def oea(self, **kw):
"""login user via NobleCRM Account provider"""
dbname = kw.pop('db', None)
if not dbname:
dbname = db_monodb()
if not dbname:
return BadRequest()
if not http.db_filter([dbname]):
return BadRequest()
registry = registry_get(dbname)
with registry.cursor() as cr:
try:
env = api.Environment(cr, SUPERUSER_ID, {})
provider = env.ref('auth_oauth.provider_noblecrmerp')
except ValueError:
return set_cookie_and_redirect('/web?db=%s' % dbname)
assert provider._name == 'auth.oauth.provider'
state = {
'd': dbname,
'p': provider.id,
'c': {
'no_user_creation': True
},
}
kw['state'] = json.dumps(state)
return self.signin(**kw)
def declined(self, db, token, action, id):
registry = registry_get(db)
with registry.cursor() as cr:
env = Environment(cr, SUPERUSER_ID, {})
attendee = env['calendar.attendee'].search([
('access_token', '=', token), ('state', '!=', 'declined')
])
if attendee:
attendee.do_decline()
return self.view(db, token, action, id, view='form')
def signin(self, **kw):
state = json.loads(kw['state'])
dbname = state['d']
if not http.db_filter([dbname]):
return BadRequest()
provider = state['p']
context = state.get('c', {})
registry = registry_get(dbname)
with registry.cursor() as cr:
try:
env = api.Environment(cr, SUPERUSER_ID, context)
credentials = env['res.users'].sudo().auth_oauth(provider, kw)
cr.commit()
action = state.get('a')
menu = state.get('m')
redirect = werkzeug.url_unquote_plus(
state['r']) if state.get('r') else False
url = '/web'
if redirect:
url = redirect
elif action:
url = '/web#action=%s' % action
elif menu:
url = '/web#menu_id=%s' % menu
resp = login_and_redirect(*credentials, redirect_url=url)
# Since /web is hardcoded, verify user has right to land on it
if werkzeug.urls.url_parse(
resp.location
).path == '/web' and not request.env.user.has_group(
'base.group_user'):
resp.location = '/'
return resp
except AttributeError:
# auth_signup is not installed
_logger.error(
"auth_signup not installed on database %s: oauth sign up cancelled."
% (dbname, ))
url = "/web/login?oauth_error=1"
except AccessDenied:
# oauth credentials not valid, user could be on a temporary session
_logger.info(
'OAuth2: access denied, redirect to main page in case a valid session exists, without setting cookies'
)
url = "/web/login?oauth_error=3"
redirect = werkzeug.utils.redirect(url, 303)
redirect.autocorrect_location_header = False
return redirect
except Exception as e:
# signup error
_logger.exception("OAuth2: %s" % str(e))
url = "/web/login?oauth_error=2"
return set_cookie_and_redirect(url)
def view(self, db, token, action, id, view='calendar'):
registry = registry_get(db)
with registry.cursor() as cr:
# Since we are in auth=none, create an env with SUPERUSER_ID
env = Environment(cr, SUPERUSER_ID, {})
attendee = env['calendar.attendee'].search([
('access_token', '=', token), ('event_id', '=', int(id))
])
if not attendee:
return request.not_found()
timezone = attendee.partner_id.tz
lang = attendee.partner_id.lang or 'en_US'
event = env['calendar.event'].with_context(tz=timezone,
lang=lang).browse(
int(id))
# If user is internal and logged, redirect to form view of event
# otherwise, display the simplifyed web page with event informations
if request.session.uid and request.env['res.users'].browse(
request.session.uid).user_has_groups('base.group_user'):
return werkzeug.utils.redirect(
'/web?db=%s#id=%s&view_type=form&model=calendar.event' %
(db, id))
# NOTE : we don't use request.render() since:
# - we need a template rendering which is not lazy, to render before cursor closing
# - we need to display the template in the language of the user (not possible with
# request.render())
response_content = env['ir.ui.view'].with_context(
lang=lang).render_template(
'calendar.invitation_page_anonymous', {
'event': event,
'attendee': attendee,
})
return request.make_response(response_content,
headers=[('Content-Type', 'text/html')
])