[PATCH] Upstream patch - 31102023

addons/http_routing/models/ir_http.py

@@ -8,6 +8,7 @@ import unicodedata
 import werkzeug.exceptions
 import werkzeug.routing
 import werkzeug.urls
+from werkzeug._compat import wsgi_encoding_dance
 
 # optional python-slugify import (https://github.com/un33k/python-slugify)
 try:
@@ -519,6 +520,7 @@ class IrHttp(models.AbstractModel):
 
     @classmethod
     def reroute(cls, path):
+        path = wsgi_encoding_dance(path)
         if not hasattr(request, 'rerouting'):
             request.rerouting = [request.httprequest.path]
         if path in request.rerouting:

addons/iap/models/iap_account.py

@@ -100,9 +100,27 @@ class IapAccount(models.Model):
         """ Called only by res settings """
         route = '/iap/services'
         endpoint = iap_tools.iap_get_endpoint(self.env)
-        d = {'dbuuid': self.env['ir.config_parameter'].sudo().get_param('database.uuid')}
+        all_accounts = self.search([
+            '|',
+            ('company_ids', '=', self.env.company.id),
+            ('company_ids', '=', False),
+        ])
 
-        return '%s?%s' % (endpoint + route, werkzeug.urls.url_encode(d))
+        global_account_per_service = {
+            account.service_name: account.account_token
+            for account in all_accounts.filtered(lambda acc: not acc.company_ids)
+        }
+        company_account_per_service = {
+            account.service_name: account.account_token
+            for account in all_accounts.filtered(lambda acc: acc.company_ids)
+        }
+
+        # Prioritize company specific accounts over global accounts
+        account_per_service = {**global_account_per_service, **company_account_per_service}
+
+        parameters = {'tokens': list(account_per_service.values())}
+
+        return '%s?%s' % (endpoint + route, werkzeug.urls.url_encode(parameters))
 
     @api.model
     def get_config_account_url(self):

addons/website/tests/test_lang_url.py

@@ -60,3 +60,7 @@ class TestLangUrl(HttpCase):
         r = self.url_open(url)
         self.assertEqual(r.status_code, 200)
         self.assertTrue('lang="fr-FR"' in r.text, "Ensure contactus did not soft crash + loaded in correct lang")
+
+    def test_05_reroute_unicode(self):
+        res = self.url_open('/fr/привет')
+        self.assertEqual(res.status_code, 404, "Rerouting didn't crash because of non latin-1 characters")

addons/website_form/controllers/main.py

@@ -13,8 +13,9 @@ from flectra import http, SUPERUSER_ID
 from flectra.http import request
 from flectra.tools import DEFAULT_SERVER_DATE_FORMAT, DEFAULT_SERVER_DATETIME_FORMAT
 from flectra.tools.translate import _, _lt
-from flectra.exceptions import ValidationError, UserError
+from flectra.exceptions import AccessDenied, ValidationError, UserError
 from flectra.addons.base.models.ir_qweb_fields import nl2br
+from flectra.tools.misc import hmac, consteq
 
 
 class WebsiteForm(http.Controller):
@@ -71,6 +72,15 @@ class WebsiteForm(http.Controller):
                 # in case of an email, we want to send it immediately instead of waiting
                 # for the email queue to process
                 if model_name == 'mail.mail':
+                    form_has_email_cc = {'email_cc', 'email_bcc'} & kwargs.keys() or \
+                        'email_cc' in kwargs["website_form_signature"]
+                    # remove the email_cc information from the signature
+                    if kwargs.get("email_to"):
+                        kwargs["website_form_signature"] = kwargs["website_form_signature"].split(':')[0]
+                        value = kwargs['email_to'] + (':email_cc' if form_has_email_cc else '')
+                        hash_value = hmac(model_record.env, 'website_form_signature', value)
+                        if not consteq(kwargs["website_form_signature"], hash_value):
+                            raise AccessDenied('invalid website_form_signature')
                     request.env[model_name].sudo().browse(id_record).send()
 
         # Some fields have additional SQL constraints that we can't check generically
@@ -171,7 +181,7 @@ class WebsiteForm(http.Controller):
                     error_fields.append(field_name)
 
             # If it's a custom field
-            elif field_name != 'context':
+            elif field_name not in ('context', 'website_form_signature'):
                 custom_fields.append((field_name, field_value))
 
         data['custom'] = "\n".join([u"%s : %s" % v for v in custom_fields])
@@ -204,7 +214,8 @@ class WebsiteForm(http.Controller):
     def insert_record(self, request, model, values, custom, meta=None):
         model_name = model.sudo().model
         if model_name == 'mail.mail':
-            values.update({'reply_to': values.get('email_from')})
+            email_from = _('"%s form submission" <%s>') % (request.env.company.name, request.env.company.email)
+            values.update({'reply_to': values.get('email_from'), 'email_from': email_from})
         record = request.env[model_name].with_user(SUPERUSER_ID).with_context(
             mail_create_nosubscribe=True,
             commit_assetsbundle=False,

addons/website_form/models/__init__.py

@@ -1 +1,2 @@
 from . import models
+from . import ir_ui_view

addons/website_form/models/ir_ui_view.py

@@ -0,0 +1,39 @@
+# -*- coding: utf-8 -*-
+from lxml import etree
+
+from flectra import models
+from flectra.tools.misc import hmac
+
+
+class View(models.Model):
+
+    _inherit = "ir.ui.view"
+
+    def read_combined(self, fields=None):
+        root = super(View, self).read_combined(fields)
+        if self.type != "qweb" or '/website_form/' not in root['arch']:  #Performance related check, reduce the amount of operation for unrelated views
+            return root
+        root_node = etree.fromstring(root['arch'])
+        nodes = root_node.xpath('.//form[contains(@action, "/website_form/")]')
+        for form in nodes:
+            existing_hash_node = form.find('.//input[@type="hidden"][@name="website_form_signature"]')
+            if existing_hash_node is not None:
+                existing_hash_node.getparent().remove(existing_hash_node)
+            input_nodes = form.xpath('.//input[contains(@name, "email_")]')
+            form_values = {input_node.attrib['name']: input_node for input_node in input_nodes}
+            # if this form does not send an email, ignore. But at this stage,
+            # the value of email_to can still be None in case of default value
+            if 'email_to' not in form_values.keys():
+                continue
+            elif not form_values['email_to'].attrib.get('value'):
+                form_values['email_to'].attrib['value'] = self.env.company.email or ''
+            has_cc = {'email_cc', 'email_bcc'} & form_values.keys()
+            value = form_values['email_to'].attrib['value'] + (':email_cc' if has_cc else '')
+            hash_value = hmac(self.sudo().env, 'website_form_signature', value)
+            hash_node = '<input type="hidden" class="form-control s_website_form_input s_website_form_custom" name="website_form_signature" value=""/>'
+            if has_cc:
+                hash_value += ':email_cc'
+            form_values['email_to'].addnext(etree.fromstring(hash_node))
+            form_values['email_to'].getnext().attrib['value'] = hash_value
+        root['arch'] = etree.tostring(root_node)
+        return root

addons/website_form/models/models.py

@@ -31,13 +31,17 @@ class website_form_model(models.Model):
         builders and are writable. By default no field is writable by the
         form builder.
         """
-        included = {
-            field.name
-            for field in self.env['ir.model.fields'].sudo().search([
-                ('model_id', '=', self.id),
-                ('website_form_blacklisted', '=', False)
-            ])
-        }
+        if self.model == "mail.mail":
+            included = {'email_from', 'email_to', 'email_cc', 'email_bcc', 'body', 'reply_to', 'subject'}
+        else:
+            included = {
+                field.name
+                for field in self.env['ir.model.fields'].sudo().search([
+                    ('model_id', '=', self.id),
+                    ('website_form_blacklisted', '=', False)
+                ])
+            }
+
         return {
             k: v for k, v in self.get_authorized_fields(self.model).items()
             if k in included

addons/website_form/static/tests/tours/website_form_editor.js

@@ -332,7 +332,8 @@ flectra.define('website_form_editor.tour', function (require) {
                             ":has(.s_website_form_field.s_website_form_required:has(label:contains('State')):has(select[name='State'][required]:has(option[value='France'])))" +
                             ":has(.s_website_form_field:has(label:contains('State')):has(select[name='State'][required]:has(option[value='Canada'])))" +
                             ":has(.s_website_form_field:has(label:contains('Invoice Scan')))" +
-                            ":has(.s_website_form_field:has(input[name='email_to'][value='test@test.test']))",
+                            ":has(.s_website_form_field:has(input[name='email_to'][value='test@test.test']))" + 
+                            ":has(.s_website_form_field:has(input[name='website_form_signature']))",
             trigger:  ".s_website_form_send"
         },
         {