From 3fbfb5301c7583583e4f46c9b4ef16e048e5800c Mon Sep 17 00:00:00 2001
From: "Guillaume (gdi)" <gdi@odoo.com>
Date: Wed, 3 May 2023 15:41:22 +0000
Subject: [PATCH] [FIX] website: compute company id for new users

When a new user is created from the website, the company id was always
set to the first company of the database even if the website was the one
of another company. This flow has been already fixed if there is the
"Specific User Account" setting activated (see [this other commit]).
This commit fixes the same issue but for every case.

Steps to reproduce the issue:
- Create 2 companies A & B
- For each company, create a website linked to a different URL
- Activate 'Free sign up' for company B
- As a public user, go to website of company B
- Go to 'Sign in > Don't have an account?' and create an account

=> If as an admin you check the company of the created user, it is
company A instead of company B.

[this other commit]: https://github.com/odoo/odoo/commit/77c708c516beb322df37220634e178ba82e894c9

task-3277317

closes odoo/odoo#121558

X-original-commit: eda9ad14b45fbf697e4c6d124ceb314916fb7a9f
Signed-off-by: Benoit Socias (bso) <bso@odoo.com>
---
 addons/website/models/res_users.py     |  9 ++++--
 addons/website/tests/test_res_users.py | 38 ++++++++++++++++++++++++++
 2 files changed, 44 insertions(+), 3 deletions(-)

diff --git a/addons/website/models/res_users.py b/addons/website/models/res_users.py
index 96d41d65f339..10ebc1499e87 100644
--- a/addons/website/models/res_users.py
+++ b/addons/website/models/res_users.py
@@ -2,7 +2,7 @@
 # Part of Odoo. See LICENSE file for full copyright and licensing details.
 import logging
 
-from odoo import api, fields, models, _
+from odoo import api, fields, models, _, Command
 from odoo.exceptions import ValidationError
 from odoo.http import request
 
@@ -48,9 +48,12 @@ class ResUsers(models.Model):
     @api.model
     def _signup_create_user(self, values):
         current_website = self.env['website'].get_current_website()
+        # Note that for the moment, portal users can connect to all websites of
+        # all companies as long as the specific_user_account setting is not
+        # activated.
+        values['company_id'] = current_website.company_id.id
+        values['company_ids'] = [Command.link(current_website.company_id.id)]
         if request and current_website.specific_user_account:
-            values['company_id'] = current_website.company_id.id
-            values['company_ids'] = [(4, current_website.company_id.id)]
             values['website_id'] = current_website.id
         new_user = super(ResUsers, self)._signup_create_user(values)
         return new_user
diff --git a/addons/website/tests/test_res_users.py b/addons/website/tests/test_res_users.py
index 8aca623bec33..87814cbda839 100644
--- a/addons/website/tests/test_res_users.py
+++ b/addons/website/tests/test_res_users.py
@@ -7,6 +7,7 @@ from odoo.tests.common import TransactionCase, new_test_user
 from odoo.exceptions import ValidationError
 from odoo.tools import mute_logger
 from odoo.service.model import retrying
+from odoo.addons.website.tools import MockRequest
 
 
 class TestWebsiteResUsers(TransactionCase):
@@ -64,3 +65,40 @@ class TestWebsiteResUsers(TransactionCase):
         # rollback in retrying().
         with TestCase.assertRaises(self, ValidationError), mute_logger('odoo.sql_db'):
             retrying(create_user_pou, env)
+
+    def _create_user_via_website(self, website, login):
+        # We need a fake request to _signup_create_user.
+        with MockRequest(self.env, website=website):
+            return self.env['res.users'].with_context(website_id=website.id)._signup_create_user({
+                'name': login,
+                'login': login,
+            })
+
+    def _create_and_check_portal_user(self, website_specific, company_1, company_2, website_1, website_2):
+        # Disable/Enable cross-website for portal users.
+        website_1.specific_user_account = website_specific
+        website_2.specific_user_account = website_specific
+
+        user_1 = self._create_user_via_website(website_1, 'user1')
+        user_2 = self._create_user_via_website(website_2, 'user2')
+        self.assertEqual(user_1.company_id, company_1)
+        self.assertEqual(user_2.company_id, company_2)
+
+        if website_specific:
+            self.assertEqual(user_1.website_id, website_1)
+            self.assertEqual(user_2.website_id, website_2)
+        else:
+            self.assertEqual(user_1.website_id.id, False)
+            self.assertEqual(user_2.website_id.id, False)
+
+    def test_multi_website_multi_company(self):
+        company_1 = self.env['res.company'].create({'name': "Company 1"})
+        company_2 = self.env['res.company'].create({'name': "Company 2"})
+        website_1 = self.env['website'].create({'name': "Website 1", 'company_id': company_1.id})
+        website_2 = self.env['website'].create({'name': "Website 2", 'company_id': company_2.id})
+        # Permit uninvited signup.
+        website_1.auth_signup_uninvited = 'b2c'
+        website_2.auth_signup_uninvited = 'b2c'
+
+        self._create_and_check_portal_user(False, company_1, company_2, website_1, website_2)
+        self._create_and_check_portal_user(True, company_1, company_2, website_1, website_2)
-- 
GitLab