLINED)
voucher_applications = order.voucherapplication_set.all()
for voucher_application in voucher_applications:
voucher = voucher_application.voucher
parent = getattr(voucher, "parent", None)
if parent:
parent.num_orders = F("num_orders") - 1
parent.save(update_children=False)
voucher.num_orders = F("num_orders") - 1
voucher.save()
# Delete some related objects
order.discounts.all().delete()
order.line_prices.all().delete()
voucher_applications.delete()
# Thaw the basket and put it back into the request.session so that it can be retried
order.basket.thaw()
operations.store_basket_in_session(order.basket, request.session)
# Send a signal
order_payment_declined.send(sender=order, order=order, request=request)
def post(self, request, format=None):
ser = serializers.LoginSerializer(data=request.data)
if ser.is_valid():
anonymous_basket = operations.get_anonymous_basket(request)
user = ser.object
# refuse to login logged in users, to avoid attaching sessions to
# multiple users at the same time.
if request.user.is_authenticated():
return Response(
{'detail': 'Session is in use, log out first'},
status=status.HTTP_405_METHOD_NOT_ALLOWED)
request.user = user
login_and_upgrade_session(request._request, user)
# merge anonymous basket with authenticated basket.
basket = operations.get_user_basket(user)
if anonymous_basket is not None:
self.merge_baskets(anonymous_basket, basket)
operations.store_basket_in_session(basket, request.session)
return Response()
return Response(ser.errors, status=status.HTTP_401_UNAUTHORIZED)
def post(self, request, format=None):
ser = self.serializer_class(data=request.data)
if ser.is_valid():
anonymous_basket = operations.get_anonymous_basket(request)
user = ser.instance
# refuse to login logged in users, to avoid attaching sessions to
# multiple users at the same time.
if request.user.is_authenticated:
return Response(
{'detail': 'Session is in use, log out first'},
status=status.HTTP_405_METHOD_NOT_ALLOWED)
request.user = user
login_and_upgrade_session(request._request, user)
# merge anonymous basket with authenticated basket.
basket = operations.get_user_basket(user)
if anonymous_basket is not None:
self.merge_baskets(anonymous_basket, basket)
operations.store_basket_in_session(basket, request.session)
return Response("")
return Response(ser.errors, status=status.HTTP_401_UNAUTHORIZED)
def _set_order_payment_declined(order, request):
# Set the order status
order.set_status(ORDER_STATUS_PAYMENT_DECLINED)
# Thaw the basket and put it back into the request.session so that it can be retried
order.basket.thaw()
operations.store_basket_in_session(order.basket, request.session)
# Send a signal
order_payment_declined.send(sender=order, order=order, request=request)
def process_request(self, request):
super(ApiBasketMiddleWare, self).process_request(request)
if self.is_api_request(request):
# we should make sure that any cookie baskets are turned into
# session baskets, since oscarapi uses only baskets from the
# session.
cookie_key = self.get_cookie_key(request)
basket = self.get_cookie_basket(
cookie_key, request,
Exception(
"get_cookie_basket doesn't use the manager argument"))
if basket is not None:
if request_contains_basket(request, basket):
pass
else:
store_basket_in_session(basket, request.session)
def process_request(self, request):
super(ApiBasketMiddleWare, self).process_request(request)
if self.is_api_request(request):
# we should make sure that any cookie baskets are turned into
# session baskets, since oscarapi uses only baskets from the
# session.
cookie_key = self.get_cookie_key(request)
basket = self.get_cookie_basket(
cookie_key,
request,
Exception("get_cookie_basket doesn't use the manager argument")
)
if basket is not None:
if request_contains_basket(request, basket):
pass
else:
store_basket_in_session(basket, request.session)
def __call__(self, request):
if self.is_api_request(request):
request.cookies_to_delete = []
# we should make sure that any cookie baskets are turned into
# session baskets, since oscarapi uses only baskets from the
# session.
cookie_key = self.get_cookie_key(request)
basket = self.get_cookie_basket(
cookie_key, request,
Exception(
"get_cookie_basket doesn't use the manager argument"))
if basket is not None:
# when a basket exists and we are already allowed to access
# this basket
if request_allows_access_to_basket(request, basket):
pass
else:
store_basket_in_session(basket, request.session)
return super(ApiBasketMiddleWare, self).__call__(request)
def __call__(self, request):
if self.is_api_request(request):
request.cookies_to_delete = []
# we should make sure that any cookie baskets are turned into
# session baskets, since oscarapi uses only baskets from the
# session.
cookie_key = self.get_cookie_key(request)
basket = self.get_cookie_basket(
cookie_key,
request,
Exception("get_cookie_basket doesn't use the manager argument")
)
if basket is not None:
# when a basket exists and we are already allowed to access
# this basket
if request_allows_access_to_basket(request, basket):
pass
else:
store_basket_in_session(basket, request.session)
return super(ApiBasketMiddleWare, self).__call__(request)