azionelab/backend/checkins/views.py

from rest_framework import status
from rest_framework.authentication import BasicAuthentication, SessionAuthentication
from rest_framework.decorators import api_view, authentication_classes, permission_classes
from rest_framework.permissions import BasePermission, IsAuthenticated
from rest_framework.response import Response

from .serializers import (
    CheckInConfirmResponseSerializer,
    CheckInPreviewResponseSerializer,
    CheckInTokenSerializer,
)
from .services import (
    AlreadyCheckedIn,
    InvalidToken,
    MissingStaffUser,
    ReservationNotConfirmed,
    confirm_check_in_from_token,
    preview_check_in_token,
)


class IsStaffUser(BasePermission):
    def has_permission(self, request, view):
        return bool(request.user and request.user.is_staff)


def staff_check_in_view(view_func):
    view_func = permission_classes([IsAuthenticated, IsStaffUser])(view_func)
    view_func = authentication_classes([BasicAuthentication, SessionAuthentication])(view_func)
    view_func = api_view(["POST"])(view_func)
    return view_func


@staff_check_in_view
def check_in_preview(request):
    serializer = CheckInTokenSerializer(data=request.data)
    serializer.is_valid(raise_exception=True)

    try:
        preview = preview_check_in_token(serializer.validated_data["token"], staff_user=request.user)
    except InvalidToken as exc:
        return Response(
            {"status": "invalid_token", "detail": str(exc)},
            status=status.HTTP_404_NOT_FOUND,
        )
    except ReservationNotConfirmed as exc:
        return Response(
            {"status": "reservation_not_confirmed", "detail": str(exc)},
            status=status.HTTP_409_CONFLICT,
        )
    except AlreadyCheckedIn as exc:
        return Response(
            {"status": "already_checked_in", "detail": str(exc)},
            status=status.HTTP_409_CONFLICT,
        )
    except MissingStaffUser as exc:
        return Response(
            {"status": "staff_user_required", "detail": str(exc)},
            status=status.HTTP_403_FORBIDDEN,
        )

    response_serializer = CheckInPreviewResponseSerializer(
        {
            "status": "valid",
            "reservation_id": preview.reservation_id,
            "performance_id": preview.performance_id,
            "show_title": preview.show_title,
            "venue_name": preview.venue_name,
            "starts_at": preview.starts_at,
            "party_size": preview.party_size,
        }
    )
    return Response(response_serializer.data)


@staff_check_in_view
def check_in_confirm(request):
    serializer = CheckInTokenSerializer(data=request.data)
    serializer.is_valid(raise_exception=True)

    try:
        result = confirm_check_in_from_token(serializer.validated_data["token"], staff_user=request.user)
    except InvalidToken as exc:
        return Response(
            {"status": "invalid_token", "detail": str(exc)},
            status=status.HTTP_404_NOT_FOUND,
        )
    except ReservationNotConfirmed as exc:
        return Response(
            {"status": "reservation_not_confirmed", "detail": str(exc)},
            status=status.HTTP_409_CONFLICT,
        )
    except AlreadyCheckedIn as exc:
        return Response(
            {"status": "already_checked_in", "detail": str(exc)},
            status=status.HTTP_409_CONFLICT,
        )
    except MissingStaffUser as exc:
        return Response(
            {"status": "staff_user_required", "detail": str(exc)},
            status=status.HTTP_403_FORBIDDEN,
        )

    response_serializer = CheckInConfirmResponseSerializer(
        {
            "status": "checked_in",
            "check_in": result.check_in,
            "preview": result.preview,
        }
    )
    return Response(response_serializer.data)