def create(self, req, fields): # check if it is not first installation - restrict! dblist = db_list(req) if len(dblist) > 0: raise Exception('Not allowed') return super(Database_restrict, self).create(req, fields)
def init(self, params): old_init(self, params) if self.httprequest.authorization and not self.session._login: dbs = web_main.db_list(self) self.session.authenticate( dbs and dbs[0], self.httprequest.authorization.username, self.httprequest.authorization.password, dict(base_location=self.httprequest.url_root.rstrip('/'), HTTP_HOST=self.httprequest.environ['HTTP_HOST'], REMOTE_ADDR=self.httprequest.environ['REMOTE_ADDR']))
def init(self, params): old_init(self, params) if self.httprequest.authorization and not self.session._login: dbs = web_main.db_list(self) self.session.authenticate( dbs and dbs[0], self.httprequest.authorization.username, self.httprequest.authorization.password, dict( base_location=self.httprequest.url_root.rstrip('/'), HTTP_HOST=self.httprequest.environ['HTTP_HOST'], REMOTE_ADDR=self.httprequest.environ['REMOTE_ADDR'] ))
def set_password(self, req, fields): if not fields: return {'error': _('Invalid url, no params provided')} if 'dbname' not in fields or not fields['dbname']: return {'error': _('Invalid url, db param not found')} else: db_list = webmain.db_list(req) if fields['dbname'] not in db_list: return {'error': _('Invalid database name')} if 'token' not in fields or not fields['token']: return {'error': _('Invalid url, token param not found')} elif len(fields['token']) != 20: return {'error': _('Invalid url, token param is incorrect')} elif not re.match(r'^[a-zA-Z0-9]+$', fields['token']): return {'error': _('Invalid url, token format is incorrect')} if 'password' not in fields or not fields['password']: return {'error': _('Invalid url, password param not found')} registry = RegistryManager.get(fields['dbname']) with registry.cursor() as cr: base_url = registry.get('ir.config_parameter').get_param( cr, openerp.SUPERUSER_ID, 'web.base.url') res_partner = registry.get('res.partner') partner_id = res_partner.search( cr, openerp.SUPERUSER_ID, [('signup_token', '=', fields.get('token'))]) if not partner_id: return {'error': _('Invalid Reset Password Link')} else: partner = res_partner.browse(cr, openerp.SUPERUSER_ID, partner_id[0]) if partner.name != fields['name']: return {'error': _('Incorrect UserName')} if partner.user_id.login != fields['login']: return {'error': _('Incorrect Login Name')} if not partner.signup_expiration or datetime.strptime( partner.signup_expiration, '%Y-%m-%d %H:%M:%S') <= datetime.now(): return { 'error': _('Reset Password Link Expired. You have to request a new one by clicking reset password option on login screen.' ) } else: res_partner.write( cr, openerp.SUPERUSER_ID, partner_id, { 'signup_type': False, 'signup_expiration': False, 'signup_token': False }) if partner.user_id: registry.get('res.users').write( cr, openerp.SUPERUSER_ID, [partner.user_id.id], { 'active': True, 'password': fields['password'] }) return { 'error': False, 'base_url': urljoin(base_url, "?db=%(db)s" % {'db': fields['dbname']}) }
def index(self, req, db, token): errmsg = '' db_list = webmain.db_list(req) if not db: errmsg = _('No database provided') elif db not in db_list: errmsg = _('Invalid database name') elif not token: errmsg = _('No token provided') elif len(token) != 20: errmsg = _('Invalid token') elif not re.match(r'^[a-zA-Z0-9]+$', token): errmsg = _('Invalid token format') base_url = '' company_name = '' if not errmsg: registry = RegistryManager.get(db) with registry.cursor() as cr: base_url = registry.get('ir.config_parameter').get_param( cr, openerp.SUPERUSER_ID, 'web.base.url') res_partner = registry.get('res.partner') partnerId = res_partner.search(cr, openerp.SUPERUSER_ID, [('signup_token', '=', token)]) if not partnerId: errmsg = _('Invalid Activation Link') else: partner = res_partner.browse(cr, openerp.SUPERUSER_ID, partnerId[0]) company_name = partner.company_id.name if not partner.signup_expiration or datetime.strptime( partner.signup_expiration, '%Y-%m-%d %H:%M:%S') <= datetime.now(): errmsg = _( 'Activation Link Expired. You have to request a new one by clicking reset password option on login screen.' ) else: res_partner.write( cr, openerp.SUPERUSER_ID, partnerId, { 'signup_type': False, 'signup_expiration': False, 'signup_token': False }) if partner.user_id: registry.get('res.users').write( cr, openerp.SUPERUSER_ID, [partner.user_id.id], {'active': True}) if errmsg: template = error_html % { 'company_name': company_name, 'db': db, 'error': errmsg } else: base_url = urljoin(base_url, "?db=%(db)s" % {'db': db}) template = success_html % { 'company_name': company_name, 'db': db, 'index_url': base_url, 'message': _('User Account Successfully Activated. In order to access our portal you have to go to login screen.' ), 'link_message': _('Back to Login Screen') } return template