[FIX] js and css bundle controllers set as auth='public'

[odoo/odoo.git] / addons / web / controllers / main.py

diff --git a/addons/web/controllers/main.py b/addons/web/controllers/main.py
index 67b2428..f024853 100644 (file)
--- a/addons/web/controllers/main.py
+++ b/addons/web/controllers/main.py
@@ -587,7 +587,7 @@ class Home(http.Controller):
     def login(self, db, login, key, redirect="/web", **kw):
         return login_and_redirect(db, login, key, redirect_url=redirect)
 
-    @http.route('/web/js/<xmlid>', type='http', auth="user")
+    @http.route('/web/js/<xmlid>', type='http', auth="public")
     def js_bundle(self, xmlid, **kw):
         # manifest backward compatible mode, to be removed
         values = {'manifest_list': manifest_list}
@@ -601,7 +601,7 @@ class Home(http.Controller):
         return make_conditional(
             response, bundle.last_modified, bundle.checksum, max_age=60*5)
 
-    @http.route('/web/css/<xmlid>', type='http', auth='user')
+    @http.route('/web/css/<xmlid>', type='http', auth='public')
     def css_bundle(self, xmlid, **kw):
         values = {'manifest_list': manifest_list} # manifest backward compatible mode, to be removed
         assets_html = request.render(xmlid, lazy=False, qcontext=values)