Bump to 2.7.1

Fix #1279 -- Incorrect initial price value in widget in German locale
Fix #1282 -- Work around issues in file backends
2019-05-14 09:16:14 +02:00 · 2019-05-14 09:10:12 +02:00 · 2019-05-14 09:10:12 +02:00 · 2019-05-14 09:10:12 +02:00 · 2019-05-14 09:10:12 +02:00
266 changed files with 35416 additions and 50426 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -25,6 +25,8 @@ matrix:
      env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
    - python: 3.5
      env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
+    - python: 3.7
+      env: JOB=plugins
    - python: 3.7
      env: JOB=doc-spelling
    - python: 3.7
--- a/doc/admin/config.rst
+++ b/doc/admin/config.rst
@@ -273,24 +273,6 @@ to speed up various operations::
 If redis is not configured, pretix will store sessions and locks in the database. If memcached
 is configured, memcached will be used for caching instead of redis.

-Translations
------------
-
-pretix comes with a number of translations. Some of them are marked as "incubating", which means
-they can usually only be selected in development mode. If you want to use them nevertheless, you
-can activate them like this::
-
-    [languages]
-    allow_incubating=pt-br,da
-
-You can also tell pretix about additional paths where it will search for translations::
-
-    [languages]
-    path=/path/to/my/translations
-
-For a given language (e.g. ``pt-br``), pretix will then look in the
-specific sub-folder, e.g. ``/path/to/my/translations/pt_BR/LC_MESSAGES/django.po``.
-
 Celery task queue
 -----------------

--- a/doc/api/resources/billing_invoices.rst
+++ b/doc/api/resources/billing_invoices.rst
@@ -1,131 +0,0 @@
-pretix Hosted billing invoices
-==============================
-
-This endpoint allows you to access invoices you received for pretix Hosted. It only contains invoices created starting
-November 2017.
-
-.. note:: Only available on pretix Hosted, not on self-hosted pretix instances.
-
-Resource description
--------------------
-
-The resource contains the following public fields:
-
-.. rst-class:: rest-resource-table
-
-===================================== ========================== =======================================================
-Field                                 Type                       Description
-===================================== ========================== =======================================================
-invoice_number                        string                     Invoice number
-date_issued                           date                       Invoice date
-===================================== ========================== =======================================================
-
-
-Endpoints
---------
-
-.. http:get:: /api/v1/organizers/(organizer)/billing_invoices/
-
-   Returns a list of all invoices to a given organizer.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      GET /api/v1/organizers/bigevents/billing_invoices/ HTTP/1.1
-      Host: pretix.eu
-      Accept: application/json, text/javascript
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/json
-
-      {
-        "count": 1,
-        "next": null,
-        "previous": null,
-        "results": [
-          {
-            "invoice_number": "R2019002",
-            "date_issued": "2019-06-03"
-          }
-        ]
-      }
-
-   :query integer page: The page number in case of a multi-page result set, default is 1
-   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``date_issued`` and
-                           its reverse, ``-date_issued``. Default: ``date_issued``.
-   :param organizer: The ``slug`` field of the organizer to fetch
-   :statuscode 200: no error
-   :statuscode 401: Authentication failure
-   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
-
-.. http:get:: /api/v1/organizers/(organizer)/billing_invoices/(invoice_number)/
-
-   Returns information on one invoice, identified by its invoice number.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      GET /api/v1/organizers/bigevents/billing_invoices/R2019002/ HTTP/1.1
-      Host: pretix.eu
-      Accept: application/json, text/javascript
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/json
-
-      {
-        "invoice_number": "R2019002",
-        "date_issued": "2019-06-03"
-      }
-
-   :param organizer: The ``slug`` field of the organizer to fetch
-   :param invoice_number: The ``invoice_number`` field of the invoice to fetch
-   :statuscode 200: no error
-   :statuscode 401: Authentication failure
-   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
-
-.. http:get:: /api/v1/organizers/(organizer)/billing_invoices/(invoice_number)/download/
-
-   Download an invoice in PDF format.
-
-   .. warning:: After we created the invoices, they are placed in review with our accounting department. You will
-                already see them in the API at this point, but you are not able to download them until they completed
-                review and are sent to you via email. This usually takes a few hours. If you try to download them
-                in this time frame, you will receive a status code :http:statuscode:`423`.
-
-   **Example request**:
-
-   .. sourcecode:: http
-
-      GET /api/v1/organizers/bigevents/billing_invoices/R2019002/download/ HTTP/1.1
-      Host: pretix.eu
-      Accept: application/json, text/javascript
-
-   **Example response**:
-
-   .. sourcecode:: http
-
-      HTTP/1.1 200 OK
-      Vary: Accept
-      Content-Type: application/pdf
-
-      ...
-
-   :param organizer: The ``slug`` field of the organizer to fetch
-   :param invoice_number: The ``invoice_number`` field of the invoice to fetch
-   :statuscode 200: no error
-   :statuscode 401: Authentication failure
-   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
-   :statuscode 423: The file is not yet ready and will now be prepared. Retry the request after waiting for a few
-                    seconds.
--- a/doc/api/resources/events.rst
+++ b/doc/api/resources/events.rst
@@ -50,10 +50,6 @@ plugins                               list                       A list of packa

   The ``testmode`` attribute has been added.

-.. versionchanged:: 2.8
-
-    When cloning events, the ``testmode`` attribute will now be cloned, too.
-
 Endpoints
 ---------

@@ -116,9 +112,6 @@ Endpoints
   :query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned. Event series are never (always) returned.
   :query is_past: If set to ``true`` (``false``), only events that are over are (not) returned. Event series are never (always) returned.
   :query ends_after: If set to a date and time, only events that happen during of after the given time are returned. Event series are never returned.
-   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``date_from`` and
-                           ``slug``. Keep in mind that ``date_from`` of event series does not really tell you anything.
-                           Default: ``slug``.
   :param organizer: The ``slug`` field of a valid organizer
   :statuscode 200: no error
   :statuscode 401: Authentication failure
@@ -253,7 +246,7 @@ Endpoints
 .. http:post:: /api/v1/organizers/(organizer)/events/(event)/clone/

   Creates a new event with properties as set in the request body. The properties that are copied are: 'is_public',
-   `testmode`, settings, plugin settings, items, variations, add-ons, quotas, categories, tax rules, questions.
+   settings, plugin settings, items, variations, add-ons, quotas, categories, tax rules, questions.

   If the 'plugins' and/or 'is_public' fields are present in the post body this will determine their value. Otherwise
   their value will be copied from the existing event.
--- a/doc/api/resources/index.rst
+++ b/doc/api/resources/index.rst
@@ -23,4 +23,3 @@ Resources and endpoints
   waitinglist
   carts
   webhooks
-   billing_invoices
--- a/doc/api/resources/organizers.rst
+++ b/doc/api/resources/organizers.rst
@@ -56,8 +56,6 @@ Endpoints
      }

   :query page: The page number in case of a multi-page result set, default is 1
-   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``slug`` and
-                           ``name``. Default: ``slug``.
   :statuscode 200: no error
   :statuscode 401: Authentication failure

--- a/doc/conf.py
+++ b/doc/conf.py
@@ -66,7 +66,7 @@ source_suffix = '.rst'
 #source_encoding = 'utf-8-sig'

 # The master toctree document.
-master_doc = 'index'
+master_doc = 'contents'

 # General information about the project.
 project = 'pretix'
@@ -234,7 +234,7 @@ latex_elements = {
 # (source start file, target name, title,
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
-  ('index', 'pretix.tex', 'pretix Documentation',
+  ('contents', 'pretix.tex', 'pretix Documentation',
   'Raphael Michel', 'manual'),
 ]

--- a/doc/contents.rst
+++ b/doc/contents.rst
--- a/doc/development/api/general.rst
+++ b/doc/development/api/general.rst
@@ -20,13 +20,13 @@ Order events
 There are multiple signals that will be sent out in the ordering cycle:

 .. automodule:: pretix.base.signals
-   :members: validate_cart, validate_order, order_fee_calculation, order_paid, order_placed, order_canceled, order_expired, order_modified, order_changed, order_approved, order_denied, order_fee_type_name, allow_ticket_download
+   :members: validate_cart, order_fee_calculation, order_paid, order_placed, order_canceled, order_expired, order_modified, order_changed, order_approved, order_denied, order_fee_type_name, allow_ticket_download

 Frontend
 --------

 .. automodule:: pretix.presale.signals
-   :members: html_head, html_footer, footer_link, front_page_top, front_page_bottom, fee_calculation_for_cart, contact_form_fields, question_form_fields, checkout_confirm_messages, checkout_confirm_page_content, checkout_all_optional, html_page_header, sass_preamble, sass_postamble, checkout_flow_steps, order_info, order_meta_from_request, position_info
+   :members: html_head, html_footer, footer_link, front_page_top, front_page_bottom, fee_calculation_for_cart, contact_form_fields, question_form_fields, checkout_confirm_messages, checkout_confirm_page_content, checkout_all_optional, html_page_header, sass_preamble, sass_postamble, checkout_flow_steps, order_info, order_meta_from_request

 Request flow
 """"""""""""
@@ -45,11 +45,11 @@ Backend

 .. automodule:: pretix.control.signals
   :members: nav_event, html_head, html_page_start, quota_detail_html, nav_topbar, nav_global, nav_organizer, nav_event_settings,
-             order_info, event_settings_widget, oauth_application_registered, order_position_buttons, nav_item
+             order_info, event_settings_widget, oauth_application_registered, order_position_buttons


 .. automodule:: pretix.base.signals
-   :members: logentry_display, logentry_object_link, requiredaction_display, timeline_events
+   :members: logentry_display, logentry_object_link, requiredaction_display

 Vouchers
 """"""""
--- a/doc/development/setup.rst
+++ b/doc/development/setup.rst
@@ -21,12 +21,10 @@ Your should install the following on your system:
 * Python 3.5 or newer
 * ``pip`` for Python 3 (Debian package: ``python3-pip``)
 * ``python-dev`` for Python 3 (Debian package: ``python3-dev``)
-* On Debian/Ubuntu: ``python-venv`` for Python 3 (Debian package: ``python3-venv``)
 * ``libffi`` (Debian package: ``libffi-dev``)
 * ``libssl`` (Debian package: ``libssl-dev``)
 * ``libxml2`` (Debian package ``libxml2-dev``)
 * ``libxslt`` (Debian package ``libxslt1-dev``)
-* ``libenchant1c2a`` (Debian package ``libenchant1c2a``)
 * ``msgfmt`` (Debian package ``gettext``)
 * ``git``

--- a/src/pretix/init.py
+++ b/src/pretix/init.py
@@ -1 +1 @@
-__version__ = "2.9.0.dev0"
+__version__ = "2.7.1"
--- a/src/pretix/api/auth/device.py
+++ b/src/pretix/api/auth/device.py
@@ -1,5 +1,4 @@
 from django.contrib.auth.models import AnonymousUser
-from django_scopes import scopes_disabled
 from rest_framework import exceptions
 from rest_framework.authentication import TokenAuthentication

@@ -13,8 +12,7 @@ class DeviceTokenAuthentication(TokenAuthentication):
    def authenticate_credentials(self, key):
        model = self.get_model()
        try:
-            with scopes_disabled():
-                device = model.objects.select_related('organizer').get(api_token=key)
+            device = model.objects.select_related('organizer').get(api_token=key)
        except model.DoesNotExist:
            raise exceptions.AuthenticationFailed('Invalid token.')

--- a/src/pretix/api/auth/permission.py
+++ b/src/pretix/api/auth/permission.py
@@ -3,7 +3,7 @@ from rest_framework.permissions import SAFE_METHODS, BasePermission
 from pretix.api.models import OAuthAccessToken
 from pretix.base.models import Device, Event, User
 from pretix.base.models.auth import SuperuserPermissionSet
-from pretix.base.models.organizer import TeamAPIToken
+from pretix.base.models.organizer import Organizer, TeamAPIToken
 from pretix.helpers.security import (
    SessionInvalid, SessionReauthRequired, assert_session_valid,
 )
@@ -50,6 +50,9 @@ class EventPermission(BasePermission):
                return False

        elif 'organizer' in request.resolver_match.kwargs:
+            request.organizer = Organizer.objects.filter(
+                slug=request.resolver_match.kwargs['organizer'],
+            ).first()
            if not request.organizer or not perm_holder.has_organizer_permission(request.organizer, request=request):
                return False
            if isinstance(perm_holder, User) and perm_holder.has_active_staff_session(request.session.session_key):
--- a/src/pretix/api/middleware.py
+++ b/src/pretix/api/middleware.py
@@ -4,13 +4,10 @@ from hashlib import sha1
 from django.conf import settings
 from django.db import transaction
 from django.http import HttpRequest, HttpResponse, JsonResponse
-from django.urls import resolve
 from django.utils.timezone import now
-from django_scopes import scope
 from rest_framework import status

 from pretix.api.models import ApiCall
-from pretix.base.models import Organizer


 class IdempotencyMiddleware:
@@ -92,21 +89,3 @@ class IdempotencyMiddleware:
            for k, v in json.loads(call.response_headers).values():
                r[k] = v
            return r
-
-
-class ApiScopeMiddleware:
-    def __init__(self, get_response):
-        self.get_response = get_response
-
-    def __call__(self, request: HttpRequest):
-        if not request.path.startswith('/api/'):
-            return self.get_response(request)
-
-        url = resolve(request.path_info)
-        if 'organizer' in url.kwargs:
-            request.organizer = Organizer.objects.filter(
-                slug=url.kwargs['organizer'],
-            ).first()
-
-        with scope(organizer=getattr(request, 'organizer', None)):
-            return self.get_response(request)
--- a/src/pretix/api/serializers/event.py
+++ b/src/pretix/api/serializers/event.py
@@ -164,7 +164,6 @@ class CloneEventSerializer(EventSerializer):
    def create(self, validated_data):
        plugins = validated_data.pop('plugins', None)
        is_public = validated_data.pop('is_public', None)
-        testmode = validated_data.pop('testmode', None)
        new_event = super().create(validated_data)

        event = Event.objects.filter(slug=self.context['event'], organizer=self.context['organizer'].pk).first()
@@ -174,8 +173,6 @@ class CloneEventSerializer(EventSerializer):
            new_event.set_active_plugins(plugins)
        if is_public is not None:
            new_event.is_public = is_public
-        if testmode is not None:
-            new_event.testmode = testmode
        new_event.save()

        return new_event
--- a/src/pretix/api/signals.py
+++ b/src/pretix/api/signals.py
@@ -2,7 +2,6 @@ from datetime import timedelta

 from django.dispatch import Signal, receiver
 from django.utils.timezone import now
-from django_scopes import scopes_disabled

 from pretix.api.models import ApiCall, WebHookCall
 from pretix.base.signals import periodic_task
@@ -18,12 +17,10 @@ instances.


@receiver(periodic_task)
-@scopes_disabled()
 def cleanup_webhook_logs(sender, **kwargs):
    WebHookCall.objects.filter(datetime__lte=now() - timedelta(days=30)).delete()


@receiver(periodic_task)
-@scopes_disabled()
 def cleanup_api_logs(sender, **kwargs):
    ApiCall.objects.filter(created__lte=now() - timedelta(hours=24)).delete()
--- a/src/pretix/api/views/checkin.py
+++ b/src/pretix/api/views/checkin.py
@@ -6,7 +6,6 @@ from django.shortcuts import get_object_or_404
 from django.utils.functional import cached_property
 from django.utils.timezone import now
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
-from django_scopes import scopes_disabled
 from rest_framework import viewsets
 from rest_framework.decorators import action
 from rest_framework.fields import DateTimeField
@@ -25,11 +24,11 @@ from pretix.base.services.checkin import (
 )
 from pretix.helpers.database import FixedOrderBy

-with scopes_disabled():
-    class CheckinListFilter(FilterSet):
-        class Meta:
-            model = CheckinList
-            fields = ['subevent']
+
+class CheckinListFilter(FilterSet):
+    class Meta:
+        model = CheckinList
+        fields = ['subevent']


 class CheckinListViewSet(viewsets.ModelViewSet):
@@ -147,16 +146,15 @@ class CheckinListViewSet(viewsets.ModelViewSet):
        return Response(response)


-with scopes_disabled():
-    class CheckinOrderPositionFilter(OrderPositionFilter):
+class CheckinOrderPositionFilter(OrderPositionFilter):

-        def has_checkin_qs(self, queryset, name, value):
-            return queryset.filter(last_checked_in__isnull=not value)
+    def has_checkin_qs(self, queryset, name, value):
+        return queryset.filter(last_checked_in__isnull=not value)


 class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
    serializer_class = CheckinListOrderPositionSerializer
-    queryset = OrderPosition.all.none()
+    queryset = OrderPosition.objects.none()
    filter_backends = (DjangoFilterBackend, RichOrderingFilter)
    ordering = ('attendee_name_cached', 'positionid')
    ordering_fields = (
--- a/src/pretix/api/views/event.py
+++ b/src/pretix/api/views/event.py
@@ -3,7 +3,6 @@ from django.db import transaction
 from django.db.models import ProtectedError, Q
 from django.utils.timezone import now
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
-from django_scopes import scopes_disabled
 from rest_framework import filters, viewsets
 from rest_framework.exceptions import PermissionDenied

@@ -19,51 +18,51 @@ from pretix.base.models import (
 from pretix.base.models.event import SubEvent
 from pretix.helpers.dicts import merge_dicts

-with scopes_disabled():
-    class EventFilter(FilterSet):
-        is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
-        is_future = django_filters.rest_framework.BooleanFilter(method='is_future_qs')
-        ends_after = django_filters.rest_framework.IsoDateTimeFilter(method='ends_after_qs')

-        class Meta:
-            model = Event
-            fields = ['is_public', 'live', 'has_subevents']
+class EventFilter(FilterSet):
+    is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
+    is_future = django_filters.rest_framework.BooleanFilter(method='is_future_qs')
+    ends_after = django_filters.rest_framework.IsoDateTimeFilter(method='ends_after_qs')

-        def ends_after_qs(self, queryset, name, value):
-            expr = (
-                Q(has_subevents=False) &
-                Q(
-                    Q(Q(date_to__isnull=True) & Q(date_from__gte=value))
-                    | Q(Q(date_to__isnull=False) & Q(date_to__gte=value))
-                )
+    class Meta:
+        model = Event
+        fields = ['is_public', 'live', 'has_subevents']
+
+    def ends_after_qs(self, queryset, name, value):
+        expr = (
+            Q(has_subevents=False) &
+            Q(
+                Q(Q(date_to__isnull=True) & Q(date_from__gte=value))
+                | Q(Q(date_to__isnull=False) & Q(date_to__gte=value))
            )
+        )
+        return queryset.filter(expr)
+
+    def is_past_qs(self, queryset, name, value):
+        expr = (
+            Q(has_subevents=False) &
+            Q(
+                Q(Q(date_to__isnull=True) & Q(date_from__lt=now()))
+                | Q(Q(date_to__isnull=False) & Q(date_to__lt=now()))
+            )
+        )
+        if value:
            return queryset.filter(expr)
+        else:
+            return queryset.exclude(expr)

-        def is_past_qs(self, queryset, name, value):
-            expr = (
-                Q(has_subevents=False) &
-                Q(
-                    Q(Q(date_to__isnull=True) & Q(date_from__lt=now()))
-                    | Q(Q(date_to__isnull=False) & Q(date_to__lt=now()))
-                )
+    def is_future_qs(self, queryset, name, value):
+        expr = (
+            Q(has_subevents=False) &
+            Q(
+                Q(Q(date_to__isnull=True) & Q(date_from__gte=now()))
+                | Q(Q(date_to__isnull=False) & Q(date_to__gte=now()))
            )
-            if value:
-                return queryset.filter(expr)
-            else:
-                return queryset.exclude(expr)
-
-        def is_future_qs(self, queryset, name, value):
-            expr = (
-                Q(has_subevents=False) &
-                Q(
-                    Q(Q(date_to__isnull=True) & Q(date_from__gte=now()))
-                    | Q(Q(date_to__isnull=False) & Q(date_to__gte=now()))
-                )
-            )
-            if value:
-                return queryset.filter(expr)
-            else:
-                return queryset.exclude(expr)
+        )
+        if value:
+            return queryset.filter(expr)
+        else:
+            return queryset.exclude(expr)


 class EventViewSet(viewsets.ModelViewSet):
@@ -73,8 +72,6 @@ class EventViewSet(viewsets.ModelViewSet):
    lookup_url_kwarg = 'event'
    permission_classes = (EventCRUDPermission,)
    filter_backends = (DjangoFilterBackend, filters.OrderingFilter)
-    ordering = ('slug',)
-    ordering_fields = ('date_from', 'slug')
    filterset_class = EventFilter

    def get_queryset(self):
@@ -183,42 +180,41 @@ class CloneEventViewSet(viewsets.ModelViewSet):
        )


-with scopes_disabled():
-    class SubEventFilter(FilterSet):
-        is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
-        is_future = django_filters.rest_framework.BooleanFilter(method='is_future_qs')
-        ends_after = django_filters.rest_framework.IsoDateTimeFilter(method='ends_after_qs')
+class SubEventFilter(FilterSet):
+    is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
+    is_future = django_filters.rest_framework.BooleanFilter(method='is_future_qs')
+    ends_after = django_filters.rest_framework.IsoDateTimeFilter(method='ends_after_qs')

-        class Meta:
-            model = SubEvent
-            fields = ['active', 'event__live']
+    class Meta:
+        model = SubEvent
+        fields = ['active', 'event__live']

-        def ends_after_qs(self, queryset, name, value):
-            expr = Q(
-                Q(Q(date_to__isnull=True) & Q(date_from__gte=value))
-                | Q(Q(date_to__isnull=False) & Q(date_to__gte=value))
-            )
+    def ends_after_qs(self, queryset, name, value):
+        expr = Q(
+            Q(Q(date_to__isnull=True) & Q(date_from__gte=value))
+            | Q(Q(date_to__isnull=False) & Q(date_to__gte=value))
+        )
+        return queryset.filter(expr)
+
+    def is_past_qs(self, queryset, name, value):
+        expr = Q(
+            Q(Q(date_to__isnull=True) & Q(date_from__lt=now()))
+            | Q(Q(date_to__isnull=False) & Q(date_to__lt=now()))
+        )
+        if value:
            return queryset.filter(expr)
+        else:
+            return queryset.exclude(expr)

-        def is_past_qs(self, queryset, name, value):
-            expr = Q(
-                Q(Q(date_to__isnull=True) & Q(date_from__lt=now()))
-                | Q(Q(date_to__isnull=False) & Q(date_to__lt=now()))
-            )
-            if value:
-                return queryset.filter(expr)
-            else:
-                return queryset.exclude(expr)
-
-        def is_future_qs(self, queryset, name, value):
-            expr = Q(
-                Q(Q(date_to__isnull=True) & Q(date_from__gte=now()))
-                | Q(Q(date_to__isnull=False) & Q(date_to__gte=now()))
-            )
-            if value:
-                return queryset.filter(expr)
-            else:
-                return queryset.exclude(expr)
+    def is_future_qs(self, queryset, name, value):
+        expr = Q(
+            Q(Q(date_to__isnull=True) & Q(date_from__gte=now()))
+            | Q(Q(date_to__isnull=False) & Q(date_to__gte=now()))
+        )
+        if value:
+            return queryset.filter(expr)
+        else:
+            return queryset.exclude(expr)


 class SubEventViewSet(ConditionalListView, viewsets.ModelViewSet):
@@ -246,14 +242,8 @@ class SubEventViewSet(ConditionalListView, viewsets.ModelViewSet):
        )

    def perform_update(self, serializer):
-        original_data = self.get_serializer(instance=serializer.instance).data
        super().perform_update(serializer)

-        if serializer.data == original_data:
-            # Performance optimization: If nothing was changed, we do not need to save or log anything.
-            # This costs us a few cycles on save, but avoids thousands of lines in our log.
-            return
-
        serializer.instance.log_action(
            'pretix.subevent.changed',
            user=self.request.user,
--- a/src/pretix/api/views/item.py
+++ b/src/pretix/api/views/item.py
@@ -3,7 +3,6 @@ from django.db.models import Q
 from django.shortcuts import get_object_or_404
 from django.utils.functional import cached_property
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
-from django_scopes import scopes_disabled
 from rest_framework import viewsets
 from rest_framework.decorators import action
 from rest_framework.exceptions import PermissionDenied
@@ -22,19 +21,19 @@ from pretix.base.models import (
 )
 from pretix.helpers.dicts import merge_dicts

-with scopes_disabled():
-    class ItemFilter(FilterSet):
-        tax_rate = django_filters.CharFilter(method='tax_rate_qs')

-        def tax_rate_qs(self, queryset, name, value):
-            if value in ("0", "None", "0.00"):
-                return queryset.filter(Q(tax_rule__isnull=True) | Q(tax_rule__rate=0))
-            else:
-                return queryset.filter(tax_rule__rate=value)
+class ItemFilter(FilterSet):
+    tax_rate = django_filters.CharFilter(method='tax_rate_qs')

-        class Meta:
-            model = Item
-            fields = ['active', 'category', 'admission', 'tax_rate', 'free_price']
+    def tax_rate_qs(self, queryset, name, value):
+        if value in ("0", "None", "0.00"):
+            return queryset.filter(Q(tax_rule__isnull=True) | Q(tax_rule__rate=0))
+        else:
+            return queryset.filter(tax_rule__rate=value)
+
+    class Meta:
+        model = Item
+        fields = ['active', 'category', 'admission', 'tax_rate', 'free_price']


 class ItemViewSet(ConditionalListView, viewsets.ModelViewSet):
@@ -66,14 +65,7 @@ class ItemViewSet(ConditionalListView, viewsets.ModelViewSet):
        return ctx

    def perform_update(self, serializer):
-        original_data = self.get_serializer(instance=serializer.instance).data
-
        serializer.save(event=self.request.event)
-
-        if serializer.data == original_data:
-            # Performance optimization: If nothing was changed, we do not need to save or log anything.
-            # This costs us a few cycles on save, but avoids thousands of lines in our log.
-            return
        serializer.instance.log_action(
            'pretix.event.item.changed',
            user=self.request.user,
@@ -320,11 +312,10 @@ class ItemCategoryViewSet(ConditionalListView, viewsets.ModelViewSet):
        super().perform_destroy(instance)


-with scopes_disabled():
-    class QuestionFilter(FilterSet):
-        class Meta:
-            model = Question
-            fields = ['ask_during_checkin', 'required', 'identifier']
+class QuestionFilter(FilterSet):
+    class Meta:
+        model = Question
+        fields = ['ask_during_checkin', 'required', 'identifier']


 class QuestionViewSet(ConditionalListView, viewsets.ModelViewSet):
@@ -420,11 +411,10 @@ class QuestionOptionViewSet(viewsets.ModelViewSet):
        super().perform_destroy(instance)


-with scopes_disabled():
-    class QuotaFilter(FilterSet):
-        class Meta:
-            model = Quota
-            fields = ['subevent']
+class QuotaFilter(FilterSet):
+    class Meta:
+        model = Quota
+        fields = ['subevent']


 class QuotaViewSet(ConditionalListView, viewsets.ModelViewSet):
@@ -462,17 +452,9 @@ class QuotaViewSet(ConditionalListView, viewsets.ModelViewSet):
        return ctx

    def perform_update(self, serializer):
-        original_data = self.get_serializer(instance=serializer.instance).data
-
        current_subevent = serializer.instance.subevent
        serializer.save(event=self.request.event)
        request_subevent = serializer.instance.subevent
-
-        if serializer.data == original_data:
-            # Performance optimization: If nothing was changed, we do not need to save or log anything.
-            # This costs us a few cycles on save, but avoids thousands of lines in our log.
-            return
-
        serializer.instance.log_action(
            'pretix.event.quota.changed',
            user=self.request.user,
--- a/src/pretix/api/views/order.py
+++ b/src/pretix/api/views/order.py
@@ -11,7 +11,6 @@ from django.shortcuts import get_object_or_404
 from django.utils.timezone import make_aware, now
 from django.utils.translation import ugettext as _
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
-from django_scopes import scopes_disabled
 from rest_framework import mixins, serializers, status, viewsets
 from rest_framework.decorators import action
 from rest_framework.exceptions import (
@@ -51,17 +50,17 @@ from pretix.base.signals import (
 )
 from pretix.base.templatetags.money import money_filter

-with scopes_disabled():
-    class OrderFilter(FilterSet):
-        email = django_filters.CharFilter(field_name='email', lookup_expr='iexact')
-        code = django_filters.CharFilter(field_name='code', lookup_expr='iexact')
-        status = django_filters.CharFilter(field_name='status', lookup_expr='iexact')
-        modified_since = django_filters.IsoDateTimeFilter(field_name='last_modified', lookup_expr='gte')
-        created_since = django_filters.IsoDateTimeFilter(field_name='datetime', lookup_expr='gte')

-        class Meta:
-            model = Order
-            fields = ['code', 'status', 'email', 'locale', 'testmode', 'require_approval']
+class OrderFilter(FilterSet):
+    email = django_filters.CharFilter(field_name='email', lookup_expr='iexact')
+    code = django_filters.CharFilter(field_name='code', lookup_expr='iexact')
+    status = django_filters.CharFilter(field_name='status', lookup_expr='iexact')
+    modified_since = django_filters.IsoDateTimeFilter(field_name='last_modified', lookup_expr='gte')
+    created_since = django_filters.IsoDateTimeFilter(field_name='datetime', lookup_expr='gte')
+
+    class Meta:
+        model = Order
+        fields = ['code', 'status', 'email', 'locale', 'testmode', 'require_approval']


 class OrderViewSet(viewsets.ModelViewSet):
@@ -483,7 +482,6 @@ class OrderViewSet(viewsets.ModelViewSet):
                )

            if 'email' in self.request.data and serializer.instance.email != self.request.data.get('email'):
-                serializer.instance.email_known_to_work = False
                serializer.instance.log_action(
                    'pretix.event.order.contact.changed',
                    user=self.request.user,
@@ -532,49 +530,48 @@ class OrderViewSet(viewsets.ModelViewSet):
            self.get_object().gracefully_delete(user=self.request.user if self.request.user.is_authenticated else None, auth=self.request.auth)


-with scopes_disabled():
-    class OrderPositionFilter(FilterSet):
-        order = django_filters.CharFilter(field_name='order', lookup_expr='code__iexact')
-        has_checkin = django_filters.rest_framework.BooleanFilter(method='has_checkin_qs')
-        attendee_name = django_filters.CharFilter(method='attendee_name_qs')
-        search = django_filters.CharFilter(method='search_qs')
+class OrderPositionFilter(FilterSet):
+    order = django_filters.CharFilter(field_name='order', lookup_expr='code__iexact')
+    has_checkin = django_filters.rest_framework.BooleanFilter(method='has_checkin_qs')
+    attendee_name = django_filters.CharFilter(method='attendee_name_qs')
+    search = django_filters.CharFilter(method='search_qs')

-        def search_qs(self, queryset, name, value):
-            return queryset.filter(
-                Q(secret__istartswith=value)
-                | Q(attendee_name_cached__icontains=value)
-                | Q(addon_to__attendee_name_cached__icontains=value)
-                | Q(attendee_email__icontains=value)
-                | Q(addon_to__attendee_email__icontains=value)
-                | Q(order__code__istartswith=value)
-                | Q(order__invoice_address__name_cached__icontains=value)
-                | Q(order__email__icontains=value)
-            )
+    def search_qs(self, queryset, name, value):
+        return queryset.filter(
+            Q(secret__istartswith=value)
+            | Q(attendee_name_cached__icontains=value)
+            | Q(addon_to__attendee_name_cached__icontains=value)
+            | Q(attendee_email__icontains=value)
+            | Q(addon_to__attendee_email__icontains=value)
+            | Q(order__code__istartswith=value)
+            | Q(order__invoice_address__name_cached__icontains=value)
+            | Q(order__email__icontains=value)
+        )

-        def has_checkin_qs(self, queryset, name, value):
-            return queryset.filter(checkins__isnull=not value)
+    def has_checkin_qs(self, queryset, name, value):
+        return queryset.filter(checkins__isnull=not value)

-        def attendee_name_qs(self, queryset, name, value):
-            return queryset.filter(Q(attendee_name_cached__iexact=value) | Q(addon_to__attendee_name_cached__iexact=value))
+    def attendee_name_qs(self, queryset, name, value):
+        return queryset.filter(Q(attendee_name_cached__iexact=value) | Q(addon_to__attendee_name_cached__iexact=value))

-        class Meta:
-            model = OrderPosition
-            fields = {
-                'item': ['exact', 'in'],
-                'variation': ['exact', 'in'],
-                'secret': ['exact'],
-                'order__status': ['exact', 'in'],
-                'addon_to': ['exact', 'in'],
-                'subevent': ['exact', 'in'],
-                'pseudonymization_id': ['exact'],
-                'voucher__code': ['exact'],
-                'voucher': ['exact'],
-            }
+    class Meta:
+        model = OrderPosition
+        fields = {
+            'item': ['exact', 'in'],
+            'variation': ['exact', 'in'],
+            'secret': ['exact'],
+            'order__status': ['exact', 'in'],
+            'addon_to': ['exact', 'in'],
+            'subevent': ['exact', 'in'],
+            'pseudonymization_id': ['exact'],
+            'voucher__code': ['exact'],
+            'voucher': ['exact'],
+        }


 class OrderPositionViewSet(mixins.DestroyModelMixin, viewsets.ReadOnlyModelViewSet):
    serializer_class = OrderPositionSerializer
-    queryset = OrderPosition.all.none()
+    queryset = OrderPosition.objects.none()
    filter_backends = (DjangoFilterBackend, OrderingFilter)
    ordering = ('order__datetime', 'positionid')
    ordering_fields = ('order__code', 'order__datetime', 'positionid', 'attendee_name', 'order__status',)
@@ -962,23 +959,22 @@ class RefundViewSet(CreateModelMixin, viewsets.ReadOnlyModelViewSet):
        serializer.save()


-with scopes_disabled():
-    class InvoiceFilter(FilterSet):
-        refers = django_filters.CharFilter(method='refers_qs')
-        number = django_filters.CharFilter(method='nr_qs')
-        order = django_filters.CharFilter(field_name='order', lookup_expr='code__iexact')
+class InvoiceFilter(FilterSet):
+    refers = django_filters.CharFilter(method='refers_qs')
+    number = django_filters.CharFilter(method='nr_qs')
+    order = django_filters.CharFilter(field_name='order', lookup_expr='code__iexact')

-        def refers_qs(self, queryset, name, value):
-            return queryset.annotate(
-                refers_nr=Concat('refers__prefix', 'refers__invoice_no')
-            ).filter(refers_nr__iexact=value)
+    def refers_qs(self, queryset, name, value):
+        return queryset.annotate(
+            refers_nr=Concat('refers__prefix', 'refers__invoice_no')
+        ).filter(refers_nr__iexact=value)

-        def nr_qs(self, queryset, name, value):
-            return queryset.filter(nr__iexact=value)
+    def nr_qs(self, queryset, name, value):
+        return queryset.filter(nr__iexact=value)

-        class Meta:
-            model = Invoice
-            fields = ['order', 'number', 'is_cancellation', 'refers', 'locale']
+    class Meta:
+        model = Invoice
+        fields = ['order', 'number', 'is_cancellation', 'refers', 'locale']


 class RetryException(APIException):
--- a/src/pretix/api/views/organizer.py
+++ b/src/pretix/api/views/organizer.py
@@ -1,4 +1,4 @@
-from rest_framework import filters, viewsets
+from rest_framework import viewsets

 from pretix.api.models import OAuthAccessToken
 from pretix.api.serializers.organizer import OrganizerSerializer
@@ -10,9 +10,6 @@ class OrganizerViewSet(viewsets.ReadOnlyModelViewSet):
    queryset = Organizer.objects.none()
    lookup_field = 'slug'
    lookup_url_kwarg = 'organizer'
-    filter_backends = (filters.OrderingFilter,)
-    ordering = ('slug',)
-    ordering_fields = ('name', 'slug')

    def get_queryset(self):
        if self.request.user.is_authenticated:
--- a/src/pretix/api/views/voucher.py
+++ b/src/pretix/api/views/voucher.py
@@ -6,7 +6,6 @@ from django.utils.timezone import now
 from django_filters.rest_framework import (
    BooleanFilter, DjangoFilterBackend, FilterSet,
 )
-from django_scopes import scopes_disabled
 from rest_framework import status, viewsets
 from rest_framework.decorators import action
 from rest_framework.exceptions import PermissionDenied
@@ -16,22 +15,22 @@ from rest_framework.response import Response
 from pretix.api.serializers.voucher import VoucherSerializer
 from pretix.base.models import Voucher

-with scopes_disabled():
-    class VoucherFilter(FilterSet):
-        active = BooleanFilter(method='filter_active')

-        class Meta:
-            model = Voucher
-            fields = ['code', 'max_usages', 'redeemed', 'block_quota', 'allow_ignore_quota',
-                      'price_mode', 'value', 'item', 'variation', 'quota', 'tag', 'subevent']
+class VoucherFilter(FilterSet):
+    active = BooleanFilter(method='filter_active')

-        def filter_active(self, queryset, name, value):
-            if value:
-                return queryset.filter(Q(redeemed__lt=F('max_usages')) &
-                                       (Q(valid_until__isnull=True) | Q(valid_until__gt=now())))
-            else:
-                return queryset.filter(Q(redeemed__gte=F('max_usages')) |
-                                       (Q(valid_until__isnull=False) & Q(valid_until__lte=now())))
+    class Meta:
+        model = Voucher
+        fields = ['code', 'max_usages', 'redeemed', 'block_quota', 'allow_ignore_quota',
+                  'price_mode', 'value', 'item', 'variation', 'quota', 'tag', 'subevent']
+
+    def filter_active(self, queryset, name, value):
+        if value:
+            return queryset.filter(Q(redeemed__lt=F('max_usages')) &
+                                   (Q(valid_until__isnull=True) | Q(valid_until__gt=now())))
+        else:
+            return queryset.filter(Q(redeemed__gte=F('max_usages')) |
+                                   (Q(valid_until__isnull=False) & Q(valid_until__lte=now())))


 class VoucherViewSet(viewsets.ModelViewSet):
--- a/src/pretix/api/views/waitinglist.py
+++ b/src/pretix/api/views/waitinglist.py
@@ -1,6 +1,5 @@
 import django_filters
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
-from django_scopes import scopes_disabled
 from rest_framework import viewsets
 from rest_framework.decorators import action
 from rest_framework.exceptions import PermissionDenied, ValidationError
@@ -11,16 +10,16 @@ from pretix.api.serializers.waitinglist import WaitingListSerializer
 from pretix.base.models import WaitingListEntry
 from pretix.base.models.waitinglist import WaitingListException

-with scopes_disabled():
-    class WaitingListFilter(FilterSet):
-        has_voucher = django_filters.rest_framework.BooleanFilter(method='has_voucher_qs')

-        def has_voucher_qs(self, queryset, name, value):
-            return queryset.filter(voucher__isnull=not value)
+class WaitingListFilter(FilterSet):
+    has_voucher = django_filters.rest_framework.BooleanFilter(method='has_voucher_qs')

-        class Meta:
-            model = WaitingListEntry
-            fields = ['item', 'variation', 'email', 'locale', 'has_voucher', 'subevent']
+    def has_voucher_qs(self, queryset, name, value):
+        return queryset.filter(voucher__isnull=not value)
+
+    class Meta:
+        model = WaitingListEntry
+        fields = ['item', 'variation', 'email', 'locale', 'has_voucher', 'subevent']


 class WaitingListViewSet(viewsets.ModelViewSet):
--- a/src/pretix/api/webhooks.py
+++ b/src/pretix/api/webhooks.py
@@ -8,7 +8,6 @@ from celery.exceptions import MaxRetriesExceededError
 from django.db.models import Exists, OuterRef, Q
 from django.dispatch import receiver
 from django.utils.translation import ugettext_lazy as _
-from django_scopes import scope, scopes_disabled
 from requests import RequestException

 from pretix.api.models import WebHook, WebHookCall, WebHookEventListener
@@ -204,52 +203,51 @@ def notify_webhooks(logentry_id: int):
@app.task(base=ProfiledTask, bind=True, max_retries=9)
 def send_webhook(self, logentry_id: int, action_type: str, webhook_id: int):
    # 9 retries with 2**(2*x) timing is roughly 72 hours
-    with scopes_disabled():
-        webhook = WebHook.objects.get(id=webhook_id)
-    with scope(organizer=webhook.organizer):
-        logentry = LogEntry.all.get(id=logentry_id)
-        types = get_all_webhook_events()
-        event_type = types.get(action_type)
-        if not event_type or not webhook.enabled:
-            return  # Ignore, e.g. plugin not installed
+    logentry = LogEntry.all.get(id=logentry_id)
+    webhook = WebHook.objects.get(id=webhook_id)

-        payload = event_type.build_payload(logentry)
-        t = time.time()
+    types = get_all_webhook_events()
+    event_type = types.get(action_type)
+    if not event_type or not webhook.enabled:
+        return  # Ignore, e.g. plugin not installed

+    payload = event_type.build_payload(logentry)
+    t = time.time()
+
+    try:
        try:
-            try:
-                resp = requests.post(
-                    webhook.target_url,
-                    json=payload,
-                    allow_redirects=False
-                )
-                WebHookCall.objects.create(
-                    webhook=webhook,
-                    action_type=logentry.action_type,
-                    target_url=webhook.target_url,
-                    is_retry=self.request.retries > 0,
-                    execution_time=time.time() - t,
-                    return_code=resp.status_code,
-                    payload=json.dumps(payload),
-                    response_body=resp.text[:1024 * 1024],
-                    success=200 <= resp.status_code <= 299
-                )
-                if resp.status_code == 410:
-                    webhook.enabled = False
-                    webhook.save()
-                elif resp.status_code > 299:
-                    raise self.retry(countdown=2 ** (self.request.retries * 2))
-            except RequestException as e:
-                WebHookCall.objects.create(
-                    webhook=webhook,
-                    action_type=logentry.action_type,
-                    target_url=webhook.target_url,
-                    is_retry=self.request.retries > 0,
-                    execution_time=time.time() - t,
-                    return_code=0,
-                    payload=json.dumps(payload),
-                    response_body=str(e)[:1024 * 1024]
-                )
+            resp = requests.post(
+                webhook.target_url,
+                json=payload,
+                allow_redirects=False
+            )
+            WebHookCall.objects.create(
+                webhook=webhook,
+                action_type=logentry.action_type,
+                target_url=webhook.target_url,
+                is_retry=self.request.retries > 0,
+                execution_time=time.time() - t,
+                return_code=resp.status_code,
+                payload=json.dumps(payload),
+                response_body=resp.text[:1024 * 1024],
+                success=200 <= resp.status_code <= 299
+            )
+            if resp.status_code == 410:
+                webhook.enabled = False
+                webhook.save()
+            elif resp.status_code > 299:
                raise self.retry(countdown=2 ** (self.request.retries * 2))
-        except MaxRetriesExceededError:
-            pass
+        except RequestException as e:
+            WebHookCall.objects.create(
+                webhook=webhook,
+                action_type=logentry.action_type,
+                target_url=webhook.target_url,
+                is_retry=self.request.retries > 0,
+                execution_time=time.time() - t,
+                return_code=0,
+                payload=json.dumps(payload),
+                response_body=str(e)[:1024 * 1024]
+            )
+            raise self.retry(countdown=2 ** (self.request.retries * 2))
+    except MaxRetriesExceededError:
+        pass
--- a/src/pretix/base/email.py
+++ b/src/pretix/base/email.py
@@ -8,7 +8,7 @@ from django.template.loader import get_template
 from django.utils.translation import ugettext_lazy as _
 from inlinestyler.utils import inline_css

-from pretix.base.models import Event, Order, OrderPosition
+from pretix.base.models import Event, Order
 from pretix.base.signals import register_html_mail_renderers
 from pretix.base.templatetags.rich_text import markdown_compile_email

@@ -44,8 +44,7 @@ class BaseHTMLMailRenderer:
    def __str__(self):
        return self.identifier

-    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order=None,
-               position: OrderPosition=None) -> str:
+    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order=None) -> str:
        """
        This method should generate the HTML part of the email.

@@ -53,7 +52,6 @@ class BaseHTMLMailRenderer:
        :param plain_signature: The signature with event organizer contact details in plain text.
        :param subject: The email subject.
        :param order: The order if this email is connected to one, otherwise ``None``.
-        :param position: The order position if this email is connected to one, otherwise ``None``.
        :return: An HTML string
        """
        raise NotImplementedError()
@@ -97,7 +95,7 @@ class TemplateBasedMailRenderer(BaseHTMLMailRenderer):
    def template_name(self):
        raise NotImplementedError()

-    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order, position: OrderPosition) -> str:
+    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order) -> str:
        body_md = markdown_compile_email(plain_body)
        htmlctx = {
            'site': settings.PRETIX_INSTANCE_NAME,
@@ -118,9 +116,6 @@ class TemplateBasedMailRenderer(BaseHTMLMailRenderer):
        if order:
            htmlctx['order'] = order

-        if position:
-            htmlctx['position'] = position
-
        tpl = get_template(self.template_name)
        body_html = inline_css(tpl.render(htmlctx))
        return body_html
--- a/src/pretix/base/exporters/answers.py
+++ b/src/pretix/base/exporters/answers.py
@@ -40,7 +40,6 @@ class AnswerFilesExporter(BaseExporter):
        if form_data.get('questions'):
            qs = qs.filter(question__in=form_data['questions'])
        with tempfile.TemporaryDirectory() as d:
-            any = False
            with ZipFile(os.path.join(d, 'tmp.zip'), 'w') as zipf:
                for i in qs:
                    if i.file:
@@ -52,12 +51,9 @@ class AnswerFilesExporter(BaseExporter):
                            i.question.pk,
                            os.path.basename(i.file.name).split('.', 1)[1]
                        )
-                        any = True
                        zipf.writestr(fname, i.file.read())
                        i.file.close()

-            if not any:
-                return None
            with open(os.path.join(d, 'tmp.zip'), 'rb') as zipf:
                return '{}_answers.zip'.format(self.event.slug), 'application/zip', zipf.read()

--- a/src/pretix/base/exporters/dekodi.py
+++ b/src/pretix/base/exporters/dekodi.py
@@ -93,7 +93,7 @@ class DekodiNREIExporter(BaseExporter):
                        'PTNo15': p.full_id or '',
                    })
            elif p.provider.startswith('stripe'):
-                src = p.info_data.get("source", p.info_data)
+                src = p.info_data.get("source", "{}")
                payments.append({
                    'PTID': '81',
                    'PTN': 'Stripe',
--- a/src/pretix/base/exporters/invoices.py
+++ b/src/pretix/base/exporters/invoices.py
@@ -46,7 +46,6 @@ class InvoiceExporter(BaseExporter):
            qs = qs.filter(date__lte=date_value)

        with tempfile.TemporaryDirectory() as d:
-            any = False
            with ZipFile(os.path.join(d, 'tmp.zip'), 'w') as zipf:
                for i in qs:
                    try:
@@ -55,19 +54,14 @@ class InvoiceExporter(BaseExporter):
                            i.refresh_from_db()
                        i.file.open('rb')
                        zipf.writestr('{}.pdf'.format(i.number), i.file.read())
-                        any = True
                        i.file.close()
                    except FileNotFoundError:
                        invoice_pdf_task.apply(args=(i.pk,))
                        i.refresh_from_db()
                        i.file.open('rb')
                        zipf.writestr('{}.pdf'.format(i.number), i.file.read())
-                        any = True
                        i.file.close()

-            if not any:
-                return None
-
            with open(os.path.join(d, 'tmp.zip'), 'rb') as zipf:
                return '{}_invoices.zip'.format(self.event.slug), 'application/zip', zipf.read()

--- a/src/pretix/base/forms/questions.py
+++ b/src/pretix/base/forms/questions.py
@@ -11,9 +11,8 @@ from django.contrib import messages
 from django.core.exceptions import ValidationError
 from django.utils.html import escape
 from django.utils.safestring import mark_safe
-from django.utils.translation import get_language, ugettext_lazy as _
-from django_countries import countries
-from django_countries.fields import Country, CountryField
+from django.utils.translation import ugettext_lazy as _
+from django_countries.fields import CountryField

 from pretix.base.forms.widgets import (
    BusinessBooleanRadio, DatePickerWidget, SplitDateTimePickerWidget,
@@ -352,27 +351,6 @@ class BaseInvoiceAddressForm(forms.ModelForm):
        self.request = kwargs.pop('request', None)
        self.validate_vat_id = kwargs.pop('validate_vat_id')
        self.all_optional = kwargs.pop('all_optional', False)
-
-        kwargs.setdefault('initial', {})
-        if not kwargs.get('instance') or not kwargs['instance'].country:
-            # Try to guess the initial country from either the country of the merchant
-            # or the locale. This will hopefully save at least some users some scrolling :)
-            locale = get_language()
-            country = event.settings.invoice_address_from_country
-            if not country:
-                valid_countries = countries.countries
-                if '-' in locale:
-                    parts = locale.split('-')
-                    if parts[1].upper() in valid_countries:
-                        country = Country(parts[1].upper())
-                    elif parts[0].upper() in valid_countries:
-                        country = Country(parts[0].upper())
-                else:
-                    if locale in valid_countries:
-                        country = Country(locale.upper())
-
-            kwargs['initial']['country'] = country
-
        super().__init__(*args, **kwargs)
        if not event.settings.invoice_address_vatid:
            del self.fields['vat_id']
@@ -424,12 +402,6 @@ class BaseInvoiceAddressForm(forms.ModelForm):

        self.instance.name_parts = data.get('name_parts')

-        if all(
-                not v for k, v in data.items() if k not in ('is_business', 'country', 'name_parts')
-        ) and len(data.get('name_parts', {})) == 1:
-            # Do not save the country if it is the only field set -- we don't know the user even checked it!
-            self.cleaned_data['country'] = ''
-
        if self.validate_vat_id and self.instance.vat_id_validated and 'vat_id' not in self.changed_data:
            pass
        elif self.validate_vat_id and data.get('is_business') and data.get('country') in EU_COUNTRIES and data.get('vat_id'):
--- a/src/pretix/base/migrations/0121_order_email_known_to_work.py
+++ b/src/pretix/base/migrations/0121_order_email_known_to_work.py
@@ -1,18 +0,0 @@
-# Generated by Django 2.2.1 on 2019-05-15 05:05
-
-from django.db import migrations, models
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('pretixbase', '0120_auto_20190509_0736'),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name='order',
-            name='email_known_to_work',
-            field=models.BooleanField(default=False),
-        ),
-    ]
--- a/src/pretix/base/migrations/0122_orderposition_web_secret.py
+++ b/src/pretix/base/migrations/0122_orderposition_web_secret.py
@@ -1,20 +0,0 @@
-# Generated by Django 2.2.1 on 2019-05-15 13:23
-
-from django.db import migrations, models
-
-import pretix.base.models.orders
-
-
-class Migration(migrations.Migration):
-
-    dependencies = [
-        ('pretixbase', '0121_order_email_known_to_work'),
-    ]
-
-    operations = [
-        migrations.AddField(
-            model_name='orderposition',
-            name='web_secret',
-            field=models.CharField(db_index=True, default=pretix.base.models.orders.generate_secret, max_length=32),
-        ),
-    ]
--- a/src/pretix/base/models/auth.py
+++ b/src/pretix/base/models/auth.py
@@ -12,7 +12,6 @@ from django.utils.crypto import get_random_string
 from django.utils.timezone import now
 from django.utils.translation import ugettext_lazy as _
 from django_otp.models import Device
-from django_scopes import scopes_disabled

 from pretix.base.i18n import language
 from pretix.helpers.urls import build_absolute_uri
@@ -284,7 +283,6 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
                return True
        return False

-    @scopes_disabled()
    def get_events_with_any_permission(self, request=None):
        """
        Returns a queryset of events the user has any permissions to.
@@ -302,7 +300,6 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
            | Q(id__in=self.teams.values_list('limit_events__id', flat=True))
        )

-    @scopes_disabled()
    def get_events_with_permission(self, permission, request=None):
        """
        Returns a queryset of events the user has a specific permissions to.
--- a/src/pretix/base/models/base.py
+++ b/src/pretix/base/models/base.py
@@ -6,9 +6,7 @@ from django.db import models
 from django.db.models.constants import LOOKUP_SEP
 from django.db.models.signals import post_delete
 from django.dispatch import receiver
-from django.urls import reverse
 from django.utils.crypto import get_random_string
-from django.utils.functional import cached_property

 from pretix.helpers.json import CustomJSONEncoder

@@ -115,40 +113,6 @@ class LoggedModel(models.Model, LoggingMixin):
    class Meta:
        abstract = True

-    @cached_property
-    def logs_content_type(self):
-        return ContentType.objects.get_for_model(type(self))
-
-    @cached_property
-    def all_logentries_link(self):
-        from pretix.base.models import Event
-
-        if isinstance(self, Event):
-            event = self
-        elif hasattr(self, 'event'):
-            event = self.event
-        else:
-            return None
-        return reverse(
-            'control:event.log',
-            kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug,
-            }
-        ) + '?content_type={}&object={}'.format(
-            self.logs_content_type.pk,
-            self.pk
-        )
-
-    def top_logentries(self):
-        qs = self.all_logentries()
-        if self.all_logentries_link:
-            qs = qs[:25]
-        return qs
-
-    def top_logentries_has_more(self):
-        return self.all_logentries().count() > 25
-
    def all_logentries(self):
        """
        Returns all log entries that are attached to this object.
@@ -158,7 +122,7 @@ class LoggedModel(models.Model, LoggingMixin):
        from .log import LogEntry

        return LogEntry.objects.filter(
-            content_type=self.logs_content_type, object_id=self.pk
+            content_type=ContentType.objects.get_for_model(type(self)), object_id=self.pk
        ).select_related('user', 'event', 'oauth_application', 'api_token', 'device')


--- a/src/pretix/base/models/checkin.py
+++ b/src/pretix/base/models/checkin.py
@@ -3,7 +3,6 @@ from django.db.models import Case, Count, F, OuterRef, Q, Subquery, When
 from django.db.models.functions import Coalesce
 from django.utils.timezone import now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
-from django_scopes import ScopedManager

 from pretix.base.models import LoggedModel

@@ -21,8 +20,6 @@ class CheckinList(LoggedModel):
                                                      'order have not been paid. This only works with pretixdesk '
                                                      '0.3.0 or newer or pretixdroid 1.9 or newer.'))

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        ordering = ('subevent__date_from', 'name')

@@ -170,8 +167,6 @@ class Checkin(models.Model):
        'pretixbase.CheckinList', related_name='checkins', on_delete=models.PROTECT,
    )

-    objects = ScopedManager(organizer='position__order__event__organizer')
-
    class Meta:
        unique_together = (('list', 'position'),)

--- a/src/pretix/base/models/devices.py
+++ b/src/pretix/base/models/devices.py
@@ -4,7 +4,6 @@ from django.db import models
 from django.db.models import Max
 from django.utils.crypto import get_random_string
 from django.utils.translation import ugettext_lazy as _
-from django_scopes import ScopedManager

 from pretix.base.models import LoggedModel

@@ -72,8 +71,6 @@ class Device(LoggedModel):
        null=True, blank=True
    )

-    objects = ScopedManager(organizer='organizer')
-
    class Meta:
        unique_together = (('organizer', 'device_id'),)

--- a/src/pretix/base/models/event.py
+++ b/src/pretix/base/models/event.py
@@ -17,7 +17,6 @@ from django.utils.crypto import get_random_string
 from django.utils.functional import cached_property
 from django.utils.timezone import make_aware, now
 from django.utils.translation import ugettext_lazy as _
-from django_scopes import ScopedManager
 from i18nfield.fields import I18nCharField, I18nTextField

 from pretix.base.models.base import LoggedModel
@@ -337,8 +336,6 @@ class Event(EventMixin, LoggedModel):
        default=False
    )

-    objects = ScopedManager(organizer='organizer')
-
    class Meta:
        verbose_name = _("Event")
        verbose_name_plural = _("Events")
@@ -448,7 +445,6 @@ class Event(EventMixin, LoggedModel):

        self.plugins = other.plugins
        self.is_public = other.is_public
-        self.testmode = other.testmode
        self.save()

        tax_map = {}
@@ -878,8 +874,6 @@ class SubEvent(EventMixin, LoggedModel):
    items = models.ManyToManyField('Item', through='SubEventItem')
    variations = models.ManyToManyField('ItemVariation', through='SubEventItemVariation')

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        verbose_name = _("Date in event series")
        verbose_name_plural = _("Dates in event series")
--- a/src/pretix/base/models/invoices.py
+++ b/src/pretix/base/models/invoices.py
@@ -9,7 +9,6 @@ from django.utils.crypto import get_random_string
 from django.utils.functional import cached_property
 from django.utils.translation import pgettext
 from django_countries.fields import CountryField
-from django_scopes import ScopedManager


 def invoice_filename(instance, filename: str) -> str:
@@ -108,8 +107,6 @@ class Invoice(models.Model):
    file = models.FileField(null=True, blank=True, upload_to=invoice_filename, max_length=255)
    internal_reference = models.TextField(blank=True)

-    objects = ScopedManager(organizer='event__organizer')
-
    @staticmethod
    def _to_numeric_invoice_number(number):
        return '{:05d}'.format(int(number))
--- a/src/pretix/base/models/items.py
+++ b/src/pretix/base/models/items.py
@@ -17,7 +17,6 @@ from django.utils.functional import cached_property
 from django.utils.timezone import is_naive, make_aware, now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
 from django_countries.fields import Country
-from django_scopes import ScopedManager
 from i18nfield.fields import I18nCharField, I18nTextField

 from pretix.base.models import fields
@@ -156,41 +155,28 @@ class SubEventItemVariation(models.Model):
            self.subevent.event.cache.clear()


-def filter_available(qs, channel='web', voucher=None, allow_addons=False):
-    q = (
-        # IMPORTANT: If this is updated, also update the ItemVariation query
-        # in models/event.py: EventMixin.annotated()
-        Q(active=True)
-        & Q(Q(available_from__isnull=True) | Q(available_from__lte=now()))
-        & Q(Q(available_until__isnull=True) | Q(available_until__gte=now()))
-        & Q(sales_channels__contains=channel) & Q(require_bundling=False)
-    )
-    if not allow_addons:
-        q &= Q(Q(category__isnull=True) | Q(category__is_addon=False))
-    qs = qs.filter(q)
-
-    vouchq = Q(hide_without_voucher=False)
-    if voucher:
-        if voucher.item_id:
-            vouchq |= Q(pk=voucher.item_id)
-            qs = qs.filter(pk=voucher.item_id)
-        elif voucher.quota_id:
-            qs = qs.filter(quotas__in=[voucher.quota_id])
-    return qs.filter(vouchq)
-
-
 class ItemQuerySet(models.QuerySet):
    def filter_available(self, channel='web', voucher=None, allow_addons=False):
-        return filter_available(self, channel, voucher, allow_addons)
+        q = (
+            # IMPORTANT: If this is updated, also update the ItemVariation query
+            # in models/event.py: EventMixin.annotated()
+            Q(active=True)
+            & Q(Q(available_from__isnull=True) | Q(available_from__lte=now()))
+            & Q(Q(available_until__isnull=True) | Q(available_until__gte=now()))
+            & Q(sales_channels__contains=channel) & Q(require_bundling=False)
+        )
+        if not allow_addons:
+            q &= Q(Q(category__isnull=True) | Q(category__is_addon=False))
+        qs = self.filter(q)

-
-class ItemQuerySetManager(ScopedManager(organizer='event__organizer').__class__):
-    def __init__(self):
-        super().__init__()
-        self._queryset_class = ItemQuerySet
-
-    def filter_available(self, channel='web', voucher=None, allow_addons=False):
-        return filter_available(self.get_queryset(), channel, voucher, allow_addons)
+        vouchq = Q(hide_without_voucher=False)
+        if voucher:
+            if voucher.item_id:
+                vouchq |= Q(pk=voucher.item_id)
+                qs = qs.filter(pk=voucher.item_id)
+            elif voucher.quota_id:
+                qs = qs.filter(quotas__in=[voucher.quota_id])
+        return qs.filter(vouchq)


 class Item(LoggedModel):
@@ -240,7 +226,7 @@ class Item(LoggedModel):
    :type sales_channels: bool
    """

-    objects = ItemQuerySetManager()
+    objects = ItemQuerySet.as_manager()

    event = models.ForeignKey(
        Event,
@@ -605,8 +591,6 @@ class ItemVariation(models.Model):
                    'discounted one. This is just a cosmetic setting and will not actually impact pricing.')
    )

-    objects = ScopedManager(organizer='item__event__organizer')
-
    class Meta:
        verbose_name = _("Product variation")
        verbose_name_plural = _("Product variations")
@@ -1001,8 +985,6 @@ class Question(LoggedModel):
    )
    dependency_value = models.TextField(null=True, blank=True)

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        verbose_name = _("Question")
        verbose_name_plural = _("Questions")
@@ -1252,8 +1234,6 @@ class Quota(LoggedModel):
    cached_availability_paid_orders = models.PositiveIntegerField(null=True, blank=True)
    cached_availability_time = models.DateTimeField(null=True, blank=True)

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        verbose_name = _("Quota")
        verbose_name_plural = _("Quotas")
--- a/src/pretix/base/models/orders.py
+++ b/src/pretix/base/models/orders.py
@@ -1,5 +1,4 @@
 import copy
-import hashlib
 import json
 import logging
 import os
@@ -15,7 +14,7 @@ from django.db import models, transaction
 from django.db.models import (
    Case, Exists, F, Max, OuterRef, Q, Subquery, Sum, Value, When,
 )
-from django.db.models.functions import Coalesce, Greatest
+from django.db.models.functions import Coalesce
 from django.db.models.signals import post_delete
 from django.dispatch import receiver
 from django.urls import reverse
@@ -26,7 +25,6 @@ from django.utils.functional import cached_property
 from django.utils.timezone import make_aware, now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
 from django_countries.fields import Country, CountryField
-from django_scopes import ScopedManager, scopes_disabled
 from i18nfield.strings import LazyI18nString
 from jsonfallback.fields import FallbackJSONField

@@ -182,12 +180,6 @@ class Order(LockModel, LoggedModel):
        default=False
    )
    sales_channel = models.CharField(max_length=190, default="web")
-    email_known_to_work = models.BooleanField(
-        default=False,
-        verbose_name=_('E-mail address verified')
-    )
-
-    objects = ScopedManager(organizer='event__organizer')

    class Meta:
        verbose_name = _("Order")
@@ -198,8 +190,6 @@ class Order(LockModel, LoggedModel):
        return self.full_code

    def gracefully_delete(self, user=None, auth=None):
-        from . import Voucher
-
        if not self.testmode:
            raise TypeError("Only test mode orders can be deleted.")
        self.event.log_action(
@@ -208,12 +198,6 @@ class Order(LockModel, LoggedModel):
                'code': self.code,
            }
        )
-
-        if self.status != Order.STATUS_CANCELED:
-            for position in self.positions.all():
-                if position.voucher:
-                    Voucher.objects.filter(pk=position.voucher.pk).update(redeemed=Greatest(0, F('redeemed') - 1))
-
        OrderPosition.all.filter(order=self, addon_to__isnull=False).delete()
        OrderPosition.all.filter(order=self).delete()
        OrderFee.all.filter(order=self).delete()
@@ -222,9 +206,6 @@ class Order(LockModel, LoggedModel):
        self.event.cache.delete('complain_testmode_orders')
        self.delete()

-    def email_confirm_hash(self):
-        return hashlib.sha256(settings.SECRET_KEY.encode() + self.secret.encode()).hexdigest()[:9]
-
    @property
    def fees(self):
        """
@@ -234,7 +215,6 @@ class Order(LockModel, LoggedModel):
        return self.all_fees(manager='objects')

    @cached_property
-    @scopes_disabled()
    def count_positions(self):
        if hasattr(self, 'pcnt'):
            return self.pcnt or 0
@@ -258,7 +238,6 @@ class Order(LockModel, LoggedModel):
            return None

    @property
-    @scopes_disabled()
    def payment_refund_sum(self):
        payment_sum = self.payments.filter(
            state__in=(OrderPayment.PAYMENT_STATE_CONFIRMED, OrderPayment.PAYMENT_STATE_REFUNDED)
@@ -270,7 +249,6 @@ class Order(LockModel, LoggedModel):
        return payment_sum - refund_sum

    @property
-    @scopes_disabled()
    def pending_sum(self):
        total = self.total
        if self.status == Order.STATUS_CANCELED:
@@ -445,7 +423,6 @@ class Order(LockModel, LoggedModel):
        return round_decimal(fee, self.event.currency)

    @property
-    @scopes_disabled()
    def user_cancel_allowed(self) -> bool:
        """
        Returns whether or not this order can be canceled by the user.
@@ -688,7 +665,7 @@ class Order(LockModel, LoggedModel):
    def send_mail(self, subject: str, template: Union[str, LazyI18nString],
                  context: Dict[str, Any]=None, log_entry_type: str='pretix.event.order.email.sent',
                  user: User=None, headers: dict=None, sender: str=None, invoices: list=None,
-                  auth=None, attach_tickets=False, position: 'OrderPosition'=None):
+                  auth=None, attach_tickets=False):
        """
        Sends an email to the user that placed this order. Basically, this method does two things:

@@ -705,9 +682,6 @@ class Order(LockModel, LoggedModel):
        :param headers: Dictionary with additional mail headers
        :param sender: Custom email sender.
        :param attach_tickets: Attach tickets of this order, if they are existing and ready to download
-        :param position: An order position this refers to. If given, no invoices will be attached, the tickets will
-                         only be attached for this position and child positions, the link will only point to the
-                         position and the attendee email will be used if available.
        """
        from pretix.base.services.mail import SendMailException, mail, render_mail

@@ -719,16 +693,12 @@ class Order(LockModel, LoggedModel):

        with language(self.locale):
            recipient = self.email
-            if position and position.attendee_email:
-                recipient = position.attendee_email
-
            try:
                email_content = render_mail(template, context)
                mail(
                    recipient, subject, template, context,
-                    self.event, self.locale, self, headers=headers, sender=sender,
-                    invoices=invoices, attach_tickets=attach_tickets,
-                    position=position
+                    self.event, self.locale, self, headers, sender,
+                    invoices=invoices, attach_tickets=attach_tickets
                )
            except SendMailException:
                raise
@@ -740,7 +710,6 @@ class Order(LockModel, LoggedModel):
                    data={
                        'subject': subject,
                        'message': email_content,
-                        'position': position.positionid if position else None,
                        'recipient': recipient,
                        'invoices': [i.pk for i in invoices] if invoices else [],
                        'attach_tickets': attach_tickets,
@@ -760,10 +729,9 @@ class Order(LockModel, LoggedModel):
            email_template = self.event.settings.mail_text_resend_link
            email_context = {
                'event': self.event.name,
-                'url': build_absolute_uri(self.event, 'presale:event.order.open', kwargs={
+                'url': build_absolute_uri(self.event, 'presale:event.order', kwargs={
                    'order': self.code,
-                    'secret': self.secret,
-                    'hash': self.email_confirm_hash()
+                    'secret': self.secret
                }),
                'invoice_name': invoice_name,
                'invoice_company': invoice_company,
@@ -829,8 +797,6 @@ class QuestionAnswer(models.Model):
        max_length=255
    )

-    objects = ScopedManager(organizer='question__event__organizer')
-
    @property
    def backend_file_url(self):
        if self.file:
@@ -995,10 +961,6 @@ class AbstractPosition(models.Model):
        else:
            return {}

-    @meta_info_data.setter
-    def meta_info_data(self, d):
-        self.meta_info = json.dumps(d)
-
    def cache_answers(self, all=True):
        """
        Creates two properties on the object.
@@ -1154,8 +1116,6 @@ class OrderPayment(models.Model):
    )
    migrated = models.BooleanField(default=False)

-    objects = ScopedManager(organizer='order__event__organizer')
-
    class Meta:
        ordering = ('local_id',)

@@ -1203,8 +1163,7 @@ class OrderPayment(models.Model):
            self.order.log_action('pretix.event.order.overpaid', {}, user=user, auth=auth)
        order_paid.send(self.order.event, order=self.order)

-    def confirm(self, count_waitinglist=True, send_mail=True, force=False, user=None, auth=None, mail_text='',
-                ignore_date=False, lock=True, payment_date=None):
+    def confirm(self, count_waitinglist=True, send_mail=True, force=False, user=None, auth=None, mail_text='', ignore_date=False, lock=True):
        """
        Marks the payment as complete. If possible, this also marks the order as paid if no further
        payment is required
@@ -1225,6 +1184,8 @@ class OrderPayment(models.Model):
        :raises Quota.QuotaExceededException: if the quota is exceeded and ``force`` is ``False``
        """
        from pretix.base.services.invoices import generate_invoice, invoice_qualified
+        from pretix.base.services.mail import SendMailException
+        from pretix.multidomain.urlreverse import build_absolute_uri

        with transaction.atomic():
            locked_instance = OrderPayment.objects.select_for_update().get(pk=self.pk)
@@ -1233,7 +1194,7 @@ class OrderPayment(models.Model):
                return

            locked_instance.state = self.PAYMENT_STATE_CONFIRMED
-            locked_instance.payment_date = payment_date or now()
+            locked_instance.payment_date = now()
            locked_instance.info = self.info  # required for backwards compatibility
            locked_instance.save(update_fields=['state', 'payment_date', 'info'])

@@ -1288,77 +1249,35 @@ class OrderPayment(models.Model):
                )

        if send_mail:
-            self._send_paid_mail(invoice, user, mail_text)
-            if self.order.event.settings.mail_send_order_paid_attendee:
-                for p in self.order.positions.all():
-                    if p.addon_to_id is None and p.attendee_email and p.attendee_email != self.order.email:
-                        self._send_paid_mail_attendee(p, user)
-
-    def _send_paid_mail_attendee(self, position, user):
-        from pretix.base.services.mail import SendMailException
-        from pretix.multidomain.urlreverse import build_absolute_uri
-
-        with language(self.order.locale):
-            name_scheme = PERSON_NAME_SCHEMES[self.order.event.settings.name_scheme]
-            email_template = self.order.event.settings.mail_text_order_paid_attendee
-            email_context = {
-                'event': self.order.event.name,
-                'downloads': self.order.event.settings.get('ticket_download', as_type=bool),
-                'url': build_absolute_uri(self.order.event, 'presale:event.order.position', kwargs={
-                    'order': self.order.code,
-                    'secret': position.web_secret,
-                    'position': position.positionid
-                }),
-                'attendee_name': position.attendee_name,
-            }
-            for f, l, w in name_scheme['fields']:
-                email_context['attendee_name_%s' % f] = position.attendee_name_parts.get(f, '')
-
-            email_subject = _('Event registration confirmed: %(code)s') % {'code': self.order.code}
-            try:
-                self.order.send_mail(
-                    email_subject, email_template, email_context,
-                    'pretix.event.order.email.order_paid', user,
-                    invoices=[], position=position,
-                    attach_tickets=True
-                )
-            except SendMailException:
-                logger.exception('Order paid email could not be sent')
-
-    def _send_paid_mail(self, invoice, user, mail_text):
-        from pretix.base.services.mail import SendMailException
-        from pretix.multidomain.urlreverse import build_absolute_uri
-
-        with language(self.order.locale):
-            try:
-                invoice_name = self.order.invoice_address.name
-                invoice_company = self.order.invoice_address.company
-            except InvoiceAddress.DoesNotExist:
-                invoice_name = ""
-                invoice_company = ""
-            email_template = self.order.event.settings.mail_text_order_paid
-            email_context = {
-                'event': self.order.event.name,
-                'url': build_absolute_uri(self.order.event, 'presale:event.order.open', kwargs={
-                    'order': self.order.code,
-                    'secret': self.order.secret,
-                    'hash': self.order.email_confirm_hash()
-                }),
-                'downloads': self.order.event.settings.get('ticket_download', as_type=bool),
-                'invoice_name': invoice_name,
-                'invoice_company': invoice_company,
-                'payment_info': mail_text
-            }
-            email_subject = _('Payment received for your order: %(code)s') % {'code': self.order.code}
-            try:
-                self.order.send_mail(
-                    email_subject, email_template, email_context,
-                    'pretix.event.order.email.order_paid', user,
-                    invoices=[invoice] if invoice and self.order.event.settings.invoice_email_attachment else [],
-                    attach_tickets=True
-                )
-            except SendMailException:
-                logger.exception('Order paid email could not be sent')
+            with language(self.order.locale):
+                try:
+                    invoice_name = self.order.invoice_address.name
+                    invoice_company = self.order.invoice_address.company
+                except InvoiceAddress.DoesNotExist:
+                    invoice_name = ""
+                    invoice_company = ""
+                email_template = self.order.event.settings.mail_text_order_paid
+                email_context = {
+                    'event': self.order.event.name,
+                    'url': build_absolute_uri(self.order.event, 'presale:event.order', kwargs={
+                        'order': self.order.code,
+                        'secret': self.order.secret
+                    }),
+                    'downloads': self.order.event.settings.get('ticket_download', as_type=bool),
+                    'invoice_name': invoice_name,
+                    'invoice_company': invoice_company,
+                    'payment_info': mail_text
+                }
+                email_subject = _('Payment received for your order: %(code)s') % {'code': self.order.code}
+                try:
+                    self.order.send_mail(
+                        email_subject, email_template, email_context,
+                        'pretix.event.order.email.order_paid', user,
+                        invoices=[invoice] if invoice and self.order.event.settings.invoice_email_attachment else [],
+                        attach_tickets=True
+                    )
+                except SendMailException:
+                    logger.exception('Order paid email could not be sent')

    @property
    def refunded_amount(self):
@@ -1512,8 +1431,6 @@ class OrderRefund(models.Model):
        null=True, blank=True
    )

-    objects = ScopedManager(organizer='order__event__organizer')
-
    class Meta:
        ordering = ('local_id',)

@@ -1575,7 +1492,7 @@ class OrderRefund(models.Model):
        super().save(*args, **kwargs)


-class ActivePositionManager(ScopedManager(organizer='order__event__organizer').__class__):
+class ActivePositionManager(models.Manager):
    def get_queryset(self):
        return super().get_queryset().filter(canceled=False)

@@ -1652,7 +1569,7 @@ class OrderFee(models.Model):
    )
    canceled = models.BooleanField(default=False)

-    all = ScopedManager(organizer='order__event__organizer')
+    all = models.Manager()
    objects = ActivePositionManager()

    @property
@@ -1749,7 +1666,6 @@ class OrderPosition(AbstractPosition):
        verbose_name=_('Tax value')
    )
    secret = models.CharField(max_length=64, default=generate_position_secret, db_index=True)
-    web_secret = models.CharField(max_length=32, default=generate_secret, db_index=True)
    pseudonymization_id = models.CharField(
        max_length=16,
        unique=True,
@@ -1757,7 +1673,7 @@ class OrderPosition(AbstractPosition):
    )
    canceled = models.BooleanField(default=False)

-    all = ScopedManager(organizer='order__event__organizer')
+    all = models.Manager()
    objects = ActivePositionManager()

    class Meta:
@@ -1873,60 +1789,6 @@ class OrderPosition(AbstractPosition):
    def event(self):
        return self.order.event

-    def send_mail(self, subject: str, template: Union[str, LazyI18nString],
-                  context: Dict[str, Any]=None, log_entry_type: str='pretix.event.order.email.sent',
-                  user: User=None, headers: dict=None, sender: str=None, invoices: list=None,
-                  auth=None, attach_tickets=False):
-        """
-        Sends an email to the user that placed this order. Basically, this method does two things:
-
-        * Call ``pretix.base.services.mail.mail`` with useful values for the ``event``, ``locale``, ``recipient`` and
-          ``order`` parameters.
-
-        * Create a ``LogEntry`` with the email contents.
-
-        :param subject: Subject of the email
-        :param template: LazyI18nString or template filename, see ``pretix.base.services.mail.mail`` for more details
-        :param context: Dictionary to use for rendering the template
-        :param log_entry_type: Key to be used for the log entry
-        :param user: Administrative user who triggered this mail to be sent
-        :param headers: Dictionary with additional mail headers
-        :param sender: Custom email sender.
-        :param attach_tickets: Attach tickets of this order, if they are existing and ready to download
-        """
-        from pretix.base.services.mail import SendMailException, mail, render_mail
-
-        if not self.email:
-            return
-
-        for k, v in self.event.meta_data.items():
-            context['meta_' + k] = v
-
-        with language(self.locale):
-            recipient = self.email
-            try:
-                email_content = render_mail(template, context)
-                mail(
-                    recipient, subject, template, context,
-                    self.event, self.locale, self, headers, sender,
-                    invoices=invoices, attach_tickets=attach_tickets
-                )
-            except SendMailException:
-                raise
-            else:
-                self.log_action(
-                    log_entry_type,
-                    user=user,
-                    auth=auth,
-                    data={
-                        'subject': subject,
-                        'message': email_content,
-                        'recipient': recipient,
-                        'invoices': [i.pk for i in invoices] if invoices else [],
-                        'attach_tickets': attach_tickets,
-                    }
-                )
-

 class CartPosition(AbstractPosition):
    """
@@ -1964,8 +1826,6 @@ class CartPosition(AbstractPosition):
    )
    is_bundled = models.BooleanField(default=False)

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        verbose_name = _("Cart position")
        verbose_name_plural = _("Cart positions")
@@ -2015,8 +1875,6 @@ class InvoiceAddress(models.Model):
        blank=True
    )

-    objects = ScopedManager(organizer='order__event__organizer')
-
    def save(self, **kwargs):
        if self.order:
            self.order.touch()
--- a/src/pretix/base/models/vouchers.py
+++ b/src/pretix/base/models/vouchers.py
@@ -8,7 +8,6 @@ from django.db.models import Q
 from django.utils.crypto import get_random_string
 from django.utils.timezone import now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
-from django_scopes import ScopedManager

 from ..decimal import round_decimal
 from .base import LoggedModel
@@ -174,8 +173,6 @@ class Voucher(LoggedModel):
                    "convenience.")
    )

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        verbose_name = _("Voucher")
        verbose_name_plural = _("Vouchers")
--- a/src/pretix/base/models/waitinglist.py
+++ b/src/pretix/base/models/waitinglist.py
@@ -4,7 +4,6 @@ from django.core.exceptions import ValidationError
 from django.db import models, transaction
 from django.utils.timezone import now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
-from django_scopes import ScopedManager

 from pretix.base.i18n import language
 from pretix.base.models import Voucher
@@ -68,8 +67,6 @@ class WaitingListEntry(LoggedModel):
    )
    priority = models.IntegerField(default=0)

-    objects = ScopedManager(organizer='event__organizer')
-
    class Meta:
        verbose_name = _("Waiting list entry")
        verbose_name_plural = _("Waiting list entries")
--- a/src/pretix/base/reldate.py
+++ b/src/pretix/base/reldate.py
@@ -71,7 +71,7 @@ class RelativeDateWrapper:
            else:
                base_date = getattr(event, self.data.base_date_name) or event.date_from

-            oldoffset = base_date.astimezone(tz).utcoffset()
+            oldoffset = base_date.utcoffset()
            new_date = base_date.astimezone(tz) - datetime.timedelta(days=self.data.days_before)
            if self.data.time:
                new_date = new_date.replace(
--- a/src/pretix/base/services/cart.py
+++ b/src/pretix/base/services/cart.py
@@ -10,7 +10,6 @@ from django.db.models import Q
 from django.dispatch import receiver
 from django.utils.timezone import make_aware, now
 from django.utils.translation import pgettext_lazy, ugettext as _
-from django_scopes import scopes_disabled

 from pretix.base.i18n import language
 from pretix.base.models import (
@@ -24,7 +23,7 @@ from pretix.base.reldate import RelativeDateWrapper
 from pretix.base.services.checkin import _save_answers
 from pretix.base.services.locking import LockTimeoutException, NoLockManager
 from pretix.base.services.pricing import get_price
-from pretix.base.services.tasks import ProfiledEventTask
+from pretix.base.services.tasks import ProfiledTask
 from pretix.base.settings import PERSON_NAME_SCHEMES
 from pretix.base.templatetags.rich_text import rich_text
 from pretix.celery_app import app
@@ -635,7 +634,7 @@ class CartManager:
                Q(voucher=voucher) & Q(event=self.event) &
                Q(expires__gte=self.now_dt)
            ).exclude(pk__in=[
-                op.position.id for op in self._operations if isinstance(op, self.ExtendOperation)
+                op.position.voucher_id for op in self._operations if isinstance(op, self.ExtendOperation)
            ])
            cart_count = redeemed_in_carts.count()
            v_avail = voucher.max_usages - voucher.redeemed - cart_count
@@ -903,7 +902,7 @@ def get_fees(event, request, total, invoice_address, provider):
    return fees


-@app.task(base=ProfiledEventTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
+@app.task(base=ProfiledTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
 def add_items_to_cart(self, event: int, items: List[dict], cart_id: str=None, locale='en',
                      invoice_address: int=None, widget_data=None, sales_channel='web') -> None:
    """
@@ -914,11 +913,12 @@ def add_items_to_cart(self, event: int, items: List[dict], cart_id: str=None, lo
    :raises CartError: On any error that occured
    """
    with language(locale):
+        event = Event.objects.get(id=event)
+
        ia = False
        if invoice_address:
            try:
-                with scopes_disabled():
-                    ia = InvoiceAddress.objects.get(pk=invoice_address)
+                ia = InvoiceAddress.objects.get(pk=invoice_address)
            except InvoiceAddress.DoesNotExist:
                pass

@@ -934,8 +934,8 @@ def add_items_to_cart(self, event: int, items: List[dict], cart_id: str=None, lo
            raise CartError(error_messages['busy'])


-@app.task(base=ProfiledEventTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
-def remove_cart_position(self, event: Event, position: int, cart_id: str=None, locale='en') -> None:
+@app.task(base=ProfiledTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
+def remove_cart_position(self, event: int, position: int, cart_id: str=None, locale='en') -> None:
    """
    Removes a list of items from a user's cart.
    :param event: The event ID in question
@@ -943,6 +943,7 @@ def remove_cart_position(self, event: Event, position: int, cart_id: str=None, l
    :param session: Session ID of a guest
    """
    with language(locale):
+        event = Event.objects.get(id=event)
        try:
            try:
                cm = CartManager(event=event, cart_id=cart_id)
@@ -954,14 +955,15 @@ def remove_cart_position(self, event: Event, position: int, cart_id: str=None, l
            raise CartError(error_messages['busy'])


-@app.task(base=ProfiledEventTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
-def clear_cart(self, event: Event, cart_id: str=None, locale='en') -> None:
+@app.task(base=ProfiledTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
+def clear_cart(self, event: int, cart_id: str=None, locale='en') -> None:
    """
    Removes a list of items from a user's cart.
    :param event: The event ID in question
    :param session: Session ID of a guest
    """
    with language(locale):
+        event = Event.objects.get(id=event)
        try:
            try:
                cm = CartManager(event=event, cart_id=cart_id)
@@ -973,8 +975,8 @@ def clear_cart(self, event: Event, cart_id: str=None, locale='en') -> None:
            raise CartError(error_messages['busy'])


-@app.task(base=ProfiledEventTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
-def set_cart_addons(self, event: Event, addons: List[dict], cart_id: str=None, locale='en',
+@app.task(base=ProfiledTask, bind=True, max_retries=5, default_retry_delay=1, throws=(CartError,))
+def set_cart_addons(self, event: int, addons: List[dict], cart_id: str=None, locale='en',
                    invoice_address: int=None, sales_channel='web') -> None:
    """
    Removes a list of items from a user's cart.
@@ -983,11 +985,12 @@ def set_cart_addons(self, event: Event, addons: List[dict], cart_id: str=None, l
    :param session: Session ID of a guest
    """
    with language(locale):
+        event = Event.objects.get(id=event)
+
        ia = False
        if invoice_address:
            try:
-                with scopes_disabled():
-                    ia = InvoiceAddress.objects.get(pk=invoice_address)
+                ia = InvoiceAddress.objects.get(pk=invoice_address)
            except InvoiceAddress.DoesNotExist:
                pass
        try:
--- a/src/pretix/base/services/cleanup.py
+++ b/src/pretix/base/services/cleanup.py
@@ -2,7 +2,6 @@ from datetime import timedelta

 from django.dispatch import receiver
 from django.utils.timezone import now
-from django_scopes import scopes_disabled

 from pretix.base.models import CachedCombinedTicket, CachedTicket

@@ -11,7 +10,6 @@ from ..signals import periodic_task


@receiver(signal=periodic_task)
-@scopes_disabled()
 def clean_cart_positions(sender, **kwargs):
    for cp in CartPosition.objects.filter(expires__lt=now() - timedelta(days=14), addon_to__isnull=False):
        cp.delete()
@@ -22,14 +20,12 @@ def clean_cart_positions(sender, **kwargs):


@receiver(signal=periodic_task)
-@scopes_disabled()
 def clean_cached_files(sender, **kwargs):
    for cf in CachedFile.objects.filter(expires__isnull=False, expires__lt=now()):
        cf.delete()


@receiver(signal=periodic_task)
-@scopes_disabled()
 def clean_cached_tickets(sender, **kwargs):
    for cf in CachedTicket.objects.filter(created__lte=now() - timedelta(days=30)):
        cf.delete()
--- a/src/pretix/base/services/export.py
+++ b/src/pretix/base/services/export.py
@@ -2,33 +2,24 @@ from typing import Any, Dict

 from django.core.files.base import ContentFile
 from django.utils.timezone import override
-from django.utils.translation import ugettext

-from pretix.base.i18n import LazyLocaleException, language
+from pretix.base.i18n import language
 from pretix.base.models import CachedFile, Event, cachedfile_name
-from pretix.base.services.tasks import ProfiledEventTask
+from pretix.base.services.tasks import ProfiledTask
 from pretix.base.signals import register_data_exporters
 from pretix.celery_app import app


-class ExportError(LazyLocaleException):
-    pass
-
-
-@app.task(base=ProfiledEventTask, throws=(ExportError,))
-def export(event: Event, fileid: str, provider: str, form_data: Dict[str, Any]) -> None:
+@app.task(base=ProfiledTask)
+def export(event: str, fileid: str, provider: str, form_data: Dict[str, Any]) -> None:
+    event = Event.objects.get(id=event)
    file = CachedFile.objects.get(id=fileid)
    with language(event.settings.locale), override(event.settings.timezone):
        responses = register_data_exporters.send(event)
        for receiver, response in responses:
            ex = response(event)
            if ex.identifier == provider:
-                d = ex.render(form_data)
-                if d is None:
-                    raise ExportError(
-                        ugettext('Your export did not contain any data.')
-                    )
-                file.filename, file.type, data = d
+                file.filename, file.type, data = ex.render(form_data)
                file.file.save(cachedfile_name(file, file.filename), ContentFile(data))
                file.save()
    return file.pk
--- a/src/pretix/base/services/invoices.py
+++ b/src/pretix/base/services/invoices.py
@@ -15,7 +15,6 @@ from django.utils import timezone
 from django.utils.timezone import now
 from django.utils.translation import pgettext, ugettext as _
 from django_countries.fields import Country
-from django_scopes import scope, scopes_disabled
 from i18nfield.strings import LazyI18nString

 from pretix.base.i18n import language
@@ -245,23 +244,20 @@ def generate_invoice(order: Order, trigger_pdf=True):

@app.task(base=TransactionAwareTask)
 def invoice_pdf_task(invoice: int):
-    with scopes_disabled():
-        i = Invoice.objects.get(pk=invoice)
-    with scope(organizer=i.order.event.organizer):
-        if i.shredded:
-            return None
-        if i.file:
-            i.file.delete()
-        with language(i.locale):
-            fname, ftype, fcontent = i.event.invoice_renderer.generate(i)
-            i.file.save(fname, ContentFile(fcontent))
-            i.save()
-            return i.file.name
+    i = Invoice.objects.get(pk=invoice)
+    if i.shredded:
+        return None
+    if i.file:
+        i.file.delete()
+    with language(i.locale):
+        fname, ftype, fcontent = i.event.invoice_renderer.generate(i)
+        i.file.save(fname, ContentFile(fcontent))
+        i.save()
+        return i.file.name


 def invoice_qualified(order: Order):
-    if order.total == Decimal('0.00') or order.require_approval or \
-            order.sales_channel not in order.event.settings.get('invoice_generate_sales_channels'):
+    if order.total == Decimal('0.00') or order.require_approval:
        return False
    return True

--- a/src/pretix/base/services/mail.py
+++ b/src/pretix/base/services/mail.py
@@ -1,6 +1,5 @@
 import logging
 import smtplib
-import warnings
 from email.utils import formataddr
 from typing import Any, Dict, List, Union

@@ -10,14 +9,11 @@ from django.conf import settings
 from django.core.mail import EmailMultiAlternatives, get_connection
 from django.template.loader import get_template
 from django.utils.translation import ugettext as _
-from django_scopes import scope, scopes_disabled
 from i18nfield.strings import LazyI18nString

 from pretix.base.email import ClassicMailRenderer
 from pretix.base.i18n import language
-from pretix.base.models import (
-    Event, Invoice, InvoiceAddress, Order, OrderPosition,
-)
+from pretix.base.models import Event, Invoice, InvoiceAddress, Order
 from pretix.base.services.invoices import invoice_pdf_task
 from pretix.base.services.tasks import TransactionAwareTask
 from pretix.base.services.tickets import get_tickets_for_order
@@ -42,8 +38,8 @@ class SendMailException(Exception):

 def mail(email: str, subject: str, template: Union[str, LazyI18nString],
         context: Dict[str, Any]=None, event: Event=None, locale: str=None,
-         order: Order=None, position: OrderPosition=None, headers: dict=None, sender: str=None,
-         invoices: list=None, attach_tickets=False):
+         order: Order=None, headers: dict=None, sender: str=None, invoices: list=None,
+         attach_tickets=False):
    """
    Sends out an email to a user. The mail will be sent synchronously or asynchronously depending on the installation.

@@ -64,9 +60,6 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],
    :param order: The order this email is related to (optional). If set, this will be used to include a link to the
        order below the email.

-    :param order: The order position this email is related to (optional). If set, this will be used to include a link
-        to the order position instead of the order below the email.
-
    :param headers: A dict of custom mail headers to add to the mail

    :param locale: The locale to be used while evaluating the subject and the template
@@ -107,8 +100,7 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],
        subject = str(subject).format_map(context)
        sender = sender or (event.settings.get('mail_from') if event else settings.MAIL_FROM)
        if event:
-            sender_name = event.settings.mail_from_name or str(event.name)
-            sender = formataddr((sender_name, sender))
+            sender = formataddr((str(event.name), sender))
        else:
            sender = formataddr((settings.PRETIX_INSTANCE_NAME, sender))

@@ -119,8 +111,7 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],
        if event:
            renderer = event.get_html_mail_renderer()
            if event.settings.mail_bcc:
-                for bcc_mail in event.settings.mail_bcc.split(','):
-                    bcc.append(bcc_mail.strip())
+                bcc.append(event.settings.mail_bcc)

            if event.settings.mail_from == settings.DEFAULT_FROM_EMAIL and event.settings.contact_mail and not headers.get('Reply-To'):
                headers['Reply-To'] = event.settings.contact_mail
@@ -139,26 +130,9 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],
                body_plain += signature
                body_plain += "\r\n\r\n-- \r\n"

-            if order and order.testmode:
-                subject = "[TESTMODE] " + subject
-
-            if order and position:
-                body_plain += _(
-                    "You are receiving this email because someone placed an order for {event} for you."
-                ).format(event=event.name)
-                body_plain += "\r\n"
-                body_plain += _(
-                    "You can view your order details at the following URL:\n{orderurl}."
-                ).replace("\n", "\r\n").format(
-                    event=event.name, orderurl=build_absolute_uri(
-                        order.event, 'presale:event.order.position', kwargs={
-                            'order': order.code,
-                            'secret': position.web_secret,
-                            'position': position.positionid,
-                        }
-                    )
-                )
-            elif order:
+            if order:
+                if order.testmode:
+                    subject = "[TESTMODE] " + subject
                body_plain += _(
                    "You are receiving this email because you placed an order for {event}."
                ).format(event=event.name)
@@ -167,24 +141,16 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],
                    "You can view your order details at the following URL:\n{orderurl}."
                ).replace("\n", "\r\n").format(
                    event=event.name, orderurl=build_absolute_uri(
-                        order.event, 'presale:event.order.open', kwargs={
+                        order.event, 'presale:event.order', kwargs={
                            'order': order.code,
-                            'secret': order.secret,
-                            'hash': order.email_confirm_hash()
+                            'secret': order.secret
                        }
                    )
                )
            body_plain += "\r\n"

        try:
-            try:
-                body_html = renderer.render(content_plain, signature, str(subject), order, position)
-            except TypeError:
-                # Backwards compatibility
-                warnings.warn('E-mail renderer called without position argument because position argument is not '
-                              'supported.',
-                              DeprecationWarning)
-                body_html = renderer.render(content_plain, signature, str(subject), order)
+            body_html = renderer.render(content_plain, signature, str(subject), order)
        except:
            logger.exception('Could not render HTML body')
            body_html = None
@@ -198,9 +164,8 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],
            sender=sender,
            event=event.id if event else None,
            headers=headers,
-            invoices=[i.pk for i in invoices] if invoices and not position else [],
+            invoices=[i.pk for i in invoices] if invoices else [],
            order=order.pk if order else None,
-            position=position.pk if position else None,
            attach_tickets=attach_tickets
        )

@@ -215,8 +180,8 @@ def mail(email: str, subject: str, template: Union[str, LazyI18nString],

@app.task(base=TransactionAwareTask, bind=True)
 def mail_send_task(self, *args, to: List[str], subject: str, body: str, html: str, sender: str,
-                   event: int=None, position: int=None, headers: dict=None, bcc: List[str]=None,
-                   invoices: List[int]=None, order: int=None, attach_tickets=False) -> bool:
+                   event: int=None, headers: dict=None, bcc: List[str]=None, invoices: List[int]=None,
+                   order: int=None, attach_tickets=False) -> bool:
    email = EmailMultiAlternatives(subject, body, sender, to=to, bcc=bcc, headers=headers)
    if html is not None:
        email.attach_alternative(html, "text/html")
@@ -235,87 +200,78 @@ def mail_send_task(self, *args, to: List[str], subject: str, body: str, html: st
                    pass

    if event:
-        with scopes_disabled():
-            event = Event.objects.get(id=event)
+        event = Event.objects.get(id=event)
        backend = event.get_mail_backend()
-        cm = lambda: scope(organizer=event.organizer)  # noqa
    else:
        backend = get_connection(fail_silently=False)
-        cm = lambda: scopes_disabled()  # noqa

-    with cm():
-        if event:
-            if order:
-                try:
-                    order = event.orders.get(pk=order)
-                except Order.DoesNotExist:
-                    order = None
-                else:
-                    if position:
-                        try:
-                            position = order.positions.get(pk=position)
-                        except OrderPosition.DoesNotExist:
-                            attach_tickets = False
-                    if attach_tickets:
-                        args = []
-                        attach_size = 0
-                        for name, ct in get_tickets_for_order(order, base_position=position):
-                            content = ct.file.read()
-                            args.append((name, content, ct.type))
-                            attach_size += len(content)
+    if event:
+        if order:
+            try:
+                order = event.orders.get(pk=order)
+            except Order.DoesNotExist:
+                order = None
+            else:
+                if attach_tickets:
+                    args = []
+                    attach_size = 0
+                    for name, ct in get_tickets_for_order(order):
+                        content = ct.file.read()
+                        args.append((name, content, ct.type))
+                        attach_size += len(content)

-                        if attach_size < 4 * 1024 * 1024:
-                            # Do not attach more than 4MB, it will bounce way to often.
-                            for a in args:
-                                try:
-                                    email.attach(*a)
-                                except:
-                                    pass
-                        else:
-                            order.log_action(
-                                'pretix.event.order.email.attachments.skipped',
-                                data={
-                                    'subject': 'Attachments skipped',
-                                    'message': 'Attachment have not been send because {} bytes are likely too large to arrive.'.format(attach_size),
-                                    'recipient': '',
-                                    'invoices': [],
-                                }
-                            )
+                    if attach_size < 4 * 1024 * 1024:
+                        # Do not attach more than 4MB, it will bounce way to often.
+                        for a in args:
+                            try:
+                                email.attach(*a)
+                            except:
+                                pass
+                    else:
+                        order.log_action(
+                            'pretix.event.order.email.attachments.skipped',
+                            data={
+                                'subject': 'Attachments skipped',
+                                'message': 'Attachment have not been send because {} bytes are likely too large to arrive.'.format(attach_size),
+                                'recipient': '',
+                                'invoices': [],
+                            }
+                        )

-            email = email_filter.send_chained(event, 'message', message=email, order=order)
+        email = email_filter.send_chained(event, 'message', message=email, order=order)

-        try:
-            backend.send_messages([email])
-        except smtplib.SMTPResponseException as e:
-            if e.smtp_code in (101, 111, 421, 422, 431, 442, 447, 452):
-                self.retry(max_retries=5, countdown=2 ** (self.request.retries * 2))
-            logger.exception('Error sending email')
+    try:
+        backend.send_messages([email])
+    except smtplib.SMTPResponseException as e:
+        if e.smtp_code in (101, 111, 421, 422, 431, 442, 447, 452):
+            self.retry(max_retries=5, countdown=2 ** (self.request.retries * 2))
+        logger.exception('Error sending email')

-            if order:
-                order.log_action(
-                    'pretix.event.order.email.error',
-                    data={
-                        'subject': 'SMTP code {}'.format(e.smtp_code),
-                        'message': e.smtp_error.decode() if isinstance(e.smtp_error, bytes) else str(e.smtp_error),
-                        'recipient': '',
-                        'invoices': [],
-                    }
-                )
+        if order:
+            order.log_action(
+                'pretix.event.order.email.error',
+                data={
+                    'subject': 'SMTP code {}'.format(e.smtp_code),
+                    'message': e.smtp_error.decode() if isinstance(e.smtp_error, bytes) else str(e.smtp_error),
+                    'recipient': '',
+                    'invoices': [],
+                }
+            )

-            raise SendMailException('Failed to send an email to {}.'.format(to))
-        except Exception as e:
-            if order:
-                order.log_action(
-                    'pretix.event.order.email.error',
-                    data={
-                        'subject': 'Internal error',
-                        'message': str(e),
-                        'recipient': '',
-                        'invoices': [],
-                    }
-                )
-            logger.exception('Error sending email')
-            raise SendMailException('Failed to send an email to {}.'.format(to))
+        raise SendMailException('Failed to send an email to {}.'.format(to))
+    except Exception as e:
+        if order:
+            order.log_action(
+                'pretix.event.order.email.error',
+                data={
+                    'subject': 'Internal error',
+                    'message': str(e),
+                    'recipient': '',
+                    'invoices': [],
+                }
+            )
+        logger.exception('Error sending email')
+        raise SendMailException('Failed to send an email to {}.'.format(to))


 def mail_send(*args, **kwargs):
--- a/src/pretix/base/services/notifications.py
+++ b/src/pretix/base/services/notifications.py
@@ -1,6 +1,5 @@
 from django.conf import settings
 from django.template.loader import get_template
-from django_scopes import scope, scopes_disabled
 from inlinestyler.utils import inline_css

 from pretix.base.i18n import language
@@ -13,7 +12,6 @@ from pretix.helpers.urls import build_absolute_uri


@app.task(base=TransactionAwareTask)
-@scopes_disabled()
 def notify(logentry_id: int):
    logentry = LogEntry.all.get(id=logentry_id)
    if not logentry.event:
@@ -68,22 +66,17 @@ def notify(logentry_id: int):
@app.task(base=ProfiledTask)
 def send_notification(logentry_id: int, action_type: str, user_id: int, method: str):
    logentry = LogEntry.all.get(id=logentry_id)
-    if logentry.event:
-        sm = lambda: scope(organizer=logentry.event.organizer)  # noqa
-    else:
-        sm = lambda: scopes_disabled()  # noqa
-    with sm():
-        user = User.objects.get(id=user_id)
-        types = get_all_notification_types(logentry.event)
-        notification_type = types.get(action_type)
-        if not notification_type:
-            return  # Ignore, e.g. plugin not active for this event
+    user = User.objects.get(id=user_id)
+    types = get_all_notification_types(logentry.event)
+    notification_type = types.get(action_type)
+    if not notification_type:
+        return  # Ignore, e.g. plugin not active for this event

-        with language(user.locale):
-            notification = notification_type.build_notification(logentry)
+    with language(user.locale):
+        notification = notification_type.build_notification(logentry)

-            if method == "mail":
-                send_notification_mail(notification, user)
+        if method == "mail":
+            send_notification_mail(notification, user)


 def send_notification_mail(notification: Notification, user: User):
@@ -111,11 +104,7 @@ def send_notification_mail(notification: Notification, user: User):

    mail_send_task.apply_async(kwargs={
        'to': [user.email],
-        'subject': '[{}] {}: {}'.format(
-            settings.PRETIX_INSTANCE_NAME,
-            notification.event.settings.mail_prefix or notification.event.slug.upper(),
-            notification.title
-        ),
+        'subject': '[{}] {}'.format(settings.PRETIX_INSTANCE_NAME, notification.title),
        'body': body_plain,
        'html': body_html,
        'sender': settings.MAIL_FROM,
--- a/src/pretix/base/services/orders.py
+++ b/src/pretix/base/services/orders.py
@@ -16,7 +16,6 @@ from django.utils.formats import date_format
 from django.utils.functional import cached_property
 from django.utils.timezone import make_aware, now
 from django.utils.translation import ugettext as _
-from django_scopes import scopes_disabled

 from pretix.api.models import OAuthApplication
 from pretix.base.i18n import (
@@ -43,12 +42,11 @@ from pretix.base.services.invoices import (
 from pretix.base.services.locking import LockTimeoutException, NoLockManager
 from pretix.base.services.mail import SendMailException
 from pretix.base.services.pricing import get_price
-from pretix.base.services.tasks import ProfiledEventTask, ProfiledTask
-from pretix.base.settings import PERSON_NAME_SCHEMES
+from pretix.base.services.tasks import ProfiledTask
 from pretix.base.signals import (
    allow_ticket_download, order_approved, order_canceled, order_changed,
    order_denied, order_expired, order_fee_calculation, order_placed,
-    periodic_task, validate_order,
+    periodic_task,
 )
 from pretix.celery_app import app
 from pretix.helpers.models import modelcopy
@@ -224,10 +222,9 @@ def approve_order(order, user=None, send_mail: bool=True, auth=None, force=False
                'total_with_currency': LazyCurrencyNumber(order.total, order.event.currency),
                'date': LazyDate(order.expires),
                'event': order.event.name,
-                'url': build_absolute_uri(order.event, 'presale:event.order.open', kwargs={
+                'url': build_absolute_uri(order.event, 'presale:event.order', kwargs={
                    'order': order.code,
-                    'secret': order.secret,
-                    'hash': order.email_confirm_hash()
+                    'secret': order.secret
                }),
                'invoice_name': invoice_name,
                'invoice_company': invoice_company,
@@ -285,10 +282,9 @@ def deny_order(order, comment='', user=None, send_mail: bool=True, auth=None):
            'total_with_currency': LazyCurrencyNumber(order.total, order.event.currency),
            'date': LazyDate(order.expires),
            'event': order.event.name,
-            'url': build_absolute_uri(order.event, 'presale:event.order.open', kwargs={
+            'url': build_absolute_uri(order.event, 'presale:event.order', kwargs={
                'order': order.code,
-                'secret': order.secret,
-                'hash': order.email_confirm_hash()
+                'secret': order.secret
            }),
            'comment': comment,
            'invoice_name': invoice_name,
@@ -379,10 +375,9 @@ def _cancel_order(order, user=None, send_mail: bool=True, api_token=None, device
            email_context = {
                'event': order.event.name,
                'code': order.code,
-                'url': build_absolute_uri(order.event, 'presale:event.order.open', kwargs={
+                'url': build_absolute_uri(order.event, 'presale:event.order', kwargs={
                    'order': order.code,
-                    'secret': order.secret,
-                    'hash': order.email_confirm_hash()
+                    'secret': order.secret
                })
            }
            with language(order.locale):
@@ -536,6 +531,7 @@ def _check_positions(event: Event, now_dt: datetime, positions: List[CartPositio
                continue

        if price.gross != cp.price and not (cp.item.free_price and cp.price > price.gross):
+            positions[i] = cp
            cp.price = price.gross
            cp.includes_tax = bool(price.rate)
            cp.save()
@@ -559,6 +555,7 @@ def _check_positions(event: Event, now_dt: datetime, positions: List[CartPositio
                    break

        if quota_ok:
+            positions[i] = cp
            cp.expires = now_dt + timedelta(
                minutes=event.settings.get('reservation_time', as_type=int))
            cp.save()
@@ -647,77 +644,10 @@ def _create_order(event: Event, email: str, positions: List[CartPosition], now_d
    return order, p


-def _order_placed_email(event: Event, order: Order, pprov: BasePaymentProvider, email_template, log_entry: str,
-                        invoice):
-    try:
-        invoice_name = order.invoice_address.name
-        invoice_company = order.invoice_address.company
-    except InvoiceAddress.DoesNotExist:
-        invoice_name = ""
-        invoice_company = ""
-
-    if pprov:
-        payment_info = str(pprov.order_pending_mail_render(order))
-    else:
-        payment_info = None
-
-    email_context = {
-        'total': LazyNumber(order.total),
-        'currency': event.currency,
-        'total_with_currency': LazyCurrencyNumber(order.total, event.currency),
-        'date': LazyDate(order.expires),
-        'event': event.name,
-        'url': build_absolute_uri(event, 'presale:event.order.open', kwargs={
-            'order': order.code,
-            'secret': order.secret,
-            'hash': order.email_confirm_hash()
-        }),
-        'payment_info': payment_info,
-        'invoice_name': invoice_name,
-        'invoice_company': invoice_company,
-    }
-    email_subject = _('Your order: %(code)s') % {'code': order.code}
-    try:
-        order.send_mail(
-            email_subject, email_template, email_context,
-            log_entry,
-            invoices=[invoice] if invoice and event.settings.invoice_email_attachment else [],
-            attach_tickets=True
-        )
-    except SendMailException:
-        logger.exception('Order received email could not be sent')
-
-
-def _order_placed_email_attendee(event: Event, order: Order, position: OrderPosition, email_template, log_entry: str):
-    name_scheme = PERSON_NAME_SCHEMES[event.settings.name_scheme]
-    email_context = {
-        'event': event.name,
-        'url': build_absolute_uri(event, 'presale:event.order.position', kwargs={
-            'order': order.code,
-            'secret': position.web_secret,
-            'position': position.positionid
-        }),
-        'attendee_name': position.attendee_name,
-    }
-    for f, l, w in name_scheme['fields']:
-        email_context['attendee_name_%s' % f] = position.attendee_name_parts.get(f, '')
-
-    email_subject = _('Your event registration: %(code)s') % {'code': order.code}
-
-    try:
-        order.send_mail(
-            email_subject, email_template, email_context,
-            log_entry,
-            invoices=[],
-            attach_tickets=True,
-            position=position
-        )
-    except SendMailException:
-        logger.exception('Order received email could not be sent to attendee')
-
-
-def _perform_order(event: Event, payment_provider: str, position_ids: List[str],
+def _perform_order(event: str, payment_provider: str, position_ids: List[str],
                   email: str, locale: str, address: int, meta_info: dict=None, sales_channel: str='web'):
+
+    event = Event.objects.get(id=event)
    if payment_provider:
        pprov = event.get_payment_providers().get(payment_provider)
        if not pprov:
@@ -731,16 +661,12 @@ def _perform_order(event: Event, payment_provider: str, position_ids: List[str],
    addr = None
    if address is not None:
        try:
-            with scopes_disabled():
-                addr = InvoiceAddress.objects.get(pk=address)
+            addr = InvoiceAddress.objects.get(pk=address)
        except InvoiceAddress.DoesNotExist:
            pass

    positions = CartPosition.objects.filter(id__in=position_ids, event=event)

-    validate_order.send(event, payment_provider=pprov, email=email, positions=positions,
-                        locale=locale, invoice_address=addr, meta_info=meta_info)
-
    lockfn = NoLockManager
    locked = False
    if positions.filter(Q(voucher__isnull=False) | Q(expires__lt=now() + timedelta(minutes=2))).exists():
@@ -779,32 +705,54 @@ def _perform_order(event: Event, payment_provider: str, position_ids: List[str],
        if order.require_approval:
            email_template = event.settings.mail_text_order_placed_require_approval
            log_entry = 'pretix.event.order.email.order_placed_require_approval'
-
-            email_attendees = False
        elif free_order_flow:
            email_template = event.settings.mail_text_order_free
            log_entry = 'pretix.event.order.email.order_free'
-
-            email_attendees = event.settings.mail_send_order_free_attendee
-            email_attendees_template = event.settings.mail_text_order_free_attendee
        else:
            email_template = event.settings.mail_text_order_placed
            log_entry = 'pretix.event.order.email.order_placed'

-            email_attendees = event.settings.mail_send_order_placed_attendee
-            email_attendees_template = event.settings.mail_text_order_placed_attendee
+        try:
+            invoice_name = order.invoice_address.name
+            invoice_company = order.invoice_address.company
+        except InvoiceAddress.DoesNotExist:
+            invoice_name = ""
+            invoice_company = ""

-        _order_placed_email(event, order, pprov, email_template, log_entry, invoice)
-        if email_attendees:
-            for p in order.positions.all():
-                if p.addon_to_id is None and p.attendee_email and p.attendee_email != order.email:
-                    _order_placed_email_attendee(event, order, p, email_attendees_template, log_entry)
+        if pprov:
+            payment_info = str(pprov.order_pending_mail_render(order))
+        else:
+            payment_info = None
+
+        email_context = {
+            'total': LazyNumber(order.total),
+            'currency': event.currency,
+            'total_with_currency': LazyCurrencyNumber(order.total, event.currency),
+            'date': LazyDate(order.expires),
+            'event': event.name,
+            'url': build_absolute_uri(event, 'presale:event.order', kwargs={
+                'order': order.code,
+                'secret': order.secret
+            }),
+            'payment_info': payment_info,
+            'invoice_name': invoice_name,
+            'invoice_company': invoice_company,
+        }
+        email_subject = _('Your order: %(code)s') % {'code': order.code}
+        try:
+            order.send_mail(
+                email_subject, email_template, email_context,
+                log_entry,
+                invoices=[invoice] if invoice and event.settings.invoice_email_attachment else [],
+                attach_tickets=True
+            )
+        except SendMailException:
+            logger.exception('Order received email could not be sent')

    return order.id


@receiver(signal=periodic_task)
-@scopes_disabled()
 def expire_orders(sender, **kwargs):
    eventcache = {}

@@ -819,7 +767,6 @@ def expire_orders(sender, **kwargs):


@receiver(signal=periodic_task)
-@scopes_disabled()
 def send_expiry_warnings(sender, **kwargs):
    eventcache = {}
    today = now().replace(hour=0, minute=0, second=0)
@@ -853,10 +800,9 @@ def send_expiry_warnings(sender, **kwargs):
                    email_template = eventsettings.mail_text_order_expire_warning
                    email_context = {
                        'event': o.event.name,
-                        'url': build_absolute_uri(o.event, 'presale:event.order.open', kwargs={
+                        'url': build_absolute_uri(o.event, 'presale:event.order', kwargs={
                            'order': o.code,
-                            'secret': o.secret,
-                            'hash': o.email_confirm_hash()
+                            'secret': o.secret
                        }),
                        'expire_date': date_format(o.expires.astimezone(tz), 'SHORT_DATE_FORMAT'),
                        'invoice_name': invoice_name,
@@ -877,7 +823,6 @@ def send_expiry_warnings(sender, **kwargs):


@receiver(signal=periodic_task)
-@scopes_disabled()
 def send_download_reminders(sender, **kwargs):
    today = now().replace(hour=0, minute=0, second=0, microsecond=0)

@@ -906,10 +851,9 @@ def send_download_reminders(sender, **kwargs):
                    email_template = e.settings.mail_text_download_reminder
                    email_context = {
                        'event': o.event.name,
-                        'url': build_absolute_uri(o.event, 'presale:event.order.open', kwargs={
+                        'url': build_absolute_uri(o.event, 'presale:event.order', kwargs={
                            'order': o.code,
-                            'secret': o.secret,
-                            'hash': o.email_confirm_hash()
+                            'secret': o.secret
                        }),
                    }
                    email_subject = _('Your ticket is ready for download: %(code)s') % {'code': o.code}
@@ -922,31 +866,6 @@ def send_download_reminders(sender, **kwargs):
                    except SendMailException:
                        logger.exception('Reminder email could not be sent')

-                    if e.settings.mail_send_download_reminder_attendee:
-                        name_scheme = PERSON_NAME_SCHEMES[e.settings.name_scheme]
-                        for p in o.positions.all():
-                            if p.addon_to_id is None and p.attendee_email and p.attendee_email != o.email:
-                                email_template = e.settings.mail_text_download_reminder_attendee
-                                email_context = {
-                                    'event': e.name,
-                                    'url': build_absolute_uri(e, 'presale:event.order.position', kwargs={
-                                        'order': o.code,
-                                        'secret': p.web_secret,
-                                        'position': p.positionid
-                                    }),
-                                    'attendee_name': p.attendee_name,
-                                }
-                                for f, l, w in name_scheme['fields']:
-                                    email_context['attendee_name_%s' % f] = p.attendee_name_parts.get(f, '')
-                                try:
-                                    o.send_mail(
-                                        email_subject, email_template, email_context,
-                                        'pretix.event.order.email.download_reminder_sent',
-                                        attach_tickets=True, position=p
-                                    )
-                                except SendMailException:
-                                    logger.exception('Reminder email could not be sent to attendee')
-

 class OrderChangeManager:
    error_messages = {
@@ -1431,10 +1350,9 @@ class OrderChangeManager:
            email_template = order.event.settings.mail_text_order_changed
            email_context = {
                'event': order.event.name,
-                'url': build_absolute_uri(self.order.event, 'presale:event.order.open', kwargs={
+                'url': build_absolute_uri(self.order.event, 'presale:event.order', kwargs={
                    'order': order.code,
-                    'secret': order.secret,
-                    'hash': order.email_confirm_hash()
+                    'secret': order.secret
                }),
                'invoice_name': invoice_name,
                'invoice_company': invoice_company,
@@ -1500,8 +1418,8 @@ class OrderChangeManager:
        return pprov


-@app.task(base=ProfiledEventTask, bind=True, max_retries=5, default_retry_delay=1, throws=(OrderError,))
-def perform_order(self, event: Event, payment_provider: str, positions: List[str],
+@app.task(base=ProfiledTask, bind=True, max_retries=5, default_retry_delay=1, throws=(OrderError,))
+def perform_order(self, event: str, payment_provider: str, positions: List[str],
                  email: str=None, locale: str=None, address: int=None, meta_info: dict=None,
                  sales_channel: str='web'):
    with language(locale):
@@ -1516,7 +1434,6 @@ def perform_order(self, event: Event, payment_provider: str, positions: List[str


@app.task(base=ProfiledTask, bind=True, max_retries=5, default_retry_delay=1, throws=(OrderError,))
-@scopes_disabled()
 def cancel_order(self, order: int, user: int=None, send_mail: bool=True, api_token=None, oauth_application=None,
                 device=None, cancellation_fee=None, try_auto_refund=False):
    try:
--- a/src/pretix/base/services/quotas.py
+++ b/src/pretix/base/services/quotas.py
@@ -1,12 +1,11 @@
 from datetime import timedelta

-from django.conf import settings
-from django.db.models import Max, Q
+from django.db import models
+from django.db.models import F, Max, OuterRef, Q, Subquery
 from django.dispatch import receiver
 from django.utils.timezone import now
-from django_scopes import scopes_disabled

-from pretix.base.models import Event, LogEntry
+from pretix.base.models import LogEntry, Quota
 from pretix.celery_app import app

 from ..signals import periodic_task
@@ -18,27 +17,20 @@ def build_all_quota_caches(sender, **kwargs):


@app.task
-@scopes_disabled()
 def refresh_quota_caches():
-    # Active events
-    active = LogEntry.objects.using(settings.DATABASE_REPLICA).filter(
-        datetime__gt=now() - timedelta(days=7)
+    last_activity = LogEntry.objects.filter(
+        event=OuterRef('event_id'),
    ).order_by().values('event').annotate(
-        last_activity=Max('datetime')
+        m=Max('datetime')
+    ).values(
+        'm'
    )
-    for a in active:
-        try:
-            e = Event.objects.using(settings.DATABASE_REPLICA).get(pk=a['event'])
-        except Event.DoesNotExist:
-            continue
-        quotas = e.quotas.filter(
-            Q(cached_availability_time__isnull=True) |
-            Q(cached_availability_time__lt=a['last_activity']) |
-            Q(cached_availability_time__lt=now() - timedelta(hours=2))
-        ).filter(
-            Q(subevent__isnull=True) |
-            Q(subevent__date_to__isnull=False, subevent__date_to__gte=now() - timedelta(days=14)) |
-            Q(subevent__date_from__gte=now() - timedelta(days=14))
-        )
-        for q in quotas:
-            q.availability()
+    quotas = Quota.objects.annotate(
+        last_activity=Subquery(last_activity, output_field=models.DateTimeField())
+    ).filter(
+        Q(cached_availability_time__isnull=True) |
+        Q(cached_availability_time__lt=F('last_activity')) |
+        Q(cached_availability_time__lt=now() - timedelta(hours=2), last_activity__gt=now() - timedelta(days=7))
+    ).select_related('subevent')
+    for q in quotas:
+        q.availability()
--- a/src/pretix/base/services/shredder.py
+++ b/src/pretix/base/services/shredder.py
@@ -11,13 +11,14 @@ from django.utils.timezone import now
 from django.utils.translation import ugettext_lazy as _

 from pretix.base.models import CachedFile, Event, cachedfile_name
-from pretix.base.services.tasks import ProfiledEventTask
+from pretix.base.services.tasks import ProfiledTask
 from pretix.base.shredder import ShredError
 from pretix.celery_app import app


-@app.task(base=ProfiledEventTask)
-def export(event: Event, shredders: List[str]) -> None:
+@app.task(base=ProfiledTask)
+def export(event: str, shredders: List[str]) -> None:
+    event = Event.objects.get(id=event)
    known_shredders = event.get_data_shredders()

    with NamedTemporaryFile() as rawfile:
@@ -62,8 +63,9 @@ def export(event: Event, shredders: List[str]) -> None:
    return cf.pk


-@app.task(base=ProfiledEventTask, throws=(ShredError,))
-def shred(event: Event, fileid: str, confirm_code: str) -> None:
+@app.task(base=ProfiledTask, throws=(ShredError,))
+def shred(event: str, fileid: str, confirm_code: str) -> None:
+    event = Event.objects.get(id=event)
    known_shredders = event.get_data_shredders()
    try:
        cf = CachedFile.objects.get(pk=fileid)
--- a/src/pretix/base/services/tasks.py
+++ b/src/pretix/base/services/tasks.py
@@ -14,12 +14,10 @@ import time

 from django.conf import settings
 from django.db import transaction
-from django_scopes import scope, scopes_disabled

 from pretix.base.metrics import (
    pretix_task_duration_seconds, pretix_task_runs_total,
 )
-from pretix.base.models import Event
 from pretix.celery_app import app


@@ -63,35 +61,6 @@ class ProfiledTask(app.Task):
        return super().on_success(retval, task_id, args, kwargs)


-class EventTask(app.Task):
-    def __call__(self, *args, **kwargs):
-        if 'event_id' in kwargs:
-            event_id = kwargs.get('event_id')
-            with scopes_disabled():
-                event = Event.objects.select_related('organizer').get(pk=event_id)
-            del kwargs['event_id']
-            kwargs['event'] = event
-        elif 'event' in kwargs:
-            event_id = kwargs.get('event')
-            with scopes_disabled():
-                event = Event.objects.select_related('organizer').get(pk=event_id)
-            kwargs['event'] = event
-        else:
-            args = list(args)
-            event_id = args[0]
-            with scopes_disabled():
-                event = Event.objects.select_related('organizer').get(pk=event_id)
-            args[0] = event
-
-        with scope(organizer=event.organizer):
-            ret = super().__call__(*args, **kwargs)
-        return ret
-
-
-class ProfiledEventTask(ProfiledTask, EventTask):
-    pass
-
-
 class TransactionAwareTask(ProfiledTask):
    """
    Task class which is aware of django db transactions and only executes tasks
--- a/src/pretix/base/services/tickets.py
+++ b/src/pretix/base/services/tickets.py
@@ -4,14 +4,13 @@ import os
 from django.core.files.base import ContentFile
 from django.utils.timezone import now
 from django.utils.translation import ugettext as _
-from django_scopes import scopes_disabled

 from pretix.base.i18n import language
 from pretix.base.models import (
    CachedCombinedTicket, CachedTicket, Event, InvoiceAddress, Order,
    OrderPosition,
 )
-from pretix.base.services.tasks import EventTask, ProfiledTask
+from pretix.base.services.tasks import ProfiledTask
 from pretix.base.settings import PERSON_NAME_SCHEMES
 from pretix.base.signals import allow_ticket_download, register_ticket_outputs
 from pretix.celery_app import app
@@ -58,11 +57,10 @@ def generate_order(order: int, provider: str):

@app.task(base=ProfiledTask)
 def generate(model: str, pk: int, provider: str):
-    with scopes_disabled():
-        if model == 'order':
-            return generate_order(pk, provider)
-        elif model == 'orderposition':
-            return generate_orderposition(pk, provider)
+    if model == 'order':
+        return generate_order(pk, provider)
+    elif model == 'orderposition':
+        return generate_orderposition(pk, provider)


 class DummyRollbackException(Exception):
@@ -98,7 +96,7 @@ def preview(event: int, provider: str):
                return prov.generate(p)


-def get_tickets_for_order(order, base_position=None):
+def get_tickets_for_order(order):
    can_download = all([r for rr, r in allow_ticket_download.send(order.event, order=order)])
    if not can_download:
        return []
@@ -113,20 +111,13 @@ def get_tickets_for_order(order, base_position=None):

    tickets = []

-    positions = list(order.positions_with_tickets)
-    if base_position:
-        # Only the given position and its children
-        positions = [
-            p for p in positions if p.pk == base_position.pk or p.addon_to_id == base_position.pk
-        ]
-
    for p in providers:
        if not p.is_enabled:
            continue

-        if p.multi_download_enabled and not base_position:
+        if p.multi_download_enabled:
            try:
-                if len(positions) == 0:
+                if len(list(order.positions_with_tickets)) == 0:
                    continue
                ct = CachedCombinedTicket.objects.filter(
                    order=order, provider=p.identifier, file__isnull=False
@@ -145,7 +136,7 @@ def get_tickets_for_order(order, base_position=None):
            except:
                logger.exception('Failed to generate ticket.')
        else:
-            for pos in positions:
+            for pos in order.positions_with_tickets:
                try:
                    ct = CachedTicket.objects.filter(
                        order_position=pos, provider=p.identifier, file__isnull=False
@@ -154,7 +145,7 @@ def get_tickets_for_order(order, base_position=None):
                        retval = generate_orderposition(pos.pk, p.identifier)
                        if not retval:
                            continue
-                        ct = CachedTicket.objects.get(pk=retval)
+                        ct = CachedCombinedTicket.objects.get(pk=retval)
                    tickets.append((
                        "{}-{}-{}-{}{}".format(
                            order.event.slug.upper(), order.code, pos.positionid, ct.provider, ct.extension,
@@ -167,8 +158,9 @@ def get_tickets_for_order(order, base_position=None):
    return tickets


-@app.task(base=EventTask)
-def invalidate_cache(event: Event, item: int=None, provider: str=None, order: int=None, **kwargs):
+@app.task(base=ProfiledTask)
+def invalidate_cache(event: int, item: int=None, provider: str=None, order: int=None, **kwargs):
+    event = Event.objects.get(id=event)
    qs = CachedTicket.objects.filter(order_position__order__event=event)
    qsc = CachedCombinedTicket.objects.filter(order__event=event)

--- a/src/pretix/base/services/update_check.py
+++ b/src/pretix/base/services/update_check.py
@@ -6,7 +6,6 @@ import requests
 from django.dispatch import receiver
 from django.utils.timezone import now
 from django.utils.translation import ugettext_lazy as _, ugettext_noop
-from django_scopes import scopes_disabled
 from i18nfield.strings import LazyI18nString

 from pretix import __version__
@@ -30,7 +29,6 @@ def run_update_check(sender, **kwargs):


@app.task
-@scopes_disabled()
 def update_check():
    gs = GlobalSettingsObject()

--- a/src/pretix/base/services/waitinglist.py
+++ b/src/pretix/base/services/waitinglist.py
@@ -1,17 +1,17 @@
 import sys

 from django.dispatch import receiver
-from django_scopes import scopes_disabled

 from pretix.base.models import Event, User, WaitingListEntry
 from pretix.base.models.waitinglist import WaitingListException
-from pretix.base.services.tasks import EventTask
+from pretix.base.services.tasks import ProfiledTask
 from pretix.base.signals import periodic_task
 from pretix.celery_app import app


-@app.task(base=EventTask)
-def assign_automatically(event: Event, user_id: int=None, subevent_id: int=None):
+@app.task(base=ProfiledTask)
+def assign_automatically(event_id: int, user_id: int=None, subevent_id: int=None):
+    event = Event.objects.get(id=event_id)
    if user_id:
        user = User.objects.get(id=user_id)
    else:
@@ -69,7 +69,6 @@ def assign_automatically(event: Event, user_id: int=None, subevent_id: int=None)


@receiver(signal=periodic_task)
-@scopes_disabled()
 def process_waitinglist(sender, **kwargs):
    qs = Event.objects.filter(
        live=True
--- a/src/pretix/base/settings.py
+++ b/src/pretix/base/settings.py
@@ -145,10 +145,6 @@ DEFAULTS = {
        'default': 'False',
        'type': str
    },
-    'invoice_generate_sales_channels': {
-        'default': json.dumps(['web']),
-        'type': list
-    },
    'invoice_address_from': {
        'default': '',
        'type': str
@@ -301,10 +297,6 @@ DEFAULTS = {
        'default': settings.MAIL_FROM,
        'type': str
    },
-    'mail_from_name': {
-        'default': None,
-        'type': str
-    },
    'mail_text_signature': {
        'type': LazyI18nString,
        'default': ""
@@ -331,18 +323,6 @@ The list is as follows:

 {orders}

-Best regards,
-Your {event} team"""))
-    },
-    'mail_text_order_free_attendee': {
-        'type': LazyI18nString,
-        'default': LazyI18nString.from_gettext(ugettext_noop("""Hello {attendee_name},
-
-you have been registered for {event} successfully.
-
-You can view the details and status of your ticket here:
-{url}
-
 Best regards,
 Your {event} team"""))
    },
@@ -359,10 +339,6 @@ You can change your order details and view the status of your order at
 Best regards,
 Your {event} team"""))
    },
-    'mail_send_order_free_attendee': {
-        'type': bool,
-        'default': 'False'
-    },
    'mail_text_order_placed_require_approval': {
        'type': LazyI18nString,
        'default': LazyI18nString.from_gettext(ugettext_noop("""Hello,
@@ -389,22 +365,6 @@ of {total_with_currency}. Please complete your payment before {date}.
 You can change your order details and view the status of your order at
 {url}

-Best regards,
-Your {event} team"""))
-    },
-    'mail_send_order_placed_attendee': {
-        'type': bool,
-        'default': 'False'
-    },
-    'mail_text_order_placed_attendee': {
-        'type': LazyI18nString,
-        'default': LazyI18nString.from_gettext(ugettext_noop("""Hello {attendee_name},
-
-a ticket for {event} has been ordered for you.
-
-You can view the details and status of your ticket here:
-{url}
-
 Best regards,
 Your {event} team"""))
    },
@@ -431,22 +391,6 @@ we successfully received your payment for {event}. Thank you!
 You can change your order details and view the status of your order at
 {url}

-Best regards,
-Your {event} team"""))
-    },
-    'mail_send_order_paid_attendee': {
-        'type': bool,
-        'default': 'False'
-    },
-    'mail_text_order_paid_attendee': {
-        'type': LazyI18nString,
-        'default': LazyI18nString.from_gettext(ugettext_noop("""Hello {attendee_name},
-
-a ticket for {event} that has been ordered for you is now paid.
-
-You can view the details and status of your ticket here:
-{url}
-
 Best regards,
 Your {event} team"""))
    },
@@ -548,22 +492,6 @@ Your {event} team"""))
        'type': int,
        'default': None
    },
-    'mail_send_download_reminder_attendee': {
-        'type': bool,
-        'default': 'False'
-    },
-    'mail_text_download_reminder_attendee': {
-        'type': LazyI18nString,
-        'default': LazyI18nString.from_gettext(ugettext_noop("""Hello {attendee_name},
-
-you are registered for {event}.
-
-If you did not do so already, you can download your ticket here:
-{url}
-
-Best regards,
-Your {event} team"""))
-    },
    'mail_text_download_reminder': {
        'type': LazyI18nString,
        'default': LazyI18nString.from_gettext(ugettext_noop("""Hello,
--- a/src/pretix/base/signals.py
+++ b/src/pretix/base/signals.py
@@ -240,19 +240,6 @@ subclass of pretix.base.exporter.BaseExporter
 As with all event-plugin signals, the ``sender`` keyword argument will contain the event.
 """

-validate_order = EventPluginSignal(
-    providing_args=["payment_provider", "positions", "email", "locale", "invoice_address",
-                    "meta_info"]
-)
-"""
-This signal is sent out when the user tries to confirm the order, before we actually create
-the order. It allows you to inspect the cart positions. Your return value will be ignored,
-but you can raise an OrderError with an appropriate exception message if you like to block
-the order. We strongly discourage making changes to the order here.
-
-As with all event-plugin signals, the ``sender`` keyword argument will contain the event.
-"""
-
 validate_cart = EventPluginSignal(
    providing_args=["positions"]
 )
@@ -515,12 +502,3 @@ dictionaries as values that contain keys like in the following example::
 The evaluate member will be called with the order position, order and event as arguments. The event might
 also be a subevent, if applicable.
 """
-
-
-timeline_events = EventPluginSignal()
-"""
-This signal is sent out to collect events for the time line shown on event dashboards. You are passed
-a ``subevent`` argument which might be none and you are expected to return a list of instances of
-``pretix.base.timeline.TimelineEvent``, which is a ``namedtuple`` with the fields ``event``, ``subevent``,
-``datetime``, ``description`` and ``edit_url``.
-"""
--- a/src/pretix/base/templates/pretixbase/email/plainwrapper.html
+++ b/src/pretix/base/templates/pretixbase/email/plainwrapper.html
@@ -23,23 +23,13 @@
                    <table cellpadding="20"><tr><td>
                <![endif]-->
                <div class="content">
-                    {% if position %}
-                        {% trans "You are receiving this email because someone signed you up for the following event:" %}<br>
-                        <strong>{% trans "Event:" %}</strong> {{ event.name }}<br>
-                        <strong>{% trans "Order code:" %}</strong> {{ order.code }}<br>
-                        <strong>{% trans "Order date:" %}</strong> {{ order.datetime|date:"SHORT_DATE_FORMAT" }}<br>
-                        <a href="{% abseventurl event "presale:event.order.position" order=order.code secret=position.web_secret position=position.positionid %}">
-                            {% trans "View registration details" %}
-                        </a>
-                    {% else %}
-                        {% trans "You are receiving this email because you placed an order for the following event:" %}<br>
-                        <strong>{% trans "Event:" %}</strong> {{ event.name }}<br>
-                        <strong>{% trans "Order code:" %}</strong> {{ order.code }}<br>
-                        <strong>{% trans "Order date:" %}</strong> {{ order.datetime|date:"SHORT_DATE_FORMAT" }}<br>
-                        <a href="{% abseventurl event "presale:event.order.open" hash=order.email_confirm_hash order=order.code secret=order.secret %}">
-                            {% trans "View order details" %}
-                        </a>
-                    {% endif %}
+                    {% trans "You are receiving this email because you placed an order for the following event:" %}<br>
+                    <strong>{% trans "Event:" %}</strong> {{ event.name }}<br>
+                    <strong>{% trans "Order code:" %}</strong> {{ order.code }}<br>
+                    <strong>{% trans "Order date:" %}</strong> {{ order.datetime|date:"SHORT_DATE_FORMAT" }}<br>
+                    <a href="{% abseventurl event "presale:event.order" order=order.code secret=order.secret %}">
+                        {% trans "View order details" %}
+                    </a>
                </div>
                <!--[if gte mso 9]>
                    </td></tr></table>
--- a/src/pretix/base/templatetags/rich_text.py
+++ b/src/pretix/base/templatetags/rich_text.py
@@ -47,7 +47,7 @@ ALLOWED_TAGS = [
 ]

 ALLOWED_ATTRIBUTES = {
-    'a': ['href', 'title', 'class'],
+    'a': ['href', 'title'],
    'abbr': ['title'],
    'acronym': ['title'],
    'table': ['width'],
--- a/src/pretix/base/timeline.py
+++ b/src/pretix/base/timeline.py
@@ -1,200 +0,0 @@
-from collections import namedtuple
-from datetime import datetime, time, timedelta
-
-from django.db.models import Q
-from django.urls import reverse
-from django.utils.timezone import make_aware
-from django.utils.translation import pgettext_lazy
-
-from pretix.base.reldate import RelativeDateWrapper
-from pretix.base.signals import timeline_events
-
-TimelineEvent = namedtuple('TimelineEvent', ('event', 'subevent', 'datetime', 'description', 'edit_url'))
-
-
-def timeline_for_event(event, subevent=None):
-    tl = []
-    ev = subevent or event
-    if subevent:
-        ev_edit_url = reverse(
-            'control:event.subevent', kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug,
-                'subevent': subevent.pk
-            }
-        )
-    else:
-        ev_edit_url = reverse(
-            'control:event.settings', kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug
-            }
-        )
-
-    tl.append(TimelineEvent(
-        event=event, subevent=subevent,
-        datetime=ev.date_from,
-        description=pgettext_lazy('timeline', 'Your event starts'),
-        edit_url=ev_edit_url
-    ))
-
-    if ev.date_to:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=ev.date_to,
-            description=pgettext_lazy('timeline', 'Your event ends'),
-            edit_url=ev_edit_url
-        ))
-
-    if ev.date_admission:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=ev.date_admission,
-            description=pgettext_lazy('timeline', 'Admissions for your event start'),
-            edit_url=ev_edit_url
-        ))
-
-    if ev.presale_start:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=ev.presale_start,
-            description=pgettext_lazy('timeline', 'Start of ticket sales'),
-            edit_url=ev_edit_url
-        ))
-
-    if ev.presale_end:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=ev.presale_end,
-            description=pgettext_lazy('timeline', 'End of ticket sales'),
-            edit_url=ev_edit_url
-        ))
-
-    rd = event.settings.get('last_order_modification_date', as_type=RelativeDateWrapper)
-    if rd:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=rd.datetime(ev),
-            description=pgettext_lazy('timeline', 'Customers can no longer modify their orders'),
-            edit_url=ev_edit_url
-        ))
-
-    rd = event.settings.get('payment_term_last', as_type=RelativeDateWrapper)
-    if rd:
-        d = make_aware(datetime.combine(
-            rd.date(ev),
-            time(hour=23, minute=59, second=59)
-        ), event.timezone)
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=d,
-            description=pgettext_lazy('timeline', 'No more payments can be completed'),
-            edit_url=reverse('control:event.settings.payment', kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug
-            })
-        ))
-
-    rd = event.settings.get('ticket_download_date', as_type=RelativeDateWrapper)
-    if rd and event.settings.ticket_download:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=rd.datetime(ev),
-            description=pgettext_lazy('timeline', 'Tickets can be downloaded'),
-            edit_url=reverse('control:event.settings.tickets', kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug
-            })
-        ))
-
-    rd = event.settings.get('cancel_allow_user_until', as_type=RelativeDateWrapper)
-    if rd and event.settings.cancel_allow_user:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=rd.datetime(ev),
-            description=pgettext_lazy('timeline', 'Customers can no longer cancel free or unpaid orders'),
-            edit_url=reverse('control:event.settings.tickets', kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug
-            })
-        ))
-
-    rd = event.settings.get('cancel_allow_user_paid_until', as_type=RelativeDateWrapper)
-    if rd and event.settings.cancel_allow_user_paid:
-        tl.append(TimelineEvent(
-            event=event, subevent=subevent,
-            datetime=rd.datetime(ev),
-            description=pgettext_lazy('timeline', 'Customers can no longer cancel paid orders'),
-            edit_url=reverse('control:event.settings.tickets', kwargs={
-                'event': event.slug,
-                'organizer': event.organizer.slug
-            })
-        ))
-
-    if not event.has_subevents:
-        days = event.settings.get('mail_days_download_reminder', as_type=int)
-        if days is not None:
-            reminder_date = (ev.date_from - timedelta(days=days)).replace(hour=0, minute=0, second=0, microsecond=0)
-            tl.append(TimelineEvent(
-                event=event, subevent=subevent,
-                datetime=reminder_date,
-                description=pgettext_lazy('timeline', 'Download reminders are being sent out'),
-                edit_url=reverse('control:event.settings.mail', kwargs={
-                    'event': event.slug,
-                    'organizer': event.organizer.slug
-                })
-            ))
-
-    for p in event.items.filter(Q(available_from__isnull=False) | Q(available_until__isnull=False)):
-        if p.available_from:
-            tl.append(TimelineEvent(
-                event=event, subevent=subevent,
-                datetime=p.available_from,
-                description=pgettext_lazy('timeline', 'Product "{name}" becomes available').format(name=str(p)),
-                edit_url=reverse('control:event.item', kwargs={
-                    'event': event.slug,
-                    'organizer': event.organizer.slug,
-                    'item': p.pk,
-                })
-            ))
-        if p.available_until:
-            tl.append(TimelineEvent(
-                event=event, subevent=subevent,
-                datetime=p.available_until,
-                description=pgettext_lazy('timeline', 'Product "{name}" becomes unavailable').format(name=str(p)),
-                edit_url=reverse('control:event.item', kwargs={
-                    'event': event.slug,
-                    'organizer': event.organizer.slug,
-                    'item': p.pk,
-                })
-            ))
-
-    pprovs = event.get_payment_providers()
-    # This is a special case, depending on payment providers not overriding BasePaymentProvider by too much, but it's
-    # preferrable to having all plugins implement this spearately.
-    for pprov in pprovs.values():
-        if not pprov.settings.get('_enabled', as_type=bool):
-            continue
-        availability_date = pprov.settings.get('_availability_date', as_type=RelativeDateWrapper)
-        if availability_date:
-            d = make_aware(datetime.combine(
-                availability_date.date(ev),
-                time(hour=23, minute=59, second=59)
-            ), event.timezone)
-            tl.append(TimelineEvent(
-                event=event, subevent=subevent,
-                datetime=d,
-                description=pgettext_lazy('timeline', 'Payment provider "{name}" can no longer be selected').format(
-                    name=str(pprov.verbose_name)
-                ),
-                edit_url=reverse('control:event.settings.payment.provider', kwargs={
-                    'event': event.slug,
-                    'organizer': event.organizer.slug,
-                    'provider': pprov.identifier,
-                })
-            ))
-
-    for recv, resp in timeline_events.send(sender=event, subevent=subevent):
-        tl += resp
-
-    return sorted(tl, key=lambda e: e.datetime)
--- a/src/pretix/base/views/metrics.py
+++ b/src/pretix/base/views/metrics.py
@@ -3,7 +3,6 @@ import hmac

 from django.conf import settings
 from django.http import HttpResponse
-from django_scopes import scopes_disabled

 from .. import metrics

@@ -16,7 +15,6 @@ def unauthed_response():
    return response


-@scopes_disabled()
 def serve_metrics(request):
    if not settings.METRICS_ENABLED:
        return unauthed_response()
--- a/src/pretix/base/views/mixins.py
+++ b/src/pretix/base/views/mixins.py
@@ -4,7 +4,7 @@ from decimal import Decimal

 from django import forms
 from django.core.files.uploadedfile import UploadedFile
-from django.db.models import Prefetch, QuerySet
+from django.db.models import Prefetch
 from django.utils.functional import cached_property

 from pretix.base.forms.questions import (
@@ -89,20 +89,19 @@ class BaseQuestionsViewMixin:
                    elif k == 'attendee_email':
                        form.pos.attendee_email = v if v != '' else None
                        form.pos.save()
-                    elif k.startswith('question_'):
+                    elif k.startswith('question_') and v is not None:
                        field = form.fields[k]
                        if hasattr(field, 'answer'):
                            # We already have a cached answer object, so we don't
                            # have to create a new one
-                            if v == '' or v is None or (isinstance(field, forms.FileField) and v is False) \
-                                    or (isinstance(v, QuerySet) and not v.exists()):
+                            if v == '' or v is None or (isinstance(field, forms.FileField) and v is False):
                                if field.answer.file:
                                    field.answer.file.delete()
                                field.answer.delete()
                            else:
                                self._save_to_answer(field, field.answer, v)
                                field.answer.save()
-                        elif v != '' and v is not None:
+                        elif v != '':
                            answer = QuestionAnswer(
                                cartposition=(form.pos if isinstance(form.pos, CartPosition) else None),
                                orderposition=(form.pos if isinstance(form.pos, OrderPosition) else None),
--- a/src/pretix/control/context.py
+++ b/src/pretix/control/context.py
@@ -5,7 +5,6 @@ from django.conf import settings
 from django.db.models import Q
 from django.urls import Resolver404, get_script_prefix, resolve
 from django.utils.translation import get_language
-from django_scopes import scope

 from pretix.base.models.auth import StaffSession
 from pretix.base.settings import GlobalSettingsObject
@@ -54,11 +53,10 @@ def contextprocessor(request):
        ctx['has_domain'] = request.event.organizer.domains.exists()

        if not request.event.testmode:
-            with scope(organizer=request.organizer):
-                complain_testmode_orders = request.event.cache.get('complain_testmode_orders')
-                if complain_testmode_orders is None:
-                    complain_testmode_orders = request.event.orders.filter(testmode=True).exists()
-                    request.event.cache.set('complain_testmode_orders', complain_testmode_orders, 30)
+            complain_testmode_orders = request.event.cache.get('complain_testmode_orders')
+            if complain_testmode_orders is None:
+                complain_testmode_orders = request.event.orders.filter(testmode=True).exists()
+                request.event.cache.set('complain_testmode_orders', complain_testmode_orders, 30)
            ctx['complain_testmode_orders'] = complain_testmode_orders
        else:
            ctx['complain_testmode_orders'] = False
--- a/src/pretix/control/forms/init.py
+++ b/src/pretix/control/forms/init.py
@@ -200,7 +200,3 @@ class SplitDateTimeField(forms.SplitDateTimeField):
            result = datetime.datetime.combine(*data_list)
            return from_current_timezone(result)
        return None
-
-
-class FontSelect(forms.RadioSelect):
-    option_template_name = 'pretixcontrol/font_option.html'
--- a/src/pretix/control/forms/checkin.py
+++ b/src/pretix/control/forms/checkin.py
@@ -1,9 +1,6 @@
 from django import forms
 from django.urls import reverse
 from django.utils.translation import pgettext_lazy
-from django_scopes.forms import (
-    SafeModelChoiceField, SafeModelMultipleChoiceField,
-)

 from pretix.base.models.checkin import CheckinList
 from pretix.control.forms.widgets import Select2
@@ -47,7 +44,3 @@ class CheckinListForm(forms.ModelForm):
                'data-inverse-dependency': '<[name$=all_products]'
            }),
        }
-        field_classes = {
-            'limit_products': SafeModelMultipleChoiceField,
-            'subevent': SafeModelChoiceField,
-        }
--- a/src/pretix/control/forms/event.py
+++ b/src/pretix/control/forms/event.py
@@ -2,10 +2,9 @@ from django import forms
 from django.conf import settings
 from django.contrib.auth.hashers import check_password
 from django.core.exceptions import ValidationError
-from django.core.validators import RegexValidator, validate_email
+from django.core.validators import RegexValidator
 from django.db.models import Q
 from django.forms import formset_factory
-from django.urls import reverse
 from django.utils.html import escape
 from django.utils.safestring import mark_safe
 from django.utils.timezone import get_current_timezone_name
@@ -19,17 +18,15 @@ from i18nfield.forms import (
 )
 from pytz import common_timezones, timezone

-from pretix.base.channels import get_all_sales_channels
 from pretix.base.forms import I18nModelForm, PlaceholderValidator, SettingsForm
 from pretix.base.models import Event, Organizer, TaxRule
 from pretix.base.models.event import EventMetaValue, SubEvent
 from pretix.base.reldate import RelativeDateField, RelativeDateTimeField
 from pretix.base.settings import PERSON_NAME_SCHEMES
 from pretix.control.forms import (
-    ExtFileField, FontSelect, MultipleLanguagesWidget, SingleLanguageWidget,
-    SlugWidget, SplitDateTimeField, SplitDateTimePickerWidget,
+    ExtFileField, MultipleLanguagesWidget, SingleLanguageWidget, SlugWidget,
+    SplitDateTimeField, SplitDateTimePickerWidget,
 )
-from pretix.control.forms.widgets import Select2
 from pretix.multidomain.urlreverse import build_absolute_uri
 from pretix.plugins.banktransfer.payment import BankTransfer
 from pretix.presale.style import get_fonts
@@ -54,28 +51,16 @@ class EventWizardFoundationForm(forms.Form):

    def __init__(self, *args, **kwargs):
        self.user = kwargs.pop('user')
-        self.session = kwargs.pop('session')
        super().__init__(*args, **kwargs)
-        qs = Organizer.objects.all()
-        if not self.user.has_active_staff_session(self.session.session_key):
-            qs = qs.filter(
-                id__in=self.user.teams.filter(can_create_events=True).values_list('organizer', flat=True)
-            )
        self.fields['organizer'] = forms.ModelChoiceField(
            label=_("Organizer"),
-            queryset=qs,
-            widget=Select2(
-                attrs={
-                    'data-model-select2': 'generic',
-                    'data-select2-url': reverse('control:organizers.select2') + '?can_create=1',
-                    'data-placeholder': _('Organizer')
-                }
+            queryset=Organizer.objects.filter(
+                id__in=self.user.teams.filter(can_create_events=True).values_list('organizer', flat=True)
            ),
+            widget=forms.RadioSelect,
            empty_label=None,
            required=True
        )
-        self.fields['organizer'].widget.choices = self.fields['organizer'].choices
-
        if len(self.fields['organizer'].choices) == 1:
            self.fields['organizer'].initial = self.fields['organizer'].queryset.first()

@@ -131,7 +116,6 @@ class EventWizardBasicsForm(I18nModelForm):
        self.locales = kwargs.get('locales')
        self.has_subevents = kwargs.pop('has_subevents')
        kwargs.pop('user')
-        kwargs.pop('session')
        super().__init__(*args, **kwargs)
        self.initial['timezone'] = get_current_timezone_name()
        self.fields['locale'].choices = [(a, b) for a, b in settings.LANGUAGES if a in self.locales]
@@ -189,9 +173,7 @@ class EventChoiceField(forms.ModelChoiceField):
 class EventWizardCopyForm(forms.Form):

    @staticmethod
-    def copy_from_queryset(user, session):
-        if user.has_active_staff_session(session.session_key):
-            return Event.objects.all()
+    def copy_from_queryset(user):
        return Event.objects.filter(
            Q(organizer_id__in=user.teams.filter(
                all_events=True, can_change_event_settings=True, can_change_items=True
@@ -203,25 +185,16 @@ class EventWizardCopyForm(forms.Form):
    def __init__(self, *args, **kwargs):
        kwargs.pop('organizer')
        kwargs.pop('locales')
-        self.session = kwargs.pop('session')
        kwargs.pop('has_subevents')
        self.user = kwargs.pop('user')
        super().__init__(*args, **kwargs)
-
        self.fields['copy_from_event'] = EventChoiceField(
            label=_("Copy configuration from"),
-            queryset=EventWizardCopyForm.copy_from_queryset(self.user, self.session),
-            widget=Select2(
-                attrs={
-                    'data-model-select2': 'event',
-                    'data-select2-url': reverse('control:events.typeahead') + '?can_copy=1',
-                    'data-placeholder': _('Do not copy')
-                }
-            ),
+            queryset=EventWizardCopyForm.copy_from_queryset(self.user),
+            widget=forms.RadioSelect,
            empty_label=_('Do not copy'),
            required=False
        )
-        self.fields['copy_from_event'].widget.choices = self.fields['copy_from_event'].choices


 class EventMetaValueForm(forms.ModelForm):
@@ -691,13 +664,6 @@ class InvoiceSettingsForm(SettingsForm):
        ),
        help_text=_("Invoices will never be automatically generated for free orders.")
    )
-    invoice_generate_sales_channels = forms.MultipleChoiceField(
-        label=_('Generate invoices for Sales channels'),
-        choices=[],
-        widget=forms.CheckboxSelectMultiple,
-        help_text=_("If you have enabled invoice generation in the previous setting, you can limit it here to specific "
-                    "sales channels.")
-    )
    invoice_attendee_name = forms.BooleanField(
        label=_("Show attendee names on invoices"),
        required=False
@@ -813,16 +779,6 @@ class InvoiceSettingsForm(SettingsForm):
        self.fields['invoice_numbers_prefix'].widget.attrs['placeholder'] = event.slug.upper() + '-'
        locale_names = dict(settings.LANGUAGES)
        self.fields['invoice_language'].choices = [('__user__', _('The user\'s language'))] + [(a, locale_names[a]) for a in event.settings.locales]
-        self.fields['invoice_generate_sales_channels'].choices = (
-            (c.identifier, c.verbose_name) for c in get_all_sales_channels().values()
-        )
-
-
-def multimail_validate(val):
-    s = val.split(',')
-    for part in s:
-        validate_email(part.strip())
-    return s


 class MailSettingsForm(SettingsForm):
@@ -834,20 +790,12 @@ class MailSettingsForm(SettingsForm):
    )
    mail_from = forms.EmailField(
        label=_("Sender address"),
-        help_text=_("Sender address for outgoing emails"),
+        help_text=_("Sender address for outgoing emails")
    )
-    mail_from_name = forms.CharField(
-        label=_("Sender name"),
-        help_text=_("Sender name used in conjunction with the sender address for outgoing emails. "
-                    "Defaults to your event name."),
-        required=False
-    )
-    mail_bcc = forms.CharField(
+    mail_bcc = forms.EmailField(
        label=_("Bcc address"),
        help_text=_("All emails will be sent to this address as a Bcc copy"),
-        validators=[multimail_validate],
-        required=False,
-        max_length=255
+        required=False
    )

    mail_text_signature = I18nFormField(
@@ -870,7 +818,7 @@ class MailSettingsForm(SettingsForm):
    )

    mail_text_order_placed = I18nFormField(
-        label=_("Text sent to order contact address"),
+        label=_("Text"),
        required=False,
        widget=I18nTextarea,
        help_text=_("Available placeholders: {event}, {total_with_currency}, {total}, {currency}, {date}, "
@@ -878,62 +826,20 @@ class MailSettingsForm(SettingsForm):
        validators=[PlaceholderValidator(['{event}', '{total_with_currency}', '{total}', '{currency}', '{date}',
                                          '{payment_info}', '{url}', '{invoice_name}', '{invoice_company}'])]
    )
-    mail_send_order_placed_attendee = forms.BooleanField(
-        label=_("Send an email to attendees"),
-        help_text=_('If the order contains attendees with email addresses different from the person who orders the '
-                    'tickets, the following email will be sent out to the attendees.'),
-        required=False,
-    )
-    mail_text_order_placed_attendee = I18nFormField(
-        label=_("Text sent to attendees"),
-        required=False,
-        widget=I18nTextarea,
-        help_text=_("Available placeholders: {event}, {url}, {attendee_name}"),
-        validators=[PlaceholderValidator(['{event}', '{url}', '{attendee_name}'])],
-    )
-
    mail_text_order_paid = I18nFormField(
-        label=_("Text sent to order contact address"),
+        label=_("Text"),
        required=False,
        widget=I18nTextarea,
        help_text=_("Available placeholders: {event}, {url}, {invoice_name}, {invoice_company}, {payment_info}"),
        validators=[PlaceholderValidator(['{event}', '{url}', '{invoice_name}', '{invoice_company}', '{payment_info}'])]
    )
-    mail_send_order_paid_attendee = forms.BooleanField(
-        label=_("Send an email to attendees"),
-        help_text=_('If the order contains attendees with email addresses different from the person who orders the '
-                    'tickets, the following email will be sent out to the attendees.'),
-        required=False,
-    )
-    mail_text_order_paid_attendee = I18nFormField(
-        label=_("Text sent to attendees"),
-        required=False,
-        widget=I18nTextarea,
-        help_text=_("Available placeholders: {event}, {url}, {attendee_name}"),
-        validators=[PlaceholderValidator(['{event}', '{url}', '{attendee_name}'])],
-    )
-
    mail_text_order_free = I18nFormField(
-        label=_("Text sent to order contact address"),
+        label=_("Text"),
        required=False,
        widget=I18nTextarea,
        help_text=_("Available placeholders: {event}, {url}, {invoice_name}, {invoice_company}"),
        validators=[PlaceholderValidator(['{event}', '{url}', '{invoice_name}', '{invoice_company}'])]
    )
-    mail_send_order_free_attendee = forms.BooleanField(
-        label=_("Send an email to attendees"),
-        help_text=_('If the order contains attendees with email addresses different from the person who orders the '
-                    'tickets, the following email will be sent out to the attendees.'),
-        required=False,
-    )
-    mail_text_order_free_attendee = I18nFormField(
-        label=_("Text sent to attendees"),
-        required=False,
-        widget=I18nTextarea,
-        help_text=_("Available placeholders: {event}, {url}, {attendee_name}"),
-        validators=[PlaceholderValidator(['{event}', '{url}', '{attendee_name}'])],
-    )
-
    mail_text_order_changed = I18nFormField(
        label=_("Text"),
        required=False,
@@ -993,25 +899,12 @@ class MailSettingsForm(SettingsForm):
                                          '{invoice_name}', '{invoice_company}'])]
    )
    mail_text_download_reminder = I18nFormField(
-        label=_("Text sent to order contact address"),
+        label=_("Text"),
        required=False,
        widget=I18nTextarea,
        help_text=_("Available placeholders: {event}, {url}"),
        validators=[PlaceholderValidator(['{event}', '{url}'])]
    )
-    mail_send_download_reminder_attendee = forms.BooleanField(
-        label=_("Send an email to attendees"),
-        help_text=_('If the order contains attendees with email addresses different from the person who orders the '
-                    'tickets, the following email will be sent out to the attendees.'),
-        required=False,
-    )
-    mail_text_download_reminder_attendee = I18nFormField(
-        label=_("Text sent to attendees"),
-        required=False,
-        widget=I18nTextarea,
-        help_text=_("Available placeholders: {attendee_name}, {event}, {url}"),
-        validators=[PlaceholderValidator(['{attendee_name}', '{event}', '{url}'])]
-    )
    mail_days_download_reminder = forms.IntegerField(
        label=_("Number of days"),
        required=False,
@@ -1092,26 +985,13 @@ class MailSettingsForm(SettingsForm):
            (r.identifier, r.verbose_name) for r in event.get_html_mail_renderers().values()
        ]
        keys = list(event.meta_data.keys())
-        name_scheme = PERSON_NAME_SCHEMES[event.settings.name_scheme]
-        for k, v in list(self.fields.items()):
+        for k, v in self.fields.items():
            if k.startswith('mail_text_'):
                v.help_text = str(v.help_text) + ', ' + ', '.join({
                    '{meta_' + p + '}' for p in keys
                })
                v.validators[0].limit_value += ['{meta_' + p + '}' for p in keys]

-                if '{attendee_name}' in v.validators[0].limit_value:
-                    for f, l, w in name_scheme['fields']:
-                        if f == 'full_name':
-                            continue
-                        v.help_text = str(v.help_text) + ', ' + '{attendee_name_%s}' % f
-                        v.validators[0].limit_value += ['{attendee_name_' + f + '}']
-
-            if k.endswith('_attendee') and not event.settings.attendee_emails_asked:
-                # If we don't ask for attendee emails, we can't send them anything and we don't need to clutter
-                # the user interface with it
-                del self.fields[k]
-
    def clean(self):
        data = self.cleaned_data
        if not data.get('smtp_password') and data.get('smtp_username'):
@@ -1166,7 +1046,6 @@ class DisplaySettingsForm(SettingsForm):
        choices=[
            ('Open Sans', 'Open Sans')
        ],
-        widget=FontSelect,
        help_text=_('Only respected by modern browsers.')
    )
    frontpage_text = I18nFormField(
--- a/src/pretix/control/forms/item.py
+++ b/src/pretix/control/forms/item.py
@@ -6,9 +6,6 @@ from django.urls import reverse
 from django.utils.translation import (
    pgettext_lazy, ugettext as __, ugettext_lazy as _,
 )
-from django_scopes.forms import (
-    SafeModelChoiceField, SafeModelMultipleChoiceField,
-)
 from i18nfield.forms import I18nFormField, I18nTextarea

 from pretix.base.channels import get_all_sales_channels
@@ -97,10 +94,6 @@ class QuestionForm(I18nModelForm):
            ),
            'dependency_value': forms.Select,
        }
-        field_classes = {
-            'items': SafeModelMultipleChoiceField,
-            'dependency_question': SafeModelChoiceField,
-        }


 class QuestionOptionForm(I18nModelForm):
@@ -166,9 +159,6 @@ class QuotaForm(I18nModelForm):
            'size',
            'subevent'
        ]
-        field_classes = {
-            'subevent': SafeModelChoiceField,
-        }

    def save(self, *args, **kwargs):
        creating = not self.instance.pk
@@ -216,8 +206,6 @@ class ItemCreateForm(I18nModelForm):
            empty_label=_('Do not copy'),
            required=False
        )
-        if self.event.tax_rules.exists():
-            self.fields['tax_rule'].required = True

        if not self.event.has_subevents:
            choices = [
@@ -376,8 +364,6 @@ class ItemUpdateForm(I18nModelForm):
            'over 65. This ticket includes access to all parts of the event, except the VIP '
            'area.'
        )
-        if self.event.tax_rules.exists():
-            self.fields['tax_rule'].required = True
        self.fields['description'].widget.attrs['rows'] = '4'
        self.fields['sales_channels'] = forms.MultipleChoiceField(
            label=_('Sales channels'),
--- a/src/pretix/control/forms/orders.py
+++ b/src/pretix/control/forms/orders.py
@@ -9,7 +9,6 @@ from django.utils.timezone import now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _

 from pretix.base.forms import I18nModelForm, PlaceholderValidator
-from pretix.base.forms.widgets import DatePickerWidget
 from pretix.base.models import InvoiceAddress, ItemAddOn, Order, OrderPosition
 from pretix.base.models.event import SubEvent
 from pretix.base.services.pricing import get_price
@@ -117,12 +116,6 @@ class MarkPaidForm(ConfirmPaymentForm):
        localize=True,
        label=_('Payment amount'),
    )
-    payment_date = forms.DateField(
-        required=True,
-        label=_('Payment date'),
-        widget=DatePickerWidget(),
-        initial=now
-    )

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
@@ -192,7 +185,7 @@ class OrderPositionAddForm(forms.Form):
        label=_('Product')
    )
    addon_to = forms.ModelChoiceField(
-        OrderPosition.all.none(),
+        OrderPosition.objects.none(),
        required=False,
        label=_('Add-on to'),
    )
@@ -292,7 +285,10 @@ class OrderPositionChangeForm(forms.Form):
        instance = kwargs.pop('instance')
        initial = kwargs.get('initial', {})

-        initial['price'] = instance.price
+        if instance.item.tax_rule and not instance.item.tax_rule.price_includes_tax:
+            initial['price'] = instance.price - instance.tax_value
+        else:
+            initial['price'] = instance.price

        kwargs['initial'] = initial
        super().__init__(*args, **kwargs)
@@ -344,7 +340,7 @@ class OrderContactForm(forms.ModelForm):

    class Meta:
        model = Order
-        fields = ['email', 'email_known_to_work']
+        fields = ['email']


 class OrderLocaleForm(forms.ModelForm):
--- a/src/pretix/control/forms/organizer.py
+++ b/src/pretix/control/forms/organizer.py
@@ -6,16 +6,13 @@ from django.core.exceptions import ValidationError
 from django.core.validators import RegexValidator
 from django.utils.safestring import mark_safe
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
-from django_scopes.forms import SafeModelMultipleChoiceField
 from i18nfield.forms import I18nFormField, I18nTextarea

 from pretix.api.models import WebHook
 from pretix.api.webhooks import get_all_webhook_events
 from pretix.base.forms import I18nModelForm, SettingsForm
 from pretix.base.models import Device, Organizer, Team
-from pretix.control.forms import (
-    ExtFileField, FontSelect, MultipleLanguagesWidget,
-)
+from pretix.control.forms import ExtFileField, MultipleLanguagesWidget
 from pretix.multidomain.models import KnownDomain
 from pretix.presale.style import get_fonts

@@ -150,9 +147,6 @@ class TeamForm(forms.ModelForm):
                'data-inverse-dependency': '#id_all_events'
            }),
        }
-        field_classes = {
-            'limit_events': SafeModelMultipleChoiceField
-        }

    def clean(self):
        data = super().clean()
@@ -181,9 +175,6 @@ class DeviceForm(forms.ModelForm):
                'data-inverse-dependency': '#id_all_events'
            }),
        }
-        field_classes = {
-            'limit_events': SafeModelMultipleChoiceField
-        }


 class OrganizerSettingsForm(SettingsForm):
@@ -269,7 +260,6 @@ class OrganizerDisplaySettingsForm(SettingsForm):
        choices=[
            ('Open Sans', 'Open Sans')
        ],
-        widget=FontSelect,
        help_text=_('Only respected by modern browsers.')
    )
    favicon = ExtFileField(
@@ -314,6 +304,3 @@ class WebHookForm(forms.ModelForm):
                'data-inverse-dependency': '#id_all_events'
            }),
        }
-        field_classes = {
-            'limit_events': SafeModelMultipleChoiceField
-        }
--- a/src/pretix/control/forms/users.py
+++ b/src/pretix/control/forms/users.py
@@ -48,14 +48,12 @@ class UserEditForm(forms.ModelForm):
            'email',
            'require_2fa',
            'is_active',
-            'is_staff',
-            'last_login'
+            'is_staff'
        ]

    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
        self.fields['email'].required = True
-        self.fields['last_login'].disabled = True

    def clean_email(self):
        email = self.cleaned_data['email']
--- a/src/pretix/control/forms/vouchers.py
+++ b/src/pretix/control/forms/vouchers.py
@@ -3,7 +3,6 @@ from django.core.exceptions import ObjectDoesNotExist, ValidationError
 from django.db.models.functions import Lower
 from django.urls import reverse
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
-from django_scopes.forms import SafeModelChoiceField

 from pretix.base.forms import I18nModelForm
 from pretix.base.models import Item, Voucher
@@ -36,7 +35,6 @@ class VoucherForm(I18nModelForm):
        ]
        field_classes = {
            'valid_until': SplitDateTimeField,
-            'subevent': SafeModelChoiceField,
        }
        widgets = {
            'valid_until': SplitDateTimePickerWidget(),
@@ -148,14 +146,6 @@ class VoucherForm(I18nModelForm):
            data, self.instance.event,
            self.instance.quota, self.instance.item, self.instance.variation
        )
-        if self.instance.quota:
-            if all(i.hide_without_voucher for i in self.instance.quota.items.all()):
-                raise ValidationError({
-                    'itemvar': [
-                        _('The quota you selected only contains hidden products. Hidden products can currently only be '
-                          'shown by using vouchers that directly apply to the product, not via a quota.')
-                    ]
-                })
        Voucher.clean_subevent(
            data, self.instance.event
        )
@@ -201,7 +191,6 @@ class VoucherBulkForm(VoucherForm):
        ]
        field_classes = {
            'valid_until': SplitDateTimeField,
-            'subevent': SafeModelChoiceField,
        }
        widgets = {
            'valid_until': SplitDateTimePickerWidget(),
--- a/src/pretix/control/logdisplay.py
+++ b/src/pretix/control/logdisplay.py
@@ -251,9 +251,6 @@ def pretixcontrol_logentry_display(sender: Event, logentry: LogEntry, **kwargs):
        'pretix.event.item.addons.added': _('An add-on has been added to this product.'),
        'pretix.event.item.addons.removed': _('An add-on has been removed from this product.'),
        'pretix.event.item.addons.changed': _('An add-on has been changed on this product.'),
-        'pretix.event.item.bundles.added': _('A bundled item has been added to this product.'),
-        'pretix.event.item.bundles.removed': _('A bundled item has been removed from this product.'),
-        'pretix.event.item.bundles.changed': _('A bundled item has been changed on this product.'),
        'pretix.event.quota.added': _('The quota has been added.'),
        'pretix.event.quota.deleted': _('The quota has been deleted.'),
        'pretix.event.quota.changed': _('The quota has been changed.'),
--- a/src/pretix/control/middleware.py
+++ b/src/pretix/control/middleware.py
@@ -4,11 +4,10 @@ from django.conf import settings
 from django.contrib.auth import REDIRECT_FIELD_NAME, logout
 from django.http import Http404
 from django.shortcuts import get_object_or_404, redirect, resolve_url
-from django.template.response import TemplateResponse
 from django.urls import get_script_prefix, resolve, reverse
+from django.utils.deprecation import MiddlewareMixin
 from django.utils.encoding import force_str
 from django.utils.translation import ugettext as _
-from django_scopes import scope
 from hijack.templatetags.hijack_tags import is_hijacked

 from pretix.base.models import Event, Organizer
@@ -18,7 +17,7 @@ from pretix.helpers.security import (
 )


-class PermissionMiddleware:
+class PermissionMiddleware(MiddlewareMixin):
    """
    This middleware enforces all requests to the control app to require login.
    Additionally, it enforces all requests to "control:event." URLs
@@ -35,10 +34,6 @@ class PermissionMiddleware:
        "user.settings.notifications.off",
    )

-    def __init__(self, get_response=None):
-        self.get_response = get_response
-        super().__init__()
-
    def _login_redirect(self, request):
        # Taken from django/contrib/auth/decorators.py
        path = request.build_absolute_uri()
@@ -57,19 +52,19 @@ class PermissionMiddleware:
        return redirect_to_login(
            path, resolved_login_url, REDIRECT_FIELD_NAME)

-    def __call__(self, request):
+    def process_request(self, request):
        url = resolve(request.path_info)
        url_name = url.url_name

        if not request.path.startswith(get_script_prefix() + 'control'):
            # This middleware should only touch the /control subpath
-            return self.get_response(request)
+            return

        if hasattr(request, 'organizer'):
            # If the user is on a organizer's subdomain, he should be redirected to pretix
            return redirect(urljoin(settings.SITE_URL, request.get_full_path()))
        if url_name in self.EXCEPTIONS:
-            return self.get_response(request)
+            return
        if not request.user.is_authenticated:
            return self._login_redirect(request)

@@ -84,11 +79,10 @@ class PermissionMiddleware:
                return redirect(reverse('control:user.reauth') + '?next=' + quote(request.get_full_path()))

        if 'event' in url.kwargs and 'organizer' in url.kwargs:
-            with scope(organizer=None):
-                request.event = Event.objects.filter(
-                    slug=url.kwargs['event'],
-                    organizer__slug=url.kwargs['organizer'],
-                ).select_related('organizer').first()
+            request.event = Event.objects.filter(
+                slug=url.kwargs['event'],
+                organizer__slug=url.kwargs['organizer'],
+            ).select_related('organizer').first()
            if not request.event or not request.user.has_event_permission(request.event.organizer, request.event,
                                                                          request=request):
                raise Http404(_("The selected event was not found or you "
@@ -110,12 +104,6 @@ class PermissionMiddleware:
            else:
                request.orgapermset = request.user.get_organizer_permission_set(request.organizer)

-        with scope(organizer=getattr(request, 'organizer', None)):
-            r = self.get_response(request)
-            if isinstance(r, TemplateResponse):
-                r = r.render()
-            return r
-

 class AuditLogMiddleware:

--- a/src/pretix/control/navigation.py
+++ b/src/pretix/control/navigation.py
@@ -281,7 +281,7 @@ def get_event_navigation(request: HttpRequest):

    merge_in(nav, sorted(
        sum((list(a[1]) for a in nav_event.send(request.event, request=request)), []),
-        key=lambda r: (1 if r.get('parent') else 0, r['label'])
+        key=lambda r: r['label']
    ))

    return nav
@@ -391,7 +391,7 @@ def get_global_navigation(request):

    merge_in(nav, sorted(
        sum((list(a[1]) for a in nav_global.send(request, request=request)), []),
-        key=lambda r: (1 if r.get('parent') else 0, r['label'])
+        key=lambda r: r['label']
    ))
    return nav

@@ -464,7 +464,7 @@ def get_organizer_navigation(request):
    merge_in(nav, sorted(
        sum((list(a[1]) for a in nav_organizer.send(request.organizer, request=request, organizer=request.organizer)),
            []),
-        key=lambda r: (1 if r.get('parent') else 0, r['label'])
+        key=lambda r: r['label']
    ))
    return nav

@@ -474,8 +474,6 @@ def merge_in(nav, newnav):
        if 'parent' in item:
            parents = [n for n in nav if n['url'] == item['parent']]
            if parents:
-                if 'children' not in parents[0]:
-                    parents[0]['children'] = []
                parents[0]['children'].append(item)
        else:
            nav.append(item)
--- a/src/pretix/control/signals.py
+++ b/src/pretix/control/signals.py
@@ -36,12 +36,6 @@ on the type of navigation. You should also return an ``active`` key with a boole
 set to ``True``, when this item should be marked as active. The ``request`` object
 will have an attribute ``event``.

-You can optionally create sub-items to create hierarchical navigation. There are two
-ways to achieve this: Either you specify a key ``children`` on your top navigation item
-that contains a list of navigation items (as dictionaries), or you specify a ``parent``
-key with the ``url`` value of the designated parent item.
-The latter method also allows you to register navigation items as a sub-item of existing ones.
-
 If you use this, you should read the documentation on :ref:`how to deal with URLs <urlconf>`
 in pretix.

@@ -79,12 +73,6 @@ a fontawesome icon name with the key ``icon``, it will  be respected depending
 on the type of navigation. You should also return an ``active`` key with a boolean
 set to ``True``, when this item should be marked as active.

-You can optionally create sub-items to create hierarchical navigation. There are two
-ways to achieve this: Either you specify a key ``children`` on your top navigation item
-that contains a list of navigation items (as dictionaries), or you specify a ``parent``
-key with the ``url`` value of the designated parent item.
-The latter method also allows you to register navigation items as a sub-item of existing ones.
-
 If you use this, you should read the documentation on :ref:`how to deal with URLs <urlconf>`
 in pretix.

@@ -185,12 +173,6 @@ should contain at least the keys ``label`` and ``url``. You should also return
 an ``active`` key with a boolean set to ``True``, when this item should be marked
 as active.

-You can optionally create sub-items to create hierarchical navigation. There are two
-ways to achieve this: Either you specify a key ``children`` on your top navigation item
-that contains a list of navigation items (as dictionaries), or you specify a ``parent``
-key with the ``url`` value of the designated parent item.
-The latter method also allows you to register navigation items as a sub-item of existing ones.
-
 If your linked view should stay in the tab-like context of this page, we recommend
 that you use ``pretix.control.views.organizer.OrganizerDetailViewMixin`` for your view
 and your template inherits from ``pretixcontrol/organizers/base.html``.
@@ -237,24 +219,6 @@ As with all plugin signals, the ``sender`` keyword argument will contain the eve
 A second keyword argument ``request`` will contain the request object.
 """

-nav_item = EventPluginSignal(
-    providing_args=['request', 'item']
-)
-"""
-This signal is sent out to include tab links on the settings page of an item.
-Receivers are expected to return a list of dictionaries. The dictionaries
-should contain at least the keys ``label`` and ``url``. You should also return
-an ``active`` key with a boolean set to ``True``, when this item should be marked
-as active.
-
-If your linked view should stay in the tab-like context of this page, we recommend
-that you use ``pretix.control.views.item.ItemDetailMixin`` for your view
-and your template inherits from ``pretixcontrol/item/base.html``.
-
-As with all plugin signals, the ``sender`` keyword argument will contain the event.
-A second keyword argument ``request`` will contain the request object.
-"""
-
 event_settings_widget = EventPluginSignal(
    providing_args=['request']
 )
--- a/src/pretix/control/templates/pretixcontrol/base.html
+++ b/src/pretix/control/templates/pretixcontrol/base.html
@@ -242,10 +242,7 @@
                                    <span class="caret"></span></a>
                            {% endif %}
                            <ul class="dropdown-menu event-dropdown" role="menu" data-event-typeahead
-                                data-source="{% url "control:nav.typeahead" %}"
-                                {% if request.event %}
-                                    data-organizer="{{ request.organizer.id }}"
-                                {% endif %}>
+                                data-source="{% url "control:nav.typeahead" %}">
                                <li class="query-holder">
                                    <div class="form-box">
                                        <input type="text" class="form-control" id="event-dropdown-field"
--- a/src/pretix/control/templates/pretixcontrol/event/display.html
+++ b/src/pretix/control/templates/pretixcontrol/event/display.html
@@ -2,10 +2,6 @@
 {% load i18n %}
 {% load bootstrap3 %}
 {% load hierarkey_form %}
-{% block custom_header %}
-    {{ block.super }}
-    <link type="text/css" rel="stylesheet" href="{% url "control:pdf.css" %}">
-{% endblock %}
 {% block inside %}
    <h1>{% trans "Display settings" %}</h1>
    <form action="" method="post" class="form-horizontal" enctype="multipart/form-data">
--- a/src/pretix/control/templates/pretixcontrol/event/fragment_timeline.html
+++ b/src/pretix/control/templates/pretixcontrol/event/fragment_timeline.html
@@ -1,36 +0,0 @@
-{% load i18n %}
-<div class="panel panel-default items">
-    <div class="panel-heading">
-        <h3 class="panel-title">
-            {% trans "Your timeline" %}
-        </h3>
-    </div>
-    <div class="panel-body timeline">
-        {% regroup timeline by date as tl_list %}
-        {% for day in tl_list %}
-            <div class="row {% if day.grouper < today %}text-muted{% endif %}">
-                <div class="col-date">
-                    <strong>{{ day.grouper|date:"SHORT_DATE_FORMAT" }}</strong>
-                </div>
-                <div class="col-event">
-                    {% for e in day.list %}
-                        <strong class="">{{ e.time|date:"TIME_FORMAT" }}</strong>
-                        &nbsp;
-                        <span class="{% if e.time < nearly_now %}text-muted{% endif %}">
-                            {{ e.entry.description }}
-                        </span>
-                        {% if e.entry.edit_url %}
-                            &nbsp;
-                            <a href="{{ e.entry.edit_url }}" class="text-muted">
-                                <span class="fa fa-edit"></span>
-                            </a>
-                        {% endif %}
-                        {% if forloop.revcounter > 1 %}
-                            <br/>
-                        {% endif %}
-                    {% endfor %}
-                </div>
-            </div>
-        {% endfor %}
-    </div>
-</div>
--- a/src/pretix/control/templates/pretixcontrol/event/index.html
+++ b/src/pretix/control/templates/pretixcontrol/event/index.html
@@ -90,9 +90,6 @@
            {% include "pretixcontrol/event/fragment_subevent_choice_simple.html" %}
        </form>
    {% endif %}
-    {% if not request.event.has_subevents or subevent %}
-        {% include "pretixcontrol/event/fragment_timeline.html" %}
-    {% endif %}
    <div class="dashboard">
        {% for w in widgets %}
            <div class="widget-container widget-{{ w.display_size|default:"small" }}">
--- a/src/pretix/control/templates/pretixcontrol/event/invoicing.html
+++ b/src/pretix/control/templates/pretixcontrol/event/invoicing.html
@@ -9,7 +9,6 @@
        <fieldset>
            <legend>{% trans "General settings" %}</legend>
            {% bootstrap_field form.invoice_generate layout="control" %}
-            {% bootstrap_field form.invoice_generate_sales_channels layout="control" %}
            {% bootstrap_field form.invoice_email_attachment layout="control" %}
            {% bootstrap_field form.invoice_numbers_prefix layout="control" %}
            {% bootstrap_field form.invoice_numbers_consecutive layout="control" %}
--- a/src/pretix/control/templates/pretixcontrol/event/logs.html
+++ b/src/pretix/control/templates/pretixcontrol/event/logs.html
@@ -5,8 +5,6 @@
 {% block inside %}
    <h1>{% trans "Event logs" %}</h1>
    <form class="form-inline helper-display-inline" action="" method="get">
-        <input type="hidden" name="content_type" value="{{ request.GET.content_type }}">
-        <input type="hidden" name="object" value="{{ request.GET.object }}">
        <p>
            <select name="user" class="form-control">
                <option value="">{% trans "All actions" %}</option>
--- a/src/pretix/control/templates/pretixcontrol/event/mail.html
+++ b/src/pretix/control/templates/pretixcontrol/event/mail.html
@@ -12,7 +12,6 @@
            <legend>{% trans "General settings" %}</legend>
            {% bootstrap_field form.mail_prefix layout="control" %}
            {% bootstrap_field form.mail_from layout="control" %}
-            {% bootstrap_field form.mail_from_name layout="control" %}
            {% bootstrap_field form.mail_text_signature layout="control" %}
            {% bootstrap_field form.mail_bcc layout="control" %}
        </fieldset>
@@ -41,13 +40,13 @@
            <legend>{% trans "E-mail content" %}</legend>
            <div class="panel-group" id="questions_group">
                {% blocktrans asvar title_placed_order %}Placed order{% endblocktrans %}
-                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="order_placed" title=title_placed_order items="mail_text_order_placed,mail_send_order_placed_attendee,mail_text_order_placed_attendee" exclude="mail_send_order_placed_attendee" %}
+                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="order_placed" title=title_placed_order items="mail_text_order_placed" %}

                {% blocktrans asvar title_paid_order %}Paid order{% endblocktrans %}
-                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="order_paid" title=title_paid_order items="mail_text_order_paid,mail_send_order_paid_attendee,mail_text_order_paid_attendee" exclude="mail_send_order_paid_attendee" %}
+                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="order_paid" title=title_paid_order items="mail_text_order_paid" %}

                {% blocktrans asvar title_free_order %}Free order{% endblocktrans %}
-                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="order_free" title=title_free_order items="mail_text_order_free,mail_send_order_free_attendee,mail_text_order_free_attendee" exclude="mail_send_order_free_attendee" %}
+                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="order_free" title=title_free_order items="mail_text_order_free" %}

                {% blocktrans asvar title_resend_link %}Resend link{% endblocktrans %}
                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="resend_link" title=title_resend_link items="mail_text_resend_link,mail_text_resend_all_links" %}
@@ -68,7 +67,7 @@
                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="custom_mail" title=title_order_custom_mail items="mail_text_order_custom_mail" %}

                {% blocktrans asvar title_download_tickets_reminder %}Reminder to download tickets{% endblocktrans %}
-                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="ticket_reminder" title=title_download_tickets_reminder items="mail_days_download_reminder,mail_text_download_reminder,mail_send_download_reminder_attendee,mail_text_download_reminder_attendee" exclude="mail_days_download_reminder,mail_send_download_reminder_attendee" %}
+                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="ticket_reminder" title=title_download_tickets_reminder items="mail_days_download_reminder,mail_text_download_reminder" exclude="mail_days_download_reminder" %}

                {% blocktrans asvar title_require_approval %}Order approval process{% endblocktrans %}
                {% include "pretixcontrol/event/mail_settings_fragment.html" with pid="ticket_reminder" title=title_require_approval  items="mail_text_order_placed_require_approval,mail_text_order_approved,mail_text_order_denied" %}
--- a/src/pretix/control/templates/pretixcontrol/event/mail_settings_fragment.html
+++ b/src/pretix/control/templates/pretixcontrol/event/mail_settings_fragment.html
@@ -13,11 +13,11 @@
            {% with exclude|split as exclusion %}
            {% with items|split as item_list %}
            {% for item in item_list %}
-                {% if item in exclusion and form|hasattr:item %}
+                {% if item in exclusion %}
                    {% with form|getattr:item as field %}
                        {% bootstrap_field field layout="horizontal" %}
                    {% endwith %}
-                {% elif form|hasattr:item %}
+                {% else %}
                    <div id="{{ item }}_panel" class="preview-panel form-group" for="{{ item }}">
                        {% with form|getattr:item as field %}
                        <label class="col-md-3 control-label">{{ field.label }}</label>
--- a/src/pretix/control/templates/pretixcontrol/font_option.html
+++ b/src/pretix/control/templates/pretixcontrol/font_option.html
@@ -1,2 +0,0 @@
-{% load i18n %}{% if widget.wrap_label %}<label{% if widget.attrs.id %} for="{{ widget.attrs.id }}"{% endif %} class="preload-font"
-        data-family="{{ widget.label }}" data-style="regular">{% endif %}{% include "django/forms/widgets/input.html" %}{% if widget.wrap_label %} <strong>{{ widget.label }}</strong><br>{% trans "The quick brown fox jumps over the lazy dog." context "typography" %}</label>{% endif %}
--- a/src/pretix/control/templates/pretixcontrol/includes/logs.html
+++ b/src/pretix/control/templates/pretixcontrol/includes/logs.html
@@ -1,7 +1,7 @@
 {% load static %}
 {% load i18n %}
 <ul class="list-group">
-    {% for log in obj.top_logentries %}
+    {% for log in obj.all_logentries %}
        <li class="list-group-item logentry">
            <p class="meta">
                <span class="fa fa-clock-o"></span> {{ log.datetime|date:"SHORT_DATETIME_FORMAT" }}
@@ -45,11 +45,4 @@
            </p>
        </li>
    {% endfor %}
-    {% if obj.all_logentries_link and obj.top_logentries_has_more %}
-        <li class="list-group-item logentry">
-            <a href="{{ obj.all_logentries_link }}">
-                {% trans "View full log" %}
-            </a>
-        </li>
-    {% endif %}
 </ul>
--- a/src/pretix/control/templates/pretixcontrol/item/base.html
+++ b/src/pretix/control/templates/pretixcontrol/item/base.html
@@ -27,13 +27,6 @@
                    {% trans "Bundled products" %}
                </a>
            </li>
-            {% for n in extra_nav %}
-                <li {% if n.active %}class="active"{% endif %}>
-                    <a href="{{ n.url }}">
-                        {{ n.label }}
-                    </a>
-                </li>
-            {% endfor %}
        </ul>
    {% else %}
        <h1>{% trans "Create product" %}</h1>
--- a/src/pretix/control/templates/pretixcontrol/items/quotas.html
+++ b/src/pretix/control/templates/pretixcontrol/items/quotas.html
@@ -60,13 +60,7 @@
                        <td>
                            <ul>
                                {% for item in q.items.all %}
-                                    {% if not item.has_variations %}
-                                        <li><a href="{% url "control:event.item" organizer=request.event.organizer.slug event=request.event.slug item=item.id %}">{{ item }}</a></li>
-                                    {% endif %}
-                                {% endfor %}
-                                {% for v in q.variations.all %}
-                                    <li><a href="{% url "control:event.item.variations" organizer=request.event.organizer.slug event=request.event.slug item=v.item.id %}">
-                                        {{ v.item }} – {{ v }}</a></li>
+                                    <li><a href="{% url "control:event.item" organizer=request.event.organizer.slug event=request.event.slug item=item.id %}">{{ item }}</a></li>
                                {% endfor %}
                            </ul>
                        </td>
--- a/src/pretix/control/templates/pretixcontrol/order/change.html
+++ b/src/pretix/control/templates/pretixcontrol/order/change.html
@@ -121,13 +121,11 @@
                                <strong>{% trans "Price" %}</strong>
                            </div>
                            <div class="col-sm-5">
-                                {{ position.price|money:request.event.currency }}
+                                {{ position.price|money:request.event.currency }}<br>
                                {% if position.tax_rate %}
-                                    <br>
-                                    <small>
-                                        ({{ position.net_price|money:request.event.currency }}
-                                        + {{ position.tax_rate }}%)
-                                    </small>
+                                    <small>{% blocktrans trimmed with rate=position.tax_rate name=position.tax_rule.name %}
+                                        <strong>incl.</strong> {{ rate }}% {{ name }}
+                                    {% endblocktrans %}</small>
                                {% endif %}
                            </div>
                            <div class="col-sm-4 field-container">
--- a/src/pretix/control/templates/pretixcontrol/order/index.html
+++ b/src/pretix/control/templates/pretixcontrol/order/index.html
@@ -136,10 +136,7 @@
                        {% endif %}
                        <dt>{% trans "User" %}</dt>
                        <dd>
-                            {{ order.email|default_if_none:"" }}
-                            {% if order.email and order.email_known_to_work %}
-                                <span class="fa fa-check-circle text-success" data-toggle="tooltip" title="{% trans "We know that this email address works because the user clicked a link we sent them." %}"></span>
-                            {% endif %}&nbsp;&nbsp;
+                            {{ order.email|default_if_none:"" }}&nbsp;&nbsp;
                            <a href="{% url "control:event.order.contact" event=request.event.slug organizer=request.event.organizer.slug code=order.code %}" class="btn btn-default btn-xs">
                                <span class="fa fa-edit"></span>
                            </a>
--- a/src/pretix/control/templates/pretixcontrol/order/pay.html
+++ b/src/pretix/control/templates/pretixcontrol/order/pay.html
@@ -23,7 +23,6 @@
        <input type="hidden" name="status" value="p" />
        {% bootstrap_form_errors form %}
        {% bootstrap_field form.amount layout='horizontal' %}
-        {% bootstrap_field form.payment_date layout='horizontal' %}
        {% if form.force %}
            {% bootstrap_field form.force layout='horizontal' horizontal_label_class='sr-only' horizontal_field_class='col-md-12' %}
        {% endif %}
--- a/src/pretix/control/templates/pretixcontrol/organizers/display.html
+++ b/src/pretix/control/templates/pretixcontrol/organizers/display.html
@@ -1,10 +1,6 @@
 {% extends "pretixcontrol/organizers/base.html" %}
 {% load i18n %}
 {% load bootstrap3 %}
-{% block custom_header %}
-    {{ block.super }}
-    <link type="text/css" rel="stylesheet" href="{% url "control:pdf.css" %}">
-{% endblock %}
 {% block inner %}
    <h1>{% trans "Display settings" %}</h1>
    <form action="" method="post" class="form-horizontal" enctype="multipart/form-data">
--- a/src/pretix/control/templates/pretixcontrol/pdf/index.html
+++ b/src/pretix/control/templates/pretixcontrol/pdf/index.html
@@ -8,7 +8,7 @@
    {% compress css %}
        <link type="text/css" rel="stylesheet" href="{% static "pretixcontrol/scss/pdfeditor.css" %}">
    {% endcompress %}
-    <link type="text/css" rel="stylesheet" href="{% url "control:pdf.css" %}">
+    <link type="text/css" rel="stylesheet" href="{% url "control:pdf.css" organizer=request.organizer.slug event=request.event.slug %}">
 {% endblock %}
 {% block content %}
    <h1>
--- a/src/pretix/control/templates/pretixcontrol/users/form.html
+++ b/src/pretix/control/templates/pretixcontrol/users/form.html
@@ -33,7 +33,6 @@
                    {% bootstrap_field form.email layout='control' %}
                    {% bootstrap_field form.new_pw layout='control' %}
                    {% bootstrap_field form.new_pw_repeat layout='control' %}
-                    {% bootstrap_field form.last_login layout='control' %}
                    {% bootstrap_field form.require_2fa layout='control' %}
                </fieldset>
                <fieldset>
--- a/src/pretix/control/templatetags/mail_settings_preview.py
+++ b/src/pretix/control/templatetags/mail_settings_preview.py
@@ -11,12 +11,3 @@ def split(value, delimiter=","):
@register.filter(name="getattr")
 def get_attribute(value, key):
    return value[key]
-
-
-@register.filter(name="hasattr")
-def has_attribute(value, key):
-    try:
-        value[key]
-        return True
-    except:
-        return False
--- a/src/pretix/control/urls.py
+++ b/src/pretix/control/urls.py
@@ -34,7 +34,6 @@ urlpatterns = [
    url(r'^users/(?P<id>\d+)/reset$', users.UserResetView.as_view(), name='users.reset'),
    url(r'^users/(?P<id>\d+)/impersonate', users.UserImpersonateView.as_view(), name='users.impersonate'),
    url(r'^users/(?P<id>\d+)/anonymize', users.UserAnonymizeView.as_view(), name='users.anonymize'),
-    url(r'^pdf/editor/webfonts.css', pdf.FontsCSSView.as_view(), name='pdf.css'),
    url(r'^settings/?$', user.UserSettings.as_view(), name='user.settings'),
    url(r'^settings/history/$', user.UserHistoryView.as_view(), name='user.settings.history'),
    url(r'^settings/notifications/$', user.UserNotificationsEditView.as_view(), name='user.settings.notifications'),
--- a/src/pretix/control/views/dashboards.py
+++ b/src/pretix/control/views/dashboards.py
@@ -1,4 +1,3 @@
-from datetime import timedelta
 from decimal import Decimal

 import pytz
@@ -23,7 +22,6 @@ from pretix.base.models import (
    WaitingListEntry,
 )
 from pretix.base.models.checkin import CheckinList
-from pretix.base.timeline import timeline_for_event
 from pretix.control.forms.event import CommentForm
 from pretix.control.signals import (
    event_dashboard_widgets, user_dashboard_widgets,
@@ -281,7 +279,6 @@ def event_index(request, organizer, event):
    ctx = {
        'widgets': rearrange(widgets),
        'logs': qs[:5],
-        'subevent': subevent,
        'actions': a_qs[:5] if can_change_orders else [],
        'comment_form': CommentForm(initial={'comment': request.event.comment})
    }
@@ -305,19 +302,7 @@ def event_index(request, organizer, event):
    for a in ctx['actions']:
        a.display = a.display(request)

-    ctx['timeline'] = [
-        {
-            'date': t.datetime.astimezone(request.event.timezone).date(),
-            'entry': t,
-            'time': t.datetime.astimezone(request.event.timezone)
-        }
-        for t in timeline_for_event(request.event, subevent)
-    ]
-    ctx['today'] = now().astimezone(request.event.timezone).date()
-    ctx['nearly_now'] = now().astimezone(request.event.timezone) - timedelta(seconds=20)
-    resp = render(request, 'pretixcontrol/event/index.html', ctx)
-    # resp['Content-Security-Policy'] = "style-src 'unsafe-inline'"
-    return resp
+    return render(request, 'pretixcontrol/event/index.html', ctx)


 def annotated_event_query(request):
--- a/src/pretix/control/views/event.py
+++ b/src/pretix/control/views/event.py
@@ -689,14 +689,13 @@ class MailSettingsRendererPreview(MailSettingsPreview):
                                                    expires=now(), code="PREVIEW", total=119)
                item = request.event.items.create(name=ugettext("Sample product"), default_price=42.23,
                                                  description=ugettext("Sample product description"))
-                p = order.positions.create(item=item, attendee_name_parts={'_legacy': ugettext("John Doe")},
-                                           price=item.default_price)
+                order.positions.create(item=item, attendee_name_parts={'_legacy': ugettext("John Doe")},
+                                       price=item.default_price)
                v = renderers[request.GET.get('renderer')].render(
                    v,
                    str(request.event.settings.mail_text_signature),
                    ugettext('Your order: %(code)s') % {'code': order.code},
-                    order,
-                    position=p
+                    order
                )
                r = HttpResponse(v, content_type='text/html')
                r._csp_ignore = True
@@ -975,12 +974,6 @@ class EventLog(EventPermissionRequiredMixin, ListView):
        elif self.request.GET.get('user'):
            qs = qs.filter(user_id=self.request.GET.get('user'))

-        if self.request.GET.get('content_type'):
-            qs = qs.filter(content_type=get_object_or_404(ContentType, pk=self.request.GET.get('content_type')))
-
-            if self.request.GET.get('object'):
-                qs = qs.filter(object_id=self.request.GET.get('object'))
-
        return qs

    def get_context_data(self, **kwargs):
--- a/src/pretix/control/views/item.py
+++ b/src/pretix/control/views/item.py
@@ -3,7 +3,7 @@ import json
 from django.contrib import messages
 from django.core.files import File
 from django.db import transaction
-from django.db.models import Count, F, Prefetch, Q
+from django.db.models import Count, F, Q
 from django.forms.models import inlineformset_factory
 from django.http import Http404, HttpResponseRedirect
 from django.shortcuts import redirect
@@ -33,7 +33,7 @@ from pretix.control.forms.item import (
 from pretix.control.permissions import (
    EventPermissionRequiredMixin, event_permission_required,
 )
-from pretix.control.signals import item_forms, nav_item
+from pretix.control.signals import item_forms

 from . import ChartContainingView, CreateView, PaginationMixin, UpdateView

@@ -565,14 +565,7 @@ class QuotaList(PaginationMixin, ListView):
    def get_queryset(self):
        qs = Quota.objects.filter(
            event=self.request.event
-        ).prefetch_related(
-            Prefetch(
-                "items",
-                queryset=Item.objects.annotate(has_variations=Count('variations'))
-            ),
-            "variations",
-            "variations__item"
-        )
+        ).prefetch_related("items")
        if self.request.GET.get("subevent", "") != "":
            s = self.request.GET.get("subevent", "")
            qs = qs.filter(subevent_id=s)
@@ -782,18 +775,6 @@ class ItemDetailMixin(SingleObjectMixin):
    model = Item
    context_object_name = 'item'

-    def get_context_data(self, **kwargs):
-        ctx = super().get_context_data(**kwargs)
-        nav = sorted(
-            sum(
-                (list(a[1]) for a in nav_item.send(self.request.event, request=self.request, item=self.get_object())),
-                []
-            ),
-            key=lambda r: str(r['label'])
-        )
-        ctx['extra_nav'] = nav
-        return ctx
-
    def get_object(self, queryset=None) -> Item:
        try:
            if not hasattr(self, 'object') or not self.object:
@@ -912,12 +893,6 @@ class ItemUpdateGeneral(ItemDetailMixin, EventPermissionRequiredMixin, UpdateVie
    def get_context_data(self, **kwargs):
        ctx = super().get_context_data()
        ctx['plugin_forms'] = self.plugin_forms
-
-        if not ctx['item'].active and ctx['item'].bundled_with.count() > 0:
-            messages.info(self.request, _("You disabled this item, but it is still part of a product bundle. "
-                                          "Your participants won't be able to buy the bundle unless you remove this "
-                                          "item from it."))
-
        return ctx


--- a/src/pretix/control/views/main.py
+++ b/src/pretix/control/views/main.py
@@ -97,7 +97,7 @@ class EventList(PaginationMixin, ListView):
 def condition_copy(wizard):
    return (
        not wizard.clone_from and
-        EventWizardCopyForm.copy_from_queryset(wizard.request.user, wizard.request.session).exists()
+        EventWizardCopyForm.copy_from_queryset(wizard.request.user).exists()
    )


@@ -176,8 +176,7 @@ class EventWizard(SafeSessionWizardView):

    def get_form_kwargs(self, step=None):
        kwargs = {
-            'user': self.request.user,
-            'session': self.request.session,
+            'user': self.request.user
        }
        if step != 'foundation':
            fdata = self.get_cleaned_data_for_step('foundation')
@@ -204,7 +203,6 @@ class EventWizard(SafeSessionWizardView):
            event.organizer = foundation_data['organizer']
            event.plugins = settings.PRETIX_PLUGINS_DEFAULT
            event.has_subevents = foundation_data['has_subevents']
-            event.testmode = True
            form_dict['basics'].save()

            has_control_rights = self.request.user.teams.filter(
--- a/src/pretix/control/views/orders.py
+++ b/src/pretix/control/views/orders.py
@@ -3,7 +3,7 @@ import logging
 import mimetypes
 import os
 import re
-from datetime import datetime, time, timedelta
+from datetime import timedelta
 from decimal import Decimal, DecimalException

 import pytz
@@ -24,7 +24,7 @@ from django.utils import formats
 from django.utils.formats import date_format
 from django.utils.functional import cached_property
 from django.utils.http import is_safe_url
-from django.utils.timezone import make_aware, now
+from django.utils.timezone import now
 from django.utils.translation import ugettext_lazy as _
 from django.views.generic import (
    DetailView, FormView, ListView, TemplateView, View,
@@ -862,15 +862,8 @@ class OrderTransition(OrderView):
                    fee=None
                )

-            payment_date = None
-            if self.mark_paid_form.cleaned_data['payment_date'] != now().date():
-                payment_date = make_aware(datetime.combine(
-                    self.mark_paid_form.cleaned_data['payment_date'],
-                    time(hour=0, minute=0, second=0)
-                ), self.order.event.timezone)
-
            try:
-                p.confirm(user=self.request.user, count_waitinglist=False, payment_date=payment_date,
+                p.confirm(user=self.request.user, count_waitinglist=False,
                          force=self.mark_paid_form.cleaned_data.get('force', False))
            except Quota.QuotaExceededException as e:
                p.state = OrderPayment.PAYMENT_STATE_FAILED
@@ -1372,7 +1365,6 @@ class OrderContactChange(OrderView):
                    },
                    user=self.request.user,
                )
-
            if self.form.cleaned_data['regenerate_secrets']:
                changed = True
                self.order.secret = generate_secret()
@@ -1482,10 +1474,9 @@ class OrderSendMail(EventPermissionRequiredMixin, OrderViewMixin, FormView):
                'code': order.code,
                'date': date_format(order.datetime.astimezone(tz), 'SHORT_DATETIME_FORMAT'),
                'expire_date': date_format(order.expires, 'SHORT_DATE_FORMAT'),
-                'url': build_absolute_uri(order.event, 'presale:event.order.open', kwargs={
+                'url': build_absolute_uri(order.event, 'presale:event.order', kwargs={
                    'order': order.code,
-                    'secret': order.secret,
-                    'hash': order.email_confirm_hash()
+                    'secret': order.secret
                }),
                'invoice_name': invoice_name,
                'invoice_company': invoice_company,
@@ -1655,7 +1646,6 @@ class ExportMixin:

 class ExportDoView(EventPermissionRequiredMixin, ExportMixin, AsyncAction, View):
    permission = 'can_view_orders'
-    known_errortypes = ['ExportError']
    task = export

    def get_success_message(self, value):
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Raphael Michel	dba9a56a67	Bump to 2.7.1	2019-05-14 09:16:14 +02:00
Raphael Michel	15f445cb3d	Fix #1279 -- Incorrect initial price value in widget in German locale	2019-05-14 09:10:12 +02:00
Raphael Michel	c9f6c71c81	Fix #1282 -- Work around issues in file backends	2019-05-14 09:10:12 +02:00
Raphael Michel	2032d36ad6	Set original_price to TaxedPrice even with variations	2019-05-14 09:10:12 +02:00
Raphael Michel	ffb4cf08d1	Assign flag for zh_Hans	2019-05-14 09:10:12 +02:00