mirror of
https://github.com/pretix/pretix.git
synced 2026-05-06 15:24:02 +00:00
API: add organizer-level orderpositions endpoint (#5848)
* initial implementation * handle permissions * split out organizer list endpoint * remove left over empty lines * revert import changes * tidying up * revert no longer needed test changes * revert no longer needed test changes * Apply suggestions from code review Co-authored-by: Richard Schreiber <schreiber@pretix.eu> * add event to api response * prefetch * handle auth * document event * bump querycounts for prefetches * Use existing Permission Denied Error Message --------- Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
This commit is contained in:
Lukas Bockstaller
committed by
GitHub
GitHub
parent
87b3e0c417
commit
c07ba31307
@@ -34,7 +34,7 @@ from stripe import error
|
||||
from tests.plugins.stripe.test_checkout import apple_domain_create
|
||||
from tests.plugins.stripe.test_provider import MockedCharge
|
||||
|
||||
from pretix.base.models import InvoiceAddress, Order, OrderPosition
|
||||
from pretix.base.models import InvoiceAddress, Order, OrderPosition, Team
|
||||
from pretix.base.models.orders import OrderFee, OrderPayment, OrderRefund
|
||||
|
||||
|
||||
@@ -180,6 +180,41 @@ def order2(event2, item2):
|
||||
return o
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
@scopes_disabled()
|
||||
def team2(organizer, event2):
|
||||
team2 = Team.objects.create(
|
||||
organizer=organizer,
|
||||
name="Test-Team 2",
|
||||
can_change_teams=True,
|
||||
can_manage_gift_cards=True,
|
||||
can_change_items=True,
|
||||
can_create_events=True,
|
||||
can_change_event_settings=True,
|
||||
can_change_vouchers=True,
|
||||
can_view_vouchers=True,
|
||||
can_change_orders=True,
|
||||
can_manage_customers=True,
|
||||
can_manage_reusable_media=True,
|
||||
can_change_organizer_settings=True,
|
||||
|
||||
)
|
||||
team2.limit_events.add(event2)
|
||||
team2.save()
|
||||
return team2
|
||||
|
||||
|
||||
@pytest.fixture
|
||||
@scopes_disabled()
|
||||
def limited_token_client(client, team2):
|
||||
team2.can_view_orders = True
|
||||
team2.can_view_vouchers = True
|
||||
team2.save()
|
||||
t = team2.tokens.create(name='Foo')
|
||||
client.credentials(HTTP_AUTHORIZATION='Token ' + t.token)
|
||||
return client
|
||||
|
||||
|
||||
TEST_ORDERPOSITION_RES = {
|
||||
"id": 1,
|
||||
"order": "FOO",
|
||||
@@ -987,8 +1022,64 @@ def test_refund_cancel(token_client, organizer, event, order):
|
||||
assert resp.status_code == 400
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
"endpoint_template, response_code",
|
||||
[('/api/v1/organizers/{}/events/{}/orderpositions/', 403), ('/api/v1/organizers/{}/orderpositions/', 200)]
|
||||
)
|
||||
@pytest.mark.django_db
|
||||
def test_orderposition_list(token_client, organizer, device, event, order, item, subevent, subevent2, question, django_assert_num_queries):
|
||||
def test_orderposition_list_limited_read(
|
||||
endpoint_template, response_code, limited_token_client, organizer, device, event, order, item, subevent, subevent2, question
|
||||
):
|
||||
endpoint = endpoint_template.format(organizer.slug, event.slug)
|
||||
|
||||
i2 = copy.copy(item)
|
||||
i2.pk = None
|
||||
i2.save()
|
||||
with scopes_disabled():
|
||||
var = item.variations.create(value="Children")
|
||||
res = copy.copy(TEST_ORDERPOSITION_RES)
|
||||
op = order.positions.first()
|
||||
op.variation = var
|
||||
op.save()
|
||||
res["id"] = op.pk
|
||||
res["item"] = item.pk
|
||||
res["variation"] = var.pk
|
||||
res["answers"][0]["question"] = question.pk
|
||||
res["print_logs"][0]["id"] = op.print_logs.first().pk
|
||||
res["print_logs"][0]["device_id"] = device.device_id
|
||||
|
||||
resp = limited_token_client.get(endpoint)
|
||||
assert resp.status_code == response_code
|
||||
if response_code == 200:
|
||||
assert resp.json() == {'count': 0, 'next': None, 'previous': None, 'results': []}
|
||||
else:
|
||||
assert resp.json() == {'detail': 'You do not have permission to perform this action.'}
|
||||
|
||||
|
||||
@pytest.mark.parametrize(
|
||||
("endpoint_template", "endpoint_type"),
|
||||
[
|
||||
('/api/v1/organizers/{}/events/{}/orderpositions/', "event"),
|
||||
('/api/v1/organizers/{}/orderpositions/', "organizer")
|
||||
],
|
||||
)
|
||||
@pytest.mark.django_db
|
||||
def test_orderposition_list(
|
||||
endpoint_template,
|
||||
endpoint_type,
|
||||
token_client,
|
||||
organizer,
|
||||
device,
|
||||
event,
|
||||
order,
|
||||
item,
|
||||
subevent,
|
||||
subevent2,
|
||||
question,
|
||||
django_assert_num_queries
|
||||
):
|
||||
endpoint = endpoint_template.format(organizer.slug, event.slug)
|
||||
|
||||
i2 = copy.copy(item)
|
||||
i2.pk = None
|
||||
i2.save()
|
||||
@@ -1005,88 +1096,64 @@ def test_orderposition_list(token_client, organizer, device, event, order, item,
|
||||
res["answers"][0]["question"] = question.pk
|
||||
res["print_logs"][0]["id"] = op.print_logs.first().pk
|
||||
res["print_logs"][0]["device_id"] = device.device_id
|
||||
if endpoint_type == "organizer":
|
||||
res["event"] = event.slug
|
||||
|
||||
resp = token_client.get('/api/v1/organizers/{}/events/{}/orderpositions/'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint)
|
||||
assert resp.status_code == 200
|
||||
assert [res] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?order__status=n'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?order__status=n')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?order__status=p'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?order__status=p')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?item={}'.format(organizer.slug, event.slug, item.pk))
|
||||
resp = token_client.get(endpoint + '?item={}'.format(item.pk))
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?item__in={},{}'.format(
|
||||
organizer.slug, event.slug, item.pk, i2.pk
|
||||
))
|
||||
resp = token_client.get(endpoint + '?item__in={},{}'.format(item.pk, i2.pk))
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?item={}'.format(organizer.slug, event.slug, i2.pk))
|
||||
resp = token_client.get(endpoint + '?item={}'.format(i2.pk))
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?variation={}'.format(organizer.slug, event.slug, var.pk))
|
||||
resp = token_client.get(endpoint + '?variation={}'.format(var.pk))
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?variation={}'.format(organizer.slug, event.slug, var2.pk))
|
||||
resp = token_client.get(endpoint + '?variation={}'.format(var2.pk))
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?attendee_name=Peter'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?attendee_name=Peter')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?attendee_name=peter'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?attendee_name=peter')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?attendee_name=Mark'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?attendee_name=Mark')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?secret=z3fsn8jyufm5kpk768q69gkbyr5f4h6w'.format(
|
||||
organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?secret=z3fsn8jyufm5kpk768q69gkbyr5f4h6w')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?secret=abc123'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?secret=abc123')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?pseudonymization_id=ABCDEFGHKL'.format(
|
||||
organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?pseudonymization_id=ABCDEFGHKL')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?pseudonymization_id=FOO'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?pseudonymization_id=FOO')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?search=FO'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?search=FO')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?search=z3fsn8j'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?search=z3fsn8j')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?search=Peter'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?search=Peter')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?search=5f4h6w'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?search=5f4h6w')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?order=FOO'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?order=FOO')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?order=BAR'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?order=BAR')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?has_checkin=false'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?has_checkin=false')
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?has_checkin=true'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?has_checkin=true')
|
||||
assert [] == resp.data['results']
|
||||
|
||||
with scopes_disabled():
|
||||
@@ -1103,33 +1170,28 @@ def test_orderposition_list(token_client, organizer, device, event, order, item,
|
||||
'gate': None,
|
||||
'type': 'entry'
|
||||
}]
|
||||
with django_assert_num_queries(16):
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?has_checkin=true'.format(organizer.slug, event.slug)
|
||||
)
|
||||
if '/events/' in endpoint:
|
||||
with django_assert_num_queries(18):
|
||||
resp = token_client.get(endpoint + '?has_checkin=true')
|
||||
else:
|
||||
with django_assert_num_queries(17):
|
||||
resp = token_client.get(endpoint + '?has_checkin=true')
|
||||
assert [res] == resp.data['results']
|
||||
|
||||
op.subevent = subevent
|
||||
op.save()
|
||||
res['subevent'] = subevent.pk
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?subevent={}'.format(organizer.slug, event.slug, subevent.pk))
|
||||
resp = token_client.get(endpoint + '?subevent={}'.format(subevent.pk))
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?subevent__in={},{}'.format(organizer.slug, event.slug,
|
||||
subevent.pk, subevent2.pk))
|
||||
resp = token_client.get(endpoint + '?subevent__in={},{}'.format(subevent.pk, subevent2.pk))
|
||||
assert [res] == resp.data['results']
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?subevent={}'.format(organizer.slug, event.slug,
|
||||
subevent.pk + 1))
|
||||
resp = token_client.get(endpoint + '?subevent={}'.format(subevent.pk + 1))
|
||||
assert [] == resp.data['results']
|
||||
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?include_canceled_positions=false'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?include_canceled_positions=false')
|
||||
assert len(resp.data['results']) == 1
|
||||
resp = token_client.get(
|
||||
'/api/v1/organizers/{}/events/{}/orderpositions/?include_canceled_positions=true'.format(organizer.slug, event.slug))
|
||||
resp = token_client.get(endpoint + '?include_canceled_positions=true')
|
||||
assert len(resp.data['results']) == 2
|
||||
|
||||
|
||||
|
||||
Reference in New Issue
Block a user