fixes to purchase_email and readme update

products/views.py

@@ -6,6 +6,8 @@ import json
 from django.db.models import Q
 from django.core import serializers
 from django.contrib.auth import get_user_model
+from django.template.loader import render_to_string
+from django.core.mail import EmailMessage
 
 # Create your views here.
 from rest_framework import status
@@ -24,6 +26,7 @@ from dal import autocomplete
 from products.models import Product, CategoryTag
 from products.serializers import ProductSerializer, TagFilterSerializer, SearchResultSerializer
 from companies.models import Company
+from stats.models import StatsLog
 from back_latienda.permissions import IsCreator, IsSiteAdmin, ReadOnly
 from .utils import extract_search_filters, find_related_products_v6, product_loader, find_related_products_v7
 from utils.tag_serializers import TaggitSerializer
@@ -247,19 +250,21 @@ class CategoryTagAutocomplete(autocomplete.Select2QuerySetView):
         return qs       # [x.label for x in qs]
 
 
-@permission_classes([AllowAny,])
 @api_view(['POST'])
+@permission_classes([AllowAny,])
 def purchase_email(request):
     """Notify coop manager and user about item purchase
     """
-
     data = json.loads(request.body)
     # check data
+    if request.user.is_anonymous and 'email' not in data:
+        return Response({"error": "Anonymous users must include an email parameter value"}, status=status.HTTP_406_NOT_ACCEPTABLE)
+
     try:
-        for param in ('email', 'telephone', 'company', 'product', 'comment'):
+        for param in ('telephone', 'company', 'product', 'comment'):
             assert(param in data.keys())
     except:
-        return Response({"error": "Required parameters for anonymous user: email, telephone"}, status=status.HTTP_406_NOT_ACCEPTABLE)
+        return Response({"error": "Required parameters for anonymous user: telephone, company, product, comment"}, status=status.HTTP_406_NOT_ACCEPTABLE)
 
     if request.user.is_anonymous:
         email = data.get('email')
@@ -273,7 +278,7 @@ def purchase_email(request):
         return Response({"error": "Invalid value for company"}, status=status.HTTP_406_NOT_ACCEPTABLE)
     # get company manager
     manager = User.objects.filter(company=company).first()
-    if not manager and manager.role != 'COOP_MANAGER':
+    if not manager or manager.role != 'COOP_MANAGER':
         return Response({"error": "Company has no managing user"}, status=status.HTTP_406_NOT_ACCEPTABLE)
     # get product
     product = Product.objects.filter(id=data['product'], company=company).first()
@@ -297,19 +302,17 @@ def purchase_email(request):
         'product': product,
     })
     subject = 'Confirmación de contacto con vendedor'
-    email = EmailMessage(subject, message, to=[request.user.email])
+    email = EmailMessage(subject, user_message, to=[email])
     email.send()
-    logging.info(f"Purchase Contact confirmation email sent to {request.user.email}")
+    logging.info(f"Purchase Contact confirmation email sent to {email}")
 
     #  create statslog instance to register interaction
     stats_data = {
-        'action_object': instance,
-        'user': None,
-        'anonymous': True,
-        'ip_address': client_ip,
-        'geo': g.geos(client_ip),
+        'action_object': product,
+        'user': request.user if request.user.is_authenticated else None,
+        'anonymous': request.user.is_anonymous,
         'contact': True,
-        'shop': instance.shop,
+        'shop': company.shop,
     }
     StatsLog.objects.create(**stats_data)