fossasia · lcduong · Oct 1, 2024 · sourcery-ai · Oct 1, 2024 · sourcery-ai
diff --git a/src/pretix/api/serializers/event.py b/src/pretix/api/serializers/event.py
@@ -724,9 +724,6 @@ class EventSettingsSerializer(SettingsSerializer):
         'logo_image_large',
         'logo_show_title',
         'og_image',
-        'schedule_link',
-        'session_link',
-        'speaker_link',
     ]
 
     def __init__(self, *args, **kwargs):

diff --git a/src/pretix/api/urls.py b/src/pretix/api/urls.py
@@ -101,4 +101,5 @@
     url(r"^me$", user.MeView.as_view(), name="user.me"),
     url(r"^version$", version.VersionView.as_view(), name="version"),
     url(r"(?P<organizer>[^/]+)/(?P<event>[^/]+)/customer/(?P<customer_id>[^/]+)/ticket-check", event.CustomerOrderCheckView.as_view()),
+    url(r"(?P<organizer>[^/]+)/(?P<event>[^/]+)/schedule-public", event.talk_schedule_public),
 ]
diff --git a/src/pretix/api/views/event.py b/src/pretix/api/views/event.py
@@ -1,8 +1,16 @@
+import json
+import logging
+
 import django_filters
+import jwt
+from django.conf import settings
 from django.db import transaction
 from django.db.models import ProtectedError, Q
 from django.http import JsonResponse
+from django.shortcuts import get_object_or_404
 from django.utils.timezone import now
+from django.views.decorators.csrf import csrf_exempt
+from django.views.decorators.http import require_POST
 from django_filters.rest_framework import DjangoFilterBackend, FilterSet
 from django_scopes import scopes_disabled
 from rest_framework import filters, serializers, views, viewsets
@@ -16,14 +24,16 @@
 )
 from pretix.api.views import ConditionalListView
 from pretix.base.models import (
-    CartPosition, Device, Event, TaxRule, TeamAPIToken, Organizer, Customer, Order,
+    CartPosition, Device, Event, TaxRule, TeamAPIToken, Organizer, Customer, Order, User,
 )
 from pretix.base.models.event import SubEvent
 from pretix.base.settings import SETTINGS_AFFECTING_CSS
 from pretix.helpers.dicts import merge_dicts
 from pretix.presale.style import regenerate_css
 from pretix.presale.views.organizer import filter_qs_by_attr
 
+logger = logging.getLogger(__name__)
+
 with scopes_disabled():
     class EventFilter(FilterSet):
         is_past = django_filters.rest_framework.BooleanFilter(method='is_past_qs')
@@ -439,3 +449,55 @@ def get(self, request, *args, **kwargs):
                 return JsonResponse(status=200, data={"message": "Customer has paid orders."})
 
         return JsonResponse(status=400, data={"message": "Customer did not paid orders."})
+
+
+def check_token_permission(token, permission_required):
+    # Decode and validate the JWT token
+    decoded_data = jwt.decode(token, settings.SECRET_KEY, algorithms=["HS256"])
+    # Check if user existed
+    User.objects.get(email=decoded_data["email"])
+    if decoded_data.get("has_perms") not in permission_required:
+        return False
+    return True
+
+
+@csrf_exempt
+@require_POST
+@scopes_disabled()
+def talk_schedule_public(request, *args, **kwargs):
+    auth_header = request.headers.get("Authorization")
+    if auth_header and auth_header.startswith("Bearer "):
+        token = auth_header.split(" ")[1]
+        try:
+            if not check_token_permission(token, 'orga.edit_schedule'):
+                return JsonResponse(
+                    {"status": "User does not have permission to show schedule on menu"},
+                    status=403,
+                )
+            organiser = get_object_or_404(Organizer, slug=kwargs['organizer'])
+            event = get_object_or_404(Event, slug=kwargs['event'], organizer=organiser)
+            request_data = json.loads(request.body)
+            event.settings.talk_schedule_public = request_data.get('is_show_schedule') or False
+
+            return JsonResponse({"status": "success"}, status=200)
+
+        except jwt.ExpiredSignatureError:
+            logger.error("Token has expired")
+            return JsonResponse({"status": "Token has expired"}, status=401)
+        except jwt.InvalidTokenError:
+            logger.error("Invalid token")
+            return JsonResponse({"status": "Invalid token"}, status=401)
+        except Organizer.DoesNotExist:
+            logger.error("Organizer not found")
+            return JsonResponse({"status": "Organizer not found"}, status=404)
+        except Event.DoesNotExist:
+            logger.error("Event not found")
+            return JsonResponse({"status": "Event not found"}, status=404)
+        except Exception as e:
+            logger.error("Internal server error: %s", e)
+            return JsonResponse({"status": "Internal server error"}, status=500)
+    else:
+        logger.error("Authorization header missing or invalid")
+        return JsonResponse(
+            {"status": "Authorization header missing or invalid"}, status=403
+        )
diff --git a/src/pretix/base/configurations/default_setting.py b/src/pretix/base/configurations/default_setting.py
@@ -2390,36 +2390,6 @@ def primary_font_kwargs():
         ),
         'serializer_class': I18nURLField,
     },
-    'schedule_link': {
-        'default': None,
-        'type': str,
-        'form_class': forms.URLField,
-        'serializer_class': serializers.URLField,
-        'form_kwargs': dict(
-            label=_("Schedule URL"),
-            help_text=_("This should point to your session schedule."),
-        ),
-    },
-    'session_link': {
-        'default': None,
-        'type': str,
-        'form_class': forms.URLField,
-        'serializer_class': serializers.URLField,
-        'form_kwargs': dict(
-            label=_("Session URL"),
-            help_text=_("This should point to your session list."),
-        ),
-    },
-    'speaker_link': {
-        'default': None,
-        'type': str,
-        'form_class': forms.URLField,
-        'serializer_class': serializers.URLField,
-        'form_kwargs': dict(
-            label=_("Speaker URL"),
-            help_text=_("This should point to your speakers."),
-        ),
-    },
     'seating_choice': {
         'default': 'True',
         'form_class': forms.BooleanField,

diff --git a/src/pretix/base/models/event.py b/src/pretix/base/models/event.py
@@ -964,6 +964,24 @@ def has_paid_things(self):
         return Item.objects.filter(event=self, default_price__gt=0).exists()\
             or ItemVariation.objects.filter(item__event=self, default_price__gt=0).exists()
 
+    @property
+    def talk_schedule_url(self):
+        talk_host = settings.TALK_HOSTNAME
+        url = urljoin(talk_host, f"{self.slug}/schedule")
+        return url
+
+    @property
+    def talk_session_url(self):
+        talk_host = settings.TALK_HOSTNAME
+        url = urljoin(talk_host, f"{self.slug}/talk")
+        return url
+
+    @property
+    def talk_speaker_url(self):
+        talk_host = settings.TALK_HOSTNAME
+        url = urljoin(talk_host, f"{self.slug}/speaker")
+        return url
+
     @cached_property
     def live_issues(self):
         from pretix.base.signals import event_live_issues

diff --git a/src/pretix/control/forms/event.py b/src/pretix/control/forms/event.py
@@ -495,9 +495,6 @@ class EventSettingsForm(SettingsForm):
         'logo_image_large',
         'logo_show_title',
         'og_image',
-        'schedule_link',
-        'session_link',
-        'speaker_link',
     ]
 
     def clean(self):
@@ -1329,21 +1326,6 @@ class QuickSetupForm(I18nForm):
                     "information."),
         required=False,
     )
-    schedule_link = forms.URLField(
-        label=_("Schedule URL"),
-        help_text=_("This should point to your session schedule."),
-        required=False,
-    )
-    session_link = forms.URLField(
-        label=_("Session URL"),
-        help_text=_("This should point to your session list."),
-        required=False,
-    )
-    speaker_link = forms.URLField(
-        label=_("Speaker URL"),
-        help_text=_("This should point to your speakers."),
-        required=False,
-    )
     contact_mail = forms.EmailField(
         label=_("Contact address"),
         required=False,

diff --git a/src/pretix/control/templates/pretixcontrol/event/settings.html b/src/pretix/control/templates/pretixcontrol/event/settings.html
@@ -32,9 +32,6 @@ <h1>{% trans "General settings" %}</h1>
                 {% bootstrap_field sform.imprint_url layout="control" %}
                 {% bootstrap_field form.is_public layout="control" %}
                 {% bootstrap_field form.sales_channels layout="control" %}
-                {% bootstrap_field sform.schedule_link layout="control" %}
-                {% bootstrap_field sform.session_link layout="control" %}
-                {% bootstrap_field sform.speaker_link layout="control" %}
 
                 {% if meta_forms %}
                     <div class="form-group metadata-group">

diff --git a/src/pretix/presale/templates/pretixpresale/event/index.html b/src/pretix/presale/templates/pretixpresale/event/index.html
@@ -36,23 +36,19 @@
     <main aria-label="{% if show_cart %}{% trans "Your cart, general information, add products to your cart" %}{% else %}{% trans "General information, add products to your cart" %}{% endif %}">
         <nav id="schedule-nav"{% if with_margin %} class="p-3"{% endif %}>
             <div class="navigation">
-                {% if request.event.settings.schedule_link %}
+                {% if request.event.settings.talk_schedule_public %}
                     <div class="navigation-button">
-                        <a href="{{ request.event.settings.schedule_link }}" class="header-nav btn btn-outline-success">
+                        <a href="{{ request.event.talk_schedule_url }}" class="header-nav btn btn-outline-success">
                             <i class="fa fa-calendar"></i> {% trans "Schedule" %}
                         </a>
                     </div>
-                {% endif %}
-                {% if request.event.settings.session_link %}
                     <div class="navigation-button">
-                        <a href="{{ request.event.settings.session_link }}" class="header-nav btn btn-outline-success">
+                        <a href="{{ request.event.talk_session_url }}" class="header-nav btn btn-outline-success">
                             <i class="fa fa-comments-o"></i> {% trans "Sessions" %}
                         </a>
                     </div>
-                {% endif %}
-                {% if request.event.settings.speaker_link %}
                     <div class="navigation-button">
-                        <a href="{{ request.event.settings.speaker_link }}" class="header-nav btn btn-outline-success">
+                        <a href="{{ request.event.talk_speaker_url }}" class="header-nav btn btn-outline-success">
                             <i class="fa fa-group"></i> {% trans "Speakers" %}
                         </a>
                     </div>