mirror of
https://github.com/pretix/pretix.git
synced 2026-05-09 15:54:03 +00:00
Refs #96 -- Allow anonymous orders
This commit is contained in:
Raphael Michel
@@ -1,7 +1,6 @@
|
||||
from datetime import timedelta
|
||||
from itertools import groupby
|
||||
|
||||
from django.contrib.auth.decorators import login_required
|
||||
from django.contrib.auth.views import redirect_to_login
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.db.models import Q
|
||||
@@ -12,14 +11,54 @@ from pretix.base.models import CartPosition
|
||||
from pretix.base.signals import register_payment_providers
|
||||
|
||||
|
||||
class LoginRequiredMixin:
|
||||
def login_required(view_func):
|
||||
def _wrapped_view(request, *args, **kwargs):
|
||||
if request.user.is_authenticated():
|
||||
return view_func(request, *args, **kwargs)
|
||||
path = request.path
|
||||
return redirect_to_login(
|
||||
path, reverse('presale:event.checkout.login', kwargs={
|
||||
'organizer': request.event.organizer.slug,
|
||||
'event': request.event.slug,
|
||||
}), 'next'
|
||||
)
|
||||
return _wrapped_view
|
||||
|
||||
|
||||
def login_or_guest_required(view_func):
|
||||
def _wrapped_view(request, *args, **kwargs):
|
||||
if request.user.is_authenticated() or 'guest_email' in request.session:
|
||||
return view_func(request, *args, **kwargs)
|
||||
path = request.path
|
||||
return redirect_to_login(
|
||||
path, reverse('presale:event.checkout.login', kwargs={
|
||||
'organizer': request.event.organizer.slug,
|
||||
'event': request.event.slug,
|
||||
}), 'next'
|
||||
)
|
||||
return _wrapped_view
|
||||
|
||||
|
||||
class LoginRequiredMixin:
|
||||
@classmethod
|
||||
def as_view(cls, **initkwargs):
|
||||
view = super().as_view(**initkwargs)
|
||||
return login_required(view)
|
||||
|
||||
|
||||
class LoginOrGuestRequiredMixin:
|
||||
@classmethod
|
||||
def as_view(cls, **initkwargs):
|
||||
view = super().as_view(**initkwargs)
|
||||
return login_or_guest_required(view)
|
||||
|
||||
|
||||
def user_cart_q(request):
|
||||
if request.user.is_authenticated():
|
||||
return Q(Q(user=request.user) | Q(session=request.session.session_key))
|
||||
return Q(Q(user__isnull=True) & Q(session=request.session.session_key))
|
||||
|
||||
|
||||
class CartDisplayMixin:
|
||||
|
||||
@cached_property
|
||||
@@ -28,7 +67,7 @@ class CartDisplayMixin:
|
||||
A list of this users cart position
|
||||
"""
|
||||
return list(CartPosition.objects.current.filter(
|
||||
Q(user=self.request.user) & Q(event=self.request.event)
|
||||
user_cart_q(self.request) & Q(event=self.request.event)
|
||||
).order_by(
|
||||
'item', 'variation'
|
||||
).select_related(
|
||||
@@ -40,7 +79,7 @@ class CartDisplayMixin:
|
||||
|
||||
def get_cart(self, answers=False, queryset=None, payment_fee=None):
|
||||
queryset = queryset or CartPosition.objects.current.filter(
|
||||
Q(user=self.request.user) & Q(event=self.request.event)
|
||||
user_cart_q(self.request) & Q(event=self.request.event)
|
||||
)
|
||||
|
||||
prefetch = ['variation__values', 'variation__values__prop']
|
||||
@@ -106,7 +145,6 @@ class CartDisplayMixin:
|
||||
|
||||
|
||||
class EventViewMixin:
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['event'] = self.request.event
|
||||
|
||||
@@ -13,7 +13,9 @@ from django.views.generic import View
|
||||
from pretix.base.models import (
|
||||
CartPosition, EventLock, Item, ItemVariation, Quota,
|
||||
)
|
||||
from pretix.presale.views import EventViewMixin, LoginRequiredMixin
|
||||
from pretix.presale.views import (
|
||||
EventViewMixin, LoginOrGuestRequiredMixin, user_cart_q,
|
||||
)
|
||||
|
||||
|
||||
class CartActionMixin:
|
||||
@@ -62,13 +64,13 @@ class CartActionMixin:
|
||||
return items
|
||||
|
||||
|
||||
class CartRemove(EventViewMixin, CartActionMixin, LoginRequiredMixin, View):
|
||||
class CartRemove(EventViewMixin, CartActionMixin, LoginOrGuestRequiredMixin, View):
|
||||
|
||||
def post(self, *args, **kwargs):
|
||||
items = self._items_from_post_data()
|
||||
if not items:
|
||||
return redirect(self.get_failure_url())
|
||||
qw = Q(user=self.request.user)
|
||||
qw = user_cart_q(self.request)
|
||||
|
||||
for item, variation, cnt in items:
|
||||
cw = qw & Q(item_id=item)
|
||||
@@ -112,7 +114,7 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
|
||||
|
||||
# We do not use LoginRequiredMixin here, as we want to store stuff into the
|
||||
# session before redirecting to login
|
||||
if not request.user.is_authenticated():
|
||||
if not request.user.is_authenticated() and 'guest_email' not in request.session:
|
||||
request.session['cart_tmp'] = json.dumps(self.items)
|
||||
return redirect_to_login(
|
||||
self.get_success_url(), reverse('presale:event.checkout.login', kwargs={
|
||||
@@ -121,7 +123,7 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
|
||||
}), 'next'
|
||||
)
|
||||
|
||||
existing = CartPosition.objects.current.filter(user=self.request.user, event=self.request.event).count()
|
||||
existing = CartPosition.objects.current.filter(user_cart_q(self.request) & Q(event=self.request.event)).count()
|
||||
if sum(i[2] for i in self.items) + existing > int(self.request.event.settings.max_items_per_order):
|
||||
# TODO: i18n plurals
|
||||
self.error_message(self.error_messages['max_items'] % self.request.event.settings.max_items_per_order)
|
||||
@@ -142,7 +144,7 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
|
||||
# For items that are already expired, we have to delete and re-add them, as they might
|
||||
# be no longer available or prices might have changed. Sorry!
|
||||
for cp in CartPosition.objects.current.filter(
|
||||
Q(user=self.request.user) & Q(event=self.request.event) & Q(expires__lte=now())
|
||||
user_cart_q(self.request) & Q(event=self.request.event) & Q(expires__lte=now())
|
||||
):
|
||||
self._re_add_position(cp)
|
||||
positions.add(cp)
|
||||
@@ -153,7 +155,7 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
|
||||
# cart expire at the same time
|
||||
# We can extend the reservation of items which are not yet expired without risk
|
||||
CartPosition.objects.current.filter(
|
||||
Q(user=self.request.user) & Q(event=self.request.event) & Q(expires__gt=now())
|
||||
user_cart_q(self.request) & Q(event=self.request.event) & Q(expires__gt=now())
|
||||
).update(expires=expiry)
|
||||
|
||||
def _delete_expired(self):
|
||||
@@ -237,14 +239,18 @@ class CartAdd(EventViewMixin, CartActionMixin, View):
|
||||
cp.price = price
|
||||
cp.save()
|
||||
else:
|
||||
CartPosition.objects.create(
|
||||
cp = CartPosition(
|
||||
event=self.request.event,
|
||||
user=self.request.user,
|
||||
item=item,
|
||||
variation=variation,
|
||||
price=price,
|
||||
expires=expiry
|
||||
)
|
||||
if self.request.user.is_authenticated():
|
||||
cp.user = self.request.user
|
||||
else:
|
||||
cp.session = self.request.session.session_key
|
||||
cp.save()
|
||||
|
||||
self._delete_expired()
|
||||
|
||||
|
||||
@@ -3,6 +3,7 @@ from django.core.urlresolvers import reverse
|
||||
from django.db.models import Q, Sum
|
||||
from django.http import HttpRequest
|
||||
from django.shortcuts import redirect
|
||||
from django.utils import translation
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.views.generic import TemplateView
|
||||
@@ -12,11 +13,13 @@ from pretix.base.services.orders import OrderError, perform_order
|
||||
from pretix.base.signals import register_payment_providers
|
||||
from pretix.presale.forms.checkout import QuestionsForm
|
||||
from pretix.presale.views import (
|
||||
CartDisplayMixin, EventViewMixin, LoginRequiredMixin,
|
||||
CartDisplayMixin, EventViewMixin, LoginOrGuestRequiredMixin,
|
||||
LoginRequiredMixin, user_cart_q,
|
||||
)
|
||||
|
||||
|
||||
class CheckoutView(TemplateView):
|
||||
|
||||
def get_payment_url(self):
|
||||
return reverse('presale:event.checkout.payment', kwargs={
|
||||
'event': self.request.event.slug,
|
||||
@@ -41,12 +44,12 @@ class CheckoutView(TemplateView):
|
||||
'organizer': self.request.event.organizer.slug
|
||||
})
|
||||
|
||||
def get_order_url(self, order):
|
||||
def get_order_url(self, order, add_secret):
|
||||
return reverse('presale:event.order', kwargs={
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
'order': order.code,
|
||||
})
|
||||
}) + '?thanks=yes' + ('&order_secret=' + order.secret if add_secret else '')
|
||||
|
||||
|
||||
class QuestionsViewMixin:
|
||||
@@ -106,7 +109,7 @@ class QuestionsViewMixin:
|
||||
return not failed
|
||||
|
||||
|
||||
class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginRequiredMixin,
|
||||
class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin,
|
||||
QuestionsViewMixin, CheckoutView):
|
||||
template_name = "pretixpresale/event/checkout_questions.html"
|
||||
|
||||
@@ -138,13 +141,13 @@ class CheckoutStart(EventViewMixin, CartDisplayMixin, LoginRequiredMixin,
|
||||
return ctx
|
||||
|
||||
|
||||
class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginRequiredMixin, CheckoutView):
|
||||
class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin, CheckoutView):
|
||||
template_name = "pretixpresale/event/checkout_payment.html"
|
||||
|
||||
@cached_property
|
||||
def _total_order_value(self):
|
||||
return CartPosition.objects.current.filter(
|
||||
Q(user=self.request.user) & Q(event=self.request.event)
|
||||
user_cart_q(self.request) & Q(event=self.request.event)
|
||||
).aggregate(sum=Sum('price'))['sum']
|
||||
|
||||
@cached_property
|
||||
@@ -194,7 +197,7 @@ class PaymentDetails(EventViewMixin, CartDisplayMixin, LoginRequiredMixin, Check
|
||||
return self.get_questions_url() + "?back=true"
|
||||
|
||||
|
||||
class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginRequiredMixin, CheckoutView):
|
||||
class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginOrGuestRequiredMixin, CheckoutView):
|
||||
template_name = "pretixpresale/event/checkout_confirm.html"
|
||||
|
||||
def __init__(self, *args, **kwargs):
|
||||
@@ -256,14 +259,18 @@ class OrderConfirm(EventViewMixin, CartDisplayMixin, LoginRequiredMixin, Checkou
|
||||
|
||||
def perform_order(self, request: HttpRequest):
|
||||
try:
|
||||
order = perform_order(self.request.event, self.request.user, self.payment_provider, self.positions)
|
||||
order = perform_order(self.request.event, self.payment_provider, self.positions,
|
||||
user=request.user if request.user.is_authenticated() else None,
|
||||
email=request.session.get('guest_email', None),
|
||||
locale=translation.get_language())
|
||||
except OrderError as e:
|
||||
messages.error(request, str(e))
|
||||
return redirect(self.get_confirm_url())
|
||||
else:
|
||||
messages.success(request, _('Your order has been placed.'))
|
||||
# Message is delivered via GET parameter
|
||||
# messages.success(request, _('Your order has been placed.'))
|
||||
resp = self.payment_provider.payment_perform(request, order)
|
||||
return redirect(resp or self.get_order_url(order))
|
||||
return redirect(resp or self.get_order_url(order, not request.user.is_authenticated()))
|
||||
|
||||
def get_previous_url(self):
|
||||
if self.payment_provider.identifier != "free":
|
||||
|
||||
@@ -21,6 +21,7 @@ from pretix.base.forms.user import UserSettingsForm
|
||||
from pretix.base.models import User
|
||||
from pretix.base.services.mail import mail
|
||||
from pretix.helpers.urls import build_absolute_uri
|
||||
from pretix.presale.forms.checkout import GuestForm
|
||||
from pretix.presale.views import (
|
||||
CartDisplayMixin, EventViewMixin, LoginRequiredMixin,
|
||||
)
|
||||
@@ -78,7 +79,7 @@ class EventIndex(EventViewMixin, CartDisplayMixin, TemplateView):
|
||||
key=lambda group: (group[0].position, group[0].identity) if group[0] is not None else (0, "")
|
||||
)
|
||||
|
||||
context['cart'] = self.get_cart() if self.request.user.is_authenticated() else None
|
||||
context['cart'] = self.get_cart()
|
||||
return context
|
||||
|
||||
|
||||
@@ -111,6 +112,11 @@ class EventLogin(EventViewMixin, TemplateView):
|
||||
if form.is_valid() and form.user_cache:
|
||||
login(request, form.user_cache)
|
||||
return self.redirect_to_next()
|
||||
elif request.POST.get('form') == 'guest':
|
||||
form = self.guest_form
|
||||
if form.is_valid():
|
||||
request.session['guest_email'] = form.cleaned_data['email']
|
||||
return self.redirect_to_next()
|
||||
elif request.POST.get('form') == 'registration':
|
||||
form = self.registration_form
|
||||
if form.is_valid():
|
||||
@@ -131,6 +137,12 @@ class EventLogin(EventViewMixin, TemplateView):
|
||||
data=self.request.POST if self.request.POST.get('form', '') == 'login' else None
|
||||
)
|
||||
|
||||
@cached_property
|
||||
def guest_form(self):
|
||||
return GuestForm(
|
||||
data=self.request.POST if self.request.POST.get('form', '') == 'guest' else None
|
||||
)
|
||||
|
||||
@cached_property
|
||||
def registration_form(self):
|
||||
return RegistrationForm(
|
||||
@@ -141,6 +153,7 @@ class EventLogin(EventViewMixin, TemplateView):
|
||||
context = super().get_context_data(**kwargs)
|
||||
context['login_form'] = self.login_form
|
||||
context['registration_form'] = self.registration_form
|
||||
context['guest_form'] = self.guest_form
|
||||
return context
|
||||
|
||||
|
||||
@@ -163,24 +176,19 @@ class EventForgot(EventViewMixin, TemplateView):
|
||||
def post(self, request, *args, **kwargs):
|
||||
if self.form.is_valid():
|
||||
user = self.form.cleaned_data['user']
|
||||
if user.email:
|
||||
mail(
|
||||
user, _('Password recovery'),
|
||||
'pretixpresale/email/forgot.txt',
|
||||
{
|
||||
'user': user,
|
||||
'event': self.request.event,
|
||||
'url': build_absolute_uri('presale:event.forgot.recover', kwargs={
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
}) + '?token=' + self.generate_token(user),
|
||||
},
|
||||
self.request.event
|
||||
)
|
||||
messages.success(request, _('We sent you an e-mail containing further instructions.'))
|
||||
else:
|
||||
messages.success(request, _('We are unable to send you a new password, as you did not enter an e-mail '
|
||||
'address at your registration.'))
|
||||
mail(
|
||||
user.email, _('Password recovery'), 'pretixpresale/email/forgot.txt',
|
||||
{
|
||||
'user': user,
|
||||
'event': self.request.event,
|
||||
'url': build_absolute_uri('presale:event.forgot.recover', kwargs={
|
||||
'event': self.request.event.slug,
|
||||
'organizer': self.request.event.organizer.slug,
|
||||
}) + '?token=' + self.generate_token(user),
|
||||
},
|
||||
self.request.event, locale=user.locale
|
||||
)
|
||||
messages.success(request, _('We sent you an e-mail containing further instructions.'))
|
||||
return redirect('presale:event.forgot',
|
||||
organizer=self.request.event.organizer.slug,
|
||||
event=self.request.event.slug)
|
||||
|
||||
@@ -2,34 +2,28 @@ from datetime import timedelta
|
||||
|
||||
from django.contrib import messages
|
||||
from django.core.urlresolvers import reverse
|
||||
from django.db.models import Q
|
||||
from django.http import HttpResponseForbidden, HttpResponseNotFound
|
||||
from django.shortcuts import redirect
|
||||
from django.utils.functional import cached_property
|
||||
from django.utils.timezone import now
|
||||
from django.utils.translation import ugettext_lazy as _
|
||||
from django.views.generic import TemplateView, View
|
||||
|
||||
from pretix.base.models import CachedFile, CachedTicket, Order, OrderPosition
|
||||
from pretix.base.services.tickets import generate
|
||||
from pretix.base.signals import (
|
||||
register_payment_providers, register_ticket_outputs,
|
||||
)
|
||||
from pretix.presale.views import (
|
||||
CartDisplayMixin, EventViewMixin, LoginRequiredMixin,
|
||||
)
|
||||
from pretix.base.signals import register_payment_providers, register_ticket_outputs
|
||||
from pretix.presale.views import CartDisplayMixin, EventViewMixin
|
||||
from pretix.presale.views.checkout import QuestionsViewMixin
|
||||
|
||||
|
||||
class OrderDetailMixin:
|
||||
|
||||
@cached_property
|
||||
def order(self):
|
||||
try:
|
||||
return Order.objects.current.get(
|
||||
user=self.request.user,
|
||||
event=self.request.event,
|
||||
code=self.kwargs['order'],
|
||||
)
|
||||
q = Q(Q(secret__isnull=False) & Q(secret__in=self.request.session['order_secrets']))
|
||||
if self.request.user.is_authenticated():
|
||||
q |= Q(user=self.request.user)
|
||||
return Order.objects.current.get(q & Q(event=self.request.event) & Q(code=self.kwargs['order']))
|
||||
except Order.DoesNotExist:
|
||||
return None
|
||||
|
||||
@@ -49,8 +43,7 @@ class OrderDetailMixin:
|
||||
})
|
||||
|
||||
|
||||
class OrderDetails(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
CartDisplayMixin, TemplateView):
|
||||
class OrderDetails(EventViewMixin, OrderDetailMixin, CartDisplayMixin, TemplateView):
|
||||
template_name = "pretixpresale/event/order.html"
|
||||
|
||||
def get(self, request, *args, **kwargs):
|
||||
@@ -102,7 +95,7 @@ class OrderDetails(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
return ctx
|
||||
|
||||
|
||||
class OrderPay(EventViewMixin, LoginRequiredMixin, OrderDetailMixin, TemplateView):
|
||||
class OrderPay(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
template_name = "pretixpresale/event/order_pay.html"
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
@@ -145,7 +138,7 @@ class OrderPay(EventViewMixin, LoginRequiredMixin, OrderDetailMixin, TemplateVie
|
||||
})
|
||||
|
||||
|
||||
class OrderPayDo(EventViewMixin, LoginRequiredMixin, OrderDetailMixin, TemplateView):
|
||||
class OrderPayDo(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
template_name = "pretixpresale/event/order_pay_confirm.html"
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
@@ -185,8 +178,7 @@ class OrderPayDo(EventViewMixin, LoginRequiredMixin, OrderDetailMixin, TemplateV
|
||||
})
|
||||
|
||||
|
||||
class OrderModify(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
QuestionsViewMixin, TemplateView):
|
||||
class OrderModify(EventViewMixin, OrderDetailMixin, QuestionsViewMixin, TemplateView):
|
||||
template_name = "pretixpresale/event/order_modify.html"
|
||||
|
||||
@cached_property
|
||||
@@ -227,8 +219,7 @@ class OrderModify(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
return ctx
|
||||
|
||||
|
||||
class OrderCancel(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
TemplateView):
|
||||
class OrderCancel(EventViewMixin, OrderDetailMixin, TemplateView):
|
||||
template_name = "pretixpresale/event/order_cancel.html"
|
||||
|
||||
def dispatch(self, request, *args, **kwargs):
|
||||
@@ -255,9 +246,7 @@ class OrderCancel(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
return ctx
|
||||
|
||||
|
||||
class OrderDownload(EventViewMixin, LoginRequiredMixin, OrderDetailMixin,
|
||||
View):
|
||||
|
||||
class OrderDownload(EventViewMixin, OrderDetailMixin, View):
|
||||
@cached_property
|
||||
def output(self):
|
||||
responses = register_ticket_outputs.send(self.request.event)
|
||||
|
||||
Reference in New Issue
Block a user