def approve(self, ids, context={}): print("ApproveWizard.approve", ids) obj = self.browse(ids)[0] pin_code = obj.pin_code obj.write({"pin_code": ""}) # XXX m = get_model(obj.approve_model) f = getattr(m, obj.approve_method, None) if not f: raise Exception("Invalid method %s of %s" % (obj.approve_method, obj.approve_model)) if not obj.approver_id: res = f([obj.approve_id], context=context) else: db = database.get_connection() res = db.get("SELECT pin_code FROM base_user WHERE id=%s", obj.approver_id.id) enc_pin_code = res.pin_code if not utils.check_password(pin_code, enc_pin_code): raise Exception("Wrong PIN") user_id = get_active_user() set_active_user(obj.approver_id.id) try: res = f([obj.approve_id], context=context) finally: set_active_user(user_id) return res
def check_password(self, login, password, context={}): db = database.get_connection() res = db.get("SELECT id,password FROM base_user WHERE login ILIKE %s", login) if not res: return None if not utils.check_password(password, res.password): return None return res.id
def check_pin_code(self, ids, pin_code, context={}): user_id = ids[0] db = database.get_connection() res = db.get("SELECT pin_code FROM base_user WHERE id=%s", user_id) if not res: return None if not utils.check_password(pin_code, res.pin_code): return None return True
def check_pin_code(self, ids, pin_code, context={}): user_id = ids[0] db = database.get_connection() res = db.get("SELECT pin_code FROM base_user WHERE id=%s", user_id) if not res: return None if not utils.check_password(pin_code, res.pin_code): return None return True
def check_password(self, login, password, context={}): db = database.get_connection() res = db.get("SELECT id,password FROM base_user WHERE login ILIKE %s", login) if not res: return None if not utils.check_password(password, res.password): return None return res.id