def payment_token(self, order_id, pm_id=None, **kwargs):
order = request.env['sale.order'].sudo().browse(order_id)
if not order or not order.order_line or pm_id is None:
return request.redirect("/quote/%s" % order_id)
# try to convert pm_id into an integer, if it doesn't work redirect the user to the quote
try:
pm_id = int(pm_id)
except ValueError:
return request.redirect('/quote/%s' % order_id)
# retrieve the token from its id
token = request.env['payment.token'].sudo().browse(pm_id)
if not token:
return request.redirect('/quote/%s' % order_id)
# find an already existing transaction
tx = request.env['payment.transaction'].sudo().search(
[('reference', '=', order.name)], limit=1)
# set the transaction type to server2server
tx_type = 'server2server'
# check if the transaction exists, if not then it create one
tx = tx._check_or_create_sale_tx(order,
token.acquirer_id,
payment_token=token,
tx_type=tx_type)
# set the transaction id into the session
request.session['quote_%s_transaction_id' % order_id] = tx.id
# proceed to the payment
tx.confirm_sale_token()
# redirect the user to the online quote
return request.redirect('/quote/%s/%s' %
(order_id, order.access_token))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
""" Use a token to perform a s2s transaction """
error_url = kwargs.get('error_url', '/my')
success_url = kwargs.get('success_url', '/my')
callback_method = kwargs.get('callback_method', '')
access_token = kwargs.get('access_token')
params = {}
if access_token:
params['access_token'] = access_token
invoice_sudo = request.env['account.invoice'].sudo().browse(
invoice_id).exists()
if not invoice_sudo:
params['error'] = 'pay_invoice_invalid_doc'
return request.redirect(_build_url_w_params(error_url, params))
try:
token = request.env['payment.token'].sudo().browse(int(pm_id))
except (ValueError, TypeError):
token = False
if not token:
params['error'] = 'pay_invoice_invalid_token'
return request.redirect(_build_url_w_params(error_url, params))
# find an existing tx or create a new one
tx = request.env['payment.transaction'].sudo(
)._check_or_create_invoice_tx(
invoice_sudo,
token.acquirer_id,
payment_token=token,
tx_type='server2server',
add_tx_values={
'callback_model_id':
request.env['ir.model'].sudo().search(
[('model', '=', invoice_sudo._name)], limit=1).id,
'callback_res_id':
invoice_sudo.id,
'callback_method':
callback_method,
})
# set the transaction id into the session
request.session['portal_invoice_%s_transaction_id' %
invoice_sudo.id] = tx.id
# proceed to the payment
res = tx.confirm_invoice_token()
if tx.state != 'authorized' or not tx.acquirer_id.capture_manually:
if res is not True:
params['error'] = res
return request.redirect(_build_url_w_params(error_url, params))
params['success'] = 'pay_invoice'
return request.redirect(_build_url_w_params(success_url, params))
def validate_email(self, token, id, email, forum_id=None, **kwargs):
if forum_id:
try:
forum_id = int(forum_id)
except ValueError:
forum_id = None
done = request.env['res.users'].sudo().browse(
int(id)).process_forum_validation_token(token,
email,
forum_id=forum_id)[0]
if done:
request.session['validation_email_done'] = True
if forum_id:
return request.redirect("/forum/%s" % int(forum_id))
return request.redirect('/forum')
def actions_server(self, path_or_xml_id_or_id, **post):
ServerActions = request.env['ir.actions.server']
action = action_id = None
# find the action_id: either an xml_id, the path, or an ID
if isinstance(path_or_xml_id_or_id, pycompat.string_types) and '.' in path_or_xml_id_or_id:
action = request.env.ref(path_or_xml_id_or_id, raise_if_not_found=False)
if not action:
action = ServerActions.search([('website_path', '=', path_or_xml_id_or_id), ('website_published', '=', True)], limit=1)
if not action:
try:
action_id = int(path_or_xml_id_or_id)
except ValueError:
pass
# check it effectively exists
if action_id:
action = ServerActions.browse(action_id).exists()
# run it, return only if we got a Response object
if action:
if action.state == 'code' and action.website_published:
action_res = action.run()
if isinstance(action_res, werkzeug.wrappers.Response):
return action_res
return request.redirect('/')
def add_return_request(self, **kw):
is_replacement = False
if 'is_replacement_check' in kw and kw['is_replacement_check'] == 'on':
is_replacement = True
sale_order = request.env['sale.order'].browse(int(kw['order_id']))
request_id = request.env['rma.request'].sudo().create({
'partner_id':
kw['partner_id'],
'sale_order_id':
kw['order_id'],
'team_id':
sale_order.team_id and sale_order.team_id.id or False,
'type':
'web_return_replace',
'is_website':
True,
'is_replacement':
is_replacement,
'rma_line': [(0, 0, {
'product_id': kw['product_id'],
'uom_id': kw['uom_id'],
'qty_return': kw['quantity'],
'reason_id': kw['reason'],
'qty_delivered': kw['qty_delivered'],
'remark': kw['remark'],
})],
})
request_id.rma_line.write({'rma_id': request_id.id})
request.session['request_last_return_id'] = request_id.id
return request.redirect('/return/confirmation')
def portal_chatter_post(self, res_model, res_id, message, **kw):
url = request.httprequest.referrer
if message:
# message is received in plaintext and saved in html
message = plaintext2html(message)
_message_post_helper(res_model, int(res_id), message, **kw)
url = url + "#discussion"
return request.redirect(url)
def event(self, event, **post):
if event.menu_id and event.menu_id.child_id:
target_url = event.menu_id.child_id[0].url
else:
target_url = '/event/%s/register' % str(event.id)
if post.get('enable_editor') == '1':
target_url += '?enable_editor=1'
return request.redirect(target_url)
def portal_order_page(self, order=None, access_token=None, **kw):
try:
order_sudo = self._order_check_access(order, access_token=access_token)
except AccessError:
return request.redirect('/my')
values = self._order_get_page_view_values(order_sudo, access_token, **kw)
return request.render("sale.portal_order_page", values)
def return_confirmation(self, **post):
return_request_id = request.session.get('request_last_return_id')
if return_request_id:
return_request = request.env['rma.request'].sudo().browse(
return_request_id)
return request.render("website_rma.return_confirmation",
{'return_req_id': return_request})
else:
return request.redirect('/shop')
def portal_my_invoice_detail(self, invoice_id, access_token=None, **kw):
try:
invoice_sudo = self._invoice_check_access(invoice_id, access_token)
except AccessError:
return request.redirect('/my')
values = self._invoice_get_page_view_values(invoice_sudo, access_token,
**kw)
return request.render("account.portal_invoice_page", values)
def post_toggle_correct(self, forum, post, **kwargs):
if post.parent_id is False:
return request.redirect('/')
if not request.session.uid:
return {'error': 'anonymous_user'}
# set all answers to False, only one can be accepted
(post.parent_id.child_ids - post).write(dict(is_correct=False))
post.is_correct = not post.is_correct
return post.is_correct
def payment_token(self,
pm_id,
reference,
amount,
currency_id,
return_url=None,
**kwargs):
token = request.env['payment.token'].browse(int(pm_id))
if not token:
return request.redirect('/website_payment/pay?error_msg=%s' %
_('Cannot setup the payment.'))
partner_id = request.env.user.partner_id.id if not request.env.user._is_public(
) else False
values = {
'acquirer_id': token.acquirer_id.id,
'reference': reference,
'amount': float(amount),
'currency_id': int(currency_id),
'partner_id': partner_id,
'payment_token_id': pm_id
}
tx = request.env['payment.transaction'].sudo().create(values)
request.session['website_payment_tx_id'] = tx.id
try:
res = tx.s2s_do_transaction()
except Exception as e:
return request.redirect('/website_payment/pay?error_msg=%s' %
_('Payment transaction failed.'))
valid_state = 'authorized' if tx.acquirer_id.capture_manually else 'done'
if not res or tx.state != valid_state:
return request.redirect('/website_payment/pay?error_msg=%s' %
_('Payment transaction failed.'))
return request.redirect(
return_url if return_url else '/website_payment/confirm?tx_id=%d' %
tx.id)
def post_toc_ok(self, forum, post_id, toc_id, **kwargs):
assert request.env.user.karma >= 200, 'Not enough karma, you need 200 to promote a documentation.'
stage = request.env['forum.documentation.toc'].search([], limit=1)
request.env['forum.post'].browse(int(post_id)).write({
'documentation_toc_id':
toc_id and int(toc_id) or False,
'documentation_stage_id':
stage and stage.id
})
return request.redirect('/forum/' + str(forum.id) + '/question/' +
str(post_id))
def payment(self, **post):
order = request.website.sale_get_order()
carrier_id = post.get('carrier_id')
if carrier_id:
carrier_id = int(carrier_id)
if order:
order._check_carrier_quotation(force_carrier_id=carrier_id)
if carrier_id:
return request.redirect("/shop/payment")
return super(WebsiteSaleDelivery, self).payment(**post)
def get_wishlist(self, count=False, **kw):
values = request.env['product.wishlist'].with_context(
display_default_code=False).current()
if count:
return request.make_response(
json.dumps(values.mapped('product_id').ids))
if not len(values):
return request.redirect("/shop")
return request.render("website_sale_wishlist.product_wishlist",
dict(wishes=values))
def portal_my_purchase_order(self, order_id=None, **kw):
order = request.env['purchase.order'].browse(order_id)
try:
order.check_access_rights('read')
order.check_access_rule('read')
except AccessError:
return request.redirect('/my')
history = request.session.get('my_purchases_history', [])
values = {
'order': order.sudo(),
}
values.update(get_records_pager(history, order))
return request.render("purchase.portal_my_purchase_order", values)
def portal_order_report(self, order_id, access_token=None, **kw):
try:
order_sudo = self._order_check_access(order_id, access_token)
except AccessError:
return request.redirect('/my')
# print report as sudo, since it require access to taxes, payment term, ... and portal
# does not have those access rights.
pdf = request.env.ref('sale.action_report_saleorder').sudo().render_qweb_pdf([order_sudo.id])[0]
pdfhttpheaders = [
('Content-Type', 'application/pdf'),
('Content-Length', len(pdf)),
]
return request.make_response(pdf, headers=pdfhttpheaders)
def portal_order_page(self, order=None, access_token=None, **kw):
try:
order_sudo = self._order_check_access(order,
access_token=access_token)
except exceptions.AccessError:
pass
else:
if order_sudo.template_id and order_sudo.template_id.active:
return request.redirect('/quote/%s/%s' %
(order, access_token or ''))
return super(CustomerPortal,
self).portal_order_page(order=order,
access_token=access_token,
**kw)
def account(self, redirect=None, **post):
values = self._prepare_portal_layout_values()
partner = request.env.user.partner_id
values.update({
'error': {},
'error_message': [],
})
if post:
error, error_message = self.details_form_validate(post)
values.update({'error': error, 'error_message': error_message})
values.update(post)
if not error:
values = {key: post[key] for key in self.MANDATORY_BILLING_FIELDS}
values.update({key: post[key] for key in self.OPTIONAL_BILLING_FIELDS if key in post})
values.update({'zip': values.pop('zipcode', '')})
partner.sudo().write(values)
if redirect:
return request.redirect(redirect)
return request.redirect('/my/home')
countries = request.env['res.country'].sudo().search([])
states = request.env['res.country.state'].sudo().search([])
values.update({
'partner': partner,
'countries': countries,
'states': states,
'has_check_vat': hasattr(request.env['res.partner'], 'check_vat'),
'redirect': redirect,
'page_name': 'my_details',
})
response = request.render("portal.portal_my_details", values)
response.headers['X-Frame-Options'] = 'DENY'
return response
def index(self, **kw):
homepage = request.website.homepage_id
if homepage and (homepage.sudo().is_visible or request.env.user.has_group('base.group_user')) and homepage.url != '/':
return request.env['ir.http'].reroute(homepage.url)
website_page = request.env['ir.http']._serve_page()
if website_page:
return website_page
else:
top_menu = request.website.menu_id
first_menu = top_menu and top_menu.child_id and top_menu.child_id.filtered(lambda menu: menu.is_visible)
if first_menu and first_menu[0].url not in ('/', '') and (not (first_menu[0].url.startswith(('/?', '/#', ' ')))):
return request.redirect(first_menu[0].url)
raise request.not_found()
def _serve_fallback(cls, exception):
# serve attachment before
parent = super(Http, cls)._serve_fallback(exception)
if parent: # attachment
return parent
website_page = cls._serve_page()
if website_page:
return website_page
redirect = cls._serve_redirect()
if redirect:
return request.redirect(_build_url_w_params(
redirect.url_to, request.params),
code=redirect.type)
return False
def portal_my_picking_report(self, picking_id, access_token=None, **kw):
""" Print delivery slip for customer, using either access rights or access token
to be sure customer has access """
try:
picking_sudo = self._stock_picking_check_access(
picking_id, access_token=access_token)
except exceptions.AccessError:
return request.redirect('/my')
# print report as sudo, since it require access to product, taxes, payment term etc.. and portal does not have those access rights.
pdf = request.env.ref(
'stock.action_report_delivery').sudo().render_qweb_pdf(
[picking_sudo.id])[0]
pdfhttpheaders = [
('Content-Type', 'application/pdf'),
('Content-Length', len(pdf)),
]
return request.make_response(pdf, headers=pdfhttpheaders)
def reset_template(self, templates, redirect='/'):
templates = request.httprequest.form.getlist('templates')
modules_to_update = []
for temp_id in templates:
view = request.env['ir.ui.view'].browse(int(temp_id))
if view.page:
continue
view.model_data_id.write({
'noupdate': False
})
if view.model_data_id.module not in modules_to_update:
modules_to_update.append(view.model_data_id.module)
if modules_to_update:
modules = request.env['ir.module.module'].sudo().search([('name', 'in', modules_to_update)])
if modules:
modules.button_immediate_upgrade()
return request.redirect(redirect)
def slides_index(self, *args, **post):
""" Returns a list of available channels: if only one is available,
redirects directly to its slides
"""
domain = []
if not request.env.user.has_group('website.group_website_designer'):
domain += [("website_ids", "in", request.website.id)]
channels = request.env['slide.channel'].search(domain,
order='sequence, id')
if not channels:
return request.render("website_slides.channel_not_found")
elif len(channels) == 1:
return request.redirect("/slides/%s" % channels.id)
return request.render(
'website_slides.channels', {
'channels': channels,
'user': request.env.user,
'is_public_user': request.env.user == request.website.user_id
})
def confirm(self, **kw):
tx_id = int(kw.get('tx_id', 0)) or request.session.pop(
'website_payment_tx_id', 0)
if tx_id:
tx = request.env['payment.transaction'].browse(tx_id)
if tx.state == 'done':
status = 'success'
message = tx.acquirer_id.done_msg
elif tx.state == 'pending':
status = 'warning'
message = tx.acquirer_id.pending_msg
else:
status = 'danger'
message = tx.acquirer_id.error_msg
return request.render('payment.confirm', {
'tx': tx,
'status': status,
'message': message
})
else:
return request.redirect('/my/home')
def registration_confirm(self, event, **post):
order = request.website.sale_get_order(force_create=1)
attendee_ids = set()
registrations = self._process_registration_details(post)
for registration in registrations:
ticket = request.env['event.event.ticket'].sudo().browse(int(registration['ticket_id']))
cart_values = order.with_context(event_ticket_id=ticket.id, fixed_price=True)._cart_update(product_id=ticket.product_id.id, add_qty=1, registration_data=[registration])
attendee_ids |= set(cart_values.get('attendee_ids', []))
# free tickets -> order with amount = 0: auto-confirm, no checkout
if not order.amount_total:
order.action_confirm() # tde notsure: email sending ?
attendees = request.env['event.registration'].browse(list(attendee_ids))
# clean context and session, then redirect to the confirmation page
request.website.sale_reset()
return request.render("website_event.registration_complete", {
'attendees': attendees,
'event': event,
})
return request.redirect("/shop/checkout")
def product_compare(self, **post):
values = {}
product_ids = [int(i) for i in post.get('products', '').split(',') if i.isdigit()]
if not product_ids:
return request.redirect("/shop")
# use search to check read access on each record/ids
products = request.env['product.product'].search([('id', 'in', product_ids)])
values['products'] = products.with_context(display_default_code=False)
res = {}
for num, product in enumerate(products):
for var in product.attribute_line_ids:
cat_name = var.attribute_id.category_id.name or _('Uncategorized')
att_name = var.attribute_id.name
if not product.attribute_value_ids: # create_variant = False
continue
res.setdefault(cat_name, {}).setdefault(att_name, [' - '] * len(products))
val = product.attribute_value_ids.filtered(lambda x: x.attribute_id == var.attribute_id)
res[cat_name][att_name][num] = val[0].name
values['specs'] = res
values['compute_currency'] = self._get_compute_currency_and_context()[0]
return request.render("website_sale_comparison.product_compare", values)
def start_survey(self, survey, token=None, **post):
UserInput = request.env['survey.user_input']
# Test mode
if token and token == "phantom":
_logger.info("[survey] Phantom mode")
user_input = UserInput.create({'survey_id': survey.id, 'test_entry': True})
data = {'survey': survey, 'page': None, 'token': user_input.token}
return request.render('survey.survey_init', data)
# END Test mode
# Controls if the survey can be displayed
errpage = self._check_bad_cases(survey, token=token)
if errpage:
return errpage
# Manual surveying
if not token:
vals = {'survey_id': survey.id}
if request.website.user_id != request.env.user:
vals['partner_id'] = request.env.user.partner_id.id
user_input = UserInput.create(vals)
else:
user_input = UserInput.sudo().search([('token', '=', token)], limit=1)
if not user_input:
return request.render("website.403")
# Do not open expired survey
errpage = self._check_deadline(user_input)
if errpage:
return errpage
# Select the right page
if user_input.state == 'new': # Intro page
data = {'survey': survey, 'page': None, 'token': user_input.token}
return request.render('survey.survey_init', data)
else:
return request.redirect('/survey/fill/%s/%s' % (survey.id, user_input.token))
def jobs_add(self, **kwargs):
job = request.env['hr.job'].create({
'name': _('Job Title'),
})
return request.redirect("/jobs/detail/%s?enable_editor=1" % slug(job))
def theme_customize_reload(self, href, enable, disable):
self.theme_customize(enable and enable.split(",") or [], disable and disable.split(",") or [])
return request.redirect(href + ("&theme=true" if "#" in href else "#theme=true"))
