# -*- coding: utf-8 -*- import logging from odoo import exceptions, http, models from odoo.http import request _logger = logging.getLogger(__name__) class RestrictedPageController(http.Controller): @http.route( '/restricted-content/', type='http', auth='user', website=True, sitemap=False, priority=99 ) def restricted_page(self, slug, **kw): # Find the website.page that matches the slug _logger.debug("restricted_page: slug=%s | user=%s (%s)", slug, request.env.user.login, request.env.user.id) page = request.env['website.page'].sudo().search([ ('url', '=', '/restricted-content/%s' % slug) ], limit=1) if not page: return request.not_found() # Load the product_page_access mapping for this page mapping = request.env['product_page_access.page_product_mapping'].sudo().search([ ('page', '=', page.id) ], limit=1) if not mapping: # no allowlist defined → redirect to shop _logger.debug("restricted_page: no mapping for page_id=%s, redirecting", page.id) return request.redirect('/') _logger.debug("restricted_page: allowed_product=%s", mapping.products.ids) if not mapping.products: # empty list → redirect _logger.debug("restricted_page: empty product for page_id=%s, redirecting", page.id) return request.redirect('/') # Check if the user ever bought at least one of them user = request.env.user has_access = request.env['sale.order.line'].sudo().search_count([ ('order_id.partner_id', 'child_of', user.partner_id.id), ('order_id.state', 'in', ('sale', 'done')), ('product_id', 'in', mapping.products.ids), ], limit=1) _logger.debug("restricted_page: user_id=%s has_access=%s", user.id, has_access) if not has_access: # Redirect to the shop so the user can buy _logger.debug("restricted_page: user_id=%s has_access=%s", user.id, has_access) return request.redirect(mapping.link_out_product.website_url) # 5. Everything fine – render the page _logger.debug("restricted_page: rendering page.key=%s", page.key) return request.render(page.key, {})