145 lines
6.8 KiB
Python
145 lines
6.8 KiB
Python
|
# -*- coding: utf-8 -*-
|
||
|
# Part of Odoo. See LICENSE file for full copyright and licensing details.
|
||
|
from hashlib import sha1
|
||
|
from time import time
|
||
|
from werkzeug.exceptions import NotFound
|
||
|
|
||
|
from odoo import http
|
||
|
from odoo.http import request
|
||
|
|
||
|
|
||
|
def object_shasign(record=False, res_model='', res_id=None, **kw):
|
||
|
""" Generate a sha signature using the current time, database secret and the
|
||
|
record object or the res_model and res_id parameters
|
||
|
Return the sha signature and the time of generation in a tuple
|
||
|
|
||
|
:deprecated: Support for this SHA1-based signature was discontinued
|
||
|
in `_message_post_helper()`, use the `token` parameter
|
||
|
to allow posting from public sessions instead.
|
||
|
"""
|
||
|
secret = request.env['ir.config_parameter'].sudo().get_param('database.secret')
|
||
|
shasign = False
|
||
|
timestamp = int(time())
|
||
|
if record:
|
||
|
shasign = sha1('%s%s%s%s' % (record._name, record.id, secret, timestamp)).hexdigest()
|
||
|
elif res_model and res_id:
|
||
|
shasign = sha1('%s%s%s%s' % (res_model, res_id, secret, timestamp)).hexdigest()
|
||
|
return (shasign, timestamp)
|
||
|
|
||
|
|
||
|
def _message_post_helper(res_model='', res_id=None, message='', token='', token_field='token', sha_in='', sha_time=None, nosubscribe=True, **kw):
|
||
|
""" Generic chatter function, allowing to write on *any* object that inherits mail.thread.
|
||
|
If a token is specified, all logged in users will be able to write a message regardless
|
||
|
of access rights; if the user is the public user, the message will be posted under the name
|
||
|
of the partner_id of the object (or the public user if there is no partner_id on the object).
|
||
|
|
||
|
:param string res_model: model name of the object
|
||
|
:param int res_id: id of the object
|
||
|
:param string message: content of the message
|
||
|
|
||
|
optional keywords arguments:
|
||
|
:param string token: access token if the object's model uses some kind of public access
|
||
|
using tokens (usually a uuid4) to bypass access rules
|
||
|
:param string token_field: name of the field that contains the token on the object (defaults to 'token')
|
||
|
:param string sha_in: Deprecated, use `token` and `token_field` instead
|
||
|
:param str sha_time: Deprecated, use `token` and `token_field` instead
|
||
|
:param bool nosubscribe: set False if you want the partner to be set as follower of the object when posting (default to True)
|
||
|
|
||
|
The rest of the kwargs are passed on to message_post()
|
||
|
"""
|
||
|
record = request.env[res_model].browse(res_id)
|
||
|
author_id = request.env.user.partner_id.id if request.env.user.partner_id else False
|
||
|
if token and record and token == getattr(record.sudo(), token_field, None):
|
||
|
record = record.sudo()
|
||
|
if request.env.user == request.env.ref('base.public_user'):
|
||
|
author_id = record.partner_id.id if hasattr(record, 'partner_id') else author_id
|
||
|
else:
|
||
|
if not author_id:
|
||
|
raise NotFound()
|
||
|
kw.pop('csrf_token', None)
|
||
|
return record.with_context(mail_create_nosubscribe=nosubscribe).message_post(body=message,
|
||
|
message_type=kw.pop('message_type', "comment"),
|
||
|
subtype=kw.pop('subtype', "mt_comment"),
|
||
|
author_id=author_id,
|
||
|
**kw)
|
||
|
|
||
|
|
||
|
class WebsiteMail(http.Controller):
|
||
|
|
||
|
@http.route(['/website_mail/follow'], type='json', auth="public", website=True)
|
||
|
def website_message_subscribe(self, id=0, object=None, message_is_follower="on", email=False, **post):
|
||
|
# TDE FIXME: check this method with new followers
|
||
|
res_id = int(id)
|
||
|
is_follower = message_is_follower == 'on'
|
||
|
record = request.env[object].browse(res_id)
|
||
|
|
||
|
# search partner_id
|
||
|
if request.env.user != request.website.user_id:
|
||
|
partner_ids = request.env.user.partner_id.ids
|
||
|
else:
|
||
|
# mail_thread method
|
||
|
partner_ids = record.sudo()._find_partner_from_emails([email], check_followers=True)
|
||
|
if not partner_ids or not partner_ids[0]:
|
||
|
name = email.split('@')[0]
|
||
|
partner_ids = request.env['res.partner'].sudo().create({'name': name, 'email': email}).ids
|
||
|
# add or remove follower
|
||
|
if is_follower:
|
||
|
record.check_access_rule('read')
|
||
|
record.sudo().message_unsubscribe(partner_ids)
|
||
|
return False
|
||
|
else:
|
||
|
record.check_access_rule('read')
|
||
|
# add partner to session
|
||
|
request.session['partner_id'] = partner_ids[0]
|
||
|
record.sudo().message_subscribe(partner_ids)
|
||
|
return True
|
||
|
|
||
|
@http.route(['/website_mail/is_follower'], type='json', auth="public", website=True)
|
||
|
def is_follower(self, model, res_id, **post):
|
||
|
user = request.env.user
|
||
|
partner = None
|
||
|
public_user = request.website.user_id
|
||
|
if user != public_user:
|
||
|
partner = request.env.user.partner_id
|
||
|
elif request.session.get('partner_id'):
|
||
|
partner = request.env['res.partner'].sudo().browse(request.session.get('partner_id'))
|
||
|
|
||
|
values = {
|
||
|
'is_user': user != public_user,
|
||
|
'email': partner.email if partner else "",
|
||
|
'is_follower': False,
|
||
|
'alias_name': False,
|
||
|
}
|
||
|
|
||
|
record = request.env[model].sudo().browse(int(res_id))
|
||
|
if record and partner:
|
||
|
values['is_follower'] = bool(request.env['mail.followers'].search_count([
|
||
|
('res_model', '=', model),
|
||
|
('res_id', '=', record.id),
|
||
|
('partner_id', '=', partner.id)
|
||
|
]))
|
||
|
return values
|
||
|
|
||
|
@http.route(['/website_mail/post/json'], type='json', auth='public', website=True)
|
||
|
def chatter_json(self, res_model='', res_id=None, message='', **kw):
|
||
|
try:
|
||
|
msg = _message_post_helper(res_model, int(res_id), message, **kw)
|
||
|
except Exception:
|
||
|
return False
|
||
|
data = {
|
||
|
'id': msg.id,
|
||
|
'body': msg.body,
|
||
|
'date': msg.date,
|
||
|
'author': msg.author_id.name,
|
||
|
'image_url': '/mail/%s/%s/avatar/%s' % (msg.model, msg.res_id, msg.author_id.id)
|
||
|
}
|
||
|
return data
|
||
|
|
||
|
@http.route(['/website_mail/post/post'], type='http', methods=['POST'], auth='public', website=True)
|
||
|
def chatter_post(self, res_model='', res_id=None, message='', redirect=None, **kw):
|
||
|
url = request.httprequest.referrer
|
||
|
if message:
|
||
|
message = _message_post_helper(res_model, int(res_id), message, **kw)
|
||
|
url = url + "#message-%s" % (message.id,)
|
||
|
return request.redirect(url)
|