Skip to content

Commit 95aba5b

Browse files
iga-adhociga-adhoc
committed
feat: propagar embed en descarga de archivos y gate de email
1 parent cce0804 commit 95aba5b

2 files changed

Lines changed: 77 additions & 11 deletions

File tree

sipreco_purchase_web/controllers/main.py

Lines changed: 21 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -105,7 +105,9 @@ def purchase_detail(self, purchase_id, embed=False, **kwargs):
105105
auth="public",
106106
website=True,
107107
)
108-
def purchase_attachment_download(self, purchase_id, attachment_line_id, **kwargs):
108+
def purchase_attachment_download(
109+
self, purchase_id, attachment_line_id, embed=False, **kwargs
110+
):
109111
Requisition = request.env["purchase.requisition"].sudo()
110112
purchase = Requisition.search(
111113
[
@@ -135,15 +137,24 @@ def purchase_attachment_download(self, purchase_id, attachment_line_id, **kwargs
135137
if attachment_line.require_email:
136138
email = kwargs.get("email", "").strip()
137139
if not email:
138-
# Redirigir a formulario de email
139-
return request.render(
140-
"sipreco_purchase_web.purchase_email_gate_template",
140+
template = (
141+
"sipreco_purchase_web.purchase_email_gate_embed_template"
142+
if embed
143+
else "sipreco_purchase_web.purchase_email_gate_template"
144+
)
145+
response = request.render(
146+
template,
141147
{
142148
"purchase": purchase,
143149
"attachment_line": attachment_line,
144150
"page_name": "purchase_email_gate",
151+
"embed": bool(embed),
145152
},
146153
)
154+
if embed:
155+
response.headers["X-Frame-Options"] = "ALLOWALL"
156+
response.headers["Content-Security-Policy"] = "frame-ancestors *"
157+
return response
147158
_logger.info(
148159
'Descarga de archivo "%s" (id=%s) por email: %s',
149160
attachment_line.name,
@@ -181,23 +192,23 @@ def purchase_attachment_download(self, purchase_id, attachment_line_id, **kwargs
181192
csrf=True,
182193
)
183194
def purchase_attachment_email_submit(
184-
self, purchase_id, attachment_line_id, email="", **kwargs
195+
self, purchase_id, attachment_line_id, email="", embed=False, **kwargs
185196
):
186197
# Validación básica del email recibido por POST
187198
email = email.strip()
199+
embed_qs = "&embed=1" if embed else ""
188200
if not email or "@" not in email:
189201
return request.redirect(
190-
"/compras/%d/descargar/%d" % (purchase_id, attachment_line_id)
202+
"/compras/%d/descargar/%d?%s"
203+
% (purchase_id, attachment_line_id, embed_qs.lstrip("&"))
191204
)
192-
# Registrar y redirigir con el email como parámetro para que el
193-
# controlador principal sirva el archivo
194205
_logger.info(
195206
"Email registrado para descarga de archivo (requisition=%d, attachment=%d): %s",
196207
purchase_id,
197208
attachment_line_id,
198209
email,
199210
)
200211
return request.redirect(
201-
"/compras/%d/descargar/%d?email=%s"
202-
% (purchase_id, attachment_line_id, email)
212+
"/compras/%d/descargar/%d?email=%s%s"
213+
% (purchase_id, attachment_line_id, email, embed_qs)
203214
)

sipreco_purchase_web/views/website_templates.xml

Lines changed: 56 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -449,7 +449,7 @@
449449
</t>
450450
<t t-foreach="purchase.web_attachment_ids" t-as="att">
451451
<li class="list-group-item">
452-
<a t-attf-href="/compras/#{purchase.id}/descargar/#{att.id}"
452+
<a t-attf-href="/compras/#{purchase.id}/descargar/#{att.id}?embed=1"
453453
class="d-flex align-items-center gap-2">
454454
<i class="fa fa-download text-primary"/>
455455
<span>
@@ -472,6 +472,61 @@
472472
</html>
473473
</template>
474474

475+
<!-- Gate de email embed (sin layout de website, para uso en iframe externo) -->
476+
<template id="purchase_email_gate_embed_template" name="Compras - Solicitud de email (embed)">
477+
<html>
478+
<head>
479+
<meta charset="utf-8"/>
480+
<meta name="viewport" content="width=device-width, initial-scale=1"/>
481+
<title>Descarga de documento</title>
482+
<link rel="stylesheet" href="/web/static/lib/bootstrap/dist/css/bootstrap.css"/>
483+
</head>
484+
<body>
485+
<div class="container mt-5 mb-5">
486+
<div class="row justify-content-center">
487+
<div class="col-md-8">
488+
<div class="card shadow-sm">
489+
<div class="card-body">
490+
<h4 class="card-title mb-3">Descarga de documento</h4>
491+
<p>
492+
Para descargar
493+
<strong><t t-esc="attachment_line.name"/></strong>
494+
de la licitación
495+
<strong>
496+
<t t-esc="purchase.web_object or purchase.name"/>
497+
</strong>,
498+
por favor ingrese su correo electrónico.
499+
</p>
500+
<form t-attf-action="/compras/#{purchase.id}/descargar/#{attachment_line.id}/email"
501+
method="post">
502+
<input type="hidden" name="csrf_token"
503+
t-att-value="request.csrf_token()"/>
504+
<input type="hidden" name="embed" value="1"/>
505+
<div class="mb-3">
506+
<label for="email" class="form-label">
507+
Correo electrónico
508+
</label>
509+
<input type="email" class="form-control"
510+
id="email" name="email" required="required"/>
511+
</div>
512+
<button type="submit" class="btn btn-primary w-100">
513+
Descargar
514+
</button>
515+
</form>
516+
<div class="mt-2 text-center">
517+
<a t-attf-href="/compras/#{purchase.id}?embed=1">
518+
← Volver al detalle
519+
</a>
520+
</div>
521+
</div>
522+
</div>
523+
</div>
524+
</div>
525+
</div>
526+
</body>
527+
</html>
528+
</template>
529+
475530
<!-- Formulario de email previo a la descarga del legajo -->
476531
<template id="purchase_email_gate_template" name="Compras - Solicitud de email">
477532
<t t-call="website.layout">

0 commit comments

Comments
 (0)