Merge branch 'master' into looksirdroids

endpoints/api.py

@@ -1296,7 +1296,7 @@ def subscription_view(stripe_subscription, used_repos):
 @api_login_required
 def get_user_card_api():
   user = current_user.db_user()
-  return jsonify(get_card(user))
+  return get_card(user)
 
 
 @app.route('/api/organization/<orgname>/card', methods=['GET'])
@@ -1305,7 +1305,7 @@ def get_org_card_api(orgname):
   permission = AdministerOrganizationPermission(orgname)
   if permission.can():
     organization = model.get_organization(orgname)
-    return jsonify(get_card(organization))
+    return get_card(organization)
 
   abort(403)
 
@@ -1315,7 +1315,7 @@ def get_org_card_api(orgname):
 def set_user_card_api():
   user = current_user.db_user()
   token = request.get_json()['token']
-  return jsonify(set_card(user, token))
+  return set_card(user, token)
 
 
 @app.route('/api/organization/<orgname>/card', methods=['POST'])
@@ -1331,13 +1331,14 @@ def set_org_card_api(orgname):
 
 
 def set_card(user, token):
-  print token
-  
   if user.stripe_id:
     cus = stripe.Customer.retrieve(user.stripe_id)
     if cus:
-      cus.card = token
-      cus.save()
+      try:
+        cus.card = token
+        cus.save()
+      except stripe.CardError as e:
+        return carderror_response(e)
 
   return get_card(user)
 
@@ -1364,7 +1365,7 @@ def get_card(user):
           'last4': card.last4
         }
 
-  return {'card': card_info}
+  return jsonify({'card': card_info})
 
 @app.route('/api/user/plan', methods=['PUT'])
 @api_login_required
@@ -1376,6 +1377,14 @@ def subscribe_api():
   return subscribe(user, plan, token, USER_PLANS)
 
 
+def carderror_response(e):
+  resp = jsonify({
+    'carderror': e.message,
+  })
+  resp.status_code = 402
+  return resp
+
+
 def subscribe(user, plan, token, accepted_plans):
   plan_found = None
   for plan_obj in accepted_plans:
@@ -1400,9 +1409,13 @@ def subscribe(user, plan, token, accepted_plans):
       # They want a real paying plan, create the customer and plan
       # simultaneously
       card = token
-      cus = stripe.Customer.create(email=user.email, plan=plan, card=card)
-      user.stripe_id = cus.id
-      user.save()
+      
+      try:
+        cus = stripe.Customer.create(email=user.email, plan=plan, card=card)
+        user.stripe_id = cus.id
+        user.save()
+      except stripe.CardError as e:
+        return carderror_response(e)
 
       response_json = subscription_view(cus.subscription, private_repos)
       status_code = 201
@@ -1418,12 +1431,17 @@ def subscribe(user, plan, token, accepted_plans):
         cus.save()
 
     else:
-      cus.plan = plan
       # User may have been a previous customer who is resubscribing
       if token:
         cus.card = token
 
-      cus.save()
+      cus.plan = plan
+
+      try:
+        cus.save()
+      except stripe.CardError as e:
+        return carderror_response(e)
+          
       response_json = subscription_view(cus.subscription, private_repos)
 
   resp = jsonify(response_json)

endpoints/web.py

@@ -1,14 +1,19 @@
 import logging
 import requests
+import stripe
 
 from flask import (abort, redirect, request, url_for, render_template,
-                   make_response)
-from flask.ext.login import login_user, UserMixin, login_required
-from flask.ext.principal import identity_changed, Identity, AnonymousIdentity
+                   make_response, Response)
+from flask.ext.login import login_user, UserMixin
+from flask.ext.principal import identity_changed
+from urlparse import urlparse
 
 from data import model
 from app import app, login_manager, mixpanel
-from auth.permissions import QuayDeferredPermissionUser
+from auth.permissions import (QuayDeferredPermissionUser,
+                              AdministerOrganizationPermission)
+from util.invoice import renderInvoiceToPdf
+from util.seo import render_snapshot
 
 
 logger = logging.getLogger(__name__)
@@ -48,6 +53,19 @@ def index(path):
   return render_template('index.html')
 
 
+@app.route('/snapshot', methods=['GET'])
+@app.route('/snapshot/', methods=['GET'])
+@app.route('/snapshot/<path:path>', methods=['GET'])
+def snapshot(path = ''):
+  parsed = urlparse(request.url)
+  final_url = '%s://%s/%s' % (parsed.scheme, 'localhost', path)
+  result = render_snapshot(final_url)
+  if result:
+    return result
+
+  abort(404)
+
+
 @app.route('/plans/')
 def plans():
   return index('')
@@ -82,11 +100,18 @@ def new():
 def repository():
   return index('')
 
+
+@app.route('/security/')
+def security():
+  return index('')
+
+
 @app.route('/v1')
 @app.route('/v1/')
 def v1():
   return index('')
 
+
 @app.route('/status', methods=['GET'])
 def status():
   return make_response('Healthy')
@@ -97,11 +122,33 @@ def tos():
   return render_template('tos.html')
 
 
+@app.route('/disclaimer', methods=['GET'])
+def disclaimer():
+  return render_template('disclaimer.html')
+
+
 @app.route('/privacy', methods=['GET'])
 def privacy():
   return render_template('privacy.html')
 
 
+@app.route('/receipt', methods=['GET'])
+def receipt():
+  id =  request.args.get('id')
+  if id:
+    invoice = stripe.Invoice.retrieve(id)
+    if invoice:
+      org = model.get_user_or_org_by_customer_id(invoice.customer)
+      if org and org.organization:
+        admin_org = AdministerOrganizationPermission(org.username)
+        if admin_org.can():
+          file_data = renderInvoiceToPdf(invoice, org)          
+          return Response(file_data,
+                          mimetype="application/pdf",
+                          headers={"Content-Disposition":
+                                     "attachment;filename=receipt.pdf"})
+  abort(404)
+
 def common_login(db_user):
   if login_user(_LoginWrappedDBUser(db_user.username, db_user)):
     logger.debug('Successfully signed in as: %s' % db_user.username)