Start May Small Update (#803)

* Feat(kontres)/add image to bookable item (#785) * added optional image to bookable item model * added update method in serializer to handle new images * linting * remove update method for images * Feat(kontres)/add approved by (#786) * added approved by field * endpoint will now set approved by * serializer will return full user object in approved_by_detail * created test for approved by * migration * remove unnecessary code * removed write-only field in approved-by context * Create minutes for Codex (#787) * init * format * Feat(minute)/viewset (#788) * added richer reponse on post and put * added to admin panel * added filter for minute * Feat(kontres)/add notification (#790) * created methods for sending notification to admin and user * endpoint will now send notification if needed * add migrations for new notification types * Memberships with fines activated (#791) init * Feat(user)/user bio (#758) * Created model, serializer and view for user-bio * Created user bio model and made migrations * Created user bio serializer + viewsets + added new endpoint * Tested create method + added bio serializer to user serializer * Format * Created update method and started testing * Debugging test failures in user retrieve * fixed model error * Created user_bio_factory + started testing put method * Created fixture for UserBio * Created custom excpetion for duplicate user bio * Added permissions and inherited from BaseModel * Modularized serializer for bio * Use correct serializers in viewset + added destroy method * Finished testing bio viewset integration + format * Changed environent file to .env to avoid pushing up keys * Fix: Flipped assertion statement in test, since user bio should not be deleted * skiped buggy test from kontres * added mark to pytest.skip * Moved keys to .env file and reverted docker variables * Skip buggy kontres test * format * Added str method to user_bio * Removed unused imports * format * Changed user relation to a OneToOne-field (same affect as ForeignKey(unique=True) + removed check for duplicate bio in serializer * Migrations + changed assertion status code in duplicate bio test (could try catch in serializer to produce 400 status code) * format * format * Changed limit for description 50 -> 500 + migrations * Migrate * added id to serializer * merged leaf nodes in migrations * format --------- Co-authored-by: Ester2109 <126612066+Ester2109@users.noreply.github.com> Co-authored-by: Mads Nylund <madsnyl@gmail.com> Co-authored-by: Mads Nylund <73914541+MadsNyl@users.noreply.github.com> Co-authored-by: Tam Le <tamle2107@hotmail.com> * Update CHANGELOG.md * added filter for allowed photos for user (#794) added filter for allowed photos * Upped payment time when coming from waiting list (#796) * fixed paymenttime saved to db (#798) * fixed bug (#800) * Disallow users to unregister when payment is done (#802) added 400 status code for deleting paid registration * update changelog --------- Co-authored-by: Erik Skjellevik <98759397+eriskjel@users.noreply.github.com> Co-authored-by: haruixu <114171733+haruixu@users.noreply.github.com> Co-authored-by: Ester2109 <126612066+Ester2109@users.noreply.github.com> Co-authored-by: Tam Le <tamle2107@hotmail.com>
TIHLDE · May 1, 2024 · ea832e1 · ea832e1
1 parent 5b3a462
commit ea832e1
Show file tree

Hide file tree

Showing 3 changed files with 58 additions and 0 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -14,6 +14,9 @@
 
 ## Neste versjon
 
+## Versjon 2024.05.01
+- ⚡**Påmelding**. En bruker som har betalt for en påmelding på et arrangement kan ikke lenger melde seg av.
+
 ## Versjon 2024.04.16
 - ✨ **Brukerbio**. Bruker kan nå opprette bio.
 

diff --git a/app/content/views/registration.py b/app/content/views/registration.py
@@ -24,6 +24,7 @@
 from app.content.util.event_utils import start_payment_countdown
 from app.payment.enums import OrderStatus
 from app.payment.models.order import Order
+from app.payment.util.order_utils import has_paid_order
 
 
 class RegistrationViewSet(APIRegistrationErrorsMixin, BaseViewSet):
@@ -121,11 +122,27 @@ def destroy(self, request, *args, **kwargs):
 
     def _unregister(self, registration):
         self._log_on_destroy(registration)
+
+        if self._registration_is_paid(registration):
+            return Response(
+                {
+                    "detail": "Du kan ikke melde deg av et arrangement du har betalt for."
+                },
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
         registration.delete()
         return Response(
             {"detail": "Du har blitt meldt av arrangementet"}, status=status.HTTP_200_OK
         )
 
+    def _registration_is_paid(self, registration):
+        event = registration.event
+        if event.is_paid_event:
+            orders = event.orders.filter(user=registration.user)
+            return has_paid_order(orders)
+        return False
+
     def _admin_unregister(self, registration):
         self._log_on_destroy(registration)
         registration.admin_unregister()

diff --git a/app/tests/content/test_registration_integration.py b/app/tests/content/test_registration_integration.py
@@ -10,6 +10,7 @@
 from app.forms.enums import EventFormType
 from app.forms.tests.form_factories import EventFormFactory, SubmissionFactory
 from app.group.factories import GroupFactory
+from app.payment.enums import OrderStatus
 from app.util.test_utils import add_user_to_group_with_name, get_api_client
 from app.util.utils import now
 
@@ -1031,3 +1032,40 @@ def test_add_registration_to_event_as_member(member, event):
     response = client.post(url, data)
 
     assert response.status_code == status.HTTP_403_FORBIDDEN
+
+
+@pytest.mark.django_db
+@pytest.mark.parametrize(
+    ("order_status", "status_code"),
+    [
+        (OrderStatus.SALE, status.HTTP_400_BAD_REQUEST),
+        (OrderStatus.CAPTURE, status.HTTP_400_BAD_REQUEST),
+        (OrderStatus.RESERVED, status.HTTP_400_BAD_REQUEST),
+        (OrderStatus.CANCEL, status.HTTP_200_OK),
+        (OrderStatus.INITIATE, status.HTTP_200_OK),
+        (OrderStatus.REFUND, status.HTTP_200_OK),
+        (OrderStatus.VOID, status.HTTP_200_OK),
+    ],
+)
+def test_delete_registration_with_paid_order_as_self(
+    member, event, order, paid_event, order_status, status_code
+):
+    """
+    A member should not be able to delete their registration if they have a paid order.
+    """
+
+    order.status = order_status
+    order.event = event
+    order.user = member
+    order.save()
+
+    paid_event.event = event
+    paid_event.save()
+
+    registration = RegistrationFactory(user=member, event=event)
+    client = get_api_client(user=member)
+
+    url = _get_registration_detail_url(registration)
+    response = client.delete(url)
+
+    assert response.status_code == status_code