def finalizeInvoice(self):
# This will close out this invoice for editing, and also
# generate the actual PDF
# Calculate the total
total = Decimal(0)
totalvat = Decimal(0)
for r in self.invoice.invoicerow_set.all():
total += r.rowamount * r.rowcount
totalvat += r.totalvat
totalvat = totalvat.quantize(Decimal('.01')) # Round off to two digits
self.invoice.total_amount = total + totalvat
self.invoice.total_vat = totalvat
if self.invoice.reverse_vat and self.invoice.total_vat > 0:
raise Exception("Can't have both reverse VAT and a non-zero VAT!")
# Generate a secret key that can be used to view the invoice if
# there is no associated account
self.invoice.recipient_secret = generate_random_token()
# Generate pdf
self.invoice.pdf_invoice = base64.b64encode(self.render_pdf_invoice()).decode('ascii')
# Indicate that we're finalized
self.invoice.finalized = True
# And we're done!
self.invoice.save()
InvoiceHistory(invoice=self.invoice, txt='Finalized').save()
def meeting_proxy(request, meetingid):
# Assign proxy voter for meeting
meeting = get_object_or_404(Meeting, pk=meetingid)
member = get_object_or_404(Member, user=request.user)
if not (member.paiduntil and member.paiduntil >= datetime.today().date()):
return HttpResponse("Your membership is not active")
if not meeting.allmembers:
if not meeting.members.filter(pk=member.pk).exists():
return HttpResponse("Access denied.")
if member.paiduntil < meeting.dateandtime.date():
return HttpResponse("Your membership expires before the meeting")
# Do we have one already?
try:
key = MemberMeetingKey.objects.get(member=member, meeting=meeting)
except MemberMeetingKey.DoesNotExist:
key = MemberMeetingKey()
key.meeting = meeting
key.member = member
initial = {
'name': key.proxyname,
}
if request.method == 'POST':
form = ProxyVoterForm(initial=initial, data=request.POST)
if form.is_valid():
if form.cleaned_data['name']:
key.proxyname = form.cleaned_data['name']
key.proxyaccesskey = generate_random_token()
key.key = base64.urlsafe_b64encode(
os.urandom(40)).rstrip(b'=').decode('utf8')
key.save()
MemberLog(member=member,
timestamp=datetime.now(),
message="Assigned {0} as proxy voter in {1}".format(
key.proxyname, meeting.name)).save()
return HttpResponseRedirect('.')
else:
key.delete()
MemberLog(member=member,
timestamp=datetime.now(),
message="Canceled proxy voting in {0}".format(
meeting.name)).save()
return HttpResponseRedirect("../../")
else:
form = ProxyVoterForm(initial=initial)
return render(request, 'membership/meetingproxy.html', {
'member': member,
'meeting': meeting,
'key': key,
'form': form,
})
def conference_temp_token(request, confname):
redir = request.GET.get('redir', None)
if not redir:
return HttpResponse("Mandatory parameter missing", status=404)
redir = urlparse(redir)
# Create, or replace, a temporary token for this login, which can later be exchanged for a full JWT.
conference = get_conference_or_404(confname)
if not conference.key_public:
return HttpResponse("Conference key not found", status=404)
# Explicitly compare scheme/location/path, but *not* the querystring.
if redir._replace(
query=None,
fragment=None).geturl() not in conference.web_origins.split(','):
return HttpResponse("Forbidden redirect URL", status=403)
try:
reg = ConferenceRegistration.objects.get(conference=conference,
attendee=request.user)
except ConferenceRegistration.DoesNotExist:
return HttpResponse("You are not registered for this conference",
status=403,
content_type='text/plain')
if not reg.payconfirmedat:
return HttpResponse("Not confirmed for this conference",
status=403,
conten_type='text/plain')
with transaction.atomic():
# If there is an existing token for this user, just remove it.
ConferenceRegistrationTemporaryToken.objects.filter(reg=reg).delete()
# Create a new one
t = ConferenceRegistrationTemporaryToken(
reg=reg,
token=generate_random_token(),
expires=timezone.now() + timedelta(minutes=5),
)
t.save()
reglog(reg, 'Issued temporary token', request.user)
# If there are any parameters included in the redirect, we just append ours to it
param = dict(parse_qsl(redir.query))
param['token'] = t.token
return HttpResponseRedirect(
redir._replace(query=urlencode(param)).geturl())
def enable_webhook(self, request):
token = generate_random_token()
Telegram(self.instance.id, self.instance.config).post('setWebhook', {
'url': '{}/wh/{}/{}/'.format(settings.SITEBASE, self.instance.id, token),
'max_connections': 2,
'allowed_updates': ['channel_post', 'message'],
})
self.instance.config['webhook'] = {
'token': token,
}
self.instance.save(update_fields=['config'])
messages.info(request, "Webhook has been enabled!")
return True
def refresh_messaging_config(self, config):
mod = False
if 'channeltoken' not in config:
config['channeltoken'] = {}
if 'tokenchannel' not in config:
config['tokenchannel'] = {}
for channel in ['privatebcast', 'orgnotification']:
if channel not in config['channeltoken']:
# Create a token!
t = generate_random_token()
config['channeltoken'][channel] = t
config['tokenchannel'][t] = channel
mod = True
return mod
def sponsor_scanning(request, sponsorid):
sponsor, is_admin = _get_sponsor_and_admin(sponsorid, request, False)
if not sponsor.conference.askbadgescan:
return HttpResponse(
"Badge scanning questions are not enabled on this conference",
status=403)
if not SponsorClaimedBenefit.objects.filter(
sponsor=sponsor,
benefit__benefit_class=get_benefit_id(
'badgescanning.BadgeScanning'),
declined=False,
confirmed=True).exists():
return HttpResponse(
"Badge scanning not a claimed benefit for this sponsor",
status=403)
if request.method == 'POST':
if request.POST.get('what', '') == 'add':
if not request.POST.get('email', ''):
messages.warning(request, "Cannot add empty address")
return HttpResponseRedirect(".")
try:
reg = ConferenceRegistration.objects.get(
conference=sponsor.conference,
email=request.POST.get('email').lower())
if not reg.payconfirmedat:
messages.error(request, "Attendee is not confirmed")
return HttpResponseRedirect(".")
if sponsor.sponsorscanner_set.filter(scanner=reg).exists():
messages.warning(
request, "Attendee already registered as a scanner")
return HttpResponseRedirect(".")
scanner = SponsorScanner(sponsor=sponsor,
scanner=reg,
token=generate_random_token())
scanner.save()
sponsor.sponsorscanner_set.add(scanner)
return HttpResponseRedirect(".")
except ConferenceRegistration.DoesNotExist:
messages.error(request, "Attendee not found")
return HttpResponseRedirect(".")
elif request.POST.get('what', '') == 'del':
# There should only be one remove-<something>
for k in request.POST.keys():
if k.startswith('remove-'):
rid = k[len('remove-'):]
try:
scanner = SponsorScanner.objects.get(sponsor=sponsor,
pk=rid)
n = scanner.scanner.fullname
if scanner.scanner.scanned_attendees.exists():
messages.warning(
request,
"Attende {0} has scanned badges already, cannot be removed"
.format(n))
else:
scanner.delete()
messages.info(
request,
"Attendee {0} removed from scanning".format(n))
except SponsorScanner.DoesNotExist:
messges.error(request, "Attendee not found")
return HttpResponseRedirect(".")
elif k.startswith('email-'):
rid = k[len('email-'):]
try:
scanner = SponsorScanner.objects.get(sponsor=sponsor,
pk=rid)
send_conference_mail(
sponsor.conference,
scanner.scanner.email,
"Attendee badge scanning",
"confsponsor/mail/badge_scanning_intro.txt",
{
'conference': sponsor.conference,
'sponsor': sponsor,
'scanner': scanner,
},
sender=sponsor.conference.sponsoraddr,
receivername=scanner.scanner.fullname,
)
messages.info(
request, "Instructions email sent to {0}".format(
scanner.scanner.fullname))
except SponsorScanner.DoesNotExist:
messages.error(request, "Attendee not found")
return HttpResponseRedirect(".")
else:
messages.error(request, "Invalid form submit")
return HttpResponseRedirect(".")
elif request.POST.get('what', '') == 'delscan':
# There should only be one delete-scan-<id>
for k in request.POST.keys():
if k.startswith('delete-scan-'):
scid = int(k[len('delete-scan-'):])
try:
scan = ScannedAttendee.objects.get(sponsor=sponsor,
pk=scid)
scan.delete()
except ScannedAttendee.DoesNotExist:
messages.error(
request,
"Scan has already been removed or permission denied"
)
break
else:
messages.error(request, "Invalid form submit")
return HttpResponseRedirect(".")
else:
# Unknown form, so just return
return HttpResponseRedirect(".")
scanned = ScannedAttendee.objects.select_related(
'attendee', 'scannedby', 'attendee__country').filter(sponsor=sponsor)
return render(request, 'confsponsor/sponsor_scanning.html', {
'scanners': sponsor.sponsorscanner_set.all(),
'scanned': scanned,
})