fix permissions check and add new transaction write action

2025-05-30 14:23:19 +03:00
parent 365fc0f495
commit f224c41e60
2 changed files with 51 additions and 11 deletions
--- a/backend/api/account/client/views.py
+++ b/backend/api/account/client/views.py
@@ -18,12 +18,13 @@ from .serializers import RouteSerializer, CreateRouteSerializer, CitySerializer,
 from api.auth.serializers import UserResponseSerializer
 from api.models import UserProfile
 from routes.models import Route, City, Country, Leads
-from sitemanagement.models import Pricing, RoutePromotionLog
+from sitemanagement.models import Pricing, RoutePromotionLog, Transactions

 from api.utils.decorators import handle_exceptions
 from api.utils.emailSender import send_email
 from api.utils.permissionChecker import check_monthly_limit

+
 class UserDataView(ViewSet):
    """Эндпоинт для наполнения стора фронта данными"""
    permission_classes = [IsAuthenticated]
@@ -175,20 +176,41 @@ class CountryView(ViewSet):
    
 class ChangeUserMembership(ViewSet):
    """Меняем тарифный план пользователя"""
-            
-    @action(detail=False, methods=['post'])
+    permission_classes = [IsAuthenticated]
+    
+    @action(detail=False, methods=['patch'])
    @handle_exceptions
    def change_plan(self, request):
        """Меняем пользователю тарифный план"""
        user = request.user
        user_profile = get_object_or_404(UserProfile, user=user)
        
+        # преобразуем plan в account_type если нужно
+        if 'plan' in request.data and 'account_type' not in request.data:
+            request.data['account_type'] = request.data['plan']
+            
        serializer = PlanChangeSerializer(user_profile, data=request.data)
            
        if serializer.is_valid():
-            serializer.save()
-            return Response({"message": "Тариф успешно изменен"}, status=status.HTTP_200_OK)
-        
+            # получаем объект тарифного плана
+            new_plan = get_object_or_404(Pricing, plan=serializer.validated_data['account_type'])
+            
+            # создаем транзакцию
+            transaction = Transactions.objects.create(
+                user=user,
+                plan=new_plan,
+                amount=new_plan.price,
+                status='success'
+            )
+            
+            # если транзакция успешно создана, меняем тариф
+            if transaction:
+                serializer.save()
+                return Response({
+                    "message": "Тариф успешно изменен",
+                    "account_type": serializer.validated_data['account_type']
+                }, status=status.HTTP_200_OK)
+            
        return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)

 class GetMembershipData(ViewSet):