Browse Source

[FIX] emc_wsite_portal: Access right issue

pull/1/head
Rémy Taymans 7 years ago
parent
commit
c69c1bdca5
  1. 65
      easy_my_coop_website_portal/controllers/main.py
  2. 5
      easy_my_coop_website_portal/views/easy_my_coop_website_portal_templates.xml

65
easy_my_coop_website_portal/controllers/main.py

@ -6,10 +6,11 @@
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl). # License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl).
from openerp import fields, models, http
from werkzeug.exceptions import Forbidden, NotFound
from openerp import http
from openerp.exceptions import AccessError, MissingError
from openerp.http import request from openerp.http import request
from openerp import tools
from openerp.tools.translate import _
from openerp.addons.website_portal_v10.controllers.main import WebsiteAccount from openerp.addons.website_portal_v10.controllers.main import WebsiteAccount
@ -105,15 +106,53 @@ class CooperatorWebsiteAccount(WebsiteAccount):
values values
) )
@http.route(['/my/cooperator_certificat/send'],
@http.route(['/my/release_capital_request/pdf/<int:oid>'],
type='http', auth="user", website=True) type='http', auth="user", website=True)
def send_cooperator_certificat(self, **kw):
def get_release_capital_request(self, oid=-1, **kw):
"""Render the pdf of the given release capital request"""
# Get the release capital request and raise an error if the user
# is not allowed to access to it or if the object is not found.
partner = request.env.user.partner_id partner = request.env.user.partner_id
certificat_email_template = request.env.ref(
'easy_my_coop.email_template_certificat_increase', False
).sudo()
if certificat_email_template:
certificat_email_template.send_mail(
partner.commercial_partner_id.id
)
return request.redirect(kw['nexturl'])
invoice_mgr = request.env['account.invoice']
capital_request = invoice_mgr.sudo().browse(oid)
try:
if capital_request.partner_id != partner:
raise Forbidden()
except AccessError:
raise Forbidden()
except MissingError:
raise NotFound()
# Get the pdf
report_mgr = request.env['report'].sudo()
pdf = report_mgr.get_pdf(
capital_request.ids,
'easy_my_coop.theme_invoice_G002'
)
filename = "Release Capital Request - {oid}".format(
oid=capital_request.id
)
return self._render_pdf(pdf, filename)
@http.route(['/my/cooperator_certificate/pdf'],
type='http', auth="user", website=True)
def get_cooperator_certificat(self, **kw):
"""Render the cooperator certificate pdf of the current user"""
partner = request.env.user.partner_id
report_mgr = request.env['report'].sudo()
pdf = report_mgr.get_pdf(
partner.ids,
'easy_my_coop.cooperator_certificat_G001'
)
filename = "Cooperator Certificate - {name}".format(
name=partner.name
)
return self._render_pdf(pdf, filename)
def _render_pdf(self, pdf, filename):
"""Render a http response for a pdf"""
pdfhttpheaders = [
('Content-Disposition', 'inline; filename="%s.pdf"' % filename),
('Content-Type', 'application/pdf'),
('Content-Length', len(pdf))
]
return request.make_response(pdf, headers=pdfhttpheaders)

5
easy_my_coop_website_portal/views/easy_my_coop_website_portal_templates.xml

@ -86,8 +86,7 @@
<t t-esc="coop.representative"/> <t t-esc="coop.representative"/>
</p> </p>
<p class="text-center"> <p class="text-center">
<a t-att-href="'/report/pdf/easy_my_coop.cooperator_certificat_G001/%s' % coop.id"
class="btn btn-default">
<a href="/my/cooperator_certificate/pdf" class="btn btn-default">
Cooperator Certificate Cooperator Certificate
</a> </a>
</p> </p>
@ -160,7 +159,7 @@
<tbody> <tbody>
<tr t-foreach="capital_requests" t-as="capital_request"> <tr t-foreach="capital_requests" t-as="capital_request">
<td> <td>
<a t-att-href="'/report/pdf/easy_my_coop.theme_invoice_G002/%s' %
<a t-att-href="'/my/release_capital_request/pdf/%s' %
capital_request.id"> capital_request.id">
<t t-esc="capital_request.number"/> <t t-esc="capital_request.number"/>
</a> </a>

Loading…
Cancel
Save