From c7002922a66ee5391cf06faee0755d5296084d5c Mon Sep 17 00:00:00 2001
From: Shreyansh Dwivedi <shreyanshdwivedi1997@gmail.com>
Date: Thu, 11 Jul 2019 16:05:21 +0530
Subject: [PATCH 1/3] fix: checks if paid ticket has payment method enabled

---
 app/api/tickets.py | 49 +++++++++++++++++++++++++++++++++++++++++++---
 1 file changed, 46 insertions(+), 3 deletions(-)

diff --git a/app/api/tickets.py b/app/api/tickets.py
index f1e5d5f98f..1998bf57e4 100644
--- a/app/api/tickets.py
+++ b/app/api/tickets.py
@@ -2,6 +2,7 @@
 from flask_rest_jsonapi import ResourceDetail, ResourceList, ResourceRelationship
 from flask_rest_jsonapi.exceptions import ObjectNotFound
 from flask_jwt import current_identity as current_user, _jwt_required
+from sqlalchemy.orm.exc import NoResultFound
 
 from app.api.bootstrap import api
 from app.api.helpers.db import safe_query
@@ -16,7 +17,7 @@
 from app.models.ticket import Ticket, TicketTag, ticket_tags_table
 from app.models.event import Event
 from app.models.ticket_holder import TicketHolder
-from app.api.helpers.exceptions import ConflictException, MethodNotAllowed
+from app.api.helpers.exceptions import ConflictException, MethodNotAllowed, UnprocessableEntity
 from app.api.helpers.db import get_count
 
 class TicketListPost(ResourceList):
@@ -43,10 +44,32 @@ def before_post(self, args, kwargs, data):
         if get_count(db.session.query(Event).filter_by(id=int(data['event']), is_ticketing_enabled=False)) > 0:
             raise MethodNotAllowed({'parameter': 'event_id'}, "Ticketing is disabled for this Event")
 
+    def before_create_object(self, data, view_kwargs):
+        """
+        before create method to check if paid ticket has a paymentMethod enabled
+        :param data:
+        :param view_kwargs:
+        :return:
+        """
+        if data.get('type') == 'paid' and data.get('event'):
+            try:
+                event = db.session.query(Event).filter_by(id=data['event'], deleted_at=None).one()
+            except NoResultFound:
+                raise UnprocessableEntity({'event_id': data['event']}, "Event does not exist")
+            if not (event.can_pay_by_paypal or event.can_pay_by_stripe or event.can_pay_by_omise or
+                    event.can_pay_by_alipay or event.can_pay_by_cheque or event.can_pay_by_bank or
+                    event.can_pay_onsite):
+                raise UnprocessableEntity(
+                    {'event_id': data['event']}, "Event having paid ticket must have a payment method")
+
     schema = TicketSchema
     methods = ['POST', ]
     data_layer = {'session': db.session,
-                  'model': Ticket}
+                  'model': Ticket,
+                  'methods': {
+                      'before_create_object': before_create_object,
+                      'before_post': before_post
+                  }}
 
 
 class TicketList(ResourceList):
@@ -144,13 +167,33 @@ def before_get_object(self, view_kwargs):
             else:
                 view_kwargs['id'] = None
 
+    def before_update_object(self, ticket, data, view_kwargs):
+        """
+        method to check if paid ticket has payment method before updating ticket object
+        :param ticket:
+        :param data:
+        :param view_kwargs:
+        :return:
+        """
+        if ticket.type == 'paid':
+            try:
+                event = db.session.query(Event).filter_by(id=ticket.event.id, deleted_at=None).one()
+            except NoResultFound:
+                raise UnprocessableEntity({'event_id': ticket.event.id}, "Event does not exist")
+            if not (event.can_pay_by_paypal or event.can_pay_by_stripe or event.can_pay_by_omise or
+                    event.can_pay_by_alipay or event.can_pay_by_cheque or event.can_pay_by_bank or
+                    event.can_pay_onsite):
+                raise UnprocessableEntity(
+                    {'event_id': ticket.event.id}, "Event having paid ticket must have a payment method")
+
     decorators = (api.has_permission('is_coorganizer', fetch='event_id',
                   fetch_as="event_id", model=Ticket, methods="PATCH,DELETE"),)
     schema = TicketSchema
     data_layer = {'session': db.session,
                   'model': Ticket,
                   'methods': {
-                      'before_get_object': before_get_object
+                      'before_get_object': before_get_object,
+                      'before_update_object': before_update_object
                   }}
 
 

From 8103f025d87a2578e0c3e2b57a7086aebbce1437 Mon Sep 17 00:00:00 2001
From: Shreyansh Dwivedi <shreyanshdwivedi1997@gmail.com>
Date: Thu, 11 Jul 2019 16:20:40 +0530
Subject: [PATCH 2/3] introduce is_payment_enabeled function in event model

---
 app/api/tickets.py  | 8 ++------
 app/models/event.py | 6 ++++++
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/app/api/tickets.py b/app/api/tickets.py
index 1998bf57e4..b6c5cebd71 100644
--- a/app/api/tickets.py
+++ b/app/api/tickets.py
@@ -56,9 +56,7 @@ def before_create_object(self, data, view_kwargs):
                 event = db.session.query(Event).filter_by(id=data['event'], deleted_at=None).one()
             except NoResultFound:
                 raise UnprocessableEntity({'event_id': data['event']}, "Event does not exist")
-            if not (event.can_pay_by_paypal or event.can_pay_by_stripe or event.can_pay_by_omise or
-                    event.can_pay_by_alipay or event.can_pay_by_cheque or event.can_pay_by_bank or
-                    event.can_pay_onsite):
+            if not event.is_payment_enabled():
                 raise UnprocessableEntity(
                     {'event_id': data['event']}, "Event having paid ticket must have a payment method")
 
@@ -180,9 +178,7 @@ def before_update_object(self, ticket, data, view_kwargs):
                 event = db.session.query(Event).filter_by(id=ticket.event.id, deleted_at=None).one()
             except NoResultFound:
                 raise UnprocessableEntity({'event_id': ticket.event.id}, "Event does not exist")
-            if not (event.can_pay_by_paypal or event.can_pay_by_stripe or event.can_pay_by_omise or
-                    event.can_pay_by_alipay or event.can_pay_by_cheque or event.can_pay_by_bank or
-                    event.can_pay_onsite):
+            if not event.is_payment_enabled():
                 raise UnprocessableEntity(
                     {'event_id': ticket.event.id}, "Event having paid ticket must have a payment method")
 
diff --git a/app/models/event.py b/app/models/event.py
index 99be0d1e61..26c92cc3f1 100644
--- a/app/models/event.py
+++ b/app/models/event.py
@@ -356,6 +356,12 @@ def get_average_rating(self):
             avg = round(avg, 2)
         return avg
 
+    def is_payment_enabled(self):
+        if self.can_pay_by_paypal or self.can_pay_by_stripe or self.can_pay_by_omise or self.can_pay_by_alipay \
+                or self.can_pay_by_cheque or self.can_pay_by_bank or self.can_pay_onsite:
+            return True
+        return False
+
     @property
     def average_rating(self):
         return self.get_average_rating()

From 34885e7e5e9822479b6dcc64b23e7a603f7dba10 Mon Sep 17 00:00:00 2001
From: Shreyansh Dwivedi <shreyanshdwivedi1997@gmail.com>
Date: Thu, 11 Jul 2019 16:37:19 +0530
Subject: [PATCH 3/3] updates is_payment_enabled function

---
 app/models/event.py | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/app/models/event.py b/app/models/event.py
index 26c92cc3f1..c08b742502 100644
--- a/app/models/event.py
+++ b/app/models/event.py
@@ -357,10 +357,8 @@ def get_average_rating(self):
         return avg
 
     def is_payment_enabled(self):
-        if self.can_pay_by_paypal or self.can_pay_by_stripe or self.can_pay_by_omise or self.can_pay_by_alipay \
-                or self.can_pay_by_cheque or self.can_pay_by_bank or self.can_pay_onsite:
-            return True
-        return False
+        return self.can_pay_by_paypal or self.can_pay_by_stripe or self.can_pay_by_omise or self.can_pay_by_alipay \
+            or self.can_pay_by_cheque or self.can_pay_by_bank or self.can_pay_onsite
 
     @property
     def average_rating(self):