Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add ability to transfer ownership of tickets #653
Add ability to transfer ownership of tickets #653
Changes from 10 commits
0d8e126
5b6737a
e8ad2c9
b6ded3b
ee7a169
ca40515
dd8292c
dd48bf1
110d03b
bb74dd9
d819fbc
95d3740
8365d56
b75eee1
File filter
Filter by extension
Conversations
Jump to
There are no files selected for viewing
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
At this point, you'll probably need to invalidate the sender's QR, currently built using
url = f"https://{settings.DOMAIN}/api/tickets/{self.id}"
This URL was put in as a placeholder and is not actually suitable. We want a URL that is unique to the user/locked behind auth, so that others can't access it. We could use a hash of ticket.UUID + ticket.owner, since locking behind auth means locking behind Penn access. If we change the way we do the URL, we would need to write another endpoint that validates it.
@julianweng could we co-ordinate with Anthony on the quickest way to get ticket QR code validation into iOS? Or do we want to use a different interface?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
After some discussion I think it would be better to put this in a separate PR. I've made the updates locally but more changes will likely be required until we finalize details about QR code scanning.