Remove eu_reverse_charge rule

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.8
+FROM python:3.6
 
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \
@@ -30,8 +30,7 @@ RUN apt-get update && \
     mkdir /data && \
     useradd -ms /bin/bash -d /pretix -u 15371 pretixuser && \
     echo 'pretixuser ALL=(ALL) NOPASSWD:SETENV: /usr/bin/supervisord' >> /etc/sudoers && \
-    mkdir /static && \
-    mkdir /etc/supervisord
+    mkdir /static
 
 ENV LC_ALL=C.UTF-8 \
     DJANGO_SETTINGS_MODULE=production_settings
@@ -48,13 +47,12 @@ RUN pip3 install -U \
         -r requirements.txt \
         -r requirements/memcached.txt \
         -r requirements/mysql.txt \
-        gunicorn django-extensions ipython && \
+        -r requirements/redis.txt \
+        gunicorn && \
     rm -rf ~/.cache/pip
 
 COPY deployment/docker/pretix.bash /usr/local/bin/pretix
-COPY deployment/docker/supervisord /etc/supervisord
-COPY deployment/docker/supervisord.all.conf /etc/supervisord.all.conf
-COPY deployment/docker/supervisord.web.conf /etc/supervisord.web.conf
+COPY deployment/docker/supervisord.conf /etc/supervisord.conf
 COPY deployment/docker/nginx.conf /etc/nginx/nginx.conf
 COPY deployment/docker/production_settings.py /pretix/src/production_settings.py
 COPY src /pretix/src

deployment/docker/pretix.bash

@@ -5,8 +5,6 @@ export DATA_DIR=/data/
 export HOME=/pretix
 export NUM_WORKERS=$((2 * $(nproc --all)))
 
-AUTOMIGRATE=${AUTOMIGRATE:-yes}
-
 if [ ! -d /data/logs ]; then
     mkdir /data/logs;
 fi
@@ -18,16 +16,10 @@ if [ "$1" == "cron" ]; then
     exec python3 -m pretix runperiodic
 fi
 
-if [ "$AUTOMIGRATE" != "skip" ]; then
-  python3 -m pretix migrate --noinput
-fi
+python3 -m pretix migrate --noinput
 
 if [ "$1" == "all" ]; then
-    exec sudo -E /usr/bin/supervisord -n -c /etc/supervisord.all.conf
-fi
-
-if [ "$1" == "web" ]; then
-    exec sudo -E /usr/bin/supervisord -n -c /etc/supervisord.web.conf
+    exec sudo -E /usr/bin/supervisord -n -c /etc/supervisord.conf
 fi
 
 if [ "$1" == "webworker" ]; then
@@ -45,6 +37,10 @@ if [ "$1" == "taskworker" ]; then
     exec celery -A pretix.celery_app worker -l info "$@"
 fi
 
+if [ "$1" == "shell" ]; then
+    exec python3 -m pretix shell
+fi
+
 if [ "$1" == "upgrade" ]; then
     exec python3 -m pretix updatestyles
 fi

deployment/docker/supervisord.all.conf

@@ -1,2 +0,0 @@
-[include]
-files = /etc/supervisord/*.conf

deployment/docker/supervisord.conf

@@ -0,0 +1,44 @@
+[unix_http_server]
+file=/tmp/supervisor.sock
+
+[supervisord]
+logfile=/tmp/supervisord.log
+logfile_maxbytes=50MB
+logfile_backups=10
+loglevel=info
+pidfile=/tmp/supervisord.pid
+nodaemon=false
+minfds=1024
+minprocs=200
+
+[rpcinterface:supervisor]
+supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
+
+[supervisorctl]
+serverurl=unix:///tmp/supervisor.sock
+
+[program:pretixweb]
+command=/usr/local/bin/pretix webworker
+autostart=true
+autorestart=true
+priority=5
+user=pretixuser
+environment=HOME=/pretix
+
+[program:pretixtask]
+command=/usr/local/bin/pretix taskworker
+autostart=true
+autorestart=true
+priority=5
+user=pretixuser
+
+[program:nginx]
+command=/usr/sbin/nginx
+autostart=true
+autorestart=true
+priority=10
+stdout_events_enabled=true
+stderr_events_enabled=true
+
+[include]
+files = /etc/supervisord-*.conf

deployment/docker/supervisord.web.conf

@@ -1,2 +0,0 @@
-[include]
-files = /etc/supervisord/base.conf /etc/supervisord/nginx.conf /etc/supervisord/pretixweb.conf

deployment/docker/supervisord/base.conf

@@ -1,18 +0,0 @@
-[unix_http_server]
-file=/tmp/supervisor.sock
-
-[supervisord]
-logfile=/tmp/supervisord.log
-logfile_maxbytes=50MB
-logfile_backups=10
-loglevel=info
-pidfile=/tmp/supervisord.pid
-nodaemon=false
-minfds=1024
-minprocs=200
-
-[rpcinterface:supervisor]
-supervisor.rpcinterface_factory = supervisor.rpcinterface:make_main_rpcinterface
-
-[supervisorctl]
-serverurl=unix:///tmp/supervisor.sock

deployment/docker/supervisord/nginx.conf

@@ -1,7 +0,0 @@
-[program:nginx]
-command=/usr/sbin/nginx
-autostart=true
-autorestart=true
-priority=10
-stdout_events_enabled=true
-stderr_events_enabled=true

deployment/docker/supervisord/pretixtask.conf

@@ -1,6 +0,0 @@
-[program:pretixtask]
-command=/usr/local/bin/pretix taskworker
-autostart=true
-autorestart=true
-priority=5
-user=pretixuser

deployment/docker/supervisord/pretixweb.conf

@@ -1,7 +0,0 @@
-[program:pretixweb]
-command=/usr/local/bin/pretix webworker
-autostart=true
-autorestart=true
-priority=5
-user=pretixuser
-environment=HOME=/pretix

doc/admin/config.rst

@@ -23,14 +23,6 @@ The config file may contain the following sections (all settings are optional an
 default values). We suggest that you start from the examples given in one of the
 installation tutorials.
 
-.. note::
-
-    The configuration file is the recommended way to configure pretix. However, you can
-    also set them through environment variables. In this case, the syntax is
-    ``PRETIX_SECTION_CONFIG``. For example, to configure the setting ``password_reset``
-    from the ``[pretix]`` section, set ``PRETIX_PRETIX_PASSWORD_RESET=off`` in your
-    environment.
-
 pretix settings
 ---------------
 

doc/admin/installation/docker_smallscale.rst

@@ -284,24 +284,6 @@ Then, go to that directory and build the image::
 You can now use that image ``mypretix`` instead of ``pretix/standalone`` in your service file (see above). Be sure
 to re-build your custom image after you pulled ``pretix/standalone`` if you want to perform an update.
 
-Scaling up
-----------
-
-If you need to scale to multiple machines, please first read our :ref:`scaling guide <scaling>`.
-
-If you run the official docker container on multiple machines, it is recommended to set the environment
-variable ``AUTOMIGRATE=skip`` on all containers and run ``docker exec -it pretix.service pretix migrate``
-on one machine after each upgrade manually, otherwise multiple containers might try to upgrade the
-database schema at the same time.
-
-To run only the ``pretix-web`` component of pretix as well as a nginx server serving static files, you
-can invoke the container with ``docker run … pretix/standalone:stable web`` (instead of ``all``).
-
-To run only ``pretix-worker``, you can run ``docker run … pretix/standalone:stable taskworker``. You can
-also pass arguments to limit the worker to specific queues or to change the number of concurrent task
-workers, e.g. ``docker run … taskworker -Q notifications --concurrency 32``.
-
-
 .. _Docker: https://docs.docker.com/engine/installation/linux/debian/
 .. _Postfix: https://www.digitalocean.com/community/tutorials/how-to-install-and-configure-postfix-as-a-send-only-smtp-server-on-ubuntu-16-04
 .. _nginx: https://botleg.com/stories/https-with-lets-encrypt-and-nginx/

doc/api/resources/exporters.rst

@@ -1,215 +0,0 @@
-.. spelling:: checkin
-
-Data exporters
-==============
-
-pretix and it's plugins include a number of data exporters that allow you to bulk download various data from pretix in
-different formats. This page shows you how to use these exporters through the API.
-
-.. versionchanged:: 3.13
-
-   This feature has been added to the API.
-
-.. warning::
-
-   While we consider the methods listed on this page to be a stable API, the availability and specific input field
-   requirements of individual exporters is **not considered a stable API**. Specific exporters and their input parameters
-   may change at any time without warning.
-
-Listing available exporters
----------------------------
-
-.. http:get:: /api/v1/organizers/(organizer)/events/(event)/exporters/
-
-   Returns a list of all exporters available for a given event. You will receive a list of export methods as well as their
-   supported input fields. Note that the exact type and validation requirements of the input fields are not given in the
-   response, and you might need to look into the pretix web interface to figure out the exact input required.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      GET /api/v1/organizers/bigevents/events/sampleconf/exporters/ HTTP/1.1
-      Host: pretix.eu
-      Accept: application/json, text/javascript
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/json
-
-      {
-        "count": 1,
-        "next": null,
-        "previous": null,
-        "results": [
-          {
-            "identifier": "orderlist",
-            "verbose_name": "Order data",
-            "input_parameters": [
-              {
-                "name": "_format",
-                "required": true,
-                "choices": [
-                  "xlsx",
-                  "orders:default",
-                  "orders:excel",
-                  "orders:semicolon",
-                  "positions:default",
-                  "positions:excel",
-                  "positions:semicolon",
-                  "fees:default",
-                  "fees:excel",
-                  "fees:semicolon"
-                ]
-              },
-              {
-                "name": "paid_only",
-                "required": false
-              }
-            ]
-          }
-        ]
-      }
-
-   :query integer page: The page number in case of a multi-page result set, default is 1
-   :param organizer: The ``slug`` field of the organizer to fetch
-   :param event: The ``slug`` field of the event to fetch
-   :statuscode 200: no error
-   :statuscode 401: Authentication failure
-   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
-
-.. http:get:: /api/v1/organizers/(organizer)/exporters/
-
-   Returns a list of all cross-event exporters available for a given organizer. You will receive a list of export methods as well as their
-   supported input fields. Note that the exact type and validation requirements of the input fields are not given in the
-   response, and you might need to look into the pretix web interface to figure out the exact input required.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      GET /api/v1/organizers/bigevents/exporters/ HTTP/1.1
-      Host: pretix.eu
-      Accept: application/json, text/javascript
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/json
-
-      {
-        "count": 1,
-        "next": null,
-        "previous": null,
-        "results": [
-          {
-            "identifier": "orderlist",
-            "verbose_name": "Order data",
-            "input_parameters": [
-              {
-                "name": "events",
-                "required": true
-              },
-              {
-                "name": "_format",
-                "required": true,
-                "choices": [
-                  "xlsx",
-                  "orders:default",
-                  "orders:excel",
-                  "orders:semicolon",
-                  "positions:default",
-                  "positions:excel",
-                  "positions:semicolon",
-                  "fees:default",
-                  "fees:excel",
-                  "fees:semicolon"
-                ]
-              },
-              {
-                "name": "paid_only",
-                "required": false
-              }
-            ]
-          }
-        ]
-      }
-
-   :query integer page: The page number in case of a multi-page result set, default is 1
-   :param organizer: The ``slug`` field of the organizer to fetch
-   :statuscode 200: no error
-   :statuscode 401: Authentication failure
-   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
-
-Running an export
------------------
-
-Since exports often include large data sets, they might take longer than the duration of an HTTP request. Therefore,
-creating an export is a two-step process. First you need to start an export task with one of the following to API
-endpoints:
-
-.. http:post:: /api/v1/organizers/(organizer)/events/(event)/exporters/(identifier)/run/
-
-   Starts an export task. If your input parameters validate correctly, a ``202 Accepted`` status code is returned.
-   The body points you to the download URL of the result.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      POST /api/v1/organizers/bigevents/events/sampleconf/exporters/orderlist/run/ HTTP/1.1
-      Host: pretix.eu
-      Accept: application/json, text/javascript
-      Content-Type: application/json
-
-      {
-        "_format": "xlsx"
-      }
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/json
-
-      {
-        "download": "https://pretix.eu/api/v1/organizers/bigevents/events/sampleconf/orderlist/download/29891ede-196f-4942-9e26-d055a36e98b8/3f279f13-c198-4137-b49b-9b360ce9fcce/"
-      }
-
-   :param organizer: The ``slug`` field of the organizer to fetch
-   :param event: The ``slug`` field of the event to fetch
-   :param identifier: The ``identifier`` field of the exporter to run
-   :statuscode 202: no error
-   :statuscode 400: Invalid input options
-   :statuscode 401: Authentication failure
-   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
-
-.. http:post:: /api/v1/organizers/(organizer)/exporters/(identifier)/run/
-
-   The endpoint for organizer-level exports works just like event-level exports (see above).
-
-
-Downloading the result
-----------------------
-
-When starting an export, you receive a ``url`` for downloading the result. Running a ``GET`` request on that result will
-yield one of the following status codes:
-
-* ``200 OK`` – The export succeeded. The body will be your resulting file. Might be large!
-* ``409 Conflict`` – Your export is still running. The body will be JSON with the structure ``{"status": "running", "percentage": 40}``. ``percentage`` can be ``null`` if it is not known and ``status`` can be ``waiting`` before the task is actually being processed. Please retry, but wait at least one second before you do.
-* ``410 Gone`` – Running the export has failed permanently. The body will be JSON with the structure ``{"status": "failed", "message": "Error message"}``
-* ``404 Not Found`` – The export does not exist / is expired.
-
-.. warning::
-
-   Running exports puts a lot of stress on the system, we kindly ask you not to run more than two exports at the same time.
-

doc/api/resources/index.rst

@@ -27,6 +27,5 @@ Resources and endpoints
    devices
    webhooks
    seatingplans
-   exporters
    billing_invoices
    billing_var

doc/api/resources/orders.rst

@@ -163,10 +163,6 @@ last_modified                         datetime                   Last modificati
 
    The ``exclude`` and ``subevent_after`` query parameter has been added.
 
-.. versionchanged:: 3.13
-
-   The ``subevent_before`` query parameter has been added.
-
 
 .. _order-position-resource:
 
@@ -494,8 +490,7 @@ List of all orders
        recommend using this in combination with ``testmode=false``, since test mode orders can vanish at any time and
        you will not notice it using this method.
    :query datetime created_since: Only return orders that have been created since the given date.
-   :query datetime subevent_after: Only return orders that contain a ticket for a subevent taking place after the given date. This is an exclusive after, and it considers the **end** of the subevent (or its start, if the end is not set).
-   :query datetime subevent_before: Only return orders that contain a ticket for a subevent taking place after the given date. This is an exclusive before, and it considers the **start** of the subevent.
+   :query datetime subevent_after: Only return orders that contain a ticket for a subevent taking place after the given date.
    :query string exclude: Exclude a field from the output, e.g. ``fees`` or ``positions.downloads``. Can be used as a performance optimization. Can be passed multiple times.
    :param organizer: The ``slug`` field of the organizer to fetch
    :param event: The ``slug`` field of the event to fetch

doc/api/resources/webhooks.rst

@@ -31,10 +31,8 @@ action_types                          list of strings            A list of actio
 The following values for ``action_types`` are valid with pretix core:
 
     * ``pretix.event.order.placed``
-    * ``pretix.event.order.placed.require_approval``
     * ``pretix.event.order.paid``
     * ``pretix.event.order.canceled``
-    * ``pretix.event.order.reactivated``
     * ``pretix.event.order.expired``
     * ``pretix.event.order.modified``
     * ``pretix.event.order.contact.changed``
@@ -44,12 +42,6 @@ The following values for ``action_types`` are valid with pretix core:
     * ``pretix.event.order.denied``
     * ``pretix.event.checkin``
     * ``pretix.event.checkin.reverted``
-    * ``pretix.event.added``
-    * ``pretix.event.changed``
-    * ``pretix.event.deleted``
-    * ``pretix.subevent.added``
-    * ``pretix.subevent.changed``
-    * ``pretix.subevent.deleted``
 
 Installed plugins might register more valid values.
 

doc/development/api/general.rst

@@ -58,7 +58,7 @@ Backend
 .. automodule:: pretix.control.signals
    :members: nav_event, html_head, html_page_start, quota_detail_html, nav_topbar, nav_global, nav_organizer, nav_event_settings,
              order_info, event_settings_widget, oauth_application_registered, order_position_buttons, subevent_forms,
-             item_formsets, order_search_filter_q, order_search_forms
+             item_formsets, order_search_filter_q
 
 .. automodule:: pretix.base.signals
    :members: logentry_display, logentry_object_link, requiredaction_display, timeline_events

src/pretix/__init__.py

@@ -1 +1 @@
-__version__ = "3.13.1"
+__version__ = "3.13.0.dev0"

src/pretix/api/auth/devicesecurity.py

@@ -108,10 +108,6 @@ class PretixPosSecurityProfile(AllowListSecurityProfile):
         ('POST', 'plugins:pretix_posbackend:stripeterminal.token'),
         ('GET', 'api-v1:revokedsecrets-list'),
         ('GET', 'api-v1:event.settings'),
-        ('GET', 'plugins:pretix_seating:event.event'),
-        ('GET', 'plugins:pretix_seating:event.event.subevent'),
-        ('GET', 'plugins:pretix_seating:event.plan'),
-        ('GET', 'plugins:pretix_seating:selection.simple'),
     )
 
 

src/pretix/api/serializers/event.py

@@ -554,7 +554,7 @@ class SubEventSerializer(I18nAwareModelSerializer):
 class TaxRuleSerializer(CountryFieldMixin, I18nAwareModelSerializer):
     class Meta:
         model = TaxRule
-        fields = ('id', 'name', 'rate', 'price_includes_tax', 'eu_reverse_charge', 'home_country')
+        fields = ('id', 'name', 'rate', 'price_includes_tax')
 
 
 class EventSettingsSerializer(serializers.Serializer):

src/pretix/api/serializers/exporters.py

@@ -1,127 +0,0 @@
-from django import forms
-from django.http import QueryDict
-from rest_framework import serializers
-
-
-class FormFieldWrapperField(serializers.Field):
-    def __init__(self, *args, **kwargs):
-        self.form_field = kwargs.pop('form_field')
-        super().__init__(*args, **kwargs)
-
-    def to_representation(self, value):
-        return self.form_field.widget.format_value(value)
-
-    def to_internal_value(self, data):
-        d = self.form_field.widget.value_from_datadict({'name': data}, {}, 'name')
-        d = self.form_field.clean(d)
-        return d
-
-
-simple_mappings = (
-    (forms.DateField, serializers.DateField, tuple()),
-    (forms.TimeField, serializers.TimeField, tuple()),
-    (forms.SplitDateTimeField, serializers.DateTimeField, tuple()),
-    (forms.DateTimeField, serializers.DateTimeField, tuple()),
-    (forms.DecimalField, serializers.DecimalField, ('max_digits', 'decimal_places', 'min_value', 'max_value')),
-    (forms.FloatField, serializers.FloatField, tuple()),
-    (forms.IntegerField, serializers.IntegerField, tuple()),
-    (forms.EmailField, serializers.EmailField, tuple()),
-    (forms.UUIDField, serializers.UUIDField, tuple()),
-    (forms.URLField, serializers.URLField, tuple()),
-    (forms.NullBooleanField, serializers.NullBooleanField, tuple()),
-    (forms.BooleanField, serializers.BooleanField, tuple()),
-)
-
-
-class SerializerDescriptionField(serializers.Field):
-    def to_representation(self, value):
-        fields = []
-        for k, v in value.fields.items():
-            d = {
-                'name': k,
-                'required': v.required,
-            }
-            if isinstance(v, serializers.ChoiceField):
-                d['choices'] = list(v.choices.keys())
-            fields.append(d)
-
-        return fields
-
-
-class ExporterSerializer(serializers.Serializer):
-    identifier = serializers.CharField()
-    verbose_name = serializers.CharField()
-    input_parameters = SerializerDescriptionField(source='_serializer')
-
-
-class PrimaryKeyRelatedField(serializers.PrimaryKeyRelatedField):
-    def to_representation(self, value):
-        if isinstance(value, int):
-            return value
-        return super().to_representation(value)
-
-
-class JobRunSerializer(serializers.Serializer):
-    def __init__(self, *args, **kwargs):
-        ex = kwargs.pop('exporter')
-        events = kwargs.pop('events', None)
-        super().__init__(*args, **kwargs)
-        if events is not None:
-            self.fields["events"] = serializers.SlugRelatedField(
-                queryset=events,
-                required=True,
-                allow_empty=False,
-                slug_field='slug',
-                many=True
-            )
-        for k, v in ex.export_form_fields.items():
-            for m_from, m_to, m_kwargs in simple_mappings:
-                if isinstance(v, m_from):
-                    self.fields[k] = m_to(
-                        required=v.required,
-                        allow_null=not v.required,
-                        validators=v.validators,
-                        **{kwarg: getattr(v, kwargs, None) for kwarg in m_kwargs}
-                    )
-                    break
-
-            if isinstance(v, forms.ModelMultipleChoiceField):
-                self.fields[k] = PrimaryKeyRelatedField(
-                    queryset=v.queryset,
-                    required=v.required,
-                    allow_empty=not v.required,
-                    validators=v.validators,
-                    many=True
-                )
-            elif isinstance(v, forms.ModelChoiceField):
-                self.fields[k] = PrimaryKeyRelatedField(
-                    queryset=v.queryset,
-                    required=v.required,
-                    allow_null=not v.required,
-                    validators=v.validators,
-                )
-            elif isinstance(v, forms.MultipleChoiceField):
-                self.fields[k] = serializers.MultipleChoiceField(
-                    choices=v.choices,
-                    required=v.required,
-                    allow_empty=not v.required,
-                    validators=v.validators,
-                )
-            elif isinstance(v, forms.ChoiceField):
-                self.fields[k] = serializers.ChoiceField(
-                    choices=v.choices,
-                    required=v.required,
-                    allow_null=not v.required,
-                    validators=v.validators,
-                )
-            else:
-                self.fields[k] = FormFieldWrapperField(form_field=v, required=v.required, allow_null=not v.required)
-
-    def to_internal_value(self, data):
-        if isinstance(data, QueryDict):
-            data = data.copy()
-        for k, v in self.fields.items():
-            if isinstance(v, serializers.ManyRelatedField) and k not in data:
-                data[k] = []
-        data = super().to_internal_value(data)
-        return data

src/pretix/api/urls.py

@@ -7,8 +7,8 @@ from rest_framework import routers
 from pretix.api.views import cart
 
 from .views import (
-    checkin, device, event, exporters, item, oauth, order, organizer, user,
-    version, voucher, waitinglist, webhooks,
+    checkin, device, event, item, oauth, order, organizer, user, version,
+    voucher, waitinglist, webhooks,
 )
 
 router = routers.DefaultRouter()
@@ -22,7 +22,6 @@ orga_router.register(r'seatingplans', organizer.SeatingPlanViewSet)
 orga_router.register(r'giftcards', organizer.GiftCardViewSet)
 orga_router.register(r'teams', organizer.TeamViewSet)
 orga_router.register(r'devices', organizer.DeviceViewSet)
-orga_router.register(r'exporters', exporters.OrganizerExportersViewSet, basename='exporters')
 
 team_router = routers.DefaultRouter()
 team_router.register(r'members', organizer.TeamMemberViewSet)
@@ -45,7 +44,6 @@ event_router.register(r'taxrules', event.TaxRuleViewSet)
 event_router.register(r'waitinglistentries', waitinglist.WaitingListViewSet)
 event_router.register(r'checkinlists', checkin.CheckinListViewSet)
 event_router.register(r'cartpositions', cart.CartPositionViewSet)
-event_router.register(r'exporters', exporters.EventExportersViewSet, basename='exporters')
 
 checkinlist_router = routers.DefaultRouter()
 checkinlist_router.register(r'positions', checkin.CheckinListPositionViewSet, basename='checkinlistpos')

src/pretix/api/views/exporters.py

@@ -1,154 +0,0 @@
-from datetime import timedelta
-
-from celery.result import AsyncResult
-from django.conf import settings
-from django.http import Http404
-from django.shortcuts import get_object_or_404
-from django.utils.functional import cached_property
-from django.utils.timezone import now
-from rest_framework import status, viewsets
-from rest_framework.decorators import action
-from rest_framework.response import Response
-from rest_framework.reverse import reverse
-
-from pretix.api.serializers.exporters import (
-    ExporterSerializer, JobRunSerializer,
-)
-from pretix.base.models import CachedFile, Device, TeamAPIToken
-from pretix.base.services.export import export, multiexport
-from pretix.base.signals import (
-    register_data_exporters, register_multievent_data_exporters,
-)
-from pretix.helpers.http import ChunkBasedFileResponse
-
-
-class ExportersMixin:
-    def list(self, request, *args, **kwargs):
-        res = ExporterSerializer(self.exporters, many=True)
-        return Response({
-            "count": len(self.exporters),
-            "next": None,
-            "previous": None,
-            "results": res.data
-        })
-
-    def get_object(self):
-        instances = [e for e in self.exporters if e.identifier == self.kwargs.get('pk')]
-        if not instances:
-            raise Http404()
-        return instances[0]
-
-    def retrieve(self, request, *args, **kwargs):
-        instance = self.get_object()
-        serializer = ExporterSerializer(instance)
-        return Response(serializer.data)
-
-    @action(detail=True, methods=['GET'], url_name='download', url_path='download/(?P<asyncid>[^/]+)/(?P<cfid>[^/]+)')
-    def download(self, *args, **kwargs):
-        cf = get_object_or_404(CachedFile, id=kwargs['cfid'])
-        if cf.file:
-            resp = ChunkBasedFileResponse(cf.file.file, content_type=cf.type)
-            resp['Content-Disposition'] = 'attachment; filename="{}"'.format(cf.filename)
-            return resp
-        elif not settings.HAS_CELERY:
-            return Response(
-                {'status': 'failed', 'message': 'Unknown file ID or export failed'},
-                status=status.HTTP_410_GONE
-            )
-
-        res = AsyncResult(kwargs['asyncid'])
-        if res.failed():
-            if isinstance(res.info, dict) and res.info['exc_type'] == 'ExportError':
-                msg = res.info['exc_message']
-            else:
-                msg = 'Internal error'
-            return Response(
-                {'status': 'failed', 'message': msg},
-                status=status.HTTP_410_GONE
-            )
-
-        return Response(
-            {
-                'status': 'running' if res.state in ('PROGRESS', 'STARTED', 'SUCCESS') else 'waiting',
-                'percentage': res.result.get('value', None) if res.result else None,
-            },
-            status=status.HTTP_409_CONFLICT
-        )
-
-    @action(detail=True, methods=['POST'])
-    def run(self, *args, **kwargs):
-        instance = self.get_object()
-        serializer = JobRunSerializer(exporter=instance, data=self.request.data, **self.get_serializer_kwargs())
-        serializer.is_valid(raise_exception=True)
-
-        cf = CachedFile(web_download=False)
-        cf.date = now()
-        cf.expires = now() + timedelta(hours=24)
-        cf.save()
-        d = serializer.data
-        for k, v in d.items():
-            if isinstance(v, set):
-                d[k] = list(v)
-        async_result = self.do_export(cf, instance, d)
-
-        url_kwargs = {
-            'asyncid': str(async_result.id),
-            'cfid': str(cf.id),
-        }
-        url_kwargs.update(self.kwargs)
-        return Response({
-            'download': reverse('api-v1:exporters-download', kwargs=url_kwargs, request=self.request)
-        }, status=status.HTTP_202_ACCEPTED)
-
-
-class EventExportersViewSet(ExportersMixin, viewsets.ViewSet):
-    permission = 'can_view_orders'
-
-    def get_serializer_kwargs(self):
-        return {}
-
-    @cached_property
-    def exporters(self):
-        exporters = []
-        responses = register_data_exporters.send(self.request.event)
-        for ex in sorted([response(self.request.event) for r, response in responses], key=lambda ex: str(ex.verbose_name)):
-            ex._serializer = JobRunSerializer(exporter=ex)
-            exporters.append(ex)
-        return exporters
-
-    def do_export(self, cf, instance, data):
-        return export.apply_async(args=(self.request.event.id, str(cf.id), instance.identifier, data))
-
-
-class OrganizerExportersViewSet(ExportersMixin, viewsets.ViewSet):
-    permission = None
-
-    @cached_property
-    def exporters(self):
-        exporters = []
-        events = (self.request.auth or self.request.user).get_events_with_permission('can_view_orders', request=self.request).filter(
-            organizer=self.request.organizer
-        )
-        responses = register_multievent_data_exporters.send(self.request.organizer)
-        for ex in sorted([response(events) for r, response in responses if response], key=lambda ex: str(ex.verbose_name)):
-            ex._serializer = JobRunSerializer(exporter=ex, events=events)
-            exporters.append(ex)
-        return exporters
-
-    def get_serializer_kwargs(self):
-        return {
-            'events': self.request.auth.get_events_with_permission('can_view_orders', request=self.request).filter(
-                organizer=self.request.organizer
-            )
-        }
-
-    def do_export(self, cf, instance, data):
-        return multiexport.apply_async(kwargs={
-            'organizer': self.request.organizer.id,
-            'user': self.request.user.id if self.request.user.is_authenticated else None,
-            'token': self.request.auth.pk if isinstance(self.request.auth, TeamAPIToken) else None,
-            'device': self.request.auth.pk if isinstance(self.request.auth, Device) else None,
-            'fileid': str(cf.id),
-            'provider': instance.identifier,
-            'form_data': data
-        })

src/pretix/api/views/order.py

@@ -33,7 +33,7 @@ from pretix.base.i18n import language
 from pretix.base.models import (
     CachedCombinedTicket, CachedTicket, Device, Event, Invoice, InvoiceAddress,
     Order, OrderFee, OrderPayment, OrderPosition, OrderRefund, Quota, SubEvent,
-    TaxRule, TeamAPIToken, generate_secret,
+    TeamAPIToken, generate_secret,
 )
 from pretix.base.models.orders import RevokedTicketSecret
 from pretix.base.payment import PaymentException
@@ -65,7 +65,6 @@ with scopes_disabled():
         modified_since = django_filters.IsoDateTimeFilter(field_name='last_modified', lookup_expr='gte')
         created_since = django_filters.IsoDateTimeFilter(field_name='datetime', lookup_expr='gte')
         subevent_after = django_filters.IsoDateTimeFilter(method='subevent_after_qs')
-        subevent_before = django_filters.IsoDateTimeFilter(method='subevent_before_qs')
         search = django_filters.CharFilter(method='search_qs')
 
         class Meta:
@@ -85,19 +84,6 @@ with scopes_disabled():
             ).filter(has_se_after=True)
             return qs
 
-        def subevent_before_qs(self, qs, name, value):
-            qs = qs.annotate(
-                has_se_before=Exists(
-                    OrderPosition.all.filter(
-                        subevent_id__in=SubEvent.objects.filter(
-                            Q(date_from__lt=value), event=OuterRef(OuterRef('event_id'))
-                        ).values_list('id'),
-                        order_id=OuterRef('pk'),
-                    )
-                )
-            ).filter(has_se_before=True)
-            return qs
-
         def search_qs(self, qs, name, value):
             u = value
             if "-" in value:
@@ -561,10 +547,7 @@ class OrderViewSet(viewsets.ModelViewSet):
         serializer = OrderCreateSerializer(data=request.data, context=self.get_serializer_context())
         serializer.is_valid(raise_exception=True)
         with transaction.atomic():
-            try:
-                self.perform_create(serializer)
-            except TaxRule.SaleNotAllowed:
-                raise ValidationError(_('One of the selected products is not available in the selected country.'))
+            self.perform_create(serializer)
             send_mail = serializer._send_mail
             order = serializer.instance
             if not order.pk:

src/pretix/api/webhooks.py

@@ -7,7 +7,7 @@ import requests
 from celery.exceptions import MaxRetriesExceededError
 from django.db.models import Exists, OuterRef, Q
 from django.dispatch import receiver
-from django.utils.translation import gettext_lazy as _, pgettext_lazy
+from django.utils.translation import gettext_lazy as _
 from django_scopes import scope, scopes_disabled
 from requests import RequestException
 
@@ -97,67 +97,6 @@ class ParametrizedOrderWebhookEvent(WebhookEvent):
         }
 
 
-class ParametrizedEventWebhookEvent(WebhookEvent):
-    def __init__(self, action_type, verbose_name):
-        self._action_type = action_type
-        self._verbose_name = verbose_name
-        super().__init__()
-
-    @property
-    def action_type(self):
-        return self._action_type
-
-    @property
-    def verbose_name(self):
-        return self._verbose_name
-
-    def build_payload(self, logentry: LogEntry):
-        if logentry.action_type == 'pretix.event.deleted':
-            organizer = logentry.content_object
-            return {
-                'notification_id': logentry.pk,
-                'organizer': organizer.slug,
-                'event': logentry.parsed_data.get('slug'),
-                'action': logentry.action_type,
-            }
-
-        event = logentry.content_object
-        if not event:
-            return None
-
-        return {
-            'notification_id': logentry.pk,
-            'organizer': event.organizer.slug,
-            'event': event.slug,
-            'action': logentry.action_type,
-        }
-
-
-class ParametrizedSubEventWebhookEvent(WebhookEvent):
-    def __init__(self, action_type, verbose_name):
-        self._action_type = action_type
-        self._verbose_name = verbose_name
-        super().__init__()
-
-    @property
-    def action_type(self):
-        return self._action_type
-
-    @property
-    def verbose_name(self):
-        return self._verbose_name
-
-    def build_payload(self, logentry: LogEntry):
-        # do not use content_object, this is also called in deletion
-        return {
-            'notification_id': logentry.pk,
-            'organizer': logentry.event.organizer.slug,
-            'event': logentry.event.slug,
-            'subevent': logentry.object_id,
-            'action': logentry.action_type,
-        }
-
-
 class ParametrizedOrderPositionWebhookEvent(ParametrizedOrderWebhookEvent):
 
     def build_payload(self, logentry: LogEntry):
@@ -230,69 +169,44 @@ def register_default_webhook_events(sender, **kwargs):
             'pretix.event.checkin.reverted',
             _('Ticket check-in reverted'),
         ),
-        ParametrizedEventWebhookEvent(
-            'pretix.event.added',
-            _('Event created'),
-        ),
-        ParametrizedEventWebhookEvent(
-            'pretix.event.changed',
-            _('Event details changed'),
-        ),
-        ParametrizedEventWebhookEvent(
-            'pretix.event.deleted',
-            _('Event details changed'),
-        ),
-        ParametrizedSubEventWebhookEvent(
-            'pretix.subevent.added',
-            pgettext_lazy('subevent', 'Event series date added'),
-        ),
-        ParametrizedSubEventWebhookEvent(
-            'pretix.subevent.changed',
-            pgettext_lazy('subevent', 'Event series date changed'),
-        ),
-        ParametrizedSubEventWebhookEvent(
-            'pretix.subevent.deleted',
-            pgettext_lazy('subevent', 'Event series date deleted'),
-        ),
     )
 
 
 @app.task(base=TransactionAwareTask, acks_late=True)
-def notify_webhooks(logentry_ids: list):
-    if not isinstance(logentry_ids, list):
-        logentry_ids = [logentry_ids]
-    qs = LogEntry.all.select_related('event', 'event__organizer').filter(id__in=logentry_ids)
-    _org, _at, webhooks = None, None, None
-    for logentry in qs:
-        if not logentry.organizer:
-            break  # We need to know the organizer
+def notify_webhooks(logentry_id: int):
+    logentry = LogEntry.all.select_related('event', 'event__organizer').get(id=logentry_id)
 
-        notification_type = logentry.webhook_type
+    if not logentry.organizer:
+        return  # We need to know the organizer
 
-        if not notification_type:
-            break  # Ignore, no webhooks for this event type
+    types = get_all_webhook_events()
+    notification_type = None
+    typepath = logentry.action_type
+    while not notification_type and '.' in typepath:
+        notification_type = types.get(typepath + ('.*' if typepath != logentry.action_type else ''))
+        typepath = typepath.rsplit('.', 1)[0]
 
-        if _org != logentry.organizer or _at != logentry.action_type or webhooks is None:
-            _org = logentry.organizer
-            _at = logentry.action_type
+    if not notification_type:
+        return  # Ignore, no webhooks for this event type
 
-            # All webhooks that registered for this notification
-            event_listener = WebHookEventListener.objects.filter(
-                webhook=OuterRef('pk'),
-                action_type=notification_type.action_type
-            )
-            webhooks = WebHook.objects.annotate(has_el=Exists(event_listener)).filter(
-                organizer=logentry.organizer,
-                has_el=True,
-                enabled=True
-            )
-            if logentry.event_id:
-                webhooks = webhooks.filter(
-                    Q(all_events=True) | Q(limit_events__pk=logentry.event_id)
-                )
+    # All webhooks that registered for this notification
+    event_listener = WebHookEventListener.objects.filter(
+        webhook=OuterRef('pk'),
+        action_type=notification_type.action_type
+    )
 
-        for wh in webhooks:
-            send_webhook.apply_async(args=(logentry.id, notification_type.action_type, wh.pk))
+    webhooks = WebHook.objects.annotate(has_el=Exists(event_listener)).filter(
+        organizer=logentry.organizer,
+        has_el=True,
+        enabled=True
+    )
+    if logentry.event_id:
+        webhooks = webhooks.filter(
+            Q(all_events=True) | Q(limit_events__pk=logentry.event_id)
+        )
+
+    for wh in webhooks:
+        send_webhook.apply_async(args=(logentry_id, notification_type.action_type, wh.pk))
 
 
 @app.task(base=ProfiledTask, bind=True, max_retries=9, acks_late=True)

src/pretix/base/banlist.py

@@ -73,8 +73,8 @@ banlist = [
     "wtf"
 ]
 
-banlist_regex = re.compile('(' + '|'.join(banlist) + ')')
+blacklist_regex = re.compile('(' + '|'.join(banlist) + ')')
 
 
 def banned(string):
-    return bool(banlist_regex.search(string.lower()))
+    return bool(blacklist_regex.search(string.lower()))

src/pretix/base/exporters/mail.py

@@ -41,7 +41,7 @@ class MailExporter(BaseExporter):
                      initial=[Order.STATUS_PENDING, Order.STATUS_PAID],
                      choices=Order.STATUS_CHOICE,
                      widget=forms.CheckboxSelectMultiple,
-                     required=True
+                     required=False
                  )),
             ]
         )

src/pretix/base/exporters/orderlist.py

@@ -53,23 +53,9 @@ class OrderListExporter(MultiSheetListExporter):
                      initial=True,
                      required=False
                  )),
-                ('include_payment_amounts',
-                 forms.BooleanField(
-                     label=_('Include payment amounts'),
-                     initial=False,
-                     required=False
-                 )),
             ]
         )
 
-    def _get_all_payment_methods(self, qs):
-        pps = dict(get_all_payment_providers())
-        return sorted([(pp, pps[pp]) for pp in set(
-            OrderPayment.objects.exclude(provider='free').filter(order__event__in=self.events).values_list(
-                'provider', flat=True
-            ).distinct()
-        )], key=lambda pp: pp[0])
-
     def _get_all_tax_rates(self, qs):
         tax_rates = set(
             a for a
@@ -164,10 +150,6 @@ class OrderListExporter(MultiSheetListExporter):
         headers.append(_('Comment'))
         headers.append(_('Positions'))
         headers.append(_('Payment providers'))
-        if form_data.get('include_payment_amounts'):
-            payment_methods = self._get_all_payment_methods(qs)
-            for id, vn in payment_methods:
-                headers.append(_('Paid by {method}').format(method=vn))
 
         yield headers
 
@@ -181,23 +163,6 @@ class OrderListExporter(MultiSheetListExporter):
                 taxsum=Sum('tax_value'), grosssum=Sum('value')
             )
         }
-        if form_data.get('include_payment_amounts'):
-            payment_sum_cache = {
-                (o['order__id'], o['provider']): o['grosssum'] for o in
-                OrderPayment.objects.values('provider', 'order__id').order_by().filter(
-                    state__in=[OrderPayment.PAYMENT_STATE_CONFIRMED, OrderPayment.PAYMENT_STATE_REFUNDED]
-                ).annotate(
-                    grosssum=Sum('amount')
-                )
-            }
-            refund_sum_cache = {
-                (o['order__id'], o['provider']): o['grosssum'] for o in
-                OrderRefund.objects.values('provider', 'order__id').order_by().filter(
-                    state__in=[OrderRefund.REFUND_STATE_DONE, OrderRefund.REFUND_STATE_TRANSIT]
-                ).annotate(
-                    grosssum=Sum('amount')
-                )
-            }
         sum_cache = {
             (o['order__id'], o['tax_rate']): o for o in
             OrderPosition.objects.values('tax_rate', 'order__id').order_by().annotate(
@@ -269,14 +234,6 @@ class OrderListExporter(MultiSheetListExporter):
                 str(self.providers.get(p, p)) for p in sorted(set((order.payment_providers or '').split(',')))
                 if p and p != 'free'
             ]))
-
-            if form_data.get('include_payment_amounts'):
-                payment_methods = self._get_all_payment_methods(qs)
-                for id, vn in payment_methods:
-                    row.append(
-                        payment_sum_cache.get((order.id, id), Decimal('0.00')) -
-                        refund_sum_cache.get((order.id, id), Decimal('0.00'))
-                    )
             yield row
 
     def iterate_fees(self, form_data: dict):

src/pretix/base/forms/auth.py

@@ -1,17 +1,12 @@
-import hashlib
-import ipaddress
-
 from django import forms
 from django.conf import settings
 from django.contrib.auth.password_validation import (
     password_validators_help_texts, validate_password,
 )
-from django.utils.functional import cached_property
 from django.utils.translation import gettext_lazy as _
 
 from pretix.base.models import User
 from pretix.helpers.dicts import move_to_end
-from pretix.helpers.http import get_client_ip
 
 
 class LoginForm(forms.Form):
@@ -23,7 +18,6 @@ class LoginForm(forms.Form):
 
     error_messages = {
         'invalid_login': _("This combination of credentials is not known to our system."),
-        'rate_limit': _("For security reasons, please wait 5 minutes before you try again."),
         'inactive': _("This account is inactive.")
     }
 
@@ -45,36 +39,10 @@ class LoginForm(forms.Form):
         else:
             move_to_end(self.fields, 'keep_logged_in')
 
-    @cached_property
-    def ratelimit_key(self):
-        if not settings.HAS_REDIS:
-            return None
-        client_ip = get_client_ip(self.request)
-        if not client_ip:
-            return None
-        try:
-            client_ip = ipaddress.ip_address(client_ip)
-        except ValueError:
-            # Web server not set up correctly
-            return None
-        if client_ip.is_private:
-            # This is the private IP of the server, web server not set up correctly
-            return None
-        return 'pretix_login_{}'.format(hashlib.sha1(str(client_ip).encode()).hexdigest())
-
     def clean(self):
         if all(k in self.cleaned_data for k, f in self.fields.items() if f.required):
-            if self.ratelimit_key:
-                from django_redis import get_redis_connection
-                rc = get_redis_connection("redis")
-                cnt = rc.get(self.ratelimit_key)
-                if cnt and int(cnt) > 10:
-                    raise forms.ValidationError(self.error_messages['rate_limit'], code='rate_limit')
             self.user_cache = self.backend.form_authenticate(self.request, self.cleaned_data)
             if self.user_cache is None:
-                if self.ratelimit_key:
-                    rc.incr(self.ratelimit_key)
-                    rc.expire(self.ratelimit_key, 300)
                 raise forms.ValidationError(
                     self.error_messages['invalid_login'],
                     code='invalid_login'

src/pretix/base/forms/questions.py

@@ -34,9 +34,7 @@ from pretix.base.forms.widgets import (
 )
 from pretix.base.i18n import language
 from pretix.base.models import InvoiceAddress, Question, QuestionOption
-from pretix.base.models.tax import (
-    EU_COUNTRIES, cc_to_vat_prefix, is_eu_country,
-)
+from pretix.base.models.tax import EU_COUNTRIES, cc_to_vat_prefix
 from pretix.base.settings import (
     COUNTRIES_WITH_STATE_IN_ADDRESS, PERSON_NAME_SALUTATIONS,
     PERSON_NAME_SCHEMES, PERSON_NAME_TITLE_GROUPS,
@@ -650,7 +648,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
         self.fields['state'].widget.is_required = True
 
         # Without JavaScript the VAT ID field is not hidden, so we empty the field if a country outside the EU is selected.
-        if cc and not is_eu_country(cc) and fprefix + 'vat_id' in self.data:
+        if cc and cc not in EU_COUNTRIES and fprefix + 'vat_id' in self.data:
             self.data = self.data.copy()
             del self.data[fprefix + 'vat_id']
 
@@ -700,7 +698,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
         if not data.get('is_business'):
             data['company'] = ''
             data['vat_id'] = ''
-        if data.get('is_business') and not is_eu_country(data.get('country')):
+        if data.get('is_business') and not data.get('country') in EU_COUNTRIES:
             data['vat_id'] = ''
         if self.event.settings.invoice_address_required:
             if data.get('is_business') and not data.get('company'):
@@ -724,7 +722,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
             self.cleaned_data['country'] = ''
         if self.validate_vat_id and self.instance.vat_id_validated and 'vat_id' not in self.changed_data:
             pass
-        elif self.validate_vat_id and data.get('is_business') and is_eu_country(data.get('country')) and data.get('vat_id'):
+        elif self.validate_vat_id and data.get('is_business') and data.get('country') in EU_COUNTRIES and data.get('vat_id'):
             if data.get('vat_id')[:2] != cc_to_vat_prefix(str(data.get('country'))):
                 raise ValidationError(_('Your VAT ID does not match the selected country.'))
             try:

src/pretix/base/forms/user.py

@@ -1,5 +1,4 @@
 from django import forms
-from django.conf import settings
 from django.contrib.auth.hashers import check_password
 from django.contrib.auth.password_validation import (
     password_validators_help_texts, validate_password,
@@ -20,7 +19,6 @@ class UserSettingsForm(forms.ModelForm):
                         "address or password."),
         'pw_current_wrong': _("The current password you entered was not correct."),
         'pw_mismatch': _("Please enter the same password twice"),
-        'rate_limit': _("For security reasons, please wait 5 minutes before you try again."),
     }
 
     old_pw = forms.CharField(max_length=255,
@@ -66,18 +64,6 @@ class UserSettingsForm(forms.ModelForm):
 
     def clean_old_pw(self):
         old_pw = self.cleaned_data.get('old_pw')
-
-        if old_pw and settings.HAS_REDIS:
-            from django_redis import get_redis_connection
-            rc = get_redis_connection("redis")
-            cnt = rc.incr('pretix_pwchange_%s' % self.user.pk)
-            rc.expire('pretix_pwchange_%s' % self.user.pk, 300)
-            if cnt > 10:
-                raise forms.ValidationError(
-                    self.error_messages['rate_limit'],
-                    code='rate_limit',
-                )
-
         if old_pw and not check_password(old_pw, self.user.password):
             raise forms.ValidationError(
                 self.error_messages['pw_current_wrong'],

src/pretix/base/middleware.py

@@ -3,7 +3,7 @@ from urllib.parse import urlsplit
 
 import pytz
 from django.conf import settings
-from django.http import Http404, HttpRequest, HttpResponse
+from django.http import HttpRequest, HttpResponse, Http404
 from django.middleware.common import CommonMiddleware
 from django.urls import get_script_prefix
 from django.utils import timezone, translation

src/pretix/base/migrations/0162b_auto_20201218_1810.py

@@ -1,23 +0,0 @@
-# Generated by Django 3.0.11 on 2020-12-18 18:10
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('pretixbase', '0162_remove_seat_name'),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name='cachedfile',
-            name='session_key',
-            field=models.TextField(null=True),
-        ),
-        migrations.AddField(
-            model_name='cachedfile',
-            name='web_download',
-            field=models.BooleanField(default=True),
-        ),
-    ]

src/pretix/base/migrations/0170_auto_20201030_2109.py

@@ -0,0 +1,49 @@
+# Generated by Django 3.0.10 on 2020-10-30 21:09
+import json
+
+from django.db import migrations
+
+
+def migrate_tax_rules(apps, schema_editor):
+    TaxRule = apps.get_model('pretixbase', 'TaxRule')
+    for tr in TaxRule.objects.filter(eu_reverse_charge=True):
+        if tr.custom_rules and tr.custom_rules != '[]':
+            # Custom rules take precedence
+            continue
+        r = [{
+            'country': str(tr.home_country),
+            'address_type': '',
+            'action': 'vat'
+        }, {
+            'country': 'EU',
+            'address_type': 'business_vat_id',
+            'action': 'reverse'
+        }, {
+            'country': 'EU',
+            'address_type': '',
+            'action': 'vat'
+        }, {
+            'country': 'ZZ',
+            'address_type': '',
+            'action': 'no'
+        }]
+        tr.custom_rules = json.dumps(r)
+        tr.save()
+
+
+class Migration(migrations.Migration):
+    dependencies = [
+        ('pretixbase', '0169_checkinlist_gates'),
+    ]
+
+    operations = [
+        migrations.RunPython(migrate_tax_rules, migrations.RunPython.noop),
+        migrations.RemoveField(
+            model_name='taxrule',
+            name='eu_reverse_charge',
+        ),
+        migrations.RemoveField(
+            model_name='taxrule',
+            name='home_country',
+        ),
+    ]

src/pretix/base/migrations/0170_remove_hidden_urls.py

@@ -1,20 +0,0 @@
-# Generated by Django 3.0.9 on 2020-11-23 15:51
-
-from django.db import migrations
-
-
-def remove_old_settings(app, schema_editor):
-    EventSettingsStore = app.get_model('pretixbase', 'Event_SettingsStore')
-
-    EventSettingsStore.objects.filter(key__startswith='payment_', key__endswith='__hidden_url').delete()
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('pretixbase', '0169_checkinlist_gates'),
-    ]
-
-    operations = [
-        migrations.RunPython(remove_old_settings, migrations.RunPython.noop)
-    ]

src/pretix/base/migrations/0171_merge_20201222_1030.py

@@ -1,14 +0,0 @@
-# Generated by Django 3.0.11 on 2020-12-22 10:30
-
-from django.db import migrations
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('pretixbase', '0170_remove_hidden_urls'),
-        ('pretixbase', '0162b_auto_20201218_1810'),
-    ]
-
-    operations = [
-    ]

src/pretix/base/models/base.py

@@ -28,8 +28,6 @@ class CachedFile(models.Model):
     filename = models.CharField(max_length=255)
     type = models.CharField(max_length=255)
     file = models.FileField(null=True, blank=True, upload_to=cachedfile_name, max_length=255)
-    web_download = models.BooleanField(default=True)  # allow web download, True for backwards compatibility in plugins
-    session_key = models.TextField(null=True, blank=True)  # only allow download in this session
 
 
 @receiver(post_delete, sender=CachedFile)
@@ -51,8 +49,9 @@ class LoggingMixin:
         :param user: The user performing the action (optional)
         """
         from pretix.api.models import OAuthAccessToken, OAuthApplication
-        from pretix.api.webhooks import notify_webhooks
+        from pretix.api.webhooks import get_all_webhook_events, notify_webhooks
 
+        from ..notifications import get_all_notification_types
         from ..services.notifications import notify
         from .devices import Device
         from .event import Event
@@ -94,11 +93,21 @@ class LoggingMixin:
         if save:
             logentry.save()
 
-            if logentry.notification_type:
-                notify.apply_async(args=(logentry.pk,))
-            if logentry.webhook_type:
-                notify_webhooks.apply_async(args=(logentry.pk,))
+            no_types = get_all_notification_types()
+            wh_types = get_all_webhook_events()
 
+            no_type = None
+            wh_type = None
+            typepath = logentry.action_type
+            while (not no_type or not wh_types) and '.' in typepath:
+                wh_type = wh_type or wh_types.get(typepath + ('.*' if typepath != logentry.action_type else ''))
+                no_type = no_type or no_types.get(typepath + ('.*' if typepath != logentry.action_type else ''))
+                typepath = typepath.rsplit('.', 1)[0]
+
+            if no_type:
+                notify.apply_async(args=(logentry.pk,))
+            if wh_type:
+                notify_webhooks.apply_async(args=(logentry.pk,))
         return logentry
 
 

src/pretix/base/models/devices.py

@@ -222,15 +222,3 @@ class Device(LoggedModel):
             return self.organizer.events.all()
         else:
             return self.limit_events.all()
-
-    def get_events_with_permission(self, permission, request=None):
-        """
-        Returns a queryset of events the device has a specific permissions to.
-
-        :param request: Ignored, for compatibility with User model
-        :return: Iterable of Events
-        """
-        if permission in self.permission_set():
-            return self.get_events_with_any_permission()
-        else:
-            return self.organizer.events.none()

src/pretix/base/models/event.py

@@ -118,49 +118,25 @@ class EventMixin:
     def timezone(self):
         return pytz.timezone(self.settings.timezone)
 
-    @property
-    def effective_presale_end(self):
-        """
-        Returns the effective presale end date, taking for subevents into consideration if the presale end
-        date might have been further limited by the event-level presale end date
-        """
-        if isinstance(self, SubEvent):
-            presale_ends = [self.presale_end, self.event.presale_end]
-            return min(filter(lambda x: x is not None, presale_ends)) if any(presale_ends) else None
-        else:
-            return self.presale_end
-
     @property
     def presale_has_ended(self):
         """
         Is true, when ``presale_end`` is set and in the past.
         """
-        if self.effective_presale_end:
-            return now() > self.effective_presale_end
+        if self.presale_end:
+            return now() > self.presale_end
         elif self.date_to:
             return now() > self.date_to
         else:
             return now().astimezone(self.timezone).date() > self.date_from.astimezone(self.timezone).date()
 
-    @property
-    def effective_presale_start(self):
-        """
-        Returns the effective presale start date, taking for subevents into consideration if the presale start
-        date might have been further limited by the event-level presale start date
-        """
-        if isinstance(self, SubEvent):
-            presale_starts = [self.presale_start, self.event.presale_start]
-            return max(filter(lambda x: x is not None, presale_starts)) if any(presale_starts) else None
-        else:
-            return self.presale_start
-
     @property
     def presale_is_running(self):
         """
         Is true, when ``presale_end`` is not set or in the future and ``presale_start`` is not
         set or in the past.
         """
-        if self.effective_presale_start and now() < self.effective_presale_start:
+        if self.presale_start and now() < self.presale_start:
             return False
         return not self.presale_has_ended
 
@@ -268,34 +244,6 @@ class EventMixin:
             return Quota.AVAILABILITY_RESERVED
         return Quota.AVAILABILITY_GONE
 
-    def free_seats(self, ignore_voucher=None, sales_channel='web', include_blocked=False):
-        qs_annotated = self._seats(ignore_voucher=ignore_voucher)
-
-        qs = qs_annotated.filter(has_order=False, has_cart=False, has_voucher=False)
-        if self.settings.seating_minimal_distance > 0:
-            qs = qs.filter(has_closeby_taken=False)
-
-        if not (sales_channel in self.settings.seating_allow_blocked_seats_for_channel or include_blocked):
-            qs = qs.filter(blocked=False)
-        return qs
-
-    def total_seats(self, ignore_voucher=None):
-        return self._seats(ignore_voucher=ignore_voucher)
-
-    def taken_seats(self, ignore_voucher=None):
-        return self._seats(ignore_voucher=ignore_voucher).filter(has_order=True)
-
-    def blocked_seats(self, ignore_voucher=None):
-        qs = self._seats(ignore_voucher=ignore_voucher)
-        q = (
-            Q(has_cart=True)
-            | Q(has_voucher=True)
-            | Q(blocked=True)
-        )
-        if self.settings.seating_minimal_distance > 0:
-            q |= Q(has_closeby_taken=True, has_order=False)
-        return qs.filter(q)
-
 
 @settings_hierarkey.add(parent_field='organizer', cache_namespace='event')
 class Event(EventMixin, LoggedModel):
@@ -446,7 +394,7 @@ class Event(EventMixin, LoggedModel):
         if img:
             return urljoin(build_absolute_uri(self, 'presale:event.index'), img)
 
-    def _seats(self, ignore_voucher=None):
+    def free_seats(self, ignore_voucher=None, sales_channel='web', include_blocked=False):
         from .seating import Seat
 
         qs_annotated = Seat.annotated(self.seats, self.pk, None,
@@ -454,7 +402,13 @@ class Event(EventMixin, LoggedModel):
                                       minimal_distance=self.settings.seating_minimal_distance,
                                       distance_only_within_row=self.settings.seating_distance_within_row)
 
-        return qs_annotated
+        qs = qs_annotated.filter(has_order=False, has_cart=False, has_voucher=False)
+        if self.settings.seating_minimal_distance > 0:
+            qs = qs.filter(has_closeby_taken=False)
+
+        if not (sales_channel in self.settings.seating_allow_blocked_seats_for_channel or include_blocked):
+            qs = qs.filter(blocked=False)
+        return qs
 
     @property
     def presale_has_ended(self):
@@ -553,14 +507,11 @@ class Event(EventMixin, LoggedModel):
     def copy_data_from(self, other):
         from ..signals import event_copy_data
         from . import (
-            Item, ItemAddOn, ItemBundle, ItemCategory, ItemMetaValue, Question,
-            Quota,
+            Item, ItemAddOn, ItemCategory, ItemMetaValue, Question, Quota,
         )
 
         self.plugins = other.plugins
         self.is_public = other.is_public
-        if other.date_admission:
-            self.date_admission = self.date_from + (other.date_admission - other.date_from)
         self.testmode = other.testmode
         self.save()
         self.log_action('pretix.object.cloned', data={'source': other.slug, 'source_id': other.pk})
@@ -622,14 +573,6 @@ class Event(EventMixin, LoggedModel):
             ia.addon_category = category_map[ia.addon_category.pk]
             ia.save()
 
-        for ia in ItemBundle.objects.filter(base_item__event=other).prefetch_related('base_item', 'bundled_item', 'bundled_variation'):
-            ia.pk = None
-            ia.base_item = item_map[ia.base_item.pk]
-            ia.bundled_item = item_map[ia.bundled_item.pk]
-            if ia.bundled_variation:
-                ia.bundled_variation = variation_map[ia.bundled_variation.pk]
-            ia.save()
-
         for q in Quota.objects.filter(event=other, subevent__isnull=True).prefetch_related('items', 'variations'):
             items = list(q.items.all())
             vars = list(q.variations.all())
@@ -1146,13 +1089,19 @@ class SubEvent(EventMixin, LoggedModel):
             date_format(self.date_from.astimezone(self.timezone), "TIME_FORMAT") if self.settings.show_times else ""
         ).strip()
 
-    def _seats(self, ignore_voucher=None):
+    def free_seats(self, ignore_voucher=None, sales_channel='web', include_blocked=False):
         from .seating import Seat
         qs_annotated = Seat.annotated(self.seats, self.event_id, self,
                                       ignore_voucher_id=ignore_voucher.pk if ignore_voucher else None,
                                       minimal_distance=self.settings.seating_minimal_distance,
                                       distance_only_within_row=self.settings.seating_distance_within_row)
-        return qs_annotated
+        qs = qs_annotated.filter(has_order=False, has_cart=False, has_voucher=False)
+        if self.settings.seating_minimal_distance > 0:
+            qs = qs.filter(has_closeby_taken=False)
+
+        if not (sales_channel in self.settings.seating_allow_blocked_seats_for_channel or include_blocked):
+            qs = qs.filter(blocked=False)
+        return qs
 
     @cached_property
     def settings(self):

src/pretix/base/models/items.py

@@ -314,7 +314,7 @@ class Item(LoggedModel):
     )
     allow_waitinglist = models.BooleanField(
         verbose_name=_("Show a waiting list for this ticket"),
-        help_text=_("This will only work if waiting lists are enabled for this event."),
+        help_text=_("This will only work of waiting lists are enabled for this event."),
         default=True
     )
     show_quota_left = models.NullBooleanField(

src/pretix/base/models/log.py

@@ -63,42 +63,14 @@ class LogEntry(models.Model):
                 return response
         return self.action_type
 
-    @property
-    def webhook_type(self):
-        from pretix.api.webhooks import get_all_webhook_events
-
-        wh_types = get_all_webhook_events()
-        wh_type = None
-        typepath = self.action_type
-        while not wh_type and '.' in typepath:
-            wh_type = wh_type or wh_types.get(typepath + ('.*' if typepath != self.action_type else ''))
-            typepath = typepath.rsplit('.', 1)[0]
-        return wh_type
-
-    @property
-    def notification_type(self):
-        from pretix.base.notifications import get_all_notification_types
-
-        no_type = None
-        no_types = get_all_notification_types()
-        typepath = self.action_type
-        while not no_type and '.' in typepath:
-            no_type = no_type or no_types.get(typepath + ('.*' if typepath != self.action_type else ''))
-            typepath = typepath.rsplit('.', 1)[0]
-        return no_type
-
     @cached_property
     def organizer(self):
-        from .organizer import Organizer
-
         if self.event:
             return self.event.organizer
         elif hasattr(self.content_object, 'event'):
             return self.content_object.event.organizer
         elif hasattr(self.content_object, 'organizer'):
             return self.content_object.organizer
-        elif isinstance(self.content_object, Organizer):
-            return self.content_object
         return None
 
     @cached_property
@@ -216,16 +188,3 @@ class LogEntry(models.Model):
 
     def delete(self, using=None, keep_parents=False):
         raise TypeError("Logs cannot be deleted.")
-
-    @classmethod
-    def bulk_postprocess(cls, objects):
-        from pretix.api.webhooks import notify_webhooks
-
-        from ..services.notifications import notify
-
-        to_notify = [o.id for o in objects if o.notification_type]
-        if to_notify:
-            notify.apply_async(args=(to_notify,))
-        to_wh = [o.id for o in objects if o.webhook_type]
-        if to_wh:
-            notify_webhooks.apply_async(args=(to_wh,))

src/pretix/base/models/orders.py

@@ -1600,10 +1600,6 @@ class OrderPayment(models.Model):
             'local_id': r.local_id,
             'provider': r.provider,
         })
-
-        if self.order.pending_sum + r.amount == Decimal('0.00'):
-            self.refund.done()
-
         return r
 
 

src/pretix/base/models/organizer.py

@@ -357,15 +357,3 @@ class TeamAPIToken(models.Model):
             return self.team.organizer.events.all()
         else:
             return self.team.limit_events.all()
-
-    def get_events_with_permission(self, permission, request=None):
-        """
-        Returns a queryset of events the token has a specific permissions to.
-
-        :param request: Ignored, for compatibility with User model
-        :return: Iterable of Events
-        """
-        if getattr(self.team, permission, False):
-            return self.get_events_with_any_permission()
-        else:
-            return self.team.organizer.events.none()

src/pretix/base/models/seating.py

@@ -130,7 +130,7 @@ class Seat(models.Model):
     seat_number = models.CharField(max_length=190, blank=True, default="")
     seat_label = models.CharField(max_length=190, null=True)
     seat_guid = models.CharField(max_length=190, db_index=True)
-    product = models.ForeignKey('Item', null=True, blank=True, related_name='seats', on_delete=models.SET_NULL)
+    product = models.ForeignKey('Item', null=True, blank=True, related_name='seats', on_delete=models.CASCADE)
     blocked = models.BooleanField(default=False)
     sorting_rank = models.BigIntegerField(default=0)
     x = models.FloatField(null=True)

src/pretix/base/models/tax.py

@@ -1,17 +1,14 @@
 import json
 from decimal import Decimal
 
-from django.core.exceptions import ValidationError
 from django.db import models
 from django.utils.formats import localize
-from django.utils.timezone import get_current_timezone, now
 from django.utils.translation import gettext_lazy as _
 from i18nfield.fields import I18nCharField
 
 from pretix.base.decimal import round_decimal
 from pretix.base.models.base import LoggedModel
 from pretix.base.templatetags.money import money_filter
-from pretix.helpers.countries import FastCountryField
 
 
 class TaxedPrice:
@@ -86,14 +83,6 @@ EU_CURRENCIES = {
 }
 
 
-def is_eu_country(cc):
-    cc = str(cc)
-    if cc == 'GB':
-        return now().astimezone(get_current_timezone()).year <= 2020
-    else:
-        return cc in EU_COUNTRIES
-
-
 def cc_to_vat_prefix(country_code):
     if country_code == 'GR':
         return 'EL'
@@ -116,29 +105,11 @@ class TaxRule(LoggedModel):
         verbose_name=_("The configured product prices include the tax amount"),
         default=True,
     )
-    eu_reverse_charge = models.BooleanField(
-        verbose_name=_("Use EU reverse charge taxation rules"),
-        default=False,
-        help_text=_("Not recommended. Most events will NOT be qualified for reverse charge since the place of "
-                    "taxation is the location of the event. This option disables charging VAT for all customers "
-                    "outside the EU and for business customers in different EU countries who entered a valid EU VAT "
-                    "ID. Only enable this option after consulting a tax counsel. No warranty given for correct tax "
-                    "calculation. USE AT YOUR OWN RISK.")
-    )
-    home_country = FastCountryField(
-        verbose_name=_('Merchant country'),
-        blank=True,
-        help_text=_('Your country of residence. This is the country the EU reverse charge rule will not apply in, '
-                    'if configured above.'),
-    )
     custom_rules = models.TextField(blank=True, null=True)
 
     class Meta:
         ordering = ('event', 'rate', 'id')
 
-    class SaleNotAllowed(Exception):
-        pass
-
     def allow_delete(self):
         from pretix.base.models.orders import OrderFee, OrderPosition
 
@@ -159,17 +130,13 @@ class TaxRule(LoggedModel):
             eu_reverse_charge=False
         )
 
-    def clean(self):
-        if self.eu_reverse_charge and not self.home_country:
-            raise ValidationError(_('You need to set your home country to use the reverse charge feature.'))
-
     def __str__(self):
         if self.price_includes_tax:
             s = _('incl. {rate}% {name}').format(rate=self.rate, name=self.name)
         else:
             s = _('plus {rate}% {name}').format(rate=self.rate, name=self.name)
-        if self.eu_reverse_charge:
-            s += ' ({})'.format(_('reverse charge enabled'))
+        if self.has_custom_rules:
+            s += ' ({})'.format(_('with custom rules'))
         return str(s)
 
     @property
@@ -181,8 +148,6 @@ class TaxRule(LoggedModel):
             return Decimal('0.00')
         if self.has_custom_rules:
             rule = self.get_matching_rule(invoice_address)
-            if rule.get('action', 'vat') == 'block':
-                raise self.SaleNotAllowed()
             if rule.get('action', 'vat') == 'vat' and rule.get('rate') is not None:
                 return Decimal(rule.get('rate'))
         return Decimal(self.rate)
@@ -255,7 +220,7 @@ class TaxRule(LoggedModel):
         rules = self._custom_rules
         if invoice_address:
             for r in rules:
-                if r['country'] == 'EU' and not is_eu_country(invoice_address.country):
+                if r['country'] == 'EU' and str(invoice_address.country) not in EU_COUNTRIES:
                     continue
                 if r['country'] not in ('ZZ', 'EU') and r['country'] != str(invoice_address.country):
                     continue
@@ -272,52 +237,12 @@ class TaxRule(LoggedModel):
         if self._custom_rules:
             rule = self.get_matching_rule(invoice_address)
             return rule['action'] == 'reverse'
-
-        if not self.eu_reverse_charge:
-            return False
-
-        if not invoice_address or not invoice_address.country:
-            return False
-
-        if not is_eu_country(invoice_address.country):
-            return False
-
-        if invoice_address.country == self.home_country:
-            return False
-
-        if invoice_address.is_business and invoice_address.vat_id and invoice_address.vat_id_validated:
-            return True
-
         return False
 
     def _tax_applicable(self, invoice_address):
         if self._custom_rules:
             rule = self.get_matching_rule(invoice_address)
-            if rule.get('action', 'vat') == 'block':
-                raise self.SaleNotAllowed()
             return rule.get('action', 'vat') == 'vat'
-
-        if not self.eu_reverse_charge:
-            # No reverse charge rules? Always apply VAT!
-            return True
-
-        if not invoice_address or not invoice_address.country:
-            # No country specified? Always apply VAT!
-            return True
-
-        if not is_eu_country(invoice_address.country):
-            # Non-EU country? Never apply VAT!
-            return False
-
-        if invoice_address.country == self.home_country:
-            # Within same EU country? Always apply VAT!
-            return True
-
-        if invoice_address.is_business and invoice_address.vat_id and invoice_address.vat_id_validated:
-            # Reverse charge case
-            return False
-
-        # Consumer in different EU country / invalid VAT
         return True
 
     def delete(self, *args, **kwargs):

src/pretix/base/payment.py

@@ -513,7 +513,7 @@ class BasePaymentProvider:
 
         return timing and pricing
 
-    def payment_form_render(self, request: HttpRequest, total: Decimal, order: Order=None) -> str:
+    def payment_form_render(self, request: HttpRequest, total: Decimal) -> str:
         """
         When the user selects this provider as their preferred payment method,
         they will be shown the HTML you return from this method.
@@ -522,15 +522,13 @@ class BasePaymentProvider:
         and render the returned form. If your payment method doesn't require
         the user to fill out form fields, you should just return a paragraph
         of explanatory text.
-
-        :param order: Only set when this is a change to a new payment method for an existing order.
         """
         form = self.payment_form(request)
         template = get_template('pretixpresale/event/checkout_payment_form_default.html')
         ctx = {'request': request, 'form': form}
         return template.render(ctx)
 
-    def checkout_confirm_render(self, request, order: Order=None) -> str:
+    def checkout_confirm_render(self, request) -> str:
         """
         If the user has successfully filled in their payment data, they will be redirected
         to a confirmation page which lists all details of their order for a final review.
@@ -539,8 +537,6 @@ class BasePaymentProvider:
 
         In most cases, this should include a short summary of the user's input and
         a short explanation on how the payment process will continue.
-
-        :param order: Only set when this is a change to a new payment method for an existing order.
         """
         raise NotImplementedError()  # NOQA
 

src/pretix/base/secrets.py

@@ -1,5 +1,4 @@
 import base64
-import inspect
 import struct
 
 from cryptography.hazmat.backends.openssl.backend import Backend
@@ -53,10 +52,10 @@ class BaseTicketSecretGenerator:
         return False
 
     def generate_secret(self, item: Item, variation: ItemVariation = None, subevent: SubEvent = None,
-                        attendee_name: str = None, current_secret: str = None, force_invalidate=False) -> str:
+                        current_secret: str = None, force_invalidate=False) -> str:
         """
         Generate a new secret for a ticket with product ``item``, variation ``variation``, subevent ``subevent``,
-        attendee name ``attendee_name`` (can be ``None``) and the current secret ``current_secret`` (if any).
+        and the current secret ``current_secret`` (if any).
 
         The result must be a string that should only contain the characters ``A-Za-z0-9+/=``.
 
@@ -71,11 +70,6 @@ class BaseTicketSecretGenerator:
         If ``force_invalidate`` is set to ``False`` and ``item``, ``variation`` and ``subevent`` have a different value
         as when ``current_secret`` was generated, then this method MAY OR MAY NOT return ``current_secret`` unchanged,
         depending on the semantics of the method.
-
-        .. note:: While it is guaranteed that ``generate_secret`` and the revocation list process are called every
-                  time the ``item``, ``variation``, or ``subevent`` parameters change, it is currently **NOT**
-                  guaranteed that this process is triggered if the ``attendee_name`` parameter changes. You should
-                  therefore not rely on this value for more than informational or debugging purposes.
         """
         raise NotImplementedError()
 
@@ -86,7 +80,7 @@ class RandomTicketSecretGenerator(BaseTicketSecretGenerator):
     use_revocation_list = False
 
     def generate_secret(self, item: Item, variation: ItemVariation = None, subevent: SubEvent = None,
-                        attendee_name: str = None, current_secret: str = None, force_invalidate=False):
+                        current_secret: str = None, force_invalidate=False):
         if current_secret and not force_invalidate:
             return current_secret
         return get_random_string(
@@ -193,17 +187,12 @@ def assign_ticket_secret(event, position, force_invalidate_if_revokation_list_us
     gen = event.ticket_secret_generator
     if gen.use_revocation_list and force_invalidate_if_revokation_list_used:
         force_invalidate = True
-
-    kwargs = {}
-    if 'attendee_name' in inspect.signature(gen.generate_secret).parameters:
-        kwargs['attendee_name'] = position.attendee_name
     secret = gen.generate_secret(
         item=position.item,
         variation=position.variation,
         subevent=position.subevent,
         current_secret=position.secret,
-        force_invalidate=force_invalidate,
-        **kwargs
+        force_invalidate=force_invalidate
     )
     changed = position.secret != secret
     if position.secret and changed and gen.use_revocation_list:

src/pretix/base/services/cart.py

@@ -106,7 +106,6 @@ error_messages = {
     'seat_unavailable': _('The seat you selected has already been taken. Please select a different seat.'),
     'seat_multiple': _('You can not select the same seat multiple times.'),
     'gift_card': _("You entered a gift card instead of a voucher. Gift cards can be entered later on when you're asked for your payment details."),
-    'country_blocked': _('One of the selected products is not available in the selected country.'),
 }
 
 
@@ -325,8 +324,6 @@ class CartManager:
                 custom_price_is_net=cp_is_net if cp_is_net is not None else self.event.settings.display_net_prices,
                 invoice_address=self.invoice_address, force_custom_price=force_custom_price, bundled_sum=bundled_sum
             )
-        except TaxRule.SaleNotAllowed:
-            raise CartError(error_messages['country_blocked'])
         except ValueError as e:
             if str(e) == 'price_too_high':
                 raise CartError(error_messages['price_too_high'])
@@ -1066,7 +1063,6 @@ def update_tax_rates(event: Event, cart_id: str, invoice_address: InvoiceAddress
         if pos.tax_rate != rate:
             current_net = pos.price - pos.tax_value
             new_gross = pos.item.tax(current_net, base_price_is='net', invoice_address=invoice_address).gross
-            totaldiff += new_gross - pos.price
             pos.price = new_gross
             pos.includes_tax = rate != Decimal('0.00')
             pos.override_tax_rate = rate

src/pretix/base/services/export.py

@@ -1,13 +1,12 @@
 from typing import Any, Dict
 
-from django.conf import settings
 from django.core.files.base import ContentFile
 from django.utils.timezone import override
 from django.utils.translation import gettext
 
 from pretix.base.i18n import LazyLocaleException, language
 from pretix.base.models import (
-    CachedFile, Device, Event, Organizer, TeamAPIToken, User, cachedfile_name,
+    CachedFile, Event, Organizer, User, cachedfile_name,
 )
 from pretix.base.services.tasks import (
     ProfiledEventTask, ProfiledOrganizerUserTask,
@@ -49,13 +48,7 @@ def export(self, event: Event, fileid: str, provider: str, form_data: Dict[str,
 
 
 @app.task(base=ProfiledOrganizerUserTask, throws=(ExportError,), bind=True)
-def multiexport(self, organizer: Organizer, user: User, device: int, token: int, fileid: str, provider: str, form_data: Dict[str, Any]) -> None:
-    if device:
-        device = Device.objects.get(pk=device)
-    if token:
-        device = TeamAPIToken.objects.get(pk=token)
-    allowed_events = (device or token or user).get_events_with_permission('can_view_orders')
-
+def multiexport(self, organizer: Organizer, user: User, fileid: str, provider: str, form_data: Dict[str, Any]) -> None:
     def set_progress(val):
         if not self.request.called_directly:
             self.update_state(
@@ -64,22 +57,10 @@ def multiexport(self, organizer: Organizer, user: User, device: int, token: int,
             )
 
     file = CachedFile.objects.get(id=fileid)
-    if user:
-        locale = user.locale
-        timezone = user.timezone
-    else:
-        e = allowed_events.first()
-        if e:
-            locale = e.settings.locale
-            timezone = e.settings.timezone
-        else:
-            locale = settings.LANGUAGE_CODE
-            timezone = settings.TIME_ZONE
-    with language(locale), override(timezone):
-        if isinstance(form_data['events'][0], str):
-            events = allowed_events.filter(slug__in=form_data.get('events'), organizer=organizer)
-        else:
-            events = allowed_events.filter(pk__in=form_data.get('events'))
+    with language(user.locale), override(user.timezone):
+        allowed_events = user.get_events_with_permission('can_view_orders')
+
+        events = allowed_events.filter(pk__in=form_data.get('events'))
         responses = register_multievent_data_exporters.send(organizer)
 
         for receiver, response in responses:

src/pretix/base/services/invoices.py

@@ -24,7 +24,7 @@ from pretix.base.i18n import language
 from pretix.base.models import (
     Invoice, InvoiceAddress, InvoiceLine, Order, OrderFee,
 )
-from pretix.base.models.tax import EU_CURRENCIES, is_eu_country
+from pretix.base.models.tax import EU_COUNTRIES, EU_CURRENCIES
 from pretix.base.services.tasks import TransactionAwareTask
 from pretix.base.settings import GlobalSettingsObject
 from pretix.base.signals import invoice_line_text, periodic_task
@@ -181,7 +181,7 @@ def build_invoice(invoice: Invoice) -> Invoice:
         if reverse_charge:
             if invoice.additional_text:
                 invoice.additional_text += "<br /><br />"
-            if is_eu_country(invoice.invoice_to_country):
+            if str(invoice.invoice_to_country) in EU_COUNTRIES:
                 invoice.additional_text += pgettext(
                     "invoice",
                     "Reverse Charge: According to Article 194, 196 of Council Directive 2006/112/EEC, VAT liability "

src/pretix/base/services/notifications.py

@@ -15,59 +15,55 @@ from pretix.helpers.urls import build_absolute_uri
 
 @app.task(base=TransactionAwareTask, acks_late=True)
 @scopes_disabled()
-def notify(logentry_ids: list):
-    if not isinstance(logentry_ids, list):
-        logentry_ids = [logentry_ids]
+def notify(logentry_id: int):
+    logentry = LogEntry.all.select_related('event', 'event__organizer').get(id=logentry_id)
+    if not logentry.event:
+        return  # Ignore, we only have event-related notifications right now
+    types = get_all_notification_types(logentry.event)
 
-    qs = LogEntry.all.select_related('event', 'event__organizer').filter(id__in=logentry_ids)
+    notification_type = None
+    typepath = logentry.action_type
+    while not notification_type and '.' in typepath:
+        notification_type = types.get(typepath + ('.*' if typepath != logentry.action_type else ''))
+        typepath = typepath.rsplit('.', 1)[0]
 
-    _event, _at, notify_specific, notify_global = None, None, None, None
-    for logentry in qs:
-        if not logentry.event:
-            break  # Ignore, we only have event-related notifications right now
+    if not notification_type:
+        return  # No suitable plugin
 
-        notification_type = logentry.notification_type
+    # All users that have the permission to get the notification
+    users = logentry.event.get_users_with_permission(
+        notification_type.required_permission
+    ).filter(notifications_send=True, is_active=True)
+    if logentry.user:
+        users = users.exclude(pk=logentry.user.pk)
 
-        if not notification_type:
-            break  # No suitable plugin
+    # Get all notification settings, both specific to this event as well as global
+    notify_specific = {
+        (ns.user, ns.method): ns.enabled
+        for ns in NotificationSetting.objects.filter(
+            event=logentry.event,
+            action_type=notification_type.action_type,
+            user__pk__in=users.values_list('pk', flat=True)
+        )
+    }
+    notify_global = {
+        (ns.user, ns.method): ns.enabled
+        for ns in NotificationSetting.objects.filter(
+            event__isnull=True,
+            action_type=notification_type.action_type,
+            user__pk__in=users.values_list('pk', flat=True)
+        )
+    }
 
-        if _event != logentry.event or _at != logentry.action_type or notify_global is None:
-            _event = logentry.event
-            _at = logentry.action_type
-            # All users that have the permission to get the notification
-            users = logentry.event.get_users_with_permission(
-                notification_type.required_permission
-            ).filter(notifications_send=True, is_active=True)
-            if logentry.user:
-                users = users.exclude(pk=logentry.user.pk)
+    for um, enabled in notify_specific.items():
+        user, method = um
+        if enabled:
+            send_notification.apply_async(args=(logentry_id, notification_type.action_type, user.pk, method))
 
-            # Get all notification settings, both specific to this event as well as global
-            notify_specific = {
-                (ns.user, ns.method): ns.enabled
-                for ns in NotificationSetting.objects.filter(
-                    event=logentry.event,
-                    action_type=notification_type.action_type,
-                    user__pk__in=users.values_list('pk', flat=True)
-                )
-            }
-            notify_global = {
-                (ns.user, ns.method): ns.enabled
-                for ns in NotificationSetting.objects.filter(
-                    event__isnull=True,
-                    action_type=notification_type.action_type,
-                    user__pk__in=users.values_list('pk', flat=True)
-                )
-            }
-
-        for um, enabled in notify_specific.items():
-            user, method = um
-            if enabled:
-                send_notification.apply_async(args=(logentry.id, notification_type.action_type, user.pk, method))
-
-        for um, enabled in notify_global.items():
-            user, method = um
-            if enabled and um not in notify_specific:
-                send_notification.apply_async(args=(logentry.id, notification_type.action_type, user.pk, method))
+    for um, enabled in notify_global.items():
+        user, method = um
+        if enabled and um not in notify_specific:
+            send_notification.apply_async(args=(logentry_id, notification_type.action_type, user.pk, method))
 
 
 @app.task(base=ProfiledTask, acks_late=True)

src/pretix/base/services/orders.py

@@ -89,7 +89,6 @@ error_messages = {
                              'positions have been removed from your cart.'),
     'seat_invalid': _('One of the seats in your order was invalid, we removed the position from your cart.'),
     'seat_unavailable': _('One of the seats in your order has been taken in the meantime, we removed the position from your cart.'),
-    'country_blocked': _('One of the selected products is not available in the selected country.'),
 }
 
 logger = logging.getLogger(__name__)
@@ -616,39 +615,34 @@ def _check_positions(event: Event, now_dt: datetime, positions: List[CartPositio
             current_discount = cp.price_before_voucher - cp.price
             max_discount = max(v_budget[cp.voucher] + current_discount, 0)
 
-        try:
-            if cp.is_bundled:
-                try:
-                    bundle = cp.addon_to.item.bundles.get(bundled_item=cp.item, bundled_variation=cp.variation)
-                    bprice = bundle.designated_price or 0
-                except ItemBundle.DoesNotExist:
-                    bprice = cp.price
-                except ItemBundle.MultipleObjectsReturned:
-                    raise OrderError("Invalid product configuration (duplicate bundle)")
-                price = get_price(cp.item, cp.variation, cp.voucher, bprice, cp.subevent, custom_price_is_net=False,
-                                  custom_price_is_tax_rate=cp.override_tax_rate,
-                                  invoice_address=address, force_custom_price=True, max_discount=max_discount)
-                pbv = get_price(cp.item, cp.variation, None, bprice, cp.subevent, custom_price_is_net=False,
-                                custom_price_is_tax_rate=cp.override_tax_rate,
-                                invoice_address=address, force_custom_price=True, max_discount=max_discount)
-                changed_prices[cp.pk] = bprice
-            else:
-                bundled_sum = 0
-                if not cp.addon_to_id:
-                    for bundledp in cp.addons.all():
-                        if bundledp.is_bundled:
-                            bundled_sum += changed_prices.get(bundledp.pk, bundledp.price)
+        if cp.is_bundled:
+            try:
+                bundle = cp.addon_to.item.bundles.get(bundled_item=cp.item, bundled_variation=cp.variation)
+                bprice = bundle.designated_price or 0
+            except ItemBundle.DoesNotExist:
+                bprice = cp.price
+            except ItemBundle.MultipleObjectsReturned:
+                raise OrderError("Invalid product configuration (duplicate bundle)")
+            price = get_price(cp.item, cp.variation, cp.voucher, bprice, cp.subevent, custom_price_is_net=False,
+                              custom_price_is_tax_rate=cp.override_tax_rate,
+                              invoice_address=address, force_custom_price=True, max_discount=max_discount)
+            pbv = get_price(cp.item, cp.variation, None, bprice, cp.subevent, custom_price_is_net=False,
+                            custom_price_is_tax_rate=cp.override_tax_rate,
+                            invoice_address=address, force_custom_price=True, max_discount=max_discount)
+            changed_prices[cp.pk] = bprice
+        else:
+            bundled_sum = 0
+            if not cp.addon_to_id:
+                for bundledp in cp.addons.all():
+                    if bundledp.is_bundled:
+                        bundled_sum += changed_prices.get(bundledp.pk, bundledp.price)
 
-                price = get_price(cp.item, cp.variation, cp.voucher, cp.price, cp.subevent, custom_price_is_net=False,
-                                  addon_to=cp.addon_to, invoice_address=address, bundled_sum=bundled_sum,
-                                  max_discount=max_discount, custom_price_is_tax_rate=cp.override_tax_rate)
-                pbv = get_price(cp.item, cp.variation, None, cp.price, cp.subevent, custom_price_is_net=False,
-                                addon_to=cp.addon_to, invoice_address=address, bundled_sum=bundled_sum,
-                                max_discount=max_discount, custom_price_is_tax_rate=cp.override_tax_rate)
-        except TaxRule.SaleNotAllowed:
-            err = err or error_messages['country_blocked']
-            cp.delete()
-            continue
+            price = get_price(cp.item, cp.variation, cp.voucher, cp.price, cp.subevent, custom_price_is_net=False,
+                              addon_to=cp.addon_to, invoice_address=address, bundled_sum=bundled_sum,
+                              max_discount=max_discount, custom_price_is_tax_rate=cp.override_tax_rate)
+            pbv = get_price(cp.item, cp.variation, None, cp.price, cp.subevent, custom_price_is_net=False,
+                            addon_to=cp.addon_to, invoice_address=address, bundled_sum=bundled_sum,
+                            max_discount=max_discount, custom_price_is_tax_rate=cp.override_tax_rate)
 
         if max_discount is not None:
             v_budget[cp.voucher] = v_budget[cp.voucher] + current_discount - (pbv.gross - price.gross)
@@ -1180,7 +1174,6 @@ class OrderChangeManager:
         'seat_subevent_mismatch': _('You selected seat "{seat}" for a date that does not match the selected ticket date. Please choose a seat again.'),
         'seat_required': _('The selected product requires you to select a seat.'),
         'seat_forbidden': _('The selected product does not allow to select a seat.'),
-        'tax_rule_country_blocked': _('The selected country is blocked by your tax rule.'),
         'gift_card_change': _('You cannot change the price of a position that has been used to issue a gift card.'),
     }
     ItemOperation = namedtuple('ItemOperation', ('position', 'item', 'variation'))
@@ -1248,11 +1241,8 @@ class OrderChangeManager:
         self._operations.append(self.SeatOperation(position, seat))
 
     def change_subevent(self, position: OrderPosition, subevent: SubEvent):
-        try:
-            price = get_price(position.item, position.variation, voucher=position.voucher, subevent=subevent,
-                              invoice_address=self._invoice_address)
-        except TaxRule.SaleNotAllowed:
-            raise OrderError(self.error_messages['tax_rule_country_blocked'])
+        price = get_price(position.item, position.variation, voucher=position.voucher, subevent=subevent,
+                          invoice_address=self._invoice_address)
 
         if price is None:  # NOQA
             raise OrderError(self.error_messages['product_invalid'])
@@ -1272,11 +1262,8 @@ class OrderChangeManager:
         if (not variation and item.has_variations) or (variation and variation.item_id != item.pk):
             raise OrderError(self.error_messages['product_without_variation'])
 
-        try:
-            price = get_price(item, variation, voucher=position.voucher, subevent=subevent,
-                              invoice_address=self._invoice_address)
-        except TaxRule.SaleNotAllowed:
-            raise OrderError(self.error_messages['tax_rule_country_blocked'])
+        price = get_price(item, variation, voucher=position.voucher, subevent=subevent,
+                          invoice_address=self._invoice_address)
 
         if price is None:  # NOQA
             raise OrderError(self.error_messages['product_invalid'])
@@ -1334,10 +1321,7 @@ class OrderChangeManager:
             if not pos.price:
                 continue
 
-            try:
-                new_rate = tax_rule.tax_rate_for(ia)
-            except TaxRule.SaleNotAllowed:
-                raise OrderError(error_messages['tax_rule_country_blocked'])
+            new_rate = tax_rule.tax_rate_for(ia)
             # We use override_tax_rate to make sure .tax() doesn't get clever and re-adjusts the pricing itself
             if new_rate != pos.tax_rate:
                 if keep == 'net':
@@ -1390,13 +1374,10 @@ class OrderChangeManager:
                 except Seat.DoesNotExist:
                     raise OrderError(error_messages['seat_invalid'])
 
-        try:
-            if price is None:
-                price = get_price(item, variation, subevent=subevent, invoice_address=self._invoice_address)
-            else:
-                price = item.tax(price, base_price_is='gross', invoice_address=self._invoice_address)
-        except TaxRule.SaleNotAllowed:
-            raise OrderError(self.error_messages['tax_rule_country_blocked'])
+        if price is None:
+            price = get_price(item, variation, subevent=subevent, invoice_address=self._invoice_address)
+        else:
+            price = item.tax(price, base_price_is='gross', invoice_address=self._invoice_address)
 
         if price is None:
             raise OrderError(self.error_messages['product_invalid'])
@@ -1971,10 +1952,7 @@ class OrderChangeManager:
                     self._check_quotas()
                 self._check_seats()
                 self._check_complete_cancel()
-                try:
-                    self._perform_operations()
-                except TaxRule.SaleNotAllowed:
-                    raise OrderError(self.error_messages['tax_rule_country_blocked'])
+                self._perform_operations()
             self._recalculate_total_and_payment_fee()
             self._reissue_invoice()
             self._clear_tickets_cache()

src/pretix/base/services/shredder.py

@@ -17,7 +17,7 @@ from pretix.celery_app import app
 
 
 @app.task(base=ProfiledEventTask)
-def export(event: Event, shredders: List[str], session_key=None) -> None:
+def export(event: Event, shredders: List[str]) -> None:
     known_shredders = event.get_data_shredders()
 
     with NamedTemporaryFile() as rawfile:
@@ -55,8 +55,6 @@ def export(event: Event, shredders: List[str], session_key=None) -> None:
         cf.date = now()
         cf.filename = event.slug + '.zip'
         cf.type = 'application/zip'
-        cf.session_key = session_key
-        cf.web_download = True
         cf.expires = now() + timedelta(hours=1)
         cf.save()
         cf.file.save(cachedfile_name(cf, cf.filename), rawfile)

src/pretix/base/services/stats.py

@@ -127,7 +127,6 @@ def order_overview(
         order__event=event
     ).annotate(
         status=Case(
-            When(order__status='n', order__require_approval=True, then=Value('unapproved')),
             When(canceled=True, then=Value('c')),
             default=F('order__status')
         )
@@ -136,7 +135,6 @@ def order_overview(
     ).annotate(cnt=Count('id'), price=Sum('price'), tax_value=Sum('tax_value')).order_by()
 
     states = {
-        'unapproved': 'unapproved',
         'canceled': Order.STATUS_CANCELED,
         'paid': Order.STATUS_PAID,
         'pending': Order.STATUS_PENDING,
@@ -200,7 +198,6 @@ def order_overview(
             order__event=event
         ).annotate(
             status=Case(
-                When(order__status='n', order__require_approval=True, then=Value('unapproved')),
                 When(canceled=True, then=Value('c')),
                 default=F('order__status')
             )

src/pretix/base/services/tasks.py

@@ -96,9 +96,8 @@ class OrganizerUserTask(app.Task):
         kwargs['organizer'] = organizer
 
         user_id = kwargs['user']
-        if user_id is not None:
-            user = User.objects.get(pk=user_id)
-            kwargs['user'] = user
+        user = User.objects.get(pk=user_id)
+        kwargs['user'] = user
 
         with scope(organizer=organizer):
             ret = super().__call__(*args, **kwargs)

src/pretix/base/templatetags/rich_text.py

@@ -1,4 +1,3 @@
-import re
 import urllib.parse
 
 import bleach
@@ -72,10 +71,6 @@ EMAIL_RE = build_email_re(tlds=sorted(tld_set, key=len, reverse=True))
 
 
 def safelink_callback(attrs, new=False):
-    """
-    Makes sure that all links to a different domain are passed through a redirection handler
-    to ensure there's no passing of referers with secrets inside them.
-    """
     url = attrs.get((None, 'href'), '/')
     if not url_has_allowed_host_and_scheme(url, allowed_hosts=None) and not url.startswith('mailto:') and not url.startswith('tel:'):
         signer = signing.Signer(salt='safe-redirect')
@@ -85,42 +80,7 @@ def safelink_callback(attrs, new=False):
     return attrs
 
 
-def truelink_callback(attrs, new=False):
-    """
-    Tries to prevent "phishing" attacks in which a link looks like it points to a safe place but instead
-    points somewhere else, e.g.
-
-        <a href="https://evilsite.com">https://google.com</a>
-
-    At the same time, custom texts are still allowed:
-
-        <a href="https://maps.google.com">Get to the event</a>
-
-    Suffixes are also allowed:
-
-        <a href="https://maps.google.com/location/foo">https://maps.google.com</a>
-    """
-    text = re.sub('[^a-zA-Z0-9.-/_]', '', attrs.get('_text'))  # clean up link text
-    if URL_RE.match(text):
-        # link text looks like a url
-        if text.startswith('//'):
-            text = 'https:' + text
-        elif not text.startswith('http'):
-            text = 'https://' + text
-
-        text_url = urllib.parse.urlparse(text)
-        href_url = urllib.parse.urlparse(attrs[None, 'href'])
-        if text_url.netloc != href_url.netloc or not href_url.path.startswith(href_url.path):
-            # link text contains an URL that has a different base than the actual URL
-            attrs['_text'] = attrs[None, 'href']
-    return attrs
-
-
 def abslink_callback(attrs, new=False):
-    """
-    Makes sure that all links will be absolute links and will be opened in a new page with no
-    window.opener attribute.
-    """
     url = attrs.get((None, 'href'), '/')
     if not url.startswith('mailto:') and not url.startswith('tel:'):
         attrs[None, 'href'] = urllib.parse.urljoin(settings.SITE_URL, url)
@@ -133,7 +93,6 @@ def markdown_compile_email(source):
     linker = bleach.Linker(
         url_re=URL_RE,
         email_re=EMAIL_RE,
-        callbacks=DEFAULT_CALLBACKS + [truelink_callback, abslink_callback],
         parse_email=True
     )
     return linker.linkify(bleach.clean(
@@ -186,7 +145,7 @@ def rich_text(text: str, **kwargs):
     linker = bleach.Linker(
         url_re=URL_RE,
         email_re=EMAIL_RE,
-        callbacks=DEFAULT_CALLBACKS + ([truelink_callback, safelink_callback] if kwargs.get('safelinks', True) else [truelink_callback, abslink_callback]),
+        callbacks=DEFAULT_CALLBACKS + ([safelink_callback] if kwargs.get('safelinks', True) else [abslink_callback]),
         parse_email=True
     )
     body_md = linker.linkify(markdown_compile(text))
@@ -202,7 +161,7 @@ def rich_text_snippet(text: str, **kwargs):
     linker = bleach.Linker(
         url_re=URL_RE,
         email_re=EMAIL_RE,
-        callbacks=DEFAULT_CALLBACKS + ([truelink_callback, safelink_callback] if kwargs.get('safelinks', True) else [truelink_callback, abslink_callback]),
+        callbacks=DEFAULT_CALLBACKS + ([safelink_callback] if kwargs.get('safelinks', True) else [abslink_callback]),
         parse_email=True
     )
     body_md = linker.linkify(markdown_compile(text, snippet=True))

src/pretix/base/views/cachedfiles.py

@@ -13,11 +13,7 @@ class DownloadView(TemplateView):
     @cached_property
     def object(self) -> CachedFile:
         try:
-            o = get_object_or_404(CachedFile, id=self.kwargs['id'], web_download=True)
-            if o.session_key:
-                if o.session_key != self.request.session.session_key:
-                    raise Http404()
-            return o
+            return get_object_or_404(CachedFile, id=self.kwargs['id'])
         except ValueError:   # Invalid URLs
             raise Http404()
 

src/pretix/control/forms/__init__.py

@@ -203,7 +203,6 @@ class CachedFileField(ExtFileField):
             cf = CachedFile.objects.create(
                 expires=now() + datetime.timedelta(days=1),
                 date=now(),
-                web_download=True,
                 filename=data.name,
                 type=data.content_type,
             )
@@ -219,7 +218,6 @@ class CachedFileField(ExtFileField):
         if isinstance(data, File):
             cf = CachedFile.objects.create(
                 expires=now() + datetime.timedelta(days=1),
-                web_download=True,
                 date=now(),
                 filename=data.name,
                 type=data.content_type,

src/pretix/control/forms/event.py

@@ -657,8 +657,6 @@ class ProviderForm(SettingsForm):
         enabled = cleaned_data.get(self.settingspref + '_enabled')
         if not enabled:
             return
-        if cleaned_data.get(self.settingspref + '_hidden_url', None):
-            cleaned_data[self.settingspref + '_hidden_url'] = None
         for k, v in self.fields.items():
             val = cleaned_data.get(k)
             if v._required and not val:
@@ -1148,7 +1146,6 @@ class TaxRuleLineForm(forms.Form):
             ('vat', _('Charge VAT')),
             ('reverse', _('Reverse charge')),
             ('no', _('No VAT')),
-            ('block', _('Sale not allowed')),
         ],
     )
     rate = forms.DecimalField(
@@ -1167,7 +1164,7 @@ TaxRuleLineFormSet = formset_factory(
 class TaxRuleForm(I18nModelForm):
     class Meta:
         model = TaxRule
-        fields = ['name', 'rate', 'price_includes_tax', 'eu_reverse_charge', 'home_country']
+        fields = ['name', 'rate', 'price_includes_tax']
 
 
 class WidgetCodeForm(forms.Form):

src/pretix/control/forms/filter.py

@@ -1,22 +1,16 @@
 from datetime import datetime, time
-from decimal import Decimal
 from urllib.parse import urlencode
 
 from django import forms
 from django.apps import apps
-from django.conf import settings
-from django.db.models import Exists, F, Model, OuterRef, Q, QuerySet
+from django.db.models import Exists, F, OuterRef, Q
 from django.db.models.functions import Coalesce, ExtractWeekDay
 from django.urls import reverse, reverse_lazy
-from django.utils.formats import date_format, localize
 from django.utils.functional import cached_property
 from django.utils.timezone import get_current_timezone, make_aware, now
-from django.utils.translation import gettext, gettext_lazy as _, pgettext_lazy
+from django.utils.translation import gettext_lazy as _, pgettext_lazy
 
-from pretix.base.channels import get_all_sales_channels
-from pretix.base.forms.widgets import (
-    DatePickerWidget, SplitDateTimePickerWidget,
-)
+from pretix.base.forms.widgets import DatePickerWidget
 from pretix.base.models import (
     Checkin, Event, EventMetaProperty, EventMetaValue, Invoice, InvoiceAddress,
     Item, Order, OrderPayment, OrderPosition, OrderRefund, Organizer, Question,
@@ -25,9 +19,7 @@ from pretix.base.models import (
 from pretix.base.signals import register_payment_providers
 from pretix.control.forms.widgets import Select2
 from pretix.control.signals import order_search_filter_q
-from pretix.helpers.countries import CachedCountries
 from pretix.helpers.database import FixedOrderBy, rolledback_transaction
-from pretix.helpers.dicts import move_to_end
 from pretix.helpers.i18n import i18ncomp
 
 PAYMENT_PROVIDERS = []
@@ -91,38 +83,6 @@ class FilterForm(forms.Form):
         else:
             return self.orders[o]
 
-    def filter_to_strings(self):
-        string = []
-        for k, f in self.fields.items():
-            v = self.cleaned_data.get(k)
-            if v is None or (isinstance(v, (list, str, QuerySet)) and len(v) == 0):
-                continue
-            if k == "saveas":
-                continue
-
-            if isinstance(v, bool):
-                val = _('Yes') if v else _('No')
-            elif isinstance(v, QuerySet):
-                q = ['"' + str(m) + '"' for m in v]
-                if not q:
-                    continue
-                val = ' or '.join(q)
-            elif isinstance(v, Model):
-                val = '"' + str(v) + '"'
-            elif isinstance(f, forms.MultipleChoiceField):
-                valdict = dict(f.choices)
-                val = ' or '.join([str(valdict.get(m)) for m in v])
-            elif isinstance(f, forms.ChoiceField):
-                val = str(dict(f.choices).get(v))
-            elif isinstance(v, datetime):
-                val = date_format(v, 'SHORT_DATETIME_FORMAT')
-            elif isinstance(v, Decimal):
-                val = localize(v)
-            else:
-                val = v
-            string.append('{}: {}'.format(f.label, val))
-        return string
-
 
 class OrderFilterForm(FilterForm):
     query = forms.CharField(
@@ -144,29 +104,20 @@ class OrderFilterForm(FilterForm):
         label=_('Order status'),
         choices=(
             ('', _('All orders')),
-            (_('Valid orders'), (
-                (Order.STATUS_PAID, _('Paid (or canceled with paid fee)')),
-                (Order.STATUS_PENDING, _('Pending')),
-                (Order.STATUS_PENDING + Order.STATUS_PAID, _('Pending or paid')),
-            )),
-            (_('Cancellations'), (
-                (Order.STATUS_CANCELED, _('Canceled')),
-                ('cp', _('Canceled (or with paid fee)')),
-                ('rc', _('Cancellation requested')),
-            )),
-            (_('Payment process'), (
-                (Order.STATUS_EXPIRED, _('Expired')),
-                (Order.STATUS_PENDING + Order.STATUS_EXPIRED, _('Pending or expired')),
-                ('o', _('Pending (overdue)')),
-                ('overpaid', _('Overpaid')),
-                ('underpaid', _('Underpaid')),
-                ('pendingpaid', _('Pending (but fully paid)')),
-            )),
-            (_('Approval process'), (
-                ('na', _('Approved, payment pending')),
-                ('pa', _('Approval pending')),
-            )),
+            (Order.STATUS_PAID, _('Paid (or canceled with paid fee)')),
+            (Order.STATUS_PENDING, _('Pending')),
+            ('o', _('Pending (overdue)')),
+            (Order.STATUS_PENDING + Order.STATUS_PAID, _('Pending or paid')),
+            (Order.STATUS_EXPIRED, _('Expired')),
+            (Order.STATUS_PENDING + Order.STATUS_EXPIRED, _('Pending or expired')),
+            (Order.STATUS_CANCELED, _('Canceled')),
+            ('cp', _('Canceled (or with paid fee)')),
+            ('pa', _('Approval pending')),
+            ('overpaid', _('Overpaid')),
+            ('underpaid', _('Underpaid')),
+            ('pendingpaid', _('Pending (but fully paid)')),
             ('testmode', _('Test mode')),
+            ('rc', _('Cancellation requested')),
         ),
         required=False,
     )
@@ -256,11 +207,6 @@ class OrderFilterForm(FilterForm):
                     status=Order.STATUS_PENDING,
                     require_approval=True
                 )
-            elif s == 'na':
-                qs = qs.filter(
-                    status=Order.STATUS_PENDING,
-                    require_approval=False
-                )
             elif s == 'testmode':
                 qs = qs.filter(
                     testmode=True
@@ -391,238 +337,6 @@ class EventOrderFilterForm(OrderFilterForm):
         return qs
 
 
-class FilterNullBooleanSelect(forms.NullBooleanSelect):
-    def __init__(self, attrs=None):
-        choices = (
-            ('unknown', _('All')),
-            ('true', _('Yes')),
-            ('false', _('No')),
-        )
-        super(forms.NullBooleanSelect, self).__init__(attrs, choices)
-
-
-class EventOrderExpertFilterForm(EventOrderFilterForm):
-    subevents_from = forms.SplitDateTimeField(
-        widget=SplitDateTimePickerWidget(attrs={
-        }),
-        label=pgettext_lazy('subevent', 'All dates starting at or after'),
-        required=False,
-    )
-    subevents_to = forms.SplitDateTimeField(
-        widget=SplitDateTimePickerWidget(attrs={
-        }),
-        label=pgettext_lazy('subevent', 'All dates starting before'),
-        required=False,
-    )
-    created_from = forms.SplitDateTimeField(
-        widget=SplitDateTimePickerWidget(attrs={
-        }),
-        label=_('Order placed at or after'),
-        required=False,
-    )
-    created_to = forms.SplitDateTimeField(
-        widget=SplitDateTimePickerWidget(attrs={
-        }),
-        label=_('Order placed before'),
-        required=False,
-    )
-    email = forms.CharField(
-        required=False,
-        label=_('E-mail address')
-    )
-    comment = forms.CharField(
-        required=False,
-        label=_('Comment')
-    )
-    locale = forms.ChoiceField(
-        required=False,
-        label=_('Locale'),
-        choices=settings.LANGUAGES
-    )
-    email_known_to_work = forms.NullBooleanField(
-        required=False,
-        widget=FilterNullBooleanSelect,
-        label=_('E-mail address verified'),
-    )
-    total = forms.DecimalField(
-        localize=True,
-        required=False,
-        label=_('Total amount'),
-    )
-    sales_channel = forms.ChoiceField(
-        label=_('Sales channel'),
-        required=False,
-    )
-
-    def __init__(self, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        del self.fields['query']
-        del self.fields['question']
-        del self.fields['answer']
-        del self.fields['ordering']
-        if not self.event.has_subevents:
-            del self.fields['subevents_from']
-            del self.fields['subevents_to']
-
-        self.fields['sales_channel'].choices = [('', '')] + [
-            (k, v.verbose_name) for k, v in get_all_sales_channels().items()
-        ]
-
-        locale_names = dict(settings.LANGUAGES)
-        self.fields['locale'].choices = [('', '')] + [(a, locale_names[a]) for a in self.event.settings.locales]
-
-        move_to_end(self.fields, 'item')
-        move_to_end(self.fields, 'provider')
-
-        self.fields['invoice_address_company'] = forms.CharField(
-            required=False,
-            label=gettext('Invoice address') + ': ' + gettext('Company')
-        )
-        self.fields['invoice_address_name'] = forms.CharField(
-            required=False,
-            label=gettext('Invoice address') + ': ' + gettext('Name')
-        )
-        self.fields['invoice_address_street'] = forms.CharField(
-            required=False,
-            label=gettext('Invoice address') + ': ' + gettext('Address')
-        )
-        self.fields['invoice_address_zipcode'] = forms.CharField(
-            required=False,
-            label=gettext('Invoice address') + ': ' + gettext('ZIP code'),
-            help_text=_('Exact matches only')
-        )
-        self.fields['invoice_address_city'] = forms.CharField(
-            required=False,
-            label=gettext('Invoice address') + ': ' + gettext('City'),
-            help_text=_('Exact matches only')
-        )
-        self.fields['invoice_address_country'] = forms.ChoiceField(
-            required=False,
-            label=gettext('Invoice address') + ': ' + gettext('Country'),
-            choices=[('', '')] + list(CachedCountries())
-        )
-        self.fields['attendee_name'] = forms.CharField(
-            required=False,
-            label=_('Attendee name')
-        )
-        self.fields['attendee_email'] = forms.CharField(
-            required=False,
-            label=_('Attendee e-mail address')
-        )
-        self.fields['attendee_address_company'] = forms.CharField(
-            required=False,
-            label=gettext('Attendee address') + ': ' + gettext('Company')
-        )
-        self.fields['attendee_address_street'] = forms.CharField(
-            required=False,
-            label=gettext('Attendee address') + ': ' + gettext('Address')
-        )
-        self.fields['attendee_address_zipcode'] = forms.CharField(
-            required=False,
-            label=gettext('Attendee address') + ': ' + gettext('ZIP code'),
-            help_text=_('Exact matches only')
-        )
-        self.fields['attendee_address_city'] = forms.CharField(
-            required=False,
-            label=gettext('Attendee address') + ': ' + gettext('City'),
-            help_text=_('Exact matches only')
-        )
-        self.fields['attendee_address_country'] = forms.ChoiceField(
-            required=False,
-            label=gettext('Attendee address') + ': ' + gettext('Country'),
-            choices=[('', '')] + list(CachedCountries())
-        )
-        self.fields['ticket_secret'] = forms.CharField(
-            label=_('Ticket secret'),
-            required=False
-        )
-        for q in self.event.questions.all():
-            self.fields['question_{}'.format(q.pk)] = forms.CharField(
-                label=q.question,
-                required=False,
-                help_text=_('Exact matches only')
-            )
-
-    def filter_qs(self, qs):
-        fdata = self.cleaned_data
-        qs = super().filter_qs(qs)
-
-        if fdata.get('subevents_from'):
-            qs = qs.filter(
-                all_positions__subevent__date_from__gte=fdata.get('subevents_from'),
-                all_positions__canceled=False
-            ).distinct()
-        if fdata.get('subevents_to'):
-            qs = qs.filter(
-                all_positions__subevent__date_from__lt=fdata.get('subevents_to'),
-                all_positions__canceled=False
-            ).distinct()
-        if fdata.get('email'):
-            qs = qs.filter(
-                email__icontains=fdata.get('email')
-            )
-        if fdata.get('created_from'):
-            qs = qs.filter(datetime__gte=fdata.get('created_from'))
-        if fdata.get('created_to'):
-            qs = qs.filter(datetime__gte=fdata.get('created_to'))
-        if fdata.get('comment'):
-            qs = qs.filter(comment__icontains=fdata.get('comment'))
-        if fdata.get('sales_channel'):
-            qs = qs.filter(sales_channel=fdata.get('sales_channel'))
-        if fdata.get('total'):
-            qs = qs.filter(total=fdata.get('total'))
-        if fdata.get('email_known_to_work') is not None:
-            qs = qs.filter(email_known_to_work=fdata.get('email_known_to_work'))
-        if fdata.get('locale'):
-            qs = qs.filter(locale=fdata.get('locale'))
-        if fdata.get('invoice_address_company'):
-            qs = qs.filter(invoice_address__company__icontains=fdata.get('invoice_address_company'))
-        if fdata.get('invoice_address_name'):
-            qs = qs.filter(invoice_address__name_cached__icontains=fdata.get('invoice_address_name'))
-        if fdata.get('invoice_address_street'):
-            qs = qs.filter(invoice_address__street__icontains=fdata.get('invoice_address_street'))
-        if fdata.get('invoice_address_zipcode'):
-            qs = qs.filter(invoice_address__zipcode__iexact=fdata.get('invoice_address_zipcode'))
-        if fdata.get('invoice_address_city'):
-            qs = qs.filter(invoice_address__city__iexact=fdata.get('invoice_address_city'))
-        if fdata.get('invoice_address_country'):
-            qs = qs.filter(invoice_address__country=fdata.get('invoice_address_country'))
-        if fdata.get('attendee_name'):
-            qs = qs.filter(
-                all_positions__attendee_name_cached__icontains=fdata.get('attendee_name')
-            )
-        if fdata.get('attendee_address_company'):
-            qs = qs.filter(
-                all_positions__company__icontains=fdata.get('attendee_address_company')
-            ).distinct()
-        if fdata.get('attendee_address_street'):
-            qs = qs.filter(
-                all_positions__street__icontains=fdata.get('attendee_address_street')
-            ).distinct()
-        if fdata.get('attendee_address_city'):
-            qs = qs.filter(
-                all_positions__city__iexact=fdata.get('attendee_address_city')
-            ).distinct()
-        if fdata.get('attendee_address_country'):
-            qs = qs.filter(
-                all_positions__country=fdata.get('attendee_address_country')
-            ).distinct()
-        if fdata.get('ticket_secret'):
-            qs = qs.filter(
-                all_positions__secret__icontains=fdata.get('ticket_secret')
-            ).distinct()
-        for q in self.event.questions.all():
-            if fdata.get(f'question_{q.pk}'):
-                answers = QuestionAnswer.objects.filter(
-                    question_id=q.pk,
-                    orderposition__order_id=OuterRef('pk'),
-                    answer__iexact=fdata.get(f'question_{q.pk}')
-                )
-                qs = qs.annotate(**{f'q_{q.pk}': Exists(answers)}).filter(**{f'q_{q.pk}': True})
-
-        return qs
-
-
 class OrderSearchFilterForm(OrderFilterForm):
     orders = {'code': 'code', 'email': 'email', 'total': 'total',
               'datetime': 'datetime', 'status': 'status',

src/pretix/control/forms/item.py

@@ -226,8 +226,6 @@ class ItemCreateForm(I18nModelForm):
     def __init__(self, *args, **kwargs):
         self.event = kwargs['event']
         self.user = kwargs.pop('user')
-        kwargs.setdefault('initial', {})
-        kwargs['initial'].setdefault('admission', True)
         super().__init__(*args, **kwargs)
 
         self.fields['category'].queryset = self.instance.event.categories.all()

src/pretix/control/forms/orders.py

@@ -770,7 +770,7 @@ class EventCancelForm(forms.Form):
         if d.get('subevent') and d.get('subevents_from'):
             raise ValidationError(pgettext_lazy('subevent', 'Please either select a specific date or a date range, not both.'))
         if d.get('all_subevents') and d.get('subevent_from'):
-            raise ValidationError(pgettext_lazy('subevent', 'Please either select all dates or a date range, not both.'))
+            raise ValidationError(pgettext_lazy('subevent', 'Please either select all subevents or a date range, not both.'))
         if bool(d.get('subevents_from')) != bool(d.get('subevents_to')):
             raise ValidationError(pgettext_lazy('subevent', 'If you set a date range, please set both a start and an end.'))
         if self.event.has_subevents and not d['subevent'] and not d['all_subevents'] and not d.get('subevents_from'):

src/pretix/control/logdisplay.py

@@ -397,7 +397,7 @@ def pretixcontrol_logentry_display(sender: Event, logentry: LogEntry, **kwargs):
         'pretix.event.testmode.activated': _('The shop has been taken into test mode.'),
         'pretix.event.testmode.deactivated': _('The test mode has been disabled.'),
         'pretix.event.added': _('The event has been created.'),
-        'pretix.event.changed': _('The event details have been changed.'),
+        'pretix.event.changed': _('The event settings have been changed.'),
         'pretix.event.question.option.added': _('An answer option has been added to the question.'),
         'pretix.event.question.option.deleted': _('An answer option has been removed from the question.'),
         'pretix.event.question.option.changed': _('An answer option has been changed.'),

src/pretix/control/navigation.py

@@ -176,7 +176,7 @@ def get_event_navigation(request: HttpRequest):
                     'event': request.event.slug,
                     'organizer': request.event.organizer.slug,
                 }),
-                'active': url.url_name in ('event.orders', 'event.order', 'event.orders.search') or "event.order." in url.url_name,
+                'active': url.url_name in ('event.orders', 'event.order') or "event.order." in url.url_name,
             },
             {
                 'label': _('Overview'),

src/pretix/control/signals.py

@@ -323,19 +323,3 @@ this is not an Event signal and will be called even if your plugin is not active
 event if the search is performed within an event, and ``None`` otherwise. The search query will be passed as
 ``query``.
 """
-
-order_search_forms = EventPluginSignal(
-    providing_args=['request']
-)
-"""
-This signal allows you to return additional forms that should be rendered in the advanced order search.
-You are passed ``request`` argument and are expected to return an instance of a form class that you bind
-yourself when appropriate. Your form will be executed as part of the standard validation and rendering
-cycle and rendered using default bootstrap styles.
-
-You are required to set ``prefix`` on your form instance. You are required to implement a ``filter_qs(queryset)``
-method on your form that returns a new, filtered query set. You are required to implement a ``filter_to_strings()``
-method on your form that returns a list of strings describing the currently active filters.
-
-As with all plugin signals, the ``sender`` keyword argument will contain the event.
-"""

src/pretix/control/templates/pretixcontrol/event/tax_edit.html

@@ -34,15 +34,9 @@
                         for more information. Note that we are not responsible for the correct handling
                         of taxes in your ticket shop. If in doubt, please contact a lawyer or tax consultant.
                     {% endblocktrans %}
-                </div>
-                {% bootstrap_field form.eu_reverse_charge layout="control" %}
-                {% bootstrap_field form.home_country layout="control" %}
-                <h3>{% trans "Custom taxation rules" %}</h3>
-                <div class="alert alert-warning">
+                    <br>
                     {% blocktrans trimmed %}
-                        These settings are intended for professional users with very specific taxation situations.
-                        If you create any rule here, the reverse charge settings above will be ignored. The rules will be
-                        checked in order and once the first rule matches the order, it will be used and all further rules will
+                        The rules will be checked in order and once the first rule matches the order, it will be used and all further rules will
                         be ignored. If no rule matches, tax will be charged.
                     {% endblocktrans %}
                     {% trans "All of these rules will only apply if an invoice address is set." %}

src/pretix/control/templates/pretixcontrol/events/create_foundation.html

@@ -4,11 +4,11 @@
 {% block form %}
     {% bootstrap_field form.organizer layout="horizontal" %}
     <div class="form-group">
-        <label class="col-md-3 control-label">{% trans "Event type" %}</label>
+        <label class="col-md-3 control-label">Event type</label>
         <div class="col-md-9">
             <div class="big-radio radio">
                 <label>
-                    <input type="radio" value="" name="{{ form.has_subevents.html_name }}" {% if not form.has_subevents.value %}checked{% endif %}>
+                    <input type="radio" value="" name="{{ form.has_subevents.html_name }}">
                     <span class="fa fa-calendar-o"></span>
                     <strong>{% trans "Singular event or non-event shop" %}</strong><br>
                     <div class="help-block">
@@ -27,7 +27,7 @@
             </div>
             <div class="big-radio radio">
                 <label>
-                    <input type="radio" value="on" name="{{ form.has_subevents.html_name }}" {% if not form.has_subevents.value %}checked{% endif %}>
+                    <input type="radio" value="on" name="{{ form.has_subevents.html_name }}">
                     <span class="fa fa-calendar"></span>
                     <strong>{% trans "Event series or time slot booking" %}</strong>
                     <div class="help-block">

src/pretix/control/templates/pretixcontrol/item/create.html

@@ -14,84 +14,9 @@
                 {% bootstrap_field form.internal_name layout="control" %}
             </div>
             {% bootstrap_field form.copy_from layout="control" %}
-
-            <div class="form-group">
-                <label class="col-md-3 control-label">{% trans "Product type" %}</label>
-                <div class="col-md-9">
-                    <div class="big-radio radio">
-                        <label>
-                            <input type="radio" value="on" name="{{ form.admission.html_name }}" {% if form.admission.value %}checked{% endif %}>
-                            <span class="fa fa-user"></span>
-                            <strong>{% trans "Admission product" %}</strong><br>
-                            <div class="help-block">
-                                {% blocktrans trimmed %}
-                                    Every purchase of this product represents one person who is allowed to enter your event.
-                                    By default, pretix will only ask for attendee information and offer ticket downloads for these products.
-                                {% endblocktrans %}
-                            </div>
-                            <div class="help-block">
-                                {% blocktrans trimmed %}
-                                    This option should be set for most things that you would call a "ticket". For product add-ons or bundles, this should
-                                    be set on the main ticket, except if the add-on products or bundled products represent additional people (e.g. group bundles).
-                                {% endblocktrans %}
-                            </div>
-                        </label>
-                    </div>
-                    <div class="big-radio radio">
-                        <label>
-                            <input type="radio" value="" name="{{ form.admission.html_name }}" {% if not form.admission.value %}checked{% endif %}>
-                            <span class="fa fa-cube"></span>
-                            <strong>{% trans "Non-admission product" %}</strong>
-                            <div class="help-block">
-                                {% blocktrans trimmed %}
-                                    A product that does not represent a person. By default, pretix will not ask for attendee information or offer
-                                    ticket downloads.
-                                {% endblocktrans %}
-                            </div>
-                            <div class="help-block">
-                                {% blocktrans trimmed %}
-                                    Examples: Merchandise, donations, gift cards, add-ons to a main ticket.
-                                {% endblocktrans %}
-                            </div>
-                        </label>
-                    </div>
-                </div>
-            </div>
-
+            {% bootstrap_field form.has_variations layout="control" %}
             {% bootstrap_field form.category layout="control" %}
-
-            <div class="form-group">
-                <label class="col-md-3 control-label">{% trans "Product variations" %}</label>
-                <div class="col-md-9">
-                    <div class="big-radio radio">
-                        <label>
-                            <input type="radio" value="" name="{{ form.has_variations.html_name }}" {% if not form.has_variations.value %}checked{% endif %}>
-                            <span class="fa fa-fw fa-square"></span>
-                            <strong>{% trans "Product without variations" %}</strong><br>
-                        </label>
-                    </div>
-                    <div class="big-radio radio">
-                        <label>
-                            <input type="radio" value="on" name="{{ form.has_variations.html_name }}" {% if form.has_variations.value %}checked{% endif %}>
-                            <span class="fa fa-fw fa-th-large"></span>
-                            <strong>{% trans "Product with multiple variations" %}</strong>
-                            <div class="help-block">
-                                {% blocktrans trimmed %}
-                                    This product exists in multiple variations which are different in either their name, price, quota, or description.
-                                    All other settings need to be the same.
-                                {% endblocktrans %}
-                            </div>
-                            <div class="help-block">
-                                {% blocktrans trimmed %}
-                                    Examples: Ticket category with variations for "full price" and "reduced", merchandise with variations for different sizes,
-                                    workshop add-on with variations for simultaneous workshops.
-                                {% endblocktrans %}
-                            </div>
-                        </label>
-                    </div>
-                </div>
-            </div>
-
+            {% bootstrap_field form.admission layout="control" %}
         </fieldset>
         {% if form.quota_option %}
             <fieldset>

src/pretix/control/templates/pretixcontrol/item/index.html

@@ -10,56 +10,13 @@
                 <div class="tabbed-form">
                     <fieldset>
                         <legend>{% trans "General" %}</legend>
-                        {% bootstrap_field form.active layout="control" %}
                         {% bootstrap_field form.name layout="control" %}
                         <div class="internal-name-wrapper">
                             {% bootstrap_field form.internal_name layout="control" %}
                         </div>
                         {% bootstrap_field form.category layout="control" %}
-
-                        <div class="form-group">
-                            <label class="col-md-3 control-label">{% trans "Product type" %}</label>
-                            <div class="col-md-9">
-                                <div class="big-radio radio">
-                                    <label>
-                                        <input type="radio" value="on" name="{{ form.admission.html_name }}" {% if form.admission.value %}checked{% endif %}>
-                                        <span class="fa fa-fw fa-user"></span>
-                                        <strong>{% trans "Admission product" %}</strong><br>
-                                        <div class="help-block">
-                                            {% blocktrans trimmed %}
-                                                Every purchase of this product represents one person who is allowed to enter your event.
-                                                By default, pretix will only ask for attendee information and offer ticket downloads for these products.
-                                            {% endblocktrans %}
-                                        </div>
-                                        <div class="help-block">
-                                            {% blocktrans trimmed %}
-                                                This option should be set for most things that you would call a "ticket". For product add-ons or bundles, this should
-                                                be set on the main ticket, except if the add-on products or bundled products represent additional people (e.g. group bundles).
-                                            {% endblocktrans %}
-                                        </div>
-                                    </label>
-                                </div>
-                                <div class="big-radio radio">
-                                    <label>
-                                        <input type="radio" value="" name="{{ form.admission.html_name }}" {% if not form.admission.value %}checked{% endif %}>
-                                        <span class="fa fa-fw fa-cube"></span>
-                                        <strong>{% trans "Non-admission product" %}</strong>
-                                        <div class="help-block">
-                                            {% blocktrans trimmed %}
-                                                A product that does not represent a person. By default, pretix will not ask for attendee information or offer
-                                                ticket downloads.
-                                            {% endblocktrans %}
-                                        </div>
-                                        <div class="help-block">
-                                            {% blocktrans trimmed %}
-                                                Examples: Merchandise, donations, gift cards, add-ons to a main ticket.
-                                            {% endblocktrans %}
-                                        </div>
-                                    </label>
-                                </div>
-                            </div>
-                        </div>
-
+                        {% bootstrap_field form.active layout="control" %}
+                        {% bootstrap_field form.admission layout="control" %}
                         {% bootstrap_field form.description layout="control" %}
                         {% bootstrap_field form.picture layout="control" %}
                         {% bootstrap_field form.require_approval layout="control" %}

src/pretix/control/templates/pretixcontrol/items/index.html

@@ -73,7 +73,7 @@
                             </td>
                             <td>
                                 {% if i.var_count %}
-                                    <span class="fa fa-th-large fa-fw text-muted" data-toggle="tooltip" title="{% trans "Product with variations" %}"></span>
+                                    <span class="fa fa-list-ul fa-fw text-muted" data-toggle="tooltip" title="{% trans "Product with variations" %}"></span>
                                 {% endif %}
                             </td>
                             <td>

src/pretix/control/templates/pretixcontrol/order/index.html

@@ -268,12 +268,12 @@
             <div class="panel panel-default items">
                 <div class="panel-heading">
                     <div class="pull-right flip">
-                        <a href="{% url "control:event.order.info" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}">
-                            <span class="fa fa-edit"></span>
-                            {% trans "Change answers" %}
-                        </a>
                         {% if order.changable and 'can_change_orders' in request.eventpermset %}
-                            &middot; <a href="{% url "control:event.order.change" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}">
+                            <a href="{% url "control:event.order.info" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}">
+                                <span class="fa fa-edit"></span>
+                                {% trans "Change answers" %}
+                            </a> &middot;
+                            <a href="{% url "control:event.order.change" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}">
                                 <span class="fa fa-edit"></span>
                                 {% trans "Change products" %}
                             </a>

src/pretix/control/templates/pretixcontrol/order/refund_process.html

@@ -25,30 +25,22 @@
                 <strong>{{ pending }}</strong>. The order total is <strong>{{ total }}</strong>.
             {% endblocktrans %}
         </p>
-        {% if order.status == "c" or order.positions.count == 0 %}
-            <p>
-                {% blocktrans trimmed %}
-                    Since the order is already canceled, this will not affect its state.
-                {% endblocktrans %}
-            </p>
-        {% else %}
-            <p>
-                {% blocktrans trimmed with amount=refund.amount|money:request.event.currency method=refund.payment_provider.verbose_name %}
-                    What should happen to the ticket order?
-                {% endblocktrans %}
-            </p>
-            <div class="form-inline">
-                <label class="radio">
-                    <input type="radio" name="action" value="n" {% if not propose_cancel %}checked{% endif %}>
-                    {% trans "Mark the order as unpaid and allow the customer to pay again with another payment method." %}
-                </label>
-                <br>
-                <label class="radio">
-                    <input type="radio" name="action" value="r" {% if propose_cancel %}checked{% endif %}>
-                    {% trans "Cancel the order irrevocably." %}
-                </label>
-            </div>
-        {% endif %}
+        <p>
+            {% blocktrans trimmed with amount=refund.amount|money:request.event.currency method=refund.payment_provider.verbose_name %}
+                What should happen to the ticket order?
+            {% endblocktrans %}
+        </p>
+    <div class="form-inline">
+        <label class="radio">
+            <input type="radio" name="action" value="n" {% if not propose_cancel %}checked{% endif %}>
+            {% trans "Mark the order as unpaid and allow the customer to pay again with another payment method." %}
+        </label>
+        <br>
+        <label class="radio">
+            <input type="radio" name="action" value="r" {% if propose_cancel %}checked{% endif %}>
+            {% trans "Cancel the order irrevocably." %}
+        </label>
+    </div>
         <div class="form-group submit-group">
             <a class="btn btn-default btn-lg"
                     href="{% url "control:event.order" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}">

src/pretix/control/templates/pretixcontrol/orders/index.html

@@ -7,7 +7,7 @@
 {% block title %}{% trans "Orders" %}{% endblock %}
 {% block content %}
     <h1>{% trans "Orders" %}</h1>
-    {% if not filter_form.filtered and orders|length == 0 and not filter_strings %}
+    {% if not filter_form.filtered and orders|length == 0 %}
         <div class="empty-collection">
             <p>
                 {% blocktrans trimmed %}
@@ -21,72 +21,57 @@
                     {% trans "Take your shop live" %}
                 </a>
             {% else %}
-                <a href="{% eventurl request.event "presale:event.index" %}" class="btn btn-primary btn-lg" target="_blank">
+                <a href="{% eventurl request.event "presale:event.index" %}" class="btn btn-primary btn-lg">
                     {% trans "Go to the ticket shop" %}
                 </a>
             {% endif %}
         </div>
     {% else %}
-        {% if filter_strings %}
-            <p>
-                <span class="fa fa-filter"></span>
-                {% trans "Search query:" %}
-                {{ filter_strings|join:" · " }}
-                ·
-                <a href="{% url "control:event.orders.search" event=request.event.slug organizer=request.event.organizer.slug %}?{{ request.META.QUERY_STRING }}">
-                    <span class="fa fa-edit"></span>
-                    {% trans "Edit" %}
-                </a>
-            </p>
-        {% else %}
-            <div class="row filter-form">
-                <form class="col-md-2 col-xs-12"
-                        action="{% url "control:event.orders.go" event=request.event.slug organizer=request.event.organizer.slug %}">
-                    <div class="input-group">
-                        <input type="text" name="code" class="form-control" placeholder="{% trans "Order code" %}" autofocus>
-                        <span class="input-group-btn">
-                            <button class="btn btn-primary" type="submit">{% trans "Go!" %}</button>
+        <div class="row filter-form">
+            <form class="col-md-2 col-xs-12"
+                    action="{% url "control:event.orders.go" event=request.event.slug organizer=request.event.organizer.slug %}">
+                <div class="input-group">
+                    <input type="text" name="code" class="form-control" placeholder="{% trans "Order code" %}" autofocus>
+                    <span class="input-group-btn">
+                        <button class="btn btn-primary" type="submit">{% trans "Go!" %}</button>
+                    </span>
+                </div>
+            </form>
+            <form class="" action="" method="get">
+                <div class="col-md-2 col-xs-6">
+                    {% bootstrap_field filter_form.status layout='inline' %}
+                </div>
+                {% if request.event.has_subevents %}
+                    <div class="col-md-1 col-xs-6">
+                        {% bootstrap_field filter_form.item layout='inline' %}
+                    </div>
+                    <div class="col-md-2 col-xs-6">
+                        {% bootstrap_field filter_form.subevent layout='inline' %}
+                    </div>
+                    <div class="col-md-1 col-xs-6">
+                        {% bootstrap_field filter_form.provider layout='inline' %}
+                    </div>
+                {% else %}
+                    <div class="col-md-2 col-xs-6">
+                        {% bootstrap_field filter_form.item layout='inline' %}
+                    </div>
+                    <div class="col-md-2 col-xs-6">
+                        {% bootstrap_field filter_form.provider layout='inline' %}
+                    </div>
+                {% endif %}
+                <div class="col-md-2 col-xs-6">
+                    {% bootstrap_field filter_form.query layout='inline' %}
+                </div>
+                <div class="col-md-2 col-xs-6">
+                    <button class="btn btn-primary btn-block" type="submit">
+                        <span class="fa fa-filter"></span>
+                        <span class="hidden-md">
+                            {% trans "Filter" %}
                         </span>
-                    </div>
-                </form>
-                <form class="" action="" method="get">
-                    <div class="col-md-2 col-xs-6">
-                        {% bootstrap_field filter_form.status layout='inline' %}
-                    </div>
-                    {% if request.event.has_subevents %}
-                        <div class="col-md-1 col-xs-6">
-                            {% bootstrap_field filter_form.item layout='inline' %}
-                        </div>
-                        <div class="col-md-2 col-xs-6">
-                            {% bootstrap_field filter_form.subevent layout='inline' %}
-                        </div>
-                        <div class="col-md-1 col-xs-6">
-                            {% bootstrap_field filter_form.provider layout='inline' %}
-                        </div>
-                    {% else %}
-                        <div class="col-md-2 col-xs-6">
-                            {% bootstrap_field filter_form.item layout='inline' %}
-                        </div>
-                        <div class="col-md-2 col-xs-6">
-                            {% bootstrap_field filter_form.provider layout='inline' %}
-                        </div>
-                    {% endif %}
-                    <div class="col-md-2 col-xs-6">
-                        {% bootstrap_field filter_form.query layout='inline' %}
-                    </div>
-                    <div class="col-md-1 col-xs-6">
-                        <button class="btn btn-primary btn-block" type="submit">
-                            <span class="fa fa-filter"></span>
-                        </button>
-                    </div>
-                    <div class="col-md-1 col-xs-6">
-                        <a href="{% url "control:event.orders.search" event=request.event.slug organizer=request.event.organizer.slug %}" class="btn btn-default btn-block" type="submit" data-toggle="tooltip" title="{% trans "Advanced search" %}">
-                            <span class="fa fa-cog"></span>
-                        </a>
-                    </div>
-                </form>
-            </div>
-        {% endif %}
+                    </button>
+                </div>
+            </form>
+        </div>
         {% if filter_form.is_valid and filter_form.cleaned_data.question %}
             <p class="text-muted">
                 <span class="fa fa-filter"></span>

src/pretix/control/templates/pretixcontrol/orders/overview.html

@@ -12,14 +12,7 @@
             <button type="button" data-target=".sum-net" class="btn btn-default">{% trans "Revenue (net)" %}</button>
         </div>
     </div>
-	<h1>
-        {% trans "Order overview" %}
-        <a href="{% url "control:event.orders.export" event=request.event.slug organizer=request.event.organizer.slug %}?identifier=pdfreport"
-           class="btn btn-default" target="_blank">
-            <span class="fa fa-download"></span>
-            {% trans "PDF" %}
-        </a>
-    </h1>
+	<h1>{% trans "Order overview" %}</h1>
     <div class="row filter-form">
         <form class="" action="" method="get">
             {% if request.event.has_subevents %}
@@ -65,14 +58,12 @@
                     <th>{% trans "Product" %}</th>
                     <th>{% trans "Canceled" %}¹</th>
                     <th>{% trans "Expired" %}</th>
-                    <th>{% trans "Approval pending" %}</th>
                     <th colspan="3" class="text-center">{% trans "Purchased" %}</th>
                 </tr>
                 <tr>
                     <th></th>
                     <th></th>
                     <th></th>
-                    <th></th>
                     <th>{% trans "Pending" %}</th>
                     <th>{% trans "Paid" %}</th>
                     <th>{% trans "Total" %}</th>
@@ -85,7 +76,6 @@
                             <th>{{ tup.0 }}</th>
                             <th>{{ tup.0.num.canceled|togglesum:request.event.currency }}</th>
                             <th>{{ tup.0.num.expired|togglesum:request.event.currency }}</th>
-                            <th>{{ tup.0.num.unapproved|togglesum:request.event.currency }}</th>
                             <th>{{ tup.0.num.pending|togglesum:request.event.currency }}</th>
                             <th>{{ tup.0.num.paid|togglesum:request.event.currency }}</th>
                             <th>{{ tup.0.num.total|togglesum:request.event.currency }}</th>
@@ -105,12 +95,7 @@
                                 </a>
                             </td>
                             <td>
-                                <a href="{{ listurl }}?item={{ item.id }}&amp;status=pa&amp;provider={{ item.provider }}">
-                                    {{ item.num.unapproved|togglesum:request.event.currency }}
-                                </a>
-                            </td>
-                            <td>
-                                <a href="{{ listurl }}?item={{ item.id }}&amp;status=na&amp;provider={{ item.provider }}">
+                                <a href="{{ listurl }}?item={{ item.id }}&amp;status=n&amp;provider={{ item.provider }}">
                                     {{ item.num.pending|togglesum:request.event.currency }}
                                 </a>
                             </td>
@@ -138,12 +123,7 @@
                                         </a>
                                     </td>
                                     <td>
-                                        <a href="{{ listurl }}?item={{ item.id }}-{{ var.id }}&amp;status=pa&amp;provider={{ item.provider }}">
-                                            {{ var.num.unapproved|togglesum:request.event.currency }}
-                                        </a>
-                                    </td>
-                                    <td>
-                                        <a href="{{ listurl }}?item={{ item.id }}-{{ var.id }}&amp;status=na&amp;provider={{ item.provider }}">
+                                        <a href="{{ listurl }}?item={{ item.id }}-{{ var.id }}&amp;status=n&amp;provider={{ item.provider }}">
                                             {{ var.num.pending|togglesum:request.event.currency }}
                                         </a>
                                     </td>
@@ -166,7 +146,6 @@
                     <th>{% trans "Total" %}</th>
                     <th>{{ total.num.canceled|togglesum:request.event.currency }}</th>
                     <th>{{ total.num.expired|togglesum:request.event.currency }}</th>
-                    <th>{{ total.num.unapproved|togglesum:request.event.currency }}</th>
                     <th>{{ total.num.pending|togglesum:request.event.currency }}</th>
                     <th>{{ total.num.paid|togglesum:request.event.currency }}</th>
                     <th>{{ total.num.total|togglesum:request.event.currency }}</th>

src/pretix/control/templates/pretixcontrol/orders/search.html

@@ -1,23 +0,0 @@
-{% extends "pretixcontrol/event/base.html" %}
-{% load i18n %}
-{% load eventurl %}
-{% load urlreplace %}
-{% load money %}
-{% load bootstrap3 %}
-{% block title %}{% trans "Order search" %}{% endblock %}
-{% block content %}
-    <h1>{% trans "Order search" %}</h1>
-    <form class="form-horizontal" action="{% url "control:event.orders" event=request.event.slug organizer=request.event.organizer.slug %}" method="get">
-        {% for f in forms %}
-            {% bootstrap_form_errors f layout='control' %}
-            {% for field in f %}
-                {% bootstrap_field field layout='control' %}
-            {% endfor %}
-        {% endfor %}
-        <div class="form-group submit-group">
-            <button type="submit" class="btn btn-primary btn-save">
-                {% trans "Search" %}
-            </button>
-        </div>
-    </form>
-{% endblock %}

src/pretix/control/templates/pretixcontrol/user/notifications_disable.html

@@ -1,13 +0,0 @@
-{% extends "pretixcontrol/auth/base.html" %}
-{% load i18n %}
-{% load bootstrap3 %}
-{% block title %}{% trans "Disable notifications" %}{% endblock %}
-{% block content %}
-    <form action="" method="post" class="form-signin">
-        {% csrf_token %}
-        <div class="text-center">
-            <p>Please confirm that you no longer want to receive notifications for any of your events.</p>
-            <p><button type="submit" class="btn btn-primary" value="Disable notifications">Disable notifications</button></p>
-        </div>
-    </form>
-{% endblock %}

src/pretix/control/urls.py

@@ -283,7 +283,6 @@ urlpatterns = [
         url(r'^orders/refunds/$', orders.RefundList.as_view(), name='event.orders.refunds'),
         url(r'^orders/go$', orders.OrderGo.as_view(), name='event.orders.go'),
         url(r'^orders/$', orders.OrderList.as_view(), name='event.orders'),
-        url(r'^orders/search$', orders.OrderSearch.as_view(), name='event.orders.search'),
         url(r'^dangerzone/$', event.DangerZone.as_view(), name='event.dangerzone'),
         url(r'^cancel/$', orders.EventCancel.as_view(), name='event.cancel'),
         url(r'^shredder/$', shredder.StartShredView.as_view(), name='event.shredder.start'),

src/pretix/control/views/auth.py

@@ -74,15 +74,13 @@ def login(request):
         backend = [b for b in backends if b.visible][0]
     if request.user.is_authenticated:
         next_url = backend.get_next_url(request) or 'control:index'
-        if next_url and url_has_allowed_host_and_scheme(next_url, allowed_hosts=None):
-            return redirect(next_url)
-        return redirect(reverse('control:index'))
+        return redirect(next_url)
     if request.method == 'POST':
-        form = LoginForm(backend=backend, data=request.POST, request=request)
+        form = LoginForm(backend=backend, data=request.POST)
         if form.is_valid() and form.user_cache and form.user_cache.auth_backend == backend.identifier:
             return process_login(request, form.user_cache, form.cleaned_data.get('keep_logged_in', False))
     else:
-        form = LoginForm(backend=backend, request=request)
+        form = LoginForm(backend=backend)
     ctx['form'] = form
     ctx['can_register'] = settings.PRETIX_REGISTRATION
     ctx['can_reset'] = settings.PRETIX_PASSWORD_RESET

src/pretix/control/views/event.py

@@ -937,7 +937,6 @@ class EventDelete(RecentAuthenticationRequiredMixin, EventPermissionRequiredMixi
                     data={
                         'event_id': self.request.event.pk,
                         'name': str(self.request.event.name),
-                        'slug': self.request.event.slug,
                         'logentries': list(self.request.event.logentry_set.values_list('pk', flat=True))
                     }
                 )

src/pretix/control/views/main.py

@@ -236,10 +236,6 @@ class EventWizard(SafeSessionWizardView):
             event.has_subevents = foundation_data['has_subevents']
             event.testmode = True
             form_dict['basics'].save()
-            event.log_action(
-                'pretix.event.added',
-                user=self.request.user,
-            )
 
             if not EventWizardBasicsForm.has_control_rights(self.request.user, event.organizer):
                 if basics_data["team"] is not None:

src/pretix/control/views/orders.py

@@ -45,7 +45,7 @@ from pretix.base.models import (
 from pretix.base.models.orders import (
     CancellationRequest, OrderFee, OrderPayment, OrderPosition, OrderRefund,
 )
-from pretix.base.models.tax import cc_to_vat_prefix, is_eu_country
+from pretix.base.models.tax import EU_COUNTRIES, cc_to_vat_prefix
 from pretix.base.payment import PaymentException
 from pretix.base.secrets import assign_ticket_secret
 from pretix.base.services import tickets
@@ -74,8 +74,7 @@ from pretix.base.templatetags.rich_text import markdown_compile_email
 from pretix.base.views.mixins import OrderQuestionsViewMixin
 from pretix.base.views.tasks import AsyncAction
 from pretix.control.forms.filter import (
-    EventOrderExpertFilterForm, EventOrderFilterForm, OverviewFilterForm,
-    RefundFilterForm,
+    EventOrderFilterForm, OverviewFilterForm, RefundFilterForm,
 )
 from pretix.control.forms.orders import (
     CancelForm, CommentForm, ConfirmPaymentForm, EventCancelForm, ExporterForm,
@@ -85,7 +84,6 @@ from pretix.control.forms.orders import (
     OrderRefundForm, OtherOperationsForm,
 )
 from pretix.control.permissions import EventPermissionRequiredMixin
-from pretix.control.signals import order_search_forms
 from pretix.control.views import PaginationMixin
 from pretix.helpers.safedownload import check_token
 from pretix.presale.signals import question_form_fields
@@ -93,31 +91,7 @@ from pretix.presale.signals import question_form_fields
 logger = logging.getLogger(__name__)
 
 
-class OrderSearchMixin:
-    def get_forms(self):
-        f = [
-            EventOrderExpertFilterForm(
-                data=self.request.GET,
-                event=self.request.event,
-                prefix='expert',
-            )
-        ]
-        for recv, resp in order_search_forms.send(sender=self.request.event, request=self.request):
-            f.append(resp)
-        return f
-
-
-class OrderSearch(OrderSearchMixin, EventPermissionRequiredMixin, TemplateView):
-    template_name = 'pretixcontrol/orders/search.html'
-    permission = 'can_view_orders'
-
-    def get_context_data(self, **kwargs):
-        ctx = super().get_context_data(**kwargs)
-        ctx['forms'] = self.get_forms()
-        return ctx
-
-
-class OrderList(OrderSearchMixin, EventPermissionRequiredMixin, PaginationMixin, ListView):
+class OrderList(EventPermissionRequiredMixin, PaginationMixin, ListView):
     model = Order
     context_object_name = 'orders'
     template_name = 'pretixcontrol/orders/index.html'
@@ -131,21 +105,12 @@ class OrderList(OrderSearchMixin, EventPermissionRequiredMixin, PaginationMixin,
         if self.filter_form.is_valid():
             qs = self.filter_form.filter_qs(qs)
 
-        for f in self.get_forms():
-            if any(k.startswith(f.prefix) for k in self.request.GET.keys()) and f.is_valid():
-                qs = f.filter_qs(qs)
-
         return qs
 
     def get_context_data(self, **kwargs):
         ctx = super().get_context_data(**kwargs)
         ctx['filter_form'] = self.filter_form
 
-        ctx['filter_strings'] = []
-        for f in self.get_forms():
-            if any(k.startswith(f.prefix) for k in self.request.GET.keys()) and f.is_valid():
-                ctx['filter_strings'] += f.filter_to_strings()
-
         # Only compute this annotations for this page (query optimization)
         s = OrderPosition.objects.filter(
             order=OuterRef('pk')
@@ -601,17 +566,16 @@ class OrderRefundProcess(OrderView):
         if self.refund.state == OrderRefund.REFUND_STATE_EXTERNAL:
             self.refund.done(user=self.request.user)
 
-            if self.order.status != Order.STATUS_CANCELED and self.order.positions.exists():
-                if self.request.POST.get("action") == "r":
-                    mark_order_refunded(self.order, user=self.request.user)
-                elif not (self.order.status == Order.STATUS_PAID and self.order.pending_sum <= 0):
-                    self.order.status = Order.STATUS_PENDING
-                    self.order.set_expires(
-                        now(),
-                        self.order.event.subevents.filter(
-                            id__in=self.order.positions.values_list('subevent_id', flat=True))
-                    )
-                    self.order.save(update_fields=['status', 'expires'])
+            if self.request.POST.get("action") == "r" and (self.order.status != Order.STATUS_CANCELED and self.order.positions.exists()):
+                mark_order_refunded(self.order, user=self.request.user)
+            elif not (self.order.status == Order.STATUS_PAID and self.order.pending_sum <= 0):
+                self.order.status = Order.STATUS_PENDING
+                self.order.set_expires(
+                    now(),
+                    self.order.event.subevents.filter(
+                        id__in=self.order.positions.values_list('subevent_id', flat=True))
+                )
+                self.order.save(update_fields=['status', 'expires'])
 
             messages.success(self.request, _('The refund has been processed.'))
         else:
@@ -1166,7 +1130,7 @@ class OrderCheckVATID(OrderView):
                 messages.error(self.request, _('No country specified.'))
                 return redirect(self.get_order_url())
 
-            if not is_eu_country(ia.country):
+            if str(ia.country) not in EU_COUNTRIES:
                 messages.error(self.request, _('VAT ID could not be checked since a non-EU country has been '
                                                'specified.'))
                 return redirect(self.get_order_url())
@@ -1551,7 +1515,7 @@ class OrderChange(OrderView):
                 elif change_subevent is not None:
                     ocm.change_subevent(p, *change_subevent)
 
-                if p.form.cleaned_data.get('seat') and (not p.seat or p.form.cleaned_data['seat'] != p.seat.seat_guid or change_subevent):
+                if p.form.cleaned_data.get('seat') and (not p.seat or p.form.cleaned_data['seat'] != p.seat.seat_guid):
                     ocm.change_seat(p, p.form.cleaned_data['seat'])
 
                 if p.form.cleaned_data['price'] is not None and p.form.cleaned_data['price'] != p.price:
@@ -2045,9 +2009,9 @@ class ExportDoView(EventPermissionRequiredMixin, ExportMixin, AsyncAction, View)
             messages.error(self.request, _('There was a problem processing your input. See below for error details.'))
             return self.get(request, *args, **kwargs)
 
-        cf = CachedFile(web_download=True, session_key=request.session.session_key)
+        cf = CachedFile()
         cf.date = now()
-        cf.expires = now() + timedelta(hours=24)
+        cf.expires = now() + timedelta(days=3)
         cf.save()
         return self.do(self.request.event.id, str(cf.id), self.exporter.identifier, self.exporter.form.cleaned_data)
 

src/pretix/control/views/organizer.py

@@ -1057,7 +1057,7 @@ class GiftCardDetailView(OrganizerDetailViewMixin, OrganizerPermissionRequiredMi
                     })
                 )
                 try:
-                    r.payment_provider.execute_payment(request, r)
+                    r.payment_provider.execute_payment(None, r)
                 except PaymentException as e:
                     with transaction.atomic():
                         r.state = OrderPayment.PAYMENT_STATE_FAILED
@@ -1245,17 +1245,15 @@ class ExportDoView(OrganizerPermissionRequiredMixin, ExportMixin, AsyncAction, V
             messages.error(self.request, _('There was a problem processing your input. See below for error details.'))
             return self.get(request, *args, **kwargs)
 
-        cf = CachedFile(web_download=True, session_key=request.session.session_key)
+        cf = CachedFile()
         cf.date = now()
-        cf.expires = now() + timedelta(hours=24)
+        cf.expires = now() + timedelta(days=3)
         cf.save()
         return self.do(
             organizer=self.request.organizer.id,
             user=self.request.user.id,
             fileid=str(cf.id),
             provider=self.exporter.identifier,
-            device=None,
-            token=None,
             form_data=self.exporter.form.cleaned_data
         )
 

src/pretix/control/views/pdf.py

@@ -137,7 +137,7 @@ class BaseEditorView(EventPermissionRequiredMixin, TemplateView):
             buffer = BytesIO()
             p.write(buffer)
             buffer.seek(0)
-            c = CachedFile(web_download=True)
+            c = CachedFile()
             c.expires = now() + timedelta(days=7)
             c.date = now()
             c.filename = 'background_preview.pdf'
@@ -162,7 +162,7 @@ class BaseEditorView(EventPermissionRequiredMixin, TemplateView):
                     "status": "error",
                     "error": error
                 })
-            c = CachedFile(web_download=True)
+            c = CachedFile()
             c.expires = now() + timedelta(days=7)
             c.date = now()
             c.filename = 'background_preview.pdf'

src/pretix/control/views/shredder.py

@@ -75,7 +75,7 @@ class ShredExportView(RecentAuthenticationRequiredMixin, EventPermissionRequired
         if constr:
             return self.error(ShredError(self.get_error_url()))
 
-        return self.do(self.request.event.id, request.POST.getlist("shredder"), self.request.session.session_key)
+        return self.do(self.request.event.id, request.POST.getlist("shredder"))
 
 
 class ShredDoView(RecentAuthenticationRequiredMixin, EventPermissionRequiredMixin, ShredderMixin, AsyncAction, View):

src/pretix/control/views/subevents.py

@@ -4,7 +4,7 @@ from datetime import datetime, timedelta
 from dateutil.rrule import DAILY, MONTHLY, WEEKLY, YEARLY, rrule, rruleset
 from django.contrib import messages
 from django.core.files import File
-from django.db import connections, transaction
+from django.db import transaction
 from django.db.models import F, IntegerField, OuterRef, Prefetch, Subquery, Sum
 from django.db.models.functions import Coalesce
 from django.forms import inlineformset_factory
@@ -863,13 +863,7 @@ class SubEventBulkCreate(SubEventEditorMixin, EventPermissionRequiredMixin, Crea
                 f.subevent = se
                 f.save()
 
-        if connections['default'].features.can_return_rows_from_bulk_insert:
-            LogEntry.objects.bulk_create(log_entries)
-            LogEntry.bulk_postprocess(log_entries)
-        else:
-            for le in log_entries:
-                le.save()
-            LogEntry.bulk_postprocess(log_entries)
+        LogEntry.objects.bulk_create(log_entries)
 
         self.request.event.cache.clear()
         messages.success(self.request, pgettext_lazy('subevent', '{} new dates have been created.').format(len(subevents)))

src/pretix/control/views/user.py

@@ -22,7 +22,6 @@ from django.views import View
 from django.views.generic import FormView, ListView, TemplateView, UpdateView
 from django_otp.plugins.otp_static.models import StaticDevice
 from django_otp.plugins.otp_totp.models import TOTPDevice
-from django_scopes import scopes_disabled
 
 from pretix.base.auth import get_auth_backends
 from pretix.base.forms.auth import ReauthForm
@@ -577,13 +576,7 @@ class User2FARegenerateEmergencyView(RecentAuthenticationRequiredMixin, Template
 
 
 class UserNotificationsDisableView(TemplateView):
-    template_name = 'pretixcontrol/user/notifications_disable.html'
-
-    @scopes_disabled()
-    def dispatch(self, request, *args, **kwargs):
-        return super().dispatch(request, *args, **kwargs)
-
-    def post(self, request, *args, **kwargs):
+    def get(self, request, *args, **kwargs):
         user = get_object_or_404(User, notifications_token=kwargs.get('token'), pk=kwargs.get('id'))
         user.notifications_send = False
         user.save()

src/pretix/helpers/config.py

@@ -1,43 +0,0 @@
-import os
-import re
-from configparser import _UNSET
-
-
-class EnvOrParserConfig:
-    def __init__(self, configparser):
-        self.cp = configparser
-
-    def _envkey(self, section, option):
-        section = re.sub('[^a-zA-Z0-9]', '_', section.upper())
-        option = re.sub('[^a-zA-Z0-9]', '_', option.upper())
-        return f'PRETIX_{section}_{option}'
-
-    def get(self, section, option, *, raw=False, vars=None, fallback=_UNSET):
-        if self._envkey(section, option) in os.environ:
-            return os.environ[self._envkey(section, option)]
-        return self.cp.get(section, option, raw=raw, vars=vars, fallback=fallback)
-
-    def getint(self, section, option, *, raw=False, vars=None, fallback=_UNSET):
-        if self._envkey(section, option) in os.environ:
-            return int(os.environ[self._envkey(section, option)])
-        return self.cp.getint(section, option, raw=raw, vars=vars, fallback=fallback)
-
-    def getfloat(self, section, option, *, raw=False, vars=None, fallback=_UNSET):
-        if self._envkey(section, option) in os.environ:
-            return float(os.environ[self._envkey(section, option)])
-        return self.cp.getfloat(section, option, raw=raw, vars=vars, fallback=fallback)
-
-    def getboolean(self, section, option, *, raw=False, vars=None, fallback=_UNSET):
-        if self._envkey(section, option) in os.environ:
-            return self.cp._convert_to_boolean(os.environ[self._envkey(section, option)])
-        return self.cp.getboolean(section, option, raw=raw, vars=vars, fallback=fallback)
-
-    def has_section(self, section):
-        if any(k.startswith(self._envkey(section, '')) for k in os.environ):
-            return True
-        return self.cp.has_section(section)
-
-    def has_option(self, section, option):
-        if self._envkey(section, option) in os.environ:
-            return True
-        return self.cp.has_option(section, option)

src/pretix/locale/ar/LC_MESSAGES/djangojs.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-11-24 09:10+0000\n"
+"POT-Creation-Date: 2020-10-24 20:02+0000\n"
 "PO-Revision-Date: 2020-07-30 19:00+0000\n"
 "Last-Translator: Abdullah <abdullah.gumaijan@gmail.com>\n"
 "Language-Team: Arabic <https://translate.pretix.eu/projects/pretix/pretix-js/"

src/pretix/locale/ca/LC_MESSAGES/djangojs.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-11-24 09:10+0000\n"
+"POT-Creation-Date: 2020-10-24 20:02+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: none\n"

src/pretix/locale/cs/LC_MESSAGES/djangojs.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-11-24 09:10+0000\n"
+"POT-Creation-Date: 2020-10-24 20:02+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: Automatically generated\n"
 "Language-Team: none\n"

src/pretix/locale/da/LC_MESSAGES/djangojs.po

@@ -6,7 +6,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-11-24 09:10+0000\n"
+"POT-Creation-Date: 2020-10-24 20:02+0000\n"
 "PO-Revision-Date: 2020-09-15 02:00+0000\n"
 "Last-Translator: Mie Frydensbjerg <mif@aarhus.dk>\n"
 "Language-Team: Danish <https://translate.pretix.eu/projects/pretix/pretix-js/"

src/pretix/locale/de/LC_MESSAGES/djangojs.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-11-24 09:10+0000\n"
+"POT-Creation-Date: 2020-10-24 20:02+0000\n"
 "PO-Revision-Date: 2020-08-25 02:00+0000\n"
 "Last-Translator: Dennis Lichtenthäler <lichtenthaeler@rami.io>\n"
 "Language-Team: German <https://translate.pretix.eu/projects/pretix/pretix-js/"

src/pretix/locale/de/wordlist.txt

@@ -128,7 +128,6 @@ Leaflet
 loszulegen
 Ltd
 max
-Merchandise
 Meta
 Metadaten
 Mi

src/pretix/locale/de_Informal/LC_MESSAGES/djangojs.po

@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: \n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2020-11-24 09:10+0000\n"
+"POT-Creation-Date: 2020-10-24 20:02+0000\n"
 "PO-Revision-Date: 2020-08-25 02:00+0000\n"
 "Last-Translator: Dennis Lichtenthäler <lichtenthaeler@rami.io>\n"
 "Language-Team: German (informal) <https://translate.pretix.eu/projects/"

src/pretix/locale/de_Informal/wordlist.txt

@@ -128,7 +128,6 @@ Leaflet
 loszulegen
 Ltd
 max
-Merchandise
 Meta
 Metadaten
 Mi