def appoint_pay_token(self, appoint_id, pm_id=None, **kwargs): error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token appoint_sudo = request.env['appointment'].sudo().browse(appoint_id).exists() if not appoint_sudo: params['error'] = 'pay_appoint_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False token_owner = appoint_sudo.customer if request.env.user._is_public() else request.env.user.partner_id if not token or token.partner_id != token_owner: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) vals = { 'payment_token_id': token.id, 'type': 'server2server', 'return_url': success_url, } tx = appoint_sudo._create_payment_transaction(vals) PaymentProcessing.add_payment_transaction(tx) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse(invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False token_owner = invoice_sudo.partner_id if request.env.user._is_public() else request.env.user.partner_id if not token or token.partner_id != token_owner: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) vals = { 'payment_token_id': token.id, 'type': 'server2server', 'return_url': success_url, } tx = invoice_sudo._create_payment_transaction(vals) PaymentProcessing.add_payment_transaction(tx) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse( invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False token_owner = invoice_sudo.partner_id if request.env.user == request.env.ref( 'base.public_user') else request.env.user.partner_id if not token or token.partner_id != token_owner: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) vals = { 'payment_token_id': token.id, 'type': 'server2server', } invoice_sudo._create_payment_transaction(vals) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') callback_method = kwargs.get('callback_method', '') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse(invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: pm_id = int(pm_id) except (ValueError, TypeError): params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) vals = { 'payment_token_id': pm_id, 'type': 'server2server', 'callback_model_id': request.env['ir.model'].sudo().search([('model', '=', invoice_sudo._name)], limit=1).id, 'callback_res_id': invoice_sudo.id, 'callback_method': callback_method, } invoice_sudo._create_payment_transaction(vals) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') callback_method = kwargs.get('callback_method', '') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse( invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False if not token: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) # find an existing tx or create a new one tx = request.env['payment.transaction'].sudo( )._check_or_create_invoice_tx( invoice_sudo, token.acquirer_id, payment_token=token, tx_type='server2server', add_tx_values={ 'callback_model_id': request.env['ir.model'].sudo().search( [('model', '=', invoice_sudo._name)], limit=1).id, 'callback_res_id': invoice_sudo.id, 'callback_method': callback_method, }) # set the transaction id into the session request.session['portal_invoice_%s_transaction_id' % invoice_sudo.id] = tx.id # proceed to the payment res = tx.confirm_invoice_token() if tx.state != 'authorized' or not tx.acquirer_id.capture_manually: if res is not True: params['error'] = res return request.redirect(_build_url_w_params(error_url, params)) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse( invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) # Check if the current user has access to this invoice commercial_partner_id = request.env.user.partner_id.commercial_partner_id.id if request.env['account.invoice'].sudo().search_count([ ('id', '=', invoice_id), ('message_partner_ids', 'child_of', commercial_partner_id) ]) == 0: return False try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False if not token: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) # find an existing tx or create a new one tx = request.env['payment.transaction'].sudo( )._check_or_create_invoice_tx(invoice_sudo, token.acquirer_id, payment_token=token, tx_type='server2server') # set the transaction id into the session request.session['portal_invoice_%s_transaction_id' % invoice_sudo.id] = tx.id # proceed to the payment res = tx.confirm_invoice_token() if tx.state != 'authorized' or not tx.acquirer_id.capture_manually: if res is not True: params['error'] = res return request.redirect(_build_url_w_params(error_url, params)) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def _serve_fallback(cls): # serve attachment before parent = super()._serve_fallback() if parent: # attachment return parent # minimal setup to serve frontend pages if not request.uid: cls._auth_method_public() cls._frontend_pre_dispatch() cls._handle_debug() request.params = request.get_http_params() website_page = cls._serve_page() if website_page: website_page.flatten() cls._register_website_track(website_page) cls._post_dispatch(website_page) return website_page redirect = cls._serve_redirect() if redirect: return request.redirect( _build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type, local=False ) # safe because only designers can specify redirects
def _invoice_get_page_view_values(self, invoice, access_token, **kwargs): values = super()._invoice_get_page_view_values(invoice, access_token, **kwargs) logged_in = not request.env.user._is_public() # We set partner_id to the partner id of the current user if logged in, otherwise we set it # to the invoice partner id. We do this to ensure that payment tokens are assigned to the # correct partner and to avoid linking tokens to the public user. partner = request.env.user.partner_id if logged_in else invoice.partner_id # Make sure that the partner's company matches the invoice's company. invoice_company = invoice.company_id or request.env.company PaymentPortal._ensure_matching_companies(partner, invoice_company) acquirers_sudo = request.env['payment.acquirer'].sudo( )._get_compatible_acquirers( invoice_company.id, partner.id, currency_id=invoice.currency_id.id ) # In sudo mode to read the fields of acquirers and partner (if not logged in) tokens = request.env['payment.token'].search([ ('acquirer_id', 'in', acquirers_sudo.ids), ('partner_id', '=', partner.id) ]) # Tokens are cleared at the end if the user is not logged in fees_by_acquirer = { acq_sudo: acq_sudo._compute_fees(invoice.amount_total, invoice.currency_id, invoice.partner_id.country_id) for acq_sudo in acquirers_sudo.filtered('fees_active') } values.update({ 'acquirers': acquirers_sudo, 'tokens': tokens, 'fees_by_acquirer': fees_by_acquirer, 'show_tokenize_input': PaymentPortal._compute_show_tokenize_input_mapping( acquirers_sudo, logged_in=logged_in), 'amount': invoice.amount_residual, 'currency': invoice.currency_id, 'partner_id': partner.id, 'access_token': access_token, 'transaction_route': f'/invoice/transaction/{invoice.id}/', 'landing_route': _build_url_w_params(invoice.access_url, {'access_token': access_token}) }) if not logged_in: # Don't display payment tokens of the invoice partner if the user is not logged in, but # inform that logging in will make them available. values.update({ 'existing_token': bool(tokens), 'tokens': request.env['payment.token'], }) return values
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') callback_method = kwargs.get('callback_method', '') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse(invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False if not token: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) # find an existing tx or create a new one tx = request.env['payment.transaction'].sudo()._check_or_create_invoice_tx( invoice_sudo, token.acquirer_id, payment_token=token, tx_type='server2server', add_tx_values={ 'callback_model_id': request.env['ir.model'].sudo().search([('model', '=', invoice_sudo._name)], limit=1).id, 'callback_res_id': invoice_sudo.id, 'callback_method': callback_method, }) # set the transaction id into the session request.session['portal_invoice_%s_transaction_id' % invoice_sudo.id] = tx.id # proceed to the payment res = tx.confirm_invoice_token() if tx.state != 'authorized' or not tx.acquirer_id.capture_manually: if res is not True: params['error'] = res return request.redirect(_build_url_w_params(error_url, params)) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def sale_pay_token(self, order_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token order_sudo = request.env['sale.order'].sudo().browse(order_id).exists() if not order_sudo: params['error'] = 'pay_sale_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False token_owner = order_sudo.partner_id if request.env.user._is_public( ) else request.env.user.partner_id if not token or token.partner_id != token_owner: params['error'] = 'pay_sale_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) # find an existing tx or create a new one tx = request.env['payment.transaction'].sudo( )._check_or_create_sale_tx( order_sudo, token.acquirer_id, payment_token=token, tx_type='server2server', ) # set the transaction id into the session request.session['portal_sale_%s_transaction_id' % order_sudo.id] = tx.id # proceed to the payment res = tx.confirm_sale_token() if tx.state != 'authorized' or not tx.acquirer_id.capture_manually: if res is not True: params['error'] = res return request.redirect(_build_url_w_params(error_url, params)) params['success'] = 'pay_sale' return request.redirect(_build_url_w_params(success_url, params))
def old_blog_post(self, blog, blog_post, tag_id=None, page=1, enable_editor=None, **post): # Compatibility pre-v14 return request.redirect(_build_url_w_params( "/blog/%s/%s" % (slug(blog), slug(blog_post)), request.params), code=301)
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.move'].sudo().browse( invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) success_url = kwargs.get( 'success_url', "%s?%s" % (invoice_sudo.access_url, url_encode( {'access_token': access_token}) if access_token else '')) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False token_owner = invoice_sudo.partner_id if request.env.user._is_public( ) else request.env.user.partner_id if not token or token.partner_id != token_owner: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) vals = { 'payment_token_id': token.id, 'type': 'server2server', 'return_url': _build_url_w_params(success_url, params), } tx = invoice_sudo._create_payment_transaction(vals) PaymentProcessing.add_payment_transaction(tx) params['success'] = 'pay_invoice' return request.redirect('/payment/process')
def _serve_fallback(cls, exception): # serve attachment before parent = super(Http, cls)._serve_fallback(exception) if parent: # attachment return parent website_page = cls._serve_page() if website_page: return website_page redirect = cls._serve_redirect() if redirect: return request.redirect(_build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type) return False
def _serve_fallback(cls, exception): # serve attachment before parent = super(Http, cls)._serve_fallback(exception) if parent: # attachment return parent website_page = cls._serve_page() if website_page: return website_page redirect = cls._serve_redirect() if redirect: return request.redirect(_build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type) return False
def _serve_fallback(cls, exception): # serve attachment before parent = super(Http, cls)._serve_fallback(exception) if parent: # attachment return parent if not request.is_frontend: return False website_page = cls._serve_page() if website_page: return website_page redirect = cls._serve_redirect() if redirect: return request.redirect( _build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type, local=False) # safe because only designers can specify redirects return False
def _get_invoice_tx_vals(self, invoice_id, **kwargs): error_url = kwargs.get('error_url', '/my') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse( invoice_id).exists() if not invoice_sudo: return False, {} success_url = kwargs.get( 'success_url', "%s?%s" % (invoice_sudo.access_url, url_encode( {'access_token': access_token}) if access_token else '')) params['success'] = 'pay_invoice' return invoice_sudo, { 'return_url': _build_url_w_params(success_url, params) }
def old_question(self, forum, question, **post): # Compatibility pre-v14 return request.redirect(_build_url_w_params( "/forum/%s/%s" % (slug(forum), slug(question)), request.params), code=301)
@classmethod def _serve_fallback(cls, exception): # serve attachment before parent = super(Http, cls)._serve_fallback(exception) if parent: # attachment return parent if not request.is_frontend: return False website_page = cls._serve_page() if website_page: return website_page redirect = cls._serve_redirect() if redirect: return request.redirect(_build_url_w_params(redirect.url_to, request.params), code=redirect.redirect_type) return False @classmethod def _get_exception_code_values(cls, exception): code, values = super(Http, cls)._get_exception_code_values(exception) if request.website.is_publisher() and isinstance(exception, werkzeug.exceptions.NotFound): values['path'] = request.httprequest.path[1:] <<<<<<< HEAD values['force_template'] = 'website.page_404' ======= if isinstance(exception, werkzeug.exceptions.Forbidden) and \ exception.description == "website_visibility_password_required": code = 'protected_403' values['path'] = request.httprequest.path