Fixing code to make website odoo.plus work with recent changes.

odoo_tools/app/mixins/dispatchers.py

@@ -41,9 +41,13 @@ def format_response(self, request, result):
     def dispatch(self, request):
         from werkzeug.exceptions import HTTPException
         self.apply_params(request)
+
+        args = {}
+        args.update(request.params)
+        args.update(request.args)
 
         try:
-            result = request.endpoint(**request.params)
+            result = request.endpoint(**args)
             result = self.handle_result(request, result)
         except HTTPException:
             raise

odoo_tools/app/mixins/response.py

@@ -0,0 +1,109 @@
+class LaxCookieMixin(object):
+    """
+    Fix the set_cookie method to use the Lax samesite
+    value as the implicit default value changed in recent
+    browsers.
+    """
+    def set_cookie(
+        self,
+        key,
+        value='',
+        max_age=None,
+        expires=None,
+        path='/',
+        domain=None,
+        secure=None,
+        httponly=False,
+        samesite=None
+    ):
+        # Lax is the new default for samesite, unfortunately
+        # when setting samesite=None, it simply ignores the
+        # value None instead of outputting the value as it is
+        # set.
+        # As a result werkzeug can only set it to:
+
+        # Lax explicit
+        # Strict explicit
+        # Lax implicit
+        if samesite is None:
+            samesite = 'Lax'
+
+        return super().set_cookie(
+            key=key,
+            value=value,
+            max_age=max_age,
+            expires=expires,
+            path=path,
+            domain=domain,
+            secure=secure,
+            httponly=httponly,
+            samesite=samesite
+        )
+
+
+class SecureCookieMixin(object):
+    """
+    Define an secure cookie unless asked otherwise.
+    """
+    def set_cookie(
+        self,
+        key,
+        value='',
+        max_age=None,
+        expires=None,
+        path='/',
+        domain=None,
+        secure=None,
+        httponly=False,
+        samesite=None
+    ):
+        if secure is None:
+            secure = True
+        else:
+            secure = secure or False
+
+        return super().set_cookie(
+            key=key,
+            value=value,
+            max_age=max_age,
+            expires=expires,
+            path=path,
+            domain=domain,
+            secure=secure,
+            httponly=httponly,
+            samesite=samesite
+        )
+
+
+class InsecureCookieMixin(object):
+    """
+    Define an insecure cookie unless asked otherwise.
+    """
+    def set_cookie(
+        self,
+        key,
+        value='',
+        max_age=None,
+        expires=None,
+        path='/',
+        domain=None,
+        secure=None,
+        httponly=False,
+        samesite=None
+    ):
+        if secure is None:
+            secure = False
+        else:
+            secure = secure or True
+
+        return super().set_cookie(
+            key=key,
+            value=value,
+            max_age=max_age,
+            expires=expires,
+            path=path,
+            domain=domain,
+            secure=secure,
+            httponly=httponly,
+            samesite=samesite
+        )

odoo_tools/app/mixins/routers.py

@@ -29,8 +29,9 @@ def match(self, request):
 
         ir_http._handle_debug()
 
-        # TODO set in a better place?
-        request.lang = ir_http._get_default_lang()
+        # TODO set in a better place? should have http_routing loaded
+        # but not all db may have it loaded.
+        # request.lang = ir_http._get_default_lang()
 
         rule = ir_http._match(request.httprequest.path)
 

odoo_tools/overlays/common/odoo/http.py

@@ -160,41 +160,9 @@ class __patch__:
     """
     Hidden block to prevent poluting the parent scope.
     """
-
-    def set_cookie(
-        self,
-        key,
-        value='',
-        max_age=None,
-        expires=None,
-        path='/',
-        domain=None,
-        secure=False,
-        httponly=False,
-        samesite=None
-    ):
-        # Lax is the new default for samesite, unfortunately
-        # when setting samesite=None, it simply ignores the
-        # value None instead of outputting the value as it is
-        # set.
-        # As a result werkzeug can only set it to:
-
-        # Lax explicit
-        # Strict explicit
-        # Lax implicit
-        if samesite is None:
-            samesite = 'Lax'
-
-        return super(Response, self).set_cookie(
-            key=key,
-            value=value,
-            max_age=max_age,
-            expires=expires,
-            path=path,
-            domain=domain,
-            secure=True,
-            httponly=httponly,
-            samesite=samesite
-        )
-
-    Response.set_cookie = set_cookie
+    # TODO make mixin Secure / Insecure
+    from odoo_tools.app.mixins.response import LaxCookieMixin, SecureCookieMixin
+    Response.__bases__ = (
+        LaxCookieMixin,
+        *Response.__bases__
+    )

odoo_tools/requirements/requirements-15.0.txt

@@ -11,7 +11,7 @@ greenlet>=0.4.10
 idna==2.8
 Jinja2==2.11.3 # min version = 2.10.1 (Focal - with security backports)
 libsass==0.18.0
-lxml==4.6.5 # min version = 4.5.0 (Focal - with security backports)
+lxml>=4.5.0 # min version = 4.5.0 (Focal - with security backports)
 MarkupSafe==1.1.0
 num2words==0.5.6
 ofxparse==0.19
@@ -28,7 +28,7 @@ PyPDF2==1.26,<2.0
 pypiwin32 ; sys_platform == 'win32'
 pyserial==3.4
 python-dateutil==2.7.3
-python-ldap==3.4.0 ; sys_platform != 'win32'  # min version = 3.2.0 (Focal with security backports)
+python-ldap>=3.4.0 ; sys_platform != 'win32'  # min version = 3.2.0 (Focal with security backports)
 python-stdnum==1.13
 pytz==2019.3
 pyusb==1.0.2