CGM_Public/pretix_cgo
1
0
Fork 0
forked from CGM_Public/pretix_original
Code Pull Requests Actions Activity

Allow to access not-yet-live shop on different domain

Browse Source
This commit is contained in:
Raphael Michel
2017-01-05 11:50:10 +01:00
parent f6d8b825d5
commit d3f21353ca
5 changed files with 82 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
src/pretix/presale/urls.py
View File

@@ -51,6 +51,7 @@ event_patterns = [
url(r'^order/(?P<order>[^/]+)/(?P<secret>[A-Za-z0-9]+)/invoice/(?P<invoice>[0-9]+)$',
pretix.presale.views.order.InvoiceDownload.as_view(),
name='event.invoice.download'),
url(r'^auth/$', pretix.presale.views.event.EventAuth.as_view(), name='event.auth'),
url(r'^$', pretix.presale.views.event.EventIndex.as_view(), name='event.index'),
]

19
src/pretix/presale/utils.py
View File

@@ -1,5 +1,7 @@
from importlib import import_module
from urllib.parse import urljoin
from django.conf import settings
from django.core.exceptions import PermissionDenied
from django.core.urlresolvers import resolve
from django.http import Http404
@@ -11,6 +13,8 @@ from pretix.base.models import Event, EventPermission, Organizer
from pretix.multidomain.urlreverse import get_domain
from pretix.presale.signals import process_request, process_response
SessionStore = import_module(settings.SESSION_ENGINE).SessionStore
def _detect_event(request, require_live=True):
url = resolve(request.path_info)
@@ -59,8 +63,19 @@ def _detect_event(request, require_live=True):
LocaleMiddleware().process_request(request)
if require_live and not request.event.live:
if not request.user.is_authenticated or not EventPermission.objects.filter(
event=request.event, user=request.user).exists():
can_access = (
url.url_name == 'event.auth'
or (
request.user.is_authenticated
and EventPermission.objects.filter(event=request.event, user=request.user).exists()
)
)
if not can_access and 'pretix_event_access_{}'.format(request.event.pk) in request.session:
sparent = SessionStore(request.session.get('pretix_event_access_{}'.format(request.event.pk)))
can_access = sparent.exists(request.session.get('pretix_event_access_{}'.format(request.event.pk)))
if not can_access:
raise PermissionDenied(_('The selected ticket shop is currently not available.'))
for receiver, response in process_request.send(request.event, request=request):

35
src/pretix/presale/views/event.py
View File

@@ -1,13 +1,24 @@
import sys
from importlib import import_module
from django.conf import settings
from django.core.exceptions import PermissionDenied
from django.db.models import Count, Prefetch, Q
from django.shortcuts import redirect
from django.utils.decorators import method_decorator
from django.utils.timezone import now
from django.utils.translation import ugettext_lazy as _
from django.views import View
from django.views.decorators.csrf import csrf_exempt
from django.views.generic import TemplateView
from pretix.base.models import ItemVariation
from pretix.multidomain.urlreverse import eventreverse
from . import CartMixin, EventViewMixin
SessionStore = import_module(settings.SESSION_ENGINE).SessionStore
def item_group_by_category(items):
return sorted(
@@ -90,3 +101,27 @@ class EventIndex(EventViewMixin, CartMixin, TemplateView):
context['cart'] = self.get_cart()
context['frontpage_text'] = str(self.request.event.settings.frontpage_text)
return context
class EventAuth(View):
@method_decorator(csrf_exempt)
def dispatch(self, request, *args, **kwargs):
return super().dispatch(request, *args, **kwargs)
def post(self, request, *args, **kwargs):
s = SessionStore(request.POST.get('session'))
try:
data = s.load()
except:
raise PermissionDenied(_('Please go back and try again.'))
parent = data.get('pretix_event_access_{}'.format(request.event.pk))
sparent = SessionStore(parent)
if not sparent.exists(parent):
raise PermissionDenied(_('Please go back and try again.'))
request.session['pretix_event_access_{}'.format(request.event.pk)] = parent
return redirect(eventreverse(request.event, 'presale:event.index'))