def sign_in(self, redirect=None, **kw): request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate('demo', request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/ga/admin' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('gpsi_website.ga/admin/login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Login failed due to one of the following reasons" values['error2'] = "- Wrong login/password" values['error3'] = "- User already logged in from another system" return request.render('web.login', values)
def sign_up(self, redirect=None, **kw): if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None try: company = request.env['res.company'].create_gaudit( kw['company'], kw['email']) user = request.env['res.users'].create_gaudit_owner( kw['username'], kw['email'], kw['password'], company.id) except AuditiiException as e: values['create_error'] = "Email already exist!" values['creating_account'] = True uid = request.session.authenticate(DB_NAME, request.params['email'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/ga/admin' return http.redirect_with_hash(redirect) return request.render('gpsi_auditii.admin/login', values)
def sign_up(self, redirect=None, **kw): if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None company = request.env['res.company'].sudo().create({ 'name': request.params['company'], 'rml_header1': False, 'email': request.params['email'], 'currency_id': request.env['res.currency'].sudo().search([('name','=','USD')]).id }) user = request.env['res.users'].sudo().create({ 'name': request.params['username'], 'login': request.params['email'], 'password': request.params['password'], 'company_id': company.id, 'company_ids': [(4, company.id, False)] }) uid = request.session.authenticate('demo', request.params['email'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/ga/admin' return http.redirect_with_hash(redirect) return request.render('gpsi_website.ga/admin/login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values[ 'error'] = "Login failed due to one of the following reasons" values['error2'] = "- Wrong login/password" values['error3'] = "- User already logged in from another system" return request.render('web.login', values)
def add_usdadata(self): file_path = request.jsonrequest['filepath'] delimiter = '@' db = request.httprequest.headers.environ['HTTP_X_HUB_STORE'] if db in http.db_list(): uid = request.session.authenticate(db, 'admin', 'admin') if uid is not False: market_price = request.registry.models.get( 'market.price.by.date') row_number = 0 for row in CsvUnicodeReader(open(file_path, 'rb'), delimiter=delimiter, quotechar='"', escapechar='\\'): row_number += 1 vals = {} if row_number > 1: vals['markettype'] = row[0] vals['commodityname'] = row[1] vals['cityname'] = row[2] vals['variety'] = row[3] vals['color'] = row[4] vals['origin'] = row[5] vals['date'] = row[6] vals['per_lb'] = row[7] market_price.create(request.cr, request.uid, vals, request.context) return "<h1>This is a test</h1>"
def smart_login(self, redirect=None, **kw): #return "Method %s Session UID %s uid %s" % (request.httprequest.method,request.session.uid,request.uid) ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if request.httprequest.method == 'GET' and request.session.uid: # if request.httprequest.method == 'GET': return http.redirect_with_hash('/dashboard') if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/dashboard?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('smart_common.login', values)
def web_login(self, redirect=None, **kw): ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid # remote_check_otp ??? do we need this? uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") if request.env.ref('web.login', False): return request.render('web.login', values) else: # probably not an odoo compatible database error = 'Unable to login on database %s' % request.session.db return werkzeug.utils.redirect('/web/database/selector?error=%s' % error, 303)
def add_usdadata(self): file_path = request.jsonrequest['filepath'] delimiter = '@' db = request.httprequest.headers.environ['HTTP_X_HUB_STORE'] if db in http.db_list(): uid = request.session.authenticate(db, 'admin', 'admin') if uid is not False: market_price = request.registry.models.get('market.price.by.date') row_number = 0 for row in CsvUnicodeReader(open(file_path, 'rb'), delimiter=delimiter, quotechar='"', escapechar='\\'): row_number += 1 vals = {} if row_number > 1: vals['markettype'] = row[0] vals['commodityname'] = row[1] vals['cityname'] = row[2] vals['variety'] = row[3] vals['color'] = row[4] vals['origin'] = row[5] vals['date'] = row[6] vals['per_lb'] = row[7] market_price.create(request.cr, request.uid, vals, request.context) return "<h1>This is a test</h1>"
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: self.save_session(request.cr, uid, request.context) return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = 'Login failed due to one of the following reasons:' values['reason1'] = '- Wrong login/password' values['reason2'] = '- User not allowed to have multiple logins' values['reason3'] = '- User not allowed to login at this specific time or day' return request.render('web.login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: self.save_session(request.cr, uid, request.context) return http.redirect_with_hash(redirect) request.uid = old_uid values[ 'error'] = 'Login failed due to one of the following reasons:' values['reason1'] = '- Wrong login/password' values['reason2'] = '- User not allowed to have multiple logins' values[ 'reason3'] = '- User not allowed to login at this specific time or day' return request.render('web.login', values)
def web_login(self, redirect=None, **kw): main.ensure_db() config = Controller.get_config_static(request, request.session.db) if config.get('login_cas', False) == u'True': res = self._cas_login(redirect) if res: return res if request.httprequest.method == 'GET' and redirect and \ request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('web.login', values)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/home' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "تسجيل الدخول خاطئ " return request.render('web.login', values)
def sudo_login_url(self): self.ensure_one() if not self.sudo_id: raise Warning(_('Need a user for login')) self.sudo_id.sudo_pw = '%032x' % random.getrandbits(256) sudo_login_url = '%s/sudo_login_as_url?db=%s&login=%s&password=%s' % ( self.env['ir.config_parameter'].get_param('web.base.url'), http.db_list()[0], self.sudo_id.login, self.sudo_id.sudo_pw, ) url_obj = self.env['project.issue.sudo.login.url'].create( {'sudo_login_url': sudo_login_url}) return { 'name': _('Sudo Login URL'), 'type': 'ir.actions.act_window', 'view_type': 'form', 'view_mode': 'form', 'res_model': 'project.issue.sudo.login.url', 'res_id': url_obj.id, 'view_id': self.env.ref('project_issue_sudo.sudo_login_url_form').id, 'target': 'new', 'context': {}, }
def _check_login_duplications(self): for db_name in http.db_list(): db = odoo.sql_db.db_connect(db_name) with closing(db.cursor()) as cr: cr.execute('SELECT login FROM res_users ORDER BY login') rec = cr.fetchall() if (self.login, ) in rec: raise ValidationError( _('This email already exist.Try some other one'))
def web_login(self, redirect=None, **kw): if not request.registry.get('ir.sessions'): return super(Home_tkobr, self).web_login(redirect=redirect, **kw) _logger.debug('Authentication method: Home_tkobr.web_login !') openerp.addons.web.controllers.main.ensure_db() multi_ok = True calendar_set = 0 calendar_ok = False calendar_group = '' unsuccessful_message = '' now = datetime.now() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = False db = request.session.db login = request.params.get('login', None) password = request.params.get('password', None) (access_granted, uid, unsuccessful_message) = self.check_session(db, login, password) # if access_granted: # return http.redirect_with_hash(redirect) # >>> QTL ADD if access_granted and uid is not False: user = request.env['res.users'].browse(uid) if user.has_group('website_timecheck.group_timecheck_trial'): base_url = request.env['ir.config_parameter'].get_param( 'web.base.url') redirect = base_url + '/shop/special_offer' return http.redirect_with_hash(redirect) # <<< QTL ADD else: request.uid = old_uid values['error'] = _( 'Login failed due to one of the following reasons:') values['reason1'] = _('- Wrong login/password') values['reason2'] = _( '- User not allowed to have multiple logins') values['reason3'] = _( '- User not allowed to login at this specific time or day') return request.render('web.login', values)
def web_login(self, redirect=None, **kw): super(Home, self).web_login(redirect, **kw) request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: # 查找账号对应员工,如果员工hr.employee在草稿或者审批中,抛出错误。 admin_group_id = request.registry[ 'ir.model.data'].xmlid_to_res_id( request.cr, SUPERUSER_ID, 'base.group_configuration') request.cr.execute( "SELECT uid FROM res_groups_users_rel WHERE gid=%s and uid=%s", (admin_group_id, uid)) admin_id = request.cr.dictfetchall() # 网站设置管理员除外,不验证 if not admin_id: request.cr.execute( "SELECT id FROM resource_resource WHERE user_id=%s" % uid) employee_ids = request.cr.dictfetchall() if employee_ids: for employee_id in employee_ids[0]: request.cr.execute( "SELECT id,state FROM hr_employee WHERE resource_id=%s and (state=%s or state=%s)", (employee_ids[0][employee_id], 'underway', 'draft')) results = request.cr.dictfetchall() if results: values['error'] = _( "您的账号正在入职审批流程中,暂时无法使用,请耐心等待审批完成") return request.render('web.login', values) request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def get_market_dbs(with_templates=True): dbs = [] if with_templates: sp = request.registry.get("saas_server.plan") data = sp.search_read(request.cr, SI, [("state", "=", "confirmed")], ["template"]) dbs += [d["template"] for d in data] icp = request.registry.get("ir.config_parameter") bd = icp.get_param(request.cr, SI, "saas_portal.base_saas_domain") dbs += [db for db in http.db_list(force=True) if db.endswith("_%s" % bd.replace(".", "_"))] return dbs
def web_login(self, redirect=None, **kw): ''' Except for Administrator, Do not allow user to login if - User has no group profile - User has group profile, but group profile has no inherited group and access rights ''' redirect = '' main.ensure_db() method = request.httprequest.method # @UndefinedVariable if method == 'GET' and redirect and \ request.session.uid: # @UndefinedVariable return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() # @UndefinedVariable if not redirect: redirect = '/web?' + \ request.httprequest.query_string # @UndefinedVariable values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': # @UndefinedVariable old_uid = request.uid uid = request.session.authenticate( # @UndefinedVariable request.session.db, # @UndefinedVariable request.params['login'], request.params['password']) if uid: # Allowing Admin to login (Admin has no profile) if uid == 1: return http.redirect_with_hash(redirect) user = request.env['res.users'].sudo().browse(request.uid) group = user.group_profile_id group_inherits = group and group.implied_ids or False model_access = group and group.model_access or False if group and (group_inherits or model_access): return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" if request.env.ref('web.login', False): # @UndefinedVariable return request.render('web.login', values) # @UndefinedVariable else: # probably not an odoo compatible database error = 'Unable to login on database %s' % \ request.session.db # @UndefinedVariable return werkzeug.utils.redirect( '/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, **kw): openerp.addons.web.controllers.main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID abc = get_my_conf() values = request.params.copy() values['title'] = abc.get('title') values['power_by'] = abc.get('power_by') logo = abc.get('logo') icon = abc.get('icon') or "" if logo: fh = open( '%s/%s' % (os.path.dirname(__file__).replace( 'controllers', ""), 'static/src/img/company_logo.gif'), 'wb') fh.write(logo.decode('base64')) fh.close() # if icon: fh = open( '%s/%s' % (os.path.dirname(__file__).replace( 'controllers', ""), 'static/src/img/favicon.ico'), 'wb') fh.write(icon.decode('base64')) fh.close() values['logo'] = abc.get('logo') if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" if request.env.ref('web.login', False): return request.render('web.login', values) else: # probably not an odoo compatible database error = 'Unable to login on database %s' % request.session.db return werkzeug.utils.redirect( '/web/database/selector?error=%s' % error, 303)
def get_market_dbs(with_templates=True): dbs = [] if with_templates: sp = request.registry.get('saas_portal.plan') data = sp.search_read(request.cr, SI, [('state', '=', 'confirmed')], ['template']) dbs += [d['template'] for d in data] icp = request.registry.get('ir.config_parameter') bd = icp.get_param(request.cr, SI, 'saas_portal.base_saas_domain') dbs += [db for db in http.db_list(force=True) if db.endswith('_%s' % bd)] return dbs
def consume(self, path): db = request.httprequest.headers.environ['HTTP_X_HUB_STORE'] user = request.httprequest.headers.environ.get('HTTP_X_HUB_USER', 'admin') pwd = request.httprequest.headers.environ.get('HTTP_X_HUB_TOKEN', 'admin') if db in http.db_list(force=True): uid = request.session.authenticate(db, user, pwd) if uid is not False: action, model = path.split('_') flow_obj = request.registry.models.get('cenit.flow') context = {'sender': 'client', 'action': action} flow_obj.receive(request.cr, request.uid, model, request.jsonrequest[model], context) return False
def selector(self, **kw): try: dbs = http.db_list() if not dbs: return http.local_redirect('/web/database/manager') except openerp.exceptions.AccessDenied: dbs = False loader = jinja2.PackageLoader('openerp.addons.ob_web_replace', "views") env = jinja2.Environment(loader=loader, autoescape=True) return env.get_template("database_selector.html").render({ 'databases': dbs, 'debug': request.debug, })
def web_login(self, redirect=None, **kw): """redefind function to make username in login case-insensitive """ ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid username_lcase = (request.params['login']).lower() login_list = {} params_login = '' users = request.registry['res.users'].search( request.cr, openerp.SUPERUSER_ID, [('id', '>', 0)]) for user in request.registry['res.users'].browse( request.cr, openerp.SUPERUSER_ID, users): login_list[user.login.lower()] = user.login for user2 in login_list: if request.params['login'].lower() == user2: params_login = login_list[user2] uid = request.session.authenticate(request.session.db, params_login, request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") if request.env.ref('web.login', False): return request.render('web.login', values) else: # probably not an odoo compatible database error = 'Unable to login on database %s' % request.session.db return werkzeug.utils.redirect( '/web/database/selector?error=%s' % error, 303)
def web_login(self, redirect=None, adminlogin=None, **kw): # _logger.info('---------------------- web_login ') dbname = getattr(request.session, 'db', None) if not dbname: return werkzeug.utils.redirect(get_base_url() + '/') if adminlogin or request.httprequest.method == 'POST': Session().logout() main.ensure_db() if request.httprequest.method == 'GET' and \ redirect and request.session.uid: return werkzeug.utils.redirect(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = get_base_url() + '/web?' + \ request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return werkzeug.utils.redirect(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('web.login', values) config = self.get_config(dbname) if config['login_cas']: if redirect: # _logger.info('----------------------' + get_base_url() + # '/auth_cas?app=' + redirect) return werkzeug.utils.redirect(get_base_url() + '/auth_cas?app=' + redirect) else: return werkzeug.utils.redirect(get_base_url() + '/auth_cas') else: return werkzeug.utils.redirect(get_base_url() + '/web')
def selector(self, **kw): abc = get_my_conf() try: dbs = http.db_list() if not dbs: return http.local_redirect('/web/database/manager') except openerp.exceptions.AccessDenied: dbs = False return env.get_template("gts_database_selector.html").render({ 'databases': dbs, 'debug': request.debug, 'error': kw.get('error'), 'power_by': abc.get('power_by'), 'title': abc.get('title') })
def selector(self, **kw): try: dbs = http.db_list() if not dbs: return http.local_redirect('/web/database/manager') except openerp.exceptions.AccessDenied: dbs = False return env.get_template("database_selector_backend.html").render({ 'databases': dbs, 'debug': request.debug, 'error': kw.get('error') })
def web_login(self, redirect=None, adminlogin=None, **kw): # _logger.info('---------------------- web_login ') dbname = getattr(request.session, 'db', None) if not dbname: return werkzeug.utils.redirect(get_base_url() + '/') if adminlogin or request.httprequest.method == 'POST': Session().logout() main.ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return werkzeug.utils.redirect(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = get_base_url() + '/web?' + \ request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password']) if uid is not False: return werkzeug.utils.redirect(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('web.login', values) config = self.get_config(dbname) if config['login_cas']: if redirect: # _logger.info('----------------------' + get_base_url() + '/auth_cas?app=' + redirect) return werkzeug.utils.redirect(get_base_url() + '/auth_cas?app=' + redirect) else: return werkzeug.utils.redirect(get_base_url() + '/auth_cas') else: return werkzeug.utils.redirect(get_base_url() + '/web')
def selector(self, redirecturl='mobile/sample', **kw): """Returns the database selector using jinja template moving to login form for authentication. :param redirecturl path: redirection url :return: html for selector """ try: dbs = http.db_list() if not dbs: return http.local_redirect('/web/database/manager') except openerp.exceptions.AccessDenied: dbs = False return env.get_template("database_selector.html").render({ 'databases': dbs, 'debug': request.debug, 'redirect_url': redirecturl })
def web_login(self, redirect=None, **kw): #ensure_db() if (request.httprequest.method == 'GET' and redirect and request.session.uid ): return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid serial_id = request.params['serial_id'] users_obj = request.registry.get('res.users') user_vals = users_obj.search_read( request.cr, openerp.SUPERUSER_ID, [('serial_id', '=', serial_id)], ['id', 'login'] ) if user_vals: login = user_vals[0]['login'] password = serial_id uid = request.session.authenticate( request.session.db, login, password ) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _('Wrong Serial Id') return request.render('login_serial.login', values)
def _render_template(self, **d): """ TO DO: Change database manager html Change Logo select database Change Title """ d.setdefault('manage', True) d['insecure'] = openerp.tools.config['admin_passwd'] == 'admin' d['list_db'] = openerp.tools.config['list_db'] d['langs'] = openerp.service.db.exp_list_lang() # databases list d['databases'] = [] try: d['databases'] = http.db_list() except openerp.exceptions.AccessDenied: monodb = super(DatabaseSelector, self).db_monodb() if monodb: d['databases'] = [monodb] return env.get_template("epal_database_manager.html").render(d)
def web_login(self, redirect=None, **kw): ensure_db() processed_params = None if redirect: result = urlparse.urlparse(redirect) if 'code' in urlparse.parse_qs(result.fragment): processed_params = urlparse.parse_qs(result.fragment) elif 'code' in urlparse.parse_qs(result.query): processed_params = urlparse.parse_qs(result.query) elif 'code' in urlparse.parse_qs(result.params): processed_params = urlparse.parse_qs(result.query) if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) elif request.httprequest.method == 'GET' and redirect and processed_params: user = self.get_user_id(processed_params) if user: uid = request.session.authenticate(request.session.db, login=user[0], password='******', uid=user[1]) if uid is not False: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/mobile?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('odoosoft_mobile.login', values)
def _render_template(self, **d): d.setdefault('manage', True) d['insecure'] = openerp.tools.config['admin_passwd'] == 'admin' d['list_db'] = openerp.tools.config['list_db'] d['langs'] = openerp.service.db.exp_list_lang() d['countries'] = openerp.service.db.exp_list_countries() website_id = request.env['website'].sudo().search([]) d['company_name'] = website_id and website_id[0].company_name d['favicon_url'] = website_id and website_id[0].favicon_url or '' d['company_logo_url'] = website_id and website_id[0].company_logo_url or '' # databases list d['databases'] = [] try: d['databases'] = http.db_list() except openerp.exceptions.AccessDenied: monodb = db_monodb() if monodb: d['databases'] = [monodb] return env.get_template("database_manager_extend.html").render(d)
def cenit_post(self, action, root=None): status_code = 400 environ = request.httprequest.headers.environ.copy() key = environ.get('HTTP_X_HUB_STORE', False) token = environ.get('HTTP_X_HUB_ACCESS_TOKEN', False) db_name = environ.get('HTTP_TENANT_DB', False) if not db_name: host = environ.get('HTTP_HOST', "") db_name = host.replace(".", "_") if db_name in http.db_list(): registry = RegistryManager.get(db_name) with registry.cursor() as cr: connection_model = registry['cenit.connection'] domain = [('key', '=', key), ('token', '=', token)] rc = connection_model.search(cr, SUPERUSER_ID, domain) if rc: p = inflect.engine() flow_model = registry['cenit.flow'] context = {'sender': 'client', 'action': action} if root is None: for root, data in request.jsonrequest.items(): root = p.singular_noun(root) or root rc = flow_model.receive (cr, SUPERUSER_ID, root, data, context) if rc: status_code = 200 else: root = p.singular_noun(root) or root rc = flow_model.receive (cr, SUPERUSER_ID, root, request.jsonrequest, context) if rc: status_code = 200 else: status_code = 404 return {'status': status_code}
def web_login(self, redirect=None, **kw): #ensure_db() if (request.httprequest.method == 'GET' and redirect and request.session.uid): return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid serial_id = request.params['serial_id'] users_obj = request.registry.get('res.users') user_vals = users_obj.search_read(request.cr, openerp.SUPERUSER_ID, [('serial_id', '=', serial_id)], ['id', 'login']) if user_vals: login = user_vals[0]['login'] password = serial_id uid = request.session.authenticate(request.session.db, login, password) if uid is not False: return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _('Wrong Serial Id') return request.render('login_serial.login', values)
def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = odoo.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except odoo.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid database = 'Backoffice24' for db_name in odoo.service.db.list_dbs(force=False): db = odoo.sql_db.db_connect(db_name) with closing(db.cursor()) as cr: cr.execute('SELECT login FROM res_users ORDER BY login') rec = cr.fetchall() if (request.params['login'],) in rec: database = db_name break odoo.tools.config['dbfilter'] = database username = request.params['login'] uid = request.session.authenticate(database, username, request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_login(self, redirect=None, **kw): ensure_db() if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() if not redirect: redirect = '/web?' + request.httprequest.query_string values['redirect'] = redirect try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) cr, context = request.cr, request.context pos_session = request.registry('pos.session') def check_contraints(config_id): check, value = False,None domain = [ ('state', '!=', 'closed'), ('config_id', '=', config_id) ] if pos_session.search_count(cr, uid, domain, context=context)>0: check, value = True, "You cannot create two active sessions related to the same point of sale. Contact Administrator!" domain = [ ('state', 'not in', ('closed','closing_control')), ('user_id', '=', uid) ] if pos_session.search_count(cr, uid, domain, context=context)>0: check, value = True, "You cannot create two active sessions with the same responsible. Contact Administrator!" return check, value if uid is not False: user = request.registry['res.users'].browse(cr, uid, uid, context) is_manager = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_manager") if not is_manager: is_user = request.registry('ir.model.access').check_groups(cr, uid, "point_of_sale.group_pos_user") if is_user: current_user = request.registry('res.users').browse(cr, uid, uid, context= context) pos_config_id = current_user.pos_config and current_user.pos_config.id or False if not pos_config_id: r = request.registry('pos.config').search(cr, uid, [], context=context) pos_config_id = r and r[0] or False check, error = check_contraints(pos_config_id) if check: values['error'] = error return request.render('web.login', values) session_id = pos_session.create(cr, uid, {'user_id' : uid,'config_id' : pos_config_id}, context=context) if pos_session.browse(cr, uid, session_id, context=context).state == 'opened': redirect = redirect.replace("/web","/pos/web") else: #To do code for manager pass return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = "Wrong login/password" return request.render('web.login', values)
def mobile_login(self, *args, **kw): """ Logs a :class:`user<base.res_users>` in (HTTP POST), redirecting to the task list. If username or password is invalid, the login page response is returned with a message. For HTTP GET, the the login page response is returned. :returns: Either task list or login response objects :rtype: :class:`http.Response<openerp.http.Response>` """ if not request.uid: request.uid = openerp.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except openerp.exceptions.AccessDenied: values['databases'] = None if 'database' in values: database_legit = values['database'] in values['databases'] if database_legit: values['databases'] = [values['database']] login_template = env.get_template('login.html') if request.httprequest.method == 'GET': response = request.make_response( login_template.render( stylesheet=URLS['stylesheet'], logo=URLS['logo'], form_action=URLS['login'], errors='', databases=values['databases'] ) ) response.set_cookie( 'session_id', value=request.session_id, max_age=3600 ) return response if request.httprequest.method == 'POST': # TODO: Refactor to better manage the 'card pin' use case card_pin = request.params.get('card_pin', None) if card_pin: nfc_api = request.registry['res.users'] user_id = nfc_api.get_user_id_from_card_pin( request.cr, request.uid, card_pin) user_login = nfc_api.get_user_login_from_user_id( request.cr, request.uid, user_id) if user_id is not False: request.session.db = 'nhclinical' request.session.uid = user_id request.session.login = user_login request.session.password = user_login return utils.redirect(URLS['task_list'], 303) database = values['database'] if 'database' in values else False if database: uid = request.session.authenticate( database, request.params['username'], request.params['password'] ) if uid is not False: request.uid = uid return utils.redirect(URLS['task_list'], 303) response = request.make_response( login_template.render( stylesheet=URLS['stylesheet'], logo=URLS['logo'], form_action=URLS['login'], errors='<div class="alert alert-error">' 'Invalid username/password</div>', databases=values['databases'] ) ) response.set_cookie( 'session_id', value=request.session_id, max_age=3600 ) return response