API: Add write operations to taxrules resource

2026-05-06 15:24:02 +00:00 · 2017-10-11 00:09:53 +02:00
parent e06be9ee25
commit a0e7bd3996
7 changed files with 239 additions and 18 deletions
--- a/src/pretix/api/views/event.py
+++ b/src/pretix/api/views/event.py
@@ -1,11 +1,13 @@
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from rest_framework import filters, viewsets
+from rest_framework.exceptions import PermissionDenied

 from pretix.api.serializers.event import (
    EventSerializer, SubEventSerializer, TaxRuleSerializer,
 )
 from pretix.base.models import Event, ItemCategory, TaxRule
 from pretix.base.models.event import SubEvent
+from pretix.base.models.organizer import TeamAPIToken


 class EventViewSet(viewsets.ReadOnlyModelViewSet):
@@ -36,10 +38,39 @@ class SubEventViewSet(viewsets.ReadOnlyModelViewSet):
        )


-class TaxRuleViewSet(viewsets.ReadOnlyModelViewSet):
+class TaxRuleViewSet(viewsets.ModelViewSet):
    serializer_class = TaxRuleSerializer
    queryset = TaxRule.objects.none()
    write_permission = 'can_change_event_settings'

    def get_queryset(self):
        return self.request.event.tax_rules.all()
+
+    def perform_update(self, serializer):
+        super().perform_update(serializer)
+        serializer.instance.log_action(
+            'pretix.event.taxrule.changed',
+            user=self.request.user,
+            api_token=(self.request.auth if isinstance(self.request.auth, TeamAPIToken) else None),
+            data=self.request.data
+        )
+
+    def perform_create(self, serializer):
+        serializer.save(event=self.request.event)
+        serializer.instance.log_action(
+            'pretix.event.taxrule.added',
+            user=self.request.user,
+            api_token=(self.request.auth if isinstance(self.request.auth, TeamAPIToken) else None),
+            data=self.request.data
+        )
+
+    def perform_destroy(self, instance):
+        if not instance.allow_delete():
+            raise PermissionDenied('This tax rule can not be deleted as it is currently in use.')
+
+        instance.log_action(
+            'pretix.event.taxrule.deleted',
+            user=self.request.user,
+            api_token=(self.request.auth if isinstance(self.request.auth, TeamAPIToken) else None),
+        )
+        super().perform_destroy(instance)
--- a/src/pretix/base/models/tax.py
+++ b/src/pretix/base/models/tax.py
@@ -81,6 +81,16 @@ class TaxRule(LoggedModel):
                    'if configured above.'),
    )

+    def allow_delete(self):
+        from pretix.base.models.orders import OrderFee, OrderPosition
+
+        return (
+            not OrderFee.objects.filter(tax_rule=self, order__event=self.event).exists()
+            and not OrderPosition.objects.filter(tax_rule=self, order__event=self.event).exists()
+            and not self.event.items.filter(tax_rule=self).exists()
+            and self.event.settings.tax_rate_default != self
+        )
+
    @classmethod
    def zero(cls):
        return cls(
--- a/src/pretix/control/views/event.py
+++ b/src/pretix/control/views/event.py
@@ -26,10 +26,9 @@ from pytz import timezone

 from pretix.base.models import (
    CachedCombinedTicket, CachedTicket, Event, Item, ItemVariation, LogEntry,
-    Order, OrderPosition, RequiredAction, TaxRule, Voucher,
+    Order, RequiredAction, TaxRule, Voucher,
 )
 from pretix.base.models.event import EventMetaValue
-from pretix.base.models.orders import OrderFee
 from pretix.base.services import tickets
 from pretix.base.services.invoices import build_preview_invoice_pdf
 from pretix.base.signals import event_live_issues, register_ticket_outputs
@@ -972,7 +971,7 @@ class TaxDelete(EventSettingsViewMixin, EventPermissionRequiredMixin, DeleteView
    def delete(self, request, *args, **kwargs):
        self.object = self.get_object()
        success_url = self.get_success_url()
-        if self.is_allowed():
+        if self.object.allow_delete():
            self.object.log_action(action='pretix.event.taxrule.deleted', user=request.user)
            self.object.delete()
            messages.success(self.request, _('The selected tax rule has been deleted.'))
@@ -986,16 +985,7 @@ class TaxDelete(EventSettingsViewMixin, EventPermissionRequiredMixin, DeleteView
            'event': self.request.event.slug,
        })

-    def is_allowed(self) -> bool:
-        o = self.object
-        return (
-            not OrderFee.objects.filter(tax_rule=o, order__event=self.request.event).exists()
-            and not OrderPosition.objects.filter(tax_rule=o, order__event=self.request.event).exists()
-            and not self.request.event.items.filter(tax_rule=o).exists()
-            and self.request.event.settings.tax_rate_default != o
-        )
-
    def get_context_data(self, *args, **kwargs) -> dict:
        context = super().get_context_data(*args, **kwargs)
-        context['possible'] = self.is_allowed()
+        context['possible'] = self.object.allow_delete()
        return context