def log_xml(self, xml_string, func):
self.ensure_one()
if self.debug_logging:
self.flush()
db_name = self._cr.dbname
# Use a new cursor to avoid rollback that could be caused by an upper method
try:
db_registry = registry(db_name)
with db_registry.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
IrLogging = env['ir.logging']
IrLogging.sudo().create({
'name': 'delivery.carrier',
'type': 'server',
'dbname': db_name,
'level': 'DEBUG',
'message': xml_string,
'path': self.delivery_type,
'func': func,
'line': 1
})
except psycopg2.Error:
pass
def _serve_attachment(cls):
env = api.Environment(request.cr, SUPERUSER_ID, request.context)
attach = env['ir.attachment'].get_serve_attachment(request.httprequest.path, extra_fields=['name', 'checksum'])
if attach:
wdate = attach[0]['__last_update']
datas = attach[0]['datas'] or b''
name = attach[0]['name']
checksum = attach[0]['checksum'] or hashlib.sha1(datas).hexdigest()
if (not datas and name != request.httprequest.path and
name.startswith(('http://', 'https://', '/'))):
return werkzeug.utils.redirect(name, 301)
response = werkzeug.wrappers.Response()
response.last_modified = wdate
response.set_etag(checksum)
response.make_conditional(request.httprequest)
if response.status_code == 304:
return response
response.mimetype = attach[0]['mimetype'] or 'application/octet-stream'
response.data = base64.b64decode(datas)
return response
def _dispatch(cls):
"""
In case of rerouting for translate (e.g. when visiting harpiya.com/fr_BE/),
_dispatch calls reroute() that returns _dispatch with altered request properties.
The second _dispatch will continue until end of process. When second _dispatch is finished, the first _dispatch
call receive the new altered request and continue.
At the end, 2 calls of _dispatch (and this override) are made with exact same request properties, instead of one.
As the response has not been sent back to the client, the visitor cookie does not exist yet when second _dispatch call
is treated in _handle_webpage_dispatch, leading to create 2 visitors with exact same properties.
To avoid this, we check if, !!! before calling super !!!, we are in a rerouting request. If not, it means that we are
handling the original request, in which we should create the visitor. We ignore every other rerouting requests.
"""
is_rerouting = hasattr(request, 'routing_iteration')
if request.session.db:
reg = registry(request.session.db)
with reg.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
request.website_routing = env['website'].get_current_website(
).id
response = super(Http, cls)._dispatch()
if not is_rerouting:
cls._register_website_track(response)
return response
def load_demo(cr, package, idref, mode, report=None):
"""
Loads demo data for the specified package.
"""
if not package.should_have_demo():
return False
try:
_logger.info("Module %s: loading demo", package.name)
with cr.savepoint(flush=False):
load_data(cr,
idref,
mode,
kind='demo',
package=package,
report=report)
return True
except Exception as e:
# If we could not install demo data for this module
_logger.warning(
"Module %s demo data failed to install, installed without demo data",
package.name,
exc_info=True)
env = api.Environment(cr, SUPERUSER_ID, {})
todo = env.ref('base.demo_failure_todo', raise_if_not_found=False)
Failure = env.get('ir.demo_failure')
if todo and Failure is not None:
todo.state = 'open'
Failure.create({'module_id': package.id, 'error': str(e)})
return False
def oea(self, **kw):
"""login user via Harpiya Account provider"""
dbname = kw.pop('db', None)
if not dbname:
dbname = db_monodb()
if not dbname:
return BadRequest()
if not http.db_filter([dbname]):
return BadRequest()
registry = registry_get(dbname)
with registry.cursor() as cr:
try:
env = api.Environment(cr, SUPERUSER_ID, {})
provider = env.ref('auth_oauth.provider_openerp')
except ValueError:
return set_cookie_and_redirect('/web?db=%s' % dbname)
assert provider._name == 'auth.oauth.provider'
state = {
'd': dbname,
'p': provider.id,
'c': {'no_user_creation': True},
}
kw['state'] = json.dumps(state)
return self.signin(**kw)
def authenticate(cls, db, login, password, user_agent_env):
""" Override to link the logged in user's res.partner to website.visitor """
uid = super(ResUsers, cls).authenticate(db, login, password,
user_agent_env)
if uid:
with cls.pool.cursor() as cr:
env = api.Environment(cr, uid, {})
visitor_sudo = env[
'website.visitor']._get_visitor_from_request()
if visitor_sudo:
partner = env.user.partner_id
partner_visitor = env['website.visitor'].with_context(
active_test=False).sudo().search([('partner_id', '=',
partner.id)])
if partner_visitor and partner_visitor.id != visitor_sudo.id:
# Link history to older Visitor and delete the newest
visitor_sudo.website_track_ids.write(
{'visitor_id': partner_visitor.id})
visitor_sudo.unlink()
# If archived (most likely by the cron for inactivity reasons), reactivate the partner's visitor
if not partner_visitor.active:
partner_visitor.write({'active': True})
else:
vals = {'partner_id': partner.id, 'name': partner.name}
visitor_sudo.write(vals)
return uid
def test_02_demo_address_and_company(self):
''' This test ensure that the company_id of the address (partner) is
correctly set and also, is not wrongly changed.
eg: new shipping should use the company of the website and not the
one from the admin, and editing a billing should not change its
company.
'''
self._setUp_multicompany_env()
so = self._create_so(self.demo_partner.id)
env = api.Environment(self.env.cr, self.demo_user.id, {})
# change also website env for `sale_get_order` to not change order partner_id
with MockRequest(env,
website=self.website.with_env(env),
sale_order_id=so.id):
# 1. Logged in user, new shipping
self.WebsiteSaleController.address(**self.default_address_values)
new_shipping = self._get_last_address(self.demo_partner)
self.assertTrue(
new_shipping.company_id != self.env.user.company_id,
"Logged in user new shipping should not get the company of the sudo() neither the one from it's partner.."
)
self.assertEqual(new_shipping.company_id, self.website.company_id,
".. but the one from the website.")
# 2. Logged in user, edit billing
self.default_address_values['partner_id'] = self.demo_partner.id
self.WebsiteSaleController.address(**self.default_address_values)
self.assertEqual(
self.demo_partner.company_id, self.company_c,
"Logged in user edited billing (the partner itself) should not get its company modified."
)
def test_03_public_user_address_and_company(self):
''' Same as test_02 but with public user '''
self._setUp_multicompany_env()
so = self._create_so(self.website.user_id.partner_id.id)
env = api.Environment(self.env.cr, self.website.user_id.id, {})
# change also website env for `sale_get_order` to not change order partner_id
with MockRequest(env,
website=self.website.with_env(env),
sale_order_id=so.id):
# 1. Public user, new billing
self.default_address_values['partner_id'] = -1
self.WebsiteSaleController.address(**self.default_address_values)
new_partner = so.partner_id
self.assertNotEqual(
new_partner, self.website.user_id.partner_id,
"New billing should have created a new partner and assign it on the SO"
)
self.assertEqual(
new_partner.company_id, self.website.company_id,
"The new partner should get the company of the website")
# 2. Public user, edit billing
self.default_address_values['partner_id'] = new_partner.id
self.WebsiteSaleController.address(**self.default_address_values)
self.assertEqual(
new_partner.company_id, self.website.company_id,
"Public user edited billing (the partner itself) should not get its company modified."
)
def _button_immediate_function(self, function):
try:
# This is done because the installation/uninstallation/upgrade can modify a currently
# running cron job and prevent it from finishing, and since the ir_cron table is locked
# during execution, the lock won't be released until timeout.
self._cr.execute("SELECT * FROM ir_cron FOR UPDATE NOWAIT")
except psycopg2.OperationalError:
raise UserError(
_("The server is busy right now, module operations are not possible at"
" this time, please try again later."))
function(self)
self._cr.commit()
api.Environment.reset()
modules.registry.Registry.new(self._cr.dbname, update_module=True)
self._cr.commit()
env = api.Environment(self._cr, self._uid, self._context)
# pylint: disable=next-method-called
config = env['ir.module.module'].next() or {}
if config.get('type') not in ('ir.actions.act_window_close', ):
return config
# reload the client; open the first available root menu
menu = env['ir.ui.menu'].search([('parent_id', '=', False)])[:1]
return {
'type': 'ir.actions.client',
'tag': 'reload',
'params': {
'menu_id': menu.id
},
}
def environment():
""" Return an environment with a new cursor for the current database; the
cursor is committed and closed after the context block.
"""
reg = registry(common.get_db_name())
with reg.cursor() as cr:
yield api.Environment(cr, SUPERUSER_ID, {})
def _auto_install_enterprise_dependencies(cr, registry):
env = api.Environment(cr, SUPERUSER_ID, {})
module_list = ['account_accountant']
module_ids = env['ir.module.module'].search([('name', 'in', module_list),
('state', '=', 'uninstalled')
])
module_ids.sudo().button_install()
def poll(self, dbname, channels, last, options=None, timeout=TIMEOUT):
if options is None:
options = {}
# Dont hang ctrl-c for a poll request, we need to bypass private
# attribute access because we dont know before starting the thread that
# it will handle a longpolling request
if not harpiya.evented:
current = threading.current_thread()
current._daemonic = True
# rename the thread to avoid tests waiting for a longpolling
current.setName("openerp.longpolling.request.%s" % current.ident)
registry = harpiya.registry(dbname)
# immediatly returns if past notifications exist
with registry.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
notifications = env['bus.bus'].poll(channels, last, options)
# immediatly returns in peek mode
if options.get('peek'):
return dict(notifications=notifications, channels=channels)
# or wait for future ones
if not notifications:
if not self.started:
# Lazy start of events listener
self.start()
event = self.Event()
for channel in channels:
self.channels.setdefault(hashable(channel), set()).add(event)
try:
event.wait(timeout=timeout)
with registry.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
notifications = env['bus.bus'].poll(channels, last, options)
except Exception:
# timeout
pass
finally:
# gc pointers to event
for channel in channels:
channel_events = self.channels.get(hashable(channel))
if channel_events and event in channel_events:
channel_events.remove(event)
return notifications
def rem_website_id_null(dbname):
db_registry = harpiya.modules.registry.Registry.new(dbname)
with api.Environment.manage(), db_registry.cursor() as cr:
env = api.Environment(cr, SUPERUSER_ID, {})
env['ir.model.fields'].search([
('name', '=', 'website_id'),
('model', '=', 'res.config.settings'),
]).unlink()
def reset_payment_provider(cr, registry, provider):
env = api.Environment(cr, SUPERUSER_ID, {})
acquirers = env['payment.acquirer'].search([('provider', '=', provider)])
acquirers.write({
'view_template_id': acquirers._get_default_view_template_id().id,
'provider': 'manual',
'state': 'disabled',
})
def uninstall_hook(cr, registry):
env = api.Environment(cr, SUPERUSER_ID, {})
code_taxes = env['account.tax'].search([('amount_type', '=', 'code')])
code_taxes.write({'amount_type': 'percent', 'active': False})
_logger.warning(
"The following taxes have been archived following 'account_tax_python' module uninstallation: %s"
% code_taxes.ids)
def _handle_exception(cls, exception):
is_frontend_request = bool(getattr(request, 'is_frontend', False))
if not is_frontend_request:
# Don't touch non frontend requests exception handling
return super(IrHttp, cls)._handle_exception(exception)
try:
response = super(IrHttp, cls)._handle_exception(exception)
if isinstance(response, Exception):
exception = response
else:
# if parent excplicitely returns a plain response, then we don't touch it
return response
except Exception as e:
if 'werkzeug' in config['dev_mode']:
raise e
exception = e
code, values = cls._get_exception_code_values(exception)
if code is None:
# Hand-crafted HTTPException likely coming from abort(),
# usually for a redirect response -> return it directly
return exception
if not request.uid:
cls._auth_method_public()
# We rollback the current transaction before initializing a new
# cursor to avoid potential deadlocks.
# If the current (failed) transaction was holding a lock, the new
# cursor might have to wait for this lock to be released further
# down the line. However, this will only happen after the
# request is done (and in fact it won't happen). As a result, the
# current thread/worker is frozen until its timeout is reached.
# So rolling back the transaction will release any potential lock
# and, since we are in a case where an exception was raised, the
# transaction shouldn't be committed in the first place.
request.env.cr.rollback()
with registry(request.env.cr.dbname).cursor() as cr:
env = api.Environment(cr, request.uid, request.env.context)
if code == 500:
_logger.error("500 Internal Server Error:\n\n%s", values['traceback'])
values = cls._get_values_500_error(env, values, exception)
elif code == 403:
_logger.warn("403 Forbidden:\n\n%s", values['traceback'])
elif code == 400:
_logger.warn("400 Bad Request:\n\n%s", values['traceback'])
try:
html = cls._get_error_html(env, code, values)
except Exception:
html = env['ir.ui.view'].render_template('http_routing.http_error', values)
return werkzeug.wrappers.Response(html, status=code, content_type='text/html;charset=utf-8')
def _create_warehouse_data(cr, registry):
""" This hook is used to add a default manufacture_pull_id, manufacture
picking_type on every warehouse. It is necessary if the mrp module is
installed after some warehouses were already created.
"""
env = api.Environment(cr, SUPERUSER_ID, {})
warehouse_ids = env['stock.warehouse'].search([('manufacture_pull_id', '=',
False)])
warehouse_ids.write({'manufacture_to_resupply': True})
def _assign_default_sms_template_picking_id(cr, registry):
env = api.Environment(cr, SUPERUSER_ID, {})
company_ids_without_default_sms_template_id = env['res.company'].search([
('stock_sms_confirmation_template_id', '=', False)
])
default_sms_template_id = env.ref('stock_sms.sms_template_data_stock_delivery', raise_if_not_found=False)
if default_sms_template_id:
company_ids_without_default_sms_template_id.write({
'stock_sms_confirmation_template_id': default_sms_template_id.id,
})
def to_python(self, value):
matching = re.match(self.regex, value)
_uid = RequestUID(value=value, match=matching, converter=self)
record_id = int(matching.group(2))
env = api.Environment(request.cr, _uid, request.context)
if record_id < 0:
# limited support for negative IDs due to our slug pattern, assume abs() if not found
if not env[self.model].browse(record_id).exists():
record_id = abs(record_id)
return env[self.model].browse(record_id)
def _create_buy_rules(cr, registry):
""" This hook is used to add a default buy_pull_id on every warehouse. It is
necessary if the purchase_stock module is installed after some warehouses
were already created.
"""
env = api.Environment(cr, SUPERUSER_ID, {})
warehouse_ids = env['stock.warehouse'].search([('buy_pull_id', '=', False)
])
for warehouse_id in warehouse_ids:
warehouse_id._create_or_update_global_routes_rules()
def uninstall_hook(cr, registry):
''' Need to reenable the `product` pricelist multi-company rule that were
disabled to be 'overridden' for multi-website purpose
'''
env = api.Environment(cr, SUPERUSER_ID, {})
pl_rule = env.ref('product.product_pricelist_comp_rule', raise_if_not_found=False)
pl_item_rule = env.ref('product.product_pricelist_item_comp_rule', raise_if_not_found=False)
multi_company_rules = pl_rule or env['ir.rule']
multi_company_rules += pl_item_rule or env['ir.rule']
multi_company_rules.write({'active': True})
def uninstall_hook(cr, registry):
env = api.Environment(cr, SUPERUSER_ID, {})
warehouses = env["stock.warehouse"].search([])
subcontracting_routes = warehouses.mapped("pbm_route_id")
warehouses.write({"pbm_route_id": False})
# Fail unlink means that the route is used somewhere (e.g. route_id on stock.rule). In this case
# we don't try to do anything.
try:
subcontracting_routes.unlink()
except:
pass
def _assign_default_nomeclature_id(cr, registry):
env = api.Environment(cr, SUPERUSER_ID, {})
company_ids_without_default_nomenclature_id = env['res.company'].search([
('nomenclature_id', '=', False)
])
default_nomenclature_id = env.ref('barcodes.default_barcode_nomenclature',
raise_if_not_found=False)
if default_nomenclature_id:
company_ids_without_default_nomenclature_id.write({
'nomenclature_id':
default_nomenclature_id.id,
})
def _auth_method_public(cls):
""" If no user logged, set the public user of current website, or default
public user as request uid.
After this method `request.env` can be called, since the `request.uid` is
set. The `env` lazy property of `request` will be correct.
"""
if not request.session.uid:
env = api.Environment(request.cr, SUPERUSER_ID, request.context)
website = env['website'].get_current_website()
if website and website.user_id:
request.uid = website.user_id.id
if not request.uid:
super(Http, cls)._auth_method_public()
def force_demo(cr):
"""
Forces the `demo` flag on all modules, and installs demo data for all installed modules.
"""
graph = harpiya.modules.graph.Graph()
cr.execute('UPDATE ir_module_module SET demo=True')
cr.execute(
"SELECT name FROM ir_module_module WHERE state IN ('installed', 'to upgrade', 'to remove')"
)
module_list = [name for (name, ) in cr.fetchall()]
graph.add_modules(cr, module_list, ['demo'])
for package in graph:
load_demo(cr, package, {}, 'init')
env = api.Environment(cr, SUPERUSER_ID, {})
env['ir.module.module'].invalidate_cache(['demo'])
def signin(self, **kw):
state = json.loads(kw['state'])
dbname = state['d']
if not http.db_filter([dbname]):
return BadRequest()
provider = state['p']
context = state.get('c', {})
registry = registry_get(dbname)
with registry.cursor() as cr:
try:
env = api.Environment(cr, SUPERUSER_ID, context)
credentials = env['res.users'].sudo().auth_oauth(provider, kw)
cr.commit()
action = state.get('a')
menu = state.get('m')
redirect = werkzeug.url_unquote_plus(state['r']) if state.get('r') else False
url = '/web'
if redirect:
url = redirect
elif action:
url = '/web#action=%s' % action
elif menu:
url = '/web#menu_id=%s' % menu
resp = login_and_redirect(*credentials, redirect_url=url)
# Since /web is hardcoded, verify user has right to land on it
if werkzeug.urls.url_parse(resp.location).path == '/web' and not request.env.user.has_group('base.group_user'):
resp.location = '/'
return resp
except AttributeError:
# auth_signup is not installed
_logger.error("auth_signup not installed on database %s: oauth sign up cancelled." % (dbname,))
url = "/web/login?oauth_error=1"
except AccessDenied:
# oauth credentials not valid, user could be on a temporary session
_logger.info('OAuth2: access denied, redirect to main page in case a valid session exists, without setting cookies')
url = "/web/login?oauth_error=3"
redirect = werkzeug.utils.redirect(url, 303)
redirect.autocorrect_location_header = False
return redirect
except Exception as e:
# signup error
_logger.exception("OAuth2: %s" % str(e))
url = "/web/login?oauth_error=2"
return set_cookie_and_redirect(url)
def _process_job(cls, job_cr, job, cron_cr):
""" Run a given job taking care of the repetition.
:param job_cr: cursor to use to execute the job, safe to commit/rollback
:param job: job to be run (as a dictionary).
:param cron_cr: cursor holding lock on the cron job row, to use to update the next exec date,
must not be committed/rolled back!
"""
try:
with api.Environment.manage():
cron = api.Environment(job_cr, job['user_id'], {
'lastcall': fields.Datetime.from_string(job['lastcall'])
})[cls._name]
# Use the user's timezone to compare and compute datetimes,
# otherwise unexpected results may appear. For instance, adding
# 1 month in UTC to July 1st at midnight in GMT+2 gives July 30
# instead of August 1st!
now = fields.Datetime.context_timestamp(cron, datetime.now())
nextcall = fields.Datetime.context_timestamp(cron, fields.Datetime.from_string(job['nextcall']))
numbercall = job['numbercall']
ok = False
while nextcall < now and numbercall:
if numbercall > 0:
numbercall -= 1
if not ok or job['doall']:
cron._callback(job['cron_name'], job['ir_actions_server_id'], job['id'])
if numbercall:
nextcall += _intervalTypes[job['interval_type']](job['interval_number'])
ok = True
addsql = ''
if not numbercall:
addsql = ', active=False'
cron_cr.execute("UPDATE ir_cron SET nextcall=%s, numbercall=%s, lastcall=%s"+addsql+" WHERE id=%s",(
fields.Datetime.to_string(nextcall.astimezone(pytz.UTC)),
numbercall,
fields.Datetime.to_string(now.astimezone(pytz.UTC)),
job['id']
))
cron.flush()
cron.invalidate_cache()
finally:
job_cr.commit()
cron_cr.commit()
def _login(cls, db, login, password):
try:
return super(Users, cls)._login(db, login, password)
except AccessDenied as e:
with registry(db).cursor() as cr:
cr.execute("SELECT id FROM res_users WHERE lower(login)=%s",
(login, ))
res = cr.fetchone()
if res:
raise e
env = api.Environment(cr, SUPERUSER_ID, {})
Ldap = env['res.company.ldap']
for conf in Ldap._get_ldap_dicts():
entry = Ldap._authenticate(conf, login, password)
if entry:
return Ldap._get_or_create_user(conf, login, entry)
raise e
def post_init(cr, registry):
""" Set the timesheet project and task on existing leave type. Do it in post_init to
be sure the internal project/task of res.company are set. (Since timesheet_generate field
is true by default, those 2 fields are required on the leave type).
"""
from harpiya import api, SUPERUSER_ID
env = api.Environment(cr, SUPERUSER_ID, {})
for hr_leave_type in env['hr.leave.type'].search([
('timesheet_generate', '=', True), ('timesheet_project_id', '=', False)
]):
company = hr_leave_type.company_id or env.company
hr_leave_type.write({
'timesheet_project_id':
company.leave_timesheet_project_id.id,
'timesheet_task_id':
company.leave_timesheet_task_id.id,
})
def uninstall_hook(cr, registry):
env = api.Environment(cr, SUPERUSER_ID, {})
teams = env['crm.team'].search([('use_opportunities', '=', False)])
teams.write({'use_opportunities': True})
