CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2025-12-07 22:42:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: CGM_Public:django22
Branches Tags
CGM_Public:master CGM_Public:answer-export CGM_Public:fix-csv-error CGM_Public:banktransfer-dashes CGM_Public:sendmail-iterator CGM_Public:update-django-version CGM_Public:reusablemedium-multiop CGM_Public:payment-qr CGM_Public:csv-duplicate-cols CGM_Public:release/2025.10.x CGM_Public:stable CGM_Public:release/2025.9.x CGM_Public:release/2025.8.x CGM_Public:release/2025.7.x CGM_Public:linkify-placeholder-fix CGM_Public:dependabot/pip/django-countries-eq-8.2.star CGM_Public:hardening-2fa CGM_Public:hide-invisible-fields CGM_Public:logentrytype-schema CGM_Public:quickstart-optional CGM_Public:op-export-unique-cols CGM_Public:lazy-imports CGM_Public:banktransfer-zero-5168 CGM_Public:timeline-fix-5614 CGM_Public:event-dialog-optional-4794 CGM_Public:banktransfer-invoice-reference CGM_Public:webhook-length CGM_Public:typeahead-org-slug CGM_Public:show-current-cart CGM_Public:banktransfer-camt CGM_Public:dependent-on-cc CGM_Public:attendee-mails-default CGM_Public:sort-property-helper CGM_Public:rename-migration CGM_Public:invoice-pdf-line-desc-max-length CGM_Public:validate-user-email CGM_Public:banktransfer-pending-order CGM_Public:order-rounding-mixin CGM_Public:dependabot/pip/redis-eq-7.0.star CGM_Public:richtext-link-mastodon CGM_Public:import-.wrong-item CGM_Public:fix-attach-size-filter CGM_Public:add-organizer-scope-to-pluginslist CGM_Public:fix-transmission-info CGM_Public:sync-single-transactionaware CGM_Public:no-ordinal-dates CGM_Public:new-license-header CGM_Public:checkinrule-warn-invalid-ids CGM_Public:fix-rrule CGM_Public:fix-form-styles CGM_Public:fix-datasync-shouldnotsync CGM_Public:fix-datasync-logdisplay CGM_Public:invoice-no-crash CGM_Public:dependabot/pip/django-phonenumber-field-eq-8.3.star CGM_Public:subevent-editor-improvements CGM_Public:exports-repeatable-read CGM_Public:plaintext-invoice-notification CGM_Public:order-import-logentries-bulk CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.1.star CGM_Public:notification-bulk-check CGM_Public:enqueue-order-immediate CGM_Public:enqueue-order-return CGM_Public:import-testmode-warn CGM_Public:api_organizer_settings CGM_Public:confirm-text-free CGM_Public:revert-5452-invoice-plugin-data CGM_Public:fix-wordlist-issue CGM_Public:subevent-filter-plugin CGM_Public:item-plugin-forms-group CGM_Public:fix-5455 CGM_Public:logentry-wording CGM_Public:img-srcset CGM_Public:invoice-plugin-data CGM_Public:mail-model CGM_Public:update-signal-docstrings CGM_Public:add-category-btn CGM_Public:logdetail-dbg CGM_Public:fix-order-email-error-log CGM_Public:fix-paypal2-xhr-free-cart CGM_Public:fix-datasync-notfound CGM_Public:fix-asynctask-i18n CGM_Public:org-level-plugin CGM_Public:plugins-page-fix CGM_Public:voucher-webhook CGM_Public:datasync-providers-doc CGM_Public:hierarkey-2 CGM_Public:ttf-pragraph-fallback CGM_Public:voucher-created CGM_Public:invoice-address-do-not-store-on-free CGM_Public:sync-single-tx CGM_Public:mapping-json CGM_Public:datasync CGM_Public:sendmail_pendingoverdue CGM_Public:rename-contact CGM_Public:pdf-price-with-bundled CGM_Public:fix-widget-cache-check CGM_Public:presale-remove-webmanifest CGM_Public:release/2025.6.x CGM_Public:pdf-editor-areyousure CGM_Public:api-expand-generic CGM_Public:invoice-email-language CGM_Public:question-stats-percentage CGM_Public:fix-question-graphs-ui CGM_Public:subevent-bulkedit-warning CGM_Public:clean-docs CGM_Public:event-title-everywhere CGM_Public:link-timeline CGM_Public:a11y-improve-renew-feedback CGM_Public:a11y-autocomplete-off CGM_Public:a11y-fix-calendar-nav-aria-current CGM_Public:release/2025.5.x CGM_Public:a11y-fix-giftcard-checkout CGM_Public:subevent-edit-name CGM_Public:fix-seat-svg-missing-label CGM_Public:gettextstub CGM_Public:fix-voucher-redeem-form CGM_Public:stripe_12x CGM_Public:cookieconsent-properly CGM_Public:ocm-cancel-all CGM_Public:fix-checkout-confirm CGM_Public:fix-nothingtoadd CGM_Public:dialog-backdrop-click-close CGM_Public:cart-renewal CGM_Public:a11y-add-cart-empty CGM_Public:waitinglist-export-productid CGM_Public:a11y-fix-waitinglist-link CGM_Public:a11y-no-underline-event-list CGM_Public:a11y-placeolder-contrast CGM_Public:cart-renewal-ui-html5dialog CGM_Public:cart-renewal-ui CGM_Public:tooltip-a11y CGM_Public:a11y-widget-fix-filter-dropdown CGM_Public:a11y-common-modal-dialogs CGM_Public:invoice-to-organizer-multimail CGM_Public:a11y-fix-b-strong CGM_Public:issue-5077 CGM_Public:a11y-validate-dates-serverside CGM_Public:a11y-fix-datepicker-error CGM_Public:item-list-seating CGM_Public:fix-eventlist-date-field CGM_Public:fix-headline-mismatch CGM_Public:release/2025.4.x CGM_Public:fix-datepicker-datedisplay CGM_Public:change-secret CGM_Public:subevent-discounts-test CGM_Public:sold-out-voucher CGM_Public:question-clean-answer-typo CGM_Public:checkinrpc-locales CGM_Public:fix-bulkedit-devices CGM_Public:release/2025.3.x CGM_Public:order-search-in-attendee-company CGM_Public:refactor-copy_to_first_ticket CGM_Public:organizer-index-filter-empty CGM_Public:context-on-error-page CGM_Public:order-checkin-icons CGM_Public:order-email-history-attachments CGM_Public:salutation-empty-label CGM_Public:fix-customer-create-race-condition CGM_Public:widget-data-3rdparty CGM_Public:scheduledmail-subevent-missing CGM_Public:fix-widget-data-3rdparty CGM_Public:widget-subevent-fix CGM_Public:a11y-remove-autofocus CGM_Public:release/2025.2.x CGM_Public:lists-for-failed-checkin CGM_Public:api-create-fees CGM_Public:fix-widget-data-overwrite CGM_Public:bulk-actions-logentries CGM_Public:widget-consent-prio CGM_Public:oidc-pkce CGM_Public:dependabot/pip/sphinx-eq-8.2.star CGM_Public:fix-copy-to-first-matching CGM_Public:headless CGM_Public:fix-deletedevent-checkin-logdisplay CGM_Public:widget_email_repeat CGM_Public:release/2025.1.x CGM_Public:new-docs CGM_Public:oidc_query_parameters CGM_Public:a11y-autofocus-tabindex CGM_Public:metrics_middleware_concat CGM_Public:widget-cookiebot CGM_Public:missing-registrations CGM_Public:fix-business-deps CGM_Public:invoice-pdf-transparency CGM_Public:logentrytype-registry CGM_Public:reldatetimefield-refactor CGM_Public:fix-copy-variations-channels CGM_Public:customdomain-show-backend-btn CGM_Public:invoice-user-paid CGM_Public:question-max-digits CGM_Public:i18n-field-order CGM_Public:language-switch-parameter CGM_Public:fieldset-panels-checkout CGM_Public:fix-invoice-name-validation CGM_Public:fieldset-panels-anim CGM_Public:dashboard-intcomma CGM_Public:fieldset-panels CGM_Public:fix-shipping-form CGM_Public:addressform-err-handling CGM_Public:fix-state-required-logic CGM_Public:release/2024.11.x CGM_Public:a11y-customer CGM_Public:robust-alert-colors CGM_Public:stripe-sofort-remove CGM_Public:stripe_mobilepay CGM_Public:quota-lock-log CGM_Public:main CGM_Public:pluggable-security-profiles CGM_Public:fix-category-change-log CGM_Public:checkin-present-filter-perf CGM_Public:hide-dependencies-recursively CGM_Public:fix-cond-display CGM_Public:badge-export-order-date CGM_Public:manual-fees CGM_Public:release/2024.10.x CGM_Public:raphaelm-patch-3 CGM_Public:hacky-debug-output CGM_Public:hacky-debug-output-reruns CGM_Public:ci-more-threads CGM_Public:ci-apt-y CGM_Public:before-fakeredis-update CGM_Public:actions-debug-postgres-1 CGM_Public:actions-fix-postgres CGM_Public:ci-postgres-service CGM_Public:pdf-layout-renderer-api CGM_Public:fix-category-type-column CGM_Public:cross-selling CGM_Public:bundles-not-negative CGM_Public:manual-installation CGM_Public:subevent-empty-avoid CGM_Public:release/2024.9.x CGM_Public:utils CGM_Public:email-confirm-secret-independent CGM_Public:docs-fix-typo-sso CGM_Public:unify-uncat-products-html-source CGM_Public:seating-waitinglist-sronly CGM_Public:release/2024.8.x CGM_Public:event-date-weekday CGM_Public:fix-sidebar-mobile CGM_Public:release/2024.7.x CGM_Public:release/2024.6.x CGM_Public:release/2024.5.x CGM_Public:fix-mail-preview-xss CGM_Public:api-webhook-filter CGM_Public:fix-tests CGM_Public:checkinlist-export-sort-by-date CGM_Public:fix-stripe-sca-sandbox CGM_Public:order-nullability CGM_Public:pytest-no-pending CGM_Public:add-temp-seatingframe-signal CGM_Public:fix-seatingframe-missing-css CGM_Public:stripe-giropay CGM_Public:list-sorting-move CGM_Public:daterange-test-foo CGM_Public:fix-checkbox-disabled-label-refactor CGM_Public:fix-pdf-bg-append CGM_Public:remove-subevent-items CGM_Public:fix-mail-preview-brackets-mismatch-2 CGM_Public:voucher-suggested-price CGM_Public:giftcard-validity CGM_Public:fix-mail-preview-brackets-mismatch CGM_Public:seo-improvements CGM_Public:ppv2_apm_wh_capture CGM_Public:back-to-the-future-2 CGM_Public:multi-subevent-cart-add CGM_Public:release/2024.4.x CGM_Public:fix-country-codes-profiles CGM_Public:release/2024.3.x CGM_Public:data-attr-price CGM_Public:issue-3967-adjacent CGM_Public:fix-issue-3967 CGM_Public:event_fonts CGM_Public:back-to-the-future CGM_Public:release/2024.2.x CGM_Public:release/2023.10.x CGM_Public:release/2023.8.x CGM_Public:release/2023.9.x CGM_Public:release/2024.1.x CGM_Public:django-oauth-toolkit-eq-2.3.star CGM_Public:select2-close-on-clear CGM_Public:plugins-allow-individual-ticket-download CGM_Public:event-dashboard CGM_Public:scan-debug-data CGM_Public:money-filter-tests CGM_Public:sort-sales-channels CGM_Public:pdf-fix-rotate CGM_Public:locking-tests CGM_Public:global_applepay_domain_validation CGM_Public:payment-available-from2 CGM_Public:release/4.20.x CGM_Public:release/2023.6.x CGM_Public:release/2023.7.x CGM_Public:zerodecimal_refunds CGM_Public:fix-typo CGM_Public:customer-webhooks CGM_Public:quota-cache-fix CGM_Public:pdf-bulk-vars-2 CGM_Public:new-checkin-type CGM_Public:mf0aes-docs CGM_Public:fix-pdf-image-multi-export CGM_Public:walletdetection CGM_Public:fix-pdf-bg-offset CGM_Public:celery-5.3 CGM_Public:api-taxrules CGM_Public:fix-lazy-translation-settings CGM_Public:hide-empty-addons CGM_Public:add-order-min CGM_Public:release/4.19.x CGM_Public:idna CGM_Public:order-filter-requires-attention CGM_Public:release/4.18.x CGM_Public:fix-widget-close-position CGM_Public:release/4.15.x CGM_Public:release/4.16.x CGM_Public:release/4.17.x CGM_Public:fix-q-checkbox-required CGM_Public:compact-cart CGM_Public:harmonize-checkin-export-date CGM_Public:ocm-no-canceled CGM_Public:widget-seating-embed CGM_Public:guest-handling CGM_Public:dnspython2 CGM_Public:fix-addon-typo CGM_Public:oauth-toolkit-2 CGM_Public:thumbnail-store-created CGM_Public:invoice-to-other-email CGM_Public:answer-options-csv CGM_Public:release/4.14.x CGM_Public:transaction-source CGM_Public:improve-badge-pdf-bg-performance CGM_Public:release/4.13.x CGM_Public:common-country-names CGM_Public:fix-check-in-subevent-filterform CGM_Public:placeholder-last-modification CGM_Public:fix-pdf-editor-prefill-bug CGM_Public:release/4.12.x CGM_Public:invoice-giftcards CGM_Public:addon-match CGM_Public:release/4.9.x CGM_Public:release/4.11.x CGM_Public:release/4.10.x CGM_Public:product-list-export CGM_Public:fix-api-operations-refresh CGM_Public:fix-free-price-checkbox CGM_Public:redis-response-error CGM_Public:remove-promise-from-paypal2 CGM_Public:fix-customer-identifier-unique CGM_Public:add-name-for-salutation-to-editor CGM_Public:orderlist-canceled-lines CGM_Public:event-clone-tests CGM_Public:aws_ses_454 CGM_Public:release/4.8.x CGM_Public:fix-2556-remove-attestation-from-2fa CGM_Public:release/4.5.x CGM_Public:release/4.6.x CGM_Public:release/4.7.x CGM_Public:db-conn-tz CGM_Public:hotfix CGM_Public:release/4.3.x CGM_Public:release/4.4.x CGM_Public:short-month-day-format CGM_Public:add-fixed-scroll-pos-to-calendar CGM_Public:consistency-check CGM_Public:sticky-add-to-basket CGM_Public:release/4.2.x CGM_Public:release/4.1.x CGM_Public:release/4.0.x CGM_Public:release/3.18.x CGM_Public:release/3.17.x CGM_Public:waitlist_subeventpicker CGM_Public:hotfix20210323 CGM_Public:hotfix20210325 CGM_Public:django31 CGM_Public:flaky-test CGM_Public:release/3.16.x CGM_Public:cancel-no-invoice CGM_Public:release/3.15.x CGM_Public:release/3.14.x CGM_Public:validate-dns CGM_Public:release/3.13.x CGM_Public:release/3.12.x CGM_Public:release/3.11.x CGM_Public:docker-nginx-logs CGM_Public:remove-reversecharge CGM_Public:stripe-connect-2 CGM_Public:copy-from-matching-product CGM_Public:seat-orgchoice CGM_Public:release/3.10.x CGM_Public:release/3.9.x CGM_Public:gha-migrations CGM_Public:release/3.8.x CGM_Public:issue1575 CGM_Public:release/3.7.x CGM_Public:release/3.6.x CGM_Public:release/3.5.x CGM_Public:cart-vouchers CGM_Public:release/3.4.x CGM_Public:release/3.3.x CGM_Public:stripe-connect-fees CGM_Public:release/3.2.x CGM_Public:release/3.1.x CGM_Public:release/3.0.x CGM_Public:pretixscan CGM_Public:hidden-product-quota-voucher CGM_Public:scopes CGM_Public:release/2.8.x CGM_Public:release/2.7.x CGM_Public:loadtest2 CGM_Public:orderchange2 CGM_Public:django22 CGM_Public:release/2.6.x CGM_Public:794-questions-default-value CGM_Public:dekodi CGM_Public:release/2.5.x CGM_Public:loadtest CGM_Public:selfcancel-positions CGM_Public:searchindex CGM_Public:release/2.4.x CGM_Public:release/2.3.x CGM_Public:release/2.2.x CGM_Public:release/2.1.x CGM_Public:transfer-ticket CGM_Public:release/2.0.x CGM_Public:release/1.17.x CGM_Public:design2.0 CGM_Public:release/1.16.x CGM_Public:release/1.15.x CGM_Public:release/1.14.x CGM_Public:release/1.13.x CGM_Public:release/1.12.x CGM_Public:release/1.11.x CGM_Public:release/1.10.x CGM_Public:release/1.9.x CGM_Public:release/1.8.x CGM_Public:release/1.7.x CGM_Public:new-placeholders CGM_Public:release/1.4.x CGM_Public:release/1.5.x CGM_Public:release/1.6.x CGM_Public:custom-manager CGM_Public:release/1.1.x CGM_Public:release/1.2.x CGM_Public:release/1.3.x CGM_Public:release/1.0.x CGM_Public:voucher-wizard CGM_Public:shorter-locking
CGM_Public:v2025.10.0 CGM_Public:v2025.7.3 CGM_Public:v2025.9.2 CGM_Public:v2025.8.2 CGM_Public:v2025.8.1 CGM_Public:v2025.9.1 CGM_Public:v2025.7.2 CGM_Public:v2025.9.0 CGM_Public:v2025.8.0 CGM_Public:v2025.7.1 CGM_Public:v2025.7.0 CGM_Public:v2025.6.0 CGM_Public:v2025.5.0 CGM_Public:v2025.4.0 CGM_Public:v2025.3.0 CGM_Public:v2025.2.0 CGM_Public:v2025.1.0 CGM_Public:v2024.11.0 CGM_Public:v2024.10.0 CGM_Public:v2024.9.0 CGM_Public:v2024.8.0 CGM_Public:v2024.7.1 CGM_Public:v2024.6.1 CGM_Public:v2024.5.1 CGM_Public:v2024.7.0 CGM_Public:v2024.6.0 CGM_Public:v2024.5.0 CGM_Public:v2024.4.0 CGM_Public:v2024.3.0 CGM_Public:v2024.2.0 CGM_Public:v2023.10.2 CGM_Public:v2023.8.1.post1 CGM_Public:v2023.9.1.post1 CGM_Public:v2023.8.1 CGM_Public:v2023.9.1 CGM_Public:v2024.1.1 CGM_Public:v2024.1.0 CGM_Public:v2023.10.1.post1 CGM_Public:v2023.10.1 CGM_Public:v2023.10.0 CGM_Public:v2023.9.0 CGM_Public:v2023.8.0 CGM_Public:v2023.6.3 CGM_Public:v4.20.4 CGM_Public:v2023.7.3 CGM_Public:v4.20.3 CGM_Public:v2023.6.2 CGM_Public:v2023.7.2 CGM_Public:v4.20.2.post1 CGM_Public:v4.20.2 CGM_Public:v2023.6.1 CGM_Public:v2023.7.1 CGM_Public:v2023.7.0 CGM_Public:v2023.6.0 CGM_Public:v4.20.1 CGM_Public:v4.20.0 CGM_Public:v4.19.0.post1 CGM_Public:v4.19.0 CGM_Public:v4.18.2.post1 CGM_Public:v4.18.2 CGM_Public:v4.18.1 CGM_Public:v4.18.0 CGM_Public:v4.15.1 CGM_Public:v4.16.1 CGM_Public:v4.17.1 CGM_Public:v4.17.0 CGM_Public:v4.16.0 CGM_Public:v4.15.0 CGM_Public:v4.14.0 CGM_Public:v4.13.1 CGM_Public:v4.13.0 CGM_Public:v4.12.0 CGM_Public:v4.9.1 CGM_Public:v4.10.1 CGM_Public:v4.11.1 CGM_Public:v4.11.0 CGM_Public:v4.10.0 CGM_Public:v4.9.0 CGM_Public:v4.8.0 CGM_Public:v4.5.2 CGM_Public:v4.6.1 CGM_Public:v4.7.1 CGM_Public:v4.7.0 CGM_Public:v4.6.0 CGM_Public:v4.3.1 CGM_Public:v4.4.1 CGM_Public:v4.5.1 CGM_Public:v4.5.0 CGM_Public:a CGM_Public:v4.4.0 CGM_Public:v4.3.0 CGM_Public:v4.2.0 CGM_Public:v4.1.0.post1 CGM_Public:v4.1.0 CGM_Public:v4.0.0 CGM_Public:v3.18.0 CGM_Public:v3.17.2 CGM_Public:v3.17.1 CGM_Public:v3.17.0 CGM_Public:v3.16.0 CGM_Public:v3.15.0 CGM_Public:v3.14.2 CGM_Public:v3.14.1 CGM_Public:v3.14.0 CGM_Public:v3.13.1 CGM_Public:v3.12.1 CGM_Public:v3.11.1 CGM_Public:v3.13.0 CGM_Public:v3.12.0 CGM_Public:v3.11.0 CGM_Public:v3.10.0 CGM_Public:v3.9.0 CGM_Public:v3.8.0 CGM_Public:v3.7.0 CGM_Public:v3.6.0 CGM_Public:v3.5.0 CGM_Public:v3.4.0 CGM_Public:v3.3.0 CGM_Public:v3.2.0 CGM_Public:v3.1.0 CGM_Public:v3.0.1 CGM_Public:v3.0.0 CGM_Public:v2.8.2 CGM_Public:v2.8.1 CGM_Public:v2.8.0 CGM_Public:v2.7.2 CGM_Public:v2.7.1 CGM_Public:v2.7.0 CGM_Public:s CGM_Public:v2.6.0 CGM_Public:v2.5.0 CGM_Public:v2.4.0 CGM_Public:v2.3.0 CGM_Public:v2.2.0 CGM_Public:v2.1.0 CGM_Public:v2.0.0 CGM_Public:v1.17.1 CGM_Public:v1.17.0 CGM_Public:v1.16.0 CGM_Public:v1.15.2 CGM_Public:v1.15.1 CGM_Public:v1.15.0 CGM_Public:v1.14.0 CGM_Public:v1.13.1 CGM_Public:v1.13.0 CGM_Public:v1.12.1 CGM_Public:v1.12.0 CGM_Public:v1.11.1 CGM_Public:v1.11.0 CGM_Public:v1.10.1 CGM_Public:v1.10.0 CGM_Public:v1.9.1 CGM_Public:v1.8.1 CGM_Public:v1.7.2 CGM_Public:v1.9.0 CGM_Public:v1.8.0 CGM_Public:v1.7.1 CGM_Public:v1.7.0 CGM_Public:v1.4.1 CGM_Public:v1.5.2 CGM_Public:v1.6.2 CGM_Public:v1.6.1 CGM_Public:v1.6.0 CGM_Public:v1.5.1 CGM_Public:v1.5.0 CGM_Public:v1.4.0 CGM_Public:v1.1.3 CGM_Public:v1.2.2 CGM_Public:v1.3.1 CGM_Public:v1.3.0 CGM_Public:v1.2.1 CGM_Public:v1.2.0 CGM_Public:v1.1.2 CGM_Public:v1.1.1 CGM_Public:v1.1.0 CGM_Public:1.0.0 CGM_Public:1.0.0b2 CGM_Public:1.0.0b1
..
compare: CGM_Public:v1.6.2
Branches Tags
CGM_Public:answer-export CGM_Public:fix-csv-error CGM_Public:master CGM_Public:banktransfer-dashes CGM_Public:sendmail-iterator CGM_Public:update-django-version CGM_Public:reusablemedium-multiop CGM_Public:payment-qr CGM_Public:csv-duplicate-cols CGM_Public:release/2025.10.x CGM_Public:stable CGM_Public:release/2025.9.x CGM_Public:release/2025.8.x CGM_Public:release/2025.7.x CGM_Public:linkify-placeholder-fix CGM_Public:dependabot/pip/django-countries-eq-8.2.star CGM_Public:hardening-2fa CGM_Public:hide-invisible-fields CGM_Public:logentrytype-schema CGM_Public:quickstart-optional CGM_Public:op-export-unique-cols CGM_Public:lazy-imports CGM_Public:banktransfer-zero-5168 CGM_Public:timeline-fix-5614 CGM_Public:event-dialog-optional-4794 CGM_Public:banktransfer-invoice-reference CGM_Public:webhook-length CGM_Public:typeahead-org-slug CGM_Public:show-current-cart CGM_Public:banktransfer-camt CGM_Public:dependent-on-cc CGM_Public:attendee-mails-default CGM_Public:sort-property-helper CGM_Public:rename-migration CGM_Public:invoice-pdf-line-desc-max-length CGM_Public:validate-user-email CGM_Public:banktransfer-pending-order CGM_Public:order-rounding-mixin CGM_Public:dependabot/pip/redis-eq-7.0.star CGM_Public:richtext-link-mastodon CGM_Public:import-.wrong-item CGM_Public:fix-attach-size-filter CGM_Public:add-organizer-scope-to-pluginslist CGM_Public:fix-transmission-info CGM_Public:sync-single-transactionaware CGM_Public:no-ordinal-dates CGM_Public:new-license-header CGM_Public:checkinrule-warn-invalid-ids CGM_Public:fix-rrule CGM_Public:fix-form-styles CGM_Public:fix-datasync-shouldnotsync CGM_Public:fix-datasync-logdisplay CGM_Public:invoice-no-crash CGM_Public:dependabot/pip/django-phonenumber-field-eq-8.3.star CGM_Public:subevent-editor-improvements CGM_Public:exports-repeatable-read CGM_Public:plaintext-invoice-notification CGM_Public:order-import-logentries-bulk CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.1.star CGM_Public:notification-bulk-check CGM_Public:enqueue-order-immediate CGM_Public:enqueue-order-return CGM_Public:import-testmode-warn CGM_Public:api_organizer_settings CGM_Public:confirm-text-free CGM_Public:revert-5452-invoice-plugin-data CGM_Public:fix-wordlist-issue CGM_Public:subevent-filter-plugin CGM_Public:item-plugin-forms-group CGM_Public:fix-5455 CGM_Public:logentry-wording CGM_Public:img-srcset CGM_Public:invoice-plugin-data CGM_Public:mail-model CGM_Public:update-signal-docstrings CGM_Public:add-category-btn CGM_Public:logdetail-dbg CGM_Public:fix-order-email-error-log CGM_Public:fix-paypal2-xhr-free-cart CGM_Public:fix-datasync-notfound CGM_Public:fix-asynctask-i18n CGM_Public:org-level-plugin CGM_Public:plugins-page-fix CGM_Public:voucher-webhook CGM_Public:datasync-providers-doc CGM_Public:hierarkey-2 CGM_Public:ttf-pragraph-fallback CGM_Public:voucher-created CGM_Public:invoice-address-do-not-store-on-free CGM_Public:sync-single-tx CGM_Public:mapping-json CGM_Public:datasync CGM_Public:sendmail_pendingoverdue CGM_Public:rename-contact CGM_Public:pdf-price-with-bundled CGM_Public:fix-widget-cache-check CGM_Public:presale-remove-webmanifest CGM_Public:release/2025.6.x CGM_Public:pdf-editor-areyousure CGM_Public:api-expand-generic CGM_Public:invoice-email-language CGM_Public:question-stats-percentage CGM_Public:fix-question-graphs-ui CGM_Public:subevent-bulkedit-warning CGM_Public:clean-docs CGM_Public:event-title-everywhere CGM_Public:link-timeline CGM_Public:a11y-improve-renew-feedback CGM_Public:a11y-autocomplete-off CGM_Public:a11y-fix-calendar-nav-aria-current CGM_Public:release/2025.5.x CGM_Public:a11y-fix-giftcard-checkout CGM_Public:subevent-edit-name CGM_Public:fix-seat-svg-missing-label CGM_Public:gettextstub CGM_Public:fix-voucher-redeem-form CGM_Public:stripe_12x CGM_Public:cookieconsent-properly CGM_Public:ocm-cancel-all CGM_Public:fix-checkout-confirm CGM_Public:fix-nothingtoadd CGM_Public:dialog-backdrop-click-close CGM_Public:cart-renewal CGM_Public:a11y-add-cart-empty CGM_Public:waitinglist-export-productid CGM_Public:a11y-fix-waitinglist-link CGM_Public:a11y-no-underline-event-list CGM_Public:a11y-placeolder-contrast CGM_Public:cart-renewal-ui-html5dialog CGM_Public:cart-renewal-ui CGM_Public:tooltip-a11y CGM_Public:a11y-widget-fix-filter-dropdown CGM_Public:a11y-common-modal-dialogs CGM_Public:invoice-to-organizer-multimail CGM_Public:a11y-fix-b-strong CGM_Public:issue-5077 CGM_Public:a11y-validate-dates-serverside CGM_Public:a11y-fix-datepicker-error CGM_Public:item-list-seating CGM_Public:fix-eventlist-date-field CGM_Public:fix-headline-mismatch CGM_Public:release/2025.4.x CGM_Public:fix-datepicker-datedisplay CGM_Public:change-secret CGM_Public:subevent-discounts-test CGM_Public:sold-out-voucher CGM_Public:question-clean-answer-typo CGM_Public:checkinrpc-locales CGM_Public:fix-bulkedit-devices CGM_Public:release/2025.3.x CGM_Public:order-search-in-attendee-company CGM_Public:refactor-copy_to_first_ticket CGM_Public:organizer-index-filter-empty CGM_Public:context-on-error-page CGM_Public:order-checkin-icons CGM_Public:order-email-history-attachments CGM_Public:salutation-empty-label CGM_Public:fix-customer-create-race-condition CGM_Public:widget-data-3rdparty CGM_Public:scheduledmail-subevent-missing CGM_Public:fix-widget-data-3rdparty CGM_Public:widget-subevent-fix CGM_Public:a11y-remove-autofocus CGM_Public:release/2025.2.x CGM_Public:lists-for-failed-checkin CGM_Public:api-create-fees CGM_Public:fix-widget-data-overwrite CGM_Public:bulk-actions-logentries CGM_Public:widget-consent-prio CGM_Public:oidc-pkce CGM_Public:dependabot/pip/sphinx-eq-8.2.star CGM_Public:fix-copy-to-first-matching CGM_Public:headless CGM_Public:fix-deletedevent-checkin-logdisplay CGM_Public:widget_email_repeat CGM_Public:release/2025.1.x CGM_Public:new-docs CGM_Public:oidc_query_parameters CGM_Public:a11y-autofocus-tabindex CGM_Public:metrics_middleware_concat CGM_Public:widget-cookiebot CGM_Public:missing-registrations CGM_Public:fix-business-deps CGM_Public:invoice-pdf-transparency CGM_Public:logentrytype-registry CGM_Public:reldatetimefield-refactor CGM_Public:fix-copy-variations-channels CGM_Public:customdomain-show-backend-btn CGM_Public:invoice-user-paid CGM_Public:question-max-digits CGM_Public:i18n-field-order CGM_Public:language-switch-parameter CGM_Public:fieldset-panels-checkout CGM_Public:fix-invoice-name-validation CGM_Public:fieldset-panels-anim CGM_Public:dashboard-intcomma CGM_Public:fieldset-panels CGM_Public:fix-shipping-form CGM_Public:addressform-err-handling CGM_Public:fix-state-required-logic CGM_Public:release/2024.11.x CGM_Public:a11y-customer CGM_Public:robust-alert-colors CGM_Public:stripe-sofort-remove CGM_Public:stripe_mobilepay CGM_Public:quota-lock-log CGM_Public:main CGM_Public:pluggable-security-profiles CGM_Public:fix-category-change-log CGM_Public:checkin-present-filter-perf CGM_Public:hide-dependencies-recursively CGM_Public:fix-cond-display CGM_Public:badge-export-order-date CGM_Public:manual-fees CGM_Public:release/2024.10.x CGM_Public:raphaelm-patch-3 CGM_Public:hacky-debug-output CGM_Public:hacky-debug-output-reruns CGM_Public:ci-more-threads CGM_Public:ci-apt-y CGM_Public:before-fakeredis-update CGM_Public:actions-debug-postgres-1 CGM_Public:actions-fix-postgres CGM_Public:ci-postgres-service CGM_Public:pdf-layout-renderer-api CGM_Public:fix-category-type-column CGM_Public:cross-selling CGM_Public:bundles-not-negative CGM_Public:manual-installation CGM_Public:subevent-empty-avoid CGM_Public:release/2024.9.x CGM_Public:utils CGM_Public:email-confirm-secret-independent CGM_Public:docs-fix-typo-sso CGM_Public:unify-uncat-products-html-source CGM_Public:seating-waitinglist-sronly CGM_Public:release/2024.8.x CGM_Public:event-date-weekday CGM_Public:fix-sidebar-mobile CGM_Public:release/2024.7.x CGM_Public:release/2024.6.x CGM_Public:release/2024.5.x CGM_Public:fix-mail-preview-xss CGM_Public:api-webhook-filter CGM_Public:fix-tests CGM_Public:checkinlist-export-sort-by-date CGM_Public:fix-stripe-sca-sandbox CGM_Public:order-nullability CGM_Public:pytest-no-pending CGM_Public:add-temp-seatingframe-signal CGM_Public:fix-seatingframe-missing-css CGM_Public:stripe-giropay CGM_Public:list-sorting-move CGM_Public:daterange-test-foo CGM_Public:fix-checkbox-disabled-label-refactor CGM_Public:fix-pdf-bg-append CGM_Public:remove-subevent-items CGM_Public:fix-mail-preview-brackets-mismatch-2 CGM_Public:voucher-suggested-price CGM_Public:giftcard-validity CGM_Public:fix-mail-preview-brackets-mismatch CGM_Public:seo-improvements CGM_Public:ppv2_apm_wh_capture CGM_Public:back-to-the-future-2 CGM_Public:multi-subevent-cart-add CGM_Public:release/2024.4.x CGM_Public:fix-country-codes-profiles CGM_Public:release/2024.3.x CGM_Public:data-attr-price CGM_Public:issue-3967-adjacent CGM_Public:fix-issue-3967 CGM_Public:event_fonts CGM_Public:back-to-the-future CGM_Public:release/2024.2.x CGM_Public:release/2023.10.x CGM_Public:release/2023.8.x CGM_Public:release/2023.9.x CGM_Public:release/2024.1.x CGM_Public:django-oauth-toolkit-eq-2.3.star CGM_Public:select2-close-on-clear CGM_Public:plugins-allow-individual-ticket-download CGM_Public:event-dashboard CGM_Public:scan-debug-data CGM_Public:money-filter-tests CGM_Public:sort-sales-channels CGM_Public:pdf-fix-rotate CGM_Public:locking-tests CGM_Public:global_applepay_domain_validation CGM_Public:payment-available-from2 CGM_Public:release/4.20.x CGM_Public:release/2023.6.x CGM_Public:release/2023.7.x CGM_Public:zerodecimal_refunds CGM_Public:fix-typo CGM_Public:customer-webhooks CGM_Public:quota-cache-fix CGM_Public:pdf-bulk-vars-2 CGM_Public:new-checkin-type CGM_Public:mf0aes-docs CGM_Public:fix-pdf-image-multi-export CGM_Public:walletdetection CGM_Public:fix-pdf-bg-offset CGM_Public:celery-5.3 CGM_Public:api-taxrules CGM_Public:fix-lazy-translation-settings CGM_Public:hide-empty-addons CGM_Public:add-order-min CGM_Public:release/4.19.x CGM_Public:idna CGM_Public:order-filter-requires-attention CGM_Public:release/4.18.x CGM_Public:fix-widget-close-position CGM_Public:release/4.15.x CGM_Public:release/4.16.x CGM_Public:release/4.17.x CGM_Public:fix-q-checkbox-required CGM_Public:compact-cart CGM_Public:harmonize-checkin-export-date CGM_Public:ocm-no-canceled CGM_Public:widget-seating-embed CGM_Public:guest-handling CGM_Public:dnspython2 CGM_Public:fix-addon-typo CGM_Public:oauth-toolkit-2 CGM_Public:thumbnail-store-created CGM_Public:invoice-to-other-email CGM_Public:answer-options-csv CGM_Public:release/4.14.x CGM_Public:transaction-source CGM_Public:improve-badge-pdf-bg-performance CGM_Public:release/4.13.x CGM_Public:common-country-names CGM_Public:fix-check-in-subevent-filterform CGM_Public:placeholder-last-modification CGM_Public:fix-pdf-editor-prefill-bug CGM_Public:release/4.12.x CGM_Public:invoice-giftcards CGM_Public:addon-match CGM_Public:release/4.9.x CGM_Public:release/4.11.x CGM_Public:release/4.10.x CGM_Public:product-list-export CGM_Public:fix-api-operations-refresh CGM_Public:fix-free-price-checkbox CGM_Public:redis-response-error CGM_Public:remove-promise-from-paypal2 CGM_Public:fix-customer-identifier-unique CGM_Public:add-name-for-salutation-to-editor CGM_Public:orderlist-canceled-lines CGM_Public:event-clone-tests CGM_Public:aws_ses_454 CGM_Public:release/4.8.x CGM_Public:fix-2556-remove-attestation-from-2fa CGM_Public:release/4.5.x CGM_Public:release/4.6.x CGM_Public:release/4.7.x CGM_Public:db-conn-tz CGM_Public:hotfix CGM_Public:release/4.3.x CGM_Public:release/4.4.x CGM_Public:short-month-day-format CGM_Public:add-fixed-scroll-pos-to-calendar CGM_Public:consistency-check CGM_Public:sticky-add-to-basket CGM_Public:release/4.2.x CGM_Public:release/4.1.x CGM_Public:release/4.0.x CGM_Public:release/3.18.x CGM_Public:release/3.17.x CGM_Public:waitlist_subeventpicker CGM_Public:hotfix20210323 CGM_Public:hotfix20210325 CGM_Public:django31 CGM_Public:flaky-test CGM_Public:release/3.16.x CGM_Public:cancel-no-invoice CGM_Public:release/3.15.x CGM_Public:release/3.14.x CGM_Public:validate-dns CGM_Public:release/3.13.x CGM_Public:release/3.12.x CGM_Public:release/3.11.x CGM_Public:docker-nginx-logs CGM_Public:remove-reversecharge CGM_Public:stripe-connect-2 CGM_Public:copy-from-matching-product CGM_Public:seat-orgchoice CGM_Public:release/3.10.x CGM_Public:release/3.9.x CGM_Public:gha-migrations CGM_Public:release/3.8.x CGM_Public:issue1575 CGM_Public:release/3.7.x CGM_Public:release/3.6.x CGM_Public:release/3.5.x CGM_Public:cart-vouchers CGM_Public:release/3.4.x CGM_Public:release/3.3.x CGM_Public:stripe-connect-fees CGM_Public:release/3.2.x CGM_Public:release/3.1.x CGM_Public:release/3.0.x CGM_Public:pretixscan CGM_Public:hidden-product-quota-voucher CGM_Public:scopes CGM_Public:release/2.8.x CGM_Public:release/2.7.x CGM_Public:loadtest2 CGM_Public:orderchange2 CGM_Public:django22 CGM_Public:release/2.6.x CGM_Public:794-questions-default-value CGM_Public:dekodi CGM_Public:release/2.5.x CGM_Public:loadtest CGM_Public:selfcancel-positions CGM_Public:searchindex CGM_Public:release/2.4.x CGM_Public:release/2.3.x CGM_Public:release/2.2.x CGM_Public:release/2.1.x CGM_Public:transfer-ticket CGM_Public:release/2.0.x CGM_Public:release/1.17.x CGM_Public:design2.0 CGM_Public:release/1.16.x CGM_Public:release/1.15.x CGM_Public:release/1.14.x CGM_Public:release/1.13.x CGM_Public:release/1.12.x CGM_Public:release/1.11.x CGM_Public:release/1.10.x CGM_Public:release/1.9.x CGM_Public:release/1.8.x CGM_Public:release/1.7.x CGM_Public:new-placeholders CGM_Public:release/1.4.x CGM_Public:release/1.5.x CGM_Public:release/1.6.x CGM_Public:custom-manager CGM_Public:release/1.1.x CGM_Public:release/1.2.x CGM_Public:release/1.3.x CGM_Public:release/1.0.x CGM_Public:voucher-wizard CGM_Public:shorter-locking
CGM_Public:v2025.10.0 CGM_Public:v2025.7.3 CGM_Public:v2025.9.2 CGM_Public:v2025.8.2 CGM_Public:v2025.8.1 CGM_Public:v2025.9.1 CGM_Public:v2025.7.2 CGM_Public:v2025.9.0 CGM_Public:v2025.8.0 CGM_Public:v2025.7.1 CGM_Public:v2025.7.0 CGM_Public:v2025.6.0 CGM_Public:v2025.5.0 CGM_Public:v2025.4.0 CGM_Public:v2025.3.0 CGM_Public:v2025.2.0 CGM_Public:v2025.1.0 CGM_Public:v2024.11.0 CGM_Public:v2024.10.0 CGM_Public:v2024.9.0 CGM_Public:v2024.8.0 CGM_Public:v2024.7.1 CGM_Public:v2024.6.1 CGM_Public:v2024.5.1 CGM_Public:v2024.7.0 CGM_Public:v2024.6.0 CGM_Public:v2024.5.0 CGM_Public:v2024.4.0 CGM_Public:v2024.3.0 CGM_Public:v2024.2.0 CGM_Public:v2023.10.2 CGM_Public:v2023.8.1.post1 CGM_Public:v2023.9.1.post1 CGM_Public:v2023.8.1 CGM_Public:v2023.9.1 CGM_Public:v2024.1.1 CGM_Public:v2024.1.0 CGM_Public:v2023.10.1.post1 CGM_Public:v2023.10.1 CGM_Public:v2023.10.0 CGM_Public:v2023.9.0 CGM_Public:v2023.8.0 CGM_Public:v2023.6.3 CGM_Public:v4.20.4 CGM_Public:v2023.7.3 CGM_Public:v4.20.3 CGM_Public:v2023.6.2 CGM_Public:v2023.7.2 CGM_Public:v4.20.2.post1 CGM_Public:v4.20.2 CGM_Public:v2023.6.1 CGM_Public:v2023.7.1 CGM_Public:v2023.7.0 CGM_Public:v2023.6.0 CGM_Public:v4.20.1 CGM_Public:v4.20.0 CGM_Public:v4.19.0.post1 CGM_Public:v4.19.0 CGM_Public:v4.18.2.post1 CGM_Public:v4.18.2 CGM_Public:v4.18.1 CGM_Public:v4.18.0 CGM_Public:v4.15.1 CGM_Public:v4.16.1 CGM_Public:v4.17.1 CGM_Public:v4.17.0 CGM_Public:v4.16.0 CGM_Public:v4.15.0 CGM_Public:v4.14.0 CGM_Public:v4.13.1 CGM_Public:v4.13.0 CGM_Public:v4.12.0 CGM_Public:v4.9.1 CGM_Public:v4.10.1 CGM_Public:v4.11.1 CGM_Public:v4.11.0 CGM_Public:v4.10.0 CGM_Public:v4.9.0 CGM_Public:v4.8.0 CGM_Public:v4.5.2 CGM_Public:v4.6.1 CGM_Public:v4.7.1 CGM_Public:v4.7.0 CGM_Public:v4.6.0 CGM_Public:v4.3.1 CGM_Public:v4.4.1 CGM_Public:v4.5.1 CGM_Public:v4.5.0 CGM_Public:a CGM_Public:v4.4.0 CGM_Public:v4.3.0 CGM_Public:v4.2.0 CGM_Public:v4.1.0.post1 CGM_Public:v4.1.0 CGM_Public:v4.0.0 CGM_Public:v3.18.0 CGM_Public:v3.17.2 CGM_Public:v3.17.1 CGM_Public:v3.17.0 CGM_Public:v3.16.0 CGM_Public:v3.15.0 CGM_Public:v3.14.2 CGM_Public:v3.14.1 CGM_Public:v3.14.0 CGM_Public:v3.13.1 CGM_Public:v3.12.1 CGM_Public:v3.11.1 CGM_Public:v3.13.0 CGM_Public:v3.12.0 CGM_Public:v3.11.0 CGM_Public:v3.10.0 CGM_Public:v3.9.0 CGM_Public:v3.8.0 CGM_Public:v3.7.0 CGM_Public:v3.6.0 CGM_Public:v3.5.0 CGM_Public:v3.4.0 CGM_Public:v3.3.0 CGM_Public:v3.2.0 CGM_Public:v3.1.0 CGM_Public:v3.0.1 CGM_Public:v3.0.0 CGM_Public:v2.8.2 CGM_Public:v2.8.1 CGM_Public:v2.8.0 CGM_Public:v2.7.2 CGM_Public:v2.7.1 CGM_Public:v2.7.0 CGM_Public:s CGM_Public:v2.6.0 CGM_Public:v2.5.0 CGM_Public:v2.4.0 CGM_Public:v2.3.0 CGM_Public:v2.2.0 CGM_Public:v2.1.0 CGM_Public:v2.0.0 CGM_Public:v1.17.1 CGM_Public:v1.17.0 CGM_Public:v1.16.0 CGM_Public:v1.15.2 CGM_Public:v1.15.1 CGM_Public:v1.15.0 CGM_Public:v1.14.0 CGM_Public:v1.13.1 CGM_Public:v1.13.0 CGM_Public:v1.12.1 CGM_Public:v1.12.0 CGM_Public:v1.11.1 CGM_Public:v1.11.0 CGM_Public:v1.10.1 CGM_Public:v1.10.0 CGM_Public:v1.9.1 CGM_Public:v1.8.1 CGM_Public:v1.7.2 CGM_Public:v1.9.0 CGM_Public:v1.8.0 CGM_Public:v1.7.1 CGM_Public:v1.7.0 CGM_Public:v1.4.1 CGM_Public:v1.5.2 CGM_Public:v1.6.2 CGM_Public:v1.6.1 CGM_Public:v1.6.0 CGM_Public:v1.5.1 CGM_Public:v1.5.0 CGM_Public:v1.4.0 CGM_Public:v1.1.3 CGM_Public:v1.2.2 CGM_Public:v1.3.1 CGM_Public:v1.3.0 CGM_Public:v1.2.1 CGM_Public:v1.2.0 CGM_Public:v1.1.2 CGM_Public:v1.1.1 CGM_Public:v1.1.0 CGM_Public:1.0.0 CGM_Public:1.0.0b2 CGM_Public:1.0.0b1

15 Commits
django22 ... v1.6.2

Author SHA1 Message Date
Raphael Michel
33382681f3 Prepare release 2017-08-21 14:31:18 +02:00
Raphael Michel
340f7aaba4 [SECURITY] Rewrite all links in rich texts 2017-08-21 14:30:58 +02:00
Raphael Michel
f96e525cb5 [SECURITY] Fix XSS vulnerability in typeahead.js 2017-08-21 14:30:58 +02:00
Raphael Michel
a87fe32a77 [SECURITY] Fix XSS vulnerability in Lightbox caption 2017-08-21 14:30:58 +02:00
Raphael Michel
55feddc239 [SECURITY] Support custom media URLs in CSP middleware 2017-08-21 14:30:58 +02:00
Raphael Michel
28e146f2ad [SECURITY] Add warning for download of unsafe files 2017-08-21 14:30:58 +02:00
Raphael Michel
e7d6265b22 [SECURITY] Tokens for downloading answer attachments 2017-08-21 14:30:33 +02:00
Raphael Michel
2603d321bb [SECURITY] Do not allow SVG files for logos 2017-08-21 14:27:55 +02:00
Raphael Michel
88f35cb361 [SECURITY] Fix XSS injection vulnerabilities in question answers, event, quota and product names 2017-08-21 14:27:55 +02:00
Raphael Michel
aed6515971 [SECURITY] Update to morris.js master to fix a XSS vulnerability 2017-08-21 14:27:55 +02:00
Raphael Michel
a0be1b8389 [SECURITY] Use defusedcsv for exports 2017-08-21 14:27:55 +02:00
Raphael Michel
17eb0a3817 Bump release 2017-08-01 21:07:10 +02:00
Nicole Klünder
a87cb75ed5 fix wrong stripe version in setup.py (#588) 2017-08-01 21:06:06 +02:00
Raphael Michel
f70eb95346 Hide quota options when creating a product with variations 2017-08-01 21:05:38 +02:00
Raphael Michel
9abdc6a3cc Fix reversal bug 2017-08-01 21:05:32 +02:00
1033 changed files with 18477 additions and 434290 deletions
Expand all files Collapse all files

24
.gitattributes vendored
View File

@@ -1,17 +1,13 @@
src/pretix/static/fontawesome/* linguist-vendored
src/pretix/static/lightbox/* linguist-vendored
src/pretix/static/typeahead/* linguist-vendored
src/pretix/static/moment/* linguist-vendored
src/pretix/static/datetimepicker/* linguist-vendored
src/pretix/static/colorpicker/* linguist-vendored
src/pretix/static/fileupload/* linguist-vendored
src/pretix/static/vuejs/* linguist-vendored
src/pretix/static/select2/* linguist-vendored
src/pretix/static/charts/* linguist-vendored
src/pretix/static/rrule/* linguist-vendored
src/pretix/static/iframeresizer/* linguist-vendored
src/pretix/static/pdfjs/* linguist-vendored
src/pretix/static/fabric/* linguist-vendored
src/static/fontawesome/* linguist-vendored
src/static/lightbox/* linguist-vendored
src/static/typeahead/* linguist-vendored
src/static/moment/* linguist-vendored
src/static/datetimepicker/* linguist-vendored
src/static/colorpicker/* linguist-vendored
src/static/fileupload/* linguist-vendored
src/static/charts/* linguist-vendored
src/pretix/plugins/ticketoutputpdf/static/pretixplugins/ticketoutputpdf/fabric.* linguist-vendored
src/pretix/plugins/ticketoutputpdf/static/pretixplugins/ticketoutputpdf/pdf.* linguist-vendored
# Denote all files that are truly binary and should not be modified.
*.eot binary

10
.gitlab-ci.yml
View File

@@ -8,8 +8,6 @@ tests:
- XDG_CACHE_HOME=/cache bash .travis.sh tests
tags:
- python3
except:
- pypi
pypi:
stage: release
script:
@@ -17,18 +15,14 @@ pypi:
- virtualenv env
- source env/bin/activate
- pip install -U pip wheel setuptools
- XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt
- XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt -r src/requirements/py34.txt
- cd src
- python setup.py sdist
- pip install dist/pretix-*.tar.gz
- python -m pretix migrate
- python -m pretix check
- python setup.py sdist upload
- python setup.py bdist_wheel upload
tags:
- python3
only:
- pypi
- release
artifacts:
paths:
- src/dist/

1
.readthedocs.requirements.txt
View File

@@ -1 +1,2 @@
-r src/requirements/py34.txt
-r doc/requirements.txt

30
.travis.sh
View File

@@ -11,48 +11,36 @@ fi
if [ "$PRETIX_CONFIG_FILE" == "tests/travis_postgres.cfg" ]; then
psql -c 'create database travis_ci_test;' -U postgres
pip3 install -Ur src/requirements/postgres.txt
fi
if [ "$1" == "style" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt
XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt -r src/requirements/py34.txt
cd src
flake8 .
isort -c -rc -df .
fi
if [ "$1" == "doctests" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur doc/requirements.txt
XDG_CACHE_HOME=/cache pip3 install -Ur doc/requirements.txt -r src/requirements/py34.txt
cd doc
make doctest
fi
if [ "$1" == "doc-spelling" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur doc/requirements.txt
cd doc
make spelling
if [ -s _build/spelling/output.txt ]; then
exit 1
fi
fi
if [ "$1" == "translation-spelling" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements/dev.txt
cd src
potypo
fi
if [ "$1" == "tests" ]; then
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt -r src/requirements/py34.txt
cd src
python manage.py check
make all compress
py.test --reruns 5 -n 3 tests
py.test --rerun 5 tests
fi
if [ "$1" == "tests-cov" ]; then
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt -r src/requirements/py34.txt
cd src
python manage.py check
make all compress
coverage run -m py.test --reruns 5 tests && codecov
coverage run -m py.test --rerun 5 tests && codecov
fi
if [ "$1" == "plugins" ]; then
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt -r src/requirements/py34.txt
cd src
python setup.py develop
make all compress
@@ -62,7 +50,7 @@ if [ "$1" == "plugins" ]; then
cd pretix-cartshare
python setup.py develop
make
py.test --reruns 5 tests
py.test --rerun 5 tests
popd
fi

47
.travis.yml
View File

@@ -1,8 +1,7 @@
language: python
dist: xenial
sudo: false
install:
- pip install -U pip wheel setuptools
- pip install -U pip wheel setuptools==28.6.1
script:
- bash .travis.sh $JOB
cache:
@@ -13,35 +12,29 @@ services:
- postgresql
matrix:
include:
- python: 3.7
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_sqlite.cfg
- python: 3.7
env: JOB=tests-cov PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.7
env: JOB=style
- python: 3.7
- python: 3.4
env: JOB=tests PRETIX_CONFIG_FILE=tests/sqlite.cfg
- python: 3.5
env: JOB=tests PRETIX_CONFIG_FILE=tests/sqlite.cfg
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/sqlite.cfg
- python: 3.4
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
- python: 3.7
- python: 3.5
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
- python: 3.4
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.5
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.7
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.6
env: JOB=style
- python: 3.6
env: JOB=plugins
- python: 3.7
env: JOB=doc-spelling
- python: 3.7
env: JOB=translation-spelling
- python: 3.6
env: JOB=tests-cov
addons:
postgresql: "9.4"
mariadb: '10.3'
apt:
packages:
- enchant
- myspell-de-de
- aspell-en
- sqlite3
sources:
- travis-ci/sqlite3
branches:
except:
- /^weblate-.*/

5
CODE_OF_CONDUCT.md
View File

@@ -1,5 +0,0 @@
Code of Conduct
===============
We have a [Code of Conduct](https://docs.pretix.eu/en/latest/development/contribution/codeofconduct.html)
in place that applies to all project contributions, including issues, pull requests, etc.

43
Dockerfile
View File

@@ -1,26 +1,10 @@
FROM python:3.6
RUN apt-get update && \
apt-get install -y --no-install-recommends \
build-essential \
default-libmysqlclient-dev \
gettext \
git \
libffi-dev \
libjpeg-dev \
libmemcached-dev \
libpq-dev \
libssl-dev \
libxml2-dev \
libxslt1-dev \
locales \
nginx \
python-dev \
python-virtualenv \
python3-dev \
sudo \
supervisor \
zlib1g-dev && \
apt-get install -y git libxml2-dev libxslt1-dev python-dev python-virtualenv locales \
libffi-dev build-essential python3-dev zlib1g-dev libssl-dev gettext libpq-dev \
libmysqlclient-dev libmemcached-dev libjpeg-dev supervisor nginx sudo \
--no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \
dpkg-reconfigure locales && \
@@ -35,22 +19,6 @@ RUN apt-get update && \
ENV LC_ALL=C.UTF-8 \
DJANGO_SETTINGS_MODULE=production_settings
# To copy only the requirements files needed to install from PIP
COPY src/requirements /pretix/src/requirements
COPY src/requirements.txt /pretix/src
RUN pip3 install -U \
pip \
setuptools \
wheel && \
cd /pretix/src && \
pip3 install \
-r requirements.txt \
-r requirements/memcached.txt \
-r requirements/mysql.txt \
-r requirements/redis.txt \
gunicorn && \
rm -rf ~/.cache/pip
COPY deployment/docker/pretix.bash /usr/local/bin/pretix
COPY deployment/docker/supervisord.conf /etc/supervisord.conf
COPY deployment/docker/nginx.conf /etc/nginx/nginx.conf
@@ -59,8 +27,11 @@ COPY src /pretix/src
RUN chmod +x /usr/local/bin/pretix && \
rm /etc/nginx/sites-enabled/default && \
pip3 install -U pip wheel setuptools && \
cd /pretix/src && \
rm -f pretix.cfg && \
pip3 install -r requirements.txt -r requirements/mysql.txt -r requirements/postgres.txt \
-r requirements/memcached.txt -r requirements/redis.txt gunicorn && \
mkdir -p data && \
chown -R pretixuser:pretixuser /pretix /data data && \
sudo -u pretixuser make production

9
README.rst
View File

@@ -40,14 +40,6 @@ Contributing
If you want to contribute to pretix, please read the `developer documentation`_
in our documentation. If you have any further questions, please do not hesitate to ask!
.. image:: https://translate.pretix.eu/widgets/pretix/-/pretix/multi-blue.svg
:target: https://translate.pretix.eu/engage/pretix/
Code of Conduct
---------------
We have a `Code of Conduct`_ in place that applies to all project contributions,
including issues, pull requests, etc.
License
-------
The code in this repository is published under the terms of the Apache License.
@@ -58,6 +50,5 @@ AUTHORS file for a list of all the awesome folks who contributed to this project
.. _installation guide: https://docs.pretix.eu/en/latest/admin/installation/index.html
.. _developer documentation: https://docs.pretix.eu/en/latest/development/index.html
.. _Code of Conduct: https://docs.pretix.eu/en/latest/development/contribution/codeofconduct.html
.. _pretix.eu: https://pretix.eu
.. _blog: https://pretix.eu/about/en/blog/

3
deployment/docker/pretix.bash
View File

@@ -2,8 +2,7 @@
cd /pretix/src
export DJANGO_SETTINGS_MODULE=production_settings
export DATA_DIR=/data/
export HOME=/pretix
export NUM_WORKERS=$((2 * $(nproc --all)))
NUM_WORKERS=10
if [ ! -d /data/logs ]; then
mkdir /data/logs;

1
deployment/docker/supervisord.conf
View File

@@ -23,7 +23,6 @@ autostart=true
autorestart=true
priority=5
user=pretixuser
environment=HOME=/pretix
[program:pretixtask]
command=/usr/local/bin/pretix taskworker

6
doc/Makefile
View File

@@ -175,9 +175,3 @@ pseudoxml:
$(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml
@echo
@echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml."
spelling:
$(SPHINXBUILD) -b spelling $(ALLSPHINXOPTS) $(BUILDDIR)/spelling
@echo
@echo "Spelling check finished, look at the results in " \
"$(BUILDDIR)/spelling/output.txt."

36
doc/_themes/pretix_theme/static/css/pretix.css vendored
View File

@@ -6063,39 +6063,3 @@ url('../opensans_regular_macroman/OpenSans-Regular-webfont.svg#open_sansregular'
white-space: normal;
}
}
img.screenshot, a.screenshot img {
box-shadow: 0 4px 18px 0 rgba(0,0,0,0.1), 0 6px 20px 0 rgba(0,0,0,0.09);
}
/* Changes */
.versionchanged {
background: #e7f2fa;
padding: 12px;
line-height: 24px;
margin-bottom: 24px;
-webkit-font-smoothing: antialiased;
}
.versionmodified {
background: #6ab0de;
font-weight: bold;
display: block;
color: #fff;
margin: -12px;
padding: 6px 12px;
margin-bottom: 12px;
font-family: inherit;
}
.versionmodified:before {
font-family: "FontAwesome";
display: inline-block;
font-style: normal;
font-weight: normal;
line-height: 1;
text-decoration: inherit;
content: "";
margin-right: 4px;
}
.versionchanged p:last-child {
margin-bottom: 0;
}

54
doc/admin/config.rst
View File

@@ -2,8 +2,6 @@
.. _`config`:
.. spelling:: Galera
Configuration file
==================
@@ -12,7 +10,7 @@ at the following locations. It will try to read the file from the specified path
the following order. The file that is found *last* will override the settings from
the files found before.
1. ``PRETIX_CONFIG_FILE`` environment variable
1. ``PREFIX_CONFIG_FILE`` environment variable
2. ``/etc/pretix/pretix.cfg``
3. ``~/.pretix.cfg``
4. ``pretix.cfg`` in the current working directory
@@ -47,16 +45,12 @@ Example::
``datadir``
The local path to a data directory that will be used for storing user uploads and similar
data. Defaults to the value of the environment variable ``DATA_DIR`` or ``data``.
data. Defaults to thea value of the environment variable ``DATA_DIR`` or ``data``.
``plugins_default``
A comma-separated list of plugins that are enabled by default for all new events.
Defaults to ``pretix.plugins.sendmail,pretix.plugins.statistics``.
``plugins_exclude``
A comma-separated list of plugins that are not available even though they are installed.
Defaults to an empty string.
``cookie_domain``
The cookie domain to be set. Defaults to ``None``.
@@ -66,18 +60,6 @@ Example::
``password_reset``
Enables or disables password reset. Defaults to ``on``.
``long_sessions``
Enables or disables the "keep me logged in" button. Defaults to ``on``.
``ecb_rates``
By default, pretix periodically downloads a XML file from the European Central Bank to retrieve exchange rates
that are used to print tax amounts in the customer currency on invoices for some currencies. Set to ``off`` to
disable this feature. Defaults to ``on``.
``audit_comments``
Enables or disables nagging staff users for leaving comments on their sessions for auditability.
Defaults to ``off``.
Locale settings
---------------
@@ -125,23 +107,6 @@ Example::
Indicates if the database backend is a MySQL/MariaDB Galera cluster and
turns on some optimizations/special case handlers. Default: ``False``
Database replica settings
-------------------------
If you use a replicated database setup, pretix expects that the default database connection always points to the primary database node.
Routing read queries to a replica on database layer is **strongly** discouraged since this can lead to inaccurate such as more tickets
being sold than are actually available.
However, pretix can still make use of a database replica to keep some expensive queries with that can tolerate some latency from your
primary database, such as backend search queries. The ``replica`` configuration section can have the same settings as the ``database``
section (except for the ``backend`` setting) and will default back to the ``database`` settings for all values that are not given. This
way, you just need to specify the settings that are different for the replica.
Example::
[replica]
host=192.168.0.2
URLs
----
@@ -199,9 +164,14 @@ Django settings
Example::
[django]
hosts=localhost
secret=j1kjps5a5&4ilpn912s7a1!e2h!duz^i3&idu@_907s$wrz@x-
debug=off
``hosts``
Comma-separated list of allowed host names for this installation.
Default: ``localhost``
``secret``
The secret to be used by Django for signing and verification purposes. If this
setting is not provided, pretix will generate a random secret on the first start
@@ -312,13 +282,5 @@ various places like order codes, secrets in the ticket QR codes, etc. Example::
; Voucher code needs to be < 255 characters, default is 16
voucher_code=16
External tools
--------------
pretix can make use of some external tools if they are installed. Currently, they are all optional. Example::
[tools]
pdftk=/usr/bin/pdftk
.. _Python documentation: https://docs.python.org/3/library/configparser.html?highlight=configparser#supported-ini-file-structure
.. _Celery documentation: http://docs.celeryproject.org/en/latest/userguide/configuration.html
.. _Celery documentation: http://docs.celeryproject.org/en/latest/configuration.html

37
doc/admin/installation/dev_version.rst
View File

@@ -1,37 +0,0 @@
.. highlight:: none
Installing a development version
================================
If you want to use a feature of pretix that is not yet contained in the last monthly release, you can also
install a development version with pretix.
.. warning:: When in production, we strongly recommend only installing released versions. Development versions might
be broken, incompatible to plugins, or in rare cases incompatible to upgrade later on.
Manual installation
-------------------
You can use ``pip`` to update pretix directly to the development branch. Then, upgrade as usual::
$ source /var/pretix/venv/bin/activate
(venv)$ pip3 install -U "git+https://github.com/pretix/pretix.git#egg=pretix&subdirectory=src"
(venv)$ python -m pretix migrate
(venv)$ python -m pretix rebuild
(venv)$ python -m pretix updatestyles
# systemctl restart pretix-web pretix-worker
Docker installation
-------------------
To use the latest development version with Docker, first pull it from Docker Hub::
$ docker pull pretix/standalone:latest
Then change your ``/etc/systemd/system/pretix.service`` file to use the ``:latest`` tag instead of ``:stable`` as well
and upgrade as usual::
$ systemctl restart pretix.service
$ docker exec -it pretix.service pretix upgrade

58
doc/admin/installation/docker_smallscale.rst
View File

@@ -26,7 +26,7 @@ installation guides):
* `Docker`_
* A SMTP server to send out mails, e.g. `Postfix`_ on your machine or some third-party server you have credentials for
* A HTTP reverse proxy, e.g. `nginx`_ or Apache to allow HTTPS connections
* A `PostgreSQL`_, `MySQL`_ 5.7+, or MariaDB 10.2.7+ database server
* A `MySQL`_ or `PostgreSQL`_ database server
* A `redis`_ server
We also recommend that you use a firewall, although this is not a pretix-specific recommendation. If you're new to
@@ -36,9 +36,6 @@ Linux and firewalls, we recommend that you start with `ufw`_.
SSL certificates can be obtained for free these days. We also *do not* provide support for HTTP-only
installations except for evaluation purposes.
.. warning:: We recommend **PostgreSQL**. If you go for MySQL, make sure you run **MySQL 5.7 or newer** or
**MariaDB 10.2.7 or newer**.
On this guide
-------------
@@ -58,29 +55,16 @@ Database
--------
Next, we need a database and a database user. We can create these with any kind of database managing tool or directly on
our database's shell. For PostgreSQL, we would do::
our database's shell, e.g. for MySQL::
# sudo -u postgres createuser -P pretix
# sudo -u postgres createdb -O pretix pretix
$ mysql -u root -p
mysql> CREATE DATABASE pretix DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
mysql> GRANT ALL PRIVILEGES ON pretix.* TO pretix@'localhost' IDENTIFIED BY '*********';
mysql> FLUSH PRIVILEGES;
Make sure that your database listens on the network. If PostgreSQL on the same same host as docker, but not inside a docker container, we recommend that you just listen on the Docker interface by changing the following line in ``/etc/postgresql/<version>/main/postgresql.conf``::
listen_addresses = 'localhost,172.17.0.1'
You also need to add a new line to ``/etc/postgresql/<version>/main/pg_hba.conf`` to allow network connections to this user and database::
host pretix pretix 172.17.0.1/16 md5
Restart PostgreSQL after you changed these files::
# systemctl restart postgresql
If you have a firewall running, you should also make sure that port 5432 is reachable from the ``172.17.0.1/16`` subnet.
For MySQL, you can either also use network-based connections or mount the ``/var/run/mysqld/mysqld.sock`` socket into the docker container.
When using MySQL, make sure you set the character set of the database to ``utf8mb4``, e.g. like this::
mysql > CREATE DATABASE pretix DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
Replace the asterisks with a password of your own. For MySQL, we will use a unix domain socket to connect to the
database. For PostgreSQL, be sure to configure the interface binding and your firewall so that the docker container
can reach PostgreSQL.
Redis
-----
@@ -127,16 +111,13 @@ Fill the configuration file ``/etc/pretix/pretix.cfg`` with the following conten
datadir=/data
[database]
; Replace postgresql with mysql for MySQL
backend=postgresql
; Replace mysql with postgresql_psycopg2 for PostgreSQL
backend=mysql
name=pretix
user=pretix
; Replace with the password you chose above
password=*********
; In most docker setups, 172.17.0.1 is the address of the docker host. Adjuts
; this to wherever your database is running, e.g. the name of a linked container
; or of a mounted MySQL socket.
host=172.17.0.1
; Replace with host IP address for PostgreSQL
host=/var/run/mysqld/mysqld.sock
[mail]
; See config file documentation for more options
@@ -180,15 +161,14 @@ named ``/etc/systemd/system/pretix.service`` with the following content::
-v /var/pretix-data:/data \
-v /etc/pretix:/etc/pretix \
-v /var/run/redis:/var/run/redis \
pretix/standalone:stable all
-v /var/run/mysqld:/var/run/mysqld \
pretix/standalone all
ExecStop=/usr/bin/docker stop %n
[Install]
WantedBy=multi-user.target
When using MySQL and socket mounting, you'll need the additional flag ``-v /var/run/mysqld:/var/run/mysqld`` in the command.
You can now run the following commands
You can leave the MySQL socket volume out if you're using PostgreSQL. You can now run the following commands
to enable and start the service::
# systemctl daemon-reload
@@ -259,8 +239,6 @@ Restarting the service can take a few seconds, especially if the update requires
Replace ``stable`` above with a specific version number like ``1.0`` or with ``latest`` for the development
version, if you want to.
.. _`docker_plugininstall`:
Install a plugin
----------------
@@ -288,8 +266,8 @@ to re-build your custom image after you pulled ``pretix/standalone`` if you want
.. _pretix.eu: https://pretix.eu/
.. _MySQL: https://dev.mysql.com/doc/refman/5.7/en/linux-installation-apt-repo.html
.. _PostgreSQL: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-9-4-on-debian-8
.. _redis: https://blog.programster.org/debian-8-install-redis-server/
.. _redis: http://blog.programster.org/debian-8-install-redis-server/
.. _ufw: https://en.wikipedia.org/wiki/Uncomplicated_Firewall
.. _redis website: https://redis.io/topics/security
.. _redis website: http://redis.io/topics/security
.. _redis in docker: https://hub.docker.com/r/_/redis/
.. _strong encryption settings: https://mozilla.github.io/server-side-tls/ssl-config-generator/

84
doc/admin/installation/enterprise.rst
View File

@@ -1,84 +0,0 @@
.. highlight:: none
Installing pretix Enterprise plugins
====================================
If you want to use a feature of pretix that is part of our commercial offering pretix Enterprise, you need to follow
some extra steps. Installation works similar to normal pretix plugins, but involves a few extra steps.
Buying the license
------------------
To obtain a license, please get in touch at sales@pretix.eu. Please let us know how many tickets you roughly intend
to sell per year and how many servers you want to use the plugin on. We recommend having a look at our `price list`_
first.
Manual installation
-------------------
First, generate an SSH key for the system user that you install pretix as. In our tutorial, that would be the user
``pretix``. Choose an empty passphrase::
# su pretix
$ ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/var/pretix/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /var/pretix/.ssh/id_rsa.
Your public key has been saved in /var/pretix/.ssh/id_rsa.pub.
Next, send the content of the *public* key to your sales representative at pretix::
$ cat /var/pretix/.ssh/id_rsa.pub
ssh-rsa AAAAB3N...744HZawHlD pretix@foo
After we configured your key in our system, you can install the plugin directly using ``pip`` from the URL we told
you, for example::
$ source /var/pretix/venv/bin/activate
(venv)$ pip3 install -U "git+ssh://git@code.rami.io:10022/pretix/pretix-slack.git@stable#egg=pretix-slack"
(venv)$ python -m pretix migrate
(venv)$ python -m pretix rebuild
# systemctl restart pretix-web pretix-worker
Docker installation
-------------------
To install a plugin, you need to build your own docker image. To do so, create a new directory to work in. As a first
step, generate a new SSH key in that directory to use for authentication with us::
$ cd /home/me/mypretixdocker
$ ssh-keygen -N "" -f id_pretix_enterprise
Next, send the content of the *public* key to your sales representative at pretix::
$ cat id_pretix_enterprise.pub
ssh-rsa AAAAB3N...744HZawHlD pretix@foo
After we configured your key in our system, you can add a ``Dockerfile`` in your directory that includes the newly
generated key and installs the plugin from the URL we told you::
FROM pretix/standalone:stable
USER root
COPY id_pretix_enterprise /root/.ssh/id_rsa
COPY id_pretix_enterprise.pub /root/.ssh/id_rsa.pub
RUN chmod -R 0600 /root/.ssh && \
mkdir -p /etc/ssh && \
ssh-keyscan -t rsa -p 10022 code.rami.io >> /root/.ssh/known_hosts && \
echo StrictHostKeyChecking=no >> /root/.ssh/config && \
pip3 install -Ue "git+ssh://git@code.rami.io:10022/pretix/pretix-slack.git@stable#egg=pretix-slack" && \
cd /pretix/src && \
sudo -u pretixuser make production
USER pretixuser
Then, build the image for docker::
$ docker build -t mypretix
You can now use that image ``mypretix`` instead of ``pretix/standalone:stable`` in your ``/etc/systemd/system/pretix.service``
service file. Be sure to re-build your custom image after you pulled ``pretix/standalone`` if you want to perform an
update to a new version of pretix.
.. _price list: https://pretix.eu/about/en/pricing

5
doc/admin/installation/general.rst
View File

@@ -1,7 +1,5 @@
.. highlight:: ini
.. spelling:: SQL
General remarks
===============
@@ -21,9 +19,6 @@ To use pretix, you will need the following things:
.. warning:: Do not ever use SQLite in production. It will break.
.. warning:: We recommend **PostgreSQL**. If you go for MySQL, make sure you run **MySQL 5.7 or newer** or
**MariaDB 10.2.7 or newer**.
* A **reverse proxy**. pretix needs to deliver some static content to your users (e.g. CSS, images, ...). While pretix
is capable of doing this, having this handled by a proper web server like **nginx** or **Apache** will be much
faster. Also, you need a proxying web server in front to provide SSL encryption.

2
doc/admin/installation/index.rst
View File

@@ -10,5 +10,3 @@ for your needs.
general
docker_smallscale
manual_smallscale
dev_version
enterprise

59
doc/admin/installation/manual_smallscale.rst
View File

@@ -23,7 +23,7 @@ installation guides):
* A SMTP server to send out mails, e.g. `Postfix`_ on your machine or some third-party server you have credentials for
* A HTTP reverse proxy, e.g. `nginx`_ or Apache to allow HTTPS connections
* A `PostgreSQL`_, `MySQL`_ 5.7+, or MariaDB 10.2.7+ database server
* A `MySQL`_ or `PostgreSQL`_ database server
* A `redis`_ server
We also recommend that you use a firewall, although this is not a pretix-specific recommendation. If you're new to
@@ -33,9 +33,6 @@ Linux and firewalls, we recommend that you start with `ufw`_.
SSL certificates can be obtained for free these days. We also *do not* provide support for HTTP-only
installations except for evaluation purposes.
.. warning:: We recommend **PostgreSQL**. If you go for MySQL, make sure you run **MySQL 5.7 or newer** or
**MariaDB 10.2.7 or newer**.
Unix user
---------
@@ -50,23 +47,21 @@ Database
--------
Having the database server installed, we still need a database and a database user. We can create these with any kind
of database managing tool or directly on our database's shell. For PostgreSQL, we would do::
of database managing tool or directly on our database's shell, e.g. for MySQL::
# sudo -u postgres createuser pretix
# sudo -u postgres createdb -O pretix pretix
When using MySQL, make sure you set the character set of the database to ``utf8mb4``, e.g. like this::
mysql > CREATE DATABASE pretix DEFAULT CHARACTER SET utf8mb4 DEFAULT COLLATE utf8mb4_unicode_ci;
$ mysql -u root -p
mysql> CREATE DATABASE pretix DEFAULT CHARACTER SET utf8 DEFAULT COLLATE utf8_general_ci;
mysql> GRANT ALL PRIVILEGES ON pretix.* TO pretix@'localhost' IDENTIFIED BY '*********';
mysql> FLUSH PRIVILEGES;
Package dependencies
--------------------
To build and run pretix, you will need the following debian packages::
# apt-get install git build-essential python-dev python3-venv python3 python3-pip \
# apt-get install git build-essential python-dev python-virtualenv python3 python3-pip \
python3-dev libxml2-dev libxslt1-dev libffi-dev zlib1g-dev libssl-dev \
gettext libpq-dev libmariadbclient-dev libjpeg-dev libopenjp2-7-dev
gettext libpq-dev libmysqlclient-dev libjpeg-dev
Config file
-----------
@@ -87,18 +82,13 @@ Fill the configuration file ``/etc/pretix/pretix.cfg`` with the following conten
datadir=/var/pretix/data
[database]
; For MySQL, replace with "mysql"
backend=postgresql
; Replace mysql with postgresql_psycopg2 for PostgreSQL
backend=mysql
name=pretix
user=pretix
; For MySQL, enter the user password. For PostgreSQL on the same host,
; we don't need one because we can use peer authentification if our
; PostgreSQL user matches our unix user.
password=
; For MySQL, use local socket, e.g. /var/run/mysqld/mysqld.sock
; For a remote host, supply an IP address
; For local postgres authentication, you can leave it empty
host=
password=*********
; Replace with host IP address for PostgreSQL
host=/var/run/mysqld/mysqld.sock
[mail]
; See config file documentation for more options
@@ -122,16 +112,17 @@ Now we will install pretix itself. The following steps are to be executed as the
actually install pretix, we will create a virtual environment to isolate the python packages from your global
python installation::
$ python3 -m venv /var/pretix/venv
$ virtualenv -p python3 /var/pretix/venv
$ source /var/pretix/venv/bin/activate
(venv)$ pip3 install -U pip setuptools wheel
We now install pretix, its direct dependencies and gunicorn. Replace ``postgres`` with ``mysql`` in the following
command if you're running MySQL::
We now install pretix, its direct dependencies and gunicorn. Replace ``mysql`` with ``postgres`` in the following
command if you're running PostgreSQL::
(venv)$ pip3 install "pretix[postgres]" gunicorn
(venv)$ pip3 install "pretix[mysql]" gunicorn
Note that you need Python 3.5 or newer. You can find out your Python version using ``python -V``.
If you are running Python 3.4, you also need to ``pip3 install typing``. This is not required on 3.5 or newer.
You can find out your Python version using ``python -V``.
We also need to create a data directory::
@@ -186,7 +177,7 @@ For background tasks we need a second service ``/etc/systemd/system/pretix-worke
[Install]
WantedBy=multi-user.target
You can now run the following commands to enable and start the services::
You can now run the following comamnds to enable and start the services::
# systemctl daemon-reload
# systemctl enable pretix-web pretix-worker
@@ -222,7 +213,7 @@ The following snippet is an example on how to configure a nginx proxy for pretix
ssl_certificate /path/to/cert.chain.pem;
ssl_certificate_key /path/to/key.pem;
add_header Referrer-Policy same-origin;
add_header Referrer-Options same-origin;
add_header X-Content-Type-Options nosniff;
location / {
@@ -275,18 +266,16 @@ Updates
.. warning:: While we try hard not to break things, **please perform a backup before every upgrade**.
To upgrade to a new pretix release, pull the latest code changes and run the following commands (again, replace
``postgres`` with ``mysql`` if necessary)::
``mysql`` with ``postgres`` if necessary)::
$ source /var/pretix/venv/bin/activate
(venv)$ pip3 install -U pretix[postgres] gunicorn
(venv)$ pip3 install -U pretix[mysql] gunicorn
(venv)$ python -m pretix migrate
(venv)$ python -m pretix rebuild
(venv)$ python -m pretix updatestyles
# systemctl restart pretix-web pretix-worker
.. _`manual_plugininstall`:
Install a plugin
----------------
@@ -307,6 +296,6 @@ example::
.. _pretix.eu: https://pretix.eu/
.. _MySQL: https://dev.mysql.com/doc/refman/5.7/en/linux-installation-apt-repo.html
.. _PostgreSQL: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-9-4-on-debian-8
.. _redis: https://blog.programster.org/debian-8-install-redis-server/
.. _redis: http://blog.programster.org/debian-8-install-redis-server/
.. _ufw: https://en.wikipedia.org/wiki/Uncomplicated_Firewall
.. _strong encryption settings: https://mozilla.github.io/server-side-tls/ssl-config-generator/

9
doc/api/auth.rst
View File

@@ -1,9 +0,0 @@
Authentication
==============
.. toctree::
:maxdepth: 2
tokenauth
oauth
deviceauth

137
doc/api/deviceauth.rst
View File

@@ -1,137 +0,0 @@
.. _`rest-deviceauth`:
Device authentication
=====================
Initializing a new device
-------------------------
Users can create new devices in the "Device" section of their organizer settings. When creating
a new device, users can specify a list of events the device is allowed to access. After a new
device is created, users will be presented initialization instructions, consisting of an URL
and an initialization token. They will also be shown as a QR code with the following contents::
{"handshake_version": 1, "url": "https://pretix.eu", "token": "kpp4jn8g2ynzonp6"}
Your application should be able to scan a QR code of this type, or allow to enter the URL and the
initialization token manually. The handshake version is not used for manual initialization. When a
QR code is scanned with a higher handshake version than you support, you should reject the request
and prompt the user to update the client application.
After your application received the token, you need to call the initialization endpoint to obtain
a proper API token. At this point, you need to identify the name and version of your application,
as well as the type of underlying hardware. Example:
.. sourcecode:: http
POST /api/v1/device/initialize HTTP/1.1
Host: pretix.eu
Content-Type: application/json
{
"token": "kpp4jn8g2ynzonp6",
"hardware_brand": "Samsung",
"hardware_model": "Galaxy S",
"software_brand": "pretixdroid",
"software_version": "4.0.0"
}
Every initialization token can only be used once. On success, you will receive a response containing
information on your device as well as your API token:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: application/json
{
"organizer": "foo",
"device_id": 5,
"unique_serial": "HHZ9LW9JWP390VFZ",
"api_token": "1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd",
"name": "Bar"
}
Please make sure that you store this ``api_token`` value. We also recommend storing your device ID, your assigned
``unique_serial``, and the ``organizer`` you have access to, but that's up to you.
In case of an error, the response will look like this:
.. sourcecode:: http
HTTP/1.1 400 Bad Request
Content-Type: application/json
{"token":["This initialization token has already been used."]}
Performing API requests
-----------------------
You need to include the API token with every request to pretix' API in the ``Authorization`` header
like the following:
.. sourcecode:: http
:emphasize-lines: 3
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
Updating the software version
-----------------------------
If your application is updated, we ask you to tell the server about the new version in use. You can do this at the
following endpoint:
.. sourcecode:: http
POST /api/v1/device/update HTTP/1.1
Host: pretix.eu
Content-Type: application/json
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
{
"hardware_brand": "Samsung",
"hardware_model": "Galaxy S",
"software_brand": "pretixdroid",
"software_version": "4.1.0"
}
Creating a new API key
----------------------
If you think your API key might have leaked or just want to be extra cautious, the API allows you to create a new key.
The old API key will be invalid immediately. A request for a new key looks like this:
.. sourcecode:: http
POST /api/v1/device/roll HTTP/1.1
Host: pretix.eu
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
The response will look like the response to the initialization request.
Removing a device
-----------------
If you want implement a way to to deprovision a device in your software, you can call the ``revoke`` endpoint to
invalidate your API key. There is no way to reverse this operation.
.. sourcecode:: http
POST /api/v1/device/revoke HTTP/1.1
Host: pretix.eu
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
This can also be done by the user through the web interface.
Permissions
-----------
Device authentication is currently hardcoded to grant the following permissions:
* View event meta data and products etc.
* View and change orders
Devices cannot change events or products and cannot access vouchers.

130
doc/api/fundamentals.rst
View File

@@ -4,44 +4,41 @@ Basic concepts
This page describes basic concepts and definition that you need to know to interact
with pretix' REST API, such as authentication, pagination and similar definitions.
.. _`rest-auth`:
Obtaining an API token
----------------------
To authenticate your API requests, you need to obtain an API token. You can create a
token in the pretix web interface on the level of organizer teams. Create a new team
or choose an existing team that has the level of permissions the token should have and
create a new token using the form below the list of team members:
.. image:: img/token_form.png
You can enter a description for the token to distinguish from other tokens later on.
Once you click "Add", you will be provided with an API token in the success message.
Copy this token, as you won't be able to retrieve it again.
.. image:: img/token_success.png
Authentication
--------------
To access the API, you need to present valid authentication credentials. pretix currently
supports the following authorization schemes:
You need to include the API token with every request to pretix' API in the ``Authorization`` header
like the following:
* :ref:`rest-tokenauth`: This is the simplest way and recommended for server-side applications
that interact with pretix without user interaction.
* :ref:`rest-oauth`: This is the recommended way to use if you write a third-party application
that users can connect with their pretix account. It provides the best user experience, but
requires user interaction and slightly more implementation effort.
* :ref:`rest-deviceauth`: This is the recommended way if you build apps or hardware devices that can
connect to pretix, e.g. for processing check-ins or to sell tickets offline. It provides a way
to uniquely identify devices and allows for a quick configuration flow inside your software.
* Authentication using browser sessions: This is used by the pretix web interface and it is *not*
officially supported for use by third-party applications. It might change or be removed at any
time without prior notice. If you use it, you need to comply with Django's `CSRF policies`_.
.. sourcecode:: http
:emphasize-lines: 3
Permissions
-----------
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Token e1l6gq2ye72thbwkacj7jbri7a7tvxe614ojv8ybureain92ocub46t5gab5966k
The API follows pretix team based permissions model. Each organizer can have several teams
each with it's own set of permissions. Each team can have any number of API keys attached.
To access a given endpoint the team the API key belongs to needs to have the corresponding
permission for the organizer/event being accessed.
Possible permissions are:
* Can create events
* Can change event settings
* Can change product settings
* Can view orders
* Can change orders
* Can view vouchers
* Can change vouchers
.. note:: The API currently also supports authentication via browser sessions, i.e. the
same way that you authenticate with pretix when using the browser interface.
Using this type of authentication is *not* officially supported for use by
third-party clients and might change or be removed at any time. We plan on
adding OAuth2 support in the future for user-level authentication. If you want
to use session authentication, be sure to comply with Django's `CSRF policies`_.
Compatibility
-------------
@@ -89,41 +86,6 @@ respective page.
The field ``results`` contains a list of objects representing the first results. For most
objects, every page contains 50 results.
Conditional fetching
--------------------
If you pull object lists from pretix' APIs regularly, we ask you to implement conditional fetching
to avoid unnecessary data traffic. This is not supported on all resources and we currently implement
two different mechanisms for different resources, which is necessary because we can only obtain best
efficiency for resources that do not support deletion operations.
Object-level conditional fetching
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The :ref:`rest-orders` resource list contains an HTTP header called ``X-Page-Generated`` containing the
current time on the server in ISO 8601 format. On your next request, you can pass this header
(as is, without any modifications necessary) as the ``modified_since`` query parameter and you will receive
a list containing only objects that have changed in the time since your last request.
List-level conditional fetching
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If modification checks are not possible with this granularity, you can instead check for the full list.
In this case, the list of objects may contain a regular HTTP header ``Last-Modified`` with the date of the
last modification to any item of that resource. You can then pass this date back in your next request in the
``If-Modified-Since`` header. If the any object has changed in the meantime, you will receive back a full list
(if something it missing, this means the object has been deleted). If nothing happened, we'll send back a
``304 Not Modified`` return code.
This is currently implemented on the following resources:
* :ref:`rest-categories`
* :ref:`rest-items`
* :ref:`rest-questions`
* :ref:`rest-quotas`
* :ref:`rest-subevents`
* :ref:`rest-taxrules`
Errors
------
@@ -148,7 +110,6 @@ Field specific input errors include the name of the offending fields as keys in
{"amount": ["A valid integer is required."], "description": ["This field may not be blank."]}
If you see errors of type ``429 Too Many Requests``, you should read our documentation on :ref:`rest-ratelimit`.
Data types
----------
@@ -181,37 +142,4 @@ as the string values ``true`` and ``false``.
If the ``ordering`` parameter is documented for a resource, you can use it to sort the result set by one of the allowed
fields. Prepend a ``-`` to the field name to reverse the sort order.
Idempotency
-----------
Our API supports an idempotency mechanism to make sure you can safely retry operations without accidentally performing
them twice. This is useful if an API call experiences interruptions in transit, e.g. due to a network failure, and you
do not know if it completed successfully.
To perform an idempotent request, add a ``X-Idempotency-Key`` header with a random string value (we recommend a version
4 UUID) to your request. If we see a second request with the same ``X-Idempotency-Key`` and the same ``Authorization``
and ``Cookie`` headers, we will not perform the action for a second time but return the exact same response instead.
Please note that this also goes for most error responses. For example, if we returned you a ``403 Permission Denied``
error and you retry with the same ``X-Idempotency-Key``, you will get the same error again, even if you were granted
permission in the meantime! This includes internal server errors on our side that might have been fixed in the meantime.
There are only three exceptions to the rule:
* Responses with status code ``409 Conflict`` are not cached. If you send the request again, it will be executed as a
new request, since these responses are intended to be retried.
* Rate-limited responses with status code ``429 Too Many Requests`` are not cached and you can safely retry them.
* Responses with status code ``503 Service Unavailable`` are not cached and you can safely retry them.
If you send a request with an ``X-Idempotency-Key`` header that we have seen before but that has not yet received a
response, you will receive a response with status code ``409 Conflict`` and are asked to retry after five seconds.
We store idempotency keys for 24 hours, so you should never retry a request after a longer time period.
All ``POST``, ``PUT``, ``PATCH``, or ``DELETE`` api calls support idempotency keys. Adding an idempotency key to a
``GET``, ``HEAD``, or ``OPTIONS`` request has no effect.
.. _CSRF policies: https://docs.djangoproject.com/en/1.11/ref/csrf/#ajax
.. _CSRF policies: https://docs.djangoproject.com/en/1.11/ref/csrf/#ajax

3
doc/api/index.rst
View File

@@ -14,7 +14,4 @@ in functionality over time.
:maxdepth: 2
fundamentals
auth
resources/index
ratelimit
webhooks

207
doc/api/oauth.rst
View File

@@ -1,207 +0,0 @@
.. _`rest-oauth`:
OAuth authentication / "Connect with pretix"
============================================
In addition to static tokens, pretix supports `OAuth2`_-based authentication starting with
pretix 1.16. This allows you to put a "Connect with pretix" button into your website or tool
that allows the user to easily set up a connection between the two systems.
If you haven't worked with OAuth before, have a look at the `OAuth2 Simplified`_ tutorial.
Registering an application
--------------------------
To use OAuth, you need to register your application with the pretix instance you want to connect to.
In order to do this, log in to your pretix account and go to your user settings. Click on "Authorized applications"
first and then on "Manage your own apps". From there, you can "Create a new application".
You should fill in a descriptive name of your application that allows users to recognize who you are. You also need to
give a list of fully-qualified URLs that users will be redirected to after a successful authorization. After you pressed
"Save", you will be presented with a client ID and a client secret. Please note them down and treat the client secret
like a password; it should not become available to your users.
Obtaining an authorization grant
--------------------------------
To authorize a new user, link or redirect them to the ``authorize`` endpoint, passing your client ID as a query
parameter. Additionally, you can pass a scope (currently either ``read``, ``write``, or ``read write``)
and an URL the user should be redirected to after successful or failed authorization. You also need to pass the
``response_type`` parameter with a value of ``code``. Example::
https://pretix.eu/api/v1/oauth/authorize?client_id=lsLi0hNL0vk53mEdYjNJxHUn1PcO1R6wVg81dLNT&response_type=code&scope=read+write&redirect_uri=https://pretalx.com
To prevent CSRF attacks, you can also optionally pass a ``state`` parameter with a random string. Later, when
redirecting back to your application, we will pass the same ``state`` parameter back to you, so you can compare if they
match.
After the user granted or denied access, they will be redirected back either to the ``redirect_url`` you passed in the
query or to the first redirect URL configured in your application settings.
On successful registration, we will append the query parameter ``code`` to the URL containing an authorization code.
For example, we might redirect the user to this URL::
https://pretalx.com/?code=eYBBf8gmeD4E01HLoj0XflqO4Lg3Cw&state=e3KCh9mfx07qxU4bRpXk
You will need this ``code`` parameter to perform the next step.
On a failed registration, a query string like ``?error=access_denied`` will be appended to the redirection URL.
.. note:: In this step, the user is allowed to restrict your access to certain organizer accounts. If you try to
re-authenticate the user later, the user might be instantly redirected back to you if authorization is already
given and would therefore be unable to review their organizer restriction settings. You can append the
``approval_prompt=force`` query parameter if you want to make sure the user actively needs to confirm the
authorization.
Getting an access token
-----------------------
Using the ``code`` value you obtained above and your client ID, you can now request an access token that actually gives
access to the API. The ``token`` endpoint expects you to authenticate using `HTTP Basic authentication`_ using your client
ID as a username and your client secret as a password. You are also required to again supply the same ``redirect_uri``
parameter that you used for the authorization.
.. http:get:: /api/v1/oauth/token
Request a new access token
**Example request**:
.. sourcecode:: http
POST /api/v1/oauth/token HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Basic bHNMaTBoTkwwdms1M21FZFlqTkp4SFVuMVBjTzFSNndWZzgxZExOVDplSmpzZVA0UjJMN0hMcjBiS0p1b3BmbnJtT2cyY3NDeTdYaFVVZ0FoalhUU0NhZHhRTjk3cVNvMkpPaXlWTFpQOEozaTVQd1FVdFIwNUNycG5ac2Z0bXJjdmNTbkZ1SkFmb2ZsUTdZUDRpSjZNTWFYTHIwQ0FpNlhIRFJjV1Awcg==
grant_type=authorization_code&code=eYBBf8gmeD4E01HLoj0XflqO4Lg3Cw&redirect_uri=https://pretalx.com
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"access_token": "i3ytqTSRWsKp16fqjekHXa4tdM4qNC",
"expires_in": 86400,
"token_type": "Bearer",
"scope": "read write",
"refresh_token": "XBK0r8z4A4TTeR9LyMUyU2AM5rqpXp"
}
:statuscode 200: no error
:statuscode 401: Authentication failure
As you can see, you receive two types of tokens: One "access token", and one "refresh token". The access token is valid
for a day and can be used to actually access the API. The refresh token does not have an expiration date and can be used
to obtain a new access_token after a day, so you should make sure to store the access token safely if you need long-term
access.
Using the API with an access token
----------------------------------
You can supply a valid access token as a ``Bearer``-type token in the ``Authorization`` header to get API access.
.. sourcecode:: http
:emphasize-lines: 3
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Bearer i3ytqTSRWsKp16fqjekHXa4tdM4qNC
Refreshing an access token
--------------------------
You can obtain a new access token using your refresh token any time. This can be done using the same ``token`` endpoint
used to obtain the first access token above, but with a different set of parameters:
.. sourcecode:: http
POST /api/v1/oauth/token HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Basic bHNMaTBoTkwwdms1M21FZFlqTkp4SFVuMVBjTzFSNndWZzgxZExOVDplSmpzZVA0UjJMN0hMcjBiS0p1b3BmbnJtT2cyY3NDeTdYaFVVZ0FoalhUU0NhZHhRTjk3cVNvMkpPaXlWTFpQOEozaTVQd1FVdFIwNUNycG5ac2Z0bXJjdmNTbkZ1SkFmb2ZsUTdZUDRpSjZNTWFYTHIwQ0FpNlhIRFJjV1Awcg==
grant_type=refresh_token&refresh_token=XBK0r8z4A4TTeR9LyMUyU2AM5rqpXp
The previous access token will instantly become invalid.
Revoking a token
----------------
If you don't need a token any more or if you believe it may have been compromised, you can use the ``revoke_token``
endpoint to revoke it.
.. http:get:: /api/v1/oauth/revoke_token
Revoke an access or refresh token. If you revoke an access token, you can still create a new one using the refresh token. If you
revoke a refresh token, the connected access token will also be revoked.
**Example request**:
.. sourcecode:: http
POST /api/v1/oauth/revoke_token HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Basic bHNMaTBoTkwwdms1M21FZFlqTkp4SFVuMVBjTzFSNndWZzgxZExOVDplSmpzZVA0UjJMN0hMcjBiS0p1b3BmbnJtT2cyY3NDeTdYaFVVZ0FoalhUU0NhZHhRTjk3cVNvMkpPaXlWTFpQOEozaTVQd1FVdFIwNUNycG5ac2Z0bXJjdmNTbkZ1SkFmb2ZsUTdZUDRpSjZNTWFYTHIwQ0FpNlhIRFJjV1Awcg==
token=XBK0r8z4A4TTeR9LyMUyU2AM5rqpXp
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
:statuscode 200: no error
:statuscode 401: Authentication failure
If you want to revoke your client secret, you can generate a new one in the list of your managed applications in the
pretix user interface.
Fetching the user profile
-------------------------
If you need the user's meta data, you can fetch it here:
.. http:get:: /api/v1/me
Returns the profile of the authenticated user
**Example request**:
.. sourcecode:: http
GET /api/v1/me HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Bearer i3ytqTSRWsKp16fqjekHXa4tdM4qNC
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
email: "admin@localhost",
fullname: "John Doe",
locale: "de",
timezone: "Europe/Berlin"
}
:statuscode 200: no error
:statuscode 401: Authentication failure
.. _OAuth2: https://en.wikipedia.org/wiki/OAuth
.. _OAuth2 Simplified: https://aaronparecki.com/oauth-2-simplified/
.. _HTTP Basic authentication: https://en.wikipedia.org/wiki/Basic_access_authentication

31
doc/api/ratelimit.rst
View File

@@ -1,31 +0,0 @@
.. _`rest-ratelimit`:
Rate limiting
=============
.. note:: This page only applies to the pretix Hosted service at pretix.eu. APIs of custom pretix installations do not
enforce any rate limiting by default.
All authenticated requests to pretix' API are rate limited. If you exceed the limits, you will receive a response
with HTTP status code ``429 Too Many Requests``. This response will have a ``Retry-After`` header, containing the number
of seconds you are supposed to wait until you try again. We expect that all API clients respect this. If you continue
to burst requests after a ``429`` status code, we might get in touch with you or, in extreme cases, disable your API
access.
Currently, the following rate limits apply:
.. rst-class:: rest-resource-table
===================================== =================================================================================
Authentication method Rate limit
===================================== =================================================================================
:ref:`rest-deviceauth` 360 requests per minute per device
:ref:`rest-tokenauth` 360 requests per minute per organizer account
:ref:`rest-oauth` 360 requests per minute per combination of accessed organizer and OAuth application
Session authentication *Not an officially supported authentication method for external access*
===================================== =================================================================================
If you require a higher rate limit, please get in touch at support@pretix.eu and tell us about your use case, we are
sure we can work something out.

264
doc/api/resources/carts.rst
View File

@@ -1,264 +0,0 @@
.. _rest-carts:
Cart positions
==============
The API provides limited access to the cart position data model. This API currently only allows creating and deleting
cart positions to reserve quota.
Cart position resource
----------------------
The cart position resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the cart position
cart_id string Identifier of the cart this belongs to. Needs to end
in "@api" for API-created positions.
datetime datetime Time of creation
expires datetime The cart position will expire at this time and no longer block quota
item integer ID of the item
variation integer ID of the variation (or ``null``)
price money (string) Price of this position
attendee_name string Specified attendee name for this position (or ``null``)
attendee_name_parts object of strings Composition of attendee name (i.e. first name, last name, …)
attendee_email string Specified attendee email address for this position (or ``null``)
voucher integer Internal ID of the voucher used for this position (or ``null``)
addon_to integer Internal ID of the position this position is an add-on for (or ``null``)
subevent integer ID of the date inside an event series this position belongs to (or ``null``).
answers list of objects Answers to user-defined questions
├ question integer Internal ID of the answered question
├ answer string Text representation of the answer
├ question_identifier string The question's ``identifier`` field
├ options list of integers Internal IDs of selected option(s)s (only for choice types)
└ option_identifiers list of strings The ``identifier`` fields of the selected option(s)s
===================================== ========================== =======================================================
.. versionchanged:: 1.17
This resource has been added.
Cart position endpoints
-----------------------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/
Returns a list of API-created cart positions.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/cartpositions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
X-Page-Generated: 2017-12-01T10:00:00Z
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"cart_id": "XwokV8FojQviD9jhtDzKvHFdlLRNMhlfo3cNjGbuK6MUTQDT@api",
"item": 1,
"variation": null,
"price": "23.00",
"attendee_name": null,
"attendee_name_parts": {},
"attendee_email": null,
"voucher": null,
"addon_to": null,
"subevent": null,
"datetime": "2018-06-11T10:00:00Z",
"expires": "2018-06-11T10:00:00Z",
"includes_tax": true,
"answers": []
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/(id)/
Returns information on one cart position, identified by its internal ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/cartpositions/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"cart_id": "XwokV8FojQviD9jhtDzKvHFdlLRNMhlfo3cNjGbuK6MUTQDT@api",
"item": 1,
"variation": null,
"price": "23.00",
"attendee_name": null,
"attendee_name_parts": {},
"attendee_email": null,
"voucher": null,
"addon_to": null,
"subevent": null,
"datetime": "2018-06-11T10:00:00Z",
"expires": "2018-06-11T10:00:00Z",
"includes_tax": true,
"answers": []
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the position to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested cart position does not exist.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/
Creates a new cart position.
.. warning:: This endpoint is considered **experimental**. It might change at any time without prior notice.
.. warning::
This endpoint is intended for advanced users. It is not designed to be used to build your own shop frontend.
There is a lot that it does not or can not do, and you will need to be careful using it.
It allows to bypass many of the restrictions imposed when creating a cart through the
regular shop.
Specifically, this endpoint currently
* does not validate if products are only to be sold in a specific time frame
* does not validate if the event's ticket sales are already over or haven't started
* does not support add-on products at the moment
* does not check or calculate prices but believes any prices you send
* does not support the redemption of vouchers
* does not prevent you from buying items that can only be bought with a voucher
* does not support file upload questions
You can supply the following fields of the resource:
* ``cart_id`` (optional, needs to end in ``@api``)
* ``item``
* ``variation`` (optional)
* ``price``
* ``attendee_name`` **or** ``attendee_name_parts`` (optional)
* ``attendee_email`` (optional)
* ``subevent`` (optional)
* ``expires`` (optional)
* ``includes_tax`` (optional)
* ``answers``
* ``question``
* ``answer``
* ``options``
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/cartpositions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"item": 1,
"variation": null,
"price": "23.00",
"attendee_name_parts": {
"given_name": "Peter",
"family_name": "Miller"
},
"attendee_email": null,
"answers": [
{
"question": 1,
"answer": "23",
"options": []
}
],
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
(Full cart position resource, see above.)
:param organizer: The ``slug`` field of the organizer of the event to create a position for
:param event: The ``slug`` field of the event to create a position for
:statuscode 201: no error
:statuscode 400: The item could not be created due to invalid submitted data or lack of quota.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this
order.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/(id)/
Deletes a cart position, identified by its internal ID.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/cartpositions/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
Content-Type: application/json
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the position to delete
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested cart position does not exist.

137
doc/api/resources/categories.rst
View File

@@ -1,5 +1,3 @@
.. _`rest-categories`:
Item categories
===============
@@ -16,23 +14,14 @@ Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the category
name multi-lingual string The category's visible name
internal_name string An optional name that is only used in the backend
description multi-lingual string A public description (might include markdown, can
be ``null``)
position integer An integer, used for sorting the categories
is_addon boolean If ``true``, items within this category are not on sale
is_addon boolean If ``True``, items within this category are not on sale
on their own but the category provides a source for
defining add-ons for other products.
===================================== ========================== =======================================================
.. versionchanged:: 1.14
The operations POST, PATCH, PUT and DELETE have been added.
.. versionchanged:: 1.16
The field ``internal_name`` has been added.
Endpoints
---------
@@ -55,7 +44,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -65,7 +54,6 @@ Endpoints
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
@@ -102,12 +90,11 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
@@ -119,121 +106,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/categories/
Creates a new category
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/categories/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
}
:param organizer: The ``slug`` field of the organizer of the event to create a category for
:param event: The ``slug`` field of the event to create a category for
:statuscode 201: no error
:statuscode 400: The category could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/categories/(id)/
Update a category. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/categories/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"is_addon": true
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": true
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the category to modify
:statuscode 200: no error
:statuscode 400: The category could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/category/(id)/
Delete a category.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/categories/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the category to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

649
doc/api/resources/checkinlists.rst
View File

@@ -1,649 +0,0 @@
Check-in lists
==============
Resource description
--------------------
You can create check-in lists that you can use e.g. at the entrance of your event to track who is coming and if they
actually bought a ticket.
You can create multiple check-in lists to separate multiple parts of your event, for example if you have separate
entries for multiple ticket types. Different check-in lists are completely independent: If a ticket shows up on two
lists, it is valid once on every list. This might be useful if you run a festival with festival passes that allow
access to every or multiple performances as well as tickets only valid for single performances.
The check-in list resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the check-in list
name string The internal name of the check-in list
all_products boolean If ``true``, the check-in lists contains tickets of all products in this event. The ``limit_products`` field is ignored in this case.
limit_products list of integers List of item IDs to include in this list.
subevent integer ID of the date inside an event series this list belongs to (or ``null``).
position_count integer Number of tickets that match this list (read-only).
checkin_count integer Number of check-ins performed on this list (read-only).
include_pending boolean If ``true``, the check-in list also contains tickets from orders in pending state.
===================================== ========================== =======================================================
.. versionchanged:: 1.10
This resource has been added.
.. versionchanged:: 1.11
The ``positions`` endpoints have been added.
.. versionchanged:: 1.13
The ``include_pending`` field has been added.
Endpoints
---------
.. versionchanged:: 1.15
The ``../status/`` detail endpoint has been added.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/
Returns a list of all check-in lists within a given event.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": "Default list",
"checkin_count": 123,
"position_count": 456,
"all_products": true,
"limit_products": [],
"include_pending": false,
"subevent": null
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query integer subevent: Only return check-in lists of the sub-event with the given ID
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(id)/
Returns information on one check-in list, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": "Default list",
"checkin_count": 123,
"position_count": 456,
"all_products": true,
"limit_products": [],
"include_pending": false,
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the check-in list to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(id)/status/
Returns detailed status information on a check-in list, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/status/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"checkin_count": 17,
"position_count": 42,
"event": {
"name": "Demo Conference"
},
"items": [
{
"name": "T-Shirt",
"id": 1,
"checkin_count": 1,
"admission": false,
"position_count": 1,
"variations": [
{
"value": "Red",
"id": 1,
"checkin_count": 1,
"position_count": 12
},
{
"value": "Blue",
"id": 2,
"checkin_count": 4,
"position_count": 8
}
]
},
{
"name": "Ticket",
"id": 2,
"checkin_count": 15,
"admission": true,
"position_count": 22,
"variations": []
}
]
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the check-in list to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/
Creates a new check-in list.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/checkinlists/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": "VIP entry",
"all_products": false,
"limit_products": [1, 2],
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"name": "VIP entry",
"checkin_count": 0,
"position_count": 0,
"all_products": false,
"limit_products": [1, 2],
"include_pending": false,
"subevent": null
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a list for
:param event: The ``slug`` field of the event to create a list for
:statuscode 201: no error
:statuscode 400: The list could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(id)/
Update a check-in list. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field and the ``checkin_count`` and ``position_count``
fields.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"name": "Backstage",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"name": "Backstage",
"checkin_count": 23,
"position_count": 42,
"all_products": false,
"limit_products": [1, 2],
"include_pending": false,
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the list to modify
:statuscode 200: no error
:statuscode 400: The list could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/checkinlist/(id)/
Delete a check-in list. Note that this also deletes the information on all check-ins performed via this list.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/checkinlist/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the check-in list to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.
Order position endpoints
------------------------
.. versionchanged:: 1.15
The order positions endpoint has been extended by the filter queries ``item__in``, ``variation__in``,
``order__status__in``, ``subevent__in``, ``addon_to__in``, and ``search``. The search for attendee names and order
codes is now case-insensitive.
The ``.../redeem/`` endpoint has been added.
.. versionchanged:: 2.0
The order positions endpoint has been extended by the filter queries ``voucher`` and ``voucher__code``.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/
Returns a list of all order positions within a given event. The result is the same as
the :ref:`order-position-resource`, with one important difference: the ``checkins`` value will only include
check-ins for the selected list.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/positions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 23442,
"order": "ABC12",
"positionid": 1,
"item": 1345,
"variation": null,
"price": "23.00",
"attendee_name": "Peter",
"attendee_name_parts": {
"full_name": "Peter",
},
"attendee_email": null,
"voucher": null,
"tax_rate": "0.00",
"tax_rule": null,
"tax_value": "0.00",
"secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
"addon_to": null,
"subevent": null,
"pseudonymization_id": "MQLJvANO3B",
"checkins": [
{
"list": 1,
"datetime": "2017-12-25T12:45:23Z"
}
],
"answers": [
{
"question": 12,
"answer": "Foo",
"options": []
}
],
"downloads": [
{
"output": "pdf",
"url": "https://pretix.eu/api/v1/organizers/bigevents/events/sampleconf/orderpositions/23442/download/pdf/"
}
]
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``order__code``,
``order__datetime``, ``positionid``, ``attendee_name``, ``last_checked_in`` and ``order__email``. Default:
``attendee_name,positionid``
:query string order: Only return positions of the order with the given order code
:query string search: Fuzzy search matching the attendee name, order code, invoice address name as well as to the beginning of the secret.
:query integer item: Only return positions with the purchased item matching the given ID.
:query integer item__in: Only return positions with the purchased item matching one of the given comma-separated IDs.
:query integer variation: Only return positions with the purchased item variation matching the given ID.
:query integer variation__in: Only return positions with one of the purchased item variation matching the given
comma-separated IDs.
:query string attendee_name: Only return positions with the given value in the attendee_name field. Also, add-on
products positions are shown if they refer to an attendee with the given name.
:query string secret: Only return positions with the given ticket secret.
:query string order__status: Only return positions with the given order status.
:query string order__status__in: Only return positions with one the given comma-separated order status.
:query boolean has_checkin: If set to ``true`` or ``false``, only return positions that have or have not been
checked in already.
:query integer subevent: Only return positions of the sub-event with the given ID
:query integer subevent__in: Only return positions of one of the sub-events with the given comma-separated IDs
:query integer addon_to: Only return positions that are add-ons to the position with the given ID.
:query integer addon_to__in: Only return positions that are add-ons to one of the positions with the given
comma-separated IDs.
:query string voucher: Only return positions with a specific voucher.
:query string voucher__code: Only return positions with a specific voucher code.
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param list: The ID of the check-in list to look for
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested check-in list does not exist.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/(id)/
Returns information on one order position, identified by its internal ID.
The result format is the same as the :ref:`order-position-resource`, with one important difference: the
``checkins`` value will only include check-ins for the selected list.
**Instead of an ID, you can also use the ``secret`` field as the lookup parameter.**
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/positions/23442/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 23442,
"order": "ABC12",
"positionid": 1,
"item": 1345,
"variation": null,
"price": "23.00",
"attendee_name": "Peter",
"attendee_name_parts": {
"full_name": "Peter",
},
"attendee_email": null,
"voucher": null,
"tax_rate": "0.00",
"tax_rule": null,
"tax_value": "0.00",
"secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
"addon_to": null,
"subevent": null,
"pseudonymization_id": "MQLJvANO3B",
"checkins": [
{
"list": 1,
"datetime": "2017-12-25T12:45:23Z"
}
],
"answers": [
{
"question": 12,
"answer": "Foo",
"options": []
}
],
"downloads": [
{
"output": "pdf",
"url": "https://pretix.eu/api/v1/organizers/bigevents/events/sampleconf/orderpositions/23442/download/pdf/"
}
]
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param list: The ID of the check-in list to look for
:param id: The ``id`` field of the order position to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested order position or check-in list does not exist.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/(id)/redeem/
Tries to redeem an order position, identified by its internal ID, i.e. checks the attendee in. This endpoint
accepts a number of optional requests in the body.
**Instead of an ID, you can also use the ``secret`` field as the lookup parameter.**
:<json boolean questions_supported: When this parameter is set to ``true``, handling of questions is supported. If
you do not implement question handling in your user interface, you **must**
set this to ``false``. In that case, questions will just be ignored. Defaults
to ``true``.
:<json datetime datetime: Specifies the datetime of the check-in. If not supplied, the current time will be used.
:<json boolean force: Specifies that the check-in should succeed regardless of previous check-ins or required
questions that have not been filled. Defaults to ``false``.
:<json boolean ignore_unpaid: Specifies that the check-in should succeed even if the order is in pending state.
Defaults to ``false``.
:<json string nonce: You can set this parameter to a unique random value to identify this check-in. If you're sending
this request twice with the same nonce, the second request will also succeed but will always
create only one check-in object even when the previous request was successful as well. This
allows for a certain level of idempotency and enables you to re-try after a connection failure.
:<json object answers: If questions are supported/required, you may/must supply a mapping of question IDs to their
respective answers. The answers should always be strings. In case of (multiple-)choice-type
answers, the string should contain the (comma-separated) IDs of the selected options.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/positions/234/redeem/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
{
"force": false,
"ignore_unpaid": false,
"nonce": "Pvrk50vUzQd0DhdpNRL4I4OcXsvg70uA",
"datetime": null,
"questions_supported": true,
"answers": {
"4": "XS"
}
}
**Example successful response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"status": "ok",
"position": {
}
}
**Example response with required questions**:
.. sourcecode:: http
HTTP/1.1 400 Bad Request
Content-Type: text/json
{
"status": "incomplete",
"position": {
},
"questions": [
{
"id": 1,
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": true,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 0,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 1,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 2,
"answer": {"en": "L"}
}
]
}
]
}
**Example error response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{
"status": "error",
"reason": "unpaid",
"position": {
}
}
Possible error reasons:
* ``unpaid`` - Ticket is not paid for or has been refunded
* ``already_redeemed`` - Ticket already has been redeemed
* ``product`` - Tickets with this product may not be scanned at this device
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param list: The ID of the check-in list to look for
:param id: The ``id`` field of the order position to fetch
:statuscode 201: no error
:statuscode 400: Invalid or incomplete request, see above
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested order position or check-in list does not exist.

303
doc/api/resources/events.rst
View File

@@ -15,7 +15,6 @@ name multi-lingual string The event's ful
slug string A short form of the name, used e.g. in URLs.
live boolean If ``true``, the event ticket shop is publicly
available.
testmode boolean If ``true``, the ticket shop is in test mode.
currency string The currency this event is handled in.
date_from datetime The event's start date
date_to datetime The event's end date (or ``null``)
@@ -25,31 +24,11 @@ is_public boolean If ``true``, th
presale_start datetime The date at which the ticket shop opens (or ``null``)
presale_end datetime The date at which the ticket shop closes (or ``null``)
location multi-lingual string The event location (or ``null``)
has_subevents boolean ``true`` if the event series feature is active for this
event. Cannot change after event is created.
meta_data dict Values set for organizer-specific meta data parameters.
plugins list A list of package names of the enabled plugins for this
event.
has_subevents boolean ``True`` if the event series feature is active for this
event
===================================== ========================== =======================================================
.. versionchanged:: 1.7
The ``meta_data`` field has been added.
.. versionchanged:: 1.15
The ``plugins`` field has been added.
The operations POST, PATCH, PUT and DELETE have been added.
.. versionchanged:: 2.1
Filters have been added to the list of events.
.. versionchanged:: 2.5
The ``testmode`` attribute has been added.
Endpoints
---------
@@ -57,8 +36,6 @@ Endpoints
Returns a list of all events within a given organizer the authenticated user/token has access to.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
@@ -73,7 +50,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -84,7 +61,6 @@ Endpoints
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
@@ -93,25 +69,12 @@ Endpoints
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.banktransfer"
"pretix.plugins.stripe"
"pretix.plugins.paypal"
"pretix.plugins.ticketoutputpdf"
]
"has_subevents": false
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:query is_public: If set to ``true``/``false``, only events with a matching value of ``is_public`` are returned.
:query live: If set to ``true``/``false``, only events with a matching value of ``live`` are returned.
:query has_subevents: If set to ``true``/``false``, only events with a matching value of ``has_subevents`` are returned.
:query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned. Event series are never (always) returned.
:query is_past: If set to ``true`` (``false``), only events that are over are (not) returned. Event series are never (always) returned.
:query ends_after: If set to a date and time, only events that happen during of after the given time are returned. Event series are never returned.
:param organizer: The ``slug`` field of a valid organizer
:statuscode 200: no error
:statuscode 401: Authentication failure
@@ -121,8 +84,6 @@ Endpoints
Returns information on one event, identified by its slug.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
@@ -137,13 +98,12 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
@@ -152,14 +112,7 @@ Endpoints
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.banktransfer"
"pretix.plugins.stripe"
"pretix.plugins.paypal"
"pretix.plugins.ticketoutputpdf"
]
"has_subevents": false
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -167,247 +120,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.
.. http:post:: /api/v1/organizers/(organizer)/events/
Creates a new event
Please note that events cannot be created as 'live' using this endpoint. Quotas and payment must be added to the
event before sales can go live.
Permission required: "Can create events"
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
:param organizer: The ``slug`` field of the organizer of the event to create.
:statuscode 201: no error
:statuscode 400: The event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/clone/
Creates a new event with properties as set in the request body. The properties that are copied are: 'is_public',
settings, plugin settings, items, variations, add-ons, quotas, categories, tax rules, questions.
If the 'plugins' and/or 'is_public' fields are present in the post body this will determine their value. Otherwise
their value will be copied from the existing event.
Please note that you can only copy from events under the same organizer.
Permission required: "Can create events"
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/clone/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
:param organizer: The ``slug`` field of the organizer of the event to create.
:param event: The ``slug`` field of the event to copy settings and items from.
:statuscode 201: no error
:statuscode 400: The event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/
Updates an event
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"plugins": [
"pretix.plugins.banktransfer",
"pretix.plugins.stripe",
"pretix.plugins.paypal",
"pretix.plugins.pretixdroid"
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"testmode": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.banktransfer",
"pretix.plugins.stripe",
"pretix.plugins.paypal",
"pretix.plugins.pretixdroid"
]
}
:param organizer: The ``slug`` field of the organizer of the event to update
:param event: The ``slug`` field of the event to update
:statuscode 200: no error
:statuscode 400: The event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/
Delete an event. Note that events with orders cannot be deleted to ensure data integrity.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

8
doc/api/resources/index.rst
View File

@@ -7,19 +7,11 @@ Resources and endpoints
organizers
events
subevents
taxrules
categories
items
item_variations
item_bundles
item_add-ons
questions
question_options
quotas
orders
invoices
vouchers
checkinlists
waitinglist
carts
webhooks

107
doc/api/resources/invoices.rst
View File

@@ -13,7 +13,7 @@ Field Type Description
===================================== ========================== =======================================================
number string Invoice number (with prefix)
order string Order code of the order this invoice belongs to
is_cancellation boolean ``true``, if this invoice is the cancellation of a
is_cancellation boolean ``True``, if this invoice is the cancellation of a
different invoice.
invoice_from string Sender address
invoice_to string Receiver address
@@ -29,19 +29,9 @@ payment_provider_text string Text to be prin
footer_text string Text to be printed in the page footer area
lines list of objects The actual invoice contents
├ description string Text representing the invoice line (e.g. product name)
├ gross_value money (string) Price including taxes
├ tax_value money (string) Tax amount included
tax_name string Name of used tax rate (e.g. "VAT")
└ tax_rate decimal (string) Used tax rate
foreign_currency_display string If the invoice should also show the total and tax
amount in a different currency, this contains the
currency code (``null`` otherwise).
foreign_currency_rate decimal (string) If ``foreign_currency_rate`` is set and the system
knows the exchange rate to the event currency at
invoicing time, it is stored here.
foreign_currency_rate_date date If ``foreign_currency_rate`` is set, this signifies the
date at which the currency rate was obtained.
internal_reference string Customer's reference to be printed on the invoice.
├ gross_value money (string) Price including VAT
├ tax_value money (string) VAT amount
tax_rate decimal (string) Used VAT rate
===================================== ========================== =======================================================
@@ -52,17 +42,6 @@ internal_reference string Customer's refe
number.
.. versionchanged:: 1.7
The attributes ``lines.tax_name``, ``foreign_currency_display``, ``foreign_currency_rate``, and
``foreign_currency_rate_date`` have been added.
.. versionchanged:: 1.9
The attribute ``internal_reference`` has been added.
Endpoints
---------
@@ -84,7 +63,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -101,7 +80,6 @@ Endpoints
"refers": null,
"locale": "en",
"introductory_text": "thank you for your purchase of the following items:",
"internal_reference": "",
"additional_text": "We are looking forward to see you on our conference!",
"payment_provider_text": "Please transfer the money to our account ABC…",
"footer_text": "Big Events LLC - Registration No. 123456 - VAT ID: EU0987654321",
@@ -110,13 +88,9 @@ Endpoints
"description": "Budget Ticket",
"gross_value": "23.00",
"tax_value": "0.00",
"tax_name": "VAT",
"tax_rate": "0.00"
}
],
"foreign_currency_display": "PLN",
"foreign_currency_rate": "4.2408",
"foreign_currency_rate_date": "2017-07-24"
]
}
]
}
@@ -125,7 +99,7 @@ Endpoints
:query boolean is_cancellation: If set to ``true`` or ``false``, only invoices with this value for the field
``is_cancellation`` will be returned.
:query string order: If set, only invoices belonging to the order with the given order code will be returned.
:query string refers: If set, only invoices referring to the given invoice will be returned.
:query string refers: If set, only invoices refering to the given invoice will be returned.
:query string locale: If set, only invoices with the given locale will be returned.
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``date`` and
``nr`` (equals to ``number``). Default: ``nr``
@@ -153,7 +127,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"number": "SAMPLECONF-00001",
@@ -165,7 +139,6 @@ Endpoints
"refers": null,
"locale": "en",
"introductory_text": "thank you for your purchase of the following items:",
"internal_reference": "",
"additional_text": "We are looking forward to see you on our conference!",
"payment_provider_text": "Please transfer the money to our account ABC…",
"footer_text": "Big Events LLC - Registration No. 123456 - VAT ID: EU0987654321",
@@ -174,13 +147,9 @@ Endpoints
"description": "Budget Ticket",
"gross_value": "23.00",
"tax_value": "0.00",
"tax_name": "VAT",
"tax_rate": "0.00"
}
],
"foreign_currency_display": "PLN",
"foreign_currency_rate": "4.2408",
"foreign_currency_rate_date": "2017-07-24"
]
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -221,61 +190,5 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 409: The file is not yet ready and will now be prepared. Retry the request after waiting for a few
:statuscode 409: The file is not yet ready and will now be prepared. Retry the request after waiting vor a few
seconds.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/reissue/
Cancels the invoice and creates a new one.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/invoices/00001/reissue/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
Content-Type: application/pdf
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param invoice_no: The ``invoice_no`` field of the invoice to reissue
:statuscode 200: no error
:statuscode 400: The invoice has already been canceled
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/regenerate/
Re-generates the invoice from order data.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/invoices/00001/regenerate/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
Content-Type: application/pdf
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param invoice_no: The ``invoice_no`` field of the invoice to regenerate
:statuscode 200: no error
:statuscode 400: The invoice has already been canceled
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.

246
doc/api/resources/item_add-ons.rst
View File

@@ -1,246 +0,0 @@
Item add-ons
============
Resource description
--------------------
With add-ons, you can specify products that can be bought as an addition to this specific product. For example, if you
host a conference with a base conference ticket and a number of workshops, you could define the workshops as add-ons to
the conference ticket. With this configuration, the workshops cannot be bought on their own but only in combination with
a conference ticket. You can here specify categories of products that can be used as add-ons to this product. You can
also specify the minimum and maximum number of add-ons of the given category that can or need to be chosen. The user can
buy every add-on from the category at most once. If an add-on product has multiple variations, only one of them can be
bought.
The add-ons resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the add-on
addon_category integer Internal ID of the item category the add-on can be
chosen from.
min_count integer The minimal number of add-ons that need to be chosen.
max_count integer The maximal number of add-ons that can be chosen.
position integer An integer, used for sorting
price_included boolean Adding this add-on to the item is free
===================================== ========================== =======================================================
.. versionchanged:: 1.12
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/
Returns a list of all add-ons for a given item.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/11/addons/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 0,
"price_included": true
},
{
"id": 4,
"addon_category": 2,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/item does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/(id)/
Returns information on one add-on, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:param id: The ``id`` field of the add-on to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/
Creates a new add-on
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a add-on for
:param event: The ``slug`` field of the event to create a add-on for
:param item: The ``id`` field of the item to create a add-on for
:statuscode 201: no error
:statuscode 400: The add-on could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/addon/(id)/
Update an add-on. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/3/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"min_count": 0,
"max_count": 10
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param item: The ``id`` field of the item to modify
:param id: The ``id`` field of the add-on to modify
:statuscode 200: no error
:statuscode 400: The add-on could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/addons/(id)/
Delete an add-on.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the add-on to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

242
doc/api/resources/item_bundles.rst
View File

@@ -1,242 +0,0 @@
Item bundles
============
Resource description
--------------------
With bundles, you can specify products that are included within other products. There are two premier use cases of this:
* Package discounts. For example, you could offer a discounted package that includes three tickets but can only be
bought as a whole. With a bundle including three times the usual product, the package will automatically pull three
sub-items into the cart, making sure of correct quota calculation and issuance of the correct number of tickets.
* Tax splitting. For example, if your conference ticket includes a part that is subject to different taxation and that
you need to put on the invoice separately. When you putting a "designated price" on a bundled sub-item, pretix will
use that price to show a split taxation.
The bundles resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the bundling configuration
bundled_item integer Internal ID of the item that is included.
bundled_variation integer Internal ID of the variation of the item (or ``null``).
count integer Number of items included
designated_price money (string) Designated price of the bundled product. This will be
used to split the price of the base item e.g. for mixed
taxation. This is not added to the price.
===================================== ========================== =======================================================
.. versionchanged:: 2.6
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/bundles/
Returns a list of all bundles for a given item.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/11/bundles/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 3,
"bundled_item": 3,
"bundled_variation": null,
"count": 1,
"designated_price": "0.00"
},
{
"id": 3,
"bundled_item": 3,
"bundled_variation": null,
"count": 2,
"designated_price": "1.50"
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/item does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/bundles/(id)/
Returns information on one bundle configuration, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/1/bundles/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"bundled_item": 3,
"bundled_variation": null,
"count": 2,
"designated_price": "1.50"
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:param id: The ``id`` field of the bundle to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/bigevents/events/sampleconf/items/1/bundles/
Creates a new bundle configuration
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/(organizer)/events/(event)/items/(item)/bundles/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"bundled_item": 3,
"bundled_variation": null,
"count": 2,
"designated_price": "1.50"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 3,
"bundled_item": 3,
"bundled_variation": null,
"count": 2,
"designated_price": "1.50"
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a bundle-configuration for
:param event: The ``slug`` field of the event to create a bundle configuration for
:param item: The ``id`` field of the item to create a bundle configuration for
:statuscode 201: no error
:statuscode 400: The bundle could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/bundles/(id)/
Update a bundle configuration. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all
fields of the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields
that you want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/bundles/3/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"count": 2
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"bundled_item": 3,
"bundled_variation": null,
"count": 2,
"designated_price": "1.50"
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param item: The ``id`` field of the item to modify
:param id: The ``id`` field of the bundle to modify
:statuscode 200: no error
:statuscode 400: The bundle configuration could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/bundles/(id)/
Delete a bundle configuration.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/bundles/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the bundle to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

258
doc/api/resources/item_variations.rst
View File

@@ -1,258 +0,0 @@
Item variations
===============
Resource description
--------------------
Variations of items can be use for products (items) that are available in different sizes, colors or other variations
of the same product.
The variations resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the variation
default_price money (string) The price set directly for this variation or ``null``
price money (string) The price used for this variation. This is either the
same as ``default_price`` if that value is set or equal
to the item's ``default_price`` (read-only).
active boolean If ``false``, this variation will not be sold or shown.
description multi-lingual string A public description of the variation. May contain
Markdown syntax or can be ``null``.
position integer An integer, used for sorting
===================================== ========================== =======================================================
.. versionchanged:: 1.12
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/
Returns a list of all variations for a given item.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/11/variations/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"value": {
"en": "S"
},
"active": true,
"description": {
"en": "Test2"
},
"position": 0,
"default_price": "223.00",
"price": 223.0
},
{
"id": 3,
"value": {
"en": "L"
},
"active": true,
"description": {},
"position": 1,
"default_price": null,
"price": 15.0
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query boolean active: If set to ``true`` or ``false``, only items with this value for the field ``active`` will be
returned.
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/item does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/(id)/
Returns information on one variation, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"value": {
"en": "Student"
},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:param id: The ``id`` field of the variation to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/
Creates a new variation
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"value": {"en": "Student"},
"default_price": "10.00",
"active": true,
"description": null,
"position": 0
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a variation for
:param event: The ``slug`` field of the event to create a variation for
:param item: The ``id`` field of the item to create a variation for
:statuscode 201: no error
:statuscode 400: The variation could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/(id)/
Update a variation. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` and the ``price`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"active": false,
"position": 1
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": false,
"description": null,
"position": 1
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the variation to modify
:statuscode 200: no error
:statuscode 400: The variation could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/variations/(id)/
Delete a variation.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the variation to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

373
doc/api/resources/items.rst
View File

@@ -1,5 +1,3 @@
.. _rest-items:
Items
=====
@@ -16,39 +14,34 @@ Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the item
name multi-lingual string The item's visible name
internal_name string An optional name that is only used in the backend
default_price money (string) The item price that is applied if the price is not
overwritten by variations or other options.
category integer The ID of the category this item belongs to
(or ``null``).
active boolean If ``false``, the item is hidden from all public lists
active boolean If ``False``, the item is hidden from all public lists
and will not be sold.
description multi-lingual string A public description of the item. May contain Markdown
syntax or can be ``null``.
free_price boolean If ``true``, customers can change the price at which
free_price boolean If ``True``, customers can change the price at which
they buy the product (however, the price can't be set
lower than the price defined by ``default_price`` or
otherwise).
tax_rate decimal (string) The VAT rate to be applied for this item.
tax_rule integer The internal ID of the applied tax rule (or ``null``).
admission boolean ``true`` for items that grant admission to the event
(such as primary tickets) and ``false`` for others
admission boolean ``True`` for items that grant admission to the event
(such as primary tickets) and ``False`` for others
(such as add-ons or merchandise).
position integer An integer, used for sorting
picture string A product picture to be displayed in the shop
(read-only, can be ``null``).
sales_channels list of strings Sales channels this product is available on, such as
``"web"`` or ``"resellers"``. Defaults to ``["web"]``.
available_from datetime The first date time at which this item can be bought
(or ``null``).
available_until datetime The last date time at which this item can be bought
(or ``null``).
require_voucher boolean If ``true``, this item can only be bought using a
require_voucher boolean If ``True``, this item can only be bought using a
voucher that is specifically assigned to this item.
hide_without_voucher boolean If ``true``, this item is only shown during the voucher
hide_without_voucher boolean If ``True``, this item is only shown during the voucher
redemption process, but not in the normal shop
frontend.
allow_cancel boolean If ``false``, customers cannot cancel orders containing
allow_cancel boolean If ``False``, customers cannot cancel orders containing
this item.
min_per_order integer This product can only be bought if it is included at
least this many times in the order (or ``null`` for no
@@ -56,95 +49,27 @@ min_per_order integer This product ca
max_per_order integer This product can only be bought if it is included at
most this many times in the order (or ``null`` for no
limitation).
checkin_attention boolean If ``true``, the check-in app should show a warning
that this ticket requires special attention if such
a product is being scanned.
original_price money (string) An original price, shown for comparison, not used
for price calculations (or ``null``).
require_approval boolean If ``true``, orders with this product will need to be
approved by the event organizer before they can be
paid.
require_bundling boolean If ``true``, this item is only available as part of bundles.
generate_tickets boolean If ``false``, tickets are never generated for this
product, regardless of other settings. If ``true``,
tickets are generated even if this is a
non-admission or add-on product, regardless of event
settings. If this is ``null``, regular ticketing
rules apply.
has_variations boolean Shows whether or not this item has variations.
has_variations boolean Shows whether or not this item has variations
(read-only).
variations list of objects A list with one object for each variation of this item.
Can be empty. Only writable during creation,
use separate endpoint to modify this later.
Can be empty.
├ id integer Internal ID of the variation
├ value multi-lingual string The "name" of the variation
├ default_price money (string) The price set directly for this variation or ``null``
├ price money (string) The price used for this variation. This is either the
same as ``default_price`` if that value is set or equal
to the item's ``default_price``.
├ active boolean If ``false``, this variation will not be sold or shown.
├ active boolean If ``False``, this variation will not be sold or shown.
├ description multi-lingual string A public description of the variation. May contain
Markdown syntax or can be ``null``.
└ position integer An integer, used for sorting
addons list of objects Definition of add-ons that can be chosen for this item.
Only writable during creation,
use separate endpoint to modify this later.
addons list of objects Definition of add-ons that can be chosen for this item
├ addon_category integer Internal ID of the item category the add-on can be
chosen from.
├ min_count integer The minimal number of add-ons that need to be chosen.
├ max_count integer The maximal number of add-ons that can be chosen.
position integer An integer, used for sorting
└ price_included boolean Adding this add-on to the item is free
bundles list of objects Definition of bundles that are included in this item.
Only writable during creation,
use separate endpoint to modify this later.
├ bundled_item integer Internal ID of the item that is included.
├ bundled_variation integer Internal ID of the variation of the item (or ``null``).
├ count integer Number of items included
└ designated_price money (string) Designated price of the bundled product. This will be
used to split the price of the base item e.g. for mixed
taxation. This is not added to the price.
├ max_count integer The maxima number of add-ons that can be chosen.
position integer An integer, used for sorting
===================================== ========================== =======================================================
.. versionchanged:: 1.7
The attribute ``tax_rule`` has been added. ``tax_rate`` is kept for compatibility. The attribute
``checkin_attention`` has been added.
.. versionchanged:: 1.12
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
The attribute ``price_included`` has been added to ``addons``.
.. versionchanged:: 1.16
The ``internal_name`` and ``original_price`` fields have been added.
.. versionchanged:: 2.0
The field ``require_approval`` has been added.
.. versionchanged:: 2.3
The ``sales_channels`` attribute has been added.
.. versionchanged:: 2.4
The ``generate_tickets`` attribute has been added.
.. versionchanged:: 2.6
The ``bundles`` and ``require_bundling`` attributes have been added.
Notes
-----
Please note that an item either always has variations or never has. Once created with variations the item can never
change to an item without and vice versa. To create an item with variations ensure that you POST an item with at least
one variation.
Also note that ``variations``, ``bundles``, and ``addons`` are only supported on ``POST``. To update/delete variations,
bundles, and add-ons please use the dedicated nested endpoints. By design this endpoint does not support ``PATCH`` and ``PUT``
with nested ``variations``, ``bundles`` and/or ``addons``.
Endpoints
---------
@@ -167,7 +92,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -177,16 +102,12 @@ Endpoints
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"sales_channels": ["web"],
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
@@ -197,11 +118,7 @@ Endpoints
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": false,
"generate_tickets": null,
"require_approval": false,
"require_bundling": false,
"variations": [
{
"value": {"en": "Student"},
@@ -220,8 +137,7 @@ Endpoints
"position": 1
}
],
"addons": [],
"bundles": []
"addons": []
}
]
}
@@ -261,21 +177,17 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"sales_channels": ["web"],
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
@@ -284,13 +196,9 @@ Endpoints
"require_voucher": false,
"hide_without_voucher": false,
"allow_cancel": true,
"generate_tickets": null,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": false,
"require_approval": false,
"require_bundling": false,
"variations": [
{
"value": {"en": "Student"},
@@ -309,8 +217,7 @@ Endpoints
"position": 1
}
],
"addons": [],
"bundles": []
"addons": []
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -319,247 +226,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/items/
Creates a new item
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/items/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"sales_channels": ["web"],
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
"available_from": null,
"available_until": null,
"require_voucher": false,
"hide_without_voucher": false,
"allow_cancel": true,
"generate_tickets": null,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"require_approval": false,
"require_bundling": false,
"variations": [
{
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
},
{
"value": {"en": "Regular"},
"default_price": null,
"price": "23.00",
"active": true,
"description": null,
"position": 1
}
],
"addons": [],
"bundles": []
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"sales_channels": ["web"],
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
"available_from": null,
"available_until": null,
"require_voucher": false,
"hide_without_voucher": false,
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"generate_tickets": null,
"checkin_attention": false,
"has_variations": true,
"require_approval": false,
"require_bundling": false,
"variations": [
{
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
},
{
"value": {"en": "Regular"},
"default_price": null,
"price": "23.00",
"active": true,
"description": null,
"position": 1
}
],
"addons": [],
"bundles": []
}
:param organizer: The ``slug`` field of the organizer of the event to create an item for
:param event: The ``slug`` field of the event to create an item for
:statuscode 201: no error
:statuscode 400: The item could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/
Update an item. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``has_variations``, ``variations`` and the ``addon`` field. If
you need to update/delete variations or add-ons please use the nested dedicated endpoints.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"name": {"en": "Ticket"},
"default_price": "25.00"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Ticket"},
"internal_name": "",
"sales_channels": ["web"],
"default_price": "25.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
"available_from": null,
"available_until": null,
"require_voucher": false,
"hide_without_voucher": false,
"generate_tickets": null,
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": true,
"require_approval": false,
"require_bundling": false,
"variations": [
{
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
},
{
"value": {"en": "Regular"},
"default_price": null,
"price": "23.00",
"active": true,
"description": null,
"position": 1
}
],
"addons": [],
"bundles": []
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:statuscode 200: no error
:statuscode 400: The item could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/
Delete an item.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

1516
doc/api/resources/orders.rst
View File

File diff suppressed because it is too large Load Diff

4
doc/api/resources/organizers.rst
View File

@@ -41,7 +41,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -77,7 +77,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"name": "Big Events LLC",

233
doc/api/resources/question_options.rst
View File

@@ -1,233 +0,0 @@
Question options
================
Resource description
--------------------
Questions of type "choice" or "multiple choice" can have different options attached.
The options resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the option
position integer An integer, used for sorting
identifier string An arbitrary string that can be used for matching with
other sources.
answer multi-lingual string The displayed value of this option
===================================== ========================== =======================================================
.. versionchanged:: 1.12
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/
Returns a list of all options for a given question.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/questions/11/options/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query boolean active: If set to ``true`` or ``false``, only questions with this value for the field ``active`` will be
returned.
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param question: The ``id`` field of the question to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/question does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/(id)/
Returns information on one option, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param question: The ``id`` field of the question to fetch
:param id: The ``id`` field of the option to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/
Creates a new option
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
{
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
:param organizer: The ``slug`` field of the organizer of the event/question to create a option for
:param event: The ``slug`` field of the event to create a option for
:param question: The ``id`` field of the question to create a option for
:statuscode 201: no error
:statuscode 400: The option could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/(id)/
Update an option. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"position": 3
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the question to modify
:param id: The ``id`` field of the option to modify
:statuscode 200: no error
:statuscode 400: The option could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/questions/(id)/options/(id)/
Delete an option.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the question to modify
:param id: The ``id`` field of the option to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

253
doc/api/resources/questions.rst
View File

@@ -1,7 +1,3 @@
.. spelling:: checkin
.. _rest-questions:
Questions
=========
@@ -27,55 +23,19 @@ type string The expected ty
* ``C`` choice from a list
* ``M`` multiple choice from a list
* ``F`` file upload
* ``D`` date
* ``H`` time
* ``W`` date and time
required boolean If ``true``, the question needs to be filled out.
required boolean If ``True``, the question needs to be filled out.
position integer An integer, used for sorting
items list of integers List of item IDs this question is assigned to.
identifier string An arbitrary string that can be used for matching with
other sources.
ask_during_checkin boolean If ``true``, this question will not be asked while
buying the ticket, but will show up when redeeming
the ticket instead.
options list of objects In case of question type ``C`` or ``M``, this lists the
available objects. Only writable during creation,
use separate endpoint to modify this later.
available objects.
├ id integer Internal ID of the option
├ position integer An integer, used for sorting
├ identifier string An arbitrary string that can be used for matching with
other sources.
└ answer multi-lingual string The displayed value of this option
dependency_question integer Internal ID of a different question. The current
question will only be shown if the question given in
this attribute is set to the value given in
``dependency_value``. This cannot be combined with
``ask_during_checkin``.
dependency_value string The value ``dependency_question`` needs to be set to.
If ``dependency_question`` is set to a boolean
question, this should be ``"true"`` or ``"false"``.
Otherwise, it should be the ``identifier`` of a
question option.
===================================== ========================== =======================================================
.. versionchanged:: 1.12
The values ``D``, ``H``, and ``W`` for the field ``type`` are now allowed and the ``ask_during_checkin`` field has
been added.
.. versionchanged:: 1.14
Write methods have been added. The attribute ``identifier`` has been added to both the resource itself and the
options resource. The ``position`` attribute has been added to the options resource.
Endpoints
---------
.. versionchanged:: 1.15
The questions endpoint has been extended by the filter queries ``ask_during_checkin``, ``requred``, and
``identifier``.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/questions/
Returns a list of all questions within a given event.
@@ -94,7 +54,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -108,27 +68,17 @@ Endpoints
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"dependency_question": null,
"dependency_value": null,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 0,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 1,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 2,
"answer": {"en": "L"}
}
]
@@ -139,9 +89,6 @@ Endpoints
:query integer page: The page number in case of a multi-page result set, default is 1
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``id`` and ``position``.
Default: ``position``
:query string identifier: Only return questions with the given identifier string
:query boolean ask_during_checkin: Only return questions that are or are not to be asked during check-in
:query boolean required: Only return questions that are or are not required to fill in
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
@@ -166,7 +113,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -175,27 +122,17 @@ Endpoints
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"dependency_question": null,
"dependency_value": null,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
@@ -207,185 +144,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/questions/
Creates a new question
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/questions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 1,
"ask_during_checkin": false,
"dependency_question": null,
"dependency_value": null,
"options": [
{
"answer": {"en": "S"}
},
{
"answer": {"en": "M"}
},
{
"answer": {"en": "L"}
}
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"dependency_question": null,
"dependency_value": null,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
}
:param organizer: The ``slug`` field of the organizer of the event to create an item for
:param event: The ``slug`` field of the event to create an item for
:statuscode 201: no error
:statuscode 400: The item could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/questions/(id)/
Update a question. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``options`` field. If
you need to update/delete options please use the nested dedicated endpoints.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"position": 2
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 2,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"dependency_question": null,
"dependency_value": null,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the question to modify
:statuscode 200: no error
:statuscode 400: The item could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/questions/(id)/
Delete a question.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

139
doc/api/resources/quotas.rst
View File

@@ -1,12 +1,10 @@
.. _rest-quotas:
Quotas
======
Resource description
--------------------
Quotas define how many times an item can be sold.
Questions define how many times an item can be sold.
The quota resource contains the following public fields:
.. rst-class:: rest-resource-table
@@ -22,10 +20,6 @@ variations list of integers List of item va
subevent integer ID of the date inside an event series this quota belongs to (or ``null``).
===================================== ========================== =======================================================
.. versionchanged:: 1.10
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
@@ -48,7 +42,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -94,7 +88,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -112,131 +106,6 @@ Endpoints
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/quotas/
Creates a new quota
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/quotas/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": "Ticket Quota",
"size": 200,
"items": [1, 2],
"variations": [1, 4, 5, 7],
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": "Ticket Quota",
"size": 200,
"items": [1, 2],
"variations": [1, 4, 5, 7],
"subevent": null
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a quota for
:param event: The ``slug`` field of the event to create a quota for
:statuscode 201: no error
:statuscode 400: The quota could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/quotas/(id)/
Update a quota. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/quotas/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"name": "New Ticket Quota",
"size": 100,
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"name": "New Ticket Quota",
"size": 100,
"items": [
1,
2
],
"variations": [
1,
2
],
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the quota rule to modify
:statuscode 200: no error
:statuscode 400: The quota could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/quota/(id)/
Delete a quota. Note that if you delete a quota the items the quota acts on might no longer be available for sale.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/quotas/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the quotas to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/quotas/(id)/availability/
Returns availability information on one quota, identified by its ID.
@@ -255,7 +124,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"available": true,

263
doc/api/resources/subevents.rst
View File

@@ -1,5 +1,3 @@
.. _rest-subevents:
Event series dates / Sub-events
===============================
@@ -17,7 +15,6 @@ Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the sub-event
name multi-lingual string The sub-event's full name
event string The slug of the parent event
active boolean If ``true``, the sub-event ticket shop is publicly
available.
date_from datetime The sub-event's start date
@@ -34,19 +31,8 @@ variation_price_overrides list of objects List of variati
the default price
├ variation integer The internal variation ID
└ price money (string) The price or ``null`` for the default price
meta_data dict Values set for organizer-specific meta data parameters.
===================================== ========================== =======================================================
.. versionchanged:: 1.7
The ``meta_data`` field has been added.
.. versionchanged:: 2.1
The ``event`` field has been added, together with filters on the list of dates and an organizer-level list.
.. versionchanged:: 2.6
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
@@ -69,7 +55,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -79,7 +65,6 @@ Endpoints
{
"id": 1,
"name": {"en": "First Sample Conference"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
@@ -93,95 +78,18 @@ Endpoints
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
"variation_price_overrides": []
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:query active: If set to ``true``/``false``, only events with a matching value of ``active`` are returned.
:query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned.
:query is_past: If set to ``true`` (``false``), only events that are over are (not) returned.
:query ends_after: If set to a date and time, only events that happen during of after the given time are returned.
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the main event
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/subevents/
Creates a new subevent.
Permission required: "Can create events"
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/subevents/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "First Sample Conference"},
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "First Sample Conference"},
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the main event
:statuscode 201: no error
:statuscode 400: The sub-event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/subevents/(id)/
Returns information on one sub-event, identified by its ID.
@@ -200,12 +108,11 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "First Sample Conference"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
@@ -219,166 +126,12 @@ Endpoints
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
"variation_price_overrides": []
}
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the main event
:param id: The ``id`` field of the sub-event to fetch
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``slug`` field of the sub-event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/subevents/(id)/
Updates a sub-event, identified by its ID. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to
provide all fields of the resource, other fields will be reset to default. With ``PATCH``, you only need to provide
the fields that you want to change.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/subevents/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "New Subevent Name"},
"item_price_overrides": [
{
"item": 2,
"price": "23.42"
}
],
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "New Subevent Name"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "23.42"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the main event
:param id: The ``id`` field of the sub-event to update
:statuscode 200: no error
:statuscode 400: The sub-event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/sub-event does not exist **or** you have no permission to update this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/subevents/(id)/
Delete a sub-event. Note that events with orders cannot be deleted to ensure data integrity.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/subevents/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the main event
:param id: The ``id`` field of the sub-event to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/sub-event does not exist **or** you have no permission to delete this resource.
.. http:get:: /api/v1/organizers/(organizer)/subevents/
Returns a list of all sub-events of any event series you have access to within an organizer account.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/subevents/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": {"en": "First Sample Conference"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:query active: If set to ``true``/``false``, only events with a matching value of ``active`` are returned.
:query event__live: If set to ``true``/``false``, only events with a matching value of ``live`` on the parent event are returned.
:query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned.
:query is_past: If set to ``true`` (``false``), only events that are over are (not) returned.
:query ends_after: If set to a date and time, only events that happen during of after the given time are returned.
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.

237
doc/api/resources/taxrules.rst
View File

@@ -1,237 +0,0 @@
.. _rest-taxrules:
Tax rules
=========
Resource description
--------------------
Tax rules specify how tax should be calculated for specific products. Custom taxation rule sets are currently to
available via the API.
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the tax rule
name multi-lingual string The tax rules' name
rate decimal (string) Tax rate in percent
price_includes_tax boolean If ``true`` (default), tax is assumed to be included in
the specified product price
eu_reverse_charge boolean If ``true``, EU reverse charge rules are applied
home_country string Merchant country (required for reverse charge), can be
``null`` or empty string
===================================== ========================== =======================================================
.. versionchanged:: 1.7
This resource has been added.
.. versionchanged:: 1.9
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/taxrules/
Returns a list of all tax rules configured for an event.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/taxrules/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/taxrules/(id)/
Returns information on one tax rule, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/taxrules/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the tax rule to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/rule does not exist **or** you have no permission to view it.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/taxrules/
Create a new tax rule.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/taxrules/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 166
{
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
:param organizer: The ``slug`` field of the organizer to create a tax rule for
:param event: The ``slug`` field of the event to create a tax rule for
:statuscode 201: no error
:statuscode 400: The tax rule could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create tax rules.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/taxrules/(id)/
Update a tax rule. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/taxrules/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 34
{
"rate": "20.00",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "VAT"},
"rate": "20.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the tax rule to modify
:statuscode 200: no error
:statuscode 400: The tax rule could not be modified due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/rule does not exist **or** you have no permission to change it.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/taxrules/(id)/
Delete a tax rule. Note that tax rules can only be deleted if they are not in use for any products, settings
or orders. If you cannot delete a tax rule, this method will return a ``403`` status code and you can only
discontinue using it everywhere else.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/taxrules/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the tax rule to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/rule does not exist **or** you have no permission to change it **or** this tax rule cannot be deleted since it is currently in use.

230
doc/api/resources/vouchers.rst
View File

@@ -18,8 +18,8 @@ max_usages integer The maximum num
redeemed integer The number of times this voucher already has been
redeemed.
valid_until datetime The voucher expiration date (or ``null``).
block_quota boolean If ``true``, quota is blocked for this voucher.
allow_ignore_quota boolean If ``true``, this voucher can be redeemed even if a
block_quota boolean If ``True``, quota is blocked for this voucher.
allow_ignore_quota boolean If ``True``, this voucher can be redeemed even if a
product is sold out and even if quota is not blocked
for this voucher.
price_mode string Determines how this voucher affects product prices.
@@ -44,10 +44,6 @@ subevent integer ID of the date
===================================== ========================== =======================================================
.. versionchanged:: 1.9
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
@@ -69,7 +65,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -140,7 +136,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -166,221 +162,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/vouchers/
Create a new voucher.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/vouchers/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "12.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"redeemed": 0,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "12.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to create a voucher for
:param event: The ``slug`` field of the event to create a voucher for
:statuscode 201: no error
:statuscode 400: The voucher could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
:statuscode 409: The server was unable to acquire a lock and could not process your request. You can try again after a short waiting period.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/vouchers/batch_create/
Creates multiple new vouchers atomically.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/vouchers/batch_create/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
[
{
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "12.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
},
{
"code": "ASDKLJCYXCASDASD",
"max_usages": 1,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "12.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
},
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
[
{
"id": 1,
"code": "43K6LKM37FBVR2YG",
}, …
}
:param organizer: The ``slug`` field of the organizer to create a vouchers for
:param event: The ``slug`` field of the event to create a vouchers for
:statuscode 201: no error
:statuscode 400: The vouchers could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
:statuscode 409: The server was unable to acquire a lock and could not process your request. You can try again after a short waiting period.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/vouchers/(id)/
Update a voucher. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` and ``redeemed`` fields.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/vouchers/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"price_mode": "set",
"value": "24.00"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"redeemed": 0,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "24.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the voucher to modify
:statuscode 200: no error
:statuscode 400: The voucher could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
:statuscode 409: The server was unable to acquire a lock and could not process your request. You can try again after a short waiting period.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/vouchers/(id)/
Delete a voucher. Note that you cannot delete a voucher if it already has been redeemed.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/vouchers/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the voucher to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

168
doc/api/resources/waitinglist.rst
View File

@@ -27,12 +27,6 @@ subevent integer ID of the date
===================================== ========================== =======================================================
.. versionchanged:: 1.15
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added as well as a method to send out
vouchers.
Endpoints
---------
@@ -54,7 +48,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -108,7 +102,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -127,161 +121,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/
Create a new entry.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"email": "waiting@example.org",
"item": 3,
"variation": null,
"locale": "de",
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"created": "2017-12-01T10:00:00Z",
"email": "waiting@example.org",
"voucher": null,
"item": 3,
"variation": null,
"locale": "de",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to create an entry for
:param event: The ``slug`` field of the event to create an entry for
:statuscode 201: no error
:statuscode 400: The voucher could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this
resource **or** entries cannot be created for this item at this time.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/(id)/
Update an entry. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id``, ``voucher`` and ``created`` fields. You can only change
an entry as long as no ``voucher`` is set.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"item": 4
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"created": "2017-12-01T10:00:00Z",
"email": "waiting@example.org",
"voucher": null,
"item": 4,
"variation": null,
"locale": "de",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the entry to modify
:statuscode 200: no error
:statuscode 400: The entry could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this
resource **or** entries cannot be created for this item at this time **or** this entry already
has a voucher assigned
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/(id)/send_voucher/
Manually sends a voucher to someone on the waiting list
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/1/send_voucher/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 0
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the entry to modify
:statuscode 204: no error
:statuscode 400: The voucher could not be sent out, see body for details (e.g. voucher has already been sent or
item is not available).
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to do this
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/(id)/
Delete an entry. Note that you cannot delete an entry once it is assigned a voucher.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the entry to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this
resource **or** this entry already has a voucher assigned.

242
doc/api/resources/webhooks.rst
View File

@@ -1,242 +0,0 @@
.. _`rest-webhooks`:
Webhooks
========
.. note:: This page is about how to modify webhook settings themselves through the REST API. If you just want to know
how webhooks work, go here: :ref:`webhooks`
Resource description
--------------------
The webhook resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the webhook
enabled boolean If ``false``, this webhook will not receive any notifications
target_url string The URL to call
all_events boolean If ``true``, this webhook will receive notifications
on all events of this organizer
limit_events list of strings If ``all_events`` is ``false``, this is a list of
event slugs this webhook is active for
action_types list of strings A list of action type filters that limit the
notifications sent to this webhook. See below for
valid values
===================================== ========================== =======================================================
The following values for ``action_types`` are valid with pretix core:
* ``pretix.event.order.placed``
* ``pretix.event.order.paid``
* ``pretix.event.order.canceled``
* ``pretix.event.order.expired``
* ``pretix.event.order.modified``
* ``pretix.event.order.contact.changed``
* ``pretix.event.order.changed.*``
* ``pretix.event.order.refund.created.externally``
* ``pretix.event.order.approved``
* ``pretix.event.order.denied``
* ``pretix.event.checkin``
* ``pretix.event.checkin.reverted``
Installed plugins might register more valid values.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/webhooks/
Returns a list of all webhooks within a given organizer.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/webhooks/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 2,
"enabled": true,
"target_url": "https://httpstat.us/200",
"all_events": false,
"limit_events": ["democon"],
"action_types": ["pretix.event.order.modified", "pretix.event.order.changed.*"]
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of the organizer to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/webhooks/(id)/
Returns information on one webhook, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/webhooks/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"enabled": true,
"target_url": "https://httpstat.us/200",
"all_events": false,
"limit_events": ["democon"],
"action_types": ["pretix.event.order.modified", "pretix.event.order.changed.*"]
}
:param organizer: The ``slug`` field of the organizer to fetch
:param id: The ``id`` field of the webhook to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/webhooks/
Creates a new webhook
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/webhooks/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"enabled": true,
"target_url": "https://httpstat.us/200",
"all_events": false,
"limit_events": ["democon"],
"action_types": ["pretix.event.order.modified", "pretix.event.order.changed.*"]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 3,
"enabled": true,
"target_url": "https://httpstat.us/200",
"all_events": false,
"limit_events": ["democon"],
"action_types": ["pretix.event.order.modified", "pretix.event.order.changed.*"]
}
:param organizer: The ``slug`` field of the organizer to create a webhook for
:statuscode 201: no error
:statuscode 400: The webhook could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/webhooks/(id)/
Update a webhook. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/webhooks/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"enabled": false
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"enabled": false,
"target_url": "https://httpstat.us/200",
"all_events": false,
"limit_events": ["democon"],
"action_types": ["pretix.event.order.modified", "pretix.event.order.changed.*"]
}
:param organizer: The ``slug`` field of the organizer to modify
:param id: The ``id`` field of the webhook to modify
:statuscode 200: no error
:statuscode 400: The webhook could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/webhook/(id)/
Delete a webhook. Currently, this will not delete but just disable the webhook.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/webhooks/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param id: The ``id`` field of the webhook to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to delete this resource.

36
doc/api/tokenauth.rst
View File

@@ -1,36 +0,0 @@
.. _`rest-tokenauth`:
Token-based authentication
==========================
Obtaining an API token
----------------------
To authenticate your API requests with Tokens, you need to obtain a team-level API token.
You can create a token in the pretix web interface on the level of organizer teams. Create
a new team or choose an existing team that has the level of permissions the token should
have and create a new token using the form below the list of team members:
.. image:: img/token_form.png
:class: screenshot
You can enter a description for the token to distinguish from other tokens later on.
Once you click "Add", you will be provided with an API token in the success message.
Copy this token, as you won't be able to retrieve it again.
.. image:: img/token_success.png
:class: screenshot
Using an API token
------------------
You need to include the API token with every request to pretix' API in the ``Authorization`` header
like the following:
.. sourcecode:: http
:emphasize-lines: 3
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Token e1l6gq2ye72thbwkacj7jbri7a7tvxe614ojv8ybureain92ocub46t5gab5966k

108
doc/api/webhooks.rst
View File

@@ -1,108 +0,0 @@
.. _`webhooks`:
Webhooks
========
pretix can send webhook calls to notify your application of any changes that happen inside pretix. This is especially
useful for everything triggered by an actual user, such as a new ticket sale or the arrival of a payment.
You can register any number of webhook URLs that pretix will notify any time one of the supported events occurs inside
your organizer account. A great example use case of webhooks would be to add the buyer to your mailing list every time
a new order comes in.
Configuring webhooks
--------------------
You can find the list of your active webhooks in the "Webhook" section of your organizer account:
.. thumbnail:: ../screens/organizer/webhook_list.png
:align: center
:class: screenshot
Click "Create webhook" if you want to add a new URL. You will then be able to enter the URL pretix shall call for
notifications. You need to select any number of notification types that you want to receive and you can optionally
filter the events you want to receive notifications for.
.. thumbnail:: ../screens/organizer/webhook_edit.png
:align: center
:class: screenshot
You can also configure webhooks :ref:`through the API itself <rest-webhooks>`.
Receiving webhooks
------------------
Creating a webhook endpoint on your server is no different from creating any other page on your website. If your
website is written in PHP, you might just create a new ``.php`` file on your server; if you use a web framework like
Symfony or Django, you would just create a new route with the desired URL.
We will call your URL with a HTTP ``POST`` request with a ``JSON`` body. In PHP, you can parse this like this::
$input = @file_get_contents('php://input');
$event_json = json_decode($input);
// Do something with $event_json
In Django, you would create a view like this::
def my_webhook_view(request):
event_json = json.loads(request.body)
# Do something with event_json
return HttpResponse(status=200)
More samples for the language of your choice are easy to find online.
The exact body of the request varies by notification type, but for the main types included with pretix core, such as
those related to changes of an order, it will look like this::
{
"notification_id": 123455,
"organizer": "acmecorp",
"event": "democon",
"code": "ABC23",
"action": "pretix.event.order.placed"
}
Notifications regarding a check-in will contain more details like ``orderposition_id``
and ``checkin_list``.
.. warning:: You should not trust data supplied to your webhook, but only use it as a trigger to fetch updated data.
Anyone could send data there if they guess the correct URL and you won't be able to tell. Therefore, we
only include the minimum amount of data necessary for you to fetch the changed objects from our
:ref:`rest-api` in an authenticated way.
If you want to further prevent others from accessing your webhook URL, you can also use `Basic authentication`_ and
supply the URL to us in the format of ``https://username:password@domain.com/path/``.
We recommend that you use HTTPS for your webhook URL and might require it in the future. If HTTPS is used, we require
that a valid certificate is in use.
.. note:: If you use a web framework that makes use of automatic CSRF protection, this protection might prevent us
from calling your webhook URL. In this case, we recommend that you turn of CSRF protection selectively
for that route. In Django, you can do this by putting the ``@csrf_exempt`` decorator on your view. In
Rails, you can pass an ``except`` parameter to ``protect_from_forgery``.
Responding to a webhook
-----------------------
If you successfully received a webhook call, your endpoint should return a HTTP status code between ``200`` and ``299``.
If any other status code is returned, we will assume you did not receive the call. This does mean that any redirection
or ``304 Not Modified`` response will be treated as a failure. pretix will not follow any ``301`` or ``302`` redirect
headers and pretix will ignore all other information in your response headers or body.
If we do not receive a status code in the range of ``200`` and ``299``, pretix will retry to deliver for up to three
days with an exponential back off. Therefore, we recommend that you implement your endpoint in a way where calling it
multiple times for the same event due to a perceived error does not do any harm.
There is only one exception: If status code ``410 Gone`` is returned, we will assume the
endpoint does not exist any more and automatically disable the webhook.
.. note:: If you use a self-hosted version of pretix (i.e. not our SaaS offering at pretix.eu) and you did not
configure a background task queue, failed webhooks will not be retried.
Debugging webhooks
------------------
If you want to debug your webhooks, you can view a log of all sent notifications and the responses of your server for
30 days right next to your configuration.
.. _Basic authentication: https://en.wikipedia.org/wiki/Basic_access_authentication

11
doc/checkin_filter.py
View File

@@ -1,11 +0,0 @@
from enchant.tokenize import get_tokenizer, Filter, unit_tokenize
class CheckinFilter(Filter):
""" If a word looks like checkin_count, it refers to a so-called variable in
the code, and is treated as being spelled right."""
def _split(self, word):
if word[:8] == "checkin_":
return unit_tokenize(word[8:])
return unit_tokenize(word)

43
doc/conf.py
View File

@@ -13,10 +13,6 @@
# All configuration values have a default; values that are commented out
# serve to show the default.
from docutils.parsers.rst.directives.admonitions import BaseAdmonition
from sphinx.util import compat
compat.make_admonition = BaseAdmonition # See https://github.com/spinus/sphinxcontrib-images/issues/41
import sys
import os
@@ -31,13 +27,6 @@ import django
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "pretix.testutils.settings")
django.setup()
try:
import enchant
HAS_PYENCHANT = True
except:
HAS_PYENCHANT = False
# -- General configuration ------------------------------------------------
# If your documentation needs a minimal Sphinx version, state it here.
@@ -49,12 +38,10 @@ except:
extensions = [
'sphinx.ext.autodoc',
'sphinx.ext.doctest',
'sphinx.ext.todo',
'sphinx.ext.coverage',
'sphinxcontrib.httpdomain',
'sphinxcontrib.images',
]
if HAS_PYENCHANT:
extensions.append('sphinxcontrib.spelling')
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
@@ -294,31 +281,3 @@ texinfo_documents = [
# If true, do not generate a @detailmenu in the "Top" node's menu.
#texinfo_no_detailmenu = False
images_config = {
'default_image_width': '250px'
}
linkcheck_ignore = [
r'http://localhost.*', r'.*yourdomain.*', r'https://en.wikipedia.org', 'https://pretix.eu/',
]
# -- Options for Spelling output ------------------------------------------
if HAS_PYENCHANT:
# String specifying the language, as understood by PyEnchant and enchant.
# Defaults to en_US for US English.
spelling_lang = 'en_US'
# String specifying a file containing a list of words known to be spelled
# correctly but that do not appear in the language dictionary selected by
# spelling_lang. The file should contain one word per line.
spelling_word_list_filename='spelling_wordlist.txt'
# Boolean controlling whether suggestions for misspelled words are printed.
# Defaults to False.
spelling_show_suggestions=True
# List of filter classes to be added to the tokenizer that produces words to be checked.
from checkin_filter import CheckinFilter
spelling_filters=[CheckinFilter]

111
doc/development/api/customview.rst
View File

@@ -25,7 +25,7 @@ If you want to add a custom view to the control area of an event, just register
views.admin_view, name='backend'),
]
It is required that your URL parameters are called ``organizer`` and ``event``. If you want to
It is required that your URL paramaters are called ``organizer`` and ``event``. If you want to
install a view on organizer level, you can leave out the ``event``.
You can then implement the view as you would normally do. Our middleware will automatically
@@ -60,85 +60,7 @@ your views::
def admin_view(request, organizer, event):
...
Similarly, there is ``organizer_permission_required`` and ``OrganizerPermissionRequiredMixin``. In case of
event-related views, there is also a signal that allows you to add the view to the event navigation like this::
from django.urls import resolve, reverse
from django.dispatch import receiver
from django.utils.translation import ugettext_lazy as _
from pretix.control.signals import nav_event
@receiver(nav_event, dispatch_uid='friends_tickets_nav')
def navbar_info(sender, request, **kwargs):
url = resolve(request.path_info)
if not request.user.has_event_permission(request.organizer, request.event, 'can_change_vouchers'):
return []
return [{
'label': _('My plugin view'),
'icon': 'heart',
'url': reverse('plugins:myplugin:index', kwargs={
'event': request.event.slug,
'organizer': request.organizer.slug,
}),
'active': url.namespace == 'plugins:myplugin' and url.url_name == 'review',
}]
Event settings view
-------------------
A special case of a control panel view is a view hooked into the event settings page. For this case, there is a
special navigation signal::
@receiver(nav_event_settings, dispatch_uid='friends_tickets_nav_settings')
def navbar_settings(sender, request, **kwargs):
url = resolve(request.path_info)
return [{
'label': _('My settings'),
'url': reverse('plugins:myplugin:settings', kwargs={
'event': request.event.slug,
'organizer': request.organizer.slug,
}),
'active': url.namespace == 'plugins:myplugin' and url.url_name == 'settings',
}]
Also, your view should inherit from ``EventSettingsViewMixin`` and your template from ``pretixcontrol/event/settings_base.html``
for good integration. If you just want to display a form, you could do it like the following::
class MySettingsView(EventSettingsViewMixin, EventSettingsFormView):
model = Event
permission = 'can_change_settings'
form_class = MySettingsForm
template_name = 'my_plugin/settings.html'
def get_success_url(self, **kwargs):
return reverse('plugins:myplugin:settings', kwargs={
'organizer': self.request.event.organizer.slug,
'event': self.request.event.slug,
})
With this template::
{% extends "pretixcontrol/event/settings_base.html" %}
{% load i18n %}
{% load bootstrap3 %}
{% block title %} {% trans "Friends Tickets Settings" %} {% endblock %}
{% block inside %}
<form action="" method="post" class="form-horizontal">
{% csrf_token %}
<fieldset>
<legend>{% trans "Friends Tickets Settings" %}</legend>
{% bootstrap_form form layout="horizontal" %}
</fieldset>
<div class="form-group submit-group">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Save" %}
</button>
</div>
</form>
{% endblock %}
Similarly, there is ``organizer_permission_required`` and ``OrganizerPermissionRequiredMixin``.
Frontend views
--------------
@@ -146,34 +68,35 @@ Frontend views
Including a custom view into the participant-facing frontend is a little bit different as there is
no path prefix like ``control/``.
First, define your URL in your ``urls.py``, but this time in the ``event_patterns`` section and wrapped by
``event_url``::
First, define your URL in your ``urls.py``, but this time in the ``event_patterns`` section::
from pretix.multidomain import event_url
from django.conf.urls import url
from . import views
event_patterns = [
event_url(r'^mypluginname/', views.frontend_view, name='frontend'),
url(r'^mypluginname/', views.frontend_view, name='frontend'),
]
You can then implement a view as you would normally do. It will be automatically ensured that:
You can then implement a view as you would normally do, but you need to apply a decorator to your
view if you want pretix's default behavior::
from pretix.presale.utils import event_view
@event_view
def some_event_view(request, *args, **kwargs):
...
This decorator will check the URL arguments for their ``event`` and ``organizer`` parameters and
correctly ensure that:
* The requested event exists
* The requested event is active (you can disable this check using ``event_url(…, require_live=True)``)
* The requested event is activated (can be overridden by decorating with ``@event_view(require_live=False)``)
* The event is accessed via the domain it should be accessed
* The ``request.event`` attribute contains the correct ``Event`` object
* The ``request.organizer`` attribute contains the correct ``Organizer`` object
* Your plugin is enabled
* The locale is set correctly
.. versionchanged:: 1.7
The ``event_url()`` wrapper has been added in 1.7 to replace the former ``@event_view`` decorator. The
``event_url()`` wrapper is optional and using ``url()`` still works, but you will not be able to set the
``require_live`` setting any more via the decorator. The ``@event_view`` decorator is now deprecated and
does nothing.
REST API viewsets
-----------------

109
doc/development/api/email.rst
View File

@@ -1,109 +0,0 @@
.. highlight:: python
:linenothreshold: 5
Writing an HTML e-mail renderer plugin
======================================
An email renderer class controls how the HTML part of e-mails sent by pretix is built.
The creation of such a plugin is very similar to creating an export output.
Please read :ref:`Creating a plugin <pluginsetup>` first, if you haven't already.
Output registration
-------------------
The email HTML renderer API does not make a lot of usage from signals, however, it
does use a signal to get a list of all available email renderers. Your plugin
should listen for this signal and return the subclass of ``pretix.base.email.BaseHTMLMailRenderer``
that we'll provide in this plugin::
from django.dispatch import receiver
from pretix.base.signals import register_html_mail_renderers
@receiver(register_html_mail_renderers, dispatch_uid="renderer_custom")
def register_mail_renderers(sender, **kwargs):
from .email import MyMailRenderer
return MyMailRenderer
The renderer class
------------------
.. class:: pretix.base.email.BaseHTMLMailRenderer
The central object of each email renderer is the subclass of ``BaseHTMLMailRenderer``.
.. py:attribute:: BaseHTMLMailRenderer.event
The default constructor sets this property to the event we are currently
working for.
.. autoattribute:: identifier
This is an abstract attribute, you **must** override this!
.. autoattribute:: verbose_name
This is an abstract attribute, you **must** override this!
.. autoattribute:: thumbnail_filename
This is an abstract attribute, you **must** override this!
.. autoattribute:: is_available
.. automethod:: render
This is an abstract method, you **must** implement this!
Helper class for template-base renderers
----------------------------------------
The email renderer that ships with pretix is based on Django templates to generate HTML.
In case you also want to render emails based on a template, we provided a ready-made base
class ``TemplateBasedMailRenderer`` that you can re-use to perform the following steps:
* Convert the body text and the signature to HTML using our markdown renderer
* Render the template
* Call `inlinestyler`_ to convert all ``<style>`` style sheets to inline ``style=""``
attributes for better compatibility
To use it, you just need to implement some variables::
class ClassicMailRenderer(TemplateBasedMailRenderer):
verbose_name = _('pretix default')
identifier = 'classic'
thumbnail_filename = 'pretixbase/email/thumb.png'
template_name = 'pretixbase/email/plainwrapper.html'
The template is passed the following context variables:
``site``
Name of the pretix installation (``settings.PRETIX_INSTANCE_NAME``)
``site_url``
Root URL of the pretix installation (``settings.SITE_URL``)
``body``
The body as markdown (render with ``{{ body|safe }}``)
``subject``
The email subject
``color``
The primary color of the event
``event``
The ``Event`` object
``signature`` (optional, only if configured)
The body as markdown (render with ``{{ signature|safe }}``)
``order`` (optional, only if applicable)
The ``Order`` object
.. _inlinestyler: https://pypi.org/project/inlinestyler/

4
doc/development/api/exporter.rst
View File

@@ -21,10 +21,10 @@ that we'll provide in this plugin::
from django.dispatch import receiver
from pretix.base.signals import register_data_exporters
from pretix.base.signals import register_data_exporter
@receiver(register_data_exporters, dispatch_uid="exporter_myexporter")
@receiver(register_data_exporter, dispatch_uid="exporter_myexporter")
def register_data_exporter(sender, **kwargs):
from .exporter import MyExporter
return MyExporter

26
doc/development/api/general.rst
View File

@@ -11,8 +11,7 @@ Core
----
.. automodule:: pretix.base.signals
:members: periodic_task, event_live_issues, event_copy_data, email_filter, register_notification_types,
item_copy_data, register_sales_channels
:members: periodic_task, event_live_issues, event_copy_data
Order events
""""""""""""
@@ -20,13 +19,13 @@ Order events
There are multiple signals that will be sent out in the ordering cycle:
.. automodule:: pretix.base.signals
:members: validate_cart, order_fee_calculation, order_paid, order_placed, order_canceled, order_expired, order_modified, order_changed, order_approved, order_denied, order_fee_type_name, allow_ticket_download
:members: validate_cart, order_paid, order_placed
Frontend
--------
.. automodule:: pretix.presale.signals
:members: html_head, html_footer, footer_link, front_page_top, front_page_bottom, fee_calculation_for_cart, contact_form_fields, question_form_fields, checkout_confirm_messages, checkout_confirm_page_content, checkout_all_optional, html_page_header, sass_preamble, sass_postamble
:members: html_head, html_footer, footer_links, front_page_top, front_page_bottom, contact_form_fields, question_form_fields, checkout_confirm_messages
.. automodule:: pretix.presale.signals
@@ -48,33 +47,20 @@ Backend
-------
.. automodule:: pretix.control.signals
:members: nav_event, html_head, html_page_start, quota_detail_html, nav_topbar, nav_global, nav_organizer, nav_event_settings,
order_info, event_settings_widget, oauth_application_registered, order_position_buttons
:members: nav_event, html_head, quota_detail_html, nav_topbar, nav_global, nav_organizer
.. automodule:: pretix.base.signals
:members: logentry_display, logentry_object_link, requiredaction_display
:members: logentry_display, requiredaction_display
Vouchers
""""""""
.. automodule:: pretix.control.signals
:members: item_forms
Vouchers
""""""""
.. automodule:: pretix.control.signals
:members: voucher_form_class, voucher_form_html, voucher_form_validation
:members: voucher_form_class, voucher_form_html
Dashboards
""""""""""
.. automodule:: pretix.control.signals
:members: event_dashboard_widgets, user_dashboard_widgets
Ticket designs
""""""""""""""
.. automodule:: pretix.base.signals
:members: layout_text_variables

4
doc/development/api/index.rst
View File

@@ -10,10 +10,6 @@ Contents:
exporter
ticketoutput
payment
payment_2.0
email
invoice
shredder
customview
general
quality

4
doc/development/api/invoice.rst
View File

@@ -13,7 +13,7 @@ Output registration
-------------------
The invoice renderer API does not make a lot of usage from signals, however, it
does use a signal to get a list of all available invoice renderers. Your plugin
does use a signal to get a list of all available ticket outputs. Your plugin
should listen for this signal and return the subclass of ``pretix.base.invoice.BaseInvoiceRenderer``
that we'll provide in this plugin::
@@ -23,7 +23,7 @@ that we'll provide in this plugin::
@receiver(register_invoice_renderers, dispatch_uid="output_custom")
def register_invoice_renderers(sender, **kwargs):
def register_infoice_renderers(sender, **kwargs):
from .invoice import MyInvoiceRenderer
return MyInvoiceRenderer

48
doc/development/api/payment.rst
View File

@@ -9,10 +9,6 @@ is very similar to creating an export output.
Please read :ref:`Creating a plugin <pluginsetup>` first, if you haven't already.
.. warning:: We changed our payment provider API a lot in pretix 2.x. Our documentation page on :ref:`payment2.0`
might be insightful even if you do not have a payment provider to port, as it outlines the rationale
behind the current design.
Provider registration
---------------------
@@ -35,7 +31,7 @@ that the plugin will provide::
The provider class
------------------
.. py:class:: pretix.base.payment.BasePaymentProvider
.. class:: pretix.base.payment.BasePaymentProvider
The central object of each payment provider is the subclass of ``BasePaymentProvider``.
@@ -58,63 +54,53 @@ The provider class
This is an abstract attribute, you **must** override this!
.. autoattribute:: public_name
.. autoattribute:: is_enabled
.. automethod:: calculate_fee
.. autoattribute:: settings_form_fields
.. automethod:: settings_form_clean
.. automethod:: settings_content_render
.. automethod:: is_allowed
.. automethod:: render_invoice_text
.. automethod:: payment_form_render
.. automethod:: payment_form
.. automethod:: is_allowed
.. autoattribute:: payment_form_fields
.. automethod:: payment_is_valid_session
.. automethod:: checkout_prepare
.. automethod:: payment_is_valid_session
.. automethod:: checkout_confirm_render
This is an abstract method, you **must** override this!
.. automethod:: execute_payment
.. automethod:: calculate_fee
.. automethod:: payment_perform
.. automethod:: order_pending_mail_render
.. automethod:: payment_pending_render
.. automethod:: order_pending_render
.. autoattribute:: abort_pending_allowed
.. automethod:: render_invoice_text
This is an abstract method, you **must** override this!
.. automethod:: order_change_allowed
.. automethod:: payment_prepare
.. automethod:: order_can_retry
.. automethod:: payment_control_render
.. automethod:: order_prepare
.. automethod:: payment_refund_supported
.. automethod:: order_paid_render
.. automethod:: payment_partial_refund_supported
.. automethod:: order_control_render
.. automethod:: execute_refund
.. automethod:: order_control_refund_render
.. automethod:: shred_payment_info
.. autoattribute:: is_implicit
.. autoattribute:: is_meta
.. autoattribute:: test_mode_message
.. automethod:: order_control_refund_perform
Additional views

129
doc/development/api/payment_2.0.rst
View File

@@ -1,129 +0,0 @@
.. highlight:: python
:linenothreshold: 5
.. _`payment2.0`:
Porting a payment provider from pretix 1.x to pretix 2.x
========================================================
In pretix 2.x, we changed large parts of the payment provider API. This documentation details the changes we made
and shows you how you can make an existing pretix 1.x payment provider compatible with pretix 2.x
Conceptual overview
-------------------
In pretix 1.x, an order was always directly connected to a payment provider for the full life of an order. As long as
an order was unpaid, this could still be changed in some cases, but once an order was paid, no changes to the payment
provider were possible any more. Additionally, the internal state of orders allowed orders only to be fully paid or
not paid at all. This leads to a couple of consequences:
* Payment-related functions (like "execute payment" or "do a refund") always operated on full orders.
* Changing the total of an order was basically impossible once an order was paid, since there was no concept of
partial payments or partial refunds.
* Payment provider plugins needed to take complicated steps to detect cases that require human intervention, like e.g.
* An order has expired, no quota is left to revive it, but a payment has been received
* A payment has been received for a canceled order
* A payment has been received for an order that has already been paid with a different payment method
* An external payment service notified us of a refund/dispute
We noticed that we copied and repeated large portions of code in all our official payment provider plugins, just
to deal with some of these cases.
* Sometimes, there is the need to mark an order as refunded within pretix, without automatically triggering a refund
with an external API. Every payment method needed to implement a user interface for this independently.
* If a refund was not possible automatically, there was no way user to track which payments actually have been refunded
manually and which are still left to do.
* When the payment with one payment provider failed and the user changed to a different payment provider, all
information about the first payment was lost from the order object and could only be retrieved from order log data,
which also made it hard to design a data shredder API to get rid of this data.
In pretix 2.x, we introduced two new models, :py:class:`OrderPayment <pretix.base.models.OrderPayment>` and
:py:class:`OrderRefund <pretix.base.models.OrderRefund>`. Each instance of these is connected to an order and
represents one single attempt to pay or refund a specific amount of money. Each one of these has an individual state,
can individually fail or succeed, and carries an amount variable that can differ from the order total.
This has the following advantages:
* The system can now detect orders that are over- or underpaid, independent of the payment providers in use.
* Therefore, we can now allow partial payments, partial refunds, and changing paid orders, and automatically detect
the cases listed above and notify the user.
Payment providers now interact with those payment and refund objects more than with orders.
Your to-do list
---------------
Payment processing
""""""""""""""""""
* The method ``BasePaymentProvider.order_pending_render`` has been removed and replaced by a new
``BasePaymentProvider.payment_pending_render(request, payment)`` method that is passed an ``OrderPayment``
object instead of an ``Order``.
* The method ``BasePaymentProvider.payment_form_render`` now receives a new ``total`` parameter.
* The method ``BasePaymentProvider.payment_perform`` has been removed and replaced by a new method
``BasePaymentProvider.execute_payment(request, payment)`` that is passed an ``OrderPayment``
object instead of an ``Order``.
* The function ``pretix.base.services.mark_order_paid`` has been removed, instead call ``payment.confirm()``
on a pending ``OrderPayment`` object. If no further payments are required for this order, this will also
mark the order as paid automatically. Note that ``payment.confirm()`` can still throw a ``QuotaExceededException``,
however it will still mark the payment as complete (not the order!), so you should catch this exception and
inform the user, but not abort the transaction.
* A new property ``BasePaymentProvider.abort_pending_allowed`` has been introduced. Only if set, the user will
be able to retry a payment or switch the payment method when the order currently has a payment object in
state ``"pending"``. This replaces ``BasePaymentProvider.order_can_retry``, which no longer exists.
* The methods ``BasePaymentProvider.retry_prepare`` and ``BasePaymentProvider.order_prepare`` have both been
replaced by a new method ``BasePaymentProvider.payment_prepare(request, payment)`` that is passed an ``OrderPayment``
object instead of an ``Order``. **Keep in mind that this payment object might have an amount property that
differs from the order total, if the order is already partially paid.**
* The method ``BasePaymentProvider.order_paid_render`` has been removed.
* The method ``BasePaymentProvider.order_control_render`` has been removed and replaced by a new method
``BasePaymentProvider.payment_control_render(request, payment)`` that is passed an ``OrderPayment``
object instead of an ``Order``.
* There's no need to manually deal with excess payments or duplicate payments anymore, just setting the ``OrderPayment``
methods to the correct state will do the job.
Creating refunds
""""""""""""""""
* The methods ``BasePaymentProvider.order_control_refund_render`` and ``BasePaymentProvider.order_control_refund_perform``
have been removed.
* Two new boolean methods ``BasePaymentProvider.payment_refund_supported(payment)`` and ``BasePaymentProvider.payment_partial_refund_supported(payment)``
have been introduced. They should be set to return ``True`` if and only if the payment API allows to *automatically*
transfer the money back to the customer.
* A new method ``BasePaymentProvider.execute_refund(refund)`` has been introduced. This method is called using a
``OrderRefund`` object in ``"created"`` state and is expected to transfer the money back and confirm success with
calling ``refund.done()``. This will only ever be called if either ``BasePaymentProvider.payment_refund_supported(payment)``
or ``BasePaymentProvider.payment_partial_refund_supported(payment)`` return ``True``.
Processing external refunds
"""""""""""""""""""""""""""
* If e.g. a webhook API notifies you that a payment has been disputed or refunded with the external API, you are
expected to call ``OrderPayment.create_external_refund(self, amount, execution_date, info='{}')`` on this payment.
This will create and return an appropriate ``OrderRefund`` object and send out a notification. However, it will not
mark the order as refunded, but will ask the event organizer for a decision.
Data shredders
""""""""""""""
* The method ``BasePaymentProvider.shred_payment_info`` is no longer passed an order, but instead **either**
an ``OrderPayment`` **or** an ``OrderRefund``.

18
doc/development/api/plugins.rst
View File

@@ -79,9 +79,6 @@ human-readable error messages. We recommend using the ``django.utils.functional.
decorator, as it might get called a lot. You can also implement ``compatibility_warnings``,
those will be displayed but not block the plugin execution.
The ``AppConfig`` class may implement a method ``is_available(event)`` that checks if a plugin
is available for a specific event. If not, it will not be shown in the plugin list of that event.
Plugin registration
-------------------
@@ -117,19 +114,6 @@ method to make your receivers available::
def ready(self):
from . import signals # NOQA
You can optionally specify code that is executed when your plugin is activated for an event
in the ``installed`` method::
class PaypalApp(AppConfig):
def installed(self, event):
pass # Your code here
Note that ``installed`` will *not* be called if the plugin in indirectly activated for an event
because the event is created with settings copied from another event.
Views
-----
@@ -145,5 +129,5 @@ your Django app label.
.. _Django app: https://docs.djangoproject.com/en/1.7/ref/applications/
.. _signal dispatcher: https://docs.djangoproject.com/en/1.7/topics/signals/
.. _namespace packages: http://legacy.python.org/dev/peps/pep-0420/
.. _entry point: https://setuptools.readthedocs.io/en/latest/pkg_resources.html#locating-plugins
.. _entry point: https://pythonhosted.org/setuptools/setuptools.html#dynamic-discovery-of-services-and-plugins
.. _cookiecutter: https://cookiecutter.readthedocs.io/en/latest/

125
doc/development/api/quality.rst
View File

@@ -1,125 +0,0 @@
.. highlight:: python
:linenothreshold: 5
.. _`pluginquality`:
Plugin quality checklist
========================
If you want to write a high-quality pretix plugin, this is a list of things you should check before
you publish it. This is also a list of things that we check, if we consider installing an externally
developed plugin on our hosted infrastructure.
A. Meta
-------
#. The plugin is clearly licensed under an appropriate license.
#. The plugin has an unambiguous name, description, and author metadata.
#. The plugin has a clear versioning scheme and the latest version of the plugin is kept compatible to the latest
stable version of pretix.
#. The plugin is properly packaged using standard Python packaging tools.
#. The plugin correctly declares its external dependencies.
#. A contact address is provided in case of security issues.
B. Isolation
------------
#. If any signal receivers use the `dispatch_uid`_ feature, the UIDs are prefixed by the plugin's name and do not
clash with other plugins.
#. If any templates or static files are shipped, they are located in subdirectories with the name of the plugin and do
not clash with other plugins or core files.
#. Any keys stored to the settings store are prefixed with the plugin's name and do not clash with other plugins or
core.
#. Any keys stored to the user session are prefixed with the plugin's name and do not clash with other plugins or
core.
#. Any registered URLs are unlikely to clash with other plugins or future core URLs.
C. Security
-----------
#. All important actions are logged to the :ref:`shared log storage <logging>` and a signal receiver is registered to
provide a human-readable representation of the log entry.
#. All views require appropriate permissions and use the ``event_urls`` mechanism if appropriate.
:ref:`Read more <customview>`
#. Any session data for customers is stored in the cart session system if appropriate.
#. If the plugin is a payment provider:
#. No credit card numbers may be stored within pretix.
#. A notification/webhook system is implemented to notify pretix of any refunds.
#. If such a webhook system is implemented, contents of incoming webhooks are either verified using a cryptographic
signature or are not being trusted and all data is fetched from an API instead.
D. Privacy
----------
#. No personal data is stored that is not required for the plugin's functionality.
#. For any personal data that is saved to the database, an appropriate :ref:`data shredder <shredder>` is provided
that offers the data for download and then removes it from the database (including log entries).
E. Internationalization
-----------------------
#. All user-facing strings in templates, Python code, and templates are wrapped in `gettext calls`_.
#. No languages, time zones, date formats, or time formats are hardcoded.
#. Installing the plugin automatically compiles ``.po`` files to ``.mo`` files. This is fulfilled automatically if
you use the ``setup.py`` file form our plugin cookiecutter.
F. Functionality
----------------
#. If the plugin adds any database models or relationships from the settings storage to database models, it registers
a receiver to the :py:attr:`pretix.base.signals.event_copy_data` or :py:attr:`pretix.base.signals.item_copy_data`
signals.
#. If the plugin is a payment provider:
#. A webhook-like system is implemented if payment confirmations are not sent instantly.
#. Refunds are implemented, if possible.
#. In case of overpayment or external refunds, a "required action" is created to notify the event organizer.
#. If the plugin adds steps to the checkout process, it has been tested in combination with the pretix widget.
G. Code quality
---------------
#. `isort`_ and `flake8`_ are used to ensure consistent code styling.
#. Unit tests are provided for important pieces of business logic.
#. Functional tests are provided for important interface parts.
#. Tests are provided to check that permission checks are working.
#. Continuous Integration is set up to check that tests are passing and styling is consistent.
H. Specific to pretix.eu
------------------------
#. pretix.eu integrates the data stored by this plugin with its data report features.
#. pretix.eu integrates this plugin in its generated privacy statements, if necessary.
.. _isort: https://www.google.de/search?q=isort&oq=isort&aqs=chrome..69i57j0j69i59j69i60l2j69i59.599j0j4&sourceid=chrome&ie=UTF-8
.. _flake8: http://flake8.pycqa.org/en/latest/
.. _gettext calls: https://docs.djangoproject.com/en/2.0/topics/i18n/translation/
.. _dispatch_uid: https://docs.djangoproject.com/en/2.0/topics/signals/#django.dispatch.Signal.connect

94
doc/development/api/shredder.rst
View File

@@ -1,94 +0,0 @@
.. highlight:: python
:linenothreshold: 5
.. _`shredder`:
Writing a data shredder
=======================
If your plugin adds the ability to store personal data within pretix, you should also implement a "data shredder"
to anonymize or pseudonymize the data later.
Shredder registration
---------------------
The data shredder API does not make a lot of usage from signals, however, it
does use a signal to get a list of all available data shredders. Your plugin
should listen for this signal and return the subclass of ``pretix.base.shredder.BaseDataShredder``
that we'll provide in this plugin:
.. sourcecode:: python
from django.dispatch import receiver
from pretix.base.signals import register_data_shredders
@receiver(register_data_shredders, dispatch_uid="custom_data_shredders")
def register_shredder(sender, **kwargs):
return [
PluginDataShredder,
]
The shredder class
------------------
.. class:: pretix.base.shredder.BaseDataShredder
The central object of each invoice renderer is the subclass of ``BaseInvoiceRenderer``.
.. py:attribute:: BaseInvoiceRenderer.event
The default constructor sets this property to the event we are currently
working for.
.. autoattribute:: identifier
This is an abstract attribute, you **must** override this!
.. autoattribute:: verbose_name
This is an abstract attribute, you **must** override this!
.. autoattribute:: description
This is an abstract attribute, you **must** override this!
.. automethod:: generate_files
.. automethod:: shred_data
Example
-------
For example, the core data shredder responsible for removing invoice address information including their history
looks like this:
.. sourcecode:: python
class InvoiceAddressShredder(BaseDataShredder):
verbose_name = _('Invoice addresses')
identifier = 'invoice_addresses'
description = _('This will remove all invoice addresses from orders, '
'as well as logged changes to them.')
def generate_files(self) -> List[Tuple[str, str, str]]:
yield 'invoice-addresses.json', 'application/json', json.dumps({
ia.order.code: InvoiceAdddressSerializer(ia).data
for ia in InvoiceAddress.objects.filter(order__event=self.event)
}, indent=4)
@transaction.atomic
def shred_data(self):
InvoiceAddress.objects.filter(order__event=self.event).delete()
for le in self.event.logentry_set.filter(action_type="pretix.event.order.modified"):
d = le.parsed_data
if 'invoice_data' in d and not isinstance(d['invoice_data'], bool):
for field in d['invoice_data']:
if d['invoice_data'][field]:
d['invoice_data'][field] = ''
le.data = json.dumps(d)
le.shredded = True
le.save(update_fields=['data', 'shredded'])

10
doc/development/concepts.rst
View File

@@ -59,7 +59,7 @@ If an item is assigned to multiple quotas, it can only be bought if *all of them
If multiple items are assigned to the same quota, the quota will be counted as sold out as soon as the
*sum* of the two items exceeds the quota limit.
The availability of a quota is currently calculated by subtracting the following numbers from the quota
The availability of a quota is currently calculated by substracting the following numbers from the quota
limit:
* The number of orders placed for an item that are either already paid or within their granted payment period
@@ -82,12 +82,6 @@ Orders
^^^^^^
If a customer completes the checkout process, an **Order** will be created containing all the entered information.
An order can be in one of currently four states that are listed in the diagram below:
An order can be in one of currently five states that are listed in the diagram below:
.. image:: /images/order_states.png
There are additional "fake" states that are displayed like states but not represented as states in the system:
* An order is considered **canceled (with paid fee)** if it is in **paid** status but does not include any non-cancelled positions.
* An order is considered **requiring approval** if it is in **pending** status with the ``require_approval`` attribute set to ``True``.

4
doc/development/contribution/codeofconduct.rst
View File

@@ -77,6 +77,6 @@ Attribution
-----------
This Code of Conduct is adapted from the `Contributor Covenant`_, version 1.4,
available at https://www.contributor-covenant.org/version/1/4/
available at http://contributor-covenant.org/version/1/4/
.. _Contributor Covenant: https://www.contributor-covenant.org
.. _Contributor Covenant: http://contributor-covenant.org

2
doc/development/contribution/style.rst
View File

@@ -24,7 +24,7 @@ Coding style and quality
``Fix #123 -- Problems with order creation`` or ``Refs #123 -- Fix this part of that bug``.
.. _PEP 8: https://legacy.python.org/dev/peps/pep-0008/
.. _PEP 8: http://legacy.python.org/dev/peps/pep-0008/
.. _flake8: https://pypi.python.org/pypi/flake8
.. _Django Coding Style: https://docs.djangoproject.com/en/dev/internals/contributing/writing-code/coding-style/
.. _translation: https://docs.djangoproject.com/en/1.11/topics/i18n/translation/

2
doc/development/implementation/background.rst
View File

@@ -14,7 +14,7 @@ Implementing a task
A common pattern for implementing asynchronous tasks can be seen a lot in ``pretix.base.services``
and looks like this::
from pretix.celery_app import app
from pretix.celery import app
@app.task
def my_task(argument1, argument2):

1
doc/development/implementation/index.rst
View File

@@ -16,5 +16,4 @@ Contents:
settings
background
email
permissions
logging

63
doc/development/implementation/logging.rst
View File

@@ -1,11 +1,9 @@
Logging and notifications
=========================
Logging
=======
As pretix is handling monetary transactions, we are very careful to make it possible to review all changes
in the system that lead to the current state.
.. _`logging`:
Logging changes
---------------
@@ -21,7 +19,7 @@ To actually log an action, you can just call the ``log_action`` method on your o
order.log_action('pretix.event.order.canceled', user=user, data={})
The positional ``action`` argument should represent the type of action and should be globally unique, we
recommend to prefix it with your package name, e.g. ``paypal.payment.rejected``. The ``user`` argument is
recomment do prefix it with your packagename, e.g. ``paypal.payment.rejected``. The ``user`` argument is
optional and may contain the user who performed the action. The optional ``data`` argument can contain
additional information about this action.
@@ -83,61 +81,6 @@ implementation could look like::
if logentry.action_type in plains:
return plains[logentry.action_type]
Sending notifications
---------------------
If you think that the logged information might be important or urgent enough to send out a notification to interested
organizers. In this case, you should listen for the :py:attr:`pretix.base.signals.register_notification_types` signal
to register a notification type::
@receiver(register_notification_types)
def register_my_notification_types(sender, **kwargs):
return [MyNotificationType(sender)]
Note that this event is different than other events send out by pretix: ``sender`` may be an event or ``None``. The
latter case is required to let the user define global notification preferences for all events.
You also need to implement a custom class that specifies how notifications should be handled for your notification type.
You should subclass the base ``NotificationType`` class and implement all its members:
.. autoclass:: pretix.base.notifications.NotificationType
:members: action_type, verbose_name, required_permission, build_notification
A simple implementation could look like this::
class MyNotificationType(NotificationType):
required_permission = "can_view_orders"
action_type = "pretix.event.order.paid"
verbose_name = _("Order has been paid")
def build_notification(self, logentry: LogEntry):
order = logentry.content_object
order_url = build_absolute_uri(
'control:event.order',
kwargs={
'organizer': logentry.event.organizer.slug,
'event': logentry.event.slug,
'code': order.code
}
)
n = Notification(
event=logentry.event,
title=_('Order {code} has been marked as paid').format(code=order.code),
url=order_url
)
n.add_attribute(_('Order code'), order.code)
n.add_action(_('View order details'), order_url)
return n
As you can see, the relevant code is in the ``build_notification`` method that is supposed to create a ``Notification``
method that has a title, description, URL, attributes, and actions. The full definition of ``Notification`` is the
following:
.. autoclass:: pretix.base.notifications.Notification
:members: add_action, add_attribute
Logging technical information
-----------------------------

25
doc/development/implementation/models.rst
View File

@@ -1,8 +1,6 @@
.. highlight:: python
:linenothreshold: 5
.. spelling:: answ contrib
Data model
==========
@@ -23,7 +21,7 @@ Organizers and events
:members:
.. autoclass:: pretix.base.models.Event
:members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running, cache, lock, get_plugins, get_mail_backend, payment_term_last, get_payment_providers, get_invoice_renderers, active_subevents, invoice_renderer, settings
:members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running, get_cache, lock, get_plugins, get_mail_backend, payment_term_last, get_payment_providers, get_invoice_renderers, active_subevents, invoice_renderer, settings
.. autoclass:: pretix.base.models.SubEvent
:members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running
@@ -31,21 +29,9 @@ Organizers and events
.. autoclass:: pretix.base.models.Team
:members:
.. autoclass:: pretix.base.models.TeamAPIToken
:members:
.. autoclass:: pretix.base.models.RequiredAction
:members:
.. autoclass:: pretix.base.models.EventMetaProperty
:members:
.. autoclass:: pretix.base.models.EventMetaValue
:members:
.. autoclass:: pretix.base.models.SubEventMetaValue
:members:
Items
-----
@@ -86,15 +72,6 @@ Carts and Orders
.. autoclass:: pretix.base.models.OrderPosition
:members:
.. autoclass:: pretix.base.models.OrderFee
:members:
.. autoclass:: pretix.base.models.OrderPayment
:members:
.. autoclass:: pretix.base.models.OrderRefund
:members:
.. autoclass:: pretix.base.models.CartPosition
:members:

194
doc/development/implementation/permissions.rst
View File

@@ -1,194 +0,0 @@
Permissions
===========
pretix uses a fine-grained permission system to control who is allowed to control what parts of the system.
The central concept here is the concept of *Teams*. You can read more on `configuring teams and permissions <user-teams>`_
and the :class:`pretix.base.models.Team` model in the respective parts of the documentation. The basic digest is:
An organizer account can have any number of teams, and any number of users can be part of a team. A team can be
assigned a set of permissions and connected to some or all of the events of the organizer.
A second way to access pretix is via the REST API, which allows authentication via tokens that are bound to a team,
but not to a user. You can read more at :class:`pretix.base.models.TeamAPIToken`. This page will show you how to
work with permissions in plugins and within the pretix code base.
Requiring permissions for a view
--------------------------------
pretix provides a number of useful mixins and decorators that allow you to specify that a user needs a certain
permission level to access a view::
from pretix.control.permissions import (
OrganizerPermissionRequiredMixin, organizer_permission_required
)
class MyOrgaView(OrganizerPermissionRequiredMixin, View):
permission = 'can_change_organizer_settings'
# Only users with the permission ``can_change_organizer_settings`` on
# this organizer can access this
class MyOtherOrgaView(OrganizerPermissionRequiredMixin, View):
permission = None
# Only users with *any* permission on this organizer can access this
@organizer_permission_required('can_change_organizer_settings')
def my_orga_view(request, organizer, **kwargs):
# Only users with the permission ``can_change_organizer_settings`` on
# this organizer can access this
@organizer_permission_required()
def my_other_orga_view(request, organizer, **kwargs):
# Only users with *any* permission on this organizer can access this
Of course, the same is available on event level::
from pretix.control.permissions import (
EventPermissionRequiredMixin, event_permission_required
)
class MyEventView(EventPermissionRequiredMixin, View):
permission = 'can_change_event_settings'
# Only users with the permission ``can_change_event_settings`` on
# this event can access this
class MyOtherEventView(EventPermissionRequiredMixin, View):
permission = None
# Only users with *any* permission on this event can access this
@event_permission_required('can_change_event_settings')
def my_event_view(request, organizer, **kwargs):
# Only users with the permission ``can_change_event_settings`` on
# this event can access this
@event_permission_required()
def my_other_event_view(request, organizer, **kwargs):
# Only users with *any* permission on this event can access this
You can also require that this view is only accessible by system administrators with an active "admin session"
(see below for what this means)::
from pretix.control.permissions import (
AdministratorPermissionRequiredMixin, administrator_permission_required
)
class MyGlobalView(AdministratorPermissionRequiredMixin, View):
# ...
@administrator_permission_required
def my_global_view(request, organizer, **kwargs):
# ...
In rare cases it might also be useful to expose a feature only to people who have a staff account but do not
necessarily have an active admin session::
from pretix.control.permissions import (
StaffMemberRequiredMixin, staff_member_required
)
class MyGlobalView(StaffMemberRequiredMixin, View):
# ...
@staff_member_required
def my_global_view(request, organizer, **kwargs):
# ...
Requiring permissions in the REST API
-------------------------------------
When creating your own ``viewset`` using Django REST framework, you just need to set the ``permission`` attribute
and pretix will check it automatically for you::
class MyModelViewSet(viewsets.ReadOnlyModelViewSet):
permission = 'can_view_orders'
Checking permission in code
---------------------------
If you need to work with permissions manually, there are a couple of useful helper methods on the :class:`pretix.base.models.Event`,
:class:`pretix.base.models.User` and :class:`pretix.base.models.TeamAPIToken` classes. Here's a quick overview.
Return all users that are in any team that is connected to this event::
>>> event.get_users_with_any_permission()
<QuerySet: …>
Return all users that are in a team with a specific permission for this event::
>>> event.get_users_with_permission('can_change_event_settings')
<QuerySet: …>
Determine if a user has a certain permission for a specific event::
>>> user.has_event_permission(organizer, event, 'can_change_event_settings', request=request)
True
Determine if a user has any permission for a specific event::
>>> user.has_event_permission(organizer, event, request=request)
True
In the two previous commands, the ``request`` argument is optional, but required to support staff sessions (see below).
The same method exists for organizer-level permissions::
>>> user.has_organizer_permission(organizer, 'can_change_event_settings', request=request)
True
Sometimes, it might be more useful to get the set of permissions at once::
>>> user.get_event_permission_set(organizer, event)
{'can_change_event_settings', 'can_view_orders', 'can_change_orders'}
>>> user.get_organizer_permission_set(organizer, event)
{'can_change_organizer_settings', 'can_create_events'}
Within a view on the ``/control`` subpath, the results of these two methods are already available in the
``request.eventpermset`` and ``request.orgapermset`` properties. This makes it convenient to query them in templates::
{% if "can_change_orders" in request.eventpermset %}
{% endif %}
You can also do the reverse to get any events a user has access to::
>>> user.get_events_with_permission('can_change_event_settings', request=request)
<QuerySet: …>
>>> user.get_events_with_any_permission(request=request)
<QuerySet: …>
Most of these methods work identically on :class:`pretix.base.models.TeamAPIToken`.
Staff sessions
--------------
.. versionchanged:: 1.14
In 1.14, the ``User.is_superuser`` attribute has been deprecated and statically set to return ``False``. Staff
sessions have been newly introduced.
System administrators of a pretix instance are identified by the ``is_staff`` attribute on the user model. By default,
the regular permission rules apply for users with ``is_staff = True``. The only difference is that such users can
temporarily turn on "staff mode" via a button in the user interface that grants them **all permissions** as long as
staff mode is active. You can check if a user is in staff mode using their session key:
>>> user.has_active_staff_session(request.session.session_key)
False
Staff mode has a hard time limit and during staff mode, a middleware will log all requests made by that user. Later,
the user is able to also save a message to comment on what they did in their administrative session. This feature is
intended to help compliance with data protection rules as imposed e.g. by GDPR.

4
doc/development/implementation/settings.rst
View File

@@ -35,7 +35,7 @@ Forms
-----
Hierarkey also provides a base class for forms that allow the modification of settings. pretix contains a
subclass that also adds support for internationalized fields:
subclass that also adds suport for internationalized fields:
.. autoclass:: pretix.base.forms.SettingsForm
@@ -65,4 +65,4 @@ Plugins can add custom hardcoded defaults in the following way::
Make sure that you include this code in a module that is imported at app loading time.
.. _django-hierarkey: https://github.com/raphaelm/django-hierarkey
.. _documentation: https://django-hierarkey.readthedocs.io/en/latest/
.. _documentation: https://django-hierarkey.readthedocs.io/en/latest/

4
doc/development/implementation/urlconfig.rst
View File

@@ -67,7 +67,7 @@ available as ``plugins:sendmail:send``.
Generating a URL for the frontend is a complicated task, because you need to know whether the event's
organizer uses a custom URL or not and then generate the URL with a different domain and different
arguments based on this information. pretix provides some helpers to make this easier. The first helper
is a python method that emulates a behavior similar to ``reverse``:
is a python method that emulates a behaviour similar to ``reverse``:
.. autofunction:: pretix.multidomain.urlreverse.eventreverse
@@ -82,5 +82,5 @@ Implementation details
----------------------
There are some other caveats when using a design like this, e.g. you have to care about cookie domains
and referrer verification yourself. If you want to see how we built this, look into the ``pretix/multidomain/``
and referer verification yourself. If you want to see how we built this, look into the ``pretix/multidomain/``
sub-tree.

4
doc/development/index.rst
View File

@@ -8,6 +8,8 @@ Developer documentation
setup
contribution/index
implementation/index
translation/index
api/index
structure
.. TODO::
Document settings objects, ItemVariation objects, form fields.

36
doc/development/setup.rst
View File

@@ -18,8 +18,9 @@ External Dependencies
---------------------
Your should install the following on your system:
* Python 3.5 or newer
* Python 3.4 or newer
* ``pip`` for Python 3 (Debian package: ``python3-pip``)
* ``pyvenv`` for Python 3 (Debian package: ``python3-venv``)
* ``python-dev`` for Python 3 (Debian package: ``python3-dev``)
* ``libffi`` (Debian package: ``libffi-dev``)
* ``libssl`` (Debian package: ``libssl-dev``)
@@ -36,7 +37,7 @@ Please execute ``python -V`` or ``python3 -V`` to make sure you have Python 3.4
execute ``pip3 -V`` to check. Then use Python's internal tools to create a virtual
environment and activate it for your current session::
python3 -m venv env
pyvenv env
source env/bin/activate
You should now see a ``(env)`` prepended to your shell prompt. You have to do this
@@ -54,6 +55,10 @@ The first thing you need are all the main application's dependencies::
cd src/
pip3 install -r requirements.txt -r requirements/dev.txt
If you are working with Python 3.4, you will also need (you can skip this for Python 3.5+)::
pip3 install -r requirements/py34.txt
Next, you need to copy the SCSS files from the source folder to the STATIC_ROOT directory::
python manage.py collectstatic --noinput
@@ -82,7 +87,7 @@ and head to http://localhost:8000/
As we did not implement an overall front page yet, you need to go directly to
http://localhost:8000/control/ for the admin view or, if you imported the test
data as suggested above, to the event page at http://localhost:8000/bigevents/2019/
data as suggested above, to the event page at http://localhost:8000/bigevents/2018/
.. note:: If you want the development server to listen on a different interface or
port (for example because you develop on `pretixdroid`_), you can check
@@ -102,7 +107,7 @@ Execute the following commands to check for code style errors::
isort -c -rc .
python manage.py check
Execute the following command to run pretix' test suite (might take a couple of minutes)::
Execute the following command to run pretix' test suite (might take a coumple of minutes)::
py.test
@@ -111,23 +116,14 @@ Execute the following command to run pretix' test suite (might take a couple of
``NUM`` being the number of threads you want to use.
It is a good idea to put this command into your git hook ``.git/hooks/pre-commit``,
for example, to check for any errors in any staged files when committing::
for example::
#!/bin/bash
#!/bin/sh
cd $GIT_DIR/../src
export GIT_WORK_TREE=../
export GIT_DIR=../.git
source ../env/bin/activate # Adjust to however you activate your virtual environment
for file in $(git diff --cached --name-only | grep -E '\.py$' | grep -Ev "migrations|mt940\.py|pretix/settings\.py|make_testdata\.py|testutils/settings\.py|tests/settings\.py|pretix/base/models/__init__\.py")
do
echo $file
git show ":$file" | flake8 - --stdin-display-name="$file" || exit 1 # we only want to lint the staged changes, not any un-staged changes
git show ":$file" | isort -df --check-only - | grep ERROR && exit 1 || true
done
flake8 . || exit 1
isort -q -rc -c . || exit 1
This keeps you from accidentally creating commits violating the style guide.
This keeps you from accidentally creating commits violating the sdtyle guide.
Working with mails
^^^^^^^^^^^^^^^^^^
@@ -150,10 +146,6 @@ and update the ``*.po`` files accordingly::
make localegen
However, most of the time you don't need to care about this. Just create your pull request
with functionality and English strings only, and we'll push the new translation strings
to our translation platform after the merge.
To actually see pretix in your language, you have to compile the ``*.po`` files to their
optimized binary ``*.mo`` counterparts::

BIN
doc/development/translation/img/weblate1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
doc/development/translation/img/weblate2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 45 KiB

BIN
doc/development/translation/img/weblate3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 61 KiB

BIN
doc/development/translation/img/weblate4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 89 KiB

BIN
doc/development/translation/img/weblate5.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 64 KiB

BIN
doc/development/translation/img/weblate6.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 83 KiB

88
doc/development/translation/index.rst
View File

@@ -1,88 +0,0 @@
Translating pretix
==================
pretix has been designed for multi-language capabilities from its start. Organizers can enter their event information
in multiple languages at the same time. However, the software interface of pretix also needs to be translated for
this to be useful.
Since we (the developers of pretix) only speak a very limited number of languages, we need help from the community
to achieve this goal. To make translating pretix easy not only for software developers, we set up a translation
platform at `translate.pretix.eu`_.
Official and inofficial languages
---------------------------------
In the pretix project, there are three types of languages:
Official languages
are translated and maintained by the core team behind pretix or as part of long-term partnerships. We are
committed to keeping these translations up-to-date with new features or changes in pretix and try to offer
support in this language.
Inofficial languages
are contributed and maintained by the Community. We ship them with pretix so you can use them, but we can not
guarantee that new or changed features in pretix will be translated in time.
Incubating languages
are currently in the process of being translated. They can not yet be selected in pretix by end users on
production installations and are only available in development mode for testing.
Please contact translate@pretix.eu if you think an incubated language should be promoted to an inofficial one or if
you are interested in a partnership to make your language official.
The current translation status of various languages is:
.. image:: https://translate.pretix.eu/widgets/pretix/-/multi-blue.svg
:target: https://translate.pretix.eu/engage/pretix/?utm_source=widget
Using our translation platform
------------------------------
If you visit `translate.pretix.eu`_ for the first time, it admittedly looks pretty bare.
.. image:: img/weblate1.png
:class: screenshot
It gets better if you create an account, which you will need to contribute translations. Click on "Register" in the
top-right corner to get started:
.. image:: img/weblate2.png
:class: screenshot
You can either create an account or choose to log in with your GitHub account, whichever you like more.
After creating and activating your account, we recommend that you change your profile and select which languages you
can translate to and which languages you understand. You can find your profile settings by clicking on your name in
the top-right corner.
.. image:: img/weblate3.png
:class: screenshot
Going back to the dashboard by clicking on the logo in the top-left corner, you can select between different lists
of translation projects. You can either filter by projects that already have a translation in your language, or you
go to the `pretix project page`_ where you can select specific components.
.. note::
If you want to translate pretix to a new language that is not yet listed here, you are very welcome to do so!
While you technically can add the language to the portal yourself, we ask you to drop us a short mail to
translate@pretix.eu so we can add it to all components at once and also make it selectable in pretix itself.
.. image:: img/weblate4.png
:class: screenshot
Once you selected a component of a language, you can start going through strings to translate. You can start of by
clicking the "Strings needing action" line in this view:
.. image:: img/weblate5.png
:class: screenshot
In the translate view, you can input your translation for a given source string. If you're unsure about your
translation, you can also just "Suggest" it or mark it as "Needs editing". If you have no idea, just "Skip". If you
scroll down, there is also a "Comments" section to discuss any questions with fellow translators or us developers.
.. image:: img/weblate6.png
:class: screenshot
.. _translate.pretix.eu: https://translate.pretix.eu
.. _pretix project page: https://translate.pretix.eu/projects/pretix/

0
doc/doc_warnings
View File

BIN
doc/images/order_states.png
View File

Binary file not shown.
Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 53 KiB

After

Width:  |  Height:  |  Size: 42 KiB

4
doc/images/order_states.puml
View File

@@ -4,6 +4,7 @@ Pending: Order is expecting payment\nOrder reduces quotas
Expired: Payment period is over\nOrder does not affect quotas
Paid: Order was successful\nOrder reduces quotas
Canceled: Order has been canceled\nOrder does not affect quotas
Refunded: Order has been refunded\nOrder does not affect quotas
[*] --> Pending: customer\nplaces order
Pending --> Paid: successful payment
@@ -11,9 +12,8 @@ Pending --> Expired: automatically\nor manually\non admin action
Expired --> Paid: if payment is received\nonly if quota left
Expired --> Canceled
Expired --> Pending: manually\non admin action
Paid --> Canceled: manually on\nadmin action\nor if an external\npayment provider\nnotifies about a\npayment refund
Paid --> Refunded: manually on\nadmin action\nor if an external\npayment provider\nnotifies about a\npayment refund
Pending --> Canceled: on admin or\ncustomer action
Paid -> Pending: manually on admin action
[*] --> Paid: customer\nplaces free order
@enduml

150
doc/plugins/badges.rst
View File

@@ -1,150 +0,0 @@
Badges
======
The badges plugin provides a HTTP API that exposes the various layouts used to generate PDF badges.
Resource description
--------------------
The badge layout resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal layout ID
name string Internal layout description
default boolean ``true`` if this is the default layout
layout object Layout specification for libpretixprint
background URL Background PDF file
item_assignments list of objects Products this layout is assigned to
└ item integer Item ID
===================================== ========================== =======================================================
.. versionchanged:: 1.16
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/badgelayouts/
Returns a list of all badge layouts
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/badgelayouts/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of a valid event
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/badgelayouts/(id)/
Returns information on layout.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/layoutsbadge/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the layout to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/badgeitems/
Returns a list of all assignments of items to layouts
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/badgeitems/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"layout": 2,
"item": 3,
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of a valid event
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.

2
doc/plugins/index.rst
View File

@@ -12,5 +12,3 @@ If you want to **create** a plugin, please go to the
list
pretixdroid
banktransfer
ticketoutputpdf
badges

58
doc/plugins/list.rst
View File

@@ -1,10 +1,56 @@
.. spelling::
Analytics
List of plugins
===============
A detailed list of plugins that are available for pretix can be found on the
`project website`_.
The following plugins are shipped with pretix and are supported in the same
ways that pretix itself is:
.. _project website: https://pretix.eu/about/en/plugins
* Bank transfer
* PayPal
* Stripe
* Check-in lists
* pretixdroid
* Report exporter
* Send out emails
* Statistics
* PDF ticket output
The following plugins are not shipped with pretix but are maintained by the
same team. We update them regularly to make them compatible with the latest
pretix releases:
* `SEPA direct debit`_
* `Wirecard payment`_
* `Pages`_
* `Passbook/Wallet ticket output`_
* `Cartshare`_
* `Fontpack Free fonts`_
* `Mailing list subscription`_
The following closed-source plugins are available to customers of the hosted pretix.eu platform.
Please get in touch with the pretix team if you want to have them for your self-hosted
pretix installation:
* Campaign tracking
* Integration with Google Analytics and Facebook Pixel
* Integration with Slack
* Integration with MailChimp
The following plugins are from independent third-party authors, so we can make
no statements about their functionality, security, stability or compatibility:
* `esPass ticket output`_
* `IcePay integration`_
* `Average price chart`_
* `Pay in cash upon arrival`_
.. _SEPA direct debit: https://github.com/pretix/pretix-sepadebit
.. _Passbook/Wallet ticket output: https://github.com/pretix/pretix-passbook
.. _Cartshare: https://github.com/pretix/pretix-cartshare
.. _Pages: https://github.com/pretix/pretix-pages
.. _esPass ticket output: https://github.com/esPass/pretix-espass
.. _IcePay integration: https://github.com/chotee/pretix-icepay
.. _Fontpack Free fonts: https://github.com/pretix/pretix-fontpack-free
.. _Wirecard payment: https://github.com/pretix/pretix-wirecard
.. _Mailing list subscription: https://github.com/pretix/pretix-newsletter-ml
.. _Average price chart: https://github.com/rixx/pretix-avgchart
.. _Pay in cash upon arrival: https://github.com/pc-coholic/pretix-cashpayment

181
doc/plugins/pretixdroid.rst
View File

@@ -4,21 +4,10 @@ pretixdroid HTTP API
The pretixdroid plugin provides a HTTP API that the `pretixdroid Android app`_
uses to communicate with the pretix server.
.. warning:: This API is **DEPRECATED** and will probably go away soon. It is used **only** to serve the pretixdroid
Android app. There are no backwards compatibility guarantees on this API. We will not add features that
are not required for the Android App. There is a general-purpose :ref:`rest-api` that provides all
features that you need to check in.
.. versionchanged:: 1.12
Support for check-in-time questions has been added. The new API features are fully backwards-compatible and
negotiated live, so clients which do not need this feature can ignore the change. For this reason, the API version
has not been increased and is still set to 3.
.. versionchanged:: 1.13
Support for checking in unpaid tickets has been added.
.. warning:: This API is intended **only** to serve the pretixdroid Android app. There are no backwards compatibility
guarantees on this API. We will not add features that are not required for the Android App. There is a
general-purpose :ref:`rest-api` that not yet provides all features that this API provides, but will do
so in the future.
.. http:post:: /pretixdroid/api/(organizer)/(event)/redeem/
@@ -33,33 +22,18 @@ uses to communicate with the pretix server.
Accept: application/json, text/javascript
Content-Type: application/x-www-form-urlencoded
secret=az9u4mymhqktrbupmwkvv6xmgds5dk3&questions_supported=true
secret=az9u4mymhqktrbupmwkvv6xmgds5dk3
You **must** set the parameter secret.
You can optionally include the additional parameter ``datetime`` in the body containing an ISO8601-encoded
datetime of the entry attempt. If you don't, the current date and time will be used.
You **must** set the parameter ``questions_supported`` to ``true`` **if** you support asking questions
back to the app operator. You **must not** set it if you do not support this feature. In that case, questions
will just be ignored.
You **may** set the additional parameter ``datetime`` in the body containing an ISO8601-encoded
datetime of the entry attempt. If you don"t, the current date and time will be used.
You **may** set the additional parameter ``force`` to indicate that the request should be logged
You can optionally include the additional parameter ``force`` to indicate that the request should be logged
regardless of previous check-ins for the same ticket. This might be useful if you made the entry decision offline.
Questions will also always be ignored in this case (i.e. supplied answers will be saved, but no error will be
thrown if they are missing or invalid).
You **may** set the additional parameter ``nonce`` with a globally unique random value to identify this
You can optionally include the additional parameter ``nonce`` with a globally unique random value to identify this
check-in. This is meant to be used to prevent duplicate check-ins when you are just retrying after a connection
failure.
You **may** set the additional parameter ``ignore_unpaid`` to indicate that the check-in should be performed even
if the order is in pending state.
If questions are supported and required, you will receive a dictionary ``questions`` containing details on the
particular questions to ask. To answer them, just re-send your redemption request with additional parameters of
the form ``answer_<question>=<answer>``, e.g. ``answer_12=24``.
**Example successful response**:
.. sourcecode:: http
@@ -69,70 +43,10 @@ uses to communicate with the pretix server.
{
"status": "ok"
"version": 3,
"data": {
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
"order": "ABCDE",
"item": "Standard ticket",
"item_id": 1,
"variation": null,
"variation_id": null,
"attendee_name": "Peter Higgs",
"attention": false,
"redeemed": true,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
}
"version": 2
}
**Example response with required questions**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{
"status": "incomplete"
"version": 3
"data": {
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
"order": "ABCDE",
"item": "Standard ticket",
"item_id": 1,
"variation": null,
"variation_id": null,
"attendee_name": "Peter Higgs",
"attention": false,
"redeemed": true,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
},
"questions": [
{
"id": 12,
"type": "C",
"question": "Choose a shirt size",
"required": true,
"position": 2,
"items": [1],
"options": [
{
"id": 24,
"answer": "M"
},
{
"id": 25,
"answer": "L"
}
]
}
]
}
**Example error response with data**:
**Example error response**:
.. sourcecode:: http
@@ -142,41 +56,13 @@ uses to communicate with the pretix server.
{
"status": "error",
"reason": "already_redeemed",
"version": 3,
"data": {
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
"order": "ABCDE",
"item": "Standard ticket",
"item_id": 1,
"variation": null,
"variation_id": null,
"attendee_name": "Peter Higgs",
"attention": false,
"redeemed": true,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
}
}
**Example error response without data**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{
"status": "error",
"reason": "unkown_ticket",
"version": 3
"version": 2
}
Possible error reasons:
* ``unpaid`` - Ticket is not paid for or has been refunded
* ``already_redeemed`` - Ticket already has been redeemed
* ``product`` - Tickets with this product may not be scanned at this device
* ``unknown_ticket`` - Secret does not match a ticket in the database
:query key: Secret API key
@@ -213,21 +99,18 @@ uses to communicate with the pretix server.
"variation": null,
"attendee_name": "Peter Higgs",
"redeemed": false,
"attention": false,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
},
...
],
"version": 3
"version": 2
}
:query query: Search query
:query key: Secret API key
:statuscode 200: Valid request
:statuscode 404: Unknown organizer or event
:statuscode 403: Invalid authorization key
:query key: Secret API key
:statuscode 200: Valid request
:statuscode 404: Unknown organizer or event
:statuscode 403: Invalid authorization key
.. http:get:: /pretixdroid/api/(organizer)/(event)/download/
@@ -249,7 +132,6 @@ uses to communicate with the pretix server.
Content-Type: text/json
{
"version": 3,
"results": [
{
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
@@ -258,32 +140,11 @@ uses to communicate with the pretix server.
"variation": null,
"attendee_name": "Peter Higgs",
"redeemed": false,
"attention": false,
"checkin_allowed": true,
"paid": true
},
...
],
"questions": [
{
"id": 12,
"type": "C",
"question": "Choose a shirt size",
"required": true,
"position": 2,
"items": [1],
"options": [
{
"id": 24,
"answer": "M"
},
{
"id": 25,
"answer": "L"
}
]
}
]
"version": 2
}
:query key: Secret API key
@@ -294,7 +155,7 @@ uses to communicate with the pretix server.
.. http:get:: /pretixdroid/api/(organizer)/(event)/status/
Returns status information, such as the total number of tickets and the
number of performed check-ins.
number of performed checkins.
**Example request**:
@@ -314,9 +175,9 @@ uses to communicate with the pretix server.
{
"checkins": 17,
"total": 42,
"version": 3,
"version": 2,
"event": {
"name": "Demo Conference",
"name": "Demo Converence",
"slug": "democon",
"date_from": "2016-12-27T17:00:00Z",
"date_to": "2016-12-30T18:00:00Z",

157
doc/plugins/ticketoutputpdf.rst
View File

@@ -1,157 +0,0 @@
PDF ticket output
=================
The PDF ticket output plugin provides a HTTP API that exposes the various layouts used
to generate PDF tickets.
Resource description
--------------------
The ticket layout resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal layout ID
name string Internal layout description
default boolean ``true`` if this is the default layout
layout object Layout specification for libpretixprint
background URL Background PDF file
item_assignments list of objects Products this layout is assigned to
├ sales_channel string Sales channel (defaults to ``web``).
└ item integer Item ID
===================================== ========================== =======================================================
.. versionchanged:: 1.16
This resource has been added.
.. versionchanged:: 2.3
The ``item_assignments.sales_channel`` field has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/ticketlayouts/
Returns a list of all ticket layouts
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/ticketlayouts/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of a valid event
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/ticketlayouts/(id)/
Returns information on layout.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/ticketlayouts/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the layout to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/ticketlayoutitems/
Returns a list of all assignments of items to layouts
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/ticketlayoutitems/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"layout": 2,
"item": 3,
"sales_channel": web
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of a valid event
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.

6
doc/requirements.txt
View File

@@ -1,8 +1,4 @@
-r ../src/requirements.txt
sphinx==1.6.*
sphinx
sphinx-rtd-theme
sphinxcontrib-httpdomain
sphinxcontrib-images
sphinxcontrib-spelling
# See https://github.com/rfk/pyenchant/pull/130
git+https://github.com/raphaelm/pyenchant.git@patch-1#egg=pyenchant

BIN
doc/screens/event/create_step1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 76 KiB

BIN
doc/screens/event/create_step2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 90 KiB

BIN
doc/screens/event/create_step3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 64 KiB

BIN
doc/screens/event/create_step4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 90 KiB

BIN
doc/screens/event/settings_display.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 103 KiB

BIN
doc/screens/event/settings_email.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 84 KiB

BIN
doc/screens/event/settings_invoice.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 97 KiB

BIN
doc/screens/event/settings_payment.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 120 KiB

BIN
doc/screens/event/settings_plugins.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 91 KiB

BIN
doc/screens/event/settings_tickets.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 94 KiB

BIN
doc/screens/event/subevent_create.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 65 KiB

BIN
doc/screens/event/subevent_detail.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 64 KiB

Some files were not shown because too many files have changed in this diff Show More