sysadminix/tripwithbonus
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix permissions check and add new transaction write action

Browse Source
This commit is contained in:
Timofey
2025-05-30 14:23:19 +03:00
parent 365fc0f495
commit f224c41e60
2 changed files with 51 additions and 11 deletions
Download Patch File Download Diff File Expand all files Collapse all files

34
backend/api/account/client/views.py
View File

@@ -18,12 +18,13 @@ from .serializers import RouteSerializer, CreateRouteSerializer, CitySerializer,
from api.auth.serializers import UserResponseSerializer from api.auth.serializers import UserResponseSerializer
from api.models import UserProfile from api.models import UserProfile
from routes.models import Route, City, Country, Leads from routes.models import Route, City, Country, Leads
from sitemanagement.models import Pricing, RoutePromotionLog from sitemanagement.models import Pricing, RoutePromotionLog, Transactions
from api.utils.decorators import handle_exceptions from api.utils.decorators import handle_exceptions
from api.utils.emailSender import send_email from api.utils.emailSender import send_email
from api.utils.permissionChecker import check_monthly_limit from api.utils.permissionChecker import check_monthly_limit
class UserDataView(ViewSet): class UserDataView(ViewSet):
"""Эндпоинт для наполнения стора фронта данными""" """Эндпоинт для наполнения стора фронта данными"""
permission_classes = [IsAuthenticated] permission_classes = [IsAuthenticated]
@@ -175,20 +176,41 @@ class CountryView(ViewSet):
class ChangeUserMembership(ViewSet): class ChangeUserMembership(ViewSet):
"""Меняем тарифный план пользователя""" """Меняем тарифный план пользователя"""
permission_classes = [IsAuthenticated]
@action(detail=False, methods=['post'])
@action(detail=False, methods=['patch'])
@handle_exceptions @handle_exceptions
def change_plan(self, request): def change_plan(self, request):
"""Меняем пользователю тарифный план""" """Меняем пользователю тарифный план"""
user = request.user user = request.user
user_profile = get_object_or_404(UserProfile, user=user) user_profile = get_object_or_404(UserProfile, user=user)
# преобразуем plan в account_type если нужно
if 'plan' in request.data and 'account_type' not in request.data:
request.data['account_type'] = request.data['plan']
serializer = PlanChangeSerializer(user_profile, data=request.data) serializer = PlanChangeSerializer(user_profile, data=request.data)
if serializer.is_valid(): if serializer.is_valid():
serializer.save() # получаем объект тарифного плана
return Response({"message": "Тариф успешно изменен"}, status=status.HTTP_200_OK) new_plan = get_object_or_404(Pricing, plan=serializer.validated_data['account_type'])
# создаем транзакцию
transaction = Transactions.objects.create(
user=user,
plan=new_plan,
amount=new_plan.price,
status='success'
)
# если транзакция успешно создана, меняем тариф
if transaction:
serializer.save()
return Response({
"message": "Тариф успешно изменен",
"account_type": serializer.validated_data['account_type']
}, status=status.HTTP_200_OK)
return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST) return Response(serializer.errors, status=status.HTTP_400_BAD_REQUEST)
class GetMembershipData(ViewSet): class GetMembershipData(ViewSet):

28
backend/api/utils/permissionChecker.py
View File

@@ -1,29 +1,47 @@
from django.utils.timezone import now from django.utils.timezone import now
from datetime import timedelta from datetime import timedelta
from django.core.exceptions import ObjectDoesNotExist from django.core.exceptions import ObjectDoesNotExist
from sitemanagement.models import RoutePromotionLog, Pricing from sitemanagement.models import RoutePromotionLog, Pricing, Transactions
from api.models import UserProfile from api.models import UserProfile
def check_monthly_limit(user, route, action_type): def check_monthly_limit(user, route, action_type):
try: try:
month_ago = now() - timedelta(days=30)
# получаем профиль пользователя и его тарифный план # получаем профиль пользователя и его тарифный план
user_profile = UserProfile.objects.get(user=user) user_profile = UserProfile.objects.get(user=user)
pricing_plan = Pricing.objects.get(plan=user_profile.account_type) pricing_plan = Pricing.objects.get(plan=user_profile.account_type)
# получаем последнюю успешную транзакцию пользователя
last_transaction = Transactions.objects.filter(
user=user,
plan=pricing_plan,
status='success' # предполагаем, что успешные транзакции имеют статус 'success'
).order_by('-created_at').first()
if not last_transaction:
return False
# определяем период действия подписки
subscription_start = last_transaction.created_at
subscription_period = timedelta(hours=pricing_plan.duration_hours)
subscription_end = subscription_start + subscription_period
# проверяем, не истекла ли подписка
if now() > subscription_end:
return False
# определяем лимит в зависимости от типа действия и тарифного плана # определяем лимит в зависимости от типа действия и тарифного плана
if action_type == 'highlight': if action_type == 'highlight':
action_limit = pricing_plan.highlight_limit action_limit = pricing_plan.highlight_limit
else: # rising else: # rising
action_limit = pricing_plan.rising_limit action_limit = pricing_plan.rising_limit
# проверяем количество действий за последний месяц # проверяем количество действий за текущий период подписки
actions_count = RoutePromotionLog.objects.filter( actions_count = RoutePromotionLog.objects.filter(
user=user, user=user,
route=route, route=route,
action_type=action_type, action_type=action_type,
created_at__gte=month_ago created_at__gte=subscription_start,
created_at__lte=subscription_end
).count() ).count()
return actions_count < action_limit return actions_count < action_limit