def payment_token(self, order_id, pm_id=None, **kwargs): order = request.env['sale.order'].sudo().browse(order_id) if not order or not order.order_line or pm_id is None: return request.redirect("/quote/%s" % order_id) # try to convert pm_id into an integer, if it doesn't work redirect the user to the quote try: pm_id = int(pm_id) except ValueError: return request.redirect('/quote/%s' % order_id) # retrieve the token from its id token = request.env['payment.token'].sudo().browse(pm_id) if not token: return request.redirect('/quote/%s' % order_id) # find an already existing transaction tx = request.env['payment.transaction'].sudo().search( [('reference', '=', order.name)], limit=1) # set the transaction type to server2server tx_type = 'server2server' # check if the transaction exists, if not then it create one tx = tx._check_or_create_sale_tx(order, token.acquirer_id, payment_token=token, tx_type=tx_type) # set the transaction id into the session request.session['quote_%s_transaction_id' % order_id] = tx.id # proceed to the payment tx.confirm_sale_token() # redirect the user to the online quote return request.redirect('/quote/%s/%s' % (order_id, order.access_token))
def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs): """ Use a token to perform a s2s transaction """ error_url = kwargs.get('error_url', '/my') success_url = kwargs.get('success_url', '/my') callback_method = kwargs.get('callback_method', '') access_token = kwargs.get('access_token') params = {} if access_token: params['access_token'] = access_token invoice_sudo = request.env['account.invoice'].sudo().browse( invoice_id).exists() if not invoice_sudo: params['error'] = 'pay_invoice_invalid_doc' return request.redirect(_build_url_w_params(error_url, params)) try: token = request.env['payment.token'].sudo().browse(int(pm_id)) except (ValueError, TypeError): token = False if not token: params['error'] = 'pay_invoice_invalid_token' return request.redirect(_build_url_w_params(error_url, params)) # find an existing tx or create a new one tx = request.env['payment.transaction'].sudo( )._check_or_create_invoice_tx( invoice_sudo, token.acquirer_id, payment_token=token, tx_type='server2server', add_tx_values={ 'callback_model_id': request.env['ir.model'].sudo().search( [('model', '=', invoice_sudo._name)], limit=1).id, 'callback_res_id': invoice_sudo.id, 'callback_method': callback_method, }) # set the transaction id into the session request.session['portal_invoice_%s_transaction_id' % invoice_sudo.id] = tx.id # proceed to the payment res = tx.confirm_invoice_token() if tx.state != 'authorized' or not tx.acquirer_id.capture_manually: if res is not True: params['error'] = res return request.redirect(_build_url_w_params(error_url, params)) params['success'] = 'pay_invoice' return request.redirect(_build_url_w_params(success_url, params))
def validate_email(self, token, id, email, forum_id=None, **kwargs): if forum_id: try: forum_id = int(forum_id) except ValueError: forum_id = None done = request.env['res.users'].sudo().browse( int(id)).process_forum_validation_token(token, email, forum_id=forum_id)[0] if done: request.session['validation_email_done'] = True if forum_id: return request.redirect("/forum/%s" % int(forum_id)) return request.redirect('/forum')
def actions_server(self, path_or_xml_id_or_id, **post): ServerActions = request.env['ir.actions.server'] action = action_id = None # find the action_id: either an xml_id, the path, or an ID if isinstance(path_or_xml_id_or_id, pycompat.string_types) and '.' in path_or_xml_id_or_id: action = request.env.ref(path_or_xml_id_or_id, raise_if_not_found=False) if not action: action = ServerActions.search([('website_path', '=', path_or_xml_id_or_id), ('website_published', '=', True)], limit=1) if not action: try: action_id = int(path_or_xml_id_or_id) except ValueError: pass # check it effectively exists if action_id: action = ServerActions.browse(action_id).exists() # run it, return only if we got a Response object if action: if action.state == 'code' and action.website_published: action_res = action.run() if isinstance(action_res, werkzeug.wrappers.Response): return action_res return request.redirect('/')
def add_return_request(self, **kw): is_replacement = False if 'is_replacement_check' in kw and kw['is_replacement_check'] == 'on': is_replacement = True sale_order = request.env['sale.order'].browse(int(kw['order_id'])) request_id = request.env['rma.request'].sudo().create({ 'partner_id': kw['partner_id'], 'sale_order_id': kw['order_id'], 'team_id': sale_order.team_id and sale_order.team_id.id or False, 'type': 'web_return_replace', 'is_website': True, 'is_replacement': is_replacement, 'rma_line': [(0, 0, { 'product_id': kw['product_id'], 'uom_id': kw['uom_id'], 'qty_return': kw['quantity'], 'reason_id': kw['reason'], 'qty_delivered': kw['qty_delivered'], 'remark': kw['remark'], })], }) request_id.rma_line.write({'rma_id': request_id.id}) request.session['request_last_return_id'] = request_id.id return request.redirect('/return/confirmation')
def portal_chatter_post(self, res_model, res_id, message, **kw): url = request.httprequest.referrer if message: # message is received in plaintext and saved in html message = plaintext2html(message) _message_post_helper(res_model, int(res_id), message, **kw) url = url + "#discussion" return request.redirect(url)
def event(self, event, **post): if event.menu_id and event.menu_id.child_id: target_url = event.menu_id.child_id[0].url else: target_url = '/event/%s/register' % str(event.id) if post.get('enable_editor') == '1': target_url += '?enable_editor=1' return request.redirect(target_url)
def portal_order_page(self, order=None, access_token=None, **kw): try: order_sudo = self._order_check_access(order, access_token=access_token) except AccessError: return request.redirect('/my') values = self._order_get_page_view_values(order_sudo, access_token, **kw) return request.render("sale.portal_order_page", values)
def return_confirmation(self, **post): return_request_id = request.session.get('request_last_return_id') if return_request_id: return_request = request.env['rma.request'].sudo().browse( return_request_id) return request.render("website_rma.return_confirmation", {'return_req_id': return_request}) else: return request.redirect('/shop')
def portal_my_invoice_detail(self, invoice_id, access_token=None, **kw): try: invoice_sudo = self._invoice_check_access(invoice_id, access_token) except AccessError: return request.redirect('/my') values = self._invoice_get_page_view_values(invoice_sudo, access_token, **kw) return request.render("account.portal_invoice_page", values)
def post_toggle_correct(self, forum, post, **kwargs): if post.parent_id is False: return request.redirect('/') if not request.session.uid: return {'error': 'anonymous_user'} # set all answers to False, only one can be accepted (post.parent_id.child_ids - post).write(dict(is_correct=False)) post.is_correct = not post.is_correct return post.is_correct
def payment_token(self, pm_id, reference, amount, currency_id, return_url=None, **kwargs): token = request.env['payment.token'].browse(int(pm_id)) if not token: return request.redirect('/website_payment/pay?error_msg=%s' % _('Cannot setup the payment.')) partner_id = request.env.user.partner_id.id if not request.env.user._is_public( ) else False values = { 'acquirer_id': token.acquirer_id.id, 'reference': reference, 'amount': float(amount), 'currency_id': int(currency_id), 'partner_id': partner_id, 'payment_token_id': pm_id } tx = request.env['payment.transaction'].sudo().create(values) request.session['website_payment_tx_id'] = tx.id try: res = tx.s2s_do_transaction() except Exception as e: return request.redirect('/website_payment/pay?error_msg=%s' % _('Payment transaction failed.')) valid_state = 'authorized' if tx.acquirer_id.capture_manually else 'done' if not res or tx.state != valid_state: return request.redirect('/website_payment/pay?error_msg=%s' % _('Payment transaction failed.')) return request.redirect( return_url if return_url else '/website_payment/confirm?tx_id=%d' % tx.id)
def post_toc_ok(self, forum, post_id, toc_id, **kwargs): assert request.env.user.karma >= 200, 'Not enough karma, you need 200 to promote a documentation.' stage = request.env['forum.documentation.toc'].search([], limit=1) request.env['forum.post'].browse(int(post_id)).write({ 'documentation_toc_id': toc_id and int(toc_id) or False, 'documentation_stage_id': stage and stage.id }) return request.redirect('/forum/' + str(forum.id) + '/question/' + str(post_id))
def payment(self, **post): order = request.website.sale_get_order() carrier_id = post.get('carrier_id') if carrier_id: carrier_id = int(carrier_id) if order: order._check_carrier_quotation(force_carrier_id=carrier_id) if carrier_id: return request.redirect("/shop/payment") return super(WebsiteSaleDelivery, self).payment(**post)
def get_wishlist(self, count=False, **kw): values = request.env['product.wishlist'].with_context( display_default_code=False).current() if count: return request.make_response( json.dumps(values.mapped('product_id').ids)) if not len(values): return request.redirect("/shop") return request.render("website_sale_wishlist.product_wishlist", dict(wishes=values))
def portal_my_purchase_order(self, order_id=None, **kw): order = request.env['purchase.order'].browse(order_id) try: order.check_access_rights('read') order.check_access_rule('read') except AccessError: return request.redirect('/my') history = request.session.get('my_purchases_history', []) values = { 'order': order.sudo(), } values.update(get_records_pager(history, order)) return request.render("purchase.portal_my_purchase_order", values)
def portal_order_report(self, order_id, access_token=None, **kw): try: order_sudo = self._order_check_access(order_id, access_token) except AccessError: return request.redirect('/my') # print report as sudo, since it require access to taxes, payment term, ... and portal # does not have those access rights. pdf = request.env.ref('sale.action_report_saleorder').sudo().render_qweb_pdf([order_sudo.id])[0] pdfhttpheaders = [ ('Content-Type', 'application/pdf'), ('Content-Length', len(pdf)), ] return request.make_response(pdf, headers=pdfhttpheaders)
def portal_order_page(self, order=None, access_token=None, **kw): try: order_sudo = self._order_check_access(order, access_token=access_token) except exceptions.AccessError: pass else: if order_sudo.template_id and order_sudo.template_id.active: return request.redirect('/quote/%s/%s' % (order, access_token or '')) return super(CustomerPortal, self).portal_order_page(order=order, access_token=access_token, **kw)
def account(self, redirect=None, **post): values = self._prepare_portal_layout_values() partner = request.env.user.partner_id values.update({ 'error': {}, 'error_message': [], }) if post: error, error_message = self.details_form_validate(post) values.update({'error': error, 'error_message': error_message}) values.update(post) if not error: values = {key: post[key] for key in self.MANDATORY_BILLING_FIELDS} values.update({key: post[key] for key in self.OPTIONAL_BILLING_FIELDS if key in post}) values.update({'zip': values.pop('zipcode', '')}) partner.sudo().write(values) if redirect: return request.redirect(redirect) return request.redirect('/my/home') countries = request.env['res.country'].sudo().search([]) states = request.env['res.country.state'].sudo().search([]) values.update({ 'partner': partner, 'countries': countries, 'states': states, 'has_check_vat': hasattr(request.env['res.partner'], 'check_vat'), 'redirect': redirect, 'page_name': 'my_details', }) response = request.render("portal.portal_my_details", values) response.headers['X-Frame-Options'] = 'DENY' return response
def index(self, **kw): homepage = request.website.homepage_id if homepage and (homepage.sudo().is_visible or request.env.user.has_group('base.group_user')) and homepage.url != '/': return request.env['ir.http'].reroute(homepage.url) website_page = request.env['ir.http']._serve_page() if website_page: return website_page else: top_menu = request.website.menu_id first_menu = top_menu and top_menu.child_id and top_menu.child_id.filtered(lambda menu: menu.is_visible) if first_menu and first_menu[0].url not in ('/', '') and (not (first_menu[0].url.startswith(('/?', '/#', ' ')))): return request.redirect(first_menu[0].url) raise request.not_found()
def _serve_fallback(cls, exception): # serve attachment before parent = super(Http, cls)._serve_fallback(exception) if parent: # attachment return parent website_page = cls._serve_page() if website_page: return website_page redirect = cls._serve_redirect() if redirect: return request.redirect(_build_url_w_params( redirect.url_to, request.params), code=redirect.type) return False
def portal_my_picking_report(self, picking_id, access_token=None, **kw): """ Print delivery slip for customer, using either access rights or access token to be sure customer has access """ try: picking_sudo = self._stock_picking_check_access( picking_id, access_token=access_token) except exceptions.AccessError: return request.redirect('/my') # print report as sudo, since it require access to product, taxes, payment term etc.. and portal does not have those access rights. pdf = request.env.ref( 'stock.action_report_delivery').sudo().render_qweb_pdf( [picking_sudo.id])[0] pdfhttpheaders = [ ('Content-Type', 'application/pdf'), ('Content-Length', len(pdf)), ] return request.make_response(pdf, headers=pdfhttpheaders)
def reset_template(self, templates, redirect='/'): templates = request.httprequest.form.getlist('templates') modules_to_update = [] for temp_id in templates: view = request.env['ir.ui.view'].browse(int(temp_id)) if view.page: continue view.model_data_id.write({ 'noupdate': False }) if view.model_data_id.module not in modules_to_update: modules_to_update.append(view.model_data_id.module) if modules_to_update: modules = request.env['ir.module.module'].sudo().search([('name', 'in', modules_to_update)]) if modules: modules.button_immediate_upgrade() return request.redirect(redirect)
def slides_index(self, *args, **post): """ Returns a list of available channels: if only one is available, redirects directly to its slides """ domain = [] if not request.env.user.has_group('website.group_website_designer'): domain += [("website_ids", "in", request.website.id)] channels = request.env['slide.channel'].search(domain, order='sequence, id') if not channels: return request.render("website_slides.channel_not_found") elif len(channels) == 1: return request.redirect("/slides/%s" % channels.id) return request.render( 'website_slides.channels', { 'channels': channels, 'user': request.env.user, 'is_public_user': request.env.user == request.website.user_id })
def confirm(self, **kw): tx_id = int(kw.get('tx_id', 0)) or request.session.pop( 'website_payment_tx_id', 0) if tx_id: tx = request.env['payment.transaction'].browse(tx_id) if tx.state == 'done': status = 'success' message = tx.acquirer_id.done_msg elif tx.state == 'pending': status = 'warning' message = tx.acquirer_id.pending_msg else: status = 'danger' message = tx.acquirer_id.error_msg return request.render('payment.confirm', { 'tx': tx, 'status': status, 'message': message }) else: return request.redirect('/my/home')
def registration_confirm(self, event, **post): order = request.website.sale_get_order(force_create=1) attendee_ids = set() registrations = self._process_registration_details(post) for registration in registrations: ticket = request.env['event.event.ticket'].sudo().browse(int(registration['ticket_id'])) cart_values = order.with_context(event_ticket_id=ticket.id, fixed_price=True)._cart_update(product_id=ticket.product_id.id, add_qty=1, registration_data=[registration]) attendee_ids |= set(cart_values.get('attendee_ids', [])) # free tickets -> order with amount = 0: auto-confirm, no checkout if not order.amount_total: order.action_confirm() # tde notsure: email sending ? attendees = request.env['event.registration'].browse(list(attendee_ids)) # clean context and session, then redirect to the confirmation page request.website.sale_reset() return request.render("website_event.registration_complete", { 'attendees': attendees, 'event': event, }) return request.redirect("/shop/checkout")
def product_compare(self, **post): values = {} product_ids = [int(i) for i in post.get('products', '').split(',') if i.isdigit()] if not product_ids: return request.redirect("/shop") # use search to check read access on each record/ids products = request.env['product.product'].search([('id', 'in', product_ids)]) values['products'] = products.with_context(display_default_code=False) res = {} for num, product in enumerate(products): for var in product.attribute_line_ids: cat_name = var.attribute_id.category_id.name or _('Uncategorized') att_name = var.attribute_id.name if not product.attribute_value_ids: # create_variant = False continue res.setdefault(cat_name, {}).setdefault(att_name, [' - '] * len(products)) val = product.attribute_value_ids.filtered(lambda x: x.attribute_id == var.attribute_id) res[cat_name][att_name][num] = val[0].name values['specs'] = res values['compute_currency'] = self._get_compute_currency_and_context()[0] return request.render("website_sale_comparison.product_compare", values)
def start_survey(self, survey, token=None, **post): UserInput = request.env['survey.user_input'] # Test mode if token and token == "phantom": _logger.info("[survey] Phantom mode") user_input = UserInput.create({'survey_id': survey.id, 'test_entry': True}) data = {'survey': survey, 'page': None, 'token': user_input.token} return request.render('survey.survey_init', data) # END Test mode # Controls if the survey can be displayed errpage = self._check_bad_cases(survey, token=token) if errpage: return errpage # Manual surveying if not token: vals = {'survey_id': survey.id} if request.website.user_id != request.env.user: vals['partner_id'] = request.env.user.partner_id.id user_input = UserInput.create(vals) else: user_input = UserInput.sudo().search([('token', '=', token)], limit=1) if not user_input: return request.render("website.403") # Do not open expired survey errpage = self._check_deadline(user_input) if errpage: return errpage # Select the right page if user_input.state == 'new': # Intro page data = {'survey': survey, 'page': None, 'token': user_input.token} return request.render('survey.survey_init', data) else: return request.redirect('/survey/fill/%s/%s' % (survey.id, user_input.token))
def jobs_add(self, **kwargs): job = request.env['hr.job'].create({ 'name': _('Job Title'), }) return request.redirect("/jobs/detail/%s?enable_editor=1" % slug(job))
def theme_customize_reload(self, href, enable, disable): self.theme_customize(enable and enable.split(",") or [], disable and disable.split(",") or []) return request.redirect(href + ("&theme=true" if "#" in href else "#theme=true"))