ad553b1082
Both portals share the existing fusion.repair.intake.service so behaviour
stays identical across all three intake surfaces (backend wizard,
sales rep portal, public client portal).
Sales rep portal
- Hard depends on fusion_authorizer_portal (reuses is_sales_rep_portal
flag + group_sales_rep_portal scaffolding)
- /my/repair/new - mobile-friendly intake form with phone-first
partner search (jsonrpc lookup), category select, third-party flag,
urgency, photo capture
- /my/repairs - list of repairs the rep submitted (paginated)
- /my/repair/<id> - read-only detail with status, equipment, scheduled
visit
- Interaction-class JS (Odoo 19 public.interactions), safe DOM construction
- Mobile SCSS with 44px tap targets, sticky CTA on small screens
- Record rule scopes portal users to repairs where
x_fc_intake_user_id = user.id
Public client portal
- auth='public' - voicemail-ready /repair URL
- /repair - landing page with 911 disclaimer and Start CTA
- /repair/new - single-page form: contact, equipment, issue, urgency,
optional photos. QR pre-fill via ?sn=<serial>
- /repair/submit - CSRF + honeypot + per-IP rate limit (configurable);
finds or creates partner; calls intake service with sudo
- /repair/thanks - confirmation with reference number
- /repair/lookup_phone (jsonrpc) - safe partner match returning ONLY
masked name (first + last initial) + city (no other PII leakage)
Security fix: technician record rule on repair.order now uses STORED
fields (technician_id + additional_technician_ids) instead of the
non-stored all_technician_ids compute, which was failing SQL generation.
Verified end-to-end on local westin-v19:
- Sales rep create via intake service with the rep user context creates
the repair with x_fc_intake_source='sales_rep_portal' and proper
activities
- /repair/submit posts urlencoded data -> creates partner + repair
('BR-WA/RO/00010', source='client_portal', urgency='urgent') ->
redirects to /repair/thanks with the reference
Co-authored-by: Cursor <cursoragent@cursor.com>
108 lines
3.4 KiB
JavaScript
108 lines
3.4 KiB
JavaScript
/** @odoo-module **/
|
|
// Sales rep portal - new service call form interactions.
|
|
// Uses Odoo 19 public Interaction class per project frontend rules
|
|
// (NOT IIFE / DOMContentLoaded). Uses only safe DOM construction
|
|
// (textContent + createElement) - no innerHTML, no XSS risk.
|
|
|
|
import { Interaction } from "@web/public/interaction";
|
|
import { registry } from "@web/core/registry";
|
|
import { rpc } from "@web/core/network/rpc";
|
|
|
|
export class SalesRepRepairIntake extends Interaction {
|
|
static selector = ".o_fusion_repairs_portal";
|
|
|
|
dynamicContent = {
|
|
"#partner_search": {
|
|
"t-on-input": this._onPartnerSearchInput,
|
|
},
|
|
};
|
|
|
|
setup() {
|
|
this._partnerSearchTimer = null;
|
|
}
|
|
|
|
_onPartnerSearchInput(ev) {
|
|
const query = (ev.target.value || "").trim();
|
|
if (this._partnerSearchTimer) {
|
|
clearTimeout(this._partnerSearchTimer);
|
|
}
|
|
if (query.length < 3) {
|
|
this._renderMatches([]);
|
|
return;
|
|
}
|
|
this._partnerSearchTimer = setTimeout(async () => {
|
|
try {
|
|
const result = await rpc("/my/repair/lookup_partner", { query });
|
|
this._renderMatches(result.matches || []);
|
|
} catch (e) {
|
|
this._renderMatches([]);
|
|
}
|
|
}, 250);
|
|
}
|
|
|
|
_renderMatches(matches) {
|
|
const list = document.getElementById("partner_matches");
|
|
if (!list) {
|
|
return;
|
|
}
|
|
while (list.firstChild) {
|
|
list.removeChild(list.firstChild);
|
|
}
|
|
for (const m of matches) {
|
|
list.appendChild(this._buildMatchItem(m));
|
|
}
|
|
}
|
|
|
|
_buildMatchItem(m) {
|
|
const item = document.createElement("button");
|
|
item.type = "button";
|
|
item.className = "list-group-item list-group-item-action text-start";
|
|
|
|
const nameStrong = document.createElement("strong");
|
|
nameStrong.textContent = m.name || "";
|
|
item.appendChild(nameStrong);
|
|
|
|
if (m.phone) {
|
|
const phone = document.createElement("span");
|
|
phone.className = "text-muted ms-2";
|
|
phone.textContent = m.phone;
|
|
item.appendChild(phone);
|
|
}
|
|
|
|
if (m.repair_count) {
|
|
const badge = document.createElement("span");
|
|
badge.className = "badge bg-secondary ms-2";
|
|
badge.textContent = `${m.repair_count} repair(s)`;
|
|
item.appendChild(badge);
|
|
}
|
|
|
|
if (m.street) {
|
|
const addr = document.createElement("div");
|
|
addr.className = "small text-muted";
|
|
addr.textContent = [m.street, m.city].filter(Boolean).join(", ");
|
|
item.appendChild(addr);
|
|
}
|
|
|
|
item.addEventListener("click", () => this._selectPartner(m));
|
|
return item;
|
|
}
|
|
|
|
_selectPartner(m) {
|
|
document.getElementById("partner_id_input").value = m.id;
|
|
document.getElementById("partner_selected_name").textContent =
|
|
m.name + (m.phone ? ` (${m.phone})` : "");
|
|
document
|
|
.getElementById("partner_selected")
|
|
.classList.remove("d-none");
|
|
const list = document.getElementById("partner_matches");
|
|
while (list.firstChild) {
|
|
list.removeChild(list.firstChild);
|
|
}
|
|
document.getElementById("partner_search").value = m.name;
|
|
}
|
|
}
|
|
|
|
registry
|
|
.category("public.interactions")
|
|
.add("fusion_repairs.sales_rep_intake", SalesRepRepairIntake);
|