From 678167978c668e0d385a5f1572723350f80e1d6f Mon Sep 17 00:00:00 2001
From: PCoder <purple.coder@yahoo.co.uk>
Date: Sat, 7 Jul 2018 01:50:46 +0200
Subject: [PATCH] Add check to forbid user from deleting the last card

---
 hosting/views.py | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/hosting/views.py b/hosting/views.py
index a28815f2..7e23a682 100644
--- a/hosting/views.py
+++ b/hosting/views.py
@@ -15,12 +15,12 @@ from django.http import (
     Http404, HttpResponseRedirect, HttpResponse, JsonResponse
 )
 from django.shortcuts import redirect, render
+from django.utils.decorators import method_decorator
 from django.utils.html import escape
 from django.utils.http import urlsafe_base64_decode
 from django.utils.safestring import mark_safe
 from django.utils.translation import get_language, ugettext_lazy as _
 from django.utils.translation import ugettext
-from django.utils.decorators import method_decorator
 from django.views.decorators.cache import never_cache
 from django.views.generic import (
     View, CreateView, FormView, ListView, DetailView, DeleteView,
@@ -615,7 +615,13 @@ class SettingsView(LoginRequiredMixin, FormView):
         if 'delete_card' in request.POST:
             try:
                 card = UserCardDetail.objects.get(pk=self.kwargs.get('pk'))
-                if request.user.has_perm(self.permission_required[0], card):
+                if (request.user.has_perm(self.permission_required[0], card)
+                        and
+                        request.user
+                                .stripecustomer
+                                .usercarddetail_set
+                                .count() > 1
+                ):
                     if card.card_id is not None:
                         stripe_utils = StripeUtils()
                         stripe_utils.dissociate_customer_card(