From ac2df35db6eb188ac233c25bb5add9480db0d781 Mon Sep 17 00:00:00 2001
From: Raphael Michel <mail@raphaelmichel.de>
Date: Thu, 17 Oct 2019 15:39:14 +0200
Subject: [PATCH] Allow configuring cross-organizer acceptance

---
 src/pretix/base/models/auth.py                | 19 ++++++++
 .../pretixcontrol/organizers/giftcards.html   | 46 +++++++++++++++++--
 src/pretix/control/views/organizer.py         | 36 +++++++++++++++
 3 files changed, 98 insertions(+), 3 deletions(-)

diff --git a/src/pretix/base/models/auth.py b/src/pretix/base/models/auth.py
index 74c3365f1..fd0faf17e 100644
--- a/src/pretix/base/models/auth.py
+++ b/src/pretix/base/models/auth.py
@@ -335,6 +335,25 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
             | Q(id__in=self.teams.filter(**kwargs).values_list('limit_events__id', flat=True))
         )
 
+    @scopes_disabled()
+    def get_organizers_with_permission(self, permission, request=None):
+        """
+        Returns a queryset of organizers the user has a specific permissions to.
+
+        :param request: The current request (optional). Required to detect staff sessions properly.
+        :return: Iterable of Organizers
+        """
+        from .event import Organizer
+
+        if request and self.has_active_staff_session(request.session.session_key):
+            return Organizer.objects.all()
+
+        kwargs = {permission: True}
+
+        return Organizer.objects.filter(
+            id__in=self.teams.filter(**kwargs).values_list('organizer', flat=True)
+        )
+
     def has_active_staff_session(self, session_key=None):
         """
         Returns whether or not a user has an active staff session (formerly known as superuser session)
diff --git a/src/pretix/control/templates/pretixcontrol/organizers/giftcards.html b/src/pretix/control/templates/pretixcontrol/organizers/giftcards.html
index 34ce6ccf1..449ac5350 100644
--- a/src/pretix/control/templates/pretixcontrol/organizers/giftcards.html
+++ b/src/pretix/control/templates/pretixcontrol/organizers/giftcards.html
@@ -16,7 +16,8 @@
             </p>
 
             <a href="{% url "control:organizer.giftcard.add" organizer=request.organizer.slug %}"
-               class="btn btn-default btn-lg"><i class="fa fa-plus"></i> {% trans "Manually issue a gift card" %}</a>
+                    class="btn btn-default btn-lg"><i class="fa fa-plus"></i> {% trans "Manually issue a gift card" %}
+            </a>
         </div>
     {% else %}
         <form class="row filter-form" action="" method="get">
@@ -34,7 +35,7 @@
         </form>
         <p>
             <a href="{% url "control:organizer.giftcard.add" organizer=request.organizer.slug %}"
-               class="btn btn-default"><i class="fa fa-plus"></i> {% trans "Manually issue a gift card" %}</a>
+                    class="btn btn-default"><i class="fa fa-plus"></i> {% trans "Manually issue a gift card" %}</a>
         </p>
         <div class="table-responsive">
             <table class="table table-condensed table-hover">
@@ -60,7 +61,7 @@
                         </td>
                         <td class="text-right">
                             <a href="{% url "control:organizer.giftcard" organizer=request.organizer.slug giftcard=g.id %}"
-                               class="btn btn-default btn-sm" data-toggle="tooltip" title="{% trans "Details" %}">
+                                    class="btn btn-default btn-sm" data-toggle="tooltip" title="{% trans "Details" %}">
                                 <i class="fa fa-eye"></i>
                             </a>
                         </td>
@@ -71,4 +72,43 @@
         </div>
         {% include "pretixcontrol/pagination.html" %}
     {% endif %}
+    {% if not is_paginated or page_obj.number == 1 %}
+        <form action="" method="post" class="form-inline">
+            {% csrf_token %}
+            <fieldset>
+                <legend>{% trans "Accepted gift cards of other organizers" %}</legend>
+                <p>
+                    {% blocktrans trimmed %}
+                        If you have access to multiple organizer accounts, you can configure that ticket shops in
+                        this account will also accept gift codes issued through a different organizer account, and
+                        vice versa.
+                    {% endblocktrans %}
+                </p>
+                <ul>
+
+                    {% for gca in request.organizer.gift_card_issuer_acceptance.all %}
+                        <li>
+                            <strong>{{ gca.issuer }}</strong>
+                            <button type="submit" name="del" value="{{ gca.issuer.slug }}" class="btn btn-xs btn-danger">
+                                <span class="fa fa-trash"></span>
+                            </button>
+                        </li>
+                    {% empty %}
+                        <li>
+                            <em>{% trans "You are currently not accepting gift cards from other organizers." %}</em>
+                        </li>
+                    {% endfor %}
+                    <li>
+                        <select name="add" class="form-control">
+                            <option></option>
+                            {% for o in other_organizers %}
+                                <option value="{{ o.slug }}">{{ o }}</option>
+                            {% endfor %}
+                        </select>
+                        <button class="btn btn-primary" type="submit"><span class="fa fa-plus"></span></button>
+                    </li>
+                </ul>
+            </fieldset>
+        </form>
+    {% endif %}
 {% endblock %}
diff --git a/src/pretix/control/views/organizer.py b/src/pretix/control/views/organizer.py
index e7bd96f31..ee36624d3 100644
--- a/src/pretix/control/views/organizer.py
+++ b/src/pretix/control/views/organizer.py
@@ -918,9 +918,45 @@ class GiftCardListView(OrganizerDetailViewMixin, OrganizerPermissionRequiredMixi
             qs = self.filter_form.filter_qs(qs)
         return qs
 
+    def post(self, request, *args, **kwargs):
+        if "add" in request.POST:
+            o = self.request.user.get_organizers_with_permission(
+                'can_manage_gift_cards', self.request
+            ).exclude(pk=self.request.organizer.pk).filter(
+                slug=request.POST.get("add")
+            ).first()
+            if o:
+                self.request.organizer.gift_card_issuer_acceptance.get_or_create(
+                    issuer=o
+                )
+                self.request.organizer.log_action(
+                    'pretix.giftcards.acceptance.added',
+                    data={'issuer': o.slug},
+                    user=request.user
+                )
+                messages.success(self.request, _('The selected gift card issuer has been added.'))
+        if "del" in request.POST:
+            o = Organizer.objects.filter(
+                slug=request.POST.get("del")
+            ).first()
+            if o:
+                self.request.organizer.gift_card_issuer_acceptance.filter(
+                    issuer=o
+                ).delete()
+                self.request.organizer.log_action(
+                    'pretix.giftcards.acceptance.removed',
+                    data={'issuer': o.slug},
+                    user=request.user
+                )
+                messages.success(self.request, _('The selected gift card issuer has been removed.'))
+        return redirect(reverse('control:organizer.giftcards', kwargs={'organizer': self.request.organizer.slug}))
+
     def get_context_data(self, **kwargs):
         ctx = super().get_context_data(**kwargs)
         ctx['filter_form'] = self.filter_form
+        ctx['other_organizers'] = self.request.user.get_organizers_with_permission(
+            'can_manage_gift_cards', self.request
+        ).exclude(pk=self.request.organizer.pk)
         return ctx
 
     @cached_property