* change linked orderpositions to many-to-many
* Update media views to list ops
* return last op as fallback for linked_orderposition
* add multi-op to export
* update media-API
* fix media-view filter
* update control media forms
* fix API orders
* fix API orders matching media
* remove cached_property linked_orderposition - keep only in API
* fix media-issue signal
* adapt checkin API for multiple orderpositions
* remove unneeded comment
* fix create/update logging
* fix tests
* fix more tests
* fix code style
* add label to reusablemedium
* fix migration NOT NULL
* fix tests
* update docs
* clarify docs updating multiple linked_orderpositions
* clarify docs
* no need to prefetch linked_orderpositions
* improve readability
* select_related order instead prefetch
* add filter based on op.valid_from/until
* rename secret to claim_token
* Update docs for claim_token
* unifiy deprecated style
* Update reusablemedia.rst
* Update reusablemedia.rst
* Update reusablemedia.rst
* fix missing claim_token in serializer
* fix flake8
* add add_to_reusable_medium to order-serializer
* fix tests regarding claim_token
* fix flake8
* Clarify docs
* list ops comma-separated in export
* Add test for order-API add_to_reusable_medium
* fix linked_orderpositions filter in checkinrpc
* add test
* Add help-text
* fix multi-op media filter
* fix flake8
* improve check
* Fix sorting of reusable media type in overview
* Add copy and qr button to reusable medium detail view
* Rebase against origin/master
* Add logentrytype reusable_medium.linked_orderposition.removed
* add missing label_from_instance for SafeOrderPositionMultipleChoiceField
* add tests for create with linked_orderposition
* API add test for fallback-values in medium patch
* fix flake8
* Fix indentation
* fix migrations numbering
* fix test
* unify qutation marks
* fix flake8
* micro-improve linked_op-removal-logging
* simplify filter instead of annotate/get
* Do not translate API-errors
Co-authored-by: Raphael Michel <michel@pretix.eu>
* Fix typos in doc
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
* Update versionchanged in docs
Co-authored-by: Raphael Michel <michel@pretix.eu>
* Change log to always added not changed
* Add test for checkinrpc for ops out of timerang or canceled
* improve tests mixing ops from different organizers
* Fix logging of changed order_positions
* properly log added/removed when using UI
* refactor logging code
* unify logging adding/removing ops via API
* fix flake8
* remove unnecessary prefetch as already prefetched
* optimize fetching ops
* combine addon match and time-based validity match
* fix combined valid and product check
* re-number migrations
* Apply suggestion from @raphaelm
Co-authored-by: Raphael Michel <michel@pretix.eu>
* fix flake8
* New attempt at logic
* Improve op_candidate-selection for error message if no op matches check-in
* Fix typo
* fix valid_from start time being included
* use the datetime parameter for the comparison time so that the simulator works too
---------
Co-authored-by: Maximilian Richt <richt@pretix.eu>
Co-authored-by: Martin Gross <gross@rami.io>
Co-authored-by: Raphael Michel <michel@pretix.eu>
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
* Add optional filters for organizer and event-permission on event-typeahead
* include _none option only if no search query given
Co-authored-by: luelista <weller@rami.io>
* allow _none in Select2, add ModelChoiceFieldWithNone
* fix flake8
---------
Co-authored-by: luelista <weller@rami.io>
* Subevents: Allow to skip conflicting dates in bulk-creation
* Update src/pretix/control/templates/pretixcontrol/subevents/bulk.html
* Fix overlap calc for consecutive subevents
* Add test for skipping conflicting dates in bulk-creation
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
Co-authored-by: Richard Schreiber <schreiber@rami.io>
Co-authored-by: Kara Engelhardt <engelhardt@pretix.eu>
* Display invoice and tickets inline in browser (Z#23225892)
* Use FileResponse filename for AnswerDownload
* Use inline for PDF-view in pretix-control editor
* use as_attachment for API FileResponses
* do not ignore csp even for disposition=inline
* use as_attachment for file responses in control
* remove unused code
* improve code style
* Invoice preview inline
* do not force download on tickets in backend
* do not force download on AnswerDownload
* imrpove code style
* improve code style
* fix missing int str conversion
* Apply suggestions from code review
Co-authored-by: luelista <mira@teamwiki.de>
---------
Co-authored-by: luelista <mira@teamwiki.de>
* Data model draft
* Refactor query and assignment usages of old permissions
* Backend UI
* API serializer
* Big string replace
* Docs, tests and fixes for teams api
* Update docs for device auth
* Eliminate old names
* Make tests pass
* Use new permissions, remove inconsistencies
* Add test for translations
* Show plugin permissions
* Add permission for seating plans
* Fix plugin activation
* Fix failing test
* Refactor to permission groups
* Update doc/api/resources/devices.rst
Co-authored-by: luelista <weller@rami.io>
* Update doc/api/resources/events.rst
Co-authored-by: luelista <weller@rami.io>
* Update src/pretix/api/serializers/organizer.py
Co-authored-by: luelista <weller@rami.io>
* Fix typo
* Fix python version compat
* Replacement after rebase
* Add proper permission handling for exports
* Docs for exporters
* Runtime linting of permission names
* Fix typos
* Show export page even without orders permission
* More legacy compat
* Do not strongly validate before plugins are loaded
* Rebase migration
* Add permission for outgoing mails
* Review notes
* Update doc/api/resources/teams.rst
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Clean up logic around exporters
* Review and failures
* Fix migration leading to forbidden combination
* Handle permissions on event copying
* Remove print-statements
* Make test clearer
* Review feedback
* Add AnyPermissionOf
* migration safety
---------
Co-authored-by: luelista <weller@rami.io>
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* add edit view for waitinglist entry
* add test and fix behaviour when name isn't asked for
* fix linting
* add testcases for new edit view
* fix test
* fix linting
* add search to the waitinglist view
* repair settings check
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* make name and phone field optional by removing them
* remove item and variation fields from form
rather set those values during clean
* change label from "Item and Variation" to "Product"
* include only products with an enabled waitinglist in the product field
* combine edit.html and transfer.html
* change transfer to edit
* add tests
* code style
* Update src/pretix/control/forms/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/forms/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/urls.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/waitinglist/edit.html
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/waitinglist/index.html
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* remove validations
* remove validations
* replace widget
* implement small review items
* add better assertions
* add test for the different edit form variations
* add queryset to prefetch only active ItemVariations
* add queryset to prefetch only active ItemVariations
* propper use of WrappedPhoneNumberPrefixWidget
* cleanup
* add validation tests
* small review changes
* handle products with only inactive variations
* styling
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* reduce default RecentAuthenticationRequiredMixin timeout to 15 min
* never cache pages with RecentAuthenticationRequiredMixin
* show emergency codes only once after generating
* Send security notification when recovery code is used or created by admin
"Where to store recovery codes" is one of these problems there is no
right answer to, so many people store them in a less-than-optimal place.
If that's the reality we live in, this PR adds at least a little
security so one notices when they get used :)
* Add sentence
* Invoices: Allow issuing invoices only to businesses
In situations where every invoice has a significant accounting cost and
consumers usually do not need invoices, this can save a lot of money or
effort.
* Improve backend UI if not qualified for invoice
This error message mostly occurs when working in admin mode and this
change allows our support team to still see what the form looks like to
guide users through, even if they can't save.
* Add more log entry types to the org-level logs page
all_logentries() limits the QuerySet to LogEntrys whose content object
is an Organizer.
This change expands that to get any LogEntry linked to the current
Organization. It removes those that are linked directly to an Event,
since they are already served by the event-level logs page.
* Check active plugins with either Event or Organizer
