[FIX] website_sale: fixes for access right with public user, and access to shopping cart, checkout... without passed by shop index, change url add_cart
bzr revid: chm@openerp.com-20131203154422-cwc12og1bgw9j9a8
This commit is contained in:
parent
16417844c7
commit
bc4a7c81bc
|
@ -288,26 +288,33 @@ class Ecommerce(http.Controller):
|
|||
|
||||
request.context = dict(request.context, pricelist=self.get_pricelist())
|
||||
|
||||
quantity = 0
|
||||
# set order_line_id and product_id
|
||||
if order_line_id:
|
||||
order_line = order_line_obj.browse(request.cr, SUPERUSER_ID, order_line_id, context=request.context)
|
||||
if order_line.order_id.id == order.id:
|
||||
product_id = order_line.product_id.id
|
||||
else:
|
||||
order_line_id = None
|
||||
else:
|
||||
order_line_ids = order_line_obj.search(request.cr, SUPERUSER_ID,
|
||||
[('order_id', '=', order.id),('product_id', '=', product_id)], context=request.context)
|
||||
if order_line_ids:
|
||||
order_line_id = order_line_ids[0]
|
||||
|
||||
if not order_line_id and not product_id:
|
||||
return 0
|
||||
|
||||
# values initialisation
|
||||
quantity = 0
|
||||
values = {}
|
||||
|
||||
domain = [('order_id', '=', order.id)]
|
||||
if order_line_id:
|
||||
domain += [('id', '=', order_line_id)]
|
||||
else:
|
||||
domain += [('product_id', '=', product_id)]
|
||||
|
||||
order_line_ids = order_line_obj.search(request.cr, SUPERUSER_ID, domain, context=request.context)
|
||||
if order_line_ids:
|
||||
order_line = order_line_obj.read(request.cr, SUPERUSER_ID, order_line_ids, [], context=request.context)[0]
|
||||
order_line_val = order_line_obj.read(request.cr, SUPERUSER_ID, [order_line_id], [], context=request.context)[0]
|
||||
if not product_id:
|
||||
product_id = order_line['product_id'][0]
|
||||
product_id = order_line_val['product_id'][0]
|
||||
if set_number >= 0:
|
||||
quantity = set_number
|
||||
else:
|
||||
quantity = order_line['product_uom_qty'] + number
|
||||
quantity = order_line_val['product_uom_qty'] + number
|
||||
if quantity < 0:
|
||||
quantity = 0
|
||||
else:
|
||||
|
@ -316,17 +323,17 @@ class Ecommerce(http.Controller):
|
|||
quantity = 1
|
||||
|
||||
# change and record value
|
||||
vals = order_line_obj._recalculate_product_values(request.cr, request.uid, order_line_ids, product_id, context=request.context)
|
||||
vals = order_line_obj._recalculate_product_values(request.cr, request.uid, [order_line_id], product_id, context=request.context)
|
||||
values.update(vals)
|
||||
|
||||
values['product_uom_qty'] = quantity
|
||||
values['product_id'] = product_id
|
||||
values['order_id'] = order.id
|
||||
|
||||
if order_line_ids:
|
||||
order_line_obj.write(request.cr, SUPERUSER_ID, order_line_ids, values, context=request.context)
|
||||
if order_line_id:
|
||||
order_line_obj.write(request.cr, SUPERUSER_ID, [order_line_id], values, context=request.context)
|
||||
if not quantity:
|
||||
order_line_obj.unlink(request.cr, SUPERUSER_ID, order_line_ids, context=request.context)
|
||||
order_line_obj.unlink(request.cr, SUPERUSER_ID, [order_line_id], context=request.context)
|
||||
else:
|
||||
order_line_id = order_line_obj.create(request.cr, SUPERUSER_ID, values, context=request.context)
|
||||
order_obj.write(request.cr, SUPERUSER_ID, [order.id], {'order_line': [(4, order_line_id)]}, context=request.context)
|
||||
|
@ -338,7 +345,7 @@ class Ecommerce(http.Controller):
|
|||
prod_obj = request.registry.get('product.product')
|
||||
|
||||
# must have a draft sale order with lines at this point, otherwise reset
|
||||
order = context.get('website_sale_order')
|
||||
order = request.registry['website'].get_current_order(request.cr, request.uid, context=request.context)
|
||||
if order and order.state != 'draft':
|
||||
request.registry['website'].sale_reset_order(cr, uid, context=context)
|
||||
return request.redirect('/shop/')
|
||||
|
@ -367,9 +374,14 @@ class Ecommerce(http.Controller):
|
|||
}
|
||||
return request.website.render("website_sale.mycart", values)
|
||||
|
||||
@website.route(['/shop/add_cart/'], type='http', auth="public", multilang=True)
|
||||
def add_cart(self, product_id=None, order_line_id=None, remove=None, **kw):
|
||||
self.add_product_to_cart(product_id=product_id and int(product_id), order_line_id=order_line_id and int(order_line_id), number=(remove and -1 or 1))
|
||||
@website.route(['/shop/add_cart/', '/shop/add_cart/<model("product.product"):product>/'], type='http', auth="public", multilang=True, methods=['POST'])
|
||||
def add_cart(self, product=None, product_id=None, remove=None, **kw):
|
||||
self.add_product_to_cart(product_id=int(product_id or product.id))
|
||||
return request.redirect("/shop/mycart/")
|
||||
|
||||
@website.route(['/shop/change_cart/<model("sale.order.line"):order_line>/'], type='http', auth="public", multilang=True)
|
||||
def add_cart_order_line(self, order_line=None, remove=None, **kw):
|
||||
self.add_product_to_cart(order_line_id=int(order_line.id), number=(remove and -1 or 1))
|
||||
return request.redirect("/shop/mycart/")
|
||||
|
||||
@website.route(['/shop/add_cart_json/'], type='json', auth="public")
|
||||
|
@ -390,7 +402,7 @@ class Ecommerce(http.Controller):
|
|||
cr, uid, context, registry = request.cr, request.uid, request.context, request.registry
|
||||
|
||||
# must have a draft sale order with lines at this point, otherwise reset
|
||||
order = context.get('website_sale_order')
|
||||
order = request.registry['website'].get_current_order(request.cr, request.uid, context=request.context)
|
||||
if not order or order.state != 'draft' or not order.order_line:
|
||||
request.registry['website'].sale_reset_order(cr, uid, context=context)
|
||||
return request.redirect('/shop/')
|
||||
|
@ -421,14 +433,20 @@ class Ecommerce(http.Controller):
|
|||
checkout = values['checkout']
|
||||
error = values['error']
|
||||
|
||||
if not request.uid == request.registry['website'].get_public_user(cr, uid, context):
|
||||
partner = None
|
||||
public_id = request.registry['website'].get_public_user(cr, uid, context)
|
||||
if not request.uid == public_id:
|
||||
partner = orm_user.browse(cr, uid, uid, context).partner_id
|
||||
elif order.partner_id and order.partner_id.id != public_id:
|
||||
partner = orm_partner.browse(cr, SUPERUSER_ID, order.partner_id.id, context)
|
||||
|
||||
if partner:
|
||||
partner_info = info.from_partner(partner)
|
||||
checkout.update(partner_info)
|
||||
shipping_ids = orm_partner.search(cr, uid, [("parent_id", "=", partner.id), ('type', "=", 'delivery')], context=context)
|
||||
shipping_ids = orm_partner.search(cr, SUPERUSER_ID, [("parent_id", "=", partner.id), ('type', "=", 'delivery')], context=context)
|
||||
if shipping_ids:
|
||||
values['shipping'] = "true"
|
||||
shipping_partner = orm_partner.browse(cr, uid, shipping_ids[0], context)
|
||||
shipping_partner = orm_partner.browse(cr, SUPERUSER_ID, shipping_ids[0], context)
|
||||
checkout['shipping_name'] = getattr(shipping_partner, 'name')
|
||||
checkout['shipping_phone'] = getattr(shipping_partner, 'phone')
|
||||
checkout['shipping_street'] = getattr(shipping_partner, 'street')
|
||||
|
@ -446,6 +464,7 @@ class Ecommerce(http.Controller):
|
|||
@website.route(['/shop/confirm_order/'], type='http', auth="public", multilang=True)
|
||||
def confirm_order(self, **post):
|
||||
cr, uid, context, registry = request.cr, request.uid, request.context, request.registry
|
||||
order_line_obj = request.registry.get('sale.order')
|
||||
|
||||
# must have a draft sale order with lines at this point, otherwise redirect to shop
|
||||
order = request.registry['website'].get_current_order(request.cr, request.uid, context=request.context)
|
||||
|
@ -470,7 +489,7 @@ class Ecommerce(http.Controller):
|
|||
values = {
|
||||
'countries': countries,
|
||||
'states': states,
|
||||
'checkout': info.empty(),
|
||||
'checkout': info.from_partner( ),
|
||||
'shipping': post.get("shipping_different"),
|
||||
'error': {},
|
||||
}
|
||||
|
@ -534,7 +553,8 @@ class Ecommerce(http.Controller):
|
|||
'partner_shipping_id': shipping_id or partner_id
|
||||
}
|
||||
order_info.update(registry.get('sale.order').onchange_partner_id(cr, SUPERUSER_ID, [], order.partner_id.id, context=context)['value'])
|
||||
order.write(order_info)
|
||||
|
||||
order_line_obj.write(cr, SUPERUSER_ID, [order.id], order_info, context=context)
|
||||
|
||||
return request.redirect("/shop/payment/")
|
||||
|
||||
|
@ -553,7 +573,7 @@ class Ecommerce(http.Controller):
|
|||
payment_obj = request.registry.get('payment.acquirer')
|
||||
|
||||
# if no sale order at this stage: back to checkout beginning
|
||||
order = context.get('website_sale_order')
|
||||
order = request.registry['website'].get_current_order(request.cr, request.uid, context=request.context)
|
||||
if not order or not order.state == 'draft' or not order.order_line:
|
||||
request.registry['website'].sale_reset_order(cr, uid, context=context)
|
||||
return request.redirect("/shop/")
|
||||
|
@ -681,7 +701,7 @@ class Ecommerce(http.Controller):
|
|||
tx = request.registry['payment.transaction'].browse(cr, uid, transaction_id, context=context)
|
||||
|
||||
if sale_order_id is None:
|
||||
order = context.get('website_sale_order')
|
||||
order = request.registry['website'].get_current_order(request.cr, request.uid, context=request.context)
|
||||
else:
|
||||
order = request.registry['sale.order'].browse(cr, uid, sale_order_id, context=context)
|
||||
|
||||
|
|
|
@ -41,8 +41,7 @@ class sale_order_line(osv.Model):
|
|||
if context is None:
|
||||
context = {}
|
||||
user_obj = self.pool.get('res.users')
|
||||
product_id = product_id and int(product_id) or \
|
||||
ids and self.browse(cr, uid, ids[0], context=context).product_id.id
|
||||
product_id = product_id or ids and self.browse(cr, uid, ids[0], context=context).product_id.id
|
||||
|
||||
return self.product_id_change(
|
||||
cr, SUPERUSER_ID, ids,
|
||||
|
|
|
@ -45,12 +45,13 @@ $(document).ready(function () {
|
|||
$('.oe_website_sale a.js_add_cart_json').on('click', function (ev) {
|
||||
ev.preventDefault();
|
||||
var $link = $(ev.currentTarget);
|
||||
var product = $link.attr("href").match(/product_id=([0-9]+)/);
|
||||
var product_id = product ? +product[1] : 0;
|
||||
if (!product) {
|
||||
var line = $link.attr("href").match(/order_line_id=([0-9]+)/);
|
||||
order_line_id = line ? +line[1] : 0;
|
||||
}
|
||||
var href = $link.attr("href");
|
||||
|
||||
var add_cart = href.match(/add_cart\/([0-9]+)/);
|
||||
var product_id = add_cart && +add_cart[1] || false;
|
||||
|
||||
var change_cart = href.match(/change_cart\/([0-9]+)/);
|
||||
var order_line_id = change_cart && +change_cart[1] || false;
|
||||
openerp.jsonRpc("/shop/add_cart_json/", 'call', {
|
||||
'product_id': product_id,
|
||||
'order_line_id': order_line_id,
|
||||
|
|
|
@ -202,7 +202,7 @@
|
|||
|
||||
<template id="add_to_basket" inherit_option_id="website_sale.products_cart" name="Add to Cart">
|
||||
<xpath expr="//div[@class='product_price']" position="inside">
|
||||
<a t-href="/shop/add_cart/?product_id=#{ product.id }" class="js_add_cart_json">
|
||||
<a t-href="/shop/add_cart/#{ product.product_variant_ids[0].id }/" class="js_add_cart_json">
|
||||
<span class="fa fa-shopping-cart"/>
|
||||
</a>
|
||||
</xpath>
|
||||
|
@ -268,7 +268,7 @@
|
|||
</div><div class="col-sm-5 col-md-5 col-lg-4 col-lg-offset-1">
|
||||
<h1 t-field="product.name">Product Name</h1>
|
||||
|
||||
<form action="/shop/add_cart/" class="js_add_cart_json">
|
||||
<form action="/shop/add_cart/" class="js_add_cart_json" method="POST">
|
||||
<input type="hidden" t-if="len(product.product_variant_ids) == 1" name="product_id" t-att-value="product.product_variant_ids[0].id"/>
|
||||
<t t-if="len(product.product_variant_ids) > 1">
|
||||
<label label-default="label-default" class="radio" t-foreach="product.product_variant_ids" t-as="variant_id">
|
||||
|
@ -403,6 +403,7 @@
|
|||
<div>
|
||||
<a t-href="/shop/product/#{ slug(line.product_id.product_tmpl_id) }/">
|
||||
<strong t-field="line.product_id.name"/>
|
||||
<t t-if="line.product_id.variants">(<t t-esc="line.product_id.variants"/>)</t>
|
||||
</a>
|
||||
</div>
|
||||
<div class="text-muted" t-field="line.product_id.description_sale"/>
|
||||
|
@ -422,15 +423,15 @@
|
|||
<td>
|
||||
<div class="input-group">
|
||||
<span class="input-group-addon">
|
||||
<a t-href="./add_cart/?remove=True&order_line_id=#{ line.id }" class="mb8 js_add_cart_json">
|
||||
<span class="fa fa-minus-square"/>
|
||||
<a t-href="./change_cart/#{ line.id }/?remove=True" class="mb8 js_add_cart_json">
|
||||
<i class="fa fa-minus-square"></i>
|
||||
</a>
|
||||
</span>
|
||||
<input type="text" class="js_quantity form-control"
|
||||
t-att-data-id="line.id" t-att-value="int(line.product_uom_qty)"/>
|
||||
<span class="input-group-addon">
|
||||
<a t-href="./add_cart/?order_line_id=#{ line.id }" class="mb8 float_left js_add_cart_json">
|
||||
<span class="fa fa-plus-square"/>
|
||||
<a t-href="./change_cart/#{ line.id }/" class="mb8 float_left js_add_cart_json">
|
||||
<i class="fa fa-plus-square"></i>
|
||||
</a>
|
||||
</span>
|
||||
</div>
|
||||
|
@ -590,7 +591,7 @@
|
|||
}'/>
|
||||
</td>
|
||||
<td class="text-center">
|
||||
<a t-href="./add_cart/?product_id=#{ product.id }"><strong>Add to Cart</strong></a>
|
||||
<a t-href="./add_cart/#{ product.id }/"><strong>Add to Cart</strong></a>
|
||||
</td>
|
||||
</tr>
|
||||
</tbody>
|
||||
|
|
Loading…
Reference in New Issue