combo/combo/apps/lingo/views.py

# lingo - basket and payment system
# Copyright (C) 2015  Entr'ouvert
#
# This program is free software: you can redistribute it and/or modify it
# under the terms of the GNU Affero General Public License as published
# by the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU Affero General Public License for more details.
#
# You should have received a copy of the GNU Affero General Public License
# along with this program.  If not, see <http://www.gnu.org/licenses/>.

from decimal import Decimal
import json

from django.contrib.auth.models import User
from django.core.urlresolvers import reverse
from django.http import HttpResponse, HttpResponseRedirect
from django.template.response import TemplateResponse
from django.utils import timezone
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import View, ListView

import eopayment

from .models import Regie, BasketItem, Transaction

class RegiesApiView(ListView):
    model = Regie

    def get(self, request, *args, **kwargs):
        response = HttpResponse(content_type='application/json')
        data = {'data': [x.as_api_dict() for x in self.get_queryset()]}
        json_str = json.dumps(data)
        if 'jsonpCallback' in request.GET:
            json_str = '%s(%s);' % (request.GET['jsonpCallback'], json_str)
        response.write(json_str)
        return response


class AddBasketItemApiView(View):
    http_method_names = ['post', 'options']

    @csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(AddBasketItemApiView, self).dispatch(*args, **kwargs)

    def post(self, request, *args, **kwargs):
        # XXX: check request signature

        request_body = json.loads(self.request.body)

        item = BasketItem()
        item.amount = Decimal(request.GET.get('amount'))

        try:
            if request.GET.get('NameId'):
                user = User.objects.get(username=request.GET.get('NameId'))
            elif request.GET.get('email'):
                user = User.objects.get(email=request.GET.get('email'))
            else:
                raise Exception('no user specified')
        except User.DoesNotExist:
            raise Exception('unknown user')

        item.user = user
        if request.GET.get('regie_id'):
            item.regie = Regie.objects.get(id=request.GET.get('regie_id'))
        else:
            # if there's no regie specified, use the first one we get from the
            # database...
            item.regie = Regie.objects.all()[0]

        item.subject = request_body.get('display_name')
        item.source_url = request_body.get('url')

        item.save()

        response = HttpResponse(content_type='application/json')
        response.write(json.dumps({'result': 'success'}))
        return response

class PayView(View):
    def post(self, request, *args, **kwargs):
        items = BasketItem.objects.filter(id__in=request.POST.getlist('item'))
        # XXX: check all items are going to the same regie

        transaction = Transaction()
        transaction.user = request.user
        transaction.save()
        transaction.items = items
        transaction.status = 0
        transaction.save()

        total_amount = sum([x.amount for x in items])

        regie = items[0].regie

        payment = eopayment.Payment(regie.service, regie.service_options)
        return_url = request.build_absolute_uri(
                reverse('lingo-callback', kwargs={'regie_pk': regie.id}))
        (order_id, kind, data) = payment.request(total_amount,
                next_url=request.build_absolute_uri('/'),
                accepturl=return_url,
                declineurl=return_url,
                exceptionurl=return_url,
                cancelurl=return_url)
        transaction.order_id = order_id
        transaction.save()

        # XXX: mark basket items as being processed (?)

        if kind == eopayment.URL:
            return HttpResponseRedirect(data)
        elif kind == eopayment.FORM:
            return TemplateResponse(request, 'lingo/payment_form.html', {'form': data})

        raise NotImplementedError()


class CallbackView(View):
    def get(self, request, *args, **kwargs):
        regie = Regie.objects.get(id=kwargs.get('regie_pk'))
        payment = eopayment.Payment(regie.service, regie.service_options)
        payment_response = payment.response(request.environ['QUERY_STRING'])
        if not payment_response.result == eopayment.CANCELLED:
            # cancellation are not signed...
            assert payment_response.signed is True

        transaction = Transaction.objects.get(order_id=payment_response.order_id)
        transaction.status = payment_response.result
        transaction.bank_data = payment_response.bank_data
        transaction.end_date = timezone.now()
        transaction.save()

        if payment_response.result != eopayment.PAID:
            return HttpResponseRedirect('/')

        for item in transaction.items.all():
            item.payment_date = transaction.end_date
            item.save()
            try:
                item.notify()
            except:
                # ignore errors, it will be retried later on if it fails
                pass
        return HttpResponseRedirect('/')
lingo: add api view to get list of regies 2015-02-08 15:14:58 +01:00			`# lingo - basket and payment system`
			`# Copyright (C) 2015 Entr'ouvert`
			`#`
			`# This program is free software: you can redistribute it and/or modify it`
			`# under the terms of the GNU Affero General Public License as published`
			`# by the Free Software Foundation, either version 3 of the License, or`
			`# (at your option) any later version.`
			`#`
			`# This program is distributed in the hope that it will be useful,`
			`# but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`# GNU Affero General Public License for more details.`
			`#`
			`# You should have received a copy of the GNU Affero General Public License`
			`# along with this program. If not, see <http://www.gnu.org/licenses/>.`
lingo: start as a standalone module Lingo was started as a standalone module and the commits where later crafted onto the combo repository. 2015-02-08 11:32:29 +01:00
lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00			`from decimal import Decimal`
lingo: add api view to get list of regies 2015-02-08 15:14:58 +01:00			`import json`

lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00			`from django.contrib.auth.models import User`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`from django.core.urlresolvers import reverse`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00			`from django.http import HttpResponse, HttpResponseRedirect`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`from django.template.response import TemplateResponse`
lingo: use timezone.now() instead of datetime.now() 2015-03-07 14:01:24 +01:00			`from django.utils import timezone`
lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00			`from django.views.decorators.csrf import csrf_exempt`
			`from django.views.generic import View, ListView`
lingo: add api view to get list of regies 2015-02-08 15:14:58 +01:00
lingo: send request to payment service 2015-03-05 17:02:52 +01:00			`import eopayment`

			`from .models import Regie, BasketItem, Transaction`
lingo: add api view to get list of regies 2015-02-08 15:14:58 +01:00
			`class RegiesApiView(ListView):`
			`model = Regie`

			`def get(self, request, args, *kwargs):`
			`response = HttpResponse(content_type='application/json')`
			`data = {'data': [x.as_api_dict() for x in self.get_queryset()]}`
			`json_str = json.dumps(data)`
			`if 'jsonpCallback' in request.GET:`
			`json_str = '%s(%s);' % (request.GET['jsonpCallback'], json_str)`
			`response.write(json_str)`
			`return response`
lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00

			`class AddBasketItemApiView(View):`
			`http_method_names = ['post', 'options']`

			`@csrf_exempt`
			`def dispatch(self, args, *kwargs):`
			`return super(AddBasketItemApiView, self).dispatch(args, *kwargs)`

			`def post(self, request, args, *kwargs):`
lingo: fill basket item with details from request 2015-03-05 16:02:32 +01:00			`# XXX: check request signature`

			`request_body = json.loads(self.request.body)`

lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00			`item = BasketItem()`
			`item.amount = Decimal(request.GET.get('amount'))`

lingo: fill basket item with details from request 2015-03-05 16:02:32 +01:00			`try:`
			`if request.GET.get('NameId'):`
			`user = User.objects.get(username=request.GET.get('NameId'))`
			`elif request.GET.get('email'):`
			`user = User.objects.get(email=request.GET.get('email'))`
			`else:`
			`raise Exception('no user specified')`
			`except User.DoesNotExist:`
			`raise Exception('unknown user')`

			`item.user = user`
			`if request.GET.get('regie_id'):`
			`item.regie = Regie.objects.get(id=request.GET.get('regie_id'))`
			`else:`
			`# if there's no regie specified, use the first one we get from the`
			`# database...`
			`item.regie = Regie.objects.all()[0]`

			`item.subject = request_body.get('display_name')`
			`item.source_url = request_body.get('url')`
lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00
			`item.save()`
lingo: fill basket item with details from request 2015-03-05 16:02:32 +01:00
lingo: add api to add items to basket, with fake values for now 2015-02-08 16:04:03 +01:00			`response = HttpResponse(content_type='application/json')`
			`response.write(json.dumps({'result': 'success'}))`
			`return response`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00
			`class PayView(View):`
			`def post(self, request, args, *kwargs):`
			`items = BasketItem.objects.filter(id__in=request.POST.getlist('item'))`
			`# XXX: check all items are going to the same regie`

			`transaction = Transaction()`
lingo: add a "recent transactions" combo cell 2015-03-07 14:02:13 +01:00			`transaction.user = request.user`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00			`transaction.save()`
			`transaction.items = items`
lingo: track transaction status, handle cancellations (#6999) 2015-04-21 16:40:46 +02:00			`transaction.status = 0`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00			`transaction.save()`

			`total_amount = sum([x.amount for x in items])`

			`regie = items[0].regie`

			`payment = eopayment.Payment(regie.service, regie.service_options)`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`return_url = request.build_absolute_uri(`
			`reverse('lingo-callback', kwargs={'regie_pk': regie.id}))`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00			`(order_id, kind, data) = payment.request(total_amount,`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`next_url=request.build_absolute_uri('/'),`
			`accepturl=return_url,`
			`declineurl=return_url,`
			`exceptionurl=return_url,`
			`cancelurl=return_url)`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00			`transaction.order_id = order_id`
			`transaction.save()`

			`# XXX: mark basket items as being processed (?)`

			`if kind == eopayment.URL:`
			`return HttpResponseRedirect(data)`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`elif kind == eopayment.FORM:`
			`return TemplateResponse(request, 'lingo/payment_form.html', {'form': data})`
lingo: send request to payment service 2015-03-05 17:02:52 +01:00
			`raise NotImplementedError()`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00

			`class CallbackView(View):`
			`def get(self, request, args, *kwargs):`
			`regie = Regie.objects.get(id=kwargs.get('regie_pk'))`
			`payment = eopayment.Payment(regie.service, regie.service_options)`
			`payment_response = payment.response(request.environ['QUERY_STRING'])`
lingo: track transaction status, handle cancellations (#6999) 2015-04-21 16:40:46 +02:00			`if not payment_response.result == eopayment.CANCELLED:`
			`# cancellation are not signed...`
			`assert payment_response.signed is True`

lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`transaction = Transaction.objects.get(order_id=payment_response.order_id)`
lingo: track transaction status, handle cancellations (#6999) 2015-04-21 16:40:46 +02:00			`transaction.status = payment_response.result`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`transaction.bank_data = payment_response.bank_data`
lingo: use timezone.now() instead of datetime.now() 2015-03-07 14:01:24 +01:00			`transaction.end_date = timezone.now()`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`transaction.save()`
lingo: track transaction status, handle cancellations (#6999) 2015-04-21 16:40:46 +02:00
			`if payment_response.result != eopayment.PAID:`
			`return HttpResponseRedirect('/')`

lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`for item in transaction.items.all():`
			`item.payment_date = transaction.end_date`
			`item.save()`
lingo: notify wcs synchronously for now, with a short timeout 2015-03-07 14:00:17 +01:00			`try:`
			`item.notify()`
			`except:`
			`# ignore errors, it will be retried later on if it fails`
			`pass`
lingo: handle posting form and receiving callbacks 2015-03-06 10:47:34 +01:00			`return HttpResponseRedirect('/')`