def appoint_pay_token(self, appoint_id, pm_id=None, **kwargs):
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
appoint_sudo = request.env['appointment'].sudo().browse(appoint_id).exists()
if not appoint_sudo:
params['error'] = 'pay_appoint_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
token_owner = appoint_sudo.customer if request.env.user._is_public() else request.env.user.partner_id
if not token or token.partner_id != token_owner:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
vals = {
'payment_token_id': token.id,
'type': 'server2server',
'return_url': success_url,
}
tx = appoint_sudo._create_payment_transaction(vals)
PaymentProcessing.add_payment_transaction(tx)
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
token_owner = invoice_sudo.partner_id if request.env.user._is_public() else request.env.user.partner_id
if not token or token.partner_id != token_owner:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
vals = {
'payment_token_id': token.id,
'type': 'server2server',
'return_url': success_url,
}
tx = invoice_sudo._create_payment_transaction(vals)
PaymentProcessing.add_payment_transaction(tx)
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(
invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
token_owner = invoice_sudo.partner_id if request.env.user == request.env.ref(
'base.public_user') else request.env.user.partner_id
if not token or token.partner_id != token_owner:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
vals = {
'payment_token_id': token.id,
'type': 'server2server',
}
invoice_sudo._create_payment_transaction(vals)
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
callback_method = kwargs.get('callback_method', '')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
pm_id = int(pm_id)
except (ValueError, TypeError):
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
vals = {
'payment_token_id': pm_id,
'type': 'server2server',
'callback_model_id': request.env['ir.model'].sudo().search([('model', '=', invoice_sudo._name)],
limit=1).id,
'callback_res_id': invoice_sudo.id,
'callback_method': callback_method,
}
invoice_sudo._create_payment_transaction(vals)
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
callback_method = kwargs.get('callback_method', '')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(
invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
if not token:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
# find an existing tx or create a new one
tx = request.env['payment.transaction'].sudo(
)._check_or_create_invoice_tx(
invoice_sudo,
token.acquirer_id,
payment_token=token,
tx_type='server2server',
add_tx_values={
'callback_model_id':
request.env['ir.model'].sudo().search(
[('model', '=', invoice_sudo._name)], limit=1).id,
'callback_res_id':
invoice_sudo.id,
'callback_method':
callback_method,
})
# set the transaction id into the session
request.session['portal_invoice_%s_transaction_id' %
invoice_sudo.id] = tx.id
# proceed to the payment
res = tx.confirm_invoice_token()
if tx.state != 'authorized' or not tx.acquirer_id.capture_manually:
if res is not True:
params['error'] = res
return request.redirect(_build_url_w_params(error_url, params))
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(
invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
# Check if the current user has access to this invoice
commercial_partner_id = request.env.user.partner_id.commercial_partner_id.id
if request.env['account.invoice'].sudo().search_count([
('id', '=', invoice_id),
('message_partner_ids', 'child_of', commercial_partner_id)
]) == 0:
return False
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
if not token:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
# find an existing tx or create a new one
tx = request.env['payment.transaction'].sudo(
)._check_or_create_invoice_tx(invoice_sudo,
token.acquirer_id,
payment_token=token,
tx_type='server2server')
# set the transaction id into the session
request.session['portal_invoice_%s_transaction_id' %
invoice_sudo.id] = tx.id
# proceed to the payment
res = tx.confirm_invoice_token()
if tx.state != 'authorized' or not tx.acquirer_id.capture_manually:
if res is not True:
params['error'] = res
return request.redirect(_build_url_w_params(error_url, params))
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def _serve_fallback(cls):
# serve attachment before
parent = super()._serve_fallback()
if parent: # attachment
return parent
# minimal setup to serve frontend pages
if not request.uid:
cls._auth_method_public()
cls._frontend_pre_dispatch()
cls._handle_debug()
request.params = request.get_http_params()
website_page = cls._serve_page()
if website_page:
website_page.flatten()
cls._register_website_track(website_page)
cls._post_dispatch(website_page)
return website_page
redirect = cls._serve_redirect()
if redirect:
return request.redirect(
_build_url_w_params(redirect.url_to, request.params),
code=redirect.redirect_type,
local=False
) # safe because only designers can specify redirects
def _invoice_get_page_view_values(self, invoice, access_token, **kwargs):
values = super()._invoice_get_page_view_values(invoice, access_token,
**kwargs)
logged_in = not request.env.user._is_public()
# We set partner_id to the partner id of the current user if logged in, otherwise we set it
# to the invoice partner id. We do this to ensure that payment tokens are assigned to the
# correct partner and to avoid linking tokens to the public user.
partner = request.env.user.partner_id if logged_in else invoice.partner_id
# Make sure that the partner's company matches the invoice's company.
invoice_company = invoice.company_id or request.env.company
PaymentPortal._ensure_matching_companies(partner, invoice_company)
acquirers_sudo = request.env['payment.acquirer'].sudo(
)._get_compatible_acquirers(
invoice_company.id, partner.id, currency_id=invoice.currency_id.id
) # In sudo mode to read the fields of acquirers and partner (if not logged in)
tokens = request.env['payment.token'].search([
('acquirer_id', 'in', acquirers_sudo.ids),
('partner_id', '=', partner.id)
]) # Tokens are cleared at the end if the user is not logged in
fees_by_acquirer = {
acq_sudo:
acq_sudo._compute_fees(invoice.amount_total, invoice.currency_id,
invoice.partner_id.country_id)
for acq_sudo in acquirers_sudo.filtered('fees_active')
}
values.update({
'acquirers':
acquirers_sudo,
'tokens':
tokens,
'fees_by_acquirer':
fees_by_acquirer,
'show_tokenize_input':
PaymentPortal._compute_show_tokenize_input_mapping(
acquirers_sudo, logged_in=logged_in),
'amount':
invoice.amount_residual,
'currency':
invoice.currency_id,
'partner_id':
partner.id,
'access_token':
access_token,
'transaction_route':
f'/invoice/transaction/{invoice.id}/',
'landing_route':
_build_url_w_params(invoice.access_url,
{'access_token': access_token})
})
if not logged_in:
# Don't display payment tokens of the invoice partner if the user is not logged in, but
# inform that logging in will make them available.
values.update({
'existing_token': bool(tokens),
'tokens': request.env['payment.token'],
})
return values
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
callback_method = kwargs.get('callback_method', '')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
if not token:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
# find an existing tx or create a new one
tx = request.env['payment.transaction'].sudo()._check_or_create_invoice_tx(
invoice_sudo,
token.acquirer_id,
payment_token=token,
tx_type='server2server',
add_tx_values={
'callback_model_id': request.env['ir.model'].sudo().search([('model', '=', invoice_sudo._name)], limit=1).id,
'callback_res_id': invoice_sudo.id,
'callback_method': callback_method,
})
# set the transaction id into the session
request.session['portal_invoice_%s_transaction_id' % invoice_sudo.id] = tx.id
# proceed to the payment
res = tx.confirm_invoice_token()
if tx.state != 'authorized' or not tx.acquirer_id.capture_manually:
if res is not True:
params['error'] = res
return request.redirect(_build_url_w_params(error_url, params))
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def sale_pay_token(self, order_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
order_sudo = request.env['sale.order'].sudo().browse(order_id).exists()
if not order_sudo:
params['error'] = 'pay_sale_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
token_owner = order_sudo.partner_id if request.env.user._is_public(
) else request.env.user.partner_id
if not token or token.partner_id != token_owner:
params['error'] = 'pay_sale_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
# find an existing tx or create a new one
tx = request.env['payment.transaction'].sudo(
)._check_or_create_sale_tx(
order_sudo,
token.acquirer_id,
payment_token=token,
tx_type='server2server',
)
# set the transaction id into the session
request.session['portal_sale_%s_transaction_id' %
order_sudo.id] = tx.id
# proceed to the payment
res = tx.confirm_sale_token()
if tx.state != 'authorized' or not tx.acquirer_id.capture_manually:
if res is not True:
params['error'] = res
return request.redirect(_build_url_w_params(error_url, params))
params['success'] = 'pay_sale'
return request.redirect(_build_url_w_params(success_url, params))
def old_blog_post(self,
blog,
blog_post,
tag_id=None,
page=1,
enable_editor=None,
**post):
# Compatibility pre-v14
return request.redirect(_build_url_w_params(
"/blog/%s/%s" % (slug(blog), slug(blog_post)), request.params),
code=301)
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.move'].sudo().browse(
invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
success_url = kwargs.get(
'success_url', "%s?%s" %
(invoice_sudo.access_url, url_encode(
{'access_token': access_token}) if access_token else ''))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
token_owner = invoice_sudo.partner_id if request.env.user._is_public(
) else request.env.user.partner_id
if not token or token.partner_id != token_owner:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
vals = {
'payment_token_id': token.id,
'type': 'server2server',
'return_url': _build_url_w_params(success_url, params),
}
tx = invoice_sudo._create_payment_transaction(vals)
PaymentProcessing.add_payment_transaction(tx)
params['success'] = 'pay_invoice'
return request.redirect('/payment/process')
def _serve_fallback(cls, exception):
# serve attachment before
parent = super(Http, cls)._serve_fallback(exception)
if parent: # attachment
return parent
website_page = cls._serve_page()
if website_page:
return website_page
redirect = cls._serve_redirect()
if redirect:
return request.redirect(_build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type)
return False
def _serve_fallback(cls, exception):
# serve attachment before
parent = super(Http, cls)._serve_fallback(exception)
if parent: # attachment
return parent
website_page = cls._serve_page()
if website_page:
return website_page
redirect = cls._serve_redirect()
if redirect:
return request.redirect(_build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type)
return False
def _serve_fallback(cls, exception):
# serve attachment before
parent = super(Http, cls)._serve_fallback(exception)
if parent: # attachment
return parent
if not request.is_frontend:
return False
website_page = cls._serve_page()
if website_page:
return website_page
redirect = cls._serve_redirect()
if redirect:
return request.redirect(
_build_url_w_params(redirect.url_to, request.params),
code=redirect.redirect_type,
local=False) # safe because only designers can specify redirects
return False
def _get_invoice_tx_vals(self, invoice_id, **kwargs):
error_url = kwargs.get('error_url', '/my')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(
invoice_id).exists()
if not invoice_sudo:
return False, {}
success_url = kwargs.get(
'success_url', "%s?%s" %
(invoice_sudo.access_url, url_encode(
{'access_token': access_token}) if access_token else ''))
params['success'] = 'pay_invoice'
return invoice_sudo, {
'return_url': _build_url_w_params(success_url, params)
}
def old_question(self, forum, question, **post):
# Compatibility pre-v14
return request.redirect(_build_url_w_params(
"/forum/%s/%s" % (slug(forum), slug(question)), request.params),
code=301)
@classmethod
def _serve_fallback(cls, exception):
# serve attachment before
parent = super(Http, cls)._serve_fallback(exception)
if parent: # attachment
return parent
if not request.is_frontend:
return False
website_page = cls._serve_page()
if website_page:
return website_page
redirect = cls._serve_redirect()
if redirect:
return request.redirect(_build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type)
return False
@classmethod
def _get_exception_code_values(cls, exception):
code, values = super(Http, cls)._get_exception_code_values(exception)
if request.website.is_publisher() and isinstance(exception, werkzeug.exceptions.NotFound):
values['path'] = request.httprequest.path[1:]
<<<<<<< HEAD
values['force_template'] = 'website.page_404'
=======
if isinstance(exception, werkzeug.exceptions.Forbidden) and \
exception.description == "website_visibility_password_required":
code = 'protected_403'
values['path'] = request.httprequest.path
