Add Checkin API and Badge Preview and Download Feature

[Sak1012]

This PR let's organisers perform Checkin from Open-event-checkin with the new CheckIn API and also facilitates badge preview, printing and downloading functionalities at checkin.

Summary by Sourcery

Add a new Checkin API and badge preview, printing, and downloading features to enhance the check-in process. Implement PDF rendering support and configure CORS headers for cross-origin requests.

New Features:

• Introduce a new Checkin API that allows organizers to perform check-ins from Open-event-checkin.
• Add badge preview, printing, and downloading functionalities at check-in.

Enhancements:

• Implement a PDFRenderer class to support PDF rendering in the badges plugin.
• Add CORS headers to the Nginx configuration to allow cross-origin requests from the check-in application.

Deployment:

• Update Nginx configuration to include CORS headers for the check-in application.

[sourcery-ai]

Reviewer's Guide by Sourcery

This PR implements a new CheckIn API and adds badge preview/download functionality for the check-in process. The changes include extensive refactoring of the check-in logic into smaller, more maintainable functions, addition of new API endpoints for badge operations, and implementation of CORS support to enable cross-origin requests from the check-in application.

Sequence diagram for Checkin Redeem Process

sequenceDiagram
    actor User
    participant CheckinRedeemView
    participant _redeem_process
    participant Checkin
    participant BadgeOutputProvider

    User->>CheckinRedeemView: POST /checkin/redeem
    CheckinRedeemView->>_redeem_process: Call _redeem_process
    _redeem_process->>Checkin: perform_checkin
    alt Badge Plugin Enabled
        _redeem_process->>BadgeOutputProvider: generate badge
        BadgeOutputProvider-->>_redeem_process: Return badge PDF
    end
    _redeem_process-->>CheckinRedeemView: Return Response
    CheckinRedeemView-->>User: Response with status

Loading

Updated class diagram for Checkin and Badge Models

classDiagram
    class Checkin {
        +require_checkin_attention: bool
    }
    class BadgeOutputProvider {
        +generate(OrderPosition) Tuple
        +settings_form_fields
    }
    class CheckinRedeemInputSerializer {
        +lists
        +secret
        +force
        +source_type
        +type
        +ignore_unpaid
        +questions_supported
        +nonce
        +datetime
        +answers
    }
    Checkin <|-- CheckinRedeemInputSerializer
    BadgeOutputProvider <|-- CheckinRedeemInputSerializer
    Checkin <|-- BadgeOutputProvider

Loading

File-Level Changes

Change	Details	Files
Refactored check-in logic into smaller, reusable functions	Extracted position queryset logic into _checkin_list_position_queryset function Split file upload handling into a separate function Created helper functions for validating check-in lists and setting up context Implemented dedicated functions for handling various check-in scenarios	src/pretix/api/views/checkin.py
Added new Badge preview and download API endpoints	Created BadgePreviewView for generating badge previews Implemented BadgeDownloadView for downloading badges Added PDFRenderer for handling PDF responses Created BadgeOutputProvider for generating badge PDFs	src/pretix/plugins/badges/api.py src/pretix/plugins/badges/providers.py src/pretix/plugins/badges/urls.py
Implemented CORS support for cross-origin requests	Added django-cors-headers to dependencies Configured CORS middleware and settings Added CORS headers to nginx configuration Modified base path configuration	deployment/docker/nginx.conf src/pretix/settings.py pyproject.toml
Enhanced permission handling for API endpoints	Modified get_events_with_permission to handle multiple permissions Added support for list/tuple permission checks Added require_checkin_attention property to OrderPosition	src/pretix/base/models/devices.py src/pretix/base/models/organizer.py src/pretix/base/models/orders.py

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time. You can also use
  this command to specify where the summary should be inserted.

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey @Sak1012 - I've reviewed your changes and they look great!

Here's what I looked at during the review

• 🟢 General issues: all looks good
• 🟢 Security: all looks good
• 🟢 Testing: all looks good
• 🟡 Complexity: 1 issue found
• 🟢 Documentation: all looks good

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

issue (complexity): Consider extracting check-in business logic into a dedicated service layer to separate concerns.

The check-in logic has become overly complex by mixing business operations with API concerns. Consider refactoring into a service layer:

class CheckInService:
    def __init__(self, checkinlists):
        self.list_by_event = self._validate_checkinlists(checkinlists)

    def process_checkin(self, barcode, checkin_args):
        # Core business logic steps:
        position = self._find_ticket_position(barcode)
        self._validate_position(position)
        return self._perform_checkin(position, checkin_args)

    def _find_ticket_position(self, barcode):
        # Ticket lookup logic
        pass

    def _validate_position(self, position):
        # Validation rules
        pass

    def _perform_checkin(self, position, args):
        # Check-in execution
        pass

Then the API view becomes simpler:

def redeem(self, request):
    service = CheckInService(checkinlists)
    result = service.process_checkin(
        barcode=request.data['secret'],
        checkin_args={'type': request.data['type'], ...}
    )
    return self._format_response(result)

This separates concerns and makes the code more maintainable while preserving functionality.

[mariobehling]

Please ensure tests are passing.

[mariobehling]

eventyay Logo

[Sak1012]

Done 👍

[Sak1012]

Please ensure tests are passing.

I have made the necessary modifications 👍

[mariobehling]

Please change this into a variable. So we can use different URLs, e.g. for the development branch.

[hongquan]

How about using wildcard * to allow all "origin"?

[mariobehling]

Well, for partners such as Wikimedia we also want to deploy it to different domains.

[hongquan]

You should remove this middleware to test if the Nginx config works.

[Sak1012]

Done 👍

[hongquan]

How about using wildcard * to allow all "origin"?