diff --git a/backend/clubs/permissions.py b/backend/clubs/permissions.py index 4297d9fcc..253f9d807 100644 --- a/backend/clubs/permissions.py +++ b/backend/clubs/permissions.py @@ -231,7 +231,6 @@ def has_object_permission(self, request, view, obj): return membership is not None and membership.role <= Membership.ROLE_OFFICER elif view.action in ["add_to_cart", "remove_from_cart"]: return request.user.is_authenticated - print("action", view.action) return True diff --git a/backend/clubs/views.py b/backend/clubs/views.py index ed3869cbf..7cfd4f25c 100644 --- a/backend/clubs/views.py +++ b/backend/clubs/views.py @@ -2462,6 +2462,8 @@ def create_tickets(self, request, *args, **kwargs): event = self.get_object() quantities = request.data.get("quantities") + # Atomicity ensures idempotency + Ticket.objects.filter(event=event).delete() # Idempotency tickets = [ Ticket(event=event, type=item["type"]) @@ -2657,6 +2659,12 @@ class EventViewSet(ClubEventViewSet): destroy: Delete an event. + + fair: + Get information about a fair listing + + owned: + Return all events that the user has officer permissions over. """ def get_operation_id(self, **kwargs): @@ -4479,6 +4487,9 @@ class TicketViewSet(viewsets.ModelViewSet): checkout: Initiate a hold on the tickets in a user's cart + checkout_success_callback: + Callback after third party payment succeeds + buy: Buy the tickets in a user's cart @@ -4578,7 +4589,7 @@ def checkout(self, request, *args, **kwargs): # The assumption is that this filter query should return all tickets in the cart # however we cannot guarantee atomicity between cart and checkout - # + # customers will be prompted to review the cart before payment tickets = cart.tickets.select_for_update().filter( @@ -4638,6 +4649,8 @@ def buy(self, request, *args, **kwargs): --- """ + # TODO: Implement + # Some logic here to serialize all held tickets down to whatever # format third party asks for