From cbf4b0f8fe1295648aa1fcae90d0ffa5a779bfc8 Mon Sep 17 00:00:00 2001 From: Raphael Michel Date: Sun, 22 Feb 2026 17:11:05 +0100 Subject: [PATCH] Apply suggestions from code review Co-authored-by: luelista --- doc/development/api/exporter.rst | 4 ++-- .../implementation/permissions.rst | 4 ++-- src/pretix/base/permissions.py | 2 +- src/pretix/base/services/export.py | 2 +- .../pretixcontrol/organizers/team_edit.html | 24 +++++++++++-------- 5 files changed, 20 insertions(+), 16 deletions(-) diff --git a/doc/development/api/exporter.rst b/doc/development/api/exporter.rst index 6bcb24b00..dd0305bf2 100644 --- a/doc/development/api/exporter.rst +++ b/doc/development/api/exporter.rst @@ -94,9 +94,9 @@ The exporter class .. automethod:: get_required_event_permission -On organizer level, by default exporters are expected to handle on a *set of events* and the system will automatically +On organizer level, by default exporters are expected to handle a *set of events* and the system will automatically add a form field that allows the selection of events, limited to events the user has correct permissions for. If this -does not fit your organizer, because it is not related to events, you should **also** inherit from the following class: +does not fit your exporter, because it is not related to events, you should **also** inherit from the following class: .. class:: pretix.base.exporter.OrganizerLevelExportMixin diff --git a/doc/development/implementation/permissions.rst b/doc/development/implementation/permissions.rst index 373251779..ef9218dca 100644 --- a/doc/development/implementation/permissions.rst +++ b/doc/development/implementation/permissions.rst @@ -201,13 +201,13 @@ Adding permissions Plugins can add permissions through the ``register_event_permission_groups`` and ``register_organizer_permission_groups``. We recommend to use this only for very significant permissions, as the system will become less usable with too many -permission levels, also because the team page will show all permission options, even those of disabled plugins. +permission levels, especially since the team page will show all permission options, even those of disabled plugins. To register your permissions, you need to register a **permission group** (often representing an area of functionality or a key model). Below that group, there are **actions**, which represent the actual permissions. Permissions will be generated as ``:``. Then, you need to define **options** which are the valid combinations of the actions that should be possible to select for a team. This two-step mechanism exists to provide a better user experience -and avoid useless combinations like "write but not read". +and avoid impossible combinations like "write but not read". Example:: diff --git a/src/pretix/base/permissions.py b/src/pretix/base/permissions.py index 1c3f074cd..8c3c0b77a 100644 --- a/src/pretix/base/permissions.py +++ b/src/pretix/base/permissions.py @@ -142,7 +142,7 @@ def assert_valid_event_permission(permission, allow_legacy=True, allow_tuple=Tru raise ValueError(f"Not allowed to use legacy permission '{permission}'") all_permissions = get_all_event_permissions() if permission not in all_permissions: - # Warning *and* exception because warning is silently caught when used in if statements in Django templates + # Warning *and* exception because exception is silently caught when used in if statements in Django templates warnings.warn(f"Use of undefined permission '{permission}'") raise Exception(f"Undefined permission '{permission}'") diff --git a/src/pretix/base/services/export.py b/src/pretix/base/services/export.py index 3d1e5047b..b64541c46 100644 --- a/src/pretix/base/services/export.py +++ b/src/pretix/base/services/export.py @@ -205,7 +205,7 @@ def init_event_exporters(event, user=None, token=None, device=None, request=None continue if issubclass(response, OrganizerLevelExportMixin): - raise TypeError("Cannot user organizer-level exporter on event level") + raise TypeError("Cannot use organizer-level exporter on event level") permission_name = response.get_required_event_permission() if not perm_holder.has_event_permission(event.organizer, event, permission_name, request) and not staff_session: diff --git a/src/pretix/control/templates/pretixcontrol/organizers/team_edit.html b/src/pretix/control/templates/pretixcontrol/organizers/team_edit.html index 40693af31..162891bb0 100644 --- a/src/pretix/control/templates/pretixcontrol/organizers/team_edit.html +++ b/src/pretix/control/templates/pretixcontrol/organizers/team_edit.html @@ -24,11 +24,13 @@
{% trans "Organizer permissions" %} {% bootstrap_field form.all_organizer_permissions layout="control" %} -
- {% for f in form.organizer_field_names %} - {% bootstrap_field form|getitem:f layout="control" %} - {% endfor %} -
+
+
+ {% for f in form.organizer_field_names %} + {% bootstrap_field form|getitem:f layout="control" %} + {% endfor %} +
+
{% trans "Event permissions" %} @@ -36,11 +38,13 @@ {% bootstrap_field form.all_events layout="control" %} {% bootstrap_field form.limit_events layout="control" %} {% bootstrap_field form.all_event_permissions layout="control" %} -
- {% for f in form.event_field_names %} - {% bootstrap_field form|getitem:f layout="control" %} - {% endfor %} -
+
+
+ {% for f in form.event_field_names %} + {% bootstrap_field form|getitem:f layout="control" %} + {% endfor %} +
+