diff --git a/app/api/attendees.py b/app/api/attendees.py index d42f18c3a2..7629b975ab 100644 --- a/app/api/attendees.py +++ b/app/api/attendees.py @@ -1,7 +1,7 @@ from datetime import datetime from flask import Blueprint, request, jsonify, abort, make_response -from flask_jwt import current_identity, jwt_required +from flask_jwt import current_identity from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship from flask_rest_jsonapi.exceptions import ObjectNotFound from sqlalchemy.orm.exc import NoResultFound @@ -174,7 +174,7 @@ def before_update_object(self, obj, data, kwargs): user = safe_query(self, User, 'id', current_identity.id, 'user_id') ticket = db.session.query(Ticket).filter_by( id=int(data['ticket']), deleted_at=None - ).first() + ).first() if ticket is None: raise UnprocessableEntity( {'pointer': '/data/relationships/ticket'}, "Invalid Ticket" diff --git a/app/api/orders.py b/app/api/orders.py index 638a8253d9..783bcea7c8 100644 --- a/app/api/orders.py +++ b/app/api/orders.py @@ -1,8 +1,8 @@ -from datetime import datetime -from flask import request, jsonify, Blueprint, url_for, redirect -import omise import logging +from datetime import datetime +import omise +from flask import request, jsonify, Blueprint, url_for, redirect from flask_jwt import current_identity as current_user from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship from marshmallow_jsonapi import fields @@ -12,7 +12,6 @@ from app.api.bootstrap import api from app.api.data_layers.ChargesLayer import ChargesLayer from app.api.helpers.db import save_to_db, safe_query, safe_query_without_soft_deleted_entries -from app.api.helpers.storage import generate_hash, UPLOAD_PATHS from app.api.helpers.errors import BadRequestError from app.api.helpers.exceptions import ForbiddenException, UnprocessableEntity, ConflictException from app.api.helpers.files import make_frontend_url @@ -22,10 +21,12 @@ send_notif_ticket_cancel from app.api.helpers.order import delete_related_attendees_for_order, set_expiry_for_order, \ create_pdf_tickets_for_holder, create_onsite_attendees_for_order +from app.api.helpers.payment import AliPayPaymentsManager, OmisePaymentsManager from app.api.helpers.payment import PayPalPaymentsManager from app.api.helpers.permission_manager import has_access from app.api.helpers.permissions import jwt_required from app.api.helpers.query import event_query +from app.api.helpers.storage import generate_hash, UPLOAD_PATHS from app.api.helpers.ticketing import TicketingManager from app.api.helpers.utilities import dasherize, require_relationship from app.api.schema.orders import OrderSchema @@ -34,8 +35,6 @@ from app.models.order import Order, OrderTicket, get_updatable_fields from app.models.ticket_holder import TicketHolder from app.models.user import User -from app.api.helpers.payment import AliPayPaymentsManager, OmisePaymentsManager - order_misc_routes = Blueprint('order_misc', __name__, url_prefix='/v1') alipay_blueprint = Blueprint('alipay_blueprint', __name__, url_prefix='/v1/alipay') @@ -74,6 +73,9 @@ def before_create_object(self, data, view_kwargs): :param view_kwargs: :return: """ + + free_ticket_quantity = 0 + for ticket_holder in data['ticket_holders']: # Ensuring that the attendee exists and doesn't have an associated order. try: @@ -86,6 +88,15 @@ def before_create_object(self, data, view_kwargs): raise ConflictException({'pointer': '/data/relationships/attendees'}, "Attendee with id {} does not exists".format(str(ticket_holder))) + if ticket_holder_object.ticket.type == 'free': + free_ticket_quantity += 1 + + if not current_user.is_verified and free_ticket_quantity == len(data['ticket_holders']): + raise UnprocessableEntity( + {'pointer': '/data/relationships/order'}, + "Unverified user cannot place free orders" + ) + if data.get('cancel_note'): del data['cancel_note']