4 files changed, 76 insertions, 18 deletions

diff --git a/indoteknik_api/controllers/api_v1/sale_order.py b/indoteknik_api/controllers/api_v1/sale_order.py
index 05946f77..5604a86c 100644
--- a/indoteknik_api/controllers/api_v1/sale_order.py
+++ b/indoteknik_api/controllers/api_v1/sale_order.py
@@ -1,9 +1,65 @@
 from .. import controller
 from odoo import http
 from odoo.http import request
-
+import json
 
 class SaleOrder(controller.Controller):
+    prefix = '/api/v1/'
+
+    @http.route(prefix + 'sale_order/checkout', auth='public', method=['POST', 'OPTIONS'], csrf=False)
+    def create_sale_order(self, **kw):
+        if not self.authenticate():
+            return self.response(code=401, description='Unauthorized')
+
+        user_id = kw.get('user_id')
+
+        is_verify = self.verify_user_token(user_id)
+        if not is_verify:
+            return self.response(code=401, description='Unauthorized')
+        
+        product_pricelist_default_discount_id = request.env['ir.config_parameter'].get_param('product.pricelist.default_discount_id')
+        product_pricelist_default_discount_id = int(product_pricelist_default_discount_id)
+        
+        partner_id = kw.get('partner_id')
+        partner_shipping_id = kw.get('partner_shipping_id')
+        partner_invoice_id = kw.get('partner_invoice_id')
+        parameters = {
+            'warehouse_id': 8,
+            'carrier_id': 1,
+            'sales_tax_id': 23,
+            'pricelist_id': product_pricelist_default_discount_id,
+            'payment_term_id': 26,
+            'team_id': 2,
+            'company_id': 1,
+            'currency_id': 12,
+            'state': 'draft',
+            'picking_policy': 'direct',
+            'partner_id': partner_id,
+            'partner_shipping_id': partner_shipping_id,
+            'real_shipping_id': partner_shipping_id,
+            'partner_invoice_id': partner_invoice_id
+        }
+        sale_order = request.env['sale.order'].create([[parameters]])
+
+        order_line = kw.get('order_line', "[]")
+        order_line = json.loads(order_line)
+        parameters = []
+        for line in order_line:
+            price = request.env['product.pricelist'].compute_price(product_pricelist_default_discount_id, line['product_id'])
+            parameters.append({
+                'company_id': 1,
+                'order_id': sale_order.id,
+                'product_id': line['product_id'],
+                'product_uom_qty': line['quantity'],
+                'price_subtotal': price['price'],
+                'discount': price['discount_percentage']
+            })
+        request.env['sale.order.line'].create(parameters)
+        return self.response({
+            'id': sale_order.id,
+            'name': sale_order.name
+        })
+        
     @http.route('/api/sale_order/invoiced', auth='public', methods=['GET'])
     def get_sale_order_invoiced_by_partner_id(self, **kw):
         if not self.authenticate():
diff --git a/indoteknik_api/controllers/api_v1/user.py b/indoteknik_api/controllers/api_v1/user.py
index 3080be7d..bf1814da 100644
--- a/indoteknik_api/controllers/api_v1/user.py
+++ b/indoteknik_api/controllers/api_v1/user.py
@@ -3,31 +3,16 @@ from odoo import http
 from odoo.http import request
 from odoo.tools.config import config
 import random, string
-import jwt
 
 
 class User(controller.Controller):
     prefix = '/api/v1/'
-    jwt_secret_key = "NTNv7j0TuYARvmNMmWXo6fKvM4o6nvaUi9ryX38ZHL1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiTqJACs1J0apruOOJCggOtkjB4c"
     
     def get_user_by_email(self, email):
         return request.env['res.users'].search([
             ('login', '=', email), 
             ('active', 'in', [True, False])
         ])
-
-    def create_user_token(self, user):
-        return jwt.encode({'id': user.id}, self.jwt_secret_key)
-    
-    def verify_user_token(self, user_id):
-        try:
-            token = request.httprequest.environ['HTTP_TOKEN']
-            user_token = jwt.decode(token, self.jwt_secret_key, algorithms=['HS256'])
-            if int(user_id) != user_token['id']:
-                return False
-            return True
-        except:
-            return False
     
     def response_with_token(self, user):
         data = request.env['res.users'].api_single_response(user)
@@ -149,13 +134,13 @@ class User(controller.Controller):
         
         user = request.env['res.users'].search([('id', '=', id)], limit=1)
         if not user: 
-            return self.response(code=400, description='User not found')
+            return self.response(code=404, description='User not found')
         
         is_verify = self.verify_user_token(id)
         if not is_verify:
             return self.response(code=401, description='Unauthorized')
         
-        partners = [user] + [x for x in user.child_ids]
+        partners = [user.partner_id] + [x for x in user.child_ids]
         address = [request.env['res.users'].api_address_response(x) for x in partners]
         
         return self.response(address)
diff --git a/indoteknik_api/controllers/controller.py b/indoteknik_api/controllers/controller.py
index 10cd76a1..73c8829d 100644
--- a/indoteknik_api/controllers/controller.py
+++ b/indoteknik_api/controllers/controller.py
@@ -8,11 +8,14 @@ from odoo.http import request
 from odoo.tools.config import config
 from pytz import timezone
 import logging
+import jwt
 
 _logger = logging.getLogger(__name__)
 
 
 class Controller(http.Controller):
+    jwt_secret_key = "NTNv7j0TuYARvmNMmWXo6fKvM4o6nvaUi9ryX38ZHL1bkrnD1ObOQ8JAUmHCBq7Iy7otZcyAagBLHVKvvYaIpmMuxmARQ97jUVG16Jkpkp1wXOPsrF9zwew6TpczyHkHgX5EuLg2MeBuiTqJACs1J0apruOOJCggOtkjB4c"
+    
     def authenticate(self):
         wsgienv = request.httprequest.environ
         try:
@@ -76,6 +79,19 @@ class Controller(http.Controller):
         order = kw.get('order', '')
 
         return request.env[model].search(query, limit=int(limit), offset=int(offset), order=order)
+
+    def create_user_token(self, user):
+        return jwt.encode({'id': user.id}, self.jwt_secret_key)
+    
+    def verify_user_token(self, user_id):
+        try:
+            token = request.httprequest.environ['HTTP_TOKEN']
+            user_token = jwt.decode(token, self.jwt_secret_key, algorithms=['HS256'])
+            if int(user_id) != user_token['id']:
+                return False
+            return True
+        except:
+            return False
     
     @http.route('/api/token', auth='public', methods=['GET', 'OPTIONS'])
     def get_api_token(self, **kw):
diff --git a/indoteknik_api/models/res_users.py b/indoteknik_api/models/res_users.py
index 2cab29bd..8eddc85e 100644
--- a/indoteknik_api/models/res_users.py
+++ b/indoteknik_api/models/res_users.py
@@ -7,6 +7,7 @@ class ResUsers(models.Model):
     def api_single_response(self, res_user, with_detail=''):
         data = {
             'id': res_user.id,
+            'partner_id': res_user.partner_id.id,
             'name': res_user.name,
             'email': res_user.login,
             'phone': res_user.phone or '',