From 4a5ba7cddc7e33c99894dc16dcaaaa29c0889656 Mon Sep 17 00:00:00 2001 From: Jairo Llopis Date: Fri, 26 Feb 2021 08:18:08 +0000 Subject: [PATCH] [FIX] privacy_consent: ensure there's always a request user As the controller is `auth="none"`, sometimes there's no user. This wasn't a problem on v12 where `sudo()` applied `SUPERUSER_ID` by default (below, line 35). In v13 we need to add it manually to avoid some situations where `self.env.uid == False`. @Tecnativa --- privacy_consent/controllers/main.py | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/privacy_consent/controllers/main.py b/privacy_consent/controllers/main.py index 289dc43..9a05fa5 100644 --- a/privacy_consent/controllers/main.py +++ b/privacy_consent/controllers/main.py @@ -5,6 +5,7 @@ from datetime import datetime from werkzeug.exceptions import NotFound +from odoo import SUPERUSER_ID from odoo.http import Controller, request, route from odoo.addons.web.controllers.main import ensure_db @@ -24,8 +25,9 @@ class ConsentController(Controller): # If there's a website, we need a user to render the template request.uid = request.website.user_id.id except AttributeError: - # If there's no website, the default is OK - pass + # If there's no website, be root if there's no UID + if not request.uid: + request.uid = SUPERUSER_ID consent = ( request.env["privacy.consent"] .with_context(subject_answering=True)