forked from uncloud/uncloud
Compare commits
1 commit
master
...
user-billi
Author | SHA1 | Date | |
---|---|---|---|
caf7f7a2c2 |
7 changed files with 118 additions and 52 deletions
|
@ -22,3 +22,5 @@ uritemplate
|
|||
# Comprehensive interface to validate VAT numbers, making use of the VIES
|
||||
# service for European countries.
|
||||
vat-validator
|
||||
|
||||
drf-nested-routers
|
||||
|
|
|
@ -19,7 +19,7 @@ from django.urls import path, include
|
|||
from django.conf import settings
|
||||
from django.conf.urls.static import static
|
||||
|
||||
from rest_framework import routers
|
||||
from rest_framework_nested import routers
|
||||
from rest_framework.schemas import get_schema_view
|
||||
|
||||
from opennebula import views as oneviews
|
||||
|
@ -51,15 +51,6 @@ router.register(r'service/generic', serviceviews.GenericServiceProductViewSet, b
|
|||
router.register(r'net/vpn', netviews.VPNNetworkViewSet, basename='vpnnet')
|
||||
router.register(r'net/vpnreservation', netviews.VPNNetworkReservationViewSet, basename='vpnnetreservation')
|
||||
|
||||
|
||||
# Pay
|
||||
router.register(r'address', payviews.BillingAddressViewSet, basename='address')
|
||||
router.register(r'bill', payviews.BillViewSet, basename='bill')
|
||||
router.register(r'order', payviews.OrderViewSet, basename='order')
|
||||
router.register(r'payment', payviews.PaymentViewSet, basename='payment')
|
||||
router.register(r'payment-method', payviews.PaymentMethodViewSet, basename='payment-method')
|
||||
|
||||
|
||||
# admin/staff urls
|
||||
router.register(r'admin/bill', payviews.AdminBillViewSet, basename='admin/bill')
|
||||
router.register(r'admin/payment', payviews.AdminPaymentViewSet, basename='admin/payment')
|
||||
|
@ -70,11 +61,21 @@ router.register(r'admin/vpnpool', netviews.VPNPoolViewSet)
|
|||
router.register(r'admin/opennebula', oneviews.VMViewSet, basename='opennebula')
|
||||
|
||||
# User/Account
|
||||
router.register(r'self', authviews.SelfViewSet, basename='self')
|
||||
router.register(r'user', authviews.UserViewSet, basename='user')
|
||||
router.register(r'admin/user', authviews.AdminUserViewSet, basename='useradmin')
|
||||
|
||||
users_router = routers.NestedSimpleRouter(router, r'user', lookup='user')
|
||||
users_router.register(r'bill', payviews.BillViewSet, basename='user-bill')
|
||||
users_router.register(r'address', payviews.BillingAddressViewSet, basename='user-address')
|
||||
users_router.register(r'order', payviews.OrderViewSet, basename='user-order')
|
||||
users_router.register(r'payment', payviews.PaymentViewSet, basename='user-payment')
|
||||
users_router.register(r'payment-method', payviews.PaymentMethodViewSet, basename='user-payment-method')
|
||||
|
||||
|
||||
|
||||
urlpatterns = [
|
||||
path('', include(router.urls)),
|
||||
path('', include(users_router.urls)),
|
||||
# web/ = stuff to view in the browser
|
||||
|
||||
path('web/pdf/', payviews.MyPDFView.as_view(), name='pdf'),
|
||||
|
|
24
uncloud_django_based/uncloud/uncloud_auth/helpers.py
Normal file
24
uncloud_django_based/uncloud/uncloud_auth/helpers.py
Normal file
|
@ -0,0 +1,24 @@
|
|||
from rest_framework import permissions
|
||||
from django.contrib.auth import get_user_model
|
||||
|
||||
class IsOwnerOrAdmin(permissions.BasePermission):
|
||||
"""
|
||||
Object-level permission to only allow owner or admin to edit an object.
|
||||
Assumes the model instance has an `owner` attribute.
|
||||
"""
|
||||
|
||||
def has_permission(self, request, view):
|
||||
if request.user.is_staff:
|
||||
return True
|
||||
|
||||
try:
|
||||
target_user = get_user_model().objects.get(
|
||||
username=view.kwargs['user_pk'])
|
||||
return target_user == request.user
|
||||
except:
|
||||
return False
|
||||
|
||||
def has_object_permission(self, request, view, obj):
|
||||
return (obj.owner == request.user) or request.user.is_staff
|
||||
|
||||
|
|
@ -1,6 +1,7 @@
|
|||
from django.contrib.auth.models import AbstractUser
|
||||
from django.db import models
|
||||
from django.core.validators import MinValueValidator
|
||||
from rest_framework.reverse import reverse
|
||||
|
||||
from uncloud import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS
|
||||
|
||||
|
|
|
@ -1,16 +1,49 @@
|
|||
from django.contrib.auth import get_user_model
|
||||
from rest_framework import serializers
|
||||
from rest_framework_nested.relations import NestedHyperlinkedRelatedField
|
||||
|
||||
from uncloud import AMOUNT_DECIMALS, AMOUNT_MAX_DIGITS
|
||||
|
||||
class UserSerializer(serializers.ModelSerializer):
|
||||
class UserSerializer(serializers.HyperlinkedModelSerializer):
|
||||
|
||||
balance = serializers.DecimalField(max_digits=AMOUNT_MAX_DIGITS,
|
||||
decimal_places=AMOUNT_DECIMALS)
|
||||
|
||||
bill_endpoint = serializers.HyperlinkedIdentityField(
|
||||
view_name='user-bill-list',
|
||||
lookup_field='username',
|
||||
lookup_url_kwarg='user_pk'
|
||||
)
|
||||
|
||||
order_endpoint = serializers.HyperlinkedIdentityField(
|
||||
view_name='user-order-list',
|
||||
lookup_field='username',
|
||||
lookup_url_kwarg='user_pk'
|
||||
)
|
||||
|
||||
address_endpoint = serializers.HyperlinkedIdentityField(
|
||||
view_name='user-address-list',
|
||||
lookup_field='username',
|
||||
lookup_url_kwarg='user_pk'
|
||||
)
|
||||
|
||||
payment_method_endpoint = serializers.HyperlinkedIdentityField(
|
||||
view_name='user-payment-method-list',
|
||||
lookup_field='username',
|
||||
lookup_url_kwarg='user_pk'
|
||||
)
|
||||
|
||||
payment_endpoint = serializers.HyperlinkedIdentityField(
|
||||
view_name='user-payment-list',
|
||||
lookup_field='username',
|
||||
lookup_url_kwarg='user_pk'
|
||||
)
|
||||
|
||||
class Meta:
|
||||
model = get_user_model()
|
||||
fields = ['username', 'email', 'balance', 'maximum_credit' ]
|
||||
fields = ['username', 'email', 'balance', 'maximum_credit',
|
||||
'bill_endpoint', 'order_endpoint', 'address_endpoint',
|
||||
'payment_method_endpoint', 'payment_endpoint']
|
||||
|
||||
class ImportUserSerializer(serializers.Serializer):
|
||||
username = serializers.CharField()
|
||||
|
|
|
@ -3,9 +3,11 @@ from .serializers import *
|
|||
from django_auth_ldap.backend import LDAPBackend
|
||||
from rest_framework.decorators import action
|
||||
from rest_framework.response import Response
|
||||
from rest_framework.generics import get_object_or_404
|
||||
from rest_framework import mixins
|
||||
from .models import *
|
||||
|
||||
class UserViewSet(mixins.ListModelMixin, viewsets.GenericViewSet):
|
||||
class SelfViewSet(mixins.ListModelMixin, viewsets.GenericViewSet):
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
serializer_class = UserSerializer
|
||||
|
||||
|
@ -18,9 +20,8 @@ class UserViewSet(mixins.ListModelMixin, viewsets.GenericViewSet):
|
|||
serializer = self.get_serializer(user, context = {'request': request})
|
||||
return Response(serializer.data)
|
||||
|
||||
class AdminUserViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
# FIXME: make this admin
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
class UserViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
permission_classes = [permissions.IsAdminUser]
|
||||
|
||||
def get_serializer_class(self):
|
||||
if self.action == 'import_from_ldap':
|
||||
|
@ -29,7 +30,15 @@ class AdminUserViewSet(viewsets.ReadOnlyModelViewSet):
|
|||
return UserSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
return get_user_model().objects.all()
|
||||
return User.objects.all()
|
||||
|
||||
# Override default implementation to search by username instead of ID.
|
||||
def retrieve(self, request, pk):
|
||||
queryset = self.filter_queryset(self.get_queryset())
|
||||
instance = get_object_or_404(queryset, username=pk)
|
||||
serializer = self.get_serializer(instance)
|
||||
|
||||
return Response(serializer.data)
|
||||
|
||||
@action(detail=False, methods=['post'], url_path='import_from_ldap')
|
||||
def import_from_ldap(self, request, pk=None):
|
||||
|
|
|
@ -18,28 +18,25 @@ from .serializers import *
|
|||
from datetime import datetime
|
||||
from vat_validator import sanitize_vat
|
||||
import uncloud_pay.stripe as uncloud_stripe
|
||||
from uncloud_auth.helpers import IsOwnerOrAdmin
|
||||
|
||||
logger = logging.getLogger(__name__)
|
||||
|
||||
# FIXME: user resolution from user_pk field might fail if queried for
|
||||
# non-existing username by an admin. It should return 404 instead.
|
||||
|
||||
###
|
||||
# Payments and Payment Methods.
|
||||
|
||||
class PaymentViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
serializer_class = PaymentSerializer
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrAdmin]
|
||||
|
||||
def get_queryset(self):
|
||||
return Payment.objects.filter(owner=self.request.user)
|
||||
|
||||
class OrderViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
serializer_class = OrderSerializer
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
|
||||
def get_queryset(self):
|
||||
return Order.objects.filter(owner=self.request.user)
|
||||
return Payment.objects.filter(owner__username=self.kwargs['user_pk'])
|
||||
|
||||
class PaymentMethodViewSet(viewsets.ModelViewSet):
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrAdmin]
|
||||
|
||||
def get_serializer_class(self):
|
||||
if self.action == 'create':
|
||||
|
@ -52,21 +49,22 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
return PaymentMethodSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
return PaymentMethod.objects.filter(owner=self.request.user)
|
||||
return PaymentMethod.objects.filter(owner__username=self.kwargs['user_pk'])
|
||||
|
||||
# XXX: Handling of errors is far from great down there.
|
||||
@transaction.atomic
|
||||
def create(self, request):
|
||||
def create(self, request, user_pk):
|
||||
user = get_user_model().objects.get(user_pk)
|
||||
serializer = self.get_serializer(data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
|
||||
# Set newly created method as primary if no other method is.
|
||||
if PaymentMethod.get_primary_for(request.user) == None:
|
||||
if PaymentMethod.get_primary_for(user) == None:
|
||||
serializer.validated_data['primary'] = True
|
||||
|
||||
if serializer.validated_data['source'] == "stripe":
|
||||
# Retrieve Stripe customer ID for user.
|
||||
customer_id = uncloud_stripe.get_customer_id_for(request.user)
|
||||
customer_id = uncloud_stripe.get_customer_id_for(user)
|
||||
if customer_id == None:
|
||||
return Response(
|
||||
{'error': 'Could not resolve customer stripe ID.'},
|
||||
|
@ -79,7 +77,7 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
|
||||
|
||||
payment_method = PaymentMethod.objects.create(
|
||||
owner=request.user,
|
||||
owner=user,
|
||||
stripe_setup_intent_id=setup_intent.id,
|
||||
**serializer.validated_data)
|
||||
|
||||
|
@ -90,11 +88,11 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
stripe_registration_url = reverse('api-root', request=request) + path
|
||||
return Response({'please_visit': stripe_registration_url})
|
||||
else:
|
||||
serializer.save(owner=request.user, **serializer.validated_data)
|
||||
serializer.save(owner=user, **serializer.validated_data)
|
||||
return Response(serializer.data)
|
||||
|
||||
@action(detail=True, methods=['post'])
|
||||
def charge(self, request, pk=None):
|
||||
def charge(self, request, pk=None, user_pk=None):
|
||||
payment_method = self.get_object()
|
||||
serializer = self.get_serializer(data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
|
@ -107,7 +105,7 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
return Response({'error': str(e)}, status=status.HTTP_500_INTERNAL_SERVER_ERROR)
|
||||
|
||||
@action(detail=True, methods=['get'], url_path='register-stripe-cc', renderer_classes=[TemplateHTMLRenderer])
|
||||
def register_stripe_cc(self, request, pk=None):
|
||||
def register_stripe_cc(self, request, pk=None, user_pk=None):
|
||||
payment_method = self.get_object()
|
||||
|
||||
if payment_method.source != 'stripe':
|
||||
|
@ -143,7 +141,7 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
return Response(template_args, template_name='stripe-payment.html.j2')
|
||||
|
||||
@action(detail=True, methods=['post'], url_path='activate-stripe-cc')
|
||||
def activate_stripe_cc(self, request, pk=None):
|
||||
def activate_stripe_cc(self, request, pk=None, user_pk=None):
|
||||
payment_method = self.get_object()
|
||||
try:
|
||||
setup_intent = uncloud_stripe.get_setup_intent(
|
||||
|
@ -165,9 +163,10 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
return Response({'error': error})
|
||||
|
||||
@action(detail=True, methods=['post'], url_path='set-as-primary')
|
||||
def set_as_primary(self, request, pk=None):
|
||||
def set_as_primary(self, request, pk=None, user_pk=None):
|
||||
user = get_user_model().objects.get(user_pk)
|
||||
payment_method = self.get_object()
|
||||
payment_method.set_as_primary_for(request.user)
|
||||
payment_method.set_as_primary_for(user)
|
||||
|
||||
serializer = self.get_serializer(payment_method)
|
||||
return Response(serializer.data)
|
||||
|
@ -177,28 +176,24 @@ class PaymentMethodViewSet(viewsets.ModelViewSet):
|
|||
|
||||
class BillViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
serializer_class = BillSerializer
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrAdmin]
|
||||
|
||||
def get_queryset(self):
|
||||
return Bill.objects.filter(owner=self.request.user)
|
||||
|
||||
def unpaid(self, request):
|
||||
return Bill.objects.filter(owner=self.request.user, paid=False)
|
||||
|
||||
return Bill.objects.filter(owner__username=self.kwargs['user_pk'])
|
||||
|
||||
class OrderViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
serializer_class = OrderSerializer
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrAdmin]
|
||||
|
||||
def get_queryset(self):
|
||||
return Order.objects.filter(owner=self.request.user)
|
||||
return Order.objects.filter(owner__username=self.kwargs['user_pk'])
|
||||
|
||||
class BillingAddressViewSet(mixins.CreateModelMixin,
|
||||
mixins.RetrieveModelMixin,
|
||||
mixins.UpdateModelMixin,
|
||||
mixins.ListModelMixin,
|
||||
viewsets.GenericViewSet):
|
||||
permission_classes = [permissions.IsAuthenticated]
|
||||
permission_classes = [permissions.IsAuthenticated, IsOwnerOrAdmin]
|
||||
|
||||
def get_serializer_class(self):
|
||||
if self.action == 'update':
|
||||
|
@ -207,16 +202,17 @@ class BillingAddressViewSet(mixins.CreateModelMixin,
|
|||
return BillingAddressSerializer
|
||||
|
||||
def get_queryset(self):
|
||||
return self.request.user.billingaddress_set.all()
|
||||
return BillingAddress.objects.filter(owner__username=self.kwargs['user_pk'])
|
||||
|
||||
def create(self, request, user_pk):
|
||||
user = get_user_model().objects.get(username=user_pk)
|
||||
|
||||
def create(self, request):
|
||||
serializer = self.get_serializer(data=request.data)
|
||||
serializer.is_valid(raise_exception=True)
|
||||
|
||||
# Validate VAT numbers.
|
||||
country = serializer.validated_data["country"]
|
||||
vat_number = serializer.validated_data["vat_number"]
|
||||
|
||||
# We ignore empty VAT numbers.
|
||||
if vat_number != "":
|
||||
if not validate_vat(country, vat_number):
|
||||
|
@ -238,7 +234,7 @@ class BillingAddressViewSet(mixins.CreateModelMixin,
|
|||
status=status.HTTP_500_INTERNAL_SERVER_ERROR)
|
||||
|
||||
|
||||
serializer.save(owner=request.user)
|
||||
serializer.save(owner=user)
|
||||
return Response(serializer.data)
|
||||
|
||||
###
|
||||
|
|
Loading…
Reference in a new issue