[FIX] email_template: use urlencode to build urls, and adapt email templates;

also fixes incorrect usage of 'safe' in those templates"

bzr revid: rco@openerp.com-20121214090340-nd3u4ahhb4460r4q
This commit is contained in:
Raphael Collet 2012-12-14 10:03:40 +01:00
parent e07f8a7519
commit a261f54c82
6 changed files with 74 additions and 90 deletions

View File

@ -22,7 +22,7 @@
<!--Email template --> <!--Email template -->
<record id="email_template_edi_invoice" model="email.template"> <record id="email_template_edi_invoice" model="email.template">
<field name="name">Invoice - Send by Email</field> <field name="name">Invoice - Send by Email</field>
<field name="email_from">${object.user_id.email or object.company_id.email or 'noreply@localhost'|safe}</field> <field name="email_from">${object.user_id.email or object.company_id.email or 'noreply@localhost'}</field>
<field name="subject">${object.company_id.name} Invoice (Ref ${object.number or 'n/a'})</field> <field name="subject">${object.company_id.name} Invoice (Ref ${object.number or 'n/a'})</field>
<field name="email_recipients">${object.partner_id.id}</field> <field name="email_recipients">${object.partner_id.id}</field>
<field name="model_id" ref="account.model_account_invoice"/> <field name="model_id" ref="account.model_account_invoice"/>
@ -46,32 +46,27 @@
&nbsp;&nbsp;Order reference: ${object.origin}<br /> &nbsp;&nbsp;Order reference: ${object.origin}<br />
% endif % endif
% if object.user_id: % if object.user_id:
&nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''|safe}?subject=Invoice%20${object.number}">${object.user_id.name}</a> &nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''}?subject=Invoice%20${object.number}">${object.user_id.name}</a>
% endif % endif
</p> </p>
% if object.company_id.paypal_account and object.type in ('out_invoice'): % if object.company_id.paypal_account and object.type in ('out_invoice'):
<% set paypal_url = ( <% set paypal_url = "https://www.paypal.com/cgi-bin/webscr?" +
"https://www.paypal.com/cgi-bin/webscr?cmd=_xclick" urlencode({
"&amp;business=%(paypal_account)s" "cmd": "_xclick",
"&amp;item_name=%(company_name)s%%20Invoice%%20%(inv)s" "business": object.company_id.paypal_account,
"&amp;invoice=%(inv)s" "item_name": object.company_id.name + " Invoice " + object.number,
"&amp;amount=%(amount)s" "invoice": object.number,
"&amp;currency_code=%(currency)s" "amount": object.residual,
"&amp;button_subtype=services" "currency_code": object.currency_id.name,
"&amp;no_note=1" "button_subtype": "services",
"&amp;bn=OpenERP_Invoice_PayNow_%(currency)s" "no_note": "1",
% { "bn": "OpenERP_Invoice_PayNow_" + object.currency_id.name,
'paypal_account': quote(object.company_id.paypal_account),
'company_name': quote(object.company_id.name),
'inv': quote(object.number),
'amount': quote(str(object.residual)),
'currency': quote(object.currency_id.name),
}) })
%> %>
<br/> <br/>
<p>It is also possible to directly pay with Paypal:</p> <p>It is also possible to directly pay with Paypal:</p>
<a style="margin-left: 120px;" href="${paypal_url|safe}"> <a style="margin-left: 120px;" href="${paypal_url}">
<img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/> <img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/>
</a> </a>
% endif % endif
@ -107,7 +102,7 @@
% endif % endif
% if object.company_id.website: % if object.company_id.website:
<div> <div>
Web :&nbsp;<a href="${object.company_id.website|safe}">${object.company_id.website|safe}</a> Web :&nbsp;<a href="${object.company_id.website}">${object.company_id.website}</a>
</div> </div>
%endif %endif
<p></p> <p></p>

View File

@ -6,9 +6,9 @@
<!--Mail template level 0--> <!--Mail template level 0-->
<record id="email_template_account_followup_level0" model="email.template"> <record id="email_template_account_followup_level0" model="email.template">
<field name="name">First polite payment follow-up reminder email</field> <field name="name">First polite payment follow-up reminder email</field>
<field name="email_from">${user.email or ''|safe}</field> <field name="email_from">${user.email or ''}</field>
<field name="subject">${user.company_id.name} Payment Reminder</field> <field name="subject">${user.company_id.name} Payment Reminder</field>
<field name="email_to">${object.email|safe}</field> <field name="email_to">${object.email}</field>
<field name="lang">${object.lang}</field> <field name="lang">${object.lang}</field>
<field name="model_id" ref="base.model_res_partner"/> <field name="model_id" ref="base.model_res_partner"/>
<field name="auto_delete" eval="True"/> <field name="auto_delete" eval="True"/>
@ -45,9 +45,9 @@ ${ctx.get('followup_table','') | safe}
<!--Mail template level 1 --> <!--Mail template level 1 -->
<record id="email_template_account_followup_level1" model="email.template"> <record id="email_template_account_followup_level1" model="email.template">
<field name="name">A bit urging second payment follow-up reminder email</field> <field name="name">A bit urging second payment follow-up reminder email</field>
<field name="email_from">${user.email or ''|safe}</field> <field name="email_from">${user.email or ''}</field>
<field name="subject">${user.company_id.name} Payment Reminder</field> <field name="subject">${user.company_id.name} Payment Reminder</field>
<field name="email_to">${object.email|safe}</field> <field name="email_to">${object.email}</field>
<field name="lang">${object.lang}</field> <field name="lang">${object.lang}</field>
<field name="model_id" ref="base.model_res_partner"/> <field name="model_id" ref="base.model_res_partner"/>
<field name="auto_delete" eval="True"/> <field name="auto_delete" eval="True"/>
@ -85,9 +85,9 @@ ${ctx.get('followup_table','') | safe}
<!--Mail template level 2 --> <!--Mail template level 2 -->
<record id="email_template_account_followup_level2" model="email.template"> <record id="email_template_account_followup_level2" model="email.template">
<field name="name">Urging payment follow-up reminder email</field> <field name="name">Urging payment follow-up reminder email</field>
<field name="email_from">${user.email or ''|safe}</field> <field name="email_from">${user.email or ''}</field>
<field name="subject">${user.company_id.name} Payment Reminder</field> <field name="subject">${user.company_id.name} Payment Reminder</field>
<field name="email_to">${object.email|safe}</field> <field name="email_to">${object.email}</field>
<field name="lang">${object.lang}</field> <field name="lang">${object.lang}</field>
<field name="model_id" ref="base.model_res_partner"/> <field name="model_id" ref="base.model_res_partner"/>
<field name="auto_delete" eval="True"/> <field name="auto_delete" eval="True"/>
@ -122,9 +122,9 @@ ${ctx.get('followup_table','') | safe}
<!-- Default follow up message --> <!-- Default follow up message -->
<record id="email_template_account_followup_default" model="email.template"> <record id="email_template_account_followup_default" model="email.template">
<field name="name">Default payment follow-up reminder e-mail</field> <field name="name">Default payment follow-up reminder e-mail</field>
<field name="email_from">${user.email or ''|safe}</field> <field name="email_from">${user.email or ''}</field>
<field name="subject">${user.company_id.name} Payment Reminder</field> <field name="subject">${user.company_id.name} Payment Reminder</field>
<field name="email_to">${object.email|safe}</field> <field name="email_to">${object.email}</field>
<field name="lang">${object.lang}</field> <field name="lang">${object.lang}</field>
<field name="model_id" ref="base.model_res_partner"/> <field name="model_id" ref="base.model_res_partner"/>
<field name="auto_delete" eval="True"/> <field name="auto_delete" eval="True"/>

View File

@ -28,7 +28,7 @@ from osv import osv
from osv import fields from osv import fields
import tools import tools
from tools.translate import _ from tools.translate import _
from urllib import quote as quote from urllib import quote, urlencode
_logger = logging.getLogger(__name__) _logger = logging.getLogger(__name__)
@ -56,6 +56,7 @@ try:
mako_template_env.globals.update({ mako_template_env.globals.update({
'str': str, 'str': str,
'quote': quote, 'quote': quote,
'urlencode': urlencode,
}) })
except ImportError: except ImportError:
_logger.warning("jinja2 not available, templating features will not work!") _logger.warning("jinja2 not available, templating features will not work!")

View File

@ -6,7 +6,7 @@
<!--Email template --> <!--Email template -->
<record id="email_template_edi_sale" model="email.template"> <record id="email_template_edi_sale" model="email.template">
<field name="name">Sale Order - Send by Email (Portal)</field> <field name="name">Sale Order - Send by Email (Portal)</field>
<field name="email_from">${object.user_id.email or ''|safe}</field> <field name="email_from">${object.user_id.email or ''}</field>
<field name="subject">${object.company_id.name} ${object.state in ('draft', 'sent') and 'Quotation' or 'Order'} (Ref ${object.name or 'n/a' })</field> <field name="subject">${object.company_id.name} ${object.state in ('draft', 'sent') and 'Quotation' or 'Order'} (Ref ${object.name or 'n/a' })</field>
<field name="email_recipients">${object.partner_invoice_id.id}</field> <field name="email_recipients">${object.partner_invoice_id.id}</field>
<field name="model_id" ref="sale.model_sale_order"/> <field name="model_id" ref="sale.model_sale_order"/>
@ -32,7 +32,7 @@
&nbsp;&nbsp;Your reference: ${object.client_order_ref}<br /> &nbsp;&nbsp;Your reference: ${object.client_order_ref}<br />
% endif % endif
% if object.user_id: % if object.user_id:
&nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''|safe}?subject=Order%20${quote(object.name)|safe}">${object.user_id.name}</a> &nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''}?subject=Order%20${quote(object.name)|safe}">${object.user_id.name}</a>
% endif % endif
</p> </p>
@ -42,30 +42,26 @@
You can access this document and pay online via our Customer Portal: You can access this document and pay online via our Customer Portal:
</p> </p>
<a style="display:block; width: 150px; height:20px; margin-left: 120px; color: #DDD; font-family: 'Lucida Grande', Helvetica, Arial, sans-serif; font-size: 13px; font-weight: bold; text-align: center; text-decoration: none !important; line-height: 1; padding: 5px 0px 0px 0px; background-color: #8E0000; border-radius: 5px 5px; background-repeat: repeat no-repeat;" <a style="display:block; width: 150px; height:20px; margin-left: 120px; color: #DDD; font-family: 'Lucida Grande', Helvetica, Arial, sans-serif; font-size: 13px; font-weight: bold; text-align: center; text-decoration: none !important; line-height: 1; padding: 5px 0px 0px 0px; background-color: #8E0000; border-radius: 5px 5px; background-repeat: repeat no-repeat;"
href="${signup_url|safe}">View ${object.state in ('draft', 'sent') and 'Quotation' or 'Order'}</a> href="${signup_url}">View ${object.state in ('draft', 'sent') and 'Quotation' or 'Order'}</a>
% endif % endif
% if object.order_policy in ('prepaid','manual') and object.company_id.paypal_account and object.state != 'draft': % if object.order_policy in ('prepaid','manual') and object.company_id.paypal_account and object.state != 'draft':
<% set paypal_url = ("https://www.paypal.com/cgi-bin/webscr?cmd=_xclick" <% set paypal_url = "https://www.paypal.com/cgi-bin/webscr?" +
"&amp;business=%(paypal_account)s" urlencode({
"&amp;item_name=%(company_name)s%%20Order%%20%(order_name)s" "cmd": "_xclick",
"&amp;invoice=%(order_name)s" "business": object.company_id.paypal_account,
"&amp;amount=%(order_amount)s" "item_name": object.company_id.name + " Order " + object.name,
"&amp;currency_code=%(currency)s" "invoice": object.name,
"&amp;button_subtype=services" "amount": object.amount_total,
"&amp;no_note=1" "currency_code": object.pricelist_id.currency_id.name,
"&amp;bn=OpenERP_Order_PayNow_%(currency)s" "button_subtype": "services",
% { "no_note": "1",
'paypal_account': quote(object.company_id.paypal_account), "bn": "OpenERP_Order_PayNow_" + object.pricelist_id.currency_id.name,
'company_name': quote(object.company_id.name),
'order_name': quote(object.name),
'order_amount': quote(str(object.residual)),
'currency': quote(object.pricelist_id.currency_id.name),
}) })
%> %>
<br/> <br/>
<p>It is also possible to directly pay with Paypal:</p> <p>It is also possible to directly pay with Paypal:</p>
<a style="margin-left: 120px;" href="${paypal_url|safe}"> <a style="margin-left: 120px;" href="${paypal_url}">
<img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/> <img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/>
</a> </a>
% endif % endif
@ -101,7 +97,7 @@
% endif % endif
% if object.company_id.website: % if object.company_id.website:
<div> <div>
Web :&nbsp;<a href="${object.company_id.website|safe}">${object.company_id.website|safe}</a> Web :&nbsp;<a href="${object.company_id.website}">${object.company_id.website}</a>
</div> </div>
% endif % endif
<p></p> <p></p>
@ -112,7 +108,7 @@
<record id="email_template_edi_invoice" model="email.template"> <record id="email_template_edi_invoice" model="email.template">
<field name="name">Invoice - Send by Email (Portal)</field> <field name="name">Invoice - Send by Email (Portal)</field>
<field name="email_from">${object.user_id.email or object.company_id.email or 'noreply@localhost'|safe}</field> <field name="email_from">${object.user_id.email or object.company_id.email or 'noreply@localhost'}</field>
<field name="subject">${object.company_id.name} Invoice (Ref ${object.number or 'n/a' })</field> <field name="subject">${object.company_id.name} Invoice (Ref ${object.number or 'n/a' })</field>
<field name="email_recipients">${object.partner_id.id}</field> <field name="email_recipients">${object.partner_id.id}</field>
<field name="model_id" ref="account.model_account_invoice"/> <field name="model_id" ref="account.model_account_invoice"/>
@ -135,7 +131,7 @@
&nbsp;&nbsp;Order reference: ${object.origin}<br /> &nbsp;&nbsp;Order reference: ${object.origin}<br />
% endif % endif
% if object.user_id: % if object.user_id:
&nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''|safe}?subject=Invoice%20${object.number}">${object.user_id.name}</a> &nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''}?subject=Invoice%20${object.number}">${object.user_id.name}</a>
% endif % endif
</p> </p>
@ -149,26 +145,22 @@
% endif % endif
% if object.company_id.paypal_account and object.type in ('out_invoice'): % if object.company_id.paypal_account and object.type in ('out_invoice'):
<% set paypal_url = ("https://www.paypal.com/cgi-bin/webscr?cmd=_xclick" <% set paypal_url = "https://www.paypal.com/cgi-bin/webscr?" +
"&amp;business=%(paypal_account)s" urlencode({
"&amp;item_name=%(company_name)s%%20Invoice%%20%(inv)s" "cmd": "_xclick",
"&amp;invoice=%(inv)s" "business": object.company_id.paypal_account,
"&amp;amount=%(amount)s" "item_name": object.company_id.name + " Invoice " + object.number,
"&amp;currency_code=%(currency)s" "invoice": object.number,
"&amp;button_subtype=services" "amount": object.residual,
"&amp;no_note=1" "currency_code": object.currency_id.name,
"&amp;bn=OpenERP_Invoice_PayNow_%(currency)s" "button_subtype": "services",
% { "no_note": "1",
'paypal_account': quote(object.company_id.paypal_account), "bn": "OpenERP_Invoice_PayNow_" + object.currency_id.name,
'company_name': quote(object.company_id.name),
'inv': quote(object.number),
'amount': quote(str(object.residual)),
'currency': quote(object.currency_id.name),
}) })
%> %>
<br/> <br/>
<p>It is also possible to directly pay with Paypal:</p> <p>It is also possible to directly pay with Paypal:</p>
<a style="margin-left: 120px;" href="${paypal_url|safe}"> <a style="margin-left: 120px;" href="${paypal_url}">
<img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/> <img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/>
</a> </a>
% endif % endif
@ -204,7 +196,7 @@
% endif % endif
% if object.company_id.website: % if object.company_id.website:
<div> <div>
Web :&nbsp;<a href="${object.company_id.website|safe}">${object.company_id.website|safe}</a> Web :&nbsp;<a href="${object.company_id.website}">${object.company_id.website}</a>
</div> </div>
% endif % endif
<p></p> <p></p>

View File

@ -19,7 +19,7 @@
<!--Email template --> <!--Email template -->
<record id="email_template_edi_purchase" model="email.template"> <record id="email_template_edi_purchase" model="email.template">
<field name="name">Purchase Order - Send by mail</field> <field name="name">Purchase Order - Send by mail</field>
<field name="email_from">${object.validator.email or ''|safe}</field> <field name="email_from">${object.validator.email or ''}</field>
<field name="subject">${object.company_id.name} Order (Ref ${object.name or 'n/a' })</field> <field name="subject">${object.company_id.name} Order (Ref ${object.name or 'n/a' })</field>
<field name="email_recipients">${object.partner_id.id}</field> <field name="email_recipients">${object.partner_id.id}</field>
<field name="model_id" ref="purchase.model_purchase_order"/> <field name="model_id" ref="purchase.model_purchase_order"/>
@ -46,7 +46,7 @@
&nbsp;&nbsp;Your reference: ${object.partner_ref}<br /> &nbsp;&nbsp;Your reference: ${object.partner_ref}<br />
% endif % endif
% if object.validator: % if object.validator:
&nbsp;&nbsp;Your contact: <a href="mailto:${object.validator.email or ''|safe}?subject=Order%20${object.name}">${object.validator.name}</a> &nbsp;&nbsp;Your contact: <a href="mailto:${object.validator.email or ''}?subject=Order%20${object.name}">${object.validator.name}</a>
% endif % endif
</p> </p>
@ -81,7 +81,7 @@
% endif % endif
% if object.company_id.website: % if object.company_id.website:
<div> <div>
Web :&nbsp;<a href="${object.company_id.website|safe}">${object.company_id.website|safe}</a> Web :&nbsp;<a href="${object.company_id.website}">${object.company_id.website}</a>
</div> </div>
%endif %endif
<p></p> <p></p>

View File

@ -21,7 +21,7 @@
<!--Email template --> <!--Email template -->
<record id="email_template_edi_sale" model="email.template"> <record id="email_template_edi_sale" model="email.template">
<field name="name">Sale Order - Send by Email</field> <field name="name">Sale Order - Send by Email</field>
<field name="email_from">${object.user_id.email or ''|safe}</field> <field name="email_from">${object.user_id.email or ''}</field>
<field name="subject">${object.company_id.name} ${object.state in ('draft', 'sent') and 'Quotation' or 'Order'} (Ref ${object.name or 'n/a' })</field> <field name="subject">${object.company_id.name} ${object.state in ('draft', 'sent') and 'Quotation' or 'Order'} (Ref ${object.name or 'n/a' })</field>
<field name="email_recipients">${object.partner_invoice_id.id}</field> <field name="email_recipients">${object.partner_invoice_id.id}</field>
<field name="model_id" ref="sale.model_sale_order"/> <field name="model_id" ref="sale.model_sale_order"/>
@ -48,31 +48,27 @@
&nbsp;&nbsp;Your reference: ${object.client_order_ref}<br /> &nbsp;&nbsp;Your reference: ${object.client_order_ref}<br />
% endif % endif
% if object.user_id: % if object.user_id:
&nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''|safe}?subject=Order%20${object.name}">${object.user_id.name}</a> &nbsp;&nbsp;Your contact: <a href="mailto:${object.user_id.email or ''}?subject=Order%20${object.name}">${object.user_id.name}</a>
% endif % endif
</p> </p>
% if object.order_policy in ('prepaid','manual') and object.company_id.paypal_account and object.state != 'draft': % if object.order_policy in ('prepaid','manual') and object.company_id.paypal_account and object.state != 'draft':
<% set paypal_url = ("https://www.paypal.com/cgi-bin/webscr?cmd=_xclick" <% set paypal_url = "https://www.paypal.com/cgi-bin/webscr?" +
"&amp;business=%(paypal_account)s" urlencode({
"&amp;item_name=%(company_name)s%%20Order%%20%(order_name)s" "cmd": "_xclick",
"&amp;invoice=%(order_name)s" "business": object.company_id.paypal_account,
"&amp;amount=%(order_amount)s" "item_name": object.company_id.name + " Order " + object.name,
"&amp;currency_code=%(currency)s" "invoice": object.name,
"&amp;button_subtype=services" "amount": object.amount_total,
"&amp;no_note=1" "currency_code": object.pricelist_id.currency_id.name,
"&amp;bn=OpenERP_Order_PayNow_%(currency)s" "button_subtype": "services",
% { "no_note": "1",
'paypal_account': quote(object.company_id.paypal_account), "bn": "OpenERP_Order_PayNow_" + object.pricelist_id.currency_id.name,
'company_name': quote(object.company_id.name),
'order_name': quote(object.name),
'order_amount': quote(str(object.amount_total)),
'currency': quote(object.pricelist_id.currency_id.name),
}) })
%> %>
<br/> <br/>
<p>It is also possible to directly pay with Paypal:</p> <p>It is also possible to directly pay with Paypal:</p>
<a style="margin-left: 120px;" href="${paypal_url|safe}"> <a style="margin-left: 120px;" href="${paypal_url}">
<img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/> <img class="oe_edi_paypal_button" src="https://www.paypal.com/en_US/i/btn/btn_paynowCC_LG.gif"/>
</a> </a>
% endif % endif
@ -108,7 +104,7 @@
% endif % endif
% if object.company_id.website: % if object.company_id.website:
<div> <div>
Web :&nbsp;<a href="${object.company_id.website|safe}">${object.company_id.website|safe}</a> Web :&nbsp;<a href="${object.company_id.website}">${object.company_id.website}</a>
</div> </div>
%endif %endif
<p></p> <p></p>