def get_object(self): basket_class = cached_load("SHUUP_BASKET_CLASS_SPEC") shop = self.request.shop uuid = get_key(self.kwargs.get(self.lookup_field, "")) storage = get_storage() if not storage.basket_exists(uuid, shop): raise exceptions.NotFound() basket = basket_class(self.request._request, basket_name=uuid) try: basket._data = basket.storage.load(basket) except BasketCompatibilityError as error: raise exceptions.ValidationError(str(error)) # ensure correct creator if not self.request.user.is_superuser: if not basket.shop == shop: raise exceptions.PermissionDenied("No permission") customer_id = (basket.customer.pk if basket.customer else None) controlled_contact_ids = self._get_controlled_contacts_by_user( self.request.user) is_staff = self.is_staff_user(shop, self.request.user) if customer_id and customer_id not in controlled_contact_ids and not is_staff: raise exceptions.PermissionDenied("No permission") return basket
def get_object(self): basket_class = cached_load("SHUUP_BASKET_CLASS_SPEC") shop = self.request.shop uuid = get_key(self.kwargs.get(self.lookup_field, "")) storage = get_storage() if not storage.basket_exists(uuid, shop): raise exceptions.NotFound() basket = basket_class(self.request._request, basket_name=uuid) try: basket._data = basket.storage.load(basket) except BasketCompatibilityError as error: raise exceptions.ValidationError(str(error)) # ensure correct creator if not self.request.user.is_superuser: if not basket.shop == shop: raise exceptions.PermissionDenied("No permission") customer_id = (basket.customer.pk if basket.customer else None) controlled_contact_ids = self._get_controlled_contacts_by_user(self.request.user) is_staff = self.is_staff_user(shop, self.request.user) if customer_id and customer_id not in controlled_contact_ids and not is_staff: raise exceptions.PermissionDenied("No permission") return basket
def __init__(self, request, basket_name="basket"): super(BaseBasket, self).__init__(request.shop) self.request = request self.basket_name = basket_name self.key = basket_name if request: self.ip_address = request.META.get("REMOTE_ADDR") self.storage = get_storage() self._data = None self._shipping_address = None self._billing_address = None self._customer_comment = u"" self.creator = getattr(request, "user", None) # {Note: Being "dirty" means "not saved". It's independent of # {the caching status (which is cleared with self.uncache()). # I.e. it's possible to be not saved but cached, or saved but # not cached. self.dirty = False self.uncache() # Set empty values for cache variables
def __init__(self, request, basket_name="basket", shop=None, **kwargs): super(BaseBasket, self).__init__(shop or request.shop) self.request = request self.basket_name = basket_name self.key = basket_name if request: self.ip_address = request.META.get("REMOTE_ADDR") self.storage = get_storage() self._data = None self._shipping_address = None self._billing_address = None self._customer_comment = u"" self.creator = getattr(request, "user", None) # {Note: Being "dirty" means "not saved". It's independent of # {the caching status (which is cleared with self.uncache()). # I.e. it's possible to be not saved but cached, or saved but # not cached. self.dirty = False self.uncache() # Set empty values for cache variables