Skip to content

Commit

Permalink
holding, validation improvements, perms
Browse files Browse the repository at this point in the history
  • Loading branch information
rohangpta committed Oct 2, 2022
1 parent 989b032 commit 525d63a
Show file tree
Hide file tree
Showing 4 changed files with 292 additions and 201 deletions.
51 changes: 51 additions & 0 deletions backend/clubs/migrations/0093_auto_20220706_0548.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,51 @@
# Generated by Django 3.2.8 on 2022-07-06 09:48

import django.db.models.deletion
from django.conf import settings
from django.db import migrations, models


class Migration(migrations.Migration):

dependencies = [
migrations.swappable_dependency(settings.AUTH_USER_MODEL),
("clubs", "0092_auto_20220211_1732"),
]

operations = [
migrations.RemoveField(
model_name="ticket",
name="held",
),
migrations.AddField(
model_name="ticket",
name="holder",
field=models.ForeignKey(
blank=True,
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="held_tickets",
to=settings.AUTH_USER_MODEL,
),
),
migrations.AlterField(
model_name="cart",
name="owner",
field=models.OneToOneField(
on_delete=django.db.models.deletion.CASCADE,
related_name="cart",
to=settings.AUTH_USER_MODEL,
),
),
migrations.AlterField(
model_name="ticket",
name="owner",
field=models.ForeignKey(
blank=True,
null=True,
on_delete=django.db.models.deletion.SET_NULL,
related_name="owned_tickets",
to=settings.AUTH_USER_MODEL,
),
),
]
14 changes: 14 additions & 0 deletions backend/clubs/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -1716,6 +1716,19 @@ class Cart(models.Model):
)


class TicketManager(models.Manager):

# Update holds for all tickets
def update_holds(self):
expired_tickets = self.select_for_update().filter(
holder__isnull=False, holding_expiration__lte=timezone.now()
)
with transaction.atomic():
for ticket in expired_tickets:
ticket.holder = None
self.bulk_update(expired_tickets, ["holder"])


class Ticket(models.Model):
"""
Represents an instance of a ticket for an event
Expand All @@ -1742,6 +1755,7 @@ class Ticket(models.Model):
)
holding_expiration = models.DateTimeField(null=True, blank=True)
carts = models.ManyToManyField(Cart, related_name="tickets", blank=True)
objects = TicketManager()

def get_qr(self):
"""
Expand Down
11 changes: 9 additions & 2 deletions backend/clubs/permissions.py
Original file line number Diff line number Diff line change
Expand Up @@ -188,7 +188,7 @@ def has_permission(self, request, view):

class EventPermission(permissions.BasePermission):
"""
Officers and above can create/update/delete events.
Officers and above can create/update/delete events and view ticket buyers.
Everyone else can view and list events.
"""

Expand Down Expand Up @@ -224,7 +224,14 @@ def has_object_permission(self, request, view, obj):

if not old_type == FAIR_TYPE and new_type == FAIR_TYPE:
return False

elif view.action in ["buyers", "create_tickets"]:
if not request.user.is_authenticated:
return False
membership = find_membership_helper(request.user, obj.club)
return membership is not None and membership.role <= Membership.ROLE_OFFICER
elif view.action in ["add_to_cart", "remove_from_cart"]:
return request.user.is_authenticated
print("action", view.action)
return True


Expand Down
Loading

0 comments on commit 525d63a

Please sign in to comment.