Ejemplo n.º 1
0
    def smart_login(self, redirect=None, **kw):
        #return "Method %s Session UID %s uid %s" % (request.httprequest.method,request.session.uid,request.uid)

        ensure_db()
        if request.httprequest.method == 'GET' and redirect and request.session.uid:
            return http.redirect_with_hash(redirect)
            
        if request.httprequest.method == 'GET' and request.session.uid:
#        if request.httprequest.method == 'GET':
            return http.redirect_with_hash('/dashboard')

        if not request.uid:
            request.uid = openerp.SUPERUSER_ID

        values = request.params.copy()
        if not redirect:
            redirect = '/dashboard?' + request.httprequest.query_string
        values['redirect'] = redirect

        try:
            values['databases'] = http.db_list()
        except openerp.exceptions.AccessDenied:
            values['databases'] = None

        if request.httprequest.method == 'POST':
            old_uid = request.uid
            uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
            request.uid = old_uid
            values['error'] = "Wrong login/password"
        return request.render('smart_common.login', values)
Ejemplo n.º 2
0
    def web_login(self, *args, **kw):
        ensure_db()
        if request.httprequest.method == 'GET' and request.session.uid and request.params.get(
                'redirect'):
            # Redirect if already logged in and redirect param is present
            return http.redirect_with_hash(request.params.get('redirect'))
        providers = self.list_providers()

        response = super(OAuthLogin, self).web_login(*args, **kw)
        if response.is_qweb:
            error = request.params.get('oauth_error')
            if error == '1':
                error = _("Sign up is not allowed on this database.")
            elif error == '2':
                error = _("Access Denied")
            elif error == '3':
                error = _(
                    "You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email."
                )
            else:
                error = None

            response.qcontext['providers'] = providers
            if error:
                response.qcontext['error'] = error

        return response
Ejemplo n.º 3
0
 def web_client(self, s_action=None, **kw):
     main.ensure_db()
     try:
         self._bind_http_remote_user(http.request.session.db)
     except http.AuthenticationError:
         return werkzeug.exceptions.Unauthorized().get_response()
     return super(Home, self).web_client(s_action, **kw)
Ejemplo n.º 4
0
    def OAS_json_spec_download(self, namespace_name, **kwargs):
        ensure_db()
        namespace = (http.request.env["openapi.namespace"].sudo().search([
            ("name", "=", namespace_name)
        ]))
        if not namespace:
            raise werkzeug.exceptions.NotFound()
        if namespace.token != kwargs.get("token"):
            raise werkzeug.exceptions.Forbidden()

        response_params = {"headers": [("Content-Type", "application/json")]}
        if "download" in kwargs:
            response_params = {
                "headers": [
                    ("Content-Type",
                     "application/octet-stream; charset=binary"),
                    ("Content-Disposition",
                     content_disposition("swagger.json")),
                ],
                "direct_passthrough":
                True,
            }

        return werkzeug.wrappers.Response(json.dumps(namespace.get_OAS()),
                                          status=200,
                                          **response_params)
Ejemplo n.º 5
0
    def tokeninfo(self, access_token=None, *args, **kwargs):
        """ Return some information about the supplied token

        Similar to Google's "tokeninfo" request
        """
        ensure_db()
        token = self._check_access_token(access_token)
        if not token:
            return self._json_response(
                data={'error': 'invalid_or_expired_token'}, status=401)

        token_lifetime = (fields.Datetime.from_string(token.expires_at) -
                          datetime.now()).seconds
        # Base data to return
        data = {
            'audience': token.client_id.identifier,
            'scopes': ' '.join(token.scope_ids.mapped('code')),
            'expires_in': token_lifetime,
        }

        # Add the oauth user identifier, if user's information access is
        # allowed by the token's scopes
        user_data = token.get_data_for_model('res.users',
                                             res_id=token.user_id.id)
        if 'id' in user_data:
            data.update(user_id=token.generate_user_id())
        return self._json_response(data=data)
Ejemplo n.º 6
0
    def smart_login(self, redirect=None, **kw):
        #return "Method %s Session UID %s uid %s" % (request.httprequest.method,request.session.uid,request.uid)

        ensure_db()
        if request.httprequest.method == 'GET' and redirect and request.session.uid:
            return http.redirect_with_hash(redirect)

        if request.httprequest.method == 'GET' and request.session.uid:
            #        if request.httprequest.method == 'GET':
            return http.redirect_with_hash('/dashboard')

        if not request.uid:
            request.uid = openerp.SUPERUSER_ID

        values = request.params.copy()
        if not redirect:
            redirect = '/dashboard?' + request.httprequest.query_string
        values['redirect'] = redirect

        try:
            values['databases'] = http.db_list()
        except openerp.exceptions.AccessDenied:
            values['databases'] = None

        if request.httprequest.method == 'POST':
            old_uid = request.uid
            uid = request.session.authenticate(request.session.db,
                                               request.params['login'],
                                               request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
            request.uid = old_uid
            values['error'] = "Wrong login/password"
        return request.render('smart_common.login', values)
Ejemplo n.º 7
0
    def web_login(self, redirect=None, **kw):
        main.ensure_db()
        config = Controller.get_config_static(request, request.session.db)
        if config.get('login_cas', False) == u'True':
            res = self._cas_login(redirect)
            if res:
                return res

        if request.httprequest.method == 'GET' and redirect and \
           request.session.uid:
            return http.redirect_with_hash(redirect)

        if not request.uid:
            request.uid = openerp.SUPERUSER_ID

        values = request.params.copy()
        if not redirect:
            redirect = '/web?' + request.httprequest.query_string
        values['redirect'] = redirect

        try:
            values['databases'] = http.db_list()
        except openerp.exceptions.AccessDenied:
            values['databases'] = None

        if request.httprequest.method == 'POST':
            old_uid = request.uid
            uid = request.session.authenticate(
                request.session.db, request.params['login'],
                request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
            request.uid = old_uid
            values['error'] = "Wrong login/password"
        return request.render('web.login', values)
Ejemplo n.º 8
0
    def get_discover_meeting(self):

        main.ensure_db()

        REGISTER_USER_ID =\
            int(request.env['ir.config_parameter'].sudo(
            ).get_param('register_user_id'))
        captcha_site_key = request.env['ir.config_parameter'].sudo().get_param(
            'captcha_site_key')

        # Get event available
        event_obj = request.registry['event.event']
        event_ids = event_obj.search(request.cr, REGISTER_USER_ID, [
            ('is_discovery_meeting', '=', True),
            ('state', '=', 'confirm'),
            ('date_begin', '>=', fields.Datetime.to_string(datetime.now())),
        ])
        events = event_obj.browse(request.cr, REGISTER_USER_ID, event_ids,
                                  context=request.context)
        available_events = events.filtered(
            lambda e: not (e.seats_availability == 'limited' and
                           e.seats_available < 1))
        datas = self.prepare_data_events(available_events)

        event_config = request.env['event.config.settings'].sudo().search(
            [], limit=1, order="id desc"
        )
        value = {
            'datas': datas,
            'captcha_site_key': captcha_site_key,
            'description': event_config and event_config.description or "",
            'notice': event_config and event_config.notice or ""
        }
        return request.render("coop_membership.register_form", value)
Ejemplo n.º 9
0
    def revoke_token(self, token=None, *args, **kwargs):
        """ Revoke the supplied token """
        ensure_db()
        body = oauthlib.common.urlencode(
            http.request.httprequest.values.items())
        db_token = http.request.env['oauth.provider.token'].search([
            ('token', '=', token),
        ])
        if not db_token:
            db_token = http.request.env['oauth.provider.token'].search([
                ('refresh_token', '=', token),
            ])
        if not db_token:
            return self._json_response(
                data={'error': 'invalid_or_expired_token'}, status=401)
        oauth2_server = db_token.client_id.get_oauth2_server()

        # Retrieve needed arguments for oauthlib methods
        uri, http_method, body, headers = self._get_request_information()

        headers, body, status = oauth2_server.create_revocation_response(
            uri, http_method=http_method, body=body, headers=headers)
        return werkzeug.wrappers.BaseResponse(body,
                                              status=status,
                                              headers=headers)
Ejemplo n.º 10
0
 def web_client(self, s_action=None, **kw):
     main.ensure_db()
     try:
         self._bind_http_remote_user(http.request.session.db)
     except http.AuthenticationError:
         return werkzeug.exceptions.Unauthorized().get_response()
     return super(Home, self).web_client(s_action, **kw)
Ejemplo n.º 11
0
 def web_login(self, *args, **kw):
     ensure_db()
     dbname = request.session.db
     registry = RegistryManager.get(dbname)
     #cr = registry.cursor()
     cr = request.cr
     response = super(LockoutSign, self).web_login(*args, **kw)
     if response.is_qweb and response.qcontext.has_key('error'):
         error = response.qcontext['error']
         if error:
             if request.httprequest.method == 'POST':
                 old_uid = request.uid
                 company_ids = pooler.get_pool(
                     request.session.db).get('res.company').search(
                         cr, SUPERUSER_ID, [])
                 company = pooler.get_pool(
                     request.session.db).get('res.company').browse(
                         cr, SUPERUSER_ID, company_ids[0])
                 attempt_cnt = company.attempt_cnt
                 unlock_after = company.lockouttime_id.value
                 unlock_after_name = company.lockouttime_id.name
                 uid = request.session.authenticate(
                     request.session.db, request.params['login'],
                     request.params['password'])
                 if uid is False:
                     uloginids = pooler.get_pool(
                         request.session.db).get('res.users').search(
                             cr, SUPERUSER_ID,
                             [('login', '=', request.params['login'])])
                     for lid in pooler.get_pool(
                             request.session.db).get('res.users').browse(
                                 cr, SUPERUSER_ID, uloginids):
                         if lid.flg_userlocked:
                             if unlock_after == 0:
                                 error = 'Your Login is temporarily Locked. Please Contact Administrator to Unlock it.'
                             else:
                                 error = 'Your Login is temporarily Locked. Please try after ' + unlock_after_name
                         else:
                             wronglogin_cnt = lid.wronglogin_cnt and lid.wronglogin_cnt + 1 or 1
                             pooler.get_pool(
                                 request.session.db).get('res.users').write(
                                     cr, SUPERUSER_ID, [lid.id],
                                     {'wronglogin_cnt': wronglogin_cnt})
                             if int(lid.wronglogin_cnt) >= int(attempt_cnt):
                                 pooler.get_pool(
                                     request.session.db
                                 ).get('res.users').write(
                                     cr, SUPERUSER_ID, [lid.id], {
                                         'flg_userlocked':
                                         True,
                                         'userlocked_datetime':
                                         time.strftime('%Y-%m-%d %H:%M:%S')
                                     })
                                 if unlock_after == 0:
                                     error = 'Your Login is temporarily Locked. Please Contact Administrator to Unlock it.'
                                 else:
                                     error = 'Your Login is temporarily Locked. Please try after ' + unlock_after_name
             response.qcontext['error'] = error
     return response
Ejemplo n.º 12
0
 def web_login(self, *args, **kw):
     ensure_db()
     response = super(AuthSignupHome, self).web_login(*args, **kw)
     response.qcontext.update(self.get_auth_signup_config())
     if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
         # Redirect if already logged in and redirect param is present
         return http.redirect_with_hash(request.params.get('redirect'))
     return response
Ejemplo n.º 13
0
 def web_login(self, *args, **kw):
     ensure_db()
     response = super(AuthSignupHome, self).web_login(*args, **kw)
     response.qcontext.update(self.get_auth_signup_config())
     if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
         # Redirect if already logged in and redirect param is present
         return http.redirect_with_hash(request.params.get('redirect'))
     return response
Ejemplo n.º 14
0
    def public_key(self, client_id=None, *args, **kwargs):
        """ Returns the public key of the requested client """
        ensure_db()

        client = http.request.env['oauth.provider.client'].sudo().search([
            ('identifier', '=', client_id),
        ])
        return werkzeug.wrappers.BaseResponse(
            client.jwt_public_key or '', status=200)
Ejemplo n.º 15
0
 def web_login(self, redirect=None, **kw):
     ensure_db()
     param_model = request.env['ir.config_parameter']
     suspended = param_model.sudo().get_param('saas_client.suspended', '0')
     page_for_suspended = param_model.sudo().get_param(
         'saas_client.page_for_suspended', '/')
     if suspended == '1':
         return werkzeug.utils.redirect(page_for_suspended, 303)
     return super(SaaSClientLogin, self).web_login(redirect, **kw)
Ejemplo n.º 16
0
 def web_login(self, *args, **kw):
     ensure_db()
     response = super(WebInherit, self).web_login(*args, **kw)
     if request.session.get('offer'):
         response.qcontext.update(
             {'redirect': '/offers/apply/' + str(request.session['offer'])})
     else:
         response.qcontext.update({'redirect': '/my/home/'})
     return response
Ejemplo n.º 17
0
    def get_discover_meeting_again(self, **post):

        main.ensure_db()

        REGISTER_USER_ID =\
            int(request.env['ir.config_parameter'].sudo(
            ).get_param('register_user_id'))
        captcha_site_key = request.env['ir.config_parameter'].sudo().get_param(
            'captcha_site_key')

        # Get event available
        event_obj = request.registry['event.event']
        event_ids = event_obj.search(request.cr, REGISTER_USER_ID, [
            ('is_discovery_meeting', '=', True),
            ('state', '!=', 'cancel'),
            ('date_begin', '>=', fields.Datetime.to_string(datetime.now())),
        ])
        events = event_obj.browse(request.cr,
                                  REGISTER_USER_ID,
                                  event_ids,
                                  context=request.context)
        available_events = events.filtered(
            lambda e: not (e.seats_availability == 'limited' and e.
                           seats_available < 1 and e.state == 'confirm'))
        datas = self.prepare_data_events(available_events)

        name = post.get('name', False)
        email = post.get('email', False)
        first_name = post.get('first_name', False)
        sex = post.get('sex', False)
        mobile = post.get('mobile', False)
        phone = post.get('phone', False)
        street1 = post.get('street1', False)
        street2 = post.get('street2', False)
        city = post.get('city', False)
        zipcode = post.get('zipcode', False)
        social_registration = post.get('social_registration', False)
        dob = post.get('dob', False)

        value = {
            'name': name,
            'email': email,
            'first_name': first_name,
            'sex': sex,
            'mobile': mobile,
            'phone': phone,
            'street1': street1,
            'street2': street2,
            'city': city,
            'social_registration': social_registration,
            'zipcode': zipcode,
            'dob': dob,
            'datas': datas,
            'captcha_site_key': captcha_site_key,
        }
        return request.render("coop_membership.register_again_form", value)
Ejemplo n.º 18
0
    def web_login(self, redirect=None, **kw):
        '''
        Except for Administrator, Do not allow user to login if
            - User has no group profile
            - User has group profile, but group profile has no inherited group
                and access rights
        '''
        redirect = ''
        main.ensure_db()
        method = request.httprequest.method  # @UndefinedVariable
        if method == 'GET' and redirect and \
                request.session.uid:  # @UndefinedVariable
            return http.redirect_with_hash(redirect)

        if not request.uid:
            request.uid = openerp.SUPERUSER_ID

        values = request.params.copy()  # @UndefinedVariable
        if not redirect:
            redirect = '/web?' + \
                request.httprequest.query_string  # @UndefinedVariable
        values['redirect'] = redirect

        try:
            values['databases'] = http.db_list()
        except openerp.exceptions.AccessDenied:
            values['databases'] = None

        if request.httprequest.method == 'POST':  # @UndefinedVariable
            old_uid = request.uid
            uid = request.session.authenticate(  # @UndefinedVariable
                request.session.db,  # @UndefinedVariable
                request.params['login'],
                request.params['password'])
            if uid:
                # Allowing Admin to login (Admin has no profile)
                if uid == 1:
                    return http.redirect_with_hash(redirect)

                user = request.env['res.users'].sudo().browse(request.uid)
                group = user.group_profile_id
                group_inherits = group and group.implied_ids or False
                model_access = group and group.model_access or False
                if group and (group_inherits or model_access):
                    return http.redirect_with_hash(redirect)
            request.uid = old_uid
            values['error'] = "Wrong login/password"
        if request.env.ref('web.login', False):  # @UndefinedVariable
            return request.render('web.login', values)  # @UndefinedVariable
        else:
            # probably not an odoo compatible database
            error = 'Unable to login on database %s' % \
                request.session.db  # @UndefinedVariable
            return werkzeug.utils.redirect(
                '/web/database/selector?error=%s' % error, 303)
Ejemplo n.º 19
0
    def web_client(self, s_action=None, **kw):
        ensure_db()
        if request.session.uid:
            if kw.get('redirect'):
                return werkzeug.utils.redirect(kw.get('redirect'), 303)
            if not request.uid:
                request.uid = request.session.uid

            menu_data = request.registry['ir.ui.menu'].load_menus(request.cr, request.uid, context=request.context)
            return request.render('odoosoft_mobile.client', qcontext={'menu_data': menu_data})
            # return request.render('web.webclient_bootstrap', qcontext={'menu_data': menu_data})
        else:
            return login_redirect()
Ejemplo n.º 20
0
    def userinfo(self, access_token=None, *args, **kwargs):
        """ Return some information about the user linked to the supplied token

        Similar to Google's "userinfo" request
        """
        ensure_db()
        token = self._check_access_token(access_token)
        if not token:
            return self._json_response(
                data={'error': 'invalid_or_expired_token'}, status=401)

        data = token.get_data_for_model('res.users', res_id=token.user_id.id)
        return self._json_response(data=data)
Ejemplo n.º 21
0
    def login_register(self, redirect=None, **kw):
        #response = self.web_login_shop(*args, **kw)
        web.ensure_db()

        values = request.params.copy()
        if not redirect:
            redirect = '/shop?' + request.httprequest.query_string
        values['redirect'] = redirect
            
        response = self.web_login(redirect=redirect, **kw)
        if isinstance(response, LazyResponse):
            values = dict(response.params['values'], disable_footer=True)
            response = request.website.render(response.params['template'], values)
        return response
Ejemplo n.º 22
0
    def web_login(self, redirect=None, adminlogin=None, **kw):
        #         _logger.info('---------------------- web_login ')
        dbname = getattr(request.session, 'db', None)
        if not dbname:
            return werkzeug.utils.redirect(get_base_url() + '/')

        if adminlogin or request.httprequest.method == 'POST':
            Session().logout()
            main.ensure_db()
            if request.httprequest.method == 'GET' and \
                    redirect and request.session.uid:
                return werkzeug.utils.redirect(redirect)

            if not request.uid:
                request.uid = openerp.SUPERUSER_ID

            values = request.params.copy()
            if not redirect:
                redirect = get_base_url() + '/web?' + \
                    request.httprequest.query_string
            values['redirect'] = redirect

            try:
                values['databases'] = http.db_list()
            except openerp.exceptions.AccessDenied:
                values['databases'] = None

            if request.httprequest.method == 'POST':
                old_uid = request.uid
                uid = request.session.authenticate(request.session.db,
                                                   request.params['login'],
                                                   request.params['password'])
                if uid is not False:
                    return werkzeug.utils.redirect(redirect)
                request.uid = old_uid
                values['error'] = "Wrong login/password"
            return request.render('web.login', values)

        config = self.get_config(dbname)
        if config['login_cas']:
            if redirect:
                # _logger.info('----------------------' + get_base_url() +
                # '/auth_cas?app=' + redirect)
                return werkzeug.utils.redirect(get_base_url() +
                                               '/auth_cas?app=' + redirect)
            else:
                return werkzeug.utils.redirect(get_base_url() + '/auth_cas')
        else:
            return werkzeug.utils.redirect(get_base_url() + '/web')
Ejemplo n.º 23
0
    def login_register(self, redirect=None, **kw):
        #response = self.web_login_shop(*args, **kw)
        web.ensure_db()

        values = request.params.copy()
        if not redirect:
            redirect = '/shop?' + request.httprequest.query_string
        values['redirect'] = redirect

        response = self.web_login(redirect=redirect, **kw)
        if isinstance(response, LazyResponse):
            values = dict(response.params['values'], disable_footer=True)
            response = request.website.render(response.params['template'],
                                              values)
        return response
Ejemplo n.º 24
0
    def web_client(self, s_action=None, **kw):
        ensure_db()
        if not request.session.uid:
            return werkzeug.utils.redirect('/web/login', 303)
        if kw.get('redirect'):
            return werkzeug.utils.redirect(kw.get('redirect'), 303)

        request.uid = request.session.uid
        context = request.env['ir.http'].webclient_rendering_context()

        subscription_status = request.env['ir.config_parameter'].sudo(
        ).get_param('subscription_status')

        if request.uid == 1:
            return request.render('web.webclient_bootstrap', qcontext=context)

        if subscription_status == "trial":
            trial_expiration_date = request.env['ir.config_parameter'].sudo(
            ).get_param('trial_expiration_date')
            trial_expiration_date = datetime.strptime(
                trial_expiration_date, tools.DEFAULT_SERVER_DATETIME_FORMAT)
            days_left = abs((trial_expiration_date - datetime.now()).days)
            hours_left = abs(
                (trial_expiration_date - datetime.now()).seconds) / 3600

            if datetime.now() > trial_expiration_date:
                saas_server_url = request.env['ir.config_parameter'].sudo(
                ).get_param('saas_server_url')

                #Trial has expired so show them a screen to subscribe
                return request.render('sythil_saas_client.saas_trial_expired',
                                      {'saas_server_url': saas_server_url})
            else:

                context['trail_days'] = days_left
                context['trail_hours'] = hours_left
                context['subscription_status'] = subscription_status

                #Show them the web with the trial banner
                return request.render('web.webclient_bootstrap',
                                      qcontext=context)
        elif subscription_status == "canceled":
            return "You have cenceled your subscription and will have to resubscribe to regain access"
        elif subscription_status == "subscribed":
            return request.render('web.webclient_bootstrap', qcontext=context)

        #Failsafe just show them the regular view
        return request.render('web.webclient_bootstrap', qcontext=context)
Ejemplo n.º 25
0
    def web_client(self, s_action=None, **kw):
        ensure_db()
        if not request.session.uid:
            return werkzeug.utils.redirect('/web/login', 303)
        if kw.get('redirect'):
            return werkzeug.utils.redirect(kw.get('redirect'), 303)

        request.uid = request.session.uid
        context = request.env['ir.http'].webclient_rendering_context()
        request.env['ir.ui.menu'].clear_caches()
        menu_data = request.env['ir.ui.menu'].load_menus(request.debug)

        return request.render('web.webclient_bootstrap', qcontext=context)


# vim:expandtab:smartindent:tabstop=4:softtabstop=4:shiftwidth=4:
Ejemplo n.º 26
0
    def redirect(self, **args):

        ensure_db()
        if not request.session.uid:
            return werkzeug.utils.redirect('/web/login', 303)

        request.uid = request.session.uid

        if len(args) != 1:
            _logger.debug("Wrong number of GET parameters ({})".format(args))
            return werkzeug.utils.redirect('/web')

        key, value = args.popitem()
        rule_model = request.env['base_simple_urls.redirect_rule']
        matching_rule = rule_model.search([('get_variable', '=', key)])

        if not matching_rule:
            _logger.debug(
                "Redirect rule for GET parameters not found ({})".format(args))
            return werkzeug.utils.redirect('/web')
        ''' Do a case insensitive search to the model and field defined in the
        redirect rule, e.g. product.product's default_code field '''
        target_model = request.env[matching_rule[0].model_id.model]
        if matching_rule[0].field_id.ttype == 'integer':
            matching_ids = target_model.search([
                (matching_rule[0].field_id.name, '=', value)
            ])
        else:
            matching_ids = target_model.search([
                (matching_rule[0].field_id.name, '=ilike', value)
            ])

        if len(matching_ids) != 1:
            _logger.debug(
                "Wrong number of search results. GET parameters: {}".format(
                    args))
            return werkzeug.utils.redirect('/web')
        ''' Form the URL and redirect the user '''
        url_params = {
            'view_type': 'form',
            'model': matching_rule[0].model_id.model,
            'id': matching_ids[0].id,
            'action': matching_rule[0].action_id.id,
        }

        url_string = '/web#{}'.format(werkzeug.url_encode(url_params))
        return werkzeug.utils.redirect(url_string)
Ejemplo n.º 27
0
 def web_login(self, *args, **kw):
     ensure_db()
     response = super(PasswordSecurityHome, self).web_login(*args, **kw)
     if not request.httprequest.method == 'POST':
         return response
     uid = request.session.authenticate(request.session.db,
                                        request.params['login'],
                                        request.params['password'])
     if not uid:
         return response
     users_obj = request.env['res.users'].sudo()
     user_id = users_obj.browse(request.uid)
     if not user_id._password_has_expired():
         return response
     user_id.action_expire_password()
     redirect = user_id.partner_id.signup_url
     return http.redirect_with_hash(redirect)
Ejemplo n.º 28
0
    def otherinfo(self, access_token=None, model=None, *args, **kwargs):
        """ Return allowed information about the requested model """
        ensure_db()
        token = self._check_access_token(access_token)
        if not token:
            return self._json_response(
                data={'error': 'invalid_or_expired_token'}, status=401)

        model_obj = http.request.env['ir.model'].search([
            ('model', '=', model),
        ])
        if not model_obj:
            return self._json_response(data={'error': 'invalid_model'},
                                       status=400)

        data = token.get_data_for_model(model)
        return self._json_response(data=data)
Ejemplo n.º 29
0
    def web_login(self, redirect=None, adminlogin=None, **kw):
        #         _logger.info('---------------------- web_login ')
        dbname = getattr(request.session, 'db', None)
        if not dbname:
            return werkzeug.utils.redirect(get_base_url() + '/')

        if adminlogin or request.httprequest.method == 'POST':
            Session().logout()
            main.ensure_db()
            if request.httprequest.method == 'GET' and redirect and request.session.uid:
                return werkzeug.utils.redirect(redirect)

            if not request.uid:
                request.uid = openerp.SUPERUSER_ID

            values = request.params.copy()
            if not redirect:
                redirect = get_base_url() + '/web?' + \
                    request.httprequest.query_string
            values['redirect'] = redirect

            try:
                values['databases'] = http.db_list()
            except openerp.exceptions.AccessDenied:
                values['databases'] = None

            if request.httprequest.method == 'POST':
                old_uid = request.uid
                uid = request.session.authenticate(
                    request.session.db, request.params['login'], request.params['password'])
                if uid is not False:
                    return werkzeug.utils.redirect(redirect)
                request.uid = old_uid
                values['error'] = "Wrong login/password"
            return request.render('web.login', values)

        config = self.get_config(dbname)
        if config['login_cas']:
            if redirect:
                #                 _logger.info('----------------------' + get_base_url() +  '/auth_cas?app=' + redirect)
                return werkzeug.utils.redirect(get_base_url() + '/auth_cas?app=' + redirect)
            else:
                return werkzeug.utils.redirect(get_base_url() + '/auth_cas')
        else:
            return werkzeug.utils.redirect(get_base_url() + '/web')
Ejemplo n.º 30
0
    def web_client(self, s_action=None, menu=None, **kw):
        main.ensure_db()

        if request.session.uid:
            if kw.get('redirect'):
                return werkzeug.utils.redirect(kw.get('redirect'), 303)
            if not request.uid:
                request.uid = request.session.uid

        else:
            #             return login_redirect_cas()
            return werkzeug.utils.redirect(get_base_url() + '/auth_cas')

        if menu:
            request.context['menu'] = menu
        menu_data = request.registry['ir.ui.menu'].load_menu(
            request.cr, request.uid, context=request.context)
        return request.render('web.webclient_bootstrap', qcontext={'menu_data': menu_data})
Ejemplo n.º 31
0
 def web_login(self, *args, **kw):
     ensure_db()
     response = super(PasswordSecurityHome, self).web_login(*args, **kw)
     if not request.httprequest.method == 'POST':
         return response
     uid = request.session.authenticate(
         request.session.db,
         request.params['login'],
         request.params['password']
     )
     if not uid:
         return response
     users_obj = request.env['res.users'].sudo()
     user_id = users_obj.browse(request.uid)
     if not user_id._password_has_expired():
         return response
     user_id.action_expire_password()
     redirect = user_id.partner_id.signup_url
     return http.redirect_with_hash(redirect)
Ejemplo n.º 32
0
    def login_shop(self, redirect=None, **kw):
        #response = self.web_login_shop(*args, **kw)
        web.ensure_db()

        values = request.params.copy()
        if not redirect:
            redirect = '/shop?' + request.httprequest.query_string
        values['redirect'] = redirect
        if request.httprequest.method == 'POST':
            uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
            values['error'] = _("Wrong login/password")
            
        response = super(Home_extend, self).web_login(redirect=redirect, **kw)
        if isinstance(response, LazyResponse):
            values = dict(response.params['values'], disable_footer=True)
            response = request.website.render(response.params['template'], values)
        return response
Ejemplo n.º 33
0
    def web_login(self, redirect=None, **kw):
        ensure_db()
        processed_params = None
        if redirect:
            result = urlparse.urlparse(redirect)
            if 'code' in urlparse.parse_qs(result.fragment):
                processed_params = urlparse.parse_qs(result.fragment)
            elif 'code' in urlparse.parse_qs(result.query):
                processed_params = urlparse.parse_qs(result.query)
            elif 'code' in urlparse.parse_qs(result.params):
                processed_params = urlparse.parse_qs(result.query)

        if request.httprequest.method == 'GET' and redirect and request.session.uid:
            return http.redirect_with_hash(redirect)
        elif request.httprequest.method == 'GET' and redirect and processed_params:
            user = self.get_user_id(processed_params)
            if user:
                uid = request.session.authenticate(request.session.db, login=user[0], password='******',
                                                   uid=user[1])
                if uid is not False:
                    return http.redirect_with_hash(redirect)

        if not request.uid:
            request.uid = openerp.SUPERUSER_ID

        values = request.params.copy()
        if not redirect:
            redirect = '/mobile?' + request.httprequest.query_string
        values['redirect'] = redirect

        try:
            values['databases'] = http.db_list()
        except openerp.exceptions.AccessDenied:
            values['databases'] = None

        if request.httprequest.method == 'POST':
            old_uid = request.uid
            uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
            request.uid = old_uid
            values['error'] = "Wrong login/password"
        return request.render('odoosoft_mobile.login', values)
Ejemplo n.º 34
0
    def get_discover_meeting(self):

        main.ensure_db()

        REGISTER_USER_ID =\
            int(request.env['ir.config_parameter'].sudo(
            ).get_param('register_user_id'))

        # Get event available
        event_obj = request.registry['event.event']
        event_ids = event_obj.search(request.cr, REGISTER_USER_ID,
                                     [('is_discovery_meeting', '=', True),
                                      ('state', '=', 'confirm')])
        events = event_obj.browse(request.cr,
                                  REGISTER_USER_ID,
                                  event_ids,
                                  context=request.context)
        value = {
            'events': events,
        }
        return request.render("coop_membership.register_form", value)
Ejemplo n.º 35
0
 def consent(self, choice, consent_id, token, *args, **kwargs):
     """Process user's consent acceptance or rejection."""
     ensure_db()
     try:
         # If there's a website, we need a user to render the template
         request.uid = request.website.user_id.id
     except AttributeError:
         # If there's no website, the default is OK
         pass
     consent = request.env["privacy.consent"] \
         .with_context(subject_answering=True) \
         .sudo().browse(consent_id)
     if not (consent.exists() and consent._token() == token):
         raise NotFound
     if consent.partner_id.lang:
         consent = consent.with_context(lang=consent.partner_id.lang)
         request.context = consent.env.context
     consent.action_answer(choice == "accept", self._metadata())
     return request.render("privacy_consent.form", {
         "consent": consent,
     })
Ejemplo n.º 36
0
 def signin(self, **kw):
     # TODO faltaria implementar el redirect y no hardcodear el my/home
     ensure_db()
     partner_uuid = kw['partner_uuid']
     dbname = kw.pop('db', None)
     if not dbname:
         dbname = db_monodb()
     if not dbname:
         return werkzeug.exceptions.BadRequest()
     registry = RegistryManager.get(dbname)
     with registry.cursor() as cr:
         url = '/my/home'
         try:
             u = registry.get('res.users')
             credentials = u.partner_uuid_login(
                 cr, SUPERUSER_ID, partner_uuid)
             cr.commit()
             return login_and_redirect(*credentials, redirect_url=url)
         except:
             pass
     return set_cookie_and_redirect(url)
Ejemplo n.º 37
0
    def login_shop(self, redirect=None, **kw):
        #response = self.web_login_shop(*args, **kw)
        web.ensure_db()

        values = request.params.copy()
        if not redirect:
            redirect = '/shop?' + request.httprequest.query_string
        values['redirect'] = redirect
        if request.httprequest.method == 'POST':
            uid = request.session.authenticate(request.session.db,
                                               request.params['login'],
                                               request.params['password'])
            if uid is not False:
                return http.redirect_with_hash(redirect)
            values['error'] = _("Wrong login/password")

        response = super(Home_extend, self).web_login(redirect=redirect, **kw)
        if isinstance(response, LazyResponse):
            values = dict(response.params['values'], disable_footer=True)
            response = request.website.render(response.params['template'],
                                              values)
        return response
Ejemplo n.º 38
0
    def web_login(self, *args, **kw):
        ensure_db()
        providers = self.list_providers()

        response = super(OAuthLogin, self).web_login(*args, **kw)
        if response.is_qweb:
            error = request.params.get("oauth_error")
            if error == "1":
                error = _("Sign up is not allowed on this database.")
            elif error == "2":
                error = _("Access Denied")
            elif error == "3":
                error = _(
                    "You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email."
                )
            else:
                error = None

            response.qcontext["providers"] = providers
            if error:
                response.qcontext["error"] = error

        return response
Ejemplo n.º 39
0
    def webhook_issue(self, issue_id=None, **kw):
        ensure_db()
        request.uid = openerp.SUPERUSER_ID
        env = request.env
        backend = env['jira.backend'].search([('use_webhooks', '=', True)],
                                             limit=1)
        if not backend:
            _logger.warning('Received a webhook from Jira but cannot find a '
                            'Jira backend with webhooks activated')
            return

        action = request.jsonrequest['webhookEvent']

        worklog = request.jsonrequest['issue']
        issue_id = worklog['id']

        session = ConnectorSession.from_env(env)
        if action == 'jira:issue_deleted':
            delete_record.delay(session, 'jira.project.task', backend.id,
                                issue_id)
        else:
            import_record.delay(session, 'jira.project.task', backend.id,
                                issue_id)
Ejemplo n.º 40
0
    def web_login(self, *args, **kw):
        ensure_db()
        if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
            # Redirect if already logged in and redirect param is present
            return http.redirect_with_hash(request.params.get('redirect'))
        providers = self.list_providers()

        response = super(OAuthLogin, self).web_login(*args, **kw)
        if response.is_qweb:
            error = request.params.get('oauth_error')
            if error == '1':
                error = _("Sign up is not allowed on this database.")
            elif error == '2':
                error = _("Access Denied")
            elif error == '3':
                error = _("You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email.")
            else:
                error = None

            response.qcontext['providers'] = providers
            if error:
                response.qcontext['error'] = error

        return response
Ejemplo n.º 41
0
    def web_login(self, *args, **kw):
        ensure_db()
        if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'):
            # Redirect if already logged in and redirect param is present
            return http.redirect_with_hash(request.params.get('redirect'))
        providers = self.list_providers()

        response = super(OAuthLogin, self).web_login(*args, **kw)
        if response.is_qweb:
            error = request.params.get('oauth_error')
            if error == '1':
                error = _("Sign up is not allowed on this database.")
            elif error == '2':
                error = _("Access Denied")
            elif error == '3':
                error = _("Only Email address with Hytechpro and Melimu domain is authorized to login into the application.")
            else:
                error = None

            response.qcontext['providers'] = providers
            if error:
                response.qcontext['error'] = error

        return response
Ejemplo n.º 42
0
 def web_login(self, *args, **kw):
     ensure_db()
     response = super(AuthSignupHome, self).web_login(*args, **kw)
     response.qcontext.update(self.get_auth_signup_config())
     return response
Ejemplo n.º 43
0
    def web_login(self, redirect=None, **kw):
        ensure_db()
        if request.httprequest.method == 'GET' and redirect and request.session.uid:
            return http.redirect_with_hash(redirect)

        if not request.uid:
            request.uid = openerp.SUPERUSER_ID

        values = request.params.copy()
        if not redirect:
            redirect = '/web?' + request.httprequest.query_string
        values['redirect'] = redirect

        try:
            values['databases'] = http.db_list()
        except openerp.exceptions.AccessDenied:
            values['databases'] = None

        if request.httprequest.method == 'POST':
            old_uid = request.uid
            uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password'])
            cr, context = request.cr, request.context
            pos_session = request.registry('pos.session')
            def check_contraints(config_id):
                check, value = False,None
                domain = [
                          ('state', '!=', 'closed'),
                          ('config_id', '=', config_id)
                ]
                if pos_session.search_count(cr, uid, domain, context=context)>0:
                    check, value = True, "You cannot create two active sessions related to the same point of sale. Contact Administrator!"
                domain = [
                    ('state', 'not in', ('closed','closing_control')),
                    ('user_id', '=', uid)
                ]
                if pos_session.search_count(cr, uid, domain, context=context)>0:
                    check, value = True, "You cannot create two active sessions with the same responsible. Contact Administrator!"
                return check, value
            
            if uid is not False:
                user = request.registry['res.users'].browse(cr, uid, uid, context)
                is_manager = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_manager")
                if not is_manager:
                    is_user = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_user")
                    if is_user:
                        current_user = request.registry('res.users').browse(cr, uid, uid, context= context)
                        pos_config_id = current_user.pos_config and current_user.pos_config.id or False
                        if not pos_config_id:
                            r = request.registry('pos.config').search(cr, uid, [], context=context)
                            pos_config_id = r and r[0] or False
                        check, error = check_contraints(pos_config_id)
                        if check:
                            values['error'] = error
                            return request.render('web.login', values)
                        session_id = pos_session.create(cr, uid, {'user_id' : uid,'config_id' : pos_config_id}, context=context)
                        if pos_session.browse(cr, uid, session_id, context=context).state == 'opened':
                            redirect = redirect.replace("/web","/pos/web")
                else:
                    #To do code for manager
                    pass
                return http.redirect_with_hash(redirect)
            request.uid = old_uid
            values['error'] = "Wrong login/password"
        return request.render('web.login', values)
Ejemplo n.º 44
0
    def web_login(self, redirect=None, **kw):
        if request.httprequest.method == 'POST':
            ensure_db()
            remote = request.httprequest.remote_addr
            # Get registry and cursor
            config_obj = registry(request.session.db)['ir.config_parameter']
            attempt_obj = registry(
                request.session.db)['res.authentication.attempt']
            banned_remote_obj = registry(
                request.session.db)['res.banned.remote']
            cursor = attempt_obj.pool.cursor()

            # Get Settings
            max_attempts_qty = int(config_obj.search_read(
                cursor, SUPERUSER_ID,
                [('key', '=', 'auth_brute_force.max_attempt_qty')],
                ['value'])[0]['value'])

            # Test if remote user is banned
            banned = banned_remote_obj.search(cursor, SUPERUSER_ID, [
                ('remote', '=', remote)])
            if banned:
                _logger.warning(
                    "Authentication tried from remote '%s'. The request has"
                    " been ignored because the remote has been banned after"
                    " %d attempts without success. Login tried : '%s'." % (
                        remote, max_attempts_qty, request.params['login']))
                request.params['password'] = ''

            else:
                # Try to authenticate
                result = request.session.authenticate(
                    request.session.db, request.params['login'],
                    request.params['password'])

            # Log attempt
            cursor.commit()
            attempt_obj.create(cursor, SUPERUSER_ID, {
                'attempt_date': fields.Datetime.now(),
                'login': request.params['login'],
                'remote': remote,
                'result': banned and 'banned' or (
                    result and 'successfull' or 'failed'),
            })
            cursor.commit()
            if not banned and not result:
                # Get last bad attempts quantity
                attempts_qty = len(attempt_obj.search_last_failed(
                    cursor, SUPERUSER_ID, remote))

                if max_attempts_qty <= attempts_qty:
                    # We ban the remote
                    _logger.warning(
                        "Authentication failed from remote '%s'. "
                        "The remote has been banned. Login tried : '%s'." % (
                            remote, request.params['login']))
                    banned_remote_obj.create(cursor, SUPERUSER_ID, {
                        'remote': remote,
                        'ban_date': fields.Datetime.now(),
                    })
                    cursor.commit()

                else:
                    _logger.warning(
                        "Authentication failed from remote '%s'."
                        " Login tried : '%s'. Attempt %d / %d." % (
                            remote, request.params['login'], attempts_qty,
                            max_attempts_qty))
            cursor.close()

        return super(LoginController, self).web_login(redirect=redirect, **kw)