Ejemplo n.º 1
0
    def xml(self, **kwargs):
        database = kwargs.get('database', None)
        if not database:
            database = db_monodb()
        req = odoo.http.request
        language = kwargs.get('language', None)
        if req.httprequest.method == 'GET':
            # Login
            database = kwargs.get('database', None)
            req.session.db = database
            try:
                uid = self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt: %s" % e)
                return Response('Login with Odoo user name and password',
                                401,
                                headers=[('WWW-Authenticate',
                                          'Basic realm="odoo"')])

            # As an optional extra security check we can validate a web token attached
            # to the request. It allows use to verify that the request is generated
            # from frePPLe and not from somebody else.

            # Generate data
            try:
                xp = exporter(req,
                              uid=uid,
                              database=database,
                              company=kwargs.get('company', None),
                              mode=int(kwargs.get('mode', 1)))
                # TODO Returning an iterator to stream the response back to the client and
                # to save memory on the server side
                return req.make_response(
                    ''.join([i for i in xp.run()]),
                    headers=[('Content-Type', 'application/xml;charset=utf8'),
                             ('Cache-Control',
                              'no-cache, no-store, must-revalidate'),
                             ('Pragma', 'no-cache'), ('Expires', '0')])
            except Exception as e:
                logger.exception('Error generating frePPLe XML data')
                raise InternalServerError(
                    description=
                    'Error generating frePPLe XML data: check the Odoo log file for more details'
                )
        elif req.httprequest.method == 'POST':
            # Authenticate the user
            database = req.httprequest.form.get('database', None)
            req.session.db = database
            try:
                self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt %s" % e)
                return Response('Login with Odoo user name and password',
                                401,
                                headers=[('WWW-Authenticate',
                                          'Basic realm="odoo"')])

            # Validate the company argument
            company_name = req.httprequest.form.get('company', None)
            company = None
            m = req.env['res.company']
            recs = m.search([('name', '=', company_name)], limit=1)
            for i in recs:
                company = i
            if not company:
                return Response('Invalid company name argument', 401)

            # Verify that the data was posted from frePPLe and nobody else
            try:
                webtoken = req.httprequest.form.get('webtoken', None)
                decoded = jwt.decode(webtoken,
                                     company.webtoken_key,
                                     algorithms=['HS256'])
                if self.user != decoded.get('user', None):
                    return Response('Incorrect or missing webtoken', 401)
            except:
                return Response('Incorrect or missing webtoken', 401)

            # Import the data
            try:
                ip = importer(req,
                              database=database,
                              company=company,
                              mode=req.httprequest.form.get('mode', 1))
                return req.make_response(
                    ip.run(),
                    [('Content-Type', 'text/plain'),
                     ('Cache-Control', 'no-cache, no-store, must-revalidate'),
                     ('Pragma', 'no-cache'), ('Expires', '0')])
            except Exception as e:
                logger.exception('Error processing data posted by frePPLe')
                raise InternalServerError(
                    description=
                    'Error processing data posted by frePPLe: check the Odoo log file for more details'
                )
        else:
            raise MethodNotAllowed('Only GET and POST requests are accepted')
Ejemplo n.º 2
0
    def xml(self, **kwargs):
        req = odoo.http.request
        language = kwargs.get("language", None)
        if req.httprequest.method == "GET":
            # Login
            database = kwargs.get("database", None)
            if not database:
                database = db_monodb()
            req.session.db = database
            try:
                uid = self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt: %s" % e)
                return Response(
                    "Login with Odoo user name and password",
                    401,
                    headers=[("WWW-Authenticate", 'Basic realm="odoo"')],
                )

            # As an optional extra security check we can validate a web token attached
            # to the request. It allows use to verify that the request is generated
            # from frePPLe and not from somebody else.

            # Generate data
            try:
                xp = exporter(
                    req,
                    uid=uid,
                    database=database,
                    company=kwargs.get("company", None),
                    mode=int(kwargs.get("mode", 1)),
                )
                # TODO Returning an iterator to stream the response back to the client and
                # to save memory on the server side
                return req.make_response(
                    "".join([i for i in xp.run()]),
                    headers=[
                        ("Content-Type", "application/xml;charset=utf8"),
                        ("Cache-Control",
                         "no-cache, no-store, must-revalidate"),
                        ("Pragma", "no-cache"),
                        ("Expires", "0"),
                    ],
                )
            except Exception as e:
                logger.exception("Error generating frePPLe XML data")
                raise InternalServerError(
                    description=
                    "Error generating frePPLe XML data: check the Odoo log file for more details"
                )
        elif req.httprequest.method == "POST":
            # Authenticate the user
            database = req.httprequest.form.get("database", None)
            if not database:
                database = db_monodb()
            req.session.db = database
            try:
                self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt %s" % e)
                return Response(
                    "Login with Odoo user name and password",
                    401,
                    headers=[("WWW-Authenticate", 'Basic realm="odoo"')],
                )

            # Validate the company argument
            company_name = req.httprequest.form.get("company", None)
            company = None
            m = req.env["res.company"]
            recs = m.search([("name", "=", company_name)], limit=1)
            for i in recs:
                company = i
            if not company:
                return Response("Invalid company name argument", 401)

            # Verify that the data was posted from frePPLe and nobody else
            try:
                webtoken = req.httprequest.form.get("webtoken", None)
                decoded = jwt.decode(webtoken,
                                     company.webtoken_key,
                                     algorithms=["HS256"])
                logger.warning(str(decoded))
                if self.user != decoded.get("user", None):
                    return Response("Incorrect or missing webtoken", 401)
            except Exception as e:
                logger.warning("Incorrect or missing webtoken %s " % e)
                return Response("Incorrect or missing webtoken", 401)

            # Import the data
            try:
                ip = importer(
                    req,
                    database=database,
                    company=company,
                    mode=req.httprequest.form.get("mode", 1),
                )
                return req.make_response(
                    ip.run(),
                    [
                        ("Content-Type", "text/plain"),
                        ("Cache-Control",
                         "no-cache, no-store, must-revalidate"),
                        ("Pragma", "no-cache"),
                        ("Expires", "0"),
                    ],
                )
            except Exception as e:
                logger.exception("Error processing data posted by frePPLe")
                raise InternalServerError(
                    description=
                    "Error processing data posted by frePPLe: check the Odoo log file for more details"
                )
        else:
            raise MethodNotAllowed("Only GET and POST requests are accepted")
Ejemplo n.º 3
0
    def xml(self, **kwargs):
        database = kwargs.get('database', None)
        if not database:
            database = db_monodb()
        req = odoo.http.request
        language = kwargs.get('language', None)
        if req.httprequest.method == 'GET':
            # Login
            database = kwargs.get('database', None)
            req.session.db = database
            try:
                uid = self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt: %s" % e)
                return Response(
                    'Login with Odoo user name and password', 401,
                    headers=[('WWW-Authenticate', 'Basic realm="odoo"')]
                    )

            # As an optional extra security check we can validate a web token attached
            # to the request. It allows use to verify that the request is generated
            # from frePPLe and not from somebody else.

            # Generate data
            try:
                xp = exporter(
                  req,
                  uid=uid,
                  database=database,
                  company=kwargs.get('company', None),
                  mode=int(kwargs.get('mode', 1))
                  )
                # TODO Returning an iterator to stream the response back to the client and
                # to save memory on the server side
                return req.make_response(
                    ''.join([i for i in xp.run()]),
                    headers=[
                        ('Content-Type', 'application/xml;charset=utf8'),
                        ('Cache-Control', 'no-cache, no-store, must-revalidate'),
                        ('Pragma', 'no-cache'),
                        ('Expires', '0')
                    ])
            except Exception as e:
                logger.exception('Error generating frePPLe XML data')
                raise InternalServerError(description='Error generating frePPLe XML data: check the Odoo log file for more details')
        elif req.httprequest.method == 'POST':
            # Authenticate the user
            database = req.httprequest.form.get('database', None)
            req.session.db = database
            try:
                self.authenticate(req, database, language)
            except Exception as e:
                logger.warning("Failed login attempt %s" % e)
                return Response(
                    'Login with Odoo user name and password', 401,
                    headers=[('WWW-Authenticate', 'Basic realm="odoo"')]
                    )

            # Validate the company argument
            company_name = req.httprequest.form.get('company', None)
            company = None
            m = req.env['res.company']
            recs = m.search([('name', '=', company_name)], limit=1)
            for i in recs:
              company = i
            if not company:
              return Response('Invalid company name argument', 401)

            # Verify that the data was posted from frePPLe and nobody else
            try:
              webtoken = req.httprequest.form.get('webtoken', None)
              decoded = jwt.decode(
                webtoken,
                company.webtoken_key,
                algorithms=['HS256']
                )
              if self.user != decoded.get('user', None):
                return Response('Incorrect or missing webtoken', 401)
            except:
                return Response('Incorrect or missing webtoken', 401)

            # Import the data
            try:
                ip = importer(
                  req,
                  database=database,
                  company=company,
                  mode=req.httprequest.form.get('mode', 1)
                  )
                return req.make_response(
                    ip.run(),
                    [
                        ('Content-Type', 'text/plain'),
                        ('Cache-Control', 'no-cache, no-store, must-revalidate'),
                        ('Pragma', 'no-cache'),
                        ('Expires', '0')
                    ])
            except Exception as e:
                logger.exception('Error processing data posted by frePPLe')
                raise InternalServerError(description='Error processing data posted by frePPLe: check the Odoo log file for more details')
        else:
            raise MethodNotAllowed('Only GET and POST requests are accepted')