CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Externalize more resources, implement Content-Security-Policy headers

Browse Source
This commit is contained in:
Raphael Michel
2016-04-10 17:30:24 +02:00
parent 5cca426cd3
commit 02fb27fa5d
19 changed files with 494 additions and 297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/pretix/plugins/banktransfer/templates/pretixplugins/banktransfer/import_assign.html
View File

@@ -7,10 +7,10 @@
{% endblocktrans %}</p>
<form method="post" action="">
{% csrf_token %}
<button class="btn btn-primary pull-right" type="submit" style="margin-bottom: 10px">
<button class="btn btn-primary pull-right helper-space-below" type="submit">
<span class="icon icon-upload"></span> {% trans "Continue" %}
</button>
<div class="flipped-scroll-wrapper" style="clear: both;">
<div class="flipped-scroll-wrapper clearfix">
<table class="table table-condensed flipped-scroll-inner">
<thead>
<tr>

2
src/pretix/plugins/banktransfer/templates/pretixplugins/banktransfer/import_confirm.html
View File

@@ -46,7 +46,7 @@
<input type="hidden" name="confirm" value="true" />
</table>
<button class="btn btn-primary btn-lg pull-right" type="submit" style="margin-bottom: 10px">
<button class="btn btn-primary btn-lg pull-right helper-space-below" type="submit">
<span class="icon icon-upload"></span> {% trans "Confirm" %}
</button>
<div class="clearfix"></div>

13
src/pretix/plugins/statistics/static/pretixplugins/statistics/statistics.js
View File

@@ -1,11 +1,12 @@
/*globals $, Morris*/
/*globals $, Morris, gettext*/
$(function () {
$(".chart").css("height", "250px");
new Morris.Area({
element: 'obd_chart',
data: JSON.parse($("#obd-data").html()),
xkey: 'date',
ykeys: ['ordered', 'paid'],
labels: ['{% trans "Placed orders" %}', '{% trans "Paid orders" %}'],
labels: [gettext('Placed orders'), gettext('Paid orders')],
lineColors: ['#000099', '#009900'],
smooth: false,
resize: true,
@@ -17,18 +18,18 @@ $(function () {
data: JSON.parse($("#rev-data").html()),
xkey: 'date',
ykeys: ['revenue'],
labels: ['{% trans "Total revenue" %}'],
labels: [gettext('Total revenue')],
smooth: false,
resize: true,
fillOpacity: 0.3,
preUnits: '{{ request.event.currency }} '
preUnits: $.trim($("#currency").html()) + ' '
});
new Morris.Bar({
element: 'obp_chart',
data: JSON.parse($("#odp-data").html()),
data: JSON.parse($("#obp-data").html()),
xkey: 'item',
ykeys: ['ordered', 'paid'],
labels: ['{% trans "Placed orders" %}', '{% trans "Paid orders" %}'],
labels: [gettext('Placed orders'), gettext('Paid orders')],
barColors: ['#000099', '#009900'],
resize: true
});

7
src/pretix/plugins/statistics/templates/pretixplugins/statistics/index.html
View File

@@ -10,7 +10,7 @@
<h3 class="panel-title">{% trans "Orders by day" %}</h3>
</div>
<div class="panel-body">
<div id="obd_chart" style="height: 250px;"></div>
<div id="obd_chart" class="chart"></div>
</div>
</div>
<div class="panel panel-default">
@@ -18,7 +18,7 @@
<h3 class="panel-title">{% trans "Revenue over time" %}</h3>
</div>
<div class="panel-body">
<div id="rev_chart" style="height: 250px;"></div>
<div id="rev_chart" class="chart"></div>
</div>
</div>
<div class="panel panel-default">
@@ -26,12 +26,13 @@
<h3 class="panel-title">{% trans "Orders by product" %}</h3>
</div>
<div class="panel-body">
<div id="obp_chart" style="height: 250px;"></div>
<div id="obp_chart" class="chart"></div>
</div>
</div>
<script type="application/json" id="obd-data">{{ obd_data|safe }}</script>
<script type="application/json" id="rev-data">{{ rev_data|safe }}</script>
<script type="application/json" id="obp-data">{{ obp_data|safe }}</script>
<script type="application/text" id="currency">{{ request.event.currency }}</script>
<script type="application/javascript" src="{% static "pretixplugins/statistics/statistics.js" %}"></script>
{% endblock %}

10
src/pretix/plugins/statistics/views.py
View File

@@ -15,6 +15,12 @@ class IndexView(EventPermissionRequiredMixin, TemplateView):
template_name = 'pretixplugins/statistics/index.html'
permission = 'can_view_orders'
def get(self, request, *args, **kwargs):
resp = super().get(request, *args, **kwargs)
# required by raphael.js
resp['Content-Security-Policy'] = "script-src {static} 'unsafe-eval'; style-src {static} 'unsafe-inline'"
return resp
def get_context_data(self, **kwargs):
ctx = super().get_context_data(**kwargs)
@@ -75,13 +81,13 @@ class IndexView(EventPermissionRequiredMixin, TemplateView):
i.id: str(i.name)
for i in Item.objects.filter(event=self.request.event)
}
ctx['obp_data'] = [
ctx['obp_data'] = json.dumps([
{
'item': item_names[item],
'ordered': cnt,
'paid': num_paid.get(item, 0)
} for item, cnt in num_ordered.items()
]
])
cache.set('statistics_obp_data', ctx['obp_data'])
ctx['rev_data'] = cache.get('statistics_rev_data')

6
src/pretix/plugins/stripe/static/pretixplugins/stripe/pretix-stripe.js
View File

@@ -1,4 +1,4 @@
/*global $, stripe_pubkey, stripe_loadingmessage */
/*global $, stripe_pubkey, stripe_loadingmessage, gettext */
'use strict';
var Stripe = null;
@@ -44,7 +44,7 @@ var pretixstripe = {
}
},
'request': function () {
waitingDialog.show(stripe_loading_message);
waitingDialog.show(gettext("Contacting Stripe…"));
$(".stripe-errors").hide();
Stripe.card.createToken(
{
@@ -80,7 +80,7 @@ var pretixstripe = {
url: 'https://js.stripe.com/v2/',
dataType: 'script',
success: function () {
Stripe.setPublishableKey(stripe_pubkey);
Stripe.setPublishableKey($.trim($("#stripe_pubkey").html()));
}
}
);

6
src/pretix/plugins/stripe/templates/pretixplugins/stripe/presale_head.html
View File

@@ -5,7 +5,5 @@
{% compress js %}
<script type="text/javascript" src="{% static "pretixplugins/stripe/pretix-stripe.js" %}"></script>
{% endcompress %}
<script type="text/javascript">
var stripe_pubkey = '{{ settings.publishable_key }}';
var stripe_loading_message = '{% trans "Contacting Stripe…" %}';
</script>
<script type="text/plain" id="stripe_pubkey">{{ settings.publishable_key }}</script>