add tests in test_checkout.py

add tests in test_items.py
move JS to the right location
2019-03-27 21:33:26 +01:00 · 2019-03-27 21:07:26 +01:00 · 2019-03-27 20:54:04 +01:00 · 2019-03-27 20:34:29 +01:00 · 2019-03-27 18:43:44 +01:00 · 2019-03-27 18:43:44 +01:00
476 changed files with 68508 additions and 171972 deletions
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,5 +1,4 @@
 language: python
 dist: xenial
 sudo: false
 install:
  - pip install -U pip wheel setuptools
@@ -13,21 +12,23 @@ services:
  - postgresql
 matrix:
  include:
-    - python: 3.7
+    - python: 3.6
      env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_sqlite.cfg
-    - python: 3.7
+    - python: 3.6
      env: JOB=tests-cov PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
-    - python: 3.7
+    - python: 3.6
      env: JOB=style
-    - python: 3.7
+    - python: 3.6
      env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
-    - python: 3.7
+    - python: 3.6
      env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
    - python: 3.5
      env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
-    - python: 3.7
+    - python: 3.6
      env: JOB=plugins
    - python: 3.6
      env: JOB=doc-spelling
-    - python: 3.7
+    - python: 3.6
      env: JOB=translation-spelling
 addons:
  postgresql: "9.4"
--- a/doc/admin/config.rst
+++ b/doc/admin/config.rst
@@ -78,15 +78,6 @@ Example::
    Enables or disables nagging staff users for leaving comments on their sessions for auditability.
    Defaults to ``off``.
 ``obligatory_2fa``
    Enables or disables obligatory usage of Two-Factor Authentication for users of the pretix backend.
    Defaults to ``False``
 ``trust_x_forwarded_for``
    Specifies whether the ``X-Forwarded-For`` header can be trusted. Only set to ``on`` if you have a reverse
    proxy that actively removes and re-adds the header to make sure the correct client IP is the first value.
    Defaults to ``off``.
 Locale settings
 ---------------
@@ -134,8 +125,6 @@ Example::
    Indicates if the database backend is a MySQL/MariaDB Galera cluster and
    turns on some optimizations/special case handlers. Default: ``False``
 .. _`config-replica`:
 Database replica settings
 -------------------------
@@ -153,8 +142,6 @@ Example::
    [replica]
    host=192.168.0.2
 .. _`config-urls`:
 URLs
 ----
@@ -282,24 +269,6 @@ to speed up various operations::
 If redis is not configured, pretix will store sessions and locks in the database. If memcached
 is configured, memcached will be used for caching instead of redis.
 Translations
 ------------
 pretix comes with a number of translations. Some of them are marked as "incubating", which means
 they can usually only be selected in development mode. If you want to use them nevertheless, you
 can activate them like this::
    [languages]
    allow_incubating=pt-br,da
 You can also tell pretix about additional paths where it will search for translations::
    [languages]
    path=/path/to/my/translations
 For a given language (e.g. ``pt-br``), pretix will then look in the
 specific sub-folder, e.g. ``/path/to/my/translations/pt_BR/LC_MESSAGES/django.po``.
 Celery task queue
 -----------------
--- a/doc/admin/index.rst
+++ b/doc/admin/index.rst
@@ -11,4 +11,3 @@ This documentation is for everyone who wants to install pretix on a server.
   installation/index
   config
   maintainance
   scaling
--- a/doc/admin/installation/index.rst
+++ b/doc/admin/installation/index.rst
@@ -1,5 +1,3 @@
 .. _`installation`:
 Installation guide
 ==================
--- a/doc/admin/installation/manual_smallscale.rst
+++ b/doc/admin/installation/manual_smallscale.rst
@@ -68,6 +68,10 @@ To build and run pretix, you will need the following debian packages::
                      python3-dev libxml2-dev libxslt1-dev libffi-dev zlib1g-dev libssl-dev \
                      gettext libpq-dev libmariadbclient-dev libjpeg-dev libopenjp2-7-dev
 .. note:: Python 3.7 is not yet supported, so if you run a very recent OS, make sure to get
          Python 3.6 from somewhere. You can check the current state of things in our
          `Python 3.7 issue`_.
 Config file
 -----------
@@ -310,3 +314,4 @@ example::
 .. _redis: https://blog.programster.org/debian-8-install-redis-server/
 .. _ufw: https://en.wikipedia.org/wiki/Uncomplicated_Firewall
 .. _strong encryption settings: https://mozilla.github.io/server-side-tls/ssl-config-generator/
 .. _Python 3.7 issue: https://github.com/pretix/pretix/issues/1025
--- a/doc/admin/scaling.rst
+++ b/doc/admin/scaling.rst
@@ -1,236 +0,0 @@
 .. _`scaling`:
 Scaling guide
 =============
 Our :ref:`installation guide <installation>` only covers "small-scale" setups, by which we mostly mean
 setups that run on a **single (virtual) machine** and do not encounter large traffic peaks.
 We do not offer an installation guide for larger-scale setups of pretix, mostly because we believe that
 there is no one-size-fits-all solution for this and the desired setup highly depends on your use case,
 the platform you run pretix on, and your technical capabilities. We do not recommend trying set up pretix
 in a multi-server environment if you do not already have experience with managing server clusters.
 This document is intended to give you a general idea on what issues you will encounter when you scale up
 and what you should think of.
 .. tip::
   If you require more help on this, we're happy to help. Our pretix Enterprise support team has built
   and helped building, scaling and load-testing pretix installations at any scale and we're looking
   forward to work with you on fine-tuning your system. If you intend to sell **more than a thousand
   tickets in a very short amount of time**, we highly recommend reaching out and at least talking this
   through. Just get in touch at sales@pretix.eu!
 Scaling reasons
 ---------------
 There's mainly two reasons to scale up a pretix installation beyond a single server:
 * **Availability:** Distributing pretix over multiple servers can allow you to survive failure of one or more single machines, leading to a higher uptime and reliability of your system.
 * **Traffic and throughput:** Distributing pretix over multiple servers can allow you to process more web requests and ticket sales at the same time.
 You are very unlikely to require scaling for other reasons, such as having too much data in your database.
 Components
 ----------
 A pretix installation usually consists of the following components which run performance-relevant processes:
 * ``pretix-web`` is the Django-based web application that serves all user interaction.
 * ``pretix-worker`` is a Celery-based application that processes tasks that should be run asynchronously outside of the web application process.
 * A **SQL database** keeps all the important data and processes the actual transactions. We recommend using PostgreSQL, but MySQL/MariaDB works as well.
 * A **web server** that terminates TLS and HTTP connections and forwards them to ``pretix-web``. In some cases, e.g. when serving static files, the web servers might return a response directly. We recommend using ``nginx``.
 * A **redis** server responsible for the communication between ``pretix-web`` and ``pretix-worker``, as well as for caching.
 * A directory of **media files** such as user-uploaded files or generated files (tickets, invoices, …) that are created and used by ``pretix-web``, ``pretix-worker`` and the web server.
 In the following, we will discuss the scaling behavior of every component individually. In general, you can run all of the components
 on the same server, but you can just as well distribute every component to its own server, or even use multiple servers for some single
 components.
 .. warning::
   When setting up your system, don't forget about security. In a multi-server environment,
   you need to take special care to ensure that no unauthorized access to your database
   is possible through the network and that it's not easy to wiretap your connections. We
   recommend a rigorous use of firewalls and encryption on all communications. You can
   ensure this either on an application level (such as using the TLS support in your
   database) or on a network level with a VPN solution.
 Web server
 """"""""""
 Your web server is at the very front of your installation. It will need to absorb all of the traffic, and it should be able to
 at least show a decent error message, even when everything else fails. Luckily, web servers are really fast these days, so this
 can be achieved without too much work.
 We recommend reading up on tuning your web server for high concurrency. For nginx, this means thinking about the number of worker
 processes and the number of connections each worker process accepts. Double-check that TLS session caching works, because TLS
 handshakes can get really expensive.
 During a traffic peak, your web server will be able to make us of more CPU resources, while memory usage will stay comparatively low,
 so if you invest in more hardware here, invest in more and faster CPU cores.
 Make sure that pretix' static files (such as CSS and JavaScript assets) as well as user-uploaded media files (event logos, etc)
 are served directly by your web server and your web server caches them in-memory (nginx does it by default) and sets useful
 headers for client-side caching. As an additional performance improvement, you can turn of access logging for these types of files.
 If you want, you can even farm out serving static files to a different web server entirely and :ref:`configure pretix to reference
 them from a different URL <config-urls>`.
 .. tip::
   If you expect *really high traffic* for your very popular event, you might want to do some rate limiting on this layer, or,
   if you want to ensure a fair and robust first-come-first-served experience and prefer letting users wait over showing them
   errors, consider a queuing solution. We're happy to provide you with such systems, just get in touch at sales@pretix.eu.
 pretix-web
 """"""""""
 The ``pretix-web`` process does not carry any internal state can be easily started on as many machines as you like, and you can
 use the load balancing features of your frontend web server to redirect to all of them.
 You can adjust the number of processes in the ``gunicorn`` command line, and we recommend choosing roughly two times the number
 of CPU cores available. Under load, the memory consumption of ``pretix-web`` will stay comparatively constant, while the CPU usage
 will increase a lot. Therefore, if you can add more or faster CPU cores, you will be able to serve more users.
 pretix-worker
 """""""""""""
 The ``pretix-worker`` process performs all operations that are not directly executed in the request-response-cycle of ``pretix-web``.
 Just like ``pretix-web`` you can easily start up as many instances as you want on different machines to share the work. As long as they
 all talk to the same redis server, they will all receive tasks from ``pretix-web``, work on them and post their result back.
 You can configure the number of threads that run tasks in parallel through the ``--concurrency`` command line option of ``celery``.
 Just like ``pretix-web``, this process is mostly heavy on CPU, disk IO and network IO, although memory peaks can occur e.g. during the
 generation of large PDF files, so we recommend having some reserves here.
 ``pretix-worker`` performs a variety of tasks which are of different importance.
 Some of them are mission-critical and need to be run quickly even during high load (such as
 creating a cart or an order), others are irrelevant and can easily run later (such as
 distributing tickets on the waiting list). You can fine-tune the capacity you assign to each
 of these tasks by running ``pretix-worker`` processes that only work on a specific **queue**.
 For example, you could have three servers dedicated only to process order creations and one
 server dedicated only to sending emails. This allows you to set priorities and also protects
 you from e.g. a slow email server lowering your ticket throughput.
 You can do so by specifying one or more queues on the ``celery`` command line of this process, such as ``celery -A pretix.celery_app worker -Q notifications,mail``. Currently,
 the following queues exist:
 * ``checkout`` -- This queue handles everything related to carts and orders and thereby everything required to process a sale. This includes adding and deleting items from carts as well as creating and canceling orders.
 * ``mail`` -- This queue handles sending of outgoing emails.
 * ``notifications`` -- This queue handles the processing of any outgoing notifications, such as email notifications to admin users (except for the actual sending) or API notifications to registered webhooks.
 * ``background`` -- This queue handles tasks that are expected to take long or have no human waiting for their result immediately, such as refreshing caches, re-generating CSS files, assigning tickets on the waiting list or parsing bank data files.
 * ``default`` -- This queue handles everything else with "medium" or unassigned priority, most prominently the generation of files for tickets, invoices, badges, admin exports, etc.
 Media files
 """""""""""
 Both ``pretix-web``, ``pretix-worker`` and in some cases your webserver need to work with
 media files. Media files are all files generated *at runtime* by the software. This can
 include files uploaded by the event organizers, such as the event logo, files uploaded by
 ticket buyers (if you use such features) or files generated by the software, such as
 ticket files, invoice PDFs, data exports or customized CSS files.
 Those files are by default stored to the ``media/`` sub-folder of the data directory given
 in the ``pretix.cfg`` configuration file. Inside that ``media/`` folder, you will find a
 ``pub/`` folder containing the subset of files that should be publicly accessible through
 the web server. Everything else only needs to be accessible by ``pretix-web`` and
 ``pretix-worker`` themselves.
 If you distribute ``pretix-web`` or ``pretix-worker`` across more than one machine, you
 **must** make sure that they all have access to a shared storage to read and write these
 files, otherwise you **will** run into errors with the user interface.
 The easiest solution for this is probably to store them on a NFS server that you mount
 on each of the other servers.
 Since we use Django's file storage mechanism internally, you can in theory also use a object-storage solution like Amazon S3, Ceph, or Minio to store these files, although we currently do not expose this through pretix' configuration file and this would require you to ship your own variant of ``pretix/settings.py`` and reference it through the ``DJANGO_SETTINGS_MODULE`` environment variable.
 At pretix.eu, we use a custom-built `object storage cluster`_.
 SQL database
 """"""""""""
 One of the most critical parts of the whole setup is the SQL database -- and certainly the
 hardest to scale. Tuning relational databases is an art form, and while there's lots of
 material on it on the internet, there's not a single recipe that you can apply to every case.
 As a general rule of thumb, the more resources you can give your databases, the better.
 Most databases will happily use all CPU cores available, but only use memory up to an amount
 you configure, so make sure to set this memory usage as high as you can afford. Having more
 memory available allows your database to make more use of caching, which is usually good.
 Scaling your database to multiple machines needs to be treated with great caution. It's a
 good to have a replica of your database for availability reasons. In case your primary
 database server fails, you can easily switch over to the replica and continue working.
 However, using database replicas for performance gains is much more complicated. When using
 replicated database systems, you are always trading in consistency or availability to get
 additional performance and the consequences of this can be subtle and it is important
 that you have a deep understanding of the semantics of your replication mechanism.
 .. warning::
   Using an off-the-shelf database proxy solution that redirects read queries to your
   replicas and write queries to your primary database **will lead to very nasty bugs.**
   As an example, if you buy a ticket, pretix first needs to calculate how many tickets
   are left to sell. If this calculation is done on a database replica that lags behind
   even for fractions of a second, the decision to allow selling the ticket will be made
   on out-of-data data and you can end up with more tickets sold than configured. Similarly,
   you could imagine situations leading to double payments etc.
 If you do have a replica, you *can* tell pretix about it :ref:`in your configuration <config-replica>`.
 This way, pretix can offload complex read-only queries to the replica when it is safe to do so.
 As of pretix 2.7, this is mainly used for search queries in the backend and for rendering the
 product list and event lists in the frontend, but we plan on expanding this in the future.
 Therefore, for now our clear recommendation is: Try to scale your database vertically and put
 it on the most powerful machine you have available.
 redis
 """""
 While redis is a very important part that glues together some of the components, it isn't used
 heavily and can usually handle a fairly large pretix installation easily on a single modern
 CPU core.
 Having some memory available is good in case of e.g. lots of tasks queuing up during a traffic peak, but we wouldn't expect ever needing more than a gigabyte of it.
 Feel free to set up a redis cluster for availability – but you won't need it for performance in a long time.
 The limitations
 ---------------
 Up to a certain point, pretix scales really well. However, there are a few things that we consider
 even more important than scalability, and those are correctness and reliability. We want you to be
 able to trust that pretix will not sell more tickets than you intended or run into similar error
 cases.
 Combined with pretix' flexibility and complexity, especially around vouchers and quotas, this creates
 some hard issues. In many cases, we need to fall back to event-global locking for some actions which
 are likely to run with high concurrency and cause harm.
 For every event, only one of these locking actions can be run at the same time. Examples for this are
 adding products limited by a quota to a cart, adding items to a cart using a voucher or placing an order
 consisting of cart positions that don't have a valid reservation for much longer. In these cases, it is
 currently not realistically possible to exceed selling **approx. 500 orders per minute per event**, even
 if you add more hardware.
 If you have an unlimited number of tickets, we can apply fewer locking and we've reached **approx.
 1500 orders per minute per event** in benchmarks, although even more should be possible.
 We're working to reduce the number of cases in which this is relevant and thereby improve the possible
 throughput. If you want to use pretix for an event with 10,000+ tickets that are likely to be sold out
 within minutes, please get in touch to discuss possible solutions. We'll work something out for you!
 .. _object storage cluster: https://behind.pretix.eu/2018/03/20/high-available-cdn/
--- a/doc/api/fundamentals.rst
+++ b/doc/api/fundamentals.rst
@@ -181,37 +181,4 @@ as the string values ``true`` and ``false``.
 If the ``ordering`` parameter is documented for a resource, you can use it to sort the result set by one of the allowed
 fields. Prepend a ``-`` to the field name to reverse the sort order.
 Idempotency
 -----------
 Our API supports an idempotency mechanism to make sure you can safely retry operations without accidentally performing
 them twice. This is useful if an API call experiences interruptions in transit, e.g. due to a network failure, and you
 do not know if it completed successfully.
 To perform an idempotent request, add a ``X-Idempotency-Key`` header with a random string value (we recommend a version
 4 UUID) to your request. If we see a second request with the same ``X-Idempotency-Key`` and the same ``Authorization``
 and ``Cookie`` headers, we will not perform the action for a second time but return the exact same response instead.
 Please note that this also goes for most error responses. For example, if we returned you a ``403 Permission Denied``
 error and you retry with the same ``X-Idempotency-Key``, you will get the same error again, even if you were granted
 permission in the meantime! This includes internal server errors on our side that might have been fixed in the meantime.
 There are only three exceptions to the rule:
 * Responses with status code ``409 Conflict`` are not cached. If you send the request again, it will be executed as a
  new request, since these responses are intended to be retried.
 * Rate-limited responses with status code ``429 Too Many Requests`` are not cached and you can safely retry them.
 * Responses with status code ``503 Service Unavailable`` are not cached and you can safely retry them.
 If you send a request with an ``X-Idempotency-Key`` header that we have seen before but that has not yet received a
 response, you will receive a response with status code ``409 Conflict`` and are asked to retry after five seconds.
 We store idempotency keys for 24 hours, so you should never retry a request after a longer time period.
 All ``POST``, ``PUT``, ``PATCH``, or ``DELETE`` api calls support idempotency keys. Adding an idempotency key to a
 ``GET``, ``HEAD``, or ``OPTIONS`` request has no effect.
 .. _CSRF policies: https://docs.djangoproject.com/en/1.11/ref/csrf/#ajax
--- a/doc/api/resources/billing_invoices.rst
+++ b/doc/api/resources/billing_invoices.rst
@@ -1,131 +0,0 @@
 pretix Hosted billing invoices
 ==============================
 This endpoint allows you to access invoices you received for pretix Hosted. It only contains invoices created starting
 November 2017.
 .. note:: Only available on pretix Hosted, not on self-hosted pretix instances.
 Resource description
 --------------------
 The resource contains the following public fields:
 .. rst-class:: rest-resource-table
 ===================================== ========================== =======================================================
 Field                                 Type                       Description
 ===================================== ========================== =======================================================
 invoice_number                        string                     Invoice number
 date_issued                           date                       Invoice date
 ===================================== ========================== =======================================================
 Endpoints
 ---------
 .. http:get:: /api/v1/organizers/(organizer)/billing_invoices/
   Returns a list of all invoices to a given organizer.
   **Example request**:
   .. sourcecode:: http
      GET /api/v1/organizers/bigevents/billing_invoices/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 200 OK
      Vary: Accept
      Content-Type: application/json
      {
        "count": 1,
        "next": null,
        "previous": null,
        "results": [
          {
            "invoice_number": "R2019002",
            "date_issued": "2019-06-03"
          }
        ]
      }
   :query integer page: The page number in case of a multi-page result set, default is 1
   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``date_issued`` and
                           its reverse, ``-date_issued``. Default: ``date_issued``.
   :param organizer: The ``slug`` field of the organizer to fetch
   :statuscode 200: no error
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
 .. http:get:: /api/v1/organizers/(organizer)/billing_invoices/(invoice_number)/
   Returns information on one invoice, identified by its invoice number.
   **Example request**:
   .. sourcecode:: http
      GET /api/v1/organizers/bigevents/billing_invoices/R2019002/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 200 OK
      Vary: Accept
      Content-Type: application/json
      {
        "invoice_number": "R2019002",
        "date_issued": "2019-06-03"
      }
   :param organizer: The ``slug`` field of the organizer to fetch
   :param invoice_number: The ``invoice_number`` field of the invoice to fetch
   :statuscode 200: no error
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
 .. http:get:: /api/v1/organizers/(organizer)/billing_invoices/(invoice_number)/download/
   Download an invoice in PDF format.
   .. warning:: After we created the invoices, they are placed in review with our accounting department. You will
                already see them in the API at this point, but you are not able to download them until they completed
                review and are sent to you via email. This usually takes a few hours. If you try to download them
                in this time frame, you will receive a status code :http:statuscode:`423`.
   **Example request**:
   .. sourcecode:: http
      GET /api/v1/organizers/bigevents/billing_invoices/R2019002/download/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 200 OK
      Vary: Accept
      Content-Type: application/pdf
      ...
   :param organizer: The ``slug`` field of the organizer to fetch
   :param invoice_number: The ``invoice_number`` field of the invoice to fetch
   :statuscode 200: no error
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
   :statuscode 423: The file is not yet ready and will now be prepared. Retry the request after waiting for a few
                    seconds.
--- a/doc/api/resources/carts.rst
+++ b/doc/api/resources/carts.rst
@@ -36,20 +36,12 @@ answers                               list of objects            Answers to user
 ├ question_identifier                 string                     The question's ``identifier`` field
 ├ options                             list of integers           Internal IDs of selected option(s)s (only for choice types)
 └ option_identifiers                  list of strings            The ``identifier`` fields of the selected option(s)s
 seat                                  objects                    The assigned seat. Can be ``null``.
 ├ id                                  integer                    Internal ID of the seat instance
 ├ name                                string                     Human-readable seat name
 └ seat_guid                           string                     Identifier of the seat within the seating plan
 ===================================== ========================== =======================================================
 .. versionchanged:: 1.17
   This resource has been added.
 .. versionchanged:: 3.0
   This ``seat`` attribute has been added.
 Cart position endpoints
 -----------------------
@@ -95,7 +87,6 @@ Cart position endpoints
            "datetime": "2018-06-11T10:00:00Z",
            "expires": "2018-06-11T10:00:00Z",
            "includes_tax": true,
            "seat": null,
            "answers": []
          }
        ]
@@ -141,7 +132,6 @@ Cart position endpoints
        "datetime": "2018-06-11T10:00:00Z",
        "expires": "2018-06-11T10:00:00Z",
        "includes_tax": true,
        "seat": null,
        "answers": []
      }
@@ -188,7 +178,6 @@ Cart position endpoints
   * ``item``
   * ``variation`` (optional)
   * ``price``
   * ``seat`` (The ``seat_guid`` attribute of a seat. Required when the specified ``item`` requires a seat, otherwise must be ``null``.)
   * ``attendee_name`` **or** ``attendee_name_parts`` (optional)
   * ``attendee_email`` (optional)
   * ``subevent`` (optional)
@@ -207,7 +196,7 @@ Cart position endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/cartpositions/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "item": 1,
--- a/doc/api/resources/categories.rst
+++ b/doc/api/resources/categories.rst
@@ -131,7 +131,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/categories/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": {"en": "Tickets"},
--- a/doc/api/resources/checkinlists.rst
+++ b/doc/api/resources/checkinlists.rst
@@ -209,7 +209,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/checkinlists/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": "VIP entry",
@@ -336,24 +336,11 @@ Order position endpoints
   The order positions endpoint has been extended by the filter queries ``voucher`` and ``voucher__code``.
 .. versionchanged:: 2.7
   The resource now contains the new attributes ``require_attention`` and ``order__status`` and accepts the new
   ``ignore_status`` filter. The ``attendee_name`` field is now "smart" (see below) and the redemption endpoint
   returns ``400`` instead of ``404`` on tickets which are known but not paid.
 .. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/
   Returns a list of all order positions within a given event. The result is the same as
-   the :ref:`order-position-resource`, with the following differences:
+   the :ref:`order-position-resource`, with one important difference: the ``checkins`` value will only include
-
+   check-ins for the selected list.
   * The ``checkins`` value will only include check-ins for the selected list.
   * An additional boolean property ``require_attention`` will inform you whether either the order or the item
     have the ``checkin_attention`` flag set.
   * If ``attendee_name`` is empty, it will automatically fall back to values from a parent product or from invoice
     addresses.
   **Example request**:
@@ -396,7 +383,6 @@ Order position endpoints
            "addon_to": null,
            "subevent": null,
            "pseudonymization_id": "MQLJvANO3B",
            "seat": null,
            "checkins": [
              {
                "list": 1,
@@ -421,8 +407,6 @@ Order position endpoints
      }
   :query integer page: The page number in case of a multi-page result set, default is 1
   :query string ignore_status: If set to ``true``, results will be returned regardless of the state of
                                 the order they belong to and you will need to do your own filtering by order status.
   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``order__code``,
                           ``order__datetime``, ``positionid``, ``attendee_name``, ``last_checked_in`` and ``order__email``. Default:
                           ``attendee_name,positionid``
@@ -458,15 +442,8 @@ Order position endpoints
 .. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/(id)/
   Returns information on one order position, identified by its internal ID.
-   The result is the same as the :ref:`order-position-resource`, with the following differences:
+   The result format is the same as the :ref:`order-position-resource`, with one important difference: the
-
+   ``checkins`` value will only include check-ins for the selected list.
   * The ``checkins`` value will only include check-ins for the selected list.
   * An additional boolean property ``require_attention`` will inform you whether either the order or the item
     have the ``checkin_attention`` flag set.
   * If ``attendee_name`` is empty, it will automatically fall back to values from a parent product or from invoice
     addresses.
   **Instead of an ID, you can also use the ``secret`` field as the lookup parameter.**
@@ -506,7 +483,6 @@ Order position endpoints
        "addon_to": null,
        "subevent": null,
        "pseudonymization_id": "MQLJvANO3B",
        "seat": null,
        "checkins": [
          {
            "list": 1,
@@ -548,14 +524,11 @@ Order position endpoints
                                       you do not implement question handling in your user interface, you **must**
                                       set this to ``false``. In that case, questions will just be ignored. Defaults
                                       to ``true``.
   :<json boolean canceled_supported: When this parameter is set to ``true``, the response code ``canceled`` may be
                                      returned. Otherwise, canceled orders will return ``unpaid``.
   :<json datetime datetime: Specifies the datetime of the check-in. If not supplied, the current time will be used.
   :<json boolean force: Specifies that the check-in should succeed regardless of previous check-ins or required
                         questions that have not been filled. Defaults to ``false``.
   :<json boolean ignore_unpaid: Specifies that the check-in should succeed even if the order is in pending state.
-                                 Defaults to ``false`` and only works when ``include_pending`` is set on the check-in
+                                 Defaults to ``false``.
                                 list.
   :<json string nonce: You can set this parameter to a unique random value to identify this check-in. If you're sending
                        this request twice with the same nonce, the second request will also succeed but will always
                        create only one check-in object even when the previous request was successful as well. This
@@ -578,7 +551,6 @@ Order position endpoints
        "nonce": "Pvrk50vUzQd0DhdpNRL4I4OcXsvg70uA",
        "datetime": null,
        "questions_supported": true,
        "canceled_supported": true,
        "answers": {
          "4": "XS"
        }
@@ -662,9 +634,7 @@ Order position endpoints
   Possible error reasons:
-   * ``unpaid`` - Ticket is not paid for
+   * ``unpaid`` - Ticket is not paid for or has been refunded
   * ``canceled`` – Ticket is canceled or expired. This reason is only sent when your request sets
     ``canceled_supported`` to ``true``, otherwise these orders return ``unpaid``.
   * ``already_redeemed`` - Ticket already has been redeemed
   * ``product`` - Tickets with this product may not be scanned at this device
--- a/doc/api/resources/events.rst
+++ b/doc/api/resources/events.rst
@@ -27,13 +27,9 @@ presale_end                           datetime                   The date at whi
 location                              multi-lingual string       The event location (or ``null``)
 has_subevents                         boolean                    ``true`` if the event series feature is active for this
                                                                 event. Cannot change after event is created.
-meta_data                             object                     Values set for organizer-specific meta data parameters.
+meta_data                             dict                       Values set for organizer-specific meta data parameters.
 plugins                               list                       A list of package names of the enabled plugins for this
                                                                 event.
 seating_plan                          integer                    If reserved seating is in use, the ID of a seating
                                                                 plan. Otherwise ``null``.
 seat_category_mapping                 object                     An object mapping categories of the seating plan
                                                                 (strings) to items in the event (integers or ``null``).
 ===================================== ========================== =======================================================
@@ -54,14 +50,6 @@ seat_category_mapping                 object                     An object mappi
   The ``testmode`` attribute has been added.
 .. versionchanged:: 2.8
    When cloning events, the ``testmode`` attribute will now be cloned, too.
 .. versionchanged:: 3.0
   The attributes ``seating_plan`` and ``seat_category_mapping`` have been added.
 Endpoints
 ---------
@@ -107,8 +95,6 @@ Endpoints
            "location": null,
            "has_subevents": false,
            "meta_data": {},
            "seating_plan": null,
            "seat_category_mapping": {},
            "plugins": [
              "pretix.plugins.banktransfer"
              "pretix.plugins.stripe"
@@ -126,9 +112,6 @@ Endpoints
   :query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned. Event series are never (always) returned.
   :query is_past: If set to ``true`` (``false``), only events that are over are (not) returned. Event series are never (always) returned.
   :query ends_after: If set to a date and time, only events that happen during of after the given time are returned. Event series are never returned.
   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``date_from`` and
                           ``slug``. Keep in mind that ``date_from`` of event series does not really tell you anything.
                           Default: ``slug``.
   :param organizer: The ``slug`` field of a valid organizer
   :statuscode 200: no error
   :statuscode 401: Authentication failure
@@ -170,8 +153,6 @@ Endpoints
        "presale_end": null,
        "location": null,
        "has_subevents": false,
        "seating_plan": null,
        "seat_category_mapping": {},
        "meta_data": {},
        "plugins": [
          "pretix.plugins.banktransfer"
@@ -203,7 +184,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": {"en": "Sample Conference"},
@@ -217,8 +198,6 @@ Endpoints
        "is_public": false,
        "presale_start": null,
        "presale_end": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "location": null,
        "has_subevents": false,
        "meta_data": {},
@@ -249,8 +228,6 @@ Endpoints
        "presale_start": null,
        "presale_end": null,
        "location": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "has_subevents": false,
        "meta_data": {},
        "plugins": [
@@ -269,7 +246,7 @@ Endpoints
 .. http:post:: /api/v1/organizers/(organizer)/events/(event)/clone/
   Creates a new event with properties as set in the request body. The properties that are copied are: 'is_public',
-   `testmode`, settings, plugin settings, items, variations, add-ons, quotas, categories, tax rules, questions.
+   settings, plugin settings, items, variations, add-ons, quotas, categories, tax rules, questions.
   If the 'plugins' and/or 'is_public' fields are present in the post body this will determine their value. Otherwise
   their value will be copied from the existing event.
@@ -285,7 +262,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/clone/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": {"en": "Sample Conference"},
@@ -300,8 +277,6 @@ Endpoints
        "presale_start": null,
        "presale_end": null,
        "location": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "has_subevents": false,
        "meta_data": {},
        "plugins": [
@@ -332,8 +307,6 @@ Endpoints
        "presale_end": null,
        "location": null,
        "has_subevents": false,
        "seating_plan": null,
        "seat_category_mapping": {},
        "meta_data": {},
        "plugins": [
          "pretix.plugins.stripe",
@@ -362,7 +335,7 @@ Endpoints
      PATCH /api/v1/organizers/bigevents/events/sampleconf/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "plugins": [
@@ -395,8 +368,6 @@ Endpoints
        "presale_end": null,
        "location": null,
        "has_subevents": false,
        "seating_plan": null,
        "seat_category_mapping": {},
        "meta_data": {},
        "plugins": [
          "pretix.plugins.banktransfer",
--- a/doc/api/resources/index.rst
+++ b/doc/api/resources/index.rst
@@ -23,5 +23,3 @@ Resources and endpoints
   waitinglist
   carts
   webhooks
   seatingplans
   billing_invoices
--- a/doc/api/resources/item_add-ons.rst
+++ b/doc/api/resources/item_add-ons.rst
@@ -134,7 +134,7 @@ Endpoints
      POST /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "addon_category": 1,
--- a/doc/api/resources/item_bundles.rst
+++ b/doc/api/resources/item_bundles.rst
@@ -134,7 +134,7 @@ Endpoints
      POST /api/v1/organizers/(organizer)/events/(event)/items/(item)/bundles/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "bundled_item": 3,
--- a/doc/api/resources/item_variations.rst
+++ b/doc/api/resources/item_variations.rst
@@ -18,18 +18,12 @@ default_price                         money (string)             The price set d
 price                                 money (string)             The price used for this variation. This is either the
                                                                 same as ``default_price`` if that value is set or equal
                                                                 to the item's ``default_price`` (read-only).
 original_price                        money (string)             An original price, shown for comparison, not used
                                                                 for price calculations (or ``null``).
 active                                boolean                    If ``false``, this variation will not be sold or shown.
 description                           multi-lingual string       A public description of the variation. May contain
                                                                 Markdown syntax or can be ``null``.
 position                              integer                    An integer, used for sorting
 ===================================== ========================== =======================================================
 .. versionchanged:: 2.7
   The attribute ``original_price`` has been added.
 .. versionchanged:: 1.12
   This resource has been added.
@@ -73,8 +67,7 @@ Endpoints
            },
            "position": 0,
            "default_price": "223.00",
-            "price": 223.0,
+            "price": 223.0
            "original_price": null,
          },
          {
            "id": 3,
@@ -127,7 +120,6 @@ Endpoints
        },
        "default_price": "10.00",
        "price": "10.00",
        "original_price": null,
        "active": true,
        "description": null,
        "position": 0
@@ -152,7 +144,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "value": {"en": "Student"},
@@ -175,7 +167,6 @@ Endpoints
        "value": {"en": "Student"},
        "default_price": "10.00",
        "price": "10.00",
        "original_price": null,
        "active": true,
        "description": null,
        "position": 0
@@ -225,7 +216,6 @@ Endpoints
        "value": {"en": "Student"},
        "default_price": "10.00",
        "price": "10.00",
        "original_price": null,
        "active": false,
        "description": null,
        "position": 1
--- a/doc/api/resources/items.rst
+++ b/doc/api/resources/items.rst
@@ -29,8 +29,7 @@ free_price                            boolean                    If ``true``, cu
                                                                 they buy the product (however, the price can't be set
                                                                 lower than the price defined by ``default_price`` or
                                                                 otherwise).
-tax_rate                              decimal (string)           The VAT rate to be applied for this item (read-only,
+tax_rate                              decimal (string)           The VAT rate to be applied for this item.
                                                                 set through ``tax_rule``).
 tax_rule                              integer                    The internal ID of the applied tax rule (or ``null``).
 admission                             boolean                    ``true`` for items that grant admission to the event
                                                                 (such as primary tickets) and ``false`` for others
@@ -44,9 +43,6 @@ available_from                        datetime                   The first date
                                                                 (or ``null``).
 available_until                       datetime                   The last date time at which this item can be bought
                                                                 (or ``null``).
 hidden_if_available                   integer                    The internal ID of a quota object, or ``null``. If
                                                                 set, this item won't be shown publicly as long as this
                                                                 quota is available.
 require_voucher                       boolean                    If ``true``, this item can only be bought using a
                                                                 voucher that is specifically assigned to this item.
 hide_without_voucher                  boolean                    If ``true``, this item is only shown during the voucher
@@ -75,10 +71,6 @@ generate_tickets                      boolean                    If ``false``, t
                                                                 non-admission or add-on product, regardless of event
                                                                 settings. If this is ``null``, regular ticketing
                                                                 rules apply.
 allow_waitinglist                     boolean                    If ``false``, no waiting list will be shown for this
                                                                 product when it is sold out.
 show_quota_left                       boolean                    Publicly show how many tickets are still available.
                                                                 If this is ``null``, the event default is used.
 has_variations                        boolean                    Shows whether or not this item has variations.
 variations                            list of objects            A list with one object for each variation of this item.
                                                                 Can be empty. Only writable during creation,
@@ -89,8 +81,6 @@ variations                            list of objects            A list with one
 ├ price                               money (string)             The price used for this variation. This is either the
                                                                 same as ``default_price`` if that value is set or equal
                                                                 to the item's ``default_price``.
 ├ original_price                      money (string)             An original price, shown for comparison, not used
                                                                 for price calculations (or ``null``).
 ├ active                              boolean                    If ``false``, this variation will not be sold or shown.
 ├ description                         multi-lingual string       A public description of the variation. May contain
                                                                 Markdown syntax or can be ``null``.
@@ -115,10 +105,6 @@ bundles                               list of objects            Definition of b
                                                                 taxation. This is not added to the price.
 ===================================== ========================== =======================================================
 .. versionchanged:: 2.7
   The attribute ``original_price`` has been added for ``variations``.
 .. versionchanged:: 1.7
   The attribute ``tax_rule`` has been added. ``tax_rate`` is kept for compatibility. The attribute
@@ -149,10 +135,6 @@ bundles                               list of objects            Definition of b
   The ``bundles`` and ``require_bundling`` attributes have been added.
 .. versionchanged:: 3.0
   The ``show_quota_left``, ``allow_waitinglist``, and ``hidden_if_available`` attributes have been added.
 Notes
 -----
@@ -210,7 +192,6 @@ Endpoints
            "picture": null,
            "available_from": null,
            "available_until": null,
            "hidden_if_available": null,
            "require_voucher": false,
            "hide_without_voucher": false,
            "allow_cancel": true,
@@ -219,8 +200,6 @@ Endpoints
            "checkin_attention": false,
            "has_variations": false,
            "generate_tickets": null,
            "allow_waitinglist": true,
            "show_quota_left": null,
            "require_approval": false,
            "require_bundling": false,
            "variations": [
@@ -228,7 +207,6 @@ Endpoints
                 "value": {"en": "Student"},
                 "default_price": "10.00",
                 "price": "10.00",
                 "original_price": null,
                 "active": true,
                 "description": null,
                 "position": 0
@@ -237,7 +215,6 @@ Endpoints
                 "value": {"en": "Regular"},
                 "default_price": null,
                 "price": "23.00",
                 "original_price": null,
                 "active": true,
                 "description": null,
                 "position": 1
@@ -304,13 +281,10 @@ Endpoints
        "picture": null,
        "available_from": null,
        "available_until": null,
        "hidden_if_available": null,
        "require_voucher": false,
        "hide_without_voucher": false,
        "allow_cancel": true,
        "generate_tickets": null,
        "allow_waitinglist": true,
        "show_quota_left": null,
        "min_per_order": null,
        "max_per_order": null,
        "checkin_attention": false,
@@ -322,7 +296,6 @@ Endpoints
             "value": {"en": "Student"},
             "default_price": "10.00",
             "price": "10.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 0
@@ -331,7 +304,6 @@ Endpoints
             "value": {"en": "Regular"},
             "default_price": null,
             "price": "23.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 1
@@ -359,7 +331,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/items/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "id": 1,
@@ -379,13 +351,10 @@ Endpoints
        "picture": null,
        "available_from": null,
        "available_until": null,
        "hidden_if_available": null,
        "require_voucher": false,
        "hide_without_voucher": false,
        "allow_cancel": true,
        "generate_tickets": null,
        "allow_waitinglist": true,
        "show_quota_left": null,
        "min_per_order": null,
        "max_per_order": null,
        "checkin_attention": false,
@@ -396,7 +365,6 @@ Endpoints
             "value": {"en": "Student"},
             "default_price": "10.00",
             "price": "10.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 0
@@ -405,7 +373,6 @@ Endpoints
             "value": {"en": "Regular"},
             "default_price": null,
             "price": "23.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 1
@@ -441,15 +408,12 @@ Endpoints
        "picture": null,
        "available_from": null,
        "available_until": null,
        "hidden_if_available": null,
        "require_voucher": false,
        "hide_without_voucher": false,
        "allow_cancel": true,
        "min_per_order": null,
        "max_per_order": null,
        "generate_tickets": null,
        "allow_waitinglist": true,
        "show_quota_left": null,
        "checkin_attention": false,
        "has_variations": true,
        "require_approval": false,
@@ -459,7 +423,6 @@ Endpoints
             "value": {"en": "Student"},
             "default_price": "10.00",
             "price": "10.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 0
@@ -468,7 +431,6 @@ Endpoints
             "value": {"en": "Regular"},
             "default_price": null,
             "price": "23.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 1
@@ -535,12 +497,9 @@ Endpoints
        "picture": null,
        "available_from": null,
        "available_until": null,
        "hidden_if_available": null,
        "require_voucher": false,
        "hide_without_voucher": false,
        "generate_tickets": null,
        "allow_waitinglist": true,
        "show_quota_left": null,
        "allow_cancel": true,
        "min_per_order": null,
        "max_per_order": null,
@@ -553,7 +512,6 @@ Endpoints
             "value": {"en": "Student"},
             "default_price": "10.00",
             "price": "10.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 0
@@ -562,7 +520,6 @@ Endpoints
             "value": {"en": "Regular"},
             "default_price": null,
             "price": "23.00",
             "original_price": null,
             "active": true,
             "description": null,
             "position": 1
--- a/doc/api/resources/orders.rst
+++ b/doc/api/resources/orders.rst
@@ -176,10 +176,6 @@ answers                               list of objects            Answers to user
 ├ question_identifier                 string                     The question's ``identifier`` field
 ├ options                             list of integers           Internal IDs of selected option(s)s (only for choice types)
 └ option_identifiers                  list of strings            The ``identifier`` fields of the selected option(s)s
 seat                                  objects                    The assigned seat. Can be ``null``.
 ├ id                                  integer                    Internal ID of the seat instance
 ├ name                                string                     Human-readable seat name
 └ seat_guid                           string                     Identifier of the seat within the seating plan
 pdf_data                              object                     Data object required for ticket PDF generation. By default,
                                                                 this field is missing. It will be added only if you add the
                                                                 ``pdf_data=true`` query parameter to your request.
@@ -201,10 +197,6 @@ pdf_data                              object                     Data object req
  The attributes ``pseudonymization_id`` and ``pdf_data`` have been added.
 .. versionchanged:: 3.0
  The attribute ``seat`` has been added.
 .. _order-payment-resource:
 Order payment resource
@@ -336,7 +328,6 @@ List of all orders
                "addon_to": null,
                "subevent": null,
                "pseudonymization_id": "MQLJvANO3B",
                "seat": null,
                "checkins": [
                  {
                    "list": 44,
@@ -382,8 +373,8 @@ List of all orders
      }
   :query integer page: The page number in case of a multi-page result set, default is 1
-   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``datetime``, ``code``,
+   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``datetime``, ``code`` and
-                           ``last_modified``, and ``status``. Default: ``datetime``
+                           ``status``. Default: ``datetime``
   :query string code: Only return orders that match the given order code
   :query string status: Only return orders in the given order status (see above)
   :query boolean testmode: Only return orders with ``testmode`` set to ``true`` or ``false``
@@ -394,7 +385,6 @@ List of all orders
   :query datetime modified_since: Only return orders that have changed since the given date. Be careful: We only
       recommend using this in combination with ``testmode=false``, since test mode orders can vanish at any time and
       you will not notice it using this method.
   :query datetime created_since: Only return orders that have been created since the given date.
   :param organizer: The ``slug`` field of the organizer to fetch
   :param event: The ``slug`` field of the event to fetch
   :resheader X-Page-Generated: The server time at the beginning of the operation. If you're using this API to fetch
@@ -479,7 +469,6 @@ Fetching individual orders
            "addon_to": null,
            "subevent": null,
            "pseudonymization_id": "MQLJvANO3B",
            "seat": null,
            "checkins": [
              {
                "list": 44,
@@ -698,6 +687,8 @@ Creating orders
   Creates a new order.
   .. warning:: This endpoint is considered **experimental**. It might change at any time without prior notice.
   .. warning::
       This endpoint is intended for advanced users. It is not designed to be used to build your own shop frontend,
@@ -745,7 +736,7 @@ Creating orders
     then call the ``mark_paid`` API method.
   * ``testmode`` (optional) – Defaults to ``false``
   * ``consume_carts`` (optional) – A list of cart IDs. All cart positions with these IDs will be deleted if the
-     order creation is successful. Any quotas or seats that become free by this operation will be credited to your order
+     order creation is successful. Any quotas that become free by this operation will be credited to your order
     creation.
   * ``email``
   * ``locale``
@@ -758,7 +749,6 @@ Creating orders
     should only use this if you know the specific payment provider in detail. Please keep in mind that the payment
     provider will not be called to do anything about this (i.e. if you pass a bank account to a debit provider, *no*
     charge will be created), this is just informative in case you *handled the payment already*.
   * ``payment_date`` (optional) – Date and time of the completion of the payment.
   * ``comment`` (optional)
   * ``checkin_attention`` (optional)
   * ``invoice_address`` (optional)
@@ -779,7 +769,6 @@ Creating orders
      * ``item``
      * ``variation``
      * ``price``
      * ``seat`` (The ``seat_guid`` attribute of a seat. Required when the specified ``item`` requires a seat, otherwise must be ``null``.)
      * ``attendee_name`` **or** ``attendee_name_parts``
      * ``attendee_email``
      * ``secret`` (optional)
@@ -799,8 +788,6 @@ Creating orders
      * ``internal_type``
      * ``tax_rule``
   * ``force`` (optional). If set to ``true``, quotas will be ignored.
   If you want to use add-on products, you need to set the ``positionid`` fields of all positions manually
   to incrementing integers starting with ``1``. Then, you can reference one of these
   IDs in the ``addon_to`` field of another position. Note that all add_ons for a specific position need to come
@@ -1296,7 +1283,6 @@ List of all order positions
            "tax_value": "0.00",
            "secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
            "pseudonymization_id": "MQLJvANO3B",
            "seat": null,
            "addon_to": null,
            "subevent": null,
            "checkins": [
@@ -1399,7 +1385,6 @@ Fetching individual positions
        "addon_to": null,
        "subevent": null,
        "pseudonymization_id": "MQLJvANO3B",
        "seat": null,
        "checkins": [
          {
            "list": 44,
--- a/doc/api/resources/organizers.rst
+++ b/doc/api/resources/organizers.rst
@@ -56,8 +56,6 @@ Endpoints
      }
   :query page: The page number in case of a multi-page result set, default is 1
   :query string ordering: Manually set the ordering of results. Valid fields to be used are ``slug`` and
                           ``name``. Default: ``slug``.
   :statuscode 200: no error
   :statuscode 401: Authentication failure
--- a/doc/api/resources/questions.rst
+++ b/doc/api/resources/questions.rst
@@ -30,7 +30,6 @@ type                                  string                     The expected ty
                                                                 * ``D`` – date
                                                                 * ``H`` – time
                                                                 * ``W`` – date and time
                                                                 * ``CC`` – country code (ISO 3666-1 alpha-2)
 required                              boolean                    If ``true``, the question needs to be filled out.
 position                              integer                    An integer, used for sorting
 items                                 list of integers           List of item IDs this question is assigned to.
@@ -39,8 +38,6 @@ identifier                            string                     An arbitrary st
 ask_during_checkin                    boolean                    If ``true``, this question will not be asked while
                                                                 buying the ticket, but will show up when redeeming
                                                                 the ticket instead.
 hidden                                boolean                    If ``true``, the question will only be shown in the
                                                                 backend.
 options                               list of objects            In case of question type ``C`` or ``M``, this lists the
                                                                 available objects. Only writable during creation,
                                                                 use separate endpoint to modify this later.
@@ -54,12 +51,11 @@ dependency_question                   integer                    Internal ID of
                                                                 this attribute is set to the value given in
                                                                 ``dependency_value``. This cannot be combined with
                                                                 ``ask_during_checkin``.
-dependency_values                     list of strings            If ``dependency_question`` is set to a boolean
+dependency_value                      string                     The value ``dependency_question`` needs to be set to.
-                                                                 question, this should be ``["True"]`` or ``["False"]``.
+                                                                 If ``dependency_question`` is set to a boolean
-                                                                 Otherwise, it should be a list of ``identifier`` values
+                                                                 question, this should be ``"true"`` or ``"false"``.
-                                                                 of question options.
+                                                                 Otherwise, it should be the ``identifier`` of a
-dependency_value                      string                     An old version of ``dependency_values`` that only allows
+                                                                 question option.
                                                                 for one value. **Deprecated.**
 ===================================== ========================== =======================================================
 .. versionchanged:: 1.12
@@ -72,14 +68,6 @@ dependency_value                      string                     An old version
  Write methods have been added. The attribute ``identifier`` has been added to both the resource itself and the
  options resource. The ``position`` attribute has been added to the options resource.
 .. versionchanged:: 2.7
  The attribute ``hidden`` and the question type ``CC`` have been added.
 .. versionchanged:: 3.0
  The attribute ``dependency_values`` has been added.
 Endpoints
 ---------
@@ -122,10 +110,8 @@ Endpoints
            "position": 1,
            "identifier": "WY3TP9SL",
            "ask_during_checkin": false,
            "hidden": false,
            "dependency_question": null,
            "dependency_value": null,
            "dependency_values": [],
            "options": [
              {
                "id": 1,
@@ -191,10 +177,8 @@ Endpoints
        "position": 1,
        "identifier": "WY3TP9SL",
        "ask_during_checkin": false,
        "hidden": false,
        "dependency_question": null,
        "dependency_value": null,
        "dependency_values": [],
        "options": [
          {
            "id": 1,
@@ -235,7 +219,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/questions/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "question": {"en": "T-Shirt size"},
@@ -244,9 +228,8 @@ Endpoints
        "items": [1, 2],
        "position": 1,
        "ask_during_checkin": false,
        "hidden": false,
        "dependency_question": null,
-        "dependency_values": [],
+        "dependency_value": null,
        "options": [
          {
            "answer": {"en": "S"}
@@ -278,10 +261,8 @@ Endpoints
        "position": 1,
        "identifier": "WY3TP9SL",
        "ask_during_checkin": false,
        "hidden": false,
        "dependency_question": null,
        "dependency_value": null,
        "dependency_values": [],
        "options": [
          {
            "id": 1,
@@ -351,10 +332,8 @@ Endpoints
        "position": 2,
        "identifier": "WY3TP9SL",
        "ask_during_checkin": false,
        "hidden": false,
        "dependency_question": null,
        "dependency_value": null,
        "dependency_values": [],
        "options": [
          {
            "id": 1,
--- a/doc/api/resources/quotas.rst
+++ b/doc/api/resources/quotas.rst
@@ -20,22 +20,12 @@ size                                  integer                    The size of the
 items                                 list of integers           List of item IDs this quota acts on.
 variations                            list of integers           List of item variation IDs this quota acts on.
 subevent                              integer                    ID of the date inside an event series this quota belongs to (or ``null``).
 close_when_sold_out                   boolean                    If ``true``, the quota will "close" as soon as it is
                                                                 sold out once. Even if tickets become available again,
                                                                 they will not be sold unless the quota is set to open
                                                                 again.
 closed                                boolean                    Whether the quota is currently closed (see above
                                                                 field).
 ===================================== ========================== =======================================================
 .. versionchanged:: 1.10
   The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
 .. versionchanged:: 3.0
   The attributes ``close_when_sold_out`` and ``closed`` have been added.
 Endpoints
 ---------
@@ -71,9 +61,7 @@ Endpoints
            "size": 200,
            "items": [1, 2],
            "variations": [1, 4, 5, 7],
-            "subevent": null,
+            "subevent": null
            "close_when_sold_out": false,
            "closed": false
          }
        ]
      }
@@ -114,9 +102,7 @@ Endpoints
        "size": 200,
        "items": [1, 2],
        "variations": [1, 4, 5, 7],
-        "subevent": null,
+        "subevent": null
        "close_when_sold_out": false,
        "closed": false
      }
   :param organizer: The ``slug`` field of the organizer to fetch
@@ -137,16 +123,14 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/quotas/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": "Ticket Quota",
        "size": 200,
        "items": [1, 2],
        "variations": [1, 4, 5, 7],
-        "subevent": null,
+        "subevent": null
        "close_when_sold_out": false,
        "closed": false
      }
   **Example response**:
@@ -163,9 +147,7 @@ Endpoints
        "size": 200,
        "items": [1, 2],
        "variations": [1, 4, 5, 7],
-        "subevent": null,
+        "subevent": null
        "close_when_sold_out": false,
        "closed": false
      }
   :param organizer: The ``slug`` field of the organizer of the event/item to create a quota for
@@ -218,9 +200,7 @@ Endpoints
          1,
          2
        ],
-        "subevent": null,
+        "subevent": null
        "close_when_sold_out": false,
        "closed": false
      }
   :param organizer: The ``slug`` field of the organizer to modify
--- a/doc/api/resources/seatingplans.rst
+++ b/doc/api/resources/seatingplans.rst
@@ -1,209 +0,0 @@
 .. _`rest-seatingplans`:
 Seating plans
 =============
 Resource description
 --------------------
 The seating plan resource contains the following public fields:
 .. rst-class:: rest-resource-table
 ===================================== ========================== =======================================================
 Field                                 Type                       Description
 ===================================== ========================== =======================================================
 id                                    integer                    Internal ID of the plan
 name                                  string                     Human-readable name of the plan
 layout                                object                     JSON representation of the seating plan. These
                                                                 representations follow a JSON schema that currently
                                                                 still evolves. The version in use can be found `here`_.
 ===================================== ========================== =======================================================
 .. versionchanged:: 3.0
   This endpoint has been added.
 Endpoints
 ---------
 .. http:get:: /api/v1/organizers/(organizer)/seatingplans/
   Returns a list of all seating plans within a given organizer.
   **Example request**:
   .. sourcecode:: http
      GET /api/v1/organizers/bigevents/seatingplans/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 200 OK
      Vary: Accept
      Content-Type: application/json
      {
        "count": 1,
        "next": null,
        "previous": null,
        "results": [
          {
            "id": 2,
            "name": "Main plan",
            "layout": { … }
          }
        ]
      }
   :query integer page: The page number in case of a multi-page result set, default is 1
   :param organizer: The ``slug`` field of the organizer to fetch
   :statuscode 200: no error
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer does not exist **or** you have no permission to view this resource.
 .. http:get:: /api/v1/organizers/(organizer)/seatingplans/(id)/
   Returns information on one plan, identified by its ID.
   **Example request**:
   .. sourcecode:: http
      GET /api/v1/organizers/bigevents/seatingplans/1/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 200 OK
      Vary: Accept
      Content-Type: application/json
      {
        "id": 2,
        "name": "Main plan",
        "layout": { … }
      }
   :param organizer: The ``slug`` field of the organizer to fetch
   :param id: The ``id`` field of the seating plan to fetch
   :statuscode 200: no error
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer does not exist **or** you have no permission to view this resource.
 .. http:post:: /api/v1/organizers/(organizer)/seatingplans/
   Creates a new seating plan
   **Example request**:
   .. sourcecode:: http
      POST /api/v1/organizers/bigevents/seatingplans/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
      Content-Type: application/json
      {
        "name": "Main plan",
        "layout": { … }
      }
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 201 Created
      Vary: Accept
      Content-Type: application/json
      {
        "id": 3,
        "name": "Main plan",
        "layout": { … }
      }
   :param organizer: The ``slug`` field of the organizer to create a seating plan for
   :statuscode 201: no error
   :statuscode 400: The seating plan could not be created due to invalid submitted data.
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
 .. http:patch:: /api/v1/organizers/(organizer)/seatingplans/(id)/
   Update a plan. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
   the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
   want to change.
   You can change all fields of the resource except the ``id`` field. **You can not change a plan while it is in use for
   any events.**
   **Example request**:
   .. sourcecode:: http
      PATCH /api/v1/organizers/bigevents/seatingplans/1/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
      Content-Type: application/json
      Content-Length: 94
      {
        "name": "Old plan"
      }
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 200 OK
      Vary: Accept
      Content-Type: application/json
      {
        "id": 1,
        "name": "Old plan",
        "layout": { … }
      }
   :param organizer: The ``slug`` field of the organizer to modify
   :param id: The ``id`` field of the plan to modify
   :statuscode 200: no error
   :statuscode 400: The plan could not be modified due to invalid submitted data
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer does not exist **or** you have no permission to change this resource **or** the plan is currently in use.
 .. http:delete:: /api/v1/organizers/(organizer)/seatingplans/(id)/
   Delete a plan. You can not delete plans which are currently in use by any events.
   **Example request**:
   .. sourcecode:: http
      DELETE /api/v1/organizers/bigevents/seatingplans/1/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
   **Example response**:
   .. sourcecode:: http
      HTTP/1.1 204 No Content
      Vary: Accept
   :param organizer: The ``slug`` field of the organizer to modify
   :param id: The ``id`` field of the plan to delete
   :statuscode 204: no error
   :statuscode 401: Authentication failure
   :statuscode 403: The requested organizer does not exist **or** you have no permission to delete this resource **or** the plan is currently in use.
 .. _here: https://github.com/pretix/pretix/blob/master/src/pretix/static/seating/seating-plan.schema.json
--- a/doc/api/resources/subevents.rst
+++ b/doc/api/resources/subevents.rst
@@ -20,8 +20,6 @@ name                                  multi-lingual string       The sub-event's
 event                                 string                     The slug of the parent event
 active                                boolean                    If ``true``, the sub-event ticket shop is publicly
                                                                 available.
 is_public                             boolean                    If ``true``, the sub-event ticket shop is publicly
                                                                 shown in lists.
 date_from                             datetime                   The sub-event's start date
 date_to                               datetime                   The sub-event's end date (or ``null``)
 date_admission                        datetime                   The sub-event's admission date (or ``null``)
@@ -36,11 +34,7 @@ variation_price_overrides             list of objects            List of variati
                                                                 the default price
 ├ variation                           integer                    The internal variation ID
 └ price                               money (string)             The price or ``null`` for the default price
-meta_data                             object                     Values set for organizer-specific meta data parameters.
+meta_data                             dict                       Values set for organizer-specific meta data parameters.
 seating_plan                          integer                    If reserved seating is in use, the ID of a seating
                                                                 plan. Otherwise ``null``.
 seat_category_mapping                 object                     An object mapping categories of the seating plan
                                                                 (strings) to items in the event (integers or ``null``).
 ===================================== ========================== =======================================================
 .. versionchanged:: 1.7
@@ -54,14 +48,6 @@ seat_category_mapping                 object                     An object mappi
 .. versionchanged:: 2.6
   The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
 .. versionchanged:: 2.7
   The attribute ``is_public`` has been added.
 .. versionchanged:: 3.0
   The attributes ``seating_plan`` and ``seat_category_mapping`` have been added.
 Endpoints
 ---------
@@ -95,14 +81,11 @@ Endpoints
            "name": {"en": "First Sample Conference"},
            "event": "sampleconf",
            "active": false,
            "is_public": true,
            "date_from": "2017-12-27T10:00:00Z",
            "date_to": null,
            "date_admission": null,
            "presale_start": null,
            "presale_end": null,
            "seating_plan": null,
            "seat_category_mapping": {},
            "location": null,
            "item_price_overrides": [
              {
@@ -140,20 +123,17 @@ Endpoints
      POST /api/v1/organizers/bigevents/events/sampleconf/subevents/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": {"en": "First Sample Conference"},
        "active": false,
        "is_public": true,
        "date_from": "2017-12-27T10:00:00Z",
        "date_to": null,
        "date_admission": null,
        "presale_start": null,
        "presale_end": null,
        "location": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "item_price_overrides": [
          {
            "item": 2,
@@ -177,15 +157,12 @@ Endpoints
        "id": 1,
        "name": {"en": "First Sample Conference"},
        "active": false,
        "is_public": true,
        "date_from": "2017-12-27T10:00:00Z",
        "date_to": null,
        "date_admission": null,
        "presale_start": null,
        "presale_end": null,
        "location": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "item_price_overrides": [
          {
            "item": 2,
@@ -230,15 +207,12 @@ Endpoints
        "name": {"en": "First Sample Conference"},
        "event": "sampleconf",
        "active": false,
        "is_public": true,
        "date_from": "2017-12-27T10:00:00Z",
        "date_to": null,
        "date_admission": null,
        "presale_start": null,
        "presale_end": null,
        "location": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "item_price_overrides": [
          {
            "item": 2,
@@ -271,7 +245,7 @@ Endpoints
      PATCH /api/v1/organizers/bigevents/events/sampleconf/subevents/1/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "name": {"en": "New Subevent Name"},
@@ -296,15 +270,12 @@ Endpoints
        "name": {"en": "New Subevent Name"},
        "event": "sampleconf",
        "active": false,
        "is_public": true,
        "date_from": "2017-12-27T10:00:00Z",
        "date_to": null,
        "date_admission": null,
        "presale_start": null,
        "presale_end": null,
        "location": null,
        "seating_plan": null,
        "seat_category_mapping": {},
        "item_price_overrides": [
          {
            "item": 2,
@@ -382,15 +353,12 @@ Endpoints
            "name": {"en": "First Sample Conference"},
            "event": "sampleconf",
            "active": false,
            "is_public": true,
            "date_from": "2017-12-27T10:00:00Z",
            "date_to": null,
            "date_admission": null,
            "presale_start": null,
            "presale_end": null,
            "location": null,
            "seating_plan": null,
            "seat_category_mapping": {},
            "item_price_overrides": [
              {
                "item": 2,
--- a/doc/api/resources/vouchers.rst
+++ b/doc/api/resources/vouchers.rst
@@ -41,7 +41,6 @@ quota                                 integer                    An ID of a quot
 tag                                   string                     A string that is used for grouping vouchers
 comment                               string                     An internal comment on the voucher
 subevent                              integer                    ID of the date inside an event series this voucher belongs to (or ``null``).
 show_hidden_items                     boolean                    Only if set to ``true``, this voucher allows to buy products with the property ``hide_without_voucher``. Defaults to ``true``.
 ===================================== ========================== =======================================================
@@ -49,10 +48,6 @@ show_hidden_items                     boolean                    Only if set to
   The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
 .. versionchanged:: 3.0
   The attribute ``show_hidden_items`` has been added.
 Endpoints
 ---------
--- a/doc/api/resources/webhooks.rst
+++ b/doc/api/resources/webhooks.rst
@@ -137,7 +137,7 @@ Endpoints
      POST /api/v1/organizers/bigevents/webhooks/ HTTP/1.1
      Host: pretix.eu
      Accept: application/json, text/javascript
-      Content-Type: application/json
+      Content: application/json
      {
        "enabled": true,
--- a/doc/conf.py
+++ b/doc/conf.py
@@ -66,7 +66,7 @@ source_suffix = '.rst'
 #source_encoding = 'utf-8-sig'
 # The master toctree document.
-master_doc = 'index'
+master_doc = 'contents'
 # General information about the project.
 project = 'pretix'
@@ -234,7 +234,7 @@ latex_elements = {
 # (source start file, target name, title,
 #  author, documentclass [howto, manual, or own class]).
 latex_documents = [
-  ('index', 'pretix.tex', 'pretix Documentation',
+  ('contents', 'pretix.tex', 'pretix Documentation',
   'Raphael Michel', 'manual'),
 ]
--- a/doc/contents.rst
+++ b/doc/contents.rst
--- a/doc/development/api/email.rst
+++ b/doc/development/api/email.rst
@@ -101,12 +101,9 @@ The template is passed the following context variables:
   The ``Event`` object
 ``signature`` (optional, only if configured)
-   The signature with event organizer contact details as markdown (render with ``{{ signature|safe }}``)
+   The body as markdown (render with ``{{ signature|safe }}``)
 ``order`` (optional, only if applicable)
   The ``Order`` object
 ``position`` (optional, only if applicable)
   The ``OrderPosition`` object
 .. _inlinestyler: https://pypi.org/project/inlinestyler/
--- a/doc/development/api/general.rst
+++ b/doc/development/api/general.rst
@@ -12,7 +12,7 @@ Core
 .. automodule:: pretix.base.signals
   :members: periodic_task, event_live_issues, event_copy_data, email_filter, register_notification_types,
-      item_copy_data, register_sales_channels, register_global_settings, quota_availability
+      item_copy_data, register_sales_channels
 Order events
 """"""""""""
@@ -20,13 +20,13 @@ Order events
 There are multiple signals that will be sent out in the ordering cycle:
 .. automodule:: pretix.base.signals
-   :members: validate_cart, validate_cart_addons, validate_order, order_fee_calculation, order_paid, order_placed, order_canceled, order_expired, order_modified, order_changed, order_approved, order_denied, order_fee_type_name, allow_ticket_download, order_split
+   :members: validate_cart, order_fee_calculation, order_paid, order_placed, order_fee_type_name, allow_ticket_download
 Frontend
 --------
 .. automodule:: pretix.presale.signals
-   :members: html_head, html_footer, footer_link, front_page_top, front_page_bottom, fee_calculation_for_cart, contact_form_fields, question_form_fields, checkout_confirm_messages, checkout_confirm_page_content, checkout_all_optional, html_page_header, sass_preamble, sass_postamble, render_seating_plan, checkout_flow_steps, position_info
+   :members: html_head, html_footer, footer_link, front_page_top, front_page_bottom, fee_calculation_for_cart, contact_form_fields, question_form_fields, checkout_confirm_messages, checkout_confirm_page_content, checkout_all_optional, html_page_header, sass_preamble, sass_postamble
 .. automodule:: pretix.presale.signals
@@ -49,11 +49,11 @@ Backend
 .. automodule:: pretix.control.signals
   :members: nav_event, html_head, html_page_start, quota_detail_html, nav_topbar, nav_global, nav_organizer, nav_event_settings,
-             order_info, event_settings_widget, oauth_application_registered, order_position_buttons, subevent_forms, item_formsets
+             order_info, event_settings_widget, oauth_application_registered, order_position_buttons
 .. automodule:: pretix.base.signals
-   :members: logentry_display, logentry_object_link, requiredaction_display, timeline_events
+   :members: logentry_display, logentry_object_link, requiredaction_display
 Vouchers
 """"""""
--- a/doc/development/api/plugins.rst
+++ b/doc/development/api/plugins.rst
@@ -49,19 +49,15 @@ description        string               A more verbose description of what your
 visible            boolean (optional)   ``True`` by default, can hide a plugin so it cannot be normally activated.
 restricted         boolean (optional)   ``False`` by default, restricts a plugin such that it can only be enabled
                                        for an event by system administrators / superusers.
 compatibility      string               Specifier for compatible pretix versions.
 ================== ==================== ===========================================================
 A working example would be::
-    try:
+    from django.apps import AppConfig
        from pretix.base.plugins import PluginConfig
    except ImportError:
        raise RuntimeError("Please use pretix 2.7 or above to run this plugin!")
    from django.utils.translation import ugettext_lazy as _
-    class PaypalApp(PluginConfig):
+    class PaypalApp(AppConfig):
        name = 'pretix_paypal'
        verbose_name = _("PayPal")
@@ -72,7 +68,6 @@ A working example would be::
            visible = True
            restricted = False
            description = _("This plugin allows you to receive payments via PayPal")
            compatibility = "pretix>=2.7.0"
    default_app_config = 'pretix_paypal.PaypalApp'
--- a/doc/development/implementation/models.rst
+++ b/doc/development/implementation/models.rst
@@ -23,7 +23,7 @@ Organizers and events
   :members:
 .. autoclass:: pretix.base.models.Event
-   :members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running, cache, lock, get_plugins, get_mail_backend, payment_term_last, get_payment_providers, get_invoice_renderers, invoice_renderer, settings
+   :members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running, cache, lock, get_plugins, get_mail_backend, payment_term_last, get_payment_providers, get_invoice_renderers, active_subevents, invoice_renderer, settings
 .. autoclass:: pretix.base.models.SubEvent
   :members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running
--- a/doc/development/setup.rst
+++ b/doc/development/setup.rst
@@ -21,12 +21,10 @@ Your should install the following on your system:
 * Python 3.5 or newer
 * ``pip`` for Python 3 (Debian package: ``python3-pip``)
 * ``python-dev`` for Python 3 (Debian package: ``python3-dev``)
 * On Debian/Ubuntu: ``python-venv`` for Python 3 (Debian package: ``python3-venv``)
 * ``libffi`` (Debian package: ``libffi-dev``)
 * ``libssl`` (Debian package: ``libssl-dev``)
 * ``libxml2`` (Debian package ``libxml2-dev``)
 * ``libxslt`` (Debian package ``libxslt1-dev``)
 * ``libenchant1c2a`` (Debian package ``libenchant1c2a``)
 * ``msgfmt`` (Debian package ``gettext``)
 * ``git``
@@ -65,7 +63,9 @@ Then, create the local database::
    python manage.py migrate
 A first user with username ``admin@localhost`` and password ``admin`` will be automatically
-created. 
+created. If you want to generate more test data, run::
    python make_testdata.py
 If you want to see pretix in a different language than English, you have to compile our language
 files::
--- a/doc/spelling_wordlist.txt
+++ b/doc/spelling_wordlist.txt
@@ -15,7 +15,6 @@ boolean
 booleans
 cancelled
 casted
 Ceph
 checkbox
 checksum
 config
@@ -36,13 +35,10 @@ eu
 filename
 filesystem
 fontawesome
 formset
 formsets
 frontend
 frontpage
 gettext
 gunicorn
 guid
 hardcoded
 hostname
 idempotency
@@ -57,7 +53,6 @@ linters
 memcached
 metadata
 middleware
 Minio
 mixin
 mixins
 multi
@@ -99,7 +94,6 @@ renderer
 renderers
 reportlab
 SaaS
 scalability
 screenshot
 scss
 searchable
@@ -130,14 +124,12 @@ unconfigured
 unix
 unprefixed
 untrusted
 uptime
 username
 url
 versa
 versioning
 viewset
 viewsets
 waitinglist
 webhook
 webhooks
 webserver
--- a/doc/user/events/structureguide.rst
+++ b/doc/user/events/structureguide.rst
@@ -45,8 +45,8 @@ In addition, you will need quotas. If you do not care how many of your tickets a
 If you want to limit the number of student tickets to 50 to ensure a certain minimum revenue, but do not want to limit the number of regular tickets artificially, we suggest you to create the same quota of 200 that is linked to both products, and then create a **second quota** of 50 that is only linked to the student ticket. This way, the system will reduce both quotas whenever a student ticket is sold and only the larger quota when a regular ticket is sold.
-Use case: Early-bird tiers based on dates
+Use case: Early-bird tiers
-----------------------------------------
+--------------------------
 Let's say you run a conference that has the following pricing scheme:
@@ -58,53 +58,9 @@ Of course, you could just set up one product and change its price at the given d
 Create three products (e.g. "super early bird", "early bird", "regular ticket") with the respective prices and one shared quota of your total event capacity. Then, set the **available from** and **available until** configuration fields of the products to automatically turn them on and off based on the current date.
-Use case: Early-bird tiers based on ticket numbers
+.. note::
 --------------------------------------------------
-Let's say you run a conference with 400 tickets that has the following pricing scheme:
+   pretix currently can't do early-bird tiers based on **ticket number** instead of time. We're planning this feature for later in 2019. For now, you'll need to monitor that manually.
 * First 100 tickets ("super early bird"): € 450
 * Next 100 tickets ("early bird"): € 550
 * Remaining tickets ("regular"): € 650
 First of all, create three products:
 * "Super early bird ticket"
 * "Early bird ticket"
 * "Regular ticket"
 Then, create three quotas:
 * "Super early bird" with a **size of 100** and the "Super early bird ticket" product selected. At "Advanced options",
  select the box "Close this quota permanently once it is sold out".
 * "Early bird and lower" with a **size of 200** and both of the "Super early bird ticket" and "Early bird ticket"
  products selected. At "Advanced options", select the box "Close this quota permanently once it is sold out".
 * "All participants" with a **size of 400**, all three products selected and **no additional options**.
 Next, modify the product "Regular ticket". In the section "Availability", you should look for the option "Only show
 after sellout of" and select your quota "Early bird and lower". Do the same for the "Early bird ticket" with the quota
 "Super early bird ticket".
 This will ensure the following things:
 * Each ticket level is only visible after the previous level is sold out.
 * As soon as one level is really sold out, it's not coming back, because the quota "closes", i.e. locks in place.
 * By creating a total quota of 400 with all tickets included, you can still make sure to sell the maximum number of
  tickets, even if e.g. early-bird tickets are canceled.
 Optionally, if you want to hide the early bird prices once they are sold out, go to "Settings", then "Display" and
 select "Hide all products that are sold out". Of course, it might be a nice idea to keep showing the prices to remind
 people to buy earlier next time ;)
 Please note that there might be short time intervals where the prices switch back and forth: When the last early bird
 tickets are in someone's cart (but not yet sold!), the early bird tickets will show as "Reserved" and the regular
 tickets start showing up. However, if the customers holding the reservations do not complete their order,
 the early bird tickets will become available again. This is not avoidable if we want to prevent malicious users
 from blocking all the cheap tickets without an actual sale happening.
 Use case: Up-selling of ticket extras
 -------------------------------------
@@ -129,14 +85,8 @@ Use case: Conference with workshops
 When running a conference, you might also organize a number of workshops with smaller capacity. To be able to plan, it would be great to know which workshops an attendee plans to attend.
 Option A: Questions
 """""""""""""""""""
 Your first and simplest option is to just create a multiple-choice question. This has the upside of making it easy for users to change their mind later on, but will not allow you to restrict the number of attendees signing up for a given workshop – or even charge extra for a given workshop.
 Option B: Add-on products with fixed time slots
 """""""""""""""""""""""""""""""""""""""""""""""
 The usually better option is to go with add-on products. Let's take for example the following conference schedule, in which the lecture can be attended by anyone, but the workshops only have space for 20 persons each:
 ==================== =================================== ===================================
@@ -167,42 +117,6 @@ Assuming you already created one or more products for your general conference ad
 * One add-on configuration on your base product that allows users to choose between 0 and 2 products from the category "Workshops"
 Option C: Add-on products with variable time slots
 """"""""""""""""""""""""""""""""""""""""""""""""""
 The above option only works if your conference uses fixed time slots and every workshop uses exactly one time slot. If
 your schedule looks like this, it's not going to work great:
 +-------------+------------+-----------+
 | Time        | Room A     | Room B    |
 +=============+============+===========+
 | 09:00-11:00 | Talk 1     | Long      |
 +-------------+------------+ Workshop 1|
 | 11:00-13:00 | Talk 2     |           |
 +-------------+------------+-----------+
 | 14:00-16:00 | Long       | Talk 3    |
 +-------------+ workshop 2 +-----------+
 | 16:00-18:00 |            | Talk 4    |
 +-------------+------------+-----------+
 In this case, we recommend that you go to *Settings*, then *Plugins* and activate the plugin **Agenda constraints**.
 Then, create a product (without variations) for every single part that should be bookable (talks 1-4 and long workshops
 1 and 2) as well as appropriate quotas for each of them.
 All of these products should be part of the same category. In your base product (e.g. your conference ticket), you
 can then create an add-on product configuration allowing users to add products from this category.
 If you edit these products, you will be able to enter the "Start date" and "End date" of the talk or workshop close
 to the bottom of the page. If you fill in these values, pretix will automatically ensure no overlapping talks are
 booked.
 .. note::
    This option is currently only available on pretix Hosted. If you are interested in using it with pretix Enterprise,
    please contact sales@pretix.eu.
 Use case: Discounted packages
 -----------------------------
--- a/doc/user/events/widget.rst
+++ b/doc/user/events/widget.rst
@@ -143,11 +143,6 @@ You can see an example here:
        </div>
    </noscript>
 You can filter events by meta data attributes. You can create those attributes in your order profile and set their values in both event and series date
 settings. For example, if you set up a meta data property called "Promoted" that you set to "Yes" on some events, you can pass a filter like this::
   <pretix-widget event="https://pretix.eu/demo/series/" style="list" filter="attr[Promoted]=Yes"></pretix-widget>
 pretix Button
 -------------
--- a/src/make_testdata.py
+++ b/src/make_testdata.py
@@ -0,0 +1,71 @@
 #!/usr/bin/env python
 import os
 import sys
 from datetime import datetime
 os.environ.setdefault("DJANGO_SETTINGS_MODULE", "pretix.settings")
 import django
 django.setup()
 from pretix.base.models import *  # NOQA
 from django.utils.timezone import now
 if Organizer.objects.exists():
    print("There already is data in your DB!")
    sys.exit(0)
 user = User.objects.get_or_create(
    email='admin@localhost',
 )[0]
 user.set_password('admin')
 user.save()
 organizer = Organizer.objects.create(
    name='BigEvents LLC', slug='bigevents'
 )
 year = now().year + 1
 event = Event.objects.create(
    organizer=organizer, name='Demo Conference {}'.format(year),
    slug=year, currency='EUR', live=True,
    date_from=datetime(year, 9, 4, 17, 0, 0),
    date_to=datetime(year, 9, 6, 17, 0, 0),
 )
 t = Team.objects.get_or_create(
    organizer=organizer, name='Admin Team',
    all_events=True, can_create_events=True, can_change_teams=True,
    can_change_organizer_settings=True, can_change_event_settings=True, can_change_items=True,
    can_view_orders=True, can_change_orders=True, can_view_vouchers=True, can_change_vouchers=True
 )
 t[0].members.add(user)
 cat_tickets = ItemCategory.objects.create(
    event=event, name='Tickets'
 )
 cat_merch = ItemCategory.objects.create(
    event=event, name='Merchandise'
 )
 question = Question.objects.create(
    event=event, question='Age',
    type=Question.TYPE_NUMBER, required=False
 )
 tr19 = event.tax_rules.create(rate=19)
 item_ticket = Item.objects.create(
    event=event, category=cat_tickets, name='Ticket',
    default_price=23, tax_rule=tr19, admission=True
 )
 item_ticket.questions.add(question)
 item_shirt = Item.objects.create(
    event=event, category=cat_merch, name='T-Shirt',
    default_price=15, tax_rule=tr19
 )
 var_s = ItemVariation.objects.create(item=item_shirt, value='S')
 var_m = ItemVariation.objects.create(item=item_shirt, value='M')
 var_l = ItemVariation.objects.create(item=item_shirt, value='L')
 ticket_quota = Quota.objects.create(
    event=event, name='Ticket quota', size=400,
 )
 ticket_quota.items.add(item_ticket)
 ticket_shirts = Quota.objects.create(
    event=event, name='Shirt quota', size=200,
 )
 ticket_quota.items.add(item_shirt)
 ticket_quota.variations.add(var_s, var_m, var_l)
--- a/src/pretix/init.py
+++ b/src/pretix/init.py
@@ -1 +1 @@
-__version__ = "3.0.1"
+__version__ = "2.6.0.dev0"
--- a/src/pretix/api/auth/device.py
+++ b/src/pretix/api/auth/device.py
@@ -1,5 +1,4 @@
 from django.contrib.auth.models import AnonymousUser
 from django_scopes import scopes_disabled
 from rest_framework import exceptions
 from rest_framework.authentication import TokenAuthentication
@@ -13,7 +12,6 @@ class DeviceTokenAuthentication(TokenAuthentication):
    def authenticate_credentials(self, key):
        model = self.get_model()
        try:
            with scopes_disabled():
            device = model.objects.select_related('organizer').get(api_token=key)
        except model.DoesNotExist:
            raise exceptions.AuthenticationFailed('Invalid token.')
@@ -21,7 +19,7 @@ class DeviceTokenAuthentication(TokenAuthentication):
        if not device.initialized:
            raise exceptions.AuthenticationFailed('Device has not been initialized.')
-        if device.revoked:
+        if not device.api_token:
            raise exceptions.AuthenticationFailed('Device access has been revoked.')
        return AnonymousUser(), device
--- a/src/pretix/api/auth/permission.py
+++ b/src/pretix/api/auth/permission.py
@@ -1,9 +1,8 @@
 from rest_framework.permissions import SAFE_METHODS, BasePermission
 from pretix.api.models import OAuthAccessToken
-from pretix.base.models import Device, Event, User
+from pretix.base.models import Device, Event
-from pretix.base.models.auth import SuperuserPermissionSet
+from pretix.base.models.organizer import Organizer, TeamAPIToken
 from pretix.base.models.organizer import TeamAPIToken
 from pretix.helpers.security import (
    SessionInvalid, SessionReauthRequired, assert_session_valid,
 )
@@ -38,23 +37,20 @@ class EventPermission(BasePermission):
                slug=request.resolver_match.kwargs['event'],
                organizer__slug=request.resolver_match.kwargs['organizer'],
            ).select_related('organizer').first()
-            if not request.event or not perm_holder.has_event_permission(request.event.organizer, request.event, request=request):
+            if not request.event or not perm_holder.has_event_permission(request.event.organizer, request.event):
                return False
            request.organizer = request.event.organizer
            if isinstance(perm_holder, User) and perm_holder.has_active_staff_session(request.session.session_key):
                request.eventpermset = SuperuserPermissionSet()
            else:
            request.eventpermset = perm_holder.get_event_permission_set(request.organizer, request.event)
            if required_permission and required_permission not in request.eventpermset:
                return False
        elif 'organizer' in request.resolver_match.kwargs:
-            if not request.organizer or not perm_holder.has_organizer_permission(request.organizer, request=request):
+            request.organizer = Organizer.objects.filter(
                slug=request.resolver_match.kwargs['organizer'],
            ).first()
            if not request.organizer or not perm_holder.has_organizer_permission(request.organizer):
                return False
            if isinstance(perm_holder, User) and perm_holder.has_active_staff_session(request.session.session_key):
                request.orgapermset = SuperuserPermissionSet()
            else:
            request.orgapermset = perm_holder.get_organizer_permission_set(request.organizer)
            if required_permission and required_permission not in request.orgapermset:
--- a/src/pretix/api/middleware.py
+++ b/src/pretix/api/middleware.py
@@ -1,112 +0,0 @@
 import json
 from hashlib import sha1
 from django.conf import settings
 from django.db import transaction
 from django.http import HttpRequest, HttpResponse, JsonResponse
 from django.urls import resolve
 from django.utils.timezone import now
 from django_scopes import scope
 from rest_framework import status
 from pretix.api.models import ApiCall
 from pretix.base.models import Organizer
 class IdempotencyMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response
    def __call__(self, request: HttpRequest):
        if request.method in ('GET', 'HEAD', 'OPTIONS'):
            return self.get_response(request)
        if not request.path.startswith('/api/'):
            return self.get_response(request)
        if not request.headers.get('X-Idempotency-Key'):
            return self.get_response(request)
        auth_hash_parts = '{}:{}'.format(
            request.headers.get('Authorization', ''),
            request.COOKIES.get(settings.SESSION_COOKIE_NAME, '')
        )
        auth_hash = sha1(auth_hash_parts.encode()).hexdigest()
        idempotency_key = request.headers.get('X-Idempotency-Key', '')
        with transaction.atomic():
            call, created = ApiCall.objects.select_for_update().get_or_create(
                auth_hash=auth_hash,
                idempotency_key=idempotency_key,
                defaults={
                    'locked': now(),
                    'request_method': request.method,
                    'request_path': request.path,
                    'response_code': 0,
                    'response_headers': '{}',
                    'response_body': b''
                }
            )
        if created:
            resp = self.get_response(request)
            with transaction.atomic():
                if resp.status_code in (409, 429, 503):
                    # This is the exception: These calls are *meant* to be retried!
                    call.delete()
                else:
                    call.response_code = resp.status_code
                    if isinstance(resp.content, str):
                        call.response_body = resp.content.encode()
                    elif isinstance(resp.content, memoryview):
                        call.response_body = resp.content.tobytes()
                    elif isinstance(resp.content, bytes):
                        call.response_body = resp.content
                    elif hasattr(resp.content, 'read'):
                        call.response_body = resp.read()
                    elif hasattr(resp, 'data'):
                        call.response_body = json.dumps(resp.data)
                    else:
                        call.response_body = repr(resp).encode()
                    call.response_headers = json.dumps(resp._headers)
                    call.locked = None
                    call.save(update_fields=['locked', 'response_code', 'response_headers',
                                             'response_body'])
            return resp
        else:
            if call.locked:
                r = JsonResponse(
                    {'detail': 'Concurrent request with idempotency key.'},
                    status=status.HTTP_409_CONFLICT,
                )
                r['Retry-After'] = 5
                return r
            content = call.response_body
            if isinstance(content, memoryview):
                content = content.tobytes()
            r = HttpResponse(
                content=content,
                status=call.response_code,
            )
            for k, v in json.loads(call.response_headers).values():
                r[k] = v
            return r
 class ApiScopeMiddleware:
    def __init__(self, get_response):
        self.get_response = get_response
    def __call__(self, request: HttpRequest):
        if not request.path.startswith('/api/'):
            return self.get_response(request)
        url = resolve(request.path_info)
        if 'organizer' in url.kwargs:
            request.organizer = Organizer.objects.filter(
                slug=url.kwargs['organizer'],
            ).first()
        with scope(organizer=getattr(request, 'organizer', None)):
            return self.get_response(request)
--- a/src/pretix/api/migrations/0004_auto_20190405_1048.py
+++ b/src/pretix/api/migrations/0004_auto_20190405_1048.py
@@ -1,44 +0,0 @@
 # Generated by Django 2.1.5 on 2019-04-05 10:48
 import django.db.models.deletion
 from django.conf import settings
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        migrations.swappable_dependency(settings.AUTH_USER_MODEL),
        ('pretixbase', '0116_auto_20190402_0722'),
        ('pretixapi', '0003_webhook_webhookcall_webhookeventlistener'),
    ]
    operations = [
        migrations.CreateModel(
            name='ApiCall',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False, verbose_name='ID')),
                ('idempotency_key', models.CharField(db_index=True, max_length=190)),
                ('auth_hash', models.CharField(db_index=True, max_length=190)),
                ('created', models.DateTimeField(auto_now_add=True)),
                ('locked', models.DateTimeField(null=True)),
                ('request_method', models.CharField(max_length=20)),
                ('request_path', models.CharField(max_length=255)),
                ('response_code', models.PositiveIntegerField()),
                ('response_headers', models.TextField()),
                ('response_body', models.BinaryField()),
            ],
        ),
        migrations.AlterModelOptions(
            name='webhookcall',
            options={'ordering': ('-datetime',)},
        ),
        migrations.AlterModelOptions(
            name='webhookeventlistener',
            options={'ordering': ('action_type',)},
        ),
        migrations.AlterUniqueTogether(
            name='apicall',
            unique_together={('idempotency_key', 'auth_hash')},
        ),
    ]
--- a/src/pretix/api/models.py
+++ b/src/pretix/api/models.py
@@ -77,9 +77,6 @@ class WebHook(models.Model):
    all_events = models.BooleanField(default=True, verbose_name=_("All events (including newly created ones)"))
    limit_events = models.ManyToManyField('pretixbase.Event', verbose_name=_("Limit to events"), blank=True)
    class Meta:
        ordering = ('id',)
    @property
    def action_types(self):
        return [
@@ -109,20 +106,3 @@ class WebHookCall(models.Model):
    class Meta:
        ordering = ("-datetime",)
 class ApiCall(models.Model):
    idempotency_key = models.CharField(max_length=190, db_index=True)
    auth_hash = models.CharField(max_length=190, db_index=True)
    created = models.DateTimeField(auto_now_add=True)
    locked = models.DateTimeField(null=True)
    request_method = models.CharField(max_length=20)
    request_path = models.CharField(max_length=255)
    response_code = models.PositiveIntegerField()
    response_headers = models.TextField()
    response_body = models.BinaryField()
    class Meta:
        unique_together = (('idempotency_key', 'auth_hash'),)
--- a/src/pretix/api/serializers/cart.py
+++ b/src/pretix/api/serializers/cart.py
@@ -8,33 +8,31 @@ from rest_framework.exceptions import ValidationError
 from pretix.api.serializers.i18n import I18nAwareModelSerializer
 from pretix.api.serializers.order import (
-    AnswerCreateSerializer, AnswerSerializer, InlineSeatSerializer,
+    AnswerCreateSerializer, AnswerSerializer,
 )
-from pretix.base.models import Quota, Seat
+from pretix.base.models import Quota
 from pretix.base.models.orders import CartPosition
 class CartPositionSerializer(I18nAwareModelSerializer):
    answers = AnswerSerializer(many=True)
    seat = InlineSeatSerializer()
    class Meta:
        model = CartPosition
        fields = ('id', 'cart_id', 'item', 'variation', 'price', 'attendee_name', 'attendee_name_parts',
                  'attendee_email', 'voucher', 'addon_to', 'subevent', 'datetime', 'expires', 'includes_tax',
-                  'answers', 'seat')
+                  'answers',)
 class CartPositionCreateSerializer(I18nAwareModelSerializer):
    answers = AnswerCreateSerializer(many=True, required=False)
    expires = serializers.DateTimeField(required=False)
    attendee_name = serializers.CharField(required=False, allow_null=True)
    seat = serializers.CharField(required=False, allow_null=True)
    class Meta:
        model = CartPosition
        fields = ('cart_id', 'item', 'variation', 'price', 'attendee_name', 'attendee_name_parts', 'attendee_email',
-                  'subevent', 'expires', 'includes_tax', 'answers', 'seat')
+                  'subevent', 'expires', 'includes_tax', 'answers',)
    def create(self, validated_data):
        answers_data = validated_data.pop('answers')
@@ -73,22 +71,6 @@ class CartPositionCreateSerializer(I18nAwareModelSerializer):
                validated_data['attendee_name_parts'] = {
                    '_legacy': attendee_name
                }
            seated = validated_data.get('item').seat_category_mappings.filter(subevent=validated_data.get('subevent')).exists()
            if validated_data.get('seat'):
                if not seated:
                    raise ValidationError('The specified product does not allow to choose a seat.')
                try:
                    seat = self.context['event'].seats.get(seat_guid=validated_data['seat'], subevent=validated_data.get('subevent'))
                except Seat.DoesNotExist:
                    raise ValidationError('The specified seat does not exist.')
                else:
                    validated_data['seat'] = seat
                    if not seat.is_available():
                        raise ValidationError(ugettext_lazy('The selected seat "{seat}" is not available.').format(seat=seat.name))
            elif seated:
                raise ValidationError('The specified product requires to choose a seat.')
            cp = CartPosition.objects.create(event=self.context['event'], **validated_data)
        for answ_data in answers_data:
--- a/src/pretix/api/serializers/event.py
+++ b/src/pretix/api/serializers/event.py
@@ -11,9 +11,6 @@ from pretix.api.serializers.i18n import I18nAwareModelSerializer
 from pretix.base.models import Event, TaxRule
 from pretix.base.models.event import SubEvent
 from pretix.base.models.items import SubEventItem, SubEventItemVariation
 from pretix.base.services.seating import (
    SeatProtected, generate_seats, validate_plan_change,
 )
 class MetaDataField(Field):
@@ -29,31 +26,15 @@ class MetaDataField(Field):
        }
 class SeatCategoryMappingField(Field):
    def to_representation(self, value):
        qs = value.seat_category_mappings.all()
        if isinstance(value, Event):
            qs = qs.filter(subevent=None)
        return {
            v.layout_category: v.product_id for v in qs
        }
    def to_internal_value(self, data):
        return {
            'seat_category_mapping': data or {}
        }
 class PluginsField(Field):
    def to_representation(self, obj):
        from pretix.base.plugins import get_all_plugins
-        return sorted([
+        return {
            p.module for p in get_all_plugins()
            if not p.name.startswith('.') and getattr(p, 'visible', True) and p.module in obj.get_plugins()
-        ])
+        }
    def to_internal_value(self, data):
        return {
@@ -64,14 +45,12 @@ class PluginsField(Field):
 class EventSerializer(I18nAwareModelSerializer):
    meta_data = MetaDataField(required=False, source='*')
    plugins = PluginsField(required=False, source='*')
    seat_category_mapping = SeatCategoryMappingField(source='*', required=False)
    class Meta:
        model = Event
        fields = ('name', 'slug', 'live', 'testmode', 'currency', 'date_from',
                  'date_to', 'date_admission', 'is_public', 'presale_start',
-                  'presale_end', 'location', 'has_subevents', 'meta_data', 'seating_plan',
+                  'presale_end', 'location', 'has_subevents', 'meta_data', 'plugins')
                  'plugins', 'seat_category_mapping')
    def validate(self, data):
        data = super().validate(data)
@@ -82,9 +61,6 @@ class EventSerializer(I18nAwareModelSerializer):
        Event.clean_dates(data.get('date_from'), data.get('date_to'))
        Event.clean_presale(data.get('presale_start'), data.get('presale_end'))
        if full_data.get('has_subevents') and full_data.get('seating_plan'):
            raise ValidationError('Event series should not directly be assigned a seating plan.')
        return data
    def validate_has_subevents(self, value):
@@ -116,27 +92,6 @@ class EventSerializer(I18nAwareModelSerializer):
                raise ValidationError(_('Meta data property \'{name}\' does not exist.').format(name=key))
        return value
    def validate_seating_plan(self, value):
        if value and value.organizer != self.context['request'].organizer:
            raise ValidationError('Invalid seating plan.')
        if self.instance and self.instance.pk:
            try:
                validate_plan_change(self.instance, None, value)
            except SeatProtected as e:
                raise ValidationError(str(e))
        return value
    def validate_seat_category_mapping(self, value):
        if value and value['seat_category_mapping'] and (not self.instance or not self.instance.pk):
            raise ValidationError('You cannot specify seat category mappings on event creation.')
        item_cache = {i.pk: i for i in self.instance.items.all()}
        result = {}
        for k, item in value['seat_category_mapping'].items():
            if item not in item_cache:
                raise ValidationError('Item \'{id}\' does not exist.'.format(id=item))
            result[k] = item_cache[item]
        return {'seat_category_mapping': result}
    def validate_plugins(self, value):
        from pretix.base.plugins import get_all_plugins
@@ -154,7 +109,6 @@ class EventSerializer(I18nAwareModelSerializer):
    @transaction.atomic
    def create(self, validated_data):
        meta_data = validated_data.pop('meta_data', None)
        validated_data.pop('seat_category_mapping', None)
        plugins = validated_data.pop('plugins', settings.PRETIX_PLUGINS_DEFAULT.split(','))
        event = super().create(validated_data)
@@ -166,10 +120,6 @@ class EventSerializer(I18nAwareModelSerializer):
                    value=value
                )
        # Seats
        if event.seating_plan:
            generate_seats(event, None, event.seating_plan, {})
        # Plugins
        if plugins is not None:
            event.set_active_plugins(plugins)
@@ -181,7 +131,6 @@ class EventSerializer(I18nAwareModelSerializer):
    def update(self, instance, validated_data):
        meta_data = validated_data.pop('meta_data', None)
        plugins = validated_data.pop('plugins', None)
        seat_category_mapping = validated_data.pop('seat_category_mapping', None)
        event = super().update(instance, validated_data)
        # Meta data
@@ -202,29 +151,6 @@ class EventSerializer(I18nAwareModelSerializer):
                if prop.name not in meta_data:
                    current_object.delete()
        # Seats
        if seat_category_mapping is not None or ('seating_plan' in validated_data and validated_data['seating_plan'] is None):
            current_mappings = {
                m.layout_category: m
                for m in event.seat_category_mappings.filter(subevent=None)
            }
            if not event.seating_plan:
                seat_category_mapping = {}
            for key, value in seat_category_mapping.items():
                if key in current_mappings:
                    m = current_mappings.pop(key)
                    m.product = value
                    m.save()
                else:
                    event.seat_category_mappings.create(product=value, layout_category=key)
            for m in current_mappings.values():
                m.delete()
        if 'seating_plan' in validated_data or seat_category_mapping is not None:
            generate_seats(event, None, event.seating_plan, {
                m.layout_category: m.product
                for m in event.seat_category_mappings.select_related('product').filter(subevent=None)
            })
        # Plugins
        if plugins is not None:
            event.set_active_plugins(plugins)
@@ -238,7 +164,6 @@ class CloneEventSerializer(EventSerializer):
    def create(self, validated_data):
        plugins = validated_data.pop('plugins', None)
        is_public = validated_data.pop('is_public', None)
        testmode = validated_data.pop('testmode', None)
        new_event = super().create(validated_data)
        event = Event.objects.filter(slug=self.context['event'], organizer=self.context['organizer'].pk).first()
@@ -248,8 +173,6 @@ class CloneEventSerializer(EventSerializer):
            new_event.set_active_plugins(plugins)
        if is_public is not None:
            new_event.is_public = is_public
        if testmode is not None:
            new_event.testmode = testmode
        new_event.save()
        return new_event
@@ -270,15 +193,14 @@ class SubEventItemVariationSerializer(I18nAwareModelSerializer):
 class SubEventSerializer(I18nAwareModelSerializer):
    item_price_overrides = SubEventItemSerializer(source='subeventitem_set', many=True, required=False)
    variation_price_overrides = SubEventItemVariationSerializer(source='subeventitemvariation_set', many=True, required=False)
    seat_category_mapping = SeatCategoryMappingField(source='*', required=False)
    event = SlugRelatedField(slug_field='slug', read_only=True)
    meta_data = MetaDataField(source='*')
    class Meta:
        model = SubEvent
        fields = ('id', 'name', 'date_from', 'date_to', 'active', 'date_admission',
-                  'presale_start', 'presale_end', 'location', 'event', 'is_public', 'seating_plan',
+                  'presale_start', 'presale_end', 'location', 'event',
-                  'item_price_overrides', 'variation_price_overrides', 'meta_data', 'seat_category_mapping')
+                  'item_price_overrides', 'variation_price_overrides', 'meta_data')
    def validate(self, data):
        data = super().validate(data)
@@ -290,8 +212,8 @@ class SubEventSerializer(I18nAwareModelSerializer):
        Event.clean_dates(data.get('date_from'), data.get('date_to'))
        Event.clean_presale(data.get('presale_start'), data.get('presale_end'))
-        SubEvent.clean_items(event, [item['item'] for item in full_data.get('subeventitem_set', [])])
+        SubEvent.clean_items(event, [item['item'] for item in full_data.get('subeventitem_set')])
-        SubEvent.clean_variations(event, [item['variation'] for item in full_data.get('subeventitemvariation_set', [])])
+        SubEvent.clean_variations(event, [item['variation'] for item in full_data.get('subeventitemvariation_set')])
        return data
    def validate_item_price_overrides(self, data):
@@ -300,25 +222,6 @@ class SubEventSerializer(I18nAwareModelSerializer):
    def validate_variation_price_overrides(self, data):
        return list(filter(lambda i: 'variation' in i, data))
    def validate_seating_plan(self, value):
        if value and value.organizer != self.context['request'].organizer:
            raise ValidationError('Invalid seating plan.')
        if self.instance and self.instance.pk:
            try:
                validate_plan_change(self.context['request'].event, self.instance, value)
            except SeatProtected as e:
                raise ValidationError(str(e))
        return value
    def validate_seat_category_mapping(self, value):
        item_cache = {i.pk: i for i in self.context['request'].event.items.all()}
        result = {}
        for k, item in value['seat_category_mapping'].items():
            if item not in item_cache:
                raise ValidationError('Item \'{id}\' does not exist.'.format(id=item))
            result[k] = item_cache[item]
        return {'seat_category_mapping': result}
    @cached_property
    def meta_properties(self):
        return {
@@ -336,7 +239,6 @@ class SubEventSerializer(I18nAwareModelSerializer):
        item_price_overrides_data = validated_data.pop('subeventitem_set') if 'subeventitem_set' in validated_data else {}
        variation_price_overrides_data = validated_data.pop('subeventitemvariation_set') if 'subeventitemvariation_set' in validated_data else {}
        meta_data = validated_data.pop('meta_data', None)
        seat_category_mapping = validated_data.pop('seat_category_mapping', None)
        subevent = super().create(validated_data)
        for item_price_override_data in item_price_overrides_data:
@@ -352,18 +254,6 @@ class SubEventSerializer(I18nAwareModelSerializer):
                    value=value
                )
        # Seats
        if subevent.seating_plan:
            if seat_category_mapping is not None:
                for key, value in seat_category_mapping.items():
                    self.context['request'].event.seat_category_mappings.create(
                        product=value, layout_category=key, subevent=subevent
                    )
            generate_seats(self.context['request'].event, subevent, subevent.seating_plan, {
                m.layout_category: m.product
                for m in self.context['request'].event.seat_category_mappings.select_related('product').filter(subevent=subevent)
            })
        return subevent
    @transaction.atomic
@@ -371,7 +261,6 @@ class SubEventSerializer(I18nAwareModelSerializer):
        item_price_overrides_data = validated_data.pop('subeventitem_set') if 'subeventitem_set' in validated_data else {}
        variation_price_overrides_data = validated_data.pop('subeventitemvariation_set') if 'subeventitemvariation_set' in validated_data else {}
        meta_data = validated_data.pop('meta_data', None)
        seat_category_mapping = validated_data.pop('seat_category_mapping', None)
        subevent = super().update(instance, validated_data)
        existing_item_overrides = {item.item: item.id for item in SubEventItem.objects.filter(subevent=subevent)}
@@ -408,31 +297,6 @@ class SubEventSerializer(I18nAwareModelSerializer):
                if prop.name not in meta_data:
                    current_object.delete()
        # Seats
        if seat_category_mapping is not None or ('seating_plan' in validated_data and validated_data['seating_plan'] is None):
            current_mappings = {
                m.layout_category: m
                for m in self.context['request'].event.seat_category_mappings.filter(subevent=subevent)
            }
            if not subevent.seating_plan:
                seat_category_mapping = {}
            for key, value in seat_category_mapping.items():
                if key in current_mappings:
                    m = current_mappings.pop(key)
                    m.product = value
                    m.save()
                else:
                    self.context['request'].event.seat_category_mappings.create(
                        product=value, layout_category=key, subevent=subevent
                    )
            for m in current_mappings.values():
                m.delete()
        if 'seating_plan' in validated_data or seat_category_mapping is not None:
            generate_seats(self.context['request'].event, subevent, subevent.seating_plan, {
                m.layout_category: m.product
                for m in self.context['request'].event.seat_category_mappings.select_related('product').filter(subevent=subevent)
            })
        return subevent
--- a/src/pretix/api/serializers/item.py
+++ b/src/pretix/api/serializers/item.py
@@ -19,7 +19,7 @@ class InlineItemVariationSerializer(I18nAwareModelSerializer):
    class Meta:
        model = ItemVariation
        fields = ('id', 'value', 'active', 'description',
-                  'position', 'default_price', 'price', 'original_price')
+                  'position', 'default_price', 'price')
 class ItemVariationSerializer(I18nAwareModelSerializer):
@@ -29,7 +29,7 @@ class ItemVariationSerializer(I18nAwareModelSerializer):
    class Meta:
        model = ItemVariation
        fields = ('id', 'value', 'active', 'description',
-                  'position', 'default_price', 'price', 'original_price')
+                  'position', 'default_price', 'price')
 class InlineItemBundleSerializer(serializers.ModelSerializer):
@@ -118,8 +118,7 @@ class ItemSerializer(I18nAwareModelSerializer):
                  'position', 'picture', 'available_from', 'available_until',
                  'require_voucher', 'hide_without_voucher', 'allow_cancel', 'require_bundling',
                  'min_per_order', 'max_per_order', 'checkin_attention', 'has_variations', 'variations',
-                  'addons', 'bundles', 'original_price', 'require_approval', 'generate_tickets',
+                  'addons', 'bundles', 'original_price', 'require_approval', 'generate_tickets')
                  'show_quota_left', 'hidden_if_available', 'allow_waitinglist')
        read_only_fields = ('has_variations', 'picture')
    def get_serializer_context(self):
@@ -201,25 +200,14 @@ class InlineQuestionOptionSerializer(I18nAwareModelSerializer):
        fields = ('id', 'identifier', 'answer', 'position')
 class LegacyDependencyValueField(serializers.CharField):
    def to_representation(self, obj):
        return obj[0] if obj else None
    def to_internal_value(self, data):
        return [data] if data else []
 class QuestionSerializer(I18nAwareModelSerializer):
    options = InlineQuestionOptionSerializer(many=True, required=False)
    identifier = serializers.CharField(allow_null=True)
    dependency_value = LegacyDependencyValueField(source='dependency_values', required=False, allow_null=True)
    class Meta:
        model = Question
        fields = ('id', 'question', 'type', 'required', 'items', 'options', 'position',
-                  'ask_during_checkin', 'identifier', 'dependency_question', 'dependency_values',
+                  'ask_during_checkin', 'identifier', 'dependency_question', 'dependency_value')
                  'hidden', 'dependency_value')
    def validate_identifier(self, value):
        Question._clean_identifier(self.context['event'], value, self.instance)
@@ -273,7 +261,6 @@ class QuestionSerializer(I18nAwareModelSerializer):
    def create(self, validated_data):
        options_data = validated_data.pop('options') if 'options' in validated_data else []
        items = validated_data.pop('items')
        question = Question.objects.create(**validated_data)
        question.items.set(items)
        for opt_data in options_data:
@@ -285,7 +272,7 @@ class QuotaSerializer(I18nAwareModelSerializer):
    class Meta:
        model = Quota
-        fields = ('id', 'name', 'size', 'items', 'variations', 'subevent', 'closed', 'close_when_sold_out')
+        fields = ('id', 'name', 'size', 'items', 'variations', 'subevent')
    def validate(self, data):
        data = super().validate(data)
--- a/src/pretix/api/serializers/order.py
+++ b/src/pretix/api/serializers/order.py
@@ -1,4 +1,5 @@
 import json
 from collections import Counter
 from decimal import Decimal
 from django.utils.timezone import now
@@ -13,8 +14,8 @@ from pretix.api.serializers.i18n import I18nAwareModelSerializer
 from pretix.base.channels import get_all_sales_channels
 from pretix.base.i18n import language
 from pretix.base.models import (
-    Checkin, Invoice, InvoiceAddress, InvoiceLine, Item, ItemVariation, Order,
+    Checkin, Invoice, InvoiceAddress, InvoiceLine, Order, OrderPosition,
-    OrderPosition, Question, QuestionAnswer, Seat, SubEvent,
+    Question, QuestionAnswer,
 )
 from pretix.base.models.orders import (
    CartPosition, OrderFee, OrderPayment, OrderRefund,
@@ -70,13 +71,6 @@ class AnswerQuestionOptionsIdentifierField(serializers.Field):
        return [o.identifier for o in instance.options.all()]
 class InlineSeatSerializer(I18nAwareModelSerializer):
    class Meta:
        model = Seat
        fields = ('id', 'name', 'seat_guid')
 class AnswerSerializer(I18nAwareModelSerializer):
    question_identifier = AnswerQuestionIdentifierField(source='*', read_only=True)
    option_identifiers = AnswerQuestionOptionsIdentifierField(source='*', read_only=True)
@@ -172,13 +166,12 @@ class OrderPositionSerializer(I18nAwareModelSerializer):
    downloads = PositionDownloadsField(source='*')
    order = serializers.SlugRelatedField(slug_field='code', read_only=True)
    pdf_data = PdfDataSerializer(source='*')
    seat = InlineSeatSerializer(read_only=True)
    class Meta:
        model = OrderPosition
        fields = ('id', 'order', 'positionid', 'item', 'variation', 'price', 'attendee_name', 'attendee_name_parts',
                  'attendee_email', 'voucher', 'tax_rate', 'tax_value', 'secret', 'addon_to', 'subevent', 'checkins',
-                  'downloads', 'answers', 'tax_rule', 'pseudonymization_id', 'pdf_data', 'seat')
+                  'downloads', 'answers', 'tax_rule', 'pseudonymization_id', 'pdf_data')
    def __init__(self, *args, **kwargs):
        super().__init__(*args, **kwargs)
@@ -186,55 +179,6 @@ class OrderPositionSerializer(I18nAwareModelSerializer):
            self.fields.pop('pdf_data')
 class RequireAttentionField(serializers.Field):
    def to_representation(self, instance: OrderPosition):
        return instance.order.checkin_attention or instance.item.checkin_attention
 class AttendeeNameField(serializers.Field):
    def to_representation(self, instance: OrderPosition):
        an = instance.attendee_name
        if not an:
            if instance.addon_to_id:
                an = instance.addon_to.attendee_name
        if not an:
            try:
                an = instance.order.invoice_address.name
            except InvoiceAddress.DoesNotExist:
                pass
        return an
 class AttendeeNamePartsField(serializers.Field):
    def to_representation(self, instance: OrderPosition):
        an = instance.attendee_name
        p = instance.attendee_name_parts
        if not an:
            if instance.addon_to_id:
                an = instance.addon_to.attendee_name
                p = instance.addon_to.attendee_name_parts
        if not an:
            try:
                p = instance.order.invoice_address.name_parts
            except InvoiceAddress.DoesNotExist:
                pass
        return p
 class CheckinListOrderPositionSerializer(OrderPositionSerializer):
    require_attention = RequireAttentionField(source='*')
    attendee_name = AttendeeNameField(source='*')
    attendee_name_parts = AttendeeNamePartsField(source='*')
    order__status = serializers.SlugRelatedField(read_only=True, slug_field='status', source='order')
    class Meta:
        model = OrderPosition
        fields = ('id', 'order', 'positionid', 'item', 'variation', 'price', 'attendee_name', 'attendee_name_parts',
                  'attendee_email', 'voucher', 'tax_rate', 'tax_value', 'secret', 'addon_to', 'subevent', 'checkins',
                  'downloads', 'answers', 'tax_rule', 'pseudonymization_id', 'pdf_data', 'require_attention',
                  'order__status')
 class OrderPaymentTypeField(serializers.Field):
    # TODO: Remove after pretix 2.2
    def to_representation(self, instance: Order):
@@ -312,6 +256,7 @@ class OrderSerializer(I18nAwareModelSerializer):
        # Even though all fields that shouldn't be edited are marked as read_only in the serializer
        # (hopefully), we'll be extra careful here and be explicit about the model fields we update.
        update_fields = ['comment', 'checkin_attention', 'email', 'locale']
        print(validated_data)
        if 'invoice_address' in validated_data:
            iadata = validated_data.pop('invoice_address')
@@ -343,23 +288,6 @@ class OrderSerializer(I18nAwareModelSerializer):
        return instance
 class PriceCalcSerializer(serializers.Serializer):
    item = serializers.PrimaryKeyRelatedField(queryset=Item.objects.none(), required=False, allow_null=True)
    variation = serializers.PrimaryKeyRelatedField(queryset=ItemVariation.objects.none(), required=False, allow_null=True)
    subevent = serializers.PrimaryKeyRelatedField(queryset=SubEvent.objects.none(), required=False, allow_null=True)
    locale = serializers.CharField(allow_null=True, required=False)
    def __init__(self, *args, **kwargs):
        event = kwargs.pop('event')
        super().__init__(*args, **kwargs)
        self.fields['item'].queryset = event.items.all()
        self.fields['variation'].queryset = ItemVariation.objects.filter(item__event=event)
        if event.has_subevents:
            self.fields['subevent'].queryset = event.subevents.all()
        else:
            del self.fields['subevent']
 class AnswerCreateSerializer(I18nAwareModelSerializer):
    class Meta:
@@ -436,12 +364,11 @@ class OrderPositionCreateSerializer(I18nAwareModelSerializer):
    addon_to = serializers.IntegerField(required=False, allow_null=True)
    secret = serializers.CharField(required=False)
    attendee_name = serializers.CharField(required=False, allow_null=True)
    seat = serializers.CharField(required=False, allow_null=True)
    class Meta:
        model = OrderPosition
        fields = ('positionid', 'item', 'variation', 'price', 'attendee_name', 'attendee_name_parts', 'attendee_email',
-                  'secret', 'addon_to', 'subevent', 'answers', 'seat')
+                  'secret', 'addon_to', 'subevent', 'answers')
    def validate_secret(self, secret):
        if secret and OrderPosition.all.filter(order__event=self.context['event'], secret=secret).exists():
@@ -530,13 +457,11 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
    payment_provider = serializers.CharField(required=True)
    payment_info = CompatibleJSONField(required=False)
    consume_carts = serializers.ListField(child=serializers.CharField(), required=False)
    force = serializers.BooleanField(default=False, required=False)
    payment_date = serializers.DateTimeField(required=False, allow_null=True)
    class Meta:
        model = Order
        fields = ('code', 'status', 'testmode', 'email', 'locale', 'payment_provider', 'fees', 'comment', 'sales_channel',
-                  'invoice_address', 'positions', 'checkin_attention', 'payment_info', 'payment_date', 'consume_carts', 'force')
+                  'invoice_address', 'positions', 'checkin_attention', 'payment_info', 'consume_carts')
    def validate_payment_provider(self, pp):
        if pp not in self.context['event'].get_payment_providers():
@@ -597,9 +522,6 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
                {'positionid': ["If you set addon_to on any position, you need to specify position IDs manually."]}
                for p in data
            ]
        else:
            for i, p in enumerate(data):
                p['positionid'] = i + 1
        if any(errs):
            raise ValidationError(errs)
@@ -610,8 +532,6 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
        positions_data = validated_data.pop('positions') if 'positions' in validated_data else []
        payment_provider = validated_data.pop('payment_provider')
        payment_info = validated_data.pop('payment_info', '{}')
        payment_date = validated_data.pop('payment_date', now())
        force = validated_data.pop('force', False)
        if 'invoice_address' in validated_data:
            iadata = validated_data.pop('invoice_address')
@@ -625,15 +545,13 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
            ia = None
        with self.context['event'].lock() as now_dt:
-            free_seats = set()
+            quotadiff = Counter()
-            seats_seen = set()
+
            consume_carts = validated_data.pop('consume_carts', [])
            delete_cps = []
            quota_avail_cache = {}
            if consume_carts:
-                for cp in CartPosition.objects.filter(
+                for cp in CartPosition.objects.filter(event=self.context['event'], cart_id__in=consume_carts):
                    event=self.context['event'], cart_id__in=consume_carts, expires__gt=now()
                ):
                    quotas = (cp.variation.quotas.filter(subevent=cp.subevent)
                              if cp.variation else cp.item.quotas.filter(subevent=cp.subevent))
                    for quota in quotas:
@@ -642,13 +560,11 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
                        if quota_avail_cache[quota][1] is not None:
                            quota_avail_cache[quota][1] += 1
                    if cp.expires > now_dt:
-                        if cp.seat:
+                        quotadiff.subtract(quotas)
                            free_seats.add(cp.seat)
                    delete_cps.append(cp)
            errs = [{} for p in positions_data]
            if not force:
            for i, pos_data in enumerate(positions_data):
                new_quotas = (pos_data.get('variation').quotas.filter(subevent=pos_data.get('subevent'))
                              if pos_data.get('variation')
@@ -671,22 +587,7 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
                                    )
                                ]
-            for i, pos_data in enumerate(positions_data):
+                quotadiff.update(new_quotas)
                seated = pos_data.get('item').seat_category_mappings.filter(subevent=pos_data.get('subevent')).exists()
                if pos_data.get('seat'):
                    if not seated:
                        errs[i]['seat'] = ['The specified product does not allow to choose a seat.']
                    try:
                        seat = self.context['event'].seats.get(seat_guid=pos_data['seat'], subevent=pos_data.get('subevent'))
                    except Seat.DoesNotExist:
                        errs[i]['seat'] = ['The specified seat does not exist.']
                    else:
                        pos_data['seat'] = seat
                        if (seat not in free_seats and not seat.is_available()) or seat in seats_seen:
                            errs[i]['seat'] = [ugettext_lazy('The selected seat "{seat}" is not available.').format(seat=seat.name)]
                        seats_seen.add(seat)
                elif seated:
                    errs[i]['seat'] = ['The specified product requires to choose a seat.']
            if any(errs):
                raise ValidationError({'positions': errs})
@@ -713,7 +614,7 @@ class OrderCreateSerializer(I18nAwareModelSerializer):
                    amount=order.total,
                    provider=payment_provider,
                    info=payment_info,
-                    payment_date=payment_date,
+                    payment_date=now(),
                    state=OrderPayment.PAYMENT_STATE_CONFIRMED
                )
            elif payment_provider:
--- a/src/pretix/api/serializers/organizer.py
+++ b/src/pretix/api/serializers/organizer.py
@@ -1,20 +1,8 @@
 from pretix.api.serializers.i18n import I18nAwareModelSerializer
-from pretix.api.serializers.order import CompatibleJSONField
+from pretix.base.models import Organizer
 from pretix.base.models import Organizer, SeatingPlan
 from pretix.base.models.seating import SeatingPlanLayoutValidator
 class OrganizerSerializer(I18nAwareModelSerializer):
    class Meta:
        model = Organizer
        fields = ('name', 'slug')
 class SeatingPlanSerializer(I18nAwareModelSerializer):
    layout = CompatibleJSONField(
        validators=[SeatingPlanLayoutValidator()]
    )
    class Meta:
        model = SeatingPlan
        fields = ('id', 'name', 'layout')
--- a/src/pretix/api/serializers/voucher.py
+++ b/src/pretix/api/serializers/voucher.py
@@ -27,7 +27,7 @@ class VoucherSerializer(I18nAwareModelSerializer):
        model = Voucher
        fields = ('id', 'code', 'max_usages', 'redeemed', 'valid_until', 'block_quota',
                  'allow_ignore_quota', 'price_mode', 'value', 'item', 'variation', 'quota',
-                  'tag', 'comment', 'subevent', 'show_hidden_items')
+                  'tag', 'comment', 'subevent')
        read_only_fields = ('id', 'redeemed')
        list_serializer_class = VoucherListSerializer
--- a/src/pretix/api/signals.py
+++ b/src/pretix/api/signals.py
@@ -2,9 +2,8 @@ from datetime import timedelta
 from django.dispatch import Signal, receiver
 from django.utils.timezone import now
 from django_scopes import scopes_disabled
-from pretix.api.models import ApiCall, WebHookCall
+from pretix.api.models import WebHookCall
 from pretix.base.signals import periodic_task
 register_webhook_events = Signal(
@@ -18,12 +17,5 @@ instances.
@receiver(periodic_task)
@scopes_disabled()
 def cleanup_webhook_logs(sender, **kwargs):
    WebHookCall.objects.filter(datetime__lte=now() - timedelta(days=30)).delete()
@receiver(periodic_task)
@scopes_disabled()
 def cleanup_api_logs(sender, **kwargs):
    ApiCall.objects.filter(created__lte=now() - timedelta(hours=24)).delete()
--- a/src/pretix/api/urls.py
+++ b/src/pretix/api/urls.py
@@ -18,7 +18,6 @@ orga_router = routers.DefaultRouter()
 orga_router.register(r'events', event.EventViewSet)
 orga_router.register(r'subevents', event.SubEventViewSet)
 orga_router.register(r'webhooks', webhooks.WebHookViewSet)
 orga_router.register(r'seatingplans', organizer.SeatingPlanViewSet)
 event_router = routers.DefaultRouter()
 event_router.register(r'subevents', event.SubEventViewSet)
--- a/src/pretix/api/views/init.py
+++ b/src/pretix/api/views/init.py
@@ -31,10 +31,10 @@ class RichOrderingFilter(OrderingFilter):
 class ConditionalListView:
    def list(self, request, **kwargs):
-        if_modified_since = request.headers.get('If-Modified-Since')
+        if_modified_since = request.META.get('HTTP_IF_MODIFIED_SINCE')
        if if_modified_since:
            if_modified_since = parse_http_date_safe(if_modified_since)
-        if_unmodified_since = request.headers.get('If-Unmodified-Since')
+        if_unmodified_since = request.META.get('HTTP_IF_UNMODIFIED_SINCE')
        if if_unmodified_since:
            if_unmodified_since = parse_http_date_safe(if_unmodified_since)
        if not hasattr(request, 'event'):
--- a/src/pretix/api/views/cart.py
+++ b/src/pretix/api/views/cart.py
@@ -24,7 +24,7 @@ class CartPositionViewSet(CreateModelMixin, DestroyModelMixin, viewsets.ReadOnly
        return CartPosition.objects.filter(
            event=self.request.event,
            cart_id__endswith="@api"
-        ).select_related('seat').prefetch_related('answers')
+        )
    def get_serializer_context(self):
        ctx = super().get_serializer_context()
--- a/src/pretix/api/views/checkin.py
+++ b/src/pretix/api/views/checkin.py
@@ -6,15 +6,14 @@ from django.shortcuts import get_object_or_404
 from django.utils.functional import cached_property
 from django.utils.timezone import now
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import viewsets
-from rest_framework.decorators import action
+from rest_framework.decorators import detail_route
 from rest_framework.fields import DateTimeField
 from rest_framework.response import Response
 from pretix.api.serializers.checkin import CheckinListSerializer
 from pretix.api.serializers.item import QuestionSerializer
-from pretix.api.serializers.order import CheckinListOrderPositionSerializer
+from pretix.api.serializers.order import OrderPositionSerializer
 from pretix.api.views import RichOrderingFilter
 from pretix.api.views.order import OrderPositionFilter
 from pretix.base.models import (
@@ -25,8 +24,8 @@ from pretix.base.services.checkin import (
 )
 from pretix.helpers.database import FixedOrderBy
-with scopes_disabled():
+
-    class CheckinListFilter(FilterSet):
+class CheckinListFilter(FilterSet):
    class Meta:
        model = CheckinList
        fields = ['subevent']
@@ -78,7 +77,7 @@ class CheckinListViewSet(viewsets.ModelViewSet):
        )
        super().perform_destroy(instance)
-    @action(detail=True, methods=['GET'])
+    @detail_route(methods=['GET'])
    def status(self, *args, **kwargs):
        clist = self.get_object()
        cqs = Checkin.objects.filter(
@@ -93,7 +92,6 @@ class CheckinListViewSet(viewsets.ModelViewSet):
        )
        if not clist.all_products:
            pqs = pqs.filter(item__in=clist.limit_products.values_list('id', flat=True))
            cqs = cqs.filter(position__item__in=clist.limit_products.values_list('id', flat=True))
        ev = clist.subevent or clist.event
        response = {
@@ -148,16 +146,15 @@ class CheckinListViewSet(viewsets.ModelViewSet):
        return Response(response)
-with scopes_disabled():
+class CheckinOrderPositionFilter(OrderPositionFilter):
    class CheckinOrderPositionFilter(OrderPositionFilter):
    def has_checkin_qs(self, queryset, name, value):
        return queryset.filter(last_checked_in__isnull=not value)
 class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
-    serializer_class = CheckinListOrderPositionSerializer
+    serializer_class = OrderPositionSerializer
-    queryset = OrderPosition.all.none()
+    queryset = OrderPosition.objects.none()
    filter_backends = (DjangoFilterBackend, RichOrderingFilter)
    ordering = ('attendee_name_cached', 'positionid')
    ordering_fields = (
@@ -192,7 +189,7 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
        except ValueError:
            raise Http404()
-    def get_queryset(self, ignore_status=False):
+    def get_queryset(self):
        cqs = Checkin.objects.filter(
            position_id=OuterRef('pk'),
            list_id=self.checkinlist.pk
@@ -202,15 +199,11 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
        qs = OrderPosition.objects.filter(
            order__event=self.request.event,
            order__status__in=[Order.STATUS_PAID, Order.STATUS_PENDING] if self.checkinlist.include_pending else [Order.STATUS_PAID],
            subevent=self.checkinlist.subevent
        ).annotate(
            last_checked_in=Subquery(cqs)
        )
        if self.request.query_params.get('ignore_status', 'false') != 'true' and not ignore_status:
            qs = qs.filter(
                order__status__in=[Order.STATUS_PAID, Order.STATUS_PENDING] if self.checkinlist.include_pending else [Order.STATUS_PAID]
            )
        if self.request.query_params.get('pdf_data', 'false') == 'true':
            qs = qs.prefetch_related(
                Prefetch(
@@ -232,7 +225,7 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
                    )
                ))
            ).select_related(
-                'item', 'variation', 'item__category', 'addon_to', 'order', 'order__invoice_address', 'seat'
+                'item', 'variation', 'item__category', 'addon_to'
            )
        else:
            qs = qs.prefetch_related(
@@ -242,19 +235,19 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
                ),
                'answers', 'answers__options', 'answers__question',
                Prefetch('addons', OrderPosition.objects.select_related('item', 'variation'))
-            ).select_related('item', 'variation', 'order', 'addon_to', 'order__invoice_address', 'order', 'seat')
+            ).select_related('item', 'variation', 'order', 'addon_to', 'order__invoice_address')
        if not self.checkinlist.all_products:
            qs = qs.filter(item__in=self.checkinlist.limit_products.values_list('id', flat=True))
        return qs
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def redeem(self, *args, **kwargs):
        force = bool(self.request.data.get('force', False))
        ignore_unpaid = bool(self.request.data.get('ignore_unpaid', False))
        nonce = self.request.data.get('nonce')
-        op = self.get_object(ignore_status=True)
+        op = self.get_object()
        if 'datetime' in self.request.data:
            dt = DateTimeField().to_internal_value(self.request.data.get('datetime'))
@@ -281,7 +274,6 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
                nonce=nonce,
                datetime=dt,
                questions_supported=self.request.data.get('questions_supported', True),
                canceled_supported=self.request.data.get('canceled_supported', False),
                user=self.request.user,
                auth=self.request.auth,
            )
@@ -289,7 +281,7 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
            return Response({
                'status': 'incomplete',
                'require_attention': op.item.checkin_attention or op.order.checkin_attention,
-                'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data,
+                'position': OrderPositionSerializer(op, context=self.get_serializer_context()).data,
                'questions': [
                    QuestionSerializer(q).data for q in e.questions
                ]
@@ -299,17 +291,17 @@ class CheckinListPositionViewSet(viewsets.ReadOnlyModelViewSet):
                'status': 'error',
                'reason': e.code,
                'require_attention': op.item.checkin_attention or op.order.checkin_attention,
-                'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data
+                'position': OrderPositionSerializer(op, context=self.get_serializer_context()).data
            }, status=400)
        else:
            return Response({
                'status': 'ok',
                'require_attention': op.item.checkin_attention or op.order.checkin_attention,
-                'position': CheckinListOrderPositionSerializer(op, context=self.get_serializer_context()).data
+                'position': OrderPositionSerializer(op, context=self.get_serializer_context()).data
            }, status=201)
-    def get_object(self, ignore_status=False):
+    def get_object(self):
-        queryset = self.filter_queryset(self.get_queryset(ignore_status=ignore_status))
+        queryset = self.filter_queryset(self.get_queryset())
        if self.kwargs['pk'].isnumeric():
            obj = get_object_or_404(queryset, Q(pk=self.kwargs['pk']) | Q(secret=self.kwargs['pk']))
        else:
--- a/src/pretix/api/views/device.py
+++ b/src/pretix/api/views/device.py
@@ -105,7 +105,7 @@ class RevokeKeyView(APIView):
    def post(self, request, format=None):
        device = request.auth
-        device.revoked = True
+        device.api_token = None
        device.save()
        device.log_action('pretix.device.revoked', auth=device)
--- a/src/pretix/api/views/event.py
+++ b/src/pretix/api/views/event.py
@@ -3,7 +3,6 @@ from django.db import transaction
 from django.db.models import ProtectedError, Q
 from django.utils.timezone import now
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import filters, viewsets
 from rest_framework.exceptions import PermissionDenied
@@ -14,13 +13,13 @@ from pretix.api.serializers.event import (
 )
 from pretix.api.views import ConditionalListView
 from pretix.base.models import (
-    CartPosition, Device, Event, ItemCategory, TaxRule, TeamAPIToken,
+    Device, Event, ItemCategory, TaxRule, TeamAPIToken,
 )
 from pretix.base.models.event import SubEvent
 from pretix.helpers.dicts import merge_dicts
-with scopes_disabled():
+
-    class EventFilter(FilterSet):
+class EventFilter(FilterSet):
    is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
    is_future = django_filters.rest_framework.BooleanFilter(method='is_future_qs')
    ends_after = django_filters.rest_framework.IsoDateTimeFilter(method='ends_after_qs')
@@ -73,8 +72,6 @@ class EventViewSet(viewsets.ModelViewSet):
    lookup_url_kwarg = 'event'
    permission_classes = (EventCRUDPermission,)
    filter_backends = (DjangoFilterBackend, filters.OrderingFilter)
    ordering = ('slug',)
    ordering_fields = ('date_from', 'slug')
    filterset_class = EventFilter
    def get_queryset(self):
@@ -86,7 +83,7 @@ class EventViewSet(viewsets.ModelViewSet):
            )
        return qs.prefetch_related(
-            'meta_values', 'meta_values__property', 'seat_category_mappings'
+            'meta_values', 'meta_values__property'
        )
    def perform_update(self, serializer):
@@ -183,8 +180,7 @@ class CloneEventViewSet(viewsets.ModelViewSet):
        )
-with scopes_disabled():
+class SubEventFilter(FilterSet):
    class SubEventFilter(FilterSet):
    is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
    is_future = django_filters.rest_framework.BooleanFilter(method='is_future_qs')
    ends_after = django_filters.rest_framework.IsoDateTimeFilter(method='ends_after_qs')
@@ -242,18 +238,12 @@ class SubEventViewSet(ConditionalListView, viewsets.ModelViewSet):
                event__in=self.request.user.get_events_with_any_permission()
            )
        return qs.prefetch_related(
-            'subeventitem_set', 'subeventitemvariation_set', 'seat_category_mappings'
+            'subeventitem_set', 'subeventitemvariation_set'
        )
    def perform_update(self, serializer):
        original_data = self.get_serializer(instance=serializer.instance).data
        super().perform_update(serializer)
        if serializer.data == original_data:
            # Performance optimization: If nothing was changed, we do not need to save or log anything.
            # This costs us a few cycles on save, but avoids thousands of lines in our log.
            return
        serializer.instance.log_action(
            'pretix.subevent.changed',
            user=self.request.user,
@@ -282,8 +272,6 @@ class SubEventViewSet(ConditionalListView, viewsets.ModelViewSet):
                    auth=self.request.auth,
                    data=self.request.data
                )
                CartPosition.objects.filter(addon_to__subevent=instance).delete()
                instance.cartposition_set.all().delete()
                super().perform_destroy(instance)
        except ProtectedError:
            raise PermissionDenied('The sub-event could not be deleted as some constraints (e.g. data created by '
--- a/src/pretix/api/views/item.py
+++ b/src/pretix/api/views/item.py
@@ -3,9 +3,8 @@ from django.db.models import Q
 from django.shortcuts import get_object_or_404
 from django.utils.functional import cached_property
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import viewsets
-from rest_framework.decorators import action
+from rest_framework.decorators import detail_route
 from rest_framework.exceptions import PermissionDenied
 from rest_framework.filters import OrderingFilter
 from rest_framework.response import Response
@@ -17,13 +16,13 @@ from pretix.api.serializers.item import (
 )
 from pretix.api.views import ConditionalListView
 from pretix.base.models import (
-    CartPosition, Item, ItemAddOn, ItemBundle, ItemCategory, ItemVariation,
+    Item, ItemAddOn, ItemBundle, ItemCategory, ItemVariation, Question,
-    Question, QuestionOption, Quota,
+    QuestionOption, Quota,
 )
 from pretix.helpers.dicts import merge_dicts
-with scopes_disabled():
+
-    class ItemFilter(FilterSet):
+class ItemFilter(FilterSet):
    tax_rate = django_filters.CharFilter(method='tax_rate_qs')
    def tax_rate_qs(self, queryset, name, value):
@@ -66,14 +65,7 @@ class ItemViewSet(ConditionalListView, viewsets.ModelViewSet):
        return ctx
    def perform_update(self, serializer):
        original_data = self.get_serializer(instance=serializer.instance).data
        serializer.save(event=self.request.event)
        if serializer.data == original_data:
            # Performance optimization: If nothing was changed, we do not need to save or log anything.
            # This costs us a few cycles on save, but avoids thousands of lines in our log.
            return
        serializer.instance.log_action(
            'pretix.event.item.changed',
            user=self.request.user,
@@ -92,8 +84,7 @@ class ItemViewSet(ConditionalListView, viewsets.ModelViewSet):
            user=self.request.user,
            auth=self.request.auth,
        )
-        CartPosition.objects.filter(addon_to__item=instance).delete()
+        self.get_object().cartposition_set.all().delete()
        instance.cartposition_set.all().delete()
        super().perform_destroy(instance)
@@ -320,8 +311,7 @@ class ItemCategoryViewSet(ConditionalListView, viewsets.ModelViewSet):
        super().perform_destroy(instance)
-with scopes_disabled():
+class QuestionFilter(FilterSet):
    class QuestionFilter(FilterSet):
    class Meta:
        model = Question
        fields = ['ask_during_checkin', 'required', 'identifier']
@@ -420,8 +410,7 @@ class QuestionOptionViewSet(viewsets.ModelViewSet):
        super().perform_destroy(instance)
-with scopes_disabled():
+class QuotaFilter(FilterSet):
    class QuotaFilter(FilterSet):
    class Meta:
        model = Quota
        fields = ['subevent']
@@ -462,30 +451,9 @@ class QuotaViewSet(ConditionalListView, viewsets.ModelViewSet):
        return ctx
    def perform_update(self, serializer):
        original_data = self.get_serializer(instance=serializer.instance).data
        current_subevent = serializer.instance.subevent
        serializer.save(event=self.request.event)
        request_subevent = serializer.instance.subevent
        if serializer.data == original_data:
            # Performance optimization: If nothing was changed, we do not need to save or log anything.
            # This costs us a few cycles on save, but avoids thousands of lines in our log.
            return
        if original_data['closed'] is True and serializer.instance.closed is False:
            serializer.instance.log_action(
                'pretix.event.quota.opened',
                user=self.request.user,
                auth=self.request.auth,
            )
        elif original_data['closed'] is False and serializer.instance.closed is True:
            serializer.instance.log_action(
                'pretix.event.quota.closed',
                user=self.request.user,
                auth=self.request.auth,
            )
        serializer.instance.log_action(
            'pretix.event.quota.changed',
            user=self.request.user,
@@ -530,7 +498,7 @@ class QuotaViewSet(ConditionalListView, viewsets.ModelViewSet):
            )
        super().perform_destroy(instance)
-    @action(detail=True, methods=['get'])
+    @detail_route(methods=['get'])
    def availability(self, request, *args, **kwargs):
        quota = self.get_object()
--- a/src/pretix/api/views/order.py
+++ b/src/pretix/api/views/order.py
@@ -11,9 +11,8 @@ from django.shortcuts import get_object_or_404
 from django.utils.timezone import make_aware, now
 from django.utils.translation import ugettext as _
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import mixins, serializers, status, viewsets
-from rest_framework.decorators import action
+from rest_framework.decorators import detail_route
 from rest_framework.exceptions import (
    APIException, NotFound, PermissionDenied, ValidationError,
 )
@@ -25,16 +24,14 @@ from pretix.api.models import OAuthAccessToken
 from pretix.api.serializers.order import (
    InvoiceSerializer, OrderCreateSerializer, OrderPaymentSerializer,
    OrderPositionSerializer, OrderRefundCreateSerializer,
-    OrderRefundSerializer, OrderSerializer, PriceCalcSerializer,
+    OrderRefundSerializer, OrderSerializer,
 )
 from pretix.base.i18n import language
 from pretix.base.models import (
-    CachedCombinedTicket, CachedTicket, Device, Event, Invoice, InvoiceAddress,
+    CachedCombinedTicket, CachedTicket, Device, Event, Invoice, Order,
-    Order, OrderPayment, OrderPosition, OrderRefund, Quota, TeamAPIToken,
+    OrderPayment, OrderPosition, OrderRefund, Quota, TeamAPIToken,
    generate_position_secret, generate_secret,
 )
 from pretix.base.payment import PaymentException
 from pretix.base.services import tickets
 from pretix.base.services.invoices import (
    generate_cancellation, generate_invoice, invoice_pdf, invoice_qualified,
    regenerate_invoice,
@@ -44,20 +41,15 @@ from pretix.base.services.orders import (
    OrderChangeManager, OrderError, approve_order, cancel_order, deny_order,
    extend_order, mark_order_expired, mark_order_refunded,
 )
 from pretix.base.services.pricing import get_price
 from pretix.base.services.tickets import generate
-from pretix.base.signals import (
+from pretix.base.signals import order_placed, register_ticket_outputs
    order_modified, order_placed, register_ticket_outputs,
 )
 from pretix.base.templatetags.money import money_filter
-with scopes_disabled():
+
-    class OrderFilter(FilterSet):
+class OrderFilter(FilterSet):
    email = django_filters.CharFilter(field_name='email', lookup_expr='iexact')
    code = django_filters.CharFilter(field_name='code', lookup_expr='iexact')
    status = django_filters.CharFilter(field_name='status', lookup_expr='iexact')
    modified_since = django_filters.IsoDateTimeFilter(field_name='last_modified', lookup_expr='gte')
        created_since = django_filters.IsoDateTimeFilter(field_name='datetime', lookup_expr='gte')
    class Meta:
        model = Order
@@ -93,8 +85,8 @@ class OrderViewSet(viewsets.ModelViewSet):
                    'positions',
                    OrderPosition.objects.all().prefetch_related(
                        'checkins', 'item', 'variation', 'answers', 'answers__options', 'answers__question',
-                        'item__category', 'addon_to', 'seat',
+                        'item__category', 'addon_to',
-                        Prefetch('addons', OrderPosition.objects.select_related('item', 'variation', 'seat'))
+                        Prefetch('addons', OrderPosition.objects.select_related('item', 'variation'))
                    )
                )
            )
@@ -103,7 +95,7 @@ class OrderViewSet(viewsets.ModelViewSet):
                Prefetch(
                    'positions',
                    OrderPosition.objects.all().prefetch_related(
-                        'checkins', 'item', 'variation', 'answers', 'answers__options', 'answers__question', 'seat',
+                        'checkins', 'item', 'variation', 'answers', 'answers__options', 'answers__question',
                    )
                )
            )
@@ -132,7 +124,7 @@ class OrderViewSet(viewsets.ModelViewSet):
        serializer = self.get_serializer(queryset, many=True)
        return Response(serializer.data, headers={'X-Page-Generated': date})
-    @action(detail=True, url_name='download', url_path='download/(?P<output>[^/]+)')
+    @detail_route(url_name='download', url_path='download/(?P<output>[^/]+)')
    def download(self, request, output, **kwargs):
        provider = self._get_output_provider(output)
        order = self.get_object()
@@ -154,7 +146,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            )
            return resp
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def mark_paid(self, request, **kwargs):
        order = self.get_object()
@@ -195,7 +187,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            status=status.HTTP_400_BAD_REQUEST
        )
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def mark_canceled(self, request, **kwargs):
        send_mail = request.data.get('send_email', True)
        cancellation_fee = request.data.get('cancellation_fee', None)
@@ -229,7 +221,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            )
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def approve(self, request, **kwargs):
        send_mail = request.data.get('send_email', True)
@@ -247,7 +239,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST)
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def deny(self, request, **kwargs):
        send_mail = request.data.get('send_email', True)
        comment = request.data.get('comment', '')
@@ -265,7 +257,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            return Response({'detail': str(e)}, status=status.HTTP_400_BAD_REQUEST)
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def mark_pending(self, request, **kwargs):
        order = self.get_object()
@@ -284,7 +276,7 @@ class OrderViewSet(viewsets.ModelViewSet):
        )
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def mark_expired(self, request, **kwargs):
        order = self.get_object()
@@ -301,7 +293,7 @@ class OrderViewSet(viewsets.ModelViewSet):
        )
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def mark_refunded(self, request, **kwargs):
        order = self.get_object()
@@ -318,7 +310,7 @@ class OrderViewSet(viewsets.ModelViewSet):
        )
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def create_invoice(self, request, **kwargs):
        order = self.get_object()
        has_inv = order.invoices.exists() and not (
@@ -350,7 +342,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            status=status.HTTP_201_CREATED
        )
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def resend_link(self, request, **kwargs):
        order = self.get_object()
        if not order.email:
@@ -364,7 +356,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            status=status.HTTP_204_NO_CONTENT
        )
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    @transaction.atomic
    def regenerate_secrets(self, request, **kwargs):
        order = self.get_object()
@@ -375,8 +367,6 @@ class OrderViewSet(viewsets.ModelViewSet):
        order.save(update_fields=['secret'])
        CachedTicket.objects.filter(order_position__order=order).delete()
        CachedCombinedTicket.objects.filter(order=order).delete()
        tickets.invalidate_cache.apply_async(kwargs={'event': self.request.event.pk,
                                                     'order': order.pk})
        order.log_action(
            'pretix.event.order.secret.changed',
            user=self.request.user,
@@ -384,7 +374,7 @@ class OrderViewSet(viewsets.ModelViewSet):
        )
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def extend(self, request, **kwargs):
        new_date = request.data.get('expires', None)
        force = request.data.get('force', False)
@@ -460,8 +450,8 @@ class OrderViewSet(viewsets.ModelViewSet):
            )
        return super().update(request, *args, **kwargs)
    @transaction.atomic
    def perform_update(self, serializer):
        with transaction.atomic():
        if 'comment' in self.request.data and serializer.instance.comment != self.request.data.get('comment'):
            serializer.instance.log_action(
                'pretix.event.order.comment',
@@ -483,7 +473,6 @@ class OrderViewSet(viewsets.ModelViewSet):
            )
        if 'email' in self.request.data and serializer.instance.email != self.request.data.get('email'):
                serializer.instance.email_known_to_work = False
            serializer.instance.log_action(
                'pretix.event.order.contact.changed',
                user=self.request.user,
@@ -516,10 +505,6 @@ class OrderViewSet(viewsets.ModelViewSet):
            )
        serializer.save()
            tickets.invalidate_cache.apply_async(kwargs={'event': serializer.instance.event.pk, 'order': serializer.instance.pk})
        if 'invoice_address' in self.request.data:
            order_modified.send(sender=serializer.instance.event, order=serializer.instance)
    def perform_create(self, serializer):
        serializer.save()
@@ -532,8 +517,7 @@ class OrderViewSet(viewsets.ModelViewSet):
            self.get_object().gracefully_delete(user=self.request.user if self.request.user.is_authenticated else None, auth=self.request.auth)
-with scopes_disabled():
+class OrderPositionFilter(FilterSet):
    class OrderPositionFilter(FilterSet):
    order = django_filters.CharFilter(field_name='order', lookup_expr='code__iexact')
    has_checkin = django_filters.rest_framework.BooleanFilter(method='has_checkin_qs')
    attendee_name = django_filters.CharFilter(method='attendee_name_qs')
@@ -574,7 +558,7 @@ with scopes_disabled():
 class OrderPositionViewSet(mixins.DestroyModelMixin, viewsets.ReadOnlyModelViewSet):
    serializer_class = OrderPositionSerializer
-    queryset = OrderPosition.all.none()
+    queryset = OrderPosition.objects.none()
    filter_backends = (DjangoFilterBackend, OrderingFilter)
    ordering = ('order__datetime', 'positionid')
    ordering_fields = ('order__code', 'order__datetime', 'positionid', 'attendee_name', 'order__status',)
@@ -611,13 +595,13 @@ class OrderPositionViewSet(mixins.DestroyModelMixin, viewsets.ReadOnlyModelViewS
                    )
                ))
            ).select_related(
-                'item', 'variation', 'item__category', 'addon_to', 'seat'
+                'item', 'variation', 'item__category', 'addon_to'
            )
        else:
            qs = qs.prefetch_related(
                'checkins', 'answers', 'answers__options', 'answers__question'
            ).select_related(
-                'item', 'order', 'order__event', 'order__event__organizer', 'seat'
+                'item', 'order', 'order__event', 'order__event__organizer'
            )
        return qs
@@ -629,84 +613,7 @@ class OrderPositionViewSet(mixins.DestroyModelMixin, viewsets.ReadOnlyModelViewS
                return prov
        raise NotFound('Unknown output provider.')
-    @action(detail=True, methods=['POST'], url_name='price_calc')
+    @detail_route(url_name='download', url_path='download/(?P<output>[^/]+)')
    def price_calc(self, request, *args, **kwargs):
        """
        This calculates the price assuming a change of product or subevent. This endpoint
        is deliberately not documented and considered a private API, only to be used by
        pretix' web interface.
        Sample input:
        {
            "item": 2,
            "variation": null,
            "subevent": 3
        }
        Sample output:
        {
            "gross": "2.34",
            "gross_formatted": "2,34",
            "net": "2.34",
            "tax": "0.00",
            "rate": "0.00",
            "name": "VAT"
        }
        """
        serializer = PriceCalcSerializer(data=request.data, event=request.event)
        serializer.is_valid(raise_exception=True)
        data = serializer.validated_data
        pos = self.get_object()
        try:
            ia = pos.order.invoice_address
        except InvoiceAddress.DoesNotExist:
            ia = InvoiceAddress()
        kwargs = {
            'item': pos.item,
            'variation': pos.variation,
            'voucher': pos.voucher,
            'subevent': pos.subevent,
            'addon_to': pos.addon_to,
            'invoice_address': ia,
        }
        if data.get('item'):
            item = data.get('item')
            kwargs['item'] = item
            if item.has_variations:
                variation = data.get('variation') or pos.variation
                if not variation:
                    raise ValidationError('No variation given')
                if variation.item != item:
                    raise ValidationError('Variation does not belong to item')
                kwargs['variation'] = variation
            else:
                variation = None
                kwargs['variation'] = None
            if pos.voucher and not pos.voucher.applies_to(item, variation):
                kwargs['voucher'] = None
        if data.get('subevent'):
            kwargs['subevent'] = data.get('subevent')
        price = get_price(**kwargs)
        with language(data.get('locale') or self.request.event.settings.locale):
            return Response({
                'gross': price.gross,
                'gross_formatted': money_filter(price.gross, self.request.event.currency, hide_currency=True),
                'net': price.net,
                'rate': price.rate,
                'name': str(price.name),
                'tax': price.tax,
            })
    @action(detail=True, url_name='download', url_path='download/(?P<output>[^/]+)')
    def download(self, request, output, **kwargs):
        provider = self._get_output_provider(output)
        pos = self.get_object()
@@ -757,7 +664,7 @@ class PaymentViewSet(viewsets.ReadOnlyModelViewSet):
        order = get_object_or_404(Order, code=self.kwargs['order'], event=self.request.event)
        return order.payments.all()
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def confirm(self, request, **kwargs):
        payment = self.get_object()
        force = request.data.get('force', False)
@@ -778,7 +685,7 @@ class PaymentViewSet(viewsets.ReadOnlyModelViewSet):
            pass
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def refund(self, request, **kwargs):
        payment = self.get_object()
        amount = serializers.DecimalField(max_digits=10, decimal_places=2).to_internal_value(
@@ -843,7 +750,7 @@ class PaymentViewSet(viewsets.ReadOnlyModelViewSet):
                    payment.order.save(update_fields=['status', 'expires'])
            return Response(OrderRefundSerializer(r).data, status=status.HTTP_200_OK)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def cancel(self, request, **kwargs):
        payment = self.get_object()
@@ -871,7 +778,7 @@ class RefundViewSet(CreateModelMixin, viewsets.ReadOnlyModelViewSet):
        order = get_object_or_404(Order, code=self.kwargs['order'], event=self.request.event)
        return order.refunds.all()
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def cancel(self, request, **kwargs):
        refund = self.get_object()
@@ -888,7 +795,7 @@ class RefundViewSet(CreateModelMixin, viewsets.ReadOnlyModelViewSet):
            }, user=self.request.user if self.request.user.is_authenticated else None, auth=self.request.auth)
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def process(self, request, **kwargs):
        refund = self.get_object()
@@ -913,7 +820,7 @@ class RefundViewSet(CreateModelMixin, viewsets.ReadOnlyModelViewSet):
            refund.order.save(update_fields=['status', 'expires'])
        return self.retrieve(request, [], **kwargs)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def done(self, request, **kwargs):
        refund = self.get_object()
@@ -962,8 +869,7 @@ class RefundViewSet(CreateModelMixin, viewsets.ReadOnlyModelViewSet):
        serializer.save()
-with scopes_disabled():
+class InvoiceFilter(FilterSet):
    class InvoiceFilter(FilterSet):
    refers = django_filters.CharFilter(method='refers_qs')
    number = django_filters.CharFilter(method='nr_qs')
    order = django_filters.CharFilter(field_name='order', lookup_expr='code__iexact')
@@ -1004,7 +910,7 @@ class InvoiceViewSet(viewsets.ReadOnlyModelViewSet):
            nr=Concat('prefix', 'invoice_no')
        )
-    @action(detail=True, )
+    @detail_route()
    def download(self, request, **kwargs):
        invoice = self.get_object()
@@ -1022,7 +928,7 @@ class InvoiceViewSet(viewsets.ReadOnlyModelViewSet):
        resp['Content-Disposition'] = 'attachment; filename="{}.pdf"'.format(invoice.number)
        return resp
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def regenerate(self, request, **kwarts):
        inv = self.get_object()
        if inv.canceled:
@@ -1041,7 +947,7 @@ class InvoiceViewSet(viewsets.ReadOnlyModelViewSet):
            )
            return Response(status=204)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def reissue(self, request, **kwarts):
        inv = self.get_object()
        if inv.canceled:
--- a/src/pretix/api/views/organizer.py
+++ b/src/pretix/api/views/organizer.py
@@ -1,12 +1,8 @@
-from rest_framework import filters, viewsets
+from rest_framework import viewsets
 from rest_framework.exceptions import PermissionDenied
 from pretix.api.models import OAuthAccessToken
-from pretix.api.serializers.organizer import (
+from pretix.api.serializers.organizer import OrganizerSerializer
-    OrganizerSerializer, SeatingPlanSerializer,
+from pretix.base.models import Organizer
 )
 from pretix.base.models import Organizer, SeatingPlan
 from pretix.helpers.dicts import merge_dicts
 class OrganizerViewSet(viewsets.ReadOnlyModelViewSet):
@@ -14,9 +10,6 @@ class OrganizerViewSet(viewsets.ReadOnlyModelViewSet):
    queryset = Organizer.objects.none()
    lookup_field = 'slug'
    lookup_url_kwarg = 'organizer'
    filter_backends = (filters.OrderingFilter,)
    ordering = ('slug',)
    ordering_fields = ('name', 'slug')
    def get_queryset(self):
        if self.request.user.is_authenticated:
@@ -34,50 +27,3 @@ class OrganizerViewSet(viewsets.ReadOnlyModelViewSet):
            return Organizer.objects.filter(pk=self.request.auth.organizer_id)
        else:
            return Organizer.objects.filter(pk=self.request.auth.team.organizer_id)
 class SeatingPlanViewSet(viewsets.ModelViewSet):
    serializer_class = SeatingPlanSerializer
    queryset = SeatingPlan.objects.none()
    permission = 'can_change_organizer_settings'
    write_permission = 'can_change_organizer_settings'
    def get_queryset(self):
        return self.request.organizer.seating_plans.all()
    def get_serializer_context(self):
        ctx = super().get_serializer_context()
        ctx['organizer'] = self.request.organizer
        return ctx
    def perform_create(self, serializer):
        inst = serializer.save(organizer=self.request.organizer)
        self.request.organizer.log_action(
            'pretix.seatingplan.added',
            user=self.request.user,
            auth=self.request.auth,
            data=merge_dicts(self.request.data, {'id': inst.pk})
        )
    def perform_update(self, serializer):
        if serializer.instance.events.exists() or serializer.instance.subevents.exists():
            raise PermissionDenied('This plan can not be changed while it is in use for an event.')
        inst = serializer.save(organizer=self.request.organizer)
        self.request.organizer.log_action(
            'pretix.seatingplan.changed',
            user=self.request.user,
            auth=self.request.auth,
            data=merge_dicts(self.request.data, {'id': serializer.instance.pk})
        )
        return inst
    def perform_destroy(self, instance):
        if instance.events.exists() or instance.subevents.exists():
            raise PermissionDenied('This plan can not be deleted while it is in use for an event.')
        instance.log_action(
            'pretix.seatingplan.deleted',
            user=self.request.user,
            auth=self.request.auth,
            data={'id': instance.pk}
        )
        instance.delete()
--- a/src/pretix/api/views/voucher.py
+++ b/src/pretix/api/views/voucher.py
@@ -6,9 +6,8 @@ from django.utils.timezone import now
 from django_filters.rest_framework import (
    BooleanFilter, DjangoFilterBackend, FilterSet,
 )
 from django_scopes import scopes_disabled
 from rest_framework import status, viewsets
-from rest_framework.decorators import action
+from rest_framework.decorators import list_route
 from rest_framework.exceptions import PermissionDenied
 from rest_framework.filters import OrderingFilter
 from rest_framework.response import Response
@@ -16,8 +15,8 @@ from rest_framework.response import Response
 from pretix.api.serializers.voucher import VoucherSerializer
 from pretix.base.models import Voucher
-with scopes_disabled():
+
-    class VoucherFilter(FilterSet):
+class VoucherFilter(FilterSet):
    active = BooleanFilter(method='filter_active')
    class Meta:
@@ -112,12 +111,9 @@ class VoucherViewSet(viewsets.ModelViewSet):
            user=self.request.user,
            auth=self.request.auth,
        )
        with transaction.atomic():
            instance.cartposition_set.filter(addon_to__isnull=False).delete()
            instance.cartposition_set.all().delete()
        super().perform_destroy(instance)
-    @action(detail=False, methods=['POST'])
+    @list_route(methods=['POST'])
    def batch_create(self, request, *args, **kwargs):
        if any(self._predict_quota_check(d, None) for d in request.data):
            lockfn = request.event.lock
--- a/src/pretix/api/views/waitinglist.py
+++ b/src/pretix/api/views/waitinglist.py
@@ -1,8 +1,7 @@
 import django_filters
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import viewsets
-from rest_framework.decorators import action
+from rest_framework.decorators import detail_route
 from rest_framework.exceptions import PermissionDenied, ValidationError
 from rest_framework.filters import OrderingFilter
 from rest_framework.response import Response
@@ -11,8 +10,8 @@ from pretix.api.serializers.waitinglist import WaitingListSerializer
 from pretix.base.models import WaitingListEntry
 from pretix.base.models.waitinglist import WaitingListException
-with scopes_disabled():
+
-    class WaitingListFilter(FilterSet):
+class WaitingListFilter(FilterSet):
    has_voucher = django_filters.rest_framework.BooleanFilter(method='has_voucher_qs')
    def has_voucher_qs(self, queryset, name, value):
@@ -70,7 +69,7 @@ class WaitingListViewSet(viewsets.ModelViewSet):
        )
        super().perform_destroy(instance)
-    @action(detail=True, methods=['POST'])
+    @detail_route(methods=['POST'])
    def send_voucher(self, *args, **kwargs):
        try:
            self.get_object().send_voucher(
--- a/src/pretix/api/webhooks.py
+++ b/src/pretix/api/webhooks.py
@@ -8,7 +8,6 @@ from celery.exceptions import MaxRetriesExceededError
 from django.db.models import Exists, OuterRef, Q
 from django.dispatch import receiver
 from django.utils.translation import ugettext_lazy as _
 from django_scopes import scope, scopes_disabled
 from requests import RequestException
 from pretix.api.models import WebHook, WebHookCall, WebHookEventListener
@@ -204,10 +203,9 @@ def notify_webhooks(logentry_id: int):
@app.task(base=ProfiledTask, bind=True, max_retries=9)
 def send_webhook(self, logentry_id: int, action_type: str, webhook_id: int):
    # 9 retries with 2**(2*x) timing is roughly 72 hours
    with scopes_disabled():
        webhook = WebHook.objects.get(id=webhook_id)
    with scope(organizer=webhook.organizer):
    logentry = LogEntry.all.get(id=logentry_id)
    webhook = WebHook.objects.get(id=webhook_id)
    types = get_all_webhook_events()
    event_type = types.get(action_type)
    if not event_type or not webhook.enabled:
--- a/src/pretix/base/email.py
+++ b/src/pretix/base/email.py
@@ -8,7 +8,7 @@ from django.template.loader import get_template
 from django.utils.translation import ugettext_lazy as _
 from inlinestyler.utils import inline_css
-from pretix.base.models import Event, Order, OrderPosition
+from pretix.base.models import Event, Order
 from pretix.base.signals import register_html_mail_renderers
 from pretix.base.templatetags.rich_text import markdown_compile_email
@@ -44,8 +44,7 @@ class BaseHTMLMailRenderer:
    def __str__(self):
        return self.identifier
-    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order=None,
+    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order=None) -> str:
               position: OrderPosition=None) -> str:
        """
        This method should generate the HTML part of the email.
@@ -53,7 +52,6 @@ class BaseHTMLMailRenderer:
        :param plain_signature: The signature with event organizer contact details in plain text.
        :param subject: The email subject.
        :param order: The order if this email is connected to one, otherwise ``None``.
        :param position: The order position if this email is connected to one, otherwise ``None``.
        :return: An HTML string
        """
        raise NotImplementedError()
@@ -97,7 +95,7 @@ class TemplateBasedMailRenderer(BaseHTMLMailRenderer):
    def template_name(self):
        raise NotImplementedError()
-    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order, position: OrderPosition) -> str:
+    def render(self, plain_body: str, plain_signature: str, subject: str, order: Order) -> str:
        body_md = markdown_compile_email(plain_body)
        htmlctx = {
            'site': settings.PRETIX_INSTANCE_NAME,
@@ -118,9 +116,6 @@ class TemplateBasedMailRenderer(BaseHTMLMailRenderer):
        if order:
            htmlctx['order'] = order
        if position:
            htmlctx['position'] = position
        tpl = get_template(self.template_name)
        body_html = inline_css(tpl.render(htmlctx))
        return body_html
--- a/src/pretix/base/exporter.py
+++ b/src/pretix/base/exporter.py
@@ -71,8 +71,6 @@ class BaseExporter:
        :type form_data: dict
        :param form_data: The form data of the export details form
        :param output_file: You can optionally accept a parameter that will be given a file handle to write the
                            output to. In this case, you can return None instead of the file content.
        Note: If you use a ``ModelChoiceField`` (or a ``ModelMultipleChoiceField``), the
        ``form_data`` will not contain the model instance but only it's primary key (or
@@ -113,20 +111,14 @@ class ListExporter(BaseExporter):
    def get_filename(self):
        return 'export.csv'
-    def _render_csv(self, form_data, output_file=None, **kwargs):
+    def _render_csv(self, form_data, **kwargs):
        if output_file:
            writer = csv.writer(output_file, **kwargs)
            for line in self.iterate_list(form_data):
                writer.writerow(line)
            return self.get_filename() + '.csv', 'text/csv', None
        else:
        output = io.StringIO()
        writer = csv.writer(output, **kwargs)
        for line in self.iterate_list(form_data):
            writer.writerow(line)
        return self.get_filename() + '.csv', 'text/csv', output.getvalue().encode("utf-8")
-    def _render_xlsx(self, form_data, output_file=None):
+    def _render_xlsx(self, form_data):
        wb = Workbook()
        ws = wb.get_active_sheet()
        try:
@@ -137,24 +129,20 @@ class ListExporter(BaseExporter):
            for j, val in enumerate(line):
                ws.cell(row=i + 1, column=j + 1).value = str(val) if not isinstance(val, KNOWN_TYPES) else val
        if output_file:
            wb.save(output_file)
            return self.get_filename() + '.xlsx', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', None
        else:
        with tempfile.NamedTemporaryFile(suffix='.xlsx') as f:
            wb.save(f.name)
            f.seek(0)
            return self.get_filename() + '.xlsx', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', f.read()
-    def render(self, form_data: dict, output_file=None) -> Tuple[str, str, bytes]:
+    def render(self, form_data: dict) -> Tuple[str, str, bytes]:
        if form_data.get('_format') == 'xlsx':
-            return self._render_xlsx(form_data, output_file=output_file)
+            return self._render_xlsx(form_data)
        elif form_data.get('_format') == 'default':
-            return self._render_csv(form_data, quoting=csv.QUOTE_NONNUMERIC, delimiter=',', output_file=output_file)
+            return self._render_csv(form_data, quoting=csv.QUOTE_NONNUMERIC, delimiter=',')
        elif form_data.get('_format') == 'csv-excel':
-            return self._render_csv(form_data, dialect='excel', output_file=output_file)
+            return self._render_csv(form_data, dialect='excel')
        elif form_data.get('_format') == 'semicolon':
-            return self._render_csv(form_data, dialect='excel', delimiter=';', output_file=output_file)
+            return self._render_csv(form_data, dialect='excel', delimiter=';')
 class MultiSheetListExporter(ListExporter):
@@ -192,20 +180,14 @@ class MultiSheetListExporter(ListExporter):
    def iterate_sheet(self, form_data, sheet):
        raise NotImplementedError()  # noqa
-    def _render_sheet_csv(self, form_data, sheet, output_file=None, **kwargs):
+    def _render_sheet_csv(self, form_data, sheet, **kwargs):
        if output_file:
            writer = csv.writer(output_file, **kwargs)
            for line in self.iterate_sheet(form_data, sheet):
                writer.writerow(line)
            return self.get_filename() + '.csv', 'text/csv', None
        else:
        output = io.StringIO()
        writer = csv.writer(output, **kwargs)
        for line in self.iterate_sheet(form_data, sheet):
            writer.writerow(line)
        return self.get_filename() + '.csv', 'text/csv', output.getvalue().encode("utf-8")
-    def _render_xlsx(self, form_data, output_file=None):
+    def _render_xlsx(self, form_data):
        wb = Workbook()
        ws = wb.get_active_sheet()
        wb.remove(ws)
@@ -215,24 +197,19 @@ class MultiSheetListExporter(ListExporter):
                for j, val in enumerate(line):
                    ws.cell(row=i + 1, column=j + 1).value = str(val) if not isinstance(val, KNOWN_TYPES) else val
        if output_file:
            wb.save(output_file)
            return self.get_filename() + '.xlsx', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', None
        else:
        with tempfile.NamedTemporaryFile(suffix='.xlsx') as f:
            wb.save(f.name)
            f.seek(0)
            return self.get_filename() + '.xlsx', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet', f.read()
-    def render(self, form_data: dict, output_file=None) -> Tuple[str, str, bytes]:
+    def render(self, form_data: dict) -> Tuple[str, str, bytes]:
        if form_data.get('_format') == 'xlsx':
-            return self._render_xlsx(form_data, output_file=output_file)
+            return self._render_xlsx(form_data)
        elif ':' in form_data.get('_format'):
            sheet, f = form_data.get('_format').split(':')
            if f == 'default':
-                return self._render_sheet_csv(form_data, sheet, quoting=csv.QUOTE_NONNUMERIC, delimiter=',',
+                return self._render_sheet_csv(form_data, sheet, quoting=csv.QUOTE_NONNUMERIC, delimiter=',')
                                              output_file=output_file)
            elif f == 'excel':
-                return self._render_sheet_csv(form_data, sheet, dialect='excel', output_file=output_file)
+                return self._render_sheet_csv(form_data, sheet, dialect='excel')
            elif f == 'semicolon':
-                return self._render_sheet_csv(form_data, sheet, dialect='excel', delimiter=';', output_file=output_file)
+                return self._render_sheet_csv(form_data, sheet, dialect='excel', delimiter=';')
--- a/src/pretix/base/exporters/init.py
+++ b/src/pretix/base/exporters/init.py
@@ -1,5 +1,4 @@
 from .answers import *  # noqa
 from .dekodi import *  # noqa
 from .invoices import *  # noqa
 from .json import *  # noqa
 from .mail import *  # noqa
--- a/src/pretix/base/exporters/answers.py
+++ b/src/pretix/base/exporters/answers.py
@@ -40,7 +40,6 @@ class AnswerFilesExporter(BaseExporter):
        if form_data.get('questions'):
            qs = qs.filter(question__in=form_data['questions'])
        with tempfile.TemporaryDirectory() as d:
            any = False
            with ZipFile(os.path.join(d, 'tmp.zip'), 'w') as zipf:
                for i in qs:
                    if i.file:
@@ -52,12 +51,9 @@ class AnswerFilesExporter(BaseExporter):
                            i.question.pk,
                            os.path.basename(i.file.name).split('.', 1)[1]
                        )
                        any = True
                        zipf.writestr(fname, i.file.read())
                        i.file.close()
            if not any:
                return None
            with open(os.path.join(d, 'tmp.zip'), 'rb') as zipf:
                return '{}_answers.zip'.format(self.event.slug), 'application/zip', zipf.read()
--- a/src/pretix/base/exporters/dekodi.py
+++ b/src/pretix/base/exporters/dekodi.py
@@ -1,219 +0,0 @@
 import json
 from collections import OrderedDict
 from decimal import Decimal
 import dateutil
 from django import forms
 from django.core.serializers.json import DjangoJSONEncoder
 from django.dispatch import receiver
 from django.utils.translation import ugettext, ugettext_lazy
 from pretix.base.i18n import language
 from pretix.base.models import Invoice, OrderPayment
 from ..exporter import BaseExporter
 from ..signals import register_data_exporters
 class DekodiNREIExporter(BaseExporter):
    identifier = 'dekodi_nrei'
    verbose_name = 'dekodi NREI (JSON)'
    # Specification: http://manuals.dekodi.de/nexuspub/schnittstellenbuch/
    def _encode_invoice(self, invoice: Invoice):
        p_last = invoice.order.payments.filter(state=[OrderPayment.PAYMENT_STATE_CONFIRMED, OrderPayment.PAYMENT_STATE_REFUNDED]).last()
        gross_total = Decimal('0.00')
        net_total = Decimal('0.00')
        positions = []
        for l in invoice.lines.all():
            positions.append({
                'ADes': l.description.replace("<br />", "\n"),
                'ANetA': round(float((-1 if invoice.is_cancellation else 1) * l.net_value), 2),
                'ANo': self.event.slug,
                'AQ': -1 if invoice.is_cancellation else 1,
                'AVatP': round(float(l.tax_rate), 2),
                'DIDt': (l.subevent or invoice.order.event).date_from.isoformat().replace('Z', '+00:00'),
                'PosGrossA': round(float(l.gross_value), 2),
                'PosNetA': round(float(l.net_value), 2),
            })
            gross_total += l.gross_value
            net_total += l.net_value
        payments = []
        paypal_email = None
        for p in invoice.order.payments.filter(
                state__in=(OrderPayment.PAYMENT_STATE_CONFIRMED, OrderPayment.PAYMENT_STATE_PENDING,
                           OrderPayment.PAYMENT_STATE_CREATED, OrderPayment.PAYMENT_STATE_REFUNDED)
        ):
            if p.provider == 'paypal':
                paypal_email = p.info_data.get('payer', {}).get('payer_info', {}).get('email')
                try:
                    ppid = p.info_data['transactions'][0]['related_resources'][0]['sale']['id']
                except:
                    ppid = p.info_data.get('id')
                payments.append({
                    'PTID': '1',
                    'PTN': 'PayPal',
                    'PTNo1': ppid,
                    'PTNo2': p.info_data.get('id'),
                    'PTNo7': round(float(p.amount), 2),
                    'PTNo8': str(self.event.currency),
                    'PTNo11': paypal_email or '',
                    'PTNo15': p.full_id or '',
                })
            elif p.provider == 'banktransfer':
                payments.append({
                    'PTID': '4',
                    'PTN': 'Vorkasse',
                    'PTNo4': p.info_data.get('reference') or p.payment_provider._code(invoice.order),
                    'PTNo7': round(float(p.amount), 2),
                    'PTNo8': str(self.event.currency),
                    'PTNo10': p.info_data.get('payer') or '',
                    'PTNo14': p.info_data.get('date') or '',
                    'PTNo15': p.full_id or '',
                })
            elif p.provider == 'sepadebit':
                with language(invoice.order.locale):
                    payments.append({
                        'PTID': '5',
                        'PTN': 'Lastschrift',
                        'PTNo4': ugettext('Event ticket {event}-{code}').format(
                            event=self.event.slug.upper(),
                            code=invoice.order.code
                        ),
                        'PTNo5': p.info_data.get('iban') or '',
                        'PTNo6': p.info_data.get('bic') or '',
                        'PTNo7': round(float(p.amount), 2),
                        'PTNo8': str(self.event.currency) or '',
                        'PTNo9': p.info_data.get('date') or '',
                        'PTNo10': p.info_data.get('account') or '',
                        'PTNo14': p.info_data.get('reference') or '',
                        'PTNo15': p.full_id or '',
                    })
            elif p.provider.startswith('stripe'):
                src = p.info_data.get("source", p.info_data)
                payments.append({
                    'PTID': '81',
                    'PTN': 'Stripe',
                    'PTNo1': p.info_data.get("id") or '',
                    'PTNo5': src.get("card", {}).get("last4") or '',
                    'PTNo7': round(float(p.amount), 2) or '',
                    'PTNo8': str(self.event.currency) or '',
                    'PTNo10': src.get('owner', {}).get('verified_name') or src.get('owner', {}).get('name') or '',
                    'PTNo15': p.full_id or '',
                })
            else:
                payments.append({
                    'PTID': '0',
                    'PTN': p.provider,
                    'PTNo7': round(float(p.amount), 2) or '',
                    'PTNo8': str(self.event.currency) or '',
                    'PTNo15': p.full_id or '',
                })
        payments = [
            {
                k: v for k, v in p.items() if v is not None
            } for p in payments
        ]
        hdr = {
            'C': str(invoice.invoice_to_country) or self.event.settings.invoice_address_from_country,
            'CC': self.event.currency,
            'City': invoice.invoice_to_city,
            'CN': invoice.invoice_to_company,
            'DIC': self.event.settings.invoice_address_from_country,
            # DIC is  a little bit unclean, should be the event location's country
            'DIDt': invoice.order.datetime.isoformat().replace('Z', '+00:00'),
            'DT': '30' if invoice.is_cancellation else '10',
            'EM': invoice.order.email,
            'FamN': invoice.invoice_to_name.rsplit(' ', 1)[-1],
            'FN': invoice.invoice_to_name.rsplit(' ', 1)[0] if ' ' in invoice.invoice_to_name else '',
            'IDt': invoice.date.isoformat() + 'T08:00:00+01:00',
            'INo': invoice.full_invoice_no,
            'IsNet': invoice.reverse_charge,
            'ODt': invoice.order.datetime.isoformat().replace('Z', '+00:00'),
            'OID': invoice.order.code,
            'SID': self.event.slug,
            'SN': str(self.event),
            'Str': invoice.invoice_to_street or '',
            'TGrossA': round(float(gross_total), 2),
            'TNetA': round(float(net_total), 2),
            'TVatA': round(float(gross_total - net_total), 2),
            'VatDp': False,
            'Zip': invoice.invoice_to_zipcode
        }
        if not hdr['FamN'] and not hdr['CN']:
            hdr['CN'] = "Unbekannter Kunde"
        if invoice.refers:
            hdr['PvrINo'] = invoice.refers.full_invoice_no
        if p_last:
            hdr['PmDt'] = p_last.payment_date.isoformat().replace('Z', '+00:00')
        if paypal_email:
            hdr['PPEm'] = paypal_email
        if invoice.invoice_to_vat_id:
            hdr['VatID'] = invoice.invoice_to_vat_id
        return {
            'IsValid': True,
            'Hdr': hdr,
            'InvcPstns': positions,
            'PmIs': payments,
            'ValidationMessage': ''
        }
    def render(self, form_data):
        qs = self.event.invoices.select_related('order').prefetch_related('lines', 'lines__subevent')
        if form_data.get('date_from'):
            date_value = form_data.get('date_from')
            if isinstance(date_value, str):
                date_value = dateutil.parser.parse(date_value).date()
            qs = qs.filter(date__gte=date_value)
        if form_data.get('date_to'):
            date_value = form_data.get('date_to')
            if isinstance(date_value, str):
                date_value = dateutil.parser.parse(date_value).date()
            qs = qs.filter(date__lte=date_value)
        jo = {
            'Format': 'NREI',
            'Version': '18.10.2.0',
            'SourceSystem': 'pretix',
            'Data': [
                self._encode_invoice(i) for i in qs
            ]
        }
        return '{}_nrei.json'.format(self.event.slug), 'application/json', json.dumps(jo, cls=DjangoJSONEncoder, indent=4)
    @property
    def export_form_fields(self):
        return OrderedDict(
            [
                ('date_from',
                 forms.DateField(
                     label=ugettext_lazy('Start date'),
                     widget=forms.DateInput(attrs={'class': 'datepickerfield'}),
                     required=False,
                     help_text=ugettext_lazy('Only include invoices issued on or after this date. Note that the invoice date does '
                                             'not always correspond to the order or payment date.')
                 )),
                ('date_to',
                 forms.DateField(
                     label=ugettext_lazy('End date'),
                     widget=forms.DateInput(attrs={'class': 'datepickerfield'}),
                     required=False,
                     help_text=ugettext_lazy('Only include invoices issued on or before this date. Note that the invoice date '
                                             'does not always correspond to the order or payment date.')
                 )),
            ]
        )
@receiver(register_data_exporters, dispatch_uid="exporter_dekodi_nrei")
 def register_dekodi_export(sender, **kwargs):
    return DekodiNREIExporter
--- a/src/pretix/base/exporters/invoices.py
+++ b/src/pretix/base/exporters/invoices.py
@@ -20,7 +20,7 @@ class InvoiceExporter(BaseExporter):
    identifier = 'invoices'
    verbose_name = _('All invoices')
-    def render(self, form_data: dict, output_file=None):
+    def render(self, form_data: dict):
        qs = self.event.invoices.filter(shredded=False)
        if form_data.get('payment_provider'):
@@ -46,8 +46,7 @@ class InvoiceExporter(BaseExporter):
            qs = qs.filter(date__lte=date_value)
        with tempfile.TemporaryDirectory() as d:
-            any = False
+            with ZipFile(os.path.join(d, 'tmp.zip'), 'w') as zipf:
            with ZipFile(output_file or os.path.join(d, 'tmp.zip'), 'w') as zipf:
                for i in qs:
                    try:
                        if not i.file:
@@ -55,22 +54,14 @@ class InvoiceExporter(BaseExporter):
                            i.refresh_from_db()
                        i.file.open('rb')
                        zipf.writestr('{}.pdf'.format(i.number), i.file.read())
                        any = True
                        i.file.close()
                    except FileNotFoundError:
                        invoice_pdf_task.apply(args=(i.pk,))
                        i.refresh_from_db()
                        i.file.open('rb')
                        zipf.writestr('{}.pdf'.format(i.number), i.file.read())
                        any = True
                        i.file.close()
            if not any:
                return None
            if output_file:
                return '{}_invoices.zip'.format(self.event.slug), 'application/zip', None
            else:
            with open(os.path.join(d, 'tmp.zip'), 'rb') as zipf:
                return '{}_invoices.zip'.format(self.event.slug), 'application/zip', zipf.read()
--- a/src/pretix/base/exporters/orderlist.py
+++ b/src/pretix/base/exporters/orderlist.py
@@ -6,7 +6,7 @@ from django import forms
 from django.db.models import DateTimeField, F, Max, OuterRef, Subquery, Sum
 from django.dispatch import receiver
 from django.utils.formats import date_format, localize
-from django.utils.translation import pgettext, ugettext as _, ugettext_lazy
+from django.utils.translation import ugettext as _, ugettext_lazy
 from pretix.base.models import (
    InvoiceAddress, InvoiceLine, Order, OrderPosition,
@@ -269,10 +269,6 @@ class OrderListExporter(MultiSheetListExporter):
            _('Status'),
            _('Email'),
            _('Order date'),
        ]
        if self.event.has_subevents:
            headers.append(pgettext('subevent', 'Date'))
        headers += [
            _('Product'),
            _('Variation'),
            _('Price'),
@@ -315,10 +311,6 @@ class OrderListExporter(MultiSheetListExporter):
                order.get_status_display(),
                order.email,
                order.datetime.astimezone(tz).strftime('%Y-%m-%d'),
            ]
            if self.event.has_subevents:
                row.append(op.subevent)
            row += [
                str(op.item),
                str(op.variation) if op.variation else '',
                op.price,
--- a/src/pretix/base/forms/auth.py
+++ b/src/pretix/base/forms/auth.py
@@ -14,7 +14,7 @@ class LoginForm(forms.Form):
    Base class for authenticating users. Extend this to get a form that accepts
    username/password logins.
    """
-    email = forms.EmailField(label=_("E-mail"), max_length=254, widget=forms.EmailInput(attrs={'autofocus': 'autofocus'}))
+    email = forms.EmailField(label=_("E-mail"), max_length=254)
    password = forms.CharField(label=_("Password"), widget=forms.PasswordInput)
    keep_logged_in = forms.BooleanField(label=_("Keep me logged in"), required=False)
--- a/src/pretix/base/forms/questions.py
+++ b/src/pretix/base/forms/questions.py
@@ -1,8 +1,6 @@
 import copy
 import json
 import logging
 from decimal import Decimal
 from urllib.error import HTTPError
 import dateutil.parser
 import pytz
@@ -11,13 +9,9 @@ import vat_moss.id
 from django import forms
 from django.contrib import messages
 from django.core.exceptions import ValidationError
 from django.db.models import QuerySet
 from django.forms import Select
 from django.utils.html import escape
 from django.utils.safestring import mark_safe
-from django.utils.translation import get_language, ugettext_lazy as _
+from django.utils.translation import ugettext_lazy as _
 from django_countries import countries
 from django_countries.fields import Country, CountryField
 from pretix.base.forms.widgets import (
    BusinessBooleanRadio, DatePickerWidget, SplitDateTimePickerWidget,
@@ -25,10 +19,9 @@ from pretix.base.forms.widgets import (
 )
 from pretix.base.models import InvoiceAddress, Question, QuestionOption
 from pretix.base.models.tax import EU_COUNTRIES
-from pretix.base.settings import PERSON_NAME_SCHEMES, PERSON_NAME_TITLE_GROUPS
+from pretix.base.settings import PERSON_NAME_SCHEMES
 from pretix.base.templatetags.rich_text import rich_text
 from pretix.control.forms import SplitDateTimeField
 from pretix.helpers.escapejson import escapejson_attr
 from pretix.helpers.i18n import get_format_without_seconds
 from pretix.presale.signals import question_form_fields
@@ -38,17 +31,13 @@ logger = logging.getLogger(__name__)
 class NamePartsWidget(forms.MultiWidget):
    widget = forms.TextInput
-    def __init__(self, scheme: dict, field: forms.Field, attrs=None, titles: list=None):
+    def __init__(self, scheme: dict, field: forms.Field, attrs=None):
        widgets = []
        self.scheme = scheme
        self.field = field
        self.titles = titles
        for fname, label, size in self.scheme['fields']:
            a = copy.copy(attrs) or {}
            a['data-fname'] = fname
            if fname == 'title' and self.titles:
                widgets.append(Select(attrs=a, choices=[('', '')] + [(d, d) for d in self.titles[1]]))
            else:
            widgets.append(self.widget(attrs=a))
        super().__init__(widgets, attrs)
@@ -108,31 +97,16 @@ class NamePartsFormField(forms.MultiValueField):
            'max_length': kwargs.pop('max_length', None),
        }
        self.scheme_name = kwargs.pop('scheme')
        self.titles = kwargs.pop('titles')
        self.scheme = PERSON_NAME_SCHEMES.get(self.scheme_name)
        if self.titles:
            self.scheme_titles = PERSON_NAME_TITLE_GROUPS.get(self.titles)
        else:
            self.scheme_titles = None
        self.one_required = kwargs.get('required', True)
        require_all_fields = kwargs.pop('require_all_fields', False)
        kwargs['required'] = False
        kwargs['widget'] = (kwargs.get('widget') or self.widget)(
-            scheme=self.scheme, titles=self.scheme_titles, field=self, **kwargs.pop('widget_kwargs', {})
+            scheme=self.scheme, field=self, **kwargs.pop('widget_kwargs', {})
        )
        defaults.update(**kwargs)
        for fname, label, size in self.scheme['fields']:
            defaults['label'] = label
            if fname == 'title' and self.scheme_titles:
                d = dict(defaults)
                d.pop('max_length', None)
                field = forms.ChoiceField(
                    **d,
                    choices=[('', '')] + [(d, d) for d in self.scheme_titles[1]]
                )
                field.part_name = fname
                fields.append(field)
            else:
            field = forms.CharField(**defaults)
            field.part_name = fname
            fields.append(field)
@@ -180,7 +154,6 @@ class BaseQuestionsForm(forms.Form):
                max_length=255,
                required=event.settings.attendee_names_required,
                scheme=event.settings.name_scheme,
                titles=event.settings.name_scheme_titles,
                label=_('Attendee name'),
                initial=(cartpos.attendee_name_parts if cartpos else orderpos.attendee_name_parts),
            )
@@ -200,6 +173,7 @@ class BaseQuestionsForm(forms.Form):
                initial = None
            tz = pytz.timezone(event.settings.timezone)
            help_text = rich_text(q.help_text)
            default = q.default_value
            label = escape(q.question)  # django-bootstrap3 calls mark_safe
            required = q.required and not self.all_optional
            if q.type == Question.TYPE_BOOLEAN:
@@ -212,6 +186,8 @@ class BaseQuestionsForm(forms.Form):
                if initial:
                    initialbool = (initial.answer == "True")
                elif default:
                    initialbool = (default == "True")
                else:
                    initialbool = False
@@ -224,29 +200,21 @@ class BaseQuestionsForm(forms.Form):
                field = forms.DecimalField(
                    label=label, required=required,
                    help_text=q.help_text,
-                    initial=initial.answer if initial else None,
+                    initial=initial.answer if initial else (default if default else None),
                    min_value=Decimal('0.00'),
                )
            elif q.type == Question.TYPE_STRING:
                field = forms.CharField(
                    label=label, required=required,
                    help_text=help_text,
-                    initial=initial.answer if initial else None,
+                    initial=initial.answer if initial else (default if default else None),
                )
            elif q.type == Question.TYPE_TEXT:
                field = forms.CharField(
                    label=label, required=required,
                    help_text=help_text,
                    widget=forms.Textarea,
-                    initial=initial.answer if initial else None,
+                    initial=initial.answer if initial else (default if default else None),
                )
            elif q.type == Question.TYPE_COUNTRYCODE:
                field = CountryField().formfield(
                    label=label, required=required,
                    help_text=help_text,
                    widget=forms.Select,
                    empty_label='',
                    initial=initial.answer if initial else None,
                )
            elif q.type == Question.TYPE_CHOICE:
                field = forms.ModelChoiceField(
@@ -278,21 +246,24 @@ class BaseQuestionsForm(forms.Form):
                field = forms.DateField(
                    label=label, required=required,
                    help_text=help_text,
-                    initial=dateutil.parser.parse(initial.answer).date() if initial and initial.answer else None,
+                    initial=dateutil.parser.parse(initial.answer).date() if initial and initial.answer else (
                        dateutil.parser.parse(default).date() if default else None),
                    widget=DatePickerWidget(),
                )
            elif q.type == Question.TYPE_TIME:
                field = forms.TimeField(
                    label=label, required=required,
                    help_text=help_text,
-                    initial=dateutil.parser.parse(initial.answer).time() if initial and initial.answer else None,
+                    initial=dateutil.parser.parse(initial.answer).time() if initial and initial.answer else (
                        dateutil.parser.parse(default).time() if default else None),
                    widget=TimePickerWidget(time_format=get_format_without_seconds('TIME_INPUT_FORMATS')),
                )
            elif q.type == Question.TYPE_DATETIME:
                field = SplitDateTimeField(
                    label=label, required=required,
                    help_text=help_text,
-                    initial=dateutil.parser.parse(initial.answer).astimezone(tz) if initial and initial.answer else None,
+                    initial=dateutil.parser.parse(initial.answer).astimezone(tz) if initial and initial.answer else (
                        dateutil.parser.parse(default).astimezone(tz) if default else None),
                    widget=SplitDateTimePickerWidget(time_format=get_format_without_seconds('TIME_INPUT_FORMATS')),
                )
            field.question = q
@@ -302,7 +273,7 @@ class BaseQuestionsForm(forms.Form):
            if q.dependency_question_id:
                field.widget.attrs['data-question-dependency'] = q.dependency_question_id
-                field.widget.attrs['data-question-dependency-values'] = escapejson_attr(json.dumps(q.dependency_values))
+                field.widget.attrs['data-question-dependency-value'] = q.dependency_value
                if q.type != 'M':
                    field.widget.attrs['required'] = q.required and not self.all_optional
                    field._required = q.required and not self.all_optional
@@ -323,24 +294,26 @@ class BaseQuestionsForm(forms.Form):
        question_cache = {f.question.pk: f.question for f in self.fields.values() if getattr(f, 'question', None)}
-        def question_is_visible(parentid, qvals):
+        def question_is_visible(parentid, qval):
            parentq = question_cache[parentid]
-            if parentq.dependency_question_id and not question_is_visible(parentq.dependency_question_id, parentq.dependency_values):
+            if parentq.dependency_question_id and not question_is_visible(parentq.dependency_question_id, parentq.dependency_value):
                return False
            if 'question_%d' % parentid not in d:
                return False
            dval = d.get('question_%d' % parentid)
-            return (
+            if qval == 'True':
-                ('True' in qvals and dval)
+                return dval
-                or ('False' in qvals and not dval)
+            elif qval == 'False':
-                or (isinstance(dval, QuestionOption) and dval.identifier in qvals)
+                return not dval
-                or (isinstance(dval, (list, QuerySet)) and any(qval in [o.identifier for o in dval] for qval in qvals))
+            elif isinstance(dval, QuestionOption):
-            )
+                return dval.identifier == qval
            else:
                return qval in [o.identifier for o in dval]
        def question_is_required(q):
            return (
                q.required and
-                (not q.dependency_question_id or question_is_visible(q.dependency_question_id, q.dependency_values))
+                (not q.dependency_question_id or question_is_visible(q.dependency_question_id, q.dependency_value))
            )
        if not self.all_optional:
@@ -375,27 +348,6 @@ class BaseInvoiceAddressForm(forms.ModelForm):
        self.request = kwargs.pop('request', None)
        self.validate_vat_id = kwargs.pop('validate_vat_id')
        self.all_optional = kwargs.pop('all_optional', False)
        kwargs.setdefault('initial', {})
        if not kwargs.get('instance') or not kwargs['instance'].country:
            # Try to guess the initial country from either the country of the merchant
            # or the locale. This will hopefully save at least some users some scrolling :)
            locale = get_language()
            country = event.settings.invoice_address_from_country
            if not country:
                valid_countries = countries.countries
                if '-' in locale:
                    parts = locale.split('-')
                    if parts[1].upper() in valid_countries:
                        country = Country(parts[1].upper())
                    elif parts[0].upper() in valid_countries:
                        country = Country(parts[0].upper())
                else:
                    if locale in valid_countries:
                        country = Country(locale.upper())
            kwargs['initial']['country'] = country
        super().__init__(*args, **kwargs)
        if not event.settings.invoice_address_vatid:
            del self.fields['vat_id']
@@ -421,7 +373,6 @@ class BaseInvoiceAddressForm(forms.ModelForm):
            max_length=255,
            required=event.settings.invoice_name_required and not self.all_optional,
            scheme=event.settings.name_scheme,
            titles=event.settings.name_scheme_titles,
            label=_('Name'),
            initial=(self.instance.name_parts if self.instance else self.instance.name_parts),
        )
@@ -448,12 +399,6 @@ class BaseInvoiceAddressForm(forms.ModelForm):
        self.instance.name_parts = data.get('name_parts')
        if all(
                not v for k, v in data.items() if k not in ('is_business', 'country', 'name_parts')
        ) and len(data.get('name_parts', {})) == 1:
            # Do not save the country if it is the only field set -- we don't know the user even checked it!
            self.cleaned_data['country'] = ''
        if self.validate_vat_id and self.instance.vat_id_validated and 'vat_id' not in self.changed_data:
            pass
        elif self.validate_vat_id and data.get('is_business') and data.get('country') in EU_COUNTRIES and data.get('vat_id'):
@@ -475,7 +420,7 @@ class BaseInvoiceAddressForm(forms.ModelForm):
                                                     'your country is currently not available. We will therefore '
                                                     'need to charge VAT on your invoice. You can get the tax amount '
                                                     'back via the VAT reimbursement process.'))
-            except (vat_moss.errors.WebServiceError, HTTPError):
+            except vat_moss.errors.WebServiceError:
                logger.exception('VAT ID checking failed for country {}'.format(data.get('country')))
                self.instance.vat_id_validated = False
                if self.request and self.vat_warning:
--- a/src/pretix/base/invoice.py
+++ b/src/pretix/base/invoice.py
@@ -9,17 +9,14 @@ import vat_moss.exchange_rates
 from django.contrib.staticfiles import finders
 from django.dispatch import receiver
 from django.utils.formats import date_format, localize
-from django.utils.translation import (
+from django.utils.translation import get_language, pgettext, ugettext
    get_language, pgettext, ugettext, ugettext_lazy,
 )
 from PIL.Image import BICUBIC
 from reportlab.lib import pagesizes
-from reportlab.lib.enums import TA_LEFT, TA_RIGHT
+from reportlab.lib.enums import TA_LEFT
 from reportlab.lib.styles import ParagraphStyle, StyleSheet1
 from reportlab.lib.units import mm
 from reportlab.lib.utils import ImageReader
 from reportlab.pdfbase import pdfmetrics
 from reportlab.pdfbase.pdfmetrics import stringWidth
 from reportlab.pdfbase.ttfonts import TTFont
 from reportlab.pdfgen.canvas import Canvas
 from reportlab.platypus import (
@@ -125,7 +122,6 @@ class BaseReportlabInvoiceRenderer(BaseInvoiceRenderer):
        """
        stylesheet = StyleSheet1()
        stylesheet.add(ParagraphStyle(name='Normal', fontName=self.font_regular, fontSize=10, leading=12))
        stylesheet.add(ParagraphStyle(name='InvoiceFrom', parent=stylesheet['Normal']))
        stylesheet.add(ParagraphStyle(name='Heading1', fontName=self.font_bold, fontSize=15, leading=15 * 1.2))
        stylesheet.add(ParagraphStyle(name='FineprintHeading', fontName=self.font_bold, fontSize=8, leading=12))
        stylesheet.add(ParagraphStyle(name='Fineprint', fontName=self.font_regular, fontSize=8, leading=10))
@@ -258,64 +254,49 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
        canvas.restoreState()
    invoice_to_width = 85 * mm
    invoice_to_height = 50 * mm
    invoice_to_left = 25 * mm
    invoice_to_top = 52 * mm
    def _draw_invoice_to(self, canvas):
-        p = Paragraph(self.invoice.address_invoice_to.strip().replace('\n', '<br />\n'), style=self.stylesheet['Normal'])
+        p = Paragraph(self.invoice.invoice_to.strip().replace('\n', '<br />\n'), style=self.stylesheet['Normal'])
-        p.wrapOn(canvas, self.invoice_to_width, self.invoice_to_height)
+        p.wrapOn(canvas, 85 * mm, 50 * mm)
-        p_size = p.wrap(self.invoice_to_width, self.invoice_to_height)
+        p_size = p.wrap(85 * mm, 50 * mm)
-        p.drawOn(canvas, self.invoice_to_left, self.pagesize[1] - p_size[1] - self.invoice_to_top)
+        p.drawOn(canvas, 25 * mm, (297 - 52) * mm - p_size[1])
    invoice_from_width = 70 * mm
    invoice_from_height = 50 * mm
    invoice_from_left = 25 * mm
    invoice_from_top = 17 * mm
    def _draw_invoice_from(self, canvas):
-        p = Paragraph(self.invoice.full_invoice_from.strip().replace('\n', '<br />\n'), style=self.stylesheet[
+        p = Paragraph(self.invoice.full_invoice_from.strip().replace('\n', '<br />\n'), style=self.stylesheet['Normal'])
-            'InvoiceFrom'])
+        p.wrapOn(canvas, 70 * mm, 50 * mm)
-        p.wrapOn(canvas, self.invoice_from_width, self.invoice_from_height)
+        p_size = p.wrap(70 * mm, 50 * mm)
-        p_size = p.wrap(self.invoice_from_width, self.invoice_from_height)
+        p.drawOn(canvas, 25 * mm, (297 - 17) * mm - p_size[1])
-        p.drawOn(canvas, self.invoice_from_left, self.pagesize[1] - p_size[1] - self.invoice_from_top)
+
    def _on_first_page(self, canvas: Canvas, doc):
        canvas.setCreator('pretix.eu')
        canvas.setTitle(pgettext('invoice', 'Invoice {num}').format(num=self.invoice.number))
        canvas.saveState()
        canvas.setFont(self.font_regular, 8)
        if self.invoice.order.testmode:
            canvas.saveState()
            canvas.setFont('OpenSansBd', 30)
            canvas.setFillColorRGB(32, 0, 0)
            canvas.drawRightString(self.pagesize[0] - 20 * mm, (297 - 100) * mm, ugettext('TEST MODE'))
            canvas.restoreState()
        for i, line in enumerate(self.invoice.footer_text.split('\n')[::-1]):
            canvas.drawCentredString(self.pagesize[0] / 2, 25 + (3.5 * i) * mm, line.strip())
    def _draw_invoice_from_label(self, canvas):
        textobject = canvas.beginText(25 * mm, (297 - 15) * mm)
        textobject.setFont(self.font_bold, 8)
        textobject.textLine(self._upper(pgettext('invoice', 'Invoice from')))
        canvas.drawText(textobject)
-    def _draw_invoice_to_label(self, canvas):
+        self._draw_invoice_from(canvas)
        textobject = canvas.beginText(25 * mm, (297 - 50) * mm)
        textobject.setFont(self.font_bold, 8)
        textobject.textLine(self._upper(pgettext('invoice', 'Invoice to')))
        canvas.drawText(textobject)
-    logo_width = 25 * mm
+        self._draw_invoice_to(canvas)
    logo_height = 25 * mm
    logo_left = 95 * mm
    logo_top = 13 * mm
    logo_anchor = 'n'
    def _draw_logo(self, canvas):
        if self.invoice.event.settings.invoice_logo_image:
            logo_file = self.invoice.event.settings.get('invoice_logo_image', binary_file=True)
            ir = ThumbnailingImageReader(logo_file)
            try:
                ir.resize(self.logo_width, self.logo_height, 300)
            except:
                logger.exception("Can not resize image")
                pass
            canvas.drawImage(ir,
                             self.logo_left,
                             self.pagesize[1] - self.logo_height - self.logo_top,
                             width=self.logo_width, height=self.logo_height,
                             preserveAspectRatio=True, anchor=self.logo_anchor,
                             mask='auto')
    def _draw_metadata(self, canvas):
        textobject = canvas.beginText(125 * mm, (297 - 38) * mm)
        textobject.setFont(self.font_bold, 8)
        textobject.textLine(self._upper(pgettext('invoice', 'Order code')))
@@ -367,37 +348,37 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
        canvas.drawText(textobject)
-    event_left = 125 * mm
+        if self.invoice.event.settings.invoice_logo_image:
-    event_top = 17 * mm
+            logo_file = self.invoice.event.settings.get('invoice_logo_image', binary_file=True)
-    event_width = 65 * mm
+            ir = ThumbnailingImageReader(logo_file)
-    event_height = 50 * mm
+            try:
                ir.resize(25 * mm, 25 * mm, 300)
            except:
                logger.exception("Can not resize image")
                pass
            canvas.drawImage(ir,
                             95 * mm, (297 - 38) * mm,
                             width=25 * mm, height=25 * mm,
                             preserveAspectRatio=True, anchor='n',
                             mask='auto')
    def _draw_event_label(self, canvas):
        textobject = canvas.beginText(125 * mm, (297 - 15) * mm)
        textobject.setFont(self.font_bold, 8)
        textobject.textLine(self._upper(pgettext('invoice', 'Event')))
        canvas.drawText(textobject)
    def _draw_event(self, canvas):
        def shorten(txt):
            txt = str(txt)
            p = Paragraph(txt.strip().replace('\n', '<br />\n'), style=self.stylesheet['Normal'])
-            p_size = p.wrap(self.event_width, self.event_height)
+            p_size = p.wrap(65 * mm, 50 * mm)
            while p_size[1] > 2 * self.stylesheet['Normal'].leading:
                txt = ' '.join(txt.replace('…', '').split()[:-1]) + '…'
                p = Paragraph(txt.strip().replace('\n', '<br />\n'), style=self.stylesheet['Normal'])
-                p_size = p.wrap(self.event_width, self.event_height)
+                p_size = p.wrap(65 * mm, 50 * mm)
            return txt
        if not self.invoice.event.has_subevents:
            if self.invoice.event.settings.show_date_to and self.invoice.event.date_to:
                p_str = (
-                    shorten(self.invoice.event.name) + '\n' +
+                    shorten(self.invoice.event.name) + '\n' + pgettext('invoice', '{from_date}\nuntil {to_date}').format(
                    pgettext('invoice', '{from_date}\nuntil {to_date}').format(
                        from_date=self.invoice.event.get_date_from_display(),
-                        to_date=self.invoice.event.get_date_to_display()
+                        to_date=self.invoice.event.get_date_to_display())
                    )
                )
            else:
                p_str = (
@@ -407,38 +388,15 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
            p_str = shorten(self.invoice.event.name)
        p = Paragraph(p_str.strip().replace('\n', '<br />\n'), style=self.stylesheet['Normal'])
-        p.wrapOn(canvas, self.event_width, self.event_height)
+        p.wrapOn(canvas, 65 * mm, 50 * mm)
-        p_size = p.wrap(self.event_width, self.event_height)
+        p_size = p.wrap(65 * mm, 50 * mm)
-        p.drawOn(canvas, self.event_left, self.pagesize[1] - self.event_top - p_size[1])
+        p.drawOn(canvas, 125 * mm, (297 - 17) * mm - p_size[1])
        self._draw_event_label(canvas)
-    def _draw_footer(self, canvas):
+        textobject = canvas.beginText(125 * mm, (297 - 15) * mm)
-        canvas.setFont(self.font_regular, 8)
+        textobject.setFont(self.font_bold, 8)
-        for i, line in enumerate(self.invoice.footer_text.split('\n')[::-1]):
+        textobject.textLine(self._upper(pgettext('invoice', 'Event')))
-            canvas.drawCentredString(self.pagesize[0] / 2, 25 + (3.5 * i) * mm, line.strip())
+        canvas.drawText(textobject)
    def _draw_testmode(self, canvas):
        if self.invoice.order.testmode:
            canvas.saveState()
            canvas.setFont('OpenSansBd', 30)
            canvas.setFillColorRGB(32, 0, 0)
            canvas.drawRightString(self.pagesize[0] - 20 * mm, (297 - 100) * mm, ugettext('TEST MODE'))
            canvas.restoreState()
    def _on_first_page(self, canvas: Canvas, doc):
        canvas.setCreator('pretix.eu')
        canvas.setTitle(pgettext('invoice', 'Invoice {num}').format(num=self.invoice.number))
        canvas.saveState()
        self._draw_footer(canvas)
        self._draw_testmode(canvas)
        self._draw_invoice_from_label(canvas)
        self._draw_invoice_from(canvas)
        self._draw_invoice_to_label(canvas)
        self._draw_invoice_to(canvas)
        self._draw_metadata(canvas)
        self._draw_logo(canvas)
        self._draw_event(canvas)
        canvas.restoreState()
    def _get_first_page_frames(self, doc):
@@ -476,13 +434,6 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                self.stylesheet['Normal']
            ))
        if self.invoice.invoice_to_vat_id:
            story.append(Paragraph(
                pgettext('invoice', 'Customer VAT ID') + ':<br />' +
                bleach.clean(self.invoice.invoice_to_vat_id, tags=[]).replace("\n", "<br />\n"),
                self.stylesheet['Normal']
            ))
        if self.invoice.invoice_to_beneficiary:
            story.append(Paragraph(
                pgettext('invoice', 'Beneficiary') + ':<br />' +
@@ -603,7 +554,6 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
            colwidths = [a * doc.width for a in (.25, .15, .15, .15, .3)]
            table = Table(tdata, colWidths=colwidths, repeatRows=2, hAlign=TA_LEFT)
            table.setStyle(TableStyle(tstyledata))
            story.append(Spacer(5 * mm, 5 * mm))
            story.append(KeepTogether([
                Paragraph(pgettext('invoice', 'Included taxes'), self.stylesheet['FineprintHeading']),
                table
@@ -657,114 +607,6 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
        return story
 class Modern1Renderer(ClassicInvoiceRenderer):
    identifier = 'modern1'
    verbose_name = ugettext_lazy('Modern Invoice Renderer (pretix 2.7)')
    bottom_margin = 16.9 * mm
    top_margin = 16.9 * mm
    right_margin = 20 * mm
    invoice_to_height = 27.3 * mm
    invoice_to_width = 80 * mm
    invoice_to_left = 25 * mm
    invoice_to_top = (40 + 17.7) * mm
    invoice_from_left = 125 * mm
    invoice_from_top = 50 * mm
    invoice_from_width = pagesizes.A4[0] - invoice_from_left - right_margin
    invoice_from_height = 50 * mm
    logo_width = 75 * mm
    logo_height = 25 * mm
    logo_left = pagesizes.A4[0] - logo_width - right_margin
    logo_top = top_margin
    logo_anchor = 'e'
    event_left = 25 * mm
    event_top = top_margin
    event_width = 80 * mm
    event_height = 25 * mm
    def _get_stylesheet(self):
        stylesheet = super()._get_stylesheet()
        stylesheet.add(ParagraphStyle(name='Sender', fontName=self.font_regular, fontSize=8, leading=10))
        stylesheet['InvoiceFrom'].alignment = TA_RIGHT
        return stylesheet
    def _draw_invoice_from(self, canvas):
        if not self.invoice.invoice_from:
            return
        c = self.invoice.address_invoice_from.strip().split('\n')
        p = Paragraph(' · '.join(c), style=self.stylesheet['Sender'])
        p.wrapOn(canvas, self.invoice_to_width, 15.7 * mm)
        p.drawOn(canvas, self.invoice_to_left, self.pagesize[1] - self.invoice_to_top + 2 * mm)
        super()._draw_invoice_from(canvas)
    def _draw_invoice_to_label(self, canvas):
        pass
    def _draw_invoice_from_label(self, canvas):
        pass
    def _draw_event_label(self, canvas):
        pass
    def _get_first_page_frames(self, doc):
        footer_length = 3.5 * len(self.invoice.footer_text.split('\n')) * mm
        return [
            Frame(doc.leftMargin, doc.bottomMargin, doc.width, doc.height - 95 * mm,
                  leftPadding=0, rightPadding=0, topPadding=0, bottomPadding=footer_length,
                  id='normal')
        ]
    def _draw_metadata(self, canvas):
        begin_top = 100 * mm
        textobject = canvas.beginText(self.left_margin, self.pagesize[1] - begin_top)
        textobject.setFont(self.font_regular, 8)
        textobject.textLine(pgettext('invoice', 'Order code'))
        textobject.moveCursor(0, 5)
        textobject.setFont(self.font_regular, 10)
        textobject.textLine(self.invoice.order.full_code)
        canvas.drawText(textobject)
        if self.invoice.is_cancellation:
            textobject = canvas.beginText(self.left_margin + 50 * mm, self.pagesize[1] - begin_top)
            textobject.setFont(self.font_regular, 8)
            textobject.textLine(pgettext('invoice', 'Cancellation number'))
            textobject.moveCursor(0, 5)
            textobject.setFont(self.font_regular, 10)
            textobject.textLine(self.invoice.number)
            canvas.drawText(textobject)
            textobject = canvas.beginText(self.left_margin + 100 * mm, self.pagesize[1] - begin_top)
            textobject.setFont(self.font_regular, 8)
            textobject.textLine(pgettext('invoice', 'Original invoice'))
            textobject.moveCursor(0, 5)
            textobject.setFont(self.font_regular, 10)
            textobject.textLine(self.invoice.refers.number)
            canvas.drawText(textobject)
        else:
            textobject = canvas.beginText(self.left_margin + 70 * mm, self.pagesize[1] - begin_top)
            textobject.textLine(pgettext('invoice', 'Invoice number'))
            textobject.moveCursor(0, 5)
            textobject.setFont(self.font_regular, 10)
            textobject.textLine(self.invoice.number)
            canvas.drawText(textobject)
        p = Paragraph(date_format(self.invoice.date, "DATE_FORMAT"), style=self.stylesheet['Normal'])
        w = stringWidth(p.text, p.frags[0].fontName, p.frags[0].fontSize)
        p.wrapOn(canvas, w, 15 * mm)
        date_x = self.pagesize[0] - w - self.right_margin
        p.drawOn(canvas, date_x, self.pagesize[1] - begin_top - 10 - 6)
        textobject = canvas.beginText(date_x, self.pagesize[1] - begin_top)
        textobject.setFont(self.font_regular, 8)
        if self.invoice.is_cancellation:
            textobject.textLine(pgettext('invoice', 'Cancellation date'))
        else:
            textobject.textLine(pgettext('invoice', 'Invoice date'))
        canvas.drawText(textobject)
@receiver(register_invoice_renderers, dispatch_uid="invoice_renderer_classic")
 def recv_classic(sender, **kwargs):
-    return [ClassicInvoiceRenderer, Modern1Renderer]
+    return ClassicInvoiceRenderer
--- a/src/pretix/base/management/commands/export.py
+++ b/src/pretix/base/management/commands/export.py
@@ -1,58 +0,0 @@
 import json
 import sys
 from django.core.management.base import BaseCommand
 from django.utils.timezone import override
 from django_scopes import scope
 from pretix.base.i18n import language
 from pretix.base.models import Event, Organizer
 from pretix.base.signals import register_data_exporters
 class Command(BaseCommand):
    help = "Run an exporter to get data out of pretix"
    def add_arguments(self, parser):
        parser.add_argument('organizer_slug', nargs=1, type=str)
        parser.add_argument('event_slug', nargs=1, type=str)
        parser.add_argument('export_provider', nargs=1, type=str)
        parser.add_argument('output_file', nargs=1, type=str)
        parser.add_argument('--parameters', action='store', type=str, help='JSON-formatted parameters')
    def handle(self, *args, **options):
        try:
            o = Organizer.objects.get(slug=options['organizer_slug'][0])
        except Organizer.DoesNotExist:
            self.stderr.write(self.style.ERROR('Organizer not found.'))
            sys.exit(1)
        with scope(organizer=o):
            try:
                e = o.events.get(slug=options['event_slug'][0])
            except Event.DoesNotExist:
                self.stderr.write(self.style.ERROR('Event not found.'))
                sys.exit(1)
            with language(e.settings.locale), override(e.settings.timezone):
                responses = register_data_exporters.send(e)
                for receiver, response in responses:
                    ex = response(e)
                    if ex.identifier == options['export_provider'][0]:
                        params = json.loads(options.get('parameters') or '{}')
                        with open(options['output_file'][0], 'wb') as f:
                            try:
                                ex.render(form_data=params, output_file=f)
                            except TypeError:
                                self.stderr.write(self.style.WARNING(
                                    'Provider does not support direct file writing, need to buffer export in memory.'))
                                d = ex.render(form_data=params)
                                if d is None:
                                    self.stderr.write(self.style.ERROR('Empty export.'))
                                    sys.exit(2)
                                f.write(d[2])
                            sys.exit(0)
            self.stderr.write(self.style.ERROR('Export provider not found.'))
            sys.exit(1)
--- a/src/pretix/base/management/commands/makemigrations.py
+++ b/src/pretix/base/management/commands/makemigrations.py
@@ -1,51 +0,0 @@
 """
 Django, for theoretically very valid reasons, creates migrations for *every single thing*
 we change on a model. Even the `help_text`! This makes sense, as we don't know if any
 database backend unknown to us might actually use this information for its database schema.
 However, pretix only supports PostgreSQL, MySQL, MariaDB and SQLite and we can be pretty
 certain that some changes to models will never require a change to the database. In this case,
 not creating a migration for certain changes will save us some performance while applying them
 *and* allow for a cleaner git history. Win-win!
 Only caveat is that we need to do some dirty monkeypatching to achieve it...
 """
 from django.core.management.commands.makemigrations import Command as Parent
 from django.db import models
 from django.db.migrations.operations import models as modelops
 from django_countries.fields import CountryField
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("verbose_name")
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("verbose_name_plural")
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("ordering")
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("get_latest_by")
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("default_manager_name")
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("permissions")
 modelops.AlterModelOptions.ALTER_OPTION_KEYS.remove("default_permissions")
 IGNORED_ATTRS = [
    # (field type, attribute name, blacklist of field sub-types)
    (models.Field, 'verbose_name', []),
    (models.Field, 'help_text', []),
    (models.Field, 'validators', []),
    (models.Field, 'editable', [models.DateField, models.DateTimeField, models.DateField, models.BinaryField]),
    (models.Field, 'blank', [models.DateField, models.DateTimeField, models.AutoField, models.NullBooleanField,
                             models.TimeField]),
    (models.CharField, 'choices', [CountryField])
 ]
 original_deconstruct = models.Field.deconstruct
 def new_deconstruct(self):
    name, path, args, kwargs = original_deconstruct(self)
    for ftype, attr, blacklist in IGNORED_ATTRS:
        if isinstance(self, ftype) and not any(isinstance(self, ft) for ft in blacklist):
            kwargs.pop(attr, None)
    return name, path, args, kwargs
 models.Field.deconstruct = new_deconstruct
 class Command(Parent):
    pass
--- a/src/pretix/base/management/commands/migrate.py
+++ b/src/pretix/base/management/commands/migrate.py
@@ -1,28 +0,0 @@
 """
 Django tries to be helpful by suggesting to run "makemigrations" in red font on every "migrate"
 run when there are things we have no migrations for. Usually, this is intended, and running
 "makemigrations" can really screw up the environment of a user, so we want to prevent novice
 users from doing that by going really dirty and filtering it from the output.
 """
 import sys
 from django.core.management.base import OutputWrapper
 from django.core.management.commands.migrate import Command as Parent
 class OutputFilter(OutputWrapper):
    blacklist = (
        "Your models have changes that are not yet reflected",
        "Run 'manage.py makemigrations' to make new "
    )
    def write(self, msg, style_func=None, ending=None):
        if any(b in msg for b in self.blacklist):
            return
        super().write(msg, style_func, ending)
 class Command(Parent):
    def __init__(self, stdout=None, stderr=None, no_color=False, force_color=False):
        super().__init__(stdout, stderr, no_color, force_color)
        self.stdout = OutputFilter(stdout or sys.stdout)
--- a/src/pretix/base/management/commands/runperiodic.py
+++ b/src/pretix/base/management/commands/runperiodic.py
@@ -1,4 +1,3 @@
 from django.conf import settings
 from django.core.management import call_command
 from django.core.management.base import BaseCommand
@@ -9,12 +8,5 @@ class Command(BaseCommand):
    help = "Run periodic tasks"
    def handle(self, *args, **options):
-        for recv, resp in periodic_task.send_robust(self):
+        periodic_task.send(self)
            if isinstance(resp, Exception):
                if settings.SENTRY_ENABLED:
                    from sentry_sdk import capture_exception
                    capture_exception(resp)
                else:
                    raise resp
        call_command('clearsessions')
--- a/src/pretix/base/management/commands/shell_scoped.py
+++ b/src/pretix/base/management/commands/shell_scoped.py
@@ -1,39 +0,0 @@
 import sys
 from django.apps import apps
 from django.core.management import call_command
 from django.core.management.base import BaseCommand
 from django_scopes import scope, scopes_disabled
 class Command(BaseCommand):
    def create_parser(self, *args, **kwargs):
        parser = super().create_parser(*args, **kwargs)
        parser.parse_args = lambda x: parser.parse_known_args(x)[0]
        return parser
    def handle(self, *args, **options):
        parser = self.create_parser(sys.argv[0], sys.argv[1])
        flags = parser.parse_known_args(sys.argv[2:])[1]
        if "--override" in flags:
            with scopes_disabled():
                return call_command("shell_plus", *args, **options)
        lookups = {}
        for flag in flags:
            lookup, value = flag.lstrip("-").split("=")
            lookup = lookup.split("__", maxsplit=1)
            lookups[lookup[0]] = {
                lookup[1] if len(lookup) > 1 else "pk": value
            }
        models = {
            model_name.split(".")[-1]: model_class
            for app_name, app_content in apps.all_models.items()
            for (model_name, model_class) in app_content.items()
        }
        scope_options = {
            app_name: models[app_name].objects.get(**app_value)
            for app_name, app_value in lookups.items()
        }
        with scope(**scope_options):
            return call_command("shell_plus", *args, **options)
--- a/src/pretix/base/middleware.py
+++ b/src/pretix/base/middleware.py
@@ -97,7 +97,7 @@ def get_language_from_event(request: HttpRequest) -> str:
 def get_language_from_browser(request: HttpRequest) -> str:
-    accept = request.headers.get('Accept-Language', '')
+    accept = request.META.get('HTTP_ACCEPT_LANGUAGE', '')
    for accept_lang, unused in parse_accept_lang_header(accept):
        if accept_lang == '*':
            break
--- a/src/pretix/base/migrations/0116_auto_20180531_1739.py
+++ b/src/pretix/base/migrations/0116_auto_20180531_1739.py
@@ -0,0 +1,20 @@
 # -*- coding: utf-8 -*-
 # Generated by Django 1.11.13 on 2018-05-31 15:39
 from __future__ import unicode_literals
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0115_auto_20190323_2238'),
    ]
    operations = [
        migrations.AddField(
            model_name='question',
            name='default_value',
            field=models.TextField(blank=True, help_text='The question will be filled with this response by default', null=True, verbose_name='Default answer'),
        ),
    ]
--- a/src/pretix/base/migrations/0116_auto_20190402_0722.py
+++ b/src/pretix/base/migrations/0116_auto_20190402_0722.py
@@ -1,22 +0,0 @@
 # Generated by Django 2.1.5 on 2019-04-02 07:22
 import django.db.models.deletion
 import jsonfallback.fields
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0115_auto_20190323_2238'),
    ]
    operations = [
        migrations.AddField(
            model_name='device',
            name='revoked',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/src/pretix/base/migrations/0117_auto_20190418_1149.py
+++ b/src/pretix/base/migrations/0117_auto_20190418_1149.py
@@ -1,23 +0,0 @@
 # Generated by Django 2.2 on 2019-04-18 11:49
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0116_auto_20190402_0722'),
    ]
    operations = [
        migrations.AddField(
            model_name='itemvariation',
            name='original_price',
            field=models.DecimalField(blank=True, decimal_places=2, help_text='If set, this will be displayed next to '
                                                                              'the current price to show that the '
                                                                              'current price is a discounted one. '
                                                                              'This is just a cosmetic setting and '
                                                                              'will not actually impact pricing.',
                                      max_digits=7, null=True, verbose_name='Original price'),
        ),
    ]
--- a/src/pretix/base/migrations/0118_auto_20190423_0839.py
+++ b/src/pretix/base/migrations/0118_auto_20190423_0839.py
@@ -1,22 +0,0 @@
 # Generated by Django 2.2 on 2019-04-23 08:39
 import django.db.models.deletion
 import jsonfallback.fields
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0117_auto_20190418_1149'),
    ]
    operations = [
        migrations.AddField(
            model_name='subevent',
            name='is_public',
            field=models.BooleanField(default=True, help_text='If selected, this event will show up publicly on the list of dates for your event.', verbose_name='Show in lists'),
        ),
    ]
--- a/src/pretix/base/migrations/0119_auto_20190509_0654.py
+++ b/src/pretix/base/migrations/0119_auto_20190509_0654.py
@@ -1,22 +0,0 @@
 # Generated by Django 2.2 on 2019-05-09 06:54
 import django.db.models.deletion
 import jsonfallback.fields
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0118_auto_20190423_0839'),
    ]
    operations = [
        migrations.AddField(
            model_name='question',
            name='hidden',
            field=models.BooleanField(default=False, help_text='This question will only show up in the backend.', verbose_name='Hidden question'),
        ),
    ]
--- a/src/pretix/base/migrations/0120_auto_20190509_0736.py
+++ b/src/pretix/base/migrations/0120_auto_20190509_0736.py
@@ -1,77 +0,0 @@
 # Generated by Django 2.2 on 2019-05-09 07:36
 import django.db.models.deletion
 import jsonfallback.fields
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0119_auto_20190509_0654'),
    ]
    operations = [
        migrations.AlterField(
            model_name='cartposition',
            name='attendee_name_parts',
            field=jsonfallback.fields.FallbackJSONField(default=dict),
        ),
        migrations.AlterField(
            model_name='cartposition',
            name='subevent',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, to='pretixbase.SubEvent'),
        ),
        migrations.AlterField(
            model_name='cartposition',
            name='voucher',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, to='pretixbase.Voucher'),
        ),
        migrations.AlterField(
            model_name='event',
            name='is_public',
            field=models.BooleanField(default=True),
        ),
        migrations.AlterField(
            model_name='invoiceaddress',
            name='name_parts',
            field=jsonfallback.fields.FallbackJSONField(default=dict),
        ),
        migrations.AlterField(
            model_name='item',
            name='sales_channels',
            field=pretix.base.models.fields.MultiStringField(default=['web']),
        ),
        migrations.AlterField(
            model_name='order',
            name='sales_channel',
            field=models.CharField(default='web', max_length=190),
        ),
        migrations.AlterField(
            model_name='orderposition',
            name='attendee_name_parts',
            field=jsonfallback.fields.FallbackJSONField(default=dict),
        ),
        migrations.AlterField(
            model_name='orderposition',
            name='subevent',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, to='pretixbase.SubEvent'),
        ),
        migrations.AlterField(
            model_name='orderposition',
            name='voucher',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, to='pretixbase.Voucher'),
        ),
        migrations.AlterField(
            model_name='staffsessionauditlog',
            name='method',
            field=models.CharField(max_length=255),
        ),
        migrations.AlterField(
            model_name='user',
            name='email',
            field=models.EmailField(db_index=True, max_length=190, null=True, unique=True),
        ),
    ]
--- a/src/pretix/base/migrations/0121_order_email_known_to_work.py
+++ b/src/pretix/base/migrations/0121_order_email_known_to_work.py
@@ -1,18 +0,0 @@
 # Generated by Django 2.2.1 on 2019-05-15 05:05
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0120_auto_20190509_0736'),
    ]
    operations = [
        migrations.AddField(
            model_name='order',
            name='email_known_to_work',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/src/pretix/base/migrations/0122_orderposition_web_secret.py
+++ b/src/pretix/base/migrations/0122_orderposition_web_secret.py
@@ -1,20 +0,0 @@
 # Generated by Django 2.2.1 on 2019-05-15 13:23
 from django.db import migrations, models
 import pretix.base.models.orders
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0121_order_email_known_to_work'),
    ]
    operations = [
        migrations.AddField(
            model_name='orderposition',
            name='web_secret',
            field=models.CharField(db_index=True, default=pretix.base.models.orders.generate_secret, max_length=32),
        ),
    ]
--- a/src/pretix/base/migrations/0123_auto_20190530_1035.py
+++ b/src/pretix/base/migrations/0123_auto_20190530_1035.py
@@ -1,70 +0,0 @@
 # Generated by Django 2.2.1 on 2019-05-30 10:35
 import django.db.models.deletion
 from django.db import migrations, models
 import pretix.base.models.base
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0122_orderposition_web_secret'),
    ]
    operations = [
        migrations.CreateModel(
            name='SeatingPlan',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False)),
                ('name', models.CharField(max_length=190)),
                ('layout', models.TextField()),
                ('organizer', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='seating_plans', to='pretixbase.Organizer')),
            ],
            options={
                'abstract': False,
            },
            bases=(models.Model, pretix.base.models.base.LoggingMixin),
        ),
        migrations.CreateModel(
            name='SeatCategoryMapping',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False)),
                ('layout_category', models.CharField(max_length=190)),
                ('event', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='seat_category_mappings', to='pretixbase.Event')),
                ('product', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='seat_category_mappings', to='pretixbase.Item')),
                ('subevent', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='seat_category_mappings', to='pretixbase.SubEvent')),
            ],
        ),
        migrations.CreateModel(
            name='Seat',
            fields=[
                ('id', models.AutoField(auto_created=True, primary_key=True, serialize=False)),
                ('name', models.CharField(max_length=190)),
                ('blocked', models.BooleanField(default=False)),
                ('event', models.ForeignKey(on_delete=django.db.models.deletion.CASCADE, related_name='seats', to='pretixbase.Event')),
                ('product', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='seats', to='pretixbase.Item')),
                ('subevent', models.ForeignKey(null=True, on_delete=django.db.models.deletion.CASCADE, related_name='seats', to='pretixbase.SubEvent')),
            ],
        ),
        migrations.AddField(
            model_name='cartposition',
            name='seat',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, to='pretixbase.Seat'),
        ),
        migrations.AddField(
            model_name='event',
            name='seating_plan',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, related_name='events', to='pretixbase.SeatingPlan'),
        ),
        migrations.AddField(
            model_name='orderposition',
            name='seat',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, to='pretixbase.Seat'),
        ),
        migrations.AddField(
            model_name='subevent',
            name='seating_plan',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.PROTECT, related_name='subevents', to='pretixbase.SeatingPlan'),
        ),
    ]
--- a/src/pretix/base/migrations/0124_seat_seat_guid.py
+++ b/src/pretix/base/migrations/0124_seat_seat_guid.py
@@ -1,19 +0,0 @@
 # Generated by Django 2.2.1 on 2019-05-30 11:10
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0123_auto_20190530_1035'),
    ]
    operations = [
        migrations.AddField(
            model_name='seat',
            name='seat_guid',
            field=models.CharField(db_index=True, default=None, max_length=190),
            preserve_default=False,
        ),
    ]
--- a/src/pretix/base/migrations/0125_voucher_show_hidden_items.py
+++ b/src/pretix/base/migrations/0125_voucher_show_hidden_items.py
@@ -1,26 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-07 10:10
 from django.db import migrations, models
 def set_show_hidden_items(apps, schema_editor):
    Voucher = apps.get_model('pretixbase', 'Voucher')
    Voucher.objects.filter(quota__isnull=False).update(show_hidden_items=False)
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0124_seat_seat_guid'),
    ]
    operations = [
        migrations.AddField(
            model_name='voucher',
            name='show_hidden_items',
            field=models.BooleanField(default=True),
        ),
        migrations.RunPython(
            set_show_hidden_items,
            migrations.RunPython.noop,
        )
    ]
--- a/src/pretix/base/migrations/0126_item_show_quota_left.py
+++ b/src/pretix/base/migrations/0126_item_show_quota_left.py
@@ -1,18 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-10 13:45
 from django.db import migrations, models
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0125_voucher_show_hidden_items'),
    ]
    operations = [
        migrations.AddField(
            model_name='item',
            name='show_quota_left',
            field=models.NullBooleanField(),
        ),
    ]
--- a/src/pretix/base/migrations/0127_auto_20190711_0705.py
+++ b/src/pretix/base/migrations/0127_auto_20190711_0705.py
@@ -1,25 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-11 07:05
 from django.db import migrations
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0126_item_show_quota_left'),
    ]
    operations = [
        migrations.RenameField(
            model_name='question',
            old_name='dependency_value',
            new_name='dependency_values',
        ),
        migrations.AlterField(
            model_name='question',
            name='dependency_values',
            field=pretix.base.models.fields.MultiStringField(default=['']),
        ),
    ]
--- a/src/pretix/base/migrations/0128_auto_20190715_1510.py
+++ b/src/pretix/base/migrations/0128_auto_20190715_1510.py
@@ -1,26 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-15 15:10
 import django.db.models.deletion
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0127_auto_20190711_0705'),
    ]
    operations = [
        migrations.AddField(
            model_name='quota',
            name='close_when_sold_out',
            field=models.BooleanField(default=False),
        ),
        migrations.AddField(
            model_name='quota',
            name='closed',
            field=models.BooleanField(default=False),
        ),
    ]
--- a/src/pretix/base/migrations/0129_auto_20190724_1548.py
+++ b/src/pretix/base/migrations/0129_auto_20190724_1548.py
@@ -1,21 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-24 15:48
 import django.db.models.deletion
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0128_auto_20190715_1510'),
    ]
    operations = [
        migrations.AddField(
            model_name='item',
            name='hidden_if_available',
            field=models.ForeignKey(null=True, on_delete=django.db.models.deletion.SET_NULL, to='pretixbase.Quota'),
        ),
    ]
--- a/src/pretix/base/migrations/0130_auto_20190729_1311.py
+++ b/src/pretix/base/migrations/0130_auto_20190729_1311.py
@@ -1,31 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-29 13:11
 import django.db.models.deletion
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0129_auto_20190724_1548'),
    ]
    operations = [
        migrations.AddField(
            model_name='seat',
            name='row_name',
            field=models.CharField(default='', max_length=190),
        ),
        migrations.AddField(
            model_name='seat',
            name='seat_number',
            field=models.CharField(default='', max_length=190),
        ),
        migrations.AddField(
            model_name='seat',
            name='zone_name',
            field=models.CharField(default='', max_length=190),
        ),
    ]
--- a/src/pretix/base/migrations/0131_auto_20190729_1422.py
+++ b/src/pretix/base/migrations/0131_auto_20190729_1422.py
@@ -1,21 +0,0 @@
 # Generated by Django 2.2.1 on 2019-07-29 14:22
 import django.db.models.deletion
 from django.db import migrations, models
 import pretix.base.models.fields
 class Migration(migrations.Migration):
    dependencies = [
        ('pretixbase', '0130_auto_20190729_1311'),
    ]
    operations = [
        migrations.AddField(
            model_name='item',
            name='allow_waitinglist',
            field=models.BooleanField(default=True),
        ),
    ]
--- a/src/pretix/base/models/init.py
+++ b/src/pretix/base/models/init.py
@@ -24,7 +24,6 @@ from .orders import (
 from .organizer import (
    Organizer, Organizer_SettingsStore, Team, TeamAPIToken, TeamInvite,
 )
 from .seating import Seat, SeatCategoryMapping, SeatingPlan
 from .tax import TaxRule
 from .vouchers import Voucher
 from .waitinglist import WaitingListEntry
--- a/src/pretix/base/models/auth.py
+++ b/src/pretix/base/models/auth.py
@@ -12,7 +12,6 @@ from django.utils.crypto import get_random_string
 from django.utils.timezone import now
 from django.utils.translation import ugettext_lazy as _
 from django_otp.models import Device
 from django_scopes import scopes_disabled
 from pretix.base.i18n import language
 from pretix.helpers.urls import build_absolute_uri
@@ -112,7 +111,6 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
    class Meta:
        verbose_name = _("User")
        verbose_name_plural = _("Users")
        ordering = ('email',)
    def save(self, *args, **kwargs):
        self.email = self.email.lower()
@@ -284,7 +282,6 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
                return True
        return False
    @scopes_disabled()
    def get_events_with_any_permission(self, request=None):
        """
        Returns a queryset of events the user has any permissions to.
@@ -302,7 +299,6 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
            | Q(id__in=self.teams.values_list('limit_events__id', flat=True))
        )
    @scopes_disabled()
    def get_events_with_permission(self, permission, request=None):
        """
        Returns a queryset of events the user has a specific permissions to.
--- a/src/pretix/base/models/base.py
+++ b/src/pretix/base/models/base.py
@@ -6,9 +6,7 @@ from django.db import models
 from django.db.models.constants import LOOKUP_SEP
 from django.db.models.signals import post_delete
 from django.dispatch import receiver
 from django.urls import reverse
 from django.utils.crypto import get_random_string
 from django.utils.functional import cached_property
 from pretix.helpers.json import CustomJSONEncoder
@@ -86,7 +84,7 @@ class LoggingMixin:
                    if (sensitivekey in k) and v:
                        data[k] = "********"
-            logentry.data = json.dumps(data, cls=CustomJSONEncoder, sort_keys=True)
+            logentry.data = json.dumps(data, cls=CustomJSONEncoder)
        elif data:
            raise TypeError("You should only supply dictionaries as log data.")
        if save:
@@ -115,40 +113,6 @@ class LoggedModel(models.Model, LoggingMixin):
    class Meta:
        abstract = True
    @cached_property
    def logs_content_type(self):
        return ContentType.objects.get_for_model(type(self))
    @cached_property
    def all_logentries_link(self):
        from pretix.base.models import Event
        if isinstance(self, Event):
            event = self
        elif hasattr(self, 'event'):
            event = self.event
        else:
            return None
        return reverse(
            'control:event.log',
            kwargs={
                'event': event.slug,
                'organizer': event.organizer.slug,
            }
        ) + '?content_type={}&object={}'.format(
            self.logs_content_type.pk,
            self.pk
        )
    def top_logentries(self):
        qs = self.all_logentries()
        if self.all_logentries_link:
            qs = qs[:25]
        return qs
    def top_logentries_has_more(self):
        return self.all_logentries().count() > 25
    def all_logentries(self):
        """
        Returns all log entries that are attached to this object.
@@ -158,7 +122,7 @@ class LoggedModel(models.Model, LoggingMixin):
        from .log import LogEntry
        return LogEntry.objects.filter(
-            content_type=self.logs_content_type, object_id=self.pk
+            content_type=ContentType.objects.get_for_model(type(self)), object_id=self.pk
        ).select_related('user', 'event', 'oauth_application', 'api_token', 'device')
--- a/src/pretix/base/models/checkin.py
+++ b/src/pretix/base/models/checkin.py
@@ -3,7 +3,6 @@ from django.db.models import Case, Count, F, OuterRef, Q, Subquery, When
 from django.db.models.functions import Coalesce
 from django.utils.timezone import now
 from django.utils.translation import pgettext_lazy, ugettext_lazy as _
 from django_scopes import ScopedManager
 from pretix.base.models import LoggedModel
@@ -21,8 +20,6 @@ class CheckinList(LoggedModel):
                                                      'order have not been paid. This only works with pretixdesk '
                                                      '0.3.0 or newer or pretixdroid 1.9 or newer.'))
    objects = ScopedManager(organizer='event__organizer')
    class Meta:
        ordering = ('subevent__date_from', 'name')
@@ -170,8 +167,6 @@ class Checkin(models.Model):
        'pretixbase.CheckinList', related_name='checkins', on_delete=models.PROTECT,
    )
    objects = ScopedManager(organizer='position__order__event__organizer')
    class Meta:
        unique_together = (('list', 'position'),)
--- a/src/pretix/base/models/devices.py
+++ b/src/pretix/base/models/devices.py
@@ -4,12 +4,10 @@ from django.db import models
 from django.db.models import Max
 from django.utils.crypto import get_random_string
 from django.utils.translation import ugettext_lazy as _
 from django_scopes import ScopedManager, scopes_disabled
 from pretix.base.models import LoggedModel
@scopes_disabled()
 def generate_serial():
    serial = get_random_string(allowed_chars='ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789', length=16)
    while Device.objects.filter(unique_serial=serial).exists():
@@ -17,7 +15,6 @@ def generate_serial():
    return serial
@scopes_disabled()
 def generate_initialization_token():
    token = get_random_string(length=16, allowed_chars=string.ascii_lowercase + string.digits)
    while Device.objects.filter(initialization_token=token).exists():
@@ -25,7 +22,6 @@ def generate_initialization_token():
    return token
@scopes_disabled()
 def generate_api_token():
    token = get_random_string(length=64, allowed_chars=string.ascii_lowercase + string.digits)
    while Device.objects.filter(api_token=token).exists():
@@ -45,7 +41,6 @@ class Device(LoggedModel):
    api_token = models.CharField(max_length=190, unique=True, null=True)
    all_events = models.BooleanField(default=False, verbose_name=_("All events (including newly created ones)"))
    limit_events = models.ManyToManyField('Event', verbose_name=_("Limit to events"), blank=True)
    revoked = models.BooleanField(default=False)
    name = models.CharField(
        max_length=190,
        verbose_name=_('Name')
@@ -75,8 +70,6 @@ class Device(LoggedModel):
        null=True, blank=True
    )
    objects = ScopedManager(organizer='organizer')
    class Meta:
        unique_together = (('organizer', 'device_id'),)
--- a/src/pretix/base/models/event.py
+++ b/src/pretix/base/models/event.py
@@ -17,7 +17,6 @@ from django.utils.crypto import get_random_string
 from django.utils.functional import cached_property
 from django.utils.timezone import make_aware, now
 from django.utils.translation import ugettext_lazy as _
 from django_scopes import ScopedManager, scopes_disabled
 from i18nfield.fields import I18nCharField, I18nTextField
 from pretix.base.models.base import LoggedModel
@@ -100,14 +99,14 @@ class EventMixin:
            "DATETIME_FORMAT" if self.settings.show_times else "DATE_FORMAT"
        )
-    def get_date_range_display(self, tz=None, force_show_end=False) -> str:
+    def get_date_range_display(self, tz=None) -> str:
        """
        Returns a formatted string containing the start date and the end date
        of the event with respect to the current locale and to the ``show_times`` and
        ``show_date_to`` settings.
        """
        tz = tz or self.timezone
-        if (not self.settings.show_date_to and not force_show_end) or not self.date_to:
+        if not self.settings.show_date_to or not self.date_to:
            return _date(self.date_from.astimezone(tz), "DATE_FORMAT")
        return daterange(self.date_from.astimezone(tz), self.date_to.astimezone(tz))
@@ -165,7 +164,7 @@ class EventMixin:
    def annotated(cls, qs, channel='web'):
        from pretix.base.models import Item, ItemVariation, Quota
-        sq_active_item = Item.objects.using(settings.DATABASE_REPLICA).filter_available(channel=channel).filter(
+        sq_active_item = Item.objects.filter_available(channel=channel).filter(
            Q(variations__isnull=True)
            & Q(quotas__pk=OuterRef('pk'))
        ).order_by().values_list('quotas__pk').annotate(
@@ -187,7 +186,7 @@ class EventMixin:
            Prefetch(
                'quotas',
                to_attr='active_quotas',
-                queryset=Quota.objects.using(settings.DATABASE_REPLICA).annotate(
+                queryset=Quota.objects.annotate(
                    active_items=Subquery(sq_active_item, output_field=models.TextField()),
                    active_variations=Subquery(sq_active_variation, output_field=models.TextField()),
                ).exclude(
@@ -336,10 +335,6 @@ class Event(EventMixin, LoggedModel):
        verbose_name=_('Event series'),
        default=False
    )
    seating_plan = models.ForeignKey('SeatingPlan', on_delete=models.PROTECT, null=True, blank=True,
                                     related_name='events')
    objects = ScopedManager(organizer='organizer')
    class Meta:
        verbose_name = _("Event")
@@ -350,26 +345,6 @@ class Event(EventMixin, LoggedModel):
    def __str__(self):
        return str(self.name)
    @property
    def free_seats(self):
        from .orders import CartPosition, Order, OrderPosition
        return self.seats.annotate(
            has_order=Exists(
                OrderPosition.objects.filter(
                    order__event=self,
                    seat_id=OuterRef('pk'),
                    order__status__in=[Order.STATUS_PENDING, Order.STATUS_PAID]
                )
            ),
            has_cart=Exists(
                CartPosition.objects.filter(
                    event=self,
                    seat_id=OuterRef('pk'),
                    expires__gte=now()
                )
            )
        ).filter(has_order=False, has_cart=False, blocked=False)
    @property
    def presale_has_ended(self):
        if self.has_subevents:
@@ -470,7 +445,6 @@ class Event(EventMixin, LoggedModel):
        self.plugins = other.plugins
        self.is_public = other.is_public
        self.testmode = other.testmode
        self.save()
        tax_map = {}
@@ -516,21 +490,14 @@ class Event(EventMixin, LoggedModel):
        for q in Quota.objects.filter(event=other, subevent__isnull=True).prefetch_related('items', 'variations'):
            items = list(q.items.all())
            vars = list(q.variations.all())
            oldid = q.pk
            q.pk = None
            q.event = self
            q.cached_availability_state = None
            q.cached_availability_number = None
            q.cached_availability_paid_orders = None
            q.cached_availability_time = None
            q.closed = False
            q.save()
            for i in items:
                if i.pk in item_map:
                    q.items.add(item_map[i.pk])
            for v in vars:
                q.variations.add(variation_map[v.pk])
            self.items.filter(hidden_if_available_id=oldid).update(hidden_if_available=q)
        question_map = {}
        for q in Question.objects.filter(event=other).prefetch_related('items', 'options'):
@@ -560,24 +527,6 @@ class Event(EventMixin, LoggedModel):
            for i in items:
                cl.limit_products.add(item_map[i.pk])
        if other.seating_plan:
            if other.seating_plan.organizer_id == self.organizer_id:
                self.seating_plan = other.seating_plan
            else:
                self.organizer.seating_plans.create(name=other.seating_plan.name, layout=other.seating_plan.layout)
            self.save()
        for m in other.seat_category_mappings.filter(subevent__isnull=True):
            m.pk = None
            m.event = self
            m.product = item_map[m.product_id]
            m.save()
        for s in other.seats.filter(subevent__isnull=True):
            s.pk = None
            s.event = self
            s.save()
        for s in other.settings._objects.all():
            s.object = self
            s.pk = None
@@ -690,6 +639,22 @@ class Event(EventMixin, LoggedModel):
        irs = self.get_invoice_renderers()
        return irs[self.settings.invoice_renderer]
    @property
    def active_subevents(self):
        """
        Returns a queryset of active subevents.
        """
        return self.subevents.filter(active=True).order_by('-date_from', 'name')
    @property
    def active_future_subevents(self):
        return self.subevents.filter(
            Q(active=True) & (
                Q(Q(date_to__isnull=True) & Q(date_from__gte=now()))
                | Q(date_to__gte=now())
            )
        ).order_by('date_from', 'name')
    def subevents_annotated(self, channel):
        return SubEvent.annotated(self.subevents, channel)
@@ -702,7 +667,7 @@ class Event(EventMixin, LoggedModel):
            'name_descending': ('-name', 'date_from'),
        }[ordering]
        subevs = queryset.filter(
-            Q(active=True) & Q(is_public=True) & (
+            Q(active=True) & (
                Q(Q(date_to__isnull=True) & Q(date_from__gte=now() - timedelta(hours=24)))
                | Q(date_to__gte=now() - timedelta(hours=24))
            )
@@ -717,12 +682,8 @@ class Event(EventMixin, LoggedModel):
    @property
    def meta_data(self):
        data = {p.name: p.default for p in self.organizer.meta_properties.all()}
        if hasattr(self, 'meta_values_cached'):
            data.update({v.property.name: v.value for v in self.meta_values_cached})
        else:
        data.update({v.property.name: v.value for v in self.meta_values.select_related('property').all()})
-
+        return data
        return OrderedDict((k, v) for k, v in sorted(data.items(), key=lambda k: k[0]))
    @property
    def has_payment_provider(self):
@@ -798,7 +759,6 @@ class Event(EventMixin, LoggedModel):
        return not self.orders.exists() and not self.invoices.exists()
    def delete_sub_objects(self):
        self.cartposition_set.filter(addon_to__isnull=False).delete()
        self.cartposition_set.all().delete()
        self.items.all().delete()
        self.subevents.all().delete()
@@ -872,8 +832,6 @@ class SubEvent(EventMixin, LoggedModel):
    :type event: Event
    :param active: Whether to show the subevent
    :type active: bool
    :param is_public: Whether to show the subevent in lists
    :type is_public: bool
    :param name: This event's full title
    :type name: str
    :param date_from: The datetime this event starts
@@ -892,10 +850,6 @@ class SubEvent(EventMixin, LoggedModel):
    active = models.BooleanField(default=False, verbose_name=_("Active"),
                                 help_text=_("Only with this checkbox enabled, this date is visible in the "
                                             "frontend to users."))
    is_public = models.BooleanField(default=True,
                                    verbose_name=_("Show in lists"),
                                    help_text=_("If selected, this event will show up publicly on the list of dates "
                                                "for your event."))
    name = I18nCharField(
        max_length=200,
        verbose_name=_("Name"),
@@ -925,14 +879,10 @@ class SubEvent(EventMixin, LoggedModel):
        null=True, blank=True,
        verbose_name=_("Frontpage text")
    )
    seating_plan = models.ForeignKey('SeatingPlan', on_delete=models.PROTECT, null=True, blank=True,
                                     related_name='subevents')
    items = models.ManyToManyField('Item', through='SubEventItem')
    variations = models.ManyToManyField('ItemVariation', through='SubEventItemVariation')
    objects = ScopedManager(organizer='event__organizer')
    class Meta:
        verbose_name = _("Date in event series")
        verbose_name_plural = _("Dates in event series")
@@ -941,28 +891,6 @@ class SubEvent(EventMixin, LoggedModel):
    def __str__(self):
        return '{} - {}'.format(self.name, self.get_date_range_display())
    @property
    def free_seats(self):
        from .orders import CartPosition, Order, OrderPosition
        return self.seats.annotate(
            has_order=Exists(
                OrderPosition.objects.filter(
                    order__event_id=self.event_id,
                    subevent=self,
                    seat_id=OuterRef('pk'),
                    order__status__in=[Order.STATUS_PENDING, Order.STATUS_PAID]
                )
            ),
            has_cart=Exists(
                CartPosition.objects.filter(
                    event_id=self.event_id,
                    subevent=self,
                    seat_id=OuterRef('pk'),
                    expires__gte=now()
                )
            )
        ).filter(has_order=False, has_cart=False, blocked=False)
    @cached_property
    def settings(self):
        return self.event.settings
@@ -1021,7 +949,6 @@ class SubEvent(EventMixin, LoggedModel):
                raise ValidationError(_('One or more variations do not belong to this event.'))
@scopes_disabled()
 def generate_invite_token():
    return get_random_string(length=32, allowed_chars=string.ascii_lowercase + string.digits)
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
johan12345	df25ae3c7c	add tests in test_checkout.py	2019-03-27 21:33:26 +01:00
johan12345	d686b386e3	add tests in test_items.py	2019-03-27 21:07:26 +01:00
johan12345	bdda68c82d	move JS to the right location	2019-03-27 20:54:04 +01:00
johan12345	2aa36ee2a7	reorder migrations	2019-03-27 20:34:29 +01:00
johan12345	43affc22ab	remove unused import	2019-03-27 18:43:44 +01:00
Johan von Forstner	60575377d7	move migration	2019-03-27 18:43:44 +01:00
Raphael Michel	5ec8c7ed96	Store date(times) in ISO formats and UTC	2019-03-27 18:43:44 +01:00
johan12345	ef55a018f8	fix datetime fields	2019-03-27 18:43:04 +01:00
johan12345	6bf9327f87	improvements after review	2019-03-27 18:42:42 +01:00
johan12345	f761f93550	add migration	2019-03-27 18:42:42 +01:00
Johan von Forstner	c996289563	fix default answers for booleans	2019-03-27 18:42:42 +01:00
Johan von Forstner	89bbed42e6	replace form field for default value depending on question type	2019-03-27 18:42:42 +01:00
Johan von Forstner	8e22c0f3a4	Show initial values in form	2019-03-27 18:42:01 +01:00
Johan von Forstner	3483c522da	Add default_value model field, validation and form field	2019-03-27 18:41:40 +01:00
`@@ -1 +1 @@`
	`__version__ = "3.0.1"`	`__version__ = "2.6.0.dev0"`