diff --git a/controllers/main.py b/controllers/main.py
index ecafacfbe012fe45cccf1f456a9cf6f93f73e1e0..97b09c9d124ff1a8737bc31d86abe0c0dd7c7213 100644
--- a/controllers/main.py
+++ b/controllers/main.py
@@ -12,34 +12,34 @@ from odoo.addons.portal.controllers.portal import CustomerPortal
class AccAccountMain(CustomerPortal):
- @http.route(
- ["/invoice/<int:invoice_id>"],
- type="http",
- auth="public",
- website=True,
- method=["GET"],
- csrf=False,
- sitemap=False,
- )
- def print_invoice(self, invoice_id, access_token=None, report_type="pdf", **kw):
- try:
- invoice_sudo = self._document_check_access(
- "acc.account", invoice_id, access_token=access_token
- )
- except (AccessError, MissingError):
- raise AccessError(_("Vous n'êtes pas autorisé à accéder à ce document"))
-
- if report_type == "pdf":
- return self._show_report(
- model=invoice_sudo,
- report_type=report_type,
- report_ref="acc_account.acc_account_invoices",
- download=False,
- )
- else:
- return Response(
- _("Aucun document n'est disponible à cette URL."), status=404
- )
+ # @http.route(
+ # ["/invoice/<int:invoice_id>"],
+ # type="http",
+ # auth="public",
+ # website=True,
+ # method=["GET"],
+ # csrf=False,
+ # sitemap=False,
+ # )
+ # def print_invoice(self, invoice_id, access_token=None, report_type="pdf", **kw):
+ # try:
+ # invoice_sudo = self._document_check_access(
+ # "acc.account", invoice_id, access_token=access_token
+ # )
+ # except (AccessError, MissingError):
+ # raise AccessError(_("Vous n'êtes pas autorisé à accéder à ce document"))
+ #
+ # if report_type == "pdf":
+ # return self._show_report(
+ # model=invoice_sudo,
+ # report_type=report_type,
+ # report_ref="acc_account.acc_account_invoices",
+ # download=False,
+ # )
+ # else:
+ # return Response(
+ # _("Aucun document n'est disponible à cette URL."), status=404
+ # )
@http.route(
["/contract/<int:contract_id>"],
@@ -82,3 +82,52 @@ class AccAccountMain(CustomerPortal):
response.status_code = status
return response
+
+ @http.route(
+ ["/invoice/<int:invoice_id>"],
+ type="http",
+ auth="public",
+ website=True,
+ csrf=False,
+ sitemap=False,
+ )
+ def print_invoice(self, invoice_id, access_token=None, **kw):
+ invoice = request.env["acc.account"].browse([invoice_id])
+ invoice_sudo = invoice.with_user(SUPERUSER_ID).exists()
+ if not invoice_sudo:
+ return Response(
+ _("Aucun document n'est disponible à cette URL."), status=404
+ )
+ if (
+ not access_token
+ or not invoice_sudo.access_token
+ or not consteq(invoice_sudo.access_token, access_token)
+ ):
+ return Response(
+ _("Aucun document n'est disponible à cette URL."), status=404
+ )
+ else:
+ domain = [("res_model", "=", "acc.account"), ("res_id", "=", invoice_id)]
+ doc_id = request.env["ir.attachment"].search(domain, limit=1)
+ if not doc_id:
+ return Response(
+ _("Aucun document n'est disponible à cette URL."), status=404
+ )
+ else:
+ status, headers, content_base64 = (
+ request.env["ir.http"]
+ .sudo()
+ .binary_content(
+ model="ir.attachment",
+ id=doc_id.id,
+ field="datas",
+ default_mimetype="application/pdf",
+ download=False,
+ )
+ )
+ content = base64.b64decode(content_base64)
+ headers = http.set_safe_image_headers(headers, content)
+ response = request.make_response(content, headers)
+ response.status_code = status
+
+ return response