# -*- coding: utf-8 -*- import logging from odoo import exceptions, http, models from odoo.http import request _logger = logging.getLogger(__name__) class RestrictedPageController(http.Controller): @http.route( "/restricted-content/", type="http", auth="user", website=True, sitemap=False, priority=99, ) def restricted_page(self, slug, **kw): # Find the website.page that matches the slug _logger.debug( "restricted_page: slug=%s | user=%s (%s)", slug, request.env.user.login, request.env.user.id, ) page = ( request.env["website.page"] .sudo() .search([("url", "=", "/restricted-content/%s" % slug)], limit=1) ) if not page: return request.not_found() # Load the product_page_access mapping for this page mapping = ( request.env["product_page_access.page_product_mapping"] .sudo() .search([("page", "=", page.id)], limit=1) ) if not mapping: # no allowlist defined → redirect to shop _logger.debug( "restricted_page: no mapping for page_id=%s, redirecting", page.id ) return request.redirect("/") _logger.debug("restricted_page: allowed_product=%s", mapping.products.ids) if not mapping.products: # empty list → redirect _logger.debug( "restricted_page: empty product for page_id=%s, redirecting", page.id ) return request.redirect("/") # Check if the user ever bought at least one of them user = request.env.user has_access = ( request.env["sale.order.line"] .sudo() .search_count( [ ("order_id.partner_id", "child_of", user.partner_id.id), ("order_id.state", "in", ("sale", "done")), '|', ("product_id", "in", mapping.products.ids), ("product_id", "=", mapping.link_out_product.id) ], limit=1, ) ) _logger.debug("restricted_page: user_id=%s has_access=%s", user.id, has_access) if not has_access: # Redirect to the shop so the user can buy _logger.debug( "restricted_page: user_id=%s has_access=%s", user.id, has_access ) return request.redirect(mapping.link_out_product.website_url) # 5. Everything fine – render the page _logger.debug("restricted_page: rendering page.key=%s", page.key) return request.render(page.key, {})