|
|
@@ -5,59 +5,81 @@ from odoo.http import request
|
|
|
|
|
|
_logger = logging.getLogger(__name__)
|
|
|
|
|
|
+
|
|
|
class RestrictedPageController(http.Controller):
|
|
|
@http.route(
|
|
|
- '/restricted-content/<string:slug>',
|
|
|
- type='http',
|
|
|
- auth='user',
|
|
|
+ "/restricted-content/<string:slug>",
|
|
|
+ type="http",
|
|
|
+ auth="user",
|
|
|
website=True,
|
|
|
sitemap=False,
|
|
|
- priority=99
|
|
|
- )
|
|
|
-
|
|
|
+ priority=99,
|
|
|
+ )
|
|
|
def restricted_page(self, slug, **kw):
|
|
|
# Find the website.page that matches the slug
|
|
|
- _logger.debug("restricted_page: slug=%s | user=%s (%s)",
|
|
|
- slug, request.env.user.login, request.env.user.id)
|
|
|
- page = request.env['website.page'].sudo().search([
|
|
|
- ('url', '=', '/restricted-content/%s' % slug)
|
|
|
- ], limit=1)
|
|
|
+ _logger.debug(
|
|
|
+ "restricted_page: slug=%s | user=%s (%s)",
|
|
|
+ slug,
|
|
|
+ request.env.user.login,
|
|
|
+ request.env.user.id,
|
|
|
+ )
|
|
|
+ page = (
|
|
|
+ request.env["website.page"]
|
|
|
+ .sudo()
|
|
|
+ .search([("url", "=", "/restricted-content/%s" % slug)], limit=1)
|
|
|
+ )
|
|
|
if not page:
|
|
|
return request.not_found()
|
|
|
|
|
|
# Load the product_page_access mapping for this page
|
|
|
- mapping = request.env['product_page_access.page_product_mapping'].sudo().search([
|
|
|
- ('page', '=', page.id)
|
|
|
- ], limit=1)
|
|
|
+ mapping = (
|
|
|
+ request.env["product_page_access.page_product_mapping"]
|
|
|
+ .sudo()
|
|
|
+ .search([("page", "=", page.id)], limit=1)
|
|
|
+ )
|
|
|
if not mapping:
|
|
|
# no allowlist defined → redirect to shop
|
|
|
- _logger.debug("restricted_page: no mapping for page_id=%s, redirecting", page.id)
|
|
|
- return request.redirect('/')
|
|
|
+ _logger.debug(
|
|
|
+ "restricted_page: no mapping for page_id=%s, redirecting", page.id
|
|
|
+ )
|
|
|
+ return request.redirect("/")
|
|
|
|
|
|
_logger.debug("restricted_page: allowed_product=%s", mapping.products.ids)
|
|
|
|
|
|
if not mapping.products:
|
|
|
# empty list → redirect
|
|
|
- _logger.debug("restricted_page: empty product for page_id=%s, redirecting",
|
|
|
- page.id)
|
|
|
- return request.redirect('/')
|
|
|
+ _logger.debug(
|
|
|
+ "restricted_page: empty product for page_id=%s, redirecting", page.id
|
|
|
+ )
|
|
|
+ return request.redirect("/")
|
|
|
|
|
|
# Check if the user ever bought at least one of them
|
|
|
user = request.env.user
|
|
|
- has_access = request.env['sale.order.line'].sudo().search_count([
|
|
|
- ('order_id.partner_id', 'child_of', user.partner_id.id),
|
|
|
- ('order_id.state', 'in', ('sale', 'done')),
|
|
|
- ('product_id', 'in', mapping.products.ids),
|
|
|
- ], limit=1)
|
|
|
+ has_access = (
|
|
|
+ request.env["sale.order.line"]
|
|
|
+ .sudo()
|
|
|
+ .search_count(
|
|
|
+ [
|
|
|
+ ("order_id.partner_id", "child_of", user.partner_id.id),
|
|
|
+ ("order_id.state", "in", ("sale", "done")),
|
|
|
+ '|',
|
|
|
+ ("product_id", "in", mapping.products.ids),
|
|
|
+ ("product_id", "=", mapping.link_out_product.id)
|
|
|
+ ],
|
|
|
+ limit=1,
|
|
|
+ )
|
|
|
+ )
|
|
|
|
|
|
_logger.debug("restricted_page: user_id=%s has_access=%s", user.id, has_access)
|
|
|
|
|
|
if not has_access:
|
|
|
# Redirect to the shop so the user can buy
|
|
|
- _logger.debug("restricted_page: user_id=%s has_access=%s", user.id, has_access)
|
|
|
+ _logger.debug(
|
|
|
+ "restricted_page: user_id=%s has_access=%s", user.id, has_access
|
|
|
+ )
|
|
|
|
|
|
return request.redirect(mapping.link_out_product.website_url)
|
|
|
|
|
|
# 5. Everything fine – render the page
|
|
|
_logger.debug("restricted_page: rendering page.key=%s", page.key)
|
|
|
- return request.render(page.key, {})
|
|
|
+ return request.render(page.key, {})
|
davidmscholz