Commit 8e9d647d authored by Cédric Le Ninivin's avatar Cédric Le Ninivin

erp5_free_subscription: Update Base_unsusbscribe to work for none anonymous and redirect

parent 98181cc1
......@@ -57,13 +57,10 @@ portal = context.getPortalObject()\n
request = context.REQUEST\n
event_id = request[\'id\']\n
\n
user = portal.ERP5Site_getAuthenticatedMemberPersonValue()\n
# If we have a logged in user it\'s probably a backoffice agent.\n
if user is None:\n
# If the referer contains the url of the event we are probably viewing the event\n
# from ERP5 interface. We do not want to mark the event as delivered in that case\n
# It can also be from fckeditor, in this case we don\'t have the event url in REFERER.\n
if not ( (\'/event_module/%s\' % event_id) in request.HTTP_REFERER or \'fckeditor\' in request.HTTP_REFERER):\n
# If the referer contains the url of the event we are probably viewing the event\n
# from ERP5 interface. We do not want to mark the event as delivered in that case\n
# It can also be from fckeditor, in this case we don\'t have the event url in REFERER.\n
if not ( (\'/event_module/%s\' % event_id) in request.HTTP_REFERER or \'fckeditor\' in request.HTTP_REFERER):\n
if portal.Base_getHMACHexdigest(portal.Base_getEventHMACKey(), event_id) != request["hash"]:\n
from zExceptions import Unauthorized\n
raise Unauthorized()\n
......@@ -73,8 +70,8 @@ if user is None:\n
event_id=request[\'id\'], \n
hmac=request["hash"])\n
\n
# serve the web-page that will display a "Sucessfully unsubscribe" message\n
return context.index_html(request, request.RESPONSE, format=None)\n
# serve the image\n
return context.Base_redirect(\'\')\n
</string> </value>
</item>
<item>
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment