CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2025-12-06 21:42:49 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: CGM_Public:v2.1.0
Branches Tags
CGM_Public:master CGM_Public:answer-export CGM_Public:fix-csv-error CGM_Public:banktransfer-dashes CGM_Public:sendmail-iterator CGM_Public:update-django-version CGM_Public:reusablemedium-multiop CGM_Public:payment-qr CGM_Public:csv-duplicate-cols CGM_Public:release/2025.10.x CGM_Public:stable CGM_Public:release/2025.9.x CGM_Public:release/2025.8.x CGM_Public:release/2025.7.x CGM_Public:linkify-placeholder-fix CGM_Public:dependabot/pip/django-countries-eq-8.2.star CGM_Public:hardening-2fa CGM_Public:hide-invisible-fields CGM_Public:logentrytype-schema CGM_Public:quickstart-optional CGM_Public:op-export-unique-cols CGM_Public:lazy-imports CGM_Public:banktransfer-zero-5168 CGM_Public:timeline-fix-5614 CGM_Public:event-dialog-optional-4794 CGM_Public:banktransfer-invoice-reference CGM_Public:webhook-length CGM_Public:typeahead-org-slug CGM_Public:show-current-cart CGM_Public:banktransfer-camt CGM_Public:dependent-on-cc CGM_Public:attendee-mails-default CGM_Public:sort-property-helper CGM_Public:rename-migration CGM_Public:invoice-pdf-line-desc-max-length CGM_Public:validate-user-email CGM_Public:banktransfer-pending-order CGM_Public:order-rounding-mixin CGM_Public:dependabot/pip/redis-eq-7.0.star CGM_Public:richtext-link-mastodon CGM_Public:import-.wrong-item CGM_Public:fix-attach-size-filter CGM_Public:add-organizer-scope-to-pluginslist CGM_Public:fix-transmission-info CGM_Public:sync-single-transactionaware CGM_Public:no-ordinal-dates CGM_Public:new-license-header CGM_Public:checkinrule-warn-invalid-ids CGM_Public:fix-rrule CGM_Public:fix-form-styles CGM_Public:fix-datasync-shouldnotsync CGM_Public:fix-datasync-logdisplay CGM_Public:invoice-no-crash CGM_Public:dependabot/pip/django-phonenumber-field-eq-8.3.star CGM_Public:subevent-editor-improvements CGM_Public:exports-repeatable-read CGM_Public:plaintext-invoice-notification CGM_Public:order-import-logentries-bulk CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.1.star CGM_Public:notification-bulk-check CGM_Public:enqueue-order-immediate CGM_Public:enqueue-order-return CGM_Public:import-testmode-warn CGM_Public:api_organizer_settings CGM_Public:confirm-text-free CGM_Public:revert-5452-invoice-plugin-data CGM_Public:fix-wordlist-issue CGM_Public:subevent-filter-plugin CGM_Public:item-plugin-forms-group CGM_Public:fix-5455 CGM_Public:logentry-wording CGM_Public:img-srcset CGM_Public:invoice-plugin-data CGM_Public:mail-model CGM_Public:update-signal-docstrings CGM_Public:add-category-btn CGM_Public:logdetail-dbg CGM_Public:fix-order-email-error-log CGM_Public:fix-paypal2-xhr-free-cart CGM_Public:fix-datasync-notfound CGM_Public:fix-asynctask-i18n CGM_Public:org-level-plugin CGM_Public:plugins-page-fix CGM_Public:voucher-webhook CGM_Public:datasync-providers-doc CGM_Public:hierarkey-2 CGM_Public:ttf-pragraph-fallback CGM_Public:voucher-created CGM_Public:invoice-address-do-not-store-on-free CGM_Public:sync-single-tx CGM_Public:mapping-json CGM_Public:datasync CGM_Public:sendmail_pendingoverdue CGM_Public:rename-contact CGM_Public:pdf-price-with-bundled CGM_Public:fix-widget-cache-check CGM_Public:presale-remove-webmanifest CGM_Public:release/2025.6.x CGM_Public:pdf-editor-areyousure CGM_Public:api-expand-generic CGM_Public:invoice-email-language CGM_Public:question-stats-percentage CGM_Public:fix-question-graphs-ui CGM_Public:subevent-bulkedit-warning CGM_Public:clean-docs CGM_Public:event-title-everywhere CGM_Public:link-timeline CGM_Public:a11y-improve-renew-feedback CGM_Public:a11y-autocomplete-off CGM_Public:a11y-fix-calendar-nav-aria-current CGM_Public:release/2025.5.x CGM_Public:a11y-fix-giftcard-checkout CGM_Public:subevent-edit-name CGM_Public:fix-seat-svg-missing-label CGM_Public:gettextstub CGM_Public:fix-voucher-redeem-form CGM_Public:stripe_12x CGM_Public:cookieconsent-properly CGM_Public:ocm-cancel-all CGM_Public:fix-checkout-confirm CGM_Public:fix-nothingtoadd CGM_Public:dialog-backdrop-click-close CGM_Public:cart-renewal CGM_Public:a11y-add-cart-empty CGM_Public:waitinglist-export-productid CGM_Public:a11y-fix-waitinglist-link CGM_Public:a11y-no-underline-event-list CGM_Public:a11y-placeolder-contrast CGM_Public:cart-renewal-ui-html5dialog CGM_Public:cart-renewal-ui CGM_Public:tooltip-a11y CGM_Public:a11y-widget-fix-filter-dropdown CGM_Public:a11y-common-modal-dialogs CGM_Public:invoice-to-organizer-multimail CGM_Public:a11y-fix-b-strong CGM_Public:issue-5077 CGM_Public:a11y-validate-dates-serverside CGM_Public:a11y-fix-datepicker-error CGM_Public:item-list-seating CGM_Public:fix-eventlist-date-field CGM_Public:fix-headline-mismatch CGM_Public:release/2025.4.x CGM_Public:fix-datepicker-datedisplay CGM_Public:change-secret CGM_Public:subevent-discounts-test CGM_Public:sold-out-voucher CGM_Public:question-clean-answer-typo CGM_Public:checkinrpc-locales CGM_Public:fix-bulkedit-devices CGM_Public:release/2025.3.x CGM_Public:order-search-in-attendee-company CGM_Public:refactor-copy_to_first_ticket CGM_Public:organizer-index-filter-empty CGM_Public:context-on-error-page CGM_Public:order-checkin-icons CGM_Public:order-email-history-attachments CGM_Public:salutation-empty-label CGM_Public:fix-customer-create-race-condition CGM_Public:widget-data-3rdparty CGM_Public:scheduledmail-subevent-missing CGM_Public:fix-widget-data-3rdparty CGM_Public:widget-subevent-fix CGM_Public:a11y-remove-autofocus CGM_Public:release/2025.2.x CGM_Public:lists-for-failed-checkin CGM_Public:api-create-fees CGM_Public:fix-widget-data-overwrite CGM_Public:bulk-actions-logentries CGM_Public:widget-consent-prio CGM_Public:oidc-pkce CGM_Public:dependabot/pip/sphinx-eq-8.2.star CGM_Public:fix-copy-to-first-matching CGM_Public:headless CGM_Public:fix-deletedevent-checkin-logdisplay CGM_Public:widget_email_repeat CGM_Public:release/2025.1.x CGM_Public:new-docs CGM_Public:oidc_query_parameters CGM_Public:a11y-autofocus-tabindex CGM_Public:metrics_middleware_concat CGM_Public:widget-cookiebot CGM_Public:missing-registrations CGM_Public:fix-business-deps CGM_Public:invoice-pdf-transparency CGM_Public:logentrytype-registry CGM_Public:reldatetimefield-refactor CGM_Public:fix-copy-variations-channels CGM_Public:customdomain-show-backend-btn CGM_Public:invoice-user-paid CGM_Public:question-max-digits CGM_Public:i18n-field-order CGM_Public:language-switch-parameter CGM_Public:fieldset-panels-checkout CGM_Public:fix-invoice-name-validation CGM_Public:fieldset-panels-anim CGM_Public:dashboard-intcomma CGM_Public:fieldset-panels CGM_Public:fix-shipping-form CGM_Public:addressform-err-handling CGM_Public:fix-state-required-logic CGM_Public:release/2024.11.x CGM_Public:a11y-customer CGM_Public:robust-alert-colors CGM_Public:stripe-sofort-remove CGM_Public:stripe_mobilepay CGM_Public:quota-lock-log CGM_Public:main CGM_Public:pluggable-security-profiles CGM_Public:fix-category-change-log CGM_Public:checkin-present-filter-perf CGM_Public:hide-dependencies-recursively CGM_Public:fix-cond-display CGM_Public:badge-export-order-date CGM_Public:manual-fees CGM_Public:release/2024.10.x CGM_Public:raphaelm-patch-3 CGM_Public:hacky-debug-output CGM_Public:hacky-debug-output-reruns CGM_Public:ci-more-threads CGM_Public:ci-apt-y CGM_Public:before-fakeredis-update CGM_Public:actions-debug-postgres-1 CGM_Public:actions-fix-postgres CGM_Public:ci-postgres-service CGM_Public:pdf-layout-renderer-api CGM_Public:fix-category-type-column CGM_Public:cross-selling CGM_Public:bundles-not-negative CGM_Public:manual-installation CGM_Public:subevent-empty-avoid CGM_Public:release/2024.9.x CGM_Public:utils CGM_Public:email-confirm-secret-independent CGM_Public:docs-fix-typo-sso CGM_Public:unify-uncat-products-html-source CGM_Public:seating-waitinglist-sronly CGM_Public:release/2024.8.x CGM_Public:event-date-weekday CGM_Public:fix-sidebar-mobile CGM_Public:release/2024.7.x CGM_Public:release/2024.6.x CGM_Public:release/2024.5.x CGM_Public:fix-mail-preview-xss CGM_Public:api-webhook-filter CGM_Public:fix-tests CGM_Public:checkinlist-export-sort-by-date CGM_Public:fix-stripe-sca-sandbox CGM_Public:order-nullability CGM_Public:pytest-no-pending CGM_Public:add-temp-seatingframe-signal CGM_Public:fix-seatingframe-missing-css CGM_Public:stripe-giropay CGM_Public:list-sorting-move CGM_Public:daterange-test-foo CGM_Public:fix-checkbox-disabled-label-refactor CGM_Public:fix-pdf-bg-append CGM_Public:remove-subevent-items CGM_Public:fix-mail-preview-brackets-mismatch-2 CGM_Public:voucher-suggested-price CGM_Public:giftcard-validity CGM_Public:fix-mail-preview-brackets-mismatch CGM_Public:seo-improvements CGM_Public:ppv2_apm_wh_capture CGM_Public:back-to-the-future-2 CGM_Public:multi-subevent-cart-add CGM_Public:release/2024.4.x CGM_Public:fix-country-codes-profiles CGM_Public:release/2024.3.x CGM_Public:data-attr-price CGM_Public:issue-3967-adjacent CGM_Public:fix-issue-3967 CGM_Public:event_fonts CGM_Public:back-to-the-future CGM_Public:release/2024.2.x CGM_Public:release/2023.10.x CGM_Public:release/2023.8.x CGM_Public:release/2023.9.x CGM_Public:release/2024.1.x CGM_Public:django-oauth-toolkit-eq-2.3.star CGM_Public:select2-close-on-clear CGM_Public:plugins-allow-individual-ticket-download CGM_Public:event-dashboard CGM_Public:scan-debug-data CGM_Public:money-filter-tests CGM_Public:sort-sales-channels CGM_Public:pdf-fix-rotate CGM_Public:locking-tests CGM_Public:global_applepay_domain_validation CGM_Public:payment-available-from2 CGM_Public:release/4.20.x CGM_Public:release/2023.6.x CGM_Public:release/2023.7.x CGM_Public:zerodecimal_refunds CGM_Public:fix-typo CGM_Public:customer-webhooks CGM_Public:quota-cache-fix CGM_Public:pdf-bulk-vars-2 CGM_Public:new-checkin-type CGM_Public:mf0aes-docs CGM_Public:fix-pdf-image-multi-export CGM_Public:walletdetection CGM_Public:fix-pdf-bg-offset CGM_Public:celery-5.3 CGM_Public:api-taxrules CGM_Public:fix-lazy-translation-settings CGM_Public:hide-empty-addons CGM_Public:add-order-min CGM_Public:release/4.19.x CGM_Public:idna CGM_Public:order-filter-requires-attention CGM_Public:release/4.18.x CGM_Public:fix-widget-close-position CGM_Public:release/4.15.x CGM_Public:release/4.16.x CGM_Public:release/4.17.x CGM_Public:fix-q-checkbox-required CGM_Public:compact-cart CGM_Public:harmonize-checkin-export-date CGM_Public:ocm-no-canceled CGM_Public:widget-seating-embed CGM_Public:guest-handling CGM_Public:dnspython2 CGM_Public:fix-addon-typo CGM_Public:oauth-toolkit-2 CGM_Public:thumbnail-store-created CGM_Public:invoice-to-other-email CGM_Public:answer-options-csv CGM_Public:release/4.14.x CGM_Public:transaction-source CGM_Public:improve-badge-pdf-bg-performance CGM_Public:release/4.13.x CGM_Public:common-country-names CGM_Public:fix-check-in-subevent-filterform CGM_Public:placeholder-last-modification CGM_Public:fix-pdf-editor-prefill-bug CGM_Public:release/4.12.x CGM_Public:invoice-giftcards CGM_Public:addon-match CGM_Public:release/4.9.x CGM_Public:release/4.11.x CGM_Public:release/4.10.x CGM_Public:product-list-export CGM_Public:fix-api-operations-refresh CGM_Public:fix-free-price-checkbox CGM_Public:redis-response-error CGM_Public:remove-promise-from-paypal2 CGM_Public:fix-customer-identifier-unique CGM_Public:add-name-for-salutation-to-editor CGM_Public:orderlist-canceled-lines CGM_Public:event-clone-tests CGM_Public:aws_ses_454 CGM_Public:release/4.8.x CGM_Public:fix-2556-remove-attestation-from-2fa CGM_Public:release/4.5.x CGM_Public:release/4.6.x CGM_Public:release/4.7.x CGM_Public:db-conn-tz CGM_Public:hotfix CGM_Public:release/4.3.x CGM_Public:release/4.4.x CGM_Public:short-month-day-format CGM_Public:add-fixed-scroll-pos-to-calendar CGM_Public:consistency-check CGM_Public:sticky-add-to-basket CGM_Public:release/4.2.x CGM_Public:release/4.1.x CGM_Public:release/4.0.x CGM_Public:release/3.18.x CGM_Public:release/3.17.x CGM_Public:waitlist_subeventpicker CGM_Public:hotfix20210323 CGM_Public:hotfix20210325 CGM_Public:django31 CGM_Public:flaky-test CGM_Public:release/3.16.x CGM_Public:cancel-no-invoice CGM_Public:release/3.15.x CGM_Public:release/3.14.x CGM_Public:validate-dns CGM_Public:release/3.13.x CGM_Public:release/3.12.x CGM_Public:release/3.11.x CGM_Public:docker-nginx-logs CGM_Public:remove-reversecharge CGM_Public:stripe-connect-2 CGM_Public:copy-from-matching-product CGM_Public:seat-orgchoice CGM_Public:release/3.10.x CGM_Public:release/3.9.x CGM_Public:gha-migrations CGM_Public:release/3.8.x CGM_Public:issue1575 CGM_Public:release/3.7.x CGM_Public:release/3.6.x CGM_Public:release/3.5.x CGM_Public:cart-vouchers CGM_Public:release/3.4.x CGM_Public:release/3.3.x CGM_Public:stripe-connect-fees CGM_Public:release/3.2.x CGM_Public:release/3.1.x CGM_Public:release/3.0.x CGM_Public:pretixscan CGM_Public:hidden-product-quota-voucher CGM_Public:scopes CGM_Public:release/2.8.x CGM_Public:release/2.7.x CGM_Public:loadtest2 CGM_Public:orderchange2 CGM_Public:django22 CGM_Public:release/2.6.x CGM_Public:794-questions-default-value CGM_Public:dekodi CGM_Public:release/2.5.x CGM_Public:loadtest CGM_Public:selfcancel-positions CGM_Public:searchindex CGM_Public:release/2.4.x CGM_Public:release/2.3.x CGM_Public:release/2.2.x CGM_Public:release/2.1.x CGM_Public:transfer-ticket CGM_Public:release/2.0.x CGM_Public:release/1.17.x CGM_Public:design2.0 CGM_Public:release/1.16.x CGM_Public:release/1.15.x CGM_Public:release/1.14.x CGM_Public:release/1.13.x CGM_Public:release/1.12.x CGM_Public:release/1.11.x CGM_Public:release/1.10.x CGM_Public:release/1.9.x CGM_Public:release/1.8.x CGM_Public:release/1.7.x CGM_Public:new-placeholders CGM_Public:release/1.4.x CGM_Public:release/1.5.x CGM_Public:release/1.6.x CGM_Public:custom-manager CGM_Public:release/1.1.x CGM_Public:release/1.2.x CGM_Public:release/1.3.x CGM_Public:release/1.0.x CGM_Public:voucher-wizard CGM_Public:shorter-locking
CGM_Public:v2025.10.0 CGM_Public:v2025.7.3 CGM_Public:v2025.9.2 CGM_Public:v2025.8.2 CGM_Public:v2025.8.1 CGM_Public:v2025.9.1 CGM_Public:v2025.7.2 CGM_Public:v2025.9.0 CGM_Public:v2025.8.0 CGM_Public:v2025.7.1 CGM_Public:v2025.7.0 CGM_Public:v2025.6.0 CGM_Public:v2025.5.0 CGM_Public:v2025.4.0 CGM_Public:v2025.3.0 CGM_Public:v2025.2.0 CGM_Public:v2025.1.0 CGM_Public:v2024.11.0 CGM_Public:v2024.10.0 CGM_Public:v2024.9.0 CGM_Public:v2024.8.0 CGM_Public:v2024.7.1 CGM_Public:v2024.6.1 CGM_Public:v2024.5.1 CGM_Public:v2024.7.0 CGM_Public:v2024.6.0 CGM_Public:v2024.5.0 CGM_Public:v2024.4.0 CGM_Public:v2024.3.0 CGM_Public:v2024.2.0 CGM_Public:v2023.10.2 CGM_Public:v2023.8.1.post1 CGM_Public:v2023.9.1.post1 CGM_Public:v2023.8.1 CGM_Public:v2023.9.1 CGM_Public:v2024.1.1 CGM_Public:v2024.1.0 CGM_Public:v2023.10.1.post1 CGM_Public:v2023.10.1 CGM_Public:v2023.10.0 CGM_Public:v2023.9.0 CGM_Public:v2023.8.0 CGM_Public:v2023.6.3 CGM_Public:v4.20.4 CGM_Public:v2023.7.3 CGM_Public:v4.20.3 CGM_Public:v2023.6.2 CGM_Public:v2023.7.2 CGM_Public:v4.20.2.post1 CGM_Public:v4.20.2 CGM_Public:v2023.6.1 CGM_Public:v2023.7.1 CGM_Public:v2023.7.0 CGM_Public:v2023.6.0 CGM_Public:v4.20.1 CGM_Public:v4.20.0 CGM_Public:v4.19.0.post1 CGM_Public:v4.19.0 CGM_Public:v4.18.2.post1 CGM_Public:v4.18.2 CGM_Public:v4.18.1 CGM_Public:v4.18.0 CGM_Public:v4.15.1 CGM_Public:v4.16.1 CGM_Public:v4.17.1 CGM_Public:v4.17.0 CGM_Public:v4.16.0 CGM_Public:v4.15.0 CGM_Public:v4.14.0 CGM_Public:v4.13.1 CGM_Public:v4.13.0 CGM_Public:v4.12.0 CGM_Public:v4.9.1 CGM_Public:v4.10.1 CGM_Public:v4.11.1 CGM_Public:v4.11.0 CGM_Public:v4.10.0 CGM_Public:v4.9.0 CGM_Public:v4.8.0 CGM_Public:v4.5.2 CGM_Public:v4.6.1 CGM_Public:v4.7.1 CGM_Public:v4.7.0 CGM_Public:v4.6.0 CGM_Public:v4.3.1 CGM_Public:v4.4.1 CGM_Public:v4.5.1 CGM_Public:v4.5.0 CGM_Public:a CGM_Public:v4.4.0 CGM_Public:v4.3.0 CGM_Public:v4.2.0 CGM_Public:v4.1.0.post1 CGM_Public:v4.1.0 CGM_Public:v4.0.0 CGM_Public:v3.18.0 CGM_Public:v3.17.2 CGM_Public:v3.17.1 CGM_Public:v3.17.0 CGM_Public:v3.16.0 CGM_Public:v3.15.0 CGM_Public:v3.14.2 CGM_Public:v3.14.1 CGM_Public:v3.14.0 CGM_Public:v3.13.1 CGM_Public:v3.12.1 CGM_Public:v3.11.1 CGM_Public:v3.13.0 CGM_Public:v3.12.0 CGM_Public:v3.11.0 CGM_Public:v3.10.0 CGM_Public:v3.9.0 CGM_Public:v3.8.0 CGM_Public:v3.7.0 CGM_Public:v3.6.0 CGM_Public:v3.5.0 CGM_Public:v3.4.0 CGM_Public:v3.3.0 CGM_Public:v3.2.0 CGM_Public:v3.1.0 CGM_Public:v3.0.1 CGM_Public:v3.0.0 CGM_Public:v2.8.2 CGM_Public:v2.8.1 CGM_Public:v2.8.0 CGM_Public:v2.7.2 CGM_Public:v2.7.1 CGM_Public:v2.7.0 CGM_Public:s CGM_Public:v2.6.0 CGM_Public:v2.5.0 CGM_Public:v2.4.0 CGM_Public:v2.3.0 CGM_Public:v2.2.0 CGM_Public:v2.1.0 CGM_Public:v2.0.0 CGM_Public:v1.17.1 CGM_Public:v1.17.0 CGM_Public:v1.16.0 CGM_Public:v1.15.2 CGM_Public:v1.15.1 CGM_Public:v1.15.0 CGM_Public:v1.14.0 CGM_Public:v1.13.1 CGM_Public:v1.13.0 CGM_Public:v1.12.1 CGM_Public:v1.12.0 CGM_Public:v1.11.1 CGM_Public:v1.11.0 CGM_Public:v1.10.1 CGM_Public:v1.10.0 CGM_Public:v1.9.1 CGM_Public:v1.8.1 CGM_Public:v1.7.2 CGM_Public:v1.9.0 CGM_Public:v1.8.0 CGM_Public:v1.7.1 CGM_Public:v1.7.0 CGM_Public:v1.4.1 CGM_Public:v1.5.2 CGM_Public:v1.6.2 CGM_Public:v1.6.1 CGM_Public:v1.6.0 CGM_Public:v1.5.1 CGM_Public:v1.5.0 CGM_Public:v1.4.0 CGM_Public:v1.1.3 CGM_Public:v1.2.2 CGM_Public:v1.3.1 CGM_Public:v1.3.0 CGM_Public:v1.2.1 CGM_Public:v1.2.0 CGM_Public:v1.1.2 CGM_Public:v1.1.1 CGM_Public:v1.1.0 CGM_Public:1.0.0 CGM_Public:1.0.0b2 CGM_Public:1.0.0b1
..
compare: CGM_Public:v1.5.2
Branches Tags
CGM_Public:answer-export CGM_Public:fix-csv-error CGM_Public:master CGM_Public:banktransfer-dashes CGM_Public:sendmail-iterator CGM_Public:update-django-version CGM_Public:reusablemedium-multiop CGM_Public:payment-qr CGM_Public:csv-duplicate-cols CGM_Public:release/2025.10.x CGM_Public:stable CGM_Public:release/2025.9.x CGM_Public:release/2025.8.x CGM_Public:release/2025.7.x CGM_Public:linkify-placeholder-fix CGM_Public:dependabot/pip/django-countries-eq-8.2.star CGM_Public:hardening-2fa CGM_Public:hide-invisible-fields CGM_Public:logentrytype-schema CGM_Public:quickstart-optional CGM_Public:op-export-unique-cols CGM_Public:lazy-imports CGM_Public:banktransfer-zero-5168 CGM_Public:timeline-fix-5614 CGM_Public:event-dialog-optional-4794 CGM_Public:banktransfer-invoice-reference CGM_Public:webhook-length CGM_Public:typeahead-org-slug CGM_Public:show-current-cart CGM_Public:banktransfer-camt CGM_Public:dependent-on-cc CGM_Public:attendee-mails-default CGM_Public:sort-property-helper CGM_Public:rename-migration CGM_Public:invoice-pdf-line-desc-max-length CGM_Public:validate-user-email CGM_Public:banktransfer-pending-order CGM_Public:order-rounding-mixin CGM_Public:dependabot/pip/redis-eq-7.0.star CGM_Public:richtext-link-mastodon CGM_Public:import-.wrong-item CGM_Public:fix-attach-size-filter CGM_Public:add-organizer-scope-to-pluginslist CGM_Public:fix-transmission-info CGM_Public:sync-single-transactionaware CGM_Public:no-ordinal-dates CGM_Public:new-license-header CGM_Public:checkinrule-warn-invalid-ids CGM_Public:fix-rrule CGM_Public:fix-form-styles CGM_Public:fix-datasync-shouldnotsync CGM_Public:fix-datasync-logdisplay CGM_Public:invoice-no-crash CGM_Public:dependabot/pip/django-phonenumber-field-eq-8.3.star CGM_Public:subevent-editor-improvements CGM_Public:exports-repeatable-read CGM_Public:plaintext-invoice-notification CGM_Public:order-import-logentries-bulk CGM_Public:dependabot/pip/django-oauth-toolkit-eq-3.1.star CGM_Public:notification-bulk-check CGM_Public:enqueue-order-immediate CGM_Public:enqueue-order-return CGM_Public:import-testmode-warn CGM_Public:api_organizer_settings CGM_Public:confirm-text-free CGM_Public:revert-5452-invoice-plugin-data CGM_Public:fix-wordlist-issue CGM_Public:subevent-filter-plugin CGM_Public:item-plugin-forms-group CGM_Public:fix-5455 CGM_Public:logentry-wording CGM_Public:img-srcset CGM_Public:invoice-plugin-data CGM_Public:mail-model CGM_Public:update-signal-docstrings CGM_Public:add-category-btn CGM_Public:logdetail-dbg CGM_Public:fix-order-email-error-log CGM_Public:fix-paypal2-xhr-free-cart CGM_Public:fix-datasync-notfound CGM_Public:fix-asynctask-i18n CGM_Public:org-level-plugin CGM_Public:plugins-page-fix CGM_Public:voucher-webhook CGM_Public:datasync-providers-doc CGM_Public:hierarkey-2 CGM_Public:ttf-pragraph-fallback CGM_Public:voucher-created CGM_Public:invoice-address-do-not-store-on-free CGM_Public:sync-single-tx CGM_Public:mapping-json CGM_Public:datasync CGM_Public:sendmail_pendingoverdue CGM_Public:rename-contact CGM_Public:pdf-price-with-bundled CGM_Public:fix-widget-cache-check CGM_Public:presale-remove-webmanifest CGM_Public:release/2025.6.x CGM_Public:pdf-editor-areyousure CGM_Public:api-expand-generic CGM_Public:invoice-email-language CGM_Public:question-stats-percentage CGM_Public:fix-question-graphs-ui CGM_Public:subevent-bulkedit-warning CGM_Public:clean-docs CGM_Public:event-title-everywhere CGM_Public:link-timeline CGM_Public:a11y-improve-renew-feedback CGM_Public:a11y-autocomplete-off CGM_Public:a11y-fix-calendar-nav-aria-current CGM_Public:release/2025.5.x CGM_Public:a11y-fix-giftcard-checkout CGM_Public:subevent-edit-name CGM_Public:fix-seat-svg-missing-label CGM_Public:gettextstub CGM_Public:fix-voucher-redeem-form CGM_Public:stripe_12x CGM_Public:cookieconsent-properly CGM_Public:ocm-cancel-all CGM_Public:fix-checkout-confirm CGM_Public:fix-nothingtoadd CGM_Public:dialog-backdrop-click-close CGM_Public:cart-renewal CGM_Public:a11y-add-cart-empty CGM_Public:waitinglist-export-productid CGM_Public:a11y-fix-waitinglist-link CGM_Public:a11y-no-underline-event-list CGM_Public:a11y-placeolder-contrast CGM_Public:cart-renewal-ui-html5dialog CGM_Public:cart-renewal-ui CGM_Public:tooltip-a11y CGM_Public:a11y-widget-fix-filter-dropdown CGM_Public:a11y-common-modal-dialogs CGM_Public:invoice-to-organizer-multimail CGM_Public:a11y-fix-b-strong CGM_Public:issue-5077 CGM_Public:a11y-validate-dates-serverside CGM_Public:a11y-fix-datepicker-error CGM_Public:item-list-seating CGM_Public:fix-eventlist-date-field CGM_Public:fix-headline-mismatch CGM_Public:release/2025.4.x CGM_Public:fix-datepicker-datedisplay CGM_Public:change-secret CGM_Public:subevent-discounts-test CGM_Public:sold-out-voucher CGM_Public:question-clean-answer-typo CGM_Public:checkinrpc-locales CGM_Public:fix-bulkedit-devices CGM_Public:release/2025.3.x CGM_Public:order-search-in-attendee-company CGM_Public:refactor-copy_to_first_ticket CGM_Public:organizer-index-filter-empty CGM_Public:context-on-error-page CGM_Public:order-checkin-icons CGM_Public:order-email-history-attachments CGM_Public:salutation-empty-label CGM_Public:fix-customer-create-race-condition CGM_Public:widget-data-3rdparty CGM_Public:scheduledmail-subevent-missing CGM_Public:fix-widget-data-3rdparty CGM_Public:widget-subevent-fix CGM_Public:a11y-remove-autofocus CGM_Public:release/2025.2.x CGM_Public:lists-for-failed-checkin CGM_Public:api-create-fees CGM_Public:fix-widget-data-overwrite CGM_Public:bulk-actions-logentries CGM_Public:widget-consent-prio CGM_Public:oidc-pkce CGM_Public:dependabot/pip/sphinx-eq-8.2.star CGM_Public:fix-copy-to-first-matching CGM_Public:headless CGM_Public:fix-deletedevent-checkin-logdisplay CGM_Public:widget_email_repeat CGM_Public:release/2025.1.x CGM_Public:new-docs CGM_Public:oidc_query_parameters CGM_Public:a11y-autofocus-tabindex CGM_Public:metrics_middleware_concat CGM_Public:widget-cookiebot CGM_Public:missing-registrations CGM_Public:fix-business-deps CGM_Public:invoice-pdf-transparency CGM_Public:logentrytype-registry CGM_Public:reldatetimefield-refactor CGM_Public:fix-copy-variations-channels CGM_Public:customdomain-show-backend-btn CGM_Public:invoice-user-paid CGM_Public:question-max-digits CGM_Public:i18n-field-order CGM_Public:language-switch-parameter CGM_Public:fieldset-panels-checkout CGM_Public:fix-invoice-name-validation CGM_Public:fieldset-panels-anim CGM_Public:dashboard-intcomma CGM_Public:fieldset-panels CGM_Public:fix-shipping-form CGM_Public:addressform-err-handling CGM_Public:fix-state-required-logic CGM_Public:release/2024.11.x CGM_Public:a11y-customer CGM_Public:robust-alert-colors CGM_Public:stripe-sofort-remove CGM_Public:stripe_mobilepay CGM_Public:quota-lock-log CGM_Public:main CGM_Public:pluggable-security-profiles CGM_Public:fix-category-change-log CGM_Public:checkin-present-filter-perf CGM_Public:hide-dependencies-recursively CGM_Public:fix-cond-display CGM_Public:badge-export-order-date CGM_Public:manual-fees CGM_Public:release/2024.10.x CGM_Public:raphaelm-patch-3 CGM_Public:hacky-debug-output CGM_Public:hacky-debug-output-reruns CGM_Public:ci-more-threads CGM_Public:ci-apt-y CGM_Public:before-fakeredis-update CGM_Public:actions-debug-postgres-1 CGM_Public:actions-fix-postgres CGM_Public:ci-postgres-service CGM_Public:pdf-layout-renderer-api CGM_Public:fix-category-type-column CGM_Public:cross-selling CGM_Public:bundles-not-negative CGM_Public:manual-installation CGM_Public:subevent-empty-avoid CGM_Public:release/2024.9.x CGM_Public:utils CGM_Public:email-confirm-secret-independent CGM_Public:docs-fix-typo-sso CGM_Public:unify-uncat-products-html-source CGM_Public:seating-waitinglist-sronly CGM_Public:release/2024.8.x CGM_Public:event-date-weekday CGM_Public:fix-sidebar-mobile CGM_Public:release/2024.7.x CGM_Public:release/2024.6.x CGM_Public:release/2024.5.x CGM_Public:fix-mail-preview-xss CGM_Public:api-webhook-filter CGM_Public:fix-tests CGM_Public:checkinlist-export-sort-by-date CGM_Public:fix-stripe-sca-sandbox CGM_Public:order-nullability CGM_Public:pytest-no-pending CGM_Public:add-temp-seatingframe-signal CGM_Public:fix-seatingframe-missing-css CGM_Public:stripe-giropay CGM_Public:list-sorting-move CGM_Public:daterange-test-foo CGM_Public:fix-checkbox-disabled-label-refactor CGM_Public:fix-pdf-bg-append CGM_Public:remove-subevent-items CGM_Public:fix-mail-preview-brackets-mismatch-2 CGM_Public:voucher-suggested-price CGM_Public:giftcard-validity CGM_Public:fix-mail-preview-brackets-mismatch CGM_Public:seo-improvements CGM_Public:ppv2_apm_wh_capture CGM_Public:back-to-the-future-2 CGM_Public:multi-subevent-cart-add CGM_Public:release/2024.4.x CGM_Public:fix-country-codes-profiles CGM_Public:release/2024.3.x CGM_Public:data-attr-price CGM_Public:issue-3967-adjacent CGM_Public:fix-issue-3967 CGM_Public:event_fonts CGM_Public:back-to-the-future CGM_Public:release/2024.2.x CGM_Public:release/2023.10.x CGM_Public:release/2023.8.x CGM_Public:release/2023.9.x CGM_Public:release/2024.1.x CGM_Public:django-oauth-toolkit-eq-2.3.star CGM_Public:select2-close-on-clear CGM_Public:plugins-allow-individual-ticket-download CGM_Public:event-dashboard CGM_Public:scan-debug-data CGM_Public:money-filter-tests CGM_Public:sort-sales-channels CGM_Public:pdf-fix-rotate CGM_Public:locking-tests CGM_Public:global_applepay_domain_validation CGM_Public:payment-available-from2 CGM_Public:release/4.20.x CGM_Public:release/2023.6.x CGM_Public:release/2023.7.x CGM_Public:zerodecimal_refunds CGM_Public:fix-typo CGM_Public:customer-webhooks CGM_Public:quota-cache-fix CGM_Public:pdf-bulk-vars-2 CGM_Public:new-checkin-type CGM_Public:mf0aes-docs CGM_Public:fix-pdf-image-multi-export CGM_Public:walletdetection CGM_Public:fix-pdf-bg-offset CGM_Public:celery-5.3 CGM_Public:api-taxrules CGM_Public:fix-lazy-translation-settings CGM_Public:hide-empty-addons CGM_Public:add-order-min CGM_Public:release/4.19.x CGM_Public:idna CGM_Public:order-filter-requires-attention CGM_Public:release/4.18.x CGM_Public:fix-widget-close-position CGM_Public:release/4.15.x CGM_Public:release/4.16.x CGM_Public:release/4.17.x CGM_Public:fix-q-checkbox-required CGM_Public:compact-cart CGM_Public:harmonize-checkin-export-date CGM_Public:ocm-no-canceled CGM_Public:widget-seating-embed CGM_Public:guest-handling CGM_Public:dnspython2 CGM_Public:fix-addon-typo CGM_Public:oauth-toolkit-2 CGM_Public:thumbnail-store-created CGM_Public:invoice-to-other-email CGM_Public:answer-options-csv CGM_Public:release/4.14.x CGM_Public:transaction-source CGM_Public:improve-badge-pdf-bg-performance CGM_Public:release/4.13.x CGM_Public:common-country-names CGM_Public:fix-check-in-subevent-filterform CGM_Public:placeholder-last-modification CGM_Public:fix-pdf-editor-prefill-bug CGM_Public:release/4.12.x CGM_Public:invoice-giftcards CGM_Public:addon-match CGM_Public:release/4.9.x CGM_Public:release/4.11.x CGM_Public:release/4.10.x CGM_Public:product-list-export CGM_Public:fix-api-operations-refresh CGM_Public:fix-free-price-checkbox CGM_Public:redis-response-error CGM_Public:remove-promise-from-paypal2 CGM_Public:fix-customer-identifier-unique CGM_Public:add-name-for-salutation-to-editor CGM_Public:orderlist-canceled-lines CGM_Public:event-clone-tests CGM_Public:aws_ses_454 CGM_Public:release/4.8.x CGM_Public:fix-2556-remove-attestation-from-2fa CGM_Public:release/4.5.x CGM_Public:release/4.6.x CGM_Public:release/4.7.x CGM_Public:db-conn-tz CGM_Public:hotfix CGM_Public:release/4.3.x CGM_Public:release/4.4.x CGM_Public:short-month-day-format CGM_Public:add-fixed-scroll-pos-to-calendar CGM_Public:consistency-check CGM_Public:sticky-add-to-basket CGM_Public:release/4.2.x CGM_Public:release/4.1.x CGM_Public:release/4.0.x CGM_Public:release/3.18.x CGM_Public:release/3.17.x CGM_Public:waitlist_subeventpicker CGM_Public:hotfix20210323 CGM_Public:hotfix20210325 CGM_Public:django31 CGM_Public:flaky-test CGM_Public:release/3.16.x CGM_Public:cancel-no-invoice CGM_Public:release/3.15.x CGM_Public:release/3.14.x CGM_Public:validate-dns CGM_Public:release/3.13.x CGM_Public:release/3.12.x CGM_Public:release/3.11.x CGM_Public:docker-nginx-logs CGM_Public:remove-reversecharge CGM_Public:stripe-connect-2 CGM_Public:copy-from-matching-product CGM_Public:seat-orgchoice CGM_Public:release/3.10.x CGM_Public:release/3.9.x CGM_Public:gha-migrations CGM_Public:release/3.8.x CGM_Public:issue1575 CGM_Public:release/3.7.x CGM_Public:release/3.6.x CGM_Public:release/3.5.x CGM_Public:cart-vouchers CGM_Public:release/3.4.x CGM_Public:release/3.3.x CGM_Public:stripe-connect-fees CGM_Public:release/3.2.x CGM_Public:release/3.1.x CGM_Public:release/3.0.x CGM_Public:pretixscan CGM_Public:hidden-product-quota-voucher CGM_Public:scopes CGM_Public:release/2.8.x CGM_Public:release/2.7.x CGM_Public:loadtest2 CGM_Public:orderchange2 CGM_Public:django22 CGM_Public:release/2.6.x CGM_Public:794-questions-default-value CGM_Public:dekodi CGM_Public:release/2.5.x CGM_Public:loadtest CGM_Public:selfcancel-positions CGM_Public:searchindex CGM_Public:release/2.4.x CGM_Public:release/2.3.x CGM_Public:release/2.2.x CGM_Public:release/2.1.x CGM_Public:transfer-ticket CGM_Public:release/2.0.x CGM_Public:release/1.17.x CGM_Public:design2.0 CGM_Public:release/1.16.x CGM_Public:release/1.15.x CGM_Public:release/1.14.x CGM_Public:release/1.13.x CGM_Public:release/1.12.x CGM_Public:release/1.11.x CGM_Public:release/1.10.x CGM_Public:release/1.9.x CGM_Public:release/1.8.x CGM_Public:release/1.7.x CGM_Public:new-placeholders CGM_Public:release/1.4.x CGM_Public:release/1.5.x CGM_Public:release/1.6.x CGM_Public:custom-manager CGM_Public:release/1.1.x CGM_Public:release/1.2.x CGM_Public:release/1.3.x CGM_Public:release/1.0.x CGM_Public:voucher-wizard CGM_Public:shorter-locking
CGM_Public:v2025.10.0 CGM_Public:v2025.7.3 CGM_Public:v2025.9.2 CGM_Public:v2025.8.2 CGM_Public:v2025.8.1 CGM_Public:v2025.9.1 CGM_Public:v2025.7.2 CGM_Public:v2025.9.0 CGM_Public:v2025.8.0 CGM_Public:v2025.7.1 CGM_Public:v2025.7.0 CGM_Public:v2025.6.0 CGM_Public:v2025.5.0 CGM_Public:v2025.4.0 CGM_Public:v2025.3.0 CGM_Public:v2025.2.0 CGM_Public:v2025.1.0 CGM_Public:v2024.11.0 CGM_Public:v2024.10.0 CGM_Public:v2024.9.0 CGM_Public:v2024.8.0 CGM_Public:v2024.7.1 CGM_Public:v2024.6.1 CGM_Public:v2024.5.1 CGM_Public:v2024.7.0 CGM_Public:v2024.6.0 CGM_Public:v2024.5.0 CGM_Public:v2024.4.0 CGM_Public:v2024.3.0 CGM_Public:v2024.2.0 CGM_Public:v2023.10.2 CGM_Public:v2023.8.1.post1 CGM_Public:v2023.9.1.post1 CGM_Public:v2023.8.1 CGM_Public:v2023.9.1 CGM_Public:v2024.1.1 CGM_Public:v2024.1.0 CGM_Public:v2023.10.1.post1 CGM_Public:v2023.10.1 CGM_Public:v2023.10.0 CGM_Public:v2023.9.0 CGM_Public:v2023.8.0 CGM_Public:v2023.6.3 CGM_Public:v4.20.4 CGM_Public:v2023.7.3 CGM_Public:v4.20.3 CGM_Public:v2023.6.2 CGM_Public:v2023.7.2 CGM_Public:v4.20.2.post1 CGM_Public:v4.20.2 CGM_Public:v2023.6.1 CGM_Public:v2023.7.1 CGM_Public:v2023.7.0 CGM_Public:v2023.6.0 CGM_Public:v4.20.1 CGM_Public:v4.20.0 CGM_Public:v4.19.0.post1 CGM_Public:v4.19.0 CGM_Public:v4.18.2.post1 CGM_Public:v4.18.2 CGM_Public:v4.18.1 CGM_Public:v4.18.0 CGM_Public:v4.15.1 CGM_Public:v4.16.1 CGM_Public:v4.17.1 CGM_Public:v4.17.0 CGM_Public:v4.16.0 CGM_Public:v4.15.0 CGM_Public:v4.14.0 CGM_Public:v4.13.1 CGM_Public:v4.13.0 CGM_Public:v4.12.0 CGM_Public:v4.9.1 CGM_Public:v4.10.1 CGM_Public:v4.11.1 CGM_Public:v4.11.0 CGM_Public:v4.10.0 CGM_Public:v4.9.0 CGM_Public:v4.8.0 CGM_Public:v4.5.2 CGM_Public:v4.6.1 CGM_Public:v4.7.1 CGM_Public:v4.7.0 CGM_Public:v4.6.0 CGM_Public:v4.3.1 CGM_Public:v4.4.1 CGM_Public:v4.5.1 CGM_Public:v4.5.0 CGM_Public:a CGM_Public:v4.4.0 CGM_Public:v4.3.0 CGM_Public:v4.2.0 CGM_Public:v4.1.0.post1 CGM_Public:v4.1.0 CGM_Public:v4.0.0 CGM_Public:v3.18.0 CGM_Public:v3.17.2 CGM_Public:v3.17.1 CGM_Public:v3.17.0 CGM_Public:v3.16.0 CGM_Public:v3.15.0 CGM_Public:v3.14.2 CGM_Public:v3.14.1 CGM_Public:v3.14.0 CGM_Public:v3.13.1 CGM_Public:v3.12.1 CGM_Public:v3.11.1 CGM_Public:v3.13.0 CGM_Public:v3.12.0 CGM_Public:v3.11.0 CGM_Public:v3.10.0 CGM_Public:v3.9.0 CGM_Public:v3.8.0 CGM_Public:v3.7.0 CGM_Public:v3.6.0 CGM_Public:v3.5.0 CGM_Public:v3.4.0 CGM_Public:v3.3.0 CGM_Public:v3.2.0 CGM_Public:v3.1.0 CGM_Public:v3.0.1 CGM_Public:v3.0.0 CGM_Public:v2.8.2 CGM_Public:v2.8.1 CGM_Public:v2.8.0 CGM_Public:v2.7.2 CGM_Public:v2.7.1 CGM_Public:v2.7.0 CGM_Public:s CGM_Public:v2.6.0 CGM_Public:v2.5.0 CGM_Public:v2.4.0 CGM_Public:v2.3.0 CGM_Public:v2.2.0 CGM_Public:v2.1.0 CGM_Public:v2.0.0 CGM_Public:v1.17.1 CGM_Public:v1.17.0 CGM_Public:v1.16.0 CGM_Public:v1.15.2 CGM_Public:v1.15.1 CGM_Public:v1.15.0 CGM_Public:v1.14.0 CGM_Public:v1.13.1 CGM_Public:v1.13.0 CGM_Public:v1.12.1 CGM_Public:v1.12.0 CGM_Public:v1.11.1 CGM_Public:v1.11.0 CGM_Public:v1.10.1 CGM_Public:v1.10.0 CGM_Public:v1.9.1 CGM_Public:v1.8.1 CGM_Public:v1.7.2 CGM_Public:v1.9.0 CGM_Public:v1.8.0 CGM_Public:v1.7.1 CGM_Public:v1.7.0 CGM_Public:v1.4.1 CGM_Public:v1.5.2 CGM_Public:v1.6.2 CGM_Public:v1.6.1 CGM_Public:v1.6.0 CGM_Public:v1.5.1 CGM_Public:v1.5.0 CGM_Public:v1.4.0 CGM_Public:v1.1.3 CGM_Public:v1.2.2 CGM_Public:v1.3.1 CGM_Public:v1.3.0 CGM_Public:v1.2.1 CGM_Public:v1.2.0 CGM_Public:v1.1.2 CGM_Public:v1.1.1 CGM_Public:v1.1.0 CGM_Public:1.0.0 CGM_Public:1.0.0b2 CGM_Public:1.0.0b1

13 Commits
v2.1.0 ... v1.5.2

Author SHA1 Message Date
Raphael Michel
a021ac6ecc Bump release 2017-08-21 14:53:46 +02:00
Raphael Michel
e6eb4945a7 [SECURITY] Support custom media URLs in CSP middleware 2017-08-21 14:53:37 +02:00
Raphael Michel
44b7b15b3e [SECURITY] Do not allow SVG files for logos 2017-08-21 14:53:21 +02:00
Raphael Michel
022ca8ad6c [SECURITY] Fix XSS injection vulnerabilities in question answers, event, quota and product names 2017-08-21 14:53:19 +02:00
Raphael Michel
5e37fbb4ef [SECURITY] Update to morris.js master to fix a XSS vulnerability 2017-08-21 14:52:41 +02:00
Raphael Michel
5049da95b5 [SECURITY] Use defusedcsv for exports 2017-08-21 14:52:31 +02:00
Raphael Michel
c78ca8bc00 [SECURITY] Rewrite all links in rich texts 2017-08-21 14:51:21 +02:00
Raphael Michel
c40e0bfdff [SECURITY] Fix XSS vulnerability in typeahead.js 2017-08-21 14:51:21 +02:00
Raphael Michel
ea79ebf105 [SECURITY] Fix XSS vulnerability in Lightbox caption 2017-08-21 14:51:00 +02:00
Raphael Michel
d4b9906638 Fix syntax error in setup.py 2017-07-02 18:57:10 +02:00
Raphael Michel
c1c4133ac6 Bump to 1.5.1 2017-07-02 18:45:00 +02:00
Raphael Michel
ff3e127648 Fix missing dependencies in setup.py 2017-07-02 18:44:39 +02:00
Raphael Michel
970b861947 Fix import in unit test 2017-07-02 17:36:38 +02:00
945 changed files with 15620 additions and 284908 deletions
Expand all files Collapse all files

24
.gitattributes vendored
View File

@@ -1,17 +1,13 @@
src/pretix/static/fontawesome/* linguist-vendored
src/pretix/static/lightbox/* linguist-vendored
src/pretix/static/typeahead/* linguist-vendored
src/pretix/static/moment/* linguist-vendored
src/pretix/static/datetimepicker/* linguist-vendored
src/pretix/static/colorpicker/* linguist-vendored
src/pretix/static/fileupload/* linguist-vendored
src/pretix/static/vuejs/* linguist-vendored
src/pretix/static/select2/* linguist-vendored
src/pretix/static/charts/* linguist-vendored
src/pretix/static/rrule/* linguist-vendored
src/pretix/static/iframeresizer/* linguist-vendored
src/pretix/static/pdfjs/* linguist-vendored
src/pretix/static/fabric/* linguist-vendored
src/static/fontawesome/* linguist-vendored
src/static/lightbox/* linguist-vendored
src/static/typeahead/* linguist-vendored
src/static/moment/* linguist-vendored
src/static/datetimepicker/* linguist-vendored
src/static/colorpicker/* linguist-vendored
src/static/fileupload/* linguist-vendored
src/static/charts/* linguist-vendored
src/pretix/plugins/ticketoutputpdf/static/pretixplugins/ticketoutputpdf/fabric.* linguist-vendored
src/pretix/plugins/ticketoutputpdf/static/pretixplugins/ticketoutputpdf/pdf.* linguist-vendored
# Denote all files that are truly binary and should not be modified.
*.eot binary

10
.gitlab-ci.yml
View File

@@ -8,8 +8,6 @@ tests:
- XDG_CACHE_HOME=/cache bash .travis.sh tests
tags:
- python3
except:
- pypi
pypi:
stage: release
script:
@@ -17,18 +15,14 @@ pypi:
- virtualenv env
- source env/bin/activate
- pip install -U pip wheel setuptools
- XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt
- XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt -r src/requirements/py34.txt
- cd src
- python setup.py sdist
- pip install dist/pretix-*.tar.gz
- python -m pretix migrate
- python -m pretix check
- python setup.py sdist upload
- python setup.py bdist_wheel upload
tags:
- python3
only:
- pypi
- release
artifacts:
paths:
- src/dist/

1
.readthedocs.requirements.txt
View File

@@ -1 +1,2 @@
-r src/requirements/py34.txt
-r doc/requirements.txt

29
.travis.sh
View File

@@ -15,45 +15,32 @@ if [ "$PRETIX_CONFIG_FILE" == "tests/travis_postgres.cfg" ]; then
fi
if [ "$1" == "style" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt
XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements.txt -r src/requirements/dev.txt -r src/requirements/py34.txt
cd src
flake8 .
isort -c -rc -df .
fi
if [ "$1" == "doctests" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur doc/requirements.txt
XDG_CACHE_HOME=/cache pip3 install -Ur doc/requirements.txt -r src/requirements/py34.txt
cd doc
make doctest
fi
if [ "$1" == "doc-spelling" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur doc/requirements.txt
cd doc
make spelling
if [ -s _build/spelling/output.txt ]; then
exit 1
fi
fi
if [ "$1" == "translation-spelling" ]; then
XDG_CACHE_HOME=/cache pip3 install -Ur src/requirements/dev.txt
cd src
potypo
fi
if [ "$1" == "tests" ]; then
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt pytest-xdist
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt -r src/requirements/py34.txt
cd src
python manage.py check
make all compress
py.test --reruns 5 -n 2 tests
py.test --rerun 5 tests
fi
if [ "$1" == "tests-cov" ]; then
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt -r src/requirements/py34.txt
cd src
python manage.py check
make all compress
coverage run -m py.test --reruns 5 tests && codecov
coverage run -m py.test --rerun 5 tests && codecov
fi
if [ "$1" == "plugins" ]; then
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt
pip3 install -r src/requirements.txt -Ur src/requirements/dev.txt -r src/requirements/py34.txt
cd src
python setup.py develop
make all compress
@@ -63,7 +50,7 @@ if [ "$1" == "plugins" ]; then
cd pretix-cartshare
python setup.py develop
make
py.test --reruns 5 tests
py.test --rerun 5 tests
popd
fi

34
.travis.yml
View File

@@ -12,31 +12,29 @@ services:
- postgresql
matrix:
include:
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_sqlite.cfg
- python: 3.6
env: JOB=tests-cov PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.6
env: JOB=style
- python: 3.4
env: JOB=tests PRETIX_CONFIG_FILE=tests/sqlite.cfg
- python: 3.5
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_sqlite.cfg
env: JOB=tests PRETIX_CONFIG_FILE=tests/sqlite.cfg
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/sqlite.cfg
- python: 3.4
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
- python: 3.5
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_mysql.cfg
- python: 3.4
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.5
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.6
env: JOB=tests PRETIX_CONFIG_FILE=tests/travis_postgres.cfg
- python: 3.6
env: JOB=style
- python: 3.6
env: JOB=plugins
- python: 3.6
env: JOB=doc-spelling
- python: 3.6
env: JOB=translation-spelling
env: JOB=tests-cov
addons:
postgresql: "9.4"
apt:
packages:
- enchant
- myspell-de-de
- aspell-en
branches:
except:
- /^weblate-.*/

5
CODE_OF_CONDUCT.md
View File

@@ -1,5 +0,0 @@
Code of Conduct
===============
We have a [Code of Conduct](https://docs.pretix.eu/en/latest/development/contribution/codeofconduct.html)
in place that applies to all project contributions, including issues, pull requests, etc.

2
Dockerfile
View File

@@ -3,7 +3,7 @@ FROM python:3.6
RUN apt-get update && \
apt-get install -y git libxml2-dev libxslt1-dev python-dev python-virtualenv locales \
libffi-dev build-essential python3-dev zlib1g-dev libssl-dev gettext libpq-dev \
default-libmysqlclient-dev libmemcached-dev libjpeg-dev supervisor nginx sudo \
libmysqlclient-dev libmemcached-dev libjpeg-dev supervisor nginx sudo \
--no-install-recommends && \
apt-get clean && \
rm -rf /var/lib/apt/lists/* && \

9
README.rst
View File

@@ -40,14 +40,6 @@ Contributing
If you want to contribute to pretix, please read the `developer documentation`_
in our documentation. If you have any further questions, please do not hesitate to ask!
.. image:: https://translate.pretix.eu/widgets/pretix/-/pretix/multi-blue.svg
:target: https://translate.pretix.eu/engage/pretix/
Code of Conduct
---------------
We have a `Code of Conduct`_ in place that applies to all project contributions,
including issues, pull requests, etc.
License
-------
The code in this repository is published under the terms of the Apache License.
@@ -58,6 +50,5 @@ AUTHORS file for a list of all the awesome folks who contributed to this project
.. _installation guide: https://docs.pretix.eu/en/latest/admin/installation/index.html
.. _developer documentation: https://docs.pretix.eu/en/latest/development/index.html
.. _Code of Conduct: https://docs.pretix.eu/en/latest/development/contribution/codeofconduct.html
.. _pretix.eu: https://pretix.eu
.. _blog: https://pretix.eu/about/en/blog/

3
deployment/docker/pretix.bash
View File

@@ -2,8 +2,7 @@
cd /pretix/src
export DJANGO_SETTINGS_MODULE=production_settings
export DATA_DIR=/data/
export HOME=/pretix
export NUM_WORKERS=$((2 * $(nproc --all)))
NUM_WORKERS=10
if [ ! -d /data/logs ]; then
mkdir /data/logs;

1
deployment/docker/supervisord.conf
View File

@@ -23,7 +23,6 @@ autostart=true
autorestart=true
priority=5
user=pretixuser
environment=HOME=/pretix
[program:pretixtask]
command=/usr/local/bin/pretix taskworker

6
doc/Makefile
View File

@@ -175,9 +175,3 @@ pseudoxml:
$(SPHINXBUILD) -b pseudoxml $(ALLSPHINXOPTS) $(BUILDDIR)/pseudoxml
@echo
@echo "Build finished. The pseudo-XML files are in $(BUILDDIR)/pseudoxml."
spelling:
$(SPHINXBUILD) -b spelling $(ALLSPHINXOPTS) $(BUILDDIR)/spelling
@echo
@echo "Spelling check finished, look at the results in " \
"$(BUILDDIR)/spelling/output.txt."

36
doc/_themes/pretix_theme/static/css/pretix.css vendored
View File

@@ -6063,39 +6063,3 @@ url('../opensans_regular_macroman/OpenSans-Regular-webfont.svg#open_sansregular'
white-space: normal;
}
}
img.screenshot, a.screenshot img {
box-shadow: 0 4px 18px 0 rgba(0,0,0,0.1), 0 6px 20px 0 rgba(0,0,0,0.09);
}
/* Changes */
.versionchanged {
background: #e7f2fa;
padding: 12px;
line-height: 24px;
margin-bottom: 24px;
-webkit-font-smoothing: antialiased;
}
.versionmodified {
background: #6ab0de;
font-weight: bold;
display: block;
color: #fff;
margin: -12px;
padding: 6px 12px;
margin-bottom: 12px;
font-family: inherit;
}
.versionmodified:before {
font-family: "FontAwesome";
display: inline-block;
font-style: normal;
font-weight: normal;
line-height: 1;
text-decoration: inherit;
content: "";
margin-right: 4px;
}
.versionchanged p:last-child {
margin-bottom: 0;
}

34
doc/admin/config.rst
View File

@@ -2,8 +2,6 @@
.. _`config`:
.. spelling:: Galera
Configuration file
==================
@@ -12,10 +10,9 @@ at the following locations. It will try to read the file from the specified path
the following order. The file that is found *last* will override the settings from
the files found before.
1. ``PRETIX_CONFIG_FILE`` environment variable
2. ``/etc/pretix/pretix.cfg``
3. ``~/.pretix.cfg``
4. ``pretix.cfg`` in the current working directory
1. ``/etc/pretix/pretix.cfg``
2. ``~/.pretix.cfg``
3. ``pretix.cfg`` in the current working directory
The file is expected to be in the INI format as specified in the `Python documentation`_.
@@ -47,16 +44,12 @@ Example::
``datadir``
The local path to a data directory that will be used for storing user uploads and similar
data. Defaults to the value of the environment variable ``DATA_DIR`` or ``data``.
data. Defaults to thea value of the environment variable ``DATA_DIR`` or ``data``.
``plugins_default``
A comma-separated list of plugins that are enabled by default for all new events.
Defaults to ``pretix.plugins.sendmail,pretix.plugins.statistics``.
``plugins_exclude``
A comma-separated list of plugins that are not available even though they are installed.
Defaults to an empty string.
``cookie_domain``
The cookie domain to be set. Defaults to ``None``.
@@ -66,18 +59,6 @@ Example::
``password_reset``
Enables or disables password reset. Defaults to ``on``.
``long_sessions``
Enables or disables the "keep me logged in" button. Defaults to ``on``.
``ecb_rates``
By default, pretix periodically downloads a XML file from the European Central Bank to retrieve exchange rates
that are used to print tax amounts in the customer currency on invoices for some currencies. Set to ``off`` to
disable this feature. Defaults to ``on``.
``audit_comments``
Enables or disables nagging staff users for leaving comments on their sessions for auditability.
Defaults to ``off``.
Locale settings
---------------
@@ -182,9 +163,14 @@ Django settings
Example::
[django]
hosts=localhost
secret=j1kjps5a5&4ilpn912s7a1!e2h!duz^i3&idu@_907s$wrz@x-
debug=off
``hosts``
Comma-separated list of allowed host names for this installation.
Default: ``localhost``
``secret``
The secret to be used by Django for signing and verification purposes. If this
setting is not provided, pretix will generate a random secret on the first start
@@ -296,4 +282,4 @@ various places like order codes, secrets in the ticket QR codes, etc. Example::
voucher_code=16
.. _Python documentation: https://docs.python.org/3/library/configparser.html?highlight=configparser#supported-ini-file-structure
.. _Celery documentation: http://docs.celeryproject.org/en/latest/userguide/configuration.html
.. _Celery documentation: http://docs.celeryproject.org/en/latest/configuration.html

8
doc/admin/installation/docker_smallscale.rst
View File

@@ -162,7 +162,7 @@ named ``/etc/systemd/system/pretix.service`` with the following content::
-v /etc/pretix:/etc/pretix \
-v /var/run/redis:/var/run/redis \
-v /var/run/mysqld:/var/run/mysqld \
pretix/standalone:stable all
pretix/standalone all
ExecStop=/usr/bin/docker stop %n
[Install]
@@ -239,8 +239,6 @@ Restarting the service can take a few seconds, especially if the update requires
Replace ``stable`` above with a specific version number like ``1.0`` or with ``latest`` for the development
version, if you want to.
.. _`docker_plugininstall`:
Install a plugin
----------------
@@ -268,8 +266,8 @@ to re-build your custom image after you pulled ``pretix/standalone`` if you want
.. _pretix.eu: https://pretix.eu/
.. _MySQL: https://dev.mysql.com/doc/refman/5.7/en/linux-installation-apt-repo.html
.. _PostgreSQL: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-9-4-on-debian-8
.. _redis: https://blog.programster.org/debian-8-install-redis-server/
.. _redis: http://blog.programster.org/debian-8-install-redis-server/
.. _ufw: https://en.wikipedia.org/wiki/Uncomplicated_Firewall
.. _redis website: https://redis.io/topics/security
.. _redis website: http://redis.io/topics/security
.. _redis in docker: https://hub.docker.com/r/_/redis/
.. _strong encryption settings: https://mozilla.github.io/server-side-tls/ssl-config-generator/

2
doc/admin/installation/general.rst
View File

@@ -1,7 +1,5 @@
.. highlight:: ini
.. spelling:: SQL
General remarks
===============

11
doc/admin/installation/manual_smallscale.rst
View File

@@ -121,7 +121,8 @@ command if you're running PostgreSQL::
(venv)$ pip3 install "pretix[mysql]" gunicorn
Note that you need Python 3.5 or newer. You can find out your Python version using ``python -V``.
If you are running Python 3.4, you also need to ``pip3 install typing``. This is not required on 3.5 or newer.
You can find out your Python version using ``python -V``.
We also need to create a data directory::
@@ -176,7 +177,7 @@ For background tasks we need a second service ``/etc/systemd/system/pretix-worke
[Install]
WantedBy=multi-user.target
You can now run the following commands to enable and start the services::
You can now run the following comamnds to enable and start the services::
# systemctl daemon-reload
# systemctl enable pretix-web pretix-worker
@@ -212,7 +213,7 @@ The following snippet is an example on how to configure a nginx proxy for pretix
ssl_certificate /path/to/cert.chain.pem;
ssl_certificate_key /path/to/key.pem;
add_header Referrer-Policy same-origin;
add_header Referrer-Options same-origin;
add_header X-Content-Type-Options nosniff;
location / {
@@ -275,8 +276,6 @@ To upgrade to a new pretix release, pull the latest code changes and run the fol
# systemctl restart pretix-web pretix-worker
.. _`manual_plugininstall`:
Install a plugin
----------------
@@ -297,6 +296,6 @@ example::
.. _pretix.eu: https://pretix.eu/
.. _MySQL: https://dev.mysql.com/doc/refman/5.7/en/linux-installation-apt-repo.html
.. _PostgreSQL: https://www.digitalocean.com/community/tutorials/how-to-install-and-use-postgresql-9-4-on-debian-8
.. _redis: https://blog.programster.org/debian-8-install-redis-server/
.. _redis: http://blog.programster.org/debian-8-install-redis-server/
.. _ufw: https://en.wikipedia.org/wiki/Uncomplicated_Firewall
.. _strong encryption settings: https://mozilla.github.io/server-side-tls/ssl-config-generator/

9
doc/api/auth.rst
View File

@@ -1,9 +0,0 @@
Authentication
==============
.. toctree::
:maxdepth: 2
tokenauth
oauth
deviceauth

137
doc/api/deviceauth.rst
View File

@@ -1,137 +0,0 @@
.. _`rest-deviceauth`:
Device authentication
=====================
Initializing a new device
-------------------------
Users can create new devices in the "Device" section of their organizer settings. When creating
a new device, users can specify a list of events the device is allowed to access. After a new
device is created, users will be presented initialization instructions, consisting of an URL
and an initialization token. They will also be shown as a QR code with the following contents::
{"handshake_version": 1, "url": "https://pretix.eu", "token": "kpp4jn8g2ynzonp6"}
Your application should be able to scan a QR code of this type, or allow to enter the URL and the
initialization token manually. The handshake version is not used for manual initialization. When a
QR code is scanned with a higher handshake version than you support, you should reject the request
and prompt the user to update the client application.
After your application received the token, you need to call the initialization endpoint to obtain
a proper API token. At this point, you need to identify the name and version of your application,
as well as the type of underlying hardware. Example:
.. sourcecode:: http
POST /api/v1/device/initialize HTTP/1.1
Host: pretix.eu
Content-Type: application/json
{
"token": "kpp4jn8g2ynzonp6",
"hardware_brand": "Samsung",
"hardware_model": "Galaxy S",
"software_brand": "pretixdroid",
"software_version": "4.0.0"
}
Every initialization token can only be used once. On success, you will receive a response containing
information on your device as well as your API token:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: application/json
{
"organizer": "foo",
"device_id": 5,
"unique_serial": "HHZ9LW9JWP390VFZ",
"api_token": "1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd",
"name": "Bar"
}
Please make sure that you store this ``api_token`` value. We also recommend storing your device ID, your assigned
``unique_serial``, and the ``organizer`` you have access to, but that's up to you.
In case of an error, the response will look like this:
.. sourcecode:: http
HTTP/1.1 400 Bad Request
Content-Type: application/json
{"token":["This initialization token has already been used."]}
Performing API requests
-----------------------
You need to include the API token with every request to pretix' API in the ``Authorization`` header
like the following:
.. sourcecode:: http
:emphasize-lines: 3
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
Updating the software version
-----------------------------
If your application is updated, we ask you to tell the server about the new version in use. You can do this at the
following endpoint:
.. sourcecode:: http
POST /api/v1/device/update HTTP/1.1
Host: pretix.eu
Content-Type: application/json
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
{
"hardware_brand": "Samsung",
"hardware_model": "Galaxy S",
"software_brand": "pretixdroid",
"software_version": "4.1.0"
}
Creating a new API key
----------------------
If you think your API key might have leaked or just want to be extra cautious, the API allows you to create a new key.
The old API key will be invalid immediately. A request for a new key looks like this:
.. sourcecode:: http
POST /api/v1/device/roll HTTP/1.1
Host: pretix.eu
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
The response will look like the response to the initialization request.
Removing a device
-----------------
If you want implement a way to to deprovision a device in your software, you can call the ``revoke`` endpoint to
invalidate your API key. There is no way to reverse this operation.
.. sourcecode:: http
POST /api/v1/device/revoke HTTP/1.1
Host: pretix.eu
Authorization: Device 1kcsh572fonm3hawalrncam4l1gktr2rzx25a22l8g9hx108o9oi0rztpcvwnfnd
This can also be done by the user through the web interface.
Permissions
-----------
Device authentication is currently hardcoded to grant the following permissions:
* View event meta data and products etc.
* View and change orders
Devices cannot change events or products and cannot access vouchers.

96
doc/api/fundamentals.rst
View File

@@ -4,44 +4,41 @@ Basic concepts
This page describes basic concepts and definition that you need to know to interact
with pretix' REST API, such as authentication, pagination and similar definitions.
.. _`rest-auth`:
Obtaining an API token
----------------------
To authenticate your API requests, you need to obtain an API token. You can create a
token in the pretix web interface on the level of organizer teams. Create a new team
or choose an existing team that has the level of permissions the token should have and
create a new token using the form below the list of team members:
.. image:: img/token_form.png
You can enter a description for the token to distinguish from other tokens later on.
Once you click "Add", you will be provided with an API token in the success message.
Copy this token, as you won't be able to retrieve it again.
.. image:: img/token_success.png
Authentication
--------------
To access the API, you need to present valid authentication credentials. pretix currently
supports the following authorization schemes:
You need to include the API token with every request to pretix' API in the ``Authorization`` header
like the following:
* :ref:`rest-tokenauth`: This is the simplest way and recommended for server-side applications
that interact with pretix without user interaction.
* :ref:`rest-oauth`: This is the recommended way to use if you write a third-party application
that users can connect with their pretix account. It provides the best user experience, but
requires user interaction and slightly more implementation effort.
* :ref:`rest-deviceauth`: This is the recommended way if you build apps or hardware devices that can
connect to pretix, e.g. for processing check-ins or to sell tickets offline. It provides a way
to uniquely identify devices and allows for a quick configuration flow inside your software.
* Authentication using browser sessions: This is used by the pretix web interface and it is *not*
officially supported for use by third-party applications. It might change or be removed at any
time without prior notice. If you use it, you need to comply with Django's `CSRF policies`_.
.. sourcecode:: http
:emphasize-lines: 3
Permissions
-----------
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Token e1l6gq2ye72thbwkacj7jbri7a7tvxe614ojv8ybureain92ocub46t5gab5966k
The API follows pretix team based permissions model. Each organizer can have several teams
each with it's own set of permissions. Each team can have any number of API keys attached.
To access a given endpoint the team the API key belongs to needs to have the corresponding
permission for the organizer/event being accessed.
Possible permissions are:
* Can create events
* Can change event settings
* Can change product settings
* Can view orders
* Can change orders
* Can view vouchers
* Can change vouchers
.. note:: The API currently also supports authentication via browser sessions, i.e. the
same way that you authenticate with pretix when using the browser interface.
Using this type of authentication is *not* officially supported for use by
third-party clients and might change or be removed at any time. We plan on
adding OAuth2 support in the future for user-level authentication. If you want
to use session authentication, be sure to comply with Django's `CSRF policies`_.
Compatibility
-------------
@@ -89,41 +86,6 @@ respective page.
The field ``results`` contains a list of objects representing the first results. For most
objects, every page contains 50 results.
Conditional fetching
--------------------
If you pull object lists from pretix' APIs regularly, we ask you to implement conditional fetching
to avoid unnecessary data traffic. This is not supported on all resources and we currently implement
two different mechanisms for different resources, which is necessary because we can only obtain best
efficiency for resources that do not support deletion operations.
Object-level conditional fetching
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The :ref:`rest-orders` resource list contains an HTTP header called ``X-Page-Generated`` containing the
current time on the server in ISO 8601 format. On your next request, you can pass this header
(as is, without any modifications necessary) as the ``modified_since`` query parameter and you will receive
a list containing only objects that have changed in the time since your last request.
List-level conditional fetching
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If modification checks are not possible with this granularity, you can instead check for the full list.
In this case, the list of objects may contain a regular HTTP header ``Last-Modified`` with the date of the
last modification to any item of that resource. You can then pass this date back in your next request in the
``If-Modified-Since`` header. If the any object has changed in the meantime, you will receive back a full list
(if something it missing, this means the object has been deleted). If nothing happened, we'll send back a
``304 Not Modified`` return code.
This is currently implemented on the following resources:
* :ref:`rest-categories`
* :ref:`rest-items`
* :ref:`rest-questions`
* :ref:`rest-quotas`
* :ref:`rest-subevents`
* :ref:`rest-taxrules`
Errors
------
@@ -180,4 +142,4 @@ as the string values ``true`` and ``false``.
If the ``ordering`` parameter is documented for a resource, you can use it to sort the result set by one of the allowed
fields. Prepend a ``-`` to the field name to reverse the sort order.
.. _CSRF policies: https://docs.djangoproject.com/en/1.11/ref/csrf/#ajax
.. _CSRF policies: https://docs.djangoproject.com/en/1.11/ref/csrf/#ajax

1
doc/api/index.rst
View File

@@ -14,5 +14,4 @@ in functionality over time.
:maxdepth: 2
fundamentals
auth
resources/index

171
doc/api/oauth.rst
View File

@@ -1,171 +0,0 @@
.. _`rest-oauth`:
OAuth authentication / "Connect with pretix"
============================================
In addition to static tokens, pretix supports `OAuth2`_-based authentication starting with
pretix 1.16. This allows you to put a "Connect with pretix" button into your website or tool
that allows the user to easily set up a connection between the two systems.
If you haven't worked with OAuth before, have a look at the `OAuth2 Simplified`_ tutorial.
Registering an application
--------------------------
To use OAuth, you need to register your application with the pretix instance you want to connect to.
In order to do this, log in to your pretix account and go to your user settings. Click on "Authorized applications"
first and then on "Manage your own apps". From there, you can "Create a new application".
You should fill in a descriptive name of your application that allows users to recognize who you are. You also need to
give a list of fully-qualified URLs that users will be redirected to after a successful authorization. After you pressed
"Save", you will be presented with a client ID and a client secret. Please note them down and treat the client secret
like a password; it should not become available to your users.
Obtaining an authorization grant
--------------------------------
To authorize a new user, link or redirect them to the ``authorize`` endpoint, passing your client ID as a query
parameter. Additionally, you can pass a scope (currently either ``read``, ``write``, or ``read write``)
and an URL the user should be redirected to after successful or failed authorization. You also need to pass the
``response_type`` parameter with a value of ``code``. Example::
https://pretix.eu/api/v1/oauth/authorize?client_id=lsLi0hNL0vk53mEdYjNJxHUn1PcO1R6wVg81dLNT&response_type=code&scope=read+write&redirect_uri=https://pretalx.com
To prevent CSRF attacks, you can also optionally pass a ``state`` parameter with a random string. Later, when
redirecting back to your application, we will pass the same ``state`` parameter back to you, so you can compare if they
match.
After the user granted or denied access, they will be redirected back either to the ``redirect_url`` you passed in the
query or to the first redirect URL configured in your application settings.
On successful registration, we will append the query parameter ``code`` to the URL containing an authorization code.
For example, we might redirect the user to this URL::
https://pretalx.com/?code=eYBBf8gmeD4E01HLoj0XflqO4Lg3Cw&state=e3KCh9mfx07qxU4bRpXk
You will need this ``code`` parameter to perform the next step.
On a failed registration, a query string like ``?error=access_denied`` will be appended to the redirection URL.
.. note:: In this step, the user is allowed to restrict your access to certain organizer accounts. If you try to
re-authenticate the user later, the user might be instantly redirected back to you if authorization is already
given and would therefore be unable to review their organizer restriction settings. You can append the
``approval_prompt=force`` query parameter if you want to make sure the user actively needs to confirm the
authorization.
Getting an access token
-----------------------
Using the ``code`` value you obtained above and your client ID, you can now request an access token that actually gives
access to the API. The ``token`` endpoint expects you to authenticate using `HTTP Basic authentication`_ using your client
ID as a username and your client secret as a password. You are also required to again supply the same ``redirect_uri``
parameter that you used for the authorization.
.. http:get:: /api/v1/oauth/token
Request a new access token
**Example request**:
.. sourcecode:: http
POST /api/v1/oauth/token HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Basic bHNMaTBoTkwwdms1M21FZFlqTkp4SFVuMVBjTzFSNndWZzgxZExOVDplSmpzZVA0UjJMN0hMcjBiS0p1b3BmbnJtT2cyY3NDeTdYaFVVZ0FoalhUU0NhZHhRTjk3cVNvMkpPaXlWTFpQOEozaTVQd1FVdFIwNUNycG5ac2Z0bXJjdmNTbkZ1SkFmb2ZsUTdZUDRpSjZNTWFYTHIwQ0FpNlhIRFJjV1Awcg==
grant_type=authorization_code&code=eYBBf8gmeD4E01HLoj0XflqO4Lg3Cw&redirect_uri=https://pretalx.com
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"access_token": "i3ytqTSRWsKp16fqjekHXa4tdM4qNC",
"expires_in": 86400,
"token_type": "Bearer",
"scope": "read write",
"refresh_token": "XBK0r8z4A4TTeR9LyMUyU2AM5rqpXp"
}
:statuscode 200: no error
:statuscode 401: Authentication failure
As you can see, you receive two types of tokens: One "access token", and one "refresh token". The access token is valid
for a day and can be used to actually access the API. The refresh token does not have an expiration date and can be used
to obtain a new access_token after a day, so you should make sure to store the access token safely if you need long-term
access.
Using the API with an access token
----------------------------------
You can supply a valid access token as a ``Bearer``-type token in the ``Authorization`` header to get API access.
.. sourcecode:: http
:emphasize-lines: 3
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Bearer i3ytqTSRWsKp16fqjekHXa4tdM4qNC
Refreshing an access token
--------------------------
You can obtain a new access token using your refresh token any time. This can be done using the same ``token`` endpoint
used to obtain the first access token above, but with a different set of parameters:
.. sourcecode:: http
POST /api/v1/oauth/token HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Basic bHNMaTBoTkwwdms1M21FZFlqTkp4SFVuMVBjTzFSNndWZzgxZExOVDplSmpzZVA0UjJMN0hMcjBiS0p1b3BmbnJtT2cyY3NDeTdYaFVVZ0FoalhUU0NhZHhRTjk3cVNvMkpPaXlWTFpQOEozaTVQd1FVdFIwNUNycG5ac2Z0bXJjdmNTbkZ1SkFmb2ZsUTdZUDRpSjZNTWFYTHIwQ0FpNlhIRFJjV1Awcg==
grant_type=refresh_token&refresh_token=XBK0r8z4A4TTeR9LyMUyU2AM5rqpXp
The previous access token will instantly become invalid.
Revoking a token
----------------
If you don't need a token any more or if you believe it may have been compromised, you can use the ``revoke_token``
endpoint to revoke it.
.. http:get:: /api/v1/oauth/revoke_token
Revoke an access or refresh token. If you revoke an access token, you can still create a new one using the refresh token. If you
revoke a refresh token, the connected access token will also be revoked.
**Example request**:
.. sourcecode:: http
POST /api/v1/oauth/revoke_token HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Authorization: Basic bHNMaTBoTkwwdms1M21FZFlqTkp4SFVuMVBjTzFSNndWZzgxZExOVDplSmpzZVA0UjJMN0hMcjBiS0p1b3BmbnJtT2cyY3NDeTdYaFVVZ0FoalhUU0NhZHhRTjk3cVNvMkpPaXlWTFpQOEozaTVQd1FVdFIwNUNycG5ac2Z0bXJjdmNTbkZ1SkFmb2ZsUTdZUDRpSjZNTWFYTHIwQ0FpNlhIRFJjV1Awcg==
token=XBK0r8z4A4TTeR9LyMUyU2AM5rqpXp
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
:statuscode 200: no error
:statuscode 401: Authentication failure
If you want to revoke your client secret, you can generate a new one in the list of your managed applications in the
pretix user interface.
.. _OAuth2: https://en.wikipedia.org/wiki/OAuth
.. _OAuth2 Simplified: https://aaronparecki.com/oauth-2-simplified/
.. _HTTP Basic authentication: https://en.wikipedia.org/wiki/Basic_access_authentication

258
doc/api/resources/carts.rst
View File

@@ -1,258 +0,0 @@
.. _rest-carts:
Cart positions
==============
The API provides limited access to the cart position data model. This API currently only allows creating and deleting
cart positions to reserve quota.
Cart position resource
----------------------
The cart position resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the cart position
cart_id string Identifier of the cart this belongs to. Needs to end
in "@api" for API-created positions.
datetime datetime Time of creation
expires datetime The cart position will expire at this time and no longer block quota
item integer ID of the item
variation integer ID of the variation (or ``null``)
price money (string) Price of this position
attendee_name string Specified attendee name for this position (or ``null``)
attendee_email string Specified attendee email address for this position (or ``null``)
voucher integer Internal ID of the voucher used for this position (or ``null``)
addon_to integer Internal ID of the position this position is an add-on for (or ``null``)
subevent integer ID of the date inside an event series this position belongs to (or ``null``).
answers list of objects Answers to user-defined questions
├ question integer Internal ID of the answered question
├ answer string Text representation of the answer
├ question_identifier string The question's ``identifier`` field
├ options list of integers Internal IDs of selected option(s)s (only for choice types)
└ option_identifiers list of strings The ``identifier`` fields of the selected option(s)s
===================================== ========================== =======================================================
.. versionchanged:: 1.17
This resource has been added.
Cart position endpoints
-----------------------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/
Returns a list of API-created cart positions.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/cartpositions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
X-Page-Generated: 2017-12-01T10:00:00Z
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"cart_id": "XwokV8FojQviD9jhtDzKvHFdlLRNMhlfo3cNjGbuK6MUTQDT@api",
"item": 1,
"variation": null,
"price": "23.00",
"attendee_name": null,
"attendee_email": null,
"voucher": null,
"addon_to": null,
"subevent": null,
"datetime": "2018-06-11T10:00:00Z",
"expires": "2018-06-11T10:00:00Z",
"includes_tax": true,
"answers": []
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/(id)/
Returns information on one cart position, identified by its internal ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/cartpositions/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"cart_id": "XwokV8FojQviD9jhtDzKvHFdlLRNMhlfo3cNjGbuK6MUTQDT@api",
"item": 1,
"variation": null,
"price": "23.00",
"attendee_name": null,
"attendee_email": null,
"voucher": null,
"addon_to": null,
"subevent": null,
"datetime": "2018-06-11T10:00:00Z",
"expires": "2018-06-11T10:00:00Z",
"includes_tax": true,
"answers": []
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the position to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested cart position does not exist.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/
Creates a new cart position.
.. warning:: This endpoint is considered **experimental**. It might change at any time without prior notice.
.. warning::
This endpoint is intended for advanced users. It is not designed to be used to build your own shop frontend.
There is a lot that it does not or can not do, and you will need to be careful using it.
It allows to bypass many of the restrictions imposed when creating a cart through the
regular shop.
Specifically, this endpoint currently
* does not validate if products are only to be sold in a specific time frame
* does not validate if the event's ticket sales are already over or haven't started
* does not support add-on products at the moment
* does not check or calculate prices but believes any prices you send
* does not support the redemption of vouchers
* does not prevent you from buying items that can only be bought with a voucher
* does not support file upload questions
You can supply the following fields of the resource:
* ``cart_id`` (optional, needs to end in ``@api``)
* ``item``
* ``variation`` (optional)
* ``price``
* ``attendee_name`` (optional)
* ``attendee_email`` (optional)
* ``subevent`` (optional)
* ``expires`` (optional)
* ``includes_tax`` (optional)
* ``answers``
* ``question``
* ``answer``
* ``options``
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/cartpositions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"item": 1,
"variation": null,
"price": "23.00",
"attendee_name": "Peter",
"attendee_email": null,
"answers": [
{
"question": 1,
"answer": "23",
"options": []
}
],
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
(Full cart position resource, see above.)
:param organizer: The ``slug`` field of the organizer of the event to create a position for
:param event: The ``slug`` field of the event to create a position for
:statuscode 201: no error
:statuscode 400: The item could not be created due to invalid submitted data or lack of quota.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this
order.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/cartpositions/(id)/
Deletes a cart position, identified by its internal ID.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/cartpositions/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
Content-Type: application/json
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the position to delete
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested cart position does not exist.

135
doc/api/resources/categories.rst
View File

@@ -1,5 +1,3 @@
.. _`rest-categories`:
Item categories
===============
@@ -16,7 +14,6 @@ Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the category
name multi-lingual string The category's visible name
internal_name string An optional name that is only used in the backend
description multi-lingual string A public description (might include markdown, can
be ``null``)
position integer An integer, used for sorting the categories
@@ -25,14 +22,6 @@ is_addon boolean If ``True``, it
defining add-ons for other products.
===================================== ========================== =======================================================
.. versionchanged:: 1.14
The operations POST, PATCH, PUT and DELETE have been added.
.. versionchanged:: 1.16
The field ``internal_name`` has been added.
Endpoints
---------
@@ -55,7 +44,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -65,7 +54,6 @@ Endpoints
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
@@ -102,12 +90,11 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
@@ -119,121 +106,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/categories/
Creates a new category
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/categories/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": false
}
:param organizer: The ``slug`` field of the organizer of the event to create a category for
:param event: The ``slug`` field of the event to create a category for
:statuscode 201: no error
:statuscode 400: The category could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/categories/(id)/
Update a category. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/categories/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"is_addon": true
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Tickets"},
"internal_name": "",
"description": {"en": "Tickets are what you need to get in."},
"position": 1,
"is_addon": true
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the category to modify
:statuscode 200: no error
:statuscode 400: The category could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/category/(id)/
Delete a category.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/categories/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the category to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

630
doc/api/resources/checkinlists.rst
View File

@@ -1,630 +0,0 @@
Check-in lists
==============
Resource description
--------------------
You can create check-in lists that you can use e.g. at the entrance of your event to track who is coming and if they
actually bought a ticket.
You can create multiple check-in lists to separate multiple parts of your event, for example if you have separate
entries for multiple ticket types. Different check-in lists are completely independent: If a ticket shows up on two
lists, it is valid once on every list. This might be useful if you run a festival with festival passes that allow
access to every or multiple performances as well as tickets only valid for single performances.
The check-in list resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the check-in list
name string The internal name of the check-in list
all_products boolean If ``true``, the check-in lists contains tickets of all products in this event. The ``limit_products`` field is ignored in this case.
limit_products list of integers List of item IDs to include in this list.
subevent integer ID of the date inside an event series this list belongs to (or ``null``).
position_count integer Number of tickets that match this list (read-only).
checkin_count integer Number of check-ins performed on this list (read-only).
include_pending boolean If ``true``, the check-in list also contains tickets from orders in pending state.
===================================== ========================== =======================================================
.. versionchanged:: 1.10
This resource has been added.
.. versionchanged:: 1.11
The ``positions`` endpoints have been added.
.. versionchanged:: 1.13
The ``include_pending`` field has been added.
Endpoints
---------
.. versionchanged:: 1.15
The ``../status/`` detail endpoint has been added.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/
Returns a list of all check-in lists within a given event.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": "Default list",
"checkin_count": 123,
"position_count": 456,
"all_products": true,
"limit_products": [],
"include_pending": false,
"subevent": null
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query integer subevent: Only return check-in lists of the sub-event with the given ID
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(id)/
Returns information on one check-in list, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": "Default list",
"checkin_count": 123,
"position_count": 456,
"all_products": true,
"limit_products": [],
"include_pending": false,
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the check-in list to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(id)/status/
Returns detailed status information on a check-in list, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/status/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"checkin_count": 17,
"position_count": 42,
"event": {
"name": "Demo Converence",
},
"items": [
{
"name": "T-Shirt",
"id": 1,
"checkin_count": 1,
"admission": False,
"position_count": 1,
"variations": [
{
"value": "Red",
"id": 1,
"checkin_count": 1,
"position_count": 12
},
{
"value": "Blue",
"id": 2,
"checkin_count": 4,
"position_count": 8
}
]
},
{
"name": "Ticket",
"id": 2,
"checkin_count": 15,
"admission": True,
"position_count": 22,
"variations": []
}
]
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the check-in list to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/
Creates a new check-in list.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/checkinlists/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": "VIP entry",
"all_products": false,
"limit_products": [1, 2],
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"name": "VIP entry",
"checkin_count": 0,
"position_count": 0,
"all_products": false,
"limit_products": [1, 2],
"include_pending": false,
"subevent": null
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a list for
:param event: The ``slug`` field of the event to create a list for
:statuscode 201: no error
:statuscode 400: The list could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(id)/
Update a check-in list. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field and the ``checkin_count`` and ``position_count``
fields.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"name": "Backstage",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"name": "Backstage",
"checkin_count": 23,
"position_count": 42,
"all_products": false,
"limit_products": [1, 2],
"include_pending": false,
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the list to modify
:statuscode 200: no error
:statuscode 400: The list could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/checkinlist/(id)/
Delete a check-in list. Note that this also deletes the information on all check-ins performed via this list.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/checkinlist/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the check-in list to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.
Order position endpoints
------------------------
.. versionchanged:: 1.15
The order positions endpoint has been extended by the filter queries ``item__in``, ``variation__in``,
``order__status__in``, ``subevent__in``, ``addon_to__in``, and ``search``. The search for attendee names and order
codes is now case-insensitive.
The ``.../redeem/`` endpoint has been added.
.. versionchanged:: 2.0
The order positions endpoint has been extended by the filter queries ``voucher`` and ``voucher__code``.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/
Returns a list of all order positions within a given event. The result is the same as
the :ref:`order-position-resource`, with one important difference: the ``checkins`` value will only include
check-ins for the selected list.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/positions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 23442,
"order": "ABC12",
"positionid": 1,
"item": 1345,
"variation": null,
"price": "23.00",
"attendee_name": "Peter",
"attendee_email": null,
"voucher": null,
"tax_rate": "0.00",
"tax_rule": null,
"tax_value": "0.00",
"secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
"addon_to": null,
"subevent": null,
"pseudonymization_id": "MQLJvANO3B",
"checkins": [
{
"list": 1,
"datetime": "2017-12-25T12:45:23Z"
}
],
"answers": [
{
"question": 12,
"answer": "Foo",
"options": []
}
],
"downloads": [
{
"output": "pdf",
"url": "https://pretix.eu/api/v1/organizers/bigevents/events/sampleconf/orderpositions/23442/download/pdf/"
}
]
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``order__code``,
``order__datetime``, ``positionid``, ``attendee_name``, ``last_checked_in`` and ``order__email``. Default:
``attendee_name,positionid``
:query string order: Only return positions of the order with the given order code
:query string search: Fuzzy search matching the attendee name, order code, invoice address name as well as to the beginning of the secret.
:query integer item: Only return positions with the purchased item matching the given ID.
:query integer item__in: Only return positions with the purchased item matching one of the given comma-separated IDs.
:query integer variation: Only return positions with the purchased item variation matching the given ID.
:query integer variation__in: Only return positions with one of the purchased item variation matching the given
comma-separated IDs.
:query string attendee_name: Only return positions with the given value in the attendee_name field. Also, add-on
products positions are shown if they refer to an attendee with the given name.
:query string secret: Only return positions with the given ticket secret.
:query string order__status: Only return positions with the given order status.
:query string order__status__in: Only return positions with one the given comma-separated order status.
:query boolean has_checkin: If set to ``true`` or ``false``, only return positions that have or have not been
checked in already.
:query integer subevent: Only return positions of the sub-event with the given ID
:query integer subevent__in: Only return positions of one of the sub-events with the given comma-separated IDs
:query integer addon_to: Only return positions that are add-ons to the position with the given ID.
:query integer addon_to__in: Only return positions that are add-ons to one of the positions with the given
comma-separated IDs.
:query string voucher: Only return positions with a specific voucher.
:query string voucher__code: Only return positions with a specific voucher code.
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param list: The ID of the check-in list to look for
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested check-in list does not exist.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/(id)/
Returns information on one order position, identified by its internal ID.
The result format is the same as the :ref:`order-position-resource`, with one important difference: the
``checkins`` value will only include check-ins for the selected list.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/positions/23442/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 23442,
"order": "ABC12",
"positionid": 1,
"item": 1345,
"variation": null,
"price": "23.00",
"attendee_name": "Peter",
"attendee_email": null,
"voucher": null,
"tax_rate": "0.00",
"tax_rule": null,
"tax_value": "0.00",
"secret": "z3fsn8jyufm5kpk768q69gkbyr5f4h6w",
"addon_to": null,
"subevent": null,
"pseudonymization_id": "MQLJvANO3B",
"checkins": [
{
"list": 1,
"datetime": "2017-12-25T12:45:23Z"
}
],
"answers": [
{
"question": 12,
"answer": "Foo",
"options": []
}
],
"downloads": [
{
"output": "pdf",
"url": "https://pretix.eu/api/v1/organizers/bigevents/events/sampleconf/orderpositions/23442/download/pdf/"
}
]
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param list: The ID of the check-in list to look for
:param id: The ``id`` field of the order position to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested order position or check-in list does not exist.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/checkinlists/(list)/positions/(id)/redeem/
Tries to redeem an order position, identified by its internal ID, i.e. checks the attendee in. This endpoint
accepts a number of optional requests in the body.
:<json boolean questions_supported: When this parameter is set to ``true``, handling of questions is supported. If
you do not implement question handling in your user interface, you **must**
set this to ``false``. In that case, questions will just be ignored. Defaults
to ``true``.
:<json datetime datetime: Specifies the datetime of the check-in. If not supplied, the current time will be used.
:<json boolean force: Specifies that the check-in should succeed regardless of previous check-ins or required
questions that have not been filled. Defaults to ``false``.
:<json boolean ignore_unpaid: Specifies that the check-in should succeed even if the order is in pending state.
Defaults to ``false``.
:<json string nonce: You can set this parameter to a unique random value to identify this check-in. If you're sending
this request twice with the same nonce, the second request will also succeed but will always
create only one check-in object even when the previous request was successful as well. This
allows for a certain level of idempotency and enables you to re-try after a connection failure.
:<json object answers: If questions are supported/required, you may/must supply a mapping of question IDs to their
respective answers. The answers should always be strings. In case of (multiple-)choice-type
answers, the string should contain the (comma-separated) IDs of the selected options.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/checkinlists/1/positions/234/redeem/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
{
"force": false,
"ignore_unpaid": false,
"nonce": "Pvrk50vUzQd0DhdpNRL4I4OcXsvg70uA",
"datetime": null,
"questions_supported": true,
"answers": {
"4": "XS"
}
}
**Example successful response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"status": "ok"
}
**Example response with required questions**:
.. sourcecode:: http
HTTP/1.1 400 Bad Request
Content-Type: text/json
{
"status": "incomplete"
"questions": [
{
"id": 1,
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": true,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 0,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 1,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 2,
"answer": {"en": "L"}
}
]
}
]
}
**Example error response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{
"status": "error",
"reason": "unpaid",
}
Possible error reasons:
* ``unpaid`` - Ticket is not paid for or has been refunded
* ``already_redeemed`` - Ticket already has been redeemed
* ``product`` - Tickets with this product may not be scanned at this device
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param list: The ID of the check-in list to look for
:param id: The ``id`` field of the order position to fetch
:statuscode 201: no error
:statuscode 400: Invalid or incomplete request, see above
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 404: The requested order position or check-in list does not exist.

287
doc/api/resources/events.rst
View File

@@ -24,27 +24,9 @@ is_public boolean If ``true``, th
presale_start datetime The date at which the ticket shop opens (or ``null``)
presale_end datetime The date at which the ticket shop closes (or ``null``)
location multi-lingual string The event location (or ``null``)
has_subevents boolean ``True`` if the event series feature is active for this
event. Cannot change after event is created.
meta_data dict Values set for organizer-specific meta data parameters.
plugins list A list of package names of the enabled plugins for this
event.
===================================== ========================== =======================================================
.. versionchanged:: 1.7
The ``meta_data`` field has been added.
.. versionchanged:: 1.15
The ``plugins`` field has been added.
The operations POST, PATCH, PUT and DELETE have been added.
.. versionchanged:: 2.1
Filters have been added to the list of events.
Endpoints
---------
@@ -52,8 +34,6 @@ Endpoints
Returns a list of all events within a given organizer the authenticated user/token has access to.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
@@ -68,7 +48,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -87,25 +67,11 @@ Endpoints
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.banktransfer"
"pretix.plugins.stripe"
"pretix.plugins.paypal"
"pretix.plugins.ticketoutputpdf"
]
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:query is_public: If set to ``true``/``false``, only events with a matching value of ``is_public`` are returned.
:query live: If set to ``true``/``false``, only events with a matching value of ``live`` are returned.
:query has_subevents: If set to ``true``/``false``, only events with a matching value of ``has_subevents`` are returned.
:query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned. Event series are never (always) returned.
:query is_past: If set to ``true`` (``false``), only events that are over are (not) returned. Event series are never (always) returned.
:query ends_after: If set to a date and time, only events that happen during of after the given time are returned. Event series are never returned.
:param organizer: The ``slug`` field of a valid organizer
:statuscode 200: no error
:statuscode 401: Authentication failure
@@ -115,8 +81,6 @@ Endpoints
Returns information on one event, identified by its slug.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
@@ -131,7 +95,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"name": {"en": "Sample Conference"},
@@ -145,14 +109,6 @@ Endpoints
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.banktransfer"
"pretix.plugins.stripe"
"pretix.plugins.paypal"
"pretix.plugins.ticketoutputpdf"
]
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -160,242 +116,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.
.. http:post:: /api/v1/organizers/(organizer)/events/
Creates a new event
Please note that events cannot be created as 'live' using this endpoint. Quotas and payment must be added to the
event before sales can go live.
Permission required: "Can create events"
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
:param organizer: The ``slug`` field of the organizer of the event to create.
:statuscode 201: no error
:statuscode 400: The event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/clone/
Creates a new event with properties as set in the request body. The properties that are copied are: 'is_public',
settings, plugin settings, items, variations, add-ons, quotas, categories, tax rules, questions.
If the 'plugins' and/or 'is_public' fields are present in the post body this will determine their value. Otherwise
their value will be copied from the existing event.
Please note that you can only copy from events under the same organizer.
Permission required: "Can create events"
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/clone/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.stripe",
"pretix.plugins.paypal"
]
}
:param organizer: The ``slug`` field of the organizer of the event to create.
:param event: The ``slug`` field of the event to copy settings and items from.
:statuscode 201: no error
:statuscode 400: The event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/
Updates an event
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"plugins": [
"pretix.plugins.banktransfer",
"pretix.plugins.stripe",
"pretix.plugins.paypal",
"pretix.plugins.pretixdroid"
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"name": {"en": "Sample Conference"},
"slug": "sampleconf",
"live": false,
"currency": "EUR",
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"is_public": false,
"presale_start": null,
"presale_end": null,
"location": null,
"has_subevents": false,
"meta_data": {},
"plugins": [
"pretix.plugins.banktransfer",
"pretix.plugins.stripe",
"pretix.plugins.paypal",
"pretix.plugins.pretixdroid"
]
}
:param organizer: The ``slug`` field of the organizer of the event to update
:param event: The ``slug`` field of the event to update
:statuscode 201: no error
:statuscode 400: The event could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/
Delete an event. Note that events with orders cannot be deleted to ensure data integrity.
Permission required: "Can change event settings"
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

7
doc/api/resources/index.rst
View File

@@ -6,18 +6,11 @@ Resources and endpoints
organizers
events
subevents
taxrules
categories
items
item_variations
item_add-ons
questions
question_options
quotas
orders
invoices
vouchers
checkinlists
waitinglist
carts

124
doc/api/resources/invoices.rst
View File

@@ -11,7 +11,7 @@ The invoice resource contains the following public fields:
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
number string Invoice number (with prefix)
invoice_no string Invoice number (without prefix)
order string Order code of the order this invoice belongs to
is_cancellation boolean ``True``, if this invoice is the cancellation of a
different invoice.
@@ -29,40 +29,12 @@ payment_provider_text string Text to be prin
footer_text string Text to be printed in the page footer area
lines list of objects The actual invoice contents
├ description string Text representing the invoice line (e.g. product name)
├ gross_value money (string) Price including taxes
├ tax_value money (string) Tax amount included
tax_name string Name of used tax rate (e.g. "VAT")
└ tax_rate decimal (string) Used tax rate
foreign_currency_display string If the invoice should also show the total and tax
amount in a different currency, this contains the
currency code (``null`` otherwise).
foreign_currency_rate decimal (string) If ``foreign_currency_rate`` is set and the system
knows the exchange rate to the event currency at
invoicing time, it is stored here.
foreign_currency_rate_date date If ``foreign_currency_rate`` is set, this signifies the
date at which the currency rate was obtained.
internal_reference string Customer's reference to be printed on the invoice.
├ gross_value money (string) Price including VAT
├ tax_value money (string) VAT amount
tax_rate decimal (string) Used VAT rate
===================================== ========================== =======================================================
.. versionchanged:: 1.6
The attribute ``invoice_no`` has been dropped in favor of ``number`` which includes the number including the prefix,
since the prefix can now vary. Also, invoices now need to be identified by their ``number`` instead of the raw
number.
.. versionchanged:: 1.7
The attributes ``lines.tax_name``, ``foreign_currency_display``, ``foreign_currency_rate``, and
``foreign_currency_rate_date`` have been added.
.. versionchanged:: 1.9
The attribute ``internal_reference`` has been added.
Endpoints
---------
@@ -84,7 +56,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -92,7 +64,7 @@ Endpoints
"previous": null,
"results": [
{
"number": "SAMPLECONF-00001",
"invoice_no": "00001",
"order": "ABC12",
"is_cancellation": false,
"invoice_from": "Big Events LLC\nDemo street 12\nDemo town",
@@ -101,7 +73,6 @@ Endpoints
"refers": null,
"locale": "en",
"introductory_text": "thank you for your purchase of the following items:",
"internal_reference": "",
"additional_text": "We are looking forward to see you on our conference!",
"payment_provider_text": "Please transfer the money to our account ABC…",
"footer_text": "Big Events LLC - Registration No. 123456 - VAT ID: EU0987654321",
@@ -110,13 +81,9 @@ Endpoints
"description": "Budget Ticket",
"gross_value": "23.00",
"tax_value": "0.00",
"tax_name": "VAT",
"tax_rate": "0.00"
}
],
"foreign_currency_display": "PLN",
"foreign_currency_rate": "4.2408",
"foreign_currency_rate_date": "2017-07-24"
]
}
]
}
@@ -125,17 +92,17 @@ Endpoints
:query boolean is_cancellation: If set to ``true`` or ``false``, only invoices with this value for the field
``is_cancellation`` will be returned.
:query string order: If set, only invoices belonging to the order with the given order code will be returned.
:query string refers: If set, only invoices referring to the given invoice will be returned.
:query string refers: If set, only invoices refering to the given invoice will be returned.
:query string locale: If set, only invoices with the given locale will be returned.
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``date`` and
``nr`` (equals to ``number``). Default: ``nr``
``invoice_no``. Default: ``invoice_no``
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/invoices/(number)/
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/
Returns information on one invoice, identified by its invoice number.
@@ -143,7 +110,7 @@ Endpoints
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/invoices/SAMPLECONF-00001/ HTTP/1.1
GET /api/v1/organizers/bigevents/events/sampleconf/invoices/00001/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
@@ -153,10 +120,10 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"number": "SAMPLECONF-00001",
"invoice_no": "00001",
"order": "ABC12",
"is_cancellation": false,
"invoice_from": "Big Events LLC\nDemo street 12\nDemo town",
@@ -165,7 +132,6 @@ Endpoints
"refers": null,
"locale": "en",
"introductory_text": "thank you for your purchase of the following items:",
"internal_reference": "",
"additional_text": "We are looking forward to see you on our conference!",
"payment_provider_text": "Please transfer the money to our account ABC…",
"footer_text": "Big Events LLC - Registration No. 123456 - VAT ID: EU0987654321",
@@ -174,13 +140,9 @@ Endpoints
"description": "Budget Ticket",
"gross_value": "23.00",
"tax_value": "0.00",
"tax_name": "VAT",
"tax_rate": "0.00"
}
],
"foreign_currency_display": "PLN",
"foreign_currency_rate": "4.2408",
"foreign_currency_rate_date": "2017-07-24"
]
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -221,61 +183,5 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
:statuscode 409: The file is not yet ready and will now be prepared. Retry the request after waiting for a few
:statuscode 409: The file is not yet ready and will now be prepared. Retry the request after waiting vor a few
seconds.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/reissue/
Cancels the invoice and creates a new one.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/invoices/00001/reissue/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
Content-Type: application/pdf
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param invoice_no: The ``invoice_no`` field of the invoice to reissue
:statuscode 200: no error
:statuscode 400: The invoice has already been canceled
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/invoices/(invoice_no)/regenerate/
Re-generates the invoice from order data.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/invoices/00001/regenerate/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
Content-Type: application/pdf
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param invoice_no: The ``invoice_no`` field of the invoice to regenerate
:statuscode 200: no error
:statuscode 400: The invoice has already been canceled
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.

246
doc/api/resources/item_add-ons.rst
View File

@@ -1,246 +0,0 @@
Item add-ons
============
Resource description
--------------------
With add-ons, you can specify products that can be bought as an addition to this specific product. For example, if you
host a conference with a base conference ticket and a number of workshops, you could define the workshops as add-ons to
the conference ticket. With this configuration, the workshops cannot be bought on their own but only in combination with
a conference ticket. You can here specify categories of products that can be used as add-ons to this product. You can
also specify the minimum and maximum number of add-ons of the given category that can or need to be chosen. The user can
buy every add-on from the category at most once. If an add-on product has multiple variations, only one of them can be
bought.
The add-ons resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the add-on
addon_category integer Internal ID of the item category the add-on can be
chosen from.
min_count integer The minimal number of add-ons that need to be chosen.
max_count integer The maximal number of add-ons that can be chosen.
position integer An integer, used for sorting
price_included boolean Adding this add-on to the item is free
===================================== ========================== =======================================================
.. versionchanged:: 1.12
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/
Returns a list of all add-ons for a given item.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/11/addons/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 0,
"price_included": true
},
{
"id": 4,
"addon_category": 2,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/item does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/(id)/
Returns information on one add-on, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:param id: The ``id`` field of the add-on to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/
Creates a new add-on
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/(organizer)/events/(event)/items/(item)/addons/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a add-on for
:param event: The ``slug`` field of the event to create a add-on for
:param item: The ``id`` field of the item to create a add-on for
:statuscode 201: no error
:statuscode 400: The add-on could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/addon/(id)/
Update an add-on. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/3/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"min_count": 0,
"max_count": 10,
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"addon_category": 1,
"min_count": 0,
"max_count": 10,
"position": 1,
"price_included": true
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param item: The ``id`` field of the item to modify
:param id: The ``id`` field of the add-on to modify
:statuscode 200: no error
:statuscode 400: The add-on could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/addons/(id)/
Delete an add-on.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/addons/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the add-on to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

258
doc/api/resources/item_variations.rst
View File

@@ -1,258 +0,0 @@
Item variations
===============
Resource description
--------------------
Variations of items can be use for products (items) that are available in different sizes, colors or other variations
of the same product.
The variations resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the variation
default_price money (string) The price set directly for this variation or ``null``
price money (string) The price used for this variation. This is either the
same as ``default_price`` if that value is set or equal
to the item's ``default_price`` (read-only).
active boolean If ``False``, this variation will not be sold or shown.
description multi-lingual string A public description of the variation. May contain
Markdown syntax or can be ``null``.
position integer An integer, used for sorting
===================================== ========================== =======================================================
.. versionchanged:: 1.12
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/
Returns a list of all variations for a given item.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/11/variations/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"value": {
"en": "S"
},
"active": true,
"description": {
"en": "Test2"
},
"position": 0,
"default_price": "223.00",
"price": 223.0
},
{
"id": 3,
"value": {
"en": "L"
},
"active": true,
"description": {},
"position": 1,
"default_price": null,
"price": 15.0
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query boolean active: If set to ``true`` or ``false``, only items with this value for the field ``active`` will be
returned.
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/item does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/(id)/
Returns information on one variation, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 3,
"value": {
"en": "Student"
},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param item: The ``id`` field of the item to fetch
:param id: The ``id`` field of the variation to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/
Creates a new variation
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"value": {"en": "Student"},
"default_price": "10.00",
"active": true,
"description": null,
"position": 0
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a variation for
:param event: The ``slug`` field of the event to create a variation for
:param item: The ``id`` field of the item to create a variation for
:statuscode 201: no error
:statuscode 400: The variation could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(item)/variations/(id)/
Update a variation. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` and the ``price`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"active": false,
"position": 1
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": false,
"description": null,
"position": 1
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the variation to modify
:statuscode 200: no error
:statuscode 400: The variation could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/variations/(id)/
Delete a variation.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/variations/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:param id: The ``id`` field of the variation to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

300
doc/api/resources/items.rst
View File

@@ -1,5 +1,3 @@
.. _rest-items:
Items
=====
@@ -16,7 +14,6 @@ Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the item
name multi-lingual string The item's visible name
internal_name string An optional name that is only used in the backend
default_price money (string) The item price that is applied if the price is not
overwritten by variations or other options.
category integer The ID of the category this item belongs to
@@ -30,13 +27,11 @@ free_price boolean If ``True``, cu
lower than the price defined by ``default_price`` or
otherwise).
tax_rate decimal (string) The VAT rate to be applied for this item.
tax_rule integer The internal ID of the applied tax rule (or ``null``).
admission boolean ``True`` for items that grant admission to the event
(such as primary tickets) and ``False`` for others
(such as add-ons or merchandise).
position integer An integer, used for sorting
picture string A product picture to be displayed in the shop
(read-only).
available_from datetime The first date time at which this item can be bought
(or ``null``).
available_until datetime The last date time at which this item can be bought
@@ -54,20 +49,11 @@ min_per_order integer This product ca
max_per_order integer This product can only be bought if it is included at
most this many times in the order (or ``null`` for no
limitation).
checkin_attention boolean If ``True``, the check-in app should show a warning
that this ticket requires special attention if such
a product is being scanned.
original_price money (string) An original price, shown for comparison, not used
for price calculations.
require_approval boolean If ``True``, orders with this product will need to be
approved by the event organizer before they can be
paid.
has_variations boolean Shows whether or not this item has variations.
has_variations boolean Shows whether or not this item has variations
(read-only).
variations list of objects A list with one object for each variation of this item.
Can be empty. Only writable during creation,
use separate endpoint to modify this later.
Can be empty.
├ id integer Internal ID of the variation
├ value multi-lingual string The "name" of the variation
├ default_price money (string) The price set directly for this variation or ``null``
├ price money (string) The price used for this variation. This is either the
same as ``default_price`` if that value is set or equal
@@ -76,44 +62,14 @@ variations list of objects A list with one
├ description multi-lingual string A public description of the variation. May contain
Markdown syntax or can be ``null``.
└ position integer An integer, used for sorting
addons list of objects Definition of add-ons that can be chosen for this item.
Only writable during creation,
use separate endpoint to modify this later.
addons list of objects Definition of add-ons that can be chosen for this item
├ addon_category integer Internal ID of the item category the add-on can be
chosen from.
├ min_count integer The minimal number of add-ons that need to be chosen.
├ max_count integer The maximal number of add-ons that can be chosen.
├ max_count integer The maxima number of add-ons that can be chosen.
└ position integer An integer, used for sorting
└ price_included boolean Adding this add-on to the item is free
===================================== ========================== =======================================================
.. versionchanged:: 1.7
The attribute ``tax_rule`` has been added. ``tax_rate`` is kept for compatibility. The attribute
``checkin_attention`` has been added.
.. versionchanged:: 1.12
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
The attribute ``price_included`` has been added to ``addons``.
.. versionchanged:: 1.16
The ``internal_name`` and ``original_price`` fields have been added.
.. versionchanged:: 2.0
The field ``require_approval`` has been added.
Notes
-----
Please note that an item either always has variations or never has. Once created with variations the item can never
change to an item without and vice versa. To create an item with variations ensure that you POST an item with at least
one variation.
Also note that ``variations`` and ``addons`` are only supported on ``POST``. To update/delete variations and add-ons please
use the dedicated nested endpoints. By design this endpoint does not support ``PATCH`` and ``PUT`` with nested
``variations`` and/or ``addons``.
Endpoints
---------
@@ -136,7 +92,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -146,15 +102,12 @@ Endpoints
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
@@ -165,9 +118,7 @@ Endpoints
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": false,
"require_approval": false,
"variations": [
{
"value": {"en": "Student"},
@@ -226,20 +177,17 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
@@ -250,9 +198,7 @@ Endpoints
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": false,
"require_approval": false,
"variations": [
{
"value": {"en": "Student"},
@@ -280,235 +226,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/items/
Creates a new item
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/items/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
"available_from": null,
"available_until": null,
"require_voucher": false,
"hide_without_voucher": false,
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"require_approval": false,
"variations": [
{
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
},
{
"value": {"en": "Regular"},
"default_price": null,
"price": "23.00",
"active": true,
"description": null,
"position": 1
}
],
"addons": []
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Standard ticket"},
"internal_name": "",
"default_price": "23.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
"available_from": null,
"available_until": null,
"require_voucher": false,
"hide_without_voucher": false,
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": true,
"require_approval": false,
"variations": [
{
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
},
{
"value": {"en": "Regular"},
"default_price": null,
"price": "23.00",
"active": true,
"description": null,
"position": 1
}
],
"addons": []
}
:param organizer: The ``slug`` field of the organizer of the event to create an item for
:param event: The ``slug`` field of the event to create an item for
:statuscode 201: no error
:statuscode 400: The item could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/
Update an item. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``has_variations``, ``variations`` and the ``addon`` field. If
you need to update/delete variations or add-ons please use the nested dedicated endpoints.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"name": {"en": "Ticket"},
"default_price": "25.00"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "Ticket"},
"internal_name": "",
"default_price": "25.00",
"original_price": null,
"category": null,
"active": true,
"description": null,
"free_price": false,
"tax_rate": "0.00",
"tax_rule": 1,
"admission": false,
"position": 0,
"picture": null,
"available_from": null,
"available_until": null,
"require_voucher": false,
"hide_without_voucher": false,
"allow_cancel": true,
"min_per_order": null,
"max_per_order": null,
"checkin_attention": false,
"has_variations": true,
"require_approval": false,
"variations": [
{
"value": {"en": "Student"},
"default_price": "10.00",
"price": "10.00",
"active": true,
"description": null,
"position": 0
},
{
"value": {"en": "Regular"},
"default_price": null,
"price": "23.00",
"active": true,
"description": null,
"position": 1
}
],
"addons": []
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to modify
:statuscode 200: no error
:statuscode 400: The item could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/items/(id)/
Delete an item.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

1315
doc/api/resources/orders.rst
View File

File diff suppressed because it is too large Load Diff

4
doc/api/resources/organizers.rst
View File

@@ -41,7 +41,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -77,7 +77,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"name": "Big Events LLC",

233
doc/api/resources/question_options.rst
View File

@@ -1,233 +0,0 @@
Question options
================
Resource description
--------------------
Questions of type "choice" or "multiple choice" can have different options attached.
The options resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the option
position integer An integer, used for sorting
identifier string An arbitrary string that can be used for matching with
other sources.
answer multi-lingual string The displayed value of this option
===================================== ========================== =======================================================
.. versionchanged:: 1.12
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/
Returns a list of all options for a given question.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/questions/11/options/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 2,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
}
:query integer page: The page number in case of a multi-page result set, default is 1
:query boolean active: If set to ``true`` or ``false``, only questions with this value for the field ``active`` will be
returned.
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param question: The ``id`` field of the question to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/question does not exist **or** you have no permission to view this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/(id)/
Returns information on one option, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param question: The ``id`` field of the question to fetch
:param id: The ``id`` field of the option to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/
Creates a new option
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
{
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
:param organizer: The ``slug`` field of the organizer of the event/question to create a option for
:param event: The ``slug`` field of the event to create a option for
:param question: The ``id`` field of the question to create a option for
:statuscode 201: no error
:statuscode 400: The option could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/questions/(question)/options/(id)/
Update an option. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"position": 3
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the question to modify
:param id: The ``id`` field of the option to modify
:statuscode 200: no error
:statuscode 400: The option could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/questions/(id)/options/(id)/
Delete an option.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/questions/1/options/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the question to modify
:param id: The ``id`` field of the option to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

232
doc/api/resources/questions.rst
View File

@@ -1,7 +1,3 @@
.. spelling:: checkin
.. _rest-questions:
Questions
=========
@@ -26,46 +22,19 @@ type string The expected ty
* ``B`` boolean
* ``C`` choice from a list
* ``M`` multiple choice from a list
* ``F`` file upload
* ``D`` date
* ``H`` time
* ``W`` date and time
required boolean If ``True``, the question needs to be filled out.
position integer An integer, used for sorting
items list of integers List of item IDs this question is assigned to.
identifier string An arbitrary string that can be used for matching with
other sources.
ask_during_checkin boolean If ``True``, this question will not be asked while
buying the ticket, but will show up when redeeming
the ticket instead.
options list of objects In case of question type ``C`` or ``M``, this lists the
available objects. Only writable during creation,
use separate endpoint to modify this later.
available objects.
├ id integer Internal ID of the option
├ position integer An integer, used for sorting
├ identifier string An arbitrary string that can be used for matching with
other sources.
└ answer multi-lingual string The displayed value of this option
===================================== ========================== =======================================================
.. versionchanged:: 1.12
The values ``D``, ``H``, and ``W`` for the field ``type`` are now allowed and the ``ask_during_checkin`` field has
been added.
.. versionchanged:: 1.14
Write methods have been added. The attribute ``identifier`` has been added to both the resource itself and the
options resource. The ``position`` attribute has been added to the options resource.
Endpoints
---------
.. versionchanged:: 1.15
The questions endpoint has been extended by the filter queries ``ask_during_checkin``, ``requred``, and
``identifier``.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/questions/
Returns a list of all questions within a given event.
@@ -84,7 +53,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -98,25 +67,17 @@ Endpoints
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 0,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 1,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 2,
"answer": {"en": "L"}
}
]
@@ -127,9 +88,6 @@ Endpoints
:query integer page: The page number in case of a multi-page result set, default is 1
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``id`` and ``position``.
Default: ``position``
:query string identifier: Only return questions with the given identifier string
:query boolean ask_during_checkin: Only return questions that are or are not to be asked during check-in
:query boolean required: Only return questions that are or are not required to fill in
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
@@ -154,7 +112,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -163,25 +121,17 @@ Endpoints
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
@@ -193,179 +143,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/questions/
Creates a new question
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/questions/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 1,
"ask_during_checkin": false,
"options": [
{
"answer": {"en": "S"}
},
{
"answer": {"en": "M"}
},
{
"answer": {"en": "L"}
}
]
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 1,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
}
:param organizer: The ``slug`` field of the organizer of the event to create an item for
:param event: The ``slug`` field of the event to create an item for
:statuscode 201: no error
:statuscode 400: The item could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/questions/(id)/
Update a question. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``options`` field. If
you need to update/delete options please use the nested dedicated endpoints.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"position": 2
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"question": {"en": "T-Shirt size"},
"type": "C",
"required": false,
"items": [1, 2],
"position": 2,
"identifier": "WY3TP9SL",
"ask_during_checkin": false,
"options": [
{
"id": 1,
"identifier": "LVETRWVU",
"position": 1,
"answer": {"en": "S"}
},
{
"id": 2,
"identifier": "DFEMJWMJ",
"position": 2,
"answer": {"en": "M"}
},
{
"id": 3,
"identifier": "W9AH7RDE",
"position": 3,
"answer": {"en": "L"}
}
]
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the question to modify
:statuscode 200: no error
:statuscode 400: The item could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/questions/(id)/
Delete a question.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/items/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the item to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

147
doc/api/resources/quotas.rst
View File

@@ -1,12 +1,10 @@
.. _rest-quotas:
Quotas
======
Resource description
--------------------
Quotas define how many times an item can be sold.
Questions define how many times an item can be sold.
The quota resource contains the following public fields:
.. rst-class:: rest-resource-table
@@ -19,13 +17,8 @@ name string The internal na
size integer The size of the quota or ``null`` for unlimited
items list of integers List of item IDs this quota acts on.
variations list of integers List of item variation IDs this quota acts on.
subevent integer ID of the date inside an event series this quota belongs to (or ``null``).
===================================== ========================== =======================================================
.. versionchanged:: 1.10
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
@@ -48,7 +41,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -60,8 +53,7 @@ Endpoints
"name": "Ticket Quota",
"size": 200,
"items": [1, 2],
"variations": [1, 4, 5, 7],
"subevent": null
"variations": [1, 4, 5, 7]
}
]
}
@@ -69,7 +61,6 @@ Endpoints
:query integer page: The page number in case of a multi-page result set, default is 1
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``id`` and ``position``.
Default: ``position``
:query integer subevent: Only return quotas of the sub-event with the given ID
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
@@ -94,15 +85,14 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
"name": "Ticket Quota",
"size": 200,
"items": [1, 2],
"variations": [1, 4, 5, 7],
"subevent": null
"variations": [1, 4, 5, 7]
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -112,131 +102,6 @@ Endpoints
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/quotas/
Creates a new quota
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/quotas/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content: application/json
{
"name": "Ticket Quota",
"size": 200,
"items": [1, 2],
"variations": [1, 4, 5, 7],
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": "Ticket Quota",
"size": 200,
"items": [1, 2],
"variations": [1, 4, 5, 7],
"subevent": null
}
:param organizer: The ``slug`` field of the organizer of the event/item to create a quota for
:param event: The ``slug`` field of the event to create a quota for
:statuscode 201: no error
:statuscode 400: The quota could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/quotas/(id)/
Update a quota. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` field.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/quotas/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 94
{
"name": "New Ticket Quota",
"size": 100,
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 2,
"name": "New Ticket Quota",
"size": 100,
"items": [
1,
2
],
"variations": [
1,
2
],
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the quota rule to modify
:statuscode 200: no error
:statuscode 400: The quota could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/quota/(id)/
Delete a quota. Note that if you delete a quota the items the quota acts on might no longer be available for sale.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/quotas/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the quotas to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/quotas/(id)/availability/
Returns availability information on one quota, identified by its ID.
@@ -255,7 +120,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"available": true,

217
doc/api/resources/subevents.rst
View File

@@ -1,217 +0,0 @@
.. _rest-subevents:
Event series dates / Sub-events
===============================
Resource description
--------------------
Events can represent whole event series if the ``has_subevents`` property of the event is active.
In this case, many other resources are additionally connected to an event date (also called sub-event).
The sub-event resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the sub-event
name multi-lingual string The sub-event's full name
event string The slug of the parent event
active boolean If ``true``, the sub-event ticket shop is publicly
available.
date_from datetime The sub-event's start date
date_to datetime The sub-event's end date (or ``null``)
date_admission datetime The sub-event's admission date (or ``null``)
presale_start datetime The sub-date at which the ticket shop opens (or ``null``)
presale_end datetime The sub-date at which the ticket shop closes (or ``null``)
location multi-lingual string The sub-event location (or ``null``)
item_price_overrides list of objects List of items for which this sub-event overrides the
default price
├ item integer The internal item ID
└ price money (string) The price or ``null`` for the default price
variation_price_overrides list of objects List of variations for which this sub-event overrides
the default price
├ variation integer The internal variation ID
└ price money (string) The price or ``null`` for the default price
meta_data dict Values set for organizer-specific meta data parameters.
===================================== ========================== =======================================================
.. versionchanged:: 1.7
The ``meta_data`` field has been added.
.. versionchanged:: 2.1
The ``event`` field has been added, together with filters on the list of dates and an organizer-level list.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/subevents/
Returns a list of all sub-events of an event.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/subevents/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": {"en": "First Sample Conference"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:query active: If set to ``true``/``false``, only events with a matching value of ``active`` are returned.
:query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned.
:query is_past: If set to ``true`` (``false``), only events that are over are (not) returned.
:query ends_after: If set to a date and time, only events that happen during of after the given time are returned.
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/subevents/(id)/
Returns information on one sub-event, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/subevents/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "First Sample Conference"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``slug`` field of the sub-event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/subevents/
Returns a list of all sub-events of any event series you have access to within an organizer account.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/subevents/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": {"en": "First Sample Conference"},
"event": "sampleconf",
"active": false,
"date_from": "2017-12-27T10:00:00Z",
"date_to": null,
"date_admission": null,
"presale_start": null,
"presale_end": null,
"location": null,
"item_price_overrides": [
{
"item": 2,
"price": "12.00"
}
],
"variation_price_overrides": [],
"meta_data": {}
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:query active: If set to ``true``/``false``, only events with a matching value of ``active`` are returned.
:query event__live: If set to ``true``/``false``, only events with a matching value of ``live`` on the parent event are returned.
:query is_future: If set to ``true`` (``false``), only events that happen currently or in the future are (not) returned.
:query is_past: If set to ``true`` (``false``), only events that are over are (not) returned.
:query ends_after: If set to a date and time, only events that happen during of after the given time are returned.
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.

237
doc/api/resources/taxrules.rst
View File

@@ -1,237 +0,0 @@
.. _rest-taxrules:
Tax rules
=========
Resource description
--------------------
Tax rules specify how tax should be calculated for specific products. Custom taxation rule sets are currently to
available via the API.
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal ID of the tax rule
name multi-lingual string The tax rules' name
rate decimal (string) Tax rate in percent
price_includes_tax boolean If ``true`` (default), tax is assumed to be included in
the specified product price
eu_reverse_charge boolean If ``true``, EU reverse charge rules are applied
home_country string Merchant country (required for reverse charge), can be
``null`` or empty string
===================================== ========================== =======================================================
.. versionchanged:: 1.7
This resource has been added.
.. versionchanged:: 1.9
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/taxrules/
Returns a list of all tax rules configured for an event.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/taxrules/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of the event to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/taxrules/(id)/
Returns information on one tax rule, identified by its ID.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/sampleconf/taxrules/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the tax rule to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/rule does not exist **or** you have no permission to view it.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/taxrules/
Create a new tax rule.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/taxrules/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 166
{
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"name": {"en": "VAT"},
"rate": "19.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
:param organizer: The ``slug`` field of the organizer to create a tax rule for
:param event: The ``slug`` field of the event to create a tax rule for
:statuscode 201: no error
:statuscode 400: The tax rule could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create tax rules.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/taxrules/(id)/
Update a tax rule. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/taxrules/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 34
{
"rate": "20.00",
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": {"en": "VAT"},
"rate": "20.00",
"price_includes_tax": true,
"eu_reverse_charge": false,
"home_country": "DE"
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the tax rule to modify
:statuscode 200: no error
:statuscode 400: The tax rule could not be modified due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/rule does not exist **or** you have no permission to change it.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/taxrules/(id)/
Delete a tax rule. Note that tax rules can only be deleted if they are not in use for any products, settings
or orders. If you cannot delete a tax rule, this method will return a ``403`` status code and you can only
discontinue using it everywhere else.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/taxrules/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the tax rule to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event/rule does not exist **or** you have no permission to change it **or** this tax rule cannot be deleted since it is currently in use.

164
doc/api/resources/vouchers.rst
View File

@@ -40,14 +40,9 @@ quota integer An ID of a quot
for all items without restriction.
tag string A string that is used for grouping vouchers
comment string An internal comment on the voucher
subevent integer ID of the date inside an event series this voucher belongs to (or ``null``).
===================================== ========================== =======================================================
.. versionchanged:: 1.9
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added.
Endpoints
---------
@@ -69,7 +64,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -90,8 +85,7 @@ Endpoints
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
"comment": ""
}
]
}
@@ -113,7 +107,6 @@ Endpoints
:query integer variation: If set, only vouchers attached to the variation with the given ID will be shown.
:query integer quota: If set, only vouchers attached to the quota with the given ID will be shown.
:query string tag: If set, only vouchers with the given tag will be shown.
:query integer subevent: Only return vouchers of the sub-event with the given ID
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``id``, ``code``,
``max_usages``, ``valid_until``, and ``value``. Default: ``id``
:param organizer: The ``slug`` field of the organizer to fetch
@@ -140,7 +133,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -156,8 +149,7 @@ Endpoints
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
"comment": ""
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -166,151 +158,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/vouchers/
Create a new voucher.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/vouchers/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "12.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"redeemed": 0,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "12.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to create a voucher for
:param event: The ``slug`` field of the event to create a voucher for
:statuscode 201: no error
:statuscode 400: The voucher could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this resource.
:statuscode 409: The server was unable to acquire a lock and could not process your request. You can try again after a short waiting period.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/vouchers/(id)/
Update a voucher. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id`` and ``redeemed`` fields.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/vouchers/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"price_mode": "set",
"value": "24.00"
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"code": "43K6LKM37FBVR2YG",
"max_usages": 1,
"redeemed": 0,
"valid_until": null,
"block_quota": false,
"allow_ignore_quota": false,
"price_mode": "set",
"value": "24.00",
"item": 1,
"variation": null,
"quota": null,
"tag": "testvoucher",
"comment": "",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the voucher to modify
:statuscode 200: no error
:statuscode 400: The voucher could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to change this resource.
:statuscode 409: The server was unable to acquire a lock and could not process your request. You can try again after a short waiting period.
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/vouchers/(id)/
Delete a voucher. Note that you cannot delete a voucher if it already has been redeemed.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/vouchers/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the voucher to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this resource.

176
doc/api/resources/waitinglist.rst
View File

@@ -23,16 +23,9 @@ item integer An ID of an ite
variation integer An ID of a variation the user is waiting to be
available again (or ``null``)
locale string Locale of the waiting user
subevent integer ID of the date inside an event series this entry belongs to (or ``null``).
===================================== ========================== =======================================================
.. versionchanged:: 1.15
The write operations ``POST``, ``PATCH``, ``PUT``, and ``DELETE`` have been added as well as a method to send out
vouchers.
Endpoints
---------
@@ -54,7 +47,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"count": 1,
@@ -68,8 +61,7 @@ Endpoints
"voucher": null,
"item": 2,
"variation": null,
"locale": "en",
"subevent": null
"locale": "en"
}
]
}
@@ -81,7 +73,6 @@ Endpoints
have not been sent a voucher.
:query integer item: If set, only entries of users waiting for the item with the given ID will be shown.
:query integer variation: If set, only entries of users waiting for the variation with the given ID will be shown.
:query integer subevent: Only return entries of the sub-event with the given ID
:query string ordering: Manually set the ordering of results. Valid fields to be used are ``id``, ``created``,
``email``, ``item``. Default: ``created``
:param organizer: The ``slug`` field of the organizer to fetch
@@ -108,7 +99,7 @@ Endpoints
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
Content-Type: text/javascript
{
"id": 1,
@@ -117,8 +108,7 @@ Endpoints
"voucher": null,
"item": 2,
"variation": null,
"locale": "en",
"subevent": null
"locale": "en"
}
:param organizer: The ``slug`` field of the organizer to fetch
@@ -127,161 +117,3 @@ Endpoints
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view this resource.
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/
Create a new entry.
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"email": "waiting@example.org",
"item": 3,
"variation": null,
"locale": "de",
"subevent": null
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 201 Created
Vary: Accept
Content-Type: application/json
{
"id": 1,
"created": "2017-12-01T10:00:00Z",
"email": "waiting@example.org",
"voucher": null,
"item": 3,
"variation": null,
"locale": "de",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to create an entry for
:param event: The ``slug`` field of the event to create an entry for
:statuscode 201: no error
:statuscode 400: The voucher could not be created due to invalid submitted data.
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this
resource **or** entries cannot be created for this item at this time.
.. http:patch:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/(id)/
Update an entry. You can also use ``PUT`` instead of ``PATCH``. With ``PUT``, you have to provide all fields of
the resource, other fields will be reset to default. With ``PATCH``, you only need to provide the fields that you
want to change.
You can change all fields of the resource except the ``id``, ``voucher`` and ``created`` fields. You can only change
an entry as long as no ``voucher`` is set.
**Example request**:
.. sourcecode:: http
PATCH /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 408
{
"item": 4
}
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: application/json
{
"id": 1,
"created": "2017-12-01T10:00:00Z",
"email": "waiting@example.org",
"voucher": null,
"item": 4,
"variation": null,
"locale": "de",
"subevent": null
}
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the entry to modify
:statuscode 200: no error
:statuscode 400: The entry could not be modified due to invalid submitted data
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to create this
resource **or** entries cannot be created for this item at this time **or** this entry already
has a voucher assigned
.. http:post:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/(id)/send_voucher/
Manually sends a voucher to someone on the waiting list
**Example request**:
.. sourcecode:: http
POST /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/1/send_voucher/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
Content-Type: application/json
Content-Length: 0
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the entry to modify
:statuscode 204: no error
:statuscode 400: The voucher could not be sent out, see body for details (e.g. voucher has already been sent or
item is not available).
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to do this
.. http:delete:: /api/v1/organizers/(organizer)/events/(event)/waitinglistentries/(id)/
Delete an entry. Note that you cannot delete an entry once it is assigned a voucher.
**Example request**:
.. sourcecode:: http
DELETE /api/v1/organizers/bigevents/events/sampleconf/waitinglistentries/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 204 No Content
Vary: Accept
:param organizer: The ``slug`` field of the organizer to modify
:param event: The ``slug`` field of the event to modify
:param id: The ``id`` field of the entry to delete
:statuscode 204: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to delete this
resource **or** this entry already has a voucher assigned.

36
doc/api/tokenauth.rst
View File

@@ -1,36 +0,0 @@
.. _`rest-tokenauth`:
Token-based authentication
==========================
Obtaining an API token
----------------------
To authenticate your API requests with Tokens, you need to obtain a team-level API token.
You can create a token in the pretix web interface on the level of organizer teams. Create
a new team or choose an existing team that has the level of permissions the token should
have and create a new token using the form below the list of team members:
.. image:: img/token_form.png
:class: screenshot
You can enter a description for the token to distinguish from other tokens later on.
Once you click "Add", you will be provided with an API token in the success message.
Copy this token, as you won't be able to retrieve it again.
.. image:: img/token_success.png
:class: screenshot
Using an API token
------------------
You need to include the API token with every request to pretix' API in the ``Authorization`` header
like the following:
.. sourcecode:: http
:emphasize-lines: 3
GET /api/v1/organizers/ HTTP/1.1
Host: pretix.eu
Authorization: Token e1l6gq2ye72thbwkacj7jbri7a7tvxe614ojv8ybureain92ocub46t5gab5966k

11
doc/checkin_filter.py
View File

@@ -1,11 +0,0 @@
from enchant.tokenize import get_tokenizer, Filter, unit_tokenize
class CheckinFilter(Filter):
""" If a word looks like checkin_count, it refers to a so-called variable in
the code, and is treated as being spelled right."""
def _split(self, word):
if word[:8] == "checkin_":
return unit_tokenize(word[8:])
return unit_tokenize(word)

43
doc/conf.py
View File

@@ -13,10 +13,6 @@
# All configuration values have a default; values that are commented out
# serve to show the default.
from docutils.parsers.rst.directives.admonitions import BaseAdmonition
from sphinx.util import compat
compat.make_admonition = BaseAdmonition # See https://github.com/spinus/sphinxcontrib-images/issues/41
import sys
import os
@@ -31,13 +27,6 @@ import django
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "pretix.testutils.settings")
django.setup()
try:
import enchant
HAS_PYENCHANT = True
except:
HAS_PYENCHANT = False
# -- General configuration ------------------------------------------------
# If your documentation needs a minimal Sphinx version, state it here.
@@ -49,12 +38,10 @@ except:
extensions = [
'sphinx.ext.autodoc',
'sphinx.ext.doctest',
'sphinx.ext.todo',
'sphinx.ext.coverage',
'sphinxcontrib.httpdomain',
'sphinxcontrib.images',
]
if HAS_PYENCHANT:
extensions.append('sphinxcontrib.spelling')
# Add any paths that contain templates here, relative to this directory.
templates_path = ['_templates']
@@ -294,31 +281,3 @@ texinfo_documents = [
# If true, do not generate a @detailmenu in the "Top" node's menu.
#texinfo_no_detailmenu = False
images_config = {
'default_image_width': '250px'
}
linkcheck_ignore = [
r'http://localhost.*', r'.*yourdomain.*', r'https://en.wikipedia.org', 'https://pretix.eu/',
]
# -- Options for Spelling output ------------------------------------------
if HAS_PYENCHANT:
# String specifying the language, as understood by PyEnchant and enchant.
# Defaults to en_US for US English.
spelling_lang = 'en_US'
# String specifying a file containing a list of words known to be spelled
# correctly but that do not appear in the language dictionary selected by
# spelling_lang. The file should contain one word per line.
spelling_word_list_filename='spelling_wordlist.txt'
# Boolean controlling whether suggestions for misspelled words are printed.
# Defaults to False.
spelling_show_suggestions=True
# List of filter classes to be added to the tokenizer that produces words to be checked.
from checkin_filter import CheckinFilter
spelling_filters=[CheckinFilter]

111
doc/development/api/customview.rst
View File

@@ -25,7 +25,7 @@ If you want to add a custom view to the control area of an event, just register
views.admin_view, name='backend'),
]
It is required that your URL parameters are called ``organizer`` and ``event``. If you want to
It is required that your URL paramaters are called ``organizer`` and ``event``. If you want to
install a view on organizer level, you can leave out the ``event``.
You can then implement the view as you would normally do. Our middleware will automatically
@@ -60,85 +60,7 @@ your views::
def admin_view(request, organizer, event):
...
Similarly, there is ``organizer_permission_required`` and ``OrganizerPermissionRequiredMixin``. In case of
event-related views, there is also a signal that allows you to add the view to the event navigation like this::
from django.urls import resolve, reverse
from django.dispatch import receiver
from django.utils.translation import ugettext_lazy as _
from pretix.control.signals import nav_event
@receiver(nav_event, dispatch_uid='friends_tickets_nav')
def navbar_info(sender, request, **kwargs):
url = resolve(request.path_info)
if not request.user.has_event_permission(request.organizer, request.event, 'can_change_vouchers'):
return []
return [{
'label': _('My plugin view'),
'icon': 'heart',
'url': reverse('plugins:myplugin:index', kwargs={
'event': request.event.slug,
'organizer': request.organizer.slug,
}),
'active': url.namespace == 'plugins:myplugin' and url.url_name == 'review',
}]
Event settings view
-------------------
A special case of a control panel view is a view hooked into the event settings page. For this case, there is a
special navigation signal::
@receiver(nav_event_settings, dispatch_uid='friends_tickets_nav_settings')
def navbar_settings(sender, request, **kwargs):
url = resolve(request.path_info)
return [{
'label': _('My settings'),
'url': reverse('plugins:myplugin:settings', kwargs={
'event': request.event.slug,
'organizer': request.organizer.slug,
}),
'active': url.namespace == 'plugins:myplugin' and url.url_name == 'settings',
}]
Also, your view should inherit from ``EventSettingsViewMixin`` and your template from ``pretixcontrol/event/settings_base.html``
for good integration. If you just want to display a form, you could do it like the following::
class MySettingsView(EventSettingsViewMixin, EventSettingsFormView):
model = Event
permission = 'can_change_settings'
form_class = MySettingsForm
template_name = 'my_plugin/settings.html'
def get_success_url(self, **kwargs):
return reverse('plugins:myplugin:settings', kwargs={
'organizer': self.request.event.organizer.slug,
'event': self.request.event.slug,
})
With this template::
{% extends "pretixcontrol/event/settings_base.html" %}
{% load i18n %}
{% load bootstrap3 %}
{% block title %} {% trans "Friends Tickets Settings" %} {% endblock %}
{% block inside %}
<form action="" method="post" class="form-horizontal">
{% csrf_token %}
<fieldset>
<legend>{% trans "Friends Tickets Settings" %}</legend>
{% bootstrap_form form layout="horizontal" %}
</fieldset>
<div class="form-group submit-group">
<button type="submit" class="btn btn-primary btn-save">
{% trans "Save" %}
</button>
</div>
</form>
{% endblock %}
Similarly, there is ``organizer_permission_required`` and ``OrganizerPermissionRequiredMixin``.
Frontend views
--------------
@@ -146,34 +68,35 @@ Frontend views
Including a custom view into the participant-facing frontend is a little bit different as there is
no path prefix like ``control/``.
First, define your URL in your ``urls.py``, but this time in the ``event_patterns`` section and wrapped by
``event_url``::
First, define your URL in your ``urls.py``, but this time in the ``event_patterns`` section::
from pretix.multidomain import event_url
from django.conf.urls import url
from . import views
event_patterns = [
event_url(r'^mypluginname/', views.frontend_view, name='frontend'),
url(r'^mypluginname/', views.frontend_view, name='frontend'),
]
You can then implement a view as you would normally do. It will be automatically ensured that:
You can then implement a view as you would normally do, but you need to apply a decorator to your
view if you want pretix's default behavior::
from pretix.presale.utils import event_view
@event_view
def some_event_view(request, *args, **kwargs):
...
This decorator will check the URL arguments for their ``event`` and ``organizer`` parameters and
correctly ensure that:
* The requested event exists
* The requested event is active (you can disable this check using ``event_url(…, require_live=True)``)
* The requested event is activated (can be overridden by decorating with ``@event_view(require_live=False)``)
* The event is accessed via the domain it should be accessed
* The ``request.event`` attribute contains the correct ``Event`` object
* The ``request.organizer`` attribute contains the correct ``Organizer`` object
* Your plugin is enabled
* The locale is set correctly
.. versionchanged:: 1.7
The ``event_url()`` wrapper has been added in 1.7 to replace the former ``@event_view`` decorator. The
``event_url()`` wrapper is optional and using ``url()`` still works, but you will not be able to set the
``require_live`` setting any more via the decorator. The ``@event_view`` decorator is now deprecated and
does nothing.
REST API viewsets
-----------------

109
doc/development/api/email.rst
View File

@@ -1,109 +0,0 @@
.. highlight:: python
:linenothreshold: 5
Writing an HTML e-mail renderer plugin
======================================
An email renderer class controls how the HTML part of e-mails sent by pretix is built.
The creation of such a plugin is very similar to creating an export output.
Please read :ref:`Creating a plugin <pluginsetup>` first, if you haven't already.
Output registration
-------------------
The email HTML renderer API does not make a lot of usage from signals, however, it
does use a signal to get a list of all available email renderers. Your plugin
should listen for this signal and return the subclass of ``pretix.base.email.BaseHTMLMailRenderer``
that we'll provide in this plugin::
from django.dispatch import receiver
from pretix.base.signals import register_html_mail_renderers
@receiver(register_html_mail_renderers, dispatch_uid="renderer_custom")
def register_mail_renderers(sender, **kwargs):
from .email import MyMailRenderer
return MyMailRenderer
The renderer class
------------------
.. class:: pretix.base.email.BaseHTMLMailRenderer
The central object of each email renderer is the subclass of ``BaseHTMLMailRenderer``.
.. py:attribute:: BaseHTMLMailRenderer.event
The default constructor sets this property to the event we are currently
working for.
.. autoattribute:: identifier
This is an abstract attribute, you **must** override this!
.. autoattribute:: verbose_name
This is an abstract attribute, you **must** override this!
.. autoattribute:: thumbnail_filename
This is an abstract attribute, you **must** override this!
.. autoattribute:: is_available
.. automethod:: render
This is an abstract method, you **must** implement this!
Helper class for template-base renderers
----------------------------------------
The email renderer that ships with pretix is based on Django templates to generate HTML.
In case you also want to render emails based on a template, we provided a ready-made base
class ``TemplateBasedMailRenderer`` that you can re-use to perform the following steps:
* Convert the body text and the signature to HTML using our markdown renderer
* Render the template
* Call `inlinestyler`_ to convert all ``<style>`` style sheets to inline ``style=""``
attributes for better compatibility
To use it, you just need to implement some variables::
class ClassicMailRenderer(TemplateBasedMailRenderer):
verbose_name = _('pretix default')
identifier = 'classic'
thumbnail_filename = 'pretixbase/email/thumb.png'
template_name = 'pretixbase/email/plainwrapper.html'
The template is passed the following context variables:
``site``
Name of the pretix installation (``settings.PRETIX_INSTANCE_NAME``)
``site_url``
Root URL of the pretix installation (``settings.SITE_URL``)
``body``
The body as markdown (render with ``{{ body|safe }}``)
``subject``
The email subject
``color``
The primary color of the event
``event``
The ``Event`` object
``signature`` (optional, only if configured)
The body as markdown (render with ``{{ signature|safe }}``)
``order`` (optional, only if applicable)
The ``Order`` object
.. _inlinestyler: https://pypi.org/project/inlinestyler/

4
doc/development/api/exporter.rst
View File

@@ -21,10 +21,10 @@ that we'll provide in this plugin::
from django.dispatch import receiver
from pretix.base.signals import register_data_exporters
from pretix.base.signals import register_data_exporter
@receiver(register_data_exporters, dispatch_uid="exporter_myexporter")
@receiver(register_data_exporter, dispatch_uid="exporter_myexporter")
def register_data_exporter(sender, **kwargs):
from .exporter import MyExporter
return MyExporter

26
doc/development/api/general.rst
View File

@@ -11,8 +11,7 @@ Core
----
.. automodule:: pretix.base.signals
:members: periodic_task, event_live_issues, event_copy_data, email_filter, register_notification_types,
item_copy_data
:members: periodic_task, event_live_issues, event_copy_data
Order events
""""""""""""
@@ -20,13 +19,13 @@ Order events
There are multiple signals that will be sent out in the ordering cycle:
.. automodule:: pretix.base.signals
:members: validate_cart, order_fee_calculation, order_paid, order_placed, order_fee_type_name, allow_ticket_download
:members: validate_cart, order_paid, order_placed
Frontend
--------
.. automodule:: pretix.presale.signals
:members: html_head, html_footer, footer_links, front_page_top, front_page_bottom, fee_calculation_for_cart, contact_form_fields, question_form_fields, checkout_confirm_messages, checkout_confirm_page_content
:members: html_head, html_footer, footer_links, front_page_top, front_page_bottom, contact_form_fields, checkout_confirm_messages
.. automodule:: pretix.presale.signals
@@ -48,33 +47,20 @@ Backend
-------
.. automodule:: pretix.control.signals
:members: nav_event, html_head, html_page_start, quota_detail_html, nav_topbar, nav_global, nav_organizer, nav_event_settings,
order_info, event_settings_widget, oauth_application_registered
:members: nav_event, html_head, quota_detail_html, nav_topbar, nav_global, nav_organizer
.. automodule:: pretix.base.signals
:members: logentry_display, logentry_object_link, requiredaction_display
:members: logentry_display, requiredaction_display
Vouchers
""""""""
.. automodule:: pretix.control.signals
:members: item_forms
Vouchers
""""""""
.. automodule:: pretix.control.signals
:members: voucher_form_class, voucher_form_html, voucher_form_validation
:members: voucher_form_class, voucher_form_html
Dashboards
""""""""""
.. automodule:: pretix.control.signals
:members: event_dashboard_widgets, user_dashboard_widgets
Ticket designs
""""""""""""""
.. automodule:: pretix.base.signals
:members: layout_text_variables

5
doc/development/api/index.rst
View File

@@ -10,10 +10,5 @@ Contents:
exporter
ticketoutput
payment
payment_2.0
email
invoice
shredder
customview
general
quality

95
doc/development/api/invoice.rst
View File

@@ -1,95 +0,0 @@
.. highlight:: python
:linenothreshold: 5
Writing an invoice renderer plugin
==================================
An invoice renderer controls how invoice files are built.
The creation of such a plugin is very similar to creating an export output.
Please read :ref:`Creating a plugin <pluginsetup>` first, if you haven't already.
Output registration
-------------------
The invoice renderer API does not make a lot of usage from signals, however, it
does use a signal to get a list of all available invoice renderers. Your plugin
should listen for this signal and return the subclass of ``pretix.base.invoice.BaseInvoiceRenderer``
that we'll provide in this plugin::
from django.dispatch import receiver
from pretix.base.signals import register_invoice_renderers
@receiver(register_invoice_renderers, dispatch_uid="output_custom")
def register_infoice_renderers(sender, **kwargs):
from .invoice import MyInvoiceRenderer
return MyInvoiceRenderer
The renderer class
------------------
.. class:: pretix.base.invoice.BaseInvoiceRenderer
The central object of each invoice renderer is the subclass of ``BaseInvoiceRenderer``.
.. py:attribute:: BaseInvoiceRenderer.event
The default constructor sets this property to the event we are currently
working for.
.. autoattribute:: identifier
This is an abstract attribute, you **must** override this!
.. autoattribute:: verbose_name
This is an abstract attribute, you **must** override this!
.. automethod:: generate
Helper class for reportlab-base renderers
-----------------------------------------
All PDF rendering that ships with pretix is based on reportlab. We recommend to read the
`reportlab User Guide`_ to understand all the concepts used here.
If you want to implement a renderer that also uses report lab, this helper class might be
convenient to you:
.. class:: pretix.base.invoice.BaseReportlabInvoiceRenderer
.. py:attribute:: BaseReportlabInvoiceRenderer.pagesize
.. py:attribute:: BaseReportlabInvoiceRenderer.left_margin
.. py:attribute:: BaseReportlabInvoiceRenderer.right_margin
.. py:attribute:: BaseReportlabInvoiceRenderer.top_margin
.. py:attribute:: BaseReportlabInvoiceRenderer.bottom_margin
.. py:attribute:: BaseReportlabInvoiceRenderer.doc_template_class
.. py:attribute:: BaseReportlabInvoiceRenderer.invoice
.. automethod:: _init
.. automethod:: _get_stylesheet
.. automethod:: _register_fonts
.. automethod:: _on_first_page
.. automethod:: _on_other_page
.. automethod:: _get_first_page_frames
.. automethod:: _get_other_page_frames
.. automethod:: _build_doc
.. _reportlab User Guide: https://www.reportlab.com/docs/reportlab-userguide.pdf

44
doc/development/api/payment.rst
View File

@@ -9,10 +9,6 @@ is very similar to creating an export output.
Please read :ref:`Creating a plugin <pluginsetup>` first, if you haven't already.
.. warning:: We changed our payment provider API a lot in pretix 2.x. Our documentation page on :ref:`payment2.0`
might be insightful even if you do not have a payment provider to port, as it outlines the rationale
behind the current design.
Provider registration
---------------------
@@ -35,7 +31,7 @@ that the plugin will provide::
The provider class
------------------
.. py:class:: pretix.base.payment.BasePaymentProvider
.. class:: pretix.base.payment.BasePaymentProvider
The central object of each payment provider is the subclass of ``BasePaymentProvider``.
@@ -58,59 +54,53 @@ The provider class
This is an abstract attribute, you **must** override this!
.. autoattribute:: public_name
.. autoattribute:: is_enabled
.. automethod:: calculate_fee
.. autoattribute:: settings_form_fields
.. automethod:: settings_content_render
.. automethod:: is_allowed
.. automethod:: render_invoice_text
.. automethod:: payment_form_render
.. automethod:: payment_form
.. automethod:: is_allowed
.. autoattribute:: payment_form_fields
.. automethod:: payment_is_valid_session
.. automethod:: checkout_prepare
.. automethod:: payment_is_valid_session
.. automethod:: checkout_confirm_render
This is an abstract method, you **must** override this!
.. automethod:: execute_payment
.. automethod:: calculate_fee
.. automethod:: payment_perform
.. automethod:: order_pending_mail_render
.. automethod:: payment_pending_render
.. automethod:: order_pending_render
.. autoattribute:: abort_pending_allowed
.. automethod:: render_invoice_text
This is an abstract method, you **must** override this!
.. automethod:: order_change_allowed
.. automethod:: payment_prepare
.. automethod:: order_can_retry
.. automethod:: payment_control_render
.. automethod:: order_prepare
.. automethod:: payment_refund_supported
.. automethod:: order_paid_render
.. automethod:: payment_partial_refund_supported
.. automethod:: order_control_render
.. automethod:: execute_refund
.. automethod:: order_control_refund_render
.. automethod:: shred_payment_info
.. autoattribute:: is_implicit
.. autoattribute:: is_meta
.. automethod:: order_control_refund_perform
Additional views

129
doc/development/api/payment_2.0.rst
View File

@@ -1,129 +0,0 @@
.. highlight:: python
:linenothreshold: 5
.. _`payment2.0`:
Porting a payment provider from pretix 1.x to pretix 2.x
========================================================
In pretix 2.x, we changed large parts of the payment provider API. This documentation details the changes we made
and shows you how you can make an existing pretix 1.x payment provider compatible with pretix 2.x
Conceptual overview
-------------------
In pretix 1.x, an order was always directly connected to a payment provider for the full life of an order. As long as
an order was unpaid, this could still be changed in some cases, but once an order was paid, no changes to the payment
provider were possible any more. Additionally, the internal state of orders allowed orders only to be fully paid or
not paid at all. This leads to a couple of consequences:
* Payment-related functions (like "execute payment" or "do a refund") always operated on full orders.
* Changing the total of an order was basically impossible once an order was paid, since there was no concept of
partial payments or partial refunds.
* Payment provider plugins needed to take complicated steps to detect cases that require human intervention, like e.g.
* An order has expired, no quota is left to revive it, but a payment has been received
* A payment has been received for a canceled order
* A payment has been received for an order that has already been paid with a different payment method
* An external payment service notified us of a refund/dispute
We noticed that we copied and repeated large portions of code in all our official payment provider plugins, just
to deal with some of these cases.
* Sometimes, there is the need to mark an order as refunded within pretix, without automatically triggering a refund
with an external API. Every payment method needed to implement a user interface for this independently.
* If a refund was not possible automatically, there was no way user to track which payments actually have been refunded
manually and which are still left to do.
* When the payment with one payment provider failed and the user changed to a different payment provider, all
information about the first payment was lost from the order object and could only be retrieved from order log data,
which also made it hard to design a data shredder API to get rid of this data.
In pretix 2.x, we introduced two new models, :py:class:`OrderPayment <pretix.base.models.OrderPayment>` and
:py:class:`OrderRefund <pretix.base.models.OrderRefund>`. Each instance of these is connected to an order and
represents one single attempt to pay or refund a specific amount of money. Each one of these has an individual state,
can individually fail or succeed, and carries an amount variable that can differ from the order total.
This has the following advantages:
* The system can now detect orders that are over- or underpaid, independent of the payment providers in use.
* Therefore, we can now allow partial payments, partial refunds, and changing paid orders, and automatically detect
the cases listed above and notify the user.
Payment providers now interact with those payment and refund objects more than with orders.
Your to-do list
---------------
Payment processing
""""""""""""""""""
* The method ``BasePaymentProvider.order_pending_render`` has been removed and replaced by a new
``BasePaymentProvider.payment_pending_render(request, payment)`` method that is passed an ``OrderPayment``
object instead of an ``Order``.
* The method ``BasePaymentProvider.payment_form_render`` now receives a new ``total`` parameter.
* The method ``BasePaymentProvider.payment_perform`` has been removed and replaced by a new method
``BasePaymentProvider.execute_payment(request, payment)`` that is passed an ``OrderPayment``
object instead of an ``Order``.
* The function ``pretix.base.services.mark_order_paid`` has been removed, instead call ``payment.confirm()``
on a pending ``OrderPayment`` object. If no further payments are required for this order, this will also
mark the order as paid automatically. Note that ``payment.confirm()`` can still throw a ``QuotaExceededException``,
however it will still mark the payment as complete (not the order!), so you should catch this exception and
inform the user, but not abort the transaction.
* A new property ``BasePaymentProvider.abort_pending_allowed`` has been introduced. Only if set, the user will
be able to retry a payment or switch the payment method when the order currently has a payment object in
state ``"pending"``. This replaces ``BasePaymentProvider.order_can_retry``, which no longer exists.
* The methods ``BasePaymentProvider.retry_prepare`` and ``BasePaymentProvider.order_prepare`` have both been
replaced by a new method ``BasePaymentProvider.payment_prepare(request, payment)`` that is passed an ``OrderPayment``
object instead of an ``Order``. **Keep in mind that this payment object might have an amount property that
differs from the order total, if the order is already partially paid.**
* The method ``BasePaymentProvider.order_paid_render`` has been removed.
* The method ``BasePaymentProvider.order_control_render`` has been removed and replaced by a new method
``BasePaymentProvider.payment_control_render(request, payment)`` that is passed an ``OrderPayment``
object instead of an ``Order``.
* There's no need to manually deal with excess payments or duplicate payments anymore, just setting the ``OrderPayment``
methods to the correct state will do the job.
Creating refunds
""""""""""""""""
* The methods ``BasePaymentProvider.order_control_refund_render`` and ``BasePaymentProvider.order_control_refund_perform``
have been removed.
* Two new boolean methods ``BasePaymentProvider.payment_refund_supported(payment)`` and ``BasePaymentProvider.payment_partial_refund_supported(payment)``
have been introduced. They should be set to return ``True`` if and only if the payment API allows to *automatically*
transfer the money back to the customer.
* A new method ``BasePaymentProvider.execute_refund(refund)`` has been introduced. This method is called using a
``OrderRefund`` object in ``"created"`` state and is expected to transfer the money back and confirm success with
calling ``refund.done()``. This will only ever be called if either ``BasePaymentProvider.payment_refund_supported(payment)``
or ``BasePaymentProvider.payment_partial_refund_supported(payment)`` return ``True``.
Processing external refunds
"""""""""""""""""""""""""""
* If e.g. a webhook API notifies you that a payment has been disputed or refunded with the external API, you are
expected to call ``OrderPayment.create_external_refund(self, amount, execution_date, info='{}')`` on this payment.
This will create and return an appropriate ``OrderRefund`` object and send out a notification. However, it will not
mark the order as refunded, but will ask the event organizer for a decision.
Data shredders
""""""""""""""
* The method ``BasePaymentProvider.shred_payment_info`` is no longer passed an order, but instead **either**
an ``OrderPayment`` **or** an ``OrderRefund``.

15
doc/development/api/plugins.rst
View File

@@ -114,19 +114,6 @@ method to make your receivers available::
def ready(self):
from . import signals # NOQA
You can optionally specify code that is executed when your plugin is activated for an event
in the ``installed`` method::
class PaypalApp(AppConfig):
def installed(self, event):
pass # Your code here
Note that ``installed`` will *not* be called if the plugin in indirectly activated for an event
because the event is created with settings copied from another event.
Views
-----
@@ -142,5 +129,5 @@ your Django app label.
.. _Django app: https://docs.djangoproject.com/en/1.7/ref/applications/
.. _signal dispatcher: https://docs.djangoproject.com/en/1.7/topics/signals/
.. _namespace packages: http://legacy.python.org/dev/peps/pep-0420/
.. _entry point: https://setuptools.readthedocs.io/en/latest/pkg_resources.html#locating-plugins
.. _entry point: https://pythonhosted.org/setuptools/setuptools.html#dynamic-discovery-of-services-and-plugins
.. _cookiecutter: https://cookiecutter.readthedocs.io/en/latest/

125
doc/development/api/quality.rst
View File

@@ -1,125 +0,0 @@
.. highlight:: python
:linenothreshold: 5
.. _`pluginquality`:
Plugin quality checklist
========================
If you want to write a high-quality pretix plugin, this is a list of things you should check before
you publish it. This is also a list of things that we check, if we consider installing an externally
developed plugin on our hosted infrastructure.
A. Meta
-------
#. The plugin is clearly licensed under an appropriate license.
#. The plugin has an unambiguous name, description, and author metadata.
#. The plugin has a clear versioning scheme and the latest version of the plugin is kept compatible to the latest
stable version of pretix.
#. The plugin is properly packaged using standard Python packaging tools.
#. The plugin correctly declares its external dependencies.
#. A contact address is provided in case of security issues.
B. Isolation
------------
#. If any signal receivers use the `dispatch_uid`_ feature, the UIDs are prefixed by the plugin's name and do not
clash with other plugins.
#. If any templates or static files are shipped, they are located in subdirectories with the name of the plugin and do
not clash with other plugins or core files.
#. Any keys stored to the settings store are prefixed with the plugin's name and do not clash with other plugins or
core.
#. Any keys stored to the user session are prefixed with the plugin's name and do not clash with other plugins or
core.
#. Any registered URLs are unlikely to clash with other plugins or future core URLs.
C. Security
-----------
#. All important actions are logged to the :ref:`shared log storage <logging>` and a signal receiver is registered to
provide a human-readable representation of the log entry.
#. All views require appropriate permissions and use the ``event_urls`` mechanism if appropriate.
:ref:`Read more <customview>`
#. Any session data for customers is stored in the cart session system if appropriate.
#. If the plugin is a payment provider:
#. No credit card numbers may be stored within pretix.
#. A notification/webhook system is implemented to notify pretix of any refunds.
#. If such a webhook system is implemented, contents of incoming webhooks are either verified using a cryptographic
signature or are not being trusted and all data is fetched from an API instead.
D. Privacy
----------
#. No personal data is stored that is not required for the plugin's functionality.
#. For any personal data that is saved to the database, an appropriate :ref:`data shredder <shredder>` is provided
that offers the data for download and then removes it from the database (including log entries).
E. Internationalization
-----------------------
#. All user-facing strings in templates, Python code, and templates are wrapped in `gettext calls`_.
#. No languages, time zones, date formats, or time formats are hardcoded.
#. Installing the plugin automatically compiles ``.po`` files to ``.mo`` files. This is fulfilled automatically if
you use the ``setup.py`` file form our plugin cookiecutter.
F. Functionality
----------------
#. If the plugin adds any database models or relationships from the settings storage to database models, it registers
a receiver to the :py:attr:`pretix.base.signals.event_copy_data` or :py:attr:`pretix.base.signals.item_copy_data`
signals.
#. If the plugin is a payment provider:
#. A webhook-like system is implemented if payment confirmations are not sent instantly.
#. Refunds are implemented, if possible.
#. In case of overpayment or external refunds, a "required action" is created to notify the event organizer.
#. If the plugin adds steps to the checkout process, it has been tested in combination with the pretix widget.
G. Code quality
---------------
#. `isort`_ and `flake8`_ are used to ensure consistent code styling.
#. Unit tests are provided for important pieces of business logic.
#. Functional tests are provided for important interface parts.
#. Tests are provided to check that permission checks are working.
#. Continuous Integration is set up to check that tests are passing and styling is consistent.
H. Specific to pretix.eu
------------------------
#. pretix.eu integrates the data stored by this plugin with its data report features.
#. pretix.eu integrates this plugin in its generated privacy statements, if necessary.
.. _isort: https://www.google.de/search?q=isort&oq=isort&aqs=chrome..69i57j0j69i59j69i60l2j69i59.599j0j4&sourceid=chrome&ie=UTF-8
.. _flake8: http://flake8.pycqa.org/en/latest/
.. _gettext calls: https://docs.djangoproject.com/en/2.0/topics/i18n/translation/
.. _dispatch_uid: https://docs.djangoproject.com/en/2.0/topics/signals/#django.dispatch.Signal.connect

94
doc/development/api/shredder.rst
View File

@@ -1,94 +0,0 @@
.. highlight:: python
:linenothreshold: 5
.. _`shredder`:
Writing a data shredder
=======================
If your plugin adds the ability to store personal data within pretix, you should also implement a "data shredder"
to anonymize or pseudonymize the data later.
Shredder registration
---------------------
The data shredder API does not make a lot of usage from signals, however, it
does use a signal to get a list of all available data shredders. Your plugin
should listen for this signal and return the subclass of ``pretix.base.shredder.BaseDataShredder``
that we'll provide in this plugin:
.. sourcecode:: python
from django.dispatch import receiver
from pretix.base.signals import register_data_shredders
@receiver(register_data_shredders, dispatch_uid="custom_data_shredders")
def register_shredder(sender, **kwargs):
return [
PluginDataShredder,
]
The shredder class
------------------
.. class:: pretix.base.shredder.BaseDataShredder
The central object of each invoice renderer is the subclass of ``BaseInvoiceRenderer``.
.. py:attribute:: BaseInvoiceRenderer.event
The default constructor sets this property to the event we are currently
working for.
.. autoattribute:: identifier
This is an abstract attribute, you **must** override this!
.. autoattribute:: verbose_name
This is an abstract attribute, you **must** override this!
.. autoattribute:: description
This is an abstract attribute, you **must** override this!
.. automethod:: generate_files
.. automethod:: shred_data
Example
-------
For example, the core data shredder responsible for removing invoice address information including their history
looks like this:
.. sourcecode:: python
class InvoiceAddressShredder(BaseDataShredder):
verbose_name = _('Invoice addresses')
identifier = 'invoice_addresses'
description = _('This will remove all invoice addresses from orders, '
'as well as logged changes to them.')
def generate_files(self) -> List[Tuple[str, str, str]]:
yield 'invoice-addresses.json', 'application/json', json.dumps({
ia.order.code: InvoiceAdddressSerializer(ia).data
for ia in InvoiceAddress.objects.filter(order__event=self.event)
}, indent=4)
@transaction.atomic
def shred_data(self):
InvoiceAddress.objects.filter(order__event=self.event).delete()
for le in self.event.logentry_set.filter(action_type="pretix.event.order.modified"):
d = le.parsed_data
if 'invoice_data' in d and not isinstance(d['invoice_data'], bool):
for field in d['invoice_data']:
if d['invoice_data'][field]:
d['invoice_data'][field] = ''
le.data = json.dumps(d)
le.shredded = True
le.save(update_fields=['data', 'shredded'])

2
doc/development/api/ticketoutput.rst
View File

@@ -58,8 +58,6 @@ The output class
.. autoattribute:: is_enabled
.. autoattribute:: multi_download_enabled
.. autoattribute:: settings_form_fields
.. automethod:: settings_content_render

2
doc/development/concepts.rst
View File

@@ -59,7 +59,7 @@ If an item is assigned to multiple quotas, it can only be bought if *all of them
If multiple items are assigned to the same quota, the quota will be counted as sold out as soon as the
*sum* of the two items exceeds the quota limit.
The availability of a quota is currently calculated by subtracting the following numbers from the quota
The availability of a quota is currently calculated by substracting the following numbers from the quota
limit:
* The number of orders placed for an item that are either already paid or within their granted payment period

4
doc/development/contribution/codeofconduct.rst
View File

@@ -77,6 +77,6 @@ Attribution
-----------
This Code of Conduct is adapted from the `Contributor Covenant`_, version 1.4,
available at https://www.contributor-covenant.org/version/1/4/
available at http://contributor-covenant.org/version/1/4/
.. _Contributor Covenant: https://www.contributor-covenant.org
.. _Contributor Covenant: http://contributor-covenant.org

2
doc/development/contribution/style.rst
View File

@@ -24,7 +24,7 @@ Coding style and quality
``Fix #123 -- Problems with order creation`` or ``Refs #123 -- Fix this part of that bug``.
.. _PEP 8: https://legacy.python.org/dev/peps/pep-0008/
.. _PEP 8: http://legacy.python.org/dev/peps/pep-0008/
.. _flake8: https://pypi.python.org/pypi/flake8
.. _Django Coding Style: https://docs.djangoproject.com/en/dev/internals/contributing/writing-code/coding-style/
.. _translation: https://docs.djangoproject.com/en/1.11/topics/i18n/translation/

2
doc/development/implementation/background.rst
View File

@@ -14,7 +14,7 @@ Implementing a task
A common pattern for implementing asynchronous tasks can be seen a lot in ``pretix.base.services``
and looks like this::
from pretix.celery_app import app
from pretix.celery import app
@app.task
def my_task(argument1, argument2):

5
doc/development/implementation/email.rst
View File

@@ -2,9 +2,6 @@ Sending Email
=============
pretix allows event organizers to configure how they want to send emails to their users in multiple ways.
Therefore, all emails should be sent through the following function.
If the email you send is related to an order, you should also take a look at the
:py:meth:`~pretix.base.models.Order.send_mail` of the order model.
Therefore, all emails should be sent through the following function:
.. autofunction:: pretix.base.services.mail.mail

1
doc/development/implementation/index.rst
View File

@@ -16,5 +16,4 @@ Contents:
settings
background
email
permissions
logging

63
doc/development/implementation/logging.rst
View File

@@ -1,11 +1,9 @@
Logging and notifications
=========================
Logging
=======
As pretix is handling monetary transactions, we are very careful to make it possible to review all changes
in the system that lead to the current state.
.. _`logging`:
Logging changes
---------------
@@ -21,7 +19,7 @@ To actually log an action, you can just call the ``log_action`` method on your o
order.log_action('pretix.event.order.canceled', user=user, data={})
The positional ``action`` argument should represent the type of action and should be globally unique, we
recommend to prefix it with your package name, e.g. ``paypal.payment.rejected``. The ``user`` argument is
recomment do prefix it with your packagename, e.g. ``paypal.payment.rejected``. The ``user`` argument is
optional and may contain the user who performed the action. The optional ``data`` argument can contain
additional information about this action.
@@ -83,61 +81,6 @@ implementation could look like::
if logentry.action_type in plains:
return plains[logentry.action_type]
Sending notifications
---------------------
If you think that the logged information might be important or urgent enough to send out a notification to interested
organizers. In this case, you should listen for the :py:attr:`pretix.base.signals.register_notification_types` signal
to register a notification type::
@receiver(register_notification_types)
def register_my_notification_types(sender, **kwargs):
return [MyNotificationType(sender)]
Note that this event is different than other events send out by pretix: ``sender`` may be an event or ``None``. The
latter case is required to let the user define global notification preferences for all events.
You also need to implement a custom class that specifies how notifications should be handled for your notification type.
You should subclass the base ``NotificationType`` class and implement all its members:
.. autoclass:: pretix.base.notifications.NotificationType
:members: action_type, verbose_name, required_permission, build_notification
A simple implementation could look like this::
class MyNotificationType(NotificationType):
required_permission = "can_view_orders"
action_type = "pretix.event.order.paid"
verbose_name = _("Order has been paid")
def build_notification(self, logentry: LogEntry):
order = logentry.content_object
order_url = build_absolute_uri(
'control:event.order',
kwargs={
'organizer': logentry.event.organizer.slug,
'event': logentry.event.slug,
'code': order.code
}
)
n = Notification(
event=logentry.event,
title=_('Order {code} has been marked as paid').format(code=order.code),
url=order_url
)
n.add_attribute(_('Order code'), order.code)
n.add_action(_('View order details'), order_url)
return n
As you can see, the relevant code is in the ``build_notification`` method that is supposed to create a ``Notification``
method that has a title, description, URL, attributes, and actions. The full definition of ``Notification`` is the
following:
.. autoclass:: pretix.base.notifications.Notification
:members: add_action, add_attribute
Logging technical information
-----------------------------

37
doc/development/implementation/models.rst
View File

@@ -1,8 +1,6 @@
.. highlight:: python
:linenothreshold: 5
.. spelling:: answ contrib
Data model
==========
@@ -23,29 +21,14 @@ Organizers and events
:members:
.. autoclass:: pretix.base.models.Event
:members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running, cache, lock, get_plugins, get_mail_backend, payment_term_last, get_payment_providers, get_invoice_renderers, active_subevents, invoice_renderer, settings
.. autoclass:: pretix.base.models.SubEvent
:members: get_date_from_display, get_time_from_display, get_date_to_display, get_date_range_display, presale_has_ended, presale_is_running
:members:
.. autoclass:: pretix.base.models.Team
:members:
.. autoclass:: pretix.base.models.TeamAPIToken
:members:
.. autoclass:: pretix.base.models.RequiredAction
:members:
.. autoclass:: pretix.base.models.EventMetaProperty
:members:
.. autoclass:: pretix.base.models.EventMetaValue
:members:
.. autoclass:: pretix.base.models.SubEventMetaValue
:members:
Items
-----
@@ -59,15 +42,6 @@ Items
.. autoclass:: pretix.base.models.ItemVariation
:members:
.. autoclass:: pretix.base.models.SubEventItem
:members:
.. autoclass:: pretix.base.models.SubEventItemVariation
:members:
.. autoclass:: pretix.base.models.ItemAddOn
:members:
.. autoclass:: pretix.base.models.Question
:members:
@@ -86,15 +60,6 @@ Carts and Orders
.. autoclass:: pretix.base.models.OrderPosition
:members:
.. autoclass:: pretix.base.models.OrderFee
:members:
.. autoclass:: pretix.base.models.OrderPayment
:members:
.. autoclass:: pretix.base.models.OrderRefund
:members:
.. autoclass:: pretix.base.models.CartPosition
:members:

194
doc/development/implementation/permissions.rst
View File

@@ -1,194 +0,0 @@
Permissions
===========
pretix uses a fine-grained permission system to control who is allowed to control what parts of the system.
The central concept here is the concept of *Teams*. You can read more on `configuring teams and permissions <user-teams>`_
and the :class:`pretix.base.models.Team` model in the respective parts of the documentation. The basic digest is:
An organizer account can have any number of teams, and any number of users can be part of a team. A team can be
assigned a set of permissions and connected to some or all of the events of the organizer.
A second way to access pretix is via the REST API, which allows authentication via tokens that are bound to a team,
but not to a user. You can read more at :class:`pretix.base.models.TeamAPIToken`. This page will show you how to
work with permissions in plugins and within the pretix code base.
Requiring permissions for a view
--------------------------------
pretix provides a number of useful mixins and decorators that allow you to specify that a user needs a certain
permission level to access a view::
from pretix.control.permissions import (
OrganizerPermissionRequiredMixin, organizer_permission_required
)
class MyOrgaView(OrganizerPermissionRequiredMixin, View):
permission = 'can_change_organizer_settings'
# Only users with the permission ``can_change_organizer_settings`` on
# this organizer can access this
class MyOtherOrgaView(OrganizerPermissionRequiredMixin, View):
permission = None
# Only users with *any* permission on this organizer can access this
@organizer_permission_required('can_change_organizer_settings')
def my_orga_view(request, organizer, **kwargs):
# Only users with the permission ``can_change_organizer_settings`` on
# this organizer can access this
@organizer_permission_required()
def my_other_orga_view(request, organizer, **kwargs):
# Only users with *any* permission on this organizer can access this
Of course, the same is available on event level::
from pretix.control.permissions import (
EventPermissionRequiredMixin, event_permission_required
)
class MyEventView(EventPermissionRequiredMixin, View):
permission = 'can_change_event_settings'
# Only users with the permission ``can_change_event_settings`` on
# this event can access this
class MyOtherEventView(EventPermissionRequiredMixin, View):
permission = None
# Only users with *any* permission on this event can access this
@event_permission_required('can_change_event_settings')
def my_event_view(request, organizer, **kwargs):
# Only users with the permission ``can_change_event_settings`` on
# this event can access this
@event_permission_required()
def my_other_event_view(request, organizer, **kwargs):
# Only users with *any* permission on this event can access this
You can also require that this view is only accessible by system administrators with an active "admin session"
(see below for what this means)::
from pretix.control.permissions import (
AdministratorPermissionRequiredMixin, administrator_permission_required
)
class MyGlobalView(AdministratorPermissionRequiredMixin, View):
# ...
@administrator_permission_required
def my_global_view(request, organizer, **kwargs):
# ...
In rare cases it might also be useful to expose a feature only to people who have a staff account but do not
necessarily have an active admin session::
from pretix.control.permissions import (
StaffMemberRequiredMixin, staff_member_required
)
class MyGlobalView(StaffMemberRequiredMixin, View):
# ...
@staff_member_required
def my_global_view(request, organizer, **kwargs):
# ...
Requiring permissions in the REST API
-------------------------------------
When creating your own ``viewset`` using Django REST framework, you just need to set the ``permission`` attribute
and pretix will check it automatically for you::
class MyModelViewSet(viewsets.ReadOnlyModelViewSet):
permission = 'can_view_orders'
Checking permission in code
---------------------------
If you need to work with permissions manually, there are a couple of useful helper methods on the :class:`pretix.base.models.Event`,
:class:`pretix.base.models.User` and :class:`pretix.base.models.TeamAPIToken` classes. Here's a quick overview.
Return all users that are in any team that is connected to this event::
>>> event.get_users_with_any_permission()
<QuerySet: …>
Return all users that are in a team with a specific permission for this event::
>>> event.get_users_with_permission('can_change_event_settings')
<QuerySet: …>
Determine if a user has a certain permission for a specific event::
>>> user.has_event_permission(organizer, event, 'can_change_event_settings', request=request)
True
Determine if a user has any permission for a specific event::
>>> user.has_event_permission(organizer, event, request=request)
True
In the two previous commands, the ``request`` argument is optional, but required to support staff sessions (see below).
The same method exists for organizer-level permissions::
>>> user.has_organizer_permission(organizer, 'can_change_event_settings', request=request)
True
Sometimes, it might be more useful to get the set of permissions at once::
>>> user.get_event_permission_set(organizer, event)
{'can_change_event_settings', 'can_view_orders', 'can_change_orders'}
>>> user.get_organizer_permission_set(organizer, event)
{'can_change_organizer_settings', 'can_create_events'}
Within a view on the ``/control`` subpath, the results of these two methods are already available in the
``request.eventpermset`` and ``request.orgapermset`` properties. This makes it convenient to query them in templates::
{% if "can_change_orders" in request.eventpermset %}
{% endif %}
You can also do the reverse to get any events a user has access to::
>>> user.get_events_with_permission('can_change_event_settings', request=request)
<QuerySet: …>
>>> user.get_events_with_any_permission(request=request)
<QuerySet: …>
Most of these methods work identically on :class:`pretix.base.models.TeamAPIToken`.
Staff sessions
--------------
.. versionchanged:: 1.14
In 1.14, the ``User.is_superuser`` attribute has been deprecated and statically set to return ``False``. Staff
sessions have been newly introduced.
System administrators of a pretix instance are identified by the ``is_staff`` attribute on the user model. By default,
the regular permission rules apply for users with ``is_staff = True``. The only difference is that such users can
temporarily turn on "staff mode" via a button in the user interface that grants them **all permissions** as long as
staff mode is active. You can check if a user is in staff mode using their session key:
>>> user.has_active_staff_session(request.session.session_key)
False
Staff mode has a hard time limit and during staff mode, a middleware will log all requests made by that user. Later,
the user is able to also save a message to comment on what they did in their administrative session. This feature is
intended to help compliance with data protection rules as imposed e.g. by GDPR.

4
doc/development/implementation/settings.rst
View File

@@ -35,7 +35,7 @@ Forms
-----
Hierarkey also provides a base class for forms that allow the modification of settings. pretix contains a
subclass that also adds support for internationalized fields:
subclass that also adds suport for internationalized fields:
.. autoclass:: pretix.base.forms.SettingsForm
@@ -65,4 +65,4 @@ Plugins can add custom hardcoded defaults in the following way::
Make sure that you include this code in a module that is imported at app loading time.
.. _django-hierarkey: https://github.com/raphaelm/django-hierarkey
.. _documentation: https://django-hierarkey.readthedocs.io/en/latest/
.. _documentation: https://django-hierarkey.readthedocs.io/en/latest/

4
doc/development/implementation/urlconfig.rst
View File

@@ -67,7 +67,7 @@ available as ``plugins:sendmail:send``.
Generating a URL for the frontend is a complicated task, because you need to know whether the event's
organizer uses a custom URL or not and then generate the URL with a different domain and different
arguments based on this information. pretix provides some helpers to make this easier. The first helper
is a python method that emulates a behavior similar to ``reverse``:
is a python method that emulates a behaviour similar to ``reverse``:
.. autofunction:: pretix.multidomain.urlreverse.eventreverse
@@ -82,5 +82,5 @@ Implementation details
----------------------
There are some other caveats when using a design like this, e.g. you have to care about cookie domains
and referrer verification yourself. If you want to see how we built this, look into the ``pretix/multidomain/``
and referer verification yourself. If you want to see how we built this, look into the ``pretix/multidomain/``
sub-tree.

4
doc/development/index.rst
View File

@@ -8,6 +8,8 @@ Developer documentation
setup
contribution/index
implementation/index
translation/index
api/index
structure
.. TODO::
Document settings objects, ItemVariation objects, form fields.

36
doc/development/setup.rst
View File

@@ -18,8 +18,9 @@ External Dependencies
---------------------
Your should install the following on your system:
* Python 3.5 or newer
* Python 3.4 or newer
* ``pip`` for Python 3 (Debian package: ``python3-pip``)
* ``pyvenv`` for Python 3 (Debian package: ``python3-venv``)
* ``python-dev`` for Python 3 (Debian package: ``python3-dev``)
* ``libffi`` (Debian package: ``libffi-dev``)
* ``libssl`` (Debian package: ``libssl-dev``)
@@ -36,7 +37,7 @@ Please execute ``python -V`` or ``python3 -V`` to make sure you have Python 3.4
execute ``pip3 -V`` to check. Then use Python's internal tools to create a virtual
environment and activate it for your current session::
python3 -m venv env
pyvenv env
source env/bin/activate
You should now see a ``(env)`` prepended to your shell prompt. You have to do this
@@ -54,6 +55,10 @@ The first thing you need are all the main application's dependencies::
cd src/
pip3 install -r requirements.txt -r requirements/dev.txt
If you are working with Python 3.4, you will also need (you can skip this for Python 3.5+)::
pip3 install -r requirements/py34.txt
Next, you need to copy the SCSS files from the source folder to the STATIC_ROOT directory::
python manage.py collectstatic --noinput
@@ -82,7 +87,7 @@ and head to http://localhost:8000/
As we did not implement an overall front page yet, you need to go directly to
http://localhost:8000/control/ for the admin view or, if you imported the test
data as suggested above, to the event page at http://localhost:8000/bigevents/2019/
data as suggested above, to the event page at http://localhost:8000/bigevents/2018/
.. note:: If you want the development server to listen on a different interface or
port (for example because you develop on `pretixdroid`_), you can check
@@ -102,7 +107,7 @@ Execute the following commands to check for code style errors::
isort -c -rc .
python manage.py check
Execute the following command to run pretix' test suite (might take a couple of minutes)::
Execute the following command to run pretix' test suite (might take a coumple of minutes)::
py.test
@@ -111,23 +116,14 @@ Execute the following command to run pretix' test suite (might take a couple of
``NUM`` being the number of threads you want to use.
It is a good idea to put this command into your git hook ``.git/hooks/pre-commit``,
for example, to check for any errors in any staged files when committing::
for example::
#!/bin/bash
#!/bin/sh
cd $GIT_DIR/../src
export GIT_WORK_TREE=../
export GIT_DIR=../.git
source ../env/bin/activate # Adjust to however you activate your virtual environment
for file in $(git diff --cached --name-only | grep -E '\.py$' | grep -Ev "migrations|mt940\.py|pretix/settings\.py|make_testdata\.py|testutils/settings\.py|tests/settings\.py|pretix/base/models/__init__\.py")
do
echo $file
git show ":$file" | flake8 - --stdin-display-name="$file" || exit 1 # we only want to lint the staged changes, not any un-staged changes
git show ":$file" | isort -df --check-only - | grep ERROR && exit 1 || true
done
flake8 . || exit 1
isort -q -rc -c . || exit 1
This keeps you from accidentally creating commits violating the style guide.
This keeps you from accidentally creating commits violating the sdtyle guide.
Working with mails
^^^^^^^^^^^^^^^^^^
@@ -150,10 +146,6 @@ and update the ``*.po`` files accordingly::
make localegen
However, most of the time you don't need to care about this. Just create your pull request
with functionality and English strings only, and we'll push the new translation strings
to our translation platform after the merge.
To actually see pretix in your language, you have to compile the ``*.po`` files to their
optimized binary ``*.mo`` counterparts::

BIN
doc/development/translation/img/weblate1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 28 KiB

BIN
doc/development/translation/img/weblate2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 45 KiB

BIN
doc/development/translation/img/weblate3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 61 KiB

BIN
doc/development/translation/img/weblate4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 89 KiB

BIN
doc/development/translation/img/weblate5.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 64 KiB

BIN
doc/development/translation/img/weblate6.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 83 KiB

88
doc/development/translation/index.rst
View File

@@ -1,88 +0,0 @@
Translating pretix
==================
pretix has been designed for multi-language capabilities from its start. Organizers can enter their event information
in multiple languages at the same time. However, the software interface of pretix also needs to be translated for
this to be useful.
Since we (the developers of pretix) only speak a very limited number of languages, we need help from the community
to achieve this goal. To make translating pretix easy not only for software developers, we set up a translation
platform at `translate.pretix.eu`_.
Official and inofficial languages
---------------------------------
In the pretix project, there are three types of languages:
Official languages
are translated and maintained by the core team behind pretix or as part of long-term partnerships. We are
committed to keeping these translations up-to-date with new features or changes in pretix and try to offer
support in this language.
Inofficial languages
are contributed and maintained by the Community. We ship them with pretix so you can use them, but we can not
guarantee that new or changed features in pretix will be translated in time.
Incubating languages
are currently in the process of being translated. They can not yet be selected in pretix by end users on
production installations and are only available in development mode for testing.
Please contact translate@pretix.eu if you think an incubated language should be promoted to an inofficial one or if
you are interested in a partnership to make your language official.
The current translation status of various languages is:
.. image:: https://translate.pretix.eu/widgets/pretix/-/multi-blue.svg
:target: https://translate.pretix.eu/engage/pretix/?utm_source=widget
Using our translation platform
------------------------------
If you visit `translate.pretix.eu`_ for the first time, it admittedly looks pretty bare.
.. image:: img/weblate1.png
:class: screenshot
It gets better if you create an account, which you will need to contribute translations. Click on "Register" in the
top-right corner to get started:
.. image:: img/weblate2.png
:class: screenshot
You can either create an account or choose to log in with your GitHub account, whichever you like more.
After creating and activating your account, we recommend that you change your profile and select which languages you
can translate to and which languages you understand. You can find your profile settings by clicking on your name in
the top-right corner.
.. image:: img/weblate3.png
:class: screenshot
Going back to the dashboard by clicking on the logo in the top-left corner, you can select between different lists
of translation projects. You can either filter by projects that already have a translation in your language, or you
go to the `pretix project page`_ where you can select specific components.
.. note::
If you want to translate pretix to a new language that is not yet listed here, you are very welcome to do so!
While you technically can add the language to the portal yourself, we ask you to drop us a short mail to
translate@pretix.eu so we can add it to all components at once and also make it selectable in pretix itself.
.. image:: img/weblate4.png
:class: screenshot
Once you selected a component of a language, you can start going through strings to translate. You can start of by
clicking the "Strings needing action" line in this view:
.. image:: img/weblate5.png
:class: screenshot
In the translate view, you can input your translation for a given source string. If you're unsure about your
translation, you can also just "Suggest" it or mark it as "Needs editing". If you have no idea, just "Skip". If you
scroll down, there is also a "Comments" section to discuss any questions with fellow translators or us developers.
.. image:: img/weblate6.png
:class: screenshot
.. _translate.pretix.eu: https://translate.pretix.eu
.. _pretix project page: https://translate.pretix.eu/projects/pretix/

0
doc/doc_warnings
View File

110
doc/plugins/badges.rst
View File

@@ -1,110 +0,0 @@
Badges
======
The badges plugin provides a HTTP API that exposes the various layouts used to generate PDF badges.
Resource description
--------------------
The badge layout resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal layout ID
name string Internal layout description
default boolean ``true`` if this is the default layout
layout object Layout specification for libpretixprint
background URL Background PDF file
item_assignments list of objects Products this layout is assigned to
└ item integer Item ID
===================================== ========================== =======================================================
.. versionchanged:: 1.16
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/badgelayouts/
Returns a list of all badge layouts
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/badgelayouts/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of a valid event
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/badgelayouts/(id)/
Returns information on layout.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/layoutsbadge/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the layout to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.

2
doc/plugins/index.rst
View File

@@ -12,5 +12,3 @@ If you want to **create** a plugin, please go to the
list
pretixdroid
banktransfer
ticketoutputpdf
badges

50
doc/plugins/list.rst
View File

@@ -1,10 +1,48 @@
.. spelling::
Analytics
List of plugins
===============
A detailed list of plugins that are available for pretix can be found on the
`project website`_.
The following plugins are shipped with pretix and are supported in the same
ways that pretix itself is:
.. _project website: https://pretix.eu/about/en/plugins
* Bank transfer
* PayPal
* Stripe
* Check-in lists
* pretixdroid
* Report exporter
* Send out emails
* Statistics
* PDF ticket output
The following plugins are not shipped with pretix but are maintained by the
same team. We update them regularly to make them compatible with the latest
pretix releases:
* `SEPA direct debit`_
* `Pages`_
* `Passbook/Wallet ticket output`_
* `Cartshare`_
* `Fontpack Free fonts`_
The following closed-source plugins are available to customers of the hosted pretix.eu platform.
Please get in touch with the pretix team if you want to have them for your self-hosted
pretix installation:
* Campaign tracking
* Integration with Google Analytics and Facebook Pixel
* Integration with Slack
* Integration with MailChimp
The following plugins are from independent third-party authors, so we can make
no statements about their stability or compatibility:
* `esPass ticket output`_
* `IcePay integration`_
.. _SEPA direct debit: https://github.com/pretix/pretix-sepadebit
.. _Passbook/Wallet ticket output: https://github.com/pretix/pretix-passbook
.. _Cartshare: https://github.com/pretix/pretix-cartshare
.. _Pages: https://github.com/pretix/pretix-pages
.. _esPass ticket output: https://github.com/esPass/pretix-espass
.. _IcePay integration: https://github.com/chotee/pretix-icepay
.. _Fontpack Free fonts: https://github.com/pretix/pretix-fontpack-free

179
doc/plugins/pretixdroid.rst
View File

@@ -4,21 +4,10 @@ pretixdroid HTTP API
The pretixdroid plugin provides a HTTP API that the `pretixdroid Android app`_
uses to communicate with the pretix server.
.. warning:: This API is **DEPRECATED** and will probably go away soon. It is used **only** to serve the pretixdroid
Android app. There are no backwards compatibility guarantees on this API. We will not add features that
are not required for the Android App. There is a general-purpose :ref:`rest-api` that provides all
features that you need to check in.
.. versionchanged:: 1.12
Support for check-in-time questions has been added. The new API features are fully backwards-compatible and
negotiated live, so clients which do not need this feature can ignore the change. For this reason, the API version
has not been increased and is still set to 3.
.. versionchanged:: 1.13
Support for checking in unpaid tickets has been added.
.. warning:: This API is intended **only** to serve the pretixdroid Android app. There are no backwards compatibility
guarantees on this API. We will not add features that are not required for the Android App. There is a
general-purpose :ref:`rest-api` that not yet provides all features that this API provides, but will do
so in the future.
.. http:post:: /pretixdroid/api/(organizer)/(event)/redeem/
@@ -33,33 +22,18 @@ uses to communicate with the pretix server.
Accept: application/json, text/javascript
Content-Type: application/x-www-form-urlencoded
secret=az9u4mymhqktrbupmwkvv6xmgds5dk3&questions_supported=true
secret=az9u4mymhqktrbupmwkvv6xmgds5dk3
You **must** set the parameter secret.
You can optionally include the additional parameter ``datetime`` in the body containing an ISO8601-encoded
datetime of the entry attempt. If you don't, the current date and time will be used.
You **must** set the parameter ``questions_supported`` to ``true`` **if** you support asking questions
back to the app operator. You **must not** set it if you do not support this feature. In that case, questions
will just be ignored.
You **may** set the additional parameter ``datetime`` in the body containing an ISO8601-encoded
datetime of the entry attempt. If you don"t, the current date and time will be used.
You **may** set the additional parameter ``force`` to indicate that the request should be logged
You can optionally include the additional parameter ``force`` to indicate that the request should be logged
regardless of previous check-ins for the same ticket. This might be useful if you made the entry decision offline.
Questions will also always be ignored in this case (i.e. supplied answers will be saved, but no error will be
thrown if they are missing or invalid).
You **may** set the additional parameter ``nonce`` with a globally unique random value to identify this
You can optionally include the additional parameter ``nonce`` with a globally unique random value to identify this
check-in. This is meant to be used to prevent duplicate check-ins when you are just retrying after a connection
failure.
You **may** set the additional parameter ``ignore_unpaid`` to indicate that the check-in should be performed even
if the order is in pending state.
If questions are supported and required, you will receive a dictionary ``questions`` containing details on the
particular questions to ask. To answer them, just re-send your redemption request with additional parameters of
the form ``answer_<question>=<answer>``, e.g. ``answer_12=24``.
**Example successful response**:
.. sourcecode:: http
@@ -69,70 +43,10 @@ uses to communicate with the pretix server.
{
"status": "ok"
"version": 3,
"data": {
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
"order": "ABCDE",
"item": "Standard ticket",
"item_id": 1,
"variation": null,
"variation_id": null,
"attendee_name": "Peter Higgs",
"attention": false,
"redeemed": true,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
}
"version": 2
}
**Example response with required questions**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{
"status": "incomplete"
"version": 3
"data": {
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
"order": "ABCDE",
"item": "Standard ticket",
"item_id": 1,
"variation": null,
"variation_id": null,
"attendee_name": "Peter Higgs",
"attention": false,
"redeemed": true,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
},
"questions": [
{
"id": 12,
"type": "C",
"question": "Choose a shirt size",
"required": true,
"position": 2,
"items": [1],
"options": [
{
"id": 24,
"answer": "M"
},
{
"id": 25,
"answer": "L"
}
]
}
]
}
**Example error response with data**:
**Example error response**:
.. sourcecode:: http
@@ -142,41 +56,13 @@ uses to communicate with the pretix server.
{
"status": "error",
"reason": "already_redeemed",
"version": 3,
"data": {
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
"order": "ABCDE",
"item": "Standard ticket",
"item_id": 1,
"variation": null,
"variation_id": null,
"attendee_name": "Peter Higgs",
"attention": false,
"redeemed": true,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
}
}
**Example error response without data**:
.. sourcecode:: http
HTTP/1.1 200 OK
Content-Type: text/json
{
"status": "error",
"reason": "unkown_ticket",
"version": 3
"version": 2
}
Possible error reasons:
* ``unpaid`` - Ticket is not paid for or has been refunded
* ``already_redeemed`` - Ticket already has been redeemed
* ``product`` - Tickets with this product may not be scanned at this device
* ``unknown_ticket`` - Secret does not match a ticket in the database
:query key: Secret API key
@@ -213,21 +99,18 @@ uses to communicate with the pretix server.
"variation": null,
"attendee_name": "Peter Higgs",
"redeemed": false,
"attention": false,
"checkin_allowed": true,
"addons_text": "Parking spot",
"paid": true
},
...
],
"version": 3
"version": 2
}
:query query: Search query
:query key: Secret API key
:statuscode 200: Valid request
:statuscode 404: Unknown organizer or event
:statuscode 403: Invalid authorization key
:query key: Secret API key
:statuscode 200: Valid request
:statuscode 404: Unknown organizer or event
:statuscode 403: Invalid authorization key
.. http:get:: /pretixdroid/api/(organizer)/(event)/download/
@@ -249,7 +132,6 @@ uses to communicate with the pretix server.
Content-Type: text/json
{
"version": 3,
"results": [
{
"secret": "az9u4mymhqktrbupmwkvv6xmgds5dk3",
@@ -258,32 +140,11 @@ uses to communicate with the pretix server.
"variation": null,
"attendee_name": "Peter Higgs",
"redeemed": false,
"attention": false,
"checkin_allowed": true,
"paid": true
},
...
],
"questions": [
{
"id": 12,
"type": "C",
"question": "Choose a shirt size",
"required": true,
"position": 2,
"items": [1],
"options": [
{
"id": 24,
"answer": "M"
},
{
"id": 25,
"answer": "L"
}
]
}
]
"version": 2
}
:query key: Secret API key
@@ -294,7 +155,7 @@ uses to communicate with the pretix server.
.. http:get:: /pretixdroid/api/(organizer)/(event)/status/
Returns status information, such as the total number of tickets and the
number of performed check-ins.
number of performed checkins.
**Example request**:
@@ -314,7 +175,7 @@ uses to communicate with the pretix server.
{
"checkins": 17,
"total": 42,
"version": 3,
"version": 2,
"event": {
"name": "Demo Converence",
"slug": "democon",

111
doc/plugins/ticketoutputpdf.rst
View File

@@ -1,111 +0,0 @@
PDF ticket output
=================
The PDF ticket output plugin provides a HTTP API that exposes the various layouts used
to generate PDF tickets.
Resource description
--------------------
The ticket layout resource contains the following public fields:
.. rst-class:: rest-resource-table
===================================== ========================== =======================================================
Field Type Description
===================================== ========================== =======================================================
id integer Internal layout ID
name string Internal layout description
default boolean ``true`` if this is the default layout
layout object Layout specification for libpretixprint
background URL Background PDF file
item_assignments list of objects Products this layout is assigned to
└ item integer Item ID
===================================== ========================== =======================================================
.. versionchanged:: 1.16
This resource has been added.
Endpoints
---------
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/ticketlayouts/
Returns a list of all ticket layouts
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/ticketlayouts/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"count": 1,
"next": null,
"previous": null,
"results": [
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
]
}
:query page: The page number in case of a multi-page result set, default is 1
:param organizer: The ``slug`` field of a valid organizer
:param event: The ``slug`` field of a valid event
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer does not exist **or** you have no permission to view it.
.. http:get:: /api/v1/organizers/(organizer)/events/(event)/ticketlayouts/(id)/
Returns information on layout.
**Example request**:
.. sourcecode:: http
GET /api/v1/organizers/bigevents/events/democon/ticketlayouts/1/ HTTP/1.1
Host: pretix.eu
Accept: application/json, text/javascript
**Example response**:
.. sourcecode:: http
HTTP/1.1 200 OK
Vary: Accept
Content-Type: text/javascript
{
"id": 1,
"name": "Default layout",
"default": true,
"layout": {…},
"background": {},
"item_assignments": []
}
:param organizer: The ``slug`` field of the organizer to fetch
:param event: The ``slug`` field of the event to fetch
:param id: The ``id`` field of the layout to fetch
:statuscode 200: no error
:statuscode 401: Authentication failure
:statuscode 403: The requested organizer/event does not exist **or** you have no permission to view it.

6
doc/requirements.txt
View File

@@ -1,8 +1,4 @@
-r ../src/requirements.txt
sphinx==1.6.*
sphinx
sphinx-rtd-theme
sphinxcontrib-httpdomain
sphinxcontrib-images
sphinxcontrib-spelling
# See https://github.com/rfk/pyenchant/pull/130
git+https://github.com/raphaelm/pyenchant.git@patch-1#egg=pyenchant

BIN
doc/screens/event/create_step1.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 76 KiB

BIN
doc/screens/event/create_step2.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 90 KiB

BIN
doc/screens/event/create_step3.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 64 KiB

BIN
doc/screens/event/create_step4.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 90 KiB

BIN
doc/screens/event/settings_display.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 103 KiB

BIN
doc/screens/event/settings_email.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 84 KiB

BIN
doc/screens/event/settings_invoice.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 97 KiB

BIN
doc/screens/event/settings_payment.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 120 KiB

BIN
doc/screens/event/settings_plugins.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 91 KiB

BIN
doc/screens/event/settings_tickets.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 94 KiB

BIN
doc/screens/event/subevent_create.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 65 KiB

BIN
doc/screens/event/subevent_detail.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 64 KiB

BIN
doc/screens/event/subevent_list.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 59 KiB

BIN
doc/screens/event/tax_detail.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 98 KiB

BIN
doc/screens/event/tax_list.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 44 KiB

BIN
doc/screens/event/widget_form.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 87 KiB

BIN
doc/screens/organizer/edit.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 84 KiB

BIN
doc/screens/organizer/edit_sysadmin.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 84 KiB

BIN
doc/screens/organizer/event_list.png
View File

Binary file not shown.
Side by Side

Before

Width:  |  Height:  |  Size: 45 KiB

Some files were not shown because too many files have changed in this diff Show More