diff options
| author | Rafi Zadanly <zadanlyr@gmail.com> | 2023-02-13 10:41:41 +0700 |
|---|---|---|
| committer | Rafi Zadanly <zadanlyr@gmail.com> | 2023-02-13 10:41:41 +0700 |
| commit | cfa0aa5c242b14332f7bc970bb65f1fbde0a9f3b (patch) | |
| tree | 91f855964cadb0c76094cd2cc6b51f7994ce0c6d /indoteknik_api/controllers/api_v1/sale_order.py | |
| parent | fb04f8f3c533740c79c130ab4bc097b8529cae8e (diff) | |
| parent | 7478616937cff56ccb994138831f90eae904e724 (diff) | |
fix conflict
Diffstat (limited to 'indoteknik_api/controllers/api_v1/sale_order.py')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/sale_order.py | 98 |
1 files changed, 97 insertions, 1 deletions
diff --git a/indoteknik_api/controllers/api_v1/sale_order.py b/indoteknik_api/controllers/api_v1/sale_order.py index 57a933f9..5f888e6c 100644 --- a/indoteknik_api/controllers/api_v1/sale_order.py +++ b/indoteknik_api/controllers/api_v1/sale_order.py @@ -3,6 +3,7 @@ from odoo import http from odoo.http import request import json + class SaleOrder(controller.Controller): prefix = '/api/v1/' PREFIX_PARTNER = prefix + 'partner/<partner_id>/' @@ -119,7 +120,7 @@ class SaleOrder(controller.Controller): return self.unauthorized_response() if not params['valid']: return self.response(code=400, description=params) - + partner_child_ids = self.get_partner_child_ids(params['value']['partner_id']) domain = [ ('id', '=', params['value']['id']), @@ -133,6 +134,101 @@ class SaleOrder(controller.Controller): return self.response(data) + @http.route(PREFIX_PARTNER + 'sale_order/<id>/upload_po', auth='public', method=['POST', 'OPTIONS'], csrf=False) + def partner_upload_po_sale_order(self, **kw): + user_token = self.authenticate() + if not user_token: + return self.unauthorized_response() + + params = self.get_request_params(kw, { + 'partner_id': ['number'], + 'id': ['number'], + 'name': [], + 'file': [] + }) + if not user_token['partner_id'] == params['value']['partner_id']: + return self.unauthorized_response() + if not params['valid']: + return self.response(code=400, description=params) + partner_child_ids = self.get_partner_child_ids(params['value']['partner_id']) + domain = [ + ('id', '=', params['value']['id']), + ('partner_id', 'in', partner_child_ids) + ] + data = False + sale_order = request.env['sale.order'].search(domain) + if sale_order: + sale_order.partner_purchase_order_name = params['value']['name'] + sale_order.partner_purchase_order_file = params['value']['file'] + data = sale_order.id + return self.response(data) + + @http.route(PREFIX_PARTNER + 'sale_order/<id>/download_po/<token>', auth='none', method=['GET']) + def partner_download_po_sale_order(self, id, token): + id = int(id) + + rest_api = request.env['rest.api'] + md5_valid = rest_api.md5_salt_valid(id, 'sale.order', token) + if not md5_valid: + return self.response('Unauthorized') + + sale_order = request.env['sale.order'].sudo().search_read([('id', '=', id)], ['partner_purchase_order_name']) + attachment = rest_api.get_single_attachment('sale.order', 'partner_purchase_order_file', id) + if attachment and len(sale_order) > 0: + return rest_api.response_attachment({ + 'content': attachment['datas'], + 'decode_content': True, + 'mimetype': attachment['mimetype'], + 'filename': sale_order[0]['partner_purchase_order_name'] + }) + return self.response('Dokumen tidak ditemukan', code=404) + + @http.route(PREFIX_PARTNER + 'sale_order/<id>/download/<token>', auth='none', method=['GET']) + def partner_download_sale_order(self, id, token): + id = int(id) + + rest_api = request.env['rest.api'] + md5_valid = rest_api.md5_salt_valid(id, 'sale.order', token) + if not md5_valid: + return self.response('Unauthorized') + + sale_order = request.env['sale.order'].sudo().search_read([('id', '=', id)], ['name']) + pdf, type = request.env['ir.actions.report'].sudo().search([('report_name', '=', 'sale.report_saleorder')])._render_qweb_pdf([id]) + if pdf and len(sale_order) > 0: + return rest_api.response_attachment({ + 'content': pdf, + 'mimetype': 'application/pdf', + 'filename': sale_order[0]['name'] + }) + return self.response('Dokumen tidak ditemukan', code=404) + + @http.route(PREFIX_PARTNER + 'sale_order/<id>/cancel', auth='public', method=['POST', 'OPTIONS'], csrf=False) + def partner_cancel_sale_order(self, **kw): + user_token = self.authenticate() + if not user_token: + return self.unauthorized_response() + + params = self.get_request_params(kw, { + 'partner_id': ['number'], + 'id': ['number'] + }) + if not user_token['partner_id'] == params['value']['partner_id']: + return self.unauthorized_response() + if not params['valid']: + return self.response(code=400, description=params) + + partner_child_ids = self.get_partner_child_ids(params['value']['partner_id']) + domain = [ + ('id', '=', params['value']['id']), + ('partner_id', 'in', partner_child_ids) + ] + data = False + sale_order = request.env['sale.order'].search(domain) + if sale_order: + sale_order.state = 'cancel' + data = sale_order.id + return self.response(data) + @http.route(PREFIX_PARTNER + 'sale_order/checkout', auth='public', method=['POST', 'OPTIONS'], csrf=False) def create_partner_sale_order(self, **kw): user_token = self.authenticate() |