[FIX] odex_takaful: public api should use sudo to get documents

2026-01-04 10:41:05 +01:00 · 2026-01-04 10:41:05 +01:00 · 8da1a691e7
parent f14484d642
commit 8da1a691e7
1 changed files with 4 additions and 4 deletions
--- a/odex25_takaful/odex_takaful/controllers/report_api.py
+++ b/odex25_takaful/odex_takaful/controllers/report_api.py
@ -24,7 +24,7 @@ class ReportController(http.Controller):
            '/sponsorship/<converter>/<reportname>/<docids>',
        ], type='http', auth='public', website=True)
    def report_routes(self, reportname, docids=None, converter=None, **data):
-        report = request.env['ir.actions.report']._get_report_from_name(reportname)
+        report = request.env['ir.actions.report'].sudo()._get_report_from_name(reportname)
        context = dict(request.env.context)

        if docids:
@ -39,14 +39,14 @@ class ReportController(http.Controller):
                del data['context']['lang']
            context.update(data['context'])
        if converter == 'html':
-            html = report.with_context(context)._render_qweb_html(docids, data=data)[0]
+            html = report.with_context(context).sudo()._render_qweb_html(docids, data=data)[0]
            return request.make_response(html)
        elif converter == 'pdf':
-            pdf = report.with_context(context)._render_qweb_pdf(docids, data=data)[0]
+            pdf = report.with_context(context).sudo()._render_qweb_pdf(docids, data=data)[0]
            pdfhttpheaders = [('Content-Type', 'application/pdf'), ('Content-Length', len(pdf))]
            return request.make_response(pdf, headers=pdfhttpheaders)
        elif converter == 'text':
-            text = report.with_context(context)._render_qweb_text(docids, data=data)[0]
+            text = report.with_context(context).sudo()._render_qweb_text(docids, data=data)[0]
            texthttpheaders = [('Content-Type', 'text/plain'), ('Content-Length', len(text))]
            return request.make_response(text, headers=texthttpheaders)
        else: