forked from CGM_Public/pretix_original
Compare commits
1 Commits
invoice-gi
...
addon-matc
| Author | SHA1 | Date | |
|---|---|---|---|
|
ec48c2a373 |
@@ -3155,14 +3155,14 @@ a .fa, a .wy-menu-vertical li span.toctree-expand, .wy-menu-vertical li a span.t
|
||||
vertical-align: -15%
|
||||
}
|
||||
|
||||
.wy-alert, .rst-content .note, .rst-content .attention, .rst-content .caution, .rst-content .danger, .rst-content .error, .rst-content .hint, .rst-content .important, .rst-content .tip, .rst-content .warning, .rst-content .seealso, .rst-content .admonition-todo, .rst-content div.deprecated {
|
||||
.wy-alert, .rst-content .note, .rst-content .attention, .rst-content .caution, .rst-content .danger, .rst-content .error, .rst-content .hint, .rst-content .important, .rst-content .tip, .rst-content .warning, .rst-content .seealso, .rst-content .admonition-todo {
|
||||
padding: 12px;
|
||||
line-height: 24px;
|
||||
margin-bottom: 24px;
|
||||
background: #e7f2fa
|
||||
}
|
||||
|
||||
.wy-alert-title, .rst-content .admonition-title, .rst-content .deprecated .versionmodified {
|
||||
.wy-alert-title, .rst-content .admonition-title {
|
||||
color: #fff;
|
||||
font-weight: bold;
|
||||
display: block;
|
||||
|
||||
@@ -1,346 +0,0 @@
|
||||
.. spelling:: checkin
|
||||
|
||||
.. _rest-checkin:
|
||||
|
||||
Check-in
|
||||
========
|
||||
|
||||
This page describes special APIs built for ticket scanning apps. For managing check-in configuration or other operations,
|
||||
please also see :ref:`rest-checkinlists`. The check-in list API also contains endpoints to obtain statistics or log
|
||||
failed scans.
|
||||
|
||||
.. versionchanged:: 4.12
|
||||
|
||||
The endpoints listed on this page have been added.
|
||||
|
||||
.. _`rest-checkin-redeem`:
|
||||
|
||||
Checking a ticket in
|
||||
--------------------
|
||||
|
||||
.. http:post:: /api/v1/organizers/(organizer)/checkinrpc/redeem/
|
||||
|
||||
Tries to redeem an order position, i.e. checks the attendee in (or out). This is the recommended endpoint to use
|
||||
if you build any kind of scanning app that performs check-ins for scanned barcodes. It is safe to use with untrusted
|
||||
inputs in the ``secret`` field.
|
||||
|
||||
This endpoint supports passing multiple check-in lists to perform a multi-event scan. However, each check-in list
|
||||
passed needs to be from a distinct event.
|
||||
|
||||
:<json string secret: Scanned QR code corresponding to the ``secret`` attribute of a ticket.
|
||||
:<json array lists: List of check-in list IDs to search on. No two check-in lists may be from the same event.
|
||||
:<json string type: Send ``"exit"`` for an exit and ``"entry"`` (default) for an entry.
|
||||
:<json datetime datetime: Specifies the datetime of the check-in. If not supplied, the current time will be used.
|
||||
:<json boolean force: Specifies that the check-in should succeed regardless of revoked barcode, previous check-ins or required
|
||||
questions that have not been filled. This is usually used to upload offline scans that already happened,
|
||||
because there's no point in validating them since they happened whether they are valid or not. Defaults to ``false``.
|
||||
:<json boolean questions_supported: When this parameter is set to ``true``, handling of questions is supported. If
|
||||
you do not implement question handling in your user interface, you **must**
|
||||
set this to ``false``. In that case, questions will just be ignored. Defaults
|
||||
to ``true``.
|
||||
:<json boolean ignore_unpaid: Specifies that the check-in should succeed even if the order is in pending state.
|
||||
Defaults to ``false`` and only works when ``include_pending`` is set on the check-in
|
||||
list.
|
||||
:<json object answers: If questions are supported/required, you may/must supply a mapping of question IDs to their
|
||||
respective answers. The answers should always be strings. In case of (multiple-)choice-type
|
||||
answers, the string should contain the (comma-separated) IDs of the selected options.
|
||||
:<json string nonce: You can set this parameter to a unique random value to identify this check-in. If you're sending
|
||||
this request twice with the same nonce, the second request will also succeed but will always
|
||||
create only one check-in object even when the previous request was successful as well. This
|
||||
allows for a certain level of idempotency and enables you to re-try after a connection failure.
|
||||
:>json string status: ``"ok"``, ``"incomplete"``, or ``"error"``
|
||||
:>json string reason: Reason code, only set on status ``"error"``, see below for possible values.
|
||||
:>json string reason_explanation: Human-readable explanation, only set on status ``"error"`` and reason ``"rules"``, can be null.
|
||||
:>json object position: Copy of the matching order position (if any was found). The contents are the same as the
|
||||
:ref:`order-position-resource`, with the following differences: (1) The ``checkins`` value
|
||||
will only include check-ins for the selected list. (2) An additional boolean property
|
||||
``require_attention`` will inform you whether either the order or the item have the
|
||||
``checkin_attention`` flag set. (3) If ``attendee_name`` is empty, it may automatically fall
|
||||
back to values from a parent product or from invoice addresses.
|
||||
:>json boolean require_attention: Whether or not the ``require_attention`` flag is set on the item or order.
|
||||
:>json object list: Excerpt of information about the matching :ref:`check-in list <rest-checkinlists>` (if any was found),
|
||||
including the attributes ``id``, ``name``, ``event``, ``subevent``, and ``include_pending``.
|
||||
:>json object questions: List of questions to be answered for check-in, only set on status ``"incomplete"``.
|
||||
|
||||
**Example request**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
POST /api/v1/organizers/bigevents/checkinrpc/redeem/ HTTP/1.1
|
||||
Host: pretix.eu
|
||||
Accept: application/json, text/javascript
|
||||
|
||||
{
|
||||
"secret": "M5BO19XmFwAjLd4nDYUAL9ISjhti0e9q",
|
||||
"lists": [1],
|
||||
"force": false,
|
||||
"ignore_unpaid": false,
|
||||
"nonce": "Pvrk50vUzQd0DhdpNRL4I4OcXsvg70uA",
|
||||
"datetime": null,
|
||||
"questions_supported": true,
|
||||
"answers": {
|
||||
"4": "XS"
|
||||
}
|
||||
}
|
||||
|
||||
**Example successful response**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
HTTP/1.1 201 Created
|
||||
Vary: Accept
|
||||
Content-Type: application/json
|
||||
|
||||
{
|
||||
"status": "ok",
|
||||
"position": {
|
||||
…
|
||||
},
|
||||
"require_attention": false,
|
||||
"list": {
|
||||
"id": 1,
|
||||
"name": "Default check-in list",
|
||||
"event": "sampleconf",
|
||||
"subevent": null,
|
||||
"include_pending": false
|
||||
}
|
||||
}
|
||||
|
||||
**Example response with required questions**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
HTTP/1.1 400 Bad Request
|
||||
Content-Type: text/json
|
||||
|
||||
{
|
||||
"status": "incomplete",
|
||||
"position": {
|
||||
…
|
||||
},
|
||||
"require_attention": false,
|
||||
"list": {
|
||||
"id": 1,
|
||||
"name": "Default check-in list",
|
||||
"event": "sampleconf",
|
||||
"subevent": null,
|
||||
"include_pending": false
|
||||
},
|
||||
"questions": [
|
||||
{
|
||||
"id": 1,
|
||||
"question": {"en": "T-Shirt size"},
|
||||
"type": "C",
|
||||
"required": false,
|
||||
"items": [1, 2],
|
||||
"position": 1,
|
||||
"identifier": "WY3TP9SL",
|
||||
"ask_during_checkin": true,
|
||||
"options": [
|
||||
{
|
||||
"id": 1,
|
||||
"identifier": "LVETRWVU",
|
||||
"position": 0,
|
||||
"answer": {"en": "S"}
|
||||
},
|
||||
{
|
||||
"id": 2,
|
||||
"identifier": "DFEMJWMJ",
|
||||
"position": 1,
|
||||
"answer": {"en": "M"}
|
||||
},
|
||||
{
|
||||
"id": 3,
|
||||
"identifier": "W9AH7RDE",
|
||||
"position": 2,
|
||||
"answer": {"en": "L"}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
**Example error response (invalid ticket)**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
HTTP/1.1 404 Not Found
|
||||
Content-Type: text/json
|
||||
|
||||
{
|
||||
"detail": "Not found.",
|
||||
"status": "error",
|
||||
"reason": "invalid",
|
||||
"reason_explanation": null,
|
||||
"require_attention": false
|
||||
}
|
||||
|
||||
**Example error response (known, but invalid ticket)**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
HTTP/1.1 200 OK
|
||||
Content-Type: text/json
|
||||
|
||||
{
|
||||
"status": "error",
|
||||
"reason": "unpaid",
|
||||
"reason_explanation": null,
|
||||
"require_attention": false,
|
||||
"list": {
|
||||
"id": 1,
|
||||
"name": "Default check-in list",
|
||||
"event": "sampleconf",
|
||||
"subevent": null,
|
||||
"include_pending": false
|
||||
},
|
||||
"position": {
|
||||
…
|
||||
}
|
||||
}
|
||||
|
||||
Possible error reasons:
|
||||
|
||||
* ``invalid`` - Ticket is not known.
|
||||
* ``unpaid`` - Ticket is not paid for.
|
||||
* ``canceled`` – Ticket is canceled or expired.
|
||||
* ``already_redeemed`` - Ticket already has been redeemed.
|
||||
* ``product`` - Tickets with this product may not be scanned at this device.
|
||||
* ``rules`` - Check-in prevented by a user-defined rule.
|
||||
* ``ambiguous`` - Multiple tickets match scan, rejected.
|
||||
* ``revoked`` - Ticket code has been revoked.
|
||||
* ``error`` - Internal error.
|
||||
|
||||
In case of reason ``rules``, there might be an additional response field ``reason_explanation`` with a human-readable
|
||||
description of the violated rules. However, that field can also be missing or be ``null``.
|
||||
|
||||
:param organizer: The ``slug`` field of the organizer to fetch
|
||||
:statuscode 201: no error
|
||||
:statuscode 400: Invalid or incomplete request, see above
|
||||
:statuscode 401: Authentication failure
|
||||
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
|
||||
:statuscode 404: The requested order position does not exist.
|
||||
|
||||
Performing a ticket search
|
||||
--------------------------
|
||||
|
||||
.. http:get:: /api/v1/organizers/(organizer)/checkinrpc/search/
|
||||
|
||||
Returns a list of all order positions matching a given search request. The result is the same as
|
||||
the :ref:`order-position-resource`, with the following differences:
|
||||
|
||||
* The ``checkins`` value will only include check-ins for the selected list.
|
||||
|
||||
* An additional boolean property ``require_attention`` will inform you whether either the order or the item
|
||||
have the ``checkin_attention`` flag set.
|
||||
|
||||
* If ``attendee_name`` is empty, it will automatically fall back to values from a parent product or from invoice
|
||||
addresses.
|
||||
|
||||
This endpoint supports passing multiple check-in lists to perform a multi-event search. However, each check-in list
|
||||
passed needs to be from a distinct event.
|
||||
|
||||
**Example request**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
GET /api/v1/organizers/bigevents/checkinrpc/search/?list=1&search=Peter HTTP/1.1
|
||||
Host: pretix.eu
|
||||
Accept: application/json, text/javascript
|
||||
|
||||
**Example response**:
|
||||
|
||||
.. sourcecode:: http
|
||||
|
||||
HTTP/1.1 200 OK
|
||||
Vary: Accept
|
||||
Content-Type: application/json
|
||||
|
||||
{
|
||||
"count": 1,
|
||||
"next": null,
|
||||
"previous": null,
|
||||
"results": [
|
||||
{
|
||||
"id": 23442,
|
||||
"order": "ABC12",
|
||||
"positionid": 1,
|
||||
"item": 1345,
|
||||
"variation": null,
|
||||
"price": "23.00",
|
||||
"attendee_name": "Peter",
|
||||
"attendee_name_parts": {
|
||||
"full_name": "Peter",
|
||||
},
|
||||
"attendee_email": null,
|
||||
"voucher": null,
|
||||
"tax_rate": "0.00",
|
||||
"tax_rule": null,
|
||||
"tax_value": "0.00",
|
||||
"secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
|
||||
"addon_to": null,
|
||||
"subevent": null,
|
||||
"pseudonymization_id": "MQLJvANO3B",
|
||||
"seat": null,
|
||||
"checkins": [
|
||||
{
|
||||
"list": 1,
|
||||
"type": "entry",
|
||||
"gate": null,
|
||||
"device": 2,
|
||||
"datetime": "2017-12-25T12:45:23Z",
|
||||
"auto_checked_in": true
|
||||
}
|
||||
],
|
||||
"answers": [
|
||||
{
|
||||
"question": 12,
|
||||
"answer": "Foo",
|
||||
"options": []
|
||||
}
|
||||
],
|
||||
"downloads": [
|
||||
{
|
||||
"output": "pdf",
|
||||
"url": "https://pretix.eu/api/v1/organizers/bigevents/events/sampleconf/orderpositions/23442/download/pdf/"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
:query string search: Fuzzy search matching the attendee name, order code, invoice address name as well as to the beginning of the secret.
|
||||
:query integer list: The check-in list to search on, can be passed multiple times.
|
||||
:query integer page: The page number in case of a multi-page result set, default is 1
|
||||
:query string ignore_status: If set to ``true``, results will be returned regardless of the state of
|
||||
the order they belong to and you will need to do your own filtering by order status.
|
||||
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``order__code``,
|
||||
``order__datetime``, ``positionid``, ``attendee_name``, ``last_checked_in`` and ``order__email``. Default:
|
||||
``attendee_name,positionid``
|
||||
:query string order: Only return positions of the order with the given order code
|
||||
:query string search: Fuzzy search matching the attendee name, order code, invoice address name as well as to the beginning of the secret.
|
||||
:query string expand: Expand a field into a full object. Currently only ``subevent``, ``item``, and ``variation`` are supported. Can be passed multiple times.
|
||||
:query integer item: Only return positions with the purchased item matching the given ID.
|
||||
:query integer item__in: Only return positions with the purchased item matching one of the given comma-separated IDs.
|
||||
:query integer variation: Only return positions with the purchased item variation matching the given ID.
|
||||
:query integer variation__in: Only return positions with one of the purchased item variation matching the given
|
||||
comma-separated IDs.
|
||||
:query string attendee_name: Only return positions with the given value in the attendee_name field. Also, add-on
|
||||
products positions are shown if they refer to an attendee with the given name.
|
||||
:query string secret: Only return positions with the given ticket secret.
|
||||
:query string order__status: Only return positions with the given order status.
|
||||
:query string order__status__in: Only return positions with one the given comma-separated order status.
|
||||
:query boolean has_checkin: If set to ``true`` or ``false``, only return positions that have or have not been
|
||||
checked in already.
|
||||
:query integer subevent: Only return positions of the sub-event with the given ID
|
||||
:query integer subevent__in: Only return positions of one of the sub-events with the given comma-separated IDs
|
||||
:query integer addon_to: Only return positions that are add-ons to the position with the given ID.
|
||||
:query integer addon_to__in: Only return positions that are add-ons to one of the positions with the given
|
||||
comma-separated IDs.
|
||||
:query string voucher: Only return positions with a specific voucher.
|
||||
:query string voucher__code: Only return positions with a specific voucher code.
|
||||
:param organizer: The ``slug`` field of the organizer to fetch
|
||||
:statuscode 200: no error
|
||||
:statuscode 401: Authentication failure
|
||||
:statuscode 403: The requested organizer or check-in list does not exist **or** you have no permission to view this resource.
|
||||
:statuscode 404: The requested check-in list does not exist.
|
||||
@@ -1,7 +1,5 @@
|
||||
.. spelling:: checkin
|
||||
|
||||
.. _rest-checkinlists:
|
||||
|
||||
Check-in lists
|
||||
==============
|
||||
|
||||
@@ -427,9 +425,6 @@ Order position endpoints
|
||||
* If ``attendee_name`` is empty, it will automatically fall back to values from a parent product or from invoice
|
||||
addresses.
|
||||
|
||||
You can use this endpoint to implement a ticket search. We also provide a dedicated search input as part of our
|
||||
:ref:`check-in API <rest-checkin>` that supports search across multiple events.
|
||||
|
||||
**Example request**:
|
||||
|
||||
.. sourcecode:: http
|
||||
@@ -619,6 +614,8 @@ Order position endpoints
|
||||
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
|
||||
:statuscode 404: The requested order position or check-in list does not exist.
|
||||
|
||||
.. _`rest-checkin-redeem`:
|
||||
|
||||
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/(id)/redeem/
|
||||
|
||||
Tries to redeem an order position, identified by its internal ID, i.e. checks the attendee in. This endpoint
|
||||
@@ -627,12 +624,6 @@ Order position endpoints
|
||||
**Tip:** Instead of an ID, you can also use the ``secret`` field as the lookup parameter. In this case, you should
|
||||
always set ``untrusted_input=true`` as a query parameter to avoid security issues.
|
||||
|
||||
.. note::
|
||||
|
||||
We no longer recommend using this API if you're building a ticket scanning application, as it has a few design
|
||||
flaws that can lead to `security issues`_ or compatibility issues due to barcode content characters that are not
|
||||
URL-safe. We recommend to use our new :ref:`check-in API <rest-checkin>` instead.
|
||||
|
||||
:query boolean untrusted_input: If set to true, the lookup parameter is **always** interpreted as a ``secret``, never
|
||||
as an ``id``. This should be always set if you are passing through untrusted, scanned
|
||||
data to avoid guessing of ticket IDs.
|
||||
@@ -756,15 +747,13 @@ Order position endpoints
|
||||
|
||||
Possible error reasons:
|
||||
|
||||
* ``invalid`` - Ticket code not known.
|
||||
* ``unpaid`` - Ticket is not paid for.
|
||||
* ``canceled`` – Ticket is canceled or expired. This reason is only sent when your request sets.
|
||||
* ``unpaid`` - Ticket is not paid for
|
||||
* ``canceled`` – Ticket is canceled or expired. This reason is only sent when your request sets
|
||||
``canceled_supported`` to ``true``, otherwise these orders return ``unpaid``.
|
||||
* ``already_redeemed`` - Ticket already has been redeemed.
|
||||
* ``product`` - Tickets with this product may not be scanned at this device.
|
||||
* ``rules`` - Check-in prevented by a user-defined rule.
|
||||
* ``ambiguous`` - Multiple tickets match scan, rejected.
|
||||
* ``revoked`` - Ticket code has been revoked.
|
||||
* ``already_redeemed`` - Ticket already has been redeemed
|
||||
* ``product`` - Tickets with this product may not be scanned at this device
|
||||
* ``rules`` - Check-in prevented by a user-defined rule
|
||||
* ``ambiguous`` - Multiple tickets match scan, rejected
|
||||
|
||||
In case of reason ``rules``, there might be an additional response field ``reason_explanation`` with a human-readable
|
||||
description of the violated rules. However, that field can also be missing or be ``null``.
|
||||
@@ -778,6 +767,3 @@ Order position endpoints
|
||||
:statuscode 401: Authentication failure
|
||||
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
|
||||
:statuscode 404: The requested order position or check-in list does not exist.
|
||||
|
||||
|
||||
.. _security issues: https://pretix.eu/about/de/blog/20220705-release-4111/
|
||||
@@ -131,9 +131,7 @@ Endpoints
|
||||
|
||||
.. http:post:: /api/v1/organizers/(organizer)/customers/
|
||||
|
||||
Creates a new customer. In addition to the fields defined on the resource, you can pass the field ``send_email``
|
||||
to control whether the system should send an account activation email with a password reset link (defaults to
|
||||
``false``).
|
||||
Creates a new customer
|
||||
|
||||
**Example request**:
|
||||
|
||||
@@ -145,8 +143,7 @@ Endpoints
|
||||
Content-Type: application/json
|
||||
|
||||
{
|
||||
"email": "test@example.org",
|
||||
"send_email": true
|
||||
"email": "test@example.org"
|
||||
}
|
||||
|
||||
**Example response**:
|
||||
@@ -176,8 +173,8 @@ Endpoints
|
||||
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
|
||||
want to change.
|
||||
|
||||
You can change all fields of the resource except the ``identifier``, ``last_login``, ``date_joined``,
|
||||
``name`` (which is auto-generated from ``name_parts``), and ``last_modified`` fields.
|
||||
You can change all fields of the resource except the ``identifier``, ``last_login``, ``date_joined``, ``name``,
|
||||
and ``last_modified`` fields.
|
||||
|
||||
**Example request**:
|
||||
|
||||
|
||||
@@ -25,7 +25,6 @@ at :ref:`plugin-docs`.
|
||||
invoices
|
||||
vouchers
|
||||
discounts
|
||||
checkin
|
||||
checkinlists
|
||||
waitinglist
|
||||
customers
|
||||
|
||||
@@ -89,8 +89,7 @@ Endpoints
|
||||
:query integer page: The page number in case of a multi-page result set, default is 1
|
||||
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``id`` and ``position``.
|
||||
Default: ``position``
|
||||
:query integer subevent: Only return quotas of the sub-event with the given ID.
|
||||
:query integer subevent__in: Only return quotas of sub-events with one the given IDs (comma-separated).
|
||||
:query integer subevent: Only return quotas of the sub-event with the given ID
|
||||
:query string with_availability: Set to ``true`` to get availability information. Can lead to increased answer times.
|
||||
:param organizer: The ``slug`` field of the organizer to fetch
|
||||
:param event: The ``slug`` field of the event to fetch
|
||||
|
||||
@@ -532,7 +532,6 @@ event object Object describi
|
||||
├ imprint_url string URL to legal notice page. If not ``null``, a button in the app should link to this page.
|
||||
├ privacy_url string URL to privacy notice page. If not ``null``, a button in the app should link to this page.
|
||||
├ help_url string URL to help page. If not ``null``, a button in the app should link to this page.
|
||||
├ terms_url string URL to terms of service. If not ``null``, a button in the app should link to this page.
|
||||
├ logo_url string URL to event logo. If not ``null``, this logo may be shown in the app.
|
||||
├ slug string Event short form
|
||||
└ organizer string Organizer short form
|
||||
@@ -568,7 +567,6 @@ scan_types list of objects Only used for a
|
||||
"imprint_url": null,
|
||||
"privacy_url": null,
|
||||
"help_url": null,
|
||||
"terms_url": null,
|
||||
"logo_url": null,
|
||||
"organizer": "sampleconf"
|
||||
},
|
||||
|
||||
@@ -19,4 +19,4 @@
|
||||
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
__version__ = "4.12.0.dev1"
|
||||
__version__ = "4.12.0.dev0"
|
||||
|
||||
@@ -68,8 +68,6 @@ class PretixScanSecurityProfile(AllowListSecurityProfile):
|
||||
('GET', 'api-v1:orderposition-pdf_image'),
|
||||
('GET', 'api-v1:event.settings'),
|
||||
('POST', 'api-v1:upload'),
|
||||
('POST', 'api-v1:checkinrpc.redeem'),
|
||||
('GET', 'api-v1:checkinrpc.search'),
|
||||
)
|
||||
|
||||
|
||||
@@ -100,8 +98,6 @@ class PretixScanNoSyncNoSearchSecurityProfile(AllowListSecurityProfile):
|
||||
('GET', 'api-v1:orderposition-pdf_image'),
|
||||
('GET', 'api-v1:event.settings'),
|
||||
('POST', 'api-v1:upload'),
|
||||
('POST', 'api-v1:checkinrpc.redeem'),
|
||||
('GET', 'api-v1:checkinrpc.search'),
|
||||
)
|
||||
|
||||
|
||||
@@ -133,8 +129,6 @@ class PretixScanNoSyncSecurityProfile(AllowListSecurityProfile):
|
||||
('GET', 'api-v1:orderposition-pdf_image'),
|
||||
('GET', 'api-v1:event.settings'),
|
||||
('POST', 'api-v1:upload'),
|
||||
('POST', 'api-v1:checkinrpc.redeem'),
|
||||
('GET', 'api-v1:checkinrpc.search'),
|
||||
)
|
||||
|
||||
|
||||
@@ -200,8 +194,6 @@ class PretixPosSecurityProfile(AllowListSecurityProfile):
|
||||
('GET', 'plugins:pretix_seating:event.plan'),
|
||||
('GET', 'plugins:pretix_seating:selection.simple'),
|
||||
('POST', 'api-v1:upload'),
|
||||
('POST', 'api-v1:checkinrpc.redeem'),
|
||||
('GET', 'api-v1:checkinrpc.search'),
|
||||
)
|
||||
|
||||
|
||||
|
||||
@@ -26,7 +26,7 @@ from rest_framework.exceptions import ValidationError
|
||||
from pretix.api.serializers.event import SubEventSerializer
|
||||
from pretix.api.serializers.i18n import I18nAwareModelSerializer
|
||||
from pretix.base.channels import get_all_sales_channels
|
||||
from pretix.base.models import Checkin, CheckinList
|
||||
from pretix.base.models import CheckinList
|
||||
|
||||
|
||||
class CheckinListSerializer(I18nAwareModelSerializer):
|
||||
@@ -78,31 +78,3 @@ class CheckinListSerializer(I18nAwareModelSerializer):
|
||||
CheckinList.validate_rules(data.get('rules'))
|
||||
|
||||
return data
|
||||
|
||||
|
||||
class CheckinRPCRedeemInputSerializer(serializers.Serializer):
|
||||
lists = serializers.PrimaryKeyRelatedField(required=True, many=True, queryset=CheckinList.objects.none())
|
||||
secret = serializers.CharField(required=True, allow_null=False)
|
||||
force = serializers.BooleanField(default=False, required=False)
|
||||
type = serializers.ChoiceField(choices=Checkin.CHECKIN_TYPES, default=Checkin.TYPE_ENTRY)
|
||||
ignore_unpaid = serializers.BooleanField(default=False, required=False)
|
||||
questions_supported = serializers.BooleanField(default=True, required=False)
|
||||
nonce = serializers.CharField(required=False, allow_null=True)
|
||||
datetime = serializers.DateTimeField(required=False, allow_null=True)
|
||||
answers = serializers.JSONField(required=False, allow_null=True)
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
self.fields['lists'].child_relation.queryset = CheckinList.objects.filter(event__in=self.context['events']).select_related('event')
|
||||
|
||||
|
||||
class MiniCheckinListSerializer(I18nAwareModelSerializer):
|
||||
event = serializers.SlugRelatedField(slug_field='slug', read_only=True)
|
||||
subevent = serializers.PrimaryKeyRelatedField(read_only=True)
|
||||
|
||||
class Meta:
|
||||
model = CheckinList
|
||||
fields = ('id', 'name', 'event', 'subevent', 'include_pending')
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
|
||||
@@ -184,9 +184,8 @@ class ItemSerializer(I18nAwareModelSerializer):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
if not self.read_only:
|
||||
self.fields['require_membership_types'].queryset = self.context['event'].organizer.membership_types.all()
|
||||
self.fields['grant_membership_type'].queryset = self.context['event'].organizer.membership_types.all()
|
||||
self.fields['require_membership_types'].queryset = self.context['event'].organizer.membership_types.all()
|
||||
self.fields['grant_membership_type'].queryset = self.context['event'].organizer.membership_types.all()
|
||||
|
||||
def validate(self, data):
|
||||
data = super().validate(data)
|
||||
|
||||
@@ -341,10 +341,10 @@ class PdfDataSerializer(serializers.Field):
|
||||
# we serialize a list.
|
||||
|
||||
if 'vars' not in self.context:
|
||||
self.context['vars'] = get_variables(self.context['event'])
|
||||
self.context['vars'] = get_variables(self.context['request'].event)
|
||||
|
||||
if 'vars_images' not in self.context:
|
||||
self.context['vars_images'] = get_images(self.context['event'])
|
||||
self.context['vars_images'] = get_images(self.context['request'].event)
|
||||
|
||||
for k, f in self.context['vars'].items():
|
||||
try:
|
||||
@@ -422,14 +422,7 @@ class OrderPositionSerializer(I18nAwareModelSerializer):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
request = self.context.get('request')
|
||||
pdf_data_forbidden = (
|
||||
# We check this based on permission if we are on /events/…/orders/ or /events/…/orderpositions/ or
|
||||
# /events/…/checkinlists/…/positions/
|
||||
# We're unable to check this on this level if we're on /checkinrpc/, in which case we rely on the view
|
||||
# layer to not set pdf_data=true in the first place.
|
||||
request and hasattr(request, 'event') and 'can_view_orders' not in request.eventpermset
|
||||
)
|
||||
if ('pdf_data' in self.context and not self.context['pdf_data']) or pdf_data_forbidden:
|
||||
if request and (not request.query_params.get('pdf_data', 'false') == 'true' or 'can_view_orders' not in request.eventpermset):
|
||||
self.fields.pop('pdf_data', None)
|
||||
|
||||
def validate(self, data):
|
||||
@@ -488,13 +481,13 @@ class CheckinListOrderPositionSerializer(OrderPositionSerializer):
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
|
||||
if 'subevent' in self.context['expand']:
|
||||
if 'subevent' in self.context['request'].query_params.getlist('expand'):
|
||||
self.fields['subevent'] = SubEventSerializer(read_only=True)
|
||||
|
||||
if 'item' in self.context['expand']:
|
||||
if 'item' in self.context['request'].query_params.getlist('expand'):
|
||||
self.fields['item'] = ItemSerializer(read_only=True, context=self.context)
|
||||
|
||||
if 'variation' in self.context['expand']:
|
||||
if 'variation' in self.context['request'].query_params.getlist('expand'):
|
||||
self.fields['variation'] = InlineItemVariationSerializer(read_only=True)
|
||||
|
||||
|
||||
@@ -597,10 +590,10 @@ class OrderSerializer(I18nAwareModelSerializer):
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
super().__init__(*args, **kwargs)
|
||||
if not self.context['pdf_data']:
|
||||
if not self.context['request'].query_params.get('pdf_data', 'false') == 'true':
|
||||
self.fields['positions'].child.fields.pop('pdf_data', None)
|
||||
|
||||
for exclude_field in self.context['exclude']:
|
||||
for exclude_field in self.context['request'].query_params.getlist('exclude'):
|
||||
p = exclude_field.split('.')
|
||||
if p[0] in self.fields:
|
||||
if len(p) == 1:
|
||||
|
||||
@@ -396,6 +396,7 @@ class OrderChangeOperationSerializer(serializers.Serializer):
|
||||
def validate(self, data):
|
||||
seen_positions = set()
|
||||
for d in data.get('patch_positions', []):
|
||||
print(d, seen_positions)
|
||||
if d['position'] in seen_positions:
|
||||
raise ValidationError({'patch_positions': ['You have specified the same object twice.']})
|
||||
seen_positions.add(d['position'])
|
||||
|
||||
@@ -75,14 +75,6 @@ class CustomerSerializer(I18nAwareModelSerializer):
|
||||
'locale', 'last_modified', 'notes')
|
||||
|
||||
|
||||
class CustomerCreateSerializer(CustomerSerializer):
|
||||
send_email = serializers.BooleanField(default=False, required=False, allow_null=True)
|
||||
|
||||
class Meta:
|
||||
model = Customer
|
||||
fields = CustomerSerializer.Meta.fields + ('send_email',)
|
||||
|
||||
|
||||
class MembershipTypeSerializer(I18nAwareModelSerializer):
|
||||
|
||||
class Meta:
|
||||
|
||||
@@ -112,10 +112,6 @@ for app in apps.get_app_configs():
|
||||
urlpatterns = [
|
||||
re_path(r'^', include(router.urls)),
|
||||
re_path(r'^organizers/(?P<organizer>[^/]+)/', include(orga_router.urls)),
|
||||
re_path(r'^organizers/(?P<organizer>[^/]+)/checkinrpc/redeem/$', checkin.CheckinRPCRedeemView.as_view(),
|
||||
name="checkinrpc.redeem"),
|
||||
re_path(r'^organizers/(?P<organizer>[^/]+)/checkinrpc/search/$', checkin.CheckinRPCSearchView.as_view(),
|
||||
name="checkinrpc.search"),
|
||||
re_path(r'^organizers/(?P<organizer>[^/]+)/settings/$', organizer.OrganizerSettingsView.as_view(),
|
||||
name="organizer.settings"),
|
||||
re_path(r'^organizers/(?P<organizer>[^/]+)/giftcards/(?P<giftcard>[^/]+)/', include(giftcard_router.urls)),
|
||||
|
||||
@@ -19,12 +19,9 @@
|
||||
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
import operator
|
||||
from functools import reduce
|
||||
|
||||
import django_filters
|
||||
from django.conf import settings
|
||||
from django.core.exceptions import ValidationError as BaseValidationError
|
||||
from django.core.exceptions import ValidationError
|
||||
from django.db import transaction
|
||||
from django.db.models import (
|
||||
Count, Exists, F, Max, OrderBy, OuterRef, Prefetch, Q, Subquery,
|
||||
@@ -38,18 +35,13 @@ from django.utils.timezone import now
|
||||
from django_filters.rest_framework import DjangoFilterBackend, FilterSet
|
||||
from django_scopes import scopes_disabled
|
||||
from packaging.version import parse
|
||||
from rest_framework import views, viewsets
|
||||
from rest_framework import viewsets
|
||||
from rest_framework.decorators import action
|
||||
from rest_framework.exceptions import PermissionDenied, ValidationError
|
||||
from rest_framework.fields import DateTimeField
|
||||
from rest_framework.generics import ListAPIView
|
||||
from rest_framework.permissions import SAFE_METHODS
|
||||
from rest_framework.response import Response
|
||||
|
||||
from pretix.api.serializers.checkin import (
|
||||
CheckinListSerializer, CheckinRPCRedeemInputSerializer,
|
||||
MiniCheckinListSerializer,
|
||||
)
|
||||
from pretix.api.serializers.checkin import CheckinListSerializer
|
||||
from pretix.api.serializers.item import QuestionSerializer
|
||||
from pretix.api.serializers.order import (
|
||||
CheckinListOrderPositionSerializer, FailedCheckinSerializer,
|
||||
@@ -59,7 +51,7 @@ from pretix.api.views.order import OrderPositionFilter
|
||||
from pretix.base.i18n import language
|
||||
from pretix.base.models import (
|
||||
CachedFile, Checkin, CheckinList, Device, Event, Order, OrderPosition,
|
||||
Question, RevokedTicketSecret, TeamAPIToken,
|
||||
Question,
|
||||
)
|
||||
from pretix.base.services.checkin import (
|
||||
CheckInError, RequiredQuestionsError, SQLLogic, perform_checkin,
|
||||
@@ -274,399 +266,6 @@ with scopes_disabled():
|
||||
return queryset.filter(SQLLogic(self.checkinlist).apply(self.checkinlist.rules))
|
||||
|
||||
|
||||
def _handle_file_upload(data, user, auth):
|
||||
try:
|
||||
cf = CachedFile.objects.get(
|
||||
session_key=f'api-upload-{str(type(user or auth))}-{(user or auth).pk}',
|
||||
file__isnull=False,
|
||||
pk=data[len("file:"):],
|
||||
)
|
||||
except (ValidationError, BaseValidationError, IndexError): # invalid uuid
|
||||
raise ValidationError('The submitted file ID "{fid}" was not found.'.format(fid=data))
|
||||
except CachedFile.DoesNotExist:
|
||||
raise ValidationError('The submitted file ID "{fid}" was not found.'.format(fid=data))
|
||||
|
||||
allowed_types = (
|
||||
'image/png', 'image/jpeg', 'image/gif', 'application/pdf'
|
||||
)
|
||||
if cf.type not in allowed_types:
|
||||
raise ValidationError('The submitted file "{fid}" has a file type that is not allowed in this field.'.format(fid=data))
|
||||
if cf.file.size > settings.FILE_UPLOAD_MAX_SIZE_OTHER:
|
||||
raise ValidationError('The submitted file "{fid}" is too large to be used in this field.'.format(fid=data))
|
||||
|
||||
return cf.file
|
||||
|
||||
|
||||
def _checkin_list_position_queryset(checkinlists, ignore_status=False, ignore_products=False, pdf_data=False, expand=None):
|
||||
list_by_event = {cl.event_id: cl for cl in checkinlists}
|
||||
if not checkinlists:
|
||||
raise ValidationError('No check-in list passed.')
|
||||
if len(list_by_event) != len(checkinlists):
|
||||
raise ValidationError('Selecting two check-in lists from the same event is unsupported.')
|
||||
|
||||
cqs = Checkin.objects.filter(
|
||||
position_id=OuterRef('pk'),
|
||||
list_id__in=[cl.pk for cl in checkinlists]
|
||||
).order_by().values('position_id').annotate(
|
||||
m=Max('datetime')
|
||||
).values('m')
|
||||
|
||||
qs = OrderPosition.objects.filter(
|
||||
order__event__in=list_by_event.keys(),
|
||||
).annotate(
|
||||
last_checked_in=Subquery(cqs)
|
||||
).prefetch_related('order__event', 'order__event__organizer')
|
||||
|
||||
lists_qs = []
|
||||
for checkinlist in checkinlists:
|
||||
list_q = Q(order__event_id=checkinlist.event_id)
|
||||
if checkinlist.subevent:
|
||||
list_q &= Q(subevent=checkinlist.subevent)
|
||||
if not ignore_status:
|
||||
list_q &= Q(order__status__in=[Order.STATUS_PAID, Order.STATUS_PENDING] if checkinlist.include_pending else [Order.STATUS_PAID])
|
||||
if not checkinlist.all_products and not ignore_products:
|
||||
list_q &= Q(item__in=checkinlist.limit_products.values_list('id', flat=True))
|
||||
lists_qs.append(list_q)
|
||||
|
||||
qs = qs.filter(reduce(operator.or_, lists_qs))
|
||||
|
||||
if pdf_data:
|
||||
qs = qs.prefetch_related(
|
||||
Prefetch(
|
||||
lookup='checkins',
|
||||
queryset=Checkin.objects.filter(list_id__in=[cl.pk for cl in checkinlists])
|
||||
),
|
||||
'answers', 'answers__options', 'answers__question',
|
||||
Prefetch('addons', OrderPosition.objects.select_related('item', 'variation')),
|
||||
Prefetch('order', Order.objects.select_related('invoice_address').prefetch_related(
|
||||
Prefetch(
|
||||
'event',
|
||||
Event.objects.select_related('organizer')
|
||||
),
|
||||
Prefetch(
|
||||
'positions',
|
||||
OrderPosition.objects.prefetch_related(
|
||||
Prefetch('checkins', queryset=Checkin.objects.all()),
|
||||
'item', 'variation', 'answers', 'answers__options', 'answers__question',
|
||||
)
|
||||
)
|
||||
))
|
||||
).select_related(
|
||||
'item', 'variation', 'item__category', 'addon_to', 'order', 'order__invoice_address', 'seat'
|
||||
)
|
||||
else:
|
||||
qs = qs.prefetch_related(
|
||||
Prefetch(
|
||||
lookup='checkins',
|
||||
queryset=Checkin.objects.filter(list_id__in=[cl.pk for cl in checkinlists])
|
||||
),
|
||||
'answers', 'answers__options', 'answers__question',
|
||||
Prefetch('addons', OrderPosition.objects.select_related('item', 'variation'))
|
||||
).select_related('item', 'variation', 'order', 'addon_to', 'order__invoice_address', 'order', 'seat')
|
||||
|
||||
if expand and 'subevent' in expand:
|
||||
qs = qs.prefetch_related(
|
||||
'subevent', 'subevent__event', 'subevent__subeventitem_set', 'subevent__subeventitemvariation_set',
|
||||
'subevent__seat_category_mappings', 'subevent__meta_values'
|
||||
)
|
||||
|
||||
if expand and 'item' in expand:
|
||||
qs = qs.prefetch_related('item', 'item__addons', 'item__bundles', 'item__meta_values',
|
||||
'item__variations').select_related('item__tax_rule')
|
||||
|
||||
if expand and 'variation' in expand:
|
||||
qs = qs.prefetch_related('variation')
|
||||
|
||||
return qs
|
||||
|
||||
|
||||
def _redeem_process(*, checkinlists, raw_barcode, answers_data, datetime, force, checkin_type, ignore_unpaid, nonce,
|
||||
untrusted_input, user, auth, expand, pdf_data, request, questions_supported, canceled_supported,
|
||||
legacy_url_support=False):
|
||||
if not checkinlists:
|
||||
raise ValidationError('No check-in list passed.')
|
||||
|
||||
list_by_event = {cl.event_id: cl for cl in checkinlists}
|
||||
prefetch_related_objects([cl for cl in checkinlists if not cl.all_products], 'limit_products')
|
||||
|
||||
device = auth if isinstance(auth, Device) else None
|
||||
gate = auth.gate if isinstance(auth, Device) else None
|
||||
|
||||
context = {
|
||||
'request': request,
|
||||
'expand': expand,
|
||||
}
|
||||
|
||||
def _make_context(context, event):
|
||||
return {
|
||||
**context,
|
||||
'event': op.order.event,
|
||||
'pdf_data': pdf_data and (
|
||||
user if user and user.is_authenticated else auth
|
||||
).has_event_permission(request.organizer, event, 'can_view_orders', request),
|
||||
}
|
||||
|
||||
common_checkin_args = dict(
|
||||
raw_barcode=raw_barcode,
|
||||
type=checkin_type,
|
||||
list=checkinlists[0],
|
||||
datetime=datetime,
|
||||
device=device,
|
||||
gate=gate,
|
||||
nonce=nonce,
|
||||
forced=force,
|
||||
)
|
||||
raw_barcode_for_checkin = None
|
||||
from_revoked_secret = False
|
||||
|
||||
# 1. Gather a list of positions that could be the one we looking fore, either from their ID, secret or
|
||||
# parent secret
|
||||
queryset = _checkin_list_position_queryset(checkinlists, pdf_data=pdf_data, ignore_status=True, ignore_products=True).order_by(
|
||||
F('addon_to').asc(nulls_first=True)
|
||||
)
|
||||
|
||||
q = Q(secret=raw_barcode)
|
||||
if any(cl.addon_match for cl in checkinlists):
|
||||
q |= Q(addon_to__secret=raw_barcode)
|
||||
if raw_barcode.isnumeric() and not untrusted_input and legacy_url_support:
|
||||
q |= Q(pk=raw_barcode)
|
||||
|
||||
op_candidates = list(queryset.filter(q))
|
||||
if not op_candidates and '+' in raw_barcode and legacy_url_support:
|
||||
# In application/x-www-form-urlencoded, you can encodes space ' ' with '+' instead of '%20'.
|
||||
# `id`, however, is part of a path where this technically is not allowed. Old versions of our
|
||||
# scan apps still do it, so we try work around it!
|
||||
q = Q(secret=raw_barcode.replace('+', ' '))
|
||||
if any(cl.addon_match for cl in checkinlists):
|
||||
q |= Q(addon_to__secret=raw_barcode.replace('+', ' '))
|
||||
op_candidates = list(queryset.filter(q))
|
||||
|
||||
# 2. Handle the "nothing found" case: Either it's really a bogus secret that we don't know (-> error), or it
|
||||
# might be a revoked one that we actually know (-> error, but with better error message and logging and
|
||||
# with respecting the force option).
|
||||
if not op_candidates:
|
||||
revoked_matches = list(RevokedTicketSecret.objects.filter(event_id__in=list_by_event.keys(), secret=raw_barcode))
|
||||
if len(revoked_matches) == 0:
|
||||
checkinlists[0].event.log_action('pretix.event.checkin.unknown', data={
|
||||
'datetime': datetime,
|
||||
'type': checkin_type,
|
||||
'list': checkinlists[0].pk,
|
||||
'barcode': raw_barcode,
|
||||
'searched_lists': [cl.pk for cl in checkinlists]
|
||||
}, user=user, auth=auth)
|
||||
|
||||
for cl in checkinlists:
|
||||
for k, s in cl.event.ticket_secret_generators.items():
|
||||
try:
|
||||
parsed = s.parse_secret(raw_barcode)
|
||||
common_checkin_args.update({
|
||||
'raw_item': parsed.item,
|
||||
'raw_variation': parsed.variation,
|
||||
'raw_subevent': parsed.subevent,
|
||||
})
|
||||
except:
|
||||
pass
|
||||
|
||||
Checkin.objects.create(
|
||||
position=None,
|
||||
successful=False,
|
||||
error_reason=Checkin.REASON_INVALID,
|
||||
**common_checkin_args,
|
||||
)
|
||||
|
||||
if force and legacy_url_support and isinstance(auth, Device):
|
||||
# There was a bug in libpretixsync: If you scanned a ticket in offline mode that was
|
||||
# valid at the time but no longer exists at time of upload, the device would retry to
|
||||
# upload the same scan over and over again. Since we can't update all devices quickly,
|
||||
# here's a dirty workaround to make it stop.
|
||||
try:
|
||||
brand = auth.software_brand
|
||||
ver = parse(auth.software_version)
|
||||
legacy_mode = (
|
||||
(brand == 'pretixSCANPROXY' and ver < parse('0.0.3')) or
|
||||
(brand == 'pretixSCAN Android' and ver < parse('1.11.2')) or
|
||||
(brand == 'pretixSCAN' and ver < parse('1.11.2'))
|
||||
)
|
||||
if legacy_mode:
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_ALREADY_REDEEMED,
|
||||
'reason_explanation': None,
|
||||
'require_attention': False,
|
||||
'__warning': 'Compatibility hack active due to detected old pretixSCAN version',
|
||||
}, status=400)
|
||||
except: # we don't care e.g. about invalid version numbers
|
||||
pass
|
||||
|
||||
return Response({
|
||||
'detail': 'Not found.', # for backwards compatibility
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_INVALID,
|
||||
'reason_explanation': None,
|
||||
'require_attention': False,
|
||||
'list': MiniCheckinListSerializer(checkinlists[0]).data,
|
||||
}, status=404)
|
||||
elif revoked_matches and force:
|
||||
op_candidates = [revoked_matches[0].position]
|
||||
if list_by_event[revoked_matches[0].event_id].addon_match:
|
||||
op_candidates += list(revoked_matches[0].position.addons.all())
|
||||
raw_barcode_for_checkin = raw_barcode
|
||||
from_revoked_secret = True
|
||||
else:
|
||||
op = revoked_matches[0].position
|
||||
op.order.log_action('pretix.event.checkin.revoked', data={
|
||||
'datetime': datetime,
|
||||
'type': checkin_type,
|
||||
'list': list_by_event[revoked_matches[0].event_id].pk,
|
||||
'barcode': raw_barcode
|
||||
}, user=user, auth=auth)
|
||||
common_checkin_args['list'] = list_by_event[revoked_matches[0].event_id]
|
||||
Checkin.objects.create(
|
||||
position=op,
|
||||
successful=False,
|
||||
error_reason=Checkin.REASON_REVOKED,
|
||||
**common_checkin_args
|
||||
)
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_REVOKED,
|
||||
'reason_explanation': None,
|
||||
'require_attention': False,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=_make_context(context, revoked_matches[0].event)).data,
|
||||
'list': MiniCheckinListSerializer(list_by_event[revoked_matches[0].event_id]).data,
|
||||
}, status=400)
|
||||
|
||||
# 3. Handle the "multiple options found" case: Except for the unlikely case of a secret being also a valid primary
|
||||
# key on the same list, we're probably dealing with the ``addon_match`` case here and need to figure out
|
||||
# which add-on has the right product.
|
||||
if len(op_candidates) > 1:
|
||||
op_candidates_matching_product = [
|
||||
op for op in op_candidates
|
||||
if (
|
||||
(list_by_event[op.order.event_id].addon_match or op.secret == raw_barcode or legacy_url_support) and
|
||||
(list_by_event[op.order.event_id].all_products or op.item_id in {i.pk for i in list_by_event[op.order.event_id].limit_products.all()})
|
||||
)
|
||||
]
|
||||
|
||||
if len(op_candidates_matching_product) == 0:
|
||||
# None of the found add-ons has the correct product, too bad! We could just error out here, but
|
||||
# instead we just continue with *any* product and have it rejected by the check in perform_checkin.
|
||||
# This has the advantage of a better error message.
|
||||
op_candidates = [op_candidates[0]]
|
||||
elif len(op_candidates_matching_product) > 1:
|
||||
# It's still ambiguous, we'll error out.
|
||||
# We choose the first match (regardless of product) for the logging since it's most likely to be the
|
||||
# base product according to our order_by above.
|
||||
op = op_candidates[0]
|
||||
op.order.log_action('pretix.event.checkin.denied', data={
|
||||
'position': op.id,
|
||||
'positionid': op.positionid,
|
||||
'errorcode': Checkin.REASON_AMBIGUOUS,
|
||||
'reason_explanation': None,
|
||||
'force': force,
|
||||
'datetime': datetime,
|
||||
'type': checkin_type,
|
||||
'list': list_by_event[op.order.event_id].pk,
|
||||
}, user=user, auth=auth)
|
||||
common_checkin_args['list'] = list_by_event[op.order.event_id]
|
||||
Checkin.objects.create(
|
||||
position=op,
|
||||
successful=False,
|
||||
error_reason=Checkin.REASON_AMBIGUOUS,
|
||||
error_explanation=None,
|
||||
**common_checkin_args,
|
||||
)
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_AMBIGUOUS,
|
||||
'reason_explanation': None,
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=_make_context(context, op.order.event)).data,
|
||||
'list': MiniCheckinListSerializer(list_by_event[op.order.event_id]).data,
|
||||
}, status=400)
|
||||
else:
|
||||
op_candidates = op_candidates_matching_product
|
||||
|
||||
op = op_candidates[0]
|
||||
common_checkin_args['list'] = list_by_event[op.order.event_id]
|
||||
|
||||
# 5. Pre-validate all incoming answers, handle file upload
|
||||
given_answers = {}
|
||||
if answers_data:
|
||||
for q in op.item.questions.filter(ask_during_checkin=True):
|
||||
if str(q.pk) in answers_data:
|
||||
try:
|
||||
if q.type == Question.TYPE_FILE:
|
||||
given_answers[q] = _handle_file_upload(answers_data[str(q.pk)], user, auth)
|
||||
else:
|
||||
given_answers[q] = q.clean_answer(answers_data[str(q.pk)])
|
||||
except (ValidationError, BaseValidationError):
|
||||
pass
|
||||
|
||||
# 6. Pass to our actual check-in logic
|
||||
with language(op.order.event.settings.locale):
|
||||
try:
|
||||
perform_checkin(
|
||||
op=op,
|
||||
clist=list_by_event[op.order.event_id],
|
||||
given_answers=given_answers,
|
||||
force=force,
|
||||
ignore_unpaid=ignore_unpaid,
|
||||
nonce=nonce,
|
||||
datetime=datetime,
|
||||
questions_supported=questions_supported,
|
||||
canceled_supported=canceled_supported,
|
||||
user=user,
|
||||
auth=auth,
|
||||
type=checkin_type,
|
||||
raw_barcode=raw_barcode_for_checkin,
|
||||
from_revoked_secret=from_revoked_secret,
|
||||
)
|
||||
except RequiredQuestionsError as e:
|
||||
return Response({
|
||||
'status': 'incomplete',
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=_make_context(context, op.order.event)).data,
|
||||
'questions': [
|
||||
QuestionSerializer(q).data for q in e.questions
|
||||
],
|
||||
'list': MiniCheckinListSerializer(list_by_event[op.order.event_id]).data,
|
||||
}, status=400)
|
||||
except CheckInError as e:
|
||||
op.order.log_action('pretix.event.checkin.denied', data={
|
||||
'position': op.id,
|
||||
'positionid': op.positionid,
|
||||
'errorcode': e.code,
|
||||
'reason_explanation': e.reason,
|
||||
'force': force,
|
||||
'datetime': datetime,
|
||||
'type': checkin_type,
|
||||
'list': list_by_event[op.order.event_id].pk,
|
||||
}, user=user, auth=auth)
|
||||
Checkin.objects.create(
|
||||
position=op,
|
||||
successful=False,
|
||||
error_reason=e.code,
|
||||
error_explanation=e.reason,
|
||||
**common_checkin_args,
|
||||
)
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': e.code,
|
||||
'reason_explanation': e.reason,
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=_make_context(context, op.order.event)).data,
|
||||
'list': MiniCheckinListSerializer(list_by_event[op.order.event_id]).data,
|
||||
}, status=400)
|
||||
else:
|
||||
return Response({
|
||||
'status': 'ok',
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=_make_context(context, op.order.event)).data,
|
||||
'list': MiniCheckinListSerializer(list_by_event[op.order.event_id]).data,
|
||||
}, status=201)
|
||||
|
||||
|
||||
class ExtendedBackend(DjangoFilterBackend):
|
||||
def get_filterset_kwargs(self, request, queryset, view):
|
||||
kwargs = super().get_filterset_kwargs(request, queryset, view)
|
||||
@@ -711,8 +310,6 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
def get_serializer_context(self):
|
||||
ctx = super().get_serializer_context()
|
||||
ctx['event'] = self.request.event
|
||||
ctx['expand'] = self.request.query_params.getlist('expand')
|
||||
ctx['pdf_data'] = self.request.query_params.get('pdf_data', 'false') == 'true'
|
||||
return ctx
|
||||
|
||||
def get_filterset_kwargs(self):
|
||||
@@ -723,18 +320,80 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
@cached_property
|
||||
def checkinlist(self):
|
||||
try:
|
||||
return get_object_or_404(self.request.event.checkin_lists, pk=self.kwargs.get("list"))
|
||||
return get_object_or_404(CheckinList, event=self.request.event, pk=self.kwargs.get("list"))
|
||||
except ValueError:
|
||||
raise Http404()
|
||||
|
||||
def get_queryset(self, ignore_status=False, ignore_products=False):
|
||||
qs = _checkin_list_position_queryset(
|
||||
[self.checkinlist],
|
||||
ignore_status=self.request.query_params.get('ignore_status', 'false') == 'true' or ignore_status,
|
||||
ignore_products=ignore_products,
|
||||
pdf_data=self.request.query_params.get('pdf_data', 'false') == 'true',
|
||||
expand=self.request.query_params.getlist('expand'),
|
||||
)
|
||||
cqs = Checkin.objects.filter(
|
||||
position_id=OuterRef('pk'),
|
||||
list_id=self.checkinlist.pk
|
||||
).order_by().values('position_id').annotate(
|
||||
m=Max('datetime')
|
||||
).values('m')
|
||||
|
||||
qs = OrderPosition.objects.filter(
|
||||
order__event=self.request.event,
|
||||
).annotate(
|
||||
last_checked_in=Subquery(cqs)
|
||||
).prefetch_related('order__event', 'order__event__organizer')
|
||||
if self.checkinlist.subevent:
|
||||
qs = qs.filter(
|
||||
subevent=self.checkinlist.subevent
|
||||
)
|
||||
|
||||
if self.request.query_params.get('ignore_status', 'false') != 'true' and not ignore_status:
|
||||
qs = qs.filter(
|
||||
order__status__in=[Order.STATUS_PAID, Order.STATUS_PENDING] if self.checkinlist.include_pending else [Order.STATUS_PAID]
|
||||
)
|
||||
if self.request.query_params.get('pdf_data', 'false') == 'true':
|
||||
qs = qs.prefetch_related(
|
||||
Prefetch(
|
||||
lookup='checkins',
|
||||
queryset=Checkin.objects.filter(list_id=self.checkinlist.pk)
|
||||
),
|
||||
'answers', 'answers__options', 'answers__question',
|
||||
Prefetch('addons', OrderPosition.objects.select_related('item', 'variation')),
|
||||
Prefetch('order', Order.objects.select_related('invoice_address').prefetch_related(
|
||||
Prefetch(
|
||||
'event',
|
||||
Event.objects.select_related('organizer')
|
||||
),
|
||||
Prefetch(
|
||||
'positions',
|
||||
OrderPosition.objects.prefetch_related(
|
||||
Prefetch('checkins', queryset=Checkin.objects.all()),
|
||||
'item', 'variation', 'answers', 'answers__options', 'answers__question',
|
||||
)
|
||||
)
|
||||
))
|
||||
).select_related(
|
||||
'item', 'variation', 'item__category', 'addon_to', 'order', 'order__invoice_address', 'seat'
|
||||
)
|
||||
else:
|
||||
qs = qs.prefetch_related(
|
||||
Prefetch(
|
||||
lookup='checkins',
|
||||
queryset=Checkin.objects.filter(list_id=self.checkinlist.pk)
|
||||
),
|
||||
'answers', 'answers__options', 'answers__question',
|
||||
Prefetch('addons', OrderPosition.objects.select_related('item', 'variation'))
|
||||
).select_related('item', 'variation', 'order', 'addon_to', 'order__invoice_address', 'order', 'seat')
|
||||
|
||||
if not self.checkinlist.all_products and not ignore_products:
|
||||
qs = qs.filter(item__in=self.checkinlist.limit_products.values_list('id', flat=True))
|
||||
|
||||
if 'subevent' in self.request.query_params.getlist('expand'):
|
||||
qs = qs.prefetch_related(
|
||||
'subevent', 'subevent__event', 'subevent__subeventitem_set', 'subevent__subeventitemvariation_set',
|
||||
'subevent__seat_category_mappings', 'subevent__meta_values'
|
||||
)
|
||||
|
||||
if 'item' in self.request.query_params.getlist('expand'):
|
||||
qs = qs.prefetch_related('item', 'item__addons', 'item__bundles', 'item__meta_values', 'item__variations').select_related('item__tax_rule')
|
||||
|
||||
if 'variation' in self.request.query_params.getlist('expand'):
|
||||
qs = qs.prefetch_related('variation')
|
||||
|
||||
if 'pk' not in self.request.resolver_match.kwargs and 'can_view_orders' not in self.request.eventpermset \
|
||||
and len(self.request.query_params.get('search', '')) < 3:
|
||||
@@ -745,8 +404,8 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
@action(detail=False, methods=['POST'], url_name='redeem', url_path='(?P<pk>.*)/redeem')
|
||||
def redeem(self, *args, **kwargs):
|
||||
force = bool(self.request.data.get('force', False))
|
||||
checkin_type = self.request.data.get('type', None) or Checkin.TYPE_ENTRY
|
||||
if checkin_type not in dict(Checkin.CHECKIN_TYPES):
|
||||
type = self.request.data.get('type', None) or Checkin.TYPE_ENTRY
|
||||
if type not in dict(Checkin.CHECKIN_TYPES):
|
||||
raise ValidationError("Invalid check-in type.")
|
||||
ignore_unpaid = bool(self.request.data.get('ignore_unpaid', False))
|
||||
nonce = self.request.data.get('nonce')
|
||||
@@ -755,143 +414,280 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
|
||||
or (isinstance(self.request.auth, Device) and 'pretixscan' in (self.request.auth.software_brand or '').lower())
|
||||
)
|
||||
|
||||
if not self.checkinlist.all_products:
|
||||
prefetch_related_objects([self.checkinlist], 'limit_products')
|
||||
|
||||
if 'datetime' in self.request.data:
|
||||
dt = DateTimeField().to_internal_value(self.request.data.get('datetime'))
|
||||
else:
|
||||
dt = now()
|
||||
|
||||
answers_data = self.request.data.get('answers')
|
||||
return _redeem_process(
|
||||
checkinlists=[self.checkinlist],
|
||||
raw_barcode=kwargs['pk'],
|
||||
answers_data=answers_data,
|
||||
common_checkin_args = dict(
|
||||
raw_barcode=self.kwargs['pk'],
|
||||
type=type,
|
||||
list=self.checkinlist,
|
||||
datetime=dt,
|
||||
force=force,
|
||||
checkin_type=checkin_type,
|
||||
ignore_unpaid=ignore_unpaid,
|
||||
device=self.request.auth if isinstance(self.request.auth, Device) else None,
|
||||
gate=self.request.auth.gate if isinstance(self.request.auth, Device) else None,
|
||||
nonce=nonce,
|
||||
untrusted_input=untrusted_input,
|
||||
user=self.request.user,
|
||||
auth=self.request.auth,
|
||||
expand=self.request.query_params.getlist('expand'),
|
||||
pdf_data=self.request.query_params.get('pdf_data', 'false') == 'true',
|
||||
questions_supported=self.request.data.get('questions_supported', True),
|
||||
canceled_supported=self.request.data.get('canceled_supported', False),
|
||||
request=self.request, # this is not clean, but we need it in the serializers for URL generation
|
||||
legacy_url_support=True,
|
||||
forced=force,
|
||||
)
|
||||
raw_barcode_for_checkin = None
|
||||
from_revoked_secret = False
|
||||
|
||||
# 1. Gather a list of positions that could be the one we looking fore, either from their ID, secret or
|
||||
# parent secret
|
||||
queryset = self.get_queryset(ignore_status=True, ignore_products=True).order_by(
|
||||
F('addon_to').asc(nulls_first=True)
|
||||
)
|
||||
|
||||
q = Q(secret=self.kwargs['pk'])
|
||||
if self.checkinlist.addon_match:
|
||||
q |= Q(addon_to__secret=self.kwargs['pk'])
|
||||
if self.kwargs['pk'].isnumeric() and not untrusted_input:
|
||||
q |= Q(pk=self.kwargs['pk'])
|
||||
|
||||
class CheckinRPCRedeemView(views.APIView):
|
||||
def post(self, request, *args, **kwargs):
|
||||
if isinstance(self.request.auth, (TeamAPIToken, Device)):
|
||||
events = self.request.auth.get_events_with_permission(('can_change_orders', 'can_checkin_orders'))
|
||||
elif self.request.user.is_authenticated:
|
||||
events = self.request.user.get_events_with_permission(('can_change_orders', 'can_checkin_orders'), self.request).filter(
|
||||
organizer=self.request.organizer
|
||||
op_candidates = list(queryset.filter(q))
|
||||
if not op_candidates and '+' in self.kwargs['pk']:
|
||||
# In application/x-www-form-urlencoded, you can encodes space ' ' with '+' instead of '%20'.
|
||||
# `id`, however, is part of a path where this technically is not allowed. Old versions of our
|
||||
# scan apps still do it, so we try work around it!
|
||||
q = Q(secret=self.kwargs['pk'].replace('+', ' '))
|
||||
if self.checkinlist.addon_match:
|
||||
q |= Q(addon_to__secret=self.kwargs['pk'].replace('+', ' '))
|
||||
op_candidates = list(queryset.filter(q))
|
||||
|
||||
# 2. Handle the "nothing found" case: Either it's really a bogus secret that we don't know (-> error), or it
|
||||
# might be a revoked one that we actually know (-> error, but with better error message and logging and
|
||||
# with respecting the force option).
|
||||
if not op_candidates:
|
||||
revoked_matches = list(self.request.event.revoked_secrets.filter(secret=self.kwargs['pk']))
|
||||
if len(revoked_matches) == 0:
|
||||
self.request.event.log_action('pretix.event.checkin.unknown', data={
|
||||
'datetime': dt,
|
||||
'type': type,
|
||||
'list': self.checkinlist.pk,
|
||||
'barcode': self.kwargs['pk']
|
||||
}, user=self.request.user, auth=self.request.auth)
|
||||
|
||||
for k, s in self.request.event.ticket_secret_generators.items():
|
||||
try:
|
||||
parsed = s.parse_secret(self.kwargs['pk'])
|
||||
common_checkin_args.update({
|
||||
'raw_item': parsed.item,
|
||||
'raw_variation': parsed.variation,
|
||||
'raw_subevent': parsed.subevent,
|
||||
})
|
||||
except:
|
||||
pass
|
||||
|
||||
Checkin.objects.create(
|
||||
position=None,
|
||||
successful=False,
|
||||
error_reason=Checkin.REASON_INVALID,
|
||||
**common_checkin_args,
|
||||
)
|
||||
|
||||
if force and isinstance(self.request.auth, Device):
|
||||
# There was a bug in libpretixsync: If you scanned a ticket in offline mode that was
|
||||
# valid at the time but no longer exists at time of upload, the device would retry to
|
||||
# upload the same scan over and over again. Since we can't update all devices quickly,
|
||||
# here's a dirty workaround to make it stop.
|
||||
try:
|
||||
brand = self.request.auth.software_brand
|
||||
ver = parse(self.request.auth.software_version)
|
||||
legacy_mode = (
|
||||
(brand == 'pretixSCANPROXY' and ver < parse('0.0.3')) or
|
||||
(brand == 'pretixSCAN Android' and ver < parse('1.11.2')) or
|
||||
(brand == 'pretixSCAN' and ver < parse('1.11.2'))
|
||||
)
|
||||
if legacy_mode:
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_ALREADY_REDEEMED,
|
||||
'reason_explanation': None,
|
||||
'require_attention': False,
|
||||
'__warning': 'Compatibility hack active due to detected old pretixSCAN version',
|
||||
}, status=400)
|
||||
except: # we don't care e.g. about invalid version numbers
|
||||
pass
|
||||
|
||||
return Response({
|
||||
'detail': 'Not found.', # for backwards compatibility
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_INVALID,
|
||||
'reason_explanation': None,
|
||||
'require_attention': False,
|
||||
}, status=404)
|
||||
elif revoked_matches and force:
|
||||
op_candidates = [revoked_matches[0].position]
|
||||
if self.checkinlist.addon_match:
|
||||
op_candidates += list(revoked_matches[0].position.addons.all())
|
||||
raw_barcode_for_checkin = self.kwargs['pk']
|
||||
from_revoked_secret = True
|
||||
else:
|
||||
op = revoked_matches[0].position
|
||||
op.order.log_action('pretix.event.checkin.revoked', data={
|
||||
'datetime': dt,
|
||||
'type': type,
|
||||
'list': self.checkinlist.pk,
|
||||
'barcode': self.kwargs['pk']
|
||||
}, user=self.request.user, auth=self.request.auth)
|
||||
Checkin.objects.create(
|
||||
position=op,
|
||||
successful=False,
|
||||
error_reason=Checkin.REASON_REVOKED,
|
||||
**common_checkin_args
|
||||
)
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_REVOKED,
|
||||
'reason_explanation': None,
|
||||
'require_attention': False,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data
|
||||
}, status=400)
|
||||
|
||||
# 3. Handle the "multiple options found" case: Except for the unlikely case of a secret being also a valid primary
|
||||
# key on the same list, we're probably dealing with the ``addon_match`` case here and need to figure out
|
||||
# which add-on has the right product.
|
||||
if len(op_candidates) > 1:
|
||||
if self.checkinlist.addon_match and not self.checkinlist.all_products:
|
||||
op_candidates_matching_product = [
|
||||
op for op in op_candidates if op.item_id in {i.pk for i in self.checkinlist.limit_products.all()}
|
||||
]
|
||||
else:
|
||||
op_candidates_matching_product = op_candidates
|
||||
if len(op_candidates_matching_product) == 0:
|
||||
# None of the found add-ons has the correct product, too bad! We could just error out here, but
|
||||
# instead we just continue with *any* product and have it rejected by the check in perform_checkin.
|
||||
# This has the advantage of a better error message.
|
||||
op_candidates = [op_candidates[0]]
|
||||
elif len(op_candidates_matching_product) > 1:
|
||||
# It's still ambiguous, we'll error out.
|
||||
# We choose the first match (regardless of product) for the logging since it's most likely to be the
|
||||
# base product according to our order_by above.
|
||||
op = op_candidates[0]
|
||||
op.order.log_action('pretix.event.checkin.denied', data={
|
||||
'position': op.id,
|
||||
'positionid': op.positionid,
|
||||
'errorcode': Checkin.REASON_AMBIGUOUS,
|
||||
'reason_explanation': None,
|
||||
'force': force,
|
||||
'datetime': dt,
|
||||
'type': type,
|
||||
'list': self.checkinlist.pk
|
||||
}, user=self.request.user, auth=self.request.auth)
|
||||
Checkin.objects.create(
|
||||
position=op,
|
||||
successful=False,
|
||||
error_reason=Checkin.REASON_AMBIGUOUS,
|
||||
error_explanation=None,
|
||||
**common_checkin_args,
|
||||
)
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': Checkin.REASON_AMBIGUOUS,
|
||||
'reason_explanation': None,
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data
|
||||
}, status=400)
|
||||
else:
|
||||
op_candidates = op_candidates_matching_product
|
||||
|
||||
op = op_candidates[0]
|
||||
|
||||
# 5. Pre-validate all incoming answers, handle file upload
|
||||
given_answers = {}
|
||||
if 'answers' in self.request.data:
|
||||
aws = self.request.data.get('answers')
|
||||
for q in op.item.questions.filter(ask_during_checkin=True):
|
||||
if str(q.pk) in aws:
|
||||
try:
|
||||
if q.type == Question.TYPE_FILE:
|
||||
given_answers[q] = self._handle_file_upload(aws[str(q.pk)])
|
||||
else:
|
||||
given_answers[q] = q.clean_answer(aws[str(q.pk)])
|
||||
except ValidationError:
|
||||
pass
|
||||
|
||||
# 6. Pass to our actual check-in logic
|
||||
with language(self.request.event.settings.locale):
|
||||
try:
|
||||
perform_checkin(
|
||||
op=op,
|
||||
clist=self.checkinlist,
|
||||
given_answers=given_answers,
|
||||
force=force,
|
||||
ignore_unpaid=ignore_unpaid,
|
||||
nonce=nonce,
|
||||
datetime=dt,
|
||||
questions_supported=self.request.data.get('questions_supported', True),
|
||||
canceled_supported=self.request.data.get('canceled_supported', False),
|
||||
user=self.request.user,
|
||||
auth=self.request.auth,
|
||||
type=type,
|
||||
raw_barcode=raw_barcode_for_checkin,
|
||||
from_revoked_secret=from_revoked_secret,
|
||||
)
|
||||
except RequiredQuestionsError as e:
|
||||
return Response({
|
||||
'status': 'incomplete',
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data,
|
||||
'questions': [
|
||||
QuestionSerializer(q).data for q in e.questions
|
||||
]
|
||||
}, status=400)
|
||||
except CheckInError as e:
|
||||
op.order.log_action('pretix.event.checkin.denied', data={
|
||||
'position': op.id,
|
||||
'positionid': op.positionid,
|
||||
'errorcode': e.code,
|
||||
'reason_explanation': e.reason,
|
||||
'force': force,
|
||||
'datetime': dt,
|
||||
'type': type,
|
||||
'list': self.checkinlist.pk
|
||||
}, user=self.request.user, auth=self.request.auth)
|
||||
Checkin.objects.create(
|
||||
position=op,
|
||||
successful=False,
|
||||
error_reason=e.code,
|
||||
error_explanation=e.reason,
|
||||
**common_checkin_args,
|
||||
)
|
||||
return Response({
|
||||
'status': 'error',
|
||||
'reason': e.code,
|
||||
'reason_explanation': e.reason,
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data
|
||||
}, status=400)
|
||||
else:
|
||||
return Response({
|
||||
'status': 'ok',
|
||||
'require_attention': op.item.checkin_attention or op.order.checkin_attention,
|
||||
'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data
|
||||
}, status=201)
|
||||
|
||||
def _handle_file_upload(self, data):
|
||||
try:
|
||||
cf = CachedFile.objects.get(
|
||||
session_key=f'api-upload-{str(type(self.request.user or self.request.auth))}-{(self.request.user or self.request.auth).pk}',
|
||||
file__isnull=False,
|
||||
pk=data[len("file:"):],
|
||||
)
|
||||
else:
|
||||
raise ValueError("unknown authentication method")
|
||||
except (ValidationError, IndexError): # invalid uuid
|
||||
raise ValidationError('The submitted file ID "{fid}" was not found.'.format(fid=data))
|
||||
except CachedFile.DoesNotExist:
|
||||
raise ValidationError('The submitted file ID "{fid}" was not found.'.format(fid=data))
|
||||
|
||||
s = CheckinRPCRedeemInputSerializer(data=request.data, context={'events': events})
|
||||
s.is_valid(raise_exception=True)
|
||||
return _redeem_process(
|
||||
checkinlists=s.validated_data['lists'],
|
||||
raw_barcode=s.validated_data['secret'],
|
||||
answers_data=s.validated_data.get('answers'),
|
||||
datetime=s.validated_data.get('datetime') or now(),
|
||||
force=s.validated_data['force'],
|
||||
checkin_type=s.validated_data['type'],
|
||||
ignore_unpaid=s.validated_data['ignore_unpaid'],
|
||||
nonce=s.validated_data.get('nonce'),
|
||||
untrusted_input=True,
|
||||
user=self.request.user,
|
||||
auth=self.request.auth,
|
||||
expand=self.request.query_params.getlist('expand'),
|
||||
pdf_data=self.request.query_params.get('pdf_data', 'false') == 'true',
|
||||
questions_supported=s.validated_data['questions_supported'],
|
||||
canceled_supported=True,
|
||||
request=self.request, # this is not clean, but we need it in the serializers for URL generation
|
||||
legacy_url_support=False,
|
||||
allowed_types = (
|
||||
'image/png', 'image/jpeg', 'image/gif', 'application/pdf'
|
||||
)
|
||||
if cf.type not in allowed_types:
|
||||
raise ValidationError('The submitted file "{fid}" has a file type that is not allowed in this field.'.format(fid=data))
|
||||
if cf.file.size > settings.FILE_UPLOAD_MAX_SIZE_OTHER:
|
||||
raise ValidationError('The submitted file "{fid}" is too large to be used in this field.'.format(fid=data))
|
||||
|
||||
|
||||
class CheckinRPCSearchView(ListAPIView):
|
||||
serializer_class = CheckinListOrderPositionSerializer
|
||||
queryset = OrderPosition.all.none()
|
||||
filter_backends = (ExtendedBackend, RichOrderingFilter)
|
||||
ordering = (F('attendee_name_cached').asc(nulls_last=True), 'positionid')
|
||||
ordering_fields = (
|
||||
'order__code', 'order__datetime', 'positionid', 'attendee_name',
|
||||
'last_checked_in', 'order__email',
|
||||
)
|
||||
ordering_custom = {
|
||||
'attendee_name': {
|
||||
'_order': F('display_name').asc(nulls_first=True),
|
||||
'display_name': Coalesce('attendee_name_cached', 'addon_to__attendee_name_cached')
|
||||
},
|
||||
'-attendee_name': {
|
||||
'_order': F('display_name').desc(nulls_last=True),
|
||||
'display_name': Coalesce('attendee_name_cached', 'addon_to__attendee_name_cached')
|
||||
},
|
||||
'last_checked_in': {
|
||||
'_order': OrderBy(F('last_checked_in'), nulls_first=True),
|
||||
},
|
||||
'-last_checked_in': {
|
||||
'_order': OrderBy(F('last_checked_in'), nulls_last=True, descending=True),
|
||||
},
|
||||
}
|
||||
filterset_class = OrderPositionFilter
|
||||
|
||||
def get_serializer_context(self):
|
||||
ctx = super().get_serializer_context()
|
||||
ctx['expand'] = self.request.query_params.getlist('expand')
|
||||
ctx['pdf_data'] = False
|
||||
return ctx
|
||||
|
||||
@cached_property
|
||||
def lists(self):
|
||||
if isinstance(self.request.auth, (TeamAPIToken, Device)):
|
||||
events = self.request.auth.get_events_with_permission(('can_view_orders', 'can_checkin_orders'))
|
||||
elif self.request.user.is_authenticated:
|
||||
events = self.request.user.get_events_with_permission(('can_view_orders', 'can_checkin_orders'), self.request).filter(
|
||||
organizer=self.request.organizer
|
||||
)
|
||||
else:
|
||||
raise ValueError("unknown authentication method")
|
||||
requested_lists = [int(l) for l in self.request.query_params.getlist('list') if l.isdigit()]
|
||||
lists = list(
|
||||
CheckinList.objects.filter(event__in=events).select_related('event').filter(id__in=requested_lists)
|
||||
)
|
||||
if len(lists) != len(requested_lists):
|
||||
missing_lists = set(requested_lists) - {l.pk for l in lists}
|
||||
raise PermissionDenied("You requested lists that do not exist or that you do not have access to: " + ", ".join(str(l) for l in missing_lists))
|
||||
return lists
|
||||
|
||||
@cached_property
|
||||
def has_full_access_permission(self):
|
||||
if isinstance(self.request.auth, (TeamAPIToken, Device)):
|
||||
events = self.request.auth.get_events_with_permission('can_view_orders')
|
||||
elif self.request.user.is_authenticated:
|
||||
events = self.request.user.get_events_with_permission('can_view_orders', self.request).filter(
|
||||
organizer=self.request.organizer
|
||||
)
|
||||
else:
|
||||
raise ValueError("unknown authentication method")
|
||||
|
||||
full_access_lists = CheckinList.objects.filter(event__in=events).filter(id__in=[c.pk for c in self.lists]).count()
|
||||
return len(self.lists) == full_access_lists
|
||||
|
||||
def get_queryset(self, ignore_status=False, ignore_products=False):
|
||||
qs = _checkin_list_position_queryset(
|
||||
self.lists,
|
||||
ignore_status=self.request.query_params.get('ignore_status', 'false') == 'true' or ignore_status,
|
||||
ignore_products=ignore_products,
|
||||
pdf_data=self.request.query_params.get('pdf_data', 'false') == 'true',
|
||||
expand=self.request.query_params.getlist('expand'),
|
||||
)
|
||||
|
||||
if len(self.request.query_params.get('search', '')) < 3 and not self.has_full_access_permission:
|
||||
qs = qs.none()
|
||||
|
||||
return qs
|
||||
return cf.file
|
||||
|
||||
@@ -461,9 +461,7 @@ with scopes_disabled():
|
||||
class QuotaFilter(FilterSet):
|
||||
class Meta:
|
||||
model = Quota
|
||||
fields = {
|
||||
'subevent': ['exact', 'in'],
|
||||
}
|
||||
fields = ['subevent']
|
||||
|
||||
|
||||
class QuotaViewSet(ConditionalListView, viewsets.ModelViewSet):
|
||||
|
||||
@@ -63,10 +63,9 @@ from pretix.api.serializers.orderchange import (
|
||||
)
|
||||
from pretix.base.i18n import language
|
||||
from pretix.base.models import (
|
||||
CachedCombinedTicket, CachedTicket, Checkin, Device, EventMetaValue,
|
||||
Invoice, InvoiceAddress, ItemMetaValue, Order, OrderFee, OrderPayment,
|
||||
OrderPosition, OrderRefund, Quota, SubEvent, SubEventMetaValue, TaxRule,
|
||||
TeamAPIToken, generate_secret,
|
||||
CachedCombinedTicket, CachedTicket, Checkin, Device, Event, Invoice,
|
||||
InvoiceAddress, Order, OrderFee, OrderPayment, OrderPosition, OrderRefund,
|
||||
Quota, SubEvent, TaxRule, TeamAPIToken, generate_secret,
|
||||
)
|
||||
from pretix.base.models.orders import QuestionAnswer, RevokedTicketSecret
|
||||
from pretix.base.payment import PaymentException
|
||||
@@ -188,8 +187,6 @@ class OrderViewSet(viewsets.ModelViewSet):
|
||||
def get_serializer_context(self):
|
||||
ctx = super().get_serializer_context()
|
||||
ctx['event'] = self.request.event
|
||||
ctx['pdf_data'] = self.request.query_params.get('pdf_data', 'false') == 'true'
|
||||
ctx['exclude'] = self.request.query_params.getlist('exclude')
|
||||
return ctx
|
||||
|
||||
def get_queryset(self):
|
||||
@@ -216,29 +213,14 @@ class OrderViewSet(viewsets.ModelViewSet):
|
||||
else:
|
||||
opq = OrderPosition.objects
|
||||
if request.query_params.get('pdf_data', 'false') == 'true':
|
||||
prefetch_related_objects([request.organizer], 'meta_properties')
|
||||
prefetch_related_objects(
|
||||
[request.event],
|
||||
Prefetch('meta_values', queryset=EventMetaValue.objects.select_related('property'), to_attr='meta_values_cached'),
|
||||
'questions',
|
||||
'item_meta_properties',
|
||||
)
|
||||
return Prefetch(
|
||||
'positions',
|
||||
opq.all().prefetch_related(
|
||||
Prefetch('checkins', queryset=Checkin.objects.all()),
|
||||
Prefetch('item', queryset=self.request.event.items.prefetch_related(
|
||||
Prefetch('meta_values', ItemMetaValue.objects.select_related('property'), to_attr='meta_values_cached')
|
||||
)),
|
||||
'variation',
|
||||
'answers', 'answers__options', 'answers__question',
|
||||
'item__category',
|
||||
'addon_to__answers', 'addon_to__answers__options', 'addon_to__answers__question',
|
||||
Prefetch('subevent', queryset=self.request.event.subevents.prefetch_related(
|
||||
Prefetch('meta_values', to_attr='meta_values_cached', queryset=SubEventMetaValue.objects.select_related('property'))
|
||||
)),
|
||||
'item', 'variation', 'answers', 'answers__options', 'answers__question',
|
||||
'item__category', 'addon_to', 'seat',
|
||||
Prefetch('addons', opq.select_related('item', 'variation', 'seat'))
|
||||
).select_related('seat', 'addon_to', 'addon_to__seat')
|
||||
)
|
||||
)
|
||||
else:
|
||||
return Prefetch(
|
||||
@@ -950,7 +932,6 @@ class OrderPositionViewSet(viewsets.ModelViewSet):
|
||||
def get_serializer_context(self):
|
||||
ctx = super().get_serializer_context()
|
||||
ctx['event'] = self.request.event
|
||||
ctx['pdf_data'] = self.request.query_params.get('pdf_data', 'false') == 'true'
|
||||
return ctx
|
||||
|
||||
def get_queryset(self):
|
||||
@@ -961,49 +942,25 @@ class OrderPositionViewSet(viewsets.ModelViewSet):
|
||||
|
||||
qs = qs.filter(order__event=self.request.event)
|
||||
if self.request.query_params.get('pdf_data', 'false') == 'true':
|
||||
prefetch_related_objects([self.request.organizer], 'meta_properties')
|
||||
prefetch_related_objects(
|
||||
[self.request.event],
|
||||
Prefetch('meta_values', queryset=EventMetaValue.objects.select_related('property'), to_attr='meta_values_cached'),
|
||||
'questions',
|
||||
'item_meta_properties',
|
||||
)
|
||||
qs = qs.prefetch_related(
|
||||
Prefetch('checkins', queryset=Checkin.objects.all()),
|
||||
Prefetch('item', queryset=self.request.event.items.prefetch_related(
|
||||
Prefetch('meta_values', ItemMetaValue.objects.select_related('property'),
|
||||
to_attr='meta_values_cached')
|
||||
)),
|
||||
'variation',
|
||||
'answers', 'answers__options', 'answers__question',
|
||||
'item__category',
|
||||
'addon_to__answers', 'addon_to__answers__options', 'addon_to__answers__question',
|
||||
Prefetch('addons', qs.select_related('item', 'variation')),
|
||||
Prefetch('subevent', queryset=self.request.event.subevents.prefetch_related(
|
||||
Prefetch('meta_values', to_attr='meta_values_cached',
|
||||
queryset=SubEventMetaValue.objects.select_related('property'))
|
||||
)),
|
||||
Prefetch('order', self.request.event.orders.select_related('invoice_address').prefetch_related(
|
||||
Prefetch('order', Order.objects.select_related('invoice_address').prefetch_related(
|
||||
Prefetch(
|
||||
'event',
|
||||
Event.objects.select_related('organizer')
|
||||
),
|
||||
Prefetch(
|
||||
'positions',
|
||||
qs.prefetch_related(
|
||||
'item', 'variation', 'answers', 'answers__options', 'answers__question',
|
||||
Prefetch('checkins', queryset=Checkin.objects.all()),
|
||||
Prefetch('item', queryset=self.request.event.items.prefetch_related(
|
||||
Prefetch('meta_values', ItemMetaValue.objects.select_related('property'),
|
||||
to_attr='meta_values_cached')
|
||||
)),
|
||||
'variation', 'answers', 'answers__options', 'answers__question',
|
||||
'item__category',
|
||||
Prefetch('subevent', queryset=self.request.event.subevents.prefetch_related(
|
||||
Prefetch('meta_values', to_attr='meta_values_cached',
|
||||
queryset=SubEventMetaValue.objects.select_related('property'))
|
||||
)),
|
||||
Prefetch('addons', qs.select_related('item', 'variation', 'seat'))
|
||||
).select_related('addon_to', 'seat', 'addon_to__seat')
|
||||
)
|
||||
)
|
||||
))
|
||||
).select_related(
|
||||
'addon_to', 'seat', 'addon_to__seat'
|
||||
'item', 'variation', 'item__category', 'addon_to', 'seat'
|
||||
)
|
||||
else:
|
||||
qs = qs.prefetch_related(
|
||||
|
||||
@@ -22,7 +22,6 @@
|
||||
from decimal import Decimal
|
||||
|
||||
import django_filters
|
||||
from django.contrib.auth.hashers import make_password
|
||||
from django.db import transaction
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.utils.functional import cached_property
|
||||
@@ -39,8 +38,8 @@ from rest_framework.viewsets import GenericViewSet
|
||||
|
||||
from pretix.api.models import OAuthAccessToken
|
||||
from pretix.api.serializers.organizer import (
|
||||
CustomerCreateSerializer, CustomerSerializer, DeviceSerializer,
|
||||
GiftCardSerializer, GiftCardTransactionSerializer, MembershipSerializer,
|
||||
CustomerSerializer, DeviceSerializer, GiftCardSerializer,
|
||||
GiftCardTransactionSerializer, MembershipSerializer,
|
||||
MembershipTypeSerializer, OrganizerSerializer, OrganizerSettingsSerializer,
|
||||
SeatingPlanSerializer, TeamAPITokenSerializer, TeamInviteSerializer,
|
||||
TeamMemberSerializer, TeamSerializer,
|
||||
@@ -515,24 +514,15 @@ class CustomerViewSet(viewsets.ModelViewSet):
|
||||
raise MethodNotAllowed("Customers cannot be deleted.")
|
||||
|
||||
@transaction.atomic()
|
||||
def perform_create(self, serializer, send_email=False):
|
||||
customer = serializer.save(organizer=self.request.organizer, password=make_password(None))
|
||||
def perform_create(self, serializer):
|
||||
inst = serializer.save(organizer=self.request.organizer)
|
||||
serializer.instance.log_action(
|
||||
'pretix.customer.created',
|
||||
user=self.request.user,
|
||||
auth=self.request.auth,
|
||||
data=self.request.data,
|
||||
)
|
||||
if send_email:
|
||||
customer.send_activation_mail()
|
||||
return customer
|
||||
|
||||
def create(self, request, *args, **kwargs):
|
||||
serializer = CustomerCreateSerializer(data=request.data, context=self.get_serializer_context())
|
||||
serializer.is_valid(raise_exception=True)
|
||||
self.perform_create(serializer, send_email=serializer.validated_data.pop('send_email', False))
|
||||
headers = self.get_success_headers(serializer.data)
|
||||
return Response(serializer.data, status=status.HTTP_201_CREATED, headers=headers)
|
||||
return inst
|
||||
|
||||
@transaction.atomic()
|
||||
def perform_update(self, serializer):
|
||||
|
||||
@@ -28,7 +28,6 @@ from typing import Tuple
|
||||
import bleach
|
||||
import vat_moss.exchange_rates
|
||||
from django.contrib.staticfiles import finders
|
||||
from django.db.models import Sum
|
||||
from django.dispatch import receiver
|
||||
from django.utils.formats import date_format, localize
|
||||
from django.utils.translation import (
|
||||
@@ -48,7 +47,7 @@ from reportlab.platypus import (
|
||||
)
|
||||
|
||||
from pretix.base.decimal import round_decimal
|
||||
from pretix.base.models import Event, Invoice, Order, OrderPayment
|
||||
from pretix.base.models import Event, Invoice, Order
|
||||
from pretix.base.signals import register_invoice_renderers
|
||||
from pretix.base.templatetags.money import money_filter
|
||||
from pretix.helpers.reportlab import ThumbnailingImageReader
|
||||
@@ -590,33 +589,15 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
|
||||
])
|
||||
colwidths = [a * doc.width for a in (.65, .05, .30)]
|
||||
|
||||
if self.invoice.event.settings.invoice_show_payments and not self.invoice.is_cancellation:
|
||||
if self.invoice.order.status == Order.STATUS_PENDING:
|
||||
pending_sum = self.invoice.order.pending_sum
|
||||
if pending_sum != total:
|
||||
tdata.append([pgettext('invoice', 'Received payments')] + (['', '', ''] if has_taxes else ['']) + [
|
||||
money_filter(pending_sum - total, self.invoice.event.currency)
|
||||
])
|
||||
tdata.append([pgettext('invoice', 'Outstanding payments')] + (['', '', ''] if has_taxes else ['']) + [
|
||||
money_filter(pending_sum, self.invoice.event.currency)
|
||||
])
|
||||
tstyledata += [
|
||||
('FONTNAME', (0, len(tdata) - 3), (-1, len(tdata) - 3), self.font_bold),
|
||||
]
|
||||
elif self.invoice.order.payments.filter(
|
||||
state__in=(OrderPayment.PAYMENT_STATE_CONFIRMED, OrderPayment.PAYMENT_STATE_REFUNDED), provider='giftcard'
|
||||
).exists():
|
||||
giftcard_sum = self.invoice.order.payments.filter(
|
||||
state__in=(OrderPayment.PAYMENT_STATE_CONFIRMED, OrderPayment.PAYMENT_STATE_REFUNDED),
|
||||
provider='giftcard'
|
||||
).aggregate(
|
||||
s=Sum('amount')
|
||||
)['s'] or Decimal('0.00')
|
||||
tdata.append([pgettext('invoice', 'Paid by gift card')] + (['', '', ''] if has_taxes else ['']) + [
|
||||
money_filter(giftcard_sum, self.invoice.event.currency)
|
||||
if self.invoice.event.settings.invoice_show_payments and not self.invoice.is_cancellation and \
|
||||
self.invoice.order.status == Order.STATUS_PENDING:
|
||||
pending_sum = self.invoice.order.pending_sum
|
||||
if pending_sum != total:
|
||||
tdata.append([pgettext('invoice', 'Received payments')] + (['', '', ''] if has_taxes else ['']) + [
|
||||
money_filter(pending_sum - total, self.invoice.event.currency)
|
||||
])
|
||||
tdata.append([pgettext('invoice', 'Remaining amount')] + (['', '', ''] if has_taxes else ['']) + [
|
||||
money_filter(total - giftcard_sum, self.invoice.event.currency)
|
||||
tdata.append([pgettext('invoice', 'Outstanding payments')] + (['', '', ''] if has_taxes else ['']) + [
|
||||
money_filter(pending_sum, self.invoice.event.currency)
|
||||
])
|
||||
tstyledata += [
|
||||
('FONTNAME', (0, len(tdata) - 3), (-1, len(tdata) - 3), self.font_bold),
|
||||
|
||||
@@ -34,9 +34,7 @@
|
||||
|
||||
import binascii
|
||||
import json
|
||||
import operator
|
||||
from datetime import timedelta
|
||||
from functools import reduce
|
||||
from urllib.parse import urlparse
|
||||
|
||||
import webauthn
|
||||
@@ -493,14 +491,11 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
|
||||
if request and self.has_active_staff_session(request.session.session_key):
|
||||
return Event.objects.all()
|
||||
|
||||
if isinstance(permission, (tuple, list)):
|
||||
q = reduce(operator.or_, [Q(**{p: True}) for p in permission])
|
||||
else:
|
||||
q = Q(**{permission: True})
|
||||
kwargs = {permission: True}
|
||||
|
||||
return Event.objects.filter(
|
||||
Q(organizer_id__in=self.teams.filter(q, all_events=True).values_list('organizer', flat=True))
|
||||
| Q(id__in=self.teams.filter(q).values_list('limit_events__id', flat=True))
|
||||
Q(organizer_id__in=self.teams.filter(all_events=True, **kwargs).values_list('organizer', flat=True))
|
||||
| Q(id__in=self.teams.filter(**kwargs).values_list('limit_events__id', flat=True))
|
||||
)
|
||||
|
||||
@scopes_disabled()
|
||||
|
||||
@@ -216,27 +216,6 @@ class Customer(LoggedModel):
|
||||
testmode=testmode,
|
||||
)
|
||||
|
||||
def send_activation_mail(self):
|
||||
from pretix.base.services.mail import mail
|
||||
from pretix.multidomain.urlreverse import build_absolute_uri
|
||||
from pretix.presale.forms.customer import TokenGenerator
|
||||
|
||||
ctx = self.get_email_context()
|
||||
token = TokenGenerator().make_token(self)
|
||||
ctx['url'] = build_absolute_uri(
|
||||
self.organizer,
|
||||
'presale:organizer.customer.activate'
|
||||
) + '?id=' + self.identifier + '&token=' + token
|
||||
mail(
|
||||
self.email,
|
||||
_('Activate your account at {organizer}').format(organizer=self.organizer.name),
|
||||
self.organizer.settings.mail_text_customer_registration,
|
||||
ctx,
|
||||
locale=self.locale,
|
||||
customer=self,
|
||||
organizer=self.organizer,
|
||||
)
|
||||
|
||||
|
||||
class AttendeeProfile(models.Model):
|
||||
customer = models.ForeignKey(
|
||||
|
||||
@@ -255,9 +255,7 @@ class Device(LoggedModel):
|
||||
:param request: Ignored, for compatibility with User model
|
||||
:return: Iterable of Events
|
||||
"""
|
||||
if (
|
||||
isinstance(permission, (list, tuple)) and any(p in self.permission_set() for p in permission)
|
||||
) or (isinstance(permission, str) and permission in self.permission_set()):
|
||||
if permission in self.permission_set():
|
||||
return self.get_events_with_any_permission()
|
||||
else:
|
||||
return self.organizer.events.none()
|
||||
|
||||
@@ -1448,10 +1448,7 @@ class SubEvent(EventMixin, LoggedModel):
|
||||
@property
|
||||
def meta_data(self):
|
||||
data = self.event.meta_data
|
||||
if hasattr(self, 'meta_values_cached'):
|
||||
data.update({v.property.name: v.value for v in self.meta_values_cached})
|
||||
else:
|
||||
data.update({v.property.name: v.value for v in self.meta_values.select_related('property').all()})
|
||||
data.update({v.property.name: v.value for v in self.meta_values.select_related('property').all()})
|
||||
return data
|
||||
|
||||
@property
|
||||
|
||||
@@ -461,9 +461,7 @@ class TeamAPIToken(models.Model):
|
||||
:param request: Ignored, for compatibility with User model
|
||||
:return: Iterable of Events
|
||||
"""
|
||||
if (
|
||||
isinstance(permission, (list, tuple)) and any(getattr(self.team, p, False) for p in permission)
|
||||
) or (isinstance(permission, str) and getattr(self.team, permission, False)):
|
||||
if getattr(self.team, permission, False):
|
||||
return self.get_events_with_any_permission()
|
||||
else:
|
||||
return self.team.organizer.events.none()
|
||||
|
||||
@@ -947,11 +947,11 @@ class CartManager:
|
||||
|
||||
if voucher_available_count < 1:
|
||||
if op.voucher in self._voucher_depend_on_cart:
|
||||
err = err or _(error_messages['voucher_redeemed_cart']) % self.event.settings.reservation_time
|
||||
err = err or error_messages['voucher_redeemed_cart'] % self.event.settings.reservation_time
|
||||
else:
|
||||
err = err or error_messages['voucher_redeemed']
|
||||
elif voucher_available_count < requested_count:
|
||||
err = err or _(error_messages['voucher_redeemed_partial']) % voucher_available_count
|
||||
err = err or error_messages['voucher_redeemed_partial'] % voucher_available_count
|
||||
|
||||
available_count = min(quota_available_count, voucher_available_count)
|
||||
|
||||
|
||||
@@ -540,8 +540,10 @@ class OrderComment(OrderView):
|
||||
self.order.log_action('pretix.event.order.checkin_attention', user=self.request.user, data={
|
||||
'new_value': form.cleaned_data.get('checkin_attention')
|
||||
})
|
||||
print(self.order.custom_followup_at)
|
||||
self.order.save(update_fields=['checkin_attention', 'comment', 'custom_followup_at'])
|
||||
self.order.refresh_from_db()
|
||||
print(self.order.custom_followup_at)
|
||||
messages.success(self.request, _('The comment has been updated.'))
|
||||
else:
|
||||
messages.error(self.request, _('Could not update the comment.'))
|
||||
|
||||
File diff suppressed because it is too large
Load Diff
@@ -5,7 +5,7 @@ msgstr ""
|
||||
"Project-Id-Version: 1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-07-01 07:49+0000\n"
|
||||
"PO-Revision-Date: 2022-07-22 11:11+0000\n"
|
||||
"PO-Revision-Date: 2022-07-01 08:03+0000\n"
|
||||
"Last-Translator: Raphael Michel <michel@rami.io>\n"
|
||||
"Language-Team: German <https://translate.pretix.eu/projects/pretix/pretix/de/"
|
||||
">\n"
|
||||
@@ -14,7 +14,7 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=n != 1;\n"
|
||||
"X-Generator: Weblate 4.13.1\n"
|
||||
"X-Generator: Weblate 4.12.2\n"
|
||||
"X-Poedit-Bookmarks: -1,-1,904,-1,-1,-1,-1,-1,-1,-1\n"
|
||||
|
||||
#: htmlcov/pretix_control_views_dashboards_py.html:963
|
||||
@@ -62,12 +62,11 @@ msgstr "pretixSCAN"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:76
|
||||
msgid "pretixSCAN (kiosk mode, no order sync, no search)"
|
||||
msgstr ""
|
||||
"pretixSCAN (Kiosk-Modus, keine Bestellungs-Synchronisierung, keine Suche)"
|
||||
msgstr "pretixSCAN (Kiosk-Modus, keine Bestell-Synchronisierung, keine Suche)"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:106
|
||||
msgid "pretixSCAN (online only, no order sync)"
|
||||
msgstr "pretixSCAN (nur online, keine Bestellungs-Synchronisierung)"
|
||||
msgstr "pretixSCAN (nur online, keine Bestellsynchronisierung)"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:137
|
||||
msgid "pretixPOS"
|
||||
@@ -79,11 +78,11 @@ msgstr "Name der Applikation"
|
||||
|
||||
#: pretix/api/models.py:42
|
||||
msgid "Redirection URIs"
|
||||
msgstr "Weiterleitungs-URIs"
|
||||
msgstr "URLs zur Weiterleitung"
|
||||
|
||||
#: pretix/api/models.py:43
|
||||
msgid "Allowed URIs list, space separated"
|
||||
msgstr "Liste erlaubter URIs, mit Leerzeichen getrennt"
|
||||
msgstr "Liste erlaubter URLs, mit Leerzeichen getrennt"
|
||||
|
||||
#: pretix/api/models.py:46 pretix/plugins/paypal/payment.py:112
|
||||
#: pretix/plugins/paypal2/payment.py:105
|
||||
@@ -121,7 +120,7 @@ msgstr "Das Produkt \"{}\" ist keinem Kontingent zugeordnet."
|
||||
msgid ""
|
||||
"There is not enough quota available on quota \"{}\" to perform the operation."
|
||||
msgstr ""
|
||||
"Das Kontingent \"{}\" hat nicht genug freie Kapazität für diese Änderung."
|
||||
"Das Kontingent \"{name}\" hat nicht genug freie Kapazität für diese Änderung."
|
||||
|
||||
#: pretix/api/serializers/cart.py:168 pretix/api/serializers/order.py:1091
|
||||
#: pretix/base/services/orders.py:1263
|
||||
|
||||
@@ -41,7 +41,6 @@ Bestätigungs
|
||||
Bestellbestätigungs
|
||||
Bestellungsänderungen
|
||||
Bestellungsstatus
|
||||
Bestellungs
|
||||
bez
|
||||
BezahlCode
|
||||
Bezahlmethode
|
||||
@@ -324,7 +323,6 @@ VIP
|
||||
WebAuthn
|
||||
Webhook
|
||||
Webhooks
|
||||
Weiterleitungs
|
||||
WeChat
|
||||
WhatsApp
|
||||
Widget
|
||||
|
||||
@@ -8,7 +8,7 @@ msgstr ""
|
||||
"Project-Id-Version: 1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-07-01 07:49+0000\n"
|
||||
"PO-Revision-Date: 2022-07-22 11:11+0000\n"
|
||||
"PO-Revision-Date: 2022-07-01 08:03+0000\n"
|
||||
"Last-Translator: Raphael Michel <michel@rami.io>\n"
|
||||
"Language-Team: German (informal) <https://translate.pretix.eu/projects/"
|
||||
"pretix/pretix/de_Informal/>\n"
|
||||
@@ -17,7 +17,7 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=n != 1;\n"
|
||||
"X-Generator: Weblate 4.13.1\n"
|
||||
"X-Generator: Weblate 4.12.2\n"
|
||||
|
||||
#: htmlcov/pretix_control_views_dashboards_py.html:963
|
||||
#: pretix/control/templates/pretixcontrol/events/index.html:140
|
||||
@@ -64,12 +64,11 @@ msgstr "pretixSCAN"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:76
|
||||
msgid "pretixSCAN (kiosk mode, no order sync, no search)"
|
||||
msgstr ""
|
||||
"pretixSCAN (Kiosk-Modus, keine Bestellungs-Synchronisierung, keine Suche)"
|
||||
msgstr "pretixSCAN (Kiosk-Modus, keine Bestell-Synchronisierung, keine Suche)"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:106
|
||||
msgid "pretixSCAN (online only, no order sync)"
|
||||
msgstr "pretixSCAN (nur online, keine Bestellungs-Synchronisierung)"
|
||||
msgstr "pretixSCAN (nur online, keine Bestellsynchronisierung)"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:137
|
||||
msgid "pretixPOS"
|
||||
@@ -81,11 +80,11 @@ msgstr "Name der Applikation"
|
||||
|
||||
#: pretix/api/models.py:42
|
||||
msgid "Redirection URIs"
|
||||
msgstr "Weiterleitungs-URIs"
|
||||
msgstr "URLs zur Weiterleitung"
|
||||
|
||||
#: pretix/api/models.py:43
|
||||
msgid "Allowed URIs list, space separated"
|
||||
msgstr "Liste erlaubter URIs, mit Leerzeichen getrennt"
|
||||
msgstr "Liste erlaubter URLs, mit Leerzeichen getrennt"
|
||||
|
||||
#: pretix/api/models.py:46 pretix/plugins/paypal/payment.py:112
|
||||
#: pretix/plugins/paypal2/payment.py:105
|
||||
@@ -123,7 +122,7 @@ msgstr "Das Produkt \"{}\" ist keinem Kontingent zugeordnet."
|
||||
msgid ""
|
||||
"There is not enough quota available on quota \"{}\" to perform the operation."
|
||||
msgstr ""
|
||||
"Das Kontingent \"{}\" hat nicht genug freie Kapazität für diese Änderung."
|
||||
"Das Kontingent \"{name}\" hat nicht genug freie Kapazität für diese Änderung."
|
||||
|
||||
#: pretix/api/serializers/cart.py:168 pretix/api/serializers/order.py:1091
|
||||
#: pretix/base/services/orders.py:1263
|
||||
|
||||
@@ -41,7 +41,6 @@ Bestätigungs
|
||||
Bestellbestätigungs
|
||||
Bestellungsänderungen
|
||||
Bestellungsstatus
|
||||
Bestellungs
|
||||
bez
|
||||
BezahlCode
|
||||
Bezahlmethode
|
||||
@@ -324,7 +323,6 @@ VIP
|
||||
WebAuthn
|
||||
Webhook
|
||||
Webhooks
|
||||
Weiterleitungs
|
||||
WeChat
|
||||
WhatsApp
|
||||
Widget
|
||||
|
||||
@@ -4,8 +4,8 @@ msgstr ""
|
||||
"Project-Id-Version: 1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-07-01 07:49+0000\n"
|
||||
"PO-Revision-Date: 2022-07-22 07:00+0000\n"
|
||||
"Last-Translator: Julius Rickert <pretix@juliusrickert.de>\n"
|
||||
"PO-Revision-Date: 2022-06-26 18:00+0000\n"
|
||||
"Last-Translator: Hari Har Wolfer <harihar@sri-ma.de>\n"
|
||||
"Language-Team: French <https://translate.pretix.eu/projects/pretix/pretix/fr/"
|
||||
">\n"
|
||||
"Language: fr\n"
|
||||
@@ -13,7 +13,7 @@ msgstr ""
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=n > 1;\n"
|
||||
"X-Generator: Weblate 4.13.1\n"
|
||||
"X-Generator: Weblate 4.12.2\n"
|
||||
|
||||
#: htmlcov/pretix_control_views_dashboards_py.html:963
|
||||
#: pretix/control/templates/pretixcontrol/events/index.html:140
|
||||
@@ -53,8 +53,10 @@ msgid ""
|
||||
msgstr ""
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:44
|
||||
#, fuzzy
|
||||
#| msgid "1. Download pretixdesk"
|
||||
msgid "pretixSCAN"
|
||||
msgstr "pretixSCANNER"
|
||||
msgstr "1. Télécharger pretixdesk"
|
||||
|
||||
#: pretix/api/auth/devicesecurity.py:76
|
||||
msgid "pretixSCAN (kiosk mode, no order sync, no search)"
|
||||
@@ -2198,7 +2200,7 @@ msgid ""
|
||||
"Invalid placeholder syntax: You used a different number of \"{\" than of "
|
||||
"\"}\"."
|
||||
msgstr ""
|
||||
"Syntaxe de substitution invalide : vous devriez utiliser des numéros "
|
||||
"Syntaxe de substitution invalide: vous devriez utiliser des numéros "
|
||||
"différents de \"{\" ou de \"}\"."
|
||||
|
||||
#: pretix/base/forms/validators.py:73
|
||||
|
||||
@@ -7,16 +7,16 @@ msgstr ""
|
||||
"Project-Id-Version: 1\n"
|
||||
"Report-Msgid-Bugs-To: \n"
|
||||
"POT-Creation-Date: 2022-07-01 07:49+0000\n"
|
||||
"PO-Revision-Date: 2022-07-06 21:00+0000\n"
|
||||
"Last-Translator: Hans Fraiponts <fraiponts@gmail.com>\n"
|
||||
"Language-Team: Dutch <https://translate.pretix.eu/projects/pretix/pretix/nl/>"
|
||||
"\n"
|
||||
"PO-Revision-Date: 2021-11-15 00:00+0000\n"
|
||||
"Last-Translator: Maarten van den Berg <maartenberg1@gmail.com>\n"
|
||||
"Language-Team: Dutch <https://translate.pretix.eu/projects/pretix/pretix/nl/"
|
||||
">\n"
|
||||
"Language: nl\n"
|
||||
"MIME-Version: 1.0\n"
|
||||
"Content-Type: text/plain; charset=UTF-8\n"
|
||||
"Content-Transfer-Encoding: 8bit\n"
|
||||
"Plural-Forms: nplurals=2; plural=n != 1;\n"
|
||||
"X-Generator: Weblate 4.12.2\n"
|
||||
"X-Generator: Weblate 4.8\n"
|
||||
|
||||
#: htmlcov/pretix_control_views_dashboards_py.html:963
|
||||
#: pretix/control/templates/pretixcontrol/events/index.html:140
|
||||
@@ -1367,8 +1367,10 @@ msgstr "E-mailadres gecontroleerd"
|
||||
#: pretix/base/exporters/orderlist.py:297
|
||||
#: pretix/base/exporters/orderlist.py:464
|
||||
#: pretix/base/exporters/orderlist.py:618
|
||||
#, fuzzy
|
||||
#| msgid "Customer ID"
|
||||
msgid "External customer ID"
|
||||
msgstr "Externe Klantnummer"
|
||||
msgstr "Klantnummer"
|
||||
|
||||
#: pretix/base/exporters/orderlist.py:302
|
||||
#, python-brace-format
|
||||
@@ -1975,8 +1977,10 @@ msgid "Repeat password"
|
||||
msgstr "Herhaal wachtwoord"
|
||||
|
||||
#: pretix/base/forms/questions.py:198
|
||||
#, fuzzy
|
||||
#| msgid "Please enter a shorter name."
|
||||
msgid "Please do not use special characters in names."
|
||||
msgstr "Gelieve geen bijzondere tekens te gebruiken in namen."
|
||||
msgstr "Vul alstublieft een kortere naam in."
|
||||
|
||||
#: pretix/base/forms/questions.py:257
|
||||
msgid "Please enter a shorter name."
|
||||
@@ -2091,7 +2095,7 @@ msgstr "Het huidige wachtwoord dat u heeft ingevoerd is niet correct."
|
||||
|
||||
#: pretix/base/forms/user.py:58
|
||||
msgid "Please choose a password different to your current one."
|
||||
msgstr "Kies een wachtwoord dat niet hetzelfde is als het huidige alstublieft."
|
||||
msgstr ""
|
||||
|
||||
#: pretix/base/forms/user.py:63 pretix/presale/forms/customer.py:386
|
||||
#: pretix/presale/forms/customer.py:455
|
||||
@@ -2382,8 +2386,10 @@ msgid "Date joined"
|
||||
msgstr "Datum toegevoegd"
|
||||
|
||||
#: pretix/base/models/auth.py:254
|
||||
#, fuzzy
|
||||
#| msgid "Request a new password"
|
||||
msgid "Force user to select a new password"
|
||||
msgstr "Verplicht de gebruiker een nieuw wachtwoord aan te vragen"
|
||||
msgstr "Nieuw wachtwoord aanvragen"
|
||||
|
||||
#: pretix/base/models/auth.py:261
|
||||
msgid "Timezone"
|
||||
@@ -2553,8 +2559,6 @@ msgid ""
|
||||
"The identifier may only contain letters, numbers, dots, dashes, and "
|
||||
"underscores. It must start and end with a letter or number."
|
||||
msgstr ""
|
||||
"De unieke code mag enkel letters, cijfers, punten, streepjes en liggende "
|
||||
"streepjes bevatten. Het moet beginnen met een letter of nummer."
|
||||
|
||||
#: pretix/base/models/customers.py:65
|
||||
msgid "Account active"
|
||||
@@ -2578,13 +2582,15 @@ msgstr "Registratiedatum"
|
||||
#: pretix/control/templates/pretixcontrol/organizers/customer.html:31
|
||||
#: pretix/control/templates/pretixcontrol/organizers/customers.html:65
|
||||
#: pretix/control/templates/pretixcontrol/users/form.html:43
|
||||
#, fuzzy
|
||||
#| msgid "Internal identifier"
|
||||
msgid "External identifier"
|
||||
msgstr "Externe unieke code"
|
||||
msgstr "Intern kenmerk"
|
||||
|
||||
#: pretix/base/models/customers.py:75
|
||||
#: pretix/control/templates/pretixcontrol/organizers/customer.html:67
|
||||
msgid "Notes"
|
||||
msgstr "Notas"
|
||||
msgstr ""
|
||||
|
||||
#: pretix/base/models/customers.py:238 pretix/base/models/orders.py:1318
|
||||
#: pretix/base/models/orders.py:2693 pretix/base/settings.py:841
|
||||
@@ -2625,17 +2631,21 @@ msgstr "Initialisatiedatum"
|
||||
#: pretix/base/models/discount.py:44
|
||||
msgctxt "subevent"
|
||||
msgid "Dates can be mixed without limitation"
|
||||
msgstr "Datums kunnen gecombineerd worden zonder beperking"
|
||||
msgstr ""
|
||||
|
||||
#: pretix/base/models/discount.py:45
|
||||
#, fuzzy
|
||||
#| msgid "Multiple matching products were found."
|
||||
msgctxt "subevent"
|
||||
msgid "All matching products must be for the same date"
|
||||
msgstr "Alle overeenkomende producten moeten op dezelfde datum plaats vinden"
|
||||
msgstr "Er zijn meerdere overeenkomende producten gevonden."
|
||||
|
||||
#: pretix/base/models/discount.py:46
|
||||
#, fuzzy
|
||||
#| msgid "Add tickets for a different date"
|
||||
msgctxt "subevent"
|
||||
msgid "Each matching product must be for a different date"
|
||||
msgstr "Elk toegevoegde ticket moet op een andere datum zijn"
|
||||
msgstr "Voeg tickets voor een andere datum toe"
|
||||
|
||||
#: pretix/base/models/discount.py:55 pretix/base/models/event.py:1296
|
||||
#: pretix/base/models/items.py:368 pretix/base/models/items.py:784
|
||||
@@ -2691,12 +2701,16 @@ msgid "Event series handling"
|
||||
msgstr "Evenementenreeks: datum aangepast"
|
||||
|
||||
#: pretix/base/models/discount.py:92
|
||||
#, fuzzy
|
||||
#| msgid "All products (including newly created ones)"
|
||||
msgid "Apply to all products (including newly created ones)"
|
||||
msgstr "Pas toe op alle producten (inclusief nieuw gemaakte)"
|
||||
msgstr "Alle producten (inclusief nieuw gemaakte)"
|
||||
|
||||
#: pretix/base/models/discount.py:96
|
||||
#, fuzzy
|
||||
#| msgid "Apply to products"
|
||||
msgid "Apply to specific products"
|
||||
msgstr "Pas toe op specifieke producten"
|
||||
msgstr "Toepassen op producten"
|
||||
|
||||
#: pretix/base/models/discount.py:101
|
||||
#, fuzzy
|
||||
@@ -2706,11 +2720,11 @@ msgstr "Toepassen op producten"
|
||||
|
||||
#: pretix/base/models/discount.py:102
|
||||
msgid "Discounts never apply to bundled products"
|
||||
msgstr "Kortingen zijn nooit van toepassing op gebundelde producten"
|
||||
msgstr ""
|
||||
|
||||
#: pretix/base/models/discount.py:106
|
||||
msgid "Ignore products discounted by a voucher"
|
||||
msgstr "Negeer producten die korting krijgen door een voucher"
|
||||
msgstr ""
|
||||
|
||||
#: pretix/base/models/discount.py:107
|
||||
msgid ""
|
||||
@@ -2719,10 +2733,6 @@ msgid ""
|
||||
"use a voucher only to e.g. unlock a hidden product or gain access to sold-"
|
||||
"out quota will still receive the discount."
|
||||
msgstr ""
|
||||
"Als deze optie is aangevinkt, worden producten die korting kregen door een "
|
||||
"voucher niet in rekening genomen voor deze korting. Echter producten die een "
|
||||
"voucher alleen gebruiken om bvb een verborgen product te tonen of om toegang "
|
||||
"te krijgen tot uitverkochte producten zullen nog steeds een korting krijgen."
|
||||
|
||||
#: pretix/base/models/discount.py:112
|
||||
#, fuzzy
|
||||
@@ -2740,7 +2750,7 @@ msgstr ""
|
||||
|
||||
#: pretix/base/models/discount.py:130
|
||||
msgid "Apply discount only to this number of matching products"
|
||||
msgstr "Pas de korting enkel toe op dit aantal relevante producten"
|
||||
msgstr ""
|
||||
|
||||
#: pretix/base/models/discount.py:132
|
||||
msgid ""
|
||||
|
||||
@@ -41,7 +41,9 @@ from pretix.base.forms.questions import (
|
||||
)
|
||||
from pretix.base.i18n import get_language_without_region
|
||||
from pretix.base.models import Customer
|
||||
from pretix.base.services.mail import mail
|
||||
from pretix.helpers.http import get_client_ip
|
||||
from pretix.multidomain.urlreverse import build_absolute_uri
|
||||
|
||||
|
||||
class TokenGenerator(PasswordResetTokenGenerator):
|
||||
@@ -266,7 +268,19 @@ class RegistrationForm(forms.Form):
|
||||
customer.set_unusable_password()
|
||||
customer.save()
|
||||
customer.log_action('pretix.customer.created', {})
|
||||
customer.send_activation_mail()
|
||||
ctx = customer.get_email_context()
|
||||
token = TokenGenerator().make_token(customer)
|
||||
ctx['url'] = build_absolute_uri(self.request.organizer,
|
||||
'presale:organizer.customer.activate') + '?id=' + customer.identifier + '&token=' + token
|
||||
mail(
|
||||
customer.email,
|
||||
_('Activate your account at {organizer}').format(organizer=self.request.organizer.name),
|
||||
self.request.organizer.settings.mail_text_customer_registration,
|
||||
ctx,
|
||||
locale=customer.locale,
|
||||
customer=customer,
|
||||
organizer=self.request.organizer,
|
||||
)
|
||||
return customer
|
||||
|
||||
|
||||
|
||||
@@ -127,29 +127,28 @@
|
||||
</del>
|
||||
<ins><span class="sr-only">{% trans "New price:" %}</span>
|
||||
{% endif %}
|
||||
{% if item.free_price %}
|
||||
<div class="input-group input-group-price">
|
||||
<span class="input-group-addon">{{ event.currency }}</span>
|
||||
<input type="number" class="form-control input-item-price"
|
||||
id="price-variation-{{form.pos.pk}}-{{ item.pk }}-{{ var.pk }}"
|
||||
placeholder="0"
|
||||
min="{% if event.settings.display_net_prices %}{{ var.display_price.net|money_numberfield:event.currency }}{% else %}{{ var.display_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
name="cp_{{ form.pos.pk }}_variation_{{ item.id }}_{{ var.id }}_price"
|
||||
title="{% blocktrans trimmed with item=var.value %}Modify price for {{ item }}{% endblocktrans %}"
|
||||
step="any"
|
||||
value="{% if event.settings.display_net_prices %}{{ var.initial_price.net|money_numberfield:event.currency }}{% else %}{{ var.initial_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
>
|
||||
</div>
|
||||
{% elif not var.display_price.gross %}
|
||||
<span class="text-uppercase">{% trans "free" context "price" %}</span>
|
||||
{% elif event.settings.display_net_prices %}
|
||||
{{ var.display_price.net|money:event.currency }}
|
||||
{% else %}
|
||||
{{ var.display_price.gross|money:event.currency }}
|
||||
{% endif %}
|
||||
{% if item.original_price or var.original_price %}
|
||||
</ins>
|
||||
{% endif %}
|
||||
{% if item.free_price %}
|
||||
<div class="input-group input-group-price">
|
||||
<span class="input-group-addon">{{ event.currency }}</span>
|
||||
<input type="number" class="form-control input-item-price"
|
||||
id="price-variation-{{form.pos.pk}}-{{ item.pk }}-{{ var.pk }}"
|
||||
placeholder="0"
|
||||
min="{% if event.settings.display_net_prices %}{{ var.display_price.net|money_numberfield:event.currency }}{% else %}{{ var.display_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
name="cp_{{ form.pos.pk }}_variation_{{ item.id }}_{{ var.id }}_price"
|
||||
title="{% blocktrans trimmed with item=var.value %}Modify price for {{ item }}{% endblocktrans %}"
|
||||
step="any"
|
||||
value="{% if event.settings.display_net_prices %}{{ var.initial_price.net|money_numberfield:event.currency }}{% else %}{{ var.initial_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
>
|
||||
</div>
|
||||
{% elif not var.display_price.gross %}
|
||||
{% elif event.settings.display_net_prices %}
|
||||
{{ var.display_price.net|money:event.currency }}
|
||||
{% else %}
|
||||
{{ var.display_price.gross|money:event.currency }}
|
||||
{% endif %}
|
||||
{% if item.original_price or var.original_price %}
|
||||
</ins>
|
||||
{% endif %}
|
||||
{% if item.includes_mixed_tax_rate %}
|
||||
{% if event.settings.display_net_prices %}
|
||||
<small>{% trans "plus taxes" %}</small>
|
||||
@@ -182,7 +181,6 @@
|
||||
name="cp_{{ form.pos.pk }}_variation_{{ item.id }}_{{ var.id }}"
|
||||
data-exclusive-prefix="cp_{{ form.pos.pk }}_variation_{{ item.id }}_"
|
||||
aria-label="{% blocktrans with item=item.name var=var %}Add {{ item }}, {{ var }} to cart{% endblocktrans %}">
|
||||
<i class="fa fa-cart-plus fa-lg" aria-hidden="true"></i>
|
||||
</label>
|
||||
{% else %}
|
||||
<input type="number" class="form-control input-item-count" placeholder="0" min="0"
|
||||
@@ -250,24 +248,23 @@
|
||||
</del>
|
||||
<ins><span class="sr-only">{% trans "New price:" %}</span>
|
||||
{% endif %}
|
||||
{% if item.free_price %}
|
||||
<div class="input-group input-group-price">
|
||||
<span class="input-group-addon">{{ event.currency }}</span>
|
||||
<input type="number" class="form-control input-item-price" placeholder="0"
|
||||
id="price-item-{{ form.pos.pk }}-{{ item.pk }}"
|
||||
min="{% if event.settings.display_net_prices %}{{ item.display_price.net|money_numberfield:event.currency }}{% else %}{{ item.display_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
name="cp_{{ form.pos.pk }}_item_{{ item.id }}_price"
|
||||
title="{% blocktrans trimmed with item=item.name %}Modify price for {{ item }}{% endblocktrans %}"
|
||||
value="{% if event.settings.display_net_prices %}{{ item.initial_price.net|money_numberfield:event.currency }}{% else %}{{ item.initial_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
step="any">
|
||||
</div>
|
||||
{% elif not item.display_price.gross %}
|
||||
<span class="text-uppercase">{% trans "free" context "price" %}</span>
|
||||
{% elif event.settings.display_net_prices %}
|
||||
{{ item.display_price.net|money:event.currency }}
|
||||
{% else %}
|
||||
{{ item.display_price.gross|money:event.currency }}
|
||||
{% endif %}
|
||||
{% if item.free_price %}
|
||||
<div class="input-group input-group-price">
|
||||
<span class="input-group-addon">{{ event.currency }}</span>
|
||||
<input type="number" class="form-control input-item-price" placeholder="0"
|
||||
id="price-item-{{ form.pos.pk }}-{{ item.pk }}"
|
||||
min="{% if event.settings.display_net_prices %}{{ item.display_price.net|money_numberfield:event.currency }}{% else %}{{ item.display_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
name="cp_{{ form.pos.pk }}_item_{{ item.id }}_price"
|
||||
title="{% blocktrans trimmed with item=item.name %}Modify price for {{ item }}{% endblocktrans %}"
|
||||
value="{% if event.settings.display_net_prices %}{{ item.initial_price.net|money_numberfield:event.currency }}{% else %}{{ item.initial_price.gross|money_numberfield:event.currency }}{% endif %}"
|
||||
step="any">
|
||||
</div>
|
||||
{% elif not item.display_price.gross %}
|
||||
{% elif event.settings.display_net_prices %}
|
||||
{{ item.display_price.net|money:event.currency }}
|
||||
{% else %}
|
||||
{{ item.display_price.gross|money:event.currency }}
|
||||
{% endif %}
|
||||
{% if item.original_price %}
|
||||
</ins>
|
||||
{% endif %}
|
||||
@@ -309,7 +306,6 @@
|
||||
id="cp_{{ form.pos.pk }}_item_{{ item.id }}"
|
||||
aria-label="{% blocktrans with item=item.name %}Add {{ item }} to cart{% endblocktrans %}"
|
||||
{% if item.description %} aria-describedby="cp-{{ form.pos.pk }}-item-{{ item.id }}-description"{% endif %}>
|
||||
<i class="fa fa-cart-plus fa-lg" aria-hidden="true"></i>
|
||||
</label>
|
||||
{% else %}
|
||||
<input type="number" class="form-control input-item-count" placeholder="0" min="0"
|
||||
|
||||
@@ -276,7 +276,7 @@
|
||||
</div>
|
||||
<p>
|
||||
{% elif not item.display_price.gross %}
|
||||
<span class="text-uppercase">{% trans "free" context "price" %}</span>
|
||||
{% trans "FREE" context "price" %}
|
||||
{% elif event.settings.display_net_prices %}
|
||||
{{ item.display_price.net|money:event.currency }}
|
||||
{% else %}
|
||||
|
||||
@@ -224,12 +224,12 @@ class WidgetAPIProductList(EventListMixin, View):
|
||||
def _get_items(self):
|
||||
qs = self.request.event.items
|
||||
if 'items' in self.request.GET:
|
||||
qs = qs.filter(pk__in=[pk.strip() for pk in self.request.GET.get('items').split(",") if pk.strip().isdigit()])
|
||||
qs = qs.filter(pk__in=[pk for pk in self.request.GET.get('items').split(",") if pk.isdigit()])
|
||||
if 'categories' in self.request.GET:
|
||||
qs = qs.filter(category__pk__in=[pk.strip() for pk in self.request.GET.get('categories').split(",") if pk.strip().isdigit()])
|
||||
qs = qs.filter(category__pk__in=[pk for pk in self.request.GET.get('categories').split(",") if pk.isdigit()])
|
||||
variation_filter = None
|
||||
if 'variations' in self.request.GET:
|
||||
variation_filter = [int(pk.strip()) for pk in self.request.GET.get('variations').split(",") if pk.strip().isdigit()]
|
||||
variation_filter = [int(pk) for pk in self.request.GET.get('variations').split(",") if pk.isdigit()]
|
||||
qs = qs.filter(
|
||||
pk__in=ItemVariation.objects.filter(
|
||||
item__event=self.request.event,
|
||||
|
||||
@@ -199,7 +199,6 @@ function setup_basics(el) {
|
||||
});
|
||||
$(".has-error").each(function() {
|
||||
var target = target = $(":input", this);
|
||||
if (!target || !target.attr("aria-describedby")) return;
|
||||
var desc = $("#" + target.attr("aria-describedby").split(' ', 1)[0]);
|
||||
// multi-input fields have a role=group with aria-labelledby
|
||||
var label = this.hasAttribute("aria-labelledby") ? $("#" + this.getAttribute("aria-labelledby")) : $("[for="+target.attr("id")+"]");
|
||||
|
||||
@@ -1398,9 +1398,6 @@ var shared_root_methods = {
|
||||
if (this.$root.category_filter) {
|
||||
url += '&categories=' + encodeURIComponent(this.$root.category_filter);
|
||||
}
|
||||
if (this.$root.variation_filter) {
|
||||
url += '&variations=' + encodeURIComponent(this.$root.variation_filter);
|
||||
}
|
||||
var cart_id = getCookie(this.cookieName);
|
||||
if (this.$root.voucher_code) {
|
||||
url += '&voucher=' + encodeURIComponent(this.$root.voucher_code);
|
||||
@@ -1467,7 +1464,7 @@ var shared_root_methods = {
|
||||
root.error = data.error;
|
||||
root.display_add_to_cart = data.display_add_to_cart;
|
||||
root.waiting_list_enabled = data.waiting_list_enabled;
|
||||
root.show_variations_expanded = data.show_variations_expanded || !!root.variation_filter;
|
||||
root.show_variations_expanded = data.show_variations_expanded;
|
||||
root.cart_id = cart_id;
|
||||
root.cart_exists = data.cart_exists;
|
||||
root.vouchers_exist = data.vouchers_exist;
|
||||
@@ -1668,7 +1665,6 @@ var create_widget = function (element) {
|
||||
var widget_data = JSON.parse(JSON.stringify(window.PretixWidget.widget_data));
|
||||
var filter = element.attributes.filter ? element.attributes.filter.value : null;
|
||||
var items = element.attributes.items ? element.attributes.items.value : null;
|
||||
var variations = element.attributes.variations ? element.attributes.variations.value : null;
|
||||
var categories = element.attributes.categories ? element.attributes.categories.value : null;
|
||||
for (var i = 0; i < element.attributes.length; i++) {
|
||||
var attrib = element.attributes[i];
|
||||
@@ -1700,11 +1696,10 @@ var create_widget = function (element) {
|
||||
filter: filter,
|
||||
item_filter: items,
|
||||
category_filter: categories,
|
||||
variation_filter: variations,
|
||||
voucher_code: voucher,
|
||||
display_net_prices: false,
|
||||
voucher_explanation_text: null,
|
||||
show_variations_expanded: !!variations,
|
||||
show_variations_expanded: false,
|
||||
skip_ssl: skip_ssl,
|
||||
disable_iframe: disable_iframe,
|
||||
style: style,
|
||||
|
||||
@@ -220,7 +220,7 @@ setup(
|
||||
'redis==3.5.*',
|
||||
'reportlab==3.6.*',
|
||||
'requests==2.27.*',
|
||||
'sentry-sdk==1.8.*',
|
||||
'sentry-sdk==1.5.*',
|
||||
'sepaxml==2.4.*,>=2.4.1',
|
||||
'slimit',
|
||||
'static3==0.7.*',
|
||||
|
||||
@@ -229,14 +229,13 @@ def clist_all(event, item):
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_list_list(token_client, organizer, event, clist, item, subevent, django_assert_num_queries):
|
||||
def test_list_list(token_client, organizer, event, clist, item, subevent):
|
||||
res = dict(TEST_LIST_RES)
|
||||
res["id"] = clist.pk
|
||||
res["limit_products"] = [item.pk]
|
||||
res["auto_checkin_sales_channels"] = []
|
||||
|
||||
with django_assert_num_queries(11):
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/'.format(organizer.slug, event.slug))
|
||||
assert resp.status_code == 200
|
||||
assert [res] == resp.data['results']
|
||||
|
||||
@@ -437,7 +436,7 @@ def test_list_update(token_client, organizer, event, clist):
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_list_all_items_positions(token_client, organizer, event, clist, clist_all, item, other_item, order, django_assert_num_queries):
|
||||
def test_list_all_items_positions(token_client, organizer, event, clist, clist_all, item, other_item, order):
|
||||
with scopes_disabled():
|
||||
p1 = dict(TEST_ORDERPOSITION1_RES)
|
||||
p1["id"] = order.positions.get(positionid=1).pk
|
||||
@@ -451,10 +450,9 @@ def test_list_all_items_positions(token_client, organizer, event, clist, clist_a
|
||||
p3["addon_to"] = p1["id"]
|
||||
|
||||
# All items
|
||||
with django_assert_num_queries(23):
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/?ordering=positionid'.format(
|
||||
organizer.slug, event.slug, clist_all.pk
|
||||
))
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/?ordering=positionid'.format(
|
||||
organizer.slug, event.slug, clist_all.pk
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert [p1, p2, p3] == resp.data['results']
|
||||
|
||||
@@ -686,31 +684,17 @@ def test_status(token_client, organizer, event, clist_all, item, other_item, ord
|
||||
]
|
||||
|
||||
|
||||
def _redeem(token_client, org, clist, p, body=None):
|
||||
return token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
org.slug, clist.event.slug, clist.pk, p
|
||||
), body or {}, format='json')
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_query_load(token_client, organizer, clist, event, order, django_assert_max_num_queries):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first().pk
|
||||
with django_assert_max_num_queries(30):
|
||||
resp = _redeem(token_client, organizer, clist, p)
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_custom_datetime(token_client, organizer, clist, event, order):
|
||||
dt = now() - datetime.timedelta(days=1)
|
||||
dt = dt.replace(microsecond=0)
|
||||
with scopes_disabled():
|
||||
p = order.positions.first().pk
|
||||
resp = _redeem(token_client, organizer, clist, p, {
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p
|
||||
), {
|
||||
'datetime': dt.isoformat()
|
||||
})
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -726,7 +710,9 @@ def test_name_fallback(token_client, organizer, clist, event, order):
|
||||
op.attendee_name_cached = None
|
||||
op.attendee_name_parts = {}
|
||||
op.save()
|
||||
resp = _redeem(token_client, organizer, clist, op.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, op.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
assert resp.data['position']['attendee_name'] == 'Paul'
|
||||
@@ -737,7 +723,9 @@ def test_name_fallback(token_client, organizer, clist, event, order):
|
||||
def test_by_secret(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.secret
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -748,7 +736,9 @@ def test_by_secret_special_chars(token_client, organizer, clist, event, order):
|
||||
p = order.positions.first()
|
||||
p.secret = "abc+-/=="
|
||||
p.save()
|
||||
resp = _redeem(token_client, organizer, clist, urlquote(p.secret, safe=''), {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, urlquote(p.secret, safe='')
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -759,7 +749,9 @@ def test_by_secret_special_chars_space_fallback(token_client, organizer, clist,
|
||||
p = order.positions.first()
|
||||
p.secret = "foo bar"
|
||||
p.save()
|
||||
resp = _redeem(token_client, organizer, clist, "foo+bar", {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, "foo+bar"
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -768,10 +760,14 @@ def test_by_secret_special_chars_space_fallback(token_client, organizer, clist,
|
||||
def test_only_once(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'already_redeemed'
|
||||
@@ -781,10 +777,14 @@ def test_only_once(token_client, organizer, clist, event, order):
|
||||
def test_reupload_same_nonce(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'nonce': 'foobar'})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'nonce': 'foobar'}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'nonce': 'foobar'})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'nonce': 'foobar'}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -795,10 +795,14 @@ def test_allow_multiple(token_client, organizer, clist, event, order):
|
||||
clist.save()
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -811,10 +815,14 @@ def test_allow_multiple_reupload_same_nonce(token_client, organizer, clist, even
|
||||
clist.save()
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'nonce': 'foobar'})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'nonce': 'foobar'}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'nonce': 'foobar'})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'nonce': 'foobar'}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -825,10 +833,14 @@ def test_allow_multiple_reupload_same_nonce(token_client, organizer, clist, even
|
||||
def test_multiple_different_list(token_client, organizer, clist, clist_all, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'nonce': 'foobar'})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'nonce': 'foobar'}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist_all, p.pk, {'nonce': 'baz'})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist_all.pk, p.pk
|
||||
), {'nonce': 'baz'}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -837,10 +849,14 @@ def test_multiple_different_list(token_client, organizer, clist, clist_all, even
|
||||
def test_forced_multiple(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'force': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'force': True}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -849,13 +865,17 @@ def test_forced_multiple(token_client, organizer, clist, event, order):
|
||||
def test_forced_flag_set_if_required(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'force': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'force': True}, format='json')
|
||||
with scopes_disabled():
|
||||
assert not p.checkins.order_by('pk').last().forced
|
||||
assert p.checkins.order_by('pk').last().force_sent
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'force': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'force': True}, format='json')
|
||||
with scopes_disabled():
|
||||
assert p.checkins.order_by('pk').last().forced
|
||||
assert p.checkins.order_by('pk').last().force_sent
|
||||
@@ -869,7 +889,9 @@ def test_require_product(token_client, organizer, clist, event, order):
|
||||
clist.limit_products.clear()
|
||||
p = order.positions.first()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'product'
|
||||
@@ -882,24 +904,32 @@ def test_require_paid(token_client, organizer, clist, event, order):
|
||||
|
||||
order.status = Order.STATUS_CANCELED
|
||||
order.save()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'canceled_supported': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'canceled_supported': True}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'canceled'
|
||||
|
||||
order.status = Order.STATUS_PENDING
|
||||
order.save()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'ignore_unpaid': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'ignore_unpaid': True}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
@@ -907,12 +937,16 @@ def test_require_paid(token_client, organizer, clist, event, order):
|
||||
clist.include_pending = True
|
||||
clist.save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'ignore_unpaid': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'ignore_unpaid': True}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -934,13 +968,17 @@ def test_question_number(token_client, organizer, clist, event, order, question)
|
||||
question[0].type = 'N'
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: "3.24"}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: "3.24"}}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -951,13 +989,17 @@ def test_question_number(token_client, organizer, clist, event, order, question)
|
||||
def test_question_choice(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: str(question[1].pk)}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: str(question[1].pk)}}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -969,13 +1011,17 @@ def test_question_choice(token_client, organizer, clist, event, order, question)
|
||||
def test_question_choice_identifier(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: str(question[1].identifier)}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: str(question[1].identifier)}}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -987,7 +1033,9 @@ def test_question_choice_identifier(token_client, organizer, clist, event, order
|
||||
def test_question_invalid(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: "A"}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: "A"}}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
@@ -1001,13 +1049,17 @@ def test_question_required(token_client, organizer, clist, event, order, questio
|
||||
question[0].required = True
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: ""}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: ""}}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
@@ -1021,13 +1073,17 @@ def test_question_optional(token_client, organizer, clist, event, order, questio
|
||||
question[0].required = False
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: ""}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: ""}}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
@@ -1039,13 +1095,17 @@ def test_question_multiple_choice(token_client, organizer, clist, event, order,
|
||||
question[0].type = 'M'
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: "{},{}".format(question[1].pk, question[2].pk)}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: "{},{}".format(question[1].pk, question[2].pk)}}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -1072,17 +1132,23 @@ def test_question_upload(token_client, organizer, clist, event, order, question)
|
||||
question[0].type = 'F'
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: "invalid"}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: "invalid"}}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {'answers': {question[0].pk: file_id_png}})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {'answers': {question[0].pk: file_id_png}}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
@@ -1134,7 +1200,11 @@ def test_store_failed(token_client, organizer, clist, event, order):
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_unknown(token_client, organizer, clist, event, order):
|
||||
resp = _redeem(token_client, organizer, clist, 'unknown_secret', {'force': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'unknown_secret'
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 404
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "invalid"
|
||||
@@ -1147,7 +1217,10 @@ def test_redeem_unknown_revoked(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
event.revoked_secrets.create(position=p, secret='revoked_secret')
|
||||
resp = _redeem(token_client, organizer, clist, 'revoked_secret', {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'revoked_secret'
|
||||
), {
|
||||
}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "revoked"
|
||||
@@ -1160,7 +1233,11 @@ def test_redeem_unknown_revoked_force(token_client, organizer, clist, event, ord
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
event.revoked_secrets.create(position=p, secret='revoked_secret')
|
||||
resp = _redeem(token_client, organizer, clist, 'revoked_secret', {'force': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'revoked_secret'
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data["status"] == "ok"
|
||||
with scopes_disabled():
|
||||
@@ -1175,7 +1252,11 @@ def test_redeem_unknown_legacy_device_bug(device, device_client, organizer, clis
|
||||
device.software_brand = "pretixSCAN"
|
||||
device.software_version = "1.11.1"
|
||||
device.save()
|
||||
resp = _redeem(device_client, organizer, clist, 'unknown_secret', {'force': True})
|
||||
resp = device_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'unknown_secret'
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "already_redeemed"
|
||||
@@ -1185,7 +1266,11 @@ def test_redeem_unknown_legacy_device_bug(device, device_client, organizer, clis
|
||||
device.software_brand = "pretixSCAN"
|
||||
device.software_version = "1.11.2"
|
||||
device.save()
|
||||
resp = _redeem(device_client, organizer, clist, 'unknown_secret', {'force': True})
|
||||
resp = device_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'unknown_secret'
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 404
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "invalid"
|
||||
@@ -1200,9 +1285,17 @@ def test_redeem_by_id_not_allowed_if_pretixscan(device, device_client, organizer
|
||||
device.software_brand = "pretixSCAN"
|
||||
device.software_version = "1.14.2"
|
||||
device.save()
|
||||
resp = _redeem(device_client, organizer, clist, p.pk, {'force': True})
|
||||
resp = device_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.pk
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 404
|
||||
resp = _redeem(device_client, organizer, clist, p.secret, {'force': True})
|
||||
resp = device_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, p.secret
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
|
||||
|
||||
@@ -1230,7 +1323,10 @@ def test_redeem_addon_if_match_disabled(token_client, organizer, clist, other_it
|
||||
clist.all_products = False
|
||||
clist.save()
|
||||
clist.limit_products.set([other_item])
|
||||
resp = _redeem(token_client, organizer, clist, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w', {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w'
|
||||
), {
|
||||
}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "product"
|
||||
@@ -1246,7 +1342,10 @@ def test_redeem_addon_if_match_enabled(token_client, organizer, clist, other_ite
|
||||
clist.save()
|
||||
clist.limit_products.set([other_item])
|
||||
p = order.positions.first().addons.all().first()
|
||||
resp = _redeem(token_client, organizer, clist, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w', {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w'
|
||||
), {
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
assert resp.data['position']['attendee_name'] == 'Peter' # test propagation of names
|
||||
@@ -1263,7 +1362,10 @@ def test_redeem_addon_if_match_ambiguous(token_client, organizer, clist, item, o
|
||||
clist.addon_match = True
|
||||
clist.save()
|
||||
clist.limit_products.set([item, other_item])
|
||||
resp = _redeem(token_client, organizer, clist, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w', {})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w'
|
||||
), {
|
||||
}, format='json')
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "ambiguous"
|
||||
@@ -1280,7 +1382,11 @@ def test_redeem_addon_if_match_and_revoked_force(token_client, organizer, clist,
|
||||
clist.save()
|
||||
clist.limit_products.set([other_item])
|
||||
p = order.positions.first().addons.all().first()
|
||||
resp = _redeem(token_client, organizer, clist, 'revoked_secret', {'force': True})
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/{}/redeem/'.format(
|
||||
organizer.slug, event.slug, clist.pk, 'revoked_secret'
|
||||
), {
|
||||
'force': True
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data["status"] == "ok"
|
||||
with scopes_disabled():
|
||||
@@ -1288,36 +1394,3 @@ def test_redeem_addon_if_match_and_revoked_force(token_client, organizer, clist,
|
||||
assert ci.forced
|
||||
assert ci.force_sent
|
||||
assert ci.position == p
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_search(token_client, organizer, event, clist, clist_all, item, other_item, order, django_assert_max_num_queries):
|
||||
with scopes_disabled():
|
||||
p1 = dict(TEST_ORDERPOSITION1_RES)
|
||||
p1["id"] = order.positions.get(positionid=1).pk
|
||||
p1["item"] = item.pk
|
||||
|
||||
with django_assert_max_num_queries(17):
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/?search=z3fsn8jyu'.format(
|
||||
organizer.slug, event.slug, clist_all.pk
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert [p1] == resp.data['results']
|
||||
assert not resp.data['results'][0].get('pdf_data')
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_checkin_pdf_data_requires_permission(token_client, event, team, organizer, clist_all, order):
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/?search=z3fsn8jyu&pdf_data=true'.format(
|
||||
organizer.slug, event.slug, clist_all.pk
|
||||
))
|
||||
assert resp.data['results'][0].get('pdf_data')
|
||||
with scopes_disabled():
|
||||
team.can_view_orders = False
|
||||
team.can_change_orders = False
|
||||
team.can_checkin_orders = True
|
||||
team.save()
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/checkinlists/{}/positions/?search=z3fsn8jyu&pdf_data=true'.format(
|
||||
organizer.slug, event.slug, clist_all.pk
|
||||
))
|
||||
assert not resp.data['results'][0].get('pdf_data')
|
||||
|
||||
@@ -1,911 +0,0 @@
|
||||
#
|
||||
# This file is part of pretix (Community Edition).
|
||||
#
|
||||
# Copyright (C) 2014-2020 Raphael Michel and contributors
|
||||
# Copyright (C) 2020-2021 rami.io GmbH and contributors
|
||||
#
|
||||
# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
|
||||
# Public License as published by the Free Software Foundation in version 3 of the License.
|
||||
#
|
||||
# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
|
||||
# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
|
||||
# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
|
||||
# this file, see <https://pretix.eu/about/en/license>.
|
||||
#
|
||||
# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
|
||||
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
|
||||
# details.
|
||||
#
|
||||
# You should have received a copy of the GNU Affero General Public License along with this program. If not, see
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
import datetime
|
||||
from decimal import Decimal
|
||||
from unittest import mock
|
||||
|
||||
import pytest
|
||||
from django.core.files.base import ContentFile
|
||||
from django.utils.timezone import now
|
||||
from django_countries.fields import Country
|
||||
from django_scopes import scopes_disabled
|
||||
from i18nfield.strings import LazyI18nString
|
||||
from pytz import UTC
|
||||
|
||||
from pretix.api.serializers.item import QuestionSerializer
|
||||
from pretix.base.models import Checkin, InvoiceAddress, Order, OrderPosition
|
||||
|
||||
# Lots of this code is overlapping with test_checkin.py, and some of it is arguably redundant since it's triggering
|
||||
# the same backend code paths (for now). However, this is SUCH a critical part of pretix that we don't want to take
|
||||
# the risk of some day having differing implementations and missing vital test coverage.
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def item(event):
|
||||
return event.items.create(name="Budget Ticket", default_price=23)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def item_on_event2(event2):
|
||||
return event2.items.create(name="Budget Ticket", default_price=23)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def other_item(event):
|
||||
return event.items.create(name="Budget Ticket", default_price=23)
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def order(event, item, other_item, taxrule):
|
||||
testtime = datetime.datetime(2017, 12, 1, 10, 0, 0, tzinfo=UTC)
|
||||
|
||||
with mock.patch('django.utils.timezone.now') as mock_now:
|
||||
mock_now.return_value = testtime
|
||||
o = Order.objects.create(
|
||||
code='FOO', event=event, email='dummy@dummy.test',
|
||||
status=Order.STATUS_PAID, secret="k24fiuwvu8kxz3y1",
|
||||
datetime=datetime.datetime(2017, 12, 1, 10, 0, 0, tzinfo=UTC),
|
||||
expires=datetime.datetime(2017, 12, 10, 10, 0, 0, tzinfo=UTC),
|
||||
total=46, locale='en'
|
||||
)
|
||||
InvoiceAddress.objects.create(order=o, company="Sample company", country=Country('NZ'))
|
||||
op1 = OrderPosition.objects.create(
|
||||
order=o,
|
||||
positionid=1,
|
||||
item=item,
|
||||
variation=None,
|
||||
price=Decimal("23"),
|
||||
attendee_name_parts={'full_name': "Peter"},
|
||||
secret="z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
|
||||
pseudonymization_id="ABCDEFGHKL",
|
||||
)
|
||||
OrderPosition.objects.create(
|
||||
order=o,
|
||||
positionid=2,
|
||||
item=other_item,
|
||||
variation=None,
|
||||
price=Decimal("23"),
|
||||
attendee_name_parts={'full_name': "Michael"},
|
||||
secret="sf4HZG73fU6kwddgjg2QOusFbYZwVKpK",
|
||||
pseudonymization_id="BACDEFGHKL",
|
||||
)
|
||||
OrderPosition.objects.create(
|
||||
order=o,
|
||||
positionid=3,
|
||||
item=other_item,
|
||||
addon_to=op1,
|
||||
variation=None,
|
||||
price=Decimal("0"),
|
||||
secret="3u4ez6vrrbgb3wvezxhq446p548dt2wn",
|
||||
pseudonymization_id="FOOBAR12345",
|
||||
)
|
||||
return o
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def order2(event2, item_on_event2):
|
||||
testtime = datetime.datetime(2017, 12, 1, 10, 0, 0, tzinfo=UTC)
|
||||
|
||||
with mock.patch('django.utils.timezone.now') as mock_now:
|
||||
mock_now.return_value = testtime
|
||||
o = Order.objects.create(
|
||||
code='BAR', event=event2, email='dummy@dummy.test',
|
||||
status=Order.STATUS_PAID, secret="ylptCPNOxTyA",
|
||||
datetime=datetime.datetime(2017, 12, 1, 10, 0, 0, tzinfo=UTC),
|
||||
expires=datetime.datetime(2017, 12, 10, 10, 0, 0, tzinfo=UTC),
|
||||
total=46, locale='en'
|
||||
)
|
||||
InvoiceAddress.objects.create(order=o, company="Sample company", country=Country('NZ'))
|
||||
OrderPosition.objects.create(
|
||||
order=o,
|
||||
positionid=1,
|
||||
item=item_on_event2,
|
||||
variation=None,
|
||||
price=Decimal("23"),
|
||||
attendee_name_parts={'full_name': "John"},
|
||||
secret="y8tPmyc5BEK2G9pifSNumwp4NXAaIE4P",
|
||||
pseudonymization_id="A23456789",
|
||||
)
|
||||
OrderPosition.objects.create(
|
||||
order=o,
|
||||
positionid=2,
|
||||
item=item_on_event2,
|
||||
variation=None,
|
||||
price=Decimal("23"),
|
||||
attendee_name_parts={'full_name': "Paul"},
|
||||
secret="xrahgLCfodoNOIZ4uxn75gNBM1bb6m1h",
|
||||
pseudonymization_id="B23456797345",
|
||||
)
|
||||
return o
|
||||
|
||||
|
||||
TEST_ORDERPOSITION1_RES = {
|
||||
"id": 1,
|
||||
"require_attention": False,
|
||||
"order__status": "p",
|
||||
"order": "FOO",
|
||||
"positionid": 1,
|
||||
"item": 1,
|
||||
"variation": None,
|
||||
"price": "23.00",
|
||||
"attendee_name": "Peter",
|
||||
"attendee_name_parts": {'full_name': "Peter"},
|
||||
"attendee_email": None,
|
||||
"voucher": None,
|
||||
"tax_rate": "0.00",
|
||||
"tax_value": "0.00",
|
||||
"tax_rule": None,
|
||||
"secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
|
||||
"addon_to": None,
|
||||
"checkins": [],
|
||||
"downloads": [],
|
||||
"answers": [],
|
||||
"seat": None,
|
||||
"company": None,
|
||||
"street": None,
|
||||
"zipcode": None,
|
||||
"city": None,
|
||||
"country": None,
|
||||
"state": None,
|
||||
"subevent": None,
|
||||
"pseudonymization_id": "ABCDEFGHKL",
|
||||
}
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def clist(event, item):
|
||||
c = event.checkin_lists.create(name="Default", all_products=False)
|
||||
c.limit_products.add(item)
|
||||
return c
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def clist_all(event, item):
|
||||
c = event.checkin_lists.create(name="Default", all_products=True)
|
||||
return c
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def clist_event2(event2):
|
||||
c = event2.checkin_lists.create(name="Event 2", all_products=True)
|
||||
return c
|
||||
|
||||
|
||||
def _redeem(token_client, org, clist, p, body=None, query=''):
|
||||
body = body or {}
|
||||
if isinstance(clist, list):
|
||||
body['lists'] = [c.pk for c in clist]
|
||||
else:
|
||||
body['lists'] = [clist.pk]
|
||||
body['secret'] = p
|
||||
return token_client.post('/api/v1/organizers/{}/checkinrpc/redeem/{}'.format(
|
||||
org.slug, query,
|
||||
), body, format='json')
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_query_load(token_client, organizer, clist, event, order, django_assert_max_num_queries):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
with django_assert_max_num_queries(30):
|
||||
resp = _redeem(token_client, organizer, clist, p.secret)
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_custom_datetime(token_client, organizer, clist, event, order):
|
||||
dt = now() - datetime.timedelta(days=1)
|
||||
dt = dt.replace(microsecond=0)
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {
|
||||
'datetime': dt.isoformat()
|
||||
})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert Checkin.objects.last().datetime == dt
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_name_fallback(token_client, organizer, clist, event, order):
|
||||
order.invoice_address.name_parts = {'_legacy': 'Paul'}
|
||||
order.invoice_address.save()
|
||||
with scopes_disabled():
|
||||
op = order.positions.first()
|
||||
op.attendee_name_cached = None
|
||||
op.attendee_name_parts = {}
|
||||
op.save()
|
||||
resp = _redeem(token_client, organizer, clist, op.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
assert resp.data['position']['attendee_name'] == 'Paul'
|
||||
assert resp.data['position']['attendee_name_parts'] == {'_legacy': 'Paul'}
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_by_pk_not_allowed(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.pk, {})
|
||||
assert resp.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_by_secret(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_by_secret_special_chars(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
p.secret = "abc+-/=="
|
||||
p.save()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_only_once(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'already_redeemed'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_reupload_same_nonce(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'nonce': 'foobar'})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'nonce': 'foobar'})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_allow_multiple(token_client, organizer, clist, event, order):
|
||||
clist.allow_multiple_entries = True
|
||||
clist.save()
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert p.checkins.count() == 2
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_allow_multiple_reupload_same_nonce(token_client, organizer, clist, event, order):
|
||||
clist.allow_multiple_entries = True
|
||||
clist.save()
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'nonce': 'foobar'})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'nonce': 'foobar'})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert p.checkins.count() == 1
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_multiple_different_list(token_client, organizer, clist, clist_all, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'nonce': 'foobar'})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist_all, p.secret, {'nonce': 'baz'})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_forced_multiple(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'force': True})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_forced_flag_set_if_required(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'force': True})
|
||||
with scopes_disabled():
|
||||
assert not p.checkins.order_by('pk').last().forced
|
||||
assert p.checkins.order_by('pk').last().force_sent
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'force': True})
|
||||
with scopes_disabled():
|
||||
assert p.checkins.order_by('pk').last().forced
|
||||
assert p.checkins.order_by('pk').last().force_sent
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_require_product(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
clist.limit_products.clear()
|
||||
p = order.positions.first()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'product'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_require_paid(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
|
||||
order.status = Order.STATUS_CANCELED
|
||||
order.save()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'canceled'
|
||||
|
||||
order.status = Order.STATUS_PENDING
|
||||
order.save()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'ignore_unpaid': True})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
|
||||
clist.include_pending = True
|
||||
clist.save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'error'
|
||||
assert resp.data['reason'] == 'unpaid'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'ignore_unpaid': True})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
def question(event, item):
|
||||
q = event.questions.create(question=LazyI18nString('Size'), type='C', required=True, ask_during_checkin=True)
|
||||
a1 = q.options.create(answer=LazyI18nString("M"))
|
||||
a2 = q.options.create(answer=LazyI18nString("L"))
|
||||
q.items.add(item)
|
||||
return q, a1, a2
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_number(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
question[0].options.all().delete()
|
||||
question[0].type = 'N'
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: "3.24"}})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert order.positions.first().answers.get(question=question[0]).answer == '3.24'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_choice(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: str(question[1].pk)}})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert order.positions.first().answers.get(question=question[0]).answer == 'M'
|
||||
assert list(order.positions.first().answers.get(question=question[0]).options.all()) == [question[1]]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_choice_identifier(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: str(question[1].identifier)}})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert order.positions.first().answers.get(question=question[0]).answer == 'M'
|
||||
assert list(order.positions.first().answers.get(question=question[0]).options.all()) == [question[1]]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_invalid(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: "A"}})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_required(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
question[0].required = True
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: ""}})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_optional(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
question[0].required = False
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {}})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: ""}})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_multiple_choice(token_client, organizer, clist, event, order, question):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
question[0].type = 'M'
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret,
|
||||
{'answers': {question[0].pk: "{},{}".format(question[1].pk, question[2].pk)}})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert order.positions.first().answers.get(question=question[0]).answer == 'M, L'
|
||||
assert set(order.positions.first().answers.get(question=question[0]).options.all()) == {question[1],
|
||||
question[2]}
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_question_upload(token_client, organizer, clist, event, order, question):
|
||||
r = token_client.post(
|
||||
'/api/v1/upload',
|
||||
data={
|
||||
'media_type': 'image/png',
|
||||
'file': ContentFile('file.png', 'invalid png content')
|
||||
},
|
||||
format='upload',
|
||||
HTTP_CONTENT_DISPOSITION='attachment; filename="file.png"',
|
||||
)
|
||||
assert r.status_code == 201
|
||||
file_id_png = r.data['id']
|
||||
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
question[0].type = 'F'
|
||||
question[0].save()
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
with scopes_disabled():
|
||||
assert resp.data['questions'] == [QuestionSerializer(question[0]).data]
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: "invalid"}})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data['status'] == 'incomplete'
|
||||
|
||||
resp = _redeem(token_client, organizer, clist, p.secret, {'answers': {question[0].pk: file_id_png}})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
with scopes_disabled():
|
||||
assert order.positions.first().answers.get(question=question[0]).answer.startswith('file://')
|
||||
assert order.positions.first().answers.get(question=question[0]).file
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_store_failed(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/failed_checkins/'.format(
|
||||
organizer.slug, event.slug, clist.pk,
|
||||
), {
|
||||
'raw_barcode': '123456',
|
||||
'error_reason': 'invalid'
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
with scopes_disabled():
|
||||
assert Checkin.all.filter(successful=False).exists()
|
||||
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/failed_checkins/'.format(
|
||||
organizer.slug, event.slug, clist.pk,
|
||||
), {
|
||||
'raw_barcode': '123456',
|
||||
'position': p.pk,
|
||||
'error_reason': 'unpaid'
|
||||
}, format='json')
|
||||
assert resp.status_code == 201
|
||||
with scopes_disabled():
|
||||
assert p.all_checkins.filter(successful=False).count() == 1
|
||||
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/failed_checkins/'.format(
|
||||
organizer.slug, event.slug, clist.pk,
|
||||
), {
|
||||
'position': p.pk,
|
||||
'error_reason': 'unpaid'
|
||||
}, format='json')
|
||||
assert resp.status_code == 400
|
||||
|
||||
resp = token_client.post('/api/v1/organizers/{}/events/{}/checkinlists/{}/failed_checkins/'.format(
|
||||
organizer.slug, event.slug, clist.pk,
|
||||
), {
|
||||
'raw_barcode': '123456',
|
||||
'error_reason': 'unknown'
|
||||
}, format='json')
|
||||
assert resp.status_code == 400
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_unknown(token_client, organizer, clist, event, order):
|
||||
resp = _redeem(token_client, organizer, clist, 'unknown_secret', {'force': True})
|
||||
assert resp.status_code == 404
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "invalid"
|
||||
with scopes_disabled():
|
||||
assert not Checkin.objects.last()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_unknown_revoked(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
event.revoked_secrets.create(position=p, secret='revoked_secret')
|
||||
resp = _redeem(token_client, organizer, clist, 'revoked_secret', {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "revoked"
|
||||
with scopes_disabled():
|
||||
assert not Checkin.objects.last()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_unknown_revoked_force(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
event.revoked_secrets.create(position=p, secret='revoked_secret')
|
||||
resp = _redeem(token_client, organizer, clist, 'revoked_secret', {'force': True})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data["status"] == "ok"
|
||||
with scopes_disabled():
|
||||
ci = Checkin.objects.last()
|
||||
assert ci.forced
|
||||
assert ci.force_sent
|
||||
assert ci.position == p
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_addon_if_match_disabled(token_client, organizer, clist, other_item, event, order):
|
||||
with scopes_disabled():
|
||||
clist.all_products = False
|
||||
clist.save()
|
||||
clist.limit_products.set([other_item])
|
||||
resp = _redeem(token_client, organizer, clist, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w', {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "product"
|
||||
with scopes_disabled():
|
||||
assert not Checkin.objects.last()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_addon_if_match_enabled(token_client, organizer, clist, other_item, event, order):
|
||||
with scopes_disabled():
|
||||
clist.all_products = False
|
||||
clist.addon_match = True
|
||||
clist.save()
|
||||
clist.limit_products.set([other_item])
|
||||
p = order.positions.first().addons.all().first()
|
||||
resp = _redeem(token_client, organizer, clist, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w', {})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['status'] == 'ok'
|
||||
assert resp.data['position']['attendee_name'] == 'Peter' # test propagation of names
|
||||
assert resp.data['position']['item'] == other_item.pk
|
||||
with scopes_disabled():
|
||||
ci = Checkin.objects.last()
|
||||
assert ci.position == p
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_addon_if_match_ambiguous(token_client, organizer, clist, item, other_item, event, order):
|
||||
with scopes_disabled():
|
||||
clist.all_products = False
|
||||
clist.addon_match = True
|
||||
clist.save()
|
||||
clist.limit_products.set([item, other_item])
|
||||
resp = _redeem(token_client, organizer, clist, 'z3fsn8jyufm5kpk768q69gkbyr5f4h6w', {})
|
||||
assert resp.status_code == 400
|
||||
assert resp.data["status"] == "error"
|
||||
assert resp.data["reason"] == "ambiguous"
|
||||
with scopes_disabled():
|
||||
assert not Checkin.objects.last()
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_addon_if_match_and_revoked_force(token_client, organizer, clist, other_item, event, order):
|
||||
with scopes_disabled():
|
||||
event.revoked_secrets.create(position=order.positions.get(positionid=1), secret='revoked_secret')
|
||||
clist.all_products = False
|
||||
clist.addon_match = True
|
||||
clist.save()
|
||||
clist.limit_products.set([other_item])
|
||||
p = order.positions.first().addons.all().first()
|
||||
resp = _redeem(token_client, organizer, clist, 'revoked_secret', {'force': True})
|
||||
assert resp.status_code == 201
|
||||
assert resp.data["status"] == "ok"
|
||||
with scopes_disabled():
|
||||
ci = Checkin.objects.last()
|
||||
assert ci.forced
|
||||
assert ci.force_sent
|
||||
assert ci.position == p
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_multi_list(token_client, organizer, clist, clist_event2, order, order2):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
p2 = order2.positions.first()
|
||||
resp = _redeem(token_client, organizer, [clist, clist_event2], p.secret)
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['position']['id'] == p.pk
|
||||
assert resp.data['list'] == {'id': clist.pk, 'name': 'Default', 'event': 'dummy', 'subevent': None, 'include_pending': False}
|
||||
resp = _redeem(token_client, organizer, [clist, clist_event2], p2.secret)
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['position']['id'] == p2.pk
|
||||
assert resp.data['list'] == {'id': clist_event2.pk, 'name': 'Event 2', 'event': 'dummy2', 'subevent': None, 'include_pending': False}
|
||||
resp = _redeem(token_client, organizer, [clist], p2.secret)
|
||||
assert resp.status_code == 404
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_no_list(token_client, organizer, clist, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, [], p.secret)
|
||||
assert resp.status_code == 400
|
||||
assert resp.data == ['No check-in list passed.']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_redeem_conflicting_lists(token_client, organizer, clist, clist_all, event, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
resp = _redeem(token_client, organizer, [clist_all, clist], p.secret)
|
||||
assert resp.status_code == 400
|
||||
assert resp.data == ['Selecting two check-in lists from the same event is unsupported.']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_search(token_client, organizer, event, clist, clist_all, item, other_item, order,
|
||||
django_assert_max_num_queries):
|
||||
with scopes_disabled():
|
||||
p1 = dict(TEST_ORDERPOSITION1_RES)
|
||||
p1["id"] = order.positions.get(positionid=1).pk
|
||||
p1["item"] = item.pk
|
||||
|
||||
with django_assert_max_num_queries(17):
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&search=z3fsn8jyu'.format(organizer.slug, clist_all.pk))
|
||||
assert resp.status_code == 200
|
||||
assert [p1] == resp.data['results']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_search_no_list(token_client, organizer, event, clist, clist_all, item, other_item, order):
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?search=z3fsn8jyu'.format(organizer.slug))
|
||||
assert resp.status_code == 400
|
||||
assert resp.data == ['No check-in list passed.']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_search_conflicting_lists(token_client, organizer, event, clist, clist_all, item, other_item, order):
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?search=z3fsn8jyu&list={}&list={}'.format(organizer.slug, clist.pk, clist_all.pk))
|
||||
assert resp.status_code == 400
|
||||
assert resp.data == ['Selecting two check-in lists from the same event is unsupported.']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_search_multiple_lists(token_client, organizer, clist_all, clist_event2, order2, order):
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&list={}&search=dummy.test&ordering=attendee_name'.format(
|
||||
organizer.slug, clist_all.pk, clist_event2.pk
|
||||
)
|
||||
)
|
||||
assert resp.status_code == 200
|
||||
with scopes_disabled():
|
||||
assert resp.data['results'][0]['id'] == order2.positions.get(positionid=1).pk
|
||||
assert resp.data['results'][1]['id'] == order.positions.get(positionid=2).pk
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_without_permission(token_client, event, team, organizer, clist_all, order):
|
||||
with scopes_disabled():
|
||||
team.can_view_orders = False
|
||||
team.can_change_orders = False
|
||||
team.can_checkin_orders = False
|
||||
team.save()
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&search=dummy.test&ordering=attendee_name'.format(organizer.slug, clist_all.pk))
|
||||
assert resp.status_code == 403
|
||||
assert resp.data == {
|
||||
"detail": f"You requested lists that do not exist or that you do not have access to: {clist_all.pk}"
|
||||
}
|
||||
|
||||
resp = _redeem(token_client, organizer, [clist_all], "foobar")
|
||||
assert resp.status_code == 400
|
||||
assert resp.data == {
|
||||
"lists": [f'Invalid pk "{clist_all.pk}" - object does not exist.']
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_without_permission_for_one_list(token_client, event, team, organizer, clist_all, clist_event2, order2, order):
|
||||
with scopes_disabled():
|
||||
team.all_events = False
|
||||
team.save()
|
||||
team.limit_events.set([event])
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&list={}&search=dummy.test&ordering=attendee_name'.format(
|
||||
organizer.slug, clist_all.pk, clist_event2.pk
|
||||
)
|
||||
)
|
||||
assert resp.status_code == 403
|
||||
assert resp.data == {
|
||||
"detail": f"You requested lists that do not exist or that you do not have access to: {clist_event2.pk}"
|
||||
}
|
||||
|
||||
resp = _redeem(token_client, organizer, [clist_all, clist_event2], "foobar")
|
||||
assert resp.status_code == 400
|
||||
assert resp.data == {
|
||||
"lists": [f'Invalid pk "{clist_event2.pk}" - object does not exist.']
|
||||
}
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_checkin_only_permission(token_client, event, team, organizer, clist_all, order):
|
||||
with scopes_disabled():
|
||||
p = order.positions.first()
|
||||
clist_all.allow_multiple_entries = True
|
||||
clist_all.save()
|
||||
|
||||
# With all permissions, I can submit very short search terms
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&search=du&ordering=attendee_name'.format(organizer.slug, clist_all.pk))
|
||||
assert resp.data['count'] > 0
|
||||
|
||||
# With all permissions, I can request PDF data during checkin
|
||||
resp = _redeem(token_client, organizer, [clist_all], p.secret, {}, '?pdf_data=true')
|
||||
assert resp.status_code == 201
|
||||
assert resp.data['position'].get('pdf_data')
|
||||
|
||||
with scopes_disabled():
|
||||
team.can_view_orders = False
|
||||
team.can_change_orders = False
|
||||
team.can_checkin_orders = True
|
||||
team.save()
|
||||
|
||||
# With limited permissions, I can not search with a 2-character query
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&search=du&ordering=attendee_name'.format(organizer.slug, clist_all.pk))
|
||||
assert resp.status_code == 200
|
||||
assert resp.data['count'] == 0
|
||||
|
||||
# With limited permissions, I can search with a 4-character query
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&search=dummy&ordering=attendee_name'.format(organizer.slug, clist_all.pk))
|
||||
assert resp.status_code == 200
|
||||
assert resp.data['count'] > 0
|
||||
|
||||
# With limited permissions, I can not request PDF data during checkin
|
||||
resp = _redeem(token_client, organizer, [clist_all], p.secret, {}, '?pdf_data=true')
|
||||
assert resp.status_code == 201
|
||||
assert not resp.data['position'].get('pdf_data')
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_checkin_no_pdf_data(token_client, event, team, organizer, clist_all, order):
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/checkinrpc/search/?list={}&search=dummy&pdf_data=true'.format(organizer.slug, clist_all.pk))
|
||||
assert not resp.data['results'][0].get('pdf_data')
|
||||
@@ -20,7 +20,6 @@
|
||||
# <https://www.gnu.org/licenses/>.
|
||||
#
|
||||
import pytest
|
||||
from django.core import mail as djmail
|
||||
from django_scopes import scopes_disabled
|
||||
|
||||
|
||||
@@ -99,29 +98,6 @@ def test_customer_create(token_client, organizer):
|
||||
assert customer.is_active
|
||||
assert customer.name == 'John Doe'
|
||||
assert customer.is_verified
|
||||
assert len(djmail.outbox) == 0
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_customer_create_send_email(token_client, organizer):
|
||||
resp = token_client.post(
|
||||
'/api/v1/organizers/{}/customers/'.format(organizer.slug),
|
||||
format='json',
|
||||
data={
|
||||
'identifier': 'IGNORED',
|
||||
'email': 'bar@example.com',
|
||||
'name_parts': {
|
||||
"_scheme": "given_family",
|
||||
'given_name': 'John',
|
||||
'family_name': 'Doe',
|
||||
},
|
||||
'is_active': True,
|
||||
'is_verified': True,
|
||||
'send_email': True,
|
||||
}
|
||||
)
|
||||
assert resp.status_code == 201
|
||||
assert len(djmail.outbox) == 1
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
|
||||
@@ -211,7 +211,6 @@ def test_order_create(token_client, organizer, event, item, quota, question):
|
||||
), format='json', data=res
|
||||
)
|
||||
assert resp.status_code == 201
|
||||
assert not resp.data['positions'][0].get('pdf_data')
|
||||
with scopes_disabled():
|
||||
o = Order.objects.get(code=resp.data['code'])
|
||||
assert o.customer == customer
|
||||
@@ -2550,20 +2549,3 @@ def test_order_create_voucher_block_quota(token_client, organizer, event, item,
|
||||
), format='json', data=res
|
||||
)
|
||||
assert resp.status_code == 201
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_order_create_pdf_data(token_client, organizer, event, item, quota, question):
|
||||
res = copy.deepcopy(ORDER_CREATE_PAYLOAD)
|
||||
res['positions'][0]['item'] = item.pk
|
||||
res['positions'][0]['answers'][0]['question'] = question.pk
|
||||
with scopes_disabled():
|
||||
customer = organizer.customers.create()
|
||||
res['customer'] = customer.identifier
|
||||
resp = token_client.post(
|
||||
'/api/v1/organizers/{}/events/{}/orders/?pdf_data=true'.format(
|
||||
organizer.slug, event.slug
|
||||
), format='json', data=res
|
||||
)
|
||||
assert resp.status_code == 201
|
||||
assert 'secret' in resp.data['positions'][0]['pdf_data']
|
||||
|
||||
@@ -1654,58 +1654,3 @@ def test_revoked_secret_list(token_client, organizer, event):
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert [res] == resp.data['results']
|
||||
|
||||
|
||||
@pytest.mark.django_db
|
||||
def test_pdf_data(token_client, organizer, event, order, django_assert_max_num_queries):
|
||||
# order detail
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/?pdf_data=true'.format(
|
||||
organizer.slug, event.slug, order.code
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert resp.data['positions'][0].get('pdf_data')
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/{}/'.format(
|
||||
organizer.slug, event.slug, order.code
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert not resp.data['positions'][0].get('pdf_data')
|
||||
|
||||
# order list
|
||||
with django_assert_max_num_queries(29):
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/?pdf_data=true'.format(
|
||||
organizer.slug, event.slug
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert resp.data['results'][0]['positions'][0].get('pdf_data')
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/'.format(
|
||||
organizer.slug, event.slug
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert not resp.data['results'][0]['positions'][0].get('pdf_data')
|
||||
|
||||
# position list
|
||||
with django_assert_max_num_queries(32):
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orderpositions/?pdf_data=true'.format(
|
||||
organizer.slug, event.slug
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert resp.data['results'][0].get('pdf_data')
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orderpositions/'.format(
|
||||
organizer.slug, event.slug
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert not resp.data['results'][0].get('pdf_data')
|
||||
|
||||
posid = resp.data['results'][0]['id']
|
||||
|
||||
# position detail
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orderpositions/{}/?pdf_data=true'.format(
|
||||
organizer.slug, event.slug, posid
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert resp.data.get('pdf_data')
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orderpositions/{}/'.format(
|
||||
organizer.slug, event.slug, posid
|
||||
))
|
||||
assert resp.status_code == 200
|
||||
assert not resp.data.get('pdf_data')
|
||||
|
||||
@@ -113,6 +113,7 @@ def test_team_update(token_client, organizer, event, second_team):
|
||||
},
|
||||
format='json'
|
||||
)
|
||||
print(resp.data)
|
||||
assert resp.status_code == 400
|
||||
|
||||
|
||||
|
||||
@@ -648,6 +648,7 @@ def test_order_reactivate(client, env):
|
||||
client.login(email='dummy@dummy.dummy', password='dummy')
|
||||
response = client.post('/control/event/dummy/dummy/orders/FOO/reactivate', {
|
||||
}, follow=True)
|
||||
print(response.content.decode())
|
||||
assert 'alert-success' in response.content.decode()
|
||||
with scopes_disabled():
|
||||
o = Order.objects.get(id=env[2].id)
|
||||
@@ -1078,6 +1079,7 @@ def test_order_mark_paid_forced(client, env):
|
||||
'amount': str(o.pending_sum),
|
||||
'force': 'on'
|
||||
}, follow=True)
|
||||
print(response.content.decode())
|
||||
assert 'alert-success' in response.content.decode()
|
||||
with scopes_disabled():
|
||||
o = Order.objects.get(id=env[2].id)
|
||||
@@ -1364,7 +1366,7 @@ class OrderChangeTests(SoupTest):
|
||||
date_end=self.event.date_from + timedelta(days=1),
|
||||
attendee_name_parts={'_scheme': 'full', 'full_name': 'John Doe'},
|
||||
)
|
||||
self.client.post('/control/event/{}/{}/orders/{}/change'.format(
|
||||
r = self.client.post('/control/event/{}/{}/orders/{}/change'.format(
|
||||
self.event.organizer.slug, self.event.slug, self.order.code
|
||||
), {
|
||||
'add-TOTAL_FORMS': '0',
|
||||
@@ -1375,6 +1377,7 @@ class OrderChangeTests(SoupTest):
|
||||
'op-{}-used_membership'.format(self.op2.pk): str(m_correct1.pk),
|
||||
'op-{}-used_membership'.format(self.op3.pk): str(m_correct1.pk),
|
||||
}, follow=True)
|
||||
print(r.content)
|
||||
self.op1.refresh_from_db()
|
||||
self.order.refresh_from_db()
|
||||
assert self.op1.used_membership == m_correct1
|
||||
|
||||
@@ -63,6 +63,7 @@ def compare_ignoring_order(data1, data2):
|
||||
try:
|
||||
assert set(data1) == set(data2)
|
||||
except:
|
||||
print(data1, data2)
|
||||
assert len(data1) == len(data2) and all(data1.count(i) == data2.count(i) for i in data1)
|
||||
elif isinstance(data1, dict) and isinstance(data2, dict):
|
||||
assert set(data1.keys()) == set(data2.keys())
|
||||
|
||||
@@ -137,4 +137,5 @@ def test_payment(env, monkeypatch):
|
||||
'payment_paypal_wallet_oid': '04F89033701558004',
|
||||
'payment_paypal_wallet_payer': 'Q739JNKWH67HE',
|
||||
})
|
||||
print(response.content.decode())
|
||||
assert response['Location'] == '/ccc/30c3/checkout/confirm/'
|
||||
|
||||
@@ -440,6 +440,7 @@ def test_sendmail_attendee_checkin_filter(logged_in_client, sendmail_url, event,
|
||||
},
|
||||
follow=True)
|
||||
assert response.status_code == 200
|
||||
print(response.rendered_content)
|
||||
assert 'alert-success' in response.rendered_content
|
||||
assert len(djmail.outbox) == 1
|
||||
assert djmail.outbox[0].to == ['attendee1@dummy.test']
|
||||
|
||||
@@ -328,6 +328,7 @@ class ItemDisplayTest(EventTestMixin, SoupTest):
|
||||
self.event.subevents.create(name='Foo SE2', date_from=now() + datetime.timedelta(days=12),
|
||||
active=True)
|
||||
resp = self.client.get('/%s/%s/' % (self.orga.slug, self.event.slug))
|
||||
print(resp.rendered_content)
|
||||
self.assertIn("Foo SE2", resp.rendered_content)
|
||||
self.assertNotIn("Foo SE1", resp.rendered_content)
|
||||
resp = self.client.get('/%s/%s/?date=%d-W%d' % (self.orga.slug, self.event.slug, se1.date_from.isocalendar()[0], se1.date_from.isocalendar()[1]))
|
||||
|
||||
Reference in New Issue
Block a user