19.0 vanilla

2026-04-27 20:12:04 +02:00 · 2026-03-09 09:32:12 +01:00 · 2026-03-09 09:32:12 +01:00 · 73afc09215
commit 73afc09215
parent 79f83631d5
6267 changed files with 1534193 additions and 1130106 deletions
--- a/odoo-bringout-oca-ocb-sale_stock/sale_stock/controllers/portal.py
+++ b/odoo-bringout-oca-ocb-sale_stock/sale_stock/controllers/portal.py
@ -1,5 +1,6 @@
 # -*- coding: utf-8 -*-
 # Part of Odoo. See LICENSE file for full copyright and licensing details.
+from werkzeug.exceptions import NotFound

 from odoo import exceptions, SUPERUSER_ID
 from odoo.addons.sale.controllers.portal import CustomerPortal
@ -13,8 +14,7 @@ class SaleStockPortal(CustomerPortal):
        picking = request.env['stock.picking'].browse([picking_id])
        picking_sudo = picking.sudo()
        try:
-            picking.check_access_rights('read')
-            picking.check_access_rule('read')
+            picking.check_access('read')
        except exceptions.AccessError:
            if not access_token or not consteq(picking_sudo.sale_id.access_token, access_token):
                raise
@ -26,8 +26,8 @@ class SaleStockPortal(CustomerPortal):
        to be sure customer has access """
        try:
            picking_sudo = self._stock_picking_check_access(picking_id, access_token=access_token)
-        except exceptions.AccessError:
-            return request.redirect('/my')
+        except (exceptions.AccessError, exceptions.MissingError):
+            return NotFound()

        # print report with sudo, since it require access to product, taxes, payment term etc.. and portal does not have those access rights.
        pdf = request.env['ir.actions.report'].sudo()._render_qweb_pdf('stock.action_report_delivery', [picking_sudo.id])[0]
@ -36,3 +36,20 @@ class SaleStockPortal(CustomerPortal):
            ('Content-Length', len(pdf)),
        ]
        return request.make_response(pdf, headers=pdfhttpheaders)
+
+    @route(['/my/picking/return/pdf/<int:picking_id>'], type='http', auth="public", website=True)
+    def portal_my_picking_return_report(self, picking_id, access_token=None, **kw):
+        """ Print return label for customer, using either access rights or access token
+        to be sure customer has access """
+        try:
+            picking_sudo = self._stock_picking_check_access(picking_id, access_token=access_token)
+        except (exceptions.AccessError, exceptions.MissingError):
+            return NotFound()
+
+        pdf = \
+        request.env['ir.actions.report'].sudo()._render_qweb_pdf('stock.return_label_report', [picking_sudo.id])[0]
+        pdfhttpheaders = [
+            ('Content-Type', 'application/pdf'),
+            ('Content-Length', len(pdf)),
+        ]
+        return request.make_response(pdf, headers=pdfhttpheaders)