@JsonRequest
@ProtectEndpoint(writeOperation = true, requiresProject = false)
@Path("/coupon")
public RakamCoupon checkCoupon(
@ApiParam("coupon") String coupon,
@HeaderParam("X-Requested-With") String csrfHeader,
@javax.inject.Named("user_id") UIPermissionParameterProvider.Project project) {
if (!"XMLHttpRequest".equals(csrfHeader)) {
throw new RakamException(FORBIDDEN);
}
Optional<WebUser> webUser = service.getUser(project.userId);
if (!webUser.isPresent() || webUser.get().readOnly) {
throw new RakamException("User is not allowed to perform this operation", UNAUTHORIZED);
}
try {
Coupon retrieve = Coupon.retrieve(coupon, requestOptions);
return new RakamCoupon(retrieve.getPercentOff(), retrieve.getAmountOff());
} catch (InvalidRequestException e) {
if (e.getStatusCode() == 404) {
throw new RakamException(NOT_FOUND);
}
throw Throwables.propagate(e);
} catch (StripeException e) {
throw Throwables.propagate(e);
}
}