Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
thalia
concrexit
Commits
889ea468
Verified
Commit
889ea468
authored
Aug 28, 2018
by
Sébastiaan Versteeg
Browse files
Change payment processing to use POST requests
parent
31d1b812
Changes
5
Hide whitespace changes
Inline
Side-by-side
website/payments/static/admin/payments/js/payments.js
0 → 100644
View file @
889ea468
django
.
jQuery
(
function
()
{
var
$
=
django
.
jQuery
;
$
(
"
.payments-row a
"
).
click
(
function
(
e
)
{
e
.
preventDefault
();
var
type
=
$
(
e
.
target
).
data
(
'
type
'
);
var
href
=
$
(
e
.
target
).
data
(
'
href
'
);
var
form
=
$
(
'
<form></form>
'
);
form
.
attr
(
"
method
"
,
"
post
"
);
form
.
attr
(
"
action
"
,
href
);
var
field
=
$
(
'
<input/>
'
);
field
.
attr
(
"
type
"
,
"
hidden
"
);
field
.
attr
(
"
name
"
,
'
type
'
);
field
.
attr
(
"
value
"
,
type
);
form
.
append
(
field
);
var
csrf
=
$
(
'
<input/>
'
);
csrf
.
attr
(
"
type
"
,
"
hidden
"
);
csrf
.
attr
(
"
name
"
,
'
csrfmiddlewaretoken
'
);
csrf
.
attr
(
"
value
"
,
$
(
"
input[name='csrfmiddlewaretoken']
"
).
val
());
form
.
append
(
csrf
);
$
(
document
.
body
).
append
(
form
);
form
.
submit
();
});
});
website/payments/templates/admin/payments/change_form.html
View file @
889ea468
...
...
@@ -6,11 +6,16 @@
{% compress css %}
<link
rel=
"stylesheet"
type=
"text/x-scss"
href=
"{% static 'admin/payments/css/forms.scss' %}"
/>
{% endcompress %}
{% endblock %}
{% block extrahead %}
{{ block.super }}
<script
type=
"text/javascript"
src=
"{% static 'admin/payments/js/payments.js' %}"
></script>
{% endblock %}
{% block submit_buttons_bottom %}
{% if payment %}
<div
class=
"submit-row payments-row"
>
<a
href=
"{% url 'payments:admin-process' pk=payment.pk type=
'
cash_payment
' %}
"
class=
"button process"
>
{% trans "Process (cash payment)" %}
</a>
<a
href=
"{% url 'payments:admin-process' pk=payment.pk type=
'
card_payment
' %}
"
class=
"button process"
>
{% trans "Process (card payment)" %}
</a>
<a
data-
href=
"{% url 'payments:admin-process' pk=payment.pk
%}"
data-
type=
"
cash_payment"
class=
"button process"
>
{% trans "Process (cash payment)" %}
</a>
<a
data-
href=
"{% url 'payments:admin-process' pk=payment.pk
%}"
data-
type=
"
card_payment"
class=
"button process"
>
{% trans "Process (card payment)" %}
</a>
</div>
{% endif %}
...
...
website/payments/tests/test_views.py
View file @
889ea468
...
...
@@ -41,16 +41,20 @@ class PaymentAdminViewTest(TestCase):
self
.
client
.
force_login
(
self
.
user
)
def
test_permissions
(
self
):
url
=
'/payment/admin/process/{}/
cash_payment/
'
.
format
(
url
=
'/payment/admin/process/{}/'
.
format
(
self
.
payment
.
pk
)
response
=
self
.
client
.
get
(
url
)
response
=
self
.
client
.
post
(
url
,
{
'type'
:
'cash_payment'
,
})
self
.
assertRedirects
(
response
,
'/admin/login/?next=%s'
%
url
)
self
.
_give_user_permissions
()
url
=
'/payment/admin/process/{}/
cash_payment/
'
.
format
(
url
=
'/payment/admin/process/{}/'
.
format
(
self
.
payment
.
pk
)
response
=
self
.
client
.
get
(
url
)
response
=
self
.
client
.
post
(
url
,
{
'type'
:
'cash_payment'
,
})
self
.
assertRedirects
(
response
,
'/admin/payments/payment/%s/change/'
%
self
.
payment
.
pk
...
...
@@ -59,7 +63,7 @@ class PaymentAdminViewTest(TestCase):
@
mock
.
patch
(
'django.contrib.messages.error'
)
@
mock
.
patch
(
'django.contrib.messages.success'
)
@
mock
.
patch
(
'payments.services.process_payment'
)
def
test_
ge
t
(
self
,
process_payment
,
messages_success
,
messages_error
):
def
test_
pos
t
(
self
,
process_payment
,
messages_success
,
messages_error
):
process_payment
.
return_value
=
[
self
.
payment
]
payment_qs
=
Payment
.
objects
.
filter
(
pk
=
self
.
payment
.
pk
)
...
...
@@ -69,28 +73,48 @@ class PaymentAdminViewTest(TestCase):
self
.
_give_user_permissions
()
type
=
'cash_payment'
response
=
self
.
client
.
get
(
'/payment/admin/process/{}/{}/'
.
format
(
self
.
payment
.
pk
,
type
))
self
.
assertEqual
(
response
.
status_code
,
302
)
self
.
assertEqual
(
response
.
url
,
'/admin/payments/payment/%s/change/'
%
self
.
payment
.
pk
)
process_payment
.
assert_called_once_with
(
payment_qs
,
type
)
messages_success
.
assert_called_once_with
(
response
.
wsgi_request
,
_
(
'Successfully processed %s.'
)
%
model_ngettext
(
self
.
payment
,
1
)
)
process_payment
.
return_value
=
[]
response
=
self
.
client
.
get
(
'/payment/admin/process/{}/{}/'
.
format
(
self
.
payment
.
pk
,
type
))
messages_error
.
assert_called_once_with
(
response
.
wsgi_request
,
_
(
'Could not process %s.'
)
%
model_ngettext
(
self
.
payment
,
1
)
)
with
self
.
subTest
(
'Send post without payload'
):
response
=
self
.
client
.
post
(
'/payment/admin/process/{}/'
.
format
(
self
.
payment
.
pk
))
self
.
assertEqual
(
response
.
status_code
,
302
)
self
.
assertEqual
(
response
.
url
,
'/admin/payments/payment/%s/change/'
%
self
.
payment
.
pk
)
process_payment
.
assert_not_called
()
messages_error
.
assert_not_called
()
messages_success
.
assert_not_called
()
with
self
.
subTest
(
'Send post with successful processing'
):
payment_type
=
'cash_payment'
response
=
self
.
client
.
post
(
'/payment/admin/process/{}/'
.
format
(
self
.
payment
.
pk
),
{
'type'
:
payment_type
,
})
self
.
assertEqual
(
response
.
status_code
,
302
)
self
.
assertEqual
(
response
.
url
,
'/admin/payments/payment/%s/change/'
%
self
.
payment
.
pk
)
process_payment
.
assert_called_once_with
(
payment_qs
,
payment_type
)
messages_success
.
assert_called_once_with
(
response
.
wsgi_request
,
_
(
'Successfully processed %s.'
)
%
model_ngettext
(
self
.
payment
,
1
)
)
with
self
.
subTest
(
'Send post with failed processing'
):
process_payment
.
return_value
=
[]
response
=
self
.
client
.
post
(
'/payment/admin/process/{}/'
.
format
(
self
.
payment
.
pk
),
{
'type'
:
payment_type
,
})
messages_error
.
assert_called_once_with
(
response
.
wsgi_request
,
_
(
'Could not process %s.'
)
%
model_ngettext
(
self
.
payment
,
1
)
)
website/payments/urls.py
View file @
889ea468
...
...
@@ -6,6 +6,6 @@ from .views import PaymentAdminView
app_name
=
'payments'
urlpatterns
=
[
path
(
'admin/process/<uuid:pk>/
<type>/
'
,
path
(
'admin/process/<uuid:pk>/'
,
PaymentAdminView
.
as_view
(),
name
=
'admin-process'
),
]
website/payments/views.py
View file @
889ea468
...
...
@@ -19,10 +19,14 @@ class PaymentAdminView(View):
"""
View that processes a payment
"""
def
ge
t
(
self
,
request
,
*
args
,
**
kwargs
):
def
pos
t
(
self
,
request
,
*
args
,
**
kwargs
):
payment
=
Payment
.
objects
.
filter
(
pk
=
kwargs
[
'pk'
])
if
not
(
'type'
in
request
.
POST
):
return
redirect
(
'admin:payments_payment_change'
,
kwargs
[
'pk'
])
result
=
services
.
process_payment
(
payment
,
kwargs
[
'type'
]
payment
,
request
.
POST
[
'type'
]
)
if
len
(
result
)
>
0
:
...
...
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment