def sign_in(self, redirect=None, **kw):
request.params['login_success'] = False
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate('demo', request.params['login'], request.params['password'])
if uid is not False:
request.params['login_success'] = True
if not redirect:
redirect = '/ga/admin'
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('gpsi_website.ga/admin/login', values)
def web_login(self, redirect=None, **kw):
openerp.addons.web.controllers.main.ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Login failed due to one of the following reasons"
values['error2'] = "- Wrong login/password"
values['error3'] = "- User already logged in from another system"
return request.render('web.login', values)
def sign_up(self, redirect=None, **kw):
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
try:
company = request.env['res.company'].create_gaudit(
kw['company'], kw['email'])
user = request.env['res.users'].create_gaudit_owner(
kw['username'], kw['email'], kw['password'], company.id)
except AuditiiException as e:
values['create_error'] = "Email already exist!"
values['creating_account'] = True
uid = request.session.authenticate(DB_NAME, request.params['email'],
request.params['password'])
if uid is not False:
request.params['login_success'] = True
if not redirect:
redirect = '/ga/admin'
return http.redirect_with_hash(redirect)
return request.render('gpsi_auditii.admin/login', values)
def sign_up(self, redirect=None, **kw):
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
company = request.env['res.company'].sudo().create({
'name': request.params['company'],
'rml_header1': False,
'email': request.params['email'],
'currency_id': request.env['res.currency'].sudo().search([('name','=','USD')]).id
})
user = request.env['res.users'].sudo().create({
'name': request.params['username'],
'login': request.params['email'],
'password': request.params['password'],
'company_id': company.id,
'company_ids': [(4, company.id, False)]
})
uid = request.session.authenticate('demo', request.params['email'], request.params['password'])
if uid is not False:
request.params['login_success'] = True
if not redirect:
redirect = '/ga/admin'
return http.redirect_with_hash(redirect)
return request.render('gpsi_website.ga/admin/login', values)
def web_login(self, redirect=None, **kw):
openerp.addons.web.controllers.main.ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values[
'error'] = "Login failed due to one of the following reasons"
values['error2'] = "- Wrong login/password"
values['error3'] = "- User already logged in from another system"
return request.render('web.login', values)
def add_usdadata(self):
file_path = request.jsonrequest['filepath']
delimiter = '@'
db = request.httprequest.headers.environ['HTTP_X_HUB_STORE']
if db in http.db_list():
uid = request.session.authenticate(db, 'admin', 'admin')
if uid is not False:
market_price = request.registry.models.get(
'market.price.by.date')
row_number = 0
for row in CsvUnicodeReader(open(file_path, 'rb'),
delimiter=delimiter,
quotechar='"',
escapechar='\\'):
row_number += 1
vals = {}
if row_number > 1:
vals['markettype'] = row[0]
vals['commodityname'] = row[1]
vals['cityname'] = row[2]
vals['variety'] = row[3]
vals['color'] = row[4]
vals['origin'] = row[5]
vals['date'] = row[6]
vals['per_lb'] = row[7]
market_price.create(request.cr, request.uid, vals,
request.context)
return "<h1>This is a test</h1>"
def smart_login(self, redirect=None, **kw):
#return "Method %s Session UID %s uid %s" % (request.httprequest.method,request.session.uid,request.uid)
ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if request.httprequest.method == 'GET' and request.session.uid:
# if request.httprequest.method == 'GET':
return http.redirect_with_hash('/dashboard')
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/dashboard?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('smart_common.login', values)
def web_login(self, redirect=None, **kw):
ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
# remote_check_otp ??? do we need this?
uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = _("Wrong login/password")
if request.env.ref('web.login', False):
return request.render('web.login', values)
else:
# probably not an odoo compatible database
error = 'Unable to login on database %s' % request.session.db
return werkzeug.utils.redirect('/web/database/selector?error=%s' % error, 303)
def add_usdadata(self):
file_path = request.jsonrequest['filepath']
delimiter = '@'
db = request.httprequest.headers.environ['HTTP_X_HUB_STORE']
if db in http.db_list():
uid = request.session.authenticate(db, 'admin', 'admin')
if uid is not False:
market_price = request.registry.models.get('market.price.by.date')
row_number = 0
for row in CsvUnicodeReader(open(file_path, 'rb'),
delimiter=delimiter, quotechar='"',
escapechar='\\'):
row_number += 1
vals = {}
if row_number > 1:
vals['markettype'] = row[0]
vals['commodityname'] = row[1]
vals['cityname'] = row[2]
vals['variety'] = row[3]
vals['color'] = row[4]
vals['origin'] = row[5]
vals['date'] = row[6]
vals['per_lb'] = row[7]
market_price.create(request.cr, request.uid, vals,
request.context)
return "<h1>This is a test</h1>"
def web_login(self, redirect=None, **kw):
openerp.addons.web.controllers.main.ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'], request.params['password'])
if uid is not False:
self.save_session(request.cr, uid, request.context)
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = 'Login failed due to one of the following reasons:'
values['reason1'] = '- Wrong login/password'
values['reason2'] = '- User not allowed to have multiple logins'
values['reason3'] = '- User not allowed to login at this specific time or day'
return request.render('web.login', values)
def smart_login(self, redirect=None, **kw):
#return "Method %s Session UID %s uid %s" % (request.httprequest.method,request.session.uid,request.uid)
ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if request.httprequest.method == 'GET' and request.session.uid:
# if request.httprequest.method == 'GET':
return http.redirect_with_hash('/dashboard')
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/dashboard?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('smart_common.login', values)
def web_login(self, redirect=None, **kw):
openerp.addons.web.controllers.main.ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
self.save_session(request.cr, uid, request.context)
return http.redirect_with_hash(redirect)
request.uid = old_uid
values[
'error'] = 'Login failed due to one of the following reasons:'
values['reason1'] = '- Wrong login/password'
values['reason2'] = '- User not allowed to have multiple logins'
values[
'reason3'] = '- User not allowed to login at this specific time or day'
return request.render('web.login', values)
def web_login(self, redirect=None, **kw):
main.ensure_db()
config = Controller.get_config_static(request, request.session.db)
if config.get('login_cas', False) == u'True':
res = self._cas_login(redirect)
if res:
return res
if request.httprequest.method == 'GET' and redirect and \
request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(
request.session.db, request.params['login'],
request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('web.login', values)
def web_login(self, redirect=None, **kw):
openerp.addons.web.controllers.main.ensure_db()
request.params['login_success'] = False
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
request.params['login_success'] = True
if not redirect:
redirect = '/home'
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "تسجيل الدخول خاطئ "
return request.render('web.login', values)
def sudo_login_url(self):
self.ensure_one()
if not self.sudo_id:
raise Warning(_('Need a user for login'))
self.sudo_id.sudo_pw = '%032x' % random.getrandbits(256)
sudo_login_url = '%s/sudo_login_as_url?db=%s&login=%s&password=%s' % (
self.env['ir.config_parameter'].get_param('web.base.url'),
http.db_list()[0],
self.sudo_id.login,
self.sudo_id.sudo_pw,
)
url_obj = self.env['project.issue.sudo.login.url'].create(
{'sudo_login_url': sudo_login_url})
return {
'name': _('Sudo Login URL'),
'type': 'ir.actions.act_window',
'view_type': 'form',
'view_mode': 'form',
'res_model': 'project.issue.sudo.login.url',
'res_id': url_obj.id,
'view_id':
self.env.ref('project_issue_sudo.sudo_login_url_form').id,
'target': 'new',
'context': {},
}
def _check_login_duplications(self):
for db_name in http.db_list():
db = odoo.sql_db.db_connect(db_name)
with closing(db.cursor()) as cr:
cr.execute('SELECT login FROM res_users ORDER BY login')
rec = cr.fetchall()
if (self.login, ) in rec:
raise ValidationError(
_('This email already exist.Try some other one'))
def web_login(self, redirect=None, **kw):
if not request.registry.get('ir.sessions'):
return super(Home_tkobr, self).web_login(redirect=redirect, **kw)
_logger.debug('Authentication method: Home_tkobr.web_login !')
openerp.addons.web.controllers.main.ensure_db()
multi_ok = True
calendar_set = 0
calendar_ok = False
calendar_group = ''
unsuccessful_message = ''
now = datetime.now()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = False
db = request.session.db
login = request.params.get('login', None)
password = request.params.get('password', None)
(access_granted, uid,
unsuccessful_message) = self.check_session(db, login, password)
# if access_granted:
# return http.redirect_with_hash(redirect)
# >>> QTL ADD
if access_granted and uid is not False:
user = request.env['res.users'].browse(uid)
if user.has_group('website_timecheck.group_timecheck_trial'):
base_url = request.env['ir.config_parameter'].get_param(
'web.base.url')
redirect = base_url + '/shop/special_offer'
return http.redirect_with_hash(redirect)
# <<< QTL ADD
else:
request.uid = old_uid
values['error'] = _(
'Login failed due to one of the following reasons:')
values['reason1'] = _('- Wrong login/password')
values['reason2'] = _(
'- User not allowed to have multiple logins')
values['reason3'] = _(
'- User not allowed to login at this specific time or day')
return request.render('web.login', values)
def web_login(self, redirect=None, **kw):
super(Home, self).web_login(redirect, **kw)
request.params['login_success'] = False
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
# 查找账号对应员工,如果员工hr.employee在草稿或者审批中,抛出错误。
admin_group_id = request.registry[
'ir.model.data'].xmlid_to_res_id(
request.cr, SUPERUSER_ID, 'base.group_configuration')
request.cr.execute(
"SELECT uid FROM res_groups_users_rel WHERE gid=%s and uid=%s",
(admin_group_id, uid))
admin_id = request.cr.dictfetchall()
# 网站设置管理员除外,不验证
if not admin_id:
request.cr.execute(
"SELECT id FROM resource_resource WHERE user_id=%s" %
uid)
employee_ids = request.cr.dictfetchall()
if employee_ids:
for employee_id in employee_ids[0]:
request.cr.execute(
"SELECT id,state FROM hr_employee WHERE resource_id=%s and (state=%s or state=%s)",
(employee_ids[0][employee_id], 'underway',
'draft'))
results = request.cr.dictfetchall()
if results:
values['error'] = _(
"您的账号正在入职审批流程中,暂时无法使用,请耐心等待审批完成")
return request.render('web.login', values)
request.params['login_success'] = True
if not redirect:
redirect = '/web'
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = _("Wrong login/password")
return request.render('web.login', values)
def get_market_dbs(with_templates=True):
dbs = []
if with_templates:
sp = request.registry.get("saas_server.plan")
data = sp.search_read(request.cr, SI, [("state", "=", "confirmed")], ["template"])
dbs += [d["template"] for d in data]
icp = request.registry.get("ir.config_parameter")
bd = icp.get_param(request.cr, SI, "saas_portal.base_saas_domain")
dbs += [db for db in http.db_list(force=True) if db.endswith("_%s" % bd.replace(".", "_"))]
return dbs
def web_login(self, redirect=None, **kw):
'''
Except for Administrator, Do not allow user to login if
- User has no group profile
- User has group profile, but group profile has no inherited group
and access rights
'''
redirect = ''
main.ensure_db()
method = request.httprequest.method # @UndefinedVariable
if method == 'GET' and redirect and \
request.session.uid: # @UndefinedVariable
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy() # @UndefinedVariable
if not redirect:
redirect = '/web?' + \
request.httprequest.query_string # @UndefinedVariable
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST': # @UndefinedVariable
old_uid = request.uid
uid = request.session.authenticate( # @UndefinedVariable
request.session.db, # @UndefinedVariable
request.params['login'],
request.params['password'])
if uid:
# Allowing Admin to login (Admin has no profile)
if uid == 1:
return http.redirect_with_hash(redirect)
user = request.env['res.users'].sudo().browse(request.uid)
group = user.group_profile_id
group_inherits = group and group.implied_ids or False
model_access = group and group.model_access or False
if group and (group_inherits or model_access):
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
if request.env.ref('web.login', False): # @UndefinedVariable
return request.render('web.login', values) # @UndefinedVariable
else:
# probably not an odoo compatible database
error = 'Unable to login on database %s' % \
request.session.db # @UndefinedVariable
return werkzeug.utils.redirect(
'/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, **kw):
openerp.addons.web.controllers.main.ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
abc = get_my_conf()
values = request.params.copy()
values['title'] = abc.get('title')
values['power_by'] = abc.get('power_by')
logo = abc.get('logo')
icon = abc.get('icon') or ""
if logo:
fh = open(
'%s/%s' % (os.path.dirname(__file__).replace(
'controllers', ""), 'static/src/img/company_logo.gif'),
'wb')
fh.write(logo.decode('base64'))
fh.close()
# if icon:
fh = open(
'%s/%s' % (os.path.dirname(__file__).replace(
'controllers', ""), 'static/src/img/favicon.ico'), 'wb')
fh.write(icon.decode('base64'))
fh.close()
values['logo'] = abc.get('logo')
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
if request.env.ref('web.login', False):
return request.render('web.login', values)
else:
# probably not an odoo compatible database
error = 'Unable to login on database %s' % request.session.db
return werkzeug.utils.redirect(
'/web/database/selector?error=%s' % error, 303)
def get_market_dbs(with_templates=True):
dbs = []
if with_templates:
sp = request.registry.get('saas_portal.plan')
data = sp.search_read(request.cr, SI, [('state', '=', 'confirmed')],
['template'])
dbs += [d['template'] for d in data]
icp = request.registry.get('ir.config_parameter')
bd = icp.get_param(request.cr, SI, 'saas_portal.base_saas_domain')
dbs += [db for db in http.db_list(force=True) if db.endswith('_%s' % bd)]
return dbs
def get_market_dbs(with_templates=True):
dbs = []
if with_templates:
sp = request.registry.get('saas_portal.plan')
data = sp.search_read(request.cr, SI, [('state', '=', 'confirmed')],
['template'])
dbs += [d['template'] for d in data]
icp = request.registry.get('ir.config_parameter')
bd = icp.get_param(request.cr, SI, 'saas_portal.base_saas_domain')
dbs += [db for db in http.db_list(force=True) if db.endswith('_%s' % bd)]
return dbs
def consume(self, path):
db = request.httprequest.headers.environ['HTTP_X_HUB_STORE']
user = request.httprequest.headers.environ.get('HTTP_X_HUB_USER', 'admin')
pwd = request.httprequest.headers.environ.get('HTTP_X_HUB_TOKEN', 'admin')
if db in http.db_list(force=True):
uid = request.session.authenticate(db, user, pwd)
if uid is not False:
action, model = path.split('_')
flow_obj = request.registry.models.get('cenit.flow')
context = {'sender': 'client', 'action': action}
flow_obj.receive(request.cr, request.uid, model,
request.jsonrequest[model], context)
return False
def selector(self, **kw):
try:
dbs = http.db_list()
if not dbs:
return http.local_redirect('/web/database/manager')
except openerp.exceptions.AccessDenied:
dbs = False
loader = jinja2.PackageLoader('openerp.addons.ob_web_replace', "views")
env = jinja2.Environment(loader=loader, autoescape=True)
return env.get_template("database_selector.html").render({
'databases': dbs,
'debug': request.debug,
})
def web_login(self, redirect=None, **kw):
"""redefind function to make username in login case-insensitive
"""
ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
username_lcase = (request.params['login']).lower()
login_list = {}
params_login = ''
users = request.registry['res.users'].search(
request.cr, openerp.SUPERUSER_ID, [('id', '>', 0)])
for user in request.registry['res.users'].browse(
request.cr, openerp.SUPERUSER_ID, users):
login_list[user.login.lower()] = user.login
for user2 in login_list:
if request.params['login'].lower() == user2:
params_login = login_list[user2]
uid = request.session.authenticate(request.session.db,
params_login,
request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = _("Wrong login/password")
if request.env.ref('web.login', False):
return request.render('web.login', values)
else:
# probably not an odoo compatible database
error = 'Unable to login on database %s' % request.session.db
return werkzeug.utils.redirect(
'/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, adminlogin=None, **kw):
# _logger.info('---------------------- web_login ')
dbname = getattr(request.session, 'db', None)
if not dbname:
return werkzeug.utils.redirect(get_base_url() + '/')
if adminlogin or request.httprequest.method == 'POST':
Session().logout()
main.ensure_db()
if request.httprequest.method == 'GET' and \
redirect and request.session.uid:
return werkzeug.utils.redirect(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = get_base_url() + '/web?' + \
request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db,
request.params['login'],
request.params['password'])
if uid is not False:
return werkzeug.utils.redirect(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('web.login', values)
config = self.get_config(dbname)
if config['login_cas']:
if redirect:
# _logger.info('----------------------' + get_base_url() +
# '/auth_cas?app=' + redirect)
return werkzeug.utils.redirect(get_base_url() +
'/auth_cas?app=' + redirect)
else:
return werkzeug.utils.redirect(get_base_url() + '/auth_cas')
else:
return werkzeug.utils.redirect(get_base_url() + '/web')
def selector(self, **kw):
abc = get_my_conf()
try:
dbs = http.db_list()
if not dbs:
return http.local_redirect('/web/database/manager')
except openerp.exceptions.AccessDenied:
dbs = False
return env.get_template("gts_database_selector.html").render({
'databases': dbs,
'debug': request.debug,
'error': kw.get('error'),
'power_by': abc.get('power_by'),
'title': abc.get('title')
})
def selector(self, **kw):
try:
dbs = http.db_list()
if not dbs:
return http.local_redirect('/web/database/manager')
except openerp.exceptions.AccessDenied:
dbs = False
return env.get_template("database_selector_backend.html").render({
'databases':
dbs,
'debug':
request.debug,
'error':
kw.get('error')
})
def consume(self, path):
db = request.httprequest.headers.environ['HTTP_X_HUB_STORE']
user = request.httprequest.headers.environ.get('HTTP_X_HUB_USER',
'admin')
pwd = request.httprequest.headers.environ.get('HTTP_X_HUB_TOKEN',
'admin')
if db in http.db_list(force=True):
uid = request.session.authenticate(db, user, pwd)
if uid is not False:
action, model = path.split('_')
flow_obj = request.registry.models.get('cenit.flow')
context = {'sender': 'client', 'action': action}
flow_obj.receive(request.cr, request.uid, model,
request.jsonrequest[model], context)
return False
def selector(self, **kw):
try:
dbs = http.db_list()
if not dbs:
return http.local_redirect('/web/database/manager')
except openerp.exceptions.AccessDenied:
dbs = False
loader = jinja2.PackageLoader('openerp.addons.ob_web_replace', "views")
env = jinja2.Environment(loader=loader, autoescape=True)
return env.get_template("database_selector.html").render({
'databases':
dbs,
'debug':
request.debug,
})
def web_login(self, redirect=None, adminlogin=None, **kw):
# _logger.info('---------------------- web_login ')
dbname = getattr(request.session, 'db', None)
if not dbname:
return werkzeug.utils.redirect(get_base_url() + '/')
if adminlogin or request.httprequest.method == 'POST':
Session().logout()
main.ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return werkzeug.utils.redirect(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = get_base_url() + '/web?' + \
request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(
request.session.db, request.params['login'], request.params['password'])
if uid is not False:
return werkzeug.utils.redirect(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('web.login', values)
config = self.get_config(dbname)
if config['login_cas']:
if redirect:
# _logger.info('----------------------' + get_base_url() + '/auth_cas?app=' + redirect)
return werkzeug.utils.redirect(get_base_url() + '/auth_cas?app=' + redirect)
else:
return werkzeug.utils.redirect(get_base_url() + '/auth_cas')
else:
return werkzeug.utils.redirect(get_base_url() + '/web')
def selector(self, redirecturl='mobile/sample', **kw):
"""Returns the database selector using jinja template
moving to login form for authentication.
:param redirecturl path: redirection url
:return: html for selector
"""
try:
dbs = http.db_list()
if not dbs:
return http.local_redirect('/web/database/manager')
except openerp.exceptions.AccessDenied:
dbs = False
return env.get_template("database_selector.html").render({
'databases': dbs,
'debug': request.debug,
'redirect_url': redirecturl
})
def web_login(self, redirect=None, **kw):
#ensure_db()
if (request.httprequest.method == 'GET' and
redirect and
request.session.uid
):
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
serial_id = request.params['serial_id']
users_obj = request.registry.get('res.users')
user_vals = users_obj.search_read(
request.cr, openerp.SUPERUSER_ID,
[('serial_id', '=', serial_id)],
['id', 'login']
)
if user_vals:
login = user_vals[0]['login']
password = serial_id
uid = request.session.authenticate(
request.session.db, login, password
)
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = _('Wrong Serial Id')
return request.render('login_serial.login', values)
def _render_template(self, **d):
"""
TO DO: Change database manager html
Change Logo select database
Change Title
"""
d.setdefault('manage', True)
d['insecure'] = openerp.tools.config['admin_passwd'] == 'admin'
d['list_db'] = openerp.tools.config['list_db']
d['langs'] = openerp.service.db.exp_list_lang()
# databases list
d['databases'] = []
try:
d['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
monodb = super(DatabaseSelector, self).db_monodb()
if monodb:
d['databases'] = [monodb]
return env.get_template("epal_database_manager.html").render(d)
def web_login(self, redirect=None, **kw):
ensure_db()
processed_params = None
if redirect:
result = urlparse.urlparse(redirect)
if 'code' in urlparse.parse_qs(result.fragment):
processed_params = urlparse.parse_qs(result.fragment)
elif 'code' in urlparse.parse_qs(result.query):
processed_params = urlparse.parse_qs(result.query)
elif 'code' in urlparse.parse_qs(result.params):
processed_params = urlparse.parse_qs(result.query)
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
elif request.httprequest.method == 'GET' and redirect and processed_params:
user = self.get_user_id(processed_params)
if user:
uid = request.session.authenticate(request.session.db, login=user[0], password='******',
uid=user[1])
if uid is not False:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/mobile?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('odoosoft_mobile.login', values)
def _render_template(self, **d):
d.setdefault('manage', True)
d['insecure'] = openerp.tools.config['admin_passwd'] == 'admin'
d['list_db'] = openerp.tools.config['list_db']
d['langs'] = openerp.service.db.exp_list_lang()
d['countries'] = openerp.service.db.exp_list_countries()
website_id = request.env['website'].sudo().search([])
d['company_name'] = website_id and website_id[0].company_name
d['favicon_url'] = website_id and website_id[0].favicon_url or ''
d['company_logo_url'] = website_id and website_id[0].company_logo_url or ''
# databases list
d['databases'] = []
try:
d['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
monodb = db_monodb()
if monodb:
d['databases'] = [monodb]
return env.get_template("database_manager_extend.html").render(d)
def cenit_post(self, action, root=None):
status_code = 400
environ = request.httprequest.headers.environ.copy()
key = environ.get('HTTP_X_HUB_STORE', False)
token = environ.get('HTTP_X_HUB_ACCESS_TOKEN', False)
db_name = environ.get('HTTP_TENANT_DB', False)
if not db_name:
host = environ.get('HTTP_HOST', "")
db_name = host.replace(".", "_")
if db_name in http.db_list():
registry = RegistryManager.get(db_name)
with registry.cursor() as cr:
connection_model = registry['cenit.connection']
domain = [('key', '=', key), ('token', '=', token)]
rc = connection_model.search(cr, SUPERUSER_ID, domain)
if rc:
p = inflect.engine()
flow_model = registry['cenit.flow']
context = {'sender': 'client', 'action': action}
if root is None:
for root, data in request.jsonrequest.items():
root = p.singular_noun(root) or root
rc = flow_model.receive (cr, SUPERUSER_ID, root,
data, context)
if rc:
status_code = 200
else:
root = p.singular_noun(root) or root
rc = flow_model.receive (cr, SUPERUSER_ID, root,
request.jsonrequest, context)
if rc:
status_code = 200
else:
status_code = 404
return {'status': status_code}
def web_login(self, redirect=None, **kw):
#ensure_db()
if (request.httprequest.method == 'GET' and redirect
and request.session.uid):
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
serial_id = request.params['serial_id']
users_obj = request.registry.get('res.users')
user_vals = users_obj.search_read(request.cr, openerp.SUPERUSER_ID,
[('serial_id', '=', serial_id)],
['id', 'login'])
if user_vals:
login = user_vals[0]['login']
password = serial_id
uid = request.session.authenticate(request.session.db, login,
password)
if uid is not False:
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = _('Wrong Serial Id')
return request.render('login_serial.login', values)
def web_login(self, redirect=None, **kw):
main.ensure_db()
request.params['login_success'] = False
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = odoo.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except odoo.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
database = 'Backoffice24'
for db_name in odoo.service.db.list_dbs(force=False):
db = odoo.sql_db.db_connect(db_name)
with closing(db.cursor()) as cr:
cr.execute('SELECT login FROM res_users ORDER BY login')
rec = cr.fetchall()
if (request.params['login'],) in rec:
database = db_name
break
odoo.tools.config['dbfilter'] = database
username = request.params['login']
uid = request.session.authenticate(database, username, request.params['password'])
if uid is not False:
request.params['login_success'] = True
if not redirect:
redirect = '/web'
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = _("Wrong login/password")
return request.render('web.login', values)
def web_login(self, redirect=None, **kw):
ensure_db()
if request.httprequest.method == 'GET' and redirect and request.session.uid:
return http.redirect_with_hash(redirect)
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
if not redirect:
redirect = '/web?' + request.httprequest.query_string
values['redirect'] = redirect
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if request.httprequest.method == 'POST':
old_uid = request.uid
uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
cr, context = request.cr, request.context
pos_session = request.registry('pos.session')
def check_contraints(config_id):
check, value = False,None
domain = [
('state', '!=', 'closed'),
('config_id', '=', config_id)
]
if pos_session.search_count(cr, uid, domain, context=context)>0:
check, value = True, "You cannot create two active sessions related to the same point of sale. Contact Administrator!"
domain = [
('state', 'not in', ('closed','closing_control')),
('user_id', '=', uid)
]
if pos_session.search_count(cr, uid, domain, context=context)>0:
check, value = True, "You cannot create two active sessions with the same responsible. Contact Administrator!"
return check, value
if uid is not False:
user = request.registry['res.users'].browse(cr, uid, uid, context)
is_manager = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_manager")
if not is_manager:
is_user = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_user")
if is_user:
current_user = request.registry('res.users').browse(cr, uid, uid, context= context)
pos_config_id = current_user.pos_config and current_user.pos_config.id or False
if not pos_config_id:
r = request.registry('pos.config').search(cr, uid, [], context=context)
pos_config_id = r and r[0] or False
check, error = check_contraints(pos_config_id)
if check:
values['error'] = error
return request.render('web.login', values)
session_id = pos_session.create(cr, uid, {'user_id' : uid,'config_id' : pos_config_id}, context=context)
if pos_session.browse(cr, uid, session_id, context=context).state == 'opened':
redirect = redirect.replace("/web","/pos/web")
else:
#To do code for manager
pass
return http.redirect_with_hash(redirect)
request.uid = old_uid
values['error'] = "Wrong login/password"
return request.render('web.login', values)
def mobile_login(self, *args, **kw):
"""
Logs a :class:`user<base.res_users>` in (HTTP POST), redirecting
to the task list. If username or password is invalid, the login
page response is returned with a message. For HTTP GET, the
the login page response is returned.
:returns: Either task list or login response objects
:rtype: :class:`http.Response<openerp.http.Response>`
"""
if not request.uid:
request.uid = openerp.SUPERUSER_ID
values = request.params.copy()
try:
values['databases'] = http.db_list()
except openerp.exceptions.AccessDenied:
values['databases'] = None
if 'database' in values:
database_legit = values['database'] in values['databases']
if database_legit:
values['databases'] = [values['database']]
login_template = env.get_template('login.html')
if request.httprequest.method == 'GET':
response = request.make_response(
login_template.render(
stylesheet=URLS['stylesheet'],
logo=URLS['logo'],
form_action=URLS['login'],
errors='',
databases=values['databases']
)
)
response.set_cookie(
'session_id',
value=request.session_id,
max_age=3600
)
return response
if request.httprequest.method == 'POST':
# TODO: Refactor to better manage the 'card pin' use case
card_pin = request.params.get('card_pin', None)
if card_pin:
nfc_api = request.registry['res.users']
user_id = nfc_api.get_user_id_from_card_pin(
request.cr, request.uid, card_pin)
user_login = nfc_api.get_user_login_from_user_id(
request.cr, request.uid, user_id)
if user_id is not False:
request.session.db = 'nhclinical'
request.session.uid = user_id
request.session.login = user_login
request.session.password = user_login
return utils.redirect(URLS['task_list'], 303)
database = values['database'] if 'database' in values else False
if database:
uid = request.session.authenticate(
database,
request.params['username'],
request.params['password']
)
if uid is not False:
request.uid = uid
return utils.redirect(URLS['task_list'], 303)
response = request.make_response(
login_template.render(
stylesheet=URLS['stylesheet'],
logo=URLS['logo'],
form_action=URLS['login'],
errors='<div class="alert alert-error">'
'Invalid username/password</div>',
databases=values['databases']
)
)
response.set_cookie(
'session_id',
value=request.session_id,
max_age=3600
)
return response
