When not logged in the webstie on Safari and clicking on "Have a Question? Chat with us",
it creates a mail.channel from get_mail_channel and it also creates a translation.
But with Safari, the accept_languages is set with the value 'fr-fr', and this value was set
in the context as the lang='fr_fr'. So when the translation was created, a bad insert query was
raised in sql because the lang didn't exist in the res.lang table. When a translation is created,
the function _get_languages checked that the language is in the table.
So it was impossible to use the chatter when the user is not logged.
NB: interseting functions to see:
-setup_lang in odoo/http.py
-_dispatch in addons/website/models/ir_http.py
-get_mail_channel in addons/im_livechat/models/im_livechat_channel.py
opw:716519
As of f814dd9908355465dd03735f4589dd1697b3658a, debug
mode causes an extra X-Debug-Mode header to be sent
by the rpc() JS method.
This custom header was not whitelisted in the accepted
CORS headers, therefore any cross-origin call to a route with
`cors=True` would fail in debug mode, with a console error
along those lines:
"Request header field X-Debug-Mode is not allowed by
Access-Control-Allow-Headers in preflight response"
This would prevent loading the POS GUI in debug mode,
for example.
This commit is necessary in the 8.0 branch because
the POSBox is currently based on a 8.0 server and may
be accessed by a 9.0 POS or later, thus with the extra header.
Similarly to werkzeug.urls.url_fix(), attempt to
correct some leftover special characters that
should have been URL-encoded.
We cannot actually use `werkzeug.urls.url_fix` or
`werkzeug.urls.url_quote`, as they expect more/most
characters to be un-encoded.
We have many existing cases where the redirect URL is
already fully encoded or mostly encoded, and those
functions would cause double-encoding, breaking the
final URL.
The parameter forward_debug is used to keep the debug mode during redirection.
Previous code was setting the debug to None which is ignored by werkzeug, making
the option useless.
Closes#12107
Backport of 8423a0df3482567b0e2f77852dda14b80a029401
Clear the cache/environment in addition to rolling back
the cursor, in order to retry the transaction with fresh
data, not partially stale data.
Since 31d817e, we rotate then session at login/logout.
Unfortunatly, `openerpframework.js` does not support session id change
at authentication and keep old one.
In order to keep compatibility with existing js clients (including 7.0
ones), we do not rotate the session at authentication.
Fixes#6948Closes#6949
return request.not_found crash with a internal error, because get_response
takes a environment as param.
Werkzeug Documentation:
Keep in mind that you have to pass an environment to get_response() because
some errors fetch additional information from the WSGI environment.
The `rotate` flag introduced by 31d817e849
was initialized at the very end of the session init, after
the reset of the `modified` flag.
This had the side-effect of marking the session as modified
for every request, saving the session to disk every time
even without any change.
Closes#6795
This fixes an issue in property `field.digits` that cannot find a valid cursor
to the database. Forcing the instantiation of an environment makes the cursor
retrievable.
When returning an HTTPException e.g. by calling ``request.not_found()``
which returns a ``werkzeug.exceptions.NotFound()``, the http system
would log a warning as HTTPException is neither a subclass of Odoo's
Response nor a subclass of werkzeug's BaseResponse.
Move the string response case about (for flow clarity), and convert
HTTPException instances to Werkzeug responses then fall into the normal
BaseResponse -> Response case to ultimately get an Odoo response object
out of the HTTPException instance.
Completes/improves fd6dde7ca
Because Werkzeug uses/provides flow-control exceptions via
HTTPException (which can be used as straight responses) they are used in
a few places of the web client, when triggering some redirections for
instance.
Breaking into the debugger for such mundane situations is surprising and
inconvenient for developers trying to debug actual issues in the system,
even though HTTPExceptions are by and large not error per-se, and
shouldn't warrant triggering post-mortem debugging.
So in the non-RPC dispatcher, don't post-mortem on HTTPException either.
The log level rec.request and rpc.response where no longer logged as
the webclient no longer uses XMLRPC but JSONRPC instead.
Duplicate the logging part from dispatch_rpc to dispatch method of JsonRequest
to add rpc logs when using JSON requests.
opw 617490
- sessions are now shared between series.
- use site data dir instead of user data dir if user has no home dir.
- in http and module handling, `data-dir` was used before being
initialized, using the default value instead of user input
(fixes#308, #904)
A squashed merge is required as the conversion of the apiculture branch from
bzr to git was not correctly done. The git history contains irrelevant blobs
and commits. This branch brings a lot of changes and fixes, too many to list
exhaustively.
- New orm api, objects are now used instead of ids
- Environements to encapsulates cr uid context while maintaining backward compatibility
- Field compute attribute is a new object oriented way to define function fields
- Shared browse record cache
- New onchange protocol
- Optional copy flag on fields
- Documentation update
- Dead code cleanup
- Lots of fixes
This gives JSONRequests a chance to return
a proper JSON-RPC result when an HTTPException
is raised downstream, instead of returning a
plain HTML 404 error.