Bump version to 2026.3.4

Dockerfile

@@ -1,4 +1,4 @@
-FROM python:3.13-trixie
+FROM python:3.11-bookworm
 
 RUN apt-get update && \
     apt-get install -y --no-install-recommends \

pyproject.toml

@@ -76,7 +76,7 @@ dependencies = [
   "paypal-checkout-serversdk==1.0.*",
   "PyJWT==2.12.*",
   "phonenumberslite==9.0.*",
-  "Pillow==12.2.*",
+  "Pillow==12.1.*",
   "pretix-plugin-build",
   "protobuf==7.34.*",
   "psycopg2-binary",
@@ -90,10 +90,10 @@ dependencies = [
   "pytz-deprecation-shim==0.1.*",
   "pyuca",
   "qrcode==8.2",
-  "redis==7.4.*",
+  "redis==7.1.*",
   "reportlab==4.4.*",
   "requests==2.32.*",
-  "sentry-sdk==2.57.*",
+  "sentry-sdk==2.56.*",
   "sepaxml==2.7.*",
   "stripe==7.9.*",
   "text-unidecode==1.*",

src/pretix/__init__.py

@@ -19,4 +19,4 @@
 # You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
 # <https://www.gnu.org/licenses/>.
 #
-__version__ = "2026.4.0.dev0"
+__version__ = "2026.3.4"

src/pretix/api/views/checkin.py

@@ -1122,7 +1122,7 @@ class CheckinViewSet(viewsets.ReadOnlyModelViewSet):
     permission = 'event.orders:read'
 
     def get_queryset(self):
-        qs = Checkin.all.filter().select_related(
+        qs = Checkin.all.filter(list__event=self.request.event).select_related(
             "position",
             "device",
         )

src/pretix/base/exporter.py

@@ -47,7 +47,6 @@ from django.utils.formats import localize
 from django.utils.translation import gettext, gettext_lazy as _
 
 from pretix.base.models import Event
-from pretix.base.models.auth import PermissionHolder
 from pretix.helpers.safe_openpyxl import (  # NOQA: backwards compatibility for plugins using excel_safe
     SafeWorkbook, remove_invalid_excel_chars as excel_safe,
 )
@@ -60,20 +59,11 @@ class BaseExporter:
     This is the base class for all data exporters
     """
 
-    def __init__(self, event, organizer, permission_holder: PermissionHolder=None, progress_callback=lambda v: None):
-        """
-        :param event: Event context, can also be a queryset of events for multi-event exports
-        :param organizer: Organizer context
-        :param user: The user who triggered the export (or None).
-        :param token: The API token that triggered the export (or None).
-        :param device: The device that triggered the export (or None)
-        :param progress_callback: Callback function with progress
-        """
+    def __init__(self, event, organizer, progress_callback=lambda v: None):
         self.event = event
         self.organizer = organizer
         self.progress_callback = progress_callback
         self.is_multievent = isinstance(event, QuerySet)
-        self.permission_holder = permission_holder
         if isinstance(event, QuerySet):
             self.events = event
             self.event = None
@@ -190,7 +180,7 @@ class BaseExporter:
         return True
 
     @classmethod
-    def get_required_event_permission(cls) -> Optional[str]:
+    def get_required_event_permission(cls) -> str:
         """
         The permission level required to use this exporter for events. For multi-event-exports, this will be used
         to limit the selection of events. Will be ignored if the ``OrganizerLevelExportMixin`` mixin is used.
@@ -205,7 +195,7 @@ class OrganizerLevelExportMixin:
         raise TypeError("required_event_permission may not be called on OrganizerLevelExportMixin")
 
     @classmethod
-    def get_required_organizer_permission(cls) -> Optional[str]:
+    def get_required_organizer_permission(cls) -> str:
         """
         The permission level required to use this exporter. Must be set for organizer-level exports. Set to `None` to
         allow everyone with any access to the organizer.

src/pretix/base/exporters/reusablemedia.py

@@ -69,7 +69,9 @@ class ReusableMediaExporter(OrganizerLevelExportMixin, ListExporter):
                 date_format(medium.expires, 'SHORT_DATETIME_FORMAT') if medium.expires else '',
                 medium.customer.identifier if medium.customer_id else '',
                 f"{medium.linked_orderposition.order.code}-{medium.linked_orderposition.positionid}" if medium.linked_orderposition_id else '',
-                medium.linked_giftcard.secret if medium.linked_giftcard_id else '',
+                # we cannot determine here whether user has permission organizer.giftcards:read
+                # so default to not showing giftcard secret
+                medium.linked_giftcard.secret[:3] + "…" if medium.linked_giftcard_id else '',
                 medium.notes,
             ]
             yield row

src/pretix/base/invoicing/pdf.py

@@ -22,9 +22,7 @@
 import datetime
 import logging
 import math
-import re
 import textwrap
-import unicodedata
 from collections import defaultdict
 from decimal import Decimal
 from io import BytesIO
@@ -58,8 +56,8 @@ from pretix.base.services.currencies import SOURCE_NAMES
 from pretix.base.signals import register_invoice_renderers
 from pretix.base.templatetags.money import money_filter
 from pretix.helpers.reportlab import (
-    FontFallbackParagraph, ThumbnailingImageReader, register_ttf_font_if_new,
-    reshaper,
+    FontFallbackParagraph, PlainTextParagraph, ThumbnailingImageReader,
+    normalize_text, register_ttf_font_if_new, reshaper,
 )
 from pretix.presale.style import get_fonts
 
@@ -259,18 +257,8 @@ class BaseReportlabInvoiceRenderer(BaseInvoiceRenderer):
                 register_ttf_font_if_new(family + ' B I', finders.find(styles['bolditalic']['truetype']))
 
     def _normalize(self, text):
-        # reportlab does not support unicode combination characters
-        # It's important we do this before we use ArabicReshaper
-        text = unicodedata.normalize("NFKC", text)
-
-        # reportlab does not support RTL, ligature-heavy scripts like Arabic. Therefore, we use ArabicReshaper
-        # to resolve all ligatures and python-bidi to switch RTL texts.
-        try:
-            text = "<br />".join(get_display(reshaper.reshape(l)) for l in re.split("<br ?/>", text))
-        except:
-            logger.exception('Reshaping/Bidi fixes failed on string {}'.format(repr(text)))
-
-        return text
+        # alias kept for plugin compatibility
+        return normalize_text(text)
 
     def _upper(self, val):
         # We uppercase labels, but not in every language
@@ -351,10 +339,15 @@ class BaseReportlabInvoiceRenderer(BaseInvoiceRenderer):
         return 'invoice.pdf', 'application/pdf', buffer.read()
 
     def _clean_text(self, text, tags=None):
-        return self._normalize(bleach.clean(
-            text,
-            tags=set(tags) if tags else set()
-        ).strip().replace('<br>', '<br />').replace('\n', '<br />\n'))
+        # For backwards compatibility with customer content, we need to support tags like <br> and <b> in a few text
+        # fields. Therefore, we can't use PlainTextParagraph for these, but run bleach instead to limit the allowed
+        # tags.
+        return self._normalize(
+            bleach.clean(
+                text,
+                tags=set(tags) if tags else set()
+            ).strip().replace('<br>', '<br />').replace('\n', '<br />\n')
+        )
 
 
 class PaidMarker(Flowable):
@@ -405,8 +398,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
     invoice_to_top = 52 * mm
 
     def _draw_invoice_to(self, canvas):
-        p = FontFallbackParagraph(self._clean_text(self.invoice.address_invoice_to),
-                                  style=self.stylesheet['Normal'])
+        p = PlainTextParagraph(self.invoice.address_invoice_to, style=self.stylesheet['Normal'])
         p.wrapOn(canvas, self.invoice_to_width, self.invoice_to_height)
         p_size = p.wrap(self.invoice_to_width, self.invoice_to_height)
         p.drawOn(canvas, self.invoice_to_left, self.pagesize[1] - p_size[1] - self.invoice_to_top)
@@ -417,8 +409,8 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
     invoice_from_top = 17 * mm
 
     def _draw_invoice_from(self, canvas):
-        p = FontFallbackParagraph(
-            self._clean_text(self.invoice.full_invoice_from),
+        p = PlainTextParagraph(
+            self.invoice.full_invoice_from,
             style=self.stylesheet['InvoiceFrom']
         )
         p.wrapOn(canvas, self.invoice_from_width, self.invoice_from_height)
@@ -548,13 +540,12 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
     def _draw_event(self, canvas):
         def shorten(txt):
             txt = str(txt)
-            txt = bleach.clean(txt, tags=set()).strip()
-            p = FontFallbackParagraph(self._normalize(txt.strip().replace('\n', '<br />\n')), style=self.stylesheet['Normal'])
+            p = PlainTextParagraph(txt, style=self.stylesheet['Normal'])
             p_size = p.wrap(self.event_width, self.event_height)
 
             while p_size[1] > 2 * self.stylesheet['Normal'].leading:
                 txt = ' '.join(txt.replace('…', '').split()[:-1]) + '…'
-                p = FontFallbackParagraph(self._normalize(txt.strip().replace('\n', '<br />\n')), style=self.stylesheet['Normal'])
+                p = PlainTextParagraph(txt, style=self.stylesheet['Normal'])
                 p_size = p.wrap(self.event_width, self.event_height)
             return txt
 
@@ -572,7 +563,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
         else:
             p_str = shorten(self.invoice.event.name)
 
-        p = FontFallbackParagraph(self._normalize(p_str.strip().replace('\n', '<br />\n')), style=self.stylesheet['Normal'])
+        p = PlainTextParagraph(p_str, style=self.stylesheet['Normal'])
         p.wrapOn(canvas, self.event_width, self.event_height)
         p_size = p.wrap(self.event_width, self.event_height)
         p.drawOn(canvas, self.event_left, self.pagesize[1] - self.event_top - p_size[1])
@@ -645,39 +636,37 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
 
         type_info_text = self.invoice.transmission_type_instance.pdf_info_text()
         if type_info_text:
-            story.append(FontFallbackParagraph(
+            story.append(PlainTextParagraph(
                 type_info_text,
                 self.stylesheet['WarningBlock']
             ))
 
         if self.invoice.custom_field:
-            story.append(FontFallbackParagraph(
+            story.append(PlainTextParagraph(
                 '{}: {}'.format(
-                    self._clean_text(str(self.invoice.event.settings.invoice_address_custom_field)),
-                    self._clean_text(self.invoice.custom_field),
+                    str(self.invoice.event.settings.invoice_address_custom_field),
+                    self.invoice.custom_field,
                 ),
                 self.stylesheet['Normal']
             ))
 
         if self.invoice.internal_reference:
-            story.append(FontFallbackParagraph(
-                self._normalize(pgettext('invoice', 'Customer reference: {reference}').format(
-                    reference=self._clean_text(self.invoice.internal_reference),
-                )),
+            story.append(PlainTextParagraph(
+                pgettext('invoice', 'Customer reference: {reference}').format(
+                    reference=self.invoice.internal_reference,
+                ),
                 self.stylesheet['Normal']
             ))
 
         if self.invoice.invoice_to_vat_id:
-            story.append(FontFallbackParagraph(
-                self._normalize(pgettext('invoice', 'Customer VAT ID')) + ': ' +
-                self._clean_text(self.invoice.invoice_to_vat_id),
+            story.append(PlainTextParagraph(
+                pgettext('invoice', 'Customer VAT ID') + ': ' + self.invoice.invoice_to_vat_id,
                 self.stylesheet['Normal']
             ))
 
         if self.invoice.invoice_to_beneficiary:
-            story.append(FontFallbackParagraph(
-                self._normalize(pgettext('invoice', 'Beneficiary')) + ':<br />' +
-                self._clean_text(self.invoice.invoice_to_beneficiary),
+            story.append(PlainTextParagraph(
+                pgettext('invoice', 'Beneficiary') + ':\n' + self.invoice.invoice_to_beneficiary,
                 self.stylesheet['Normal']
             ))
 
@@ -707,11 +696,11 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
 
         story = [
             NextPageTemplate('FirstPage'),
-            FontFallbackParagraph(
-                self._normalize(
+            PlainTextParagraph(
+                (
                     pgettext('invoice', 'Tax Invoice') if str(self.invoice.invoice_from_country) == 'AU'
                     else pgettext('invoice', 'Invoice')
-                ) if not self.invoice.is_cancellation else self._normalize(pgettext('invoice', 'Cancellation')),
+                ) if not self.invoice.is_cancellation else pgettext('invoice', 'Cancellation'),
                 self.stylesheet['Heading1']
             ),
             Spacer(1, 5 * mm),
@@ -733,17 +722,17 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
         ]
         if has_taxes:
             tdata = [(
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Description')), self.stylesheet['Bold']),
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Qty')), self.stylesheet['BoldRightNoSplit']),
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Tax rate')), self.stylesheet['BoldRightNoSplit']),
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Net')), self.stylesheet['BoldRightNoSplit']),
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Gross')), self.stylesheet['BoldRightNoSplit']),
+                PlainTextParagraph(pgettext('invoice', 'Description'), self.stylesheet['Bold']),
+                PlainTextParagraph(pgettext('invoice', 'Qty'), self.stylesheet['BoldRightNoSplit']),
+                PlainTextParagraph(pgettext('invoice', 'Tax rate'), self.stylesheet['BoldRightNoSplit']),
+                PlainTextParagraph(pgettext('invoice', 'Net'), self.stylesheet['BoldRightNoSplit']),
+                PlainTextParagraph(pgettext('invoice', 'Gross'), self.stylesheet['BoldRightNoSplit']),
             )]
         else:
             tdata = [(
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Description')), self.stylesheet['Bold']),
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Qty')), self.stylesheet['BoldRightNoSplit']),
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Amount')), self.stylesheet['BoldRightNoSplit']),
+                PlainTextParagraph(pgettext('invoice', 'Description'), self.stylesheet['Bold']),
+                PlainTextParagraph(pgettext('invoice', 'Qty'), self.stylesheet['BoldRightNoSplit']),
+                PlainTextParagraph(pgettext('invoice', 'Amount'), self.stylesheet['BoldRightNoSplit']),
             )]
 
         def _group_key(line):
@@ -780,8 +769,8 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
             max_height = self.stylesheet['Normal'].leading * 5
             p_style = self.stylesheet['Normal']
             for __ in range(1000):
-                p = FontFallbackParagraph(
-                    self._clean_text(curr_description, tags=['br']),
+                p = PlainTextParagraph(
+                    curr_description,
                     p_style
                 )
                 h = p.wrap(max_width, doc.height)[1]
@@ -862,7 +851,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                 # Group together at the end of the invoice
                 request_show_service_date = period_line
             elif period_line:
-                description_p_list.append(FontFallbackParagraph(
+                description_p_list.append(PlainTextParagraph(
                     period_line,
                     self.stylesheet['Fineprint']
                 ))
@@ -874,7 +863,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                         net_price=money_filter(net_value, self.invoice.event.currency),
                         gross_price=money_filter(gross_value, self.invoice.event.currency),
                     )
-                    description_p_list.append(FontFallbackParagraph(
+                    description_p_list.append(PlainTextParagraph(
                         single_price_line,
                         self.stylesheet['Fineprint']
                     ))
@@ -883,11 +872,11 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                     description_p_list.pop(0),
                     str(len(lines)),
                     localize(tax_rate) + " %",
-                    FontFallbackParagraph(
+                    PlainTextParagraph(
                         money_filter(net_value * len(lines), self.invoice.event.currency).replace('\xa0', ' '),
                         self.stylesheet['NormalRight']
                     ),
-                    FontFallbackParagraph(
+                    PlainTextParagraph(
                         money_filter(gross_value * len(lines), self.invoice.event.currency).replace('\xa0', ' '),
                         self.stylesheet['NormalRight']
                     ),
@@ -904,14 +893,14 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                     single_price_line = pgettext('invoice', 'Single price: {price}').format(
                         price=money_filter(gross_value, self.invoice.event.currency),
                     )
-                    description_p_list.append(FontFallbackParagraph(
+                    description_p_list.append(PlainTextParagraph(
                         single_price_line,
                         self.stylesheet['Fineprint']
                     ))
                 tdata.append((
                     description_p_list.pop(0),
                     str(len(lines)),
-                    FontFallbackParagraph(
+                    PlainTextParagraph(
                         money_filter(gross_value * len(lines), self.invoice.event.currency).replace('\xa0', ' '),
                         self.stylesheet['NormalRight']
                     ),
@@ -944,12 +933,12 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
 
         if has_taxes:
             tdata.append([
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Invoice total')), self.stylesheet['Bold']), '', '', '',
+                PlainTextParagraph(pgettext('invoice', 'Invoice total'), self.stylesheet['Bold']), '', '', '',
                 money_filter(total, self.invoice.event.currency)
             ])
         else:
             tdata.append([
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Invoice total')), self.stylesheet['Bold']), '',
+                PlainTextParagraph(pgettext('invoice', 'Invoice total'), self.stylesheet['Bold']), '',
                 money_filter(total, self.invoice.event.currency)
             ])
 
@@ -958,12 +947,12 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                 pending_sum = self.invoice.order.pending_sum
                 if pending_sum != total:
                     tdata.append(
-                        [FontFallbackParagraph(self._normalize(pgettext('invoice', 'Received payments')), self.stylesheet['Normal'])] +
+                        [PlainTextParagraph(pgettext('invoice', 'Received payments'), self.stylesheet['Normal'])] +
                         (['', '', ''] if has_taxes else ['']) +
                         [money_filter(pending_sum - total, self.invoice.event.currency)]
                     )
                     tdata.append(
-                        [FontFallbackParagraph(self._normalize(pgettext('invoice', 'Outstanding payments')), self.stylesheet['Bold'])] +
+                        [PlainTextParagraph(pgettext('invoice', 'Outstanding payments'), self.stylesheet['Bold'])] +
                         (['', '', ''] if has_taxes else ['']) +
                         [money_filter(pending_sum, self.invoice.event.currency)]
                     )
@@ -980,12 +969,12 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                     s=Sum('amount')
                 )['s'] or Decimal('0.00')
                 tdata.append(
-                    [FontFallbackParagraph(self._normalize(pgettext('invoice', 'Paid by gift card')), self.stylesheet['Normal'])] +
+                    [PlainTextParagraph(pgettext('invoice', 'Paid by gift card'), self.stylesheet['Normal'])] +
                     (['', '', ''] if has_taxes else ['']) +
                     [money_filter(giftcard_sum, self.invoice.event.currency)]
                 )
                 tdata.append(
-                    [FontFallbackParagraph(self._normalize(pgettext('invoice', 'Remaining amount')), self.stylesheet['Bold'])] +
+                    [PlainTextParagraph(pgettext('invoice', 'Remaining amount'), self.stylesheet['Bold'])] +
                     (['', '', ''] if has_taxes else ['']) +
                     [money_filter(total - giftcard_sum, self.invoice.event.currency)]
                 )
@@ -1008,14 +997,14 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
         story.append(Spacer(1, 10 * mm))
 
         if request_show_service_date:
-            story.append(FontFallbackParagraph(
-                self._normalize(pgettext('invoice', 'Invoice period: {daterange}').format(daterange=request_show_service_date)),
+            story.append(PlainTextParagraph(
+                pgettext('invoice', 'Invoice period: {daterange}').format(daterange=request_show_service_date),
                 self.stylesheet['Normal']
             ))
 
         if self.invoice.payment_provider_text:
             story.append(FontFallbackParagraph(
-                self._normalize(self.invoice.payment_provider_text),
+                self._clean_text(self.invoice.payment_provider_text, tags=['br', 'b']),
                 self.stylesheet['Normal']
             ))
 
@@ -1039,10 +1028,10 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
             ('FONTNAME', (0, 0), (-1, -1), self.font_regular),
         ]
         thead = [
-            FontFallbackParagraph(self._normalize(pgettext('invoice', 'Tax rate')), self.stylesheet['Fineprint']),
-            FontFallbackParagraph(self._normalize(pgettext('invoice', 'Net value')), self.stylesheet['FineprintRight']),
-            FontFallbackParagraph(self._normalize(pgettext('invoice', 'Gross value')), self.stylesheet['FineprintRight']),
-            FontFallbackParagraph(self._normalize(pgettext('invoice', 'Tax')), self.stylesheet['FineprintRight']),
+            PlainTextParagraph(pgettext('invoice', 'Tax rate'), self.stylesheet['Fineprint']),
+            PlainTextParagraph(pgettext('invoice', 'Net value'), self.stylesheet['FineprintRight']),
+            PlainTextParagraph(pgettext('invoice', 'Gross value'), self.stylesheet['FineprintRight']),
+            PlainTextParagraph(pgettext('invoice', 'Tax'), self.stylesheet['FineprintRight']),
             ''
         ]
         tdata = [thead]
@@ -1053,7 +1042,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                 continue
             tax = taxvalue_map[idx]
             tdata.append([
-                FontFallbackParagraph(self._normalize(localize(rate) + " % " + name), self.stylesheet['Fineprint']),
+                PlainTextParagraph(localize(rate) + " % " + name, self.stylesheet['Fineprint']),
                 money_filter(gross - tax, self.invoice.event.currency),
                 money_filter(gross, self.invoice.event.currency),
                 money_filter(tax, self.invoice.event.currency),
@@ -1072,7 +1061,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
             table.setStyle(TableStyle(tstyledata))
             story.append(Spacer(5 * mm, 5 * mm))
             story.append(KeepTogether([
-                FontFallbackParagraph(self._normalize(pgettext('invoice', 'Included taxes')), self.stylesheet['FineprintHeading']),
+                PlainTextParagraph(pgettext('invoice', 'Included taxes'), self.stylesheet['FineprintHeading']),
                 table
             ]))
 
@@ -1089,7 +1078,7 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
                     net = gross - tax
 
                     tdata.append([
-                        FontFallbackParagraph(self._normalize(localize(rate) + " % " + name), self.stylesheet['Fineprint']),
+                        PlainTextParagraph(localize(rate) + " % " + name, self.stylesheet['Fineprint']),
                         fmt(net), fmt(gross), fmt(tax), ''
                     ])
 
@@ -1098,13 +1087,13 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
 
                 story.append(KeepTogether([
                     Spacer(1, height=2 * mm),
-                    FontFallbackParagraph(
-                        self._normalize(pgettext(
+                    PlainTextParagraph(
+                        pgettext(
                             'invoice', 'Using the conversion rate of 1:{rate} as published by the {authority} on '
                                        '{date}, this corresponds to:'
                         ).format(rate=localize(self.invoice.foreign_currency_rate),
                                  authority=SOURCE_NAMES.get(self.invoice.foreign_currency_source, "?"),
-                                 date=date_format(self.invoice.foreign_currency_rate_date, "SHORT_DATE_FORMAT"))),
+                                 date=date_format(self.invoice.foreign_currency_rate_date, "SHORT_DATE_FORMAT")),
                         self.stylesheet['Fineprint']
                     ),
                     Spacer(1, height=3 * mm),
@@ -1113,14 +1102,14 @@ class ClassicInvoiceRenderer(BaseReportlabInvoiceRenderer):
         elif self.invoice.foreign_currency_display and self.invoice.foreign_currency_rate:
             foreign_total = round_decimal(total * self.invoice.foreign_currency_rate)
             story.append(Spacer(1, 5 * mm))
-            story.append(FontFallbackParagraph(self._normalize(
+            story.append(PlainTextParagraph(
                 pgettext(
                     'invoice', 'Using the conversion rate of 1:{rate} as published by the {authority} on '
                                '{date}, the invoice total corresponds to {total}.'
                 ).format(rate=localize(self.invoice.foreign_currency_rate),
                          date=date_format(self.invoice.foreign_currency_rate_date, "SHORT_DATE_FORMAT"),
                          authority=SOURCE_NAMES.get(self.invoice.foreign_currency_source, "?"),
-                         total=fmt(foreign_total))),
+                         total=fmt(foreign_total)),
                 self.stylesheet['Fineprint']
             ))
 
@@ -1162,11 +1151,8 @@ class Modern1Renderer(ClassicInvoiceRenderer):
     def _draw_invoice_from(self, canvas):
         if not self.invoice.invoice_from:
             return
-        c = [
-            self._clean_text(l)
-            for l in self.invoice.address_invoice_from.strip().split('\n')
-        ]
-        p = FontFallbackParagraph(self._normalize(' · '.join(c)), style=self.stylesheet['Sender'])
+        c = self.invoice.address_invoice_from.strip().split('\n')
+        p = PlainTextParagraph(' · '.join(c), style=self.stylesheet['Sender'])
         p.wrapOn(canvas, self.invoice_to_width, 15.7 * mm)
         p.drawOn(canvas, self.invoice_to_left, self.pagesize[1] - self.invoice_to_top + 2 * mm)
         super()._draw_invoice_from(canvas)
@@ -1225,8 +1211,8 @@ class Modern1Renderer(ClassicInvoiceRenderer):
                 _draw(pgettext('invoice', 'Order code'), self.invoice.order.full_code, value_size, self.left_margin, 45 * mm, **kwargs)
             ]
 
-            p = FontFallbackParagraph(
-                self._normalize(date_format(self.invoice.date, "DATE_FORMAT")),
+            p = PlainTextParagraph(
+                date_format(self.invoice.date, "DATE_FORMAT"),
                 style=ParagraphStyle(name=f'Normal{value_size}', fontName=self.font_regular, fontSize=value_size, leading=value_size * 1.2)
             )
             w = stringWidth(p.text, p.frags[0].fontName, p.frags[0].fontSize)
@@ -1283,7 +1269,7 @@ class Modern1SimplifiedRenderer(Modern1Renderer):
         i = []
 
         if not self.invoice.event.has_subevents and self.invoice.event.settings.show_dates_on_frontpage:
-            i.append(FontFallbackParagraph(
+            i.append(PlainTextParagraph(
                 pgettext('invoice', 'Event date: {date_range}').format(
                     date_range=self.invoice.event.get_date_range_display(),
                 ),

src/pretix/base/modelimport.py

@@ -70,10 +70,6 @@ def parse_csv(file, length=None, mode="strict", charset=None):
         except ImportError:
             charset = file.charset
     data = data.decode(charset or "utf-8", mode)
-
-    # remove stray linebreaks from the end of the file
-    data = data.rstrip("\n")
-
     # If the file was modified on a Mac, it only contains \r as line breaks
     if '\r' in data and '\n' not in data:
         data = data.replace('\r', '\n')

src/pretix/base/models/_transactions.py

@@ -29,9 +29,7 @@ import inspect
 import logging
 import os
 import threading
-from pathlib import Path
 
-import django
 from django.conf import settings
 from django.db import transaction
 
@@ -76,14 +74,10 @@ def _transactions_mark_order_dirty(order_id, using=None):
     if "PYTEST_CURRENT_TEST" in os.environ:
         # We don't care about Order.objects.create() calls in test code so let's try to figure out if this is test code
         # or not.
-        for frame in inspect.stack()[1:]:
-            if (
-                'pretix/base/models/orders' in frame.filename
-                or Path(frame.filename).is_relative_to(Path(django.__file__).parent)
-            ):
-                # Ignore model- and django-internal code
+        for frame in inspect.stack():
+            if 'pretix/base/models/orders' in frame.filename:
                 continue
-            elif 'test_' in frame.filename or 'conftest.py' in frame.filename:
+            elif 'test_' in frame.filename or 'conftest.py in frame.filename':
                 return
             elif 'pretix/' in frame.filename or 'pretix_' in frame.filename:
                 # This went through non-test code, let's consider it non-test

src/pretix/base/models/auth.py

@@ -38,7 +38,6 @@ import operator
 import secrets
 from datetime import timedelta
 from functools import reduce
-from typing import Protocol
 
 from django.conf import settings
 from django.contrib.auth.models import (
@@ -68,14 +67,6 @@ class EmailAddressTakenError(IntegrityError):
     pass
 
 
-class PermissionHolder(Protocol):
-    def has_event_permission(self, organizer, event, perm_name=None, request=None, session_key=None) -> bool:
-        ...
-
-    def has_organizer_permission(self, organizer, perm_name=None, request=None):
-        ...
-
-
 class UserManager(BaseUserManager):
     """
     This is the user manager for our custom user model. See the User
@@ -705,18 +696,6 @@ class User(AbstractBaseUser, PermissionsMixin, LoggingMixin):
         return self.teams.exists()
 
 
-class UserWithStaffSession:
-    # Wrapper around a User object with a staff session, implementing the PermissionHolder Protocol
-    def __init__(self, user):
-        self.user = user
-
-    def has_event_permission(self, organizer, event, perm_name=None, request=None, session_key=None) -> bool:
-        return True
-
-    def has_organizer_permission(self, organizer, perm_name=None, request=None):
-        return True
-
-
 class UserKnownLoginSource(models.Model):
     user = models.ForeignKey('User', on_delete=models.CASCADE, related_name="known_login_sources")
     agent_type = models.CharField(max_length=255, null=True, blank=True)

src/pretix/base/models/devices.py

@@ -229,7 +229,7 @@ class Device(LoggedModel):
         """
         return self._organizer_permission_set() if self.organizer == organizer else set()
 
-    def has_event_permission(self, organizer, event, perm_name=None, request=None, session_key=None) -> bool:
+    def has_event_permission(self, organizer, event, perm_name=None, request=None) -> bool:
         """
         Checks if this token is part of a team that grants access of type ``perm_name``
         to the event ``event``.
@@ -238,7 +238,6 @@ class Device(LoggedModel):
         :param event: The event to check
         :param perm_name: The permission, e.g. ``event.orders:read``
         :param request: This parameter is ignored and only defined for compatibility reasons.
-        :param session_key: This parameter is ignored and only defined for compatibility reasons.
         :return: bool
         """
         has_event_access = (self.all_events and organizer == self.organizer) or (

src/pretix/base/models/orders.py

@@ -590,7 +590,7 @@ class Order(LockModel, LoggedModel):
             not kwargs.get('force_save_with_deferred_fields', None) and
             (not update_fields or ('require_approval' not in update_fields and 'status' not in update_fields))
         ):
-            _fail("It is unsafe to call save() on an Order with deferred fields since we can't check if you missed "
+            _fail("It is unsafe to call save() on an OrderFee with deferred fields since we can't check if you missed "
                   "creating a transaction. Call save(force_save_with_deferred_fields=True) if you really want to do "
                   "this.")
 
@@ -2841,7 +2841,7 @@ class OrderPosition(AbstractPosition):
             if Transaction.key(self) != self.__initial_transaction_key or self.canceled != self.__initial_canceled or not self.pk:
                 _transactions_mark_order_dirty(self.order_id, using=kwargs.get('using', None))
         elif not kwargs.get('force_save_with_deferred_fields', None):
-            _fail("It is unsafe to call save() on an OrderPosition with deferred fields since we can't check if you missed "
+            _fail("It is unsafe to call save() on an OrderFee with deferred fields since we can't check if you missed "
                   "creating a transaction. Call save(force_save_with_deferred_fields=True) if you really want to do "
                   "this.")
 

src/pretix/base/models/organizer.py

@@ -319,9 +319,6 @@ class TeamQuerySet(models.QuerySet):
     def event_permission_q(cls, perm_name):
         from ..permissions import assert_valid_event_permission
 
-        if perm_name is None:
-            return Q()
-
         if perm_name.startswith('can_') and perm_name in OLD_TO_NEW_EVENT_COMPAT:  # legacy
             return reduce(operator.and_, [cls.event_permission_q(p) for p in OLD_TO_NEW_EVENT_COMPAT[perm_name]])
         assert_valid_event_permission(perm_name, allow_legacy=False)
@@ -334,9 +331,6 @@ class TeamQuerySet(models.QuerySet):
     def organizer_permission_q(cls, perm_name):
         from ..permissions import assert_valid_organizer_permission
 
-        if perm_name is None:
-            return Q()
-
         if perm_name.startswith('can_') and perm_name in OLD_TO_NEW_ORGANIZER_COMPAT:  # legacy
             return reduce(operator.and_, [cls.organizer_permission_q(p) for p in OLD_TO_NEW_ORGANIZER_COMPAT[perm_name]])
         assert_valid_organizer_permission(perm_name, allow_legacy=False)
@@ -556,7 +550,7 @@ class TeamAPIToken(models.Model):
         """
         return self.team.organizer_permission_set() if self.team.organizer == organizer else set()
 
-    def has_event_permission(self, organizer, event, perm_name=None, request=None, session_key=None) -> bool:
+    def has_event_permission(self, organizer, event, perm_name=None, request=None) -> bool:
         """
         Checks if this token is part of a team that grants access of type ``perm_name``
         to the event ``event``.
@@ -565,7 +559,6 @@ class TeamAPIToken(models.Model):
         :param event: The event to check
         :param perm_name: The permission, e.g. ``event.orders:read``
         :param request: This parameter is ignored and only defined for compatibility reasons.
-        :param session_key: This parameter is ignored and only defined for compatibility reasons.
         :return: bool
         """
         has_event_access = (self.team.all_events and organizer == self.team.organizer) or (

src/pretix/base/pdf.py

@@ -54,7 +54,7 @@ from bidi import get_display
 from django.conf import settings
 from django.contrib.staticfiles import finders
 from django.core.exceptions import ValidationError
-from django.db.models import Exists, Max, Min, OuterRef
+from django.db.models import Max, Min
 from django.db.models.fields.files import FieldFile
 from django.dispatch import receiver
 from django.utils.deconstruct import deconstructible
@@ -76,7 +76,7 @@ from reportlab.pdfgen.canvas import Canvas
 from reportlab.platypus import Paragraph
 
 from pretix.base.i18n import language
-from pretix.base.models import Checkin, Event, Order, OrderPosition, Question
+from pretix.base.models import Event, Order, OrderPosition, Question
 from pretix.base.settings import PERSON_NAME_SCHEMES
 from pretix.base.signals import layout_image_variables, layout_text_variables
 from pretix.base.templatetags.money import money_filter
@@ -379,13 +379,6 @@ DEFAULT_VARIABLES = OrderedDict((
             str(p) for p in generate_compressed_addon_list(op, order, ev)
         ])
     }),
-    ("checked_in_addons", {
-        "label": _("List of Checked-In Add-Ons"),
-        "editor_sample": _("Add-on 1\n2x Add-on 2"),
-        "evaluate": lambda op, order, ev: "\n".join([
-            str(p) for p in generate_compressed_addon_list(op, order, ev, only_checked_in=True)
-        ])
-    }),
     ("organizer", {
         "label": _("Organizer name"),
         "editor_sample": _("Event organizer company"),
@@ -757,16 +750,12 @@ def get_program_times(op: OrderPosition, ev: Event):
     ])
 
 
-def generate_compressed_addon_list(op, order, event, only_checked_in=False):
+def generate_compressed_addon_list(op, order, event):
     itemcount = defaultdict(int)
-    addon_qs = (
+    addons = [p for p in (
         op.addons.all() if 'addons' in getattr(op, '_prefetched_objects_cache', {})
         else op.addons.select_related('item', 'variation')
-    )
-    if only_checked_in:
-        addon_qs = addon_qs.filter(Exists(Checkin.objects.filter(position=OuterRef('pk'))), canceled=False)
-    addons = [p for p in addon_qs if not p.canceled]
-
+    ) if not p.canceled]
     for pos in addons:
         itemcount[pos.item, pos.variation] += 1
 
@@ -1056,7 +1045,7 @@ class Renderer:
         except:
             logger.exception('Reshaping/Bidi fixes failed on string {}'.format(repr(text)))
 
-        p = Paragraph(text, style=style)
+        p = Paragraph(text, style=style)  # not using AutoEscapeParagraph is safe as we escape above
         return p, ad, lineheight
 
     def _draw_textcontainer(self, canvas: Canvas, op: OrderPosition, order: Order, o: dict):

src/pretix/base/services/export.py

@@ -40,7 +40,6 @@ from pretix.base.models import (
     CachedFile, Device, Event, Organizer, ScheduledEventExport, TeamAPIToken,
     User, cachedfile_name,
 )
-from pretix.base.models.auth import UserWithStaffSession
 from pretix.base.models.exports import ScheduledOrganizerExport
 from pretix.base.services.mail import mail
 from pretix.base.services.tasks import (
@@ -212,12 +211,7 @@ def init_event_exporters(event, user=None, token=None, device=None, request=None
         if not perm_holder.has_event_permission(event.organizer, event, permission_name, request) and not staff_session:
             continue
 
-        exporter: BaseExporter = response(
-            event=event,
-            organizer=event.organizer,
-            permission_holder=token or device or (UserWithStaffSession(user) if staff_session else user),
-            **kwargs
-        )
+        exporter: BaseExporter = response(event=event, organizer=event.organizer, **kwargs)
 
         if not exporter.available_for_user(user if user and user.is_authenticated else None):
             continue
@@ -249,12 +243,7 @@ def init_organizer_exporters(
             continue
 
         if issubclass(response, OrganizerLevelExportMixin):
-            exporter: BaseExporter = response(
-                event=Event.objects.none(),
-                organizer=organizer,
-                permission_holder=token or device or (UserWithStaffSession(user) if staff_session else user),
-                **kwargs,
-            )
+            exporter: BaseExporter = response(event=Event.objects.none(), organizer=organizer, **kwargs)
 
             try:
                 if not perm_holder.has_organizer_permission(organizer, response.get_required_organizer_permission(), request) and not staff_session:
@@ -306,12 +295,7 @@ def init_organizer_exporters(
             if not _has_permission_on_any_team_cache[permission_name] and not staff_session:
                 continue
 
-            exporter: BaseExporter = response(
-                event=_event_list_cache[permission_name],
-                organizer=organizer,
-                permission_holder=token or device or (UserWithStaffSession(user) if staff_session else user),
-                **kwargs,
-            )
+            exporter: BaseExporter = response(event=_event_list_cache[permission_name], organizer=organizer, **kwargs)
 
         if not exporter.available_for_user(user if user and user.is_authenticated else None):
             continue

src/pretix/base/services/orders.py

@@ -67,9 +67,9 @@ from pretix.base.email import get_email_context
 from pretix.base.i18n import get_language_without_region, language
 from pretix.base.media import MEDIA_TYPES
 from pretix.base.models import (
-    CartPosition, Device, Event, GiftCard, Item, ItemVariation, LogEntry,
-    Membership, Order, OrderPayment, OrderPosition, Quota, Seat,
-    SeatCategoryMapping, User, Voucher,
+    CartPosition, Device, Event, GiftCard, Item, ItemVariation, Membership,
+    Order, OrderPayment, OrderPosition, Quota, Seat, SeatCategoryMapping, User,
+    Voucher,
 )
 from pretix.base.models.event import SubEvent
 from pretix.base.models.orders import (
@@ -1618,7 +1618,7 @@ class OrderChangeManager:
     MembershipOperation = namedtuple('MembershipOperation', ('position', 'membership'))
     CancelOperation = namedtuple('CancelOperation', ('position', 'price_diff'))
     AddOperation = namedtuple('AddOperation', ('item', 'variation', 'price', 'addon_to', 'subevent', 'seat', 'membership',
-                                               'valid_from', 'valid_until', 'is_bundled', 'result', 'count'))
+                                               'valid_from', 'valid_until', 'is_bundled', 'result'))
     SplitOperation = namedtuple('SplitOperation', ('position',))
     FeeValueOperation = namedtuple('FeeValueOperation', ('fee', 'value', 'price_diff'))
     AddFeeOperation = namedtuple('AddFeeOperation', ('fee', 'price_diff'))
@@ -1632,24 +1632,16 @@ class OrderChangeManager:
     ForceRecomputeOperation = namedtuple('ForceRecomputeOperation', tuple())
 
     class AddPositionResult:
-        _positions: Optional[List[OrderPosition]]
+        _position: Optional[OrderPosition]
 
         def __init__(self):
-            self._positions = None
+            self._position = None
 
         @property
         def position(self) -> OrderPosition:
-            if self._positions is None:
+            if self._position is None:
                 raise RuntimeError("Order position has not been created yet. Call commit() first on OrderChangeManager.")
-            if len(self._positions) != 1:
-                raise RuntimeError("More than one position created.")
-            return self._positions[0]
-
-        @property
-        def positions(self) -> List[OrderPosition]:
-            if self._positions is None:
-                raise RuntimeError("Order position has not been created yet. Call commit() first on OrderChangeManager.")
-            return self._positions
+            return self._position
 
     def __init__(self, order: Order, user=None, auth=None, notify=True, reissue_invoice=True, allow_blocked_seats=False):
         self.order = order
@@ -1856,12 +1848,8 @@ class OrderChangeManager:
 
     def add_position(self, item: Item, variation: ItemVariation, price: Decimal, addon_to: OrderPosition = None,
                      subevent: SubEvent = None, seat: Seat = None, membership: Membership = None,
-                     valid_from: datetime = None, valid_until: datetime = None, count: int = 1) -> 'OrderChangeManager.AddPositionResult':
-        if count < 1:
-            raise ValueError("Count must be positive")
+                     valid_from: datetime = None, valid_until: datetime = None) -> 'OrderChangeManager.AddPositionResult':
         if isinstance(seat, str):
-            if count > 1:
-                raise ValueError("Cannot combine count > 1 with seat")
             if not seat:
                 seat = None
             else:
@@ -1915,14 +1903,14 @@ class OrderChangeManager:
         if self.order.event.settings.invoice_include_free or price.gross != Decimal('0.00'):
             self._invoice_dirty = True
 
-        self._totaldiff_guesstimate += price.gross * count
-        self._quotadiff.update({q: count for q in new_quotas})
+        self._totaldiff_guesstimate += price.gross
+        self._quotadiff.update(new_quotas)
         if seat:
             self._seatdiff.update([seat])
 
         result = self.AddPositionResult()
         self._operations.append(self.AddOperation(item, variation, price, addon_to, subevent, seat, membership,
-                                                  valid_from, valid_until, is_bundled, result, count))
+                                                  valid_from, valid_until, is_bundled, result))
         return result
 
     def split(self, position: OrderPosition):
@@ -2542,35 +2530,29 @@ class OrderChangeManager:
                     secret_dirty.remove(position)
                 position.save(update_fields=['canceled', 'secret'])
             elif isinstance(op, self.AddOperation):
-                new_pos = []
-                new_logs = []
-                for i in range(op.count):
-                    pos = OrderPosition.objects.create(
-                        item=op.item, variation=op.variation, addon_to=op.addon_to,
-                        price=op.price.gross, order=self.order, tax_rate=op.price.rate, tax_code=op.price.code,
-                        tax_value=op.price.tax, tax_rule=op.item.tax_rule,
-                        positionid=nextposid, subevent=op.subevent, seat=op.seat,
-                        used_membership=op.membership, valid_from=op.valid_from, valid_until=op.valid_until,
-                        is_bundled=op.is_bundled,
-                    )
-                    nextposid += 1
-                    new_pos.append(pos)
-                    new_logs.append(self.order.log_action('pretix.event.order.changed.add', user=self.user, auth=self.auth, data={
-                        'position': pos.pk,
-                        'item': op.item.pk,
-                        'variation': op.variation.pk if op.variation else None,
-                        'addon_to': op.addon_to.pk if op.addon_to else None,
-                        'price': op.price.gross,
-                        'positionid': pos.positionid,
-                        'membership': pos.used_membership_id,
-                        'subevent': op.subevent.pk if op.subevent else None,
-                        'seat': op.seat.pk if op.seat else None,
-                        'valid_from': op.valid_from.isoformat() if op.valid_from else None,
-                        'valid_until': op.valid_until.isoformat() if op.valid_until else None,
-                    }, save=False))
-
-                op.result._positions = new_pos
-                LogEntry.bulk_create_and_postprocess(new_logs)
+                pos = OrderPosition.objects.create(
+                    item=op.item, variation=op.variation, addon_to=op.addon_to,
+                    price=op.price.gross, order=self.order, tax_rate=op.price.rate, tax_code=op.price.code,
+                    tax_value=op.price.tax, tax_rule=op.item.tax_rule,
+                    positionid=nextposid, subevent=op.subevent, seat=op.seat,
+                    used_membership=op.membership, valid_from=op.valid_from, valid_until=op.valid_until,
+                    is_bundled=op.is_bundled,
+                )
+                nextposid += 1
+                self.order.log_action('pretix.event.order.changed.add', user=self.user, auth=self.auth, data={
+                    'position': pos.pk,
+                    'item': op.item.pk,
+                    'variation': op.variation.pk if op.variation else None,
+                    'addon_to': op.addon_to.pk if op.addon_to else None,
+                    'price': op.price.gross,
+                    'positionid': pos.positionid,
+                    'membership': pos.used_membership_id,
+                    'subevent': op.subevent.pk if op.subevent else None,
+                    'seat': op.seat.pk if op.seat else None,
+                    'valid_from': op.valid_from.isoformat() if op.valid_from else None,
+                    'valid_until': op.valid_until.isoformat() if op.valid_until else None,
+                })
+                op.result._position = pos
             elif isinstance(op, self.SplitOperation):
                 position = position_cache.setdefault(op.position.pk, op.position)
                 split_positions.append(position)
@@ -2895,7 +2877,7 @@ class OrderChangeManager:
         return total
 
     def _check_order_size(self):
-        if (len(self.order.positions.all()) + sum([op.count for op in self._operations if isinstance(op, self.AddOperation)])) > settings.PRETIX_MAX_ORDER_SIZE:
+        if (len(self.order.positions.all()) + len([op for op in self._operations if isinstance(op, self.AddOperation)])) > settings.PRETIX_MAX_ORDER_SIZE:
             raise OrderError(
                 self.error_messages['max_order_size'] % {
                     'max': settings.PRETIX_MAX_ORDER_SIZE,
@@ -2956,7 +2938,7 @@ class OrderChangeManager:
         ]) + len([
             o for o in self._operations if isinstance(o, self.SplitOperation)
         ])
-        adds = sum([o.count for o in self._operations if isinstance(o, self.AddOperation)])
+        adds = len([o for o in self._operations if isinstance(o, self.AddOperation)])
         if current > 0 and current - cancels + adds < 1:
             raise OrderError(self.error_messages['complete_cancel'])
 
@@ -3003,18 +2985,17 @@ class OrderChangeManager:
             elif isinstance(op, self.CancelOperation) and op.position in positions_to_fake_cart:
                 fake_cart.remove(positions_to_fake_cart[op.position])
             elif isinstance(op, self.AddOperation):
-                for i in range(op.count):
-                    cp = CartPosition(
-                        event=self.event,
-                        item=op.item,
-                        variation=op.variation,
-                        used_membership=op.membership,
-                        subevent=op.subevent,
-                        seat=op.seat,
-                    )
-                    cp.override_valid_from = op.valid_from
-                    cp.override_valid_until = op.valid_until
-                    fake_cart.append(cp)
+                cp = CartPosition(
+                    event=self.event,
+                    item=op.item,
+                    variation=op.variation,
+                    used_membership=op.membership,
+                    subevent=op.subevent,
+                    seat=op.seat,
+                )
+                cp.override_valid_from = op.valid_from
+                cp.override_valid_until = op.valid_until
+                fake_cart.append(cp)
         try:
             validate_memberships_in_order(self.order.customer, fake_cart, self.event, lock=True, ignored_order=self.order, testmode=self.order.testmode)
         except ValidationError as e:

src/pretix/base/templates/pretixbase/redirect.html

@@ -2,13 +2,14 @@
 {% load i18n %}
 {% load rich_text %}
 {% load static %}
+{% load wrap_in %}
 {% block title %}{% trans "Redirect" %}{% endblock %}
 {% block content %}
 <i class="fa fa-link fa-fw big-icon"></i>
 <div class="error-details">
     <h1>{% trans "Redirect" %}</h1>
     <h3>
-        {% blocktrans trimmed with host="<strong>"|add:hostname|add:"</strong>"|safe %}
+        {% blocktrans trimmed with host=hostname|wrap_in:'strong' %}
         The link you clicked on wants to redirect you to a destination on the website {{ host }}.
         {% endblocktrans %}
         {% blocktrans trimmed %}

src/pretix/control/forms/orders.py

@@ -331,10 +331,6 @@ class OtherOperationsForm(forms.Form):
 
 
 class OrderPositionAddForm(forms.Form):
-    count = forms.IntegerField(
-        label=_('Number of products to add'),
-        initial=1,
-    )
     itemvar = forms.ChoiceField(
         label=_('Product')
     )
@@ -436,10 +432,6 @@ class OrderPositionAddForm(forms.Form):
             d['used_membership'] = [m for m in self.memberships if str(m.pk) == d['used_membership']][0]
         else:
             d['used_membership'] = None
-        if d.get("count", 1) > 1 and d.get("seat"):
-            raise ValidationError({
-                "seat": _("You can not choose a seat when adding multiple products at once.")
-            })
         return d
 
 

src/pretix/control/sysreport.py

@@ -38,6 +38,7 @@ from pretix import __version__
 from pretix.base.models import Order, OrderPayment, Transaction
 from pretix.base.plugins import get_all_plugins
 from pretix.base.templatetags.money import money_filter
+from pretix.helpers.reportlab import PlainTextParagraph
 from pretix.plugins.reports.exporters import ReportlabExportMixin
 from pretix.settings import DATA_DIR
 
@@ -79,23 +80,23 @@ class SysReport(ReportlabExportMixin):
         style_small.fontSize = 6
 
         story = [
-            Paragraph("System report", headlinestyle),
+            PlainTextParagraph("System report", headlinestyle),
             Spacer(1, 5 * mm),
-            Paragraph("Usage", subheadlinestyle),
+            PlainTextParagraph("Usage", subheadlinestyle),
             Spacer(1, 5 * mm),
             self._usage_table(),
             Spacer(1, 5 * mm),
-            Paragraph("Installed versions", subheadlinestyle),
+            PlainTextParagraph("Installed versions", subheadlinestyle),
             Spacer(1, 5 * mm),
             self._tech_table(),
             Spacer(1, 5 * mm),
-            Paragraph("Plugins", subheadlinestyle),
+            PlainTextParagraph("Plugins", subheadlinestyle),
             Spacer(1, 5 * mm),
-            Paragraph(self._get_plugin_versions(), style_small),
+            PlainTextParagraph(self._get_plugin_versions(), style_small),
             Spacer(1, 5 * mm),
-            Paragraph("Custom templates", subheadlinestyle),
+            PlainTextParagraph("Custom templates", subheadlinestyle),
             Spacer(1, 5 * mm),
-            Paragraph(self._get_custom_templates(), style_small),
+            PlainTextParagraph(self._get_custom_templates(), style_small),
             Spacer(1, 5 * mm),
         ]
 
@@ -121,13 +122,13 @@ class SysReport(ReportlabExportMixin):
             ("RIGHTPADDING", (-1, 0), (-1, -1), 0),
         ]
         tdata = [
-            [Paragraph("Site URL:", style), Paragraph(settings.SITE_URL, style)],
-            [Paragraph("pretix version:", style), Paragraph(__version__, style)],
-            [Paragraph("Python version:", style), Paragraph(sys.version, style)],
-            [Paragraph("Platform:", style), Paragraph(platform.platform(), style)],
+            [PlainTextParagraph("Site URL:", style), Paragraph(settings.SITE_URL, style)],
+            [PlainTextParagraph("pretix version:", style), Paragraph(__version__, style)],
+            [PlainTextParagraph("Python version:", style), Paragraph(sys.version, style)],
+            [PlainTextParagraph("Platform:", style), Paragraph(platform.platform(), style)],
             [
-                Paragraph("Database engine:", style),
-                Paragraph(settings.DATABASES["default"]["ENGINE"], style),
+                PlainTextParagraph("Database engine:", style),
+                PlainTextParagraph(settings.DATABASES["default"]["ENGINE"], style),
             ],
         ]
         table = Table(tdata, colWidths=colwidths, repeatRows=0)
@@ -206,7 +207,7 @@ class SysReport(ReportlabExportMixin):
         year_last = now().year
         tdata = [
             [
-                Paragraph(l, style_small_head)
+                PlainTextParagraph(l, style_small_head)
                 for l in (
                     "Time frame",
                     "Currency",
@@ -257,19 +258,19 @@ class SysReport(ReportlabExportMixin):
 
                 tdata.append(
                     (
-                        Paragraph(
+                        PlainTextParagraph(
                             date_format(first_day, "M Y")
                             + " – "
                             + date_format(after_day - timedelta(days=1), "M Y"),
                             style_small,
                         ),
-                        Paragraph(c, style_small),
-                        Paragraph(str(orders_count), style_small) if i == 0 else "",
-                        Paragraph(money_filter(revenue_data.get("s_net") or 0, c), style_small),
-                        Paragraph(str(testmode_count), style_small) if i == 0 else "",
-                        Paragraph(str(unconfirmed_count), style_small) if i == 0 else "",
-                        Paragraph(str(revenue_data.get("c") or 0), style_small),
-                        Paragraph(money_filter(revenue_data.get("s_gross") or 0, c), style_small),
+                        PlainTextParagraph(c, style_small),
+                        PlainTextParagraph(str(orders_count), style_small) if i == 0 else "",
+                        PlainTextParagraph(money_filter(revenue_data.get("s_net") or 0, c), style_small),
+                        PlainTextParagraph(str(testmode_count), style_small) if i == 0 else "",
+                        PlainTextParagraph(str(unconfirmed_count), style_small) if i == 0 else "",
+                        PlainTextParagraph(str(revenue_data.get("c") or 0), style_small),
+                        PlainTextParagraph(money_filter(revenue_data.get("s_gross") or 0, c), style_small),
                     )
                 )
 

src/pretix/control/templates/pretixcontrol/order/change.html

@@ -329,7 +329,6 @@
                                         {{ add_form.custom_error }}
                                     </div>
                                 {% endif %}
-                                {% bootstrap_field add_form.count layout="control" %}
                                 {% bootstrap_field add_form.itemvar layout="control" %}
                                 {% bootstrap_field add_form.price addon_after=request.event.currency layout="control" %}
                                 {% if add_form.addon_to %}
@@ -365,7 +364,6 @@
                         </div>
                         <div class="panel-body">
                             <div class="form-horizontal">
-                                {% bootstrap_field add_position_formset.empty_form.count layout="control" %}
                                 {% bootstrap_field add_position_formset.empty_form.itemvar layout="control" %}
                                 {% bootstrap_field add_position_formset.empty_form.price addon_after=request.event.currency layout="control" %}
                                 {% if add_position_formset.empty_form.addon_to %}

src/pretix/control/templates/pretixcontrol/pdf/index.html

@@ -19,9 +19,7 @@
         {% endif %}
     </h1>
 
-    <script type="application/json" id="editor-data">
-        {{ layout|safe }}
-    </script>
+    {{ layout|json_script:"editor-data" }}
     <div class="row">
         <div class="col-md-9">
             <div class="panel panel-default panel-pdf-editor">

src/pretix/control/views/orders.py

@@ -2059,13 +2059,12 @@ class OrderChange(OrderView):
                 else:
                     variation = None
                 try:
-                    for i in range(f.cleaned_data.get("count", 1)):
-                        ocm.add_position(item, variation,
-                                         f.cleaned_data['price'],
-                                         f.cleaned_data.get('addon_to'),
-                                         f.cleaned_data.get('subevent'),
-                                         f.cleaned_data.get('seat'),
-                                         f.cleaned_data.get('used_membership'))
+                    ocm.add_position(item, variation,
+                                     f.cleaned_data['price'],
+                                     f.cleaned_data.get('addon_to'),
+                                     f.cleaned_data.get('subevent'),
+                                     f.cleaned_data.get('seat'),
+                                     f.cleaned_data.get('used_membership'))
                 except OrderError as e:
                     f.custom_error = str(e)
                     return False

src/pretix/control/views/organizer.py

@@ -1322,7 +1322,7 @@ class DeviceUpdateView(OrganizerDetailViewMixin, OrganizerPermissionRequiredMixi
     def form_valid(self, form):
         if form.has_changed():
             self.object.log_action('pretix.device.changed', user=self.request.user, data={
-                k: form.cleaned_data[k] if k != 'limit_events' else [e.id for e in form.cleaned_data[k]]
+                k: getattr(self.object, k) if k != 'limit_events' else [e.id for e in getattr(self.object, k).all()]
                 for k in form.changed_data
             })
 

src/pretix/control/views/pdf.py

@@ -289,7 +289,7 @@ class BaseEditorView(EventPermissionRequiredMixin, TemplateView):
         ctx['pdf'] = self.get_current_background()
         ctx['variables'] = self.get_variables()
         ctx['images'] = self.get_images()
-        ctx['layout'] = json.dumps(self.get_current_layout())
+        ctx['layout'] = self.get_current_layout()
         ctx['title'] = self.title
         ctx['locales'] = [p for p in settings.LANGUAGES if p[0] in self.request.event.settings.locales]
         ctx['maxfilesize'] = self.maxfilesize

src/pretix/helpers/apps.py

@@ -29,3 +29,8 @@ class PretixHelpersConfig(AppConfig):
     def ready(self):
         from .monkeypatching import monkeypatch_all_at_ready
         monkeypatch_all_at_ready()
+
+        # Ensure reportlab does not make any calls to the internet or the local disk
+        from reportlab import rl_config
+        rl_config.trustedHosts = []
+        rl_config.trustedSchemes = ['data']

src/pretix/helpers/monkeypatching.py

@@ -24,8 +24,11 @@ from datetime import datetime
 from http import cookies
 
 from PIL import Image
+from django.core.exceptions import SuspiciousFileOperation
 from requests.adapters import HTTPAdapter
 
+from pretix.helpers.reportlab import ThumbnailingImageReader
+
 
 def monkeypatch_vobject_performance():
     """
@@ -95,8 +98,26 @@ def monkeypatch_cookie_morsel():
     cookies.Morsel._reserved.setdefault("partitioned", "Partitioned")
 
 
+def monkeypatch_reportlab_imagereader():
+    from reportlab.lib import utils
+    old_init = utils.ImageReader.__init__
+
+    def new_init(self, fileName, ident=None):  # noqa
+        if not isinstance(fileName, Image.Image) and not hasattr(fileName, 'read') and not hasattr(fileName, 'str'):
+            if not isinstance(self, ThumbnailingImageReader):
+                # ThumbnailingImageReader is only used by us explicitly and not by using <img> in html, so it is safe
+                raise SuspiciousFileOperation("reportlab should not be reading images from disk")
+
+        return types.MethodType(old_init, self)(
+            fileName, ident
+        )
+
+    utils.ImageReader.__init__ = new_init
+
+
 def monkeypatch_all_at_ready():
     monkeypatch_vobject_performance()
     monkeypatch_pillow_safer()
     monkeypatch_requests_timeout()
     monkeypatch_cookie_morsel()
+    monkeypatch_reportlab_imagereader()

src/pretix/helpers/reportlab.py

@@ -20,14 +20,19 @@
 # <https://www.gnu.org/licenses/>.
 #
 import logging
+import re
+import unicodedata
 
 from arabic_reshaper import ArabicReshaper
+from bidi import get_display
 from django.conf import settings
 from django.utils.functional import SimpleLazyObject
+from django.utils.html import escape
 from PIL import Image
 from reportlab.lib.styles import ParagraphStyle
 from reportlab.lib.utils import ImageReader
 from reportlab.pdfbase import pdfmetrics
+from reportlab.pdfbase.ttfonts import TTFont
 from reportlab.platypus import Paragraph
 
 from pretix.presale.style import get_fonts
@@ -70,6 +75,20 @@ reshaper = SimpleLazyObject(lambda: ArabicReshaper(configuration={
 }))
 
 
+def normalize_text(text: str) -> str:
+    # reportlab does not support unicode combination characters
+    # It's important we do this before we use ArabicReshaper
+    text = unicodedata.normalize("NFKC", text)
+
+    # reportlab does not support RTL, ligature-heavy scripts like Arabic. Therefore, we use ArabicReshaper
+    # to resolve all ligatures and python-bidi to switch RTL texts.
+    try:
+        text = "\n".join(get_display(reshaper.reshape(l)) for l in re.split("\n", text))
+    except:
+        logger.exception('Reshaping/Bidi fixes failed on string {}'.format(repr(text)))
+    return text
+
+
 class FontFallbackParagraph(Paragraph):
     def __init__(self, text, style=None, *args, **kwargs):
         if style is None:
@@ -87,6 +106,8 @@ class FontFallbackParagraph(Paragraph):
         if not text:
             return True
         font = pdfmetrics.getFont(font_name)
+        if not isinstance(font, TTFont):
+            return True
         return all(
             ord(c) in font.face.charToGlyph or not c.isprintable()
             for c in text
@@ -102,6 +123,24 @@ class FontFallbackParagraph(Paragraph):
                 return family
 
 
+class PlainTextParagraph(FontFallbackParagraph):
+    def __init__(self, text, style=None, linebreaks=True, *args, **kwargs):
+        if not isinstance(text, str):
+            if hasattr(text, '__html__'):
+                raise ValueError("It is contradictory to pass escaped content to PlainTextParagraph")
+            text = str(text)
+
+        # Normalize unicode and apply reshaping
+        text = normalize_text(text)
+
+        # Escape any HTML in the text
+        text = escape(text)
+
+        if linebreaks:
+            text = text.strip().replace("\n", "<br />\n")
+        super().__init__(text, style, *args, **kwargs)
+
+
 def register_ttf_font_if_new(name, path):
     from reportlab.pdfbase import pdfmetrics
     from reportlab.pdfbase.ttfonts import TTFont

src/pretix/helpers/templatetags/wrap_in.py

@@ -0,0 +1,33 @@
+#
+# This file is part of pretix (Community Edition).
+#
+# Copyright (C) 2014-2020  Raphael Michel and contributors
+# Copyright (C) 2020-today pretix GmbH and contributors
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
+# Public License as published by the Free Software Foundation in version 3 of the License.
+#
+# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
+# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
+# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
+# this file, see <https://pretix.eu/about/en/license>.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
+# <https://www.gnu.org/licenses/>.
+#
+import logging
+
+from django import template
+from django.utils.html import format_html
+
+register = template.Library()
+logger = logging.getLogger(__name__)
+
+
+@register.filter
+def wrap_in(content, tag_name):
+    return format_html(f'<{tag_name}>{{}}</{tag_name}>', content)

src/pretix/locale/es/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2026-03-30 11:22+0000\n"
-"PO-Revision-Date: 2026-03-31 17:00+0000\n"
+"PO-Revision-Date: 2026-03-18 12:23+0000\n"
 "Last-Translator: CVZ-es <damien.bremont@casadevelazquez.org>\n"
 "Language-Team: Spanish <https://translate.pretix.eu/projects/pretix/pretix/"
 "es/>\n"
@@ -13331,7 +13331,7 @@ msgstr ""
 #: pretix/base/settings.py:4157
 #, python-brace-format
 msgid "VAT-ID is not supported for \"{}\"."
-msgstr "El NIF no es compatible con «{}»."
+msgstr ""
 
 #: pretix/base/settings.py:4164
 msgid "The last payment date cannot be before the end of presale."
@@ -27567,30 +27567,28 @@ msgid "Add a two-factor authentication device"
 msgstr "Añadir un dispositivo de autenticación de dos factores"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:19
+#, fuzzy
+#| msgid "Smartphone with the Authenticator application"
 msgid "Smartphone with Authenticator app"
-msgstr "Smartphone con la aplicación Authenticator"
+msgstr "Celular con aplicación de autenticación"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:21
 msgid ""
 "Use your smartphone with any Time-based One-Time-Password app like freeOTP, "
 "Google Authenticator or Proton Authenticator."
 msgstr ""
-"Use su smartphone con cualquier aplicación de contraseñas de un solo uso "
-"basadas en el tiempo, como freeOTP, Google Authenticator o Proton "
-"Authenticator."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:30
+#, fuzzy
+#| msgid "WebAuthn-compatible hardware token (e.g. Yubikey)"
 msgid "WebAuthn-compatible hardware token"
-msgstr "Token físico compatible con WebAuthn"
+msgstr "Hardware compatible con token WebAuthn (p. ej. Yubikey)"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:32
 msgid ""
 "Use a hardware token like the Yubikey, or other biometric authentication "
 "like fingerprint or face recognition."
 msgstr ""
-"Utiliza un dispositivo de seguridad físico, como el Yubikey, u otro método "
-"de autenticación biométrica, como el reconocimiento de huellas dactilares o "
-"facial."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_confirm_totp.html:8
 msgid "To set up this device, please follow the following steps:"

src/pretix/locale/fr/LC_MESSAGES/django.po

@@ -4,10 +4,10 @@ msgstr ""
 "Project-Id-Version: 1\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2026-03-30 11:22+0000\n"
-"PO-Revision-Date: 2026-03-31 17:00+0000\n"
+"PO-Revision-Date: 2026-03-18 12:23+0000\n"
 "Last-Translator: CVZ-es <damien.bremont@casadevelazquez.org>\n"
-"Language-Team: French <https://translate.pretix.eu/projects/pretix/pretix/"
-"fr/>\n"
+"Language-Team: French <https://translate.pretix.eu/projects/pretix/pretix/fr/"
+">\n"
 "Language: fr\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -13454,7 +13454,7 @@ msgstr ""
 #: pretix/base/settings.py:4157
 #, python-brace-format
 msgid "VAT-ID is not supported for \"{}\"."
-msgstr "Le numéro de TVA n'est pas pris en charge pour « {} »."
+msgstr ""
 
 #: pretix/base/settings.py:4164
 msgid "The last payment date cannot be before the end of presale."
@@ -27774,30 +27774,28 @@ msgid "Add a two-factor authentication device"
 msgstr "Ajouter un dispositif d'authentification à deux facteurs"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:19
+#, fuzzy
+#| msgid "Smartphone with the Authenticator application"
 msgid "Smartphone with Authenticator app"
-msgstr "Smartphone équipé de l'application Authenticator"
+msgstr "Smartphone avec l'application Authenticator"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:21
 msgid ""
 "Use your smartphone with any Time-based One-Time-Password app like freeOTP, "
 "Google Authenticator or Proton Authenticator."
 msgstr ""
-"Utilisez votre smartphone avec n'importe quelle application de mots de passe "
-"à usage unique générés en temps réel, comme freeOTP, Google Authenticator ou "
-"Proton Authenticator."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:30
+#, fuzzy
+#| msgid "WebAuthn-compatible hardware token (e.g. Yubikey)"
 msgid "WebAuthn-compatible hardware token"
-msgstr "Token matériel compatible WebAuthn"
+msgstr "Token matériel compatible WebAuthn (par ex. Yubikey)"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:32
 msgid ""
 "Use a hardware token like the Yubikey, or other biometric authentication "
 "like fingerprint or face recognition."
 msgstr ""
-"Utilisez une clé matérielle telle que la Yubikey, ou un autre moyen "
-"d'authentification biométrique, comme la reconnaissance d'empreintes "
-"digitales ou faciale."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_confirm_totp.html:8
 msgid "To set up this device, please follow the following steps:"

src/pretix/locale/nl/LC_MESSAGES/django.po

@@ -7,10 +7,10 @@ msgstr ""
 "Project-Id-Version: 1\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2026-03-30 11:22+0000\n"
-"PO-Revision-Date: 2026-03-31 17:00+0000\n"
+"PO-Revision-Date: 2026-03-18 12:23+0000\n"
 "Last-Translator: Ruud Hendrickx <ruud@leckxicon.eu>\n"
-"Language-Team: Dutch <https://translate.pretix.eu/projects/pretix/pretix/nl/>"
-"\n"
+"Language-Team: Dutch <https://translate.pretix.eu/projects/pretix/pretix/nl/"
+">\n"
 "Language: nl\n"
 "MIME-Version: 1.0\n"
 "Content-Type: text/plain; charset=UTF-8\n"
@@ -13283,7 +13283,7 @@ msgstr ""
 #: pretix/base/settings.py:4157
 #, python-brace-format
 msgid "VAT-ID is not supported for \"{}\"."
-msgstr "Btw-nummer wordt niet ondersteund voor \"{}\"."
+msgstr ""
 
 #: pretix/base/settings.py:4164
 msgid "The last payment date cannot be before the end of presale."
@@ -27461,28 +27461,28 @@ msgid "Add a two-factor authentication device"
 msgstr "Twee-factor-authenticatieapparaat toevoegen"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:19
+#, fuzzy
+#| msgid "Smartphone with the Authenticator application"
 msgid "Smartphone with Authenticator app"
-msgstr "Smartphone met Authenticator-app"
+msgstr "Smartphone met de Authenticator-applicatie"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:21
 msgid ""
 "Use your smartphone with any Time-based One-Time-Password app like freeOTP, "
 "Google Authenticator or Proton Authenticator."
 msgstr ""
-"Gebruik uw smartphone met een willekeurige app voor tijdgebonden eenmalige "
-"wachtwoorden, zoals freeOTP, Google Authenticator of Proton Authenticator."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:30
+#, fuzzy
+#| msgid "WebAuthn-compatible hardware token (e.g. Yubikey)"
 msgid "WebAuthn-compatible hardware token"
-msgstr "WebAuthn-compatibel hardwaretoken"
+msgstr "WebAuthn-compatibel hardware-token (bijvoorbeeld Yubikey)"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:32
 msgid ""
 "Use a hardware token like the Yubikey, or other biometric authentication "
 "like fingerprint or face recognition."
 msgstr ""
-"Gebruik een hardwaretoken zoals de Yubikey, of een andere vorm van "
-"biometrische authenticatie, zoals vingerafdruk- of gezichtsherkenning."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_confirm_totp.html:8
 msgid "To set up this device, please follow the following steps:"

src/pretix/locale/nl_Informal/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2026-03-30 11:22+0000\n"
-"PO-Revision-Date: 2026-03-31 17:00+0000\n"
+"PO-Revision-Date: 2026-03-18 14:50+0000\n"
 "Last-Translator: Ruud Hendrickx <ruud@leckxicon.eu>\n"
 "Language-Team: Dutch (informal) <https://translate.pretix.eu/projects/pretix/"
 "pretix/nl_Informal/>\n"
@@ -13314,7 +13314,7 @@ msgstr ""
 #: pretix/base/settings.py:4157
 #, python-brace-format
 msgid "VAT-ID is not supported for \"{}\"."
-msgstr "Btw-nummer wordt niet ondersteund voor \"{}\"."
+msgstr ""
 
 #: pretix/base/settings.py:4164
 msgid "The last payment date cannot be before the end of presale."
@@ -27518,28 +27518,28 @@ msgid "Add a two-factor authentication device"
 msgstr "Twee-factor-authenticatieapparaat toevoegen"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:19
+#, fuzzy
+#| msgid "Smartphone with the Authenticator application"
 msgid "Smartphone with Authenticator app"
-msgstr "Smartphone met Authenticator-app"
+msgstr "Smartphone met de Authenticator-applicatie"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:21
 msgid ""
 "Use your smartphone with any Time-based One-Time-Password app like freeOTP, "
 "Google Authenticator or Proton Authenticator."
 msgstr ""
-"Gebruik je smartphone met een willekeurige app voor tijdgebonden eenmalige "
-"wachtwoorden, zoals freeOTP, Google Authenticator of Proton Authenticator."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:30
+#, fuzzy
+#| msgid "WebAuthn-compatible hardware token (e.g. Yubikey)"
 msgid "WebAuthn-compatible hardware token"
-msgstr "WebAuthn-compatibel hardwaretoken"
+msgstr "WebAuthn-compatibel hardware-token (bijvoorbeeld Yubikey)"
 
 #: pretix/control/templates/pretixcontrol/user/2fa_add.html:32
 msgid ""
 "Use a hardware token like the Yubikey, or other biometric authentication "
 "like fingerprint or face recognition."
 msgstr ""
-"Gebruik een hardwaretoken zoals de Yubikey, of een andere vorm van "
-"biometrische authenticatie, zoals vingerafdruk- of gezichtsherkenning."
 
 #: pretix/control/templates/pretixcontrol/user/2fa_confirm_totp.html:8
 msgid "To set up this device, please follow the following steps:"

src/pretix/locale/pt_BR/LC_MESSAGES/django.po

@@ -8,7 +8,7 @@ msgstr ""
 "Project-Id-Version: PACKAGE VERSION\n"
 "Report-Msgid-Bugs-To: \n"
 "POT-Creation-Date: 2026-03-30 11:22+0000\n"
-"PO-Revision-Date: 2026-03-30 21:00+0000\n"
+"PO-Revision-Date: 2026-03-25 08:00+0000\n"
 "Last-Translator: Renne Rocha <renne@rocha.dev.br>\n"
 "Language-Team: Portuguese (Brazil) <https://translate.pretix.eu/projects/"
 "pretix/pretix/pt_BR/>\n"
@@ -19613,7 +19613,7 @@ msgstr "Excluir"
 #: pretix/plugins/banktransfer/templates/pretixplugins/banktransfer/import_form.html:91
 #: pretix/presale/templates/pretixpresale/fragment_event_list_filter.html:22
 msgid "Filter"
-msgstr "Filtrar"
+msgstr "Filtro"
 
 #: pretix/control/templates/pretixcontrol/checkin/checkins.html:50
 msgid "Your search did not match any check-ins."
@@ -28003,9 +28003,6 @@ msgid ""
 "According to your event settings, sold out products are hidden from "
 "customers. This way, customers will not be able to discover the waiting list."
 msgstr ""
-"De acordo com as configurações do seu evento, os produtos esgotados ficam "
-"ocultos para os clientes. Dessa forma, os clientes não poderão descobrir a "
-"lista de espera."
 
 #: pretix/control/templates/pretixcontrol/waitinglist/index.html:38
 msgid "Send vouchers"
@@ -28052,9 +28049,6 @@ msgid ""
 "waiting list in, you could sell tickets worth an additional "
 "<strong>%(amount)s</strong>."
 msgstr ""
-"Se você conseguir criar espaço suficiente em seu evento para acomodar todas "
-"as pessoas na lista de espera, poderá vender ingressos no valor de um "
-"adicional de <strong>%(amount)s</strong>."
 
 #: pretix/control/templates/pretixcontrol/waitinglist/index.html:115
 msgid "Successfully redeemed"

src/pretix/plugins/checkinlists/exporters.py

@@ -64,7 +64,7 @@ from pretix.base.timeframes import (
 from pretix.control.forms.widgets import Select2
 from pretix.helpers.filenames import safe_for_filename
 from pretix.helpers.iter import chunked_iterable
-from pretix.helpers.reportlab import FontFallbackParagraph
+from pretix.helpers.reportlab import PlainTextParagraph
 from pretix.helpers.templatetags.jsonfield import JSONExtract
 from pretix.plugins.reports.exporters import ReportlabExportMixin
 
@@ -344,7 +344,7 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
         ]
 
         story = [
-            FontFallbackParagraph(
+            PlainTextParagraph(
                 cl.name,
                 headlinestyle
             ),
@@ -352,7 +352,7 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
         if cl.subevent:
             story += [
                 Spacer(1, 3 * mm),
-                FontFallbackParagraph(
+                PlainTextParagraph(
                     '{} ({} {})'.format(
                         cl.subevent.name,
                         cl.subevent.get_date_range_display(),
@@ -382,10 +382,10 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
         headrowstyle.fontName = 'OpenSansBd'
         for q in questions:
             txt = str(q.question)
-            p = FontFallbackParagraph(txt, headrowstyle)
+            p = PlainTextParagraph(txt, headrowstyle)
             while p.wrap(colwidths[len(tdata[0])], 5000)[1] > 30 * mm:
                 txt = txt[:len(txt) - 50] + "..."
-                p = FontFallbackParagraph(txt, headrowstyle)
+                p = PlainTextParagraph(txt, headrowstyle)
             tdata[0].append(p)
 
         qs = self._get_queryset(cl, form_data)
@@ -432,8 +432,8 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
                 CBFlowable(bool(op.last_checked_in)) if not op.blocked else '—',
                 '✘' if op.order.status != Order.STATUS_PAID else '✔',
                 op.order.code,
-                FontFallbackParagraph(name, self.get_style()),
-                FontFallbackParagraph(bleach.clean(str(item), tags={'br'}).strip().replace('<br>', '<br/>'), self.get_style()),
+                PlainTextParagraph(name, self.get_style()),
+                PlainTextParagraph(bleach.clean(str(item), tags={'br'}).strip().replace('<br>', '<br/>'), self.get_style()),
             ]
             acache = {}
             if op.addon_to:
@@ -444,10 +444,10 @@ class PDFCheckinList(ReportlabExportMixin, CheckInListMixin, BaseExporter):
             for q in questions:
                 txt = acache.get(q.pk, '')
                 txt = bleach.clean(txt, tags={'br'}).strip().replace('<br>', '<br/>')
-                p = FontFallbackParagraph(txt, self.get_style())
+                p = PlainTextParagraph(txt, self.get_style())
                 while p.wrap(colwidths[len(row)], 5000)[1] > 50 * mm:
                     txt = txt[:len(txt) - 50] + "..."
-                    p = FontFallbackParagraph(txt, self.get_style())
+                    p = PlainTextParagraph(txt, self.get_style())
                 row.append(p)
             if op.order.status != Order.STATUS_PAID:
                 tstyledata += [

src/pretix/plugins/reports/accountingreport.py

@@ -36,7 +36,7 @@ from reportlab.lib import colors, pagesizes
 from reportlab.lib.enums import TA_CENTER, TA_RIGHT
 from reportlab.lib.units import mm
 from reportlab.platypus import (
-    KeepTogether, PageTemplate, Paragraph, Spacer, Table, TableStyle,
+    KeepTogether, PageTemplate, Spacer, Table, TableStyle,
 )
 
 from pretix.base.exporter import BaseExporter
@@ -49,7 +49,7 @@ from pretix.base.timeframes import (
     resolve_timeframe_to_datetime_start_inclusive_end_exclusive,
 )
 from pretix.control.forms.filter import get_all_payment_providers
-from pretix.helpers.reportlab import FontFallbackParagraph
+from pretix.helpers.reportlab import PlainTextParagraph
 from pretix.plugins.reports.exporters import ReportlabExportMixin
 
 
@@ -311,13 +311,13 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
 
         tdata = [
             [
-                FontFallbackParagraph(self._transaction_group_header_label(), tstyle_bold),
-                FontFallbackParagraph(_("Price"), tstyle_bold_right),
-                FontFallbackParagraph(_("Tax rate"), tstyle_bold_right),
-                FontFallbackParagraph("#", tstyle_bold_right),
-                FontFallbackParagraph(_("Net total"), tstyle_bold_right),
-                FontFallbackParagraph(_("Tax total"), tstyle_bold_right),
-                FontFallbackParagraph(_("Gross total"), tstyle_bold_right),
+                PlainTextParagraph(self._transaction_group_header_label(), tstyle_bold),
+                PlainTextParagraph(_("Price"), tstyle_bold_right),
+                PlainTextParagraph(_("Tax rate"), tstyle_bold_right),
+                PlainTextParagraph("#", tstyle_bold_right),
+                PlainTextParagraph(_("Net total"), tstyle_bold_right),
+                PlainTextParagraph(_("Tax total"), tstyle_bold_right),
+                PlainTextParagraph(_("Gross total"), tstyle_bold_right),
             ]
         ]
 
@@ -347,12 +347,12 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
 
             if e != last_group:
                 if last_group_head_idx > 0 and e is not None:
-                    tdata[last_group_head_idx][4] = Paragraph(money_filter(sum_price_by_group - sum_tax_by_group, currency), tstyle_bold_right),
-                    tdata[last_group_head_idx][5] = Paragraph(money_filter(sum_tax_by_group, currency), tstyle_bold_right),
-                    tdata[last_group_head_idx][6] = Paragraph(money_filter(sum_price_by_group, currency), tstyle_bold_right),
+                    tdata[last_group_head_idx][4] = PlainTextParagraph(money_filter(sum_price_by_group - sum_tax_by_group, currency), tstyle_bold_right),
+                    tdata[last_group_head_idx][5] = PlainTextParagraph(money_filter(sum_tax_by_group, currency), tstyle_bold_right),
+                    tdata[last_group_head_idx][6] = PlainTextParagraph(money_filter(sum_price_by_group, currency), tstyle_bold_right),
                 tdata.append(
                     [
-                        FontFallbackParagraph(
+                        PlainTextParagraph(
                             e,
                             tstyle_bold,
                         ),
@@ -375,20 +375,20 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
             text = self._transaction_row_label(r)
             tdata.append(
                 [
-                    FontFallbackParagraph(text, tstyle),
-                    Paragraph(
+                    PlainTextParagraph(text, tstyle),
+                    PlainTextParagraph(
                         money_filter(r["price"], currency)
                         if "price" in r and r["price"] is not None
                         else "",
                         tstyle_right,
                     ),
-                    Paragraph(localize(r["tax_rate"].normalize()) + " %", tstyle_right),
-                    Paragraph(str(r["sum_cont"]), tstyle_right),
-                    Paragraph(
+                    PlainTextParagraph(localize(r["tax_rate"].normalize()) + " %", tstyle_right),
+                    PlainTextParagraph(str(r["sum_cont"]), tstyle_right),
+                    PlainTextParagraph(
                         money_filter(r["sum_price"] - r["sum_tax"], currency), tstyle_right
                     ),
-                    Paragraph(money_filter(r["sum_tax"], currency), tstyle_right),
-                    Paragraph(money_filter(r["sum_price"], currency), tstyle_right),
+                    PlainTextParagraph(money_filter(r["sum_tax"], currency), tstyle_right),
+                    PlainTextParagraph(money_filter(r["sum_price"], currency), tstyle_right),
                 ]
             )
             sum_cnt_by_tax_rate[r["tax_rate"]] += r["sum_cont"]
@@ -398,19 +398,19 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
             sum_tax_by_group += r["sum_tax"]
 
         if last_group_head_idx > 0 and last_group is not None:
-            tdata[last_group_head_idx][4] = Paragraph(money_filter(sum_price_by_group - sum_tax_by_group, currency), tstyle_bold_right),
-            tdata[last_group_head_idx][5] = Paragraph(money_filter(sum_tax_by_group, currency), tstyle_bold_right),
-            tdata[last_group_head_idx][6] = Paragraph(money_filter(sum_price_by_group, currency), tstyle_bold_right),
+            tdata[last_group_head_idx][4] = PlainTextParagraph(money_filter(sum_price_by_group - sum_tax_by_group, currency), tstyle_bold_right),
+            tdata[last_group_head_idx][5] = PlainTextParagraph(money_filter(sum_tax_by_group, currency), tstyle_bold_right),
+            tdata[last_group_head_idx][6] = PlainTextParagraph(money_filter(sum_price_by_group, currency), tstyle_bold_right),
 
         if len(sum_tax_by_tax_rate) > 1:
             for tax_rate in sorted(sum_tax_by_tax_rate.keys(), reverse=True):
                 tdata.append(
                     [
-                        FontFallbackParagraph(_("Sum"), tstyle),
-                        Paragraph("", tstyle_right),
-                        Paragraph(localize(tax_rate.normalize()) + " %", tstyle_right),
-                        Paragraph("", tstyle_right),
-                        Paragraph(
+                        PlainTextParagraph(_("Sum"), tstyle),
+                        PlainTextParagraph("", tstyle_right),
+                        PlainTextParagraph(localize(tax_rate.normalize()) + " %", tstyle_right),
+                        PlainTextParagraph("", tstyle_right),
+                        PlainTextParagraph(
                             money_filter(
                                 sum_price_by_tax_rate[tax_rate]
                                 - sum_tax_by_tax_rate[tax_rate],
@@ -418,10 +418,10 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                             ),
                             tstyle_right,
                         ),
-                        Paragraph(
+                        PlainTextParagraph(
                             money_filter(sum_tax_by_tax_rate[tax_rate], currency), tstyle_right
                         ),
-                        Paragraph(
+                        PlainTextParagraph(
                             money_filter(sum_price_by_tax_rate[tax_rate], currency),
                             tstyle_right,
                         ),
@@ -439,11 +439,11 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
 
         tdata.append(
             [
-                FontFallbackParagraph(_("Sum"), tstyle_bold),
-                Paragraph("", tstyle_right),
-                Paragraph("", tstyle_right),
-                Paragraph("", tstyle_bold_right),
-                Paragraph(
+                PlainTextParagraph(_("Sum"), tstyle_bold),
+                PlainTextParagraph("", tstyle_right),
+                PlainTextParagraph("", tstyle_right),
+                PlainTextParagraph("", tstyle_bold_right),
+                PlainTextParagraph(
                     money_filter(
                         sum(sum_price_by_tax_rate.values())
                         - sum(sum_tax_by_tax_rate.values()),
@@ -451,11 +451,11 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                     ),
                     tstyle_bold_right,
                 ),
-                Paragraph(
+                PlainTextParagraph(
                     money_filter(sum(sum_tax_by_tax_rate.values()), currency),
                     tstyle_bold_right,
                 ),
-                Paragraph(
+                PlainTextParagraph(
                     money_filter(sum(sum_price_by_tax_rate.values()), currency),
                     tstyle_bold_right,
                 ),
@@ -493,10 +493,10 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
 
         tdata = [
             [
-                FontFallbackParagraph(_("Payment method"), tstyle_bold),
-                FontFallbackParagraph(_("Payments"), tstyle_bold_right),
-                FontFallbackParagraph(_("Refunds"), tstyle_bold_right),
-                FontFallbackParagraph(_("Total"), tstyle_bold_right),
+                PlainTextParagraph(_("Payment method"), tstyle_bold),
+                PlainTextParagraph(_("Payments"), tstyle_bold_right),
+                PlainTextParagraph(_("Refunds"), tstyle_bold_right),
+                PlainTextParagraph(_("Total"), tstyle_bold_right),
             ]
         ]
 
@@ -537,20 +537,20 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
         for p in providers:
             tdata.append(
                 [
-                    Paragraph(provider_names.get(p, p), tstyle),
-                    FontFallbackParagraph(
+                    PlainTextParagraph(provider_names.get(p, p), tstyle),
+                    PlainTextParagraph(
                         money_filter(payments_by_provider[p], currency)
                         if p in payments_by_provider
                         else "",
                         tstyle_right,
                     ),
-                    Paragraph(
+                    PlainTextParagraph(
                         money_filter(refunds_by_provider[p], currency)
                         if p in refunds_by_provider
                         else "",
                         tstyle_right,
                     ),
-                    Paragraph(
+                    PlainTextParagraph(
                         money_filter(
                             payments_by_provider.get(p, Decimal("0.00"))
                             - refunds_by_provider.get(p, Decimal("0.00")),
@@ -563,20 +563,20 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
 
         tdata.append(
             [
-                FontFallbackParagraph(_("Sum"), tstyle_bold),
-                Paragraph(
+                PlainTextParagraph(_("Sum"), tstyle_bold),
+                PlainTextParagraph(
                     money_filter(
                         sum(payments_by_provider.values(), Decimal("0.00")), currency
                     ),
                     tstyle_bold_right,
                 ),
-                Paragraph(
+                PlainTextParagraph(
                     money_filter(
                         sum(refunds_by_provider.values(), Decimal("0.00")), currency
                     ),
                     tstyle_bold_right,
                 ),
-                Paragraph(
+                PlainTextParagraph(
                     money_filter(
                         sum(payments_by_provider.values(), Decimal("0.00"))
                         - sum(refunds_by_provider.values(), Decimal("0.00")),
@@ -641,7 +641,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
             open_before = tx_before - p_before + r_before
             tdata.append(
                 [
-                    FontFallbackParagraph(
+                    PlainTextParagraph(
                         _("Pending payments at {datetime}").format(
                             datetime=date_format(
                                 (df_start - datetime.timedelta.resolution).astimezone(
@@ -653,7 +653,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                         tstyle,
                     ),
                     "",
-                    Paragraph(money_filter(open_before, currency), tstyle_right),
+                    PlainTextParagraph(money_filter(open_before, currency), tstyle_right),
                 ]
             )
         else:
@@ -670,30 +670,30 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
         ] or Decimal("0.00")
         tdata.append(
             [
-                FontFallbackParagraph(_("Orders"), tstyle),
-                Paragraph("+", tstyle_center),
-                Paragraph(money_filter(tx_during, currency), tstyle_right),
+                PlainTextParagraph(_("Orders"), tstyle),
+                PlainTextParagraph("+", tstyle_center),
+                PlainTextParagraph(money_filter(tx_during, currency), tstyle_right),
             ]
         )
         tdata.append(
             [
-                FontFallbackParagraph(_("Payments"), tstyle),
-                Paragraph("-", tstyle_center),
-                Paragraph(money_filter(p_during, currency), tstyle_right),
+                PlainTextParagraph(_("Payments"), tstyle),
+                PlainTextParagraph("-", tstyle_center),
+                PlainTextParagraph(money_filter(p_during, currency), tstyle_right),
             ]
         )
         tdata.append(
             [
-                FontFallbackParagraph(_("Refunds"), tstyle),
-                Paragraph("+", tstyle_center),
-                Paragraph(money_filter(r_during, currency), tstyle_right),
+                PlainTextParagraph(_("Refunds"), tstyle),
+                PlainTextParagraph("+", tstyle_center),
+                PlainTextParagraph(money_filter(r_during, currency), tstyle_right),
             ]
         )
 
         open_after = open_before + tx_during - p_during + r_during
         tdata.append(
             [
-                Paragraph(
+                PlainTextParagraph(
                     _("Pending payments at {datetime}").format(
                         datetime=date_format(
                             ((df_end or now()) - datetime.timedelta.resolution).astimezone(
@@ -704,8 +704,8 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                     ),
                     tstyle_bold,
                 ),
-                Paragraph("=", tstyle_center),
-                Paragraph(money_filter(open_after, currency), tstyle_bold_right),
+                PlainTextParagraph("=", tstyle_center),
+                PlainTextParagraph(money_filter(open_after, currency), tstyle_bold_right),
             ]
         )
         tstyledata += [
@@ -752,7 +752,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
             )
             tdata.append(
                 [
-                    Paragraph(
+                    PlainTextParagraph(
                         _("Total gift card value at {datetime}").format(
                             datetime=date_format(
                                 (df_start - datetime.timedelta.resolution).astimezone(
@@ -763,7 +763,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                         ),
                         tstyle,
                     ),
-                    Paragraph(money_filter(tx_before, currency), tstyle_right),
+                    PlainTextParagraph(money_filter(tx_before, currency), tstyle_right),
                 ]
             )
         else:
@@ -774,8 +774,8 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
         ] or Decimal("0.00")
         tdata.append(
             [
-                FontFallbackParagraph(_("Gift card transactions (credit)"), tstyle),
-                Paragraph(money_filter(tx_during_pos, currency), tstyle_right),
+                PlainTextParagraph(_("Gift card transactions (credit)"), tstyle),
+                PlainTextParagraph(money_filter(tx_during_pos, currency), tstyle_right),
             ]
         )
 
@@ -784,15 +784,15 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
         ] or Decimal("0.00")
         tdata.append(
             [
-                FontFallbackParagraph(_("Gift card transactions (debit)"), tstyle),
-                Paragraph(money_filter(tx_during_neg, currency), tstyle_right),
+                PlainTextParagraph(_("Gift card transactions (debit)"), tstyle),
+                PlainTextParagraph(money_filter(tx_during_neg, currency), tstyle_right),
             ]
         )
 
         open_after = tx_before + tx_during_pos + tx_during_neg
         tdata.append(
             [
-                Paragraph(
+                PlainTextParagraph(
                     _("Total gift card value at {datetime}").format(
                         datetime=date_format(
                             ((df_end or now()) - datetime.timedelta.resolution).astimezone(
@@ -803,7 +803,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                     ),
                     tstyle_bold,
                 ),
-                Paragraph(money_filter(open_after, currency), tstyle_bold_right),
+                PlainTextParagraph(money_filter(open_after, currency), tstyle_bold_right),
             ]
         )
         tstyledata += [
@@ -854,10 +854,10 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
             style_small.leading = 10
 
             story = [
-                FontFallbackParagraph(self.verbose_name, style_h1),
+                PlainTextParagraph(self.verbose_name, style_h1),
                 Spacer(0, 3 * mm),
-                FontFallbackParagraph(
-                    "<br />".join(escape(f) for f in self.describe_filters(form_data)),
+                PlainTextParagraph(
+                    "\n".join(escape(f) for f in self.describe_filters(form_data)),
                     style_small,
                 ),
             ]
@@ -870,7 +870,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                 if s:
                     story += [
                         Spacer(0, 3 * mm),
-                        FontFallbackParagraph(_("Orders") + c_head, style_h2),
+                        PlainTextParagraph(_("Orders") + c_head, style_h2),
                         Spacer(0, 3 * mm),
                         *s
                     ]
@@ -881,7 +881,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                 if s:
                     story += [
                         Spacer(0, 8 * mm),
-                        FontFallbackParagraph(_("Payments") + c_head, style_h2),
+                        PlainTextParagraph(_("Payments") + c_head, style_h2),
                         Spacer(0, 3 * mm),
                         *s
                     ]
@@ -894,7 +894,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                         Spacer(0, 8 * mm),
                         KeepTogether(
                             [
-                                FontFallbackParagraph(_("Open items") + c_head, style_h2),
+                                PlainTextParagraph(_("Open items") + c_head, style_h2),
                                 Spacer(0, 3 * mm),
                                 *s
                             ]
@@ -912,7 +912,7 @@ class ReportExporter(ReportlabExportMixin, BaseExporter):
                             Spacer(0, 8 * mm),
                             KeepTogether(
                                 [
-                                    FontFallbackParagraph(_("Gift cards") + c_head, style_h2),
+                                    PlainTextParagraph(_("Gift cards") + c_head, style_h2),
                                     Spacer(0, 3 * mm),
                                     *s,
                                 ]

src/pretix/plugins/reports/exporters.py

@@ -70,7 +70,7 @@ from pretix.base.timeframes import (
 )
 from pretix.control.forms.filter import OverviewFilterForm
 from pretix.helpers.reportlab import (
-    FontFallbackParagraph, register_ttf_font_if_new,
+    PlainTextParagraph, register_ttf_font_if_new,
 )
 from pretix.presale.style import get_fonts
 
@@ -282,7 +282,7 @@ class OverviewReport(Report):
         headlinestyle.fontSize = 15
         headlinestyle.fontName = 'OpenSansBd'
         story = [
-            FontFallbackParagraph(_('Orders by product') + ' ' + (_('(excl. taxes)') if net else _('(incl. taxes)')), headlinestyle),
+            PlainTextParagraph(_('Orders by product') + ' ' + (_('(excl. taxes)') if net else _('(incl. taxes)')), headlinestyle),
             Spacer(1, 5 * mm)
         ]
         return story
@@ -292,7 +292,7 @@ class OverviewReport(Report):
         if form_data.get('date_axis') and form_data.get('date_range'):
             d_start, d_end = resolve_timeframe_to_dates_inclusive(now(), form_data['date_range'], self.timezone)
             story += [
-                FontFallbackParagraph(_('{axis} between {start} and {end}').format(
+                PlainTextParagraph(_('{axis} between {start} and {end}').format(
                     axis=dict(OverviewFilterForm(event=self.event).fields['date_axis'].choices)[form_data.get('date_axis')],
                     start=date_format(d_start, 'SHORT_DATE_FORMAT') if d_start else '–',
                     end=date_format(d_end, 'SHORT_DATE_FORMAT') if d_end else '–',
@@ -305,13 +305,13 @@ class OverviewReport(Report):
                 subevent = self.event.subevents.get(pk=self.form_data.get('subevent'))
             except SubEvent.DoesNotExist:
                 subevent = self.form_data.get('subevent')
-            story.append(FontFallbackParagraph(pgettext('subevent', 'Date: {}').format(subevent), self.get_style()))
+            story.append(PlainTextParagraph(pgettext('subevent', 'Date: {}').format(subevent), self.get_style()))
             story.append(Spacer(1, 5 * mm))
 
         if form_data.get('subevent_date_range'):
             d_start, d_end = resolve_timeframe_to_datetime_start_inclusive_end_exclusive(now(), form_data['subevent_date_range'], self.timezone)
             story += [
-                FontFallbackParagraph(_('{axis} between {start} and {end}').format(
+                PlainTextParagraph(_('{axis} between {start} and {end}').format(
                     axis=_('Event date'),
                     start=date_format(d_start, 'SHORT_DATE_FORMAT') if d_start else '–',
                     end=date_format(d_end - timedelta(hours=1), 'SHORT_DATE_FORMAT') if d_end else '–',
@@ -384,13 +384,13 @@ class OverviewReport(Report):
         tdata = [
             [
                 _('Product'),
-                FontFallbackParagraph(_('Canceled'), tstyle_th),
+                PlainTextParagraph(_('Canceled'), tstyle_th),
                 '',
-                FontFallbackParagraph(_('Expired'), tstyle_th),
+                PlainTextParagraph(_('Expired'), tstyle_th),
                 '',
-                FontFallbackParagraph(_('Approval pending'), tstyle_th),
+                PlainTextParagraph(_('Approval pending'), tstyle_th),
                 '',
-                FontFallbackParagraph(_('Purchased'), tstyle_th),
+                PlainTextParagraph(_('Purchased'), tstyle_th),
                 '', '', '', '', ''
             ],
             [
@@ -421,14 +421,14 @@ class OverviewReport(Report):
         for tup in items_by_category:
             if tup[0]:
                 tdata.append([
-                    FontFallbackParagraph(str(tup[0]), tstyle_bold)
+                    PlainTextParagraph(str(tup[0]), tstyle_bold)
                 ])
                 for l, s in states:
                     tdata[-1].append(str(tup[0].num[l][0]))
                     tdata[-1].append(floatformat(tup[0].num[l][2 if net else 1], places))
             for item in tup[1]:
                 tdata.append([
-                    FontFallbackParagraph(str(item), tstyle)
+                    PlainTextParagraph(str(item), tstyle)
                 ])
                 for l, s in states:
                     tdata[-1].append(str(item.num[l][0]))
@@ -436,7 +436,7 @@ class OverviewReport(Report):
                 if item.has_variations:
                     for var in item.all_variations:
                         tdata.append([
-                            FontFallbackParagraph("          " + str(var), tstyle)
+                            PlainTextParagraph("          " + str(var), tstyle)
                         ])
                         for l, s in states:
                             tdata[-1].append(str(var.num[l][0]))
@@ -568,7 +568,7 @@ class OrderTaxListReportPDF(Report):
             tstyledata.append(('SPAN', (5 + 2 * i, 0), (6 + 2 * i, 0)))
 
         story = [
-            FontFallbackParagraph(_('Orders by tax rate ({currency})').format(currency=self.event.currency), headlinestyle),
+            PlainTextParagraph(_('Orders by tax rate ({currency})').format(currency=self.event.currency), headlinestyle),
             Spacer(1, 5 * mm)
         ]
         tdata = [

src/pretix/plugins/ticketoutputpdf/api.py

@@ -229,6 +229,11 @@ class TicketRendererViewSet(viewsets.ViewSet):
     @action(detail=False, methods=['GET'], url_name='download', url_path='download/(?P<asyncid>[^/]+)/(?P<cfid>[^/]+)')
     def download(self, *args, **kwargs):
         cf = get_object_or_404(CachedFile, id=kwargs['cfid'])
+        if not cf.allowed_for_session(self.request, "ticketoutputpdf-api"):
+            return Response(
+                {'status': 'failed', 'message': 'Unknown file ID or export failed'},
+                status=status.HTTP_410_GONE
+            )
         if cf.file:
             resp = ChunkBasedFileResponse(cf.file.file, content_type=cf.type)
             resp['Content-Disposition'] = 'attachment; filename="{}"'.format(cf.filename).encode("ascii", "ignore")
@@ -265,6 +270,7 @@ class TicketRendererViewSet(viewsets.ViewSet):
         serializer.is_valid(raise_exception=True)
 
         cf = CachedFile(web_download=False)
+        cf.bind_to_session(self.request, "ticketoutputpdf-api")
         cf.date = now()
         cf.expires = now() + timedelta(hours=24)
         cf.save()

src/pretix/presale/checkoutflow.py

@@ -50,6 +50,7 @@ from django.http import HttpResponseNotAllowed, JsonResponse
 from django.shortcuts import redirect
 from django.utils import translation
 from django.utils.functional import cached_property
+from django.utils.html import conditional_escape
 from django.utils.translation import (
     get_language, gettext_lazy as _, pgettext_lazy,
 )
@@ -1614,7 +1615,7 @@ class ConfirmStep(CartMixin, AsyncAction, TemplateFlowStep):
         meta_info = {
             'contact_form_data': self.cart_session.get('contact_form_data', {}),
             'confirm_messages': [
-                str(m) for m in self.confirm_messages.values()
+                conditional_escape(str(m)) for m in self.confirm_messages.values()
             ]
         }
         api_meta = {}

src/pretix/presale/forms/customer.py

@@ -296,8 +296,7 @@ class SetPasswordForm(forms.Form):
     }
     email = forms.EmailField(
         label=_('Email'),
-        widget=forms.EmailInput(attrs={'autocomplete': 'username', 'readonly': 'readonly'}),
-        required=False,
+        disabled=True
     )
     password = forms.CharField(
         label=_('Password'),

src/pretix/presale/signals.py

@@ -144,7 +144,7 @@ checkout_confirm_messages = EventPluginSignal()
 This signal is sent out to retrieve short messages that need to be acknowledged by the user before the
 order can be completed. This is typically used for something like "accept the terms and conditions".
 Receivers are expected to return a dictionary where the keys are globally unique identifiers for the
-message and the values can be arbitrary HTML.
+message and the values can be a SafeString containing arbitrary HTML, or a string that will be HTML-escaped.
 
 As with all event plugin signals, the ``sender`` keyword argument will contain the event.
 """

src/pretix/presale/templates/pretixpresale/event/checkout_confirm.html

@@ -176,7 +176,7 @@
                         <div class="checkbox">
                             <label for="input_confirm_{{ key }}">
                                 <input type="checkbox" class="checkbox" value="yes" name="confirm_{{ key }}" id="input_confirm_{{ key }}" required>
-                                {{ desc|safe }}
+                                {{ desc }}
                             </label>
                         </div>
                     {% endfor %}

src/pretix/presale/templates/pretixpresale/event/position.html

@@ -4,6 +4,7 @@
 {% load eventsignal %}
 {% load money %}
 {% load eventurl %}
+{% load wrap_in %}
 {% block title %}{% trans "Registration details" %}{% endblock %}
 {% block content %}
     <h2 class="h1">
@@ -48,7 +49,7 @@
         </div>
         <div class="panel-body">
             <p>
-                {% blocktrans trimmed with email="<strong>"|add:order.email|add:"</strong>"|safe %}
+                {% blocktrans trimmed with email=order.email|wrap_in:"strong" %}
                     This order is managed for you by {{ email }}. Please contact them for any questions regarding
                     payment, cancellation or changes to this order.
                 {% endblocktrans %}

src/pretix/presale/views/__init__.py

@@ -70,21 +70,18 @@ def cached_invoice_address(request):
             # do not create a session, if we don't have a session we also don't have an invoice address ;)
             request._checkout_flow_invoice_address = InvoiceAddress()
             return request._checkout_flow_invoice_address
-        cs = cart_session(request, create=False)
-        if cs is None:
+        cs = cart_session(request)
+        iapk = cs.get('invoice_address')
+        if not iapk:
             request._checkout_flow_invoice_address = InvoiceAddress()
         else:
-            iapk = cs.get('invoice_address')
-            if not iapk:
+            try:
+                with scopes_disabled():
+                    request._checkout_flow_invoice_address = InvoiceAddress.objects.get(
+                        pk=iapk, order__isnull=True
+                    )
+            except InvoiceAddress.DoesNotExist:
                 request._checkout_flow_invoice_address = InvoiceAddress()
-            else:
-                try:
-                    with scopes_disabled():
-                        request._checkout_flow_invoice_address = InvoiceAddress.objects.get(
-                            pk=iapk, order__isnull=True
-                        )
-                except InvoiceAddress.DoesNotExist:
-                    request._checkout_flow_invoice_address = InvoiceAddress()
     return request._checkout_flow_invoice_address
 
 
@@ -114,12 +111,6 @@ class CartMixin:
         return cached_invoice_address(self.request)
 
     def get_cart(self, answers=False, queryset=None, order=None, downloads=False, payments=None):
-        if not self.request.session.session_key and not order:
-            # The user has not even a session ID yet, so they can't have a cart and we can save a lot of work
-            return {
-                'positions': [],
-                # Other keys are not used on non-checkout pages
-            }
         if queryset is not None:
             prefetch = []
             if answers:
@@ -175,8 +166,7 @@ class CartMixin:
         else:
             fees = []
 
-        if not order and lcp:
-            # Do not re-round for empty cart (useless) or confirmed order (incorrect)
+        if not order:
             apply_rounding(self.request.event.settings.tax_rounding, self.invoice_address, self.request.event.currency, [*lcp, *fees])
 
         total = sum([c.price for c in lcp]) + sum([f.value for f in fees])
@@ -287,12 +277,6 @@ class CartMixin:
         }
 
     def current_selected_payments(self, positions, fees, invoice_address, *, warn=False):
-        from pretix.presale.views.cart import get_or_create_cart_id
-
-        if not get_or_create_cart_id(self.request, create=False):
-            # No active cart ID, no payments there
-            return []
-
         raw_payments = copy.deepcopy(self.cart_session.get('payments', []))
         fees = [f for f in fees if f.fee_type != OrderFee.FEE_TYPE_PAYMENT]  # we re-compute these here
 

src/pretix/presale/views/cart.py

@@ -417,7 +417,7 @@ def get_or_create_cart_id(request, create=True):
     return new_id
 
 
-def cart_session(request, create=True):
+def cart_session(request):
     """
     Before pretix 1.8.0, all checkout-related information (like the entered email address) was stored
     in the user's regular session dictionary. This led to data interference and leaks for example if a
@@ -428,9 +428,7 @@ def cart_session(request, create=True):
     active cart session sub-dictionary for read and write access.
     """
     request.session.modified = True
-    cart_id = get_or_create_cart_id(request, create=create)
-    if not cart_id and not create:
-        return None
+    cart_id = get_or_create_cart_id(request)
     return request.session['carts'][cart_id]
 
 

src/pretix/settings.py

@@ -157,7 +157,7 @@ DATABASES = {
         'HOST': config.get('database', 'host', fallback=''),
         'PORT': config.get('database', 'port', fallback=''),
         'CONN_MAX_AGE': 0 if db_backend == 'sqlite3' else 120,
-        'CONN_HEALTH_CHECKS': db_backend != 'sqlite3',
+        'CONN_HEALTH_CHECKS': db_backend != 'sqlite3',  # Will only be used from Django 4.1 onwards
         'DISABLE_SERVER_SIDE_CURSORS': db_disable_server_side_cursors,
         'OPTIONS': db_options,
         'TEST': {}
@@ -179,21 +179,6 @@ if config.has_section('replica'):
     }
     DATABASE_ROUTERS = ['pretix.helpers.database.ReplicaRouter']
 
-if config.has_section('dbreadonly'):
-    DATABASES['readonly'] = {
-        'ENGINE': 'django.db.backends.' + db_backend,
-        'NAME': config.get('dbreadonly', 'name', fallback=DATABASES['default']['NAME']),
-        'USER': config.get('dbreadonly', 'user', fallback=DATABASES['default']['USER']),
-        'PASSWORD': config.get('dbreadonly', 'password', fallback=DATABASES['default']['PASSWORD']),
-        'HOST': config.get('dbreadonly', 'host', fallback=DATABASES['default']['HOST']),
-        'PORT': config.get('dbreadonly', 'port', fallback=DATABASES['default']['PORT']),
-        'CONN_MAX_AGE': 0,  # do not spam primary with open connections as long as readonly is only used occasionally
-        'CONN_HEALTH_CHECKS': db_backend != 'sqlite3',
-        'DISABLE_SERVER_SIDE_CURSORS': db_disable_server_side_cursors,
-        'OPTIONS': db_options,
-        'TEST': {}
-    }
-
 STATIC_URL = config.get('urls', 'static', fallback='/static/')
 
 MEDIA_URL = config.get('urls', 'media', fallback='/media/')

src/tests/api/test_orders.py

@@ -2053,7 +2053,7 @@ def test_pdf_data(token_client, organizer, event, order, django_assert_max_num_q
     assert not resp.data['positions'][0].get('pdf_data')
 
     # order list
-    with django_assert_max_num_queries(34):
+    with django_assert_max_num_queries(33):
         resp = token_client.get('/api/v1/organizers/{}/events/{}/orders/?pdf_data=true'.format(
             organizer.slug, event.slug
         ))
@@ -2068,7 +2068,7 @@ def test_pdf_data(token_client, organizer, event, order, django_assert_max_num_q
     assert not resp.data['results'][0]['positions'][0].get('pdf_data')
 
     # position list
-    with django_assert_max_num_queries(36):
+    with django_assert_max_num_queries(35):
         resp = token_client.get('/api/v1/organizers/{}/events/{}/orderpositions/?pdf_data=true'.format(
             organizer.slug, event.slug
         ))

src/tests/base/test_modelimport_orders.py

@@ -991,30 +991,3 @@ def test_import_mixed_order_size_consistency(user, event, item):
         ).get()
     assert ('Inconsistent data in row 2: Column Email address contains value "a2@example.com", but for this order, '
             'the value has already been set to "a1@example.com".') in str(excinfo.value)
-
-
-@pytest.mark.django_db
-@scopes_disabled()
-def test_import_line_endings_mix(event, item, user):
-    # Ensures import works with mixed file endings.
-    # See Ticket#23230806 where a file to import ends with \r\n
-    settings = dict(DEFAULT_SETTINGS)
-    settings['item'] = 'static:{}'.format(item.pk)
-
-    cf = inputfile_factory()
-    file = cf.file
-    file.seek(0)
-    data = file.read()
-    data = data.replace(b'\n', b'\r')
-    data = data.rstrip(b'\r\r')
-    data = data + b'\r\n'
-
-    print(data)
-    cf.file.save("input.csv", ContentFile(data))
-    cf.save()
-
-    import_orders.apply(
-        args=(event.pk, cf.id, settings, 'en', user.pk)
-    )
-    assert event.orders.count() == 3
-    assert OrderPosition.objects.count() == 3

src/tests/base/test_notifications.py

@@ -24,6 +24,7 @@ from decimal import Decimal
 
 import pytest
 from django.core import mail as djmail
+from django.db import transaction
 from django.utils.timezone import now
 from django_scopes import scope
 
@@ -74,42 +75,47 @@ def user(team):
     return user
 
 
+@pytest.fixture
+def monkeypatch_on_commit(monkeypatch):
+    monkeypatch.setattr("django.db.transaction.on_commit", lambda t: t())
+
+
 @pytest.mark.django_db
-def test_notification_trigger_event_specific(event, order, user, django_capture_on_commit_callbacks):
+def test_notification_trigger_event_specific(event, order, user, monkeypatch_on_commit):
     djmail.outbox = []
     user.notification_settings.create(
         method='mail', event=event, action_type='pretix.event.order.paid', enabled=True
     )
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {})
     assert len(djmail.outbox) == 1
     assert djmail.outbox[0].subject.endswith("DUMMY: Order FOO has been marked as paid.")
 
 
 @pytest.mark.django_db
-def test_notification_trigger_global(event, order, user, django_capture_on_commit_callbacks):
+def test_notification_trigger_global(event, order, user, monkeypatch_on_commit):
     djmail.outbox = []
     user.notification_settings.create(
         method='mail', event=None, action_type='pretix.event.order.paid', enabled=True
     )
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {})
     assert len(djmail.outbox) == 1
 
 
 @pytest.mark.django_db
-def test_notification_trigger_global_wildcard(event, order, user, django_capture_on_commit_callbacks):
+def test_notification_trigger_global_wildcard(event, order, user, monkeypatch_on_commit):
     djmail.outbox = []
     user.notification_settings.create(
         method='mail', event=None, action_type='pretix.event.order.changed.*', enabled=True
     )
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.changed.item', {})
     assert len(djmail.outbox) == 1
 
 
 @pytest.mark.django_db
-def test_notification_enabled_global_ignored_specific(event, order, user, django_capture_on_commit_callbacks):
+def test_notification_enabled_global_ignored_specific(event, order, user, monkeypatch_on_commit):
     djmail.outbox = []
     user.notification_settings.create(
         method='mail', event=None, action_type='pretix.event.order.paid', enabled=True
@@ -117,24 +123,24 @@ def test_notification_enabled_global_ignored_specific(event, order, user, django
     user.notification_settings.create(
         method='mail', event=event, action_type='pretix.event.order.paid', enabled=False
     )
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {})
     assert len(djmail.outbox) == 0
 
 
 @pytest.mark.django_db
-def test_notification_ignore_same_user(event, order, user, django_capture_on_commit_callbacks):
+def test_notification_ignore_same_user(event, order, user, monkeypatch_on_commit):
     djmail.outbox = []
     user.notification_settings.create(
         method='mail', event=event, action_type='pretix.event.order.paid', enabled=True
     )
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {}, user=user)
     assert len(djmail.outbox) == 0
 
 
 @pytest.mark.django_db
-def test_notification_ignore_insufficient_permissions(event, order, user, team, django_capture_on_commit_callbacks):
+def test_notification_ignore_insufficient_permissions(event, order, user, team, monkeypatch_on_commit):
     djmail.outbox = []
     team.all_event_permissions = False
     team.limit_event_permissions = {"event.vouchers:read": True}
@@ -142,7 +148,7 @@ def test_notification_ignore_insufficient_permissions(event, order, user, team,
     user.notification_settings.create(
         method='mail', event=event, action_type='pretix.event.order.paid', enabled=True
     )
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {})
     assert len(djmail.outbox) == 0
 

src/tests/base/test_orders.py

@@ -28,9 +28,8 @@ from zoneinfo import ZoneInfo
 import pytest
 from django.conf import settings
 from django.core import mail as djmail
-from django.db import transaction
 from django.db.models import F, Sum
-from django.test import TestCase, TransactionTestCase, override_settings
+from django.test import TestCase, override_settings
 from django.utils.timezone import make_aware, now
 from django_countries.fields import Country
 from django_scopes import scope
@@ -1226,6 +1225,12 @@ class DownloadReminderTests(TestCase):
         assert len(djmail.outbox) == 0
 
 
+@pytest.fixture
+def class_monkeypatch(request, monkeypatch):
+    request.cls.monkeypatch = monkeypatch
+
+
+@pytest.mark.usefixtures("class_monkeypatch")
 class OrderCancelTests(TestCase):
     def setUp(self):
         super().setUp()
@@ -1253,6 +1258,7 @@ class OrderCancelTests(TestCase):
             self.order.create_transactions()
             generate_invoice(self.order)
             djmail.outbox = []
+        self.monkeypatch.setattr("django.db.transaction.on_commit", lambda t: t())
 
     @classscope(attr='o')
     def test_cancel_canceled(self):
@@ -1345,14 +1351,14 @@ class OrderCancelTests(TestCase):
         self.order.status = Order.STATUS_PAID
         self.order.save()
         djmail.outbox = []
-        with self.captureOnCommitCallbacks(execute=True):
-            cancel_order(self.order.pk, send_mail=True)
-
+        cancel_order(self.order.pk, send_mail=True)
+        print([s.subject for s in djmail.outbox])
+        print([s.to for s in djmail.outbox])
         assert len(djmail.outbox) == 2
-        assert ["dummy@dummy.test"] == djmail.outbox[0].to
-        assert not any(["Invoice_" in a[0] for a in djmail.outbox[0].attachments])
-        assert ["invoice@example.org"] == djmail.outbox[1].to
-        assert any(["Invoice_" in a[0] for a in djmail.outbox[1].attachments])
+        assert ["invoice@example.org"] == djmail.outbox[0].to
+        assert any(["Invoice_" in a[0] for a in djmail.outbox[0].attachments])
+        assert ["dummy@dummy.test"] == djmail.outbox[1].to
+        assert not any(["Invoice_" in a[0] for a in djmail.outbox[1].attachments])
 
     @classscope(attr='o')
     def test_cancel_paid_with_too_high_fee(self):
@@ -1482,7 +1488,8 @@ class OrderCancelTests(TestCase):
         assert self.order.all_logentries().filter(action_type='pretix.event.order.refund.requested').exists()
 
 
-class BaseOrderChangeManagerTestCase:
+@pytest.mark.usefixtures("class_monkeypatch")
+class OrderChangeManagerTests(TestCase):
     def setUp(self):
         super().setUp()
         self.o = Organizer.objects.create(name='Dummy', slug='dummy', plugins='pretix.plugins.banktransfer')
@@ -1545,6 +1552,7 @@ class BaseOrderChangeManagerTestCase:
             self.seat_a1 = self.event.seats.create(seat_number="A1", product=self.stalls, seat_guid="A1")
             self.seat_a2 = self.event.seats.create(seat_number="A2", product=self.stalls, seat_guid="A2")
             self.seat_a3 = self.event.seats.create(seat_number="A3", product=self.stalls, seat_guid="A3")
+        self.monkeypatch.setattr("django.db.transaction.on_commit", lambda t: t())
 
     def _enable_reverse_charge(self):
         self.tr7.eu_reverse_charge = True
@@ -1558,8 +1566,6 @@ class BaseOrderChangeManagerTestCase:
             country=Country('AT')
         )
 
-
-class OrderChangeManagerTests(BaseOrderChangeManagerTestCase, TestCase):
     @classscope(attr='o')
     def test_multiple_commits_forbidden(self):
         self.ocm.change_price(self.op1, Decimal('10.00'))
@@ -2400,15 +2406,6 @@ class OrderChangeManagerTests(BaseOrderChangeManagerTestCase, TestCase):
             self.ocm.commit()
         assert self.order.positions.count() == 2
 
-    @classscope(attr='o')
-    def test_add_item_quota_partial(self):
-        q1 = self.event.quotas.create(name='Test', size=1)
-        q1.items.add(self.shirt)
-        self.ocm.add_position(self.shirt, None, None, None, count=2)
-        with self.assertRaises(OrderError):
-            self.ocm.commit()
-        assert self.order.positions.count() == 2
-
     @classscope(attr='o')
     def test_add_item_addon(self):
         self.shirt.category = self.event.categories.create(name='Add-ons', is_addon=True)
@@ -3898,16 +3895,15 @@ class OrderChangeManagerTests(BaseOrderChangeManagerTestCase, TestCase):
 
     @classscope(attr='o')
     def test_set_valid_until(self):
-        with transaction.atomic():
-            self.event.settings.ticket_secret_generator = "pretix_sig1"
-            assign_ticket_secret(self.event, self.op1, force_invalidate=True, save=True)
-            old_secret = self.op1.secret
+        self.event.settings.ticket_secret_generator = "pretix_sig1"
+        assign_ticket_secret(self.event, self.op1, force_invalidate=True, save=True)
+        old_secret = self.op1.secret
 
-            dt = make_aware(datetime(2022, 9, 20, 15, 0, 0, 0))
-            self.ocm.change_valid_until(self.op1, dt)
-            self.ocm.commit()
-            self.op1.refresh_from_db()
-            assert self.op1.secret != old_secret
+        dt = make_aware(datetime(2022, 9, 20, 15, 0, 0, 0))
+        self.ocm.change_valid_until(self.op1, dt)
+        self.ocm.commit()
+        self.op1.refresh_from_db()
+        assert self.op1.secret != old_secret
 
     @classscope(attr='o')
     def test_unset_valid_from_until(self):
@@ -3932,8 +3928,6 @@ class OrderChangeManagerTests(BaseOrderChangeManagerTestCase, TestCase):
         assert len(djmail.outbox) == 1
         assert len(["Invoice_" in a[0] for a in djmail.outbox[0].attachments]) == 2
 
-
-class OrderChangeManagerTransactionalTests(BaseOrderChangeManagerTestCase, TransactionTestCase):
     @classscope(attr='o')
     def test_new_invoice_send_somewhere_else(self):
         generate_invoice(self.order)

src/tests/base/test_webhooks.py

@@ -25,6 +25,7 @@ from decimal import Decimal
 
 import pytest
 import responses
+from django.db import transaction
 from django.utils.timezone import now
 from django_scopes import scopes_disabled
 
@@ -81,9 +82,14 @@ def force_str(v):
     return v.decode() if isinstance(v, bytes) else str(v)
 
 
+@pytest.fixture
+def monkeypatch_on_commit(monkeypatch):
+    monkeypatch.setattr("django.db.transaction.on_commit", lambda t: t())
+
+
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_trigger_event_specific(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_trigger_event_specific(event, order, webhook, monkeypatch_on_commit):
     responses.add_callback(
         responses.POST, 'https://google.com',
         callback=lambda r: (200, {}, 'ok'),
@@ -91,7 +97,7 @@ def test_webhook_trigger_event_specific(event, order, webhook, django_capture_on
         match_querystring=None,  # https://github.com/getsentry/responses/issues/464
     )
 
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         le = order.log_action('pretix.event.order.paid', {})
     assert len(responses.calls) == 1
     assert json.loads(force_str(responses.calls[0].request.body)) == {
@@ -113,12 +119,12 @@ def test_webhook_trigger_event_specific(event, order, webhook, django_capture_on
 
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_trigger_global(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_trigger_global(event, order, webhook, monkeypatch_on_commit):
     webhook.limit_events.clear()
     webhook.all_events = True
     webhook.save()
     responses.add(responses.POST, 'https://google.com', status=200)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         le = order.log_action('pretix.event.order.paid', {})
     assert len(responses.calls) == 1
     assert json.loads(force_str(responses.calls[0].request.body)) == {
@@ -132,13 +138,13 @@ def test_webhook_trigger_global(event, order, webhook, django_capture_on_commit_
 
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_trigger_global_wildcard(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_trigger_global_wildcard(event, order, webhook, monkeypatch_on_commit):
     webhook.listeners.create(action_type="pretix.event.order.changed.*")
     webhook.limit_events.clear()
     webhook.all_events = True
     webhook.save()
     responses.add(responses.POST, 'https://google.com', status=200)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         le = order.log_action('pretix.event.order.changed.item', {})
     assert len(responses.calls) == 1
     assert json.loads(force_str(responses.calls[0].request.body)) == {
@@ -152,30 +158,30 @@ def test_webhook_trigger_global_wildcard(event, order, webhook, django_capture_o
 
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_ignore_wrong_action_type(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_ignore_wrong_action_type(event, order, webhook, monkeypatch_on_commit):
     responses.add(responses.POST, 'https://google.com', status=200)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.changed.item', {})
     assert len(responses.calls) == 0
 
 
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_ignore_disabled(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_ignore_disabled(event, order, webhook, monkeypatch_on_commit):
     webhook.enabled = False
     webhook.save()
     responses.add(responses.POST, 'https://google.com', status=200)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.changed.item', {})
     assert len(responses.calls) == 0
 
 
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_ignore_wrong_event(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_ignore_wrong_event(event, order, webhook, monkeypatch_on_commit):
     webhook.limit_events.clear()
     responses.add(responses.POST, 'https://google.com', status=200)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.changed.item', {})
     assert len(responses.calls) == 0
 
@@ -183,10 +189,10 @@ def test_webhook_ignore_wrong_event(event, order, webhook, django_capture_on_com
 @pytest.mark.django_db
 @pytest.mark.xfail(reason="retries can't be tested with celery_always_eager")
 @responses.activate
-def test_webhook_retry(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_retry(event, order, webhook, monkeypatch_on_commit):
     responses.add(responses.POST, 'https://google.com', status=500)
     responses.add(responses.POST, 'https://google.com', status=200)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {})
     assert len(responses.calls) == 2
     with scopes_disabled():
@@ -210,9 +216,9 @@ def test_webhook_retry(event, order, webhook, django_capture_on_commit_callbacks
 
 @pytest.mark.django_db
 @responses.activate
-def test_webhook_disable_gone(event, order, webhook, django_capture_on_commit_callbacks):
+def test_webhook_disable_gone(event, order, webhook, monkeypatch_on_commit):
     responses.add(responses.POST, 'https://google.com', status=410)
-    with django_capture_on_commit_callbacks(execute=True):
+    with transaction.atomic():
         order.log_action('pretix.event.order.paid', {})
     assert len(responses.calls) == 1
     webhook.refresh_from_db()

src/tests/conftest.py

@@ -131,8 +131,3 @@ def set_lock_namespaces(request):
             yield
     else:
         yield
-
-
-@pytest.fixture
-def class_monkeypatch(request, monkeypatch):
-    request.cls.monkeypatch = monkeypatch

src/tests/control/test_auth.py

@@ -385,6 +385,11 @@ class RegistrationFormTest(TestCase):
         self.assertEqual(response.status_code, 403)
 
 
+@pytest.fixture
+def class_monkeypatch(request, monkeypatch):
+    request.cls.monkeypatch = monkeypatch
+
+
 @pytest.mark.usefixtures("class_monkeypatch")
 class Login2FAFormTest(TestCase):
 

src/tests/control/test_events.py

@@ -49,6 +49,11 @@ from tests.base import SoupTest, extract_form_fields
 from pretix.base.models import Event, LogEntry, Order, Organizer, Team, User
 
 
+@pytest.fixture
+def class_monkeypatch(request, monkeypatch):
+    request.cls.monkeypatch = monkeypatch
+
+
 @pytest.mark.usefixtures("class_monkeypatch")
 class EventsTest(SoupTest):
     @scopes_disabled()

src/tests/control/test_orders.py

@@ -1584,11 +1584,10 @@ class OrderChangeTests(SoupTest):
             'add_position-MAX_NUM_FORMS': '100',
             'add_position-0-itemvar': str(self.shirt.pk),
             'add_position-0-do': 'on',
-            'add_position-0-count': '2',
             'add_position-0-price': '14.00',
         })
         with scopes_disabled():
-            assert self.order.positions.count() == 4
+            assert self.order.positions.count() == 3
             assert self.order.positions.last().item == self.shirt
             assert self.order.positions.last().price == 14
 

src/tests/control/test_organizer.py

@@ -33,6 +33,11 @@ from tests.base import SoupTest, extract_form_fields
 from pretix.base.models import Event, Organizer, OutgoingMail, Team, User
 
 
+@pytest.fixture
+def class_monkeypatch(request, monkeypatch):
+    request.cls.monkeypatch = monkeypatch
+
+
 @pytest.mark.usefixtures("class_monkeypatch")
 class OrganizerTest(SoupTest):
     @scopes_disabled()

src/tests/control/test_user.py

@@ -286,6 +286,11 @@ class UserPasswordChangeTest(SoupTest):
         assert self.user.needs_password_change is False
 
 
+@pytest.fixture
+def class_monkeypatch(request, monkeypatch):
+    request.cls.monkeypatch = monkeypatch
+
+
 @pytest.mark.usefixtures("class_monkeypatch")
 class UserSettings2FATest(SoupTest):
     def setUp(self):

src/tests/helpers/test_reportlab.py

@@ -0,0 +1,50 @@
+#
+# This file is part of pretix (Community Edition).
+#
+# Copyright (C) 2014-2020  Raphael Michel and contributors
+# Copyright (C) 2020-today pretix GmbH and contributors
+#
+# This program is free software: you can redistribute it and/or modify it under the terms of the GNU Affero General
+# Public License as published by the Free Software Foundation in version 3 of the License.
+#
+# ADDITIONAL TERMS APPLY: Pursuant to Section 7 of the GNU Affero General Public License, additional terms are
+# applicable granting you additional permissions and placing additional restrictions on your usage of this software.
+# Please refer to the pretix LICENSE file to obtain the full terms applicable to this work. If you did not receive
+# this file, see <https://pretix.eu/about/en/license>.
+#
+# This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied
+# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Affero General Public License for more
+# details.
+#
+# You should have received a copy of the GNU Affero General Public License along with this program.  If not, see
+# <https://www.gnu.org/licenses/>.
+#
+import pytest
+from django.core.exceptions import SuspiciousFileOperation
+from reportlab.platypus import Paragraph
+
+
+def test_http_access_disabled(monkeypatch):
+    def guard(*args, **kwargs):
+        pytest.fail("No internet wanted!")
+
+    monkeypatch.setattr('socket.socket', guard)
+
+    with pytest.raises(SuspiciousFileOperation, match="should not be reading images from disk"):
+        Paragraph(
+            '<img src="https://static.pretix.cloud/static/pretixeu/img/opengraph.png"/>',
+        )
+
+
+def test_file_access_disabled_scheme(monkeypatch):
+    with pytest.raises(SuspiciousFileOperation, match="should not be reading images from disk"):
+        Paragraph(
+            '<img src="file:///etc/passwd" />',
+        )
+
+
+def test_file_access_disabled_direct(monkeypatch):
+    with pytest.raises(SuspiciousFileOperation, match="should not be reading images from disk"):
+        Paragraph(
+            '<img src="/etc/passwd" />',
+        )

src/tests/presale/test_checkout.py

@@ -33,7 +33,7 @@ from django.conf import settings
 from django.core import mail as djmail
 from django.core.files.uploadedfile import SimpleUploadedFile
 from django.core.signing import dumps
-from django.test import TestCase, TransactionTestCase
+from django.test import TestCase
 from django.utils.crypto import get_random_string
 from django.utils.timezone import now
 from django_countries.fields import Country
@@ -60,6 +60,12 @@ from pretix.testutils.sessions import get_cart_session_key
 from .test_timemachine import TimemachineTestMixin
 
 
+@pytest.fixture
+def class_monkeypatch(request, monkeypatch):
+    request.cls.monkeypatch = monkeypatch
+
+
+@pytest.mark.usefixtures("class_monkeypatch")
 class BaseCheckoutTestCase:
     @scopes_disabled()
     def setUp(self):
@@ -98,6 +104,7 @@ class BaseCheckoutTestCase:
         self.workshopquota.items.add(self.workshop2)
         self.workshopquota.variations.add(self.workshop2a)
         self.workshopquota.variations.add(self.workshop2b)
+        self.monkeypatch.setattr("django.db.transaction.on_commit", lambda t: t())
 
     def _set_session(self, key, value):
         session = self.client.session
@@ -4413,8 +4420,6 @@ class CheckoutTestCase(BaseCheckoutTestCase, TimemachineTestMixin, TestCase):
             assert len(djmail.outbox) == 1
             assert any(["Invoice_" in a[0] for a in djmail.outbox[0].attachments])
 
-
-class CheckoutTransactionTestCase(BaseCheckoutTestCase, TransactionTestCase):
     def test_order_confirmation_mail_invoice_sent_somewhere_else(self):
         self.event.settings.invoice_address_asked = True
         self.event.settings.invoice_address_required = True

src/tests/presale/test_event.py

@@ -36,7 +36,6 @@
 import datetime
 import re
 from decimal import Decimal
-from importlib import import_module
 from json import loads
 from zoneinfo import ZoneInfo
 
@@ -81,34 +80,6 @@ class EventMiddlewareTest(EventTestMixin, SoupTest):
         doc = self.get_doc('/%s/%s/' % (self.orga.slug, self.event.slug))
         self.assertIn(str(self.event.name), doc.find("h1").text)
 
-    def test_no_session_cookie_set_on_event_index_view(self):
-        resp = self.client.get('/%s/%s/' % (self.orga.slug, self.event.slug))
-        self.assertEqual(resp.status_code, 200)
-        assert settings.SESSION_COOKIE_NAME not in self.client.cookies
-
-    def test_no_cart_session_added_on_event_index_view(self):
-        # Make sure a session is present by doing a cart op on another event
-        event2 = Event.objects.create(
-            organizer=self.orga, name='30C3b', slug='30c3b',
-            date_from=datetime.datetime(now().year + 1, 12, 26, 14, 0, tzinfo=datetime.timezone.utc),
-            live=True,
-        )
-        self.client.post('/%s/%s/cart/add' % (self.orga.slug, event2.slug), {
-            'item_%d' % 1337: '1',  # item does not need to exist
-            'ajax': 1
-        })
-        assert settings.SESSION_COOKIE_NAME in self.client.cookies
-
-        # Visit shop, make sure no session is created
-        resp = self.client.get('/%s/%s/' % (self.orga.slug, self.event.slug))
-        self.assertEqual(resp.status_code, 200)
-
-        SessionStore = import_module(settings.SESSION_ENGINE).SessionStore
-        session = SessionStore(self.client.cookies[settings.SESSION_COOKIE_NAME].value).load()
-        assert set(session.keys()) == {
-            f"current_cart_event_{event2.pk}", "carts"
-        }
-
     def test_not_found(self):
         resp = self.client.get('/%s/%s/' % ('foo', 'bar'))
         self.assertEqual(resp.status_code, 404)