diff --git a/controllers/main.py b/controllers/main.py
index 07a7b85d55f5ce73e0bbaeb1ff343a0a6f633b80..ffbbae975814cc7e93b394f1c127b3f7d6bb1ffc 100644
--- a/controllers/main.py
+++ b/controllers/main.py
@@ -13,54 +13,39 @@ _logger = logging.getLogger(__name__)
class TrainingSurvey(Survey):
-
#
# ------------------------------------------------------------
# TAKING SURVEY ROUTES
# ------------------------------------------------------------
- @http.route('/survey/start/<string:survey_token>', type='http', auth='public', website=True)
+ @http.route(
+ "/survey/start/<string:survey_token>", type="http", auth="public", website=True
+ )
def survey_start(self, survey_token, answer_token=None, email=False, **post):
- """ Start a survey by providing
- * a token linked to a survey;
- * a token linked to an answer or generate a new token if access is allowed;
+ """Start a survey by providing
+ * a token linked to a survey;
+ * a token linked to an answer or generate a new token if access is allowed;
"""
- # Get the current answer token from cookie
- answer_from_cookie = False
- if not answer_token:
- answer_token = request.httprequest.cookies.get('survey_%s' % survey_token)
- answer_from_cookie = bool(answer_token)
-
- access_data = self._get_access_data(survey_token, answer_token, ensure_token=False)
-
- if answer_from_cookie and access_data['validity_code'] in ('answer_wrong_user', 'token_wrong'):
- # If the cookie had been generated for another user or does not correspond to any existing answer object
- # (probably because it has been deleted), ignore it and redo the check.
- # The cookie will be replaced by a legit value when resolving the URL, so we don't clean it further here.
- access_data = self._get_access_data(survey_token, None, ensure_token=False)
-
- if access_data['validity_code'] is not True:
- return self._redirect_with_error(access_data, access_data['validity_code'])
-
- survey_sudo, answer_sudo = access_data['survey_sudo'], access_data['answer_sudo']
- if not answer_sudo:
- try:
- answer_sudo = survey_sudo._create_answer(user=request.env.user, email=email)
- except UserError:
- answer_sudo = False
- if not answer_sudo:
- try:
- survey_sudo.with_user(request.env.user).check_access_rights('read')
- survey_sudo.with_user(request.env.user).check_access_rule('read')
- except:
- return request.redirect("/")
- else:
- return request.render("survey.survey_403_page", {'survey': survey_sudo})
+ page = super().survey_start(
+ survey_token=survey_token, answer_token=None, email=False, **post
+ )
+
+ answer_sudo = (
+ request.env["survey.user_input"]
+ .sudo()
+ .search([("access_token", "=", page.location.split("/")[-1])])
+ )
+ survey_sudo = (
+ request.env["survey.survey"]
+ .sudo()
+ .search([("access_token", "=", page.location.split("/")[-2])])
+ )
training_id = post.get("training_id")
if training_id:
training = request.env["training.training"].browse(int(training_id))
- answer_sudo.training_id = training
+ if training and training.registration_survey_id == survey_sudo:
+ answer_sudo.training_id = training
- return request.redirect('/survey/%s/%s' % (survey_sudo.access_token, answer_sudo.access_token))
+ return page