Merge branch 'production' into iman/new-register

# Conflicts:
#	indoteknik_custom/models/res_users.py

1 files changed, 78 insertions, 6 deletions

diff --git a/indoteknik_api/controllers/api_v1/sale_order.py b/indoteknik_api/controllers/api_v1/sale_order.py
index 7edd71f6..e7664c79 100644
--- a/indoteknik_api/controllers/api_v1/sale_order.py
+++ b/indoteknik_api/controllers/api_v1/sale_order.py
@@ -342,11 +342,21 @@ class SaleOrder(controller.Controller):
     @http.route(prefix + 'user/<user_id>/sale_order/checkout', auth='public', method=['GET', 'OPTIONS'], csrf=False)
     @controller.Controller.must_authorized(private=True, private_key='user_id')
     def get_user_checkout_so(self, user_id, **kw):
-        cart = request.env['website.user.cart']
+        m_voucher = request.env['voucher']
+        m_cart = request.env['website.user.cart']
+        
         voucher_code = kw.get('voucher')
+        voucher_shipping_code = kw.get('voucher_shipping')
         source = kw.get('source')
-        voucher = request.env['voucher'].search([('code', '=', voucher_code)], limit=1)
-        result = cart.with_context(price_for="web").get_user_checkout(user_id, voucher, source)
+        
+        voucher = m_voucher.search([('code', '=', voucher_code), ('apply_type', 'in', ['all', 'brand'])], limit=1)
+        voucher_shipping = m_voucher.search([('code', '=', voucher_shipping_code), ('apply_type', '=', 'shipping')], limit=1)
+        result = m_cart.with_context(price_for="web").get_user_checkout(
+            user_id, 
+            voucher=voucher, 
+            voucher_shipping=voucher_shipping, 
+            source=source
+        )
         return self.response(result)
     
     @http.route(PREFIX_PARTNER + 'sale_order/checkout', auth='public', method=['POST', 'OPTIONS'], csrf=False)
@@ -400,7 +410,7 @@ class SaleOrder(controller.Controller):
             'real_invoice_id': params['value']['partner_invoice_id'],
             'partner_purchase_order_name': params['value']['po_number'],
             'partner_purchase_order_file': params['value']['po_file'],
-            'delivery_amt': params['value']['delivery_amount'],
+            'delivery_amt': params['value']['delivery_amount'] * 1.10,
             'estimated_arrival_days': params['value']['estimated_arrival_days'],
             'shipping_cost_covered': 'customer',
             'shipping_paid_by': 'customer',
@@ -455,11 +465,16 @@ class SaleOrder(controller.Controller):
             sale_order.apply_promotion_program()
 
         voucher_code = params['value']['voucher']
-        voucher = request.env['voucher'].search([('code', '=', voucher_code)])
+        voucher = request.env['voucher'].search([('code', '=', voucher_code),('apply_type', 'in', ['all', 'brand'])], limit=1)
+        voucher_shipping = request.env['voucher'].search([('code', '=', voucher_code),('apply_type', 'in', ['shipping'])], limit=1)
         if voucher and len(promotions) == 0:
             sale_order.voucher_id = voucher.id
             sale_order.apply_voucher()
         
+        if voucher_shipping and len(promotions) == 0:
+            sale_order.voucher_shipping_id = voucher_shipping.id
+            sale_order.apply_voucher_shipping()
+
         cart_ids = [x['cart_id'] for x in carts]
         if sale_order._requires_approval_margin_leader(): #jika ada error tambahkan kondisi if params['value']['type'] == 'sale_order':
             sale_order.approval_status = 'pengajuan2'
@@ -621,4 +636,61 @@ class SaleOrder(controller.Controller):
         }
 
         return self.response(data)
-    
\ No newline at end of file
+
+    @http.route(prefix + 'tracking_order', auth='public', method=['GET', 'OPTIONS'])
+    @controller.Controller.must_authorized()
+    def tracking_get_sale_order_detail(self, **kw):
+        # Extract 'so' and 'email' parameters from query parameters
+        so = kw.get('so')
+        email_user = kw.get('email')
+
+        if not email_user or not so:
+            return self.response({
+                'code': 400,
+                'so': so,
+                'email': email_user,
+                'description': "Email and Sale Order number are required."
+            })
+
+        # Search for the sale order by the name (so)
+        sale_order = request.env['sale.order'].search([('name', '=', so)], limit=1)
+        if not sale_order:
+            return self.response({
+                'code': 404,
+                'so': so,
+                'email': email_user,
+                'description': "Sale Order not found."
+            })
+
+        # Get the partner associated with the sale order
+        partner = sale_order.partner_id
+        company_id = partner.company_id.id
+
+        # Search for all partners within the same company
+        partners_in_company = request.env['res.partner'].search([('company_id', '=', company_id)])
+
+        # Check if the email matches any partner's email in the same company
+        email_match = partners_in_company.filtered(lambda p: p.email == email_user)
+        if not email_match:
+            return self.response({
+                'code': 403,
+                'so': so,
+                'email': email_user,
+                'description': "Email does not match any partner in the same company as the Sale Order."
+            })
+
+        # Check for partner child ids if needed
+        partner_child_ids = self.get_partner_child_ids(partner.id)
+        if sale_order.partner_id.id not in partner_child_ids:
+            return self.response({
+                'code': 403,
+                'so': so,
+                'email': email_user,
+                'description': "Unauthorized access to Sale Order details."
+            })
+
+        # Prepare the response data
+        data = request.env['sale.order'].api_v1_single_response(sale_order, context='with_detail')
+
+        return self.response(data)
+