def authenticate(self, db, login=None, password=None, uid=None):
"""
Authenticate the current user with the given db, login and
password. If successful, store the authentication parameters in the
current session and request.
:param uid: If not None, that user id will be used instead the login
to authenticate the user.
"""
if uid is None:
wsgienv = request.httprequest.environ
env = dict(
base_location=request.httprequest.url_root.rstrip('/'),
HTTP_HOST=wsgienv['HTTP_HOST'],
REMOTE_ADDR=wsgienv['REMOTE_ADDR'],
)
uid = dispatch_rpc('common', 'authenticate', [db, login, password, env])
else:
security.check(db, uid, password)
self.db = db
self.uid = uid
self.login = login
self.password = password
request.uid = uid
request.disable_db = False
if uid: self.get_context()
return uid
def authenticate(self, db, login=None, password=None, uid=None):
"""
Authenticate the current user with the given db, login and password. If successful, store
the authentication parameters in the current session and request.
:param uid: If not None, that user id will be used instead the login to authenticate the user.
"""
if uid is None:
wsgienv = request.httprequest.environ
env = dict(
base_location=request.httprequest.url_root.rstrip('/'),
HTTP_HOST=wsgienv['HTTP_HOST'],
REMOTE_ADDR=wsgienv['REMOTE_ADDR'],
)
uid = openerp.netsvc.dispatch_rpc('common', 'authenticate',
[db, login, password, env])
else:
security.check(db, uid, password)
self.db = db
self.uid = uid
self.login = login
self.password = password
request.uid = uid
request.disable_db = False
if uid: self.get_context()
return uid
def check_security(self):
"""
Chech the current authentication parameters to know if those are still valid. This method
should be called at each request. If the authentication fails, a ``SessionExpiredException``
is raised.
"""
if not self.db or not self.uid:
raise SessionExpiredException("Session expired")
security.check(self.db, self.uid, self.password)
def check_security(self):
"""
Chech the current authentication parameters to know if those are still valid. This method
should be called at each request. If the authentication fails, a ``SessionExpiredException``
is raised.
"""
if not self.db or not self.uid:
raise SessionExpiredException("Session expired")
security.check(self.db, self.uid, self.password)
def request_authority(self, ids, password, model, field):
"""
Check user authentication to work with Secure field
on Secure model
@param {list} ids: recordset's ids to work with
@param {str} password: current user password to check
@param {str} model: name of Secure model
@param {str} field: name of Secure field
@param {dict} response message
"""
tokens = self.get_tokens()
model_object = request.env[model]
field_object = getattr(model_object, "_fields").get(field)
try:
# check for user authentication
security.check(request.session.db, http.request.session.uid,
password)
except AccessDenied:
return {
"token": False,
"authorized": False,
"message": "You are not authorized",
}
# check field security on record-set
records = model_object.browse(ids)
security_checks = field_object.security(records)
if not security_checks:
return {
"token": False,
"authorized": False,
"message": "You are not allowed to access this field",
}
# use token to prevent bypassing authentication process
token = self.generate_token()
# add token into the list
token and tokens.append(token)
return {
"token": token,
"authorized": True,
"message": "You are authorized",
}
