initial commit 2

3 files changed, 124 insertions, 0 deletions

diff --git a/addons/account_payment/controllers/__init__.py b/addons/account_payment/controllers/__init__.py
new file mode 100644
index 00000000..f453df57
--- /dev/null
+++ b/addons/account_payment/controllers/__init__.py
@@ -0,0 +1,5 @@
+# -*- coding: utf-8 -*-
+# Part of Odoo. See LICENSE file for full copyright and licensing details.
+
+from . import portal
+from . import payment
\ No newline at end of file
diff --git a/addons/account_payment/controllers/payment.py b/addons/account_payment/controllers/payment.py
new file mode 100644
index 00000000..84b90b72
--- /dev/null
+++ b/addons/account_payment/controllers/payment.py
@@ -0,0 +1,93 @@
+# -*- coding: utf-8 -*-
+# Part of Odoo. See LICENSE file for full copyright and licensing details.
+
+from werkzeug.urls import url_encode
+
+from odoo import http, _
+from odoo.addons.portal.controllers.portal import _build_url_w_params
+from odoo.addons.payment.controllers.portal import PaymentProcessing
+from odoo.http import request, route
+
+
+class PaymentPortal(http.Controller):
+
+    @route('/invoice/pay/<int:invoice_id>/form_tx', type='json', auth="public", website=True)
+    def invoice_pay_form(self, acquirer_id, invoice_id, save_token=False, access_token=None, **kwargs):
+        """ Json method that creates a payment.transaction, used to create a
+        transaction when the user clicks on 'pay now' button on the payment
+        form.
+
+        :return html: form containing all values related to the acquirer to
+                      redirect customers to the acquirer website """
+        invoice_sudo = request.env['account.move'].sudo().browse(invoice_id)
+        if not invoice_sudo:
+            return False
+
+        try:
+            acquirer_id = int(acquirer_id)
+        except:
+            return False
+
+        if request.env.user._is_public():
+            save_token = False # we avoid to create a token for the public user
+
+        success_url = kwargs.get(
+            'success_url', "%s?%s" % (invoice_sudo.access_url, url_encode({'access_token': access_token}) if access_token else '')
+        )
+        vals = {
+            'acquirer_id': acquirer_id,
+            'return_url': success_url,
+        }
+
+        if save_token:
+            vals['type'] = 'form_save'
+
+        transaction = invoice_sudo._create_payment_transaction(vals)
+        PaymentProcessing.add_payment_transaction(transaction)
+
+        return transaction.render_invoice_button(
+            invoice_sudo,
+            submit_txt=_('Pay & Confirm'),
+            render_values={
+                'type': 'form_save' if save_token else 'form',
+                'alias_usage': _('If we store your payment information on our server, subscription payments will be made automatically.'),
+            }
+        )
+
+    @http.route('/invoice/pay/<int:invoice_id>/s2s_token_tx', type='http', auth='public', website=True)
+    def invoice_pay_token(self, invoice_id, pm_id=None, **kwargs):
+        """ Use a token to perform a s2s transaction """
+        error_url = kwargs.get('error_url', '/my')
+        access_token = kwargs.get('access_token')
+        params = {}
+        if access_token:
+            params['access_token'] = access_token
+
+        invoice_sudo = request.env['account.move'].sudo().browse(invoice_id).exists()
+        if not invoice_sudo:
+            params['error'] = 'pay_invoice_invalid_doc'
+            return request.redirect(_build_url_w_params(error_url, params))
+
+        success_url = kwargs.get(
+            'success_url', "%s?%s" % (invoice_sudo.access_url, url_encode({'access_token': access_token}) if access_token else '')
+        )
+        try:
+            token = request.env['payment.token'].sudo().browse(int(pm_id))
+        except (ValueError, TypeError):
+            token = False
+        token_owner = invoice_sudo.partner_id if request.env.user._is_public() else request.env.user.partner_id
+        if not token or token.partner_id != token_owner:
+            params['error'] = 'pay_invoice_invalid_token'
+            return request.redirect(_build_url_w_params(error_url, params))
+
+        vals = {
+            'payment_token_id': token.id,
+            'type': 'server2server',
+            'return_url': _build_url_w_params(success_url, params),
+        }
+
+        tx = invoice_sudo._create_payment_transaction(vals)
+        PaymentProcessing.add_payment_transaction(tx)
+
+        params['success'] = 'pay_invoice'
+        return request.redirect('/payment/process')
diff --git a/addons/account_payment/controllers/portal.py b/addons/account_payment/controllers/portal.py
new file mode 100644
index 00000000..0f2476c0
--- /dev/null
+++ b/addons/account_payment/controllers/portal.py
@@ -0,0 +1,26 @@
+# -*- coding: utf-8 -*-
+# Part of Odoo. See LICENSE file for full copyright and licensing details.
+
+from odoo.addons.account.controllers.portal import PortalAccount
+from odoo.http import request
+
+
+class PortalAccount(PortalAccount):
+
+    def _invoice_get_page_view_values(self, invoice, access_token, **kwargs):
+        values = super(PortalAccount, self)._invoice_get_page_view_values(invoice, access_token, **kwargs)
+        payment_inputs = request.env['payment.acquirer']._get_available_payment_input(partner=invoice.partner_id, company=invoice.company_id)
+        # if not connected (using public user), the method _get_available_payment_input will return public user tokens
+        is_public_user = request.env.user._is_public()
+        if is_public_user:
+            # we should not display payment tokens owned by the public user
+            payment_inputs.pop('pms', None)
+            token_count = request.env['payment.token'].sudo().search_count([('acquirer_id.company_id', '=', invoice.company_id.id),
+                                                                      ('partner_id', '=', invoice.partner_id.id),
+                                                                    ])
+            values['existing_token'] = token_count > 0
+        values.update(payment_inputs)
+        # if the current user is connected we set partner_id to his partner otherwise we set it as the invoice partner
+        # we do this to force the creation of payment tokens to the correct partner and avoid token linked to the public user
+        values['partner_id'] = invoice.partner_id if is_public_user else request.env.user.partner_id,
+        return values