* setup vite and integrate fully with django
- vite starts with `python manage.py runserver`
- add templatetags to simply load vite hmr and entry points
- add eslint (recheck rules)
- enable non-strict ts
* better syntax for cors header setting
* migrate checkin rules editor to vue3
- move constants to a module
- move reading from and writing to non-vue html to django interop module
- switch to composition api and script setup sfc with pug
- use optional chaining operators a lot to simplify code
* migrate webcheckin plugin to vite+vue3
- migrate vue sfcs to script setup and pug
- move fetch calls into a api.ts module
- move common formatting and i18n strings into module
* fix migration error
* first draft migrating widget to vue3/vite
* first couple widget e2e tests
courtesy of claude
most of the tests don't work yet
* test file is not actually used
* drop widget_ prefix from e2e test fixtures
* add test for complete widget journey for simple event
* switch timezone in e2e tests to Europe/Berlin
* make dates in e2e tests relative
* migrate widget bugfix #5886
* start testing event series widget
* working vite widget setup for prod (untested), local dev (with or without dev server) and pytests, with flags for running the old version or the vite version
* simplify e2e test iframe check
* less flaky e2e tests
* top level await in iife build mode is not supported, so let's do import.meta.glob instead (we just need the build step not to see await, the code doesn't actually ever get loaded because it's DEV only)
* fix inconsistencies from automatic migration
* Allow gradual rollout of new vite-based widget by adding urls to an allowlist that gets checked against the "Origin" http header of request fetching the widget js
* add e2e tests for widget button, testing empty cart, adding specific items, and subevents
* remove janky claude testts again
* resolve migration TODOs: properly refocus parent on navigations
* use `npm run dev:control` for the vite dev server for admin components
* upgrade npm dependencies
* fix js linter errors
* fix python linter errors
* build all control vue components
* add new js config files to check-manifest ignore
* working prod build
acutal serving of built assets not tested yet
* fix templatetag paths to match what's in the vite mantifest
* add missing quotes around 'unsafe-eval' cors value
* remove now unused old vue2 tooling
* try fixing e2e test ci
* fix flake8 error
* check if vite build artefacts are in the wheel
* add license headers
* remove dom manipilation code necessary for `div.pretix-widget-compat` to work. No longer needed for vue3
* remove superfluous `createElement` calls
They might have been there because of IE, which is no longer relevant
* make widget dev mode parametizable through query params and document the usage and those params
* fix rst syntax
* remove migration todos file
Co-authored-by: luelista <mira@teamwiki.de>
* rearrange dockerfile commands for smaller image, thanks @luelista
* Update .gitignore, adding .vite
Co-authored-by: luelista <mira@teamwiki.de>
* add eslint CI
* make vue dev work in plugins
* fix docker build
* rebuild vite setup to support static prod plugins and dynamic hmr plugin development
* use toml for vite plugin config instead of standalone json file
* Add widget changes from #6047, #6149
* Allow buttons to reuse cart (Z#23226853)
* Always keep cart of buttons with items set
* widget: handle cart if not same-site (#6149)
---------
Co-authored-by: luelista <mira@teamwiki.de>
Co-authored-by: Kara Engelhardt <engelhardt@pretix.eu>
* Subevents: Allow to skip conflicting dates in bulk-creation
* Update src/pretix/control/templates/pretixcontrol/subevents/bulk.html
* Fix overlap calc for consecutive subevents
* Add test for skipping conflicting dates in bulk-creation
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
Co-authored-by: Richard Schreiber <schreiber@rami.io>
Co-authored-by: Kara Engelhardt <engelhardt@pretix.eu>
* Data model draft
* Refactor query and assignment usages of old permissions
* Backend UI
* API serializer
* Big string replace
* Docs, tests and fixes for teams api
* Update docs for device auth
* Eliminate old names
* Make tests pass
* Use new permissions, remove inconsistencies
* Add test for translations
* Show plugin permissions
* Add permission for seating plans
* Fix plugin activation
* Fix failing test
* Refactor to permission groups
* Update doc/api/resources/devices.rst
Co-authored-by: luelista <weller@rami.io>
* Update doc/api/resources/events.rst
Co-authored-by: luelista <weller@rami.io>
* Update src/pretix/api/serializers/organizer.py
Co-authored-by: luelista <weller@rami.io>
* Fix typo
* Fix python version compat
* Replacement after rebase
* Add proper permission handling for exports
* Docs for exporters
* Runtime linting of permission names
* Fix typos
* Show export page even without orders permission
* More legacy compat
* Do not strongly validate before plugins are loaded
* Rebase migration
* Add permission for outgoing mails
* Review notes
* Update doc/api/resources/teams.rst
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Clean up logic around exporters
* Review and failures
* Fix migration leading to forbidden combination
* Handle permissions on event copying
* Remove print-statements
* Make test clearer
* Review feedback
* Add AnyPermissionOf
* migration safety
---------
Co-authored-by: luelista <weller@rami.io>
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* add edit view for waitinglist entry
* add test and fix behaviour when name isn't asked for
* fix linting
* add testcases for new edit view
* fix test
* fix linting
* add search to the waitinglist view
* repair settings check
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* make name and phone field optional by removing them
* remove item and variation fields from form
rather set those values during clean
* change label from "Item and Variation" to "Product"
* include only products with an enabled waitinglist in the product field
* combine edit.html and transfer.html
* change transfer to edit
* add tests
* code style
* Update src/pretix/control/forms/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/forms/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/urls.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/waitinglist/edit.html
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/templates/pretixcontrol/waitinglist/index.html
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Update src/pretix/control/views/waitinglist.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* remove validations
* remove validations
* replace widget
* implement small review items
* add better assertions
* add test for the different edit form variations
* add queryset to prefetch only active ItemVariations
* add queryset to prefetch only active ItemVariations
* propper use of WrappedPhoneNumberPrefixWidget
* cleanup
* add validation tests
* small review changes
* handle products with only inactive variations
* styling
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Tax rounding: Allow to apply only for B2B (Z#23220106)
Most effective in combination with #5807
* Update src/pretix/base/settings.py
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* Invoices: Allow issuing invoices only to businesses
In situations where every invoice has a significant accounting cost and
consumers usually do not need invoices, this can save a lot of money or
effort.
* Improve backend UI if not qualified for invoice
* Add option to restrict anonymous access to order URLs
By default, users who place orders while logged in can still access
their order URLs without authentication. This raises potential
security risks, particularly if order confirmation emails are
forwarded.
This commit introduces an organiser-level setting to disable anonymous
access for such orders. When enabled, unauthenticated attempts to access
URLs starting with `/order/`, which are intended for the customer, are
redirected to the login page. Upon successful authentication, the user
is redirected back to the original order URL.
It is important to note that this change does not impact routes intended
for attendees (e.g., `/ticket/*`), which remain accessible without
authentication.
* Change name of setting for future clarity
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
* Update message wording
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
* Eliminate database query
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
* Rename feature flag to fix breaking tests
* Refactor order access verification code into `OrderDetailsMixin`
* Add test for logged-in customer accessing another customer's order
* Refactor order access conditions to remove nesting
* Handle case where customer is not yet verified
* Add additional information to help message
* Fix multidomain issue
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
* Merge order/position variants into single tests
* Add docstring explaining return type of `order` property
* Apply suggestion from @raphaelm
* Fix indentation
---------
Co-authored-by: Raphael Michel <mail@raphaelmichel.de>
Co-authored-by: Raphael Michel <michel@rami.io>
* replace manual form with QuestionFilterForm
* move form to form/item.py
* filter using a dateFrameField
* rename QuestionFilterForm to QuestionAnswerFilterForm
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* pass existing `opqs` into `filter_qs`
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* clean up filters
* fix view errors
* add labels
* display validation failures on field/label
* fix linting issues
* adjust datetime comparisons from lte to lt & gte to gt
* Change filter-form layout similar to order-filter-form
* improve label texts
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* use order constants
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* use Order Constants in Form where possible
* Change phrasing from Subevent to Date
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* include product variations in products filter
* repair time zone comparisons
* fix linting
* move filter form to form/filter.py
* remove references to timezone.utc
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* remove manual class statements
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* removes unnecessary check
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
* fix datetime comparison
* Add full stop to error message to match style
* unify var-names and code-indent
---------
Co-authored-by: Richard Schreiber <schreiber@pretix.eu>
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Add program times for items
* Fix frontend date validation
* Add ical data for program times [wip]
* Improve ical data for program times
* Remove duplicate code and add comments
* Adjust migration
* Remove program times form for event series
* Add pdf placeholder [wip]
* Improve explanation text with suggestion
Co-authored-by: Raphael Michel <michel@pretix.eu>
* Fix import sorting
* Improve ical generation
* Improve ical entry description
* Fix migration
* Add copyability for program times fot items and events
* Update migration
* Add API endpoints/functions, fix isort
* Improve variable name
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Remove todo comment
* Add documentation, Change endpoint name
* Change related name
* Remove unnecessary code block
* Add program times to item API
* Fix imports
* Add log text
* Use daterange helper
* Add and update API tests
* Add another API test
* Add program times to cloning tests
* Update query count because of program times query
* Invalidate cached tickets on program time changes
* Reduce invalidation calls
* Update migration after rebase
* Apply improvements to invalidation from review
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* remove unneccessary attr=item param
* remove unnecessary kwargs for formset_factory
* fix local var name being overwritten in for-loop
* fix empty formset being saved
* Use subevent if available
* make code less verbose
* remove double event-label in ical desc
* fix unnecessary var re-assign
* fix ev vs p.subevent
---------
Co-authored-by: Raphael Michel <michel@pretix.eu>
Co-authored-by: Richard Schreiber <schreiber@rami.io>
* Allow to round taxes on order-level
* Rename get_cart_total
* Persist rounding mode with order
* Add general docs
* Order creation API
* Update fee algorithm
* Rounding on payment method change
* Round when splitting order
* Fix failing tests
* Add settings page
* Add tests
* Replace algorithm
* Add test case for currency rounding
* Improve order change
* Update flowchart
* Update discount logic (more hypothetical, we don't store rounding on cart positions atm)
* Rename internal method
* Fix typo
* Update help text
* Apply suggestions from code review
Co-authored-by: luelista <weller@rami.io>
* Order rounding refactor (#5571)
* Add RoundingCorrectionMixin providing before-rounding-values as properties
* Use gross_price_before_rounding in more places
* Update doc/development/algorithms/pricing.rst
Co-authored-by: Martin Gross <gross@rami.io>
* Allow to override on perform_order
* Rebase migration
* Fix event cancellation
---------
Co-authored-by: luelista <weller@rami.io>
Co-authored-by: Martin Gross <gross@rami.io>
* Event cancellation: Add safety and security checks
When cancelling an event, a large sum of money might be refunded
instantly. This PR adds safety features around this by
- doing a dry-run first that shows a preview of the expected refund sum
- sending a confirmation mode via email for any automatic refunds of more than 100 currency units
- keeping a more detailed log of the settings this was executed with
* Update src/pretix/control/views/orders.py
Co-authored-by: luelista <weller@rami.io>
---------
Co-authored-by: luelista <weller@rami.io>
* Flexible invoice transmission
* UI work
* Add peppol and output
* API support
* Profile integration
* Simplify form for individuals
* Remove sent_to_customer usage
* more steps
* Revert "Bank transfer: Allow to send the invoice direclty to the accounting department (#2975)"
This reverts commit cea6c340be.
* minor fixes
* Fixes after rebase
* update stati
* Backend view
* Transmit and show status
* status, retransmission
* API retransmission
* More fields
* API docs
* Plugin docs
* Update migration
* Add missing license headers
* Remove dead code, fix current tests
* Run isort
* Update regex
* Rebase migration
* Fix migration
* Add tests, fix bugs
* Rebase migration
* Apply suggestion from @luelista
Co-authored-by: luelista <weller@rami.io>
* Apply suggestion from @luelista
Co-authored-by: luelista <weller@rami.io>
* Apply suggestion from @luelista
Co-authored-by: luelista <weller@rami.io>
* Apply suggestion from @luelista
Co-authored-by: luelista <weller@rami.io>
* Apply suggestion from @luelista
Co-authored-by: luelista <weller@rami.io>
* Make migration reversible
* Add TransmissionType.enforce_transmission
* Fix registries API usage after rebase
* Remove code I forgot to delete
* Update transmission status display depending on type
* Add testmode_supported
* Update src/pretix/static/pretixbase/js/addressform.js
Co-authored-by: luelista <weller@rami.io>
* Update src/pretix/static/pretixbase/js/addressform.js
Co-authored-by: luelista <weller@rami.io>
* Update src/pretix/static/pretixbase/js/addressform.js
Co-authored-by: luelista <weller@rami.io>
* New mechanism for non-required invoice forms
* Update src/pretix/base/invoicing/transmission.py
Co-authored-by: luelista <weller@rami.io>
* Declare testmode_supported for email
* Make transmission_email_other an implementation detail
* Fix failing tests and add new ones
* Update src/pretix/base/services/invoices.py
Co-authored-by: luelista <weller@rami.io>
* Add emails to email history
* Fix comma error
* More generic default email text
* Cleanup
* Remove "email invoices" button and refine logic
* Rebase migration
* Fix edge case
---------
Co-authored-by: luelista <weller@rami.io>
* Webhooks: Add vouchers (Z#23203072)
This also requires more consistent usage of webhook types to avoid
vouchers not being known to the external system.
* Update src/pretix/api/webhooks.py
Co-authored-by: luelista <weller@rami.io>
* Fix shredder test
---------
Co-authored-by: luelista <weller@rami.io>
Add a registry for datasync providers and an associated sync queue, to be used by
plugins that transfer data from pretix orders to external systems.
Additionally, provide a generic data mapping interface to be used in settings pages
of such plugins, to let users configure which information from pretix to fill into
which data fields of the external system.
---------
Co-authored-by: Raphael Michel <michel@rami.io>
