* setup vite and integrate fully with django
- vite starts with `python manage.py runserver`
- add templatetags to simply load vite hmr and entry points
- add eslint (recheck rules)
- enable non-strict ts
* better syntax for cors header setting
* migrate checkin rules editor to vue3
- move constants to a module
- move reading from and writing to non-vue html to django interop module
- switch to composition api and script setup sfc with pug
- use optional chaining operators a lot to simplify code
* migrate webcheckin plugin to vite+vue3
- migrate vue sfcs to script setup and pug
- move fetch calls into a api.ts module
- move common formatting and i18n strings into module
* fix migration error
* first draft migrating widget to vue3/vite
* first couple widget e2e tests
courtesy of claude
most of the tests don't work yet
* test file is not actually used
* drop widget_ prefix from e2e test fixtures
* add test for complete widget journey for simple event
* switch timezone in e2e tests to Europe/Berlin
* make dates in e2e tests relative
* migrate widget bugfix #5886
* start testing event series widget
* working vite widget setup for prod (untested), local dev (with or without dev server) and pytests, with flags for running the old version or the vite version
* simplify e2e test iframe check
* less flaky e2e tests
* top level await in iife build mode is not supported, so let's do import.meta.glob instead (we just need the build step not to see await, the code doesn't actually ever get loaded because it's DEV only)
* fix inconsistencies from automatic migration
* Allow gradual rollout of new vite-based widget by adding urls to an allowlist that gets checked against the "Origin" http header of request fetching the widget js
* add e2e tests for widget button, testing empty cart, adding specific items, and subevents
* remove janky claude testts again
* resolve migration TODOs: properly refocus parent on navigations
* use `npm run dev:control` for the vite dev server for admin components
* upgrade npm dependencies
* fix js linter errors
* fix python linter errors
* build all control vue components
* add new js config files to check-manifest ignore
* working prod build
acutal serving of built assets not tested yet
* fix templatetag paths to match what's in the vite mantifest
* add missing quotes around 'unsafe-eval' cors value
* remove now unused old vue2 tooling
* try fixing e2e test ci
* fix flake8 error
* check if vite build artefacts are in the wheel
* add license headers
* remove dom manipilation code necessary for `div.pretix-widget-compat` to work. No longer needed for vue3
* remove superfluous `createElement` calls
They might have been there because of IE, which is no longer relevant
* make widget dev mode parametizable through query params and document the usage and those params
* fix rst syntax
* remove migration todos file
Co-authored-by: luelista <mira@teamwiki.de>
* rearrange dockerfile commands for smaller image, thanks @luelista
* Update .gitignore, adding .vite
Co-authored-by: luelista <mira@teamwiki.de>
* add eslint CI
* make vue dev work in plugins
* fix docker build
* rebuild vite setup to support static prod plugins and dynamic hmr plugin development
* use toml for vite plugin config instead of standalone json file
* Add widget changes from #6047, #6149
* Allow buttons to reuse cart (Z#23226853)
* Always keep cart of buttons with items set
* widget: handle cart if not same-site (#6149)
---------
Co-authored-by: luelista <mira@teamwiki.de>
Co-authored-by: Kara Engelhardt <engelhardt@pretix.eu>
* Subevents: Allow to skip conflicting dates in bulk-creation
* Update src/pretix/control/templates/pretixcontrol/subevents/bulk.html
* Fix overlap calc for consecutive subevents
* Add test for skipping conflicting dates in bulk-creation
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
Co-authored-by: Richard Schreiber <schreiber@rami.io>
Co-authored-by: Kara Engelhardt <engelhardt@pretix.eu>
* Display invoice and tickets inline in browser (Z#23225892)
* Use FileResponse filename for AnswerDownload
* Use inline for PDF-view in pretix-control editor
* use as_attachment for API FileResponses
* do not ignore csp even for disposition=inline
* use as_attachment for file responses in control
* remove unused code
* improve code style
* Invoice preview inline
* do not force download on tickets in backend
* do not force download on AnswerDownload
* imrpove code style
* improve code style
* fix missing int str conversion
* Apply suggestions from code review
Co-authored-by: luelista <mira@teamwiki.de>
---------
Co-authored-by: luelista <mira@teamwiki.de>
This worked accidentally because page_obj.num_pages does not exists (page_obj.paginator.num_pages does) which made url_replace remove the page parameter
* Data model draft
* Refactor query and assignment usages of old permissions
* Backend UI
* API serializer
* Big string replace
* Docs, tests and fixes for teams api
* Update docs for device auth
* Eliminate old names
* Make tests pass
* Use new permissions, remove inconsistencies
* Add test for translations
* Show plugin permissions
* Add permission for seating plans
* Fix plugin activation
* Fix failing test
* Refactor to permission groups
* Update doc/api/resources/devices.rst
Co-authored-by: luelista <weller@rami.io>
* Update doc/api/resources/events.rst
Co-authored-by: luelista <weller@rami.io>
* Update src/pretix/api/serializers/organizer.py
Co-authored-by: luelista <weller@rami.io>
* Fix typo
* Fix python version compat
* Replacement after rebase
* Add proper permission handling for exports
* Docs for exporters
* Runtime linting of permission names
* Fix typos
* Show export page even without orders permission
* More legacy compat
* Do not strongly validate before plugins are loaded
* Rebase migration
* Add permission for outgoing mails
* Review notes
* Update doc/api/resources/teams.rst
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Clean up logic around exporters
* Review and failures
* Fix migration leading to forbidden combination
* Handle permissions on event copying
* Remove print-statements
* Make test clearer
* Review feedback
* Add AnyPermissionOf
* migration safety
---------
Co-authored-by: luelista <weller@rami.io>
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Navigation and dashboard: Hide useless items
If a user has access to *no organizer teams*, hide a number of things
from navigation and dashboard. This happens e.g. if a user only has
permissions in scope of the pretix-resellers or pretix-scheduling
plugins.
* New mechanism
* adds safeguard to prevent empty giftcard transactions on giftcards of value 0.00
* implement giftcard payment via order create
* styling
* let create_transactions() handle all the mailing
* docs
* provide more context for failed transactions
* documentation lectoring
* reject duplicate gift card secrets
* make payment_provider and use_gift_cards exclusive
* handle unknown gift cards
* Apply suggestion from @pajowu
Co-authored-by: pajowu <engelhardt@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/giftcards/payment.html
Co-authored-by: pajowu <engelhardt@pretix.eu>
---------
Co-authored-by: pajowu <engelhardt@pretix.eu>
* add edit view for waitinglist entry
* add test and fix behaviour when name isn't asked for
* fix linting
* add testcases for new edit view
* fix test
* fix linting
* add search to the waitinglist view
* repair settings check
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* make name and phone field optional by removing them
* remove item and variation fields from form
rather set those values during clean
* change label from "Item and Variation" to "Product"
* include only products with an enabled waitinglist in the product field
* combine edit.html and transfer.html
* change transfer to edit
* add tests
* code style
* Update src/pretix/control/forms/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/forms/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/urls.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/waitinglist/edit.html
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/waitinglist/index.html
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* remove validations
* remove validations
* replace widget
* implement small review items
* add better assertions
* add test for the different edit form variations
* add queryset to prefetch only active ItemVariations
* add queryset to prefetch only active ItemVariations
* propper use of WrappedPhoneNumberPrefixWidget
* cleanup
* add validation tests
* small review changes
* handle products with only inactive variations
* styling
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* reduce default RecentAuthenticationRequiredMixin timeout to 15 min
* never cache pages with RecentAuthenticationRequiredMixin
* show emergency codes only once after generating
* Tax rounding: Allow to apply only for B2B (Z#23220106)
Most effective in combination with #5807
* Update src/pretix/base/settings.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Send security notification when recovery code is used or created by admin
"Where to store recovery codes" is one of these problems there is no
right answer to, so many people store them in a less-than-optimal place.
If that's the reality we live in, this PR adds at least a little
security so one notices when they get used :)
* Add sentence
