feat: add reservation QR retrieval

2026-04-29 10:59:47 +02:00
parent 0c679391ed
commit 635a9a5c63
7 changed files with 124 additions and 6 deletions
--- a/backend/bookings/test_api.py
+++ b/backend/bookings/test_api.py
@@ -170,6 +170,54 @@ class BookingApiTests(APITestCase):
        self.assertEqual(second_response.status_code, status.HTTP_409_CONFLICT)
        self.assertEqual(second_response.data["status"], "already_confirmed")

+    @override_settings(SITE_BASE_URL="https://tickets.azionelab.example")
+    def test_qr_retrieval_success_for_confirmed_reservation(self):
+        reservation = self.create_reservation()
+        _, raw_token = generate_confirmation_token(reservation)
+        self.client.post(
+            reverse("api-reservation-confirm"),
+            {"token": raw_token},
+            format="json",
+        )
+
+        response = self.client.get(
+            reverse("api-reservation-qr"),
+            {"token": raw_token},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_200_OK)
+        self.assertEqual(response.data["reservation_id"], reservation.id)
+        self.assertTrue(
+            response.data["qr_code_url"].startswith(
+                "https://tickets.azionelab.example/api/check-ins/preview/?token="
+            )
+        )
+        self.assertTrue(response.data["qr_code_image"].startswith("data:image/png;base64,"))
+        self.assertNotIn("email", response.data)
+        self.assertNotIn("name", response.data)
+
+    def test_qr_retrieval_fails_for_invalid_token(self):
+        response = self.client.get(
+            reverse("api-reservation-qr"),
+            {"token": "invalid-token"},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_404_NOT_FOUND)
+        self.assertEqual(response.data["status"], "invalid_token")
+
+    def test_qr_retrieval_fails_for_pending_reservation(self):
+        reservation = self.create_reservation()
+        _, raw_token = generate_confirmation_token(reservation)
+
+        response = self.client.get(
+            reverse("api-reservation-qr"),
+            {"token": raw_token},
+        )
+
+        self.assertEqual(response.status_code, status.HTTP_409_CONFLICT)
+        self.assertEqual(response.data["status"], "reservation_not_confirmed")
+        self.assertEqual(reservation.status, Reservation.Status.PENDING)
+
    def create_reservation(self, **overrides):
        data = {
            "performance": self.performance,