mirror of
https://github.com/pretix/pretix.git
synced 2026-05-05 15:14:04 +00:00
* initial commit * API auth * Hierarchical URLs * Add session auth * Strong hierarchy * Add filters * Add i18n fields, questions * More viewsets and serializers * Ticket download * Add OrderPosition serializer * View-level permissions * More tests * More tests * Add basic API docs * Add REST API to docs frontpage * Tests for order endpoints * Add invoice tests * Voucher and waitinglist tests * Doc draft * order docs * Docs on all viewsets * Disable DRF docs, style sphinx, style browsable API * Fix tests * deprecated imports * Test foo * Attendee names * Fix migration problems * Remove browsable API, plugin integration * Doc fixes
This commit is contained in:
Raphael Michel
@@ -169,6 +169,12 @@ def pretixcontrol_logentry_display(sender: Event, logentry: LogEntry, **kwargs):
|
||||
if logentry.action_type == 'pretix.team.invite.deleted':
|
||||
return _('The invite for {user} has been revoked.').format(user=data.get('email'))
|
||||
|
||||
if logentry.action_type == 'pretix.team.token.created':
|
||||
return _('The token "{name}" has been created.').format(name=data.get('name'))
|
||||
|
||||
if logentry.action_type == 'pretix.team.token.deleted':
|
||||
return _('The token "{name}" has been revoked.').format(name=data.get('name'))
|
||||
|
||||
if logentry.action_type == 'pretix.user.settings.changed':
|
||||
text = str(_('Your account settings have been changed.'))
|
||||
if 'email' in data:
|
||||
|
||||
@@ -232,7 +232,7 @@
|
||||
{% if messages %}
|
||||
{% for message in messages %}
|
||||
<div class="alert {{ message.tags }}">
|
||||
{{ message }}
|
||||
{{ message|linebreaksbr }}
|
||||
</div>
|
||||
{% endfor %}
|
||||
{% endif %}
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
{% trans "Edit" %}
|
||||
</a>
|
||||
</h2>
|
||||
<h3>{% trans "Team members" %}</h3>
|
||||
<form action="" method="post">
|
||||
{% csrf_token %}
|
||||
<!-- Trick browsers into taking this as a default -->
|
||||
@@ -18,7 +19,7 @@
|
||||
<thead>
|
||||
<tr>
|
||||
<th>{% trans "Member" %}</th>
|
||||
<th></th>
|
||||
<th width="150"></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
@@ -70,6 +71,47 @@
|
||||
</tfoot>
|
||||
</table>
|
||||
</form>
|
||||
<h3>{% trans "API tokens" %}</h3>
|
||||
<form action="" method="post">
|
||||
{% csrf_token %}
|
||||
<!-- Trick browsers into taking this as a default -->
|
||||
<button type="submit" class="btn btn-primary btn-sm btn-block nearly-gone"></button>
|
||||
<table class="table table-condensed table-hover">
|
||||
<thead>
|
||||
<tr>
|
||||
<th>{% trans "Name" %}</th>
|
||||
<th width="150"></th>
|
||||
</tr>
|
||||
</thead>
|
||||
<tbody>
|
||||
{% for t in team.active_tokens %}
|
||||
<tr>
|
||||
<td>
|
||||
{{ t.name }}
|
||||
</td>
|
||||
<td class="text-right">
|
||||
<button type="submit" name="remove-token" value="{{ t.id }}"
|
||||
class="btn btn-danger btn-sm btn-block">
|
||||
<i class="fa fa-times"></i> {% trans "Remove" %}
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
{% endfor %}
|
||||
</tbody>
|
||||
<tfoot>
|
||||
<tr>
|
||||
<td>
|
||||
{% bootstrap_field add_token_form.name layout='inline' %}<br>
|
||||
</td>
|
||||
<td class="text-right">
|
||||
<button type="submit" class="btn btn-primary btn-sm btn-block">
|
||||
<i class="fa fa-plus"></i> {% trans "Add" %}
|
||||
</button>
|
||||
</td>
|
||||
</tr>
|
||||
</tfoot>
|
||||
</table>
|
||||
</form>
|
||||
<div class="panel panel-default">
|
||||
<div class="panel-heading">
|
||||
<h3 class="panel-title">
|
||||
|
||||
@@ -13,6 +13,7 @@ from django.views.generic import (
|
||||
)
|
||||
|
||||
from pretix.base.models import Organizer, Team, TeamInvite, User
|
||||
from pretix.base.models.organizer import TeamAPIToken
|
||||
from pretix.base.services.mail import SendMailException, mail
|
||||
from pretix.control.forms.organizer import (
|
||||
OrganizerForm, OrganizerSettingsForm, OrganizerUpdateForm, TeamForm,
|
||||
@@ -39,6 +40,10 @@ class InviteForm(forms.Form):
|
||||
user = forms.EmailField(required=False, label=_('User'))
|
||||
|
||||
|
||||
class TokenForm(forms.Form):
|
||||
name = forms.CharField(required=False, label=_('Token name'))
|
||||
|
||||
|
||||
class OrganizerDetailViewMixin:
|
||||
def get_context_data(self, **kwargs):
|
||||
ctx = super().get_context_data(**kwargs)
|
||||
@@ -309,11 +314,18 @@ class TeamMemberView(OrganizerDetailViewMixin, OrganizerPermissionRequiredMixin,
|
||||
|
||||
@cached_property
|
||||
def add_form(self):
|
||||
return InviteForm(data=self.request.POST if self.request.method == "POST" else None)
|
||||
return InviteForm(data=(self.request.POST
|
||||
if self.request.method == "POST" and "user" in self.request.POST else None))
|
||||
|
||||
@cached_property
|
||||
def add_token_form(self):
|
||||
return TokenForm(data=(self.request.POST
|
||||
if self.request.method == "POST" and "name" in self.request.POST else None))
|
||||
|
||||
def get_context_data(self, **kwargs):
|
||||
ctx = super().get_context_data(**kwargs)
|
||||
ctx['add_form'] = self.add_form
|
||||
ctx['add_token_form'] = self.add_token_form
|
||||
return ctx
|
||||
|
||||
def _send_invite(self, instance):
|
||||
@@ -380,7 +392,24 @@ class TeamMemberView(OrganizerDetailViewMixin, OrganizerPermissionRequiredMixin,
|
||||
messages.success(self.request, _('The invite has been revoked.'))
|
||||
return redirect(self.get_success_url())
|
||||
|
||||
elif self.add_form.is_valid() and self.add_form.has_changed():
|
||||
elif 'remove-token' in request.POST:
|
||||
try:
|
||||
token = self.object.tokens.get(pk=request.POST.get('remove-token'))
|
||||
except TeamAPIToken.DoesNotExist:
|
||||
messages.error(self.request, _('Invalid token selected.'))
|
||||
return redirect(self.get_success_url())
|
||||
else:
|
||||
token.active = False
|
||||
token.save()
|
||||
self.object.log_action(
|
||||
'pretix.team.token.deleted', user=self.request.user, data={
|
||||
'name': token.name
|
||||
}
|
||||
)
|
||||
messages.success(self.request, _('The token has been revoked.'))
|
||||
return redirect(self.get_success_url())
|
||||
|
||||
elif "user" in self.request.POST and self.add_form.is_valid() and self.add_form.has_changed():
|
||||
|
||||
try:
|
||||
user = User.objects.get(email=self.add_form.cleaned_data['user'])
|
||||
@@ -414,6 +443,18 @@ class TeamMemberView(OrganizerDetailViewMixin, OrganizerPermissionRequiredMixin,
|
||||
messages.success(self.request, _('The new member has been added to the team.'))
|
||||
return redirect(self.get_success_url())
|
||||
|
||||
elif "name" in self.request.POST and self.add_token_form.is_valid() and self.add_token_form.has_changed():
|
||||
token = self.object.tokens.create(name=self.add_token_form.cleaned_data['name'])
|
||||
self.object.log_action(
|
||||
'pretix.team.token.created', user=self.request.user, data={
|
||||
'name': self.add_token_form.cleaned_data['name'],
|
||||
'id': token.pk
|
||||
}
|
||||
)
|
||||
messages.success(self.request, _('A new API token has been created with the following secret: {}\n'
|
||||
'Please copy this secret to a safe place. You will not be able to '
|
||||
'view it again here.').format(token.token))
|
||||
return redirect(self.get_success_url())
|
||||
else:
|
||||
messages.error(self.request, _('Your changes could not be saved.'))
|
||||
return self.get(request, *args, **kwargs)
|
||||
|
||||
Reference in New Issue
Block a user