[MIG] website_user_login_redirect_custom: Migration to 18.0

- Update module version to 18.0.1.0.0 in __manifest__.py
- Replace deprecated SavepointCase with TransactionCase in tests
- Refactored res_config_settings_views.xml

Task: 5058

Author: Mohajiro

website_user_login_redirect_custom/README.rst

@@ -17,13 +17,13 @@ Website User Login Redirect Custom
     :target: http://www.gnu.org/licenses/agpl-3.0-standalone.html
     :alt: License: AGPL-3
 .. |badge3| image:: https://img.shields.io/badge/github-OCA%2Fwebsite-lightgray.png?logo=github
-    :target: https://github.com/OCA/website/tree/14.0/website_user_login_redirect_custom
+    :target: https://github.com/OCA/website/tree/18.0/website_user_login_redirect_custom
     :alt: OCA/website
 .. |badge4| image:: https://img.shields.io/badge/weblate-Translate%20me-F47D42.png
-    :target: https://translation.odoo-community.org/projects/website-14-0/website-14-0-website_user_login_redirect_custom
+    :target: https://translation.odoo-community.org/projects/website-18-0/website-18-0-website_user_login_redirect_custom
     :alt: Translate me on Weblate
 .. |badge5| image:: https://img.shields.io/badge/runboat-Try%20me-875A7B.png
-    :target: https://runboat.odoo-community.org/builds?repo=OCA/website&target_branch=14.0
+    :target: https://runboat.odoo-community.org/builds?repo=OCA/website&target_branch=18.0
     :alt: Try me on Runboat
 
 |badge1| |badge2| |badge3| |badge4| |badge5|
@@ -68,7 +68,7 @@ Bug Tracker
 Bugs are tracked on `GitHub Issues <https://github.com/OCA/website/issues>`_.
 In case of trouble, please check there if your issue has already been reported.
 If you spotted it first, help us to smash it by providing a detailed and welcomed
-`feedback <https://github.com/OCA/website/issues/new?body=module:%20website_user_login_redirect_custom%0Aversion:%2014.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
+`feedback <https://github.com/OCA/website/issues/new?body=module:%20website_user_login_redirect_custom%0Aversion:%2018.0%0A%0A**Steps%20to%20reproduce**%0A-%20...%0A%0A**Current%20behavior**%0A%0A**Expected%20behavior**>`_.
 
 Do not contact contributors directly about support or help with technical issues.
 
@@ -101,6 +101,6 @@ OCA, or the Odoo Community Association, is a nonprofit organization whose
 mission is to support the collaborative development of Odoo features and
 promote its widespread use.
 
-This module is part of the `OCA/website <https://github.com/OCA/website/tree/14.0/website_user_login_redirect_custom>`_ project on GitHub.
+This module is part of the `OCA/website <https://github.com/OCA/website/tree/18.0/website_user_login_redirect_custom>`_ project on GitHub.
 
 You are welcome to contribute. To learn how please visit https://odoo-community.org/page/Contribute.

website_user_login_redirect_custom/__manifest__.py

@@ -4,7 +4,7 @@
 {
     "name": "Website User Login Redirect Custom",
     "summary": "Redirect website/portal user to custom URL after login or signup",
-    "version": "14.0.1.0.0",
+    "version": "18.0.1.0.0",
     "category": "Website",
     "author": "Cetmix OÜ, Odoo Community Association (OCA)",
     "license": "AGPL-3",

website_user_login_redirect_custom/controllers/main.py

@@ -2,9 +2,9 @@
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
 
 from odoo.http import request
-from odoo.tools import misc
+from odoo.tools import str2bool
 
-from odoo.addons.web.controllers.main import Home
+from odoo.addons.web.controllers.home import Home
 
 
 class WebsiteRedirectCustom(Home):
@@ -27,7 +27,7 @@ def _should_redirect_custom(self):
             .sudo()
             .get_param("website_user_login_redirect_custom.enabled", "False")
         )
-        return misc.str2bool(enabled)
+        return str2bool(enabled)
 
     def _get_custom_redirect_url(self):
         """Get custom redirect URL or False if not set/valid"""

website_user_login_redirect_custom/pyproject.toml

@@ -0,0 +1,3 @@
+[build-system]
+requires = ["whool"]
+build-backend = "whool.buildapi"

website_user_login_redirect_custom/tests/__init__.py

@@ -1,4 +1,5 @@
 # Copyright (C) 2025 Cetmix OÜ
 # License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
 
-from . import test_website_login_redirect  # noqa
+from . import test_website_login_redirect
+from . import test_website_login_redirect_controller

website_user_login_redirect_custom/tests/test_website_login_redirect.py

@@ -6,7 +6,7 @@
 
 
 @tagged("post_install", "-at_install")
-class TestWebsiteLoginRedirect(common.SavepointCase):
+class TestWebsiteLoginRedirect(common.TransactionCase):
     """Test website login redirect functionality"""
 
     @classmethod
@@ -116,3 +116,28 @@ def test_is_valid_redirect_url_edge_cases(self):
 
         # Test empty string
         self.assertFalse(settings.is_valid_redirect_url(""))
+
+    def test_check_url_format_skips_empty(self):
+        """_check_url_format should skip empty URLs"""
+        settings = self.env["res.config.settings"].create({})
+        settings._check_url_format()  # Should not raise
+
+    def test_is_valid_redirect_url_rejects_external(self):
+        """Reject external URLs with scheme or domain"""
+        settings = self.env["res.config.settings"].create({})
+        self.assertFalse(settings.is_valid_redirect_url("http://evil.com"))
+
+    def test_check_url_format_raises_validation_error(self):
+        """Invalid URL triggers ValidationError during create"""
+        with self.assertRaises(ValidationError):
+            self.env["res.config.settings"].create(
+                {"website_login_redirect_url": "javascript:alert(1)"}
+            )
+
+    def test_onchange_strips_url_whitespace(self):
+        """Onchange removes leading/trailing spaces in URL"""
+        settings = self.env["res.config.settings"].create(
+            {"website_login_redirect_url": "   /clean-me   "}
+        )
+        settings._onchange_website_login_redirect_url()
+        self.assertEqual(settings.website_login_redirect_url, "/clean-me")

website_user_login_redirect_custom/tests/test_website_login_redirect_controller.py

@@ -0,0 +1,217 @@
+# Copyright (C) 2025 Cetmix OÜ
+# License AGPL-3.0 or later (https://www.gnu.org/licenses/agpl).
+
+from unittest.mock import MagicMock, patch
+
+from odoo.tests import common, tagged
+
+from odoo.addons.website_user_login_redirect_custom.controllers.main import (
+    WebsiteRedirectCustom,
+)
+
+
+@tagged("post_install", "-at_install")
+class TestWebsiteLoginRedirectController(common.TransactionCase):
+    """Unit tests for WebsiteRedirectCustom controller"""
+
+    @classmethod
+    def setUpClass(cls):
+        super().setUpClass()
+        cls.controller = WebsiteRedirectCustom()
+        cls.config_parameter = cls.env["ir.config_parameter"].sudo()
+
+        cls.portal_user = cls.env["res.users"].create(
+            {
+                "name": "Portal User",
+                "login": "[email protected]",
+                "groups_id": [(4, cls.env.ref("base.group_portal").id)],
+            }
+        )
+
+    def _fake_request(self, user, enabled=True, url="/shop"):
+        """Create mock request for controller tests"""
+        mock_req = MagicMock()
+        mock_req.session.uid = user.id
+
+        mock_user = MagicMock()
+        mock_user.id = user.id
+        if user.login.startswith("internal"):
+            mock_user.has_group.side_effect = lambda g: g == "base.group_user"
+        else:
+            mock_user.has_group.side_effect = lambda g: g == "base.group_portal"
+
+        mock_env = MagicMock()
+        mock_env.user = mock_user
+
+        def getitem(name):
+            if name == "ir.config_parameter":
+                ir_mock = MagicMock()
+                ir_mock.sudo.return_value = ir_mock
+                ir_mock.get_param.side_effect = lambda key, default=None: {
+                    "website_user_login_redirect_custom.enabled": "True"
+                    if enabled
+                    else "False",
+                    "website_user_login_redirect_custom.url": url,
+                }.get(key, default)
+                return ir_mock
+            if name == "res.config.settings":
+                settings_mock = MagicMock()
+                settings_mock.is_valid_redirect_url.side_effect = (
+                    lambda value: value
+                    and value.startswith("/")
+                    and not value.startswith("//")
+                )
+                return settings_mock
+            raise KeyError(name)
+
+        mock_env.__getitem__.side_effect = getitem
+        mock_req.env = mock_env
+        return mock_req
+
+    def test_should_redirect_custom_portal_user_enabled(self):
+        """Portal user with feature enabled should redirect"""
+        mock_request = self._fake_request(self.portal_user, enabled=True)
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            self.assertTrue(self.controller._should_redirect_custom())
+
+    def test_should_redirect_custom_internal_user(self):
+        """Internal users should not redirect"""
+        internal_user = self.env["res.users"].create(
+            {
+                "name": "Internal User",
+                "login": "[email protected]",
+                "groups_id": [(4, self.env.ref("base.group_user").id)],
+            }
+        )
+        mock_request = self._fake_request(internal_user, enabled=True)
+
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            result = self.controller._should_redirect_custom()
+            self.assertFalse(result)
+
+    def test_get_custom_redirect_url(self):
+        """Test custom URL validation and retrieval"""
+        # Valid URL
+        mock_request = self._fake_request(self.portal_user, url="/shop")
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            self.assertEqual(self.controller._get_custom_redirect_url(), "/shop")
+
+        # Invalid URL
+        mock_request = self._fake_request(self.portal_user, url="http://evil.com")
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            self.assertFalse(self.controller._get_custom_redirect_url())
+
+    def test_should_redirect_custom_disabled(self):
+        """Feature disabled → no redirect should occur"""
+        mock_request = self._fake_request(self.portal_user, enabled=False)
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            self.assertFalse(self.controller._should_redirect_custom())
+
+    def test_login_redirect_behavior(self):
+        """Verify custom redirect applies when feature enabled"""
+        mock_request = self._fake_request(
+            self.portal_user, enabled=True, url="/thank-you"
+        )
+        with (
+            patch(
+                "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+                mock_request,
+            ),
+            patch(
+                "odoo.addons.web.controllers.home.Home._login_redirect",
+                return_value="/my",
+            ),
+        ):
+            result = self.controller._login_redirect(self.portal_user.id)
+            self.assertEqual(result, "/thank-you")
+
+    def test_should_redirect_custom_no_session(self):
+        """Should not redirect if user session missing"""
+        mock_request = MagicMock()
+        mock_request.session.uid = None
+        mock_request.env.user.has_group.return_value = False
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            self.assertFalse(self.controller._should_redirect_custom())
+
+    def test_get_custom_redirect_url_empty(self):
+        """Should return False if URL param is empty"""
+        mock_request = MagicMock()
+        mock_request.env[
+            "ir.config_parameter"
+        ].sudo.return_value.get_param.return_value = ""
+        mock_request.env[
+            "res.config.settings"
+        ].is_valid_redirect_url.return_value = True
+        with patch(
+            "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+            mock_request,
+        ):
+            self.assertFalse(self.controller._get_custom_redirect_url())
+
+    def test_login_redirect_returns_parent_redirect_when_disabled(self):
+        """Return parent redirect when feature disabled"""
+        mock_request = self._fake_request(self.portal_user, enabled=False, url="/shop")
+        with (
+            patch(
+                "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+                mock_request,
+            ),
+            patch(
+                "odoo.addons.web.controllers.home.Home._login_redirect",
+                return_value="/custom",
+            ),
+        ):
+            result = self.controller._login_redirect(self.portal_user.id)
+            self.assertEqual(result, "/custom")
+
+    def test_login_redirect_applies_custom_url_on_my_path(self):
+        """Custom redirect applies when parent_redirect is /my"""
+        mock_request = self._fake_request(
+            self.portal_user, enabled=True, url="/special"
+        )
+        with (
+            patch(
+                "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+                mock_request,
+            ),
+            patch(
+                "odoo.addons.web.controllers.home.Home._login_redirect",
+                return_value="/my",
+            ),
+        ):
+            result = self.controller._login_redirect(self.portal_user.id)
+            self.assertEqual(result, "/special")
+
+    def test_login_redirect_returns_parent_when_no_custom_url(self):
+        """Return parent redirect if no valid custom URL found"""
+        mock_request = self._fake_request(self.portal_user, enabled=True, url=None)
+        with (
+            patch(
+                "odoo.addons.website_user_login_redirect_custom.controllers.main.request",
+                mock_request,
+            ),
+            patch(
+                "odoo.addons.web.controllers.home.Home._login_redirect",
+                return_value="/my",
+            ),
+        ):
+            result = self.controller._login_redirect(self.portal_user.id)
+            self.assertEqual(result, "/my")

website_user_login_redirect_custom/views/res_config_settings_views.xml

@@ -7,43 +7,34 @@
         <field name="model">res.config.settings</field>
         <field name="inherit_id" ref="website.res_config_settings_view_form" />
         <field name="arch" type="xml">
-            <xpath expr="//div[@id='google_maps_setting']" position="before">
-                <div class="col-12 col-lg-6 o_setting_box" id="login_redirect_setting">
-                    <div class="o_setting_left_pane">
-                        <field name="website_login_redirect_enabled" />
-                    </div>
-                    <div class="o_setting_right_pane">
-                        <label
-                            for="website_login_redirect_enabled"
-                            string="Redirect on Login/Signup​"
-                        />
-                        <div class="text-muted">
-                            Redirect users to a custom page after authentication.
-                        </div>
-                        <div
-                            class="content-group"
-                            attrs="{'invisible': [('website_login_redirect_enabled', '=', False)]}"
-                        >
-                            <div class="row mt16">
-                                <label
-                                    class="col-3 o_light_label"
-                                    string="Custom URL"
-                                    for="website_login_redirect_url"
+            <xpath expr="//block[@id='website_settings']" position="inside">
+                <setting
+                    id="website_login_redirect_setting"
+                    string="Redirect on Login/Signup"
+                    help="Redirect users to a custom page after they log in or sign up."
+                >
+                    <field name="website_login_redirect_enabled" />
+
+                    <toggle field="website_login_redirect_enabled">
+                        <div class="row mt8">
+                            <label
+                                class="col-lg-3 o_light_label"
+                                string="Custom URL"
+                                for="website_login_redirect_url"
+                            />
+                            <div class="col-lg-9">
+                                <field
+                                    name="website_login_redirect_url"
+                                    class="w-100"
                                 />
-                                <div class="col-9">
-                                    <field
-                                        name="website_login_redirect_url"
-                                        class="w-100"
-                                    />
-                                    <div class="text-muted mt-1">
-                                        Relative path, e.g. <code>/shop</code> or <code
-                                        >/welcome</code>.
-                                    </div>
+                                <div class="text-muted mt-1">
+                                    Relative path, e.g. <code>/shop</code> or <code
+                                >/welcome</code>.
                                 </div>
                             </div>
                         </div>
-                    </div>
-                </div>
+                    </toggle>
+                </setting>
             </xpath>
         </field>
     </record>