From c9faca94ad89ddff2480023471fe62483caaf311 Mon Sep 17 00:00:00 2001
From: Tanner Collin <git@tannercollin.com>
Date: Mon, 20 Jan 2020 01:57:05 +0000
Subject: [PATCH] Add API routes to pause / unpause membership

---
 apiserver/apiserver/api/utils.py |  1 +
 apiserver/apiserver/api/views.py | 30 ++++++++++++++++++++++++++++++
 2 files changed, 31 insertions(+)

diff --git a/apiserver/apiserver/api/utils.py b/apiserver/apiserver/api/utils.py
index b119b5c..d2f99b7 100644
--- a/apiserver/apiserver/api/utils.py
+++ b/apiserver/apiserver/api/utils.py
@@ -90,6 +90,7 @@ def tally_membership_months(member, fake_date=None):
     if not start_date: return False
 
     txs = models.Transaction.objects.filter(member_id=member.id)
+    txs = txs.filter(date__gte=start_date)
     total_months_agg = txs.aggregate(Sum('number_of_membership_months'))
     total_months = total_months_agg['number_of_membership_months__sum'] or 0
 
diff --git a/apiserver/apiserver/api/views.py b/apiserver/apiserver/api/views.py
index 84e0060..e92d433 100644
--- a/apiserver/apiserver/api/views.py
+++ b/apiserver/apiserver/api/views.py
@@ -1,7 +1,9 @@
+import datetime
 from django.contrib.auth.models import User, Group
 from django.shortcuts import get_object_or_404
 from django.db.models import Max
 from rest_framework import viewsets, views, mixins, generics, exceptions
+from rest_framework.decorators import action
 from rest_framework.permissions import BasePermission, IsAuthenticated, SAFE_METHODS
 from rest_framework.response import Response
 from rest_auth.views import PasswordChangeView
@@ -133,6 +135,34 @@ class MemberViewSet(Base, Retrieve, Update):
         else:
             return serializers.MemberSerializer
 
+    def perform_create(self, serializer):
+        member = serializer.save()
+        utils.tally_membership_months(member)
+
+    def perform_update(self, serializer):
+        member = serializer.save()
+        utils.tally_membership_months(member)
+
+    @action(detail=True)
+    def pause(self, request, pk=None):
+        if not is_admin_director(self.request.user):
+            raise exceptions.PermissionDenied()
+        member = get_object_or_404(self.queryset, pk=pk)
+        member.paused_date = datetime.date.today()
+        member.save()
+        return Response(200)
+
+    @action(detail=True)
+    def unpause(self, request, pk=None):
+        if not is_admin_director(self.request.user):
+            raise exceptions.PermissionDenied()
+        member = get_object_or_404(self.queryset, pk=pk)
+        member.current_start_date = datetime.date.today()
+        member.paused_date = None
+        member.save()
+        utils.tally_membership_months(member)
+        return Response(200)
+
 
 class CardViewSet(Base, Create, Retrieve, Update, Destroy):
     permission_classes = [AllowMetadata | IsAuthenticated, IsObjOwnerOrAdmin]