[IMP] web: create generic controller '/web/content' and '/web/image'

Replace deprecate controllers like /web/binary/image, /web/binary/saveas...
Use ETag for all content with 'unique' option to cache the content if the content is never changed.

addons/gamification/static/src/js/gamification.js

@@ -113,7 +113,7 @@ var Sidebar = Widget.extend({
     render_user_avatars: function(item) {
         item.find(".oe_user_avatar").each(function() {
             var user_id = parseInt( $(this).attr('data-id'), 10);
-            var url = session.url('/web/binary/image', {model: 'res.users', field: 'image_small', id: user_id});
+            var url = session.url('/web/image', {model: 'res.users', field: 'image_small', id: user_id});
             $(this).attr("src", url);
         });
     }

addons/im_chat/static/src/js/im_chat_backend.js

@@ -235,7 +235,7 @@ var InstantMessaging = Widget.extend({
             self.widgets = {};
             self.users = [];
             _.each(result, function(user) {
-                user.image_url = session.url('/web/binary/image', {model:'res.users', field: 'image_small', id: user.id});
+                user.image_url = session.url('/web/image', {model:'res.users', field: 'image_small', id: user.id});
                 var widget = new UserWidget(self, user);
                 widget.appendTo(self.$(".oe_im_users"));
                 widget.on("user_clicked", self, self.user_clicked);

addons/mail/controllers/main.py

@@ -13,22 +13,6 @@
 class MailController(http.Controller):
     _cp_path = '/mail'
 
-    @http.route('/mail/download_attachment', type='http', auth='user')
-    def download_attachment(self, model, id, method, attachment_id, **kw):
-        # FIXME use /web/binary/saveas directly
-        Model = request.registry.get(model)
-        res = getattr(Model, method)(request.cr, request.uid, int(id), int(attachment_id))
-        if res:
-            filecontent = base64.b64decode(res.get('base64'))
-            filename = res.get('filename')
-            content_type = mimetypes.guess_type(filename)
-            if filecontent and filename:
-                return request.make_response(
-                    filecontent,
-                    headers=[('Content-Type', content_type[0] or 'application/octet-stream'),
-                             ('Content-Disposition', content_disposition(filename))])
-        return request.not_found()
-
     @http.route('/mail/receive', type='json', auth='none')
     def receive(self, req):
         """ End-point to receive mail from an external SMTP server. """

addons/mail/models/mail_message.py

@@ -142,22 +142,6 @@ def _search_starred(self, operator, operand):
     def _needaction_domain_get(self):
         return [('needaction', '=', True)]
 
-    #------------------------------------------------------
-    # download an attachment
-    #------------------------------------------------------
-
-    @api.multi
-    def download_attachment(self, attachment_id):
-        self.ensure_one()
-        if attachment_id in self.attachment_ids.ids:
-            attachment = self.env['ir.attachment'].sudo().browse(attachment_id)
-            if attachment.datas and attachment.datas_fname:
-                return {
-                    'base64': attachment.datas,
-                    'filename': attachment.datas_fname,
-                }
-        return False
-
     #------------------------------------------------------
     # Notification API
     #------------------------------------------------------

addons/mail/static/src/js/mail.js

@@ -253,7 +253,7 @@ var Attachment = Widget.extend ({
         for (var l in message.attachment_ids) {
             var attach = message.attachment_ids[l];
             if (!attach.formating) {
-                attach.url = mail_utils.get_attachment_url(session, message.id, attach.id);
+                attach.url = '/web/content/' + attach.id + '?download=true';
                 attach.name = mail_utils.breakword(attach.name || attach.filename);
                 attach.formating = true;
             }
@@ -264,13 +264,6 @@ var Attachment = Widget.extend ({
     display_attachments: function (message) {
         return QWeb.render('ThreadMessageAttachments', {'record': message, 'widget': this});
     },
-
-    /**
-     * Return the link to resized image
-     */
-    attachments_resize_image: function (id, resize) {
-        return mail_utils.get_image(session, 'ir.attachment', 'datas', id, resize);
-    },
 });
 
 /**
@@ -907,11 +900,9 @@ var MailThread = Attachment.extend ({
             avt = ('/mail/static/src/img/email_icon.png');
         }
         else if (author) {
-            avt  = mail_utils.get_image(
-                session, 'res.partner', 'image_small', author[0]);
+            avt  = '/web/image/res.partner/' + author[0] + '/image_small';
         }else {
-            avt = mail_utils.get_image(
-                session, 'res.users', 'image_small', session.uid);
+            avt  = '/web/image/res.partner/' + session.uid + '/image_small';
         }
         return avt;
     },
@@ -1388,7 +1379,7 @@ var ComposeMessage = Attachment.extend ({
                         'id': result.id,
                         'name': result.name,
                         'filename': result.filename,
-                        'url': mail_utils.get_attachment_url(session, this.id, result.id)
+                        'url': '/web/content/' + result.id + '?download=true'
                     };
                 }
             }

addons/mail/static/src/js/mail_followers.js

@@ -241,7 +241,7 @@ var Followers = form_common.AbstractField.extend({
         // truncate number of displayed followers
         _(this.followers).each(function (record) {
             $(qweb.render('mail_followers_partner', {
-                'record': _.extend(record, {'avatar_url': mail_utils.get_image(session, record['res_model'], 'image_small', record['res_id'])}),
+                'record': _.extend(record, {'avatar_url': '/web/image/' + record['res_model'] + '/' + record['res_id'] + '/image_small'}),
                 'widget': self})
             ).appendTo(node_user_list);
             // On mouse-enter it will show the edit_subtype pencil.
@@ -417,4 +417,4 @@ var Followers = form_common.AbstractField.extend({
 /* Add the widget to registry */
 core.form_widget_registry.add('mail_followers', Followers);
 
-});
+});

addons/mail/static/src/js/mail_utils.js

@@ -27,23 +27,6 @@ function parse_email(text) {
     return [text, false];
 }
 
-/* Get an image in /web/binary/image?... */
-function get_image(session, model, field, id, resize) {
-    var r = resize ? encodeURIComponent(resize) : '';
-    id = id || '';
-    return session.url('/web/binary/image', {model: model, field: field, id: id, resize: r});
-}
-
-/* Get the url of an attachment {'id': id} */
-function get_attachment_url(session, message_id, attachment_id) {
-    return session.url('/mail/download_attachment', {
-        'model': 'mail.message',
-        'id': message_id,
-        'method': 'download_attachment',
-        'attachment_id': attachment_id
-    });
-}
-
 /**
  * Replaces some expressions
  * - :name - shortcut to an image
@@ -125,8 +108,6 @@ function bindTooltipTo($el, value, position) {
 
 return {
     parse_email: parse_email,
-    get_image: get_image,
-    get_attachment_url: get_attachment_url,
     do_replace_expressions: do_replace_expressions,
     get_text2html: get_text2html,
     expand_domain: expand_domain,

addons/mail/static/src/xml/mail.xml

@@ -208,7 +208,7 @@
         <t t-if="attachment.file_type_icon === 'webimage'">
             <div t-attf-class="oe_attachment oe_preview #{attachment.upload ? 'oe_uploading' : ''}">
                 <a t-att-href='attachment.url' target="_blank">
-                    <img t-att-src="widget.attachments_resize_image(attachment.id, [100,80])"></img>
+                    <img t-attf-src="/web/image/#{attachment.id}/100x80"></img>
                     <div class='oe_name'><t t-raw='attachment.name'/></div>
                 </a>
                 <div class='oe_delete oe_e'>

addons/mail/tests/test_mail_message.py

@@ -186,11 +186,12 @@ def test_mail_message_access_read_notification(self):
             'datas': 'My attachment'.encode('base64'),
             'name': 'doc.txt',
             'datas_fname': 'doc.txt'})
+        # attach the attachment to the message
         self.message.write({'attachment_ids': [(4, attachment.id)]})
         self.message.write({'partner_ids': [(4, self.user_employee.partner_id.id)]})
         self.message.sudo(self.user_employee).read()
-        # Test: Bert downloads attachment, ok because he can read message
-        self.message.sudo(self.user_employee).download_attachment(attachment.id)
+        # Test: Bert has access to attachment, ok because he can read message
+        attachment.sudo(self.user_employee).read(['name', 'datas'])
 
     def test_mail_message_access_read_author(self):
         self.message.write({'author_id': self.user_employee.partner_id.id})

addons/point_of_sale/static/src/js/screens.js

@@ -624,7 +624,7 @@ var ProductCategoriesWidget = PosBaseWidget.extend({
     },
 
     get_image_url: function(category){
-        return window.location.origin + '/web/binary/image?model=pos.category&field=image_medium&id='+category.id;
+        return window.location.origin + '/web/image?model=pos.category&field=image_medium&id='+category.id;
     },
 
     render_category: function( category, with_image ){
@@ -771,7 +771,7 @@ var ProductListWidget = PosBaseWidget.extend({
         this.renderElement();
     },
     get_product_image_url: function(product){
-        return window.location.origin + '/web/binary/image?model=product.product&field=image_medium&id='+product.id;
+        return window.location.origin + '/web/image?model=product.product&field=image_medium&id='+product.id;
     },
     replace: function($target){
         this.renderElement();
@@ -1109,7 +1109,7 @@ var ClientListScreenWidget = ScreenWidget.extend({
         }
     },
     partner_icon_url: function(id){
-        return '/web/binary/image?model=res.partner&id='+id+'&field=image_small';
+        return '/web/image?model=res.partner&id='+id+'&field=image_small';
     },
 
     // ui handle for the 'edit selected customer' action

addons/pos_restaurant/static/src/js/floors.js

@@ -375,7 +375,7 @@ var FloorScreenWidget = screens.ScreenWidget.extend({
         }
     },
     background_image_url: function(floor) { 
-        return '/web/binary/image?model=restaurant.floor&id='+floor.id+'&field=background_image';
+        return '/web/image?model=restaurant.floor&id='+floor.id+'&field=background_image';
     },
     get_floor_style: function() {
         var style = "";

addons/report/static/src/js/report.editor.js

@@ -17,7 +17,7 @@ options.registry.many2one.include({
             var $img = $('.header .row img:first');
             var css = window.getComputedStyle($img[0]);
             $img.css("max-height", css.height+'px');
-            $img.attr("src", "/web_editor/image/res.partner/"+self.ID+"/image");
+            $img.attr("src", "/web/image/res.partner/"+self.ID+"/image");
             setTimeout(function () { $img.removeClass('o_dirty'); },0);
         }
     }