コード例 #1
0
 def user_id(self):
     if not self.view_args:
         return None
     database_name = self.view_args.get('database_name')
     if not database_name:
         return None
     auth = self.authorization
     if not auth:
         return None
     context = {'_request': self.context}
     if auth.type == 'session':
         user_id = security.check(database_name,
                                  auth.get('userid'),
                                  auth.get('session'),
                                  context=context)
     else:
         try:
             user_id = security.login(database_name,
                                      auth.username,
                                      auth,
                                      cache=False,
                                      context=context)
         except RateLimitException:
             abort(HTTPStatus.TOO_MANY_REQUESTS)
     return user_id
コード例 #2
0
    def get_userinfo(self, user, password, command=''):
        path = urlparse.urlparse(self.path).path
        dbname = urllib.unquote_plus(path.split('/', 2)[1])
        database = backend.get('Database')().connect()
        cursor = database.cursor()
        databases = database.list(cursor)
        cursor.close()
        if not dbname or dbname not in databases:
            return True
        if user:
            user = int(login(dbname, user, password, cache=False))
            if not user:
                return None
        else:
            url = urlparse.urlparse(self.path)
            query = urlparse.parse_qs(url.query)
            path = url.path[len(dbname) + 2:]
            if 'key' in query:
                key, = query['key']
                with Transaction().start(dbname, 0) as transaction:
                    database_list = Pool.database_list()
                    pool = Pool(dbname)
                    if dbname not in database_list:
                        pool.init()
                    Share = pool.get('webdav.share')
                    user = Share.get_login(key, command, path)
                    transaction.cursor.commit()
            if not user:
                return None

        Transaction().start(dbname, user, context={
            '_check_access': True,
        })
        Cache.clean(dbname)
        return user
コード例 #3
0
ファイル: webdav.py プロジェクト: Sisouvan/ogh
    def get_userinfo(self, user, password, command=''):
        path = urlparse.urlparse(self.path).path
        dbname = urllib.unquote_plus(path.split('/', 2)[1])
        database = Database().connect()
        cursor = database.cursor()
        databases = database.list(cursor)
        cursor.close()
        if not dbname or dbname not in databases:
            return True
        if user:
            user = int(login(dbname, user, password, cache=False))
            if not user:
                return None
        else:
            url = urlparse.urlparse(self.path)
            query = urlparse.parse_qs(url.query)
            path = url.path[len(dbname) + 2:]
            if 'key' in query:
                key, = query['key']
                with Transaction().start(dbname, 0) as transaction:
                    database_list = Pool.database_list()
                    pool = Pool(dbname)
                    if not dbname in database_list:
                        pool.init()
                    Share = pool.get('webdav.share')
                    user = Share.get_login(key, command, path)
                    transaction.cursor.commit()
            if not user:
                return None

        Transaction().start(dbname, user)
        Cache.clean(dbname)
        return user
コード例 #4
0
def login(request, database_name, user, parameters, language=None):
    Database = backend.get('Database')
    DatabaseOperationalError = backend.get('DatabaseOperationalError')
    try:
        Database(database_name).connect()
    except DatabaseOperationalError:
        logger.error('fail to connect to %s', database_name, exc_info=True)
        abort(404)
    context = {
        'language': language,
        '_request': request.context,
    }
    try:
        session = security.login(database_name,
                                 user,
                                 parameters,
                                 context=context)
        code = 403
    except RateLimitException:
        session = None
        code = 429
    msg = 'successful login' if session else 'bad login or password'
    logger.info('%s \'%s\' from %s using %s on database \'%s\'', msg, user,
                request.remote_addr, request.scheme, database_name)
    if not session:
        abort(code)
    return session
コード例 #5
0
ファイル: http.py プロジェクト: silpol/tryton-bef
    def parse_request(self):
        res = SimpleXMLRPCServer.SimpleXMLRPCRequestHandler.parse_request(self)
        if not res:
            return res

        if 'content-length' not in self.headers:
            self.headers['content-length'] = '0'

        url = urlparse(self.path)
        database_name = url.path.split('/')[1]
        if not database_name:
            self.tryton = {'user': None, 'session': None}
            return res
        try:
            method, up64 = self.headers['Authorization'].split(None, 1)
            if method.strip().lower() == 'basic':
                user, password = base64.decodestring(up64).split(':', 1)
                user_id, session = security.login(database_name, user,
                                                  password)
                self.tryton = {'user': user_id, 'session': session}
                return res
        except Exception:
            pass
        auth_header = {'WWW-Authenticate': 'Basic realm="Tryton"'}
        self.send_error(401, 'Unauthorized', headers=auth_header)
        return False
コード例 #6
0
ファイル: application.py プロジェクト: sm2x/tryton-restful
def login(database):
    """
    POST: Login and return user id and session
    """
    result = security.login(database, request.form['login'],
                            request.form['password'])
    if result:
        return jsonify({
            'id': result[0],
            'session': result[1],
        })
    return 'Bad Username or Password', 403
コード例 #7
0
def login(database):
    """
    POST: Login and return user id and session
    """
    result = security.login(
        database, request.form['login'], request.form['password']
    )
    if result:
        return jsonify({
            'id': result[0],
            'session': result[1],
        })
    return 'Bad Username or Password', 403
コード例 #8
0
 def user_id(self):
     database_name = self.view_args.get('database_name')
     if not database_name:
         return None
     auth = self.authorization
     if not auth:
         return None
     if auth.type == 'session':
         user_id = security.check(
             database_name, auth.get('userid'), auth.get('session'),
             context={'_request': self.context})
     else:
         user_id = security.login(
             database_name, auth.username, auth, cache=False)
     return user_id
コード例 #9
0
ファイル: wrappers.py プロジェクト: niezhiyuan1/learngit
 def user_id(self):
     database_name = self.view_args['database_name']
     auth = self.authorization
     if not auth:
         abort(401)
     if auth.type == 'session':
         user_id = security.check(
             database_name, auth.get('userid'), auth.get('session'))
         if not user_id:
             abort(403)
     else:
         user_id = security.login(
             database_name, auth.username, auth.password, cache=False)
         if not user_id:
             abort(401)
     return user_id
コード例 #10
0
ファイル: dispatcher.py プロジェクト: solutema/trytond
def login(request, database_name, user, password):
    Database = backend.get('Database')
    DatabaseOperationalError = backend.get('DatabaseOperationalError')
    try:
        Database(database_name).connect()
    except DatabaseOperationalError:
        logger.error('fail to connect to %s', database_name, exc_info=True)
        return False
    session = security.login(database_name, user, password)
    with Transaction().start(database_name, 0):
        Cache.clean(database_name)
        Cache.resets(database_name)
    msg = 'successful login' if session else 'bad login or password'
    logger.info('%s \'%s\' from %s using %s on database \'%s\'',
        msg, user, request.remote_addr, request.scheme, database_name)
    return session
コード例 #11
0
ファイル: dispatcher.py プロジェクト: coopengo/trytond
def login(request, database_name, user, password):
    Database = backend.get('Database')
    DatabaseOperationalError = backend.get('DatabaseOperationalError')
    try:
        Database(database_name).connect()
    except DatabaseOperationalError:
        logger.error('fail to connect to %s', database_name, exc_info=True)
        return False
    session = security.login(database_name, user, password)
    with Transaction().start(database_name, 0):
        Cache.clean(database_name)
        Cache.resets(database_name)
    msg = 'successful login' if session else 'bad login or password'
    logger.info('%s \'%s\' from %s using %s on database \'%s\'',
        msg, user, request.remote_addr, request.scheme, database_name)
    return session
コード例 #12
0
 def parse_request(self):
     res = SimpleXMLRPCServer.SimpleXMLRPCRequestHandler.parse_request(self)
     if not res:
         return res
     database_name = self.path[1:]
     if not database_name:
         self.tryton = {"user": None, "session": None}
         return res
     try:
         method, up64 = self.headers["Authorization"].split(None, 1)
         if method.strip().lower() == "basic":
             user, password = base64.decodestring(up64).split(":", 1)
             user_id, session = security.login(database_name, user, password)
             self.tryton = {"user": user_id, "session": session}
             return res
     except Exception:
         pass
     self.send_error(401, "Unauthorized")
     self.send_header("WWW-Authenticate", 'Basic realm="Tryton"')
     return False
コード例 #13
0
ファイル: protocol.py プロジェクト: kakamble-aiims/work
    def get_userinfo(self, user, password, command=''):
        path = urllib.parse.urlparse(self.path).path
        dbname = urllib.parse.unquote_plus(path.split('/', 2)[1])
        with Transaction().start(dbname, 0, close=True) as transaction:
            databases = transaction.database.list()
        if not dbname or dbname not in databases:
            return True
        if user:

            user = str(user)
            parameters = {'password': password}
            user = login(dbname, user, parameters, cache=False)

            if not user:
                return None
            user = int(user)
        else:
            url = urllib.parse.urlparse(self.path)
            query = urllib.parse.parse_qs(url.query)
            path = url.path[len(dbname) + 2:]
            if 'key' in query:
                key, = query['key']
                with Transaction().start(dbname, 0) as transaction:
                    database_list = Pool.database_list()
                    pool = Pool(dbname)
                    if dbname not in database_list:
                        pool.init()
                    Share = pool.get('webdav.share')
                    user = Share.get_login(key, command, path)
                    transaction.commit()
            if not user:
                return None

        Transaction().start(dbname,
                            user,
                            context={
                                '_check_access': True,
                            },
                            autocommit=True)
        Cache.clean(dbname)
        return user
コード例 #14
0
 def parse_request(self):
     res = SimpleXMLRPCServer.SimpleXMLRPCRequestHandler.parse_request(self)
     if not res:
         return res
     database_name = self.path[1:]
     if not database_name:
         self.tryton = {'user': None, 'session': None}
         return res
     try:
         method, up64 = self.headers['Authorization'].split(None, 1)
         if method.strip().lower() == 'basic':
             user, password = base64.decodestring(up64).split(':', 1)
             user_id, session = security.login(database_name, user,
                                               password)
             self.tryton = {'user': user_id, 'session': session}
             return res
     except Exception:
         pass
     self.send_error(401, 'Unauthorized')
     self.send_header("WWW-Authenticate", 'Basic realm="Tryton"')
     return False
コード例 #15
0
def login(request, database_name, user, parameters, language=None):
    try:
        backend.Database(database_name).connect()
    except backend.DatabaseOperationalError:
        logger.error('fail to connect to %s', database_name, exc_info=True)
        abort(HTTPStatus.NOT_FOUND)
    context = {
        'language': language,
        '_request': request.context,
    }
    try:
        session = security.login(database_name,
                                 user,
                                 parameters,
                                 context=context)
        code = HTTPStatus.UNAUTHORIZED
    except RateLimitException:
        session = None
        code = HTTPStatus.TOO_MANY_REQUESTS
    if not session:
        abort(code)
    return session
コード例 #16
0
def login(request, database_name, user, parameters, language=None):
    Database = backend.get('Database')
    DatabaseOperationalError = backend.get('DatabaseOperationalError')
    try:
        Database(database_name).connect()
    except DatabaseOperationalError:
        logger.error('fail to connect to %s', database_name, exc_info=True)
        abort(404)
    context = {
        'language': language,
        '_request': request.context,
    }
    try:
        session = security.login(database_name,
                                 user,
                                 parameters,
                                 context=context)
        code = 403
    except RateLimitException:
        session = None
        code = 429
    if not session:
        abort(code)
    return session
コード例 #17
0
ファイル: dispatcher.py プロジェクト: kret0s/gnuhealth-live
def dispatch(host, port, protocol, database_name, user, session, object_type,
        object_name, method, *args, **kwargs):
    Database = backend.get('Database')
    DatabaseOperationalError = backend.get('DatabaseOperationalError')
    if object_type == 'common':
        if method == 'login':
            try:
                database = Database(database_name).connect()
                cursor = database.cursor()
                cursor.close()
            except Exception:
                return False
            res = security.login(database_name, user, session)
            with Transaction().start(database_name, 0):
                Cache.clean(database_name)
                Cache.resets(database_name)
            msg = res and 'successful login' or 'bad login or password'
            logger.info('%s \'%s\' from %s:%d using %s on database \'%s\'',
                msg, user, host, port, protocol, database_name)
            return res or False
        elif method == 'logout':
            name = security.logout(database_name, user, session)
            logger.info('logout \'%s\' from %s:%d '
                'using %s on database \'%s\'',
                name, host, port, protocol, database_name)
            return True
        elif method == 'version':
            return __version__
        elif method == 'list_lang':
            return [
                ('bg_BG', 'Български'),
                ('ca_ES', 'Català'),
                ('cs_CZ', 'Čeština'),
                ('de_DE', 'Deutsch'),
                ('en_US', 'English'),
                ('es_AR', 'Español (Argentina)'),
                ('es_EC', 'Español (Ecuador)'),
                ('es_ES', 'Español (España)'),
                ('es_CO', 'Español (Colombia)'),
                ('es_MX', 'Español (México)'),
                ('fr_FR', 'Français'),
                ('hu_HU', 'Magyar'),
                ('it_IT', 'Italiano'),
                ('lt_LT', 'Lietuvių'),
                ('nl_NL', 'Nederlands'),
                ('pt_BR', 'Português (Brasil)'),
                ('ru_RU', 'Russian'),
                ('sl_SI', 'Slovenščina'),
            ]
        elif method == 'db_exist':
            try:
                database = Database(*args, **kwargs).connect()
                cursor = database.cursor()
                cursor.close(close=True)
                return True
            except Exception:
                return False
        elif method == 'list':
            if not config.getboolean('database', 'list'):
                raise Exception('AccessDenied')
            with Transaction().start(None, 0, close=True) as transaction:
                return transaction.database.list(transaction.cursor)
        elif method == 'create':
            return create(*args, **kwargs)
        elif method == 'restore':
            return restore(*args, **kwargs)
        elif method == 'drop':
            return drop(*args, **kwargs)
        elif method == 'dump':
            return dump(*args, **kwargs)
        return
    elif object_type == 'system':
        database = Database(database_name).connect()
        database_list = Pool.database_list()
        pool = Pool(database_name)
        if database_name not in database_list:
            pool.init()
        if method == 'listMethods':
            res = []
            for type in ('model', 'wizard', 'report'):
                for object_name, obj in pool.iterobject(type=type):
                    for method in obj.__rpc__:
                        res.append(type + '.' + object_name + '.' + method)
            return res
        elif method == 'methodSignature':
            return 'signatures not supported'
        elif method == 'methodHelp':
            res = []
            args_list = args[0].split('.')
            object_type = args_list[0]
            object_name = '.'.join(args_list[1:-1])
            method = args_list[-1]
            obj = pool.get(object_name, type=object_type)
            return pydoc.getdoc(getattr(obj, method))

    for count in range(config.getint('database', 'retry'), -1, -1):
        try:
            user = security.check(database_name, user, session)
        except DatabaseOperationalError:
            if count:
                continue
            raise
        break

    database_list = Pool.database_list()
    pool = Pool(database_name)
    if database_name not in database_list:
        with Transaction().start(database_name, user,
                readonly=True) as transaction:
            pool.init()
    obj = pool.get(object_name, type=object_type)

    if method in obj.__rpc__:
        rpc = obj.__rpc__[method]
    else:
        raise UserError('Calling method %s on %s %s is not allowed!'
            % (method, object_type, object_name))

    log_message = '%s.%s.%s(*%s, **%s) from %s@%s:%d/%s'
    log_args = (object_type, object_name, method, args, kwargs,
        user, host, port, database_name)

    logger.info(log_message, *log_args)
    for count in range(config.getint('database', 'retry'), -1, -1):
        with Transaction().start(database_name, user,
                readonly=rpc.readonly) as transaction:
            Cache.clean(database_name)
            try:
                c_args, c_kwargs, transaction.context, transaction.timestamp \
                    = rpc.convert(obj, *args, **kwargs)
                meth = getattr(obj, method)
                if (rpc.instantiate is None
                        or not is_instance_method(obj, method)):
                    result = rpc.result(meth(*c_args, **c_kwargs))
                else:
                    assert rpc.instantiate == 0
                    inst = c_args.pop(0)
                    if hasattr(inst, method):
                        result = rpc.result(meth(inst, *c_args, **c_kwargs))
                    else:
                        result = [rpc.result(meth(i, *c_args, **c_kwargs))
                            for i in inst]
                if not rpc.readonly:
                    transaction.cursor.commit()
            except DatabaseOperationalError:
                transaction.cursor.rollback()
                if count and not rpc.readonly:
                    continue
                raise
            except (NotLogged, ConcurrencyException, UserError, UserWarning):
                logger.debug(log_message, *log_args, exc_info=True)
                transaction.cursor.rollback()
                raise
            except Exception:
                logger.error(log_message, *log_args, exc_info=True)
                transaction.cursor.rollback()
                raise
            Cache.resets(database_name)
        with Transaction().start(database_name, 0) as transaction:
            pool = Pool(database_name)
            Session = pool.get('ir.session')
            try:
                Session.reset(session)
            except DatabaseOperationalError:
                logger.debug('Reset session failed', exc_info=True)
                # Silently fail when reseting session
                transaction.cursor.rollback()
            else:
                transaction.cursor.commit()
        logger.debug('Result: %s', result)
        return result
コード例 #18
0
def get_auth_header():
    result = security.login(DB_NAME, 'admin', 'admin')
    return 'Basic ' + base64.b64encode('%s:%s' % result)
コード例 #19
0
def get_auth_header():
    result = security.login(DB_NAME, 'admin', 'admin')
    return 'Basic ' + base64.b64encode('%s:%s' % result)
コード例 #20
0
ファイル: dispatcher.py プロジェクト: bala4901/trytond
def dispatch(host, port, protocol, database_name, user, session, object_type,
        object_name, method, *args, **kwargs):
    Database = backend.get('Database')
    DatabaseOperationalError = backend.get('DatabaseOperationalError')
    if object_type == 'common':
        if method == 'login':
            try:
                database = Database(database_name).connect()
                cursor = database.cursor()
                cursor.close()
            except Exception:
                return False
            res = security.login(database_name, user, session)
            with Transaction().start(database_name, 0):
                Cache.clean(database_name)
                Cache.resets(database_name)
            msg = res and 'successful login' or 'bad login or password'
            logger.info('%s \'%s\' from %s:%d using %s on database \'%s\'',
                msg, user, host, port, protocol, database_name)
            return res or False
        elif method == 'logout':
            name = security.logout(database_name, user, session)
            logger.info('logout \'%s\' from %s:%d '
                'using %s on database \'%s\'',
                name, host, port, protocol, database_name)
            return True
        elif method == 'version':
            return __version__
        elif method == 'list_lang':
            return [
                ('bg_BG', 'Български'),
                ('ca_ES', 'Català'),
                ('cs_CZ', 'Čeština'),
                ('de_DE', 'Deutsch'),
                ('en_US', 'English'),
                ('es_AR', 'Español (Argentina)'),
                ('es_EC', 'Español (Ecuador)'),
                ('es_ES', 'Español (España)'),
                ('es_CO', 'Español (Colombia)'),
                ('fr_FR', 'Français'),
                ('lt_LT', 'Lietuvių'),
                ('nl_NL', 'Nederlands'),
                ('ru_RU', 'Russian'),
                ('sl_SI', 'Slovenščina'),
            ]
        elif method == 'db_exist':
            try:
                database = Database(*args, **kwargs).connect()
                cursor = database.cursor()
                cursor.close(close=True)
                return True
            except Exception:
                return False
        elif method == 'list':
            if not config.getboolean('database', 'list'):
                raise Exception('AccessDenied')
            with Transaction().start(None, 0, close=True) as transaction:
                return transaction.database.list(transaction.cursor)
        elif method == 'create':
            return create(*args, **kwargs)
        elif method == 'restore':
            return restore(*args, **kwargs)
        elif method == 'drop':
            return drop(*args, **kwargs)
        elif method == 'dump':
            return dump(*args, **kwargs)
        return
    elif object_type == 'system':
        database = Database(database_name).connect()
        database_list = Pool.database_list()
        pool = Pool(database_name)
        if database_name not in database_list:
            pool.init()
        if method == 'listMethods':
            res = []
            for type in ('model', 'wizard', 'report'):
                for object_name, obj in pool.iterobject(type=type):
                    for method in obj.__rpc__:
                        res.append(type + '.' + object_name + '.' + method)
            return res
        elif method == 'methodSignature':
            return 'signatures not supported'
        elif method == 'methodHelp':
            res = []
            args_list = args[0].split('.')
            object_type = args_list[0]
            object_name = '.'.join(args_list[1:-1])
            method = args_list[-1]
            obj = pool.get(object_name, type=object_type)
            return pydoc.getdoc(getattr(obj, method))

    for count in range(config.getint('database', 'retry'), -1, -1):
        try:
            user = security.check(database_name, user, session)
        except DatabaseOperationalError:
            if count:
                continue
            raise
        break

    database_list = Pool.database_list()
    pool = Pool(database_name)
    if database_name not in database_list:
        with Transaction().start(database_name, user,
                readonly=True) as transaction:
            pool.init()
    obj = pool.get(object_name, type=object_type)

    if method in obj.__rpc__:
        rpc = obj.__rpc__[method]
    else:
        raise UserError('Calling method %s on %s %s is not allowed!'
            % (method, object_type, object_name))

    log_message = '%s.%s.%s(*%s, **%s) from %s@%s:%d/%s'
    log_args = (object_type, object_name, method, args, kwargs,
        user, host, port, database_name)

    logger.info(log_message, *log_args)
    for count in range(config.getint('database', 'retry'), -1, -1):
        with Transaction().start(database_name, user,
                readonly=rpc.readonly) as transaction:
            Cache.clean(database_name)
            try:
                c_args, c_kwargs, transaction.context, transaction.timestamp \
                    = rpc.convert(obj, *args, **kwargs)
                meth = getattr(obj, method)
                if (rpc.instantiate is None
                        or not is_instance_method(obj, method)):
                    result = rpc.result(meth(*c_args, **c_kwargs))
                else:
                    assert rpc.instantiate == 0
                    inst = c_args.pop(0)
                    if hasattr(inst, method):
                        result = rpc.result(meth(inst, *c_args, **c_kwargs))
                    else:
                        result = [rpc.result(meth(i, *c_args, **c_kwargs))
                            for i in inst]
                if not rpc.readonly:
                    transaction.cursor.commit()
            except DatabaseOperationalError:
                transaction.cursor.rollback()
                if count and not rpc.readonly:
                    continue
                raise
            except (NotLogged, ConcurrencyException, UserError, UserWarning):
                logger.debug(log_message, *log_args, exc_info=True)
                transaction.cursor.rollback()
                raise
            except Exception:
                logger.error(log_message, *log_args, exc_info=True)
                transaction.cursor.rollback()
                raise
            Cache.resets(database_name)
        with Transaction().start(database_name, 0) as transaction:
            pool = Pool(database_name)
            Session = pool.get('ir.session')
            try:
                Session.reset(session)
            except DatabaseOperationalError:
                logger.debug('Reset session failed', exc_info=True)
                # Silently fail when reseting session
                transaction.cursor.rollback()
            else:
                transaction.cursor.commit()
        logger.debug('Result: %s', result)
        return result
コード例 #21
0
def dispatch(host, port, protocol, database_name, user, session, object_type,
        object_name, method, *args, **kargs):

    if object_type == 'common':
        if method == 'login':
            try:
                database = Database(database_name).connect()
                cursor = database.cursor()
                cursor.close()
            except Exception:
                return False
            res = security.login(database_name, user, session)
            Cache.clean(database_name)
            logger = logging.getLogger('dispatcher')
            msg = res and 'successful login' or 'bad login or password'
            logger.info('%s \'%s\' from %s:%d using %s on database \'%s\'' % \
                    (msg, user, host, port, protocol, database_name))
            Cache.resets(database_name)
            return res or False
        elif method == 'logout':
            name = security.logout(database_name, user, session)
            logger = logging.getLogger('dispatcher')
            logger.info('logout \'%s\' from %s:%d ' \
                    'using %s on database \'%s\'' %
                    (name, host, port, protocol, database_name))
            return True
        elif method == 'version':
            return VERSION
        elif method == 'timezone_get':
            return CONFIG['timezone']
        elif method == 'list_lang':
            return [
                ('bg_BG', 'Български'),
                ('ca_ES', 'Català'),
                ('cs_CZ', 'Čeština'),
                ('de_DE', 'Deutsch'),
                ('en_US', 'English'),
                ('es_AR', 'Español (Argentina)'),
                ('es_ES', 'Español (España)'),
                ('es_CO', 'Español (Colombia)'),
                ('fr_FR', 'Français'),
                ('nl_NL', 'Nederlands'),
                ('ru_RU', 'Russian'),
            ]
        elif method == 'db_exist':
            try:
                database = Database(*args, **kargs).connect()
                cursor = database.cursor()
                cursor.close(close=True)
                return True
            except Exception:
                return False
        elif method == 'list':
            if CONFIG['prevent_dblist']:
                raise Exception('AccessDenied')
            database = Database().connect()
            try:
                cursor = database.cursor()
                try:
                    res = database.list(cursor)
                finally:
                    cursor.close(close=True)
            except Exception:
                res = []
            return res
        elif method == 'create':
            return create(*args, **kargs)
        elif method == 'restore':
            return restore(*args, **kargs)
        elif method == 'drop':
            return drop(*args, **kargs)
        elif method == 'dump':
            return dump(*args, **kargs)
        return
    elif object_type == 'system':
        database = Database(database_name).connect()
        database_list = Pool.database_list()
        pool = Pool(database_name)
        if not database_name in database_list:
            pool.init()
        if method == 'listMethods':
            res = []
            for type in ('model', 'wizard', 'report'):
                for object_name, obj in pool.iterobject(type=type):
                    for method in obj._rpc:
                        res.append(type + '.' + object_name + '.' + method)
            return res
        elif method == 'methodSignature':
            return 'signatures not supported'
        elif method == 'methodHelp':
            res = []
            args_list = args[0].split('.')
            object_type = args_list[0]
            object_name = '.'.join(args_list[1:-1])
            method = args_list[-1]
            obj = pool.get(object_name, type=object_type)
            return pydoc.getdoc(getattr(obj, method))

    user = security.check(database_name, user, session)

    Cache.clean(database_name)
    database_list = Pool.database_list()
    pool = Pool(database_name)
    if not database_name in database_list:
        with Transaction().start(database_name, user,
                readonly=True) as transaction:
            pool.init()
    obj = pool.get(object_name, type=object_type)

    if method in obj._rpc:
        readonly = not obj._rpc[method]
    elif method in getattr(obj, '_buttons', {}):
        readonly = False
    else:
        raise UserError('Calling method %s on %s %s is not allowed!'
            % (method, object_type, object_name))

    for count in range(int(CONFIG['retry']), -1, -1):
        with Transaction().start(database_name, user,
                readonly=readonly) as transaction:
            try:

                args_without_context = list(args)
                if 'context' in kargs:
                    context = kargs.pop('context')
                else:
                    context = args_without_context.pop()
                if '_timestamp' in context:
                    transaction.timestamp = context['_timestamp']
                    del context['_timestamp']
                transaction.context = context
                res = getattr(obj, method)(*args_without_context, **kargs)
                if not readonly:
                    transaction.cursor.commit()
            except DatabaseOperationalError, exception:
                transaction.cursor.rollback()
                if count and not readonly:
                    continue
                raise
            except Exception, exception:
                if CONFIG['verbose'] and not isinstance(exception, (
                            NotLogged, ConcurrencyException, UserError,
                            UserWarning)):
                    tb_s = ''.join(traceback.format_exception(*sys.exc_info()))
                    logger = logging.getLogger('dispatcher')
                    logger.error('Exception calling method %s on '
                        '%s %s from %s@%s:%d/%s:\n'
                        % (method, object_type, object_name, user, host, port,
                            database_name) + tb_s)
                transaction.cursor.rollback()
                raise