API: Add write operations to taxrules resource

2026-05-03 14:54:04 +00:00 · 2017-10-11 00:09:53 +02:00
parent e06be9ee25
commit a0e7bd3996
7 changed files with 239 additions and 18 deletions
--- a/src/pretix/api/views/event.py
+++ b/src/pretix/api/views/event.py
@@ -1,11 +1,13 @@
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from rest_framework import filters, viewsets
+from rest_framework.exceptions import PermissionDenied

 from pretix.api.serializers.event import (
    EventSerializer, SubEventSerializer, TaxRuleSerializer,
 )
 from pretix.base.models import Event, ItemCategory, TaxRule
 from pretix.base.models.event import SubEvent
+from pretix.base.models.organizer import TeamAPIToken


 class EventViewSet(viewsets.ReadOnlyModelViewSet):
@@ -36,10 +38,39 @@ class SubEventViewSet(viewsets.ReadOnlyModelViewSet):
        )


-class TaxRuleViewSet(viewsets.ReadOnlyModelViewSet):
+class TaxRuleViewSet(viewsets.ModelViewSet):
    serializer_class = TaxRuleSerializer
    queryset = TaxRule.objects.none()
    write_permission = 'can_change_event_settings'

    def get_queryset(self):
        return self.request.event.tax_rules.all()
+
+    def perform_update(self, serializer):
+        super().perform_update(serializer)
+        serializer.instance.log_action(
+            'pretix.event.taxrule.changed',
+            user=self.request.user,
+            api_token=(self.request.auth if isinstance(self.request.auth, TeamAPIToken) else None),
+            data=self.request.data
+        )
+
+    def perform_create(self, serializer):
+        serializer.save(event=self.request.event)
+        serializer.instance.log_action(
+            'pretix.event.taxrule.added',
+            user=self.request.user,
+            api_token=(self.request.auth if isinstance(self.request.auth, TeamAPIToken) else None),
+            data=self.request.data
+        )
+
+    def perform_destroy(self, instance):
+        if not instance.allow_delete():
+            raise PermissionDenied('This tax rule can not be deleted as it is currently in use.')
+
+        instance.log_action(
+            'pretix.event.taxrule.deleted',
+            user=self.request.user,
+            api_token=(self.request.auth if isinstance(self.request.auth, TeamAPIToken) else None),
+        )
+        super().perform_destroy(instance)