diff --git a/__init__.py b/__init__.py
index 11671ffaead3d4042e93185d6ee1d4b81a032dd5..5ecde703183ac85bbad26d36504d87e633e4d4f3 100644
--- a/__init__.py
+++ b/__init__.py
@@ -1,4 +1,4 @@
# Copyright 2021 Le Filament (<http://www.le-filament.com>)
# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
-from . import models, wizard
+from . import controllers, models, wizard
diff --git a/controllers/__init__.py b/controllers/__init__.py
new file mode 100644
index 0000000000000000000000000000000000000000..b0c3ec38f45f4fd345016803f0f2bde93f3c2e45
--- /dev/null
+++ b/controllers/__init__.py
@@ -0,0 +1,4 @@
+# Copyright 2021 Le Filament (<http://www.le-filament.com>)
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+from . import main
diff --git a/controllers/main.py b/controllers/main.py
new file mode 100644
index 0000000000000000000000000000000000000000..f175dee8fa8157bde8c25e94aa2462f84456b6f3
--- /dev/null
+++ b/controllers/main.py
@@ -0,0 +1,65 @@
+# Copyright 2021 Le Filament (<http://www.le-filament.com>)
+# License AGPL-3.0 or later (http://www.gnu.org/licenses/agpl.html).
+
+
+from odoo import SUPERUSER_ID, _, http
+from odoo.exceptions import AccessError, MissingError
+from odoo.http import request
+from odoo.tools import consteq
+
+from odoo.addons.portal.controllers.portal import CustomerPortal
+
+
+class AccAccountMain(CustomerPortal):
+ @http.route(
+ ["/invoice/<int:invoice_id>"],
+ type="http",
+ auth="public",
+ website=True,
+ method=["GET"],
+ csrf=False,
+ sitemap=False,
+ )
+ def print_invoice(self, invoice_id, access_token=None, report_type="pdf", **kw):
+ try:
+ invoice_sudo = self._document_check_access(
+ "acc.account", invoice_id, access_token=access_token
+ )
+ except (AccessError, MissingError):
+ raise AccessError(_("Vous n'êtes pas autorisé à accéder à ce document"))
+
+ if report_type == "pdf":
+ return self._show_report(
+ model=invoice_sudo,
+ report_type=report_type,
+ report_ref="acc_account.acc_account_invoices",
+ download=False,
+ )
+ else:
+ raise AccessError(_("Vous n'êtes pas autorisé à accéder à ce document"))
+
+ @http.route(
+ ["/contract/<int:contract_id>"],
+ type="http",
+ auth="public",
+ website=True,
+ csrf=False,
+ sitemap=False,
+ )
+ def print_contract(self, contract_id, access_token=None, **kw):
+ contract = request.env["acc.contract"].browse([contract_id])
+ contract_sudo = contract.with_user(SUPERUSER_ID).exists()
+ if (
+ not access_token
+ or not contract_sudo.access_token
+ or not consteq(contract_sudo.access_token, access_token)
+ ):
+ raise AccessError(_("Vous n'êtes pas autorisé à accéder à ce document"))
+ else:
+ content_base64 = contract_sudo.document
+ headers = [
+ ("Content-Type", "application/pdf"),
+ ("Content-Length", len(content_base64)),
+ ]
+
+ request.make_response(content_base64, headers=headers)
diff --git a/report/account_template.xml b/report/account_template.xml
index cd4d25a781c340f437480ec9fd6f6c90b84e22aa..e10d1ea7d2c96cab2a2059846fd72380595f39d7 100644
--- a/report/account_template.xml
+++ b/report/account_template.xml
@@ -464,17 +464,22 @@
</div>
</div>
- <p t-if="o.producer_id.iban" name="payment_term" >
+ <p t-if="o.producer_id.iban" name="payment_term">
<div class="row mt32 mb32">
<div class="col-12">
<span
class="font-weight-bold"
- >Modalités de paiement : règlement par virement</span><br />
+ >Modalités de paiement : règlement par virement</span><br
+ />
<span
>Le règlement par virement bancaire doit être effectué sur le compte suivant :</span><br
/>
- <span>IBAN : <t t-esc="o.producer_id.iban" /></span><br />
- <span>BIC : <t t-esc="o.producer_id.bic" /></span><br />
+ <span>IBAN : <t
+ t-esc="o.producer_id.iban"
+ /></span><br />
+ <span>BIC : <t
+ t-esc="o.producer_id.bic"
+ /></span><br />
<br />
<span
>Merci de bien vouloir indiquer le numéro de facture sur l’ordre de virement</span>
diff --git a/security/ir.model.access.csv b/security/ir.model.access.csv
index f4fd523374c9c8fbda2a29b36780121e2181243c..647f9df9e0cc4e25f779e3c40c19780d122e3ebb 100644
--- a/security/ir.model.access.csv
+++ b/security/ir.model.access.csv
@@ -9,10 +9,13 @@ id,name,model_id/id,group_id/id,perm_read,perm_write,perm_create,perm_unlink
"access_acc_sale_price_surplus_wizard_group_user","acc_sale_price_surplus_wizard group_user","model_acc_sale_price_surplus_wizard","base.group_user",1,0,0,0
"access_acc_account_group_partner_manager","acc_account group_partner_manager","model_acc_account","base.group_partner_manager",1,1,1,1
"access_acc_account_group_user","acc_account group_user","model_acc_account","base.group_user",1,0,0,0
+"access_acc_account_group_portal","acc_account group_portal","model_acc_account","base.group_portal",1,0,0,0
"access_acc_account_line_group_partner_manager","acc_account_line group_partner_manager","model_acc_account_line","base.group_partner_manager",1,1,1,1
"access_acc_account_line_group_user","acc_account_line group_user","model_acc_account_line","base.group_user",1,0,0,0
+"access_acc_account_line_group_portal","acc_account_line group_portal","model_acc_account_line","base.group_portal",1,0,0,0
"access_acc_account_tax_group_partner_manager","acc_account_tax group_partner_manager","model_acc_account_tax","base.group_partner_manager",1,1,1,1
"access_acc_account_tax_group_user","acc_account_tax group_user","model_acc_account_tax","base.group_user",1,0,0,0
+"access_acc_account_tax_group_portal","acc_account_tax group_portal","model_acc_account_tax","base.group_portal",1,0,0,0
"access_acc_account_wizard_group_partner_manager","acc_account_wizard group_partner_manager","model_acc_account_wizard","base.group_partner_manager",1,1,1,1
"access_acc_account_wizard_group_user","acc_account_wizard group_user","model_acc_account_wizard","base.group_user",1,0,0,0
"access_acc_account_surplus_wizard_group_partner_manager","acc_account_surplus_wizard group_partner_manager","model_acc_account_surplus_wizard","base.group_partner_manager",1,1,1,1