[FIX] website_mail: forbid access to email_designer routes to public user
bzr revid: chs@openerp.com-20140228151544-ipoih9c924rsbqi1
This commit is contained in:
parent
47c4728f43
commit
a5fc14193d
|
@ -7,7 +7,7 @@ from openerp.addons.web.http import request
|
|||
|
||||
class WebsiteEmailDesigner(http.Controller):
|
||||
|
||||
@http.route('/website_mail/email_designer/<model("email.template"):template>/', type='http', auth="public", website=True, multilang=True)
|
||||
@http.route('/website_mail/email_designer/<model("email.template"):template>/', type='http', auth="user", website=True, multilang=True)
|
||||
def index(self, template, **kw):
|
||||
values = {
|
||||
'template': template,
|
||||
|
@ -15,6 +15,6 @@ class WebsiteEmailDesigner(http.Controller):
|
|||
print template
|
||||
return request.website.render("website_mail.designer_index", values)
|
||||
|
||||
@http.route(['/website_mail/snippets'], type='json', auth="public", website=True)
|
||||
@http.route(['/website_mail/snippets'], type='json', auth="user", website=True)
|
||||
def snippets(self):
|
||||
return request.website._render('website_mail.email_designer_snippets')
|
||||
|
|
Loading…
Reference in New Issue