tocmo0nlord
49358183e7
- fl.signature.request: token-protected request linking an fl.document to a signer (res.partner). State machine: draft → prepared → sent → signed | declined | expired. Per-report _SIGNATURE_COORDS map plus DOC_TYPE_TO_REPORT for resolving the QWeb report template and the signature block rectangle - action_prepare renders the QWeb PDF and stores it; action_send_to_signer emails a one-time link /familylaw/sign/<token> (256-bit token, 14-day expiry, hourly cron sweeps stale links) - apply_signature decodes the canvas-pad PNG, embeds it at the page-relative rectangle via PyMuPDF, attaches the signed PDF to the fl.document, marks the document signed, and audits the signer IP + timestamp - Public portal controller (/familylaw/sign/<token>): GET shows the unsigned PDF in an iframe + inline HTML5 canvas pad (no external JS, mouse + touch); POST submits the PNG; separate decline endpoint. Token+state checks gate every transition - action_validate_pdfa on the signed request reuses the e-filing pikepdf check (markers + OutputIntents) so e-filing-bound docs can be re-validated - Wiring: models/__init__, controllers/__init__, manifest entry, ACL for the request, Signature Requests menu under Cases, signature_request_ids on fl.case with a Filings-tab list, "Request Signature" header button, and a cron for expiry - Note: Odoo Sign / DocuSign / HelloSign deliberately NOT used per CLAUDE.md spec (HIPAA + FL court e-signature compliance) - Verified: throwaway-DB install passes cleanly Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>