[MERGE] forward port branch 11.0 up to a9a55617

e980af9d · Christophe Simonis · cbff00a5 · a9a55617 · e980af9d · e980af9d
Commit e980af9d authored 6 years ago by Christophe Simonis
--- a/addons/document/static/src/js/document.js
+++ b/addons/document/static/src/js/document.js
@@ -50,6 +50,7 @@ Sidebar.include({
     * @override
     */
    updateEnv: function (env) {
+        this.env = env;
        var _super = _.bind(this._super, this, env);
        var def = this.hasAttachments ? this._updateAttachments() : $.when();
        def.then(_super);

--- a/addons/hw_scale/controllers/main.py
+++ b/addons/hw_scale/controllers/main.py
@@ -95,7 +95,7 @@ ADAMEquipmentProtocol = ScaleProtocol(
    parity=serial.PARITY_NONE,
    timeout=0.2,
    writeTimeout=0.2,
-    weightRegexp=r"\s*([0-9.]+)kg", # LABEL format 3 + KG in the scale settings, but Label 1/2 should work
+    weightRegexp=b"\s*([0-9.]+)kg", # LABEL format 3 + KG in the scale settings, but Label 1/2 should work
    statusRegexp=None,
    statusParse=None,
    commandTerminator=b"\r\n",

--- a/addons/l10n_jp/data/account.account.template.csv
+++ b/addons/l10n_jp/data/account.account.template.csv
@@ -9,7 +9,7 @@ A11219,A11219,出庫請求仮,account.data_account_type_current_assets,,FALSE,,l
 A11301,A11301,未収収益,account.data_account_type_current_assets,,FALSE,,l10n_jp1
 A11401,A11401,有価証券,account.data_account_type_current_assets,,FALSE,,l10n_jp1
 A11501,A11501,商品,account.data_account_type_current_assets,,FALSE,,l10n_jp1
-A11503,A11503,製品,account.data_account_type_current_assets,,FALSE,,l10n_jp1
+A11502,A11502,製品,account.data_account_type_current_assets,,FALSE,,l10n_jp1
 A11504,A11504,仕掛品,account.data_account_type_current_assets,,FALSE,,l10n_jp1
 A11505,A11505,原材料,account.data_account_type_current_assets,,FALSE,,l10n_jp1
 A11506,A11506,資材,account.data_account_type_current_assets,,FALSE,,l10n_jp1

--- a/addons/l10n_lu/data/account.tax.template-2015.csv
+++ b/addons/l10n_lu/data/account.tax.template-2015.csv
@@ -405,4 +405,4 @@ lu_2011_tax_VP-PA-3,Sales Services 3% - Country,VP-PA-3,sale,percent,3,lu_2011_a
 lu_2011_tax_VP-PA-6,Sales Services 6% - Country,VP-PA-6,sale,percent,6,lu_2011_account_4614111,lu_2011_account_4614111,lu_2011_chart_1,504,,"tag_lu_200,tag_lu_278",tax_group_6
 lu_2015_tax_VP-PA-8,Sales Services 8% - Country,VP-PA-8,sale,percent,8,lu_2011_account_4614111,lu_2011_account_4614111,lu_2011_chart_1,505,,"tag_lu_294,tag_lu_218",tax_group_8
 lu_2015_tax_SANS,Without Taxes,SANS,purchase,percent,0,,,lu_2011_chart_1,506,,tag_lu_598,tax_group_0
-lu_2015_tax_SANS,Without Taxes,SANS,sale,percent,0,,,lu_2011_chart_1,507,,tag_lu_598,tax_group_0
+lu_2015_tax_SANS_sale,Without Taxes,SANS,sale,percent,0,,,lu_2011_chart_1,507,,tag_lu_598,tax_group_0
--- a/addons/stock_account/models/stock.py
+++ b/addons/stock_account/models/stock.py
@@ -507,9 +507,9 @@ class StockMove(models.Model):
        if not accounts_data.get('stock_journal', False):
            raise UserError(_('You don\'t have any stock journal defined on your product category, check if you have installed a chart of accounts'))
        if not acc_src:
-            raise UserError(_('Cannot find a stock input account for the product %s. You must define one on the product category, or on the location, before processing this operation.') % (self.product_id.name))
+            raise UserError(_('Cannot find a stock input account for the product %s. You must define one on the product category, or on the location, before processing this operation.') % (self.product_id.display_name))
        if not acc_dest:
-            raise UserError(_('Cannot find a stock output account for the product %s. You must define one on the product category, or on the location, before processing this operation.') % (self.product_id.name))
+            raise UserError(_('Cannot find a stock output account for the product %s. You must define one on the product category, or on the location, before processing this operation.') % (self.product_id.display_name))
        if not acc_valuation:
            raise UserError(_('You don\'t have any stock valuation account defined on your product category. You must define one before processing this operation.'))
        journal_id = accounts_data['stock_journal'].id
@@ -533,7 +533,7 @@ class StockMove(models.Model):

        # check that all data is correct
        if self.company_id.currency_id.is_zero(debit_value):
-            raise UserError(_("The cost of %s is currently equal to 0. Change the cost or the configuration of your product to avoid an incorrect valuation.") % (self.product_id.name,))
+            raise UserError(_("The cost of %s is currently equal to 0. Change the cost or the configuration of your product to avoid an incorrect valuation.") % (self.product_id.display_name,))
        credit_value = debit_value



--- a/doc/_extensions/github_link.py
+++ b/doc/_extensions/github_link.py
@@ -91,17 +91,17 @@ def make_github_link(app, path, line=None, mode="blob"):
        '',
        '' if line is None else 'L%d' % line
    ))
-
 def add_doc_link(app, pagename, templatename, context, doctree):
    """ Add github_link function linking to the current page on github """
    if not app.config.github_user and app.config.github_project:
        return

-    # FIXME: find other way to recover current document's source suffix
-    # in Sphinx 1.3 it's possible to have mutliple source suffixes and that
-    # may be useful in the future
    source_suffix = app.config.source_suffix
-    source_suffix = source_suffix if isinstance(source_suffix, pycompat.string_types) else source_suffix[0]
+    # in 1.3 source_suffix can be a list
+    # in 1.8 source_suffix can be a mapping
+    # FIXME: will break if we ever add support for !rst markdown documents maybe
+    if not isinstance(source_suffix, pycompat.string_types):
+        source_suffix = next(iter(source_suffix))
    # can't use functools.partial because 3rd positional is line not mode
    context['github_link'] = lambda mode='edit': make_github_link(
        app, 'doc/%s%s' % (pagename, source_suffix), mode=mode)
--- a/doc/cla/corporate/inspur.md
+++ b/doc/cla/corporate/inspur.md
+China, 2018-09-28
+
+Inspur Genersoft Co., Ltd agrees to the terms of the Odoo Corporate Contributor
+License Agreement v1.0.
+
+I declare that I am authorized and able to make this agreement and sign this
+declaration.
+
+Signed,
+
+David Yu, yudw@inspur.com
+
+List of contributors:
+
+Brain Wang wangbuke@inspur.com
+David Yu yudw@inspur.com
+Alex Aisin-Gioro wubai@inspur.com
--- a/odoo/addons/base/models/ir_http.py
+++ b/odoo/addons/base/models/ir_http.py
@@ -278,10 +278,6 @@ class IrHttp(models.AbstractModel):
        obj = None
        if xmlid:
            obj = env.ref(xmlid, False)
-        elif id and model == 'ir.attachment' and access_token:
-            obj = env[model].sudo().browse(int(id))
-            if not consteq(obj.access_token or '', access_token):
-                return (403, [], None)
        elif id and model in env.registry:
            obj = env[model].browse(int(id))

@@ -289,6 +285,12 @@ class IrHttp(models.AbstractModel):
        if not obj or not obj.exists() or field not in obj:
            return (404, [], None)

+        # access token grant access
+        if model == 'ir.attachment' and access_token:
+            obj = obj.sudo()
+            if not consteq(obj.access_token or '', access_token):
+                return (403, [], None)
+
        # check read access
        try:
            last_update = obj['__last_update']

--- a/odoo/addons/base/tests/test_ir_http.py
+++ b/odoo/addons/base/tests/test_ir_http.py
@@ -79,3 +79,54 @@ class test_ir_http_mimetype(common.TransactionCase):
        )
        mimetype = dict(headers).get('Content-Type')
        self.assertEqual(mimetype, 'image/gif')
+
+    def test_ir_http_attachment_access(self):
+        """ Test attachment access with and without access token """
+        public_user = self.env.ref('base.public_user')
+        attachment = self.env['ir.attachment'].create({
+            'datas': GIF,
+            'name': 'Test valid access token with image',
+            'datas_fname': 'image.gif'
+        })
+
+        defaults = {
+            'id': attachment.id,
+            'default_mimetype': 'image/gif',
+            'env': public_user.sudo(public_user.id).env,
+        }
+
+        def test_access(**kwargs):
+            status, _, _ = self.env['ir.http'].binary_content(
+                **defaults, **kwargs
+            )
+            return status
+
+        status = test_access()
+        self.assertEqual(status, 403, "no access")
+
+        status = test_access(access_token='Secret')
+        self.assertEqual(status, 403,
+            "no access if access token for attachment without access token")
+
+        attachment.access_token = 'Secret'
+        status = test_access(access_token='Secret')
+        self.assertEqual(status, 200, "access for correct access token")
+
+        status = test_access(access_token='Wrong')
+        self.assertEqual(status, 403, "no access for wrong access token")
+
+        attachment.public = True
+        status = test_access()
+        self.assertEqual(status, 200, "access for attachment with access")
+
+        status = test_access(access_token='Wrong')
+        self.assertEqual(status, 403,
+            "no access for wrong access token for attachment with access")
+
+        attachment.unlink()
+        status = test_access()
+        self.assertEqual(status, 404, "no access for deleted attachment")
+
+        status = test_access(access_token='Secret')
+        self.assertEqual(status, 404,
+            "no access with access token for deleted attachment")