CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-06 15:24:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,657 Commits 310 Branches 192 Tags
b658c73c19bf7ec616faa32261b524d3b785ef23
Commit Graph

942 Commits

Author SHA1 Message Date
Raphael Michel
cc0083c6e5 Allow to search by voucher in check-in list 2018-08-31 12:50:50 +02:00
Lukas Bockstaller
a643abe293 Prevent email enumeration (#1000) 
Here is my attempt to prevent user enumeration. 
I've made the following changes:

**Application:**
- replaces success and failure messages in the form with two (with/without redis) information messages 
- adds logging for attempted password resets of unknown users
- adds logging for failing emails

**Tests:**
- test_unknown asserts a redirect instead of a ok
- adds test_email_reset_twice_redis to assert the correct logging of a twice reset email 
- adds a FakeRedis class similiar to the one implemented in test_metrics.py. I could refactor them into the testutils folder if prefered. 

Please excuse the commit mess. I am currently fighting with my tooling.
 2018-08-31 10:28:39 +02:00
Felix Rindt
8183648902 Rename module async to tasks (#994) 
Fixes #993
 2018-08-21 10:53:40 +02:00
Raphael Michel
625ef3da8a Round decimal on dashboard 2018-08-19 15:09:59 +02:00
Raphael Michel
10c7d9a6e1 Statistics: Prevent issues with async script loading 2018-08-17 11:12:19 +02:00
Raphael Michel
4db4790270 Custom HTML email renderers and new email style (#991) 
* Custom HTML email renderers

* Move inline_css call

* Small fixes

* New HTML mail style for pretix

* Thumbs

* Inlinestyle for notifications

* Documentation

* Set line-height
 2018-08-16 12:01:23 +02:00
Raphael Michel
248b94c296 Approvals 2018-08-14 10:46:55 +02:00
Raphael Michel
f52447ff58 Model field 2018-08-14 10:46:32 +02:00
Raphael Michel
693965af28 Add signal html_page_start 2018-08-11 12:52:46 +02:00
Raphael Michel
3d5cc98df5 Add option to require company name 2018-08-10 16:05:20 +02:00
Raphael Michel
13f3b54393 Refactor order overview and hide empty fees section 2018-08-09 18:04:58 +02:00
Raphael Michel
bd48112bf9 Refs #710 -- Remove monkeypatch for django-hijack 2018-08-08 09:24:52 +02:00
Raphael Michel
c702814203 Do not use deepcopy on models 2018-08-07 15:45:22 +02:00
Raphael Michel
0c0172a0b6 Fix inconsistent checks in order offsetting 2018-08-07 15:45:22 +02:00
Raphael Michel
1ad11b0c58 Global Banner message: Only show Read more if appropriate 2018-08-07 12:39:14 +02:00
Raphael Michel
97012082de Fix #972 -- Clarify sum in quota detail 2018-08-07 12:34:35 +02:00
Raphael Michel
423810cf61 Use a defaultdict for log rendering 2018-08-07 12:19:00 +02:00
Raphael Michel
a5159ce8e1 Do not show zeros in order overview 2018-08-07 11:37:14 +02:00
Raphael Michel
67897dfcc0 Fix #406 -- Allow moving waiting list entries to the top or bottom 2018-08-07 10:53:07 +02:00
Raphael Michel
0100604798 Allow to download waiting list 2018-08-07 10:38:26 +02:00
Raphael Michel
47afe01721 Improve waiting list filters 2018-08-07 10:28:37 +02:00
Raphael Michel
a2e12b795f Event settings: Fix custom widget 2018-08-07 10:09:34 +02:00
Raphael Michel
f4be90fdd0 Fix overpaid queries 2018-08-06 16:16:19 +02:00
Raphael Michel
afd766999c Upgrade to Django 2.1 (#710) 
* Upgrade to Django 2.0

* more models

* i18n foo

* Update setup.py

* Fix Sentry exception PRETIXEU-JC

* Enforce slug uniqueness

* Import sorting

* Upgrade to Django 2.1

* Travis config

* Try to fix PostgreSQL failure

* Smaller test matrix

* staticfiles→static

* Include request in all authenticate() calls
 2018-08-06 12:48:46 +02:00
Raphael Michel
18a378976b Fix #571 -- Partial payments and refunds 2018-08-06 12:24:36 +02:00
Raphael Michel
edb913855d Add a CSS class to slug widgets 2018-07-29 15:39:31 +02:00
Raphael Michel
24739e1638 Hide waiting list vouchers in voucher list 2018-07-29 15:39:31 +02:00
Raphael Michel
beddf1c772 Fix event meta deletion 2018-07-19 09:43:40 +02:00
Raphael Michel
d2a3ba182b Fix KeyError when accessing settings for disabled payment provider 2018-07-19 09:32:08 +02:00
Raphael Michel
febcf237ca Prevent a KeyError during form validation 2018-07-19 09:27:17 +02:00
Raphael Michel
5e158c3bd7 Prevent a KeyError with invalid add-on configuration 2018-07-19 09:27:17 +02:00
Raphael Michel
e46b33544d Fix race condition in formset validation 2018-07-11 14:57:31 +02:00
Raphael Michel
6b9c3ad4e7 PDF Layout: Make pretix logo a layout element, not a background element 2018-07-10 13:24:27 +02:00
Raphael Michel
a43ee054ad Fix logging of file upload questions 2018-06-25 12:53:45 +02:00
Raphael Michel
5e7027647a Add bcc option for event emails 2018-06-22 13:28:54 +02:00
Raphael Michel
0357386f7c Hide some links when printing 2018-06-15 17:48:30 +02:00
Raphael Michel
180904cdc2 Fix KeyError 2018-06-11 14:29:29 +02:00
Raphael Michel
b4d97d9432 Add signal for new OAuth applications 2018-06-05 15:47:13 +02:00
Raphael Michel
69d10489b8 Implement OAuth2 provider (#927) 
- [x] Application management
  - [x] Link
  - [ ] Tests
- [x] Authorize flow
  - [x] Tests
- [x] Refresh token handling
  - [x] Tests
- [x] Revocation endpoint
  - [x] Tests
  - [x] Mitigate: https://github.com/jazzband/django-oauth-toolkit/issues/585
- [x] API authenticator / permission driver
  - [x] Test
- [x] Enforce organizer restriction
  - [x] Tests
- [x] Enforce scope restriction
  - [x] Tests
- [x] Show current applications to user
  - [x] Revoke
  - [x] Tests
- [x] Log new authorizations
  - [x] notify user
- [x] Ensure other grant types are not available
- [x] Documentation
- [x] check if revoking access toking, then refreshing gets rid of organizer constraint
- [x] Show logentry foo
 2018-06-05 12:58:04 +02:00
Raphael Michel
50ff3628f7 Add success hook for settings form 2018-06-04 17:59:11 +02:00
Raphael Michel
11ff81f852 Fix 85420602 and add tests 2018-06-01 13:40:08 +02:00
Raphael Michel
85420602e8 Fix #54 -- Allow the admin to force accept payments 2018-06-01 13:25:07 +02:00
Raphael Michel
6ccf55b601 Fix settings form validation 2018-06-01 13:21:13 +02:00
Raphael Michel
3030c300f2 Fix order change form with required field 2018-05-31 12:57:06 +02:00
Raphael Michel
48b969f3c3 Refs #928 -- Show ticket secret in order change form 2018-05-31 12:57:06 +02:00
Raphael Michel
bbb78aa5e6 Refs #928 -- Allow to regenerate secrets of specific tickets 2018-05-31 12:57:06 +02:00
Raphael Michel
31380bbef2 Fix #928 -- Allow searching for ticket secrets 2018-05-31 12:57:06 +02:00
Mason Mohkami
479a7d9162 Fix #357 -- Implement go to for vouchers (#849) 
* Add Go input for vouchers on the vouchers list page (#357)

* Final fixes
 2018-05-31 12:43:32 +02:00
Felix Rindt
6fe02f156a Fix #898 -- Add setting to configure subevent ordering on frontpage (#906) 
Fixes #898.
 2018-05-31 12:28:44 +02:00
Raphael Michel
eb6063cc2d Add QR codes for pseudonymization ID 2018-05-28 17:02:56 +02:00