From 457b61964796911cb32efdfbe270dc08fcd8f13e Mon Sep 17 00:00:00 2001
From: Joseph Schorr <jschorr@gmail.com>
Date: Fri, 15 Nov 2013 14:42:31 -0500
Subject: [PATCH] Add receipt/invoice email support and option to Quay

---
 application.py                         |   1 +
 data/database.py                       |   1 +
 data/model.py                          |  11 +++
 endpoints/api.py                       |  93 ++++++++++++++++---------
 endpoints/webhooks.py                  |  42 +++++++++++
 static/css/quay.css                    |  14 ++++
 static/directives/billing-options.html |  17 +++++
 static/js/app.js                       |  46 ++++++++++++
 static/partials/org-admin.html         |   4 +-
 static/partials/user-admin.html        |   6 ++
 test/data/test.db                      | Bin 96256 -> 286720 bytes
 util/email.py                          |   8 +++
 util/invoice.py                        |  36 ++++++++++
 util/invoice.tmpl                      |  63 +++++++++++++++++
 14 files changed, 310 insertions(+), 32 deletions(-)
 create mode 100644 endpoints/webhooks.py
 create mode 100644 static/directives/billing-options.html
 create mode 100644 util/invoice.py
 create mode 100644 util/invoice.tmpl

diff --git a/application.py b/application.py
index d3feefcb0..706c64a8c 100644
--- a/application.py
+++ b/application.py
@@ -11,6 +11,7 @@ import endpoints.api
 import endpoints.web
 import endpoints.tags
 import endpoints.registry
+import endpoints.webhooks
 
 
 logger = logging.getLogger(__name__)
diff --git a/data/database.py b/data/database.py
index fc5a68454..1dd51788a 100644
--- a/data/database.py
+++ b/data/database.py
@@ -34,6 +34,7 @@ class User(BaseModel):
   verified = BooleanField(default=False)
   stripe_id = CharField(index=True, null=True)
   organization = BooleanField(default=False, index=True)
+  invoice_email = BooleanField(default=False)
 
 
 class TeamRole(BaseModel):
diff --git a/data/model.py b/data/model.py
index cfbb9340c..ea42ef7c9 100644
--- a/data/model.py
+++ b/data/model.py
@@ -296,6 +296,12 @@ def get_user(username):
     return None
 
 
+def get_user_or_org_by_customer_id(customer_id):
+  try:
+    return User.get(User.stripe_id == customer_id)
+  except User.DoesNotExist:
+    return None
+
 def get_matching_teams(team_prefix, organization):  
   query = Team.select().where(Team.name ** (team_prefix + '%'),
                               Team.organization == organization)
@@ -491,6 +497,11 @@ def change_password(user, new_password):
   user.save()
 
 
+def change_invoice_email(user, invoice_email):
+  user.invoice_email = invoice_email
+  user.save()
+
+
 def update_email(user, new_email):
   user.email = new_email
   user.verified = False
diff --git a/endpoints/api.py b/endpoints/api.py
index 8f93bd0d8..1fee46686 100644
--- a/endpoints/api.py
+++ b/endpoints/api.py
@@ -71,8 +71,7 @@ def plans_list():
   })
 
 
-@app.route('/api/user/', methods=['GET'])
-def get_logged_in_user():
+def user_view(user):
   def org_view(o):
     admin_org = AdministerOrganizationPermission(o.username)
     return {
@@ -82,16 +81,9 @@ def get_logged_in_user():
       'can_create_repo': admin_org.can() or CreateRepositoryPermission(o.username).can()
     }
 
-  if current_user.is_anonymous():
-    return jsonify({'anonymous': True})
-
-  user = current_user.db_user()
-  if not user or user.organization:
-    return jsonify({'anonymous': True})    
-    
   organizations = model.get_user_organizations(user.username)
 
-  return jsonify({
+  return {
     'verified': user.verified,
     'anonymous': False,
     'username': user.username,
@@ -99,8 +91,21 @@ def get_logged_in_user():
     'gravatar': compute_hash(user.email),
     'askForPassword': user.password_hash is None,
     'organizations': [org_view(o) for o in organizations],
-    'can_create_repo': True
-  })
+    'can_create_repo': True,
+    'invoice_email': user.invoice_email
+  }
+
+
+@app.route('/api/user/', methods=['GET'])
+def get_logged_in_user():
+  if current_user.is_anonymous():
+    return jsonify({'anonymous': True})
+
+  user = current_user.db_user()
+  if not user or user.organization:
+    return jsonify({'anonymous': True})    
+
+  return jsonify(user_view(user))
 
 
 @app.route('/api/user/convert', methods=['POST'])
@@ -150,6 +155,11 @@ def change_user_details():
     if 'password' in user_data:
       logger.debug('Changing password for user: %s', user.username)
       model.change_password(user, user_data['password'])
+
+    if 'invoice_email' in user_data:
+      logger.debug('Changing invoice_email for user: %s', user.username)
+      model.change_invoice_email(user, user_data['invoice_email'])
+
   except model.InvalidPasswordException, ex:
     error_resp = jsonify({
       'message': ex.message,
@@ -157,14 +167,7 @@ def change_user_details():
     error_resp.status_code = 400
     return error_resp
 
-  return jsonify({
-    'verified': user.verified,
-    'anonymous': False,
-    'username': user.username,
-    'email': user.email,
-    'gravatar': compute_hash(user.email),
-    'askForPassword': user.password_hash is None,
-  })
+  return jsonify(user_view(user))
 
 
 @app.route('/api/user/', methods=['POST'])
@@ -340,6 +343,23 @@ def create_organization_api():
     return error_resp
 
 
+def org_view(o, teams):
+  admin_org = AdministerOrganizationPermission(o.username)
+  is_admin = admin_org.can()
+  view = {
+    'name': o.username,
+    'email': o.email if is_admin else '',
+    'gravatar': compute_hash(o.email),
+    'teams': {t.name : team_view(o.username, t) for t in teams},
+    'is_admin': is_admin
+  }
+
+  if is_admin:
+    view['invoice_email'] = o.invoice_email
+
+  return view
+
+
 @app.route('/api/organization/<orgname>', methods=['GET'])
 @api_login_required
 def get_organization(orgname):
@@ -347,17 +367,6 @@ def get_organization(orgname):
   if permission.can():
     user = current_user.db_user()
 
-    def org_view(o, teams):
-      admin_org = AdministerOrganizationPermission(orgname)
-      is_admin = admin_org.can()
-      return {
-        'name': o.username,
-        'email': o.email if is_admin else '',
-        'gravatar': compute_hash(o.email),
-        'teams': {t.name : team_view(orgname, t) for t in teams},
-        'is_admin': is_admin
-      }
-
     try:
       org = model.get_organization(orgname)
     except model.InvalidOrganizationException:
@@ -368,6 +377,28 @@ def get_organization(orgname):
 
   abort(403)
 
+
+@app.route('/api/organization/<orgname>', methods=['PUT'])
+@api_login_required
+def change_organization_details(orgname):
+  permission = AdministerOrganizationPermission(orgname)
+  if permission.can():
+    try:
+      org = model.get_organization(orgname)
+    except model.InvalidOrganizationException:
+      abort(404)
+      
+    org_data = request.get_json();
+    if 'invoice_email' in org_data:
+      logger.debug('Changing invoice_email for organization: %s', org.username)
+      model.change_invoice_email(org, org_data['invoice_email'])
+  
+    teams = model.get_teams_within_org(org)
+    return jsonify(org_view(org, teams))
+
+  abort(403)
+
+
 @app.route('/api/organization/<orgname>/members', methods=['GET'])
 @api_login_required
 def get_organization_members(orgname):
diff --git a/endpoints/webhooks.py b/endpoints/webhooks.py
new file mode 100644
index 000000000..9675fe000
--- /dev/null
+++ b/endpoints/webhooks.py
@@ -0,0 +1,42 @@
+import logging
+import requests
+import stripe
+
+from flask import (abort, redirect, request, url_for, render_template,
+                   make_response)
+from flask.ext.login import login_user, UserMixin, login_required
+from flask.ext.principal import identity_changed, Identity, AnonymousIdentity
+
+from data import model
+from app import app, login_manager, mixpanel
+from auth.permissions import QuayDeferredPermissionUser
+from data.plans import USER_PLANS, BUSINESS_PLANS, get_plan
+from util.invoice import renderInvoiceToHtml
+from util.email import send_invoice_email
+
+logger = logging.getLogger(__name__)
+
+
+@app.route('/webhooks/stripe', methods=['POST'])
+def stripe_webhook():
+  request_data = request.get_json()
+  logger.debug('Stripe webhook call: %s' % request_data)
+
+  event_type = request_data['type'] if 'type' in request_data else None
+  if event_type == 'charge.succeeded':
+    data = request_data['data'] if 'data' in request_data else {}
+    obj = data['object'] if 'object' in data else {}
+    invoice_id = obj['invoice'] if 'invoice' in obj else None
+    customer_id = obj['customer'] if 'customer' in obj else None
+
+    if invoice_id and customer_id:
+      # Find the user associated with the customer ID.
+      user = model.get_user_or_org_by_customer_id(customer_id)
+      if user and user.invoice_email:
+         # Lookup the invoice.
+         invoice = stripe.Invoice.retrieve(invoice_id)
+         if invoice:
+           invoice_html = renderInvoiceToHtml(invoice, user)
+           send_invoice_email(user.email, invoice_html)
+
+  return make_response('Okay')
diff --git a/static/css/quay.css b/static/css/quay.css
index 72d6f41d5..e466e43d6 100644
--- a/static/css/quay.css
+++ b/static/css/quay.css
@@ -6,6 +6,20 @@
   visibility: hidden;
 }
 
+.settings-option {
+  padding: 4px;
+  font-size: 18px;
+}
+
+.settings-option label {
+  margin-left: 6px;
+}
+
+.settings-option .settings-description {
+  font-size: 12px;
+  color: #aaa;
+}
+
 .organization-header-element {
   padding: 20px;
   margin-bottom: 20px;
diff --git a/static/directives/billing-options.html b/static/directives/billing-options.html
new file mode 100644
index 000000000..777a56519
--- /dev/null
+++ b/static/directives/billing-options.html
@@ -0,0 +1,17 @@
+<div class="billing-options-element">  
+  <div class="panel">
+    <div class="panel-title">
+      Billing Options
+      <i class="fa fa-spinner fa-spin" ng-show="working"></i>
+    </div>
+    <div class="panel-body">
+      <div class="settings-option">
+        <input id="invoiceEmail" type="checkbox" ng-model="invoice_email">
+        <label for="invoiceEmail">Send Receipt Emails</label>
+        <div class="settings-description">
+          If checked, a receipt email will be sent to {{ obj.email }} on every successful billing
+        </div>
+      </div>
+    </div>
+  </div>
+</div>
diff --git a/static/js/app.js b/static/js/app.js
index 2a0d08236..c1d77bd77 100644
--- a/static/js/app.js
+++ b/static/js/app.js
@@ -621,6 +621,52 @@ quayApp.directive('roleGroup', function () {
 });
 
 
+quayApp.directive('billingOptions', function () {
+  var directiveDefinitionObject = {
+    priority: 0,
+    templateUrl: '/static/directives/billing-options.html',
+    replace: false,
+    transclude: false,
+    restrict: 'C',
+    scope: {
+      'user': '=user',
+      'organization': '=organization'
+    },
+    controller: function($scope, $element, Restangular) {
+      $scope.invoice_email = false;
+
+      var update = function() {
+        if (!$scope.user && !$scope.organization) { return; }
+        $scope.obj = $scope.user ? $scope.user : $scope.organization;
+        $scope.invoice_email = $scope.obj.invoice_email;
+      };
+
+      var save = function() {
+        $scope.working = true;
+        var url = $scope.organization ? getRestUrl('organization', $scope.organization.name) : 'user/';
+        var conductSave = Restangular.one(url);
+        conductSave.customPUT($scope.obj).then(function(resp) {
+          $scope.working = false;
+        });
+      };
+
+      var checkSave = function() {
+        if (!$scope.obj) { return; }
+        if ($scope.obj.invoice_email != $scope.invoice_email) {
+          $scope.obj.invoice_email = $scope.invoice_email;
+          save();
+        }
+      };
+      
+      $scope.$watch('invoice_email', checkSave);
+      $scope.$watch('organization', update);
+      $scope.$watch('user', update);
+    }
+  };
+  return directiveDefinitionObject;
+});
+
+      
 quayApp.directive('planManager', function () {
   var directiveDefinitionObject = {
     priority: 0,
diff --git a/static/partials/org-admin.html b/static/partials/org-admin.html
index 1ed36b0c5..7df7b3fd9 100644
--- a/static/partials/org-admin.html
+++ b/static/partials/org-admin.html
@@ -29,8 +29,10 @@
 
         <!-- Billing tab -->
         <div id="billing" class="tab-pane">
+          <div class="billing-options" organization="organization"></div>
+
           <div ng-show="invoiceLoading">
-            <i class="fa fa-spinner fa-spin fa-3x"></i>
+            Loading billing history: <i class="fa fa-spinner fa-spin fa-2x" style="vertical-align: middle; margin-left: 4px"></i>
           </div>
 
           <div ng-show="!invoiceLoading && !invoices">
diff --git a/static/partials/user-admin.html b/static/partials/user-admin.html
index 0cfb27e2c..db81cb629 100644
--- a/static/partials/user-admin.html
+++ b/static/partials/user-admin.html
@@ -28,6 +28,7 @@
       <ul class="nav nav-pills nav-stacked">
         <li class="active"><a href="javascript:void(0)" data-toggle="tab" data-target="#plan">Plan and Usage</a></li>
         <li><a href="javascript:void(0)" data-toggle="tab" data-target="#password">Set Password</a></li>
+        <li><a href="javascript:void(0)" data-toggle="tab" data-target="#billing">Billing Options</a></li>
         <li><a href="javascript:void(0)" data-toggle="tab" data-target="#migrate" id="migrateTab">Convert to Organization</a></li>
       </ul>
     </div>
@@ -57,6 +58,11 @@
             </form>
           </div>
         </div>
+        
+        <!-- Billing options tab -->
+        <div id="billing" class="tab-pane">
+          <div class="billing-options" user="user"></div>
+        </div>
 
         <!-- Convert to organization tab -->
         <div id="migrate" class="tab-pane">
diff --git a/test/data/test.db b/test/data/test.db
index 20ed3819d36d71d54cdf20cd477623d14002ea5f..e7e752706dc5df4d2cf2080d352b88f53a94a283 100644
GIT binary patch
delta 6940
zcmds5d2|$2y06<+-PK*yU0(vkKo-*p3E5NWJxvJN2ua9JNIGE|NJ0m)c1TD9GMtc6
z-{AHHua82I7e_^(Iw~_Qr`>?e_<(U?1eC?cD2xco4x`|V%e;51I%3bnR?p0N?~j*r
za?f|~{kFRITYk6KT~)6e4K>!*l((&P8(TfST}>;E7Ak~7h{`h>DGDv2C~EdbV{Y*h
zD*eNFHJPd41{o<Qd<i!U+4`M&Cx3wdIS<@Rx_{MKwMVq;w3)0{bEk%4{>p4(iWx+&
zQ+ZWo=rn3T^KdBhE5zV_j|D~J(92<Xx2FIbJSiv&AMBojYdrC))(8xqaD2aq<yX3!
zy1Lw5&F<bvvYmsEcTGhR_^Ym`u&XN-@2=J2$(IGZxhoHcc157cIIS!7){0v+;R#{L
z)7HJzy-HTFxYyI^Ufi}+ro-{6P7~f-I}P1}_tfU&O>@Ih7=CW<c^o>|shLzbw<v!e
zK2#HlJLab0`)h32RDBEnuNnt#tu~<vcyslQsLBvccx)KzSM>MyxqBD8yPDcMWhzwp
zqT=cp{7h;L3c+ut+HiU5R0OyuH5>maB?bu!M`CKi<ew$!+3>J1bcbbSQ*)<V7MK4G
zSe0@mBFz}r);-{9YjOLP#~EuY^2^IhE9c?6lhcqM`;sj<D*0B#<Lu-{d^9NnarjzN
zYIwU=Q9A5Ul*%72|LgE@Ql0KLmJQF1LBmsVX53`Fed+@I*SLSd8{@igVq7~;i~SPs
zHhS=M<8713^~R=>A!dq!j0mn%aNQdka)tI9Lrw(@*vKrz*Vzy?2?@9ngkurD!2=2j
zvfJ@Mi2DD2)5vf%oF+cQMK~SAv)TA`Vzj`K1EAp}3O<LA;8GCQV*HU9tAmrW!t-!4
z2v-3<X_=;jQ?jlLa4HB_AwK0u0K*vy9tOK`T==OFWjHgAmx)txHjR#op+v1ohd*<s
z5B)^VQL)47WF4i|diq!PwJmjfdY8qUo8nF8cxQ>-QPN%8THz_5Q`XqN+FD@~m-Uwx
zb=b>H&E4e#Ri+|Oe_cywskLfOc}AT$zsZ%+*6lIptz6#J-O-oP;^~^taMYAB{k`s{
zrS9G_-PMCVC56R9^-X;l<)(&Nt7{7Fnad0MGkUGIOjBR=suiv|tsR9~?wVCi<puV>
zTG#BRIqg;59#eqwg)~RS4674m=UaQ-eaq!s7}MX;(P*nF>}>5=+2~xcyfQPRDt}p(
z+gw-YT5X%v<tpwnS5;Qmw>QpTy2`T5+1l-@ceEEYb$bHTFI6eN=g8`N`kOo3TE=u2
zHk8+h^ThU5j=A%l_GL9K4Q&I>RkykAgRMQwSJ!vjyV^W86=qj;TjxN*9H(i;N>jHR
zzg;%Dx*2g)^sw3{t6b_HQ1Wd|X-nPm-ulw6$~xOTN3m0EuCY{>R=dq5wH<{O4V@Le
z&VsVcxg{=lbE#vn$y6+^?j6kR!WXlr0C*|z!e?*-ego&=;J9li*++6N1bcJmf*ikJ
zkx=>*T!K%6MsXfKT^I*&D3JG15WN}rP_Y$YEd_59jZXlEmtgHUUgl*QuPs~uzml{I
z)hukGU^i?TXEx*{jkhfBVC7=;WzcdoA75R=;J>u!S-B*A6|^WVQ24%B#<Or<$=dPu
zl%uY~=R0oE%SAv1XDM<sXM-@7;j?`)I$7Bl<VMa1;i|yr2P1WGRdEfj2H~nD&V~IL
zt|7v8K|YR8;X)8ymH5K#5#MuHMrP&|m6uX^=`8vQ<`-&Sy-NL8&25^qY#RGG`-Lt+
zH>CT3vv9Zb&*(GsUc*iyTIdvh4Hm-|K_#>c*S#6W6)LaOxS#%>=HpS?Q>oIf)+p`E
z8vZ@~FXZq0AO0Z4a<g}qDE)N4zrX&Nc3h1ncsEz4p|NJ(^S6Dz0EKy<n;U}sh~S6e
zLz#jz>I2Y6iyxC{<S?OvH##FzK7pA*F*BIQ)q1t0d6bP{w`yy&*L8imL)`0pA^)Z!
z#&DOw3VntFGCmF2R0UOvR-ztRao`^_TwulMQY^lDl*N}X#UTg56@ys3%Z!Zp{kx*^
z&|Qmg)p{-d=&to>s)9LwcJ~$(uTbWDdQk%2e$N6t@9}A98ea3bIXLE8b`zMn0sve5
z`c!nQw|adj`iJbzM~U8}k244*Nuew`&QG_upk(4(3?6u50ZQ>6ej)?m4X-AnRK?-9
zUtNUKaQd!6lupJ-Ji4m}Wq2p-UW|U|$p3L{Ay=Yv1optWpow*EBuc3s=Yv)mQav7v
zn7|5mP;d-3KtI@o&x99+JI1MG_NcsfJUxs;;W$MQ1gURuh2V`3;P^OJe+#hSt3zu1
z{_{zp&`v=+tb^k)3Y$nPczT=!vz^B6-mPkQh=Pa4?aKNd^6{<3jg9&B4K<Fr6@{7Q
zb+a1_T+TTq4f(F}n*7R2r?tY_;3U|1md$L+FLFA}6}IBp`32<;dr4+(R&~~VhsK;~
zvZR|#=_Z@eWSwp{O*ds_nC%X`#YCE~j3Qs5;Fa$*Z)D=CW--GC-9PJt-_Dn$A_lS3
zjK6%1Q^WUj>?a%#Qt;q-9Vck~;F~LcNM5$^6{+y!<&~Dwg1>r48^Hsn;Lpk}pMXQ~
zJJ<!khNs})0gn@7_R$!h=$!(4{Z0HLd<-8FnLofaI7(Xe-f<HC7@4f}xYtk4P$c&%
zVBsSC5e^c$vjk!sfj5Fm?meA11xCl(6p2VB7U3|w1^Zw$h}1+p`f<?|c-`;i7%U+%
z{2sguZ^P?Bq@t8a{{02>10@VOl^5i8_8E!evv88c^dWcyUV~TRh3}HySk2-WKCPJo
zJ1E$ph@Bw^vWH;$_u==%QQvn7;b%X0rO|LrE~m4J&<(i8Z{hyHMd{{iA7)Rm;hK8&
z!^}x0hF+-JgpQ(#Qb-<(mZm$<KA$xcy+!*9<IyhKH`|C_rhWBMXe;d`stTu*p&*eA
z`C;;-DU`XF(%!3!)a~FA|A2m~exJc5L<xV?TG#_@nkGf<Ri`ocDh?7v*C#Du(F{bM
zv6o|{S6MVmdQXEKC|53zRZ_DCnb1s`j*@n0P>R%~MoB0~x?7EoOM4i?I76<Jl3tDG
zNsSDehO(t~49dk%UWrB1WpWaJ|H@RnVox>_{T27_Jri;D<q&-ET^;ngdpvz@D?Pod
z$s;)~8P~m=gEIYW&%8TeFe#7XBI7)g?nU_iOA+3ZBW8rmevZt`JYGzi(DtLP$nwq7
z1Z+RniLBpDdA#q~bli0@7umjDI(TsnvJ<yc@WG2LUV8~EJ!}KY@;-W5jfUh@F5(j8
zXgCHd_!90;u9U!>bL485!$J^+Px*a(CsaT-7=`}^LHI~GEbJ1t3wINEQYIt{l;No1
zDZ^^RY(t3tn0~8%fqpW7nD_D9`3?Lkei2_uVsbD10v?1xxPt)QXZT#+!pHLyxUac0
z+=Mr{Uvl?wKjnJ3Ca#Lh<E)$%x)4nYd;l|}s7;__k!ZJzc86%s5{q~`@|)=_Egh!N
zg=!j*SP)7llBr3wn?<`tv|Gh|zw9?Fd45@Cn(LP}i8B@193x#MRn?+!X`~jhbTpl-
z%otmim@SppqR7eNv;~PalV~%GHj8MpiZ+{Qvx`nCrWS<_DW(H=9g69jD|W^7*i<o1
zXscq{qHvn5qRA#&vqbaXPECrSe>YR{VT{uvTCJj$h}cDOQW2ew#J}6fP<#qpOb=9T
z5z_)xrxuasAT?Ey;5C*a&{|DmN&z#>e!HYj&Si$t&AFaQ%BI)coa&gwEV}>ZRD-5T
z8>^6A`biZD*^DX@?5GN*)5)|;GF6f6iIsL#qC|QsT_(?sOpJW~go<WvmCv3~5lnOh
z?Ubo-CW?HxOie0`ob>INnk}N)Dw=I#M8KE&7pDY#DOs5u@TK9>YZWMM$mA3!1*}dC
zP+_u*CWkm7Km}O|4PXvYE|8ooC>JQ`>1YxfA`#0J4M0!5IWd_;ec&dqqr?51L!5z*
z@skcQOVlaaWfcxldy|P}>4`FrMlqxIdmx%ci^wQECPLE+k4aQ9H0VSnrG;hRwug^N
zGm_g7X%3{w?*bqE3Z8-OuzUm_B9G7e;O8(5YY1%eKpV8cB5*+sltB^Xf)gx|4v7#8
zkq`y|I-rHGh0ld+!Uf@sa8h_rct<!O>=%9`ydvxro)?}H9uu|+lCV*@N4QfM5>^X+
zLYJ^}BPsBKDeZ5ZOGqPA`#M$VK{TWybqJBJB$p$20s4eG!(L&Vevy8=!6q2=mkev^
zMXCeZueAx>vup)-UAt4;MH2tI?g)KJAEql(<*4rD@6_~jZp|)cuey$lX4UF5>TT@5
zF>BfP`5eZkHt6o7xAO-y>C_Pvjoj3I=vmpE^0#r0AZ5A{D~+_G5^2bdHb|~kR4QdI
zL$jp}kx*A=khLe%$nM7(WZ1)_eCbp@=^A@PLTP2nQAajLW|F~GFZ0P%BH?3;)o9p&
zXsM|P<)L_~$Av1TeL1L1YMe>b59SiS{pn=5GLH;HvKEIt9gz*W<l%~J_sJRZnyh(H
zB!ei6<!7QiscI(DN<-<y$&d_GEbW&S4CRoaI-cx$Tx7RTcDFhONzz~{+4wkx456{a
z8=W+oOk5Y`)tae<eNQrBhZK~rnXT3luchc{!p2C8l2C=@NJiNVIj~vMC&ZZ)r2#`2
zMPA}(3H*4S0Ep*dgdp(SVSt3vLa2f~FhLxIjY9~`3|a~UbTt9C%DqR%;pgBq={m;<
z79m)Rz>Am2Pc+ZMlcaZS9WVY{T1H*c$VAkd0NebrevSOxcZR^3_uw5k0Q<>rJFmb_
z;?Yy^7;GD_;y-CQ{-j64QA+}3$#0MgMCdS_A{IBnbL3<0A$Y%^p#DWr4TX?3Ud3Ws
z%8Ep9rG=3PBoqtx8r~*du>POJInU846DabtWR9@b@Us3heJa10+o0R6J*N$2?V1Ml
zAcN^&s(y=(5T=ri`O(}qYS=KGET@kge0kE^QdEg(U)&t@0rIuaLYrvcmORu-``*Yx
zcG{O=MS8kWzPgFjI~3@JFhit%0l%3$%;|JF+O_P<n$I;k>UGR0{Wa}Sb)!cKo86x#
zWDKyj$3?7#w-IZMZ)+QJt9*G&&?xOoScp#0zFiHdkoIMjpbLJK5v5I_v<ccytylXO
zU7l{e?jSdrTf+SZca_iL*YUs8hv*yhkLW)!WExf(Mg^@<Eo>G}K@#-9i~p~(JKslg
z=`mV*kw+!IN7B#|TIwXE^ax3*2Dx}AF{6}rxps&4&p+mz*bQ2v|E$>K@@cUp@S^$@
zOKFlcJ(?HQT6ML0Gvj|t5CpthA{I5$?m<)_of<$NNCV4A-MF8V%fkTLB<)@%Z?wvF
z%_Y}0nL0sseVIAvph_~zK7TR~9aBjTH$lauNN$viWZtcEK=JGd1sOu4VMPC-K90og
hL%Nf?IBhdKGL|~b1GF!%M~)FwCwiNf-dK(f{||QwBjx}A

delta 5196
zcmbtY3s_Xwwccy5GXn$iQb17<5PS<~-ZOv+Z$U&xaR9-pMV_Ma_7!ig()etAO~<&a
z#+arz&6k=+M@^?mYM@CIuXz#mHtJ1`CO#6x`bdr5MB8+oGiWf^?|%Khd%nY(wbxmD
z?{)V2*T45+Rae-m>zcS3(+lUf*TmH}wJxe`k25ie0kDj?IL5%q7@OmYOHXjJq%THm
zsHMXbBv}^T!CQC(ui%&X1)jlEc;aAKs1wZ-t@PAtAfcZ?V%%sF2_r~EN0W$%AQ2cs
zLgyDm67U;_-%!t9bbk{Ys=-?fZ&C9Kx^KxLAd&hV{vt#3uW75KfqpE7(ftNY;G?;V
z{{vUMJPF>Z=b)B*qb@=v1S``bo~L;z`13TuU(kJiOUw|(?#~(+-5*0VY=g`EYb?aQ
zE>H2`27kZ75fRW~Yp<NQu%@-i_ZJ{sm!Js-2>22vLy$W;u-yG>zz7I-e;QyK@-xi<
zwbK)e)J}`rYFd@Q5ch9%*F<6u#6hT-#(9LO=z)9)bARifCO+$dSQzMj*548wpoV#Y
z;cdKtf2A-#M)!q1@j5)KM1C31lIa+_&+Z$g!*hyPFP<aQade;S92o+=40ofQf5KPs
zc<7}ECqZY{`m<Oj`y1TXK1f<QTccy~9h$K^=HIlqy={JVO;c-KqOmg3U`(7;Wh<_(
zuFA8tWX&|!EiWl(ahA+;WM$UpHJKJnnc7@ck?F{;UfO1`l$Vt(Dv_5>T~a*1vB{Xx
zUSHX`pe?zoX;HbPV^O~0TWcz-Yg+q;o+s<GN?NjuRxT}>*|@wtCwcP1`u572y2l!p
z7c`dE>1P(z<dr+?a#~8K&upo0vo5PCs4Y)!Y%=s4dlu?gY=>qvg<jiQ(^jvnYv1sT
z?G5(wlE#v{yd`Z*?d8Vh)eSQ%9P`>7RrY*qiM4cEW2Pn7W?0l(TUME}urj+bU$&Z;
zH#YSfy^5=mKSHB7FP^t>epTPl`pm|Xigx|7d5ad<me$wSx0{+8W;*JZwP#xN%k;U`
z#VLg|>J2t)d-3wdWep3L*2oo0l0|n23~^L~j>U9nEHq?w%@P$4eS>D1D@&`2QtBty
zR9GDa6=kjF=Hkrc>h`Ka`+T#tsNGR!X~?fz`q=W~srII#>=bKVeWlTTr8_DF4>CN6
zH}Mnv6ZYUol;S<;K6th`M8Wo50>sz&SNuvvcsC*Z+K3Q5*8jmV>Twv|$G$g*;NuM6
zBj4Yk8(+o8>A`#ykB7kedu2z3rDc(f?poN)!}xamC1Y;A|1j}+FGPy!%P<YX-Kl=J
z#NJ-8l0^ZwJ6}6c=&ryV80=2f7K%exAQFan-@5{#AkJI`fA^oIRIP$@_TxI=o&g#^
z+{y3_+)2@FMzPZY3;YzaxTDfV4~pyiKoZ~1g#msFY1~z5<8q(*yCw+q!^>)=Q2)<R
zTwV#0kxGgCu{Rle6T+YjPVwh42p7A<LSGUwS0M(5inOaR1%|n!rSamxRTwYQHGHVJ
zeHG@yaQ8|6qL?W0aS$uIB_1VKNxTT+6ulYZMTUl#4NzW&<0VFExkU5+H;PMJAXcYD
z@*U;lGTA<*SoXj$9bQ+1#_MGJLJd3Of7v>LY*fj2@NcNp@EH`n-7xfrti)+qB4ddl
z!wY;2{|tYoEN1^p2n`=EI)VFZoS9jLxne8l;iBeCNDx{r|4@9-xxY99JW|NO{lt9W
zr7%)-0p9|nlqBwh(c6))gE3+~@>vg0*2C!8m%tw4cI@#5-s9lWYDzAvnNm_Rmk$lr
zFxq0A>;U|hC-RqEo-A=5`6w7GcItQqCE!=Ve254N;8$RR$b1rqh=GB;3X)WSJ++?)
zh^GSiEJ*g=2;|A&OE6!}@FZ@<#c1I-`5*Xd3ZRjDS2yww2*Xp1$df>X*N9g?!&CI|
zO<Mj=(1<fD`Is<lVAz1GXhZA5?NmX(B?l*phAn)T26r&rLG3LlcI@GSwJ9^5Gn`qu
z`4uIF+0*mw(@P5r$}-Dx44D-L<@($Lb5W_YJj>~D6qZ}{GYsVg4l8kx!&Xu3$V+i%
z=}WXmy}^`ZFeK@1aYj?BF(p-RO*U9;R=a^KPy&3N;p;S^2g`D#jv(FtcS5BAG;AxQ
z`#V?$7qG?U`F9Z;#K(f{+l=M}@!4Pye+=SF!KnNU6OLd$9ZX)z#9R;?*JB!(eW^G{
zdVnv^I|NdS^9G7LojgE;{o371dmF=T^!(>2ww>iI4?I`>?@}?)^RH3d{hs?1DoPmL
zmw6h0A7{Hf*<#oRd;~1_=hceT4HzQUZoo>gsUZ3N&oKkQu6S&P6y+yDWNb!1ara4F
z2&sx8QEb|XDZ`aT2t+r-|4}jU2_D1$#KU+1U&LpKLBm29qi}~{YZSii<4fNe=NNuU
z=bex7J$##dUg%?*qp>(qb$nap+$;Dwenf7Uh?f6?@A@3ymN6p=yZY*#;HLr)kK_CJ
z4t9~xb11sfF*gd2`X=mSZi44&{4earqvW%<52PPD&^XYS$3=`SV*h}*_<DT7<(U=G
z5p47uoNIv&SyXPqc;VcL;gIHAitbIc6#7lr4v*Zcod`k3o$%<r_B`?VW{iS#@14!4
z0byE?@sJ@()}w8>lH@=<q%hG<s)<W@mg?gezKd_+AMp@Hw;jcyxi~!v_cPqDdR?TY
z>ZB9a8T^pm(n~(SK(W6Gor%Ht8V$#0liQC@kmPz4|4iLpBlo9p`cE>*Z&n(KavO=6
zMiOO7BxZ~yQ9P2w^mr1E7!pNMB&LRwC{WIqla-kBHJl{S+S65{uJtRZai-x45MhI*
zk=u7;$V!u49<4a%^12_E|4T}wl0sU1ddb7+MGx-9=W!42piOcUuEP#oK@`)3^RWtN
zV;N4zDVU4tn1Uuu!qFIy!!QCvP>0C>&TsP@yq90(XZdM<f`7n|@IUd_`73-Mk9?8;
zn(yX<PODGyHGCys&fEAR?sYwjAA^Dmjd$V8xDCRUq-$9@Ee7j^pYnP9H2&1($rT^0
z!%^DI?Bd)^r)XY>(IR3!4i^*Fp$)QqMZJ6-I>orPI2Lkzgt~hTp@DXRM}=oCt`G;;
zpaF6fpbQazUxUdaX$@LolF#sOYtSY(uEvRwcMmB6f{bC}+tp}_R2Eo6luOqfJcRWa
z%|B8pw}nH67&A%Am*`Qch|BkB)5PvqP_-3`=5(KJikN*6^T#PK7={sycFIeH{G)`e
zeYD_P@d;c)%ls2`U<Mj+1V#`%dbx<`#_J<-mwG0kQtrX?gtn7}ODa(U(W`Vk`W?Q2
zzrtPQ-_lpGd(L9*NZjqq^bI;SUnDS}#uNAf9-))e>-Y*y`Xc@scT=Y}wJ<f}xocQ8
z679-%)=O^3@f?l19bcvhpQOEFG3^+$aT;c$ojL`huz!#56N!~F%;OuO8$wyB%ah|R
z9U#4oWS_(^hp&ZqKw^_z9<%r9W%wHQ6?HblbiM*!1IDsl9)tI6JE3ocg3ll}o2rKW
z2kQj`k#`sO=hOHv`8gbe&G-kGCrwP~#Hrp^yHtvCN{0dLSw{C)pnsVAD$$iAX}ysX
zrHXrVn;B;C$HB{PGqcMx!aJyiD5@{6WQM7<CwSRSmh8%m_TG$^2B4VQjPIxp5_^}S
zjW2+wNl9{fhQn@`XNUKVD9QS-2P57{m$JmBR|%Xs2XL#`n=f_nPz4qeqr>2MJ_DAq
zokHJ?F|MuzVQ9u^S68xkW~5Y$u|7B2y<>SAeYZ9+g%p0c`g$dM-yA4y$G$-+ql0(?
z$jt8YjPXV!OTFN|7%H8CB4zy&Ac#Q_41^&t91>w1t)m^Xpoor+RrKAr0@i^Wo`Xa1
z7958Q@Hb9}MQ-F%`2xO?@8>5GFd65d3y-+NLOWMV7^0Ik7y`0JmBFessqzt3X8GYD
zkPR}|;b7(0C}SWF^Jyko^2Z3$&2os(XqF8YIkcZXsGmN#pFUpIBdI5K&<7K(E2EHZ
zu*zW~Z4VB|6ggac{|ru$jV5_W7>>T@K~1Asjta-52Q5a6JajOcR2Chi88#GCR5el)
z9fRqr8l{Pe!(3I3)(lU;DXJO^vD=@)(b8BfQ`;jo@e^>iPxUvM<PkDf`C3HHT1|ox
z=ihJYAW?+wMyq7U#rKV&1xlvkDdFIxZ}yWshEL#+@)?wa$M^=~)Lr~}et>uKZu%DP
z;a}5#1cERY&GcnohimAIXCIaPyR@}m#2Zw*0ia2jI^h2BAp>Z4Fr~<2vZM~bAFLwq
zY1C=Q=F*w$L1R#SzvVTX<O%)OlA30-oFumH!ic%b;`L?0XE$49vsIS+cel%i2b)F}
z9~N1w;=>|aWxxAczyOQ^S+N=Pa-dkc2V+*Mc~?v}*`MCp_t+-eWt|Eoi$ON~Tnw_s
zC|lIY$f)Qh*{X(qziBbcHWdc_Ef$MxSKs7EMvGNW8H#ia+qaXDoGM=0Nf;wIDD9yu
zEh+LuH2|wYepC&B6su8AR|D|rR+F5e25`S=HOra4URF8V*UKtfZE}vUm#SOsa;}1h
zK=u`TIPcLzcX;R#ANQ@DA|2yG<Vl%{KK3}wP|GL56YMaHBhLpfmC%llld>^P@z$`B
zKE~TilL^;W4ENq1C4F*_FEbcU;v3*7Xjz8KlkBx6NL?7M1Q!5$_Ap8&_=VGkPoykL
zi=@-yT%434V)G?`Av+|On3gByi9;UD6PI$O$-<AK{y&&kB+r$Odr!nk)x3|u4GMv_
zz#$@VgUb`^ojXhF?iXw-Uqw8IzF_y1QLy1kuv$Ki_1|VF$cfw+<dR9!RuP;lof7Zl
HNLl{`?pSH~

diff --git a/util/email.py b/util/email.py
index 2698ccbed..79cd2dd0f 100644
--- a/util/email.py
+++ b/util/email.py
@@ -39,3 +39,11 @@ def send_recovery_email(email, token):
                 recipients=[email])
   msg.html = RECOVERY_MESSAGE % (token, token)
   mail.send(msg)
+
+
+def send_invoice_email(email, contents):
+  msg = Message('Quay.io payment received - Thank you!',
+                sender='support@quay.io',  # Why do I need this?
+                recipients=[email])
+  msg.html = contents
+  mail.send(msg)
diff --git a/util/invoice.py b/util/invoice.py
new file mode 100644
index 000000000..6cefa5099
--- /dev/null
+++ b/util/invoice.py
@@ -0,0 +1,36 @@
+from datetime import datetime
+from jinja2 import Environment, FileSystemLoader
+
+jinja_options = {
+  "loader": FileSystemLoader('util'),
+}
+
+env = Environment(**jinja_options)
+
+def renderInvoiceToHtml(invoice, user):
+  """ Renders a nice HTML display for the given invoice. """
+  def get_price(price):
+    if not price:
+      return '$0'
+
+    return '$' + '{.2f}'.format(price / 100)
+
+  def get_range(line):
+   if line.period and line.period.start and line.period.end:
+     return ': ' + format_date(line.period.start) + ' - ' + format_date(line.period.end) 
+   return ''
+
+  def format_date(timestamp):
+    return datetime.fromtimestamp(timestamp).strftime('%Y-%m-%d')
+
+  data = {
+    'user': user.username,
+    'invoice': invoice,
+    'invoice_date': format_date(invoice.date),
+    'getPrice': get_price,
+    'getRange': get_range
+  }    
+  
+  template = env.get_template('invoice.tmpl')
+  rendered = template.render(data)
+  return rendered
diff --git a/util/invoice.tmpl b/util/invoice.tmpl
new file mode 100644
index 000000000..95cb5a23a
--- /dev/null
+++ b/util/invoice.tmpl
@@ -0,0 +1,63 @@
+<html>
+  <body>
+   <table width="100%" style="max-width: 640px">
+     <tr>
+       <td valign="center" style="padding: 10px;">
+         <img src="https://quay.io/static/img/quay-logo.png" alt="Quay.io" style="width: 100px;">
+       </td>
+       <td valign="center">
+         <h3>Quay.io</h3>
+         <p style="font-size: 12px; -webkit-text-adjust: none">
+           DevTable, LLC<br>
+           https://devtable.com<br>
+           PO Box 48<br>
+           New York, NY 10009
+         </p>
+       </td>
+       <td align="right" width="100%">
+         <h1 style="color: #ddd;">RECEIPT</h1>
+         <table>
+           <tr><td>Date:</td><td>{{ invoice_date }}</td></tr>
+           <tr><td>Invoice #:</td><td style="font-size: 10px">{{ invoice.id }}</td></tr>
+         </table>
+       </td>
+     </tr>
+   </table>
+
+   <hr>
+
+   <table width="100%" style="max-width: 640px">
+     <thead>
+       <th style="padding: 4px; background: #eee; text-align: center; font-weight: bold">Description</th>
+       <th style="padding: 4px; background: #eee; text-align: center; font-weight: bold">Line Total</th>
+     </thead>
+     <tbody>
+{%- for line in invoice.lines.data -%}
+       <tr>
+         <td width="100%" style="padding: 4px;">{{ line.description or ('Plan Subscription' + getRange(line)) }}</td>
+         <td style="padding: 4px; min-width: 150px;">{{ getPrice(line.amount) }}</td>
+       </tr>
+{%- endfor -%}
+       
+       
+       <tr>
+         <td></td>
+         <td valign="right">
+           <table>
+             <tr><td><b>Subtotal: </b></td><td>{{ getPrice(invoice.subtotal) }}</td></tr>
+             <tr><td><b>Total: </b></td><td>{{ getPrice(invoice.total) }}</td></tr>
+             <tr><td><b>Paid: </b></td><td>{{ getPrice(invoice.total) if invoice.paid else 0 }}</td></tr>
+             <tr><td><b>Total Due:</b></td>
+               <td>{{ getPrice(invoice.ending_balance) }}</td></tr>
+           </table>
+         </td>
+       </tr>
+     </tbody>
+   </table>
+   
+   <div style="margin: 6px; padding: 6px; width: 100%; max-width: 640px; border-top: 2px solid #eee; text-align: center; font-size: 14px; -webkit-text-adjust: none; font-weight: bold;">
+     We thank you for your continued business!
+   </div>
+
+  </body>
+</html>