Untitled

import json

from odoo import http
from odoo.http import request
from werkzeug.exceptions import Forbidden
from werkzeug.wrappers import Response

import logging
_logger = logging.getLogger(__name__)


ALLOWED_MODELS = ["crm.lead"]
API_KEYS = ["ce8e8526-1b86-4a57-8a8d-73189963719a"]


class OdooBiaApi(http.Controller):
    
    @http.route(
        "/api/get_record/<string:model>/<int:record_id>/<string:fields>",
        type="http",
        auth="none",
        csrf=False,
        ethods=['GET']
    )
    def api_get_record(self, model: str, record_id: int, fields: str):
        """
        Allow external system to connect with Odoo Bia
        param1: model -> it can be crm.lead, res.projects etc
        param2: record_id -> the ID of the record in Odoo
        """
        headers = request.httprequest.headers
        api_key = headers.get("api_key", "")

        record_id = int(record_id)
        model = str(model)
        fields = str(fields)

        if not all([api_key, record_id, model, fields]) or api_key not in API_KEYS or model not in ALLOWED_MODELS:
            raise Forbidden('Acccess Denied')
        
        fields = fields.split(",")
        try:
            data = {}
            record = request.env[model].sudo().search_read([('id', '=', record_id)], fields)
            if record:
                data = record
        except Exception as exc:
            raise Forbidden('Please check if the fields are correct')

        
        return Response(json.dumps(data), content_type='application/json')