fix feature

1 files changed, 19 insertions, 9 deletions

diff --git a/indoteknik_api/controllers/api_v1/download.py b/indoteknik_api/controllers/api_v1/download.py
index f12be337..d9353896 100644
--- a/indoteknik_api/controllers/api_v1/download.py
+++ b/indoteknik_api/controllers/api_v1/download.py
@@ -1,7 +1,6 @@
 from .. import controller
 from odoo import http
 from odoo.http import request
-import base64
 
 
 class Download(controller.Controller):
@@ -13,30 +12,41 @@ class Download(controller.Controller):
             ('res_field', '=', field),
             ('res_id', '=', id),
         ], ['datas', 'mimetype'])
-        return result if len(result) > 0 else None
+        return result[0] if len(result) > 0 else None
 
     @http.route(PREFIX + 'download/invoice/<id>/<token>', auth='none', method=['GET'])
     def download_invoice(self, id, token):
         id = int(id)
         
-        md5_valid = request.env['rest.api'].md5_salt_valid(id, 'account.move', token)
+        rest_api = request.env['rest.api']
+        md5_valid = rest_api.md5_salt_valid(id, 'account.move', token)
         if not md5_valid:
             return self.response('Unauthorized')
 
+        account_move = request.env['account.move'].sudo().search_read([('id', '=', id)], ['name'])
         pdf, type = request.env['ir.actions.report'].sudo().search([('report_name', '=', 'account.report_invoice')])._render_qweb_pdf([id])
-        return request.make_response(pdf, [('Content-Type', 'application/pdf')])
+        return rest_api.response_attachment({
+            'content': pdf,
+            'mimetype': 'application/pdf',
+            'filename': account_move[0]['name']
+        })
 
     @http.route(PREFIX + 'download/tax-invoice/<id>/<token>', auth='none', method=['GET'])
     def download_tax_invoice(self, id, token):
         id = int(id)
 
-        md5_valid = request.env['rest.api'].md5_salt_valid(id, 'account.move', token)
+        rest_api = request.env['rest.api']
+        md5_valid = rest_api.md5_salt_valid(id, 'account.move', token)
         if not md5_valid:
             return self.response('Unauthorized')
 
+        account_move = request.env['account.move'].sudo().search_read([('id', '=', id)], ['name'])
         attachment = self._get_attachment('account.move', 'efaktur_document', id)
-        if attachment:
-            attachment = attachment[0]
-            return request.make_response(base64.b64decode(attachment['datas']), [('Content-Type', attachment['mimetype'])])
+        if attachment and len(account_move) > 0:
+            return rest_api.response_attachment({
+                'content': attachment['datas'],
+                'decode_content': True,
+                'mimetype': attachment['mimetype'],
+                'filename': account_move[0]['name'],
+            })
         return self.response('Dokumen tidak ditemukan', code=404)
-