diff --git a/src/pretix/api/views/order.py b/src/pretix/api/views/order.py index 241a7c9be7..c9d5f042a3 100644 --- a/src/pretix/api/views/order.py +++ b/src/pretix/api/views/order.py @@ -659,12 +659,13 @@ class OrderViewSet(viewsets.ModelViewSet): _order_placed_email( request.event, order, payment.payment_provider if payment else None, email_template, - log_entry, invoice, payment + log_entry, invoice, payment, is_free=free_flow ) if email_attendees: for p in order.positions.all(): if p.addon_to_id is None and p.attendee_email and p.attendee_email != order.email: - _order_placed_email_attendee(request.event, order, p, email_attendees_template, log_entry) + _order_placed_email_attendee(request.event, order, p, email_attendees_template, log_entry, + is_free=free_flow) if not free_flow and order.status == Order.STATUS_PAID and payment: payment._send_paid_mail(invoice, None, '') diff --git a/src/pretix/base/email.py b/src/pretix/base/email.py index fc6f54ccfe..2019b08d7a 100644 --- a/src/pretix/base/email.py +++ b/src/pretix/base/email.py @@ -33,6 +33,7 @@ from django.core.mail.backends.smtp import EmailBackend from django.db.models import Count from django.dispatch import receiver from django.template.loader import get_template +from django.utils.formats import date_format from django.utils.timezone import now from django.utils.translation import ( get_language, gettext_lazy as _, pgettext_lazy, @@ -453,6 +454,15 @@ def base_placeholders(sender, **kwargs): } ), ), + SimpleFunctionalMailTextPlaceholder( + 'event_location', ['event_or_subevent'], lambda event_or_subevent: str(event_or_subevent.location or ''), + lambda event: str(event.location or ''), + ), + SimpleFunctionalMailTextPlaceholder( + 'event_admission_time', ['event_or_subevent'], + lambda event_or_subevent: date_format(event_or_subevent.date_admission, 'TIME_FORMAT') if event_or_subevent.date_admission else '', + lambda event: date_format(event.date_admission, 'TIME_FORMAT') if event.date_admission else '', + ), SimpleFunctionalMailTextPlaceholder( 'subevent', ['waiting_list_entry', 'event'], lambda waiting_list_entry, event: str(waiting_list_entry.subevent or event), @@ -622,6 +632,10 @@ def base_placeholders(sender, **kwargs): 'meta_%s' % k, ['event'], lambda event, k=k: event.meta_data[k], v )) + ph.append(SimpleFunctionalMailTextPlaceholder( + 'meta_%s' % k, ['event_or_subevent'], lambda event_or_subevent, k=k: event_or_subevent.meta_data[k], + v + )) return ph diff --git a/src/pretix/base/services/mail.py b/src/pretix/base/services/mail.py index ae87fdf7c7..c105ba8787 100644 --- a/src/pretix/base/services/mail.py +++ b/src/pretix/base/services/mail.py @@ -77,7 +77,7 @@ from pretix.base.signals import email_filter, global_email_filter from pretix.celery_app import app from pretix.helpers.hierarkey import clean_filename from pretix.multidomain.urlreverse import build_absolute_uri -from pretix.presale.ical import get_ical +from pretix.presale.ical import get_private_icals logger = logging.getLogger('pretix.base.mail') INVALID_ADDRESS = 'invalid-pretix-mail-address' @@ -430,18 +430,7 @@ def mail_send_task(self, *args, to: List[str], subject: str, body: str, html: st } ) if attach_ical: - ical_events = set() - if event.has_subevents: - if position: - ical_events.add(position.subevent) - else: - for p in order.positions.all(): - ical_events.add(p.subevent) - else: - ical_events.add(order.event) - - for i, e in enumerate(ical_events): - cal = get_ical([e]) + for i, cal in enumerate(get_private_icals(event, [position] if position else order.positions.all())): email.attach('event-{}.ics'.format(i), cal.serialize(), 'text/calendar') email = email_filter.send_chained(event, 'message', message=email, order=order, user=user) diff --git a/src/pretix/base/services/orders.py b/src/pretix/base/services/orders.py index ba3dad8239..a05f39051d 100644 --- a/src/pretix/base/services/orders.py +++ b/src/pretix/base/services/orders.py @@ -932,7 +932,7 @@ def _create_order(event: Event, email: str, positions: List[CartPosition], now_d def _order_placed_email(event: Event, order: Order, pprov: BasePaymentProvider, email_template, log_entry: str, - invoice, payment: OrderPayment): + invoice, payment: OrderPayment, is_free=False): email_context = get_email_context(event=event, order=order, payment=payment if pprov else None) email_subject = _('Your order: %(code)s') % {'code': order.code} try: @@ -941,7 +941,7 @@ def _order_placed_email(event: Event, order: Order, pprov: BasePaymentProvider, log_entry, invoices=[invoice] if invoice and event.settings.invoice_email_attachment else [], attach_tickets=True, - attach_ical=event.settings.mail_attach_ical, + attach_ical=event.settings.mail_attach_ical and (not event.settings.mail_attach_ical_paid_only or is_free), attach_other_files=[a for a in [ event.settings.get('mail_attachment_new_order', as_type=str, default='')[len('file://'):] ] if a], @@ -950,7 +950,7 @@ def _order_placed_email(event: Event, order: Order, pprov: BasePaymentProvider, logger.exception('Order received email could not be sent') -def _order_placed_email_attendee(event: Event, order: Order, position: OrderPosition, email_template, log_entry: str): +def _order_placed_email_attendee(event: Event, order: Order, position: OrderPosition, email_template, log_entry: str, is_free=False): email_context = get_email_context(event=event, order=order, position=position) email_subject = _('Your event registration: %(code)s') % {'code': order.code} @@ -961,7 +961,7 @@ def _order_placed_email_attendee(event: Event, order: Order, position: OrderPosi invoices=[], attach_tickets=True, position=position, - attach_ical=event.settings.mail_attach_ical, + attach_ical=event.settings.mail_attach_ical and (not event.settings.mail_attach_ical_paid_only or is_free), attach_other_files=[a for a in [ event.settings.get('mail_attachment_new_order', as_type=str, default='')[len('file://'):] ] if a], @@ -1070,11 +1070,13 @@ def _perform_order(event: Event, payment_provider: str, position_ids: List[str], email_attendees_template = event.settings.mail_text_order_placed_attendee if sales_channel in event.settings.mail_sales_channel_placed_paid: - _order_placed_email(event, order, pprov, email_template, log_entry, invoice, payment) + _order_placed_email(event, order, pprov, email_template, log_entry, invoice, payment, + is_free=free_order_flow) if email_attendees: for p in order.positions.all(): if p.addon_to_id is None and p.attendee_email and p.attendee_email != order.email: - _order_placed_email_attendee(event, order, p, email_attendees_template, log_entry) + _order_placed_email_attendee(event, order, p, email_attendees_template, log_entry, + is_free=free_order_flow) return order.id diff --git a/src/pretix/base/settings.py b/src/pretix/base/settings.py index 914d76b174..339441f427 100644 --- a/src/pretix/base/settings.py +++ b/src/pretix/base/settings.py @@ -1573,6 +1573,32 @@ DEFAULTS = { help_text=_("If enabled, we will attach an .ics calendar file to order confirmation emails."), ) }, + 'mail_attach_ical_paid_only': { + 'default': 'False', + 'type': bool, + 'form_class': forms.BooleanField, + 'serializer_class': serializers.BooleanField, + 'form_kwargs': dict( + label=_("Attach calendar files only after order has been paid"), + help_text=_("Use this if you e.g. put a private access link into the calendar file to make sure people only " + "receive it after their payment was confirmed."), + ) + }, + 'mail_attach_ical_description': { + 'default': '', + 'type': LazyI18nString, + 'form_class': I18nFormField, + 'form_kwargs': dict( + label=_("Event description"), + widget=I18nTextarea, + help_text=_( + "You can use this to share information with your attendees, such as travel information or the link to a digital event. " + "If you keep it empty, we will put a link to the event shop, the admission time, and your organizer name in there. " + "We do not allow using placeholders with sensitive person-specific data as calendar entries are often shared with an " + "unspecified number of people." + ), + ) + }, 'mail_prefix': { 'default': None, 'type': str, diff --git a/src/pretix/control/forms/event.py b/src/pretix/control/forms/event.py index 35745896ac..746b3268d8 100644 --- a/src/pretix/control/forms/event.py +++ b/src/pretix/control/forms/event.py @@ -872,6 +872,8 @@ class MailSettingsForm(SettingsForm): 'mail_attach_ical', 'mail_attach_tickets', 'mail_attachment_new_order', + 'mail_attach_ical_paid_only', + 'mail_attach_ical_description', ] mail_sales_channel_placed_paid = forms.MultipleChoiceField( @@ -1079,7 +1081,8 @@ class MailSettingsForm(SettingsForm): 'mail_text_download_reminder_attendee': ['event', 'order', 'position'], 'mail_text_resend_link': ['event', 'order'], 'mail_text_waiting_list': ['event', 'waiting_list_entry'], - 'mail_text_resend_all_links': ['event', 'orders'] + 'mail_text_resend_all_links': ['event', 'orders'], + 'mail_attach_ical_description': ['event', 'event_or_subevent'], } def _set_field_placeholders(self, fn, base_parameters): diff --git a/src/pretix/control/templates/pretixcontrol/event/mail.html b/src/pretix/control/templates/pretixcontrol/event/mail.html index c7dd99a773..8d1093f64b 100644 --- a/src/pretix/control/templates/pretixcontrol/event/mail.html +++ b/src/pretix/control/templates/pretixcontrol/event/mail.html @@ -14,7 +14,6 @@ {% trans "General" %} {% bootstrap_field form.mail_prefix layout="control" %} {% bootstrap_field form.mail_attach_tickets layout="control" %} - {% bootstrap_field form.mail_attach_ical layout="control" %} {% url "control:organizer.settings.mail" organizer=request.organizer.slug as org_url %} {% propagated request.event org_url "mail_from" "smtp_use_custom" "smtp_host" "smtp_port" "smtp_username" "smtp_password" "smtp_use_tls" "smtp_use_ssl" %}
@@ -57,6 +56,12 @@ {% endpropagated %} {% bootstrap_field form.mail_sales_channel_placed_paid layout="control" %} +
+ {% trans "Calender invites" %} + {% bootstrap_field form.mail_attach_ical layout="control" %} + {% bootstrap_field form.mail_attach_ical_paid_only layout="control" %} + {% bootstrap_field form.mail_attach_ical_description layout="control" %} +
{% trans "E-mail design" %}
diff --git a/src/pretix/presale/ical.py b/src/pretix/presale/ical.py index 42e2a45e14..8eeb082a6d 100644 --- a/src/pretix/presale/ical.py +++ b/src/pretix/presale/ical.py @@ -28,11 +28,16 @@ from django.conf import settings from django.utils.formats import date_format from django.utils.translation import gettext as _ +from pretix.base.email import get_email_context from pretix.base.models import Event from pretix.multidomain.urlreverse import build_absolute_uri -def get_ical(events): +def get_public_ical(events): + """ + Return an ical feed for a sequence of events or subevents. The calendar files will only include public + information. + """ cal = vobject.iCalendar() cal.add('prodid').value = '-//pretix//{}//'.format(settings.PRETIX_INSTANCE_NAME.replace(" ", "_")) creation_time = datetime.datetime.now(pytz.utc) @@ -83,3 +88,91 @@ def get_ical(events): vevent.add('description').value = '\n'.join(descr) return cal + + +def get_private_icals(event, positions): + """ + Return a list of ical objects based on a sequence of positions. + + Unlike get_public_ical, this will + + - Generate multiple ical files instead of one (but with deduplication applied) + - Respect the mail_attach_ical_description setting + + It is private in the sense that mail_attach_ical_description may contain content not suited for + public display. + + We however intentionally do not allow using placeholders based on the order and position + specifically. This is for two reasons: + + - In reality, many people will add their invite to their calendar which is shared with a larger + team. People are probably not aware that they're sharing sensitive information such as their + secret ticket link with everyone they share their calendar with. + + - It would be pretty hard to implement it in a way that doesn't require us to use distinct + settings fields for emails to customers and to attendees, which feels like an overcomplication. + """ + + from pretix.base.services.mail import TolerantDict + + tz = pytz.timezone(event.settings.timezone) + + creation_time = datetime.datetime.now(pytz.utc) + calobjects = [] + + evs = set(p.subevent or event for p in positions) + for ev in evs: + if isinstance(ev, Event): + url = build_absolute_uri(event, 'presale:event.index') + else: + url = build_absolute_uri(event, 'presale:event.index', { + 'subevent': ev.pk + }) + + if event.settings.mail_attach_ical_description: + ctx = get_email_context(event=event, event_or_subevent=ev) + description = str(event.settings.mail_attach_ical_description).format_map(TolerantDict(ctx)) + else: + # Default description + descr = [] + descr.append(_('Tickets: {url}').format(url=url)) + if ev.date_admission: + descr.append(str(_('Admission: {datetime}')).format( + datetime=date_format(ev.date_admission.astimezone(tz), 'SHORT_DATETIME_FORMAT') + )) + + descr.append(_('Organizer: {organizer}').format(organizer=event.organizer.name)) + description = '\n'.join(descr) + + cal = vobject.iCalendar() + cal.add('prodid').value = '-//pretix//{}//'.format(settings.PRETIX_INSTANCE_NAME.replace(" ", "_")) + + vevent = cal.add('vevent') + vevent.add('summary').value = str(ev.name) + vevent.add('description').value = description + vevent.add('dtstamp').value = creation_time + if ev.location: + vevent.add('location').value = str(ev.location) + + vevent.add('uid').value = 'pretix-{}-{}-{}@{}'.format( + event.organizer.slug, + event.organizer.slug, event.slug, + ev.pk if not isinstance(ev, Event) else '0', + urlparse(url).netloc + ) + + if event.settings.show_times: + vevent.add('dtstart').value = ev.date_from.astimezone(tz) + else: + vevent.add('dtstart').value = ev.date_from.astimezone(tz).date() + + if event.settings.show_date_to and ev.date_to: + if event.settings.show_times: + vevent.add('dtend').value = ev.date_to.astimezone(tz) + else: + # with full-day events date_to in pretix is included (e.g. last day) + # whereas dtend in vcalendar is non-inclusive => add one day for export + vevent.add('dtend').value = ev.date_to.astimezone(tz).date() + datetime.timedelta(days=1) + + calobjects.append(cal) + return calobjects diff --git a/src/pretix/presale/views/event.py b/src/pretix/presale/views/event.py index 51d956b7af..462cc5a51e 100644 --- a/src/pretix/presale/views/event.py +++ b/src/pretix/presale/views/event.py @@ -70,7 +70,7 @@ from pretix.base.models.items import ( from pretix.base.services.quotas import QuotaAvailability from pretix.helpers.compat import date_fromisocalendar from pretix.multidomain.urlreverse import eventreverse -from pretix.presale.ical import get_ical +from pretix.presale.ical import get_public_ical from pretix.presale.signals import item_description from pretix.presale.views.organizer import ( EventListMixin, add_subevents_for_days, days_for_template, @@ -719,7 +719,7 @@ class EventIcalDownload(EventViewMixin, View): raise Http404(pgettext_lazy('subevent', 'Unknown date selected.')) event = self.request.event - cal = get_ical([subevent or event]) + cal = get_public_ical([subevent or event]) resp = HttpResponse(cal.serialize(), content_type='text/calendar') resp['Content-Disposition'] = 'attachment; filename="{}-{}-{}.ics"'.format( diff --git a/src/pretix/presale/views/organizer.py b/src/pretix/presale/views/organizer.py index 20a19b2497..af56eb5f80 100644 --- a/src/pretix/presale/views/organizer.py +++ b/src/pretix/presale/views/organizer.py @@ -67,7 +67,7 @@ from pretix.helpers.formats.en.formats import ( SHORT_MONTH_DAY_FORMAT, WEEK_FORMAT, ) from pretix.multidomain.urlreverse import eventreverse -from pretix.presale.ical import get_ical +from pretix.presale.ical import get_public_ical from pretix.presale.views import OrganizerViewMixin @@ -1159,9 +1159,9 @@ class OrganizerIcalDownload(OrganizerViewMixin, View): if 'locale' in request.GET and request.GET.get('locale') in dict(settings.LANGUAGES): with language(request.GET.get('locale'), self.request.organizer.settings.region): - cal = get_ical(events) + cal = get_public_ical(events) else: - cal = get_ical(events) + cal = get_public_ical(events) resp = HttpResponse(cal.serialize(), content_type='text/calendar') resp['Content-Disposition'] = 'attachment; filename="{}.ics"'.format(