From 7cd485bc6d77d1fedce8a87d6aca408619d8cd9e Mon Sep 17 00:00:00 2001 From: PCoder Date: Fri, 1 Jan 2021 02:37:52 +0530 Subject: [PATCH] Fix issues on settings/card save/delete methods --- hosting/urls.py | 2 +- hosting/views.py | 37 +++++++++---------------------------- utils/stripe_utils.py | 4 +++- 3 files changed, 13 insertions(+), 30 deletions(-) diff --git a/hosting/urls.py b/hosting/urls.py index 5b2b87b0..e34d27d6 100644 --- a/hosting/urls.py +++ b/hosting/urls.py @@ -51,7 +51,7 @@ urlpatterns = [ name='choice_ssh_keys'), url(r'delete_ssh_key/(?P\d+)/?$', SSHKeyDeleteView.as_view(), name='delete_ssh_key'), - url(r'delete_card/(?P\d+)/?$', SettingsView.as_view(), + url(r'delete_card/(?P[\w\-]+)/$', SettingsView.as_view(), name='delete_card'), url(r'create_ssh_key/?$', SSHKeyCreateView.as_view(), name='create_ssh_key'), diff --git a/hosting/views.py b/hosting/views.py index df497a64..913a9643 100644 --- a/hosting/views.py +++ b/hosting/views.py @@ -595,33 +595,14 @@ class SettingsView(LoginRequiredMixin, FormView): messages.add_message(request, messages.SUCCESS, msg) return HttpResponseRedirect(reverse_lazy('hosting:settings')) if 'delete_card' in request.POST: - try: - card = UserCardDetail.objects.get(pk=self.kwargs.get('pk')) - if (request.user.has_perm(self.permission_required[0], card) - and - request.user - .stripecustomer - .usercarddetail_set - .count() > 1): - if card.card_id is not None: - stripe_utils = StripeUtils() - stripe_utils.dissociate_customer_card( - request.user.stripecustomer.stripe_id, - card.card_id - ) - if card.preferred: - UserCardDetail.set_default_card_from_stripe( - request.user.stripecustomer.stripe_id - ) - card.delete() - msg = _("Card deassociation successful") - messages.add_message(request, messages.SUCCESS, msg) - else: - msg = _("You are not permitted to do this operation") - messages.add_message(request, messages.ERROR, msg) - except UserCardDetail.DoesNotExist: - msg = _("The selected card does not exist") - messages.add_message(request, messages.ERROR, msg) + card = self.kwargs.get('pk') + stripe_utils = StripeUtils() + stripe_utils.dissociate_customer_card( + request.user.stripecustomer.stripe_id, + card + ) + msg = _("Card deassociation successful") + messages.add_message(request, messages.SUCCESS, msg) return HttpResponseRedirect(reverse_lazy('hosting:settings')) form = self.get_form() if form.is_valid(): @@ -697,7 +678,7 @@ class SettingsView(LoginRequiredMixin, FormView): messages.add_message(request, messages.SUCCESS, msg) else: # TODO : Test this flow - id_payment_method = form.cleaned_data.get('id_payment_method') + id_payment_method = request.POST.get('id_payment_method', None) stripe_utils = StripeUtils() card_details = stripe_utils.get_cards_details_from_payment_method( id_payment_method diff --git a/utils/stripe_utils.py b/utils/stripe_utils.py index 09ffc17b..0bfb2412 100644 --- a/utils/stripe_utils.py +++ b/utils/stripe_utils.py @@ -101,7 +101,9 @@ class StripeUtils(object): if card_id.startswith("pm"): logger.debug("PaymentMethod %s detached %s" % (card_id, stripe_customer_id)) - customer.PaymentMethod.detach(card_id) + pm = stripe.PaymentMethod.retrieve(card_id) + stripe.PaymentMethod.detach(card_id) + pm.delete() else: logger.debug("card %s detached %s" % (card_id, stripe_customer_id)) card = customer.sources.retrieve(card_id)