mirror of
https://github.com/pretix/pretix.git
synced 2026-05-08 15:44:02 +00:00
Make all orders "guest orders"
This commit is contained in:
Raphael Michel
@@ -22,20 +22,7 @@ def login_required(view_func):
|
||||
'event': request.event.slug,
|
||||
}), 'next'
|
||||
)
|
||||
return _wrapped_view
|
||||
|
||||
|
||||
def login_or_guest_required(view_func):
|
||||
def _wrapped_view(request, *args, **kwargs):
|
||||
if request.user.is_authenticated() or 'guest_email' in request.session:
|
||||
return view_func(request, *args, **kwargs)
|
||||
path = request.path
|
||||
return redirect_to_login(
|
||||
path, reverse('presale:event.checkout.login', kwargs={
|
||||
'organizer': request.event.organizer.slug,
|
||||
'event': request.event.slug,
|
||||
}) + '?guest=1', 'next'
|
||||
)
|
||||
return _wrapped_view
|
||||
|
||||
|
||||
@@ -46,28 +33,14 @@ class LoginRequiredMixin:
|
||||
return login_required(view)
|
||||
|
||||
|
||||
class LoginOrGuestRequiredMixin:
|
||||
@classmethod
|
||||
def as_view(cls, **initkwargs):
|
||||
view = super().as_view(**initkwargs)
|
||||
return login_or_guest_required(view)
|
||||
|
||||
|
||||
def user_cart_q(request):
|
||||
if request.user.is_authenticated():
|
||||
return Q(Q(user=request.user) | Q(session=request.session.session_key))
|
||||
return Q(Q(user__isnull=True) & Q(session=request.session.session_key))
|
||||
|
||||
|
||||
class CartDisplayMixin:
|
||||
|
||||
@cached_property
|
||||
def positions(self):
|
||||
"""
|
||||
A list of this users cart position
|
||||
"""
|
||||
return list(CartPosition.objects.current.filter(
|
||||
user_cart_q(self.request) & Q(event=self.request.event)
|
||||
session=self.request.session.session_key, event=self.request.event
|
||||
).order_by(
|
||||
'item', 'variation'
|
||||
).select_related(
|
||||
@@ -79,7 +52,7 @@ class CartDisplayMixin:
|
||||
|
||||
def get_cart(self, answers=False, queryset=None, payment_fee=None):
|
||||
queryset = queryset or CartPosition.objects.current.filter(
|
||||
user_cart_q(self.request) & Q(event=self.request.event)
|
||||
session=self.request.session.session_key, event=self.request.event
|
||||
)
|
||||
|
||||
prefetch = ['variation__values', 'variation__values__prop']
|
||||
|
||||
@@ -1,24 +1,16 @@
|
||||
import json
|
||||
from datetime import timedelta
|
||||
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth.views import redirect_to_login
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.db.models import Q
|
||||
from django.shortcuts import redirect
|
||||
from django.utils.timezone import now
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.views.generic import View
|
||||
|
||||
from pretix.base.models import (
|
||||
CartPosition, EventLock, Item, ItemVariation, Quota,
|
||||
)
|
||||
from pretix.base.services.cart import (
|
||||
CartError, add_items_to_cart, remove_items_from_cart,
|
||||
)
|
||||
from pretix.presale.views import (
|
||||
EventViewMixin, LoginOrGuestRequiredMixin, user_cart_q,
|
||||
)
|
||||
from pretix.presale.views import EventViewMixin
|
||||
|
||||
|
||||
class CartActionMixin:
|
||||
@@ -67,15 +59,14 @@ class CartActionMixin:
|
||||
return items
|
||||
|
||||
|
||||
class CartRemove(EventViewMixin, CartActionMixin, LoginOrGuestRequiredMixin, View):
|
||||
class CartRemove(EventViewMixin, CartActionMixin, View):
|
||||
|
||||
def post(self, *args, **kwargs):
|
||||
items = self._items_from_post_data()
|
||||
if not items:
|
||||
return redirect(self.get_failure_url())
|
||||
|
||||
remove_items_from_cart(self.request.event.identity, items, self.request.user.id,
|
||||
self.request.session.session_key)
|
||||
remove_items_from_cart(self.request.event.identity, items, self.request.session.session_key)
|
||||
messages.success(self.request, _('Your cart has been updated.'))
|
||||
return redirect(self.get_success_url())
|
||||
|
||||
@@ -87,24 +78,11 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
|
||||
|
||||
def post(self, request, *args, **kwargs):
|
||||
items = self._items_from_post_data()
|
||||
|
||||
# We do not use LoginRequiredMixin here, as we want to store stuff into the
|
||||
# session before redirecting to login
|
||||
if not request.user.is_authenticated() and 'guest_email' not in request.session:
|
||||
request.session['cart_tmp'] = json.dumps(items)
|
||||
return redirect_to_login(
|
||||
self.get_success_url(), reverse('presale:event.checkout.login', kwargs={
|
||||
'organizer': request.event.organizer.slug,
|
||||
'event': request.event.slug,
|
||||
}) + '?guest=1', 'next'
|
||||
)
|
||||
|
||||
return self.process(items)
|
||||
|
||||
def process(self, items):
|
||||
try:
|
||||
add_items_to_cart(self.request.event.identity, items, self.request.user.id,
|
||||
self.request.session.session_key)
|
||||
add_items_to_cart(self.request.event.identity, items, self.request.session.session_key)
|
||||
messages.success(self.request, _('The products have been successfully added to your cart.'))
|
||||
return redirect(self.get_success_url())
|
||||
except CartError as e:
|
||||
|
||||
@@ -12,9 +12,7 @@ from pretix.base.models import CartPosition, OrderPosition, QuestionAnswer
|
||||
from pretix.base.services.orders import OrderError, perform_order
|
||||
from pretix.base.signals import register_payment_providers
|
||||
from pretix.presale.forms.checkout import QuestionsForm
|
||||
from pretix.presale.views import (
|
||||
CartDisplayMixin, EventViewMixin, LoginOrGuestRequiredMixin, user_cart_q,
|
||||
)
|
||||
from pretix.presale.views import CartDisplayMixin, EventViewMixin
|
||||
|
||||
|
||||
class CheckoutView(TemplateView):
|
||||
@@ -43,12 +41,13 @@ class CheckoutView(TemplateView):
|
||||
'organizer': self.request.event.organizer.slug
|
||||
})
|
||||
|
||||
def get_order_url(self, order, add_secret):
|
||||
def get_order_url(self, order):
|
||||
return reverse('presale:event.order', kwargs={
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
'order': order.code,
|
||||
}) + '?thanks=yes' + ('&order_secret=' + order.secret if add_secret else '')
|
||||
'secret': order.secret
|
||||
}) + '?thanks=yes'
|
||||
|
||||
|
||||
class QuestionsViewMixin:
|
||||
@@ -108,8 +107,7 @@ class QuestionsViewMixin:
|
||||
return not failed
|
||||
|
||||
|
||||
class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
|
||||
QuestionsViewMixin, CheckoutView):
|
||||
class CheckoutStart(EventViewMixin, CartDisplayMixin, QuestionsViewMixin, CheckoutView):
|
||||
template_name = "pretixpresale/event/checkout_questions.html"
|
||||
|
||||
def post(self, *args, **kwargs):
|
||||
@@ -140,13 +138,13 @@ class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
|
||||
return ctx
|
||||
|
||||
|
||||
class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin, CheckoutView):
|
||||
class PaymentDetails(EventViewMixin, CartDisplayMixin, CheckoutView):
|
||||
template_name = "pretixpresale/event/checkout_payment.html"
|
||||
|
||||
@cached_property
|
||||
def _total_order_value(self):
|
||||
return CartPosition.objects.current.filter(
|
||||
user_cart_q(self.request) & Q(event=self.request.event)
|
||||
Q(session=self.request.session.session_key) & Q(event=self.request.event)
|
||||
).aggregate(sum=Sum('price'))['sum']
|
||||
|
||||
@cached_property
|
||||
@@ -196,7 +194,7 @@ class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin
|
||||
return self.get_questions_url() + "?back=true"
|
||||
|
||||
|
||||
class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin, CheckoutView):
|
||||
class OrderConfirm(EventViewMixin, CartDisplayMixin, CheckoutView):
|
||||
template_name = "pretixpresale/event/checkout_confirm.html"
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
@@ -259,7 +257,6 @@ class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
|
||||
def perform_order(self, request: HttpRequest):
|
||||
try:
|
||||
order = perform_order(self.request.event, self.payment_provider, self.positions,
|
||||
user=request.user if request.user.is_authenticated() else None,
|
||||
email=request.session.get('guest_email', None),
|
||||
locale=translation.get_language())
|
||||
except OrderError as e:
|
||||
@@ -269,7 +266,7 @@ class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
|
||||
# Message is delivered via GET parameter
|
||||
# messages.success(request, _('Your order has been placed.'))
|
||||
resp = self.payment_provider.payment_perform(request, order)
|
||||
return redirect(resp or self.get_order_url(order, not request.user.is_authenticated()))
|
||||
return redirect(resp or self.get_order_url(order))
|
||||
|
||||
def get_previous_url(self):
|
||||
if self.payment_provider.identifier != "free":
|
||||
|
||||
@@ -1,30 +1,7 @@
|
||||
import json
|
||||
|
||||
from django.conf import settings
|
||||
from django.contrib import messages
|
||||
from django.contrib.auth import (
|
||||
authenticate, login, logout, update_session_auth_hash,
|
||||
)
|
||||
from django.contrib.auth.tokens import default_token_generator
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.db.models import Count
|
||||
from django.shortcuts import redirect
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.views.generic import TemplateView, UpdateView, View
|
||||
from django.views.generic import TemplateView
|
||||
|
||||
from pretix.base.forms.auth import (
|
||||
LoginForm, PasswordForgotForm, PasswordRecoverForm, RegistrationForm,
|
||||
)
|
||||
from pretix.base.forms.user import UserSettingsForm
|
||||
from pretix.base.models import User
|
||||
from pretix.base.services.cart import CartError, add_items_to_cart
|
||||
from pretix.base.services.mail import mail
|
||||
from pretix.helpers.urls import build_absolute_uri
|
||||
from pretix.presale.forms.checkout import GuestForm
|
||||
from pretix.presale.views import (
|
||||
CartDisplayMixin, EventViewMixin, LoginRequiredMixin,
|
||||
)
|
||||
from pretix.presale.views import CartDisplayMixin, EventViewMixin
|
||||
|
||||
|
||||
class EventIndex(EventViewMixin, CartDisplayMixin, TemplateView):
|
||||
@@ -80,239 +57,3 @@ class EventIndex(EventViewMixin, CartDisplayMixin, TemplateView):
|
||||
|
||||
context['cart'] = self.get_cart()
|
||||
return context
|
||||
|
||||
|
||||
class EventLogin(EventViewMixin, TemplateView):
|
||||
template_name = 'pretixpresale/event/login.html'
|
||||
|
||||
def redirect_to_next(self):
|
||||
if 'cart_tmp' in self.request.session:
|
||||
items = json.loads(self.request.session['cart_tmp'])
|
||||
del self.request.session['cart_tmp']
|
||||
try:
|
||||
add_items_to_cart(self.request.event.identity, items, self.request.user.id,
|
||||
self.request.session.session_key)
|
||||
messages.success(self.request, _('The products have been successfully added to your cart.'))
|
||||
except CartError as e:
|
||||
messages.error(self.request, str(e))
|
||||
if 'next' in self.request.GET:
|
||||
return redirect(self.request.GET.get('next'))
|
||||
else:
|
||||
return redirect('presale:event.account',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
if request.user.is_authenticated():
|
||||
return self.redirect_to_next()
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def post(self, request, *args, **kwargs):
|
||||
if request.POST.get('form') == 'login':
|
||||
form = self.login_form
|
||||
if form.is_valid() and form.user_cache:
|
||||
login(request, form.user_cache)
|
||||
return self.redirect_to_next()
|
||||
elif request.POST.get('form') == 'guest':
|
||||
form = self.guest_form
|
||||
if form.is_valid():
|
||||
request.session['guest_email'] = form.cleaned_data['email']
|
||||
return self.redirect_to_next()
|
||||
elif request.POST.get('form') == 'registration':
|
||||
form = self.registration_form
|
||||
if form.is_valid():
|
||||
user = User.objects.create_user(
|
||||
form.cleaned_data['email'], form.cleaned_data['password'],
|
||||
locale=request.LANGUAGE_CODE,
|
||||
timezone=request.timezone if hasattr(request, 'timezone') else settings.TIME_ZONE
|
||||
)
|
||||
user = authenticate(email=user.email, password=form.cleaned_data['password'])
|
||||
login(request, user)
|
||||
return self.redirect_to_next()
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
@cached_property
|
||||
def login_form(self):
|
||||
return LoginForm(
|
||||
self.request,
|
||||
data=self.request.POST if self.request.POST.get('form', '') == 'login' else None
|
||||
)
|
||||
|
||||
@cached_property
|
||||
def guest_form(self):
|
||||
return GuestForm(
|
||||
data=self.request.POST if self.request.POST.get('form', '') == 'guest' else None
|
||||
)
|
||||
|
||||
@cached_property
|
||||
def registration_form(self):
|
||||
return RegistrationForm(
|
||||
data=self.request.POST if self.request.POST.get('form', '') == 'registration' else None
|
||||
)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['login_form'] = self.login_form
|
||||
context['registration_form'] = self.registration_form
|
||||
context['guest_form'] = self.guest_form
|
||||
return context
|
||||
|
||||
|
||||
class EventForgot(EventViewMixin, TemplateView):
|
||||
template_name = 'pretixpresale/event/forgot.html'
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
if request.user.is_authenticated():
|
||||
return redirect('presale:event.orders',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def post(self, request, *args, **kwargs):
|
||||
if self.form.is_valid():
|
||||
user = self.form.cleaned_data['user']
|
||||
mail(
|
||||
user.email, _('Password recovery'), 'pretixpresale/email/forgot.txt',
|
||||
{
|
||||
'user': user,
|
||||
'event': self.request.event,
|
||||
'url': build_absolute_uri('presale:event.forgot.recover', kwargs={
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
}) + '?id=%d&token=%s' % (user.id, default_token_generator.make_token(user)),
|
||||
},
|
||||
self.request.event, locale=user.locale
|
||||
)
|
||||
messages.success(request, _('We sent you an e-mail containing further instructions.'))
|
||||
return redirect('presale:event.forgot',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
else:
|
||||
return self.get(request, *args, **kwargs)
|
||||
|
||||
@cached_property
|
||||
def form(self):
|
||||
return PasswordForgotForm(
|
||||
event=self.request.event,
|
||||
data=self.request.POST if self.request.method == 'POST' else None
|
||||
)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['form'] = self.form
|
||||
return context
|
||||
|
||||
|
||||
class EventRecover(EventViewMixin, TemplateView):
|
||||
template_name = 'pretixpresale/event/recover.html'
|
||||
|
||||
error_messages = {
|
||||
'invalid': _('You clicked on an invalid link. Please check that you copied the full '
|
||||
'web address into your address bar. Please note that the link is only valid '
|
||||
'for three days and that the link can only be used once.'),
|
||||
'unknownuser': _('We were unable to find the user you requested a new password for.')
|
||||
}
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
if request.user.is_authenticated():
|
||||
return redirect('presale:event.orders',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
try:
|
||||
user = User.objects.get(id=self.request.GET.get('id'))
|
||||
except User.DoesNotExist:
|
||||
return self.invalid('unknownuser')
|
||||
if not default_token_generator.check_token(user, self.request.GET.get('token')):
|
||||
return self.invalid('invalid')
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
def invalid(self, msg):
|
||||
messages.error(self.request, self.error_messages[msg])
|
||||
return redirect('presale:event.forgot',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
|
||||
def post(self, request, *args, **kwargs):
|
||||
if self.form.is_valid():
|
||||
try:
|
||||
user = User.objects.get(id=self.request.GET.get('id'))
|
||||
except User.DoesNotExist:
|
||||
return self.invalid('unknownuser')
|
||||
if not default_token_generator.check_token(user, self.request.GET.get('token')):
|
||||
return self.invalid('invalid')
|
||||
user.set_password(self.form.cleaned_data['password'])
|
||||
user.save()
|
||||
messages.success(request, _('You can now login using your new password.'))
|
||||
return redirect('presale:event.checkout.login',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
else:
|
||||
return self.get(request, *args, **kwargs)
|
||||
|
||||
@cached_property
|
||||
def form(self):
|
||||
return PasswordRecoverForm(
|
||||
data=self.request.POST if self.request.method == 'POST' else None
|
||||
)
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['form'] = self.form
|
||||
return context
|
||||
|
||||
|
||||
class EventLogout(EventViewMixin, View):
|
||||
def get(self, request, *args, **kwargs):
|
||||
logout(request)
|
||||
return redirect('presale:event.index',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
|
||||
|
||||
class EventAccount(LoginRequiredMixin, EventViewMixin, TemplateView):
|
||||
template_name = 'pretixpresale/event/account.html'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['orders'] = self.request.user.orders.current.count()
|
||||
return context
|
||||
|
||||
|
||||
class EventOrders(LoginRequiredMixin, EventViewMixin, TemplateView):
|
||||
template_name = 'pretixpresale/event/orders.html'
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['orders'] = self.request.user.orders.current.all()
|
||||
return context
|
||||
|
||||
|
||||
class EventAccountSettings(LoginRequiredMixin, EventViewMixin, UpdateView):
|
||||
model = User
|
||||
form_class = UserSettingsForm
|
||||
template_name = 'pretixpresale/event/account_settings.html'
|
||||
|
||||
def get_object(self, queryset=None):
|
||||
return self.request.user
|
||||
|
||||
def get_form_kwargs(self):
|
||||
kwargs = super().get_form_kwargs()
|
||||
kwargs['user'] = self.request.user
|
||||
return kwargs
|
||||
|
||||
def form_invalid(self, form):
|
||||
messages.error(self.request, _('Your changes could not be saved. See below for details.'))
|
||||
return super().form_invalid(form)
|
||||
|
||||
def form_valid(self, form):
|
||||
messages.success(self.request, _('Your changes have been saved.'))
|
||||
sup = super().form_valid(form)
|
||||
update_session_auth_hash(self.request, self.request.user)
|
||||
return sup
|
||||
|
||||
def get_success_url(self):
|
||||
return reverse('presale:event.account.settings',
|
||||
kwargs={
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
})
|
||||
|
||||
@@ -23,10 +23,8 @@ class OrderDetailMixin:
|
||||
@cached_property
|
||||
def order(self):
|
||||
try:
|
||||
q = Q(Q(secret__isnull=False) & Q(secret__in=self.request.session['order_secrets']))
|
||||
if self.request.user.is_authenticated():
|
||||
q |= Q(user=self.request.user)
|
||||
return Order.objects.current.get(q & Q(event=self.request.event) & Q(code=self.kwargs['order']))
|
||||
return Order.objects.current.get(secret=self.kwargs['secret'],
|
||||
event=self.request.event, code=self.kwargs['order'])
|
||||
except Order.DoesNotExist:
|
||||
return None
|
||||
|
||||
@@ -43,6 +41,7 @@ class OrderDetailMixin:
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
'order': self.order.code,
|
||||
'secret': self.order.secret
|
||||
})
|
||||
|
||||
|
||||
@@ -52,7 +51,7 @@ class OrderDetails(EventViewMixin, OrderDetailMixin, CartDisplayMixin, TemplateV
|
||||
def get(self, request, *args, **kwargs):
|
||||
self.kwargs = kwargs
|
||||
if not self.order:
|
||||
raise Http404(_('Unknown order code or order does belong to another user.'))
|
||||
raise Http404(_('Unknown order code or not authorized to access this order.'))
|
||||
return super().get(request, *args, **kwargs)
|
||||
|
||||
@cached_property
|
||||
@@ -104,7 +103,7 @@ class OrderPay(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.request = request
|
||||
if not self.order:
|
||||
raise Http404(_('Unknown order code or order does belong to another user.'))
|
||||
raise Http404(_('Unknown order code or not authorized to access this order.'))
|
||||
if (self.order.status not in (Order.STATUS_PENDING, Order.STATUS_EXPIRED)
|
||||
or not self.payment_provider.order_can_retry(self.order)
|
||||
or not self.payment_provider.is_enabled):
|
||||
@@ -138,6 +137,7 @@ class OrderPay(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
'order': self.order.code,
|
||||
'secret': self.order.secret
|
||||
})
|
||||
|
||||
|
||||
@@ -147,7 +147,7 @@ class OrderPayDo(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
self.request = request
|
||||
if not self.order:
|
||||
raise Http404(_('Unknown order code or order does belong to another user.'))
|
||||
raise Http404(_('Unknown order code or not authorized to access this order.'))
|
||||
if not self.payment_provider.order_can_retry(self.order) or not self.payment_provider.is_enabled:
|
||||
messages.error(request, _('The payment for this order cannot be continued.'))
|
||||
return redirect(self.get_order_url())
|
||||
@@ -178,6 +178,7 @@ class OrderPayDo(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
'order': self.order.code,
|
||||
'secret': self.order.secret
|
||||
})
|
||||
|
||||
|
||||
@@ -210,7 +211,7 @@ class OrderModify(EventViewMixin, OrderDetailMixin, QuestionsViewMixin, Template
|
||||
self.request = request
|
||||
self.kwargs = kwargs
|
||||
if not self.order:
|
||||
raise Http404(request, _('Unknown order code or order does belong to another user.'))
|
||||
raise Http404(_('Unknown order code or not authorized to access this order.'))
|
||||
if not self.order.can_modify_answers:
|
||||
messages.error(request, _('You cannot modify this order'))
|
||||
return redirect(self.get_order_url())
|
||||
@@ -230,7 +231,7 @@ class OrderCancel(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
self.request = request
|
||||
self.kwargs = kwargs
|
||||
if not self.order:
|
||||
raise Http404(_('Unknown order code or order does belong to another user.'))
|
||||
raise Http404(_('Unknown order code or not authorized to access this order.'))
|
||||
if self.order.status not in (Order.STATUS_PENDING, Order.STATUS_EXPIRED):
|
||||
messages.error(request, _('You cannot cancel this order'))
|
||||
return redirect(self.get_order_url())
|
||||
@@ -265,7 +266,7 @@ class OrderDownload(EventViewMixin, OrderDetailMixin, View):
|
||||
messages.error(request, _('You requested an invalid ticket output type.'))
|
||||
return redirect(self.get_order_url())
|
||||
if not self.order:
|
||||
raise Http404(_('Unknown order code or order does belong to another user.'))
|
||||
raise Http404(_('Unknown order code or not authorized to access this order.'))
|
||||
if self.order.status != Order.STATUS_PAID:
|
||||
messages.error(request, _('Order is not paid.'))
|
||||
return redirect(self.get_order_url())
|
||||
|
||||
Reference in New Issue
Block a user