def approve(self, ids, context={}):
print("ApproveWizard.approve", ids)
obj = self.browse(ids)[0]
pin_code = obj.pin_code
obj.write({"pin_code": ""}) # XXX
m = get_model(obj.approve_model)
f = getattr(m, obj.approve_method, None)
if not f:
raise Exception("Invalid method %s of %s" %
(obj.approve_method, obj.approve_model))
if not obj.approver_id:
res = f([obj.approve_id], context=context)
else:
db = database.get_connection()
res = db.get("SELECT pin_code FROM base_user WHERE id=%s",
obj.approver_id.id)
enc_pin_code = res.pin_code
if not utils.check_password(pin_code, enc_pin_code):
raise Exception("Wrong PIN")
user_id = get_active_user()
set_active_user(obj.approver_id.id)
try:
res = f([obj.approve_id], context=context)
finally:
set_active_user(user_id)
return res
def check_password(self, login, password, context={}):
db = database.get_connection()
res = db.get("SELECT id,password FROM base_user WHERE login ILIKE %s", login)
if not res:
return None
if not utils.check_password(password, res.password):
return None
return res.id
def check_pin_code(self, ids, pin_code, context={}):
user_id = ids[0]
db = database.get_connection()
res = db.get("SELECT pin_code FROM base_user WHERE id=%s", user_id)
if not res:
return None
if not utils.check_password(pin_code, res.pin_code):
return None
return True
def check_pin_code(self, ids, pin_code, context={}):
user_id = ids[0]
db = database.get_connection()
res = db.get("SELECT pin_code FROM base_user WHERE id=%s", user_id)
if not res:
return None
if not utils.check_password(pin_code, res.pin_code):
return None
return True
def check_password(self, login, password, context={}):
db = database.get_connection()
res = db.get("SELECT id,password FROM base_user WHERE login ILIKE %s",
login)
if not res:
return None
if not utils.check_password(password, res.password):
return None
return res.id
