user addon_url to allow apps path or addons path and avoid any slug issues (bug 694428)

apps/addons/templates/addons/impala/button.html

@@ -10,8 +10,8 @@
      data-name="{{ addon.name }}"
      {{ b.attrs()|xmlattr }}
   {% if waffle.switch('marketplace') and addon.can_be_purchased() %}
-     data-purchase="{{ url('addons.purchase', addon.slug) }}?"
-     data-start-purchase="{{ url('users.purchase.start', addon.slug) }}"
+     data-purchase="{{ addon_url('addons.purchase', addon) }}?"
+     data-start-purchase="{{ addon_url('addons.purchase.start', addon) }}"
      data-cost="{{ addon.premium.get_price() }}"
      data-login-url="{{ url('users.login_modal') }}"
   {% endif %}

apps/addons/templates/addons/paypal_start.html

@@ -40,7 +40,7 @@
         {% endtrans %}
       </div>
       <button class="button prominent paypal"
-              href="{{ url('addons.purchase', addon.slug) }}?"
+              href="{{ addon_url('addons.purchase', addon) }}?"
               data-realurl="{{ download }}">
         {# The <small> makes it smaller, <em> makes it darker. Don't localize "PayPal". #}
             {{ _('Pay <small>with</small> Pay<em>Pal</em>') }}
@@ -48,7 +48,7 @@
       <p>{{ _('Complete your purchase with PayPal.  No account necessary.') }}</p>
       {% else %}
       <div class="paypal-user login">
-        {% with is_ajax=False, action="%s?realurl=%s" % (url('users.purchase.start', addon.slug), download) %}
+        {% with is_ajax=False, action="%s?realurl=%s" % (addon_url('addons.purchase.start', addon), download) %}
           {% include "users/login_form.html" %}
         {% endwith %}
       </div>

apps/addons/tests/test_views.py

@@ -21,7 +21,7 @@ import waffle
 
 import amo
 import amo.tests
-from amo.helpers import absolutify, numberfmt, urlparams
+from amo.helpers import absolutify, numberfmt, urlparams, addon_url
 from amo.tests.test_helpers import get_image_path
 from amo.urlresolvers import reverse
 from abuse.models import AbuseReport
@@ -29,7 +29,7 @@ from addons import cron
 from addons.models import (Addon, AddonDependency, AddonUpsell, AddonUser,
                            Charity, Category)
 from files.models import File
-from market.models import AddonPremium, AddonPurchase
+from market.models import AddonPremium, AddonPurchase, Price
 from paypal.tests import other_error
 from stats.models import Contribution
 from translations.helpers import truncate
@@ -427,6 +427,85 @@ class TestPurchaseEmbedded(amo.tests.TestCase):
         assert 'chains' in get_paykey.call_args_list[0][0][0].keys()
 
 
+# TODO: remove when the marketplace is live.
+@patch.object(waffle, 'switch_is_active', lambda x: True)
+# TODO: figure out why this is being set
+@patch.object(settings, 'LOGIN_RATELIMIT_USER', 10)
+class TestPaypalStart(amo.tests.TestCase):
+    fixtures = ['users/test_backends', 'base/addon_3615']
+
+    def get_profile(self):
+        return UserProfile.objects.get(id=4043307)
+
+    def setUp(self):
+        self.client.get('/')
+        self.data = {'username': 'jbalogh@mozilla.com',
+                     'password': 'foo'}
+        self.addon = Addon.objects.all()[0]
+
+        self.url = addon_url('addons.purchase.start', self.addon)
+
+        self.price = Price.objects.create(price='0.99')
+        AddonPremium.objects.create(addon=self.addon, price=self.price)
+        self.addon.update(premium_type=amo.ADDON_PREMIUM)
+
+    def test_loggedout_purchased(self):
+        # "Buy" the add-on
+        self.addon.addonpurchase_set.create(user=self.get_profile())
+
+        # Make sure we get a log in field
+        r = self.client.get_ajax(self.url)
+        eq_(r.status_code, 200)
+        assert pq(r.content).find('#id_username').length
+
+        # Now, let's log in.
+        res = self.client.post_ajax(self.url, data=self.data)
+        eq_(res.status_code, 200)
+
+        # Are we presented with a link to the download?
+        assert pq(res.content).find('.trigger_download').length
+
+    def test_loggedin_purchased(self):
+        # Log the user in
+        assert self.client.login(**self.data)
+
+        # "Buy" the add-on
+        self.addon.addonpurchase_set.create(user=self.get_profile())
+
+        r = self.client.get_ajax(self.url)
+        eq_(r.status_code, 200)
+
+        # This only happens if we've bought it.
+        assert pq(r.content).find('.trigger_download').length
+
+    def test_loggedout_notpurchased(self):
+        # We don't want any purchases.
+        AddonPurchase.objects.all().delete()
+
+        # Make sure we're presented with a log in form.
+        r = self.client.get_ajax(self.url)
+        eq_(r.status_code, 200)
+        assert pq(r.content).find('#id_username').length
+
+        # Now, let's log in.
+        res = self.client.post_ajax(self.url, data=self.data)
+        eq_(res.status_code, 200)
+
+        # Make sure we get a link to paypal
+        assert pq(res.content).find('.paypal.button').length
+
+    def test_loggedin_notpurchased(self):
+        # No purchases; logged in.
+        AddonPurchase.objects.all().delete()
+        assert self.client.login(**self.data)
+
+        r = self.client.get_ajax(self.url)
+        eq_(r.status_code, 200)
+
+        # Make sure we get a link to paypal.
+        assert pq(r.content).find('.paypal.button').length
+
+
 class TestDeveloperPages(amo.tests.TestCase):
     fixtures = ['base/apps', 'base/addon_3615', 'base/addon_592',
                 'base/users', 'addons/eula+contrib-addon',

apps/addons/urls.py

@@ -31,6 +31,8 @@ detail_patterns = patterns('',
         name='addons.paypal'),
 
     url('^purchase/$', views.purchase, name='addons.purchase'),
+    url(r'purchase/start$', views.paypal_start,
+        name='addons.purchase.start'),
     url('^purchase/thanks/$', views.purchase_thanks,
         name='addons.purchase.thanks'),
     url('^purchase/(?P<status>cancel|complete)$',

apps/addons/views.py

@@ -37,6 +37,7 @@ from devhub.decorators import dev_required
 import paypal
 from reviews.forms import ReviewForm
 from reviews.models import Review, GroupedRating
+from session_csrf import anonymous_csrf
 from sharing.views import share as share_redirect
 from stats.models import Contribution
 from translations.query import order_by_translation
@@ -686,6 +687,21 @@ def paypal_result(request, addon, status):
     return response
 
 
+@addon_view
+@can_be_purchased
+@anonymous_csrf
+def paypal_start(request, addon=None):
+    download = urlparse(request.GET.get('realurl', '')).path
+    data = {'addon': addon, 'is_ajax': request.is_ajax(), 'download': download}
+
+    if request.user.is_authenticated():
+        return jingo.render(request, 'addons/paypal_start.html', data)
+
+    from users.views import _login
+    return _login(request, data=data, template='addons/paypal_start.html',
+                  dont_redirect=True)
+
+
 @addon_view
 def share(request, addon):
     """Add-on sharing"""

apps/users/tests/test_views.py

@@ -313,83 +313,6 @@ class TestEmailChange(UserViewBase):
         self.assertEqual(u.email, 'nobody@mozilla.org')
 
 
-class TestPaypalStart(UserViewBase):
-    fixtures = ['users/test_backends', 'base/addon_3615']
-
-    def setUp(self):
-        super(TestPaypalStart, self).setUp()
-        self.data = {'username': 'jbalogh@mozilla.com', 'password': 'foo'}
-        self.addon = Addon.objects.all()[0]
-
-        self.url = reverse('users.purchase.start', args=[self.addon.slug])
-
-        self.price = Price.objects.create(price='0.99')
-        AddonPremium.objects.create(addon=self.addon, price=self.price)
-        self.addon.update(premium_type=amo.ADDON_PREMIUM)
-
-        self.user = User.objects.filter(email=self.data['username'])[0]
-
-    @patch.object(waffle, 'switch_is_active', lambda x: True)
-    def test_loggedout_purchased(self):
-        # "Buy" the add-on
-        self.addon.addonpurchase_set.create(user=self.user.get_profile())
-
-        # Make sure we get a log in field
-        r = self.client.get_ajax(self.url)
-        eq_(r.status_code, 200)
-        assert pq(r.content).find('#id_username').length
-
-        # Now, let's log in.
-        res = self.client.post_ajax(self.url, data=self.data)
-        eq_(res.status_code, 200)
-
-        # Are we presented with a link to the download?
-        assert pq(res.content).find('.trigger_download').length
-
-    @patch.object(waffle, 'switch_is_active', lambda x: True)
-    def test_loggedin_purchased(self):
-        # Log the user in
-        assert self.client.login(**self.data)
-
-        # "Buy" the add-on
-        self.addon.addonpurchase_set.create(user=self.user.get_profile())
-
-        r = self.client.get_ajax(self.url)
-        eq_(r.status_code, 200)
-
-        # This only happens if we've bought it.
-        assert pq(r.content).find('.trigger_download').length
-
-    @patch.object(waffle, 'switch_is_active', lambda x: True)
-    def test_loggedout_notpurchased(self):
-        # We don't want any purchases.
-        AddonPurchase.objects.all().delete()
-
-        # Make sure we're presented with a log in form.
-        r = self.client.get_ajax(self.url)
-        eq_(r.status_code, 200)
-        assert pq(r.content).find('#id_username').length
-
-        # Now, let's log in.
-        res = self.client.post_ajax(self.url, data=self.data)
-        eq_(res.status_code, 200)
-
-        # Make sure we get a link to paypal
-        assert pq(res.content).find('.paypal.button').length
-
-    @patch.object(waffle, 'switch_is_active', lambda x: True)
-    def test_loggedin_notpurchased(self):
-        # No purchases; logged in.
-        AddonPurchase.objects.all().delete()
-        assert self.client.login(**self.data)
-
-        r = self.client.get_ajax(self.url)
-        eq_(r.status_code, 200)
-
-        # Make sure we get a link to paypal.
-        assert pq(r.content).find('.paypal.button').length
-
-
 class TestLogin(UserViewBase):
     fixtures = ['users/test_backends', 'base/addon_3615']
 
@@ -422,7 +345,7 @@ class TestLogin(UserViewBase):
         AddonPremium.objects.create(addon=addon, price=price)
         addon.update(premium_type=amo.ADDON_PREMIUM)
 
-        url = reverse('users.purchase.start', args=[addon.slug])
+        url = reverse('addons.purchase.start', args=[addon.slug])
         r = self.client.get_ajax(url)
         eq_(r.status_code, 200)
 

apps/users/urls.py

@@ -57,8 +57,6 @@ users_patterns = patterns('',
     url(r'purchases/$', views.purchases, name='users.purchases'),
     url(r'purchases/(?P<addon_id>\d+)', views.purchases,
         name='users.purchases.receipt'),
-    url(r'purchase/start/%s$' % ADDON_ID, views.paypal_start,
-        name='users.purchase.start'),
     url(r'support/(?P<contribution_id>\d+)(?:/(?P<step>[\w-]+))?$',
         views.SupportWizard.as_view(),
         name='users.support')

apps/users/views.py

@@ -280,21 +280,6 @@ def browserid_login(request):
     return http.HttpResponse(status=401)
 
 
-@addon_view
-@can_be_purchased
-@anonymous_csrf
-#@ratelimit(block=True, rate=settings.LOGIN_RATELIMIT_ALL_USERS)
-def paypal_start(request, addon=None):
-    download = urlparse(request.GET.get('realurl', '')).path
-    data = {'addon': addon, 'is_ajax': request.is_ajax(), 'download': download}
-
-    if request.user.is_authenticated():
-        return jingo.render(request, 'addons/paypal_start.html', data)
-
-    return _login(request, data=data, template='addons/paypal_start.html',
-                  dont_redirect=True)
-
-
 @anonymous_csrf
 @mobile_template('users/{mobile/}login_modal.html')
 #@ratelimit(block=True, rate=settings.LOGIN_RATELIMIT_ALL_USERS)

apps/webapps/urls.py

@@ -13,6 +13,15 @@ detail_patterns = patterns('',
     url('^share$', views.share, name='apps.share'),
     url('^abuse$', addons_views.report_abuse, name='apps.abuse'),
     url('^record$', views.record, name='apps.record'),
+
+    # TODO(andym): generate these instead of copying them around.
+    url('^purchase/$', addons_views.purchase, name='apps.purchase'),
+    url(r'purchase/start$', addons_views.paypal_start,
+        name='apps.purchase.start'),
+    url('^purchase/thanks/$', addons_views.purchase_thanks,
+        name='apps.purchase.thanks'),
+    url('^purchase/(?P<status>cancel|complete)$',
+        addons_views.purchase_complete, name='apps.purchase.finished'),
 )