CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Make all orders "guest orders"

Browse Source
This commit is contained in:
Raphael Michel
2015-10-04 15:05:05 +02:00
parent c47008cc18
commit 93d027cec6
40 changed files with 296 additions and 1264 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
src/pretix/presale/middleware.py
View File

@@ -13,17 +13,6 @@ class EventMiddleware:
if url_namespace != 'presale':
return
if 'order_secrets' not in request.session:
request.session['order_secrets'] = []
if 'order_secret' in request.GET and request.GET.get('order_secret') not in request.session['order_secrets']:
# We can't use append here, because this would not trigger __setitem__
# on the session store and would not be saved
request.session['order_secrets'] = request.session['order_secrets'] + [request.GET.get('order_secret')]
# Removal of the secret from the URL has been disabled so people can bookmark it
# g = request.GET.copy()
# del g['order_secret']
# return redirect(request.path + '?' + g.urlencode())
if 'event.' in url_name and 'event' in url.kwargs:
try:
request.event = Event.objects.current.filter(
@@ -32,3 +21,8 @@ class EventMiddleware:
).select_related('organizer')[0]
except IndexError:
raise Http404(_('The selected event was not found.'))
if '_' not in request.session:
# We need to create session even if we do not yet store something there, because we need the session
# key for e.g. saving the user's cart
request.session['_'] = '_'

58
src/pretix/presale/templates/pretixpresale/event/account.html
View File

@@ -1,58 +0,0 @@
{% extends "pretixpresale/event/base.html" %}
{% load i18n %}
{% block title %}{% trans "Your account" %}{% endblock %}
{% block content %}
<h2>{% trans "Welcome back!" %}</h2>
<div class="row">
<div class="col-md-6">
{% if orders %}
<a href="{% url "presale:event.orders" event=request.event.slug organizer=request.event.organizer.slug %}">
<div class="panel panel-primary">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-shopping-cart fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge">{% trans "Your orders" %}</div>
</div>
</div>
</div>
</div>
</a>
{% else %}
<a href="{% url "presale:event.index" event=request.event.slug organizer=request.event.organizer.slug %}">
<div class="panel panel-primary">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-shopping-cart fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge">{% trans "Place new order" %}</div>
</div>
</div>
</div>
</div>
</a>
{% endif %}
</div>
<div class="col-md-6">
<a href="{% url "presale:event.account.settings" event=request.event.slug organizer=request.event.organizer.slug %}">
<div class="panel panel-primary">
<div class="panel-heading">
<div class="row">
<div class="col-xs-3">
<i class="fa fa-wrench fa-5x"></i>
</div>
<div class="col-xs-9 text-right">
<div class="huge">{% trans "Your settings" %}</div>
</div>
</div>
</div>
</div>
</a>
</div>
</div>
{% endblock %}

33
src/pretix/presale/templates/pretixpresale/event/account_settings.html
View File

@@ -1,33 +0,0 @@
{% extends "pretixpresale/event/base.html" %}
{% load i18n %}
{% load bootstrap3 %}
{% block title %}{% trans "Account settings" %}{% endblock %}
{% block content %}
<h2>{% trans "Account settings" %}</h2>
<form action="" method="post" class="form-horizontal">
{% csrf_token %}
{% bootstrap_form_errors form %}
<fieldset>
<legend>{% trans "General settings" %}</legend>
{% bootstrap_field form.givenname layout='horizontal' %}
{% bootstrap_field form.familyname layout='horizontal' %}
{% bootstrap_field form.locale layout='horizontal' %}
</fieldset>
<fieldset>
<legend>{% trans "Login settings" %}</legend>
{% bootstrap_field form.old_pw layout='horizontal' %}
{% bootstrap_field form.email layout='horizontal' %}
{% bootstrap_field form.new_pw layout='horizontal' %}
{% bootstrap_field form.new_pw_repeat layout='horizontal' %}
</fieldset>
<div class="row checkout-button-row">
<div class="col-md-4 col-md-offset-8">
<button class="btn btn-block btn-primary btn-lg btn-save" type="submit">
{% trans "Save" %}
</button>
</div>
<div class="clearfix"></div>
</div>
</form>
{% endblock %}

12
src/pretix/presale/templates/pretixpresale/event/base.html
View File

@@ -36,18 +36,6 @@
{% endfor %}
</div> &middot;
{% endif %}
{% if request.user.is_authenticated %}
{% blocktrans trimmed with name=request.user.get_short_name %}
Hello, {{ name }}!
{% endblocktrans %} &middot;
<a href="{% url "presale:event.account" event=request.event.slug organizer=request.event.organizer.slug %}">
{% trans "Your account" %}</a> &middot;
<a href="{% url "presale:event.logout" event=request.event.slug organizer=request.event.organizer.slug %}">
{% trans "Logout" %}</a>
{% else %}
<a href="{% url "presale:event.checkout.login" event=request.event.slug organizer=request.event.organizer.slug %}">
{% trans "Login" %}</a>
{% endif %}
</div>
<div class="clearfix"></div>
</div>

20
src/pretix/presale/templates/pretixpresale/event/forgot.html
View File

@@ -1,20 +0,0 @@
{% extends "pretixpresale/event/base.html" %}
{% load i18n %}
{% load bootstrap3 %}
{% block title %}{% trans "Password recovery" %}{% endblock %}
{% block content %}
<h2>{% trans "Password recovery" %}</h2>
<form class="form-horizontal" method="post">
{% csrf_token %}
{% bootstrap_form_errors form type='all' layout='inline' %}
{% bootstrap_field form.email layout="horizontal" %}
<input type="hidden" name="form" value="login" />
<div class="form-group">
<div class="submit-group col-md-offset-3 col-md-4">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Send recovery information" %}
</button>
</div>
</div>
</form>
{% endblock %}

99
src/pretix/presale/templates/pretixpresale/event/login.html
View File

@@ -1,99 +0,0 @@
{% extends "pretixpresale/event/base.html" %}
{% load i18n %}
{% load bootstrap3 %}
{% block title %}{% trans "Login" %}{% endblock %}
{% block content %}
<h2>{% trans "Login" %}</h2>
<p>{% trans "You need to login or register to continue" %}</p>
<div class="panel-group" id="login_accordion">
<div class="panel panel-default">
<div class="panel-heading" role="tab" id="headingOne">
<h4 class="panel-title">
<a data-toggle="collapse" href="#loginForm" data-parent="#login_accordion">
{% trans "I already have an account" %}
</a>
</h4>
</div>
<div id="loginForm" class="panel-collapse collapsed {% if request.POST.form == 'login' %}in{% endif %}">
<div class="panel-body">
<form class="form-horizontal" method="post">
{% csrf_token %}
{% bootstrap_form_errors login_form type='all' layout='inline' %}
{% bootstrap_field login_form.email layout="horizontal" %}
{% bootstrap_field login_form.password layout="horizontal" %}
<input type="hidden" name="form" value="login" />
<div class="form-group">
<div class="submit-group col-md-offset-3 col-md-4">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Login" %}
</button>
<a href="{% url "presale:event.forgot" event=request.event.slug organizer=request.event.organizer.slug %}" class="btn btn-link">
{% trans "Lost password?" %}
</a>
</div>
</div>
</form>
</div>
</div>
</div>
{% if "guest" in request.GET %}
<div class="panel panel-default">
<div class="panel-heading" role="tab" id="headingOne">
<h4 class="panel-title">
<a data-toggle="collapse" href="#guestForm" data-parent="#login_accordion">
{% trans "I want to order as a guest" %}
</a>
</h4>
</div>
<div id="guestForm" class="panel-collapse collapsed {% if request.POST.form == 'guest' %}in{% endif %}">
<div class="panel-body">
<div class="panel-body">
<form class="form-horizontal" method="post">
{% csrf_token %}
{% bootstrap_form_errors guest_form type='all' layout='inline' %}
{% bootstrap_field guest_form.email layout="horizontal" %}
<input type="hidden" name="form" value="guest" />
<div class="form-group">
<div class="submit-group col-md-offset-3 col-md-4">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Continue" %}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
{% endif %}
<div class="panel panel-default">
<div class="panel-heading" role="tab" id="headingOne">
<h4 class="panel-title">
<a data-toggle="collapse" href="#registrationForm" data-parent="#login_accordion">
{% trans "I want to create a permanent account" %}
</a>
</h4>
</div>
<div id="registrationForm" class="panel-collapse collapsed
{% if request.POST.form == 'registration' %}in{% endif %}">
<div class="panel-body">
<form class="form-horizontal" method="post">
{% csrf_token %}
{% bootstrap_form_errors registration_form type='all' layout='inline' %}
{% bootstrap_field registration_form.email layout="horizontal" %}
{% bootstrap_field registration_form.password layout="horizontal" %}
{% bootstrap_field registration_form.password_repeat layout="horizontal" %}
<input type="hidden" name="form" value="registration" />
<div class="form-group">
<div class="submit-group col-md-offset-3 col-md-4">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Register" %}
</button>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
{% endblock %}

8
src/pretix/presale/templates/pretixpresale/event/order.html
View File

@@ -27,7 +27,7 @@
</div>
<div class="panel-body">
{% if can_retry %}
<a href="{% url "presale:event.order.pay" organizer=request.event.organizer.slug event=request.event.slug order=order.code %}"
<a href="{% url "presale:event.order.pay" organizer=request.event.organizer.slug event=request.event.slug secret=order.secret order=order.code %}"
class="btn btn-primary pull-right"><i class="fa fa-money"></i> {% trans "Complete payment" %}</a>
{% endif %}
{{ payment }}
@@ -52,7 +52,7 @@
{% endblocktrans %}
</p>
{% for b in download_buttons %}
<a href="{% url "presale:event.order.download" organizer=request.event.organizer.slug event=request.event.slug order=order.code output=b.identifier %}"
<a href="{% url "presale:event.order.download" organizer=request.event.organizer.slug event=request.event.slug secret=order.secret order=order.code output=b.identifier %}"
class="btn btn-primary">
<span class="fa {{ b.icon }}"></span> {{ b.text }}
</a>
@@ -69,7 +69,7 @@
<div class="panel-heading">
{% if order.can_modify_answers %}
<div class="pull-right">
<a href="{% url "presale:event.order.modify" organizer=request.event.organizer.slug event=request.event.slug order=order.code %}">
<a href="{% url "presale:event.order.modify" organizer=request.event.organizer.slug event=request.event.slug secret=order.secret order=order.code %}">
<span class="fa fa-edit"></span>
{% trans "Change details" %}
</a>
@@ -87,7 +87,7 @@
<div class="row">
<div class="col-md-12 text-right">
<p>
<a href="{% url 'presale:event.order.cancel' event=request.event.slug organizer=request.event.organizer.slug order=order.code %}"
<a href="{% url 'presale:event.order.cancel' event=request.event.slug organizer=request.event.organizer.slug secret=order.secret order=order.code %}"
class="btn btn-danger">
<span class="fa fa-remove"></span>
{% trans "Cancel order" %}

2
src/pretix/presale/templates/pretixpresale/event/order_cancel.html
View File

@@ -16,7 +16,7 @@
<div class="row checkout-button-row">
<div class="col-md-4">
<a class="btn btn-block btn-default btn-lg"
href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug order=order.code %}">
href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug secret=order.secret order=order.code %}">
{% trans "No, take me back" %}
</a>
</div>

2
src/pretix/presale/templates/pretixpresale/event/order_pay.html
View File

@@ -16,7 +16,7 @@
<div class="row checkout-button-row">
<div class="col-md-4">
<a class="btn btn-block btn-default btn-lg"
href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug order=order.code %}">
href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug secret=order.secret order=order.code %}">
{% trans "Cancel" %}
</a>
</div>

2
src/pretix/presale/templates/pretixpresale/event/order_pay_confirm.html
View File

@@ -27,7 +27,7 @@
<div class="row checkout-button-row">
<div class="col-md-4">
<a class="btn btn-block btn-default btn-lg"
href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug order=order.code %}">
href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug secret=order.secret order=order.code %}">
{% trans "Cancel" %}
</a>
</div>

43
src/pretix/presale/templates/pretixpresale/event/orders.html
View File

@@ -1,43 +0,0 @@
{% extends "pretixpresale/event/base.html" %}
{% load i18n %}
{% block title %}{% trans "Your orders" %}{% endblock %}
{% block content %}
<h2>{% trans "Your orders" %}</h2>
<div class="table-responsive">
<table class="table">
<thead>
<th>{% trans "Order code" %}</th>
<th>{% trans "Date" %}</th>
<th>{% trans "Total" %}</th>
<th>{% trans "Status" %}</th>
<th></th>
</thead>
<tbody>
{% for order in orders %}
<tr>
<td><a href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug order=order.code %}">
<strong>{{ order.code }}</strong></td>
<td>{{ order.datetime|date:"SHORT_DATE_FORMAT" }}</td>
<td>{{ event.currency }} {{ order.total|floatformat:2 }}</td>
<td>{% include "pretixpresale/event/fragment_order_status.html" with order=order %}</td>
<td><a href="{% url "presale:event.order" event=request.event.slug organizer=request.event.organizer.slug order=order.code %}">
{% trans "View details" %}
</a></td>
</tr>
{% empty %}
<tr>
<td colspan="5">
<em>{% trans "You did not yet place any orders." %}</em>
</td>
</tr>
{% endfor %}
</tbody>
</table>
</div>
<a href="{% url "presale:event.index" event=request.event.slug organizer=request.event.organizer.slug %}"
class="btn btn-primary btn-lg">
<span class="fa fa-plus"></span>
{% trans "Place new order" %}
</a>
{% endblock %}

21
src/pretix/presale/templates/pretixpresale/event/recover.html
View File

@@ -1,21 +0,0 @@
{% extends "pretixpresale/event/base.html" %}
{% load i18n %}
{% load bootstrap3 %}
{% block title %}{% trans "Password recovery" %}{% endblock %}
{% block content %}
<h2>{% trans "Password recovery" %}</h2>
<form class="form-horizontal" method="post">
{% csrf_token %}
{% bootstrap_form_errors form type='all' layout='inline' %}
{% bootstrap_field form.password layout="horizontal" %}
{% bootstrap_field form.password_repeat layout="horizontal" %}
<input type="hidden" name="form" value="login" />
<div class="form-group">
<div class="submit-group col-md-offset-3 col-md-4">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Set new password" %}
</button>
</div>
</div>
</form>
{% endblock %}

23
src/pretix/presale/urls.py
View File

@@ -16,25 +16,22 @@ urlpatterns = [
name='event.checkout.payment'),
url(r'^checkout/confirm$', pretix.presale.views.checkout.OrderConfirm.as_view(),
name='event.checkout.confirm'),
url(r'^order/(?P<order>[^/]+)/$', pretix.presale.views.order.OrderDetails.as_view(),
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/$', pretix.presale.views.order.OrderDetails.as_view(),
name='event.order'),
url(r'^order/(?P<order>[^/]+)/cancel$', pretix.presale.views.order.OrderCancel.as_view(),
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/cancel$',
pretix.presale.views.order.OrderCancel.as_view(),
name='event.order.cancel'),
url(r'^order/(?P<order>[^/]+)/modify$', pretix.presale.views.order.OrderModify.as_view(),
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/modify$',
pretix.presale.views.order.OrderModify.as_view(),
name='event.order.modify'),
url(r'^order/(?P<order>[^/]+)/pay$', pretix.presale.views.order.OrderPay.as_view(),
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/pay$', pretix.presale.views.order.OrderPay.as_view(),
name='event.order.pay'),
url(r'^order/(?P<order>[^/]+)/pay/confirm$', pretix.presale.views.order.OrderPayDo.as_view(),
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/pay/confirm$',
pretix.presale.views.order.OrderPayDo.as_view(),
name='event.order.pay.confirm'),
url(r'^order/(?P<order>[^/]+)/download/(?P<output>[^/]+)$', pretix.presale.views.order.OrderDownload.as_view(),
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/download/(?P<output>[^/]+)$',
pretix.presale.views.order.OrderDownload.as_view(),
name='event.order.download'),
url(r'^login$', pretix.presale.views.event.EventLogin.as_view(), name='event.checkout.login'),
url(r'^forgot$', pretix.presale.views.event.EventForgot.as_view(), name='event.forgot'),
url(r'^forgot/recover$', pretix.presale.views.event.EventRecover.as_view(), name='event.forgot.recover'),
url(r'^logout$', pretix.presale.views.event.EventLogout.as_view(), name='event.logout'),
url(r'^orders$', pretix.presale.views.event.EventOrders.as_view(), name='event.orders'),
url(r'^account$', pretix.presale.views.event.EventAccount.as_view(), name='event.account'),
url(r'^account/settings$', pretix.presale.views.event.EventAccountSettings.as_view(), name='event.account.settings'),
])),
url(r'^locale/set$', pretix.presale.views.locale.LocaleSet.as_view(), name='locale.set'),
]

31
src/pretix/presale/views/__init__.py
View File

@@ -22,20 +22,7 @@ def login_required(view_func):
'event': request.event.slug,
}), 'next'
)
return _wrapped_view
def login_or_guest_required(view_func):
def _wrapped_view(request, *args, **kwargs):
if request.user.is_authenticated() or 'guest_email' in request.session:
return view_func(request, *args, **kwargs)
path = request.path
return redirect_to_login(
path, reverse('presale:event.checkout.login', kwargs={
'organizer': request.event.organizer.slug,
'event': request.event.slug,
}) + '?guest=1', 'next'
)
return _wrapped_view
@@ -46,28 +33,14 @@ class LoginRequiredMixin:
return login_required(view)
class LoginOrGuestRequiredMixin:
@classmethod
def as_view(cls, **initkwargs):
view = super().as_view(**initkwargs)
return login_or_guest_required(view)
def user_cart_q(request):
if request.user.is_authenticated():
return Q(Q(user=request.user) | Q(session=request.session.session_key))
return Q(Q(user__isnull=True) & Q(session=request.session.session_key))
class CartDisplayMixin:
@cached_property
def positions(self):
"""
A list of this users cart position
"""
return list(CartPosition.objects.current.filter(
user_cart_q(self.request) & Q(event=self.request.event)
session=self.request.session.session_key, event=self.request.event
).order_by(
'item', 'variation'
).select_related(
@@ -79,7 +52,7 @@ class CartDisplayMixin:
def get_cart(self, answers=False, queryset=None, payment_fee=None):
queryset = queryset or CartPosition.objects.current.filter(
user_cart_q(self.request) & Q(event=self.request.event)
session=self.request.session.session_key, event=self.request.event
)
prefetch = ['variation__values', 'variation__values__prop']

30
src/pretix/presale/views/cart.py
View File

@@ -1,24 +1,16 @@
import json
from datetime import timedelta
from django.contrib import messages
from django.contrib.auth.views import redirect_to_login
from django.core.urlresolvers import reverse
from django.db.models import Q
from django.shortcuts import redirect
from django.utils.timezone import now
from django.utils.translation import ugettext_lazy as _
from django.views.generic import View
from pretix.base.models import (
CartPosition, EventLock, Item, ItemVariation, Quota,
)
from pretix.base.services.cart import (
CartError, add_items_to_cart, remove_items_from_cart,
)
from pretix.presale.views import (
EventViewMixin, LoginOrGuestRequiredMixin, user_cart_q,
)
from pretix.presale.views import EventViewMixin
class CartActionMixin:
@@ -67,15 +59,14 @@ class CartActionMixin:
return items
class CartRemove(EventViewMixin, CartActionMixin, LoginOrGuestRequiredMixin, View):
class CartRemove(EventViewMixin, CartActionMixin, View):
def post(self, *args, **kwargs):
items = self._items_from_post_data()
if not items:
return redirect(self.get_failure_url())
remove_items_from_cart(self.request.event.identity, items, self.request.user.id,
self.request.session.session_key)
remove_items_from_cart(self.request.event.identity, items, self.request.session.session_key)
messages.success(self.request, _('Your cart has been updated.'))
return redirect(self.get_success_url())
@@ -87,24 +78,11 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
def post(self, request, *args, **kwargs):
items = self._items_from_post_data()
# We do not use LoginRequiredMixin here, as we want to store stuff into the
# session before redirecting to login
if not request.user.is_authenticated() and 'guest_email' not in request.session:
request.session['cart_tmp'] = json.dumps(items)
return redirect_to_login(
self.get_success_url(), reverse('presale:event.checkout.login', kwargs={
'organizer': request.event.organizer.slug,
'event': request.event.slug,
}) + '?guest=1', 'next'
)
return self.process(items)
def process(self, items):
try:
add_items_to_cart(self.request.event.identity, items, self.request.user.id,
self.request.session.session_key)
add_items_to_cart(self.request.event.identity, items, self.request.session.session_key)
messages.success(self.request, _('The products have been successfully added to your cart.'))
return redirect(self.get_success_url())
except CartError as e:

21
src/pretix/presale/views/checkout.py
View File

@@ -12,9 +12,7 @@ from pretix.base.models import CartPosition, OrderPosition, QuestionAnswer
from pretix.base.services.orders import OrderError, perform_order
from pretix.base.signals import register_payment_providers
from pretix.presale.forms.checkout import QuestionsForm
from pretix.presale.views import (
CartDisplayMixin, EventViewMixin, LoginOrGuestRequiredMixin, user_cart_q,
)
from pretix.presale.views import CartDisplayMixin, EventViewMixin
class CheckoutView(TemplateView):
@@ -43,12 +41,13 @@ class CheckoutView(TemplateView):
'organizer': self.request.event.organizer.slug
})
def get_order_url(self, order, add_secret):
def get_order_url(self, order):
return reverse('presale:event.order', kwargs={
'event': self.request.event.slug,
'organizer': self.request.event.organizer.slug,
'order': order.code,
}) + '?thanks=yes' + ('&order_secret=' + order.secret if add_secret else '')
'secret': order.secret
}) + '?thanks=yes'
class QuestionsViewMixin:
@@ -108,8 +107,7 @@ class QuestionsViewMixin:
return not failed
class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
QuestionsViewMixin, CheckoutView):
class CheckoutStart(EventViewMixin, CartDisplayMixin, QuestionsViewMixin, CheckoutView):
template_name = "pretixpresale/event/checkout_questions.html"
def post(self, *args, **kwargs):
@@ -140,13 +138,13 @@ class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
return ctx
class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin, CheckoutView):
class PaymentDetails(EventViewMixin, CartDisplayMixin, CheckoutView):
template_name = "pretixpresale/event/checkout_payment.html"
@cached_property
def _total_order_value(self):
return CartPosition.objects.current.filter(
user_cart_q(self.request) & Q(event=self.request.event)
Q(session=self.request.session.session_key) & Q(event=self.request.event)
).aggregate(sum=Sum('price'))['sum']
@cached_property
@@ -196,7 +194,7 @@ class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin
return self.get_questions_url() + "?back=true"
class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin, CheckoutView):
class OrderConfirm(EventViewMixin, CartDisplayMixin, CheckoutView):
template_name = "pretixpresale/event/checkout_confirm.html"
def __init__(self, *args, **kwargs):
@@ -259,7 +257,6 @@ class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
def perform_order(self, request: HttpRequest):
try:
order = perform_order(self.request.event, self.payment_provider, self.positions,
user=request.user if request.user.is_authenticated() else None,
email=request.session.get('guest_email', None),
locale=translation.get_language())
except OrderError as e:
@@ -269,7 +266,7 @@ class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
# Message is delivered via GET parameter
# messages.success(request, _('Your order has been placed.'))
resp = self.payment_provider.payment_perform(request, order)
return redirect(resp or self.get_order_url(order, not request.user.is_authenticated()))
return redirect(resp or self.get_order_url(order))
def get_previous_url(self):
if self.payment_provider.identifier != "free":

263
src/pretix/presale/views/event.py
View File

@@ -1,30 +1,7 @@
import json
from django.conf import settings
from django.contrib import messages
from django.contrib.auth import (
authenticate, login, logout, update_session_auth_hash,
)
from django.contrib.auth.tokens import default_token_generator
from django.core.urlresolvers import reverse
from django.db.models import Count
from django.shortcuts import redirect
from django.utils.functional import cached_property
from django.utils.translation import ugettext_lazy as _
from django.views.generic import TemplateView, UpdateView, View
from django.views.generic import TemplateView
from pretix.base.forms.auth import (
LoginForm, PasswordForgotForm, PasswordRecoverForm, RegistrationForm,
)
from pretix.base.forms.user import UserSettingsForm
from pretix.base.models import User
from pretix.base.services.cart import CartError, add_items_to_cart
from pretix.base.services.mail import mail
from pretix.helpers.urls import build_absolute_uri
from pretix.presale.forms.checkout import GuestForm
from pretix.presale.views import (
CartDisplayMixin, EventViewMixin, LoginRequiredMixin,
)
from pretix.presale.views import CartDisplayMixin, EventViewMixin
class EventIndex(EventViewMixin, CartDisplayMixin, TemplateView):
@@ -80,239 +57,3 @@ class EventIndex(EventViewMixin, CartDisplayMixin, TemplateView):
context['cart'] = self.get_cart()
return context
class EventLogin(EventViewMixin, TemplateView):
template_name = 'pretixpresale/event/login.html'
def redirect_to_next(self):
if 'cart_tmp' in self.request.session:
items = json.loads(self.request.session['cart_tmp'])
del self.request.session['cart_tmp']
try:
add_items_to_cart(self.request.event.identity, items, self.request.user.id,
self.request.session.session_key)
messages.success(self.request, _('The products have been successfully added to your cart.'))
except CartError as e:
messages.error(self.request, str(e))
if 'next' in self.request.GET:
return redirect(self.request.GET.get('next'))
else:
return redirect('presale:event.account',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
def get(self, request, *args, **kwargs):
if request.user.is_authenticated():
return self.redirect_to_next()
return super().get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
if request.POST.get('form') == 'login':
form = self.login_form
if form.is_valid() and form.user_cache:
login(request, form.user_cache)
return self.redirect_to_next()
elif request.POST.get('form') == 'guest':
form = self.guest_form
if form.is_valid():
request.session['guest_email'] = form.cleaned_data['email']
return self.redirect_to_next()
elif request.POST.get('form') == 'registration':
form = self.registration_form
if form.is_valid():
user = User.objects.create_user(
form.cleaned_data['email'], form.cleaned_data['password'],
locale=request.LANGUAGE_CODE,
timezone=request.timezone if hasattr(request, 'timezone') else settings.TIME_ZONE
)
user = authenticate(email=user.email, password=form.cleaned_data['password'])
login(request, user)
return self.redirect_to_next()
return super().get(request, *args, **kwargs)
@cached_property
def login_form(self):
return LoginForm(
self.request,
data=self.request.POST if self.request.POST.get('form', '') == 'login' else None
)
@cached_property
def guest_form(self):
return GuestForm(
data=self.request.POST if self.request.POST.get('form', '') == 'guest' else None
)
@cached_property
def registration_form(self):
return RegistrationForm(
data=self.request.POST if self.request.POST.get('form', '') == 'registration' else None
)
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['login_form'] = self.login_form
context['registration_form'] = self.registration_form
context['guest_form'] = self.guest_form
return context
class EventForgot(EventViewMixin, TemplateView):
template_name = 'pretixpresale/event/forgot.html'
def get(self, request, *args, **kwargs):
if request.user.is_authenticated():
return redirect('presale:event.orders',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
return super().get(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
if self.form.is_valid():
user = self.form.cleaned_data['user']
mail(
user.email, _('Password recovery'), 'pretixpresale/email/forgot.txt',
{
'user': user,
'event': self.request.event,
'url': build_absolute_uri('presale:event.forgot.recover', kwargs={
'event': self.request.event.slug,
'organizer': self.request.event.organizer.slug,
}) + '?id=%d&token=%s' % (user.id, default_token_generator.make_token(user)),
},
self.request.event, locale=user.locale
)
messages.success(request, _('We sent you an e-mail containing further instructions.'))
return redirect('presale:event.forgot',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
else:
return self.get(request, *args, **kwargs)
@cached_property
def form(self):
return PasswordForgotForm(
event=self.request.event,
data=self.request.POST if self.request.method == 'POST' else None
)
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['form'] = self.form
return context
class EventRecover(EventViewMixin, TemplateView):
template_name = 'pretixpresale/event/recover.html'
error_messages = {
'invalid': _('You clicked on an invalid link. Please check that you copied the full '
'web address into your address bar. Please note that the link is only valid '
'for three days and that the link can only be used once.'),
'unknownuser': _('We were unable to find the user you requested a new password for.')
}
def get(self, request, *args, **kwargs):
if request.user.is_authenticated():
return redirect('presale:event.orders',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
try:
user = User.objects.get(id=self.request.GET.get('id'))
except User.DoesNotExist:
return self.invalid('unknownuser')
if not default_token_generator.check_token(user, self.request.GET.get('token')):
return self.invalid('invalid')
return super().get(request, *args, **kwargs)
def invalid(self, msg):
messages.error(self.request, self.error_messages[msg])
return redirect('presale:event.forgot',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
def post(self, request, *args, **kwargs):
if self.form.is_valid():
try:
user = User.objects.get(id=self.request.GET.get('id'))
except User.DoesNotExist:
return self.invalid('unknownuser')
if not default_token_generator.check_token(user, self.request.GET.get('token')):
return self.invalid('invalid')
user.set_password(self.form.cleaned_data['password'])
user.save()
messages.success(request, _('You can now login using your new password.'))
return redirect('presale:event.checkout.login',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
else:
return self.get(request, *args, **kwargs)
@cached_property
def form(self):
return PasswordRecoverForm(
data=self.request.POST if self.request.method == 'POST' else None
)
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['form'] = self.form
return context
class EventLogout(EventViewMixin, View):
def get(self, request, *args, **kwargs):
logout(request)
return redirect('presale:event.index',
organizer=self.request.event.organizer.slug,
event=self.request.event.slug)
class EventAccount(LoginRequiredMixin, EventViewMixin, TemplateView):
template_name = 'pretixpresale/event/account.html'
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['orders'] = self.request.user.orders.current.count()
return context
class EventOrders(LoginRequiredMixin, EventViewMixin, TemplateView):
template_name = 'pretixpresale/event/orders.html'
def get_context_data(self, **kwargs):
context = super().get_context_data(**kwargs)
context['orders'] = self.request.user.orders.current.all()
return context
class EventAccountSettings(LoginRequiredMixin, EventViewMixin, UpdateView):
model = User
form_class = UserSettingsForm
template_name = 'pretixpresale/event/account_settings.html'
def get_object(self, queryset=None):
return self.request.user
def get_form_kwargs(self):
kwargs = super().get_form_kwargs()
kwargs['user'] = self.request.user
return kwargs
def form_invalid(self, form):
messages.error(self.request, _('Your changes could not be saved. See below for details.'))
return super().form_invalid(form)
def form_valid(self, form):
messages.success(self.request, _('Your changes have been saved.'))
sup = super().form_valid(form)
update_session_auth_hash(self.request, self.request.user)
return sup
def get_success_url(self):
return reverse('presale:event.account.settings',
kwargs={
'event': self.request.event.slug,
'organizer': self.request.event.organizer.slug,
})

21
src/pretix/presale/views/order.py
View File

@@ -23,10 +23,8 @@ class OrderDetailMixin:
@cached_property
def order(self):
try:
q = Q(Q(secret__isnull=False) & Q(secret__in=self.request.session['order_secrets']))
if self.request.user.is_authenticated():
q |= Q(user=self.request.user)
return Order.objects.current.get(q & Q(event=self.request.event) & Q(code=self.kwargs['order']))
return Order.objects.current.get(secret=self.kwargs['secret'],
event=self.request.event, code=self.kwargs['order'])
except Order.DoesNotExist:
return None
@@ -43,6 +41,7 @@ class OrderDetailMixin:
'event': self.request.event.slug,
'organizer': self.request.event.organizer.slug,
'order': self.order.code,
'secret': self.order.secret
})
@@ -52,7 +51,7 @@ class OrderDetails(EventViewMixin, OrderDetailMixin, CartDisplayMixin, TemplateV
def get(self, request, *args, **kwargs):
self.kwargs = kwargs
if not self.order:
raise Http404(_('Unknown order code or order does belong to another user.'))
raise Http404(_('Unknown order code or not authorized to access this order.'))
return super().get(request, *args, **kwargs)
@cached_property
@@ -104,7 +103,7 @@ class OrderPay(EventViewMixin, OrderDetailMixin, TemplateView):
def dispatch(self, request, *args, **kwargs):
self.request = request
if not self.order:
raise Http404(_('Unknown order code or order does belong to another user.'))
raise Http404(_('Unknown order code or not authorized to access this order.'))
if (self.order.status not in (Order.STATUS_PENDING, Order.STATUS_EXPIRED)
or not self.payment_provider.order_can_retry(self.order)
or not self.payment_provider.is_enabled):
@@ -138,6 +137,7 @@ class OrderPay(EventViewMixin, OrderDetailMixin, TemplateView):
'event': self.request.event.slug,
'organizer': self.request.event.organizer.slug,
'order': self.order.code,
'secret': self.order.secret
})
@@ -147,7 +147,7 @@ class OrderPayDo(EventViewMixin, OrderDetailMixin, TemplateView):
def dispatch(self, request, *args, **kwargs):
self.request = request
if not self.order:
raise Http404(_('Unknown order code or order does belong to another user.'))
raise Http404(_('Unknown order code or not authorized to access this order.'))
if not self.payment_provider.order_can_retry(self.order) or not self.payment_provider.is_enabled:
messages.error(request, _('The payment for this order cannot be continued.'))
return redirect(self.get_order_url())
@@ -178,6 +178,7 @@ class OrderPayDo(EventViewMixin, OrderDetailMixin, TemplateView):
'event': self.request.event.slug,
'organizer': self.request.event.organizer.slug,
'order': self.order.code,
'secret': self.order.secret
})
@@ -210,7 +211,7 @@ class OrderModify(EventViewMixin, OrderDetailMixin, QuestionsViewMixin, Template
self.request = request
self.kwargs = kwargs
if not self.order:
raise Http404(request, _('Unknown order code or order does belong to another user.'))
raise Http404(_('Unknown order code or not authorized to access this order.'))
if not self.order.can_modify_answers:
messages.error(request, _('You cannot modify this order'))
return redirect(self.get_order_url())
@@ -230,7 +231,7 @@ class OrderCancel(EventViewMixin, OrderDetailMixin, TemplateView):
self.request = request
self.kwargs = kwargs
if not self.order:
raise Http404(_('Unknown order code or order does belong to another user.'))
raise Http404(_('Unknown order code or not authorized to access this order.'))
if self.order.status not in (Order.STATUS_PENDING, Order.STATUS_EXPIRED):
messages.error(request, _('You cannot cancel this order'))
return redirect(self.get_order_url())
@@ -265,7 +266,7 @@ class OrderDownload(EventViewMixin, OrderDetailMixin, View):
messages.error(request, _('You requested an invalid ticket output type.'))
return redirect(self.get_order_url())
if not self.order:
raise Http404(_('Unknown order code or order does belong to another user.'))
raise Http404(_('Unknown order code or not authorized to access this order.'))
if self.order.status != Order.STATUS_PAID:
messages.error(request, _('Order is not paid.'))
return redirect(self.get_order_url())