Odoo Release Updates

This commit fixes a test flakiness issue in the livechat module where test results varied depending on whether the optional rating module was installed. The fix dynamically filters message fields based on installed modules rather than expecting a fixed set of fields, ensuring consistent test behavior across different Odoo installations.

[FIX] im_livechat: fix runbot issue due to remove livechat-rating relation

This change implements access control validation for records with new ids that have an origin record. Previously, new records with origins bypassed access checks; now they inherit the access permissions of their origin record. If a user lacks access to the origin record, they cannot access the derived new record, closing a security gap where origin-based record copying could bypass row-level access rules.

[IMP] orm: check access for new ids with origin

This commit introduces a new _access_domain method to replace custom _check_access implementations, making record-level access rules explicit and visible in ir.rule definitions rather than hidden in code overrides. The change converts complex access logic from Python methods into computed user-dependent domain fields (res_access_read, res_access_write, etc.) on mail models, enabling record rules to work consistently across all access flows while allowing models that inherit from attachments or mail to selectively bypass inherited access rules.

[IMP] orm: access_domain and explicit record rules

This commit adds a documentation link to the U.S. Direct Deposit payment settings in the localization module, pointing users to the official Odoo documentation for configuring direct deposit payments via Wise. The change ensures users can easily access setup and usage instructions directly from the settings interface.

[FIX] l10n_us_account: link to direct deposit documentation

This commit adds OpenRouter proxy support to the Claude Code sandbox environment used by Odoo developers. The change introduces a --openrouter flag to bwrap-claude.sh that automatically configures the necessary environment variables (OPENROUTER_API_KEY, ANTHROPIC_BASE_URL, and model defaults) to route Claude API calls through OpenRouter instead of directly to Anthropic, while allowing all defaults to be overridden via host environment variables. This enables developers to use alternative Claude model providers or manage API costs through OpenRouter without modifying the sandbox setup itself.

[IMP] setup: support OpenRouter in bwrap-claude

This commit refactors the bus notification assertion system in Odoo tests by introducing a unified BusResult descriptor class to replace the previous two-list approach (channels and messages). The new system provides clearer test semantics, prevents stale data from affecting assertions, compares dictionaries regardless of key order to eliminate brittle failures, and delivers explicit error messages showing expected versus actual notifications. This improvement strengthens test reliability across mail, calendar, livechat, and other modules while making test code more readable and maintainable.

[REF] bus, mail, *: improve assertion on bus notifications

This fix prevents PDF content duplication when printing field service reports across multiple tasks where PDF outline-based splitting fails. The issue occurred because when outline detection couldn't properly identify document boundaries, the system would generate individual PDFs for each record AND then append the full recordset PDF, causing all content to appear twice in the final output. The one-line fix ensures that when individual record generation occurs as a fallback strategy, the function returns immediately instead of continuing to process and merge the original recordset PDF.

[FIX] base: prevent pdf duplication when outline split fails

This fix corrects the survey question error alert logic to prevent false "question requires an answer" messages from appearing on conditional questions shown for the first time in the post-submit flow. The change refines the display condition to check not only if a question is marked as post-submit, but also whether the user has actually skipped it in the pre-submit flow or is in the post-submit review stage, eliminating unnecessary error alerts on newly revealed conditional questions.

[FIX] survey: fix question error alert

This commit enhances lead assignment logging in the CRM module to provide real-time visibility into the assignment process, particularly when errors occur during batch processing. The changes introduce granular logging that tracks assigned leads per team and displays progress summaries at regular intervals during the iterative assignment loop, ensuring that diagnostic information is captured even if the cron job crashes mid-execution.

[IMP] crm: improve assign logs

This fix corrects the TOTP (Two-Factor Authentication) secret validation logic in the auth_totp module by removing support for the string literal 'false' as a disabled state. The code now properly treats empty strings (null or '') as the only indicator that TOTP is disabled, changing the enabled check from explicitly testing against False and 'false' to a simple boolean conversion, and updating the SQL domain query to match this behavior. This ensures consistent and cleaner handling of TOTP enablement state across the authentication system.

[FIX] auth_totp: secret is not 'false'

This commit updates the placeholder text in the mail composer when sending messages to clarify that communications reach both followers and selected contacts, not just followers. The change modifies the user-facing message in the web portal project composer from "Send a message to followers…" to "Send a message to all followers and selected contacts…" and updates all corresponding test assertions to match the new text.

[IMP] mail: update "Send message" placeholder

This fix prevents a crash during the Account module uninstallation by skipping audit log operations when the account module is being removed from the system. Previously, the code attempted to access audit log database tables that had already been deleted, causing the uninstall process to fail. The solution adds a check to bypass the audit log exception handler when account is in the list of modules being uninstalled.

[FIX] account: uninstall prevent error with audit log

This commit fixes a layout issue in Odoo's reference fields where selecting a longer value in the first dropdown would compress the subsequent many2one field, leaving insufficient space. The fix applies flexible width distribution to both the select and many2one components within reference field rows, with additional right padding on the select to prevent overlap.

[FIX] web: alignment of select and many2one in reference

This commit adds the is_condition() method to the Domain API, enabling developers to check whether a domain represents a simple condition and optionally match against specific field expressions, operators, and value types. The method supports flexible pattern matching through optional parameters, allowing for concise filtering of domain conditions without manual iteration.

[IMP] orm: Domain.is_condition

This commit fixes a critical traceback that occurred when internal users started live chat conversations with the hr_holidays module installed. The root cause was unsafe access to user.activeCompany in the employee_id computed field, which is not available in the frontend session. The fix adds optional chaining (?.) to guard against undefined activeCompany, reorganizes asset bundles for better modularity, and adds comprehensive test coverage including a new shared embed test that validates the scenario works with HR employee records present.

[FIX] hr, *: prevent traceback when starting live chat as internal user

This commit fixes a test that was incorrectly assigning a menu ID to a user's action field, treating it as if it were an action ID. The fix replaces the hardcoded incorrect assignment with a proper query to find an actual ir.actions.actions record named 'Settings', and adds validation to ensure the assignment succeeded. This resolves intermittent test failures that occurred when tests were run together due to ID allocation changes in a previous commit.

[FIX] website: fix `TestUi.test_29`

This commit fixes the calendar visualization of time-off requests that span half-days by correcting the field name validation from "half" to "half_day" and replacing static CSS clip-path rules with dynamic positioning logic that properly handles AM/PM period combinations. The rendering now correctly displays partial-day leave periods on the calendar instead of rounding them to full days, improving accuracy in leave management visibility.

[IMP] hr_holidays: adjust half-days visibility on calendar view

This fix addresses a test flakiness issue in the project sharing module where dynamically assigned ports (port 0) caused mismatches between the port written to web.base.url during database installation and the actual port used during post_install test execution. The solution explicitly sets web.base.url to a controlled value before running the test and updates the assertion to check for that exact value, ensuring the generated portal signup links contain the correct base URL regardless of kernel port assignment behavior.

[FIX] project: reset web.base.url in order to control link

This fix prevents Manufacturing Orders (MOs) from sharing purchase order references when duplicated. Previously, when an MO was copied, its reference_ids field was also duplicated, causing the new MO to become incorrectly linked to the original MO's purchase order. This resulted in quantities being consolidated on a single PO instead of creating separate purchase orders for each MO. The fix adds copy=False to the reference_ids field definition to ensure each duplicated MO gets its own independent reference records.

[FIX] mrp: prevent duplicated MO from reusing same reference

This commit refactors Odoo's field tracking infrastructure to simplify the API and improve code organization. It introduces a new mail.track.mixin that separates tracking value generation from message posting, adds new _track_add and _track_record methods to replace manual tracking value manipulation, and renames _track_subtype to _track_log_get_default_subtype for clarity. The changes eliminate low-level data structure handling across multiple modules (account, CRM, HR, fleet, Peppol) while adding comprehensive test coverage for various tracking scenarios including parent model logging and manual tracking calls.

[IMP] mail: cleanup and test tracking usage

This change removes the "Uploading..." text that appeared during file attachment uploads in the mail chatter by setting the showUploadingText property to false on the FileUploader component. The removal is justified because an upload progress indicator already exists within the attachment box itself, making the redundant text unnecessary and improving the user interface clarity.

[IMP] mail: remove "Uploading..." text

This fix corrects a CSS selector typo in the website_sale module that prevented the product grid from displaying a left border on smaller viewports when the sidebar is hidden. The selector was incorrectly structured with redundant class chaining, causing the border styling rule to never apply on mobile and tablet devices where the sidebar is collapsed.

[FIX] website_sale: add missing border on grid layout

This commit applies a systematic OWL3 migration across the entire Odoo codebase by prefixing all template variable references with "this." to comply with upcoming OWL3 requirements. In OWL3, component instance properties must be explicitly accessed via "this." in templates, changing from implicit scope resolution to explicit context binding. This large-scale automated refactoring affects template files across multiple modules including account, board, CRM, HR, and many others, converting patterns like "showUploadButton" to "this.showUploadButton" and "state.name" to "this.state.name" throughout XML templates.

[IMP] *: run rendering context migration script entire codebase