diff options
Diffstat (limited to 'indoteknik_api')
| -rw-r--r-- | indoteknik_api/controllers/api_v1/download.py | 28 | ||||
| -rw-r--r-- | indoteknik_api/controllers/api_v1/sale_order.py | 40 | ||||
| -rw-r--r-- | indoteknik_api/models/rest_api.py | 29 | ||||
| -rw-r--r-- | indoteknik_api/models/sale_order.py | 3 |
4 files changed, 89 insertions, 11 deletions
diff --git a/indoteknik_api/controllers/api_v1/download.py b/indoteknik_api/controllers/api_v1/download.py index f12be337..d9353896 100644 --- a/indoteknik_api/controllers/api_v1/download.py +++ b/indoteknik_api/controllers/api_v1/download.py @@ -1,7 +1,6 @@ from .. import controller from odoo import http from odoo.http import request -import base64 class Download(controller.Controller): @@ -13,30 +12,41 @@ class Download(controller.Controller): ('res_field', '=', field), ('res_id', '=', id), ], ['datas', 'mimetype']) - return result if len(result) > 0 else None + return result[0] if len(result) > 0 else None @http.route(PREFIX + 'download/invoice/<id>/<token>', auth='none', method=['GET']) def download_invoice(self, id, token): id = int(id) - md5_valid = request.env['rest.api'].md5_salt_valid(id, 'account.move', token) + rest_api = request.env['rest.api'] + md5_valid = rest_api.md5_salt_valid(id, 'account.move', token) if not md5_valid: return self.response('Unauthorized') + account_move = request.env['account.move'].sudo().search_read([('id', '=', id)], ['name']) pdf, type = request.env['ir.actions.report'].sudo().search([('report_name', '=', 'account.report_invoice')])._render_qweb_pdf([id]) - return request.make_response(pdf, [('Content-Type', 'application/pdf')]) + return rest_api.response_attachment({ + 'content': pdf, + 'mimetype': 'application/pdf', + 'filename': account_move[0]['name'] + }) @http.route(PREFIX + 'download/tax-invoice/<id>/<token>', auth='none', method=['GET']) def download_tax_invoice(self, id, token): id = int(id) - md5_valid = request.env['rest.api'].md5_salt_valid(id, 'account.move', token) + rest_api = request.env['rest.api'] + md5_valid = rest_api.md5_salt_valid(id, 'account.move', token) if not md5_valid: return self.response('Unauthorized') + account_move = request.env['account.move'].sudo().search_read([('id', '=', id)], ['name']) attachment = self._get_attachment('account.move', 'efaktur_document', id) - if attachment: - attachment = attachment[0] - return request.make_response(base64.b64decode(attachment['datas']), [('Content-Type', attachment['mimetype'])]) + if attachment and len(account_move) > 0: + return rest_api.response_attachment({ + 'content': attachment['datas'], + 'decode_content': True, + 'mimetype': attachment['mimetype'], + 'filename': account_move[0]['name'], + }) return self.response('Dokumen tidak ditemukan', code=404) - diff --git a/indoteknik_api/controllers/api_v1/sale_order.py b/indoteknik_api/controllers/api_v1/sale_order.py index 9a4b23d9..1c67d6c5 100644 --- a/indoteknik_api/controllers/api_v1/sale_order.py +++ b/indoteknik_api/controllers/api_v1/sale_order.py @@ -3,6 +3,7 @@ from odoo import http from odoo.http import request import json + class SaleOrder(controller.Controller): prefix = '/api/v1/' PREFIX_PARTNER = prefix + 'partner/<partner_id>/' @@ -134,6 +135,45 @@ class SaleOrder(controller.Controller): data = sale_order.id return self.response(data) + @http.route(PREFIX_PARTNER + 'sale_order/<id>/download_po/<token>', auth='none', method=['GET']) + def partner_download_po_sale_order(self, id, token): + id = int(id) + + rest_api = request.env['rest.api'] + md5_valid = rest_api.md5_salt_valid(id, 'sale.order', token) + if not md5_valid: + return self.response('Unauthorized') + + sale_order = request.env['sale.order'].sudo().search_read([('id', '=', id)], ['partner_purchase_order_name']) + attachment = rest_api.get_single_attachment('sale.order', 'partner_purchase_order_file', id) + if attachment and len(sale_order) > 0: + return rest_api.response_attachment({ + 'content': attachment['datas'], + 'decode_content': True, + 'mimetype': attachment['mimetype'], + 'filename': sale_order[0]['partner_purchase_order_name'] + }) + return self.response('Dokumen tidak ditemukan', code=404) + + @http.route(PREFIX_PARTNER + 'sale_order/<id>/download/<token>', auth='none', method=['GET']) + def partner_download_sale_order(self, id, token): + id = int(id) + + rest_api = request.env['rest.api'] + md5_valid = rest_api.md5_salt_valid(id, 'sale.order', token) + if not md5_valid: + return self.response('Unauthorized') + + sale_order = request.env['sale.order'].sudo().search_read([('id', '=', id)], ['name']) + pdf, type = request.env['ir.actions.report'].sudo().search([('report_name', '=', 'sale.report_saleorder')])._render_qweb_pdf([id]) + if pdf and len(sale_order) > 0: + return rest_api.response_attachment({ + 'content': pdf, + 'mimetype': 'application/pdf', + 'filename': sale_order[0]['name'] + }) + return self.response('Dokumen tidak ditemukan', code=404) + @http.route(PREFIX_PARTNER + 'sale_order/<id>/cancel', auth='public', method=['POST', 'OPTIONS'], csrf=False) def partner_cancel_sale_order(self, **kw): user_token = self.authenticate() diff --git a/indoteknik_api/models/rest_api.py b/indoteknik_api/models/rest_api.py index 0a15aad1..65119b52 100644 --- a/indoteknik_api/models/rest_api.py +++ b/indoteknik_api/models/rest_api.py @@ -1,7 +1,9 @@ from odoo import models +from odoo.http import request import datetime from pytz import timezone import hashlib +import base64 class RestApi(models.TransientModel): @@ -17,4 +19,29 @@ class RestApi(models.TransientModel): return hashlib.md5((salt + '$' + str(value)).encode()).hexdigest() def md5_salt_valid(self, value, salt, token): - return hashlib.md5((salt + '$' + str(value)).encode()).hexdigest() == token
\ No newline at end of file + return hashlib.md5((salt + '$' + str(value)).encode()).hexdigest() == token + + def get_single_attachment(self, model, field, id): + domain = [ + ('res_model', '=', model), + ('res_field', '=', field), + ('res_id', '=', id), + ] + fields = ['datas', 'mimetype'] + result = self.env['ir.attachment'].sudo().search_read(domain, fields) + return result[0] if len(result) > 0 else None + + def response_attachment(self, data = {}): + decode_content = data.get('decode_content', False) + if decode_content: + data['content'] = base64.b64decode(data['content']) + + return request.make_response( + data['content'], + [ + ('Content-Type', data['mimetype']), + ('Content-Disposition', 'attachment; filename=%s' % data['filename']), + ('Content-Length', len(data['content'])) + ] + ) +
\ No newline at end of file diff --git a/indoteknik_api/models/sale_order.py b/indoteknik_api/models/sale_order.py index cc2f9586..c3f3dccb 100644 --- a/indoteknik_api/models/sale_order.py +++ b/indoteknik_api/models/sale_order.py @@ -6,11 +6,13 @@ class SaleOrder(models.Model): def api_v1_single_response(self, sale_order, context=False): data = { + 'token': self.env['rest.api'].md5_salt(sale_order.id, 'sale.order'), 'id': sale_order.id, 'name': sale_order.name, 'sales': sale_order.user_id.name, 'amount_total': sale_order.amount_total, 'purchase_order_name': sale_order.partner_purchase_order_name, + 'purchase_order_file': True if sale_order.partner_purchase_order_file else False, 'invoice_count': sale_order.invoice_count, 'status': 'draft', } @@ -32,7 +34,6 @@ class SaleOrder(models.Model): if context == 'with_detail': res_users = self.env['res.users'] data_with_detail = { - 'purchase_order_file': True if sale_order.partner_purchase_order_file else False, 'payment_term': sale_order.payment_term_id.name or '', 'date_order': self.env['rest.api'].datetime_to_str(sale_order.date_order, '%d/%m/%Y %H:%M:%S'), 'products': [], |