Skip to content

Commit

Permalink
[FIX] l10n_it_central_journal_reportlab: escape Paragraph content
Browse files Browse the repository at this point in the history
  • Loading branch information
@TheMule71 @jado95
TheMule71 authored and jado95 committed Dec 6, 2024
1 parent e47b603 commit 396bf6a
Show file tree
Hide file tree
Showing 4 changed files with 34 additions and 29 deletions.
2 changes: 1 addition & 1 deletion l10n_it_central_journal_reportlab/README.rst
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,7 @@ ITA - Libro giornale - Reportlab
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:406c815cf9f5d7858e2354cdb28c41b751c27edacf1b580a4ca626ef2ea10a9a
!! source digest: sha256:91af559133071364b21113152d074c2e22096b825300936d3a24de75f65d2fe9
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
.. |badge1| image:: https://img.shields.io/badge/maturity-Beta-yellow.png
Expand Down
2 changes: 1 addition & 1 deletion l10n_it_central_journal_reportlab/__manifest__.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,7 @@

{
"name": "ITA - Libro giornale - Reportlab",
"version": "16.0.1.0.5",
"version": "16.0.1.0.6",
"development_status": "Beta",
"category": "Localization/Italy",
"author": "Gianmarco Conte - Dinamiche Aziendali srl, "
Expand Down
2 changes: 1 addition & 1 deletion l10n_it_central_journal_reportlab/static/description/index.html
View file
Original file line number Diff line number Diff line change
Expand Up @@ -367,7 +367,7 @@ <h1 class="title">ITA - Libro giornale - Reportlab</h1>
!! This file is generated by oca-gen-addon-readme !!
!! changes will be overwritten. !!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!! source digest: sha256:406c815cf9f5d7858e2354cdb28c41b751c27edacf1b580a4ca626ef2ea10a9a
!! source digest: sha256:91af559133071364b21113152d074c2e22096b825300936d3a24de75f65d2fe9
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!! -->
<p><a class="reference external image-reference" href="https://odoo-community.org/page/development-status"><img alt="Beta" src="https://img.shields.io/badge/maturity-Beta-yellow.png" /></a> <a class="reference external image-reference" href="http://www.gnu.org/licenses/agpl-3.0-standalone.html"><img alt="License: AGPL-3" src="https://img.shields.io/badge/licence-AGPL--3-blue.png" /></a> <a class="reference external image-reference" href="https://github.com/OCA/l10n-italy/tree/16.0/l10n_it_central_journal_reportlab"><img alt="OCA/l10n-italy" src="https://img.shields.io/badge/github-OCA%2Fl10n--italy-lightgray.png?logo=github" /></a> <a class="reference external image-reference" href="https://translation.odoo-community.org/projects/l10n-italy-16-0/l10n-italy-16-0-l10n_it_central_journal_reportlab"><img alt="Translate me on Weblate" src="https://img.shields.io/badge/weblate-Translate%20me-F47D42.png" /></a> <a class="reference external image-reference" href="https://runboat.odoo-community.org/builds?repo=OCA/l10n-italy&amp;target_branch=16.0"><img alt="Try me on Runboat" src="https://img.shields.io/badge/runboat-Try%20me-875A7B.png" /></a></p>
<p><strong>Italiano</strong></p>
Expand Down
57 changes: 31 additions & 26 deletions l10n_it_central_journal_reportlab/wizard/print_giornale.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,7 @@
import base64
import io
from datetime import timedelta
from xml.sax.saxutils import escape

from reportlab.lib import colors
from reportlab.lib.enums import TA_RIGHT
Expand Down Expand Up @@ -308,8 +309,12 @@ def get_initial_balance_data_report_giornale(self):
"",
"",
Paragraph(_("Initial Balance"), style_name),
Paragraph(formatLang(self.env, self.progressive_debit2), style_number),
Paragraph(formatLang(self.env, self.progressive_credit), style_number),
Paragraph(
escape(formatLang(self.env, self.progressive_debit2)), style_number
),
Paragraph(
escape(formatLang(self.env, self.progressive_credit)), style_number
),
]
]
return initial_balance_data
Expand Down Expand Up @@ -338,27 +343,28 @@ def get_grupped_final_tables_report_giornale(
)
if not account_name:
continue
# evitiamo che i caratteri < o > vengano interpretato come tag html
# dalla libreria reportlab
account_name = account_name.replace("<", "&lt;").replace(">", "&gt;")

start_row += 1
row = Paragraph(str(start_row), style_name)
date = Paragraph(format_date(self.env, line["date"]), style_name)
move = Paragraph(line["move_name"], style_name)
account = Paragraph(account_name, style_name)
name = Paragraph(line["name"], style_name)
row = Paragraph(escape(str(start_row)), style_name)
date = Paragraph(escape(format_date(self.env, line["date"])), style_name)
move = Paragraph(escape(line["move_name"]), style_name)
account = Paragraph(escape(account_name), style_name)
name = Paragraph(escape(line["name"]), style_name)
# dato che nel SQL ho la somma dei crediti e debiti potrei avere
# che un conto ha sia debito che credito
lines_data = []
if line["debit"] > 0:
debit = Paragraph(formatLang(self.env, line["debit"]), style_number)
credit = Paragraph(formatLang(self.env, 0), style_number)
debit = Paragraph(
escape(formatLang(self.env, line["debit"])), style_number
)
credit = Paragraph(escape(formatLang(self.env, 0)), style_number)
list_balance.append((line["debit"], 0))
lines_data.append([[row, date, move, account, name, debit, credit]])
if line["credit"] > 0:
debit = Paragraph(formatLang(self.env, 0), style_number)
credit = Paragraph(formatLang(self.env, line["credit"]), style_number)
debit = Paragraph(escape(formatLang(self.env, 0)), style_number)
credit = Paragraph(
escape(formatLang(self.env, line["credit"])), style_number
)
list_balance.append((0, line["credit"]))
lines_data.append([[row, date, move, account, name, debit, credit]])
for line_data in lines_data:
Expand Down Expand Up @@ -394,25 +400,24 @@ def get_final_tables_report_giornale(

for line in self.env["account.move.line"].browse(move_line_ids):
start_row += 1
row = Paragraph(str(start_row), style_name)
date = Paragraph(format_date(self.env, line.date), style_name)
ref = Paragraph(str(line.ref or ""), style_name)
row = Paragraph(escape(str(start_row)), style_name)
date = Paragraph(escape(format_date(self.env, line.date)), style_name)
ref = Paragraph(escape(str(line.ref or "")), style_name)
move_name = line.move_id.name or ""
move = Paragraph(move_name, style_name)
move = Paragraph(escape(move_name), style_name)
account_name = self._get_account_name_reportlab(line)
# evitiamo che i caratteri < o > vengano interpretato come tag html
# dalla libreria reportlab
account_name = account_name.replace("<", "&lt;").replace(">", "&gt;")
account = Paragraph(account_name, style_name)
account = Paragraph(escape(account_name), style_name)
if line.account_id.account_type in [
"asset_receivable",
"liability_payable",
]:
name = Paragraph(str(line.partner_id.name or ""), style_name)
name = Paragraph(escape(str(line.partner_id.name or "")), style_name)
else:
name = Paragraph(str(line.name or ""), style_name)
debit = Paragraph(formatLang(self.env, line.debit), style_number)
credit = Paragraph(formatLang(self.env, line.credit), style_number)
name = Paragraph(escape(str(line.name or "")), style_name)
debit = Paragraph(escape(formatLang(self.env, line.debit)), style_number)
credit = Paragraph(escape(formatLang(self.env, line.credit)), style_number)
list_balance.append((line.debit, line.credit))
line_data = [[row, date, ref, move, account, name, debit, credit]]
if previous_move_name != move_name:
Expand Down Expand Up @@ -441,8 +446,8 @@ def get_balance_data_report_giornale(self, tot_debit, tot_credit, final=False):
"",
"",
name,
Paragraph(formatLang(self.env, tot_debit), style_number),
Paragraph(formatLang(self.env, tot_credit), style_number),
Paragraph(escape(formatLang(self.env, tot_debit)), style_number),
Paragraph(escape(formatLang(self.env, tot_credit)), style_number),
]
]
return balance_data
Expand Down

0 comments on commit 396bf6a

Please sign in to comment.