def portal_my_dms_file_download(self, dms_file_id, access_token=None, **kw): """Process user's consent acceptance or rejection.""" ensure_db() try: # If there's a website, we need a user to render the template request.uid = request.website.user_id.id except AttributeError: # If there's no website, the default is OK pass # operations res = self._dms_check_access("dms.file", dms_file_id, access_token) if not res: if access_token: return request.redirect("/") else: return request.redirect("/my") dms_file_sudo = res filecontent = base64.b64decode(dms_file_sudo.content) content_type = ["Content-Type", "application/octet-stream"] disposition_content = [ "Content-Disposition", content_disposition(dms_file_sudo.name), ] return request.make_response(filecontent, [content_type, disposition_content])
def web_login(self, *args, **kw): ensure_db() if request.httprequest.method == 'GET' and request.session.uid and request.params.get( 'redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) providers = self.list_providers() response = super(OAuthLogin, self).web_login(*args, **kw) if response.is_qweb: error = request.params.get('oauth_error') if error == '1': error = _("Sign up is not allowed on this database.") elif error == '2': error = _("Access Denied") elif error == '3': error = _( "You do not have access to this database or your invitation has expired. Please ask for an invitation and be sure to follow the link in your invitation email." ) else: error = None response.qcontext['providers'] = providers if error: response.qcontext['error'] = error return response
def OAS_json_spec_download(self, namespace_name, **kwargs): ensure_db() namespace = (http.request.env["openapi.namespace"].sudo().search([ ("name", "=", namespace_name) ])) if not namespace: raise werkzeug.exceptions.NotFound() if namespace.token != kwargs.get("token"): raise werkzeug.exceptions.Forbidden() response_params = {"headers": [("Content-Type", "application/json")]} if "download" in kwargs: response_params = { "headers": [ ("Content-Type", "application/octet-stream; charset=binary"), ("Content-Disposition", http.content_disposition("swagger.json")), ], "direct_passthrough": True, } return werkzeug.wrappers.Response(json.dumps( namespace.get_OAS(), default=date_utils.json_default), status=200, **response_params)
def web_login(self, *args, **kw): ensure_db() response = super(AuthSignupHome, self).web_login(*args, **kw) response.qcontext.update(self.get_auth_signup_config()) if request.httprequest.method == 'GET' and request.session.uid and request.params.get('redirect'): # Redirect if already logged in and redirect param is present return http.redirect_with_hash(request.params.get('redirect')) return response
def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = flectra.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except flectra.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid ip_address = request.httprequest.environ['REMOTE_ADDR'] if request.params['login']: user_rec = request.env['res.users'].sudo().search([('login', '=', request.params['login'])]) if user_rec.allowed_ips: ip_list = [] for rec in user_rec.allowed_ips: ip_list.append(rec.ip_address) if ip_address in ip_list: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") request.uid = old_uid values['error'] = _("Not allowed to login from this IP") else: uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)
def web_login(self, redirect=None, *args, **kw): ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = flectra.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except flectra.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': # Objects old_uid = request.uid db = request.session.db login = request.params.get('login', None) password = request.params.get('password', None) # Check maintenance mode result = self.check_session(db, login, password) if result: request.params['login_success'] = True else: request.uid = old_uid values['error'] = _( 'Sorry, system is under maintenance! Please, try again later.' ) if 'login' not in values and request.session.get('auth_login'): values['login'] = request.session.get('auth_login') if not flectra.tools.config['list_db']: values['disable_database_manager'] = True if request.params['login_success']: return http.redirect_with_hash('/web') response = request.render('web.login', values) response.headers['X-Frame-Options'] = 'DENY' return response
def web_login(self, *args, **kw): ensure_db() response = super(PasswordSecurityHome, self).web_login(*args, **kw) if not request.httprequest.method == 'POST': return response uid = request.session.authenticate( request.session.db, request.params['login'], request.params['password'] ) if not uid: return response users_obj = request.env['res.users'].sudo() user_id = users_obj.browse(request.uid) if not user_id._password_has_expired(): return response user_id.action_expire_password() request.session.logout(keep_db=True) redirect = user_id.partner_id.signup_url return http.redirect_with_hash(redirect)
def web_under_maintenance(self, *args, **kwargs): # Validation ensure_db() if request.env.uid != SUPERUSER_ID: raise AccessError(_("Access Denied")) # Objects redirect = request.params and 'redirect' in request.params and request.params[ 'redirect'] or '/web' ir_param = request.env['ir.config_parameter'].sudo() session_obj = request.env['ir.session'].sudo() # Toggle mode under_maintenance = 0 if bool( eval(ir_param.get_param('under_maintenance'))) else 1 ir_param.set_param('under_maintenance', under_maintenance) if under_maintenance: sessions = session_obj.search([ ('user_id', '!=', SUPERUSER_ID), ('is_logged_in', '=', True), ]) if sessions: sessions.close_sessions() # Reload return werkzeug.utils.redirect(redirect, 303)
def portal_my_dms_directory(self, dms_directory_id=False, sortby=None, filterby=None, search=None, search_in="name", access_token=None, **kw): """Process user's consent acceptance or rejection.""" ensure_db() try: # If there's a website, we need a user to render the template request.uid = request.website.user_id.id except AttributeError: # If there's no website, the default is OK pass # operations searchbar_sortings = { "name": { "label": _("Name"), "order": "name asc" } } # default sortby br if not sortby: sortby = "name" sort_br = searchbar_sortings[sortby]["order"] # search searchbar_inputs = { "name": { "input": "name", "label": _("Name") }, } if not filterby: filterby = "name" # domain domain = [("is_hidden", "=", False), ("parent_id", "=", dms_directory_id)] # search if search and search_in: search_domain = [] if search_in == "name": search_domain = OR( [search_domain, [("name", "ilike", search)]]) domain += search_domain # content according to pager and archive selected dms_directory_items = (request.env["dms.directory"].with_user( request.env.user.id).search(domain, order=sort_br)) request.session["my_dms_folder_history"] = dms_directory_items.ids # check_access res = self._dms_check_access("dms.directory", dms_directory_id, access_token) if not res: if access_token: return request.redirect("/") else: return request.redirect("/my") dms_directory_sudo = res # dms_files_count domain = [ ("is_hidden", "=", False), ("directory_id", "=", dms_directory_id), ] # search if search and search_in: search_domain = [] if search_in == "name": search_domain = OR( [search_domain, [("name", "ilike", search)]]) domain += search_domain # items dms_file_items = (request.env["dms.file"].with_user( request.env.user.id).search(domain, order=sort_br)) request.session["my_dms_file_history"] = dms_file_items.ids dms_parent_categories = dms_directory_sudo.with_user( request.env.user.id)._get_parent_categories(access_token) # values values = { "dms_directories": dms_directory_items.sudo(), "page_name": "dms_directory", "default_url": "/my/dms", "searchbar_sortings": searchbar_sortings, "searchbar_inputs": searchbar_inputs, "search_in": search_in, "sortby": sortby, "filterby": filterby, "access_token": access_token, "dms_directory": dms_directory_sudo, "dms_files": dms_file_items.sudo(), "dms_parent_categories": dms_parent_categories, } return request.render("dms.portal_my_dms", values)
def web_login(self, redirect=None, **kw): main.ensure_db() request.params['login_success'] = False if request.httprequest.method == 'GET' and redirect and request.session.uid: return http.redirect_with_hash(redirect) if not request.uid: request.uid = flectra.SUPERUSER_ID values = request.params.copy() try: values['databases'] = http.db_list() except flectra.exceptions.AccessDenied: values['databases'] = None if request.httprequest.method == 'POST': old_uid = request.uid uid = request.session.authenticate(request.session.db, request.params['login'], request.params['password']) if uid is not False: user_rec = request.env['res.users'].sudo().search([('id', '=', uid)]) if user_rec.partner_id.email and user_rec.has_group( 'user_login_alert.receive_login_notification'): send_mail = 0 agent = request.httprequest.environ.get('HTTP_USER_AGENT') agent_details = httpagentparser.detect(agent) user_os = agent_details['os']['name'] browser_name = agent_details['browser']['name'] ip_address = request.httprequest.environ['REMOTE_ADDR'] if user_rec.last_logged_ip and user_rec.last_logged_browser and user_rec.last_logged_os: if user_rec.last_logged_ip != ip_address or user_rec.last_logged_browser != browser_name or user_rec.last_logged_os != user_os: send_mail = 1 user_rec.last_logged_ip = ip_address user_rec.last_logged_browser = browser_name user_rec.last_logged_os = user_os else: send_mail = 0 else: send_mail = 1 user_rec.last_logged_ip = ip_address user_rec.last_logged_browser = browser_name user_rec.last_logged_os = user_os if send_mail == 1: email_to = user_rec.partner_id.email current_date_time = strftime("%Y-%m-%d %H:%M:%S", gmtime()) message_body = 'Hi ' + user_rec.name + ' , Your account has been ' \ 'accessed successfully. The details of the ' \ 'system from which the account is accessed ...,' message_body += '<table border="1" width="100%" cellpadding="0" bgcolor="#ededed">' message_body += '<tr><td>' + 'OS' + '</td>' \ '<td>' + user_os + '</td>' \ '</tr>'\ '<tr><td>' + 'Browser' + '</td>' \ '<td>' + browser_name + '</td>' \ '</tr>'\ '<tr><td>' + 'IP Address' + '</td>' \ '<td>' + ip_address + '</td>' \ '</tr>' message_body += '</table>' message_body += 'Thank you' template_obj = request.env['mail.mail'] template_data = { 'subject': 'Login Alert : ' + current_date_time, 'body_html': message_body, 'email_from': request.env.user.company_id.email, 'email_to': email_to } template_id = template_obj.create(template_data) template_obj.send(template_id) request.params['login_success'] = True if not redirect: redirect = '/web' return http.redirect_with_hash(redirect) request.uid = old_uid values['error'] = _("Wrong login/password") return request.render('web.login', values)