Fix negative prices in bundles when tax rate is 0

Fix email confirm hash in templates
Authentication: Support for fallback secret keys in get_session_auth_hash (#4481 )
2024-10-08 17:13:22 +02:00 · 2024-10-07 17:54:40 +02:00 · 2024-10-07 16:58:37 +02:00 · 2024-10-07 16:31:24 +02:00 · 2024-10-07 13:58:08 +02:00 · 2024-10-07 11:42:28 +02:00
84 changed files with 38492 additions and 34712 deletions
@@ -294,6 +294,10 @@ Example::
    setting is not provided, pretix will generate a random secret on the first start
    and will store it in the filesystem for later usage.

+``secret_fallback0`` ... ``secret_fallback9``
+    Prior versions of the secret to be used by Django for signing and verification purposes that will still
+    be accepted but no longer be used for new signing.
+
 ``debug``
    Whether or not to run in debug mode. Default is ``False``.

@@ -80,18 +80,18 @@ dependencies = [
  "psycopg2-binary",
  "pycountry",
  "pycparser==2.22",
-  "pycryptodome==3.20.*",
+  "pycryptodome==3.21.*",
  "pypdf==5.0.*",
  "python-bidi==0.6.*",  # Support for Arabic in reportlab
  "python-dateutil==2.9.*",
  "pytz",
  "pytz-deprecation-shim==0.1.*",
  "pyuca",
-  "qrcode==7.4.*",
-  "redis==5.0.*",
+  "qrcode==8.0",
+  "redis==5.1.*",
  "reportlab==4.2.*",
  "requests==2.31.*",
-  "sentry-sdk==2.14.*",
+  "sentry-sdk==2.15.*",
  "sepaxml==2.6.*",
  "slimit",
  "stripe==7.9.*",
@@ -19,4 +19,4 @@
 # You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
 # <https://www.gnu.org/licenses/>.
 #
-__version__ = "2024.9.0.dev0"
+__version__ = "2024.10.0.dev0"
@@ -50,6 +50,7 @@ class Command(BaseCommand):
    def add_arguments(self, parser):
        parser.add_argument('--tasks', action='store', type=str, help='Only execute the tasks with this name '
                                                                      '(dotted path, comma separation)')
+        parser.add_argument('--list-tasks', action='store_true', help='Only list all tasks')
        parser.add_argument('--exclude', action='store', type=str, help='Exclude the tasks with this name '
                                                                        '(dotted path, comma separation)')

@@ -61,6 +62,9 @@ class Command(BaseCommand):

        for receiver in periodic_task._live_receivers(self):
            name = f'{receiver.__module__}.{receiver.__name__}'
+            if options['list_tasks']:
+                print(name)
+                continue
            if options.get('tasks'):
                if name not in options.get('tasks').split(','):
                    continue
@@ -571,13 +571,23 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):

    def get_session_auth_hash(self):
        """
-        Return an HMAC that needs to
+        Return an HMAC that needs to be the same throughout the session, used e.g. for forced
+        logout after every password change.
+        """
+        return self._get_session_auth_hash(secret=settings.SECRET_KEY)
+
+    def get_session_auth_fallback_hash(self):
+        for fallback_secret in settings.SECRET_KEY_FALLBACKS:
+            yield self._get_session_auth_hash(secret=fallback_secret)
+
+    def _get_session_auth_hash(self, secret):
+        """
        """
        key_salt = "pretix.base.models.User.get_session_auth_hash"
        payload = self.password
        payload += self.email
        payload += self.session_token
-        return salted_hmac(key_salt, payload).hexdigest()
+        return salted_hmac(key_salt, payload, secret=secret).hexdigest()

    def update_session_token(self):
        self.session_token = generate_session_token()
@@ -219,13 +219,24 @@ class Customer(LoggedModel):
        return is_password_usable(self.password)

    def get_session_auth_hash(self):
+        """
+        Return an HMAC that needs to be the same throughout the session, used e.g. for forced
+        logout after every password change.
+        """
+        return self._get_session_auth_hash(secret=settings.SECRET_KEY)
+
+    def get_session_auth_fallback_hash(self):
+        for fallback_secret in settings.SECRET_KEY_FALLBACKS:
+            yield self._get_session_auth_hash(secret=fallback_secret)
+
+    def _get_session_auth_hash(self, secret):
        """
        Return an HMAC of the password field.
        """
        key_salt = "pretix.base.models.customers.Customer.get_session_auth_hash"
        payload = self.password
        payload += self.email
-        return salted_hmac(key_salt, payload).hexdigest()
+        return salted_hmac(key_salt, payload, secret=secret).hexdigest()

    def get_email_context(self):
        from pretix.base.settings import get_name_parts_localized
@@ -40,6 +40,7 @@ import json
 import logging
 import operator
 import string
+import warnings
 from collections import Counter
 from datetime import datetime, time, timedelta
 from decimal import Decimal
@@ -381,8 +382,28 @@ class Order(LockModel, LoggedModel):
        self.event.cache.delete('complain_testmode_orders')
        self.delete()

+    def email_confirm_secret(self):
+        return self.tagged_secret("email_confirm", 9)
+
    def email_confirm_hash(self):
-        return hashlib.sha256(settings.SECRET_KEY.encode() + self.secret.encode()).hexdigest()[:9]
+        warnings.warn('Use email_confirm_secret() instead of email_confirm_hash().',
+                      DeprecationWarning)
+        return self.email_confirm_secret()
+
+    def check_email_confirm_secret(self, received_secret):
+        return (
+            hmac.compare_digest(
+                self.tagged_secret("email_confirm", 9),
+                received_secret[:9].lower()
+            ) or any(
+                # TODO: remove this clause after a while (compatibility with old secrets currently in flight)
+                hmac.compare_digest(
+                    hashlib.sha256(sk.encode() + self.secret.encode()).hexdigest()[:9],
+                    received_secret
+                )
+                for sk in [settings.SECRET_KEY, *settings.SECRET_KEY_FALLBACKS]
+            )
+        )

    def get_extended_status_display(self):
        # Changes in this method should to be replicated in pretixcontrol/orders/fragment_order_status.html
@@ -2835,6 +2856,14 @@ class OrderPosition(AbstractPosition):
            (self.order.event.settings.change_allow_user_addons and ItemAddOn.objects.filter(base_item_id__in=[op.item_id for op in positions]).exists())
        )

+    @property
+    def code(self):
+        """
+        A ticket code which is unique among all events of a single organizer,
+        built by the order code and the position number.
+        """
+        return '{order_code}-{position}'.format(order_code=self.order.code, position=self.positionid)
+

 class Transaction(models.Model):
    """
@@ -306,8 +306,11 @@ class TaxRule(LoggedModel):

        if rate == Decimal('0.00'):
            return TaxedPrice(
-                net=base_price - subtract_from_gross, gross=base_price - subtract_from_gross, tax=Decimal('0.00'),
-                rate=rate, name=self.name
+                net=max(Decimal('0.00'), base_price - subtract_from_gross),
+                gross=max(Decimal('0.00'), base_price - subtract_from_gross),
+                tax=Decimal('0.00'),
+                rate=rate,
+                name=self.name,
            )

        if base_price_is == 'auto':
@@ -1182,10 +1182,11 @@ def process_exit_all(sender, **kwargs):
        positions = cl.positions_inside_query(ignore_status=True, at_time=cl.exit_all_at)
        for p in positions:
            with scope(organizer=cl.event.organizer):
-                ci = Checkin.objects.create(
+                ci, created = Checkin.objects.get_or_create(
                    position=p, list=cl, auto_checked_in=True, type=Checkin.TYPE_EXIT, datetime=cl.exit_all_at
                )
-                checkin_created.send(cl.event, checkin=ci)
+                if created:
+                    checkin_created.send(cl.event, checkin=ci)
        d = cl.exit_all_at.astimezone(cl.event.timezone)
        if cl.event.settings.get(f'autocheckin_dst_hack_{cl.pk}'):  # move time back if yesterday was DST switch
            d -= timedelta(hours=1)
@@ -301,7 +301,7 @@ def mail(email: Union[str, Sequence[str]], subject: str, template: Union[str, La
                        order.event, 'presale:event.order.open', kwargs={
                            'order': order.code,
                            'secret': order.secret,
-                            'hash': order.email_confirm_hash()
+                            'hash': order.email_confirm_secret()
                        }
                    )
                )
@@ -262,7 +262,7 @@ def base_placeholders(sender, **kwargs):
                'presale:event.order.open', kwargs={
                    'order': order.code,
                    'secret': order.secret,
-                    'hash': order.email_confirm_hash()
+                    'hash': order.email_confirm_secret()
                }
            ), lambda event: build_absolute_uri(
                event,
@@ -443,7 +443,7 @@ def base_placeholders(sender, **kwargs):
                        'organizer': event.organizer.slug,
                        'order': order.code,
                        'secret': order.secret,
-                        'hash': order.email_confirm_hash(),
+                        'hash': order.email_confirm_secret(),
                    }),
                )
                for order in orders
@@ -143,7 +143,7 @@
        </tr>
    </table>
    <div class="order-button">
-        <a href="{% abseventurl event "presale:event.order.open" hash=order.email_confirm_hash order=order.code secret=order.secret %}" class="button">
+        <a href="{% abseventurl event "presale:event.order.open" hash=order.email_confirm_secret order=order.code secret=order.secret %}" class="button">
            {% trans "View order details" %}
        </a>
    </div>
@@ -103,7 +103,7 @@ def timeline_for_event(event, subevent=None):
        tl.append(TimelineEvent(
            event=event, subevent=subevent,
            datetime=rd.datetime(ev),
-            description=pgettext_lazy('timeline', 'Customers can no longer modify their orders'),
+            description=pgettext_lazy('timeline', 'Customers can no longer modify their order information'),
            edit_url=ev_edit_url
        ))

@@ -159,6 +159,18 @@ def timeline_for_event(event, subevent=None):
            })
        ))

+    rd = event.settings.get('change_allow_user_until', as_type=RelativeDateWrapper)
+    if rd and event.settings.change_allow_user_until:
+        tl.append(TimelineEvent(
+            event=event, subevent=subevent,
+            datetime=rd.datetime(ev),
+            description=pgettext_lazy('timeline', 'Customers can no longer make changes to their orders'),
+            edit_url=reverse('control:event.settings.cancel', kwargs={
+                'event': event.slug,
+                'organizer': event.organizer.slug
+            })
+        ))
+
    rd = event.settings.get('waiting_list_auto_disable', as_type=RelativeDateWrapper)
    if rd and event.settings.waiting_list_enabled:
        tl.append(TimelineEvent(
@@ -239,11 +239,14 @@ class VoucherForm(I18nModelForm):
                self.instance.event, self.instance.quota, self.instance.item, self.instance.variation
            )
        Voucher.clean_voucher_code(data, self.instance.event, self.instance.pk)
-        if 'seat' in self.fields and data.get('seat'):
-            self.instance.seat = Voucher.clean_seat_id(
-                data, self.instance.item, self.instance.quota, self.instance.event, self.instance.pk
-            )
-            self.instance.item = self.instance.seat.product
+        if 'seat' in self.fields:
+            if data.get('seat'):
+                self.instance.seat = Voucher.clean_seat_id(
+                    data, self.instance.item, self.instance.quota, self.instance.event, self.instance.pk
+                )
+                self.instance.item = self.instance.seat.product
+            else:
+                self.instance.seat = None

        voucher_form_validation.send(sender=self.instance.event, form=self, data=data)

@@ -41,7 +41,7 @@
                        {% bootstrap_field form.eu_reverse_charge layout="control" %}
                        {% bootstrap_field form.home_country layout="control" %}
                        {% bootstrap_field form.keep_gross_if_rate_changes layout="control" %}
-                        <h3>{% trans "Custom taxation rules" %}</h3>
+                        <h3>{% trans "Custom rules" %}</h3>
                        <div class="alert alert-warning">
                            {% blocktrans trimmed %}
                                These settings are intended for professional users with very specific taxation situations.
@@ -133,7 +133,7 @@
                                {% endif %}
                                {{ i.default_price|money:request.event.currency }}
                                {% if i.original_price %}<strike class="text-muted">{{ i.original_price|money:request.event.currency }}</strike>{% endif %}
-                                {% if i.tax_rule and i.default_price %}
+                                {% if i.tax_rule %}
                                    <br/>
                                    <small class="text-muted">
                                        {% if not i.tax_rule.price_includes_tax %}
@@ -21,6 +21,11 @@
            {% trans "The waiting list is no longer active for this event. The waiting list no longer affects quotas and no longer notifies waiting users." %}
        </div>
    {% endif %}
+    {% if request.event.settings.hide_sold_out %}
+        <div class="alert alert-warning">
+            {% trans "According to your event settings, sold out products are hidden from customers. This way, customers will not be able to discovere the waiting list." %}
+        </div>
+    {% endif %}
    <div class="row">
        {% if 'can_change_orders' in request.eventpermset %}
            <form method="post" class="col-md-6"
@@ -4,6 +4,7 @@ AES
 Absenderadresse
 Absenderinformation
 Absendername
+ABGEKÜNDIGT
 Admin
 Adminbereich
 Affirm
@@ -25,6 +26,7 @@ Ausgangsscans
 ausgeklappt
 ausgecheckt
 auswahl
+Auth
 Authentication
 Authenticator
 Authentifizierungsmechanismus
@@ -36,6 +38,7 @@ Bancontact
 BankID
 Banking
 barcodes
+Baskisch
 Bcc
 BCC
 Beispielevent
@@ -4,6 +4,7 @@ AES
 Absenderadresse
 Absenderinformation
 Absendername
+ABGEKÜNDIGT
 Admin
 Adminbereich
 Affirm
@@ -25,6 +26,7 @@ Ausgangsscans
 ausgeklappt
 ausgecheckt
 auswahl
+Auth
 Authentication
 Authenticator
 Authentifizierungsmechanismus
@@ -36,6 +38,7 @@ Bancontact
 BankID
 Banking
 barcodes
+Baskisch
 Bcc
 BCC
 Beispielevent
@@ -8,7 +8,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-08-27 13:34+0000\n"
+"POT-Creation-Date: 2024-09-26 11:23+0000\n"
 "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
 "Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
 "Language-Team: LANGUAGE <LL@li.org>\n"
@@ -7,7 +7,7 @@ msgid ""
 msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
-"POT-Creation-Date: 2024-08-27 13:34+0000\n"
+"POT-Creation-Date: 2024-09-26 11:23+0000\n"
 "PO-Revision-Date: 2024-09-06 08:47+0000\n"
 "Last-Translator: Albizuri <oier@puntu.eus>\n"
 "Language-Team: Basque <https://translate.pretix.eu/projects/pretix/pretix-js/"
@@ -557,17 +557,14 @@ msgid "absent"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:171
-#: pretix/static/pretixcontrol/js/ui/editor.js:72
 msgid "Check-in QR"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:543
-#: pretix/static/pretixcontrol/js/ui/editor.js:387
 msgid "The PDF background file could not be loaded for the following reason:"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:894
-#: pretix/static/pretixcontrol/js/ui/editor.js:656
 msgid "Group of objects"
 msgstr ""

@@ -580,44 +577,35 @@ msgid "Text box"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:903
-#: pretix/static/pretixcontrol/js/ui/editor.js:663
 msgid "Barcode area"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:905
-#: pretix/static/pretixcontrol/js/ui/editor.js:665
 msgid "Image area"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:907
-#: pretix/static/pretixcontrol/js/ui/editor.js:667
 msgid "Powered by pretix"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:909
-#: pretix/static/pretixcontrol/js/ui/editor.js:669
 msgid "Object"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:913
-#: pretix/static/pretixcontrol/js/ui/editor.js:673
 msgid "Ticket design"
 msgstr "Sarrera diseinua"

 #: pretix/static/pretixcontrol/js/ui/editor.js:1250
-#: pretix/static/pretixcontrol/js/ui/editor.js:972
 msgid "Saving failed."
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:1319
 #: pretix/static/pretixcontrol/js/ui/editor.js:1370
-#: pretix/static/pretixcontrol/js/ui/editor.js:1041
-#: pretix/static/pretixcontrol/js/ui/editor.js:1091
 msgid "Error while uploading your PDF file, please try again."
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/editor.js:1353
-#: pretix/static/pretixcontrol/js/ui/editor.js:1074
 msgid "Do you really want to leave the editor without saving your changes?"
 msgstr ""

@@ -634,17 +622,14 @@ msgid "Unknown error."
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:318
-#: pretix/static/pretixcontrol/js/ui/main.js:313
 msgid "Your color has great contrast and is very easy to read!"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:322
-#: pretix/static/pretixcontrol/js/ui/main.js:317
 msgid "Your color has decent contrast and is probably good-enough to read!"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:326
-#: pretix/static/pretixcontrol/js/ui/main.js:321
 msgid ""
 "Your color has bad contrast for text on white background, please choose a "
 "darker shade."
@@ -652,48 +637,38 @@ msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:491
 #: pretix/static/pretixcontrol/js/ui/main.js:511
-#: pretix/static/pretixcontrol/js/ui/main.js:475
-#: pretix/static/pretixcontrol/js/ui/main.js:495
 msgid "Search query"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:509
-#: pretix/static/pretixcontrol/js/ui/main.js:493
 msgid "All"
 msgstr "Guztiak"

 #: pretix/static/pretixcontrol/js/ui/main.js:510
-#: pretix/static/pretixcontrol/js/ui/main.js:494
 msgid "None"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:514
-#: pretix/static/pretixcontrol/js/ui/main.js:498
 msgid "Selected only"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:847
-#: pretix/static/pretixcontrol/js/ui/main.js:828
 msgid "Enter page number between 1 and %(max)s."
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:850
-#: pretix/static/pretixcontrol/js/ui/main.js:831
 msgid "Invalid page number."
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:1008
-#: pretix/static/pretixcontrol/js/ui/main.js:989
 msgid "Use a different name internally"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:1048
-#: pretix/static/pretixcontrol/js/ui/main.js:1029
 msgid "Click to close"
 msgstr ""

 #: pretix/static/pretixcontrol/js/ui/main.js:1123
-#: pretix/static/pretixcontrol/js/ui/main.js:1104
 msgid "You have unsaved changes!"
 msgstr ""

@@ -731,7 +706,8 @@ msgstr "Saskia iraungita"
 msgid "The items in your cart are reserved for you for one minute."
 msgid_plural "The items in your cart are reserved for you for {num} minutes."
 msgstr[0] "Zure saskiko produktuak minutu  -ez erreserbatuta daude zuretzat."
-msgstr[1] "Zure saskiko produktuak {num}  minutuz erreserbatuta daude zuretzat."
+msgstr[1] ""
+"Zure saskiko produktuak {num}  minutuz erreserbatuta daude zuretzat."

 #: pretix/static/pretixpresale/js/ui/main.js:203
 msgid "The organizer keeps %(currency)s %(amount)s"
@@ -1099,7 +1075,3 @@ msgstr ""
 #: pretix/static/pretixpresale/js/widget/widget.js:89
 msgid "December"
 msgstr ""
-
-#: pretix/static/pretixcontrol/js/ui/editor.js:661
-msgid "Text object"
-msgstr ""
@@ -8,16 +8,16 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2024-08-27 13:34+0000\n"
-"PO-Revision-Date: 2020-01-24 08:00+0000\n"
-"Last-Translator: Prokaj Miklós <mixolid0@gmail.com>\n"
-"Language-Team: Hungarian <https://translate.pretix.eu/projects/pretix/pretix-"
-"js/hu/>\n"
+"PO-Revision-Date: 2024-10-01 22:52+0000\n"
+"Last-Translator: Patrick Chilton <chpatrick@gmail.com>\n"
+"Language-Team: Hungarian <https://translate.pretix.eu/projects/pretix/"
+"pretix-js/hu/>\n"
 "Language: hu\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
 "Content-Transfer-Encoding: 8bit\n"
 "Plural-Forms: nplurals=2; plural=n != 1;\n"
-"X-Generator: Weblate 3.5.1\n"
+"X-Generator: Weblate 5.7.2\n"

 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:56
 #: pretix/plugins/banktransfer/static/pretixplugins/banktransfer/ui.js:62
@@ -134,9 +134,6 @@ msgstr ""

 #: pretix/plugins/paypal2/static/pretixplugins/paypal2/pretix-paypal.js:167
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:50
-#, fuzzy
-#| msgctxt "widget"
-#| msgid "Continue"
 msgid "Continue"
 msgstr "Folytatás"

@@ -173,7 +170,7 @@ msgstr "Kapcsolatfelvétel Stripe-pal…"

 #: pretix/plugins/stripe/static/pretixplugins/stripe/pretix-stripe.js:72
 msgid "Total"
-msgstr "Teljes"
+msgstr "Összeg"

 #: pretix/plugins/stripe/static/pretixplugins/stripe/pretix-stripe.js:291
 msgid "Contacting your bank …"
@@ -241,7 +238,7 @@ msgstr ""
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:44
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:45
 msgid "Canceled"
-msgstr ""
+msgstr "Lemondva"

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:46
 msgid "Confirmed"
@@ -249,7 +246,7 @@ msgstr ""

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:47
 msgid "Approval pending"
-msgstr ""
+msgstr "Engedélyre vár"

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:48
 #, fuzzy
@@ -260,7 +257,7 @@ msgstr "Beváltás"

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:49
 msgid "Cancel"
-msgstr ""
+msgstr "Lemondás"

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:51
 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:60
@@ -273,7 +270,7 @@ msgstr ""

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:53
 msgid "Additional information required"
-msgstr ""
+msgstr "Több információ szükséges"

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:54
 msgid "Valid ticket"
@@ -289,7 +286,7 @@ msgstr ""

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:57
 msgid "Information required"
-msgstr ""
+msgstr "Információ szükséges"

 #: pretix/plugins/webcheckin/static/pretixplugins/webcheckin/main.js:58
 #, fuzzy
@@ -471,7 +468,7 @@ msgstr ""

 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:99
 msgid "Product"
-msgstr ""
+msgstr "Termék"

 #: pretix/static/pretixcontrol/js/ui/checkinrules.js:103
 #, fuzzy
@@ -730,12 +727,12 @@ msgstr[0] "(még egy időpont)"
 msgstr[1] "(még {num} időpont)"

 #: pretix/static/pretixpresale/js/ui/cart.js:43
-#, fuzzy
-#| msgid "The items in your cart are no longer reserved for you."
 msgid ""
 "The items in your cart are no longer reserved for you. You can still "
 "complete your order as long as they’re available."
-msgstr "A kosárba helyezett termékek tovább nincsenek tovább foglalva."
+msgstr ""
+"A kosárba helyezett tételek tovább már nincsenek lefoglalva. Még "
+"megpróbálhatod befejezni a rendelést, ha még elérhetőek."

 #: pretix/static/pretixpresale/js/ui/cart.js:45
 msgid "Cart expired"
@@ -9,6 +9,7 @@ acceptor
 analytics
 anonymize
 anonymized
+Auth
 authenticator
 automatical
 availabilities
@@ -31,6 +31,8 @@
 # Unless required by applicable law or agreed to in writing, software distributed under the Apache License 2.0 is
 # distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
 # License for the specific language governing permissions and limitations under the License.
+from datetime import datetime
+
 from django.db.models import Exists, OuterRef, Q
 from i18nfield.strings import LazyI18nString

@@ -45,6 +47,7 @@ from pretix.helpers.format import format_map

@app.task(base=ProfiledEventTask, acks_late=True)
 def send_mails_to_orders(event: Event, user: int, subject: dict, message: dict, objects: list, items: list,
+                         subevent: int, subevents_from: datetime, subevents_to: datetime,
                         recipients: str, filter_checkins: bool, not_checked_in: bool, checkin_lists: list,
                         attachments: list = None, attach_tickets: bool = False,
                         attach_ical: bool = False) -> None:
@@ -76,7 +79,7 @@ def send_mails_to_orders(event: Event, user: int, subject: dict, message: dict,
                        list_id__in=checkin_lists or []
                    )
                ),
-            ).prefetch_related('addons'):
+            ).prefetch_related('addons', 'subevent'):
                if p.addon_to_id is not None:
                    continue

@@ -99,6 +102,15 @@ def send_mails_to_orders(event: Event, user: int, subject: dict, message: dict,
                if p.attendee_email == o.email and send_to_order:
                    continue

+                if subevent and p.subevent_id != subevent:
+                    continue
+
+                if subevents_from and p.subevent.date_from < subevents_from:
+                    continue
+
+                if subevents_to and p.subevent.date_from >= subevents_to:
+                    continue
+
                try:
                    with language(o.locale, event.settings.region):
                        email_context = get_email_context(event=event, order=o, invoice_address=ia, position=p)
@@ -429,6 +429,9 @@ class OrderSendView(BaseSenderView):
        kwargs.update({
            'recipients': form.cleaned_data['recipients'],
            'items': [i.pk for i in form.cleaned_data.get('items')],
+            'subevent': form.cleaned_data['subevent'].pk if form.cleaned_data.get('subevent') else None,
+            'subevents_from': form.cleaned_data.get('subevents_from'),
+            'subevents_to': form.cleaned_data.get('subevents_to'),
            'not_checked_in': form.cleaned_data.get('not_checked_in'),
            'checkin_lists': [i.pk for i in form.cleaned_data.get('checkin_lists')],
            'filter_checkins': form.cleaned_data.get('filter_checkins'),
@@ -100,10 +100,23 @@ def get_customer(request):
                request._cached_customer = None
            else:
                session_hash = session.get(hash_session_key)
+                session_auth_hash = customer.get_session_auth_hash()
                session_hash_verified = session_hash and constant_time_compare(
                    session_hash,
-                    customer.get_session_auth_hash()
+                    session_auth_hash,
                )
+                if not session_hash_verified:
+                    # If the current secret does not verify the session, try
+                    # with the fallback secrets and stop when a matching one is
+                    # found.
+                    if session_hash and any(
+                        constant_time_compare(session_hash, fallback_auth_hash)
+                        for fallback_auth_hash in customer.get_session_auth_fallback_hash()
+                    ):
+                        request.session.cycle_key()
+                        request.session[hash_session_key] = session_auth_hash
+                        session_hash_verified = True
+
                if session_hash_verified:
                    request._cached_customer = customer
                else:
@@ -263,6 +263,8 @@ def get_grouped_items(event, *, channel: SalesChannel, subevent=None, voucher=No

    quotas_to_compute = []
    for item in items:
+        assert item.event_id == event.pk
+        item.event = event  # save a database query if this is looked up
        if item.has_variations:
            for v in item.available_variations:
                for q in v._subevent_quotas:
@@ -156,11 +156,10 @@ class OrderOpen(EventViewMixin, OrderDetailMixin, View):
    def get(self, request, *args, **kwargs):
        if not self.order:
            raise Http404(_('Unknown order code or not authorized to access this order.'))
-        if kwargs.get('hash') == self.order.email_confirm_hash():
-            if not self.order.email_known_to_work:
-                self.order.log_action('pretix.event.order.contact.confirmed')
-                self.order.email_known_to_work = True
-                self.order.save(update_fields=['email_known_to_work'])
+        if self.order.check_email_confirm_secret(kwargs.get('hash')) and not self.order.email_known_to_work:
+            self.order.log_action('pretix.event.order.contact.confirmed')
+            self.order.email_known_to_work = True
+            self.order.save(update_fields=['email_known_to_work'])
        return redirect(self.get_order_url())


@@ -94,6 +94,13 @@ else:
                pass  # os.chown is not available on Windows
            f.write(SECRET_KEY)

+
+SECRET_KEY_FALLBACKS = []
+for i in range(10):
+    if config.has_option('django', f'secret_fallback{i}'):
+        SECRET_KEY_FALLBACKS.append(config.get('django', f'secret_fallback{i}'))
+
+
 # Adjustable settings

 debug_fallback = "runserver" in sys.argv or "runserver_plus" in sys.argv
@@ -11,7 +11,7 @@
        "@babel/core": "^7.25.2",
        "@babel/preset-env": "^7.25.4",
        "@rollup/plugin-babel": "^6.0.4",
-        "@rollup/plugin-node-resolve": "^15.2.3",
+        "@rollup/plugin-node-resolve": "^15.3.0",
        "rollup": "^2.79.1",
        "rollup-plugin-vue": "^5.0.1",
        "vue": "^2.7.16",
@@ -1734,14 +1734,13 @@
      }
    },
    "node_modules/@rollup/plugin-node-resolve": {
-      "version": "15.2.3",
-      "resolved": "https://registry.npmjs.org/@rollup/plugin-node-resolve/-/plugin-node-resolve-15.2.3.tgz",
-      "integrity": "sha512-j/lym8nf5E21LwBT4Df1VD6hRO2L2iwUeUmP7litikRsVp1H6NWx20NEp0Y7su+7XGc476GnXXc4kFeZNGmaSQ==",
+      "version": "15.3.0",
+      "resolved": "https://registry.npmjs.org/@rollup/plugin-node-resolve/-/plugin-node-resolve-15.3.0.tgz",
+      "integrity": "sha512-9eO5McEICxMzJpDW9OnMYSv4Sta3hmt7VtBFz5zR9273suNOydOyq/FrGeGy+KsTRFm8w0SLVhzig2ILFT63Ag==",
      "dependencies": {
        "@rollup/pluginutils": "^5.0.1",
        "@types/resolve": "1.20.2",
        "deepmerge": "^4.2.2",
-        "is-builtin-module": "^3.2.1",
        "is-module": "^1.0.0",
        "resolve": "^1.22.1"
      },
@@ -2102,17 +2101,6 @@
        "node": "^6 || ^7 || ^8 || ^9 || ^10 || ^11 || ^12 || >=13.7"
      }
    },
-    "node_modules/builtin-modules": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.3.0.tgz",
-      "integrity": "sha512-zhaCDicdLuWN5UbN5IMnFqNMhNfo919sH85y2/ea+5Yg9TsTkeZxpL+JLbp6cgYFS4sRLp3YV4S6yDuqVWHYOw==",
-      "engines": {
-        "node": ">=6"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/sindresorhus"
-      }
-    },
    "node_modules/call-bind": {
      "version": "1.0.7",
      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz",
@@ -2779,20 +2767,6 @@
        "node": ">=8"
      }
    },
-    "node_modules/is-builtin-module": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-3.2.1.tgz",
-      "integrity": "sha512-BSLE3HnV2syZ0FK0iMA/yUGplUeMmNz4AW5fnTunbCIqZi4vG3WjJT9FHMy5D69xmAYBHXQhJdALdpwVxV501A==",
-      "dependencies": {
-        "builtin-modules": "^3.3.0"
-      },
-      "engines": {
-        "node": ">=6"
-      },
-      "funding": {
-        "url": "https://github.com/sponsors/sindresorhus"
-      }
-    },
    "node_modules/is-core-module": {
      "version": "2.11.0",
      "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz",
@@ -5162,14 +5136,13 @@
      }
    },
    "@rollup/plugin-node-resolve": {
-      "version": "15.2.3",
-      "resolved": "https://registry.npmjs.org/@rollup/plugin-node-resolve/-/plugin-node-resolve-15.2.3.tgz",
-      "integrity": "sha512-j/lym8nf5E21LwBT4Df1VD6hRO2L2iwUeUmP7litikRsVp1H6NWx20NEp0Y7su+7XGc476GnXXc4kFeZNGmaSQ==",
+      "version": "15.3.0",
+      "resolved": "https://registry.npmjs.org/@rollup/plugin-node-resolve/-/plugin-node-resolve-15.3.0.tgz",
+      "integrity": "sha512-9eO5McEICxMzJpDW9OnMYSv4Sta3hmt7VtBFz5zR9273suNOydOyq/FrGeGy+KsTRFm8w0SLVhzig2ILFT63Ag==",
      "requires": {
        "@rollup/pluginutils": "^5.0.1",
        "@types/resolve": "1.20.2",
        "deepmerge": "^4.2.2",
-        "is-builtin-module": "^3.2.1",
        "is-module": "^1.0.0",
        "resolve": "^1.22.1"
      }
@@ -5417,11 +5390,6 @@
        "update-browserslist-db": "^1.1.0"
      }
    },
-    "builtin-modules": {
-      "version": "3.3.0",
-      "resolved": "https://registry.npmjs.org/builtin-modules/-/builtin-modules-3.3.0.tgz",
-      "integrity": "sha512-zhaCDicdLuWN5UbN5IMnFqNMhNfo919sH85y2/ea+5Yg9TsTkeZxpL+JLbp6cgYFS4sRLp3YV4S6yDuqVWHYOw=="
-    },
    "call-bind": {
      "version": "1.0.7",
      "resolved": "https://registry.npmjs.org/call-bind/-/call-bind-1.0.7.tgz",
@@ -5920,14 +5888,6 @@
        "binary-extensions": "^2.0.0"
      }
    },
-    "is-builtin-module": {
-      "version": "3.2.1",
-      "resolved": "https://registry.npmjs.org/is-builtin-module/-/is-builtin-module-3.2.1.tgz",
-      "integrity": "sha512-BSLE3HnV2syZ0FK0iMA/yUGplUeMmNz4AW5fnTunbCIqZi4vG3WjJT9FHMy5D69xmAYBHXQhJdALdpwVxV501A==",
-      "requires": {
-        "builtin-modules": "^3.3.0"
-      }
-    },
    "is-core-module": {
      "version": "2.11.0",
      "resolved": "https://registry.npmjs.org/is-core-module/-/is-core-module-2.11.0.tgz",
@@ -7,7 +7,7 @@
    "@babel/core": "^7.25.2",
    "@babel/preset-env": "^7.25.4",
    "@rollup/plugin-babel": "^6.0.4",
-    "@rollup/plugin-node-resolve": "^15.2.3",
+    "@rollup/plugin-node-resolve": "^15.3.0",
    "vue": "^2.7.16",
    "rollup": "^2.79.1",
    "rollup-plugin-vue": "^5.0.1",
@@ -552,6 +552,16 @@ var form_handlers = function (el) {
        language: $("body").attr("data-select2-locale"),
    });

+    el.find('[data-model-select2=json_script]').each(function() {
+        const selectedValue = this.value;
+        this.replaceChildren();
+        $(this).select2({
+            theme: "bootstrap",
+            language: $("body").attr("data-select2-locale"),
+            data: JSON.parse($(this.getAttribute('data-select2-src')).text()),
+        }).val(selectedValue).trigger('change');
+    });
+
    el.find('input[data-typeahead-url]').each(function () {
        var $inp = $(this);
        if ($inp.data("ttTypeahead") || $inp.hasClass("tt-hint")) {
@@ -406,6 +406,79 @@ def test_sendmail_attendee_product_filter(logged_in_client, sendmail_url, event,
    assert '/order/' not in djmail.outbox[0].body


+@pytest.mark.django_db
+def test_sendmail_attendee_subevent_filter(logged_in_client, sendmail_url, event, item, order, pos):
+    event.settings.attendee_emails_asked = True
+    event.has_subevents = True
+    event.save()
+    with scopes_disabled():
+        se1 = event.subevents.create(name='Subevent FOO', date_from=now())
+        se2 = event.subevents.create(name='Bar', date_from=now())
+        pos.attendee_email = 'attendee1@dummy.test'
+        pos.subevent = se1
+        pos.save()
+        with scopes_disabled():
+            order.positions.create(
+                item=item, price=0, attendee_email='attendee2@dummy.test', subevent=se2
+            )
+
+        djmail.outbox = []
+        response = logged_in_client.post(sendmail_url + 'orders/',
+                                         {'sendto': 'na',
+                                          'action': 'send',
+                                          'recipients': 'attendees',
+                                          'items': item.pk,
+                                          'subject_0': 'Test subject',
+                                          'message_0': 'This is a test file for sending mails.',
+                                          'subevent': se2.pk,
+                                          },
+                                         follow=True)
+    assert response.status_code == 200
+    assert 'alert-success' in response.rendered_content
+    assert len(djmail.outbox) == 1
+    assert djmail.outbox[0].to == ['attendee2@dummy.test']
+    assert '/ticket/' in djmail.outbox[0].body
+    assert '/order/' not in djmail.outbox[0].body
+
+
+@pytest.mark.django_db
+def test_sendmail_attendee_subevent_range_filter(logged_in_client, sendmail_url, event, item, order, pos):
+    event.settings.attendee_emails_asked = True
+    event.has_subevents = True
+    event.save()
+    with scopes_disabled():
+        se1 = event.subevents.create(name='Subevent FOO', date_from=datetime.datetime(2023, 7, 6, 1, 2, 3, tzinfo=event.timezone))
+        se2 = event.subevents.create(name='Bar', date_from=datetime.datetime(2023, 8, 9, 1, 2, 3, tzinfo=event.timezone))
+        pos.attendee_email = 'attendee1@dummy.test'
+        pos.subevent = se1
+        pos.save()
+        with scopes_disabled():
+            order.positions.create(
+                item=item, price=0, attendee_email='attendee2@dummy.test', subevent=se2
+            )
+
+        djmail.outbox = []
+        response = logged_in_client.post(sendmail_url + 'orders/',
+                                         {'sendto': 'na',
+                                          'action': 'send',
+                                          'recipients': 'attendees',
+                                          'items': item.pk,
+                                          'subject_0': 'Test subject',
+                                          'message_0': 'This is a test file for sending mails.',
+                                          'subevents_from_0': '2023-07-01',
+                                          'subevents_from_1': '00:00:00',
+                                          'subevents_to_0': '2023-08-01',
+                                          'subevents_to_1': '00:00:00',
+                                          },
+                                         follow=True)
+    assert response.status_code == 200
+    assert 'alert-success' in response.rendered_content
+    assert len(djmail.outbox) == 1
+    assert djmail.outbox[0].to == ['attendee1@dummy.test']
+    assert '/ticket/' in djmail.outbox[0].body
+    assert '/order/' not in djmail.outbox[0].body
+
+
@pytest.mark.django_db
 def test_sendmail_attendee_checkin_filter(logged_in_client, sendmail_url, event, order, checkin_list, item, pos):
    event.settings.attendee_emails_asked = True
@@ -3654,6 +3654,31 @@ class CartBundleTest(CartTestMixin, TestCase):
        assert cp.price == Decimal('0.00')
        assert b.price == Decimal('1.50')

+    @classscope(attr='orga')
+    def test_voucher_apply_multiple_reduce_beyond_designated_price_no_tax_rules(self):
+        self.ticket.tax_rule = None
+        self.ticket.save()
+        self.trans.tax_rule = None
+        self.trans.save()
+        cp = CartPosition.objects.create(
+            event=self.event, cart_id=self.session_key, item=self.ticket,
+            price=21.5, expires=now() + timedelta(minutes=10)
+        )
+        b = CartPosition.objects.create(
+            event=self.event, cart_id=self.session_key, item=self.trans, addon_to=cp,
+            price=1.5, expires=now() + timedelta(minutes=10), is_bundled=True
+        )
+        v = Voucher.objects.create(
+            event=self.event, price_mode='set', value=Decimal('0.00'), max_usages=100
+        )
+
+        self.cm.apply_voucher(v.code)
+        self.cm.commit()
+        cp.refresh_from_db()
+        b.refresh_from_db()
+        assert cp.price == Decimal('0.00')
+        assert b.price == Decimal('1.50')
+
    @classscope(attr='orga')
    def test_voucher_apply_affect_bundled(self):
        cp = CartPosition.objects.create(
@@ -628,7 +628,7 @@ def test_change_email(env, client):


@pytest.mark.django_db
-def test_change_pw(env, client):
+def test_change_pw(env, client, client2):
    with scopes_disabled():
        customer = env[0].customers.create(email='john@example.org', is_verified=True)
        customer.set_password('foo')
@@ -640,6 +640,12 @@ def test_change_pw(env, client):
    })
    assert r.status_code == 302

+    r = client2.post('/bigevents/account/login', {
+        'email': 'john@example.org',
+        'password': 'foo',
+    })
+    assert r.status_code == 302
+
    r = client.post('/bigevents/account/password', {
        'password_current': 'invalid',
        'password': 'aYLBRNg4',
@@ -658,6 +664,13 @@ def test_change_pw(env, client):
    customer.refresh_from_db()
    assert customer.check_password('aYLBRNg4')

+    r = client.get('/bigevents/account/password')
+    assert r.status_code == 200
+
+    # Client 2 got logged out
+    r = client2.post('/bigevents/account/password')
+    assert r.status_code == 302
+

@pytest.mark.django_db
 def test_login_per_org(env, client):
@@ -221,7 +221,7 @@ class OrdersTest(BaseOrdersTest):
        assert not self.order.email_known_to_work

        response = self.client.get(
-            '/%s/%s/order/%s/%s/open/%s/' % (self.orga.slug, self.event.slug, self.order.code, self.order.secret, self.order.email_confirm_hash())
+            '/%s/%s/order/%s/%s/open/%s/' % (self.orga.slug, self.event.slug, self.order.code, self.order.secret, self.order.email_confirm_secret())
        )
        assert response.status_code == 302
        self.order.refresh_from_db()
Author	SHA1	Message	Date
Raphael Michel	c9692283df	Fix negative prices in bundles when tax rate is 0	2024-10-08 17:13:22 +02:00
Raphael Michel	61b25acdd2	Fix email confirm hash in templates	2024-10-07 17:54:40 +02:00
Raphael Michel	6cc9529d9a	Authentication: Support for fallback secret keys in get_session_auth_hash (#4481 ) * Authentication: Support for fallback secret keys in get_session_auth_hash * Update src/pretix/presale/utils.py Co-authored-by: Richard Schreiber <schreiber@rami.io> --------- Co-authored-by: Richard Schreiber <schreiber@rami.io>	2024-10-07 16:58:37 +02:00
Raphael Michel	cdc5401dc2	Allow to set fallback secret keys (#4482 )	2024-10-07 16:31:24 +02:00
Raphael Michel	1334a570e4	Generate email confirmation secret from tagged_secret (#4480 )	2024-10-07 13:58:08 +02:00
Raphael Michel	7a66aea2cb	Voucher update: Allow to remove seat	2024-10-07 11:42:28 +02:00
dependabot[bot]	ee77a5e447	Bump @rollup/plugin-node-resolve from 15.2.3 to 15.3.0 in /src/pretix/static/npm_dir (#4499 ) Bumps [@rollup/plugin-node-resolve](https://github.com/rollup/plugins/tree/HEAD/packages/node-resolve) from 15.2.3 to 15.3.0. - [Changelog](https://github.com/rollup/plugins/blob/master/packages/node-resolve/CHANGELOG.md) - [Commits](https://github.com/rollup/plugins/commits/node-resolve-v15.3.0/packages/node-resolve) --- updated-dependencies: - dependency-name: "@rollup/plugin-node-resolve" dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-10-07 11:36:23 +02:00
Raphael Michel	827e127568	Fix #4365 -- Missing date in timeline	2024-10-04 16:17:52 +02:00
dependabot[bot]	ce0e0d7fd1	Update qrcode requirement from ==7.4.* to ==8.0 (#4500 ) Updates the requirements on [qrcode](https://github.com/lincolnloop/python-qrcode) to permit the latest version. - [Changelog](https://github.com/lincolnloop/python-qrcode/blob/main/CHANGES.rst) - [Commits](https://github.com/lincolnloop/python-qrcode/compare/v7.4...v8.0) --- updated-dependencies: - dependency-name: qrcode dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-10-04 16:03:04 +02:00
dependabot[bot]	152a956dc5	Update sentry-sdk requirement from ==2.14.* to ==2.15.* Updates the requirements on [sentry-sdk](https://github.com/getsentry/sentry-python) to permit the latest version. - [Release notes](https://github.com/getsentry/sentry-python/releases) - [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md) - [Commits](https://github.com/getsentry/sentry-python/compare/2.14.0...2.15.0) --- updated-dependencies: - dependency-name: sentry-sdk dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com>	2024-10-04 11:53:13 +02:00
Patrick Chilton	68e2c355e6	Translations: Update Hungarian Currently translated at 10.3% (594 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
Patrick Chilton	171615558f	Translations: Update Hungarian Currently translated at 8.8% (506 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
Patrick Chilton	a1765910ea	Translations: Update Hungarian Currently translated at 45.2% (105 of 232 strings) Translation: pretix/pretix (JavaScript parts) Translate-URL: https://translate.pretix.eu/projects/pretix/pretix-js/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
Patrick Chilton	417277958b	Translations: Update Hungarian Currently translated at 8.7% (504 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
Patrick Chilton	0d50494e89	Translations: Update Hungarian Currently translated at 43.9% (102 of 232 strings) Translation: pretix/pretix (JavaScript parts) Translate-URL: https://translate.pretix.eu/projects/pretix/pretix-js/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
Patrick Chilton	c6f634ce72	Translations: Update Hungarian Currently translated at 7.9% (456 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
Patrick Chilton	adc78c14ab	Translations: Update Hungarian Currently translated at 2.9% (170 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/hu/ powered by weblate	2024-10-04 11:48:19 +02:00
dependabot[bot]	b4ca2bdbb4	Update pycryptodome requirement from ==3.20.* to ==3.21.* (#4504 ) Updates the requirements on [pycryptodome](https://github.com/Legrandin/pycryptodome) to permit the latest version. - [Release notes](https://github.com/Legrandin/pycryptodome/releases) - [Changelog](https://github.com/Legrandin/pycryptodome/blob/master/Changelog.rst) - [Commits](https://github.com/Legrandin/pycryptodome/compare/v3.20.0x...v3.21.0) --- updated-dependencies: - dependency-name: pycryptodome dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-10-04 11:48:04 +02:00
dependabot[bot]	9a7ff592af	Update redis requirement from ==5.0.* to ==5.1.* (#4491 ) Updates the requirements on [redis](https://github.com/redis/redis-py) to permit the latest version. - [Release notes](https://github.com/redis/redis-py/releases) - [Changelog](https://github.com/redis/redis-py/blob/master/CHANGES) - [Commits](https://github.com/redis/redis-py/compare/v5.0.0b1...v5.1.0) --- updated-dependencies: - dependency-name: redis dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2024-09-30 16:30:49 +02:00
Rosariocastellana	548b54cca6	Translations: Update Italian Currently translated at 20.6% (1188 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/it/ powered by weblate	2024-09-30 13:51:23 +02:00
Anarion Dunedain	e736791446	Translations: Update Polish Currently translated at 100.0% (5745 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/pl/ powered by weblate	2024-09-30 13:51:23 +02:00
Raphael Michel	7bd945b2e6	Waiting list: Add warning when sold out products are hidden	2024-09-30 13:24:43 +02:00
Raphael Michel	a07d5aaf05	Add-on step: Minimal performance improvement	2024-09-27 13:26:30 +02:00
Raphael Michel	0cf1a32902	Bump version to 2024.10.0.dev0	2024-09-27 09:46:47 +02:00
Raphael Michel	be6aae8577	Bump version to 2024.9.0	2024-09-27 09:46:18 +02:00
Mira	fe80f5fb78	Utils for internal plugin (#4483 ) * Add full_code property to OrderPosition * Add inline "json_script" as supported data source for select2 * Use shorter OrderPosition.code	2024-09-26 19:29:33 +02:00
Raphael Michel	a2c15ad89e	Check-in: Prevent duplicate auto check-outs (Z#23167003) (#4488 )	2024-09-26 17:54:27 +02:00
Raphael Michel	cab0f37830	Translations: Update German Currently translated at 100.0% (5745 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/de/ powered by weblate	2024-09-26 17:51:57 +02:00
Raphael Michel	0423980058	Translations: Update German (informal) (de_Informal) Currently translated at 100.0% (5745 of 5745 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/de_Informal/ powered by weblate	2024-09-26 17:51:57 +02:00
Raphael Michel	63983b1b68	Translations: Update spellcheck lists	2024-09-26 16:52:28 +02:00
Raphael Michel	61241c2a1e	Update po files [CI skip] Signed-off-by: Raphael Michel <michel@rami.io>	2024-09-26 13:23:02 +02:00
Raphael Michel	4069c61054	runperiodic: Allow to list all tasks	2024-09-26 10:32:53 +02:00
Raphael Michel	9bf4fb2d0f	Sendmail: Fix incorrect filtering of subevents when mailing to attendees (Z#23166274) (#4474 )	2024-09-25 17:55:33 +02:00
Raphael Michel	ff910f293f	Item list: Show tax rate even for products with 0 price Might be neccessary for price input, variations, etc	2024-09-25 12:42:45 +02:00
Raphael Michel	74f7bec617	Change wording in a headline to avoid double-using a term	2024-09-25 12:42:45 +02:00
Albizuri	467a35e353	Translations: Update Basque Currently translated at 56.0% (3213 of 5737 strings) Translation: pretix/pretix Translate-URL: https://translate.pretix.eu/projects/pretix/pretix/eu/ powered by weblate	2024-09-24 10:13:22 +02:00