CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Allow redeem by secret with special chars

Browse Source
This commit is contained in:
Raphael Michel
2020-10-18 16:04:42 +02:00
parent 0a1a9fcf88
commit 7c212ba79d
2 changed files with 15 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/pretix/api/views/checkin.py
View File

@@ -262,7 +262,7 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
return qs
@action(detail=False, methods=['POST'], url_name='redeem', url_path='(?P<pk>[^/]+)/redeem')
@action(detail=False, methods=['POST'], url_name='redeem', url_path='(?P<pk>.*)/redeem')
def redeem(self, *args, **kwargs):
force = bool(self.request.data.get('force', False))
type = self.request.data.get('type', None) or Checkin.TYPE_ENTRY

14
src/tests/api/test_checkin.py
View File

@@ -4,6 +4,7 @@ from decimal import Decimal
from unittest import mock
import pytest
from django.utils.http import urlquote
from django.utils.timezone import now
from django_countries.fields import Country
from django_scopes import scopes_disabled
@@ -643,6 +644,19 @@ def test_by_secret(token_client, organizer, clist, event, order):
assert resp.data['status'] == 'ok'
@pytest.mark.django_db
def test_by_secret_special_chars(token_client, organizer, clist, event, order):
with scopes_disabled():
p = order.positions.first()
p.secret = "abc+-/=="
p.save()
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
organizer.slug, event.slug, clist.pk, urlquote(p.secret, safe='')
), {}, format='json')
assert resp.status_code == 201
assert resp.data['status'] == 'ok'
@pytest.mark.django_db
def test_only_once(token_client, organizer, clist, event, order):
with scopes_disabled():